target.json

# -*- Mode: Python -*-
#

##
# = Target-specific commands & events
##

##
# @rtc-reset-reinjection:
#
# This command will reset the RTC interrupt reinjection backlog.
# Can be used if another mechanism to synchronize guest time
# is in effect, for example QEMU guest agent's guest-set-time
# command.
#
# Since: 2.1
#
# Example:
#
# -> { "execute": "rtc-reset-reinjection" }
# <- { "return": {} }
#
##
{ 'command': 'rtc-reset-reinjection',
  'if': 'defined(TARGET_I386)' }


##
# @SevState:
#
# An enumeration of SEV state information used during @query-sev.
#
# @uninit: The guest is uninitialized.
#
# @launch-update: The guest is currently being launched; plaintext data and
#                 register state is being imported.
#
# @launch-secret: The guest is currently being launched; ciphertext data
#                 is being imported.
#
# @running: The guest is fully launched or migrated in.
#
# @send-update: The guest is currently being migrated out to another machine.
#
# @receive-update: The guest is currently being migrated from another machine.
#
# Since: 2.12
##
{ 'enum': 'SevState',
  'data': ['uninit', 'launch-update', 'launch-secret', 'running',
           'send-update', 'receive-update' ],
  'if': 'defined(TARGET_I386)' }

##
# @SevInfo:
#
# Information about Secure Encrypted Virtualization (SEV) support
#
# @enabled: true if SEV is active
#
# @api-major: SEV API major version
#
# @api-minor: SEV API minor version
#
# @build-id: SEV FW build id
#
# @policy: SEV policy value
#
# @state: SEV guest state
#
# @handle: SEV firmware handle
#
# Since: 2.12
##
{ 'struct': 'SevInfo',
    'data': { 'enabled': 'bool',
              'api-major': 'uint8',
              'api-minor' : 'uint8',
              'build-id' : 'uint8',
              'policy' : 'uint32',
              'state' : 'SevState',
              'handle' : 'uint32'
            },
  'if': 'defined(TARGET_I386)'
}

##
# @query-sev:
#
# Returns information about SEV
#
# Returns: @SevInfo
#
# Since: 2.12
#
# Example:
#
# -> { "execute": "query-sev" }
# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
#                  "build-id" : 0, "policy" : 0, "state" : "running",
#                  "handle" : 1 } }
#
##
{ 'command': 'query-sev', 'returns': 'SevInfo',
  'if': 'defined(TARGET_I386)' }


##
# @SevLaunchMeasureInfo:
#
# SEV Guest Launch measurement information
#
# @data: the measurement value encoded in base64
#
# Since: 2.12
#
##
{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'},
  'if': 'defined(TARGET_I386)' }

##
# @query-sev-launch-measure:
#
# Query the SEV guest launch information.
#
# Returns: The @SevLaunchMeasureInfo for the guest
#
# Since: 2.12
#
# Example:
#
# -> { "execute": "query-sev-launch-measure" }
# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
#
##
{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo',
  'if': 'defined(TARGET_I386)' }


##
# @SevCapability:
#
# The struct describes capability for a Secure Encrypted Virtualization
# feature.
#
# @pdh:  Platform Diffie-Hellman key (base64 encoded)
#
# @cert-chain:  PDH certificate chain (base64 encoded)
#
# @cbitpos: C-bit location in page table entry
#
# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
#                     enabled
#
# Since: 2.12
##
{ 'struct': 'SevCapability',
  'data': { 'pdh': 'str',
            'cert-chain': 'str',
            'cbitpos': 'int',
            'reduced-phys-bits': 'int'},
  'if': 'defined(TARGET_I386)' }

##
# @query-sev-capabilities:
#
# This command is used to get the SEV capabilities, and is supported on AMD
# X86 platforms only.
#
# Returns: SevCapability objects.
#
# Since: 2.12
#
# Example:
#
# -> { "execute": "query-sev-capabilities" }
# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
#                  "cbitpos": 47, "reduced-phys-bits": 5}}
#
##
{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
  'if': 'defined(TARGET_I386)' }