From patchwork Wed Feb 7 16:06:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 870502 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=amdcloud.onmicrosoft.com header.i=@amdcloud.onmicrosoft.com header.b="WkHYWj1/"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zc6JN5SBtz9s71 for ; Thu, 8 Feb 2018 03:30:44 +1100 (AEDT) Received: from localhost ([::1]:56223 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejScJ-0006RR-Ob for incoming@patchwork.ozlabs.org; Wed, 07 Feb 2018 11:30:39 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51721) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ejSFt-000626-TU for qemu-devel@nongnu.org; Wed, 07 Feb 2018 11:07:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ejSFp-0006xo-UB for qemu-devel@nongnu.org; Wed, 07 Feb 2018 11:07:29 -0500 Received: from mail-bl2nam02on0067.outbound.protection.outlook.com ([104.47.38.67]:57016 helo=NAM02-BL2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ejSFp-0006xb-Na for qemu-devel@nongnu.org; Wed, 07 Feb 2018 11:07:25 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=44XhBJOUFlJfZr1OI8MN4llKv48rzj3UJ8KnzwTJo28=; b=WkHYWj1/AT9+I6beneDBYW09dM7SxK+DesqMWsI3+0qb8i2e76KIsFNFDP8FNSc7muCTS0mRX6V146RV7ZPc8CZs1HTJkxTBukTUXaqjaMdjEArLdqmbImEyI0BSUfHfCb9lBABVLVLn9hO57DQqLZy8qnXuM26d0ad6d7X0SGM= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.464.11; Wed, 7 Feb 2018 16:07:23 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 10:06:29 -0600 Message-Id: <20180207160638.98872-17-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180207160638.98872-1-brijesh.singh@amd.com> References: <20180207160638.98872-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM3PR12CA0071.namprd12.prod.outlook.com (10.161.151.143) To CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: c66d11f0-9915-45a0-7c02-08d56e44e01f X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:CY1PR12MB0152; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 3:/BtSPDP1/9Pe5HAh8gUuTzBUqArjxU8UGxfMyzINeK1QknU8PAB+AnlAjEViayCaSHDQqZufU7aqZG89klOYZ+CNjS8Qt+05s9kV900eYKM7xQB4u9cv15IWu6yZVRQUtHOnp8qNN3fMKmj9yixevH3m+aMapAW5CMFM59vmndAwrwOtQu38Sk45h17xW1BkqgowpVYt19ibLd0N7NP+MYDuu3IYfh1mpw5ghJT1O3pWEwyRgTOFru3yYrP07zRL; 25:GDtvp9miV9LB/qA0IFxHAOaRD+u1GrXs7o7s3Dxf79RxbxBq3YL417PxHWr3yOGRSL3shZYLI3rRa3bjkdsbprE2TN1AunR+NaugdZk96mCJ5+3MYId7A74hUbcf5lhxwVkemZhZJOGRnSFleM1S+bHOVg518EpwBoYZjIDCnfm3ZMj0o+wAQ0mO4wgFK6wKeWRVp6ZMp9AKy+XtADMXxGFii07p7lKGuLvLM8djSYy4Pjs7spvQvYP6Pcf5X6BMoZfFdvXa/99qNdhemiYdhu1hcJwmUP+lndqgZIgFJwYPgpsQ4f0e26wmMAdwp9v0QayvarTpYWA4s2vPCluQjg==; 31:+TLCWvE0nIL2rH0AREUPfpGvIpXq8PIUhf8e2e45WpVYa9zxi4hiVD9qoZT/tyCY3HIenavWBdoh/NRWa9A9ReVRvcUuc2BHp8dlKwMyySH3sgZzyHT/JX6v1a6wrLJ6KmbldfkIU8oCs1wUEi/ZYQCBUwKjEJt+DPxVoIUFPs3l81nYxthqYJ7IorYo3QzcQTJyOIlpq+KMUIUYhMX/ajAlihJj6JU95bNf+X1vxEY= X-MS-TrafficTypeDiagnostic: CY1PR12MB0152: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 20:KlHoj03HSTfQSW2LSo0BEmLlwUXNkN7CO4JOFH0qp22baZq1ByQxFmUgY7PCm09/nU9YVxJeKGv22JmoGUJZO3003zlxfORApY6ouGZjKmBDRG2pIAQM5rY83YkA1Ie9/KsWmUWI7WtdOxScSSo1pFXUp059TziIeFWO0zx2i82JZDQ2A7rAbdflJf95ro8NufAWWXM2vv6VNMmCsRdTj4DBgv6BcuzjV0bKBgej3X35jWHUjC64zhncZtBJwp6e/utEkpmdWzZ6ZexO0SWzM0b0dMBdNFsd6nDYo7Rk0h4G5zzyuIDYtqbASlfTc3s9OfwXMdDLZ/ZmUCNUXP8uPLoKtg9+NDbQq6OM//nCZDRePriU42DCdLLDSO60dI+GhL44IoT/hYS2S2ri5jwA5ADzMqvt0QJAAfZoxjvtOI25w+jlXns4tvayWGYbxiejhn7oQTszLORRtKxeT8zDA3eCiu5DP4t0+LauxgJ7tDMh00po/9o4AdmO0Wf/QTeS; 4:GFqoon4Q3Qej9iVIPEf+bQdneBLckNvs9D9rKrK2Erdt5zDaUdSeUJfE81MCL+cXx73xxyu6VGbYxCaXgL05YEJIHp9LVmMsQCEQwodxhO4BnrAcRiuMfPvPFR63swP0uUfoyI4t9X4QfeiPM0/YL4S3krB6Q8dUplh86DT8H/DRNWlC+iOvgeDZ42yVeyHhqsUTEzUBcY166sq+FNTc7VtRRJJvFegNe8YEI7jeb6KePnmikh7HzpO4gS6ICIj6hDsADrNdUsDxXST9xPIINNFNmLMofPiyOIKdAlOhJJC0ZeBMjEnUgTV3IOvRC1rp X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(10201501046)(3231101)(2400082)(944501161)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(6072148)(201708071742011); SRVR:CY1PR12MB0152; BCL:0; PCL:0; RULEID:; SRVR:CY1PR12MB0152; X-Forefront-PRVS: 0576145E86 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39860400002)(366004)(39380400002)(346002)(396003)(376002)(199004)(189003)(50226002)(68736007)(8666007)(51416003)(6916009)(7696005)(16526019)(1076002)(50466002)(6486002)(53416004)(7736002)(305945005)(53936002)(8656006)(8936002)(8676002)(7416002)(86362001)(4326008)(81156014)(81166006)(52116002)(2950100002)(478600001)(2351001)(66066001)(16586007)(2906002)(54906003)(5660300001)(106356001)(2361001)(47776003)(48376002)(105586002)(3846002)(6116002)(36756003)(386003)(316002)(39060400002)(26005)(97736004)(186003)(76176011)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0152; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR12MB0152; 23:NXfuUc/jZMEZLraSCs2/pdqcWJB+bbUu5df1yyxso?= ijtbpUELTCVh/sOAY7X+MJbu9fPKuzyM4v1RGdb7PSzmpqXQTNzmL2ujd2fxGCcj/qp3Llsv4NxVPx8G7o0cvl27JAzCjD5i+GmW2EdOIqtY3PFzKxj6FPlKgBGYbSuuhWsxxYbS+S5BBThTixoJXf4u3dcElXzhiW2vlfQ3dCZHB+NbzaeSV86vg6VR8MbiRWtmc8kGCj3pSpejahRsj0t3aa9nazNOXpO8l5SluDaIhXPt6RuREpd3+lhPDQEhUVNp5on9vFuPooLfITaVqo6C1vuOPoblsO9jBr44k8DfNm2LeqkMqtyqDd/mfK38ZM1m2ThAvldLvfYrUN1Nm5/whLkeVtiGHRpkHt2OMJrk3/2LtZePcBmc7prSUh+aViNO0c2KsU01YX7KguGEIqgTl8imIP1aBtStxkH2e5oqZUB0fmHY9eDVEI+7Db6A8E8XI5Muk0/Sehz4+CwsC5D309vWVBRiOGgZgztkRl0PmoPIn97yJZ7s/pf0isM5lVdV77wMW0TSHrgUk5l7Ax+/kvPkvgRetnyKl7HNgfrFsWOTuiJyZlUFc45SUxcFklRGOwg+K9gdGB3OYpJK26GhZQGuvN4/h2QY7MksGQv/Z9/ebkHPfoUtWzxwaNSp+bVAJJWjgyt6K7U+fZDExg6BW04yjWJyfjtnfjM7LWllYn/YJV7dtSAJ3Ei+02R3nL4xSzJremIMU42EyPZDaiZcUAr08HecEDO4kTbBzaAoKDsR6cP+JYLGqmFvXh/sdaTaqmx3gqJw7OJjDK0oAS4djJ65eheIPaTKuUT/YPZCBzShw1onQ+jMQo507a+cksMD2JEyHQlKT48L6vad5ar9TmNHqjt2o7bFsqNbyeTykUgkUEmwBOcd2rkj5ObcsY2QK22zEJbzHMqliwSmWNGxjtJ4s+5E1ZGLPG3n/vumfdWwhWT4sdGSXoHQ7qwhzskB4stizfcjNq6PAL6DDG1QXGN+BobvfSRg/AmLu24Qghy26OSdMrGgeCkU4MDLaOYlZiZ17eB4OLTWJ8oCiFf+UBJqV2aCZZ73sGYP65To6CX1hzRjIvsnp2zHnrDjfbzbcFUKjwIs3EzEnezSS3zsbw9Vohd4jKYEgjltN3w9ekpPuVGGkBeJLkaayQVwE4kBcMWH2InTf83VflfEQaReBYQLk51kDGzjYVUCVBPYsbwDgcTleeyGttK+4JXg/HJfssasL4dIl3lHrdeAfrx X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 6:muoQxsjhLBf7vTn583GMgz6DR+wFf+4uaTYiQC2BLY9PJsy2NY+KMwUcVpcuZBspJTlt1HGRrOmjYr1vZaH90tEH6GTv7GoZ3hiTUNPnfNoherSRY7OdV4Vj+HaXzHzpSw3yfwXrkp64hu/lVJy8VMdnFEzwlydK4vti1I0a4KDg3PQM9YRRGiLl37lMvJa3n3jxIW7cxfqnpoqZ+fJiihlxy6BHXqCFvBfpqqCOUL6wcVJiqRNc8TfDjqnY/z8qFVKQIW0igsVJqhmIfuMIyjouG+L/WV08yjcCfhrNtLU88KxYXx3/Yj9aKmBJYLYqA7K8x8xH8iks69NuJkWAQAahYBID9gJMPFfncU5f0V4=; 5:+7pLiJF+sanoaUFSgfPxrkDtSja5PMOGCKPji2Bib+bWA+R7TYyE4qZHhRwj26KrK/njZe5v6rf6GRm8EAoAxXxdhgX6opn7wFm6U1ACGrSFKEbziiVAiXaipai6Z4VUDoIICRiQhuvR9UnXQ4SSMevk4EL+vWf9PdriJoYYZF4=; 24:gTeLXgv6QEwHbKxygOSXI6MlQbM0IBNKtN/HDCfq3Ze9ld2k/LNwrKNPuKQOisOlEX0JKCgT57M4PcWjV6UtDVVQ4QBeUlmnwdrRFGV8U4o=; 7:197kU63dex6dpc8ES7GgfF0vpnAHahSWGLIOs7ScDRF9KvvFNiRaUPt36j3nH9FvcX6afaCjFGEObT1Mg4oI6oUIV6M0SewySnudIXePBRMCPzQP3LK4LuS/hk3oOe78dABopZ0giHyOF6cYb5JO/omaL8i/vsnfSCxT/Qe9saQdhy/9ALid6LkQQ5QKgiOobVfFChkdjhwH/QcEjNQmRh1LEbzpQXzBg8/dJQJHuiz86omEtR9xg0kktegNJxdW SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 20:hXvT3bt4NwUDQYTyMDtZPk5Upefh5zYKnmGwYq71JJCD4/UQPUSwgxQf5aIw9/cM1WPCkrd3rtz4+Zw2DYWlIlMnqzQi15KFLx0EydAib2Z3xEZfgU8CXh6EGb90FHo2AhAOjUToegmf7ai0mn3wrWNgt3dAfOCha1cPiW2Ew/PcTaMD/o16o8AfhPmbQGr/1IC9+GNQsawTM98N5/4FV+LjfID2Qi0x1FWZaeTIid/hsrhhDhPlX05+CBCFZv7M X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Feb 2018 16:07:23.0096 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c66d11f0-9915-45a0-7c02-08d56e44e01f X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0152 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.38.67 Subject: [Qemu-devel] [PATCH v7 17/26] target/i386: encrypt bios rom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Edgar E. Iglesias" , Peter Maydell , Eduardo Habkost , kvm@vger.kernel.org, "Michael S. Tsirkin" , Marcel Apfelbaum , Markus Armbruster , Peter Crosthwaite , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Christian Borntraeger , Brijesh Singh , Stefan Hajnoczi , Cornelia Huck , Paolo Bonzini , Thomas Lendacky , Borislav Petkov , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- hw/i386/pc_sysfw.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 6b183747fcea..8ddbbf74d330 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -112,6 +112,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) pflash_t *system_flash; MemoryRegion *flash_mem; char name[64]; + void *flash_ptr; + int ret, flash_size; sector_bits = 12; sector_size = 1 << sector_bits; @@ -168,6 +170,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) if (unit == 0) { flash_mem = pflash_cfi01_get_memory(system_flash); pc_isa_bios_init(rom_memory, flash_mem, size); + + /* Encrypt the pflash boot ROM */ + if (kvm_memcrypt_enabled()) { + flash_ptr = memory_region_get_ram_ptr(flash_mem); + flash_size = memory_region_size(flash_mem); + ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size); + if (ret) { + error_report("failed to encrypt pflash rom"); + exit(1); + } + } } } }