[libvirt] [PATCH 1/7] qemu: provide support to query the MKTME capability

Larkins Carvalho larkins.l.carvalho at intel.com
Fri May 17 23:55:46 UTC 2019


This patch adds support to query the MKTME capability from the qemu.
---
 src/conf/domain_capabilities.c | 10 ++++++
 src/conf/domain_capabilities.h | 11 ++++++
 src/libvirt_private.syms       |  1 +
 src/qemu/qemu_capabilities.c   | 36 ++++++++++++++++++++
 src/qemu/qemu_capabilities.h   |  4 +++
 src/qemu/qemu_capspriv.h       |  4 +++
 src/qemu/qemu_monitor.c        | 10 ++++++
 src/qemu/qemu_monitor.h        |  3 ++
 src/qemu/qemu_monitor_json.c   | 61 ++++++++++++++++++++++++++++++++++
 src/qemu/qemu_monitor_json.h   |  3 ++
 10 files changed, 143 insertions(+)

diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index 2e7e1c206b..db39c39120 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -79,6 +79,16 @@ virSEVCapabilitiesFree(virSEVCapability *cap)
 }
 
 
+void
+virMKTMECapabilitiesFree(virMKTMECapability *cap)
+{
+    if (!cap)
+        return;
+
+    VIR_FREE(cap);
+}
+
+
 static void
 virDomainCapsDispose(void *obj)
 {
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index cd09d50cee..a6ad849950 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -150,6 +150,12 @@ struct _virSEVCapability {
     unsigned int reduced_phys_bits;
 };
 
+typedef struct _virMKTMECapability virMKTMECapability;
+typedef virMKTMECapability *virMKTMECapabilityPtr;
+struct _virMKTMECapability {
+    unsigned int keys_supported;
+};
+
 struct _virDomainCaps {
     virObjectLockable parent;
 
@@ -222,4 +228,9 @@ virSEVCapabilitiesFree(virSEVCapability *capabilities);
 
 VIR_DEFINE_AUTOPTR_FUNC(virSEVCapability, virSEVCapabilitiesFree);
 
+void
+virMKTMECapabilitiesFree(virMKTMECapability *capabilities);
+
+VIR_DEFINE_AUTOPTR_FUNC(virMKTMECapability, virMKTMECapabilitiesFree);
+
 #endif /* LIBVIRT_DOMAIN_CAPABILITIES_H */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 909975750c..1b83e44b15 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -189,6 +189,7 @@ virDomainCapsEnumClear;
 virDomainCapsEnumSet;
 virDomainCapsFormat;
 virDomainCapsNew;
+virMKTMECapabilitiesFree;
 virSEVCapabilitiesFree;
 
 
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index a827bd24e3..49ee802479 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -525,6 +525,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
               "virtio-pci-non-transitional",
               "overcommit",
               "query-current-machine",
+              "mktme-guest",
     );
 
 
@@ -595,6 +596,8 @@ struct _virQEMUCaps {
 
     virSEVCapability *sevCapabilities;
 
+    virMKTMECapability *mktmeCapabilities;
+
     virQEMUCapsHostCPUData kvmCPU;
     virQEMUCapsHostCPUData tcgCPU;
 };
@@ -1113,6 +1116,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
     { "virtio-scsi-pci-non-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL },
     { "virtio-serial-pci-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL },
     { "virtio-serial-pci-non-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL },
+    { "mktme-guest", QEMU_CAPS_MKTME_GUEST },
 };
 
 static struct virQEMUCapsStringFlags virQEMUCapsDevicePropsVirtioBalloon[] = {
@@ -2103,6 +2107,13 @@ virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps)
 }
 
 
+virMKTMECapabilityPtr
+virQEMUCapsGetMKTMECapabilities(virQEMUCapsPtr qemuCaps)
+{
+    return qemuCaps->mktmeCapabilities;
+}
+
+
 static int
 virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps,
                             qemuMonitorPtr mon)
@@ -2811,6 +2822,29 @@ virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
 }
 
 
+static int
+virQEMUCapsProbeQMPMKTMECapabilities(virQEMUCapsPtr qemuCaps,
+    qemuMonitorPtr mon)
+{
+    int rc = -1;
+    virMKTMECapability *caps = NULL;
+
+    if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MKTME_GUEST))
+        return 0;
+    if ((rc = qemuMonitorGetMKTMECapabilities(mon, &caps)) < 0)
+        return -1;
+
+    if (rc == 0) {
+        virQEMUCapsClear(qemuCaps, QEMU_CAPS_MKTME_GUEST);
+        return 0;
+    }
+
+    virMKTMECapabilitiesFree(qemuCaps->mktmeCapabilities);
+    qemuCaps->mktmeCapabilities = caps;
+    return 0;
+}
+
+
 bool
 virQEMUCapsCPUFilterFeatures(const char *name,
                              void *opaque)
@@ -4417,6 +4451,8 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps,
         return -1;
     if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0)
         return -1;
+    if (virQEMUCapsProbeQMPMKTMECapabilities(qemuCaps, mon) < 0)
+        return -1;
 
     virQEMUCapsInitProcessCaps(qemuCaps);
 
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 67c8e80462..5614479617 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -507,6 +507,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
     QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL, /* virtio *-pci-{non-}transitional devices */
     QEMU_CAPS_OVERCOMMIT, /* -overcommit */
     QEMU_CAPS_QUERY_CURRENT_MACHINE, /* query-current-machine command */
+    QEMU_CAPS_MKTME_GUEST, /* -object mktme-guest,... */
 
     QEMU_CAPS_LAST /* this must always be the last item */
 } virQEMUCapsFlags;
@@ -644,6 +645,9 @@ bool virQEMUCapsCPUFilterFeatures(const char *name,
 virSEVCapabilityPtr
 virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps);
 
+virMKTMECapabilityPtr
+virQEMUCapsGetMKTMECapabilities(virQEMUCapsPtr qemuCaps);
+
 virArch virQEMUCapsArchFromString(const char *arch);
 const char *virQEMUCapsArchToString(virArch arch);
 
diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h
index 2d059bee8c..4e1559d13f 100644
--- a/src/qemu/qemu_capspriv.h
+++ b/src/qemu/qemu_capspriv.h
@@ -95,6 +95,10 @@ void
 virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps,
                               virSEVCapability *capabilities);
 
+void
+virQEMUCapsSetMKTMECapabilities(virQEMUCapsPtr qemuCaps,
+                                virMKTMECapability *capabilities);
+
 int
 virQEMUCapsProbeQMPCPUDefinitions(virQEMUCapsPtr qemuCaps,
                                   qemuMonitorPtr mon,
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index e1fcbac13f..918a9d1c5d 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -3922,6 +3922,16 @@ qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon,
 }
 
 
+int
+qemuMonitorGetMKTMECapabilities(qemuMonitorPtr mon,
+                                virMKTMECapability **capabilities)
+{
+    QEMU_CHECK_MONITOR(mon);
+
+    return qemuMonitorJSONGetMKTMECapabilities(mon, capabilities);
+}
+
+
 int
 qemuMonitorNBDServerStart(qemuMonitorPtr mon,
                           const char *host,
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index 9242d37407..ef4f5326bc 100644
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -761,6 +761,9 @@ int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon,
 int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon,
                                   virSEVCapability **capabilities);
 
+int qemuMonitorGetMKTMECapabilities(qemuMonitorPtr mon,
+                                    virMKTMECapability **capabilities);
+
 typedef enum {
   QEMU_MONITOR_MIGRATE_BACKGROUND       = 1 << 0,
   QEMU_MONITOR_MIGRATE_NON_SHARED_DISK  = 1 << 1, /* migration with non-shared storage with full disk copy */
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 908967f46c..eca4d82c24 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -6654,6 +6654,67 @@ qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
     return ret;
 }
 
+/**
+ * qemuMonitorJSONGetMKTMECapabilities:
+ * @mon: qemu monitor object
+ * @capabilities: pointer to pointer to a MKTME capability structure to be filled
+ *
+ * This function queries and fills in Intel's MKTME platform-specific data.
+ *
+ * Returns -1 on error, 0 if MKTME is not supported, and 1 if MKTME is supported on
+ * the platform.
+ */
+int
+qemuMonitorJSONGetMKTMECapabilities(qemuMonitorPtr mon,
+                                    virMKTMECapability **capabilities)
+{
+    int ret = -1;
+    virJSONValuePtr cmd;
+    virJSONValuePtr reply = NULL;
+    virJSONValuePtr caps;
+    unsigned int keys_supported;
+    VIR_AUTOPTR(virMKTMECapability) capability = NULL;
+
+    *capabilities = NULL;
+
+    /* Query may change*/
+    if (!(cmd = qemuMonitorJSONMakeCommand("query-mktme-capabilities",
+        NULL)))
+        return -1;
+
+    if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
+        goto cleanup;
+
+    if (qemuMonitorJSONHasError(reply, "GenericError")) {
+        ret = 0;
+        goto cleanup;
+    }
+
+    if (qemuMonitorJSONCheckError(cmd, reply) < 0)
+        goto cleanup;
+
+    caps = virJSONValueObjectGetObject(reply, "return");
+
+    if (virJSONValueObjectGetNumberUint(caps, "keys_supported", &keys_supported) < 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+            _("query-mktme-capabilities reply was missing"
+                " 'keys_supported' field"));
+        goto cleanup;
+    }
+
+    if (VIR_ALLOC(capability) < 0)
+        goto cleanup;
+
+    capability->keys_supported = keys_supported;
+    VIR_STEAL_PTR(*capabilities, capability);
+    ret = 1;
+ cleanup:
+    virJSONValueFree(cmd);
+    virJSONValueFree(reply);
+
+    return ret;
+}
+
 static virJSONValuePtr
 qemuMonitorJSONBuildInetSocketAddress(const char *host,
                                       const char *port)
diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h
index 746b7072ca..5094d91195 100644
--- a/src/qemu/qemu_monitor_json.h
+++ b/src/qemu/qemu_monitor_json.h
@@ -158,6 +158,9 @@ int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon,
 int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
                                       virSEVCapability **capabilities);
 
+int qemuMonitorJSONGetMKTMECapabilities(qemuMonitorPtr mon,
+                                        virMKTMECapability **capabilities);
+
 int qemuMonitorJSONMigrate(qemuMonitorPtr mon,
                            unsigned int flags,
                            const char *uri);
-- 
2.21.0.windows.1




More information about the libvir-list mailing list