From patchwork Mon Feb 12 15:37:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10213439 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id E04A360236 for ; Mon, 12 Feb 2018 15:55:26 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D0A701FFE6 for ; Mon, 12 Feb 2018 15:55:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C3F7E205AB; Mon, 12 Feb 2018 15:55:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 369E71FFE6 for ; Mon, 12 Feb 2018 15:55:26 +0000 (UTC) Received: from localhost ([::1]:45673 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1elGRx-00019M-E1 for patchwork-qemu-devel@patchwork.kernel.org; Mon, 12 Feb 2018 10:55:25 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56125) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1elGBh-0003cA-Hq for qemu-devel@nongnu.org; Mon, 12 Feb 2018 10:38:38 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1elGBe-0004N4-2V for qemu-devel@nongnu.org; Mon, 12 Feb 2018 10:38:37 -0500 Received: from mail-by2nam01on0088.outbound.protection.outlook.com ([104.47.34.88]:65173 helo=NAM01-BY2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1elGBd-0004Li-OD for qemu-devel@nongnu.org; Mon, 12 Feb 2018 10:38:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hswdwbRPMNmiaZsogZDUeqLXXHCPFLfZq54ztWs1Z9A=; b=Z1sW1YPtYIXU+Amm54E5elDKct5ePT0WIwJSqRICgM7NBcRxGFnKshTNkVRTc1pu+CdhpWVyu0vdqsoWv4iA33/5qq/fEZiIHSycZcI7MAxzVjWe17bEIBIAw6ZqCXEttnrsZOTXY7skSCYAqBSeqdEExHr3eHzpEfV0nStM9Mk= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.485.10; Mon, 12 Feb 2018 15:38:29 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Mon, 12 Feb 2018 09:37:04 -0600 Message-Id: <20180212153715.87555-18-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180212153715.87555-1-brijesh.singh@amd.com> References: <20180212153715.87555-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0801CA0004.namprd08.prod.outlook.com (10.161.215.142) To BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 4327e1af-e164-45d1-82db-08d5722eaaff X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:BY2PR12MB0146; X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 3:/zB0kziCypQn3Ur5cck0F8PEq9yah3jAsDFQVXBBMj+7PjvEhhqtbzOqRL3jY/Q+QlxiHdyeX0UZohZwZdDMDQeXi6Jm+g31DVzCQTSLuQVAWyZ3GUu6s4wC9xRxvd0BbiyXHbPMd7V+CRGkAqYUIi0RE7Ahjj4mt3cql/ui7u+qCkRmAFQGonp4GNkG34OG3v0H1jjMsSPh/XB+4rdkHujwevXBzK/ZYAJNoEcM1lsuEiwoUp642Yv2T4ACJVsC; 25:5lNaklFTZznoZN9niE4mjjq2kPzumb+gzFdN88NUdtHQacKG9aO1eBNsTnapbQQ7iqGjjXvJjgTClqP9uG6z8dHzx7vdACdWwwOBuKLD4pjPUc5oL0bkFYLUGmLNFZr/jg02TNO6Fi2cqVyTh5SpoPb9Krj7SVri+SBlykN6eBJyZ2s+2723SVKsUfjfCwShdItCrsiD1TWAVcF6gewIL86HVzvKHZmPub1YzfgMiqLPyWFmI7/kbaxVN9o83YKUPOcHeU8RvljDPyqkaaAPnLr1Xq2qCgglNlwrzaxz/jg5e/duSCyKuum0UZch+y/5PWJQDkwaPHrUJbtlm4ogYA==; 31:dbMH26ZniwhkPqWtcizU79jYO3Mfege53d9RQRGN2kozNE3XPZxxwlmqMpaK52S2aWWS/kwZ+CfdHhWT4j7Eo2xsfh7L3fu8ldSt3Z/PRFBRNZN3CA2pTdzE5V3yZbMF32QyHy0fWr3yFQJh9hRxLRgYs3yHDwpwJWLcXnCACJtbMHW1B9hrLm9MVtieqvnF0M1G3ZOUhIw/LE/PLRQTxjghtz3BN1Eyzo6SwHgvflg= X-MS-TrafficTypeDiagnostic: BY2PR12MB0146: X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 20:dh8tvVa3vMFtUaVzo0UPgPU2rUr+s/NHH44pDGsntxq/qG5KyhcDBCfYVc4KeflRWaSoyjJ9AySMTAJ+KR/Ww9Ep651LKO+f/H30qbgIgVMOrMOJyoVo4iTjcuFOkPfFnFvoUfBqSBuUlwNteg8diMnPn4sU7lAIvMZJON/w0A/vCBejSbCNdY84JfAK+geGcloDb5UrTf91DgDu2FAvuXgif578qcwjr+jq2TKPCzohosLNr2hAv0rGeI1lb5HLf654fU4Nv0cMMoYCG5BNXEFVKehDh3jqC2IWkiHql3yUDChHadHEaZ3Ka+AauTDvBspFGl79MaKxMtGav5UqcOcdVnrS4qFpVnmkFW23ryauM1qTmV2R5z0vAG2ECvwLXnKNOnyCuDIoNFxFzYHxST5IzLRWQJ1lmVk4elo4YO4tblioSudme38rLQ8p/L+8PCYSW1BAbzoOQdB1h2kcRrbQ6eOh1fUT4xx3LRw0lBp+kuTXbV+B+3u89NbTITLD; 4:o+NAjBrSYApH2TAnlLnvM5V3rUTKFKu+A49vMT7HE4ELmIF2TV337k+9hepo21cbLOapHyQU3xMSE8U8AsBfYAYDH3zExPcmn6NGMaQY5Dd5vkpr288gu7iPHCHFbbXTl6x5ov/NkpETsEXkrYQRAeFHDIvhBTEwYLutexdCrlFEjq6sDfGp2YptPDQIc3kACWsPn9jm3ThOwtgFJNvz6KubCLRmr4c054NxUZ7hvSEMq9qfHJnKK/tH7Gkzyi8iXG97OJM9zB/NPQLqLwDcitlys+iZ1C/gX+LDRE1iwfwnVbM8ZX4UvhnTDYPyGVhx X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3002001)(3231101)(2400082)(944501161)(6055026)(6041288)(20161123564045)(20161123558120)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(6072148)(201708071742011); SRVR:BY2PR12MB0146; BCL:0; PCL:0; RULEID:; SRVR:BY2PR12MB0146; X-Forefront-PRVS: 0581B5AB35 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39380400002)(39860400002)(346002)(396003)(366004)(376002)(199004)(189003)(25786009)(53416004)(66066001)(8676002)(7416002)(105586002)(81156014)(76176011)(81166006)(5660300001)(97736004)(186003)(16526019)(8936002)(106356001)(50226002)(2361001)(6116002)(3846002)(47776003)(305945005)(1076002)(86362001)(26005)(2351001)(7736002)(478600001)(51416003)(36756003)(4326008)(2906002)(53936002)(6666003)(2950100002)(8656006)(52116002)(6486002)(48376002)(39060400002)(68736007)(54906003)(16586007)(7696005)(386003)(316002)(6916009)(50466002)(8666007); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR12MB0146; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BY2PR12MB0146; 23:8qfTzmlx7ZlCho9BTfEKDEfkKCtwzlwdAyDq4K4bl?= =?us-ascii?Q?enC09srW7cWA26eCmkZsLt9w6UEedcn3CmRSBnicvPziNj0lDDHbBq6+UQSp?= =?us-ascii?Q?U0x+35D7WCH73zqtnl6UikzOC6wCvOBlOONAGBtTlo7JY62Abx+jO9p4nUER?= =?us-ascii?Q?QXOt2Uh5UBszOF7Ce9eV0AXY8uxo7lRnXiVMrh0lrVK4SNHNTNDx8hUDT227?= =?us-ascii?Q?p+rZBY1eihX4LQbEMaqIyzuOiOuYIWAiVjO0TFwicfb4LV3COLklRT+nkYsu?= =?us-ascii?Q?I2kDoaMKMhh60dS1gwc4eYYsnguQ3iGnc6lbCqhwbfWNEdktXDFED9uv1LyS?= =?us-ascii?Q?T8V+vXDEwrYbCLtrWs1q0bGa9X7WKN7dWokVoqPqVRdU5EJm1A0yXoSfECdo?= =?us-ascii?Q?KqZGZJwk3DjLN7CSG5tPajzujdpy16IGAXS/ADYYvldjF61m++dV1hn5lneK?= =?us-ascii?Q?By7qYE2hmFWnCaqGhsyfHbXftKl6VrlNVcejlX2WhIyZ1C+qCOM1mbY8Lu1n?= =?us-ascii?Q?DWclLJsKdO7lyTip7PJ+OgrGb11lTS95mE5NvgQSEIZeAtThRW3FdzuQskYK?= =?us-ascii?Q?U24rqEeNGiYfX8dBfb7V6V09hnjzO49iN9BxNst1WrIgFyaHMXGYIk5zNWgv?= =?us-ascii?Q?2B1wvTLnPXHF8h1ngW2zLEZqE2KNHFq7wuxhkyQWqOr5Jjbi3K77GwjG/h6c?= =?us-ascii?Q?gMulACAHaRISAWzhdH8UryPsYqBM90c+8TtP4iU83pMExje6JK9SamFvlHyf?= =?us-ascii?Q?SFmrCL4FV54yit2xo65dl/x5dXTnLxC69+U2E+CWuTalUw3OjaV+IBiw4rsE?= =?us-ascii?Q?rD9MkSICmrXO1pAu/NVj+JSxLgEb/njs0OZ5WRHAAfbGAu9OV4C8DkZEDS48?= =?us-ascii?Q?9FdZefEXtUWbSVou6xqfyeQV++cJSYNrA2Y5fstEJ49MN7Dv6AkZbaJwv+SB?= =?us-ascii?Q?HKX1tTCxMzkOFgvF8X6AnFD5qkFsbBc9MsqfZ3uj5O22JE9492SHB/+8FcwK?= =?us-ascii?Q?AlJ6JGnNnWq6+GPu6+XJRPA01vxBE1+WhbSTCKQTPPIGxV4Gg9Dk9nuGkelK?= =?us-ascii?Q?EWFQ4sIqNaRLQjNmnD5oJA/99d+LaKmj4n1cjQ8KdDz1tdxW8N4NPawOVw9b?= =?us-ascii?Q?0KRDq9+3k3CgDnKni0xAMVnjsP4hG28lVl3cgRtKJPuGyon2EWT9O22YegFT?= =?us-ascii?Q?ryGcvONfVOrZJzqhOjn2bcZsV7ClhVhvwfAj+yyI66Ftqu9G8HCqJ788zitj?= =?us-ascii?Q?7tfYS8NrHAe0xXPXplb5VGJC0mmrEs4WC7UQxy9aWFYN4BcbibyJI8qFU7MY?= =?us-ascii?B?UT09?= X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 6:I4ssdKYr/743sVF9gPsLpO+RgZbEgD/Fvgq+lcFJwym5HVMxay7P8Jb6LfGOkN8JDTdVEXkFtebDgy8ahZuy98EAaLShHLy25jU6Gxx01yaGeqnX7XzExIcN8KawAWdQZ1L9IL9X5xSAEgXta0Ap623jieKAYa2TwBk7zNUBZtHDt/u3ABAx2oEgFSl6NYz7Zh3adM83gTf8UX0BA520xwmKquCLD8Bhp9L23+sh8rUNWLx323rfxBxWTZwEgb6d54QRLDQ7iYMCLq6d6tR7ehzotpDdrS9Wm+xZ1QmaT2sq6JQZPG2Htp64Rgl1Dno66WgtdqqLMJrUW2gXnSM9L4BN+cWXjSChGHdFtb4VV74=; 5:GHKENiHURDfs/AogViNDi2tT8wXCCxOStnLCY5Wx1fMoKlhm++9gbBkSY1NrNGvvveizbr+iAlqv2czTh3YW9QIfz6vkGITCnLMq96JLmHFF2oSKhDS07IWBNV4fRlzli3hNiJ3UadMLQ0fVb4yCnsLwleA/w/DcyT2IXbH/+Nk=; 24:Aej2zS3Sm5Ow/WTQ8Z/3wcoEMGTt0e1pOltx2Nodqe6Hek/DadKtQWVKXwiuJqearAK/J/tQOjmnyhQqytHztIRUoym6Q6b9TRGG8e8L4EA=; 7:PB/WGIRYIN+4P9j0PqM8nb1RwJbH2Nz7Su7ubgBgbIT7NMPjFna+yKFUxGdl4JXnO0y6X7R0jTZ7aGAzRVGIobAoof8EDsPZqcDI53r1GH3o3737Thheh3WgouDGWYMHqyrZocboX5ShnGI1tyMEub1sWEpRqPyxaerOg+ySoGo9ipcKfyHFXPQoLChvaf2LmYLaJTespJr/asV0+dfW3sChdM/i56Z8b3YPlykBC5ZEyPk+oMwnomNIMgUjGMqm SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 20:n9rkR1IUzJRUrT2IXIJfMmV3TNOm6WfKsD+b09i9M69YfvLc3y0+LOPpA0vNA4TqO6l6rF+gSOnDlFZ5AJHErEzmPJklXKkSlQEmtW8IxnEs0bA/Jn3FAfbwPrUGMKMgM/xxnp9lMQ34B0tMDruT1G4Tga2QTO5jb1U+ab96pBvsWCMNEQUzjPxFf6zLQIoUuvcEw78kg8iCZ08/5xO+6uBrC9gX0wwixLuxjSmaVRv3axUlOl38m1jwx5gUGZaN X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Feb 2018 15:38:29.1041 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4327e1af-e164-45d1-82db-08d5722eaaff X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR12MB0146 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.34.88 Subject: [Qemu-devel] [PATCH v8 17/28] target/i386: encrypt bios rom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Richard Henderson , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- hw/i386/pc_sysfw.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 4325575e7d82..73ac783f2055 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -113,6 +113,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) pflash_t *system_flash; MemoryRegion *flash_mem; char name[64]; + void *flash_ptr; + int ret, flash_size; sector_bits = 12; sector_size = 1 << sector_bits; @@ -169,6 +171,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) if (unit == 0) { flash_mem = pflash_cfi01_get_memory(system_flash); pc_isa_bios_init(rom_memory, flash_mem, size); + + /* Encrypt the pflash boot ROM */ + if (kvm_memcrypt_enabled()) { + flash_ptr = memory_region_get_ram_ptr(flash_mem); + flash_size = memory_region_size(flash_mem); + ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size); + if (ret) { + error_report("failed to encrypt pflash rom"); + exit(1); + } + } } } }