mirror of https://gitee.com/openkylin/qemu.git
target/i386: Add HMP and QMP interfaces for SGX
The QMP and HMP interfaces can be used by monitor or QMP tools to retrieve the SGX information from VM side when SGX is enabled on Intel platform. Signed-off-by: Yang Zhong <yang.zhong@intel.com> Message-Id: <20210910102258.46648-2-yang.zhong@intel.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
c5348c6a16
commit
57d874c4c7
|
@ -877,3 +877,18 @@ SRST
|
|||
``info dirty_rate``
|
||||
Display the vcpu dirty rate information.
|
||||
ERST
|
||||
|
||||
#if defined(TARGET_I386)
|
||||
{
|
||||
.name = "sgx",
|
||||
.args_type = "",
|
||||
.params = "",
|
||||
.help = "show intel SGX information",
|
||||
.cmd = hmp_info_sgx,
|
||||
},
|
||||
#endif
|
||||
|
||||
SRST
|
||||
``info sgx``
|
||||
Show intel SGX information.
|
||||
ERST
|
||||
|
|
|
@ -1,6 +1,13 @@
|
|||
#include "qemu/osdep.h"
|
||||
#include "hw/i386/pc.h"
|
||||
#include "hw/i386/sgx-epc.h"
|
||||
#include "hw/i386/sgx.h"
|
||||
|
||||
SGXInfo *sgx_get_info(Error **errp)
|
||||
{
|
||||
error_setg(errp, "SGX support is not compiled in");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void pc_machine_init_sgx_epc(PCMachineState *pcms)
|
||||
{
|
||||
|
|
|
@ -17,6 +17,37 @@
|
|||
#include "monitor/qdev.h"
|
||||
#include "qapi/error.h"
|
||||
#include "exec/address-spaces.h"
|
||||
#include "hw/i386/sgx.h"
|
||||
|
||||
SGXInfo *sgx_get_info(Error **errp)
|
||||
{
|
||||
SGXInfo *info = NULL;
|
||||
X86MachineState *x86ms;
|
||||
PCMachineState *pcms =
|
||||
(PCMachineState *)object_dynamic_cast(qdev_get_machine(),
|
||||
TYPE_PC_MACHINE);
|
||||
if (!pcms) {
|
||||
error_setg(errp, "SGX is only supported on PC machines");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
x86ms = X86_MACHINE(pcms);
|
||||
if (!x86ms->sgx_epc_list) {
|
||||
error_setg(errp, "No EPC regions defined, SGX not available");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
SGXEPCState *sgx_epc = &pcms->sgx_epc;
|
||||
info = g_new0(SGXInfo, 1);
|
||||
|
||||
info->sgx = true;
|
||||
info->sgx1 = true;
|
||||
info->sgx2 = true;
|
||||
info->flc = true;
|
||||
info->section_size = sgx_epc->size;
|
||||
|
||||
return info;
|
||||
}
|
||||
|
||||
int sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
|
||||
{
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
#ifndef QEMU_SGX_H
|
||||
#define QEMU_SGX_H
|
||||
|
||||
#include "qom/object.h"
|
||||
#include "qapi/error.h"
|
||||
#include "qemu/error-report.h"
|
||||
#include "qapi/qapi-types-misc-target.h"
|
||||
|
||||
SGXInfo *sgx_get_info(Error **errp);
|
||||
|
||||
#endif
|
|
@ -49,5 +49,6 @@ void hmp_info_tlb(Monitor *mon, const QDict *qdict);
|
|||
void hmp_mce(Monitor *mon, const QDict *qdict);
|
||||
void hmp_info_local_apic(Monitor *mon, const QDict *qdict);
|
||||
void hmp_info_io_apic(Monitor *mon, const QDict *qdict);
|
||||
void hmp_info_sgx(Monitor *mon, const QDict *qdict);
|
||||
|
||||
#endif /* MONITOR_HMP_TARGET_H */
|
||||
|
|
|
@ -333,3 +333,46 @@
|
|||
{ 'command': 'query-sev-attestation-report', 'data': { 'mnonce': 'str' },
|
||||
'returns': 'SevAttestationReport',
|
||||
'if': 'TARGET_I386' }
|
||||
|
||||
##
|
||||
# @SGXInfo:
|
||||
#
|
||||
# Information about intel Safe Guard eXtension (SGX) support
|
||||
#
|
||||
# @sgx: true if SGX is supported
|
||||
#
|
||||
# @sgx1: true if SGX1 is supported
|
||||
#
|
||||
# @sgx2: true if SGX2 is supported
|
||||
#
|
||||
# @flc: true if FLC is supported
|
||||
#
|
||||
# @section-size: The EPC section size for guest
|
||||
#
|
||||
# Since: 6.2
|
||||
##
|
||||
{ 'struct': 'SGXInfo',
|
||||
'data': { 'sgx': 'bool',
|
||||
'sgx1': 'bool',
|
||||
'sgx2': 'bool',
|
||||
'flc': 'bool',
|
||||
'section-size': 'uint64'},
|
||||
'if': 'TARGET_I386' }
|
||||
|
||||
##
|
||||
# @query-sgx:
|
||||
#
|
||||
# Returns information about SGX
|
||||
#
|
||||
# Returns: @SGXInfo
|
||||
#
|
||||
# Since: 6.2
|
||||
#
|
||||
# Example:
|
||||
#
|
||||
# -> { "execute": "query-sgx" }
|
||||
# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
|
||||
# "flc": true, "section-size" : 0 } }
|
||||
#
|
||||
##
|
||||
{ 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
#include "qapi/qapi-commands-misc-target.h"
|
||||
#include "qapi/qapi-commands-misc.h"
|
||||
#include "hw/i386/pc.h"
|
||||
#include "hw/i386/sgx.h"
|
||||
|
||||
/* Perform linear address sign extension */
|
||||
static hwaddr addr_canonical(CPUArchState *env, hwaddr addr)
|
||||
|
@ -763,3 +764,29 @@ qmp_query_sev_attestation_report(const char *mnonce, Error **errp)
|
|||
{
|
||||
return sev_get_attestation_report(mnonce, errp);
|
||||
}
|
||||
|
||||
SGXInfo *qmp_query_sgx(Error **errp)
|
||||
{
|
||||
return sgx_get_info(errp);
|
||||
}
|
||||
|
||||
void hmp_info_sgx(Monitor *mon, const QDict *qdict)
|
||||
{
|
||||
Error *err = NULL;
|
||||
g_autoptr(SGXInfo) info = qmp_query_sgx(&err);
|
||||
|
||||
if (err) {
|
||||
error_report_err(err);
|
||||
return;
|
||||
}
|
||||
monitor_printf(mon, "SGX support: %s\n",
|
||||
info->sgx ? "enabled" : "disabled");
|
||||
monitor_printf(mon, "SGX1 support: %s\n",
|
||||
info->sgx1 ? "enabled" : "disabled");
|
||||
monitor_printf(mon, "SGX2 support: %s\n",
|
||||
info->sgx2 ? "enabled" : "disabled");
|
||||
monitor_printf(mon, "FLC support: %s\n",
|
||||
info->flc ? "enabled" : "disabled");
|
||||
monitor_printf(mon, "size: %" PRIu64 "\n",
|
||||
info->section_size);
|
||||
}
|
||||
|
|
|
@ -100,6 +100,7 @@ static bool query_is_ignored(const char *cmd)
|
|||
/* Success depends on Host or Hypervisor SEV support */
|
||||
"query-sev",
|
||||
"query-sev-capabilities",
|
||||
"query-sgx",
|
||||
NULL
|
||||
};
|
||||
int i;
|
||||
|
|
Loading…
Reference in New Issue