10:20 p.m.
Add virsh nodesevinfo to get AMD SEV features via virNodeGetSEVInfo.
Han Han (2):
virsh: Implement virNodeGetSEVInfo in virsh
news: Add nodesevinfo command in virsh
docs/news.xml | 9 +++++++
tools/virsh-host.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++
tools/virsh.pod | 5 ++++
3 files changed, 80 insertions(+)
--
2.18.0
10:20 p.m.
New subject: [libvirt] [PATCH 1/2] virsh: Implement virNodeGetSEVInfo in virsh
Add sub-command nodesevinfo to get node infomation of AMD SEV feature.
Signed-off-by: Han Han <hhan(a)redhat.com>
---
tools/virsh-host.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++
tools/virsh.pod | 5 ++++
2 files changed, 71 insertions(+)
diff --git a/tools/virsh-host.c b/tools/virsh-host.c
index 16f504bafe..0bcd71a2b8 100644
--- a/tools/virsh-host.c
+++ b/tools/virsh-host.c
@@ -952,6 +952,67 @@ cmdNodeMemStats(vshControl *ctl, const vshCmd *cmd)
return ret;
}
+/*
+ * "nodesevinfo" command
+ */
+static const vshCmdInfo info_nodesevinfo[] = {
+ {.name = "help",
+ .data = N_("AMD SEV feature information.")
+ },
+ {.name = "desc",
+ .data = N_("Returns information of SEV feature about the node.")
+ },
+ {.name = NULL}
+};
+
+static bool
+cmdNodesevinfo(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
+{
+ virTypedParameterPtr params = NULL;
+ int nparams = 0;
+ unsigned int flags = 0;
+ bool ret = false;
+ size_t i;
+ virshControlPtr priv = ctl->privData;
+
+ if (nparams == 0) {
+ /* Get the number of SEV info parameters */
+ if (virNodeGetSEVInfo(priv->conn, NULL, &nparams, flags) != 0) {
+ vshError(ctl, "%s",
+ _("Unable to get number of SEV info parameters"));
+ goto cleanup;
+ }
+ }
+
+ if (nparams == 0) {
+ ret = true;
+ goto cleanup;
+ }
+
+ /* Now get all the SEV info parameters */
+ params = vshCalloc(ctl, nparams, sizeof(params));
+ if (virNodeGetSEVInfo(priv->conn, ¶ms, &nparams, flags) != 0) {
+ vshError(ctl, "%s", _("Unable to get SEV info parameters"));
+ goto cleanup;
+ }
+
+ /* XXX: Need to sort the returned params once new parameter
+ * fields not of shared memory are added.
+ */
+ vshPrint(ctl, _("SEV info:\n"));
+ for (i = 0; i < nparams; i++) {
+ char *str = vshGetTypedParamValue(ctl, ¶ms[i]);
+ vshPrint(ctl, "\t%-15s %s\n", params[i].field, str);
+ VIR_FREE(str);
+ }
+
+ ret = true;
+
+ cleanup:
+ virTypedParamsFree(params, nparams);
+ return ret;
+}
+
/*
* "nodesuspend" command
*/
@@ -1900,6 +1961,11 @@ const vshCmdDef hostAndHypervisorCmds[] = {
.info = info_nodememstats,
.flags = 0
},
+ {.name = "nodesevinfo",
+ .handler = cmdNodesevinfo,
+ .info = info_nodesevinfo,
+ .flags = 0
+ },
{.name = "nodesuspend",
.handler = cmdNodeSuspend,
.opts = opts_node_suspend,
diff --git a/tools/virsh.pod b/tools/virsh.pod
index 4e118851f8..ea513c0acc 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -317,6 +317,11 @@ of cpu statistics during 1 second.
Returns memory stats of the node.
If I<cell> is specified, this will print the specified cell statistics only.
+=item B<nodesevinfo>
+
+Display AMD's SEV feature of this host, including PDH, cert-chain, cbitpos
+and reduced-phys-bits.
+
=item B<nodesuspend> [I<target>] [I<duration>]
Puts the node (host machine) into a system-wide sleep state and schedule
--
2.18.0
5:42 a.m.
New subject: [libvirt] [PATCH 1/2] virsh: Implement virNodeGetSEVInfo in virsh
On Tue, Aug 21, 2018 at 11:20:27AM +0800, Han Han wrote:
Add sub-command nodesevinfo to get node infomation of AMD SEV
feature.
Signed-off-by: Han Han <hhan(a)redhat.com>
---
tools/virsh-host.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++
tools/virsh.pod | 5 ++++
2 files changed, 71 insertions(+)
diff --git a/tools/virsh-host.c b/tools/virsh-host.c
index 16f504bafe..0bcd71a2b8 100644
--- a/tools/virsh-host.c
+++ b/tools/virsh-host.c
@@ -952,6 +952,67 @@ cmdNodeMemStats(vshControl *ctl, const vshCmd *cmd)
return ret;
}
+/*
+ * "nodesevinfo" command
+ */
+static const vshCmdInfo info_nodesevinfo[] = {
+ {.name = "help",
+ .data = N_("AMD SEV feature information.")
s/feature/platform
Note that this is part of the "node" subsystem, which means it is always going
to be tied to the firmware on a given node, thus "platform data".
+ },
+ {.name = "desc",
+ .data = N_("Returns information of SEV feature about the node.")
Returns SEV platform-specific data.
+ },
+ {.name = NULL}
+};
+
+static bool
+cmdNodesevinfo(vshControl *ctl, const vshCmd *cmd ATTRIBUTE_UNUSED)
s/sev/SEV/
+{
+ virTypedParameterPtr params = NULL;
+ int nparams = 0;
+ unsigned int flags = 0;
+ bool ret = false;
+ size_t i;
+ virshControlPtr priv = ctl->privData;
+
+ if (nparams == 0) {
+ /* Get the number of SEV info parameters */
+ if (virNodeGetSEVInfo(priv->conn, NULL, &nparams, flags) != 0) {
Have you actually tried the patches? Because ^this causes virsh to segfault
because this is not a legacy API where you need to query the number of params
first and then pre-allocate the pointer to store the data. We don't need that
anymore, remote driver is already able to allocate the memory for the caller.
+ vshError(ctl, "%s",
+ _("Unable to get number of SEV info parameters"));
+ goto cleanup;
+ }
+ }
+
+ if (nparams == 0) {
+ ret = true;
+ goto cleanup;
+ }
+
+ /* Now get all the SEV info parameters */
+ params = vshCalloc(ctl, nparams, sizeof(params));
no need for ^this...
+ if (virNodeGetSEVInfo(priv->conn, ¶ms, &nparams,
flags) != 0) {
+ vshError(ctl, "%s", _("Unable to get SEV info
parameters"));
+ goto cleanup;
+ }
+
+ /* XXX: Need to sort the returned params once new parameter
+ * fields not of shared memory are added.
I'm not sure I see a problem ^here, can you elaborate please?
+ */
+ vshPrint(ctl, _("SEV info:\n"));
+ for (i = 0; i < nparams; i++) {
+ char *str = vshGetTypedParamValue(ctl, ¶ms[i]);
+ vshPrint(ctl, "\t%-15s %s\n", params[i].field, str);
+ VIR_FREE(str);
+ }
+
+ ret = true;
+
+ cleanup:
+ virTypedParamsFree(params, nparams);
+ return ret;
+}
+
/*
* "nodesuspend" command
*/
@@ -1900,6 +1961,11 @@ const vshCmdDef hostAndHypervisorCmds[] = {
.info = info_nodememstats,
.flags = 0
},
+ {.name = "nodesevinfo",
+ .handler = cmdNodesevinfo,
+ .info = info_nodesevinfo,
+ .flags = 0
+ },
{.name = "nodesuspend",
.handler = cmdNodeSuspend,
.opts = opts_node_suspend,
diff --git a/tools/virsh.pod b/tools/virsh.pod
index 4e118851f8..ea513c0acc 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -317,6 +317,11 @@ of cpu statistics during 1 second.
Returns memory stats of the node.
If I<cell> is specified, this will print the specified cell statistics only.
+=item B<nodesevinfo>
+
+Display AMD's SEV feature of this host, including PDH, cert-chain, cbitpos
+and reduced-phys-bits.
Returns AMD's SEV platform-specific data. Availability of the fields depends on
the version of the SEV firmware.
Explanation of fields:
pdh - Platform Diffie-Hellman key
cert-chain - certificate chain used to verify authenticity of the platform
cbitpos - C-bit position, i.e. which physical address bit marks protection
on memory pages
reduced-phys-bits - how many physical address bits we lost due to memory
encryption
Erik
10:20 p.m.
New subject: [libvirt] [PATCH 2/2] news: Add nodesevinfo command in virsh
Signed-off-by: Han Han <hhan(a)redhat.com>
---
docs/news.xml | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index c6d03f5556..fc9db92d05 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -63,6 +63,15 @@
Support the vhost-vsock-ccw device on S390.
</description>
</change>
+ <change>
+ <summary>
+ virsh: Add subcommand nodesevinfo
+ </summary>
+ <description>
+ Implement virNodeGetSEVInfo in virsh nodesevinfo to get AMD SEV
+ features of host.
+ </description>
+ </change>
</section>
<section title="Bug fixes">
</section>
--
2.18.0
2282
days inactive
2285
days old
3 comments
2 participants
participants (2)
-
Erik Skultety -
Han Han