From patchwork Tue Nov 1 15:53:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 689985 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3t7bVk63L2z9ryn for ; Wed, 2 Nov 2016 02:58:22 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=amdcloud.onmicrosoft.com header.i=@amdcloud.onmicrosoft.com header.b=pvoWSz2u; dkim-atps=neutral Received: from localhost ([::1]:48866 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c1bS7-00016Y-RH for incoming@patchwork.ozlabs.org; Tue, 01 Nov 2016 11:58:19 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57408) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1c1bNn-0005jf-OF for qemu-devel@nongnu.org; Tue, 01 Nov 2016 11:53:52 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1c1bNi-0003on-S8 for qemu-devel@nongnu.org; Tue, 01 Nov 2016 11:53:51 -0400 Received: from mail-cys01nam02on0064.outbound.protection.outlook.com ([104.47.37.64]:10160 helo=NAM02-CY1-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1c1bNi-0003oc-Kp for qemu-devel@nongnu.org; Tue, 01 Nov 2016 11:53:46 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=AABmFLilqPEjEyvtHx9D8aN0lIZVfnzBr6xKsAcSNlQ=; b=pvoWSz2upC0Cf3FBhcJhUrzuVixNLcXTXMQZF43qhtmVQXtuocnPp+jU8ylYG1agJkxE79YQheRWFaKnWhXz7yPOhUlAH9SWBni4rcJH22K3eO2RDk8VJ9jLqWfdtIN7R3Cij1/Nsc/bfySUYgUlBPBl+Qt9B9LOVXK8fto6ZHQ= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from [127.0.1.1] (165.204.77.1) by CY1PR12MB0666.namprd12.prod.outlook.com (10.163.238.151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.693.12; Tue, 1 Nov 2016 15:53:42 +0000 From: Brijesh Singh To: , , , , , , , , , Date: Tue, 1 Nov 2016 11:53:32 -0400 Message-ID: <147801561195.18237.12691468590144267225.stgit@brijesh-build-machine> In-Reply-To: <147801550845.18237.12915616525154608660.stgit@brijesh-build-machine> References: <147801550845.18237.12915616525154608660.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR0701CA0035.namprd07.prod.outlook.com (10.162.96.45) To CY1PR12MB0666.namprd12.prod.outlook.com (10.163.238.151) X-MS-Office365-Filtering-Correlation-Id: 8bfa7bbb-7220-4dde-3607-08d4026f4151 X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0666; 2:2IzUJsy61A8zGT7Lp78E2kx0fmRO6DR1UOtLAeSPJgVNQlb4wfSCcZchYyNJZDheh6AexvRODp2NZNb8lJ9B+Hzrf2x3ZMD3APTjqgVFvHmxxtxzbCPkon87xUrL+9K9km34LaOfxLABMC2wV0b/+nHdcBRMhIdozENUnsm4QUkHOIBl1B4YDQdJBeEI+yqqS6R4t4rs5pLv039coeuKRg==; 3:Ibo6FpjMNyRk0ebHCcTIi5jkVt66gcwNTxBq1c5/fhxY14Y/qUreZIEYFdw2GSyu+wYdqm05FBkFn+i9JfwkII96K3tkG8CGntkyIqKjRg4otrcAODK+SeHRmz7Q6NebkiEDN/KStWt/ojA+mYKt7Q== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR12MB0666; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0666; 25:N9DrZFNifzgrv9/mIiOIJZkHObhlI6wVxaRlGDT9nA3B64fX882fmYuoreC2GQCyIxjeJDsbQ0nRIO7iG2kvKyWcnlPTjAbAuehYb6Qg8L0NwhGuRkXz5GsXic1eWXVUNAkpxJrVX4m/N6JQFoJz1h40xTXCJGap0xLQdmQN6Owq8G5EEo9zxbue1XcS4VL4h44xtiCRu5Di+k9Li9DLtGXbk/lY8BqRw5LcNAmfHp6o7F/cWRHJeBpp83dZCXjZGgY1QQq0Os5sv8t8pq9bbw9Q/321HF6qOB/rnzYyv6505LJHAXE0oTBTT5THjjlhxt4z0gfTXeDTjz3BU0CoEUz9q0lJdHJN+SOc9Q54IqcfpBqUbMNzv/brqlk274DSa3fZd4CSSiMNe7UDth/2SYuuGtlGl4tcs9H2htZklINodAd2dschY5HBvZ1r7phFXqoaniswIRWKEORSDIJmN5WLqGD33Zioc6C+XEqRBkgY5ghcwNckOqlDT/SryYIfdXU6ZQ4SQNxwtnGdA6IVxx2UpLJCpl78mtYIRkL0oVHR5g8oy6iCEVuaL8imvBikMmCuv4WIBoyFfcynOsQH18BgKcayvxB02HAg4WnRO0HkCLiS5miAuWTvW335LbZZXnhUTtWZfYP5g4oHDEh+HZSYlVwrvzxeS5NQDyM+WIP6vcCIvi2s0/5C6iyigN6F7eEMxx5a9rOCXuDVAcrZuSA3c2cc1emLOP/b08x4Klg= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0666; 31:f/Odhs307fSaiP2k+HkibSNje4qmf6nV+ktL9aKVeZe+MhrevaCy58nGd7kN4M4SyzP30rxZDVEHyG9VgsBDYsPnwlVLxvk5XWQAjnK+z+AAaDSd5Cpi0I0eYihe9e02aI3XycPdRo3aMXgtquuThi1uraqZA/5LiYT3i+Ki0XgkSgsrs3qq6rWTUlb8SfkOBMfWXTSM2PFCWsNwP1jA/hlS52HUOUTH/Xb/Db5S6p9hF0H1L+8eVdNBlWZWqaocpqXA1d5XwINo9qqnhW2n+Q==; 20:6VU7HpsDUv02ysXQNBHLqlGAXp0sge/bcfG5oR+5GumVO49vTzk2LKoKkRR8MMw5myXct0cyynSIURmL9tavEdp+C8VoxJNZVosof7FVj2Ae8lzAX2PTW3hLtpUCpV//lDXZuSnunx1IyBIEXL05YGOMsSSXjB4iGdGC1Zbt9QucXIqmffbYuIH+XxXZ9pdvfwDyuS/AwfCvtf00oIIFIkNdjm0RZF4aCMAWvtMf1vijFBUjgk91+O9p4iGdi05cLmcqIm+7Lba/YZ7o8f0tmTUPmGzzyc61rrvnTZKd9uz1nZA3oIoZiLsYb374Btq5dUXexoImH2XBR49CrKDjCpXI8NsIJh9kvW+vgZL1Y0FYrGD04fSz/7XnEsC/fb6uZEnZj+tEPOAiq2xlceImEvXby1frMsdZ6IHWVbCbCGoyQ/gAsTBojt9hdfeh4EwnaDiBcHBk5KmOPhrR1pCSZw5mpruv1fV3wmt9eNdlrMRCcLylbM9zWLGo9XQI8gWn X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(10201501046)(3002001)(6055026); SRVR:CY1PR12MB0666; BCL:0; PCL:0; RULEID:; SRVR:CY1PR12MB0666; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0666; 4:7zynHZitpB8CtZov+zNUXluWkLpep+u0v2F7mfbXJGMgzAmX9j17P9def2XkT7Oc4R/B6TMA80Poo8fALSou7Y83NtYSn5pCGJ63urMqGUio0+miBAe1nBB35y89e+i5UCWtl4lUjFVYrn3p0T5yZ2sEdOmQxpK+B21Ehw3UDLF2OsyaLt0aCqXPJKmp6Lt5Xx4IgCm1gU+94q7OIa5MyjNjjxvKfJREpByCMl0+5foD94eYefr1I0muctNdLfgdtBOtbs8K2Ew97s6WVNOXrEw3zJxgTHUuGATRxWfB2gyaxy7F44CYBnZHx2uZzxGCzvT2BfqD5MUq1jwFK5ojrgWr0zYCD4/JF6yJ+rUU5GtXQ9KAmUPY4fVNtTAysNBXe4GHxNjOjV8G2TzoTiAB77n2kX1rIP1F/38HCDYr8RA5fxerApD1Bcvy6wx82wjcTdkehp9/s55luz93N8CwNw== X-Forefront-PRVS: 01136D2D90 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6049001)(6009001)(7916002)(199003)(189002)(81166006)(189998001)(81156014)(230700001)(106356001)(8676002)(2950100002)(83506001)(229853001)(86362001)(9686002)(105586002)(47776003)(7736002)(42186005)(7846002)(2201001)(6116002)(97736004)(50986999)(23676002)(54356999)(7416002)(3846002)(76176999)(66066001)(68736007)(586003)(5001770100001)(4001350100001)(305945005)(103116003)(50466002)(19580395003)(19580405001)(5660300001)(33716001)(6666003)(77096005)(92566002)(101416001)(2906002)(33646002)(4326007)(921003)(1121003)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0666; H:[127.0.1.1]; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwNjY2OzIzOmE0VEhKRkU3STlNbllnbmRZbUxDMlozRmQr?= =?utf-8?B?Tm1JSDRoT2NVNjF5TVZaaEhaVWY5VDZMa0tLSHk3N2lISGErSy9ua0p0Qmpi?= =?utf-8?B?Zld6M002SHRraGFLaWNRd1JyNDYzT1VST1hLcGt6OWl0MS9PeTRNYzdMMnh5?= =?utf-8?B?Qk02MHlwblVsVVd5a2tiMXNEemc4REozYngxYVYrUzhzalE4Qm01bTZuRjU2?= =?utf-8?B?eFJHNmJndjBOTjVjcFh5ZVV4VUxna2dRTUV0ODN3K3hEOGMvZlA3ZGdXUStX?= =?utf-8?B?Q3AyOEh1TTgvbXJDM2pyZVlma3BDN1lvVTV3QTBVYTJ6dHMzRjZ5TUEwbHVt?= =?utf-8?B?dmZ4R2RPbTBJZGJPbm9uSmh3UFhoVzVjSjVJUllCMmRBN1NOTHFjS2NSTHN5?= =?utf-8?B?WEh6aHhhZlVCNWRhS0V6T1k3Sm0wQUNlYkpuWlNHRHpJTWU0aTdwUXIzYjcx?= =?utf-8?B?Z0ZIdU5WYU1YMjl0ZU9TWVJsN1RuN0V0RndqbndKdFF4VXhUMzkvMFFKNlQy?= =?utf-8?B?NU1UcUgxOVZ1aFF6MklmakptZmpVWVBBVGs1WEYxV2REL3MxK2dKYnJiUGhF?= =?utf-8?B?UXUydE1sbkhRcXB1c0EvM2ZrNnpwdFplY3g1aFQwTE5ML011RmZSQzFteDJK?= =?utf-8?B?ZG5vYTJ1ekZhcS93eUNySUZtaHRKbHNQcjZVNENiZktQSllDSzB2emRqMlBi?= =?utf-8?B?QUpxcXhJZ0xYSDBmRkZsUmRSOWtvMjJnUE5vOHhFYmNwMnFKTklCdDBucERC?= =?utf-8?B?NHVmbnpLRGwrSUxhMUg0ZndyM2sreE9TcmFjUmJIeStCNTN5WE1RRzQ3Z3px?= =?utf-8?B?THlGMm9Ja3VjTVgyVnZTZlRzcFh3UkhMcTJGVkNrK0NuS2o1ZzZXaXdCZ0Rk?= =?utf-8?B?NWFCMlFzYXNjaFIxZzQ2Z05RVXRKbEY1M05LUnlJbWJUNnlhV2xwNTZ2ZHgw?= =?utf-8?B?cDA3NTY2NzJvaUg1empuSmNyWGVDK0VtRCtnZ1cvMXZTdTVZQkRPMG5ydFBX?= =?utf-8?B?QU9VRFJZemhnbVgxcWtraFVDWWhWUWNsK1p5L0dNM0JaY3F0N0F5cmNzNUdZ?= =?utf-8?B?WlVGS2x4YUlrdWJVeDE0b0FoQVl0VGMzbkdPV1FINWZVYm8yZnB2b3JUc1Nr?= =?utf-8?B?cWlUZ0RCOWVxNU45a3FPeExDN0JpbytFSXcyUlhQRE10YWZaZlNrYlJ1NUU4?= =?utf-8?B?Qis4RWJlWnd5SndkcGJTOXFydFV2UG1CSDgvQmIvSFBrZFM1WmEyR0o5L3Fh?= =?utf-8?B?RHFKL0JTTityR3QyM1pDeVk4NEdFMURENFhKZ2p2ZGRWUkRROWFtM0d5dnly?= =?utf-8?B?bXIySFB4UWVod2JONWJZcmNLZHlLRXlkM09GZTVDc1ZpVHMrZVlYZEw0dDMr?= =?utf-8?B?MUxrd1l5NVFjMFprMjFRU3lSSjlTMTFwT0V2K0dzemppWlE2QXhRNWNNRkpa?= =?utf-8?B?RnFERkQwTVZJd3ZVbkVUK0kyalE3bkRPeCtBV2NEWThFYVpPT0tGT3ZYRTRM?= =?utf-8?B?OThpODE3elI5THhlT3BIdzBPRERZUThGV21tS0g5L3VzRTRLdWhOU2FjaGo2?= =?utf-8?B?MVRyMGx4Mi9UVzRKc2crNzZSOHAzM2hFeG9VY0NYOVN6cjJIUGlSRWtydnRu?= =?utf-8?B?NC9SWjF6cFBoQWNtOWdSbFBSZTFEZkhHa1F1OVVUVGNkYllVUWNEYVFwUnc5?= =?utf-8?B?WHgwZkdkTElIZi90NmNTQUF0a2ZFL0Z2VnBuWGpzVlFMVkVvaTg2OUZoZnFV?= =?utf-8?B?L0gvdkZYS0dKR3NpL1l3Zz09?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0666; 6:yH8l1hgz70B9XgE2a8c03Z2DVXFpwvWWi9PsGaElAaHU9KiVFr6Erp2HVRjM8qy2TgONUFh/CTnfFg6aA6NKUg1oQNlfUV4V+k/pLtv8eNf6xhIi7NC/ep7fNl3lpC0rfNXaE69W/m0kOGgV5M2qSDs6h6Z5ElpJ+BScBdaOX6YbH7zhgSQw8o7yyUNO0JMXxJF4RBECA9bWrAEWR27KxpQrCgZee4cR3fhj9+kgHOdDOsM7NeZGkOJzxFrUSZcbDR5k6xAcWcZs1mqYCivvRwcieIH1sqzAi+ToHqtsS23pp427I4D44hyOE6pfGel9lWiQ9vGEdFHN+y44yPdmdwMu3EYpqYZ26KNu1w/RlTk=; 5:UJSoXJq/DA9g2AMRIuLOjK9k6A77QQG+3oosyUgHwHYc/lzQbpWD+80MwWzF44Al+nPG+BMrkP/8Rgbg3MOCt4TR7e0CJXbkdf6pzZT8KqVnr07UO1YXok14A22Taj5eOUSYeRxLTLKSlJIfVBN1MA==; 24:ApNoyMC8ecVaXZ70dsx//iA72J0SPk8jlpLjt8UvFUbp5jeWR/oL0SP14qx0qhxOFpTYivgqeH+m6U+OIo8+HJdvr1w+QNyQ7kMprEVR5Ks= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0666; 7:VDZ/DJPdl922KrBxCVqOINmzx3FVSRSV+moMkbBQVF8OFxGz2ya4QUD+XCqjqg4QEKEneg8sb/wb1+pa6m8C9b1JZVD5IHq4RHu0oRChJA8g7uzt7UE4aKAbyy0bHQl/7m1Eeh7jXqi5Yy50bS7POVEHKxcuw5QOykDNVvBSrryatqRNtpKFwptTO/VgmcClpG92RyPc9PqT1IbAJKvXzhFrd+4QbOfa/149HAdYpJ6TwayqDB9MmuQl2bo61e5CEM5SdSVZ3Vzyko2Nt43Vb8vX9FuLAKD90eusBgvcGMT4TYlTefZSi/UDZHLbCvQAO/n3tkcqHcaq88AN4HFrx3Y4iERGKJi5Wo2fA2oTFRA=; 20:c4p+cLr79qcJG5hqwBcmXS/yFw24u5XANUaXET/RFKbCTL7hGDzkYxDLbUAC9J/iWZmYp57cRm7O9dId2VD8QT6P9/FDoQZjTQWDVHqQBIhdJYINaMoRp7LUCawfG4gbaIk8gzX93sLfPZaIEaiwN2GVws+SBcgnTvAt55sK6m4Gfg0qfOvvY3viF37vLkme4iiZ7OlhVat3TUD/tBMDTq/rIUCuLYurLpKfaFXdPe3NILZtEV36KZCl0gAXFyOO X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Nov 2016 15:53:42.1264 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0666 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.37.64 Subject: [Qemu-devel] [RFC PATCH v3 10/18] sev: add LAUNCH_START command X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: brijesh.ksingh@gmail.com Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" The command is used to prepare a guest for the transition into SEV-enabled mode. Command uses the parameters specified in 'sev-launch-info' object, see doc/amd-memory-encryption.txt for parameter details. The command creates a new VM Encryption Key (VEK) and cryptographic context. The key created during launch start process will be used to encrypt the guest memory. Signed-off-by: Brijesh Singh --- sev.c | 81 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) diff --git a/sev.c b/sev.c index 487dba6..2fbab2f 100644 --- a/sev.c +++ b/sev.c @@ -33,6 +33,30 @@ static MemoryRegionRAMReadWriteOps sev_ops; static bool sev_allowed; static void +str_to_uint8_ptr(const char *str, uint8_t *ptr, int count) +{ + int i = 0; + + while (*str && i != count) { + sscanf(str, "%2hhx", &ptr[i]); + str += 2; + i++; + } +} + +static void +DPRINTF_U8_PTR(const char *name, const uint8_t *ptr, int count) +{ + int i; + + DPRINTF("%s = ", name); + for (i = 0; i < count; i++) { + DPRINTF("%02hhx", ptr[i]); + } + DPRINTF("\n"); +} + +static void qsev_guest_finalize(Object *obj) { } @@ -189,8 +213,65 @@ static const TypeInfo qsev_launch_info = { static int +sev_ioctl(int cmd, void *data) +{ + int ret; + struct kvm_sev_issue_cmd input; + + input.cmd = cmd; + input.opaque = (__u64)data; + ret = kvm_vm_ioctl(kvm_state, KVM_SEV_ISSUE_CMD, &input); + if (ret) { + fprintf(stderr, "sev_ioctl failed cmd=%#x, ret=%d(%#010x)\n", + cmd, ret, input.ret_code); + return ret; + } + + return 0; +} + +static void +get_sev_property_ptr(Object *obj, const char *name, uint8_t *ptr, int count) +{ + char *value; + + value = object_property_get_str(obj, name, &error_abort); + str_to_uint8_ptr(value, ptr, count); + DPRINTF_U8_PTR(name, ptr, count); + g_free(value); +} + +static int sev_launch_start(SEVState *s) { + int ret; + Object *obj; + struct kvm_sev_launch_start *start; + + if (s->state == SEV_STATE_LAUNCHING) { + return 0; + } + + start = g_malloc0(sizeof(*start)); + if (!start) { + return 1; + } + + obj = object_property_get_link(OBJECT(s->sev_info), "launch", &error_abort); + get_sev_property_ptr(obj, "dh-pub-qx", start->dh_pub_qx, + sizeof(start->dh_pub_qx)); + get_sev_property_ptr(obj, "dh-pub-qy", start->dh_pub_qy, + sizeof(start->dh_pub_qy)); + get_sev_property_ptr(obj, "nonce", start->nonce, sizeof(start->nonce)); + ret = sev_ioctl(KVM_SEV_LAUNCH_START, start); + if (ret < 0) { + return 1; + } + + s->state = SEV_STATE_LAUNCHING; + g_free(start); + + DPRINTF("SEV: LAUNCH_START\n"); return 0; }