xref: /openbmc/qemu/qapi/misc-target.json (revision 0d04c4c9)
1# -*- Mode: Python -*-
2# vim: filetype=python
3#
4
5##
6# @RTC_CHANGE:
7#
8# Emitted when the guest changes the RTC time.
9#
10# @offset: offset between base RTC clock (as specified by -rtc base), and
11#          new RTC clock value
12#
13# Note: This event is rate-limited.
14#
15# Since: 0.13
16#
17# Example:
18#
19# <-   { "event": "RTC_CHANGE",
20#        "data": { "offset": 78 },
21#        "timestamp": { "seconds": 1267020223, "microseconds": 435656 } }
22#
23##
24{ 'event': 'RTC_CHANGE',
25  'data': { 'offset': 'int' },
26  'if': { 'any': [ 'TARGET_ALPHA',
27                   'TARGET_ARM',
28                   'TARGET_HPPA',
29                   'TARGET_I386',
30                   'TARGET_MIPS',
31                   'TARGET_MIPS64',
32                   'TARGET_PPC',
33                   'TARGET_PPC64',
34                   'TARGET_S390X',
35                   'TARGET_SH4',
36                   'TARGET_SPARC' ] } }
37
38##
39# @rtc-reset-reinjection:
40#
41# This command will reset the RTC interrupt reinjection backlog.
42# Can be used if another mechanism to synchronize guest time
43# is in effect, for example QEMU guest agent's guest-set-time
44# command.
45#
46# Since: 2.1
47#
48# Example:
49#
50# -> { "execute": "rtc-reset-reinjection" }
51# <- { "return": {} }
52#
53##
54{ 'command': 'rtc-reset-reinjection',
55  'if': 'TARGET_I386' }
56
57
58##
59# @SevState:
60#
61# An enumeration of SEV state information used during @query-sev.
62#
63# @uninit: The guest is uninitialized.
64#
65# @launch-update: The guest is currently being launched; plaintext data and
66#                 register state is being imported.
67#
68# @launch-secret: The guest is currently being launched; ciphertext data
69#                 is being imported.
70#
71# @running: The guest is fully launched or migrated in.
72#
73# @send-update: The guest is currently being migrated out to another machine.
74#
75# @receive-update: The guest is currently being migrated from another machine.
76#
77# Since: 2.12
78##
79{ 'enum': 'SevState',
80  'data': ['uninit', 'launch-update', 'launch-secret', 'running',
81           'send-update', 'receive-update' ],
82  'if': 'TARGET_I386' }
83
84##
85# @SevInfo:
86#
87# Information about Secure Encrypted Virtualization (SEV) support
88#
89# @enabled: true if SEV is active
90#
91# @api-major: SEV API major version
92#
93# @api-minor: SEV API minor version
94#
95# @build-id: SEV FW build id
96#
97# @policy: SEV policy value
98#
99# @state: SEV guest state
100#
101# @handle: SEV firmware handle
102#
103# Since: 2.12
104##
105{ 'struct': 'SevInfo',
106    'data': { 'enabled': 'bool',
107              'api-major': 'uint8',
108              'api-minor' : 'uint8',
109              'build-id' : 'uint8',
110              'policy' : 'uint32',
111              'state' : 'SevState',
112              'handle' : 'uint32'
113            },
114  'if': 'TARGET_I386'
115}
116
117##
118# @query-sev:
119#
120# Returns information about SEV
121#
122# Returns: @SevInfo
123#
124# Since: 2.12
125#
126# Example:
127#
128# -> { "execute": "query-sev" }
129# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
130#                  "build-id" : 0, "policy" : 0, "state" : "running",
131#                  "handle" : 1 } }
132#
133##
134{ 'command': 'query-sev', 'returns': 'SevInfo',
135  'if': 'TARGET_I386' }
136
137
138##
139# @SevLaunchMeasureInfo:
140#
141# SEV Guest Launch measurement information
142#
143# @data: the measurement value encoded in base64
144#
145# Since: 2.12
146#
147##
148{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'},
149  'if': 'TARGET_I386' }
150
151##
152# @query-sev-launch-measure:
153#
154# Query the SEV guest launch information.
155#
156# Returns: The @SevLaunchMeasureInfo for the guest
157#
158# Since: 2.12
159#
160# Example:
161#
162# -> { "execute": "query-sev-launch-measure" }
163# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
164#
165##
166{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo',
167  'if': 'TARGET_I386' }
168
169
170##
171# @SevCapability:
172#
173# The struct describes capability for a Secure Encrypted Virtualization
174# feature.
175#
176# @pdh:  Platform Diffie-Hellman key (base64 encoded)
177#
178# @cert-chain:  PDH certificate chain (base64 encoded)
179#
180# @cbitpos: C-bit location in page table entry
181#
182# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
183#                     enabled
184#
185# Since: 2.12
186##
187{ 'struct': 'SevCapability',
188  'data': { 'pdh': 'str',
189            'cert-chain': 'str',
190            'cbitpos': 'int',
191            'reduced-phys-bits': 'int'},
192  'if': 'TARGET_I386' }
193
194##
195# @query-sev-capabilities:
196#
197# This command is used to get the SEV capabilities, and is supported on AMD
198# X86 platforms only.
199#
200# Returns: SevCapability objects.
201#
202# Since: 2.12
203#
204# Example:
205#
206# -> { "execute": "query-sev-capabilities" }
207# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
208#                  "cbitpos": 47, "reduced-phys-bits": 5}}
209#
210##
211{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
212  'if': 'TARGET_I386' }
213
214##
215# @sev-inject-launch-secret:
216#
217# This command injects a secret blob into memory of SEV guest.
218#
219# @packet-header: the launch secret packet header encoded in base64
220#
221# @secret: the launch secret data to be injected encoded in base64
222#
223# @gpa: the guest physical address where secret will be injected.
224#
225# Since: 6.0
226#
227##
228{ 'command': 'sev-inject-launch-secret',
229  'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
230  'if': 'TARGET_I386' }
231
232##
233# @SevAttestationReport:
234#
235# The struct describes attestation report for a Secure Encrypted
236# Virtualization feature.
237#
238# @data:  guest attestation report (base64 encoded)
239#
240#
241# Since: 6.1
242##
243{ 'struct': 'SevAttestationReport',
244  'data': { 'data': 'str'},
245  'if': 'TARGET_I386' }
246
247##
248# @query-sev-attestation-report:
249#
250# This command is used to get the SEV attestation report, and is
251# supported on AMD X86 platforms only.
252#
253# @mnonce: a random 16 bytes value encoded in base64 (it will be
254#          included in report)
255#
256# Returns: SevAttestationReport objects.
257#
258# Since: 6.1
259#
260# Example:
261#
262# -> { "execute" : "query-sev-attestation-report",
263#                  "arguments": { "mnonce": "aaaaaaa" } }
264# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
265#
266##
267{ 'command': 'query-sev-attestation-report',
268  'data': { 'mnonce': 'str' },
269  'returns': 'SevAttestationReport',
270  'if': 'TARGET_I386' }
271
272##
273# @dump-skeys:
274#
275# Dump guest's storage keys
276#
277# @filename: the path to the file to dump to
278#
279# This command is only supported on s390 architecture.
280#
281# Since: 2.5
282#
283# Example:
284#
285# -> { "execute": "dump-skeys",
286#      "arguments": { "filename": "/tmp/skeys" } }
287# <- { "return": {} }
288#
289##
290{ 'command': 'dump-skeys',
291  'data': { 'filename': 'str' },
292  'if': 'TARGET_S390X' }
293
294##
295# @GICCapability:
296#
297# The struct describes capability for a specific GIC (Generic
298# Interrupt Controller) version. These bits are not only decided by
299# QEMU/KVM software version, but also decided by the hardware that
300# the program is running upon.
301#
302# @version: version of GIC to be described. Currently, only 2 and 3
303#           are supported.
304#
305# @emulated: whether current QEMU/hardware supports emulated GIC
306#            device in user space.
307#
308# @kernel: whether current QEMU/hardware supports hardware
309#          accelerated GIC device in kernel.
310#
311# Since: 2.6
312##
313{ 'struct': 'GICCapability',
314  'data': { 'version': 'int',
315            'emulated': 'bool',
316            'kernel': 'bool' },
317  'if': 'TARGET_ARM' }
318
319##
320# @query-gic-capabilities:
321#
322# This command is ARM-only. It will return a list of GICCapability
323# objects that describe its capability bits.
324#
325# Returns: a list of GICCapability objects.
326#
327# Since: 2.6
328#
329# Example:
330#
331# -> { "execute": "query-gic-capabilities" }
332# <- { "return": [{ "version": 2, "emulated": true, "kernel": false },
333#                 { "version": 3, "emulated": false, "kernel": true } ] }
334#
335##
336{ 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
337  'if': 'TARGET_ARM' }
338
339
340##
341# @SGXEPCSection:
342#
343# Information about intel SGX EPC section info
344#
345# @node: the numa node
346#
347# @size: the size of EPC section
348#
349# Since: 7.0
350##
351{ 'struct': 'SGXEPCSection',
352  'data': { 'node': 'int',
353            'size': 'uint64'}}
354
355##
356# @SGXInfo:
357#
358# Information about intel Safe Guard eXtension (SGX) support
359#
360# @sgx: true if SGX is supported
361#
362# @sgx1: true if SGX1 is supported
363#
364# @sgx2: true if SGX2 is supported
365#
366# @flc: true if FLC is supported
367#
368# @section-size: The EPC section size for guest
369#                Redundant with @sections.  Just for backward compatibility.
370#
371# @sections: The EPC sections info for guest (Since: 7.0)
372#
373# Features:
374# @deprecated: Member @section-size is deprecated.  Use @sections instead.
375#
376# Since: 6.2
377##
378{ 'struct': 'SGXInfo',
379  'data': { 'sgx': 'bool',
380            'sgx1': 'bool',
381            'sgx2': 'bool',
382            'flc': 'bool',
383            'section-size': { 'type': 'uint64',
384                    'features': [ 'deprecated' ] },
385            'sections': ['SGXEPCSection']},
386   'if': 'TARGET_I386' }
387
388##
389# @query-sgx:
390#
391# Returns information about SGX
392#
393# Returns: @SGXInfo
394#
395# Since: 6.2
396#
397# Example:
398#
399# -> { "execute": "query-sgx" }
400# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
401#                  "flc": true,  "section-size" : 96468992,
402#                  "sections": [{"node": 0, "size": 67108864},
403#                  {"node": 1, "size": 29360128}]} }
404#
405##
406{ 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
407
408##
409# @query-sgx-capabilities:
410#
411# Returns information from host SGX capabilities
412#
413# Returns: @SGXInfo
414#
415# Since: 6.2
416#
417# Example:
418#
419# -> { "execute": "query-sgx-capabilities" }
420# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
421#                  "flc": true, "section-size" : 96468992,
422#                  "section" : [{"node": 0, "size": 67108864},
423#                  {"node": 1, "size": 29360128}]} }
424#
425##
426{ 'command': 'query-sgx-capabilities', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
427