NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

tools: add 'domlaunchsecinfo' virsh command

Browse Source 
This command reports the launch security parameters for
a guest, allowing an external tool to perform a launch
attestation.

Reviewed-by: Peter Krempa <pkrempa@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2021-12-08 07:53:00 -05:00
parent 8c071180cf
commit ac79e9ff5c
2 changed files with 70 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
docs/manpages/virsh.rst
View File

@ -2057,6 +2057,23 @@ destination hosts have synchronized time (i.e., NTP daemon is running
on both of them). on both of them).
domlaunchsecinfo
----------------
**Syntax:**
::
domlaunchsecinfo domain
Returns information about the launch security parameters associated
with a running domain.
The set of parameters reported will vary depending on which type of
launch security protection is active. If none is active, no parameters
will be reported.
dommemstat dommemstat
---------- ----------

53
tools/virsh-domain.c
View File

@ -9523,6 +9523,53 @@ cmdNumatune(vshControl * ctl, const vshCmd * cmd)
goto cleanup; goto cleanup;
} }
/*
* "domlaunchsecinfo" command
*/
static const vshCmdInfo info_domlaunchsecinfo[] = {
{.name = "help",
.data = N_("Get domain launch security info")
},
{.name = "desc",
.data = N_("Get the launch security parameters for a guest domain")
},
{.name = NULL}
};
static const vshCmdOptDef opts_domlaunchsecinfo[] = {
VIRSH_COMMON_OPT_DOMAIN_FULL(0),
{.name = NULL}
};
static bool
cmdDomLaunchSecInfo(vshControl * ctl, const vshCmd * cmd)
{
g_autoptr(virshDomain) dom = NULL;
size_t i;
int nparams = 0;
virTypedParameterPtr params = NULL;
bool ret = false;
if (!(dom = virshCommandOptDomain(ctl, cmd, NULL)))
return false;
if (virDomainGetLaunchSecurityInfo(dom, &params, &nparams, 0) != 0) {
vshError(ctl, "%s", _("Unable to get launch security parameters"));
goto cleanup;
}
for (i = 0; i < nparams; i++) {
g_autofree char *str = vshGetTypedParamValue(ctl, &params[i]);
vshPrint(ctl, "%-15s: %s\n", params[i].field, str);
}
ret = true;
cleanup:
virTypedParamsFree(params, nparams);
return ret;
}
/* /*
* "qemu-monitor-command" command * "qemu-monitor-command" command
*/ */
@ -14542,6 +14589,12 @@ const vshCmdDef domManagementCmds[] = {
.info = info_domjobinfo, .info = info_domjobinfo,
.flags = 0 .flags = 0
}, },
{.name = "domlaunchsecinfo",
.handler = cmdDomLaunchSecInfo,
.opts = opts_domlaunchsecinfo,
.info = info_domlaunchsecinfo,
.flags = 0
},
{.name = "domname", {.name = "domname",
.handler = cmdDomname, .handler = cmdDomname,
.opts = opts_domname, .opts = opts_domname,