xref: /openbmc/qemu/qapi/misc-target.json (revision be19d836)
1# -*- Mode: Python -*-
2# vim: filetype=python
3#
4
5##
6# @rtc-reset-reinjection:
7#
8# This command will reset the RTC interrupt reinjection backlog.  Can
9# be used if another mechanism to synchronize guest time is in effect,
10# for example QEMU guest agent's guest-set-time command.
11#
12# Since: 2.1
13#
14# Example:
15#
16#     -> { "execute": "rtc-reset-reinjection" }
17#     <- { "return": {} }
18##
19{ 'command': 'rtc-reset-reinjection',
20  'if': 'TARGET_I386' }
21
22##
23# @SevState:
24#
25# An enumeration of SEV state information used during @query-sev.
26#
27# @uninit: The guest is uninitialized.
28#
29# @launch-update: The guest is currently being launched; plaintext
30#     data and register state is being imported.
31#
32# @launch-secret: The guest is currently being launched; ciphertext
33#     data is being imported.
34#
35# @running: The guest is fully launched or migrated in.
36#
37# @send-update: The guest is currently being migrated out to another
38#     machine.
39#
40# @receive-update: The guest is currently being migrated from another
41#     machine.
42#
43# Since: 2.12
44##
45{ 'enum': 'SevState',
46  'data': ['uninit', 'launch-update', 'launch-secret', 'running',
47           'send-update', 'receive-update' ],
48  'if': 'TARGET_I386' }
49
50##
51# @SevInfo:
52#
53# Information about Secure Encrypted Virtualization (SEV) support
54#
55# @enabled: true if SEV is active
56#
57# @api-major: SEV API major version
58#
59# @api-minor: SEV API minor version
60#
61# @build-id: SEV FW build id
62#
63# @policy: SEV policy value
64#
65# @state: SEV guest state
66#
67# @handle: SEV firmware handle
68#
69# Since: 2.12
70##
71{ 'struct': 'SevInfo',
72    'data': { 'enabled': 'bool',
73              'api-major': 'uint8',
74              'api-minor' : 'uint8',
75              'build-id' : 'uint8',
76              'policy' : 'uint32',
77              'state' : 'SevState',
78              'handle' : 'uint32'
79            },
80  'if': 'TARGET_I386'
81}
82
83##
84# @query-sev:
85#
86# Returns information about SEV
87#
88# Returns: @SevInfo
89#
90# Since: 2.12
91#
92# Example:
93#
94#     -> { "execute": "query-sev" }
95#     <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
96#                      "build-id" : 0, "policy" : 0, "state" : "running",
97#                      "handle" : 1 } }
98##
99{ 'command': 'query-sev', 'returns': 'SevInfo',
100  'if': 'TARGET_I386' }
101
102##
103# @SevLaunchMeasureInfo:
104#
105# SEV Guest Launch measurement information
106#
107# @data: the measurement value encoded in base64
108#
109# Since: 2.12
110##
111{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'},
112  'if': 'TARGET_I386' }
113
114##
115# @query-sev-launch-measure:
116#
117# Query the SEV guest launch information.
118#
119# Returns: The @SevLaunchMeasureInfo for the guest
120#
121# Since: 2.12
122#
123# Example:
124#
125#     -> { "execute": "query-sev-launch-measure" }
126#     <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
127##
128{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo',
129  'if': 'TARGET_I386' }
130
131##
132# @SevCapability:
133#
134# The struct describes capability for a Secure Encrypted
135# Virtualization feature.
136#
137# @pdh: Platform Diffie-Hellman key (base64 encoded)
138#
139# @cert-chain: PDH certificate chain (base64 encoded)
140#
141# @cpu0-id: Unique ID of CPU0 (base64 encoded) (since 7.1)
142#
143# @cbitpos: C-bit location in page table entry
144#
145# @reduced-phys-bits: Number of physical Address bit reduction when
146#     SEV is enabled
147#
148# Since: 2.12
149##
150{ 'struct': 'SevCapability',
151  'data': { 'pdh': 'str',
152            'cert-chain': 'str',
153            'cpu0-id': 'str',
154            'cbitpos': 'int',
155            'reduced-phys-bits': 'int'},
156  'if': 'TARGET_I386' }
157
158##
159# @query-sev-capabilities:
160#
161# This command is used to get the SEV capabilities, and is supported
162# on AMD X86 platforms only.
163#
164# Returns: SevCapability objects.
165#
166# Since: 2.12
167#
168# Example:
169#
170#     -> { "execute": "query-sev-capabilities" }
171#     <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
172#                      "cpu0-id": "2lvmGwo+...61iEinw==",
173#                      "cbitpos": 47, "reduced-phys-bits": 1}}
174##
175{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
176  'if': 'TARGET_I386' }
177
178##
179# @sev-inject-launch-secret:
180#
181# This command injects a secret blob into memory of SEV guest.
182#
183# @packet-header: the launch secret packet header encoded in base64
184#
185# @secret: the launch secret data to be injected encoded in base64
186#
187# @gpa: the guest physical address where secret will be injected.
188#
189# Since: 6.0
190##
191{ 'command': 'sev-inject-launch-secret',
192  'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
193  'if': 'TARGET_I386' }
194
195##
196# @SevAttestationReport:
197#
198# The struct describes attestation report for a Secure Encrypted
199# Virtualization feature.
200#
201# @data: guest attestation report (base64 encoded)
202#
203# Since: 6.1
204##
205{ 'struct': 'SevAttestationReport',
206  'data': { 'data': 'str'},
207  'if': 'TARGET_I386' }
208
209##
210# @query-sev-attestation-report:
211#
212# This command is used to get the SEV attestation report, and is
213# supported on AMD X86 platforms only.
214#
215# @mnonce: a random 16 bytes value encoded in base64 (it will be
216#     included in report)
217#
218# Returns: SevAttestationReport objects.
219#
220# Since: 6.1
221#
222# Example:
223#
224#     -> { "execute" : "query-sev-attestation-report",
225#                      "arguments": { "mnonce": "aaaaaaa" } }
226#     <- { "return" : { "data": "aaaaaaaabbbddddd"} }
227##
228{ 'command': 'query-sev-attestation-report',
229  'data': { 'mnonce': 'str' },
230  'returns': 'SevAttestationReport',
231  'if': 'TARGET_I386' }
232
233##
234# @dump-skeys:
235#
236# Dump guest's storage keys
237#
238# @filename: the path to the file to dump to
239#
240# Since: 2.5
241#
242# Example:
243#
244#     -> { "execute": "dump-skeys",
245#          "arguments": { "filename": "/tmp/skeys" } }
246#     <- { "return": {} }
247##
248{ 'command': 'dump-skeys',
249  'data': { 'filename': 'str' },
250  'if': 'TARGET_S390X' }
251
252##
253# @GICCapability:
254#
255# The struct describes capability for a specific GIC (Generic
256# Interrupt Controller) version.  These bits are not only decided by
257# QEMU/KVM software version, but also decided by the hardware that the
258# program is running upon.
259#
260# @version: version of GIC to be described.  Currently, only 2 and 3
261#     are supported.
262#
263# @emulated: whether current QEMU/hardware supports emulated GIC
264#     device in user space.
265#
266# @kernel: whether current QEMU/hardware supports hardware accelerated
267#     GIC device in kernel.
268#
269# Since: 2.6
270##
271{ 'struct': 'GICCapability',
272  'data': { 'version': 'int',
273            'emulated': 'bool',
274            'kernel': 'bool' },
275  'if': 'TARGET_ARM' }
276
277##
278# @query-gic-capabilities:
279#
280# This command is ARM-only.  It will return a list of GICCapability
281# objects that describe its capability bits.
282#
283# Returns: a list of GICCapability objects.
284#
285# Since: 2.6
286#
287# Example:
288#
289#     -> { "execute": "query-gic-capabilities" }
290#     <- { "return": [{ "version": 2, "emulated": true, "kernel": false },
291#                     { "version": 3, "emulated": false, "kernel": true } ] }
292##
293{ 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
294  'if': 'TARGET_ARM' }
295
296##
297# @SGXEPCSection:
298#
299# Information about intel SGX EPC section info
300#
301# @node: the numa node
302#
303# @size: the size of EPC section
304#
305# Since: 7.0
306##
307{ 'struct': 'SGXEPCSection',
308  'data': { 'node': 'int',
309            'size': 'uint64'}}
310
311##
312# @SGXInfo:
313#
314# Information about intel Safe Guard eXtension (SGX) support
315#
316# @sgx: true if SGX is supported
317#
318# @sgx1: true if SGX1 is supported
319#
320# @sgx2: true if SGX2 is supported
321#
322# @flc: true if FLC is supported
323#
324# @sections: The EPC sections info for guest (Since: 7.0)
325#
326# Since: 6.2
327##
328{ 'struct': 'SGXInfo',
329  'data': { 'sgx': 'bool',
330            'sgx1': 'bool',
331            'sgx2': 'bool',
332            'flc': 'bool',
333            'sections': ['SGXEPCSection']},
334   'if': 'TARGET_I386' }
335
336##
337# @query-sgx:
338#
339# Returns information about SGX
340#
341# Returns: @SGXInfo
342#
343# Since: 6.2
344#
345# Example:
346#
347#     -> { "execute": "query-sgx" }
348#     <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
349#                      "flc": true,
350#                      "sections": [{"node": 0, "size": 67108864},
351#                      {"node": 1, "size": 29360128}]} }
352##
353{ 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
354
355##
356# @query-sgx-capabilities:
357#
358# Returns information from host SGX capabilities
359#
360# Returns: @SGXInfo
361#
362# Since: 6.2
363#
364# Example:
365#
366#     -> { "execute": "query-sgx-capabilities" }
367#     <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
368#                      "flc": true,
369#                      "section" : [{"node": 0, "size": 67108864},
370#                      {"node": 1, "size": 29360128}]} }
371##
372{ 'command': 'query-sgx-capabilities', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
373
374
375##
376# @EvtchnPortType:
377#
378# An enumeration of Xen event channel port types.
379#
380# @closed: The port is unused.
381#
382# @unbound: The port is allocated and ready to be bound.
383#
384# @interdomain: The port is connected as an interdomain interrupt.
385#
386# @pirq: The port is bound to a physical IRQ (PIRQ).
387#
388# @virq: The port is bound to a virtual IRQ (VIRQ).
389#
390# @ipi: The post is an inter-processor interrupt (IPI).
391#
392# Since: 8.0
393##
394{ 'enum': 'EvtchnPortType',
395  'data': ['closed', 'unbound', 'interdomain', 'pirq', 'virq', 'ipi'],
396  'if': 'TARGET_I386' }
397
398##
399# @EvtchnInfo:
400#
401# Information about a Xen event channel port
402#
403# @port: the port number
404#
405# @vcpu: target vCPU for this port
406#
407# @type: the port type
408#
409# @remote-domain: remote domain for interdomain ports
410#
411# @target: remote port ID, or virq/pirq number
412#
413# @pending: port is currently active pending delivery
414#
415# @masked: port is masked
416#
417# Since: 8.0
418##
419{ 'struct': 'EvtchnInfo',
420  'data': {'port': 'uint16',
421           'vcpu': 'uint32',
422           'type': 'EvtchnPortType',
423           'remote-domain': 'str',
424           'target': 'uint16',
425           'pending': 'bool',
426           'masked': 'bool'},
427  'if': 'TARGET_I386' }
428
429
430##
431# @xen-event-list:
432#
433# Query the Xen event channels opened by the guest.
434#
435# Returns: list of open event channel ports.
436#
437# Since: 8.0
438#
439# Example:
440#
441#     -> { "execute": "xen-event-list" }
442#     <- { "return": [
443#             {
444#                 "pending": false,
445#                 "port": 1,
446#                 "vcpu": 1,
447#                 "remote-domain": "qemu",
448#                 "masked": false,
449#                 "type": "interdomain",
450#                 "target": 1
451#             },
452#             {
453#                 "pending": false,
454#                 "port": 2,
455#                 "vcpu": 0,
456#                 "remote-domain": "",
457#                 "masked": false,
458#                 "type": "virq",
459#                 "target": 0
460#             }
461#          ]
462#        }
463##
464{ 'command': 'xen-event-list',
465  'returns': ['EvtchnInfo'],
466  'if': 'TARGET_I386' }
467
468##
469# @xen-event-inject:
470#
471# Inject a Xen event channel port (interrupt) to the guest.
472#
473# @port: The port number
474#
475# Returns:
476#     - Nothing on success.
477#
478# Since: 8.0
479#
480# Example:
481#
482#     -> { "execute": "xen-event-inject", "arguments": { "port": 1 } }
483#     <- { "return": { } }
484##
485{ 'command': 'xen-event-inject',
486  'data': { 'port': 'uint32' },
487  'if': 'TARGET_I386' }
488