On 9/9/21 4:51 AM, Yang Zhong wrote:
> On Wed, Sep 08, 2021 at 10:38:59AM +0200, Philippe Mathieu-Daudé wrote:
>> On 9/8/21 10:19 AM, Yang Zhong wrote:
>>> Libvirt can use qmp_query_sgx_capabilities() to get the host
>>> sgx capabilities.
>>>
>>> Signed-off-by: Yang Zhong <yang.zh...@intel.com>
>>> ---
>>> hw/i386/sgx.c | 66 ++++++++++++++++++++++++++++++++++++++
>>> include/hw/i386/sgx.h | 1 +
>>> qapi/misc-target.json | 18 +++++++++++
>>> target/i386/monitor.c | 5 +++
>>> tests/qtest/qmp-cmd-test.c | 1 +
>>> 5 files changed, 91 insertions(+)
>>
>>> +SGXInfo *sgx_get_capabilities(Error **errp)
>>> +{
>>> + SGXInfo *info = NULL;
>>> + uint32_t eax, ebx, ecx, edx;
>>> +
>>> + int fd = qemu_open_old("/dev/sgx_vepc", O_RDWR);
>>> + if (fd < 0) {
>>> + error_setg(errp, "SGX is not enabled in KVM");
>>> + return NULL;
>>> + }
>>
>> Is this Linux specific?
>
> Philippe, The /dev/sgx_vepc node is used for KVM side to expose the SGX
> EPC section to guest. Libvirt then use the '-machine none' qemu command
> to query host SGX capabilities(especially for host SGX EPC section size)
> to decide how many SGX VMs will be started in server. If this node doesn't
> exist, the reason is host can't support SGX or SGX KVM module is not
> compiled
> in the kernel. thanks!
Sorry but you didn't answer my question in an obvious way... Yes or no?
