From patchwork Wed Mar 7 16:50:37 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10264557 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 45DD8602C8 for ; Wed, 7 Mar 2018 17:12:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3B71F29487 for ; Wed, 7 Mar 2018 17:12:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2D890294BE; Wed, 7 Mar 2018 17:12:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4722629487 for ; Wed, 7 Mar 2018 17:12:39 +0000 (UTC) Received: from localhost ([::1]:34487 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1etccJ-0000l0-7J for patchwork-qemu-devel@patchwork.kernel.org; Wed, 07 Mar 2018 12:12:39 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50562) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1etcHw-000516-KL for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:37 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1etcHs-0008UC-Ji for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:36 -0500 Received: from mail-bl2nam02on0040.outbound.protection.outlook.com ([104.47.38.40]:30645 helo=NAM02-BL2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1etcHs-0008TX-E5 for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:32 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=R/M9iYWTapaQySwcz2lz2hgXFLejUIyfwD8AYuV1zYA=; b=MXUEkZG8zjEoDTraNxpxuVTf+8f8KQ0kGLwkLaSfRrGRq8Ipe3V+oxvb7E7KgyibN0LWHS+YZl0koFpKpbd3LZ0qNZ2rueceUU5eLYrSXaNE5zOBV4lI3oGYfR/Semhg2HXliXmzb8Nehw+2KQbe7W4N3EQeUY1Pkmw3R5pPiiI= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0158.namprd12.prod.outlook.com (2a01:111:e400:5144::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Wed, 7 Mar 2018 16:51:28 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Wed, 7 Mar 2018 10:50:37 -0600 Message-Id: <20180307165038.88640-28-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180307165038.88640-1-brijesh.singh@amd.com> References: <20180307165038.88640-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0095.namprd05.prod.outlook.com (2603:10b6:803:22::33) To SN1PR12MB0158.namprd12.prod.outlook.com (2a01:111:e400:5144::17) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 131ac933-86e5-4e26-cb16-08d5844bac55 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:SN1PR12MB0158; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 3:YoSy27GdqKMbi/ozFdBtzKKFOzjC09U2gZ/hPAetN6K05qjPHHYHxsZISCPBLKu0Ntti9M1ytMLP9jRQUiT/eMXfp7XDLNruOyKdBxau6JJSEF8GHzq+nmSnPwycNvMkC5PO81ddbm7tfnc5Dqc8U6MvcB0V1M3urLk2C/2oK+Xs3NkeMJoi3Ahsd1jG/U9O/VwI9yo/0BTbpngpeI6jv5qDsf+Z5sVf+YmBKbAv84UZfgqyj5Kfssdjtrt+cgt7; 25:1cDST1WDMnANsyYbDoSjjdncA3o2nIJi+EkgC6LtxMQfKyQWcfPDpzCwBQ8N++nEpY6WHcy7JIW0PI+qIC5EjGp4IKqmfVm16XNdT+SR5oxcqqdW9cabckryfKyiRXEC/ZEe3pW3nSfzsOoAyhu4t5Axy1VpAh1pt4bgR5yLCOwd/hJlCEl5UiIhAK7CuxE5xxQH0NOKIvP6WvnyGcSqn1dPUbobIfSbhkEfRcguAfm97RdjW4J1EUBpy0Ekn/Vh2wDbDjNoY4Qtre3YKSZxZmL3zcu3tyXXT64xYhpxpEC41hS/lR8Rg54gRoWanTtZ2wDb8UmnUcwWfP5YWGuMqg==; 31:6CH69EIQmDdraqwVIUkbQ2p7xoLjq4Axsj6eEetI4yTYdIOVRguMMqPBX3Mu66hebmZ5I4UTADl+ndr7edO5/vaVTDTXKO3DfQ+lAcs/ZK98WDzQPDg49Yae4qADIbIRwHCHWi49UlQabu4hUSSG2gzQIwHQRj9wjESAKHjvmylJIts6k35J2JC/LgwH2NDxoBAvVDnIRJLttI8PQtBkntSmYj7AuSuQPjEJ0rxbchU= X-MS-TrafficTypeDiagnostic: SN1PR12MB0158: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:ITKR1HWjiWqYAooxdJ3mlr4ZfKp1+gfKbWVIn9xmSTsubGgl+8192D/3xLDb+elRCKwwTJTPQIhuqT/ofOLP5uLNgpV8/vBP4lM3W65rRKKPEL+W9o05CoX4VtsFLh9uFXa+TBFW0KcNClthewHfMPXcZm30Nl5QZHVkQzN+19GKTl1AFWSFZj7dfVdOGSI+RwT38TSrf9P7uYnjRF/i5YR81/57zU6ZGV/QNopMmpKP5C24+4CFZbW56TVahOmm/PUxml6c8eyZKOTvYG8SKrlbMd/XcIVXNIoCTcKS3SEdW+D5EOC4aC1L/KrV8cU/pUDYwiLuEi7cawfPoe7W6TzXjwiKlzkLU8zQ2lDCRJ/bz+i3ohpf0kz9oBGIPugUKqhCD8hUcd+baH7WxQRWZcr8qn4UhUuTkeO0uGufMytzFZfYPn/MfrvvjHMRlrP4GCTBU4Hs65hAsup9yRzh+CbcgWzf1AvTSli3Q1nGYl0GwKiYbBVWYFmsL4F4kuNZ; 4:JQc+HBXyRcGyPkjdBJevhr9A/NkHAtrhzTKPjHNn9HekVp1dKInGTrWvuH1JtBb0RPBvtYgCO94F8xXiVsVbIdmtvjnyGVXoeT4RM/TiJURox48JU+0iQSa81qB5iEM8KO8Ev5Q9ZJKTZssdHGSu0jFy4zSJw/bKc//xNMda47ErE3xMqdH7k6ScHg4SQc/jHA3afps2DpTuGnNSasSNuPSL0APKFD7Yd/vIr6Q4FEQ3Nx5+GltyLb4NB+OQ4ecYDXPQP3T7y5pjaIHJCQtcBs8EyXZKgsJCzdyoX8g0NSHa3hyuuVgl0ppXrFKM7J/2 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3231220)(944501244)(52105095)(3002001)(6055026)(6041288)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011); SRVR:SN1PR12MB0158; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB0158; X-Forefront-PRVS: 0604AFA86B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39380400002)(39860400002)(376002)(346002)(396003)(366004)(189003)(199004)(53936002)(8666007)(2950100002)(6486002)(6666003)(6916009)(53416004)(3846002)(1076002)(6116002)(4326008)(54906003)(8656006)(2906002)(25786009)(59450400001)(386003)(68736007)(478600001)(48376002)(50466002)(105586002)(2361001)(2351001)(86362001)(66066001)(106356001)(47776003)(186003)(16526019)(51416003)(76176011)(52116002)(7696005)(26005)(16586007)(316002)(50226002)(8936002)(8676002)(81156014)(81166006)(36756003)(7416002)(97736004)(305945005)(7736002)(39060400002)(5660300001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0158; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB0158; 23:QDLCFxXJSBFbhgxlAix+gSpKTr3O3um91E5wWM0Tq?= =?us-ascii?Q?ZKNto1ecZ0+XyR/UhHVIKi+sMMZdcnvU+NydVxjvuLXfwRvzoTOf9EXpuCRw?= =?us-ascii?Q?8hypYKfWcJu4al+HgtfemPDzYoeYunqusD34PYkzkxHOR45Z7asrhf5wipid?= =?us-ascii?Q?3LGob40HvM1rtVFZcNmEFgmSyM1dRWoTir8s0G7tHntQii5QQXkPEXS1o4jh?= =?us-ascii?Q?ZKLzWgy8Bz3fZVIELjrY5MZ06/oD3+zP1xzAVgSFCAMNu3HdnhURt3+0f+Hy?= =?us-ascii?Q?UvxViWkBr7FYJS8qC75tpQGfeuurtPruz3kqgq8XbgdAzF3y7Ceny1tq2HiC?= =?us-ascii?Q?OX8hdKB91M4CCL/5P7bsLT6sgTyIoDIoykuhC4kAkQ6RsJmNVs2fIftxavUE?= =?us-ascii?Q?k2rxHJmCj6BVHm7N+hLvnCrVlQ5nlGo+l9xG2HL1l3mPItJHr7BZ8fOGJERC?= =?us-ascii?Q?0ygUc5667ThAtLMDqdZqQw1VOGCnf8oZ//6algT1c9EtjoFrkWUDXtWNTNS9?= =?us-ascii?Q?HVU1X8sVMT8qTQcPY42WMrOnEfKt+QDA/ZGNtoefwL6L3qNC1ncsVDLqq+1q?= =?us-ascii?Q?dhiXzmSbHwSH/VzRRwY0ASentT3rRlkXVUOFELQLyGcSqIOATzs+HfenBIzl?= =?us-ascii?Q?7BAqRUbbZbtN+D+JCMt5O6tEwIXQuOS2FMRLnErwhO+YgDSJHcRjVCSqJ/iO?= =?us-ascii?Q?MyN2uHIFREJarIoJ/rYBpGiTIijLGx1Q8ulw16zF+397ryoPOvYStfXLZMwX?= =?us-ascii?Q?BNSxVJ3ZQ8ABXQ1HH68HAPbxkeeBAloX/rfH3WP4BuQXg0HT1yxh3JA8wRSL?= =?us-ascii?Q?mzDbwzjsxZ7mJehkl5pkidvDKxFJzWVckHnxZwaWe1Gd0pS2hlEYE6YFBwfw?= =?us-ascii?Q?6XvyBInLzT380o/uQ4PIMB1Qc9regWOTL/p6+ujj+wiKTlyayDcNME5yqGeC?= =?us-ascii?Q?bxkDi9e2wkHLwSHl52MTljyzfdgoY6FBKEo92XRYL7lyS9YIpSr57kOUfNTm?= =?us-ascii?Q?zAoTr/FJe/JRwb8n+XJyoWa175bAtKAZFzY2zu4/35eN0OETbb2Dam+M7mcO?= =?us-ascii?Q?bHXNleHPK9lbOVq24dHUFYYhASlIC38us65xvGCXgdxij8ESsjyU6tGa0pCa?= =?us-ascii?Q?cAlubpCF5+xFnLDCbpgd5vhHVs3OecWa3Fnnm74hyVYVJesVyd4mtnAWPlX0?= =?us-ascii?Q?g5zPPSpjRn17W3qwQ69YRgK/6CwLhBJB2rPeIujKLQwD7RXH2z3L15C8W5yR?= =?us-ascii?Q?MLJxRiBmeInKGdvSYY4sj2oDyEj8n6XjBl6o5FLZ3cCUBdZ5GaVRqKpdylEV?= =?us-ascii?Q?jaL7gGqzBlnTkbgpGhVB/Q=3D?= X-Microsoft-Antispam-Message-Info: xImQemtwJTfOjzqW+VqZT05dUCBekkHoZeAXIcuL0RNMwf5jXvHCDSEj5e5gjqVxFTd3T1w/SrjPPSnxHADroHWjHnTZDRSngqWtDpmPeBqWqmeSOUw3El5qmQ24q/ktcJp5EFGIIRpIc6VqrZuhoNgsO5Mc1IPIic8Fl11AFK0yBous6ym92hhd3HsHF7Ky X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 6:Rw1XUqCVw41unJnJvulffkUDLxHa3pIEsaSHuOL0HlAXZ/UFS1TBino4eMvexEwge910FZVVrt9B6ipAvC+thn1My9Np4q5FuglOldXHbeck83h5g8kFx80VYPq2zL5oDYolBOBLWG0IUr47rLYVNnBl+R+BnhMUqL36TZ8g82/YRbZJMFByW2Ho9K5UiuFB3keLAr/i5DbeVk7+Wchtvvcht5VqqAjjmZ2ZTarlSHOSD2rpb/+wa/cd6AsVV1MaKYz4r2on8SpFGcLHBq4ECgasl7imZEc+LDQ8NLs/2j4jMa4F0hDcoQySIIGDWFVWTXswbpha/qWoxVd1SFtTUov36tA0j3aY32VYuH6yJ9c=; 5:PGNmibFnr5hMR0ZyZLyAP28g/05DUtViws5/D3q6+Or38uj75N7qk906VrXVMbZhmPTyzUB6bVLgwwwz9l5R0r4IiBkuGEBmBmUyD+ZdAT4h41s2gwGfnVlVnl+NMUrkKSzwgLdm0vGT9kpOzTou/ToXy6TjzYiZZ9EL/B3BwtM=; 24:zLoKwsn4EqCK4LfNQjGURbN8dcuKdIaPiRKvWq4iFKpbkDUiPJpHrc1nogvtXrqhJ6yskJP58SiejqdZEXvBgjwX0EuifbKZLkRslQBcqx0=; 7:ZxnuAeGeR/B0ACZNRVLUoohAonj9GnXVaHSBkUspB1K4h4HkTqdM3+44d9bqd8rG+dSVX24fuzMPckOo6qiWRO6tVz3IbVnEI2CQh0NeBwOnbCpeR1d6/Rr20aHh4KMR4AmCInYXDrVF2W95nIR184ZwJVJRF2ziyZABOrt1krK7BaEAtXNgQxvQ2SvOe1B9zzHud15dvEZNu+5yfd2DiKM+iE3746p5fQgpUUOj+0W7E3qKNAi5lEle55kcg3NC SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:dHMNXOTmvZrvfQJcM2CX3i0ymdleYhxqY9xx/R35MzTjp2c3lpH18peNJZruByrYsjoPDdRK/Tg76jYoTU9gDE0ggVlXcx8QxiCakoVpKDlPcSuLy6mU/5XoEcFbGhTNGJpR2BuV6xUotBDczuoIZ7UlYXXlGBPwn7P/HsK8nZMFJLS4No5wH8nVBxkvTh6RsHqfF6i+cIE3vugzoqWyER0pLiJUik13nXKO+dUELy/gC4hgxemxtvLsoxNQOV3E X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Mar 2018 16:51:28.3073 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 131ac933-86e5-4e26-cb16-08d5844bac55 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0158 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.38.40 Subject: [Qemu-devel] [PATCH v11 27/28] sev/i386: add sev_get_capabilities() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Richard Henderson , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP The function can be used to get the current SEV capabilities. The capabilities include platform diffie-hellman key (pdh) and certificate chain. The key can be provided to the external entities which wants to establish a trusted channel between SEV firmware and guest owner. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- target/i386/monitor.c | 11 +++++-- target/i386/sev-stub.c | 5 +++ target/i386/sev.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++ target/i386/sev_i386.h | 1 + 4 files changed, 98 insertions(+), 2 deletions(-) diff --git a/target/i386/monitor.c b/target/i386/monitor.c index 33e6bade693b..79fa9bd7a3e3 100644 --- a/target/i386/monitor.c +++ b/target/i386/monitor.c @@ -740,6 +740,13 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp) SevCapability *qmp_query_sev_capabilities(Error **errp) { - error_setg(errp, "SEV feature is not available"); - return NULL; + SevCapability *data; + + data = sev_get_capabilities(); + if (!data) { + error_setg(errp, "SEV feature is not available"); + return NULL; + } + + return data; } diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c index 2f61c32ec975..59a003a4ebe6 100644 --- a/target/i386/sev-stub.c +++ b/target/i386/sev-stub.c @@ -44,3 +44,8 @@ char *sev_get_launch_measurement(void) { return NULL; } + +SevCapability *sev_get_capabilities(void) +{ + return NULL; +} diff --git a/target/i386/sev.c b/target/i386/sev.c index 0eb2c855bc4d..f838cf7e3720 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -422,6 +422,89 @@ sev_get_info(void) return info; } +static int +sev_get_pdh_info(int fd, guchar **pdh, size_t *pdh_len, guchar **cert_chain, + size_t *cert_chain_len) +{ + guchar *pdh_data, *cert_chain_data; + struct sev_user_data_pdh_cert_export export = {}; + int err, r; + + /* query the certificate length */ + r = sev_platform_ioctl(fd, SEV_PDH_CERT_EXPORT, &export, &err); + if (r < 0) { + if (err != SEV_RET_INVALID_LEN) { + error_report("failed to export PDH cert ret=%d fw_err=%d (%s)", + r, err, fw_error_to_str(err)); + return 1; + } + } + + pdh_data = g_new(guchar, export.pdh_cert_len); + cert_chain_data = g_new(guchar, export.cert_chain_len); + export.pdh_cert_address = (unsigned long)pdh_data; + export.cert_chain_address = (unsigned long)cert_chain_data; + + r = sev_platform_ioctl(fd, SEV_PDH_CERT_EXPORT, &export, &err); + if (r < 0) { + error_report("failed to export PDH cert ret=%d fw_err=%d (%s)", + r, err, fw_error_to_str(err)); + goto e_free; + } + + *pdh = pdh_data; + *pdh_len = export.pdh_cert_len; + *cert_chain = cert_chain_data; + *cert_chain_len = export.cert_chain_len; + return 0; + +e_free: + g_free(pdh_data); + g_free(cert_chain_data); + return 1; +} + +SevCapability * +sev_get_capabilities(void) +{ + SevCapability *cap; + guchar *pdh_data, *cert_chain_data; + size_t pdh_len = 0, cert_chain_len = 0; + uint32_t ebx; + int fd; + + fd = open(DEFAULT_SEV_DEVICE, O_RDWR); + if (fd < 0) { + error_report("%s: Failed to open %s '%s'", __func__, + DEFAULT_SEV_DEVICE, strerror(errno)); + return NULL; + } + + if (sev_get_pdh_info(fd, &pdh_data, &pdh_len, + &cert_chain_data, &cert_chain_len)) { + return NULL; + } + + cap = g_new0(SevCapability, 1); + cap->pdh = g_base64_encode(pdh_data, pdh_len); + cap->cert_chain = g_base64_encode(cert_chain_data, cert_chain_len); + + host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL); + cap->cbitpos = ebx & 0x3f; + + /* + * When SEV feature is enabled, we loose one bit in guest physical + * addressing. + */ + cap->reduced_phys_bits = 1; + + g_free(pdh_data); + g_free(cert_chain_data); + + close(fd); + return cap; +} + static int sev_read_file_base64(const char *filename, guchar **data, gsize *len) { diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h index c21d1f31d712..cd802e4b4178 100644 --- a/target/i386/sev_i386.h +++ b/target/i386/sev_i386.h @@ -43,6 +43,7 @@ extern SevInfo *sev_get_info(void); extern uint32_t sev_get_cbit_position(void); extern uint32_t sev_get_reduced_phys_bits(void); extern char *sev_get_launch_measurement(void); +extern SevCapability *sev_get_capabilities(void); typedef struct QSevGuestInfo QSevGuestInfo; typedef struct QSevGuestInfoClass QSevGuestInfoClass;