[libvirt PATCH 0/6] Improve AMD SEV support

This addresses a few issues in the AMD SEV support - Neither host or domain level SEV metadata is exposed in virsh commands - The domain launch security parameters don't expose enough info to validate the measurement The second point was the real purpose of my work. Per the SEV API guide to calculate the measurement we need measurement = HMAC(0x04 || API_MAJOR || API_MINOR || BUILD || GCTX.POLICY || GCTX.LD || MNONCE; GCTX.TIK) The API_MINOR, API_MAJOR, BUILD values are things that are available from 'query-sev' QMP command and libvirt does not expose this info. This patch series adds them to virDomainGetLaunchSecurityParams alongside the measurement that we already report. So now the client can fetch this info and calculate an expected measurement to compare with the actual measurement they got. They will thus know if the guest is safe to inject secrets into, which is where Jim's recent patches come into play. Daniel P. Berrangé (6): include: add new launch security parameters qemu: report error querying launch params for inactive guest qemu: add monitor APIs for query-sev qemu: report new launch security parameters tools: add 'domlaunchsecinfo' virsh command tools: add 'nodesevinfo' virsh command include/libvirt/libvirt-domain.h | 32 +++++++++++++++++++ src/qemu/qemu_driver.c | 47 ++++++++++++++++++++++++---- src/qemu/qemu_monitor.c | 13 ++++++++ src/qemu/qemu_monitor.h | 9 ++++++ src/qemu/qemu_monitor_json.c | 45 +++++++++++++++++++++++++++ src/qemu/qemu_monitor_json.h | 8 +++++ tools/virsh-domain.c | 53 ++++++++++++++++++++++++++++++++ tools/virsh-host.c | 45 +++++++++++++++++++++++++++ 8 files changed, 246 insertions(+), 6 deletions(-) -- 2.33.1