[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions
From: |
Dov Murik |
Subject: |
Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions |
Date: |
Thu, 24 Jun 2021 09:13:14 +0300 |
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 |
Phil,
On 16/06/2021 23:43, Philippe Mathieu-Daudé wrote:
> There is already a section with various SEV commands / types,
> so move the SEV guest attestation together.
>
I have two questions (regarding several qapi patches in this series):
1. Should we extract all the SEV commands/types to a separate file?
Maybe sev.json, or confidential-guest-sev.json -- anticipating the other
platforms.
2. I see that some qapi types/commands are conditioned on
`defined(CONFIG_...)`. For example in qapi/tpm.json we have:
{ 'command': 'query-tpm-types', 'returns': ['TpmType'],
'if': 'defined(CONFIG_TPM)' }
I wonder if the same applies to SEV.
-Dov
> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
> qapi/misc-target.json | 81 +++++++++++++++++++++----------------------
> 1 file changed, 40 insertions(+), 41 deletions(-)
>
> diff --git a/qapi/misc-target.json b/qapi/misc-target.json
> index 81646126267..7db94206212 100644
> --- a/qapi/misc-target.json
> +++ b/qapi/misc-target.json
> @@ -219,6 +219,46 @@
> 'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
> 'if': 'defined(TARGET_I386)' }
>
> +##
> +# @SevAttestationReport:
> +#
> +# The struct describes attestation report for a Secure Encrypted
> +# Virtualization feature.
> +#
> +# @data: guest attestation report (base64 encoded)
> +#
> +#
> +# Since: 6.1
> +##
> +{ 'struct': 'SevAttestationReport',
> + 'data': { 'data': 'str'},
> + 'if': 'defined(TARGET_I386)' }
> +
> +##
> +# @query-sev-attestation-report:
> +#
> +# This command is used to get the SEV attestation report, and is
> +# supported on AMD X86 platforms only.
> +#
> +# @mnonce: a random 16 bytes value encoded in base64 (it will be
> +# included in report)
> +#
> +# Returns: SevAttestationReport objects.
> +#
> +# Since: 6.1
> +#
> +# Example:
> +#
> +# -> { "execute" : "query-sev-attestation-report",
> +# "arguments": { "mnonce": "aaaaaaa" } }
> +# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
> +#
> +##
> +{ 'command': 'query-sev-attestation-report',
> + 'data': { 'mnonce': 'str' },
> + 'returns': 'SevAttestationReport',
> + 'if': 'defined(TARGET_I386)' }
> +
> ##
> # @dump-skeys:
> #
> @@ -285,44 +325,3 @@
> ##
> { 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
> 'if': 'defined(TARGET_ARM)' }
> -
> -
> -##
> -# @SevAttestationReport:
> -#
> -# The struct describes attestation report for a Secure Encrypted
> -# Virtualization feature.
> -#
> -# @data: guest attestation report (base64 encoded)
> -#
> -#
> -# Since: 6.1
> -##
> -{ 'struct': 'SevAttestationReport',
> - 'data': { 'data': 'str'},
> - 'if': 'defined(TARGET_I386)' }
> -
> -##
> -# @query-sev-attestation-report:
> -#
> -# This command is used to get the SEV attestation report, and is
> -# supported on AMD X86 platforms only.
> -#
> -# @mnonce: a random 16 bytes value encoded in base64 (it will be
> -# included in report)
> -#
> -# Returns: SevAttestationReport objects.
> -#
> -# Since: 6.1
> -#
> -# Example:
> -#
> -# -> { "execute" : "query-sev-attestation-report",
> - "arguments": { "mnonce": "aaaaaaa" } }
> -# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
> -#
> -##
> -{ 'command': 'query-sev-attestation-report',
> - 'data': { 'mnonce': 'str' },
> - 'returns': 'SevAttestationReport',
> - 'if': 'defined(TARGET_I386)' }
>
- [PATCH v2 00/23] target/i386/sev: Housekeeping (OVMF + SEV-disabled binaries), Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 02/23] qapi/misc-target: Wrap long 'SEV Attestation Report' long lines, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 01/23] MAINTAINERS: Add Connor Kuehl as reviewer for AMD SEV, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions, Philippe Mathieu-Daudé, 2021/06/16
- Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions,
Dov Murik <=
- [PATCH v2 05/23] target/i386/cpu: Add missing 'qapi/error.h' header, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 04/23] target/i386/monitor: Return QMP error when SEV is disabled in build, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 06/23] target/i386/sev_i386.h: Remove unused headers, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 07/23] target/i386/sev: Remove sev_get_me_mask(), Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 08/23] target/i386/sev: Mark unreachable code with g_assert_not_reached(), Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 09/23] target/i386/sev: sev_get_attestation_report use g_autofree, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 10/23] target/i386/sev: Restrict SEV to system emulation, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 11/23] target/i386/sev: Move qmp_query_sev_attestation_report() to sev.c, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 12/23] target/i386/sev: Move qmp_sev_inject_launch_secret() to sev.c, Philippe Mathieu-Daudé, 2021/06/16