diff mbox

[RFC,v1,07/22] sev: add SEV launch start command

Message ID 147377807842.11859.9369429600797537189.stgit@brijesh-build-machine (mailing list archive)
State New, archived
Headers show

Commit Message

Brijesh Singh Sept. 13, 2016, 2:47 p.m. UTC 
The SEV LAUNCH_START commands is used to initiated the process to launch
a guest into SEV-enabled mode. The various parameters needed during this
command should be provided through the SEV configuration file.

For more information on command structure see [1]

[1] http://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf

The following kvm RFC patches defines and implements this command
http://marc.info/?l=kvm&m=147190852423972&w=2
http://marc.info/?l=kvm&m=147190946024236&w=2


Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 include/sysemu/sev.h |    7 ++++++
 sev.c                |   61 ++++++++++++++++++++++++++++++++++++++++++++++++--
 2 files changed, 65 insertions(+), 3 deletions(-)
diff mbox

Patch

diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index 0ee8aff..b8a7afa 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -23,5 +23,12 @@ 
  */
 int sev_init(KVMState *kvm_state);
 
+/**
+ * kvm_sev_guest_start - initiate the process to launch a guest into SEV mode.
+ *
+ * Returns: 0 on success, or 1 on failure.
+ */
+int kvm_sev_guest_start(void);
+
 #endif
 
diff --git a/sev.c b/sev.c
index 2d71ca6..40a126a 100644
--- a/sev.c
+++ b/sev.c
@@ -46,6 +46,10 @@ 
     do { } while (0)
 #endif
 
+enum {
+    SEV_LAUNCH_START = 0x1,
+};
+
 struct SEVInfo {
     uint8_t state;  /* guest current state */
     uint8_t type;   /* guest type (encrypted, unencrypted) */
@@ -271,12 +275,63 @@  int sev_init(KVMState *kvm_state)
         goto err;
     }
 
-    /* call SEV launch start APIs based on guest type */
-
-    return 0;
+    return kvm_sev_guest_start();
 err:
     free(sev_info);
     sev_info = NULL;
     return 1;
 }
 
+static int sev_launch_start(void)
+{
+    int ret;
+    SEVInfo *s = sev_info;
+    struct kvm_sev_issue_cmd input;
+    struct kvm_sev_launch_start *start = s->launch_start;
+
+    input.cmd = KVM_SEV_LAUNCH_START;
+    input.opaque = (__u64)start;
+    ret = kvm_vm_ioctl(kvm_state, KVM_SEV_ISSUE_CMD, &input);
+    if (ret) {
+        fprintf(stderr, "SEV: launch start failed ret=%d(%#010x)\n",
+                ret, input.ret_code);
+        exit(EXIT_FAILURE);
+    }
+
+    s->state = SEV_LAUNCH_START;
+
+    DPRINTF("SEV: Launch Started\n");
+    return 0;
+}
+
+int kvm_sev_guest_start(void)
+{
+    SEVInfo *s = sev_info;
+
+    if (!s) {
+        return 1;
+    }
+
+    /* Guest launch is in progress */
+    if (s->state == SEV_LAUNCH_START) {
+        return 1;
+    }
+
+    if (s->type == UNENCRYPTED_GUEST) {
+        /* If we are requested to launch the guest which need to accepts the
+         * unencrypted images then use the LAUNCH_* command.
+         */
+
+        /* parse the config file to get the parameters */
+        if (!s->launch_start &&
+                (parse_sev_cfg(s, LAUNCH_OPTS, cfg_file) || !s->launch_start)) {
+            fprintf(stderr, "SEV: failed to get SEV LAUNCH parameters\n");
+            exit(EXIT_FAILURE);
+        }
+
+        return sev_launch_start();
+    }
+
+    return 1;
+}
+