* Philippe Mathieu-Daudé (philmd@redhat.com) wrote:
> If the management layer tries to inject a secret, it gets an empty
> response in case the binary built without SEV:
>
> { "execute": "sev-inject-launch-secret",
> "arguments": { "packet-header": "mypkt", "secret": "mypass", "gpa": 4294959104 }
> }
> {
> "return": {
> }
> }
>
> Make it clearer by returning an error, mentioning the feature is
> disabled:
>
> { "execute": "sev-inject-launch-secret",
> "arguments": { "packet-header": "mypkt", "secret": "mypass", "gpa": 4294959104 }
> }
> {
> "error": {
> "class": "GenericError",
> "desc": "this feature or command is not currently supported"
> }
> }
>
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
> ---
> target/i386/monitor.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/target/i386/monitor.c b/target/i386/monitor.c
> index 119211f0b06..c83cca80dc2 100644
> --- a/target/i386/monitor.c
> +++ b/target/i386/monitor.c
> @@ -28,6 +28,7 @@
> #include "monitor/hmp-target.h"
> #include "monitor/hmp.h"
> #include "qapi/qmp/qdict.h"
> +#include "qapi/qmp/qerror.h"
> #include "sysemu/kvm.h"
> #include "sysemu/sev.h"
> #include "qapi/error.h"
> @@ -742,6 +743,10 @@ void qmp_sev_inject_launch_secret(const char *packet_hdr,
> bool has_gpa, uint64_t gpa,
> Error **errp)
> {
> + if (!sev_enabled()) {
> + error_setg(errp, QERR_UNSUPPORTED);
> + return;
> + }
> if (!has_gpa) {
> uint8_t *data;
> struct sev_secret_area *area;
> --
> 2.31.1
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK