Move qmp_sev_inject_launch_secret() from monitor.c to sev.c
and make sev_inject_launch_secret() static. We don't need the
stub anymore, remove it.
Previously with binaries built without SEV, management layer
was getting an empty response:
{ "execute": "sev-inject-launch-secret",
"arguments": { "packet-header": "mypkt", "secret": "mypass", "gpa":
4294959104 }
}
{
"return": {
}
}
Now the response is explicit, mentioning the feature is disabled:
{ "execute": "sev-inject-launch-secret",
"arguments": { "packet-header": "mypkt", "secret": "mypass", "gpa":
4294959104 }
}
{
"error": {
"class": "GenericError",
"desc": "this feature or command is not currently supported"
}
}
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <
20211007161716.453984-19-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
return sev_get_capabilities(errp);
}
-#define SEV_SECRET_GUID "4c2eb361-7d9b-4cc3-8081-127c90d3d294"
-struct sev_secret_area {
- uint32_t base;
- uint32_t size;
-};
-
-void qmp_sev_inject_launch_secret(const char *packet_hdr,
- const char *secret,
- bool has_gpa, uint64_t gpa,
- Error **errp)
-{
- if (!sev_enabled()) {
- error_setg(errp, "SEV not enabled for guest");
- return;
- }
- if (!has_gpa) {
- uint8_t *data;
- struct sev_secret_area *area;
-
- if (!pc_system_ovmf_table_find(SEV_SECRET_GUID, &data, NULL)) {
- error_setg(errp, "SEV: no secret area found in OVMF,"
- " gpa must be specified.");
- return;
- }
- area = (struct sev_secret_area *)data;
- gpa = area->base;
- }
-
- sev_inject_launch_secret(packet_hdr, secret, gpa, errp);
-}
-
SGXInfo *qmp_query_sgx(Error **errp)
{
return sgx_get_info(errp);
return NULL;
}
-int sev_inject_launch_secret(const char *hdr, const char *secret,
- uint64_t gpa, Error **errp)
+void qmp_sev_inject_launch_secret(const char *packet_header, const char *secret,
+ bool has_gpa, uint64_t gpa, Error **errp)
{
- return 1;
+ error_setg(errp, "SEV is not available in this QEMU");
}
int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp)
return 0;
}
+#define SEV_SECRET_GUID "4c2eb361-7d9b-4cc3-8081-127c90d3d294"
+struct sev_secret_area {
+ uint32_t base;
+ uint32_t size;
+};
+
+void qmp_sev_inject_launch_secret(const char *packet_hdr,
+ const char *secret,
+ bool has_gpa, uint64_t gpa,
+ Error **errp)
+{
+ if (!sev_enabled()) {
+ error_setg(errp, "SEV not enabled for guest");
+ return;
+ }
+ if (!has_gpa) {
+ uint8_t *data;
+ struct sev_secret_area *area;
+
+ if (!pc_system_ovmf_table_find(SEV_SECRET_GUID, &data, NULL)) {
+ error_setg(errp, "SEV: no secret area found in OVMF,"
+ " gpa must be specified.");
+ return;
+ }
+ area = (struct sev_secret_area *)data;
+ gpa = area->base;
+ }
+
+ sev_inject_launch_secret(packet_hdr, secret, gpa, errp);
+}
+
static int
sev_es_parse_reset_block(SevInfoBlock *info, uint32_t *addr)
{
projects / mirror_qemu.git / commitdiff