# See the COPYING file in the top-level directory.
{ 'include': 'authz.json' }
+{ 'include': 'block-core.json' }
{ 'include': 'common.json' }
+{ 'include': 'crypto.json' }
##
# = QEMU Object Model (QOM)
'returns': [ 'ObjectPropertyInfo' ],
'allow-preconfig': true }
+##
+# @CanHostSocketcanProperties:
+#
+# Properties for can-host-socketcan objects.
+#
+# @if: interface name of the host system CAN bus to connect to
+#
+# @canbus: object ID of the can-bus object to connect to the host interface
+#
+# Since: 2.12
+##
+{ 'struct': 'CanHostSocketcanProperties',
+ 'data': { 'if': 'str',
+ 'canbus': 'str' } }
+
+##
+# @ColoCompareProperties:
+#
+# Properties for colo-compare objects.
+#
+# @primary_in: name of the character device backend to use for the primary
+# input (incoming packets are redirected to @outdev)
+#
+# @secondary_in: name of the character device backend to use for secondary
+# input (incoming packets are only compared to the input on
+# @primary_in and then dropped)
+#
+# @outdev: name of the character device backend to use for output
+#
+# @iothread: name of the iothread to run in
+#
+# @notify_dev: name of the character device backend to be used to communicate
+# with the remote colo-frame (only for Xen COLO)
+#
+# @compare_timeout: the maximum time to hold a packet from @primary_in for
+# comparison with an incoming packet on @secondary_in in
+# milliseconds (default: 3000)
+#
+# @expired_scan_cycle: the interval at which colo-compare checks whether
+# packets from @primary have timed out, in milliseconds
+# (default: 3000)
+#
+# @max_queue_size: the maximum number of packets to keep in the queue for
+# comparing with incoming packets from @secondary_in. If the
+# queue is full and addtional packets are received, the
+# addtional packets are dropped. (default: 1024)
+#
+# @vnet_hdr_support: if true, vnet header support is enabled (default: false)
+#
+# Since: 2.8
+##
+{ 'struct': 'ColoCompareProperties',
+ 'data': { 'primary_in': 'str',
+ 'secondary_in': 'str',
+ 'outdev': 'str',
+ 'iothread': 'str',
+ '*notify_dev': 'str',
+ '*compare_timeout': 'uint64',
+ '*expired_scan_cycle': 'uint32',
+ '*max_queue_size': 'uint32',
+ '*vnet_hdr_support': 'bool' } }
+
##
# @CryptodevBackendProperties:
#
'data': { 'addr': 'str' ,
'*id-list': 'str' } }
+##
+# @NetfilterInsert:
+#
+# Indicates where to insert a netfilter relative to a given other filter.
+#
+# @before: insert before the specified filter
+#
+# @behind: insert behind the specified filter
+#
+# Since: 5.0
+##
+{ 'enum': 'NetfilterInsert',
+ 'data': [ 'before', 'behind' ] }
+
+##
+# @NetfilterProperties:
+#
+# Properties for objects of classes derived from netfilter.
+#
+# @netdev: id of the network device backend to filter
+#
+# @queue: indicates which queue(s) to filter (default: all)
+#
+# @status: indicates whether the filter is enabled ("on") or disabled ("off")
+# (default: "on")
+#
+# @position: specifies where the filter should be inserted in the filter list.
+# "head" means the filter is inserted at the head of the filter list,
+# before any existing filters.
+# "tail" means the filter is inserted at the tail of the filter list,
+# behind any existing filters (default).
+# "id=<id>" means the filter is inserted before or behind the filter
+# specified by <id>, depending on the @insert property.
+# (default: "tail")
+#
+# @insert: where to insert the filter relative to the filter given in @position.
+# Ignored if @position is "head" or "tail". (default: behind)
+#
+# Since: 2.5
+##
+{ 'struct': 'NetfilterProperties',
+ 'data': { 'netdev': 'str',
+ '*queue': 'NetFilterDirection',
+ '*status': 'str',
+ '*position': 'str',
+ '*insert': 'NetfilterInsert' } }
+
+##
+# @FilterBufferProperties:
+#
+# Properties for filter-buffer objects.
+#
+# @interval: a non-zero interval in microseconds. All packets arriving in the
+# given interval are delayed until the end of the interval.
+#
+# Since: 2.5
+##
+{ 'struct': 'FilterBufferProperties',
+ 'base': 'NetfilterProperties',
+ 'data': { 'interval': 'uint32' } }
+
+##
+# @FilterDumpProperties:
+#
+# Properties for filter-dump objects.
+#
+# @file: the filename where the dumped packets should be stored
+#
+# @maxlen: maximum number of bytes in a packet that are stored (default: 65536)
+#
+# Since: 2.5
+##
+{ 'struct': 'FilterDumpProperties',
+ 'base': 'NetfilterProperties',
+ 'data': { 'file': 'str',
+ '*maxlen': 'uint32' } }
+
+##
+# @FilterMirrorProperties:
+#
+# Properties for filter-mirror objects.
+#
+# @outdev: the name of a character device backend to which all incoming packets
+# are mirrored
+#
+# @vnet_hdr_support: if true, vnet header support is enabled (default: false)
+#
+# Since: 2.6
+##
+{ 'struct': 'FilterMirrorProperties',
+ 'base': 'NetfilterProperties',
+ 'data': { 'outdev': 'str',
+ '*vnet_hdr_support': 'bool' } }
+
+##
+# @FilterRedirectorProperties:
+#
+# Properties for filter-redirector objects.
+#
+# At least one of @indev or @outdev must be present. If both are present, they
+# must not refer to the same character device backend.
+#
+# @indev: the name of a character device backend from which packets are
+# received and redirected to the filtered network device
+#
+# @outdev: the name of a character device backend to which all incoming packets
+# are redirected
+#
+# @vnet_hdr_support: if true, vnet header support is enabled (default: false)
+#
+# Since: 2.6
+##
+{ 'struct': 'FilterRedirectorProperties',
+ 'base': 'NetfilterProperties',
+ 'data': { '*indev': 'str',
+ '*outdev': 'str',
+ '*vnet_hdr_support': 'bool' } }
+
+##
+# @FilterRewriterProperties:
+#
+# Properties for filter-rewriter objects.
+#
+# @vnet_hdr_support: if true, vnet header support is enabled (default: false)
+#
+# Since: 2.8
+##
+{ 'struct': 'FilterRewriterProperties',
+ 'base': 'NetfilterProperties',
+ 'data': { '*vnet_hdr_support': 'bool' } }
+
+##
+# @InputBarrierProperties:
+#
+# Properties for input-barrier objects.
+#
+# @name: the screen name as declared in the screens section of barrier.conf
+#
+# @server: hostname of the Barrier server (default: "localhost")
+#
+# @port: TCP port of the Barrier server (default: "24800")
+#
+# @x-origin: x coordinate of the leftmost pixel on the guest screen
+# (default: "0")
+#
+# @y-origin: y coordinate of the topmost pixel on the guest screen
+# (default: "0")
+#
+# @width: the width of secondary screen in pixels (default: "1920")
+#
+# @height: the height of secondary screen in pixels (default: "1080")
+#
+# Since: 4.2
+##
+{ 'struct': 'InputBarrierProperties',
+ 'data': { 'name': 'str',
+ '*server': 'str',
+ '*port': 'str',
+ '*x-origin': 'str',
+ '*y-origin': 'str',
+ '*width': 'str',
+ '*height': 'str' } }
+
+##
+# @InputLinuxProperties:
+#
+# Properties for input-linux objects.
+#
+# @evdev: the path of the host evdev device to use
+#
+# @grab_all: if true, grab is toggled for all devices (e.g. both keyboard and
+# mouse) instead of just one device (default: false)
+#
+# @repeat: enables auto-repeat events (default: false)
+#
+# @grab-toggle: the key or key combination that toggles device grab
+# (default: ctrl-ctrl)
+#
+# Since: 2.6
+##
+{ 'struct': 'InputLinuxProperties',
+ 'data': { 'evdev': 'str',
+ '*grab_all': 'bool',
+ '*repeat': 'bool',
+ '*grab-toggle': 'GrabToggleKeys' } }
+
##
# @IothreadProperties:
#
'*hugetlbsize': 'size',
'*seal': 'bool' } }
+##
+# @PrManagerHelperProperties:
+#
+# Properties for pr-manager-helper objects.
+#
+# @path: the path to a Unix domain socket for connecting to the external helper
+#
+# Since: 2.11
+##
+{ 'struct': 'PrManagerHelperProperties',
+ 'data': { 'path': 'str' } }
+
+##
+# @RemoteObjectProperties:
+#
+# Properties for x-remote-object objects.
+#
+# @fd: file descriptor name previously passed via 'getfd' command
+#
+# @devid: the id of the device to be associated with the file descriptor
+#
+# Since: 6.0
+##
+{ 'struct': 'RemoteObjectProperties',
+ 'data': { 'fd': 'str', 'devid': 'str' } }
+
##
# @RngProperties:
#
'base': 'RngProperties',
'data': { '*filename': 'str' } }
+##
+# @SevGuestProperties:
+#
+# Properties for sev-guest objects.
+#
+# @sev-device: SEV device to use (default: "/dev/sev")
+#
+# @dh-cert-file: guest owners DH certificate (encoded with base64)
+#
+# @session-file: guest owners session parameters (encoded with base64)
+#
+# @policy: SEV policy value (default: 0x1)
+#
+# @handle: SEV firmware handle (default: 0)
+#
+# @cbitpos: C-bit location in page table entry (default: 0)
+#
+# @reduced-phys-bits: number of bits in physical addresses that become
+# unavailable when SEV is enabled
+#
+# Since: 2.12
+##
+{ 'struct': 'SevGuestProperties',
+ 'data': { '*sev-device': 'str',
+ '*dh-cert-file': 'str',
+ '*session-file': 'str',
+ '*policy': 'uint32',
+ '*handle': 'uint32',
+ '*cbitpos': 'uint32',
+ 'reduced-phys-bits': 'uint32' },
+ 'if': 'defined(CONFIG_SEV)' }
+
##
# @ObjectType:
#
'authz-listfile',
'authz-pam',
'authz-simple',
+ 'can-bus',
+ 'can-host-socketcan',
+ 'colo-compare',
'cryptodev-backend',
'cryptodev-backend-builtin',
{ 'name': 'cryptodev-vhost-user',
'if': 'defined(CONFIG_VIRTIO_CRYPTO) && defined(CONFIG_VHOST_CRYPTO)' },
'dbus-vmstate',
+ 'filter-buffer',
+ 'filter-dump',
+ 'filter-mirror',
+ 'filter-redirector',
+ 'filter-replay',
+ 'filter-rewriter',
+ 'input-barrier',
+ 'input-linux',
'iothread',
'memory-backend-file',
{ 'name': 'memory-backend-memfd',
'if': 'defined(CONFIG_LINUX)' },
'memory-backend-ram',
+ {'name': 'pef-guest', 'if': 'defined(CONFIG_PSERIES)' },
+ 'pr-manager-helper',
'rng-builtin',
'rng-egd',
- 'rng-random'
+ 'rng-random',
+ 'secret',
+ 'secret_keyring',
+ {'name': 'sev-guest', 'if': 'defined(CONFIG_SEV)' },
+ 's390-pv-guest',
+ 'throttle-group',
+ 'tls-creds-anon',
+ 'tls-creds-psk',
+ 'tls-creds-x509',
+ 'tls-cipher-suites',
+ 'x-remote-object'
] }
##
'authz-listfile': 'AuthZListFileProperties',
'authz-pam': 'AuthZPAMProperties',
'authz-simple': 'AuthZSimpleProperties',
+ 'can-host-socketcan': 'CanHostSocketcanProperties',
+ 'colo-compare': 'ColoCompareProperties',
'cryptodev-backend': 'CryptodevBackendProperties',
'cryptodev-backend-builtin': 'CryptodevBackendProperties',
'cryptodev-vhost-user': { 'type': 'CryptodevVhostUserProperties',
'if': 'defined(CONFIG_VIRTIO_CRYPTO) && defined(CONFIG_VHOST_CRYPTO)' },
'dbus-vmstate': 'DBusVMStateProperties',
+ 'filter-buffer': 'FilterBufferProperties',
+ 'filter-dump': 'FilterDumpProperties',
+ 'filter-mirror': 'FilterMirrorProperties',
+ 'filter-redirector': 'FilterRedirectorProperties',
+ 'filter-replay': 'NetfilterProperties',
+ 'filter-rewriter': 'FilterRewriterProperties',
+ 'input-barrier': 'InputBarrierProperties',
+ 'input-linux': 'InputLinuxProperties',
'iothread': 'IothreadProperties',
'memory-backend-file': 'MemoryBackendFileProperties',
'memory-backend-memfd': { 'type': 'MemoryBackendMemfdProperties',
'if': 'defined(CONFIG_LINUX)' },
'memory-backend-ram': 'MemoryBackendProperties',
+ 'pr-manager-helper': 'PrManagerHelperProperties',
'rng-builtin': 'RngProperties',
'rng-egd': 'RngEgdProperties',
- 'rng-random': 'RngRandomProperties'
+ 'rng-random': 'RngRandomProperties',
+ 'secret': 'SecretProperties',
+ 'secret_keyring': 'SecretKeyringProperties',
+ 'sev-guest': { 'type': 'SevGuestProperties',
+ 'if': 'defined(CONFIG_SEV)' },
+ 'throttle-group': 'ThrottleGroupProperties',
+ 'tls-creds-anon': 'TlsCredsAnonProperties',
+ 'tls-creds-psk': 'TlsCredsPskProperties',
+ 'tls-creds-x509': 'TlsCredsX509Properties',
+ 'tls-cipher-suites': 'TlsCredsProperties',
+ 'x-remote-object': 'RemoteObjectProperties'
} }
##
#
# Create a QOM object.
#
-# @qom-type: the class name for the object to be created
-#
-# @id: the name of the new object
-#
-# Additional arguments depend on qom-type and are passed to the backend
-# unchanged.
-#
# Returns: Nothing on success
# Error if @qom-type is not a valid class name
#
# <- { "return": {} }
#
##
-{ 'command': 'object-add',
- 'data': {'qom-type': 'str', 'id': 'str'},
- 'gen': false } # so we can get the additional arguments
+{ 'command': 'object-add', 'data': 'ObjectOptions', 'boxed': true }
##
# @object-del: