Re: [RFC PATCH v2 33/44] qmp: add query-tdx-capabilities query-tdx command

Thu, 26 Aug 2021 08:23:21 -0700 

On Wed, Jul 07, 2021 at 05:55:03PM -0700, isaku.yamah...@gmail.com wrote:
> From: Chenyi Qiang <chenyi.qi...@intel.com>
> 
> Add QMP commands that can be used by libvirt to query the TDX capabilities
> and TDX info.  The set of capabilities that needs to be reported is only
> enabled at the moment, which means TDX is enabled.
> 
> Signed-off-by: Chenyi Qiang <chenyi.qi...@intel.com>
> Co-developed-by: Isaku Yamahata <isaku.yamah...@intel.com>
> Signed-off-by: Isaku Yamahata <isaku.yamah...@intel.com>
> ---
>  include/sysemu/tdx.h       |  6 ++++
>  qapi/misc-target.json      | 59 ++++++++++++++++++++++++++++++++++++++

In addition to Gerd's suggestion to use an enum,

> +++ b/qapi/misc-target.json
> @@ -323,3 +323,62 @@
>  { 'command': 'query-sev-attestation-report', 'data': { 'mnonce': 'str' },
>    'returns': 'SevAttestationReport',
>    'if': 'defined(TARGET_I386)' }
> +
> +##
> +# @TDXInfo:
> +#
> +# Information about Trust Domain Extensions (TDX) support
> +#
> +# @enabled: true if TDX is active
> +#
> +##

Missing a 'Since: 6.2' line, here and elsewhere in the patch.

> +{ 'struct': 'TDXInfo',
> +    'data': { 'enabled': 'bool' },
> +  'if': 'defined(TARGET_I386)'
> +}
> +
> +##
> +# @query-tdx:
> +#
> +# Returns information about TDX
> +#
> +# Returns: @TdxInfo
> +#
> +#
> +# Example:
> +#
> +# -> { "execute": "query-tdx" }
> +# <- { "return": { "enabled": true } }
> +#
> +##
> +{ 'command': 'query-tdx', 'returns': 'TDXInfo',
> +  'if': 'defined(TARGET_I386)' }
> +
> +##
> +# @TDXCapability:
> +#
> +# The struct describes capability for a TDX
> +# feature.
> +#
> +##
> +{ 'struct': 'TDXCapability',
> +  'data': { 'enabled': 'bool' },
> +  'if': 'defined(TARGET_I386)' }
> +
> +##
> +# @query-tdx-capabilities:

Do we need two separate commands, or could 'query-tdx' be made
sufficiently powerful to tell you both whether tdx is available, and
what capabilities it has, all in one command?

> +#
> +# This command is used to get the TDX capabilities, and is supported on Intel
> +# X86 platforms only.
> +#
> +# Returns: @TDXCapability.
> +#
> +#
> +# Example:
> +#
> +# -> { "execute": "query-tdx-capabilities" }
> +# <- { "return": { 'enabled': 'bool' }}
> +#
> +##
> +{ 'command': 'query-tdx-capabilities', 'returns': 'TDXCapability',
> +  'if': 'defined(TARGET_I386)' }

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

Reply via email to