On Wed, Sep 08, 2021 at 10:38:59AM +0200, Philippe Mathieu-Daudé wrote:
> On 9/8/21 10:19 AM, Yang Zhong wrote:
> > Libvirt can use qmp_query_sgx_capabilities() to get the host
> > sgx capabilities.
> >
> > Signed-off-by: Yang Zhong <yang.zh...@intel.com>
> > ---
> > hw/i386/sgx.c | 66 ++++++++++++++++++++++++++++++++++++++
> > include/hw/i386/sgx.h | 1 +
> > qapi/misc-target.json | 18 +++++++++++
> > target/i386/monitor.c | 5 +++
> > tests/qtest/qmp-cmd-test.c | 1 +
> > 5 files changed, 91 insertions(+)
>
> > +SGXInfo *sgx_get_capabilities(Error **errp)
> > +{
> > + SGXInfo *info = NULL;
> > + uint32_t eax, ebx, ecx, edx;
> > +
> > + int fd = qemu_open_old("/dev/sgx_vepc", O_RDWR);
> > + if (fd < 0) {
> > + error_setg(errp, "SGX is not enabled in KVM");
> > + return NULL;
> > + }
>
> Is this Linux specific?
Philippe, The /dev/sgx_vepc node is used for KVM side to expose the SGX
EPC section to guest. Libvirt then use the '-machine none' qemu command
to query host SGX capabilities(especially for host SGX EPC section size)
to decide how many SGX VMs will be started in server. If this node doesn't
exist, the reason is host can't support SGX or SGX KVM module is not compiled
in the kernel. thanks!
Yang
