xref: /openbmc/qemu/qapi/misc-target.json (revision 40f23e4e)
1# -*- Mode: Python -*-
2# vim: filetype=python
3#
4
5##
6# @RTC_CHANGE:
7#
8# Emitted when the guest changes the RTC time.
9#
10# @offset: offset between base RTC clock (as specified by -rtc base), and
11#          new RTC clock value
12#
13# Note: This event is rate-limited.
14#
15# Since: 0.13
16#
17# Example:
18#
19# <-   { "event": "RTC_CHANGE",
20#        "data": { "offset": 78 },
21#        "timestamp": { "seconds": 1267020223, "microseconds": 435656 } }
22#
23##
24{ 'event': 'RTC_CHANGE',
25  'data': { 'offset': 'int' },
26  'if': 'defined(TARGET_ALPHA) || defined(TARGET_ARM) || defined(TARGET_HPPA) || defined(TARGET_I386) || defined(TARGET_MIPS) || defined(TARGET_MIPS64) || defined(TARGET_PPC) || defined(TARGET_PPC64) || defined(TARGET_S390X) || defined(TARGET_SH4) || defined(TARGET_SPARC)' }
27
28##
29# @rtc-reset-reinjection:
30#
31# This command will reset the RTC interrupt reinjection backlog.
32# Can be used if another mechanism to synchronize guest time
33# is in effect, for example QEMU guest agent's guest-set-time
34# command.
35#
36# Since: 2.1
37#
38# Example:
39#
40# -> { "execute": "rtc-reset-reinjection" }
41# <- { "return": {} }
42#
43##
44{ 'command': 'rtc-reset-reinjection',
45  'if': 'defined(TARGET_I386)' }
46
47
48##
49# @SevState:
50#
51# An enumeration of SEV state information used during @query-sev.
52#
53# @uninit: The guest is uninitialized.
54#
55# @launch-update: The guest is currently being launched; plaintext data and
56#                 register state is being imported.
57#
58# @launch-secret: The guest is currently being launched; ciphertext data
59#                 is being imported.
60#
61# @running: The guest is fully launched or migrated in.
62#
63# @send-update: The guest is currently being migrated out to another machine.
64#
65# @receive-update: The guest is currently being migrated from another machine.
66#
67# Since: 2.12
68##
69{ 'enum': 'SevState',
70  'data': ['uninit', 'launch-update', 'launch-secret', 'running',
71           'send-update', 'receive-update' ],
72  'if': 'defined(TARGET_I386)' }
73
74##
75# @SevInfo:
76#
77# Information about Secure Encrypted Virtualization (SEV) support
78#
79# @enabled: true if SEV is active
80#
81# @api-major: SEV API major version
82#
83# @api-minor: SEV API minor version
84#
85# @build-id: SEV FW build id
86#
87# @policy: SEV policy value
88#
89# @state: SEV guest state
90#
91# @handle: SEV firmware handle
92#
93# Since: 2.12
94##
95{ 'struct': 'SevInfo',
96    'data': { 'enabled': 'bool',
97              'api-major': 'uint8',
98              'api-minor' : 'uint8',
99              'build-id' : 'uint8',
100              'policy' : 'uint32',
101              'state' : 'SevState',
102              'handle' : 'uint32'
103            },
104  'if': 'defined(TARGET_I386)'
105}
106
107##
108# @query-sev:
109#
110# Returns information about SEV
111#
112# Returns: @SevInfo
113#
114# Since: 2.12
115#
116# Example:
117#
118# -> { "execute": "query-sev" }
119# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
120#                  "build-id" : 0, "policy" : 0, "state" : "running",
121#                  "handle" : 1 } }
122#
123##
124{ 'command': 'query-sev', 'returns': 'SevInfo',
125  'if': 'defined(TARGET_I386)' }
126
127
128##
129# @SevLaunchMeasureInfo:
130#
131# SEV Guest Launch measurement information
132#
133# @data: the measurement value encoded in base64
134#
135# Since: 2.12
136#
137##
138{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'},
139  'if': 'defined(TARGET_I386)' }
140
141##
142# @query-sev-launch-measure:
143#
144# Query the SEV guest launch information.
145#
146# Returns: The @SevLaunchMeasureInfo for the guest
147#
148# Since: 2.12
149#
150# Example:
151#
152# -> { "execute": "query-sev-launch-measure" }
153# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
154#
155##
156{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo',
157  'if': 'defined(TARGET_I386)' }
158
159
160##
161# @SevCapability:
162#
163# The struct describes capability for a Secure Encrypted Virtualization
164# feature.
165#
166# @pdh:  Platform Diffie-Hellman key (base64 encoded)
167#
168# @cert-chain:  PDH certificate chain (base64 encoded)
169#
170# @cbitpos: C-bit location in page table entry
171#
172# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
173#                     enabled
174#
175# Since: 2.12
176##
177{ 'struct': 'SevCapability',
178  'data': { 'pdh': 'str',
179            'cert-chain': 'str',
180            'cbitpos': 'int',
181            'reduced-phys-bits': 'int'},
182  'if': 'defined(TARGET_I386)' }
183
184##
185# @query-sev-capabilities:
186#
187# This command is used to get the SEV capabilities, and is supported on AMD
188# X86 platforms only.
189#
190# Returns: SevCapability objects.
191#
192# Since: 2.12
193#
194# Example:
195#
196# -> { "execute": "query-sev-capabilities" }
197# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
198#                  "cbitpos": 47, "reduced-phys-bits": 5}}
199#
200##
201{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
202  'if': 'defined(TARGET_I386)' }
203
204##
205# @sev-inject-launch-secret:
206#
207# This command injects a secret blob into memory of SEV guest.
208#
209# @packet-header: the launch secret packet header encoded in base64
210#
211# @secret: the launch secret data to be injected encoded in base64
212#
213# @gpa: the guest physical address where secret will be injected.
214#
215# Since: 6.0
216#
217##
218{ 'command': 'sev-inject-launch-secret',
219  'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
220  'if': 'defined(TARGET_I386)' }
221
222##
223# @dump-skeys:
224#
225# Dump guest's storage keys
226#
227# @filename: the path to the file to dump to
228#
229# This command is only supported on s390 architecture.
230#
231# Since: 2.5
232#
233# Example:
234#
235# -> { "execute": "dump-skeys",
236#      "arguments": { "filename": "/tmp/skeys" } }
237# <- { "return": {} }
238#
239##
240{ 'command': 'dump-skeys',
241  'data': { 'filename': 'str' },
242  'if': 'defined(TARGET_S390X)' }
243
244##
245# @GICCapability:
246#
247# The struct describes capability for a specific GIC (Generic
248# Interrupt Controller) version. These bits are not only decided by
249# QEMU/KVM software version, but also decided by the hardware that
250# the program is running upon.
251#
252# @version: version of GIC to be described. Currently, only 2 and 3
253#           are supported.
254#
255# @emulated: whether current QEMU/hardware supports emulated GIC
256#            device in user space.
257#
258# @kernel: whether current QEMU/hardware supports hardware
259#          accelerated GIC device in kernel.
260#
261# Since: 2.6
262##
263{ 'struct': 'GICCapability',
264  'data': { 'version': 'int',
265            'emulated': 'bool',
266            'kernel': 'bool' },
267  'if': 'defined(TARGET_ARM)' }
268
269##
270# @query-gic-capabilities:
271#
272# This command is ARM-only. It will return a list of GICCapability
273# objects that describe its capability bits.
274#
275# Returns: a list of GICCapability objects.
276#
277# Since: 2.6
278#
279# Example:
280#
281# -> { "execute": "query-gic-capabilities" }
282# <- { "return": [{ "version": 2, "emulated": true, "kernel": false },
283#                 { "version": 3, "emulated": false, "kernel": true } ] }
284#
285##
286{ 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
287  'if': 'defined(TARGET_ARM)' }
288
289
290##
291# @SevAttestationReport:
292#
293# The struct describes attestation report for a Secure Encrypted Virtualization
294# feature.
295#
296# @data:  guest attestation report (base64 encoded)
297#
298#
299# Since: 6.1
300##
301{ 'struct': 'SevAttestationReport',
302  'data': { 'data': 'str'},
303  'if': 'defined(TARGET_I386)' }
304
305##
306# @query-sev-attestation-report:
307#
308# This command is used to get the SEV attestation report, and is supported on AMD
309# X86 platforms only.
310#
311# @mnonce: a random 16 bytes value encoded in base64 (it will be included in report)
312#
313# Returns: SevAttestationReport objects.
314#
315# Since: 6.1
316#
317# Example:
318#
319# -> { "execute" : "query-sev-attestation-report", "arguments": { "mnonce": "aaaaaaa" } }
320# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
321#
322##
323{ 'command': 'query-sev-attestation-report', 'data': { 'mnonce': 'str' },
324  'returns': 'SevAttestationReport',
325  'if': 'defined(TARGET_I386)' }
326