External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-05 01:22:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

libvirt: Introduce virNodeGetSEVInfo public API

Browse Source 
The API can be used by application to retrieve the Platform Diffie-Hellman
Key and Platform Certificate chain.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
This commit is contained in:
Brijesh Singh 2018-06-08 09:40:53 -05:00 committed by Erik Skultety
parent 5dca09c170
commit 45422935c3
4 changed files with 98 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
include/libvirt/libvirt-host.h
View File

@ -432,6 +432,48 @@ typedef virNodeCPUStats *virNodeCPUStatsPtr;
typedef virNodeMemoryStats *virNodeMemoryStatsPtr;
/**
*
* SEV Parameters
*/
/**
* VIR_NODE_SEV_PDH:
*
* Macro represents the Platform Diffie-Hellman key, as VIR_TYPED_PARAMS_STRING.
*/
# define VIR_NODE_SEV_PDH "pdh"
/**
* VIR_NODE_SEV_CERT_CHAIN:
*
* Macro represents the platform certificate chain that includes the platform
* endorsement key (PEK), owner certificate authority (OCD) and chip
* endorsement key (CEK), as VIR_TYPED_PARAMS_STRING.
*/
# define VIR_NODE_SEV_CERT_CHAIN "cert-chain"
/**
* VIR_NODE_SEV_CBITPOS:
*
* Macro represents the CBit Position used by hypervisor when SEV is enabled.
*/
# define VIR_NODE_SEV_CBITPOS "cbitpos"
/**
* VIR_NODE_SEV_REDUCED_PHYS_BITS:
*
* Macro represents the number of bits we lose in physical address space
* when SEV is enabled in the guest.
*/
# define VIR_NODE_SEV_REDUCED_PHYS_BITS "reduced-phys-bits"
int virNodeGetSEVInfo (virConnectPtr conn,
virTypedParameterPtr *params,
int *nparams,
unsigned int flags);
/**
* virConnectFlags
*

6
src/driver-hypervisor.h
View File

@ -1309,6 +1309,11 @@ typedef int
unsigned int action,
unsigned int flags);
typedef int
(*virDrvNodeGetSEVInfo)(virConnectPtr conn,
virTypedParameterPtr *params,
int *nparams,
unsigned int flags);
typedef struct _virHypervisorDriver virHypervisorDriver;
typedef virHypervisorDriver *virHypervisorDriverPtr;
@ -1558,6 +1563,7 @@ struct _virHypervisorDriver {
virDrvDomainSetLifecycleAction domainSetLifecycleAction;
virDrvConnectCompareHypervisorCPU connectCompareHypervisorCPU;
virDrvConnectBaselineHypervisorCPU connectBaselineHypervisorCPU;
virDrvNodeGetSEVInfo nodeGetSEVInfo;
};

49
src/libvirt-host.c
View File

@ -1639,3 +1639,52 @@ virNodeAllocPages(virConnectPtr conn,
virDispatchError(conn);
return -1;
}
/*
* virNodeGetSEVInfo:
* @conn: pointer to the hypervisor connection
* @params: where to store SEV information
* @nparams: pointer to number of SEV parameters returned in @params
* @flags: extra flags; not used yet, so callers should always pass 0
*
* If hypervisor supports AMD's SEV feature, then @params will contain various
* platform specific information like PDH and certificate chain. Caller is
* responsible for freeing @params.
*
* Returns 0 in case of success, and -1 in case of failure.
*/
int
virNodeGetSEVInfo(virConnectPtr conn,
virTypedParameterPtr *params,
int *nparams,
unsigned int flags)
{
VIR_DEBUG("conn=%p, params=%p, nparams=%p, flags=0x%x",
conn, params, nparams, flags);
virResetLastError();
virCheckConnectReturn(conn, -1);
virCheckNonNullArgGoto(nparams, error);
virCheckNonNegativeArgGoto(*nparams, error);
virCheckReadOnlyGoto(conn->flags, error);
if (VIR_DRV_SUPPORTS_FEATURE(conn->driver, conn,
VIR_DRV_FEATURE_TYPED_PARAM_STRING))
flags |= VIR_TYPED_PARAM_STRING_OKAY;
if (conn->driver->nodeGetSEVInfo) {
int ret;
ret = conn->driver->nodeGetSEVInfo(conn, params, nparams, flags);
if (ret < 0)
goto error;
return ret;
}
virReportUnsupportedError();
error:
virDispatchError(conn);
return -1;
}

1
src/libvirt_public.syms
View File

@ -796,6 +796,7 @@ LIBVIRT_4.5.0 {
global:
virGetLastErrorCode;
virGetLastErrorDomain;
virNodeGetSEVInfo;
} LIBVIRT_4.4.0;
# .... define new API here using predicted next version number ....