Xiaoyao Li <xiaoyao...@intel.com> writes:
> From: Isaku Yamahata <isaku.yamah...@intel.com>
>
> Three sha384 hash values, mrconfigid, mrowner and mrownerconfig, of a TD
> can be provided for TDX attestation. Detailed meaning of them can be
> found:
> https://lore.kernel.org/qemu-devel/31d6dbc1-f453-4cef-ab08-4813f4e0f...@intel.com/
>
> Allow user to specify those values via property mrconfigid, mrowner and
> mrownerconfig. They are all in base64 format.
>
> example
> -object tdx-guest, \
>
> mrconfigid=ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v,\
> mrowner=ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v,\
>
> mrownerconfig=ASNFZ4mrze8BI0VniavN7wEjRWeJq83vASNFZ4mrze8BI0VniavN7wEjRWeJq83v
>
> Signed-off-by: Isaku Yamahata <isaku.yamah...@intel.com>
> Co-developed-by: Xiaoyao Li <xiaoyao...@intel.com>
> Signed-off-by: Xiaoyao Li <xiaoyao...@intel.com>
[...]
> diff --git a/qapi/qom.json b/qapi/qom.json
> index f229bb07aaec..a8379bac1719 100644
> --- a/qapi/qom.json
> +++ b/qapi/qom.json
> @@ -1060,11 +1060,25 @@
> # pages. Some guest OS (e.g., Linux TD guest) may require this to
> # be set, otherwise they refuse to boot.
> #
> +# @mrconfigid: ID for non-owner-defined configuration of the guest TD,
> +# e.g., run-time or OS configuration (base64 encoded SHA384 digest).
> +# Defaults to all zeros.
> +#
> +# @mrowner: ID for the guest TD’s owner (base64 encoded SHA384 digest).
> +# Defaults to all zeros.
> +#
> +# @mrownerconfig: ID for owner-defined configuration of the guest TD,
> +# e.g., specific to the workload rather than the run-time or OS
> +# (base64 encoded SHA384 digest). Defaults to all zeros.
> +#
> # Since: 10.1
> ##
> { 'struct': 'TdxGuestProperties',
> 'data': { '*attributes': 'uint64',
> - '*sept-ve-disable': 'bool' } }
> + '*sept-ve-disable': 'bool',
> + '*mrconfigid': 'str',
> + '*mrowner': 'str',
> + '*mrownerconfig': 'str' } }
>
> ##
Acked-by: Markus Armbruster <arm...@redhat.com>
[...]
