qemu: probe for sev-guest.kernel-hashes property

This sev-guest object property indicates whether QEMU should
expose the kernel, ramdisk, cmdline hashes to the firmware
for measurement.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

src/qemu/qemu_capabilities.c

@@ -652,6 +652,7 @@ VIR_ENUM_IMPL(virQEMUCaps,
               "device.json", /* QEMU_CAPS_DEVICE_JSON */
               "query-dirty-rate", /* QEMU_CAPS_QUERY_DIRTY_RATE */
               "rbd-encryption", /* QEMU_CAPS_RBD_ENCRYPTION */
+              "sev-guest-kernel-hashes", /* QEMU_CAPS_SEV_GUEST_KERNEL_HASHES */
     );
 
 
@@ -1571,6 +1572,7 @@ static struct virQEMUCapsStringFlags virQEMUCapsQMPSchemaQueries[] = {
     { "query-named-block-nodes/arg-type/flat", QEMU_CAPS_QMP_QUERY_NAMED_BLOCK_NODES_FLAT },
     { "screendump/arg-type/device", QEMU_CAPS_SCREENDUMP_DEVICE },
     { "set-numa-node/arg-type/+hmat-lb", QEMU_CAPS_NUMA_HMAT },
+    { "object-add/arg-type/+sev-guest/kernel-hashes", QEMU_CAPS_SEV_GUEST_KERNEL_HASHES },
 };
 
 typedef struct _virQEMUCapsObjectTypeProps virQEMUCapsObjectTypeProps;

src/qemu/qemu_capabilities.h

@@ -631,6 +631,7 @@ typedef enum { /* virQEMUCapsFlags grouping marker for syntax-check */
     QEMU_CAPS_DEVICE_JSON, /* -device accepts JSON */
     QEMU_CAPS_QUERY_DIRTY_RATE, /* accepts query-dirty-rate */
     QEMU_CAPS_RBD_ENCRYPTION, /* Ceph RBD encryption support */
+    QEMU_CAPS_SEV_GUEST_KERNEL_HASHES, /* sev-guest.kernel-hashes= */
 
     QEMU_CAPS_LAST /* this must always be the last item */
 } virQEMUCapsFlags;

tests/qemucapabilitiesdata/caps_6.2.0.x86_64.xml

@@ -240,6 +240,7 @@
   <flag name='device.json'/>
   <flag name='query-dirty-rate'/>
   <flag name='rbd-encryption'/>
+  <flag name='sev-guest-kernel-hashes'/>
   <version>6002000</version>
   <kvmVersion>0</kvmVersion>
   <microcodeVersion>43100244</microcodeVersion>