[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 25/33] target/i386: Add HMP and QMP interfaces for SGX
From: |
Paolo Bonzini |
Subject: |
[PULL 25/33] target/i386: Add HMP and QMP interfaces for SGX |
Date: |
Tue, 28 Sep 2021 14:51:08 +0200 |
From: Yang Zhong <yang.zhong@intel.com>
The QMP and HMP interfaces can be used by monitor or QMP tools to retrieve
the SGX information from VM side when SGX is enabled on Intel platform.
Signed-off-by: Yang Zhong <yang.zhong@intel.com>
Message-Id: <20210910102258.46648-2-yang.zhong@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
hmp-commands-info.hx | 15 +++++++++++++
hw/i386/sgx-stub.c | 7 ++++++
hw/i386/sgx.c | 31 ++++++++++++++++++++++++++
include/hw/i386/sgx.h | 11 +++++++++
include/monitor/hmp-target.h | 1 +
qapi/misc-target.json | 43 ++++++++++++++++++++++++++++++++++++
target/i386/monitor.c | 27 ++++++++++++++++++++++
tests/qtest/qmp-cmd-test.c | 1 +
8 files changed, 136 insertions(+)
create mode 100644 include/hw/i386/sgx.h
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index 27206ac049..4c966e8a6b 100644
--- a/hmp-commands-info.hx
+++ b/hmp-commands-info.hx
@@ -877,3 +877,18 @@ SRST
``info dirty_rate``
Display the vcpu dirty rate information.
ERST
+
+#if defined(TARGET_I386)
+ {
+ .name = "sgx",
+ .args_type = "",
+ .params = "",
+ .help = "show intel SGX information",
+ .cmd = hmp_info_sgx,
+ },
+#endif
+
+SRST
+ ``info sgx``
+ Show intel SGX information.
+ERST
diff --git a/hw/i386/sgx-stub.c b/hw/i386/sgx-stub.c
index 483c72bba6..485e16ecc1 100644
--- a/hw/i386/sgx-stub.c
+++ b/hw/i386/sgx-stub.c
@@ -1,6 +1,13 @@
#include "qemu/osdep.h"
#include "hw/i386/pc.h"
#include "hw/i386/sgx-epc.h"
+#include "hw/i386/sgx.h"
+
+SGXInfo *sgx_get_info(Error **errp)
+{
+ error_setg(errp, "SGX support is not compiled in");
+ return NULL;
+}
void pc_machine_init_sgx_epc(PCMachineState *pcms)
{
diff --git a/hw/i386/sgx.c b/hw/i386/sgx.c
index 8a18cddc3f..ea75398575 100644
--- a/hw/i386/sgx.c
+++ b/hw/i386/sgx.c
@@ -17,6 +17,37 @@
#include "monitor/qdev.h"
#include "qapi/error.h"
#include "exec/address-spaces.h"
+#include "hw/i386/sgx.h"
+
+SGXInfo *sgx_get_info(Error **errp)
+{
+ SGXInfo *info = NULL;
+ X86MachineState *x86ms;
+ PCMachineState *pcms =
+ (PCMachineState *)object_dynamic_cast(qdev_get_machine(),
+ TYPE_PC_MACHINE);
+ if (!pcms) {
+ error_setg(errp, "SGX is only supported on PC machines");
+ return NULL;
+ }
+
+ x86ms = X86_MACHINE(pcms);
+ if (!x86ms->sgx_epc_list) {
+ error_setg(errp, "No EPC regions defined, SGX not available");
+ return NULL;
+ }
+
+ SGXEPCState *sgx_epc = &pcms->sgx_epc;
+ info = g_new0(SGXInfo, 1);
+
+ info->sgx = true;
+ info->sgx1 = true;
+ info->sgx2 = true;
+ info->flc = true;
+ info->section_size = sgx_epc->size;
+
+ return info;
+}
int sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
{
diff --git a/include/hw/i386/sgx.h b/include/hw/i386/sgx.h
new file mode 100644
index 0000000000..2bf90b3f4f
--- /dev/null
+++ b/include/hw/i386/sgx.h
@@ -0,0 +1,11 @@
+#ifndef QEMU_SGX_H
+#define QEMU_SGX_H
+
+#include "qom/object.h"
+#include "qapi/error.h"
+#include "qemu/error-report.h"
+#include "qapi/qapi-types-misc-target.h"
+
+SGXInfo *sgx_get_info(Error **errp);
+
+#endif
diff --git a/include/monitor/hmp-target.h b/include/monitor/hmp-target.h
index 60fc92722a..dc53add7ee 100644
--- a/include/monitor/hmp-target.h
+++ b/include/monitor/hmp-target.h
@@ -49,5 +49,6 @@ void hmp_info_tlb(Monitor *mon, const QDict *qdict);
void hmp_mce(Monitor *mon, const QDict *qdict);
void hmp_info_local_apic(Monitor *mon, const QDict *qdict);
void hmp_info_io_apic(Monitor *mon, const QDict *qdict);
+void hmp_info_sgx(Monitor *mon, const QDict *qdict);
#endif /* MONITOR_HMP_TARGET_H */
diff --git a/qapi/misc-target.json b/qapi/misc-target.json
index 3b05ad3dbf..e2a347cc23 100644
--- a/qapi/misc-target.json
+++ b/qapi/misc-target.json
@@ -333,3 +333,46 @@
{ 'command': 'query-sev-attestation-report', 'data': { 'mnonce': 'str' },
'returns': 'SevAttestationReport',
'if': 'TARGET_I386' }
+
+##
+# @SGXInfo:
+#
+# Information about intel Safe Guard eXtension (SGX) support
+#
+# @sgx: true if SGX is supported
+#
+# @sgx1: true if SGX1 is supported
+#
+# @sgx2: true if SGX2 is supported
+#
+# @flc: true if FLC is supported
+#
+# @section-size: The EPC section size for guest
+#
+# Since: 6.2
+##
+{ 'struct': 'SGXInfo',
+ 'data': { 'sgx': 'bool',
+ 'sgx1': 'bool',
+ 'sgx2': 'bool',
+ 'flc': 'bool',
+ 'section-size': 'uint64'},
+ 'if': 'TARGET_I386' }
+
+##
+# @query-sgx:
+#
+# Returns information about SGX
+#
+# Returns: @SGXInfo
+#
+# Since: 6.2
+#
+# Example:
+#
+# -> { "execute": "query-sgx" }
+# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
+# "flc": true, "section-size" : 0 } }
+#
+##
+{ 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 119211f0b0..d7384ba348 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -35,6 +35,7 @@
#include "qapi/qapi-commands-misc-target.h"
#include "qapi/qapi-commands-misc.h"
#include "hw/i386/pc.h"
+#include "hw/i386/sgx.h"
/* Perform linear address sign extension */
static hwaddr addr_canonical(CPUArchState *env, hwaddr addr)
@@ -763,3 +764,29 @@ qmp_query_sev_attestation_report(const char *mnonce, Error
**errp)
{
return sev_get_attestation_report(mnonce, errp);
}
+
+SGXInfo *qmp_query_sgx(Error **errp)
+{
+ return sgx_get_info(errp);
+}
+
+void hmp_info_sgx(Monitor *mon, const QDict *qdict)
+{
+ Error *err = NULL;
+ g_autoptr(SGXInfo) info = qmp_query_sgx(&err);
+
+ if (err) {
+ error_report_err(err);
+ return;
+ }
+ monitor_printf(mon, "SGX support: %s\n",
+ info->sgx ? "enabled" : "disabled");
+ monitor_printf(mon, "SGX1 support: %s\n",
+ info->sgx1 ? "enabled" : "disabled");
+ monitor_printf(mon, "SGX2 support: %s\n",
+ info->sgx2 ? "enabled" : "disabled");
+ monitor_printf(mon, "FLC support: %s\n",
+ info->flc ? "enabled" : "disabled");
+ monitor_printf(mon, "size: %" PRIu64 "\n",
+ info->section_size);
+}
diff --git a/tests/qtest/qmp-cmd-test.c b/tests/qtest/qmp-cmd-test.c
index c98b78d033..b75f3364f3 100644
--- a/tests/qtest/qmp-cmd-test.c
+++ b/tests/qtest/qmp-cmd-test.c
@@ -100,6 +100,7 @@ static bool query_is_ignored(const char *cmd)
/* Success depends on Host or Hypervisor SEV support */
"query-sev",
"query-sev-capabilities",
+ "query-sgx",
NULL
};
int i;
--
2.31.1
- [PULL 20/33] i386: acpi: Add SGX EPC entry to ACPI tables, (continued)
- [PULL 20/33] i386: acpi: Add SGX EPC entry to ACPI tables, Paolo Bonzini, 2021/09/28
- [PULL 19/33] i386/pc: Add e820 entry for SGX EPC section(s), Paolo Bonzini, 2021/09/28
- [PULL 29/33] target/i386: Fix memory leak in sev_read_file_base64(), Paolo Bonzini, 2021/09/28
- [PULL 03/33] hostmem: Add hostmem-epc as a backend for SGX EPC, Paolo Bonzini, 2021/09/28
- [PULL 21/33] q35: Add support for SGX EPC, Paolo Bonzini, 2021/09/28
- [PULL 23/33] sgx-epc: Add the fill_device_info() callback support, Paolo Bonzini, 2021/09/28
- [PULL 27/33] meson: unpack edk2 firmware even if --disable-blobs, Paolo Bonzini, 2021/09/28
- [PULL 24/33] docs/system: Add SGX documentation to the system manual, Paolo Bonzini, 2021/09/28
- [PULL 30/33] memory: Name all the memory listeners, Paolo Bonzini, 2021/09/28
- [PULL 32/33] build-sys: add HAVE_IPPROTO_MPTCP, Paolo Bonzini, 2021/09/28
- [PULL 25/33] target/i386: Add HMP and QMP interfaces for SGX,
Paolo Bonzini <=
- Re: [PULL 00/33] x86 and misc changes for 2021-09-28, Peter Maydell, 2021/09/29