From patchwork Wed Feb 28 21:10:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10249873 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 44BEF60362 for ; Wed, 28 Feb 2018 21:35:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 31B192808F for ; Wed, 28 Feb 2018 21:35:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 25892287B7; Wed, 28 Feb 2018 21:35:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 877982808F for ; Wed, 28 Feb 2018 21:35:34 +0000 (UTC) Received: from localhost ([::1]:47104 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1er9Nt-0005PH-DU for patchwork-qemu-devel@patchwork.kernel.org; Wed, 28 Feb 2018 16:35:33 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53418) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1er90O-0001OV-0k for qemu-devel@nongnu.org; Wed, 28 Feb 2018 16:11:17 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1er90J-0005sE-T1 for qemu-devel@nongnu.org; Wed, 28 Feb 2018 16:11:15 -0500 Received: from mail-sn1nam02on0054.outbound.protection.outlook.com ([104.47.36.54]:29150 helo=NAM02-SN1-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1er90J-0005qv-JB for qemu-devel@nongnu.org; Wed, 28 Feb 2018 16:11:11 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=hswdwbRPMNmiaZsogZDUeqLXXHCPFLfZq54ztWs1Z9A=; b=ibYgY1wT+Smza6AZsR9wrrtQaHo8C666usfvupe2Qiim6A8sYLeARNI7pqYkreyiPw0fCM28jPU0WBprPY+4J8TCugxEhrQYtOV9VaIOxw4xOJsY1PB82sSG8v0QlFYCqebBqL29ElDwNSLZD27tVQr8PXdP9lpyyEfPl9bHZlk= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.527.15; Wed, 28 Feb 2018 21:11:08 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Wed, 28 Feb 2018 15:10:17 -0600 Message-Id: <20180228211028.83970-18-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180228211028.83970-1-brijesh.singh@amd.com> References: <20180228211028.83970-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM5PR10CA0008.namprd10.prod.outlook.com (2603:10b6:4:2::18) To DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 4d85f485-c5da-47d2-70b6-08d57eefca36 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:DM2PR12MB0155; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 3:zALQFjbB/502A+QK2mKWJD9mTUzwbBhs6TIdfmASYOu9QfqO08i49CHqRpY5JRTflxKNMUSaiP6iD7jSXeDmponry+ahAf/WquqGZjp6hEnOnWrkQ42UqI1F4zd5WoCbuiXf8rc9gVPx25lhSFK1fNz1RExhRCWxxE9cdpTUduFeFlWEsgWp/mbmXm09qA4Su3NhN4PirPycP0lCY5myo3sYAJH3tCpmjP5tvDpggjHwt4G6cJjiXjHMgCjrioAj; 25:ulsj/MGtOpocLmKmEIKb0CixxjpYuHzVtMNDcitnvQimMfkkKN7K3VtkvRp0grpuBl+opRAAum1PLrn6+qB60arN6VKvPP46ZaJ2ZD5gjtFQJHfjc0ncPLonjZAs6SgBq8c2RvoLZksuGsI4a8Uog0adt2zs0exctNjfj23enp6Jn5pottmyw+FSWyWSVfIYnWgfasGWdMyGW9TqFVIznftgs7vit5zpty+64193QPDsc4njuR33BoaQDvvIu++q8pK8fv4tkxuw6D9BU/2N7BrVHC0z7uPd4eriYzW62ufRjl4j6KEYpDBBN7KR9CDsRHZKwlFOH+PHaSHLs8UnoQ==; 31:cOXa7GuT4jBIn0eO1sDjj5EFHL9pcrT7B0AhSC/byRoifQFzxaSgZP2+DwPebXdNrbBUTuMNZHi2Q6XG7Lpj5DtHMEEOjkJP/zZsG8xb7qlCUc1oWdeYYtlZENyVSbiRWBSI4QhL8yi4tM+RYAUypcuNB6zsZopdsm2mRItSpBEwlKSSb+/Zkg+/zNahIvvt4s2bJF4sjxIdBauAWuDvl9oFo3ilOYAGiCLqoNoi6XY= X-MS-TrafficTypeDiagnostic: DM2PR12MB0155: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 20:HYBENyZ1/nDI9TgdSiINh93bw7wEkUOtOhvZbbXqVE+P7RBbLBrgCImn8MGcguZNJdHAa1B4apn0zSAd0WO2r+JNFVojo0t7AT6KT9rR3htaE4s+SkxjIBw+Ry9f1ahbKVPt3RMnX2W7YHxFJUL/yo+NeesUABDDLAM6g/M/zy2LPEkcnQOpTz0YvVwI+US4feNDj9P1bu3T9P5BHd5bQ9g7LgbHPudqcMqCJbu77g5VhlNJYDFuKnL5X6p0lUUAv/PRs6dIodlIUpow6J8wp9ZkJCvYG4CrOFfxPpappnaGI0pD7+p4B3ey9yr073iZLNLwveNQILYVHxqi8smlXny3SxSIFZXVmupCVdFqahvElW4NV5a0DHzNMIEb4BAwruutyfpWJVri+/uAChlkzlNb1NJ0jd6HwZp+TbE3iO5mq2BykXpAaqxwcHgV7QL3CVL6U7ni/y7U2z5y/FFLG7+DkvCqDudPUM4Nm7GnMP8afNRIlw34JqqOFclzSG/T; 4:zcolT2KVPFgpvgU/YdsmWjFRf8E5w6RlrQUC7EOjz0A5/5tPZEN8XB9JQVbbQ6Wu0MAlZnR2f8s4hyR1SX95vGYGxq6LudkF2sMdYrMS8Vv8loKkwntamFW7WitZIOh4ry0QGC4ae1aktAgDpc2ONCMjWqLfL/MRD6OgMVbC73Kh6nkude6EFbHxR56qja+9xElStjiG28d12HlBAR0tNit4QEsN+a9LNsa1224LvHJ9MCt/QkI4joVRZ4+NxpuuMQcWbbg6lWO4MtzMYzV9a5qCL5jsQOVUTkbyWa12j9phsKJpfqMBxv/UJbld7oXL X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(8121501046)(5005006)(3231220)(944501219)(52105095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041288)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011); SRVR:DM2PR12MB0155; BCL:0; PCL:0; RULEID:; SRVR:DM2PR12MB0155; X-Forefront-PRVS: 0597911EE1 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39860400002)(39380400002)(396003)(346002)(366004)(376002)(189003)(199004)(6486002)(6116002)(1076002)(2351001)(36756003)(16526019)(16586007)(54906003)(53416004)(26005)(53936002)(66066001)(186003)(47776003)(2361001)(478600001)(8666007)(316002)(81166006)(50226002)(8676002)(8936002)(386003)(106356001)(97736004)(5660300001)(2950100002)(6666003)(305945005)(4326008)(76176011)(7736002)(39060400002)(8656006)(105586002)(68736007)(50466002)(7696005)(51416003)(25786009)(48376002)(52116002)(3846002)(2906002)(86362001)(81156014)(7416002)(6916009); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0155; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0155; 23:KCkMg/2K2fxXGkdyWslgkqW2L/o26+J8pf3F2N6As?= =?us-ascii?Q?w1ilu/OnPZijYBnAlLhWzdrRYPnOfmai5jx1As0MxiEJRlWk01YqBzn3ne65?= =?us-ascii?Q?J3ak2k+nIVnLAfhLCUBmvPkkUhZystyRDH4DO7456Ml2ffgBmN5U85TdLSKI?= =?us-ascii?Q?jO+kuWW6uOEQ+g2ITqqm6FzOAhVLw3IehYx9FiZiHtUIrwCY9R/0ET8Z4i+2?= =?us-ascii?Q?O52/+HVIFViZw8t+dJi7cdbBP6WkTBoYWyytoS0mR1OYnS7XESNYXbe7pB1Q?= =?us-ascii?Q?uX5yZ3UIiFDJkzMXShvKlY63ouVvtuDgkEaB+6L6tylyeK0S/+nOvrDu4K4g?= =?us-ascii?Q?eveaOpyNRhzDmOCw90Hsq/7pom+3xBgA/BZJX8Muf4jQX0Lg/D/Oa51er9ot?= =?us-ascii?Q?TrcxlVYgeXzjqtJV1qZOl2DVky5ln1aPN4E00n0tuwu14xPJnWCV6wUpf5M0?= =?us-ascii?Q?SLTwL3CO1ChdmfR706FzafcXE3KfnikkKZzXzM8pCettw5cIjPGxWgDz16se?= =?us-ascii?Q?57jWei3PC3CmDd5c+g2rlesTU/Ud/r4E+XYggM0+MH8F1Lt25bFqZc/lpsM3?= =?us-ascii?Q?zyaZEzJb1x5g/oKFQED8o9qBid4nAVwota27wNQ0oQpJHEMbXal5SHBchLWC?= =?us-ascii?Q?ioWJz3QNYYzeNrM4c67vJNu5VFljx1nVl49+ENFKRAuBnUwDPtfoZ+V3lqDF?= =?us-ascii?Q?99A4u93+kGFks0vfqHuXGZKVcAlKNSXGRMK8u8E2nY+dAPKLH/+FmNuUnxLF?= =?us-ascii?Q?QvYKD+53EY2Lm/OST36IoXRySH1tMp4/zIPTe8PMLWMIXGcT/ekAR+/xrKH4?= =?us-ascii?Q?OnEU0TpTHYKJZlAYQ84GdO2XrEcshZjfCfsvghLmUU5aSVA0Reik8/7kgU6P?= =?us-ascii?Q?CuRaU+9n9+6efhDcIxeyNZehpUvsKkUobeL2WtBmH1v2vWqK7yHyUwqwJqwV?= =?us-ascii?Q?51kk9BZbzTX8OkGDyzA7mcFQhCZFKbOU/Ei3Osk8URjH3Hhq23tZh8YiLct6?= =?us-ascii?Q?UHVbO2KRivOfsfQxThZ3XBAUVgYfyI+XGZY2xKNGnb/PVQ//8TU5dcBqTIXH?= =?us-ascii?Q?dTFw8wucAKfwp96j9Fi33WaSo2yc02iLeOc2qMZZCaGjz6jzBz/t9gO4b87F?= =?us-ascii?Q?U2lC8T5oDQgFyoxuiU3Abcf43kYk3V8gcM9QftAvTYL4aQF2u2jidrb6EKME?= =?us-ascii?Q?523leyG2RSuwGQqiiqscOMBCGSGtXAbjiAHZUWvVepS658ult22QCpXTlLD1?= =?us-ascii?Q?ATviuRup7ThD2lRa8N78OW9iVocenS2tI6A6Qa0fEbRSofD+PnTNepfLRoF6?= =?us-ascii?B?Zz09?= X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 6:DQdjpEKH8v2hUxgBBtr2yTFsjNVMnozTd/nvFmf1J21qAJ4HIQUIQQHdqDq3DEGx/fpyQ0KCbR+kL9RM13TEZErZCGxvhWaX7PZEyBbCDzR0361u738FgCPO0i3jUzytIzAVryixbfrYFCCkd1yAt60p+SGosgWblDTHiTXTR6LldTjw1ijHwciMmZtn+64KFuBvtWBFv7cOhaofTYbLWzwIBLf3NxSStPSwc4nhJmcHTyifq4EUXpbf5pbChZIZoehN2t1AGkFBjDFPAj1EWi2brcFgnYnQmh3QjiY0rwMoeG3vBeOmqKRVVUbmaokmLYsGTaqXb6lXDNW7JvWiK0i03mEYkjpowFQlnCP8rxM=; 5:AGYtU7wVuHFOTFsjcVnFPD18Y7pF+J5RJoQcX5pgHxBW8sZZ8IJFBswpwVvO1PmCgqewjVlDd8S2LxMIb2Zh7SHxSL73yoTBDD89DKo9M1MykWqif9R0TGozSaBtKJoDE7HZTp3JV23BwIvyiYINGrJyYUiD5fmTe7eCvkdSA9U=; 24:znZJjX/eohCU43GikMiEerRg9y5KDBH7TnBmx6ovcaplI28GAbHoQ3YzpX1IqFpWiAGCouXwxgCjf7GAcazH1AtJoXr5Toe3MWyTuIcTcAI=; 7:C4bZbqsLczlFxuFjhezjRciWBskKtcEAqhKPLyy+6yyhYhSmUj/4hj3u1EI8p8cZPyGkltBDk2Tb4Hvdpo3zFGbz/x+kz6aXCZT3sHuZ9P5z9zrw6U7iOTmns5TF/YJDsVhQSrT1vgk+zizSQHm3htuIVp6pSKMoi2WiUJfD+M1VBXe7JM3u8OVjMpsMmlHsZLKI+72PGEloJkzAE4bKzeGElJmYiuDUwrbfKfqf5OPWYUo97OBLaIH0wxF4Pqfc SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 20:7xWWG9y5UpdtHbgOcpRsIdyqx03vpP6uiOZqGUVkf/DNQj5vCNfRbKiRmubl4q8nKSsj1E6cep2DHcFXTysUyR+/e6Affq+nhVN6ytQLxKp/9LYStfV0TyHAz0JzM6iQXMtJtIr5OAesadcU9cPEfjD1VdINyx5UYyvi+JND4DQKRfLKIaZTAiAgoLPJqi4SCwYjgWtYJGjo4Cdc6pxU+Z5gumPJo1pdWJV/Hee7zjaCl+cqC/9LznhmCoG4noff X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Feb 2018 21:11:08.9985 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4d85f485-c5da-47d2-70b6-08d57eefca36 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0155 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.36.54 Subject: [Qemu-devel] [PATCH v10 17/28] target/i386: encrypt bios rom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Richard Henderson , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- hw/i386/pc_sysfw.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 4325575e7d82..73ac783f2055 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -113,6 +113,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) pflash_t *system_flash; MemoryRegion *flash_mem; char name[64]; + void *flash_ptr; + int ret, flash_size; sector_bits = 12; sector_size = 1 << sector_bits; @@ -169,6 +171,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) if (unit == 0) { flash_mem = pflash_cfi01_get_memory(system_flash); pc_isa_bios_init(rom_memory, flash_mem, size); + + /* Encrypt the pflash boot ROM */ + if (kvm_memcrypt_enabled()) { + flash_ptr = memory_region_get_ram_ptr(flash_mem); + flash_size = memory_region_size(flash_mem); + ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size); + if (ret) { + error_report("failed to encrypt pflash rom"); + exit(1); + } + } } } }