misc-target.json (9003B)
1 # -*- Mode: Python -*- 2 # vim: filetype=python 3 # 4 5 ## 6 # @rtc-reset-reinjection: 7 # 8 # This command will reset the RTC interrupt reinjection backlog. 9 # Can be used if another mechanism to synchronize guest time 10 # is in effect, for example QEMU guest agent's guest-set-time 11 # command. 12 # 13 # Since: 2.1 14 # 15 # Example: 16 # 17 # -> { "execute": "rtc-reset-reinjection" } 18 # <- { "return": {} } 19 # 20 ## 21 { 'command': 'rtc-reset-reinjection', 22 'if': 'TARGET_I386' } 23 24 ## 25 # @SevState: 26 # 27 # An enumeration of SEV state information used during @query-sev. 28 # 29 # @uninit: The guest is uninitialized. 30 # 31 # @launch-update: The guest is currently being launched; plaintext data and 32 # register state is being imported. 33 # 34 # @launch-secret: The guest is currently being launched; ciphertext data 35 # is being imported. 36 # 37 # @running: The guest is fully launched or migrated in. 38 # 39 # @send-update: The guest is currently being migrated out to another machine. 40 # 41 # @receive-update: The guest is currently being migrated from another machine. 42 # 43 # Since: 2.12 44 ## 45 { 'enum': 'SevState', 46 'data': ['uninit', 'launch-update', 'launch-secret', 'running', 47 'send-update', 'receive-update' ], 48 'if': 'TARGET_I386' } 49 50 ## 51 # @SevInfo: 52 # 53 # Information about Secure Encrypted Virtualization (SEV) support 54 # 55 # @enabled: true if SEV is active 56 # 57 # @api-major: SEV API major version 58 # 59 # @api-minor: SEV API minor version 60 # 61 # @build-id: SEV FW build id 62 # 63 # @policy: SEV policy value 64 # 65 # @state: SEV guest state 66 # 67 # @handle: SEV firmware handle 68 # 69 # Since: 2.12 70 ## 71 { 'struct': 'SevInfo', 72 'data': { 'enabled': 'bool', 73 'api-major': 'uint8', 74 'api-minor' : 'uint8', 75 'build-id' : 'uint8', 76 'policy' : 'uint32', 77 'state' : 'SevState', 78 'handle' : 'uint32' 79 }, 80 'if': 'TARGET_I386' 81 } 82 83 ## 84 # @query-sev: 85 # 86 # Returns information about SEV 87 # 88 # Returns: @SevInfo 89 # 90 # Since: 2.12 91 # 92 # Example: 93 # 94 # -> { "execute": "query-sev" } 95 # <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0, 96 # "build-id" : 0, "policy" : 0, "state" : "running", 97 # "handle" : 1 } } 98 # 99 ## 100 { 'command': 'query-sev', 'returns': 'SevInfo', 101 'if': 'TARGET_I386' } 102 103 ## 104 # @SevLaunchMeasureInfo: 105 # 106 # SEV Guest Launch measurement information 107 # 108 # @data: the measurement value encoded in base64 109 # 110 # Since: 2.12 111 ## 112 { 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'}, 113 'if': 'TARGET_I386' } 114 115 ## 116 # @query-sev-launch-measure: 117 # 118 # Query the SEV guest launch information. 119 # 120 # Returns: The @SevLaunchMeasureInfo for the guest 121 # 122 # Since: 2.12 123 # 124 # Example: 125 # 126 # -> { "execute": "query-sev-launch-measure" } 127 # <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } } 128 # 129 ## 130 { 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo', 131 'if': 'TARGET_I386' } 132 133 ## 134 # @SevCapability: 135 # 136 # The struct describes capability for a Secure Encrypted Virtualization 137 # feature. 138 # 139 # @pdh: Platform Diffie-Hellman key (base64 encoded) 140 # 141 # @cert-chain: PDH certificate chain (base64 encoded) 142 # 143 # @cpu0-id: Unique ID of CPU0 (base64 encoded) (since 7.1) 144 # 145 # @cbitpos: C-bit location in page table entry 146 # 147 # @reduced-phys-bits: Number of physical Address bit reduction when SEV is 148 # enabled 149 # 150 # Since: 2.12 151 ## 152 { 'struct': 'SevCapability', 153 'data': { 'pdh': 'str', 154 'cert-chain': 'str', 155 'cpu0-id': 'str', 156 'cbitpos': 'int', 157 'reduced-phys-bits': 'int'}, 158 'if': 'TARGET_I386' } 159 160 ## 161 # @query-sev-capabilities: 162 # 163 # This command is used to get the SEV capabilities, and is supported on AMD 164 # X86 platforms only. 165 # 166 # Returns: SevCapability objects. 167 # 168 # Since: 2.12 169 # 170 # Example: 171 # 172 # -> { "execute": "query-sev-capabilities" } 173 # <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE", 174 # "cpu0-id": "2lvmGwo+...61iEinw==", 175 # "cbitpos": 47, "reduced-phys-bits": 5}} 176 # 177 ## 178 { 'command': 'query-sev-capabilities', 'returns': 'SevCapability', 179 'if': 'TARGET_I386' } 180 181 ## 182 # @sev-inject-launch-secret: 183 # 184 # This command injects a secret blob into memory of SEV guest. 185 # 186 # @packet-header: the launch secret packet header encoded in base64 187 # 188 # @secret: the launch secret data to be injected encoded in base64 189 # 190 # @gpa: the guest physical address where secret will be injected. 191 # 192 # Since: 6.0 193 ## 194 { 'command': 'sev-inject-launch-secret', 195 'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' }, 196 'if': 'TARGET_I386' } 197 198 ## 199 # @SevAttestationReport: 200 # 201 # The struct describes attestation report for a Secure Encrypted 202 # Virtualization feature. 203 # 204 # @data: guest attestation report (base64 encoded) 205 # 206 # Since: 6.1 207 ## 208 { 'struct': 'SevAttestationReport', 209 'data': { 'data': 'str'}, 210 'if': 'TARGET_I386' } 211 212 ## 213 # @query-sev-attestation-report: 214 # 215 # This command is used to get the SEV attestation report, and is 216 # supported on AMD X86 platforms only. 217 # 218 # @mnonce: a random 16 bytes value encoded in base64 (it will be 219 # included in report) 220 # 221 # Returns: SevAttestationReport objects. 222 # 223 # Since: 6.1 224 # 225 # Example: 226 # 227 # -> { "execute" : "query-sev-attestation-report", 228 # "arguments": { "mnonce": "aaaaaaa" } } 229 # <- { "return" : { "data": "aaaaaaaabbbddddd"} } 230 # 231 ## 232 { 'command': 'query-sev-attestation-report', 233 'data': { 'mnonce': 'str' }, 234 'returns': 'SevAttestationReport', 235 'if': 'TARGET_I386' } 236 237 ## 238 # @dump-skeys: 239 # 240 # Dump guest's storage keys 241 # 242 # @filename: the path to the file to dump to 243 # 244 # This command is only supported on s390 architecture. 245 # 246 # Since: 2.5 247 # 248 # Example: 249 # 250 # -> { "execute": "dump-skeys", 251 # "arguments": { "filename": "/tmp/skeys" } } 252 # <- { "return": {} } 253 # 254 ## 255 { 'command': 'dump-skeys', 256 'data': { 'filename': 'str' }, 257 'if': 'TARGET_S390X' } 258 259 ## 260 # @GICCapability: 261 # 262 # The struct describes capability for a specific GIC (Generic 263 # Interrupt Controller) version. These bits are not only decided by 264 # QEMU/KVM software version, but also decided by the hardware that 265 # the program is running upon. 266 # 267 # @version: version of GIC to be described. Currently, only 2 and 3 268 # are supported. 269 # 270 # @emulated: whether current QEMU/hardware supports emulated GIC 271 # device in user space. 272 # 273 # @kernel: whether current QEMU/hardware supports hardware 274 # accelerated GIC device in kernel. 275 # 276 # Since: 2.6 277 ## 278 { 'struct': 'GICCapability', 279 'data': { 'version': 'int', 280 'emulated': 'bool', 281 'kernel': 'bool' }, 282 'if': 'TARGET_ARM' } 283 284 ## 285 # @query-gic-capabilities: 286 # 287 # This command is ARM-only. It will return a list of GICCapability 288 # objects that describe its capability bits. 289 # 290 # Returns: a list of GICCapability objects. 291 # 292 # Since: 2.6 293 # 294 # Example: 295 # 296 # -> { "execute": "query-gic-capabilities" } 297 # <- { "return": [{ "version": 2, "emulated": true, "kernel": false }, 298 # { "version": 3, "emulated": false, "kernel": true } ] } 299 # 300 ## 301 { 'command': 'query-gic-capabilities', 'returns': ['GICCapability'], 302 'if': 'TARGET_ARM' } 303 304 ## 305 # @SGXEPCSection: 306 # 307 # Information about intel SGX EPC section info 308 # 309 # @node: the numa node 310 # 311 # @size: the size of EPC section 312 # 313 # Since: 7.0 314 ## 315 { 'struct': 'SGXEPCSection', 316 'data': { 'node': 'int', 317 'size': 'uint64'}} 318 319 ## 320 # @SGXInfo: 321 # 322 # Information about intel Safe Guard eXtension (SGX) support 323 # 324 # @sgx: true if SGX is supported 325 # 326 # @sgx1: true if SGX1 is supported 327 # 328 # @sgx2: true if SGX2 is supported 329 # 330 # @flc: true if FLC is supported 331 # 332 # @section-size: The EPC section size for guest 333 # Redundant with @sections. Just for backward compatibility. 334 # 335 # @sections: The EPC sections info for guest (Since: 7.0) 336 # 337 # Features: 338 # @deprecated: Member @section-size is deprecated. Use @sections instead. 339 # 340 # Since: 6.2 341 ## 342 { 'struct': 'SGXInfo', 343 'data': { 'sgx': 'bool', 344 'sgx1': 'bool', 345 'sgx2': 'bool', 346 'flc': 'bool', 347 'section-size': { 'type': 'uint64', 348 'features': [ 'deprecated' ] }, 349 'sections': ['SGXEPCSection']}, 350 'if': 'TARGET_I386' } 351 352 ## 353 # @query-sgx: 354 # 355 # Returns information about SGX 356 # 357 # Returns: @SGXInfo 358 # 359 # Since: 6.2 360 # 361 # Example: 362 # 363 # -> { "execute": "query-sgx" } 364 # <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true, 365 # "flc": true, "section-size" : 96468992, 366 # "sections": [{"node": 0, "size": 67108864}, 367 # {"node": 1, "size": 29360128}]} } 368 # 369 ## 370 { 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' } 371 372 ## 373 # @query-sgx-capabilities: 374 # 375 # Returns information from host SGX capabilities 376 # 377 # Returns: @SGXInfo 378 # 379 # Since: 6.2 380 # 381 # Example: 382 # 383 # -> { "execute": "query-sgx-capabilities" } 384 # <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true, 385 # "flc": true, "section-size" : 96468992, 386 # "section" : [{"node": 0, "size": 67108864}, 387 # {"node": 1, "size": 29360128}]} } 388 # 389 ## 390 { 'command': 'query-sgx-capabilities', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }