diff options
author | Philippe Mathieu-Daudé <philmd@redhat.com> | 2021-10-07 18:16:59 +0200 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2021-10-13 10:47:49 +0200 |
commit | 9f885cac701325ebcbf7e4393aa9b21b32ec3c12 (patch) | |
tree | 38903becb92ad245606b337a5d490f4e224c7d4e /target/i386 | |
parent | 2c7233eb103adbf567778270b69950dd7a776c72 (diff) | |
download | qemu-9f885cac701325ebcbf7e4393aa9b21b32ec3c12.zip qemu-9f885cac701325ebcbf7e4393aa9b21b32ec3c12.tar.gz qemu-9f885cac701325ebcbf7e4393aa9b21b32ec3c12.tar.bz2 |
target/i386/monitor: Return QMP error when SEV is not enabled for guest
If the management layer tries to inject a secret, it gets an empty
response in case the guest doesn't have SEV enabled, or the binary
is built without SEV:
{ "execute": "sev-inject-launch-secret",
"arguments": { "packet-header": "mypkt", "secret": "mypass", "gpa": 4294959104 }
}
{
"return": {
}
}
Make it clearer by returning an error:
{ "execute": "sev-inject-launch-secret",
"arguments": { "packet-header": "mypkt", "secret": "mypass", "gpa": 4294959104 }
}
{
"error": {
"class": "GenericError",
"desc": "SEV not enabled for guest"
}
}
Note: we will remove the sev_inject_launch_secret() stub in few commits,
so we don't bother to add error_setg() there.
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Connor Kuehl <ckuehl@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20211007161716.453984-7-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'target/i386')
-rw-r--r-- | target/i386/monitor.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/target/i386/monitor.c b/target/i386/monitor.c index eabbeb9..ea83667 100644 --- a/target/i386/monitor.c +++ b/target/i386/monitor.c @@ -28,6 +28,7 @@ #include "monitor/hmp-target.h" #include "monitor/hmp.h" #include "qapi/qmp/qdict.h" +#include "qapi/qmp/qerror.h" #include "sysemu/kvm.h" #include "sysemu/sev.h" #include "qapi/error.h" @@ -743,6 +744,10 @@ void qmp_sev_inject_launch_secret(const char *packet_hdr, bool has_gpa, uint64_t gpa, Error **errp) { + if (!sev_enabled()) { + error_setg(errp, "SEV not enabled for guest"); + return; + } if (!has_gpa) { uint8_t *data; struct sev_secret_area *area; |