| Message ID | 20180215153955.3253-18-brijesh.singh@amd.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show
Return-Path: <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org> Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 933C9602CB for <patchwork-qemu-devel@patchwork.kernel.org>; Thu, 15 Feb 2018 15:57:19 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 833DD29447 for <patchwork-qemu-devel@patchwork.kernel.org>; Thu, 15 Feb 2018 15:57:19 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7781C2944B; Thu, 15 Feb 2018 15:57:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id AD71F29447 for <patchwork-qemu-devel@patchwork.kernel.org>; Thu, 15 Feb 2018 15:57:18 +0000 (UTC) Received: from localhost ([::1]:32897 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>) id 1emLuP-0004xx-Po for patchwork-qemu-devel@patchwork.kernel.org; Thu, 15 Feb 2018 10:57:17 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35792) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <brijesh.singh@amd.com>) id 1emLeg-0004X4-LK for qemu-devel@nongnu.org; Thu, 15 Feb 2018 10:41:08 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <brijesh.singh@amd.com>) id 1emLea-0003aW-Nm for qemu-devel@nongnu.org; Thu, 15 Feb 2018 10:41:02 -0500 Received: from mail-bn3nam01on0057.outbound.protection.outlook.com ([104.47.33.57]:36448 helo=NAM01-BN3-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from <brijesh.singh@amd.com>) id 1emLea-0003aM-Gq for qemu-devel@nongnu.org; Thu, 15 Feb 2018 10:40:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hswdwbRPMNmiaZsogZDUeqLXXHCPFLfZq54ztWs1Z9A=; b=cVvdDcZlsnkpZzPaRTi1uRCy9LTyGxF0VbSj3C5mU6IiLPSMLaz0WchLR9iPYE1ViOIj5Gv8n/r2NDTxPAAqZIHMGy6znjj+b5CVQ2IYWoHulL/5m0O1PAga33t084TzdjQ+13ssps2AVq1/Rw8MUaUtWz/n3YyL7APj8MjTdSo= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.18; Thu, 15 Feb 2018 15:40:51 +0000 From: Brijesh Singh <brijesh.singh@amd.com> To: qemu-devel@nongnu.org Date: Thu, 15 Feb 2018 09:39:43 -0600 Message-Id: <20180215153955.3253-18-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180215153955.3253-1-brijesh.singh@amd.com> References: <20180215153955.3253-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR04CA0044.namprd04.prod.outlook.com (10.172.133.30) To SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: f1c24cb2-def9-4f30-bebf-08d5748a7f78 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:SN1PR12MB0157; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 3:apo9JJTUnKKiOqcovnNw2ce1DMAH1fF/vbkWylJ5rdQDpxNElm6EPrUL7Ff66t+JbuvvzpRRaMonkQo7l67kRvmyG0nNNFW/gvi0TxukV9V0L1OvcUXwoUtUxTtiufctT6hyunyEnhHcM1mEWpbf73GmyKVC/kE0ddi6E9flDpjVotsYki43yOsoMeXz50jgROBAykyCWP1VSxpJCFjUJCzfjt+NWYgMW6clFQ2yy3X+qTPqaqu42s6fpe9OThTE; 25:oz6JZh4SKGxj5NaFkdG59fORoAmEO6O7xZX8KAbgdrMc3cRvxfir/kuujxOfs69Xr39CD3jOALnimJiBVDNiu69J/eesKkBxvTsQ7XUJ9z8B1ZBsflQMR5Sg+MnPZyxk6DCOENqrhAhGlq8QHcZhZK2/rgpExOat2lUkPz0xhxzFVgpq8mARthl6nBcLZjRLoXeJU3hcJbC6OLI5BJaUFgbtugRgDcFLl7Y6S6mSZA9KNKXRShPuemo/DxOzLVEYTGheaxsgp99RMhOY8z8Mgf/dYmFvonsfph2DGgOlzo6MSg8EEsUtOGjPJo9qE8+O+iSoGfLBXf7jNkor8TYotQ==; 31:QYtVbJ39+WxHFnyB98I2DL/VEqEp3KVWD2QEXsz0pU9BxzVAr3msM8GrYdbu059HOWpKSzjpazEM/+um8wXp+mRXMNNYlCbgVzt0qjK1N+/jFGv20pUz3hqa4aDT8GpJDz4loryad8sdd4ibOsxGlNPtJGSEF9CtbGURvzfHa73nnqvjMK5pv9wgUFCXKQBBj+KI65b70eBqQA5KP3V399R2E/soTqg8KmJULrrzTN4= X-MS-TrafficTypeDiagnostic: SN1PR12MB0157: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:rDfW1wchy1nNQK3Vuvoz3p5SM6dBLu6AEu0v7Os9MwoJQqrF6JaCHh96C4gnSgYvJRcFA30rGqMGq9yQKft+tsHlNenlBi6cnh8rYU2YucPDndM/7Aga/GP4q+sFXR4uYbbX3IGp1rHuiMr3V6zuKZ66kkexI0f6Q/VMk5TQ54Y3KO3zjOWmMBo6z8o+mS/fPKZnGwcbtd9c3yFNBgYPyvHqksubXltRe8EOqq/hfsZyqR1nnb2Oli3k5neURKCmhyXxGWqKMPWcvofAcMPPcrSlgpIu7D82GjCec0P8gT+UaidA5oGmxu1fkJOoBW+R/hqaMQF7YG/n7YaVxeJUj9UetnDxcocung9rFAh3LVu4i+iFYXvFDrqpCaOshum93Vi/2d+rO4RbuJHz1YeNx9iKpeN44iBbdF9LIzD3qH/WFM/pp8JG3J/PTvF+GQc6vJ8vqe4KttmEXFl0BuOqyK1r2JaBxxjik1YupxnM2FF/n4ikSGRCEC6ADIk82Ve5; 4:2tu2HqaEwwqtBvH7ncwwdTx1uJg/aR+59rUMQdUvBx6nhPsm8AwHzKh+zy8V9DyGMYi81y0FZhBTDfP6mh7ttIwZLizC3MdcTX/zG6NjQjh9KvRba2gSQ24mvFprjJ5hLiX5OgiTXbDWFLXQt5kuHX45hvFhz7NML68UnpOVPOEBVA5qSQ4DnjfzCKAbnbYdq/6MmO8nSb665RiRhwNyr4eMNJaX36eAPdarC7hISzDdNnalnodiR+/gGGxqymI/LtniTan5aNQHNugkgZsb5ss9lHLpEiee+csVaOmOmJlIdc5lNpKqjP2iD4A5feI7 X-Microsoft-Antispam-PRVS: <SN1PR12MB0157FF57B632791B784B4456E5F40@SN1PR12MB0157.namprd12.prod.outlook.com> X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231101)(944501161)(6055026)(6041288)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(6072148)(201708071742011); SRVR:SN1PR12MB0157; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB0157; X-Forefront-PRVS: 058441C12A X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(376002)(39380400002)(346002)(396003)(39860400002)(366004)(189003)(199004)(26005)(3846002)(386003)(8936002)(5660300001)(186003)(16526019)(316002)(6666003)(8666007)(1076002)(54906003)(6116002)(48376002)(50466002)(7416002)(478600001)(8676002)(68736007)(86362001)(16586007)(2906002)(50226002)(39060400002)(2351001)(6916009)(7736002)(106356001)(51416003)(8656006)(52116002)(25786009)(4326008)(97736004)(2950100002)(6486002)(2361001)(36756003)(76176011)(81166006)(53416004)(66066001)(53936002)(81156014)(47776003)(305945005)(105586002)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0157; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB0157; 23:ZPHAWEjo44V3YrPfySemeAtjoV2Ah0clI6dmc794+?= =?us-ascii?Q?kJBims2zs/xtBjv0mbdmVDLwP6Yx01zlZwkmrh1eycBh1hnFZrJ4HOZbN5zb?= =?us-ascii?Q?O+FQlcNqawXYmTWXGbDROFUqBe2H0jVqp6vrHQH6+Uk0qk2IXb3SjJ2ppeOR?= =?us-ascii?Q?dzVMa3L1Hi4lN7kOqXvW19rFxtiTdzJxkrBOqoXFBBK/ubG4UsOXQ6BO2Euu?= =?us-ascii?Q?XY26Gu/2bjC/3wICJWOPAluADpN8LYchvG1hY9fz9HoEPcm54LlZFEAflj9e?= =?us-ascii?Q?vruqWehTEK1gt3e7zBTlVr2rMTc8PnIGLvQKEnmkElO2qzhrl+sNfAokS61K?= =?us-ascii?Q?H7JnRnpOIW8b8MwBLS4z4dhk3dH+f42Cor5q0g4cfdL8fmtwvv5dr0k2EAfO?= =?us-ascii?Q?+XBmqZvFlKF9UanoL+rPm2YT3aXF7Laoc/lwFr5sYidElwPWMT0ifIcEB7Qy?= =?us-ascii?Q?lT86ue7gN1APTImo5oQvz9WRi2kJWa2kKh1VX3OYbv8jZkWNRdtX73WVXmvt?= =?us-ascii?Q?VsegKMOf3LV/+W6U0aA0uaOUhTxXSNzYlO3YmiFCgrAuGHcQQTNx2CGfiEWF?= =?us-ascii?Q?CikPy/8I9sVcpmcOpONrT8P/oxEDUD1RzbRQ0q1ziaoBYZNbOy2QgtQ04z5r?= =?us-ascii?Q?LDKm240i2S0O1az7nSiLOLUJXTdSy56WlNSGj0F+dIev3Qry6bhhkbu6nknf?= =?us-ascii?Q?blnsgWRZ/G/p59EDa201MhmRAS+c9TvkjHC7Z6zsDhhealaYnrMTQg5K+wE1?= =?us-ascii?Q?41adpHfFs1KvXHEnI1vAZJgfyhYEVaTdx1pkYG07VXgo5PFY5cN4Q9zC72B7?= =?us-ascii?Q?XomzdftFY0i2SDWdB8efh2h4PIYohaavLhxcsF6DdZzOh48q4EeZD1Ka9k1H?= =?us-ascii?Q?C9GL5ti7lNrc7F12ffoQ65hwcaM/kr9Hojo2sWV632riNAbrctTBxduDeNNO?= =?us-ascii?Q?bpfjPwx7JaSuDup65z+OJZNUfEd5UodfSkUKoIl05y/0dnsfiYuDkhZCsGzP?= =?us-ascii?Q?exKGlXZi/Ok0clO5NydUFMYKQl7Xt5dR0EeOSM5/+p80uaHl2dlcRymzIGLo?= =?us-ascii?Q?nnaZODP8c9EA7F//X1eL1Gp6K+1K3SDjpkbY+7+ynyBcL6kGvD/MToOem8Oa?= =?us-ascii?Q?QB/NkS+94rF7raRqJ8TbMnbN9zkJuRVaaCpjnAzjHBHuJjQ4wSewliMR3SeM?= =?us-ascii?Q?osoayQGV7udwdOaD4NLfVmZGrpmgmwkrFgt26Jkr6m3QNCNC8lpSJYpY+Zsj?= =?us-ascii?Q?q/l45jYfTxZtKoSlXURuywETdLObEBUGnS69xUM7uAOSY2Y7LtFkFM34jybe?= =?us-ascii?B?QT09?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 6:axGtp0sbwdAGsssKPz+bi4+F7wpuei6ipMzXNVWPJAZDZzU3QzsCxhjrXre6uMFMxXaPOjii7zbeFUVlU1Hqbr+bxNpQjEIeQNWhOY8/H2skbXkWqscC6+XQr4efsZauPiTmDOaohjfas5Q+K79k1f7GUJlBr+MjXVx5NFQlXMwCzQf5RKT4GwWsD2CfhqcslZjXP78Z/SW+sdXe482n51i3b8abSPOWRICwRZgUXTDOvgurGfo7BQ1zqs8JEUx9/4TY+lpevQKLoYb73nNxAKPwQtovzXz4mGPiBIqh8uSixo9kUtgU60koNxyD4wg8X+8Nr4G5ba26S8t7M8cuy8JzXhgluJxrT/IRUM7x3GU=; 5:1W8URp6DX5z0ZDlN1zUalWwlZlPgJS5Hyq7IcSid2FWiVg7abtYIlldacRoaVFVvvNx/td9gLP0Ul5qfItBtSpHdP6KOY2j3SBrHBmi/lKUOk+gVLGYdqyy8D8pVHl7wp0Ooa9wxsCFnWxVZgCN7qZJjvxH6aZuX7Gl7kxodwfg=; 24:MELIosEonUqAm1/08qR2U9UPbJbNjDUDhBfsGXGEtvvyFKwy7uLPTVc4NEtpgCAMn7d9Hi36sOP7zKSDhk/yrPOxPKKs/uDb14vDLZfCypQ=; 7:HhZXa/KORE7Mn4POIEcquj1dDIDKnIfgGVy1cWdnCOFzhPNqilU+41bTXr/XL/Tn6+RSz4uT2gnMqIK44zPpFAdQ8RMtbtP6BC+n/vYTAkMBN+N0XOJ0ROQefUgo8g/Kri6p6dtWUeyMP/si4+1uplZaCTApldRSeL9iSDDi63hB09K4/45qBUozGdHru4tKGjpVY98uwaDFoLoofzGgKY3EfA/IZaRVhN3EAPXwI2/Cq7dlADvPcgFbFcpBEcHB SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:H7282uv5HPFaDGWQVST5+XdbVge44h9YX5OJI/vLEKdu647yoRd1qJvjIU8DkUqHTbkDytrpz+Pt2CsMiYSxtfmvGp+gNmnsXHoDqTjrg3FojKn62Otea8lKa5U69s4zJ0DABZ0JLGLYzBx+oJyu9LhfAMDxHvaKYsUFsY3RhCWkVCnRyGN/4o89Uo0GKbASknfvbO2t8OfWx7oOVEbgfefD/qU8U3+WWXox9QGhsPOidmslT707zOUIur6YN+qu X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Feb 2018 15:40:51.9159 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f1c24cb2-def9-4f30-bebf-08d5748a7f78 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0157 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.33.57 Subject: [Qemu-devel] [PATCH v9 17/29] target/i386: encrypt bios rom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: <qemu-devel.nongnu.org> List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>, <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe> List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/> List-Post: <mailto:qemu-devel@nongnu.org> List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help> List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>, <mailto:qemu-devel-request@nongnu.org?subject=subscribe> Cc: Peter Maydell <peter.maydell@linaro.org>, Brijesh Singh <brijesh.singh@amd.com>, kvm@vger.kernel.org, "Michael S. Tsirkin" <mst@redhat.com>, Stefan Hajnoczi <stefanha@gmail.com>, Alexander Graf <agraf@suse.de>, "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>, Markus Armbruster <armbru@redhat.com>, Bruce Rogers <brogers@suse.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Marcel Apfelbaum <marcel@redhat.com>, Borislav Petkov <bp@suse.de>, Thomas Lendacky <Thomas.Lendacky@amd.com>, Eduardo Habkost <ehabkost@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>, Alistair Francis <alistair.francis@xilinx.com>, Cornelia Huck <cornelia.huck@de.ibm.com>, Richard Henderson <rth@twiddle.net>, Peter Crosthwaite <crosthwaite.peter@gmail.com>, Paolo Bonzini <pbonzini@redhat.com> Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org> X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 4325575e7d82..73ac783f2055 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -113,6 +113,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) pflash_t *system_flash; MemoryRegion *flash_mem; char name[64]; + void *flash_ptr; + int ret, flash_size; sector_bits = 12; sector_size = 1 << sector_bits; @@ -169,6 +171,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) if (unit == 0) { flash_mem = pflash_cfi01_get_memory(system_flash); pc_isa_bios_init(rom_memory, flash_mem, size); + + /* Encrypt the pflash boot ROM */ + if (kvm_memcrypt_enabled()) { + flash_ptr = memory_region_get_ram_ptr(flash_mem); + flash_size = memory_region_size(flash_mem); + ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size); + if (ret) { + error_report("failed to encrypt pflash rom"); + exit(1); + } + } } } }
SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- hw/i386/pc_sysfw.c | 13 +++++++++++++ 1 file changed, 13 insertions(+)