Am 19/04/2024 um 12:59 schrieb Markus Frank > diff --git a/amd-sev-support/amd-sev-support.c > b/amd-sev-support/amd-sev-support.c > new file mode 100644 > index 0000000..73a7bd8 > --- /dev/null > +++ b/amd-sev-support/amd-sev-support.c > @@ -0,0 +1,48 @@ > +#include <stdio.h> > +#include <stdint.h> > +#include <stdbool.h> > + > +int main() { > + uint32_t eax, ebx, ecx, edx; > + > + // query Encrypted Memory Capabilities, see: > + // > https://en.wikipedia.org/wiki/CPUID#EAX=8000001Fh:_Encrypted_Memory_Capabilities > + uint32_t query_function = 0x8000001F; > + asm volatile("cpuid" > + : "=a"(eax), "=b"(ebx), "=c"(ecx), "=d"(edx) > + : "0"(query_function) > + ); > + > + bool sev_support = (eax & (1<<1)) != 0; > + bool sev_es_support = (eax & (1<<3)) != 0; > + bool sev_snp_support = (eax & (1<<4)) != 0; > + > + uint8_t cbitpos = ebx & 0x3f; > + uint8_t reduced_phys_bits = (ebx >> 6) & 0x3f; > + > + FILE *file; > + char *filename = "/run/amd-sev-params"; > + > + file = fopen(filename, "w"); > + if (file == NULL) { > + perror("Error opening file"); > + return 1; > + } > + > + fprintf(file, "{"
oh, and as per my last mail it might also make sense to move this inside an "amd-sev" object, so that extending it in the future to get other machine capabilities can be done without potential clashes. > + " \"cbitpos\": %u," > + " \"reduced-phys-bits\": %u," > + " \"sev\": %s," > + " \"sev-es\": %s," > + " \"sev-snp\": %s" With above comment the three "sev" prefix options might be better off if changed to use "sev-support" as prefix instead. > + " }\n", > + cbitpos, > + reduced_phys_bits, > + sev_support ? "true" : "false", > + sev_es_support ? "true" : "false", > + sev_snp_support ? "true" : "false" > + ); > + > + fclose(file); > + return 0; > +} _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel