From: "Philippe Mathieu-Daudé" <philmd@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Brijesh Singh" <brijesh.singh@amd.com>,
"Connor Kuehl" <ckuehl@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@redhat.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Eric Blake" <eblake@redhat.com>
Subject: [PATCH 10/11] target/i386/monitor: Move SEV specific commands to sev.c
Date: Thu, 10 Jun 2021 08:45:55 +0200 [thread overview]
Message-ID: <20210610064556.1421620-11-philmd@redhat.com> (raw)
In-Reply-To: <20210610064556.1421620-1-philmd@redhat.com>
Having the HMP/QMP commands defined in monitor.c makes the stubs
rather complicated when SEV is not built in. To simplify, move the
SEV functions to sev.c, and remove a layer of stubs.
Also make it clearer when SEV is not built in, so developers don't
try to enable it when it is not enablable:
- before:
(qemu) info sev
SEV is not enabled
- after:
(qemu) info sev
SEV is not available in this QEMU
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
---
target/i386/monitor.c | 96 ----------------------------------
target/i386/sev-sysemu-stub.c | 29 +++++++----
target/i386/sev.c | 97 +++++++++++++++++++++++++++++++++++
3 files changed, 116 insertions(+), 106 deletions(-)
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index c83cca80dc2..af3501095e5 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -28,11 +28,8 @@
#include "monitor/hmp-target.h"
#include "monitor/hmp.h"
#include "qapi/qmp/qdict.h"
-#include "qapi/qmp/qerror.h"
#include "sysemu/kvm.h"
-#include "sysemu/sev.h"
#include "qapi/error.h"
-#include "sev_i386.h"
#include "qapi/qapi-commands-misc-target.h"
#include "qapi/qapi-commands-misc.h"
#include "hw/i386/pc.h"
@@ -675,96 +672,3 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict)
monitor_printf(mon, "This command is obsolete and will be "
"removed soon. Please use 'info pic' instead.\n");
}
-
-SevInfo *qmp_query_sev(Error **errp)
-{
- SevInfo *info;
-
- info = sev_get_info();
- if (!info) {
- error_setg(errp, "SEV feature is not available");
- return NULL;
- }
-
- return info;
-}
-
-void hmp_info_sev(Monitor *mon, const QDict *qdict)
-{
- SevInfo *info = sev_get_info();
-
- if (info && info->enabled) {
- monitor_printf(mon, "handle: %d\n", info->handle);
- monitor_printf(mon, "state: %s\n", SevState_str(info->state));
- monitor_printf(mon, "build: %d\n", info->build_id);
- monitor_printf(mon, "api version: %d.%d\n",
- info->api_major, info->api_minor);
- monitor_printf(mon, "debug: %s\n",
- info->policy & SEV_POLICY_NODBG ? "off" : "on");
- monitor_printf(mon, "key-sharing: %s\n",
- info->policy & SEV_POLICY_NOKS ? "off" : "on");
- } else {
- monitor_printf(mon, "SEV is not enabled\n");
- }
-
- qapi_free_SevInfo(info);
-}
-
-SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
-{
- char *data;
- SevLaunchMeasureInfo *info;
-
- data = sev_get_launch_measurement();
- if (!data) {
- error_setg(errp, "Measurement is not available");
- return NULL;
- }
-
- info = g_malloc0(sizeof(*info));
- info->data = data;
-
- return info;
-}
-
-SevCapability *qmp_query_sev_capabilities(Error **errp)
-{
- return sev_get_capabilities(errp);
-}
-
-#define SEV_SECRET_GUID "4c2eb361-7d9b-4cc3-8081-127c90d3d294"
-struct sev_secret_area {
- uint32_t base;
- uint32_t size;
-};
-
-void qmp_sev_inject_launch_secret(const char *packet_hdr,
- const char *secret,
- bool has_gpa, uint64_t gpa,
- Error **errp)
-{
- if (!sev_enabled()) {
- error_setg(errp, QERR_UNSUPPORTED);
- return;
- }
- if (!has_gpa) {
- uint8_t *data;
- struct sev_secret_area *area;
-
- if (!pc_system_ovmf_table_find(SEV_SECRET_GUID, &data, NULL)) {
- error_setg(errp, "SEV: no secret area found in OVMF,"
- " gpa must be specified.");
- return;
- }
- area = (struct sev_secret_area *)data;
- gpa = area->base;
- }
-
- sev_inject_launch_secret(packet_hdr, secret, gpa, errp);
-}
-
-SevAttestationReport *
-qmp_query_sev_attestation_report(const char *mnonce, Error **errp)
-{
- return sev_get_attestation_report(mnonce, errp);
-}
diff --git a/target/i386/sev-sysemu-stub.c b/target/i386/sev-sysemu-stub.c
index d556b4f091f..7a35f0432b2 100644
--- a/target/i386/sev-sysemu-stub.c
+++ b/target/i386/sev-sysemu-stub.c
@@ -12,30 +12,35 @@
*/
#include "qemu/osdep.h"
+#include "monitor/monitor.h"
+#include "monitor/hmp.h"
#include "qapi/qapi-commands-misc-target.h"
+#include "qapi/qmp/qerror.h"
#include "qapi/error.h"
#include "sev_i386.h"
-SevInfo *sev_get_info(void)
+SevInfo *qmp_query_sev(Error **errp)
{
+ error_setg(errp, QERR_UNSUPPORTED);
return NULL;
}
-char *sev_get_launch_measurement(void)
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
{
+ error_setg(errp, QERR_UNSUPPORTED);
return NULL;
}
-SevCapability *sev_get_capabilities(Error **errp)
+SevCapability *qmp_query_sev_capabilities(Error **errp)
{
- error_setg(errp, "SEV is not available in this QEMU");
+ error_setg(errp, QERR_UNSUPPORTED);
return NULL;
}
-int sev_inject_launch_secret(const char *hdr, const char *secret,
- uint64_t gpa, Error **errp)
+void qmp_sev_inject_launch_secret(const char *packet_header, const char *secret,
+ bool has_gpa, uint64_t gpa, Error **errp)
{
- return 1;
+ error_setg(errp, QERR_UNSUPPORTED);
}
int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp)
@@ -52,9 +57,13 @@ int sev_es_save_reset_vector(void *flash_ptr, uint64_t flash_size)
g_assert_not_reached();
}
-SevAttestationReport *sev_get_attestation_report(const char *mnonce,
- Error **errp)
+SevAttestationReport *qmp_query_sev_attestation_report(const char *mnonce, Error **errp)
{
- error_setg(errp, "SEV is not available in this QEMU");
+ error_setg(errp, QERR_UNSUPPORTED);
return NULL;
}
+
+void hmp_info_sev(Monitor *mon, const QDict *qdict)
+{
+ monitor_printf(mon, "SEV is not available in this QEMU\n");
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 791804954e9..b4d7c41d3fb 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -27,10 +27,14 @@
#include "sev_i386.h"
#include "sysemu/sysemu.h"
#include "sysemu/runstate.h"
+#include "sysemu/sev.h"
#include "trace.h"
#include "migration/blocker.h"
#include "qom/object.h"
#include "monitor/monitor.h"
+#include "monitor/hmp.h"
+#include "qapi/qapi-commands-misc-target.h"
+#include "qapi/qmp/qerror.h"
#include "exec/confidential-guest-support.h"
#include "hw/i386/pc.h"
@@ -1070,3 +1074,96 @@ sev_register_types(void)
}
type_init(sev_register_types);
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ SevInfo *info;
+
+ info = sev_get_info();
+ if (!info) {
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+ }
+
+ return info;
+}
+
+void hmp_info_sev(Monitor *mon, const QDict *qdict)
+{
+ SevInfo *info = sev_get_info();
+
+ if (info && info->enabled) {
+ monitor_printf(mon, "handle: %d\n", info->handle);
+ monitor_printf(mon, "state: %s\n", SevState_str(info->state));
+ monitor_printf(mon, "build: %d\n", info->build_id);
+ monitor_printf(mon, "api version: %d.%d\n",
+ info->api_major, info->api_minor);
+ monitor_printf(mon, "debug: %s\n",
+ info->policy & SEV_POLICY_NODBG ? "off" : "on");
+ monitor_printf(mon, "key-sharing: %s\n",
+ info->policy & SEV_POLICY_NOKS ? "off" : "on");
+ } else {
+ monitor_printf(mon, "SEV is not enabled\n");
+ }
+
+ qapi_free_SevInfo(info);
+}
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+ char *data;
+ SevLaunchMeasureInfo *info;
+
+ data = sev_get_launch_measurement();
+ if (!data) {
+ error_setg(errp, "Measurement is not available");
+ return NULL;
+ }
+
+ info = g_malloc0(sizeof(*info));
+ info->data = data;
+
+ return info;
+}
+
+SevCapability *qmp_query_sev_capabilities(Error **errp)
+{
+ return sev_get_capabilities(errp);
+}
+
+#define SEV_SECRET_GUID "4c2eb361-7d9b-4cc3-8081-127c90d3d294"
+struct sev_secret_area {
+ uint32_t base;
+ uint32_t size;
+};
+
+void qmp_sev_inject_launch_secret(const char *packet_hdr,
+ const char *secret,
+ bool has_gpa, uint64_t gpa,
+ Error **errp)
+{
+ if (!sev_enabled()) {
+ error_setg(errp, QERR_UNSUPPORTED);
+ return;
+ }
+ if (!has_gpa) {
+ uint8_t *data;
+ struct sev_secret_area *area;
+
+ if (!pc_system_ovmf_table_find(SEV_SECRET_GUID, &data, NULL)) {
+ error_setg(errp, "SEV: no secret area found in OVMF,"
+ " gpa must be specified.");
+ return;
+ }
+ area = (struct sev_secret_area *)data;
+ gpa = area->base;
+ }
+
+ sev_inject_launch_secret(packet_hdr, secret, gpa, errp);
+}
+
+SevAttestationReport *qmp_query_sev_attestation_report(const char *mnonce,
+ Error **errp)
+{
+ return sev_get_attestation_report(mnonce, errp);
+}
--
2.31.1
next prev parent reply other threads:[~2021-06-10 6:54 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-10 6:45 [PATCH 00/11] target/i386/sev: Housekeeping helping using SEV-disabled binaries Philippe Mathieu-Daudé
2021-06-10 6:45 ` [PATCH 01/11] MAINTAINERS: Add Connor Kuehl as reviewer for AMD SEV Philippe Mathieu-Daudé
2021-06-15 17:46 ` Philippe Mathieu-Daudé
2021-06-10 6:45 ` [PATCH 02/11] qapi/misc-target: Group SEV QAPI definitions Philippe Mathieu-Daudé
2021-06-10 9:39 ` Markus Armbruster
2021-06-10 10:15 ` Philippe Mathieu-Daudé
2021-06-10 12:37 ` Markus Armbruster
2021-06-10 6:45 ` [PATCH 03/11] target/i386/monitor: Return QMP error when SEV is disabled in build Philippe Mathieu-Daudé
2021-06-10 8:12 ` Dr. David Alan Gilbert
2021-06-10 14:52 ` Connor Kuehl
2021-06-10 6:45 ` [PATCH 04/11] target/i386/cpu: Add missing 'qapi/error.h' header Philippe Mathieu-Daudé
2021-06-10 8:16 ` Dr. David Alan Gilbert
2021-06-10 14:52 ` Connor Kuehl
2021-06-10 6:45 ` [PATCH 05/11] target/i386/sev_i386.h: Remove unused headers Philippe Mathieu-Daudé
2021-06-10 14:52 ` Connor Kuehl
2021-06-10 6:45 ` [PATCH 06/11] target/i386/sev: Remove sev_get_me_mask() Philippe Mathieu-Daudé
2021-06-10 8:28 ` Dr. David Alan Gilbert
2021-06-10 14:52 ` Connor Kuehl
2021-06-10 6:45 ` [PATCH 07/11] target/i386/sev: Mark unreachable code with g_assert_not_reached() Philippe Mathieu-Daudé
2021-06-10 14:52 ` Connor Kuehl
2021-06-10 6:45 ` [PATCH 08/11] target/i386/sev: sev_get_attestation_report use g_autofree Philippe Mathieu-Daudé
2021-06-10 6:45 ` [PATCH 09/11] target/i386/sev: Restrict SEV to system emulation Philippe Mathieu-Daudé
2021-06-10 6:45 ` Philippe Mathieu-Daudé [this message]
2021-06-10 15:19 ` [PATCH 10/11] target/i386/monitor: Move SEV specific commands to sev.c Connor Kuehl
2021-06-16 20:42 ` Philippe Mathieu-Daudé
2021-06-10 6:45 ` [PATCH 11/11] monitor: Restrict 'info sev' to x86 targets Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210610064556.1421620-11-philmd@redhat.com \
--to=philmd@redhat.com \
--cc=armbru@redhat.com \
--cc=brijesh.singh@amd.com \
--cc=ckuehl@redhat.com \
--cc=dgilbert@redhat.com \
--cc=eblake@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).