[RFC PATCH v2 33/44] qmp: add query-tdx-capabilities query-tdx command

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RFC PATCH v2 33/44] qmp: add query-tdx-capabilities query-tdx command

From:	isaku . yamahata
Subject:	[RFC PATCH v2 33/44] qmp: add query-tdx-capabilities query-tdx command
Date:	Wed, 7 Jul 2021 17:55:03 -0700

From: Chenyi Qiang <chenyi.qiang@intel.com>

Add QMP commands that can be used by libvirt to query the TDX capabilities
and TDX info.  The set of capabilities that needs to be reported is only
enabled at the moment, which means TDX is enabled.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Co-developed-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
 include/sysemu/tdx.h       |  6 ++++
 qapi/misc-target.json      | 59 ++++++++++++++++++++++++++++++++++++++
 target/i386/kvm/tdx-stub.c | 10 +++++++
 target/i386/kvm/tdx.c      | 19 ++++++++++++
 target/i386/monitor.c      | 23 +++++++++++++++
 5 files changed, 117 insertions(+)

diff --git a/include/sysemu/tdx.h b/include/sysemu/tdx.h
index f3eced10f9..756f46d2de 100644
--- a/include/sysemu/tdx.h
+++ b/include/sysemu/tdx.h
@@ -13,4 +13,10 @@ int tdx_system_firmware_init(PCMachineState *pcms, 
MemoryRegion *rom_memory);
 void tdx_pre_create_vcpu(CPUState *cpu);
 void tdx_post_init_vcpu(CPUState *cpu);
 
+struct TDXInfo;
+struct TDXInfo *tdx_get_info(void);
+
+struct TDXCapability;
+struct TDXCapability *tdx_get_capabilities(void);
+
 #endif
diff --git a/qapi/misc-target.json b/qapi/misc-target.json
index 5573dcf8f0..c1de95c082 100644
--- a/qapi/misc-target.json
+++ b/qapi/misc-target.json
@@ -323,3 +323,62 @@
 { 'command': 'query-sev-attestation-report', 'data': { 'mnonce': 'str' },
   'returns': 'SevAttestationReport',
   'if': 'defined(TARGET_I386)' }
+
+##
+# @TDXInfo:
+#
+# Information about Trust Domain Extensions (TDX) support
+#
+# @enabled: true if TDX is active
+#
+##
+{ 'struct': 'TDXInfo',
+    'data': { 'enabled': 'bool' },
+  'if': 'defined(TARGET_I386)'
+}
+
+##
+# @query-tdx:
+#
+# Returns information about TDX
+#
+# Returns: @TdxInfo
+#
+#
+# Example:
+#
+# -> { "execute": "query-tdx" }
+# <- { "return": { "enabled": true } }
+#
+##
+{ 'command': 'query-tdx', 'returns': 'TDXInfo',
+  'if': 'defined(TARGET_I386)' }
+
+##
+# @TDXCapability:
+#
+# The struct describes capability for a TDX
+# feature.
+#
+##
+{ 'struct': 'TDXCapability',
+  'data': { 'enabled': 'bool' },
+  'if': 'defined(TARGET_I386)' }
+
+##
+# @query-tdx-capabilities:
+#
+# This command is used to get the TDX capabilities, and is supported on Intel
+# X86 platforms only.
+#
+# Returns: @TDXCapability.
+#
+#
+# Example:
+#
+# -> { "execute": "query-tdx-capabilities" }
+# <- { "return": { 'enabled': 'bool' }}
+#
+##
+{ 'command': 'query-tdx-capabilities', 'returns': 'TDXCapability',
+  'if': 'defined(TARGET_I386)' }
diff --git a/target/i386/kvm/tdx-stub.c b/target/i386/kvm/tdx-stub.c
index 4e1a0a4280..5d8faf0716 100644
--- a/target/i386/kvm/tdx-stub.c
+++ b/target/i386/kvm/tdx-stub.c
@@ -21,3 +21,13 @@ void tdx_pre_create_vcpu(CPUState *cpu)
 void tdx_post_init_vcpu(CPUState *cpu)
 {
 }
+
+struct TDXInfo *tdx_get_info(void)
+{
+    return NULL;
+}
+
+struct TDXCapability *tdx_get_capabilities(void)
+{
+    return NULL;
+}
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 6b560c1c0b..1316d95209 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -22,6 +22,7 @@
 #include "hw/i386/tdvf-hob.h"
 #include "qapi/error.h"
 #include "qom/object_interfaces.h"
+#include "qapi/qapi-types-misc-target.h"
 #include "standard-headers/asm-x86/kvm_para.h"
 #include "sysemu/sysemu.h"
 #include "sysemu/kvm.h"
@@ -39,6 +40,24 @@ bool kvm_has_tdx(KVMState *s)
     return !!(kvm_check_extension(s, KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
 }
 
+TDXInfo *tdx_get_info(void)
+{
+    TDXInfo *info;
+
+    info = g_new0(TDXInfo, 1);
+    info->enabled = kvm_enabled() && kvm_tdx_enabled();
+    return info;
+}
+
+TDXCapability *tdx_get_capabilities(void)
+{
+    TDXCapability *cap;
+
+    cap = g_new0(TDXCapability, 1);
+    cap->enabled = kvm_enabled() && kvm_has_tdx(kvm_state);
+    return cap;
+}
+
 static void __tdx_ioctl(void *state, int ioctl_no, const char *ioctl_name,
                         __u32 metadata, void *data)
 {
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 119211f0b0..c0be99d13d 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -30,6 +30,7 @@
 #include "qapi/qmp/qdict.h"
 #include "sysemu/kvm.h"
 #include "sysemu/sev.h"
+#include "sysemu/tdx.h"
 #include "qapi/error.h"
 #include "sev_i386.h"
 #include "qapi/qapi-commands-misc-target.h"
@@ -763,3 +764,25 @@ qmp_query_sev_attestation_report(const char *mnonce, Error 
**errp)
 {
     return sev_get_attestation_report(mnonce, errp);
 }
+
+TDXInfo *qmp_query_tdx(Error **errp)
+{
+    TDXInfo *info;
+
+    info = tdx_get_info();
+    if (!info) {
+        error_setg(errp, "TDX is not available.");
+    }
+    return info;
+}
+
+TDXCapability *qmp_query_tdx_capabilities(Error **errp)
+{
+    TDXCapability *cap;
+
+    cap = tdx_get_capabilities();
+    if (!cap) {
+        error_setg(errp, "TDX is not available.");
+    }
+    return cap;
+}
-- 
2.25.1

[Prev in Thread]

Current Thread

[Next in Thread]

[RFC PATCH v2 00/44] TDX support, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 02/44] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl(), isaku . yamahata, 2021/07/07
  - Re: [RFC PATCH v2 02/44] kvm: Switch KVM_CAP_READONLY_MEM to a per-VM ioctl(), Connor Kuehl, 2021/07/22
- [RFC PATCH v2 29/44] target/i386: Add machine option to disable PIC/8259, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 30/44] qom: implement property helper for sha384, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 31/44] target/i386/tdx: Allows mrconfigid/mrowner/mrownerconfig for TDX_INIT_VM, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 03/44] i386/kvm: Move architectural CPUID leaf generation to separarte helper, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 01/44] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX, isaku . yamahata, 2021/07/07
  - Re: [RFC PATCH v2 01/44] target/i386: Expose x86_cpu_get_supported_feature_word() for TDX, Connor Kuehl, 2021/07/22
- [RFC PATCH v2 13/44] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 33/44] qmp: add query-tdx-capabilities query-tdx command, isaku . yamahata <=
- [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 09/44] target/i386: kvm: don't synchronize guest tsc for TD guest, isaku . yamahata, 2021/07/07
  - Re: [RFC PATCH v2 09/44] target/i386: kvm: don't synchronize guest tsc for TD guest, Connor Kuehl, 2021/07/22
- [RFC PATCH v2 32/44] tdx: add kvm_tdx_enabled() accessor for later use, isaku . yamahata, 2021/07/07
  - Re: [RFC PATCH v2 32/44] tdx: add kvm_tdx_enabled() accessor for later use, Connor Kuehl, 2021/07/22
- [RFC PATCH v2 12/44] target/i386/tdx: Finalize the TD's measurement when machine is done, isaku . yamahata, 2021/07/07
  - Re: [RFC PATCH v2 12/44] target/i386/tdx: Finalize the TD's measurement when machine is done, Connor Kuehl, 2021/07/22
- [RFC PATCH v2 35/44] ioapic: add property to disable level interrupt, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 38/44] hw/i386: plug eoi_intercept_unsupported to ioapic, isaku . yamahata, 2021/07/07
- [RFC PATCH v2 04/44] vl: Introduce machine_init_done_late notifier, isaku . yamahata, 2021/07/07

Prev by Date: [RFC PATCH v2 13/44] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES
Next by Date: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
Previous by thread: [RFC PATCH v2 13/44] i386/tdx: Frame in tdx_get_supported_cpuid with KVM_TDX_CAPABILITIES
Next by thread: [RFC PATCH v2 10/44] hw/i386: Initialize TDX via KVM ioctl() when kvm_type is TDX
Index(es):
- Date
- Thread