Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions

From:	Dov Murik
Subject:	Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions
Date:	Thu, 24 Jun 2021 09:13:14 +0300
User-agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0

Phil,


On 16/06/2021 23:43, Philippe Mathieu-Daudé wrote:
> There is already a section with various SEV commands / types,
> so move the SEV guest attestation together.
> 

I have two questions (regarding several qapi patches in this series):

1. Should we extract all the SEV commands/types to a separate file?
Maybe sev.json, or confidential-guest-sev.json -- anticipating the other
platforms.

2. I see that some qapi types/commands are conditioned on
`defined(CONFIG_...)`. For example in qapi/tpm.json we have:

  { 'command': 'query-tpm-types', 'returns': ['TpmType'],
    'if': 'defined(CONFIG_TPM)' }

I wonder if the same applies to SEV.

-Dov


> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
> ---
>  qapi/misc-target.json | 81 +++++++++++++++++++++----------------------
>  1 file changed, 40 insertions(+), 41 deletions(-)
> 
> diff --git a/qapi/misc-target.json b/qapi/misc-target.json
> index 81646126267..7db94206212 100644
> --- a/qapi/misc-target.json
> +++ b/qapi/misc-target.json
> @@ -219,6 +219,46 @@
>    'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
>    'if': 'defined(TARGET_I386)' }
>  
> +##
> +# @SevAttestationReport:
> +#
> +# The struct describes attestation report for a Secure Encrypted
> +# Virtualization feature.
> +#
> +# @data:  guest attestation report (base64 encoded)
> +#
> +#
> +# Since: 6.1
> +##
> +{ 'struct': 'SevAttestationReport',
> +  'data': { 'data': 'str'},
> +  'if': 'defined(TARGET_I386)' }
> +
> +##
> +# @query-sev-attestation-report:
> +#
> +# This command is used to get the SEV attestation report, and is
> +# supported on AMD X86 platforms only.
> +#
> +# @mnonce: a random 16 bytes value encoded in base64 (it will be
> +#          included in report)
> +#
> +# Returns: SevAttestationReport objects.
> +#
> +# Since: 6.1
> +#
> +# Example:
> +#
> +# -> { "execute" : "query-sev-attestation-report",
> +#                  "arguments": { "mnonce": "aaaaaaa" } }
> +# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
> +#
> +##
> +{ 'command': 'query-sev-attestation-report',
> +  'data': { 'mnonce': 'str' },
> +  'returns': 'SevAttestationReport',
> +  'if': 'defined(TARGET_I386)' }
> +
>  ##
>  # @dump-skeys:
>  #
> @@ -285,44 +325,3 @@
>  ##
>  { 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
>    'if': 'defined(TARGET_ARM)' }
> -
> -
> -##
> -# @SevAttestationReport:
> -#
> -# The struct describes attestation report for a Secure Encrypted
> -# Virtualization feature.
> -#
> -# @data:  guest attestation report (base64 encoded)
> -#
> -#
> -# Since: 6.1
> -##
> -{ 'struct': 'SevAttestationReport',
> -  'data': { 'data': 'str'},
> -  'if': 'defined(TARGET_I386)' }
> -
> -##
> -# @query-sev-attestation-report:
> -#
> -# This command is used to get the SEV attestation report, and is
> -# supported on AMD X86 platforms only.
> -#
> -# @mnonce: a random 16 bytes value encoded in base64 (it will be
> -#          included in report)
> -#
> -# Returns: SevAttestationReport objects.
> -#
> -# Since: 6.1
> -#
> -# Example:
> -#
> -# -> { "execute" : "query-sev-attestation-report",
> -                   "arguments": { "mnonce": "aaaaaaa" } }
> -# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
> -#
> -##
> -{ 'command': 'query-sev-attestation-report',
> -  'data': { 'mnonce': 'str' },
> -  'returns': 'SevAttestationReport',
> -  'if': 'defined(TARGET_I386)' }
>

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 00/23] target/i386/sev: Housekeeping (OVMF + SEV-disabled binaries), Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 02/23] qapi/misc-target: Wrap long 'SEV Attestation Report' long lines, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 01/23] MAINTAINERS: Add Connor Kuehl as reviewer for AMD SEV, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions, Philippe Mathieu-Daudé, 2021/06/16
  - Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions, Dov Murik <=
    - Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions, Philippe Mathieu-Daudé, 2021/06/24
- [PATCH v2 05/23] target/i386/cpu: Add missing 'qapi/error.h' header, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 04/23] target/i386/monitor: Return QMP error when SEV is disabled in build, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 06/23] target/i386/sev_i386.h: Remove unused headers, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 07/23] target/i386/sev: Remove sev_get_me_mask(), Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 08/23] target/i386/sev: Mark unreachable code with g_assert_not_reached(), Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 09/23] target/i386/sev: sev_get_attestation_report use g_autofree, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 10/23] target/i386/sev: Restrict SEV to system emulation, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 11/23] target/i386/sev: Move qmp_query_sev_attestation_report() to sev.c, Philippe Mathieu-Daudé, 2021/06/16
- [PATCH v2 12/23] target/i386/sev: Move qmp_sev_inject_launch_secret() to sev.c, Philippe Mathieu-Daudé, 2021/06/16

Prev by Date: Re: [PATCH v2 04/37] target/riscv: 8-bit Addition & Subtraction Instruction
Next by Date: Re: [PATCH] hw/pci/pcie_port: Rename "enable-native-hotplug" property
Previous by thread: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions
Next by thread: Re: [PATCH v2 03/23] qapi/misc-target: Group SEV QAPI definitions
Index(es):
- Date
- Thread