From patchwork Wed Mar 8 20:53:24 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9611979 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 7C36A6016C for ; Wed, 8 Mar 2017 21:27:51 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 62D7528611 for ; Wed, 8 Mar 2017 21:27:51 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 54E3628634; Wed, 8 Mar 2017 21:27:51 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BF8D428611 for ; Wed, 8 Mar 2017 21:27:50 +0000 (UTC) Received: from localhost ([::1]:58524 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1clj7d-0007FT-Qe for patchwork-qemu-devel@patchwork.kernel.org; Wed, 08 Mar 2017 16:27:49 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51928) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1clj5K-0005VJ-7M for qemu-devel@nongnu.org; Wed, 08 Mar 2017 16:25:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1clj5G-0005Mj-VO for qemu-devel@nongnu.org; Wed, 08 Mar 2017 16:25:26 -0500 Received: from mail-by2nam01on0088.outbound.protection.outlook.com ([104.47.34.88]:29472 helo=NAM01-BY2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1clj5G-0005MN-K4 for qemu-devel@nongnu.org; Wed, 08 Mar 2017 16:25:22 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=qJO1hYG/7YrXnaEh1QDEdjejpDhdr7vJ7XN6Z5aXwlo=; b=SOk2DaTHvE8IvsrmGm2Jl4/iEwPfpYKOzYl6iIQgbdP14FpBUgzjRw922a9x5jWFoGJOZQpMWHxrKI94QyzEMuoLT00hoNpgHAA3QgkWgSI+n8UliBlgg87l7CaV3wO2vvVdyO9C2/a1SikSAdSxnQcdppst9LKG/FdgeHbGGzc= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from [127.0.1.1] (165.204.77.1) by BN6PR12MB1604.namprd12.prod.outlook.com (10.172.22.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12; Wed, 8 Mar 2017 20:53:28 +0000 From: Brijesh Singh To: , , , , , , , , Date: Wed, 8 Mar 2017 15:53:24 -0500 Message-ID: <148900640453.27090.13878279092984827505.stgit@brijesh-build-machine> In-Reply-To: <148900626714.27090.1616990932333159904.stgit@brijesh-build-machine> References: <148900626714.27090.1616990932333159904.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: MWHPR10CA0008.namprd10.prod.outlook.com (10.172.48.18) To BN6PR12MB1604.namprd12.prod.outlook.com (10.172.22.23) X-MS-Office365-Filtering-Correlation-Id: 3bb00a52-f7db-4962-3c5c-08d466652d17 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:BN6PR12MB1604; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1604; 3:ig4WCyEM3xj6Xqtv8/rT2EYmMX9gMih6cf9brXPHRQAyBaRwimKDAG/p9zvbObbJjY9+SPCRmDI/KTqKfG2Lw5tlS/eTBkDiUYcv6ZuEOIjO9daF+zyKpz7eCw+BdJmPigM1/Dh/OsiYpmeUyqapdRedE4icEeI5+HiqhsnZZW5zA1q4e+A31N4Uue0lljphvvShX+a6SkcOxHkPytXClceX8gvAXuoGq2zp3czEsAZVbGLAY014cSLQL3Uj1QHr2ZY3zNuyCAS1TAWVSAJ4q5+KSpr2FhABflyOH03IGEo=; 25:tayPLonBnHDaYXOmVqjoJTOYpPYny+R2F3uMvxnPO520wN6N3sMgyvPIUOPl4P+w8bE4JYf/23R/Q9wepZmPPPjJlpbkTmUzOvQtLnjN30KBtzEKU0ncMlCQHwqt99ybOl0Mclu+c8cGOoC5iZKbnNdjLJtVgIU5qS/WcUT7IvsOkAG6kxVafOFykRmtBCaShqh70mH1+IL7pQjE7P7AkCUOOAHko0fZoTCXxkre/BpSakGwzAe7TTwi7yayiw6nqxforRQzO4sJqQFQN9FeKNv9wA2s6wTMlFVks7yQV4yPrxl9rIG124LDK+Kep33z/mnXjuly96LjtohXm3JzuhbsR8pQNnpxtqDdWjIQ194s4skBiW2n+7Cqdla7dcLYT05psiYc4RxGgmvF4r36/QRZf2hJEGA2Z7S3xZoXsqcdbVEqDUDGwffvwgIXZ7NmA7/Q5rA/cCk03BdU91ppYg== X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1604; 31:bgTHFgkhb6HyE8bBcvLHdsXTm0xv1C7kM1pHMd51blcWmQB2Az5nqP6/mXx9k5W0EztKy23v8s3LPiAhOT4xNp+sOvz37m6NxiXcrzv2R9xaOUvIdrOrJSit4mzF5F96IIlCRy9sBAYhZTgjKfgY+BOFKQceYvFjsmVmAELBdO+q1lt7Vm4SqVlDWlTkxE+lsGp9cayOUZjB+ps13LKxRG72JLyH2a/IDzP7rstw0YM=; 20:2lEslijL+aOnayQi9mSeoMkUyRYl3F0JFKtfL5eVNFLiHOzp6bXWcIBij2N2kj/LxsGitdyWn5KsIhxYNoCAerMmRexNf0X36j9pg/fwpjnvup2+D3J0AdZ8PvaN7nKI/UFoeAs5c5Q/CwlZ3fsbcer09MP8u589axkYctKE3os60+MrDpndZFBZebVfviOvVZr0Ey3pvawNv91EDNOS0hkDxxAkBTTIuTQtIJrWXI+/BkvTPj8yluIvHQzDn+dfF7Sp2SXpQDPxe5MoKViTZcW3jTLJrKFe0bNdyYukzjTLnUNr0yMITaCa1fZINU1I7ZM9KV9omxZeY/TI170rFwCjiUd3GNfdqBER+r1+rl/Pcku3NGY6rxFZzUlKibLKO/iIFhZbLZ09spkRyG09JfaA+iLR/cOL/nQuzaG8qQpc8/8gdhiC4PZ7k/92SimH6ya9DwbLUf96TzgRTl3TxarPwsR89ZjKLM5BrLHuOnkdJRsZ1a9jI1AaEeZKjBSx X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123562025)(20161123558025)(20161123560025)(20161123555025)(20161123564025)(6072148); SRVR:BN6PR12MB1604; BCL:0; PCL:0; RULEID:; SRVR:BN6PR12MB1604; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1604; 4:8Pi30W0WXjukzGfuFqDEAifDSzcfnL/ZqzIrVph3Tu1bBHlYox14P3PSr0LjChLHUavZ/zN/jmvfiFnizyqO8v8en+Yj03x9c3JNeV8bxj1+N9sZpOvNKlvB8/by8HAaiVyfA003v8Li4E+SYofs5mYPWW7tXmZN02MAbOSVUyB5LHq9r0LCOifM1NZJ25jZE1VT3UlOO/vO0OgUpA/7jsJnf4Mk36vGgUrEEVlQMbZ1mk94KUbK3+KXXlg+9o9z+vaMnJf5UzB1Nqzihf47agdbyxXxKcGRhswRBF684jA4iwZOrKO0Pan3usBfgv+t0SGL37/87qTNGZpt29ZADE95ojkXO/sjCS+mWMImWYCrMgCNTRK+Z9uA4R/L9cSBn8sH5jpT/WhTMMbH0L5rnvT9FQYAO119AMoAVxbXk/U4J56Xyph9pFUhLkkAILpIK7jpy0Q8DQALb+ca3uvv+GF7WTBdHqW8Vsh4aHgAQ5DnM9XL4hTFMP39HA2bfWQqqQpPK8MabuonXui4wInevFelr/56U+fNGlemHV6xL8LMYPPdVkn5UWflgrLd0FC+3Wj2yV+ficaO97K2FM48RkPrCnR+OjW0plJnYuqjRIYbix7m5XaCPlwxQWihJAKLdLUO2SbTJBTUnpseAfVEKoePNXJKIqvrxYOeTOpIMTw= X-Forefront-PRVS: 02408926C4 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(6049001)(39860400002)(39840400002)(39410400002)(39850400002)(39450400003)(230700001)(83506001)(86362001)(6486002)(5660300001)(33646002)(4326008)(76176999)(2201001)(53936002)(103116003)(77096006)(50466002)(90366009)(189998001)(8676002)(81166006)(7736002)(25786008)(42186005)(54906002)(54356999)(9686003)(33716001)(3846002)(2950100002)(6116002)(6666003)(2906002)(47776003)(38730400002)(66066001)(305945005)(23676002)(50986999)(217873001); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1604; H:[127.0.1.1]; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjZQUjEyTUIxNjA0OzIzOmtCcllXSUhVampybnVTa3dubm9YMVRRYlhU?= =?utf-8?B?NWNmeDk4V1VaUWNaVkg2VlNwZjRQbkswd0RDVzFFczlkcTdXdklrZnNwd2Fy?= =?utf-8?B?bGF2WUNHYU1GUkJTd3duSXlJNTB3QWFqbmlwQ2YvWlFNZTBtTGRMZmxWQ1lL?= =?utf-8?B?dUQvSEpDMGpITW1RSlJCM0FNcWlwT09FZFJXY3JSU0prT3pqMkhlUVdiRytD?= =?utf-8?B?NjJJcHFDUlpJNm1LZmFTcUdpSC9rdDZOMWFpSldtdDNPZktQWDF3OENyZFlq?= =?utf-8?B?VW1VL3IyZ3JBYUNYVUYwL1pQRDJxblZHWkQrdTdyN0tUK3VFeHF1UU9oQ0R5?= =?utf-8?B?RGJ1dHFuYXhmQ2twZ3BkUnZnd2VYWU14cHhJL2lkMEtsMVB1R09jYy95WEZk?= =?utf-8?B?eFhOZVRaZGd4bHp3NnhBUlBGdzVSTHNia0IrUkl2WU9oeFpMbjFMRHlyMkZF?= =?utf-8?B?MzZMR1NnS1NmZEkxSHJ1ZnlONFZnR1dKZnFCSGhQY0NpaERqUDJQcGc1aGZm?= =?utf-8?B?aWJkOHlvdjZoNldWQjJpZFU3YTl5a2RZeTd2c2NiRTFiNWVoNkdLaXI0MFBq?= =?utf-8?B?ZGtlZzg3ay9CNzNra3pCdktZZDBzM2RoZFl2Qm5iOER1bGJSdnNycXo1Q3R0?= =?utf-8?B?ZVVnVG5tZ2JqZ3R3Nm1PY1l2SHEvQ0hseU5aQ1Fyb1A2OHVNRVhnT2hjNnZU?= =?utf-8?B?ak1Rd2xmcm1RcGpsY3diVFRPdWxzaHRFNmNJMUxDVWplWjEzNktIckNaTFdj?= =?utf-8?B?MWFCN0cvK1lXYXM2KzV4RE1BNEdzNklISVFkOUV4VFZ1dXRoeTBUemVZVGln?= =?utf-8?B?NmVBQXVmd2ZlV2dzSExtWitnNWROWXBXcjRudlVMV2xQWXVqTGhhcFJNNWJF?= =?utf-8?B?Q253bmIyWlVndW1kVmxzUzlQc0hpTFZBaVlkdWphaDUvRmRDc3hlVElXcUhR?= =?utf-8?B?TE5sbUoyQXR5TFlrWEo3WVZDWnkwY0ltanRuaHIyVC94SmFLUmI2TGpKVTRi?= =?utf-8?B?ZlI4b1Nnci85U1ZrMTNzRWlIbkNDZHRaT3FCdWluMExsdGxVZWRjcFlhWXZS?= =?utf-8?B?SzROYVZqajJ1cU9KY3QwTk5udHRzYTFJQVRJV1JZY3hreHF5ZE11NGJzQ29F?= =?utf-8?B?V3VLdjFaenB5WlprZGhqdW84TWZYY2g3Z29pZlN4RGtKMUYrNnZnM3F2VDgy?= =?utf-8?B?bndVODdIZ2pGY0N4VEFlZGp0Z0xkVEJJOWwxcExFNGJiTGtSZXRKVThqL1Zm?= =?utf-8?B?QVdwQVRlbjVTc3Q3WDZzS2N5YzlJNFNxOWpUOGZCMkpuVzJKM0pYREFLS04v?= =?utf-8?B?SEg2NlgwK1NKQmJwMEp2WStmTm1IU2FiWTlJRERNR0t5MG1TN2VsSmZJUGpN?= =?utf-8?B?VWpwTzNVZnVLd2xmNjlKMDVpTFJGdGk0L3U1L2h6dThBQlBhVDNoUDAvNjdr?= =?utf-8?B?ZVdGUXNiZ2lsSGRtSWJuSmthZExzR2xFZUYybzJsWWJBdFBZRVRaQmprTnp0?= =?utf-8?B?UWJJZz09?= X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1604; 6:T7thlLe7z4y+L8ubBINm1ftJ6ECo9t9ohKEoYnDNUWNr+nSALmeSz3kAE9OwK5chNcSwRNFq0qvR3pBjYBnt2QDkI0IBCDadJP8EDGAMu0Pa2Cp5QXgzA/ApaHeQ4S1YuEeepIjjpjvtTwP2PnriNHzwD6Xt1vIdUd2yGcrR1NPYKXN2yHEFi9+KRCicX0rKrctQQ8gbQgyhLwIaw7KTTkCCqqr2T1smcJLcSZTobLGZBOKjGQUgXnc6iMLZ+jWe/U4PocensA5ZjDtsvgi1/AEynjPIOZPXMwEG8+egj9YSsU1klbCofrPHNnkZpkF0gaobA4dSG79fq1Gx7WTfNONt7DaiN4VfdfunPnKvZvZ1vsnaYhpD5F4NVYaS8+2ONVRwgT3J4nwn5dIxvWYTVq3jm2QYCOhByqUkDh7CG28=; 5:skHxXvTXwdqGAI0Gq0+jw7yS3/dPI7+qbleLccioD4KL2sm3i3RipPK7tGWQl4UnPU8o8yjabNJd/R+rBRIZOVOWkNKQjMLC/tHIjiZUI3Tv5l8xoXOD2DaL/ACrOQLqlMfPXrbQ3DLyQ5jxqVigXrEfq9a+UlhtYfgD6miiWjU=; 24:M5IbD+1Um/637IdkKEdGVqtuhWre2z7Te28TFrUfBDWvbXWvzoffNkITury+EYOLKwvb837a0U8y93vFtqg6w3w+ZQvApxl6BmNqQPJZfYU= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1604; 7:qB/kb0uizTc3uWWydWgyyVFsr3oY1fXLRIloI0oRE5peWXJAhn+ikJUOdXHbu2/2Gq85VpvvL0y6LWTcg4o6gTqUrpVhr64PDxSLBCJfUdyr5POgbAOwsNP6sRnIIMyPH4N8S0pi9AkXJxi/yLs9eQB9Umfy7UqWYV2JABexBNR7qkynAXeA4POR7qK90uMNQLFevwFFqld4WORTOsdrEkZPbiK8C9IiChookOlmm1QW31fC3ZEsg8YVeON8LihnkhqlwnaOI46F55OeqwuYdvDs7JBWO1zn05bOK77rLqUIsxahOub+2jzIW17csG3Xhd01IS7RTovukl53W0jUNg==; 20:W0IKSP+Capoad3vpz/ikUcZ106PzmBjeIFX/Zn75UqOb6tK9YLG4GGMMDNZ3NpcZleNb5CDaMDcVzoMc0BXZ8JCY75AuB3kjfOq7sGO/YlvW6CCI/4tSSMWzWad1TPUzsQmjAFF0Wmb5K+rPvqMGhl4Bo7D8KNHrASZCNzsVR0gL+uD8q/Sy75E0dPchIqESqAxjonIfeqMtxkTAddGTApsX4aLkMgLw2iLI4LsD1Xjniuc0PhXFibMdrwebIWYE X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2017 20:53:28.4372 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1604 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.34.88 Subject: [Qemu-devel] [RFC PATCH v4 13/20] sev: add LAUNCH_UPDATE_DATA command X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, brijesh.singh@amd.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP The command is used to encrypt a guest memory region using the VM Encryption Key (VEK) created by LAUNCH_START command. The firmware will also update the measurement with the contents of the memory region for attestation. Signed-off-by: Brijesh Singh --- include/sysemu/sev.h | 2 +- kvm-all.c | 1 + sev.c | 44 +++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 45 insertions(+), 2 deletions(-) diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h index 88cbea5..c614cc0 100644 --- a/include/sysemu/sev.h +++ b/include/sysemu/sev.h @@ -96,6 +96,6 @@ bool sev_enabled(void); void *sev_guest_init(const char *keyid); void sev_set_debug_ops(void *handle, MemoryRegion *mr); int sev_create_launch_context(void *handle); - +int sev_encrypt_launch_buffer(void *handle, uint8_t *ptr, uint64_t len); #endif diff --git a/kvm-all.c b/kvm-all.c index a13d62f..5e98534 100644 --- a/kvm-all.c +++ b/kvm-all.c @@ -1827,6 +1827,7 @@ static int kvm_init(MachineState *ms) } kvm_state->memcrypt_debug_ops = sev_set_debug_ops; kvm_state->create_launch_context = sev_create_launch_context; + kvm_state->encrypt_launch_data = sev_encrypt_launch_buffer; g_free(id); } } diff --git a/sev.c b/sev.c index c13bbfd..b391012 100644 --- a/sev.c +++ b/sev.c @@ -225,9 +225,45 @@ err: } static int +sev_launch_update_data(SEVState *s, uint8_t *addr, uint64_t len) +{ + int ret, error; + struct kvm_sev_launch_update_data *update; + + if (!s) { + return 1; + } + + update = g_malloc0(sizeof(*update)); + if (!update) { + return 1; + } + + update->address = (__u64)addr; + update->length = len; + ret = sev_ioctl(KVM_SEV_LAUNCH_UPDATE_DATA, update, &error); + if (ret) { + fprintf(stderr, "failed LAUNCH_UPDATE_DATA %d (%#x)\n", ret, error); + goto err; + } + + DPRINTF("SEV: LAUNCH_UPDATE_DATA %#lx+%#lx\n", (unsigned long)addr, len); +err: + g_free(update); + return ret; +} + +static int sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs) { - return 0; + SEVState *s = kvm_memcrypt_get_handle(); + + if (sev_get_current_state(s) == SEV_STATE_LAUNCHING) { + memcpy(dst, src, len); + return sev_launch_update_data(s, dst, len); + } + + return 1; } static int @@ -292,6 +328,12 @@ sev_set_debug_ops(void *handle, MemoryRegion *mr) memory_region_set_ram_debug_ops(mr, &sev_ops); } +int +sev_encrypt_launch_buffer(void *handle, uint8_t *ptr, uint64_t len) +{ + return sev_launch_update_data((SEVState *)handle, ptr, len); +} + bool sev_enabled(void) {