[qemu.git] / qapi / misc-target.json

# -*- Mode: Python -*-
# vim: filetype=python
#

##
# @rtc-reset-reinjection:
#
# This command will reset the RTC interrupt reinjection backlog.
# Can be used if another mechanism to synchronize guest time
# is in effect, for example QEMU guest agent's guest-set-time
# command.
#
# Since: 2.1
#
# Example:
#
# -> { "execute": "rtc-reset-reinjection" }
# <- { "return": {} }
#
##
{ 'command': 'rtc-reset-reinjection',
  'if': 'TARGET_I386' }


##
# @SevState:
#
# An enumeration of SEV state information used during @query-sev.
#
# @uninit: The guest is uninitialized.
#
# @launch-update: The guest is currently being launched; plaintext data and
#                 register state is being imported.
#
# @launch-secret: The guest is currently being launched; ciphertext data
#                 is being imported.
#
# @running: The guest is fully launched or migrated in.
#
# @send-update: The guest is currently being migrated out to another machine.
#
# @receive-update: The guest is currently being migrated from another machine.
#
# Since: 2.12
##
{ 'enum': 'SevState',
  'data': ['uninit', 'launch-update', 'launch-secret', 'running',
           'send-update', 'receive-update' ],
  'if': 'TARGET_I386' }

##
# @SevInfo:
#
# Information about Secure Encrypted Virtualization (SEV) support
#
# @enabled: true if SEV is active
#
# @api-major: SEV API major version
#
# @api-minor: SEV API minor version
#
# @build-id: SEV FW build id
#
# @policy: SEV policy value
#
# @state: SEV guest state
#
# @handle: SEV firmware handle
#
# Since: 2.12
##
{ 'struct': 'SevInfo',
    'data': { 'enabled': 'bool',
              'api-major': 'uint8',
              'api-minor' : 'uint8',
              'build-id' : 'uint8',
              'policy' : 'uint32',
              'state' : 'SevState',
              'handle' : 'uint32'
            },
  'if': 'TARGET_I386'
}

##
# @query-sev:
#
# Returns information about SEV
#
# Returns: @SevInfo
#
# Since: 2.12
#
# Example:
#
# -> { "execute": "query-sev" }
# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
#                  "build-id" : 0, "policy" : 0, "state" : "running",
#                  "handle" : 1 } }
#
##
{ 'command': 'query-sev', 'returns': 'SevInfo',
  'if': 'TARGET_I386' }


##
# @SevLaunchMeasureInfo:
#
# SEV Guest Launch measurement information
#
# @data: the measurement value encoded in base64
#
# Since: 2.12
#
##
{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'},
  'if': 'TARGET_I386' }

##
# @query-sev-launch-measure:
#
# Query the SEV guest launch information.
#
# Returns: The @SevLaunchMeasureInfo for the guest
#
# Since: 2.12
#
# Example:
#
# -> { "execute": "query-sev-launch-measure" }
# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
#
##
{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo',
  'if': 'TARGET_I386' }


##
# @SevCapability:
#
# The struct describes capability for a Secure Encrypted Virtualization
# feature.
#
# @pdh:  Platform Diffie-Hellman key (base64 encoded)
#
# @cert-chain:  PDH certificate chain (base64 encoded)
#
# @cbitpos: C-bit location in page table entry
#
# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
#                     enabled
#
# Since: 2.12
##
{ 'struct': 'SevCapability',
  'data': { 'pdh': 'str',
            'cert-chain': 'str',
            'cbitpos': 'int',
            'reduced-phys-bits': 'int'},
  'if': 'TARGET_I386' }

##
# @query-sev-capabilities:
#
# This command is used to get the SEV capabilities, and is supported on AMD
# X86 platforms only.
#
# Returns: SevCapability objects.
#
# Since: 2.12
#
# Example:
#
# -> { "execute": "query-sev-capabilities" }
# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
#                  "cbitpos": 47, "reduced-phys-bits": 5}}
#
##
{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
  'if': 'TARGET_I386' }

##
# @sev-inject-launch-secret:
#
# This command injects a secret blob into memory of SEV guest.
#
# @packet-header: the launch secret packet header encoded in base64
#
# @secret: the launch secret data to be injected encoded in base64
#
# @gpa: the guest physical address where secret will be injected.
#
# Since: 6.0
#
##
{ 'command': 'sev-inject-launch-secret',
  'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
  'if': 'TARGET_I386' }

##
# @SevAttestationReport:
#
# The struct describes attestation report for a Secure Encrypted
# Virtualization feature.
#
# @data:  guest attestation report (base64 encoded)
#
#
# Since: 6.1
##
{ 'struct': 'SevAttestationReport',
  'data': { 'data': 'str'},
  'if': 'TARGET_I386' }

##
# @query-sev-attestation-report:
#
# This command is used to get the SEV attestation report, and is
# supported on AMD X86 platforms only.
#
# @mnonce: a random 16 bytes value encoded in base64 (it will be
#          included in report)
#
# Returns: SevAttestationReport objects.
#
# Since: 6.1
#
# Example:
#
# -> { "execute" : "query-sev-attestation-report",
#                  "arguments": { "mnonce": "aaaaaaa" } }
# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
#
##
{ 'command': 'query-sev-attestation-report',
  'data': { 'mnonce': 'str' },
  'returns': 'SevAttestationReport',
  'if': 'TARGET_I386' }

##
# @dump-skeys:
#
# Dump guest's storage keys
#
# @filename: the path to the file to dump to
#
# This command is only supported on s390 architecture.
#
# Since: 2.5
#
# Example:
#
# -> { "execute": "dump-skeys",
#      "arguments": { "filename": "/tmp/skeys" } }
# <- { "return": {} }
#
##
{ 'command': 'dump-skeys',
  'data': { 'filename': 'str' },
  'if': 'TARGET_S390X' }

##
# @GICCapability:
#
# The struct describes capability for a specific GIC (Generic
# Interrupt Controller) version. These bits are not only decided by
# QEMU/KVM software version, but also decided by the hardware that
# the program is running upon.
#
# @version: version of GIC to be described. Currently, only 2 and 3
#           are supported.
#
# @emulated: whether current QEMU/hardware supports emulated GIC
#            device in user space.
#
# @kernel: whether current QEMU/hardware supports hardware
#          accelerated GIC device in kernel.
#
# Since: 2.6
##
{ 'struct': 'GICCapability',
  'data': { 'version': 'int',
            'emulated': 'bool',
            'kernel': 'bool' },
  'if': 'TARGET_ARM' }

##
# @query-gic-capabilities:
#
# This command is ARM-only. It will return a list of GICCapability
# objects that describe its capability bits.
#
# Returns: a list of GICCapability objects.
#
# Since: 2.6
#
# Example:
#
# -> { "execute": "query-gic-capabilities" }
# <- { "return": [{ "version": 2, "emulated": true, "kernel": false },
#                 { "version": 3, "emulated": false, "kernel": true } ] }
#
##
{ 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
  'if': 'TARGET_ARM' }


##
# @SGXEPCSection:
#
# Information about intel SGX EPC section info
#
# @node: the numa node
#
# @size: the size of EPC section
#
# Since: 7.0
##
{ 'struct': 'SGXEPCSection',
  'data': { 'node': 'int',
            'size': 'uint64'}}

##
# @SGXInfo:
#
# Information about intel Safe Guard eXtension (SGX) support
#
# @sgx: true if SGX is supported
#
# @sgx1: true if SGX1 is supported
#
# @sgx2: true if SGX2 is supported
#
# @flc: true if FLC is supported
#
# @section-size: The EPC section size for guest
#                Redundant with @sections.  Just for backward compatibility.
#
# @sections: The EPC sections info for guest (Since: 7.0)
#
# Features:
# @deprecated: Member @section-size is deprecated.  Use @sections instead.
#
# Since: 6.2
##
{ 'struct': 'SGXInfo',
  'data': { 'sgx': 'bool',
            'sgx1': 'bool',
            'sgx2': 'bool',
            'flc': 'bool',
            'section-size': { 'type': 'uint64',
                    'features': [ 'deprecated' ] },
            'sections': ['SGXEPCSection']},
   'if': 'TARGET_I386' }

##
# @query-sgx:
#
# Returns information about SGX
#
# Returns: @SGXInfo
#
# Since: 6.2
#
# Example:
#
# -> { "execute": "query-sgx" }
# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
#                  "flc": true,  "section-size" : 96468992,
#                  "sections": [{"node": 0, "size": 67108864},
#                  {"node": 1, "size": 29360128}]} }
#
##
{ 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }

##
# @query-sgx-capabilities:
#
# Returns information from host SGX capabilities
#
# Returns: @SGXInfo
#
# Since: 6.2
#
# Example:
#
# -> { "execute": "query-sgx-capabilities" }
# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
#                  "flc": true, "section-size" : 96468992,
#                  "section" : [{"node": 0, "size": 67108864},
#                  {"node": 1, "size": 29360128}]} }
#
##
{ 'command': 'query-sgx-capabilities', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
Commit	Line	Data
61eb9e80	1	# -- Mode: Python --
f7160f32	2	# vim: filetype=python
61eb9e80 MA	3	#
61eb9e80 MA	4
61eb9e80	5	##
a6c7040f MAL	6	# @rtc-reset-reinjection:
	7	#
	8	# This command will reset the RTC interrupt reinjection backlog.
	9	# Can be used if another mechanism to synchronize guest time
	10	# is in effect, for example QEMU guest agent's guest-set-time
	11	# command.
	12	#
	13	# Since: 2.1
	14	#
	15	# Example:
	16	#
	17	# -> { "execute": "rtc-reset-reinjection" }
	18	# <- { "return": {} }
	19	#
	20	##
	21	{ 'command': 'rtc-reset-reinjection',
8a9f1e1d	22	'if': 'TARGET_I386' }
a6c7040f MAL	23
	24
	25	##
	26	# @SevState:
	27	#
	28	# An enumeration of SEV state information used during @query-sev.
	29	#
	30	# @uninit: The guest is uninitialized.
	31	#
	32	# @launch-update: The guest is currently being launched; plaintext data and
	33	# register state is being imported.
	34	#
	35	# @launch-secret: The guest is currently being launched; ciphertext data
	36	# is being imported.
	37	#
	38	# @running: The guest is fully launched or migrated in.
	39	#
	40	# @send-update: The guest is currently being migrated out to another machine.
	41	#
	42	# @receive-update: The guest is currently being migrated from another machine.
	43	#
	44	# Since: 2.12
	45	##
	46	{ 'enum': 'SevState',
	47	'data': ['uninit', 'launch-update', 'launch-secret', 'running',
	48	'send-update', 'receive-update' ],
8a9f1e1d	49	'if': 'TARGET_I386' }
a6c7040f MAL	50
	51	##
	52	# @SevInfo:
	53	#
	54	# Information about Secure Encrypted Virtualization (SEV) support
	55	#
	56	# @enabled: true if SEV is active
	57	#
	58	# @api-major: SEV API major version
	59	#
	60	# @api-minor: SEV API minor version
	61	#
	62	# @build-id: SEV FW build id
	63	#
	64	# @policy: SEV policy value
	65	#
	66	# @state: SEV guest state
	67	#
	68	# @handle: SEV firmware handle
	69	#
	70	# Since: 2.12
	71	##
	72	{ 'struct': 'SevInfo',
	73	'data': { 'enabled': 'bool',
	74	'api-major': 'uint8',
	75	'api-minor' : 'uint8',
	76	'build-id' : 'uint8',
	77	'policy' : 'uint32',
	78	'state' : 'SevState',
	79	'handle' : 'uint32'
	80	},
8a9f1e1d	81	'if': 'TARGET_I386'
a6c7040f MAL	82	}
	83
	84	##
	85	# @query-sev:
	86	#
	87	# Returns information about SEV
	88	#
	89	# Returns: @SevInfo
	90	#
	91	# Since: 2.12
	92	#
	93	# Example:
	94	#
	95	# -> { "execute": "query-sev" }
	96	# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
	97	# "build-id" : 0, "policy" : 0, "state" : "running",
	98	# "handle" : 1 } }
	99	#
	100	##
	101	{ 'command': 'query-sev', 'returns': 'SevInfo',
8a9f1e1d	102	'if': 'TARGET_I386' }
a6c7040f MAL	103
	104
	105	##
	106	# @SevLaunchMeasureInfo:
	107	#
	108	# SEV Guest Launch measurement information
	109	#
	110	# @data: the measurement value encoded in base64
	111	#
	112	# Since: 2.12
	113	#
	114	##
	115	{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'},
8a9f1e1d	116	'if': 'TARGET_I386' }
a6c7040f MAL	117
	118	##
	119	# @query-sev-launch-measure:
	120	#
	121	# Query the SEV guest launch information.
	122	#
	123	# Returns: The @SevLaunchMeasureInfo for the guest
	124	#
	125	# Since: 2.12
	126	#
	127	# Example:
	128	#
	129	# -> { "execute": "query-sev-launch-measure" }
	130	# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
	131	#
	132	##
	133	{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo',
8a9f1e1d	134	'if': 'TARGET_I386' }
a6c7040f MAL	135
	136
	137	##
	138	# @SevCapability:
	139	#
	140	# The struct describes capability for a Secure Encrypted Virtualization
	141	# feature.
	142	#
	143	# @pdh: Platform Diffie-Hellman key (base64 encoded)
	144	#
	145	# @cert-chain: PDH certificate chain (base64 encoded)
	146	#
	147	# @cbitpos: C-bit location in page table entry
	148	#
	149	# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
	150	# enabled
	151	#
	152	# Since: 2.12
	153	##
	154	{ 'struct': 'SevCapability',
	155	'data': { 'pdh': 'str',
	156	'cert-chain': 'str',
	157	'cbitpos': 'int',
	158	'reduced-phys-bits': 'int'},
8a9f1e1d	159	'if': 'TARGET_I386' }
a6c7040f MAL	160
	161	##
	162	# @query-sev-capabilities:
	163	#
	164	# This command is used to get the SEV capabilities, and is supported on AMD
	165	# X86 platforms only.
	166	#
	167	# Returns: SevCapability objects.
	168	#
	169	# Since: 2.12
	170	#
	171	# Example:
	172	#
	173	# -> { "execute": "query-sev-capabilities" }
	174	# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
	175	# "cbitpos": 47, "reduced-phys-bits": 5}}
	176	#
61eb9e80	177	##
a6c7040f	178	{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
8a9f1e1d	179	'if': 'TARGET_I386' }
0e2f4530	180
c7f7e697 TFF	181	##
	182	# @sev-inject-launch-secret:
	183	#
	184	# This command injects a secret blob into memory of SEV guest.
	185	#
	186	# @packet-header: the launch secret packet header encoded in base64
	187	#
	188	# @secret: the launch secret data to be injected encoded in base64
	189	#
	190	# @gpa: the guest physical address where secret will be injected.
	191	#
	192	# Since: 6.0
	193	#
	194	##
	195	{ 'command': 'sev-inject-launch-secret',
f522cef9	196	'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
8a9f1e1d	197	'if': 'TARGET_I386' }
c7f7e697	198
993e2605 PMD	199	##
	200	# @SevAttestationReport:
	201	#
	202	# The struct describes attestation report for a Secure Encrypted
	203	# Virtualization feature.
	204	#
	205	# @data: guest attestation report (base64 encoded)
	206	#
	207	#
	208	# Since: 6.1
	209	##
	210	{ 'struct': 'SevAttestationReport',
	211	'data': { 'data': 'str'},
	212	'if': 'TARGET_I386' }
	213
	214	##
	215	# @query-sev-attestation-report:
	216	#
	217	# This command is used to get the SEV attestation report, and is
	218	# supported on AMD X86 platforms only.
	219	#
	220	# @mnonce: a random 16 bytes value encoded in base64 (it will be
	221	# included in report)
	222	#
	223	# Returns: SevAttestationReport objects.
	224	#
	225	# Since: 6.1
	226	#
	227	# Example:
	228	#
	229	# -> { "execute" : "query-sev-attestation-report",
	230	# "arguments": { "mnonce": "aaaaaaa" } }
	231	# <- { "return" : { "data": "aaaaaaaabbbddddd"} }
	232	#
	233	##
	234	{ 'command': 'query-sev-attestation-report',
	235	'data': { 'mnonce': 'str' },
	236	'returns': 'SevAttestationReport',
	237	'if': 'TARGET_I386' }
	238
0e2f4530 MAL	239	##
	240	# @dump-skeys:
	241	#
	242	# Dump guest's storage keys
	243	#
	244	# @filename: the path to the file to dump to
	245	#
	246	# This command is only supported on s390 architecture.
	247	#
	248	# Since: 2.5
	249	#
	250	# Example:
	251	#
	252	# -> { "execute": "dump-skeys",
	253	# "arguments": { "filename": "/tmp/skeys" } }
	254	# <- { "return": {} }
	255	#
	256	##
	257	{ 'command': 'dump-skeys',
	258	'data': { 'filename': 'str' },
8a9f1e1d	259	'if': 'TARGET_S390X' }
0e2f4530	260
84c6499e MAL	261	##
	262	# @GICCapability:
	263	#
	264	# The struct describes capability for a specific GIC (Generic
	265	# Interrupt Controller) version. These bits are not only decided by
	266	# QEMU/KVM software version, but also decided by the hardware that
	267	# the program is running upon.
	268	#
26ec4e53 PM	269	# @version: version of GIC to be described. Currently, only 2 and 3
26ec4e53 PM	270	# are supported.
84c6499e MAL	271	#
	272	# @emulated: whether current QEMU/hardware supports emulated GIC
	273	# device in user space.
	274	#
26ec4e53 PM	275	# @kernel: whether current QEMU/hardware supports hardware
26ec4e53 PM	276	# accelerated GIC device in kernel.
84c6499e MAL	277	#
	278	# Since: 2.6
	279	##
	280	{ 'struct': 'GICCapability',
	281	'data': { 'version': 'int',
	282	'emulated': 'bool',
	283	'kernel': 'bool' },
8a9f1e1d	284	'if': 'TARGET_ARM' }
84c6499e MAL	285
	286	##
	287	# @query-gic-capabilities:
	288	#
	289	# This command is ARM-only. It will return a list of GICCapability
	290	# objects that describe its capability bits.
	291	#
	292	# Returns: a list of GICCapability objects.
	293	#
	294	# Since: 2.6
	295	#
	296	# Example:
	297	#
	298	# -> { "execute": "query-gic-capabilities" }
	299	# <- { "return": [{ "version": 2, "emulated": true, "kernel": false },
	300	# { "version": 3, "emulated": false, "kernel": true } ] }
	301	#
	302	##
	303	{ 'command': 'query-gic-capabilities', 'returns': ['GICCapability'],
8a9f1e1d	304	'if': 'TARGET_ARM' }
3ea1a802 BS	305
3ea1a802 BS	306
4755927a YZ	307	##
	308	# @SGXEPCSection:
	309	#
	310	# Information about intel SGX EPC section info
	311	#
	312	# @node: the numa node
	313	#
a66bd91f	314	# @size: the size of EPC section
4755927a	315	#
a66bd91f	316	# Since: 7.0
4755927a YZ	317	##
	318	{ 'struct': 'SGXEPCSection',
	319	'data': { 'node': 'int',
	320	'size': 'uint64'}}
	321
57d874c4 YZ	322	##
	323	# @SGXInfo:
	324	#
	325	# Information about intel Safe Guard eXtension (SGX) support
	326	#
	327	# @sgx: true if SGX is supported
	328	#
	329	# @sgx1: true if SGX1 is supported
	330	#
	331	# @sgx2: true if SGX2 is supported
	332	#
	333	# @flc: true if FLC is supported
	334	#
a66bd91f YZ	335	# @section-size: The EPC section size for guest
	336	# Redundant with @sections. Just for backward compatibility.
	337	#
	338	# @sections: The EPC sections info for guest (Since: 7.0)
	339	#
	340	# Features:
	341	# @deprecated: Member @section-size is deprecated. Use @sections instead.
57d874c4 YZ	342	#
	343	# Since: 6.2
	344	##
	345	{ 'struct': 'SGXInfo',
	346	'data': { 'sgx': 'bool',
	347	'sgx1': 'bool',
	348	'sgx2': 'bool',
	349	'flc': 'bool',
a66bd91f YZ	350	'section-size': { 'type': 'uint64',
a66bd91f YZ	351	'features': [ 'deprecated' ] },
4755927a	352	'sections': ['SGXEPCSection']},
57d874c4 YZ	353	'if': 'TARGET_I386' }
	354
	355	##
	356	# @query-sgx:
	357	#
	358	# Returns information about SGX
	359	#
	360	# Returns: @SGXInfo
	361	#
	362	# Since: 6.2
	363	#
	364	# Example:
	365	#
	366	# -> { "execute": "query-sgx" }
	367	# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
a66bd91f YZ	368	# "flc": true, "section-size" : 96468992,
	369	# "sections": [{"node": 0, "size": 67108864},
	370	# {"node": 1, "size": 29360128}]} }
57d874c4 YZ	371	#
	372	##
	373	{ 'command': 'query-sgx', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }
0205c4fa YZ	374
	375	##
	376	# @query-sgx-capabilities:
	377	#
	378	# Returns information from host SGX capabilities
	379	#
	380	# Returns: @SGXInfo
	381	#
	382	# Since: 6.2
	383	#
	384	# Example:
	385	#
	386	# -> { "execute": "query-sgx-capabilities" }
	387	# <- { "return": { "sgx": true, "sgx1" : true, "sgx2" : true,
a66bd91f YZ	388	# "flc": true, "section-size" : 96468992,
	389	# "section" : [{"node": 0, "size": 67108864},
	390	# {"node": 1, "size": 29360128}]} }
0205c4fa YZ	391	#
	392	##
	393	{ 'command': 'query-sgx-capabilities', 'returns': 'SGXInfo', 'if': 'TARGET_I386' }