[RESEND,25/32] qmp: Add query-sgx command

Message ID	20210430062455.8117-26-yang.zhong@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=L1kx=J3=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C5AEF613BF IronPort-SDR: ltNFjvY+wUNBijdB/tmUMWz5bzyHzeovJcWixFAMbfraSsuEhwV2nNYPFRw+Y+6muw0D/mRdst 7Yjf7ArPSAKQ== IronPort-SDR: Ahywyiytrqhpe2bwY+Obg3fmVbP6dZlMnZ1QVvDl7zvmFlOYsKE613PpTATqsPej6slxJ4sqP2 0mMDQk3R34nA== From: Yang Zhong <yang.zhong@intel.com> To: qemu-devel@nongnu.org Subject: [RESEND PATCH 25/32] qmp: Add query-sgx command Date: Fri, 30 Apr 2021 14:24:48 +0800 Message-Id: <20210430062455.8117-26-yang.zhong@intel.com> In-Reply-To: <20210430062455.8117-1-yang.zhong@intel.com> References: <20210430062455.8117-1-yang.zhong@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=192.55.52.93; envelope-from=yang.zhong@intel.com; helo=mga11.intel.com X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: yang.zhong@intel.com, pbonzini@redhat.com, kai.huang@intel.com, seanjc@google.com Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	Qemu SGX virtualization \| expand [RESEND,00/32] Qemu SGX virtualization [RESEND,01/32] memory: Add RAM_PROTECTED flag to skip IOMMU mappings [RESEND,02/32] hostmem: Add hostmem-epc as a backend for SGX EPC [RESEND,03/32] qom: Add memory-backend-epc ObjectOptions support [RESEND,04/32] i386: Add 'sgx-epc' device to expose EPC sections to guest [RESEND,05/32] vl: Add "sgx-epc" option to expose SGX EPC sections to guest [RESEND,06/32] i386: Add primary SGX CPUID and MSR defines [RESEND,07/32] i386: Add SGX CPUID leaf FEAT_SGX_12_0_EAX [RESEND,08/32] i386: Add SGX CPUID leaf FEAT_SGX_12_0_EBX [RESEND,09/32] i386: Add SGX CPUID leaf FEAT_SGX_12_1_EAX [RESEND,10/32] i386: Add get/set/migrate support for SGX_LEPUBKEYHASH MSRs [RESEND,11/32] i386: Add feature control MSR dependency when SGX is enabled [RESEND,12/32] i386: Update SGX CPUID info according to hardware/KVM/user input [RESEND,13/32] linux-headers: Add placeholder for KVM_CAP_SGX_ATTRIBUTE [RESEND,14/32] i386: kvm: Add support for exposing PROVISIONKEY to guest [RESEND,15/32] i386: Propagate SGX CPUID sub-leafs to KVM [RESEND,16/32] Adjust min CPUID level to 0x12 when SGX is enabled [RESEND,17/32] hw/i386/fw_cfg: Set SGX bits in feature control fw_cfg accordingly [RESEND,18/32] hw/i386/pc: Account for SGX EPC sections when calculating device memory [RESEND,19/32] i386/pc: Add e820 entry for SGX EPC section(s) [RESEND,20/32] i386: acpi: Add SGX EPC entry to ACPI tables [RESEND,21/32] q35: Add support for SGX EPC [RESEND,22/32] i440fx: Add support for SGX EPC [RESEND,23/32] hostmem: Add the reset interface for EPC backend reset [RESEND,24/32] sgx-epc: Add the reset interface for sgx-epc virt device [RESEND,25/32] qmp: Add query-sgx command [RESEND,26/32] hmp: Add 'info sgx' command [RESEND,27/32] i386: Add sgx_get_info() interface [RESEND,28/32] bitops: Support 32 and 64 bit mask macro [RESEND,29/32] qmp: Add the qmp_query_sgx_capabilities() [RESEND,30/32] Kconfig: Add CONFIG_SGX support [RESEND,31/32] sgx-epc: Add the fill_device_info() callback support [RESEND,32/32] doc: Add the SGX doc

Message ID

20210430062455.8117-26-yang.zhong@intel.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C5AEF613BF
IronPort-SDR: 
 ltNFjvY+wUNBijdB/tmUMWz5bzyHzeovJcWixFAMbfraSsuEhwV2nNYPFRw+Y+6muw0D/mRdst
 7Yjf7ArPSAKQ==
IronPort-SDR: 
 Ahywyiytrqhpe2bwY+Obg3fmVbP6dZlMnZ1QVvDl7zvmFlOYsKE613PpTATqsPej6slxJ4sqP2
 0mMDQk3R34nA==
From: Yang Zhong <yang.zhong@intel.com>
To: qemu-devel@nongnu.org
Subject: [RESEND PATCH 25/32] qmp: Add query-sgx command
Date: Fri, 30 Apr 2021 14:24:48 +0800
Message-Id: <20210430062455.8117-26-yang.zhong@intel.com>
In-Reply-To: <20210430062455.8117-1-yang.zhong@intel.com>
References: <20210430062455.8117-1-yang.zhong@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=192.55.52.93; envelope-from=yang.zhong@intel.com;
 helo=mga11.intel.com
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: yang.zhong@intel.com, pbonzini@redhat.com, kai.huang@intel.com,
 seanjc@google.com
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

Qemu SGX virtualization | expand

Commit Message

Yang Zhong April 30, 2021, 6:24 a.m. UTC

This QMP query command can be used by some userspaces to retrieve
the SGX information when SGX is enabled on Intel platform.

Signed-off-by: Yang Zhong <yang.zhong@intel.com>
---
 monitor/qmp-cmds.c         |  6 ++++++
 qapi/misc.json             | 42 ++++++++++++++++++++++++++++++++++++++
 tests/qtest/qmp-cmd-test.c |  1 +
 3 files changed, 49 insertions(+)

Comments

Eric Blake May 3, 2021, 5:58 p.m. UTC | #1

On 4/30/21 1:24 AM, Yang Zhong wrote:
> This QMP query command can be used by some userspaces to retrieve
> the SGX information when SGX is enabled on Intel platform.
> 
> Signed-off-by: Yang Zhong <yang.zhong@intel.com>
> ---
>  monitor/qmp-cmds.c         |  6 ++++++
>  qapi/misc.json             | 42 ++++++++++++++++++++++++++++++++++++++
>  tests/qtest/qmp-cmd-test.c |  1 +
>  3 files changed, 49 insertions(+)
> 

> +++ b/qapi/misc.json
> @@ -519,3 +519,45 @@
>   'data': { '*option': 'str' },
>   'returns': ['CommandLineOptionInfo'],
>   'allow-preconfig': true }
> +
> +##
> +# @SGXInfo:
> +#
> +# Information about intel Safe Guard eXtension (SGX) support
> +#
> +# @sgx: true if SGX is support

is supported

> +#
> +# @sgx1: true if SGX1 is support
> +#
> +# @sgx2: true if SGX2 is support
> +#
> +# @flc: true if FLC is support

again, for each of these too.

> +#
> +# @section-size: The EPC section size for guest
> +#
> +# Since: 5.1

6.1 (5.1 was last year).

> +##
> +{ 'struct': 'SGXInfo',
> +  'data': { 'sgx': 'bool',
> +            'sgx1': 'bool',
> +            'sgx2': 'bool',
> +            'flc': 'bool',
> +            'section-size': 'uint64'}}
> +
> +##
> +# @query-sgx:
> +#
> +# Returns information about SGX
> +#
> +# Returns: @SGXInfo
> +#
> +# Since: 5.1

6.1

> +#
> +# Example:
> +#
> +# -> { "execute": "query-sgx" }
> +# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
> +#                  "flc": true, "section-size" : 0 } }
> +#
> +##
> +{ 'command': 'query-sgx', 'returns': 'SGXInfo' }
> diff --git a/tests/qtest/qmp-cmd-test.c b/tests/qtest/qmp-cmd-test.c
> index c98b78d033..b75f3364f3 100644
> --- a/tests/qtest/qmp-cmd-test.c
> +++ b/tests/qtest/qmp-cmd-test.c
> @@ -100,6 +100,7 @@ static bool query_is_ignored(const char *cmd)
>          /* Success depends on Host or Hypervisor SEV support */
>          "query-sev",
>          "query-sev-capabilities",
> +        "query-sgx",
>          NULL
>      };
>      int i;
>

Yang Zhong May 6, 2021, 9:08 a.m. UTC | #2

On Mon, May 03, 2021 at 12:58:34PM -0500, Eric Blake wrote:
> On 4/30/21 1:24 AM, Yang Zhong wrote:
> > This QMP query command can be used by some userspaces to retrieve
> > the SGX information when SGX is enabled on Intel platform.
> > 
> > Signed-off-by: Yang Zhong <yang.zhong@intel.com>
> > ---
> >  monitor/qmp-cmds.c         |  6 ++++++
> >  qapi/misc.json             | 42 ++++++++++++++++++++++++++++++++++++++
> >  tests/qtest/qmp-cmd-test.c |  1 +
> >  3 files changed, 49 insertions(+)
> > 
> 
> > +++ b/qapi/misc.json
> > @@ -519,3 +519,45 @@
> >   'data': { '*option': 'str' },
> >   'returns': ['CommandLineOptionInfo'],
> >   'allow-preconfig': true }
> > +
> > +##
> > +# @SGXInfo:
> > +#
> > +# Information about intel Safe Guard eXtension (SGX) support
> > +#
> > +# @sgx: true if SGX is support
> 
> is supported
> 
  Eric, thanks for your comments! I will change this mistake. thanks!

  Yang

> > +#
> > +# @sgx1: true if SGX1 is support
> > +#
> > +# @sgx2: true if SGX2 is support
> > +#
> > +# @flc: true if FLC is support
> 
> again, for each of these too.

  Ditto, thanks!

  Yang

> 
> > +#
> > +# @section-size: The EPC section size for guest
> > +#
> > +# Since: 5.1
> 
> 6.1 (5.1 was last year).
> 

  Yes, i will change this version, thanks!

  Yang  

> > +##
> > +{ 'struct': 'SGXInfo',
> > +  'data': { 'sgx': 'bool',
> > +            'sgx1': 'bool',
> > +            'sgx2': 'bool',
> > +            'flc': 'bool',
> > +            'section-size': 'uint64'}}
> > +
> > +##
> > +# @query-sgx:
> > +#
> > +# Returns information about SGX
> > +#
> > +# Returns: @SGXInfo
> > +#
> > +# Since: 5.1
> 
> 6.1

  Ditto, thanks!

  Yang

> 
> > +#
> > +# Example:
> > +#
> > +# -> { "execute": "query-sgx" }
> > +# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
> > +#                  "flc": true, "section-size" : 0 } }
> > +#
> > +##
> > +{ 'command': 'query-sgx', 'returns': 'SGXInfo' }
> > diff --git a/tests/qtest/qmp-cmd-test.c b/tests/qtest/qmp-cmd-test.c
> > index c98b78d033..b75f3364f3 100644
> > --- a/tests/qtest/qmp-cmd-test.c
> > +++ b/tests/qtest/qmp-cmd-test.c
> > @@ -100,6 +100,7 @@ static bool query_is_ignored(const char *cmd)
> >          /* Success depends on Host or Hypervisor SEV support */
> >          "query-sev",
> >          "query-sev-capabilities",
> > +        "query-sgx",
> >          NULL
> >      };
> >      int i;
> > 
> 
> -- 
> Eric Blake, Principal Software Engineer
> Red Hat, Inc.           +1-919-301-3226
> Virtualization:  qemu.org | libvirt.org

diff --git a/monitor/qmp-cmds.c b/monitor/qmp-cmds.c
index f7d64a6457..d63d59149f 100644
--- a/monitor/qmp-cmds.c
+++ b/monitor/qmp-cmds.c
@@ -351,3 +351,9 @@  void qmp_display_reload(DisplayReloadOptions *arg, Error **errp)
         abort();
     }
 }
+
+SGXInfo *qmp_query_sgx(Error **errp)
+{
+    error_setg(errp, QERR_FEATURE_DISABLED, "query-sgx");
+    return NULL;
+}
diff --git a/qapi/misc.json b/qapi/misc.json
index 156f98203e..112a2f71cf 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -519,3 +519,45 @@ 
  'data': { '*option': 'str' },
  'returns': ['CommandLineOptionInfo'],
  'allow-preconfig': true }
+
+##
+# @SGXInfo:
+#
+# Information about intel Safe Guard eXtension (SGX) support
+#
+# @sgx: true if SGX is support
+#
+# @sgx1: true if SGX1 is support
+#
+# @sgx2: true if SGX2 is support
+#
+# @flc: true if FLC is support
+#
+# @section-size: The EPC section size for guest
+#
+# Since: 5.1
+##
+{ 'struct': 'SGXInfo',
+  'data': { 'sgx': 'bool',
+            'sgx1': 'bool',
+            'sgx2': 'bool',
+            'flc': 'bool',
+            'section-size': 'uint64'}}
+
+##
+# @query-sgx:
+#
+# Returns information about SGX
+#
+# Returns: @SGXInfo
+#
+# Since: 5.1
+#
+# Example:
+#
+# -> { "execute": "query-sgx" }
+# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
+#                  "flc": true, "section-size" : 0 } }
+#
+##
+{ 'command': 'query-sgx', 'returns': 'SGXInfo' }
diff --git a/tests/qtest/qmp-cmd-test.c b/tests/qtest/qmp-cmd-test.c
index c98b78d033..b75f3364f3 100644
--- a/tests/qtest/qmp-cmd-test.c
+++ b/tests/qtest/qmp-cmd-test.c
@@ -100,6 +100,7 @@  static bool query_is_ignored(const char *cmd)
         /* Success depends on Host or Hypervisor SEV support */
         "query-sev",
         "query-sev-capabilities",
+        "query-sgx",
         NULL
     };
     int i;

[RESEND,25/32] qmp: Add query-sgx command

Commit Message

Comments

Patch