6:55 p.m.
This patch adds support to query the MKTME capability from the qemu.
---
src/conf/domain_capabilities.c | 10 ++++++
src/conf/domain_capabilities.h | 11 ++++++
src/libvirt_private.syms | 1 +
src/qemu/qemu_capabilities.c | 36 ++++++++++++++++++++
src/qemu/qemu_capabilities.h | 4 +++
src/qemu/qemu_capspriv.h | 4 +++
src/qemu/qemu_monitor.c | 10 ++++++
src/qemu/qemu_monitor.h | 3 ++
src/qemu/qemu_monitor_json.c | 61 ++++++++++++++++++++++++++++++++++
src/qemu/qemu_monitor_json.h | 3 ++
10 files changed, 143 insertions(+)
diff --git a/src/conf/domain_capabilities.c b/src/conf/domain_capabilities.c
index 2e7e1c206b..db39c39120 100644
--- a/src/conf/domain_capabilities.c
+++ b/src/conf/domain_capabilities.c
@@ -79,6 +79,16 @@ virSEVCapabilitiesFree(virSEVCapability *cap)
}
+void
+virMKTMECapabilitiesFree(virMKTMECapability *cap)
+{
+ if (!cap)
+ return;
+
+ VIR_FREE(cap);
+}
+
+
static void
virDomainCapsDispose(void *obj)
{
diff --git a/src/conf/domain_capabilities.h b/src/conf/domain_capabilities.h
index cd09d50cee..a6ad849950 100644
--- a/src/conf/domain_capabilities.h
+++ b/src/conf/domain_capabilities.h
@@ -150,6 +150,12 @@ struct _virSEVCapability {
unsigned int reduced_phys_bits;
};
+typedef struct _virMKTMECapability virMKTMECapability;
+typedef virMKTMECapability *virMKTMECapabilityPtr;
+struct _virMKTMECapability {
+ unsigned int keys_supported;
+};
+
struct _virDomainCaps {
virObjectLockable parent;
@@ -222,4 +228,9 @@ virSEVCapabilitiesFree(virSEVCapability *capabilities);
VIR_DEFINE_AUTOPTR_FUNC(virSEVCapability, virSEVCapabilitiesFree);
+void
+virMKTMECapabilitiesFree(virMKTMECapability *capabilities);
+
+VIR_DEFINE_AUTOPTR_FUNC(virMKTMECapability, virMKTMECapabilitiesFree);
+
#endif /* LIBVIRT_DOMAIN_CAPABILITIES_H */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 909975750c..1b83e44b15 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -189,6 +189,7 @@ virDomainCapsEnumClear;
virDomainCapsEnumSet;
virDomainCapsFormat;
virDomainCapsNew;
+virMKTMECapabilitiesFree;
virSEVCapabilitiesFree;
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index a827bd24e3..49ee802479 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -525,6 +525,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
"virtio-pci-non-transitional",
"overcommit",
"query-current-machine",
+ "mktme-guest",
);
@@ -595,6 +596,8 @@ struct _virQEMUCaps {
virSEVCapability *sevCapabilities;
+ virMKTMECapability *mktmeCapabilities;
+
virQEMUCapsHostCPUData kvmCPU;
virQEMUCapsHostCPUData tcgCPU;
};
@@ -1113,6 +1116,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
{ "virtio-scsi-pci-non-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL },
{ "virtio-serial-pci-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL },
{ "virtio-serial-pci-non-transitional", QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL
},
+ { "mktme-guest", QEMU_CAPS_MKTME_GUEST },
};
static struct virQEMUCapsStringFlags virQEMUCapsDevicePropsVirtioBalloon[] = {
@@ -2103,6 +2107,13 @@ virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps)
}
+virMKTMECapabilityPtr
+virQEMUCapsGetMKTMECapabilities(virQEMUCapsPtr qemuCaps)
+{
+ return qemuCaps->mktmeCapabilities;
+}
+
+
static int
virQEMUCapsProbeQMPCommands(virQEMUCapsPtr qemuCaps,
qemuMonitorPtr mon)
@@ -2811,6 +2822,29 @@ virQEMUCapsProbeQMPSEVCapabilities(virQEMUCapsPtr qemuCaps,
}
+static int
+virQEMUCapsProbeQMPMKTMECapabilities(virQEMUCapsPtr qemuCaps,
+ qemuMonitorPtr mon)
+{
+ int rc = -1;
+ virMKTMECapability *caps = NULL;
+
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MKTME_GUEST))
+ return 0;
+ if ((rc = qemuMonitorGetMKTMECapabilities(mon, &caps)) < 0)
+ return -1;
+
+ if (rc == 0) {
+ virQEMUCapsClear(qemuCaps, QEMU_CAPS_MKTME_GUEST);
+ return 0;
+ }
+
+ virMKTMECapabilitiesFree(qemuCaps->mktmeCapabilities);
+ qemuCaps->mktmeCapabilities = caps;
+ return 0;
+}
+
+
bool
virQEMUCapsCPUFilterFeatures(const char *name,
void *opaque)
@@ -4417,6 +4451,8 @@ virQEMUCapsInitQMPMonitor(virQEMUCapsPtr qemuCaps,
return -1;
if (virQEMUCapsProbeQMPSEVCapabilities(qemuCaps, mon) < 0)
return -1;
+ if (virQEMUCapsProbeQMPMKTMECapabilities(qemuCaps, mon) < 0)
+ return -1;
virQEMUCapsInitProcessCaps(qemuCaps);
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 67c8e80462..5614479617 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -507,6 +507,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check
*/
QEMU_CAPS_VIRTIO_PCI_TRANSITIONAL, /* virtio *-pci-{non-}transitional devices */
QEMU_CAPS_OVERCOMMIT, /* -overcommit */
QEMU_CAPS_QUERY_CURRENT_MACHINE, /* query-current-machine command */
+ QEMU_CAPS_MKTME_GUEST, /* -object mktme-guest,... */
QEMU_CAPS_LAST /* this must always be the last item */
} virQEMUCapsFlags;
@@ -644,6 +645,9 @@ bool virQEMUCapsCPUFilterFeatures(const char *name,
virSEVCapabilityPtr
virQEMUCapsGetSEVCapabilities(virQEMUCapsPtr qemuCaps);
+virMKTMECapabilityPtr
+virQEMUCapsGetMKTMECapabilities(virQEMUCapsPtr qemuCaps);
+
virArch virQEMUCapsArchFromString(const char *arch);
const char *virQEMUCapsArchToString(virArch arch);
diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h
index 2d059bee8c..4e1559d13f 100644
--- a/src/qemu/qemu_capspriv.h
+++ b/src/qemu/qemu_capspriv.h
@@ -95,6 +95,10 @@ void
virQEMUCapsSetSEVCapabilities(virQEMUCapsPtr qemuCaps,
virSEVCapability *capabilities);
+void
+virQEMUCapsSetMKTMECapabilities(virQEMUCapsPtr qemuCaps,
+ virMKTMECapability *capabilities);
+
int
virQEMUCapsProbeQMPCPUDefinitions(virQEMUCapsPtr qemuCaps,
qemuMonitorPtr mon,
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index e1fcbac13f..918a9d1c5d 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -3922,6 +3922,16 @@ qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon,
}
+int
+qemuMonitorGetMKTMECapabilities(qemuMonitorPtr mon,
+ virMKTMECapability **capabilities)
+{
+ QEMU_CHECK_MONITOR(mon);
+
+ return qemuMonitorJSONGetMKTMECapabilities(mon, capabilities);
+}
+
+
int
qemuMonitorNBDServerStart(qemuMonitorPtr mon,
const char *host,
diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h
index 9242d37407..ef4f5326bc 100644
--- a/src/qemu/qemu_monitor.h
+++ b/src/qemu/qemu_monitor.h
@@ -761,6 +761,9 @@ int qemuMonitorGetGICCapabilities(qemuMonitorPtr mon,
int qemuMonitorGetSEVCapabilities(qemuMonitorPtr mon,
virSEVCapability **capabilities);
+int qemuMonitorGetMKTMECapabilities(qemuMonitorPtr mon,
+ virMKTMECapability **capabilities);
+
typedef enum {
QEMU_MONITOR_MIGRATE_BACKGROUND = 1 << 0,
QEMU_MONITOR_MIGRATE_NON_SHARED_DISK = 1 << 1, /* migration with non-shared
storage with full disk copy */
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 908967f46c..eca4d82c24 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -6654,6 +6654,67 @@ qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
return ret;
}
+/**
+ * qemuMonitorJSONGetMKTMECapabilities:
+ * @mon: qemu monitor object
+ * @capabilities: pointer to pointer to a MKTME capability structure to be filled
+ *
+ * This function queries and fills in Intel's MKTME platform-specific data.
+ *
+ * Returns -1 on error, 0 if MKTME is not supported, and 1 if MKTME is supported on
+ * the platform.
+ */
+int
+qemuMonitorJSONGetMKTMECapabilities(qemuMonitorPtr mon,
+ virMKTMECapability **capabilities)
+{
+ int ret = -1;
+ virJSONValuePtr cmd;
+ virJSONValuePtr reply = NULL;
+ virJSONValuePtr caps;
+ unsigned int keys_supported;
+ VIR_AUTOPTR(virMKTMECapability) capability = NULL;
+
+ *capabilities = NULL;
+
+ /* Query may change*/
+ if (!(cmd = qemuMonitorJSONMakeCommand("query-mktme-capabilities",
+ NULL)))
+ return -1;
+
+ if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
+ goto cleanup;
+
+ if (qemuMonitorJSONHasError(reply, "GenericError")) {
+ ret = 0;
+ goto cleanup;
+ }
+
+ if (qemuMonitorJSONCheckError(cmd, reply) < 0)
+ goto cleanup;
+
+ caps = virJSONValueObjectGetObject(reply, "return");
+
+ if (virJSONValueObjectGetNumberUint(caps, "keys_supported",
&keys_supported) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("query-mktme-capabilities reply was missing"
+ " 'keys_supported' field"));
+ goto cleanup;
+ }
+
+ if (VIR_ALLOC(capability) < 0)
+ goto cleanup;
+
+ capability->keys_supported = keys_supported;
+ VIR_STEAL_PTR(*capabilities, capability);
+ ret = 1;
+ cleanup:
+ virJSONValueFree(cmd);
+ virJSONValueFree(reply);
+
+ return ret;
+}
+
static virJSONValuePtr
qemuMonitorJSONBuildInetSocketAddress(const char *host,
const char *port)
diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h
index 746b7072ca..5094d91195 100644
--- a/src/qemu/qemu_monitor_json.h
+++ b/src/qemu/qemu_monitor_json.h
@@ -158,6 +158,9 @@ int qemuMonitorJSONGetGICCapabilities(qemuMonitorPtr mon,
int qemuMonitorJSONGetSEVCapabilities(qemuMonitorPtr mon,
virSEVCapability **capabilities);
+int qemuMonitorJSONGetMKTMECapabilities(qemuMonitorPtr mon,
+ virMKTMECapability **capabilities);
+
int qemuMonitorJSONMigrate(qemuMonitorPtr mon,
unsigned int flags,
const char *uri);
--
2.21.0.windows.1