From patchwork Tue Sep 13 14:47:33 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9329491 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 1FEBA607FD for ; Tue, 13 Sep 2016 17:02:13 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0DDA929589 for ; Tue, 13 Sep 2016 17:02:13 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 0245C2958D; Tue, 13 Sep 2016 17:02:12 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 15A672958B for ; Tue, 13 Sep 2016 17:02:09 +0000 (UTC) Received: from localhost ([::1]:50316 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjr60-0003U6-8n for patchwork-qemu-devel@patchwork.kernel.org; Tue, 13 Sep 2016 13:02:08 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43564) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjqRV-0002bO-1C for qemu-devel@nongnu.org; Tue, 13 Sep 2016 12:20:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bjqRQ-0001qJ-K9 for qemu-devel@nongnu.org; Tue, 13 Sep 2016 12:20:16 -0400 Received: from mail-co1nam03on0067.outbound.protection.outlook.com ([104.47.40.67]:59456 helo=NAM03-CO1-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjqRQ-0001oR-9z for qemu-devel@nongnu.org; Tue, 13 Sep 2016 12:20:12 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=PO5Qd4SEYUaVCeD0W55WB1jxpQEf214nkcTcvSvkLF4=; b=t51HKf8dteE6vxhtjSZm4LU0PKe9uePfAzcS2LMLsgCuK7jltCzNw97kLoci/UqnzRCs+hb2aBRF8DjHViwdU9IATuHs7JvQ9XW2VU1w+nY6tleL/iDYiIp2wt66+BkGF6g3EY0Lrsw5i042oxdCPZ1CrkHZXNmK44JKmxrRR4k= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from [127.0.1.1] (165.204.77.1) by BLUPR12MB0660.namprd12.prod.outlook.com (10.163.217.30) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.609.9; Tue, 13 Sep 2016 14:47:42 +0000 From: Brijesh Singh To: , , , , , , , , Date: Tue, 13 Sep 2016 10:47:33 -0400 Message-ID: <147377805350.11859.16913701772043413471.stgit@brijesh-build-machine> In-Reply-To: <147377800565.11859.4411044563640180545.stgit@brijesh-build-machine> References: <147377800565.11859.4411044563640180545.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BLUPR08CA0038.namprd08.prod.outlook.com (10.141.200.18) To BLUPR12MB0660.namprd12.prod.outlook.com (10.163.217.30) X-MS-Office365-Filtering-Correlation-Id: 711d2078-3570-4ec7-4c3d-08d3dbe4eb11 X-Microsoft-Exchange-Diagnostics: 1; BLUPR12MB0660; 2:HCk1Bcjg6ttlcwVQcwm/LX2zPu1RmZvBzYmtFixmO1ghgcBuvVlEHIl7iRle89d8KtD6fuaqGKHhm1WUsdjuqQrbsqc9gVjmhbjhcH5FBbnv3hMxfZ+1/wb4WnZAhNUhNkwzx0l6GsIcNxxQD01cdCzAV3ZYSiE/vyAtRKgq1plxJPbnjTwJVSk7GIm7SrAf; 3:FjYFkVMQa2bUsFIdx6UHPSQ4Jnf2+Kk0TsL2mZKBNCB60Cv4MVxr6eY0Y3GzF0bLJtKvHhKsB2q/PUK7Ps/RFZ3AzYViIGaSwD9L/CgjCPUqQsEkcI0nxY2Vn2g8Qjz3; 25:QSRn+jKu9lV9F1ueZMEtxT2N5IxtlrHSUFsJeMyb2BawGQGujRZjZ8TU0jVsCXj3XoFQcw/M3vUh7cfAWgHbbaMZ713cTaeftwm7zvXdZ2a3mdo7u4JwXHqP0BeiytHrGxs2Jiro6x/BltK0o6U30GfXdEV3Uyl9BEHkO7wa77TDxtQ1R7VMZM9vjtBSDA7FdU7oPCH9cR5oyXFFLfxkZVukv6rG177WOG6zIkPMus8tfCcQYCaKH0Yy+nbenuQNbrIT5uthJ963Xyd0izrbx3KPv+ax+7F1RcAlnDt59+uciENrkBEcOkpLK8wFhiLOow3IOalska8be/2PIk6okqSq8Xmm01+Ls3TwbGx0Znk8gUi/srS6MmN+PfJCk2QOgUWZwsr6DuRkwvntlTho+ppTcNseN3AIQgXm9d8O9a4= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR12MB0660; X-Microsoft-Exchange-Diagnostics: 1; BLUPR12MB0660; 31:SdXH1To8vKsS+6FD6CqvIZa3N7sx24mYP7v7XerfBHzekm9V4oCOSC0Y5L6jTox05ddVro3RXDQRaYxBoqMYxHeUsxjj9ps2016RoqWEcfl7AdAUmCSf9jlzATdJH93uPSrCGLBMRaCE9mGOB4NrO0PTUgwiWo6UCflLY54WK42HbXtg73f6rJJNKVJufMenOzH4aMQSdzsqHI/VoKEQDKdnMWVdoig7k96DfjLdnV4=; 20:wlIUpTCjPwCyZAm60vAwLt21ejU1mgwrfSv5+1KRFxbksiVZys3DnzuxAk23NX28U6yzLJIuAUyiHInok+djJgPPLg7n2t5J5OkRHrLg4J8uuX6eGLCKBKa9ADcevDg6TwJAKeOnPY0bW9cm/2T0iamsZ3lFeEBPUlcBD2sSGmMt5lbIyLzIJUp0n7EDbPiEwrCDxpmnXjvoeDJsSdlimLe0+wCYkkbVC2WffDqbot2QVx2ZhbSTLMe+KPpof97DpWTE30qkkTiimDtx7jyKGg5g+roVq1gOfoAb7BjCnTlWn2zHEe6lRywtWiSt9HyhNmJHIyUt2fjaNaLRng1kaJBPjURMXV/Vmbv9WrRsg9CA2yKbSPs0dsam5WqmDtGWZg/rciOFLCgs5IhhxvXZGLXibBCaZNN8KQZvuROyo2+tTBdEM9cxjvzGjLd7ceOC+M0e/r48ailyNWFD2mXjquUZOa62bwYgyxAWAFgaPMqv/HL5ATcMR0VCj1j1Yzx8 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:BLUPR12MB0660; BCL:0; PCL:0; RULEID:; SRVR:BLUPR12MB0660; X-Microsoft-Exchange-Diagnostics: 1; BLUPR12MB0660; 4:5kph63IpDCB7ET4OYQ4vqLT80O8BGZVIt9fzu9R1aABs5KMTv/CN4Y37hRHWxcbOaaznOOPVKuVe+gpZnF9PVSD//0yuiFJb+MRpGEh5yB1eci1j2ynEVQb1U63dVvOIh8TanEvx62sKCa/oJ6wF44UEfl42esga+xPT1B5oTZ2AaUMo9ump2OxG584Kn+iZsvfs1W/PLP6wDM9MiIdf8IqgUtbbOhwcBt35WiwbmM+h6ZU/XuJ2Qb2DJlHEXH+6XNMFMr1BSxCvVP7iY7aOOg3chMu5tRhZfABptcPSyFjHxX4+SNRCfxhDceHxumcNqA85Vv0bpDu4fpj8uqFo6e/HtVPvoIV42d6nsx2LXuhSnkcDf/rFqXcleVxOzUgwTPFTM6rPLAX/k9lbeHAJqEJk3oVv6bj7EEuuzsHJwdU/uvFrycl1aCxRRATWVB0R X-Forefront-PRVS: 0064B3273C X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(189002)(199003)(7846002)(586003)(47776003)(6116002)(7736002)(2201001)(66066001)(50466002)(92566002)(5660300001)(33716001)(230700001)(2950100001)(2906002)(5001770100001)(189998001)(77096005)(4001350100001)(86362001)(81166006)(3846002)(23676002)(42186005)(97736004)(76176999)(19580395003)(103116003)(101416001)(8676002)(83506001)(81156014)(107886002)(33646002)(305945005)(54356999)(50986999)(19580405001)(68736007)(9686002)(106356001)(105586002)(229853001)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR12MB0660; H:[127.0.1.1]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTFVQUjEyTUIwNjYwOzIzOkp4UkpyeHJ4eWJiQnM5OW9Cdzc3ZDd6ak5m?= =?utf-8?B?aGVmSmNyZFpVWVFMakN3TWxzZG9VT3RUK29NSGxrNlFuM09XNlN3ZHEzekpD?= =?utf-8?B?SXdPOTZFSzZzK1M3L0ZBVmhMZStvRnY1ZkRFNmNuWGgzZzAzZkFBS0FieE8w?= =?utf-8?B?Z1VMMjFlalAvd1RBSFdGcEtEYmZtQWRxdmxPVG5DQW5zcitDd1VmNEFHQktU?= =?utf-8?B?V3p6TW5Ua2wzWE5wTXBHWDlwQWttcFZqMWZUNTA2a3k3ZkxNRVVsWllTdEZr?= =?utf-8?B?dERML3BrNTIzVU8rZ1QyOFp2TENmRllFWkIwMnJreUQxS2I4bm1hVjIxWDFF?= =?utf-8?B?SmVCUkNUeHdTSUo5S0ZINzc0aVlVc29WZHoyTmlOcW8vYTU4bUhrcThUZHd4?= =?utf-8?B?cEg4RDVDcHhyQXoyRStBYitHNFhGcFI2d0k2WlZpc2NvemI0V2k4aGlTZ2Y4?= =?utf-8?B?Y2hOQkpvUmIwdkd6dFFzbGY0RTU1WVF0Q3dBcFFDN3hmMXJER1RkczRjcCt0?= =?utf-8?B?OVJlem1UVlhVRTJDNHdIeDM5a2VUK29sNFRxSU54a0tBWmsvRzR6OEtTVVZH?= =?utf-8?B?dmhFMXpwZXR6Z1N2UVkyYkdEdElBNWFZd21Rd1FmVkFjVXhPdE10K2tveGpS?= =?utf-8?B?RTAwNG5TM0lKazc4N1gxb0FEakU4bStFZHVsTm0zT3czc04relg5Mmd3c0lE?= =?utf-8?B?R3dXajJra2ZacGhPU3hNZkcwQVNVNjJKZnFINzZjMi9KK2wrbHFjS0hkMW16?= =?utf-8?B?SnJFeU9ndFlGbnFDUzd0eDhnZHZYV1hBL29PRlVxU2xyK2J0cGhnN1ZpbGYw?= =?utf-8?B?bmtOS3dRbmVoajE5SzhPUDR4UFIydHMrYzExUUFNbkFZWGdzbWRMQ0t1bU9q?= =?utf-8?B?OGljUnpEY1A3SXZaZVM5YzJXNFduRUQ1WHo0S0VvQWRZUUx2Q1E5cERHODF1?= =?utf-8?B?aFp5cjRMZ0NNQ2wwUWtQM1lmWm5ieEFFWm1XSnpYR2kybFpESjNUelRqZkpO?= =?utf-8?B?cGdTQ1piOEtXejE2dkJUdEtLRklVdmttWWdTY3ZOR1VwejR0Nk9yZzI1SzRs?= =?utf-8?B?VDJ1bXdqSnVyVnZkcHpoaUh4czltS0ZkV3FLRzFxTGdpNVVpOFJlSlJ4TXFG?= =?utf-8?B?QXZuN3ZmNmZmUlU3MTk3OTBEQnY5dVRqdlNRb2IzRmNZY0paM2NHU1l5c2h3?= =?utf-8?B?c2J5L09rcjJIU040MjJqUkVFdXlvdnloTDdWRDlBVmFhL2RKY05PVmpnMW83?= =?utf-8?B?djQ5VEg2dmwrWEx1TDVITkxxR2UrTVNaM2Z1NnErdjBMOW9MVHl4UG02d3dj?= =?utf-8?B?am9mRmZ5T0dHa2R2MnRXaGR3bEV4OGc5ZER1TDNlT05acWJiQktZN0FYMGFY?= =?utf-8?B?R3FyMTRtS1pKbFFEMUxSTEUvRWc0SVV5V2d3eTFySSs0emQyN3E2UzZodnl0?= =?utf-8?B?R1EvTVBFQys0VDdkbkpvSHVoVTB5N0NUWU0zN2E0cjVvbFVPMjhHdC9pSlRY?= =?utf-8?B?YjFDdGsyTGZVbVJCMW1uV3NKempOMGJqTjA5S1pXdkV4Z1RZTzYvUlhNM1FV?= =?utf-8?B?NlZvaFROUklSZFpYNWJzVnMrdUEvNFlUd2k5OFBUYzdkbmZpajJZV295a2RO?= =?utf-8?B?RUxEQThYTzNVYjZWeitRUGNROU1adE9YankxTTNheUdBaExWN3Zveml3PT0=?= X-Microsoft-Exchange-Diagnostics: 1; BLUPR12MB0660; 6:vLrxvYL/Di2+5fxxURgkVDFkqYc42JVL2G3UrOPWjuxrfETjUxorhk9+yzq90icq1MWaC8bio34p5/CZgVfcAenqdCMJUhHWWT3IjexlDOA3/rOgmQdq3EGOM/t94MMBnZPf1Zyd347NJMXapMYDZFsKQqRGVOk9bNiO60a5jmIx/up0jED1PIrZVKZcGX94t+sp8wOLHnKSiDJ6DPk9obkSXrljTzDdBQqRQdJo1Z9iJMFemkYY3kS77TIq88sdBHkuJRIXXiX8OGK+AztNWHuLISeT/OVSUaQlGfJpR/5osyB4hHmNwUuyUMvt/K3so6Z6v4ehwIsQ7QcZxOCDDA==; 5:zYQ0I7RSWvvOssQazNr9l8LrtbDgWr12c+a/JIFtwzjf0/4wv18Cm5aX/4lie7atPA0VTtAA1/YXDnQrFIIoxYAArrqP6g7LmE47e8vmBg4ADQxMdJDD3gOsIQCQ0ZoDNXX2hITcNlTTCCcKJcT0lw==; 24:wrRJ0XDafbcwuvO81Qdm5fPly5k5wpT2CH8kJqqmNy168rXQlWsZH9FeMehRoCv6CTU64TnI1/sB5gOrvWl4Ucvl0/ABbdzny4vW08MQAGA=; 7:IL4e31ohmW/WctZAS/5b9fZtRrwDGD8nmX7NldrW6y9rg3FUjs1Jn069o2tFkx2ORSqnfkSM7eRi2uyR3oTU46/db8FTdFjcHhDjMJqQln5D3ZJ6joxmw7uJRk0KBO0iudGm7a7NKcJ9Rfp5sEkjxZ+tqip7rYEQRMxcBxPC1O/jg8Yt7hHfpERKiVKmG2AowBxnVNht/nOCsJyG+N62AjElnLWImdtAhev83PDBb+puF2g8zWGkccnwlryz0CXv SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BLUPR12MB0660; 20:xZdPDhx4IW5Gqvrln6/om4vSaeoEWPaXzFKZ/2VMxNfoffDLgsZ7QYabN+XFS0tD5fsp5cJKljKdXD8LRudhlwI5wJeAQhY80fbJM7+mEHlf2mLHAWto54AJAjbBZqiiE2G55ecqsi6WHkCurPNNbc9qrB0gQYlqKps1WIBeDKHbYEKxgWaRC1hRxng8+SsqEyKr+D87+1i2U6xpIeor6SyKE9aX8uriTrTS9Q6srY+2dRcFtoNRcN5KJ7Jn1wSb X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Sep 2016 14:47:42.7243 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR12MB0660 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.40.67 Subject: [Qemu-devel] [RFC PATCH v1 05/22] i386: add new option to enable SEV guest X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP The patch adds '-sev' option to enable the Secure Encrypted Virtualization (SEV) guest. If this option is specified, Qemu assumes that user wants to launch this guest into SEV mode. Here are example on how to launch a guest into SEV mode. 1) late launch: in this mode the images received from guest owner are unencrypted and must be encrypted using SEV LAUNCH command before starting the guest. $ qemu -sev type=unencrypted config=guest_01.conf 2) pre-encrypted: in this mode the images received from guest owners are encrypted using transport keys. It must be re-encrypted using SEV RECEIVE commands before starting the guest. $ qemu -sev type=encrypted config=guest_02.conf The config file will contains various parameters (e.g key , policy) required during guest launch process. Signed-off-by: Brijesh Singh --- qemu-options.hx | 6 ++++++ vl.c | 29 +++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/qemu-options.hx b/qemu-options.hx index a71aaf8..1b6aa82 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -118,6 +118,12 @@ given, the total number of CPUs @var{n} can be omitted. @var{maxcpus} specifies the maximum number of hotpluggable CPUs. ETEXI +DEF("sev", HAS_ARG, QEMU_OPTION_sev, + "-sev type=[encrypted,unencrypted] config=\n" + " image type (encrypted or unencrypted)\n" + " set the config file for SEV guest\n", + QEMU_ARCH_I386) + DEF("numa", HAS_ARG, QEMU_OPTION_numa, "-numa node[,mem=size][,cpus=cpu[-cpu]][,nodeid=node]\n" "-numa node[,memdev=id][,cpus=cpu[-cpu]][,nodeid=node]\n", QEMU_ARCH_ALL) diff --git a/vl.c b/vl.c index b3c80d5..22b8eba 100644 --- a/vl.c +++ b/vl.c @@ -178,6 +178,7 @@ bool boot_strict; uint8_t *boot_splash_filedata; size_t boot_splash_filedata_size; uint8_t qemu_extra_params_fw[2]; +static bool sev_allowed; int icount_align_option; @@ -506,6 +507,25 @@ static QemuOptsList qemu_fw_cfg_opts = { }, }; +static QemuOptsList qemu_sev_opts = { + .name = "sev", + .implied_opt_name = "name", + .head = QTAILQ_HEAD_INITIALIZER(qemu_sev_opts.head), + .desc = { + { + .name = "config", + .type = QEMU_OPT_STRING, + .help = "Set the SEV config file\n", + }, + { + .name = "type", + .type = QEMU_OPT_STRING, + .help = "Set the image type (encrypted or unencrypted)\n", + }, + { /* end of list */ } + }, +}; + /** * Get machine options * @@ -3002,6 +3022,7 @@ int main(int argc, char **argv, char **envp) qemu_add_opts(&qemu_icount_opts); qemu_add_opts(&qemu_semihosting_config_opts); qemu_add_opts(&qemu_fw_cfg_opts); + qemu_add_opts(&qemu_sev_opts); module_call_init(MODULE_INIT_OPTS); runstate_init(); @@ -3970,6 +3991,14 @@ int main(int argc, char **argv, char **envp) exit(1); } break; + case QEMU_OPTION_sev: + olist = qemu_find_opts("sev"); + opts = qemu_opts_parse_noisily(olist, optarg, true); + if (!opts) { + exit(1); + } + sev_allowed = true; + break; default: os_parse_cmd_args(popt->index, optarg); }