[v12,23/28] qmp: add query-sev-launch-measure command

Message ID	20180308124901.83533-24-brijesh.singh@amd.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org> From: Brijesh Singh <brijesh.singh@amd.com> To: qemu-devel@nongnu.org Date: Thu, 8 Mar 2018 06:48:56 -0600 Message-ID: <20180308124901.83533-24-brijesh.singh@amd.com> In-Reply-To: <20180308124901.83533-1-brijesh.singh@amd.com> References: <20180308124901.83533-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0156; 23:yMLFFSFU82wppGr8QC69zZqhTXYFwwcr+MgqYnnHs?= =?us-ascii?Q?O9+9cRcSW0Iw1cOw1YEiY/iAsO1AIXJoC0i6j4NHVQCRGBDuqElmknlZ/lLp?= =?us-ascii?Q?6ohPA/RfjxiuKyHrUG2bhuc5dTT/18xsbFgyy2smFh3EZpXyj91vLW9v7Ltc?= =?us-ascii?Q?MftbPKUUghvzMYgEZQJ5oiMTWiVYXQFwOglP5UeLFRYiS1ildxMkbPFSuY7J?= =?us-ascii?Q?g/PMuJyZ149NWDQ+LSs7wbqLxqNsFtvJggbRAd37viS2xsxv1ynQkl1HcAzp?= =?us-ascii?Q?Dwhax1m6pwC7k4Rf/tU6OEjSt7rjfROgvFNsxApZuQDqJbdVIxmCn+AcLXl4?= =?us-ascii?Q?MJcatkMHV++is4o47I6Dm5wKYKnr4UkmyE4xAUmvlXrV5c7VIjLldkPnH5CC?= =?us-ascii?Q?JNE4JErlV26oT+e5CIXxeD2fv/j59HHelVhWvSvF7tFi6g8OHvX1T3iWyPHi?= =?us-ascii?Q?YUWpiN3PeghLXCqXZ/vhdlG7LLQn6UeedfBtTSb4YZ5zO1dNMCaFNre93NUo?= =?us-ascii?Q?P/IOROg8EdiiraA8qq4sjQlH4xLVu5CKXc9NN6vrNjfqfsm8wgvgNJFLwVPQ?= =?us-ascii?Q?X9qmUR75pCzX+Cz1ZhOT80NGqsGvOc/5gSo5FvicoX6VWIcupX3gKk4F2wys?= =?us-ascii?Q?Quo6biS5GTckgQFWwy2fsHFXH95/T/UO7bTVuV/cgDR3slCO39ICX/rmfX/S?= =?us-ascii?Q?OxrpTzYVvv+AFFtAunvxDmGV2gnUXKxnlCmkbU2LOcavHf+6DQFAfqr1eoh6?= =?us-ascii?Q?OKCm3/4PHEljjmOCmZ5SfSfzswvQzUStAOLlX4rYZyvtjK2x2TH3VLD/qK6H?= =?us-ascii?Q?oHwAbnu9oJindCtAzcLtzo/RLYmJHACQ98yQyWO5PD4jri5v/DVBl0510+S9?= =?us-ascii?Q?Lt3eN1J3hiiy/G9L1URoSJnKj8ai6tBvoqfv0QRgigxDJiDG4wHfz8k90y2a?= =?us-ascii?Q?bFG48TAmqPILEpB8fJzJzJ85QHkDjrABin3C3/4JMx3HUUezv8vF/noiV5Of?= =?us-ascii?Q?3uLWWhQ8mHNuQv6sO052M1utXqhk4//20AHWOK0lkuoUudeg85hkt84X7qnn?= =?us-ascii?Q?K8T2r252PSm/ILVDUhw5YpV6zfjFsp/4bZ0AQ//vQtaUNxkykfJ7Ca1UyDs6?= =?us-ascii?Q?od9+uH9EXUyHH98hG566AlTUnjtqeUou8eXJNBRzIn20UReebZHeIMS2ZMXE?= =?us-ascii?Q?Qo0LPmYWKvU0gbyiin+xTIES+CM+6AKf7QWKkTWY9za3giWTUFUn2ktoZ2y5?= =?us-ascii?Q?X1RxsXy/Dh1W0KNbfeZVU7xLkdSty0QHk9UspCVptfahF2iQiIGw3R4nW4Cw?= =?us-ascii?Q?MOI5gT7XwmcLuekWfqwSIg=3D?= X-Microsoft-Antispam-Message-Info: 5zsRft7UA+Ul8I3ToMVMISApNBDSxJlyd9BgW7aD8BOmivyicD1m2tgnG2kHRADgO8x/ziVVQozEeVeTHwltX30dkbxZbrdSqy1a+nCQFdaI5rDpqwEXUgxUZYuWtN5c51eYtSU0WExP04KPhExNCHTBybVwmVZwUwoJaOU7DCGMM8jy9LVzg2SqQ5ubmhX7 X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 6:OhP8VxOxoSgP11Jssi1lgDIdIeSX94xGIezMmHZwt1iHs/nKaBope7jvGZ6mwOLURn9fWYaazpF9t4CCPaUpiPczhe3FFibAgm+V3aqZl/WX7BUvoS1V57sWTm9IWjwD5V11yAB9bT0KcuV9JzvXLZBWxyFwBsFS1oaPCH63LfDBJilz3uEfiARhMuVpF9rr5jgkSXN/7COKjvQkWkZY5noB1qaKY1cI6FE4a/oCxfTcrEEgAuusoFwLL146l9e+mJE/BCBOl5vf8Vx6IynSbCzJ9W2P9IX63PI8kh/ov1jI7OmQcr25nndAWD6eaOoEZJ/LiUUYPnlelg5zR5uTFYqsHg6I+oKJn2DvMmxNMTg=; 5:pOalKCjJzO0QLRqyttno9ec+YlxH0e0LOqTARHLNhG81dNh9vJKGt5PJkEbPbtyzuIC/z8ktCIvSCOjBZ9+T7WBUL0s5s869+zhqubGX3mP2NvOxbDA/rZYKkwR8Vkw/LjDCZltzOmXylT38UuG4Q64l3DLxwOxXBkMSQfvvOlI=; 24:Caffl66MJAw6gDrvbQFFCQPiq04HvoDXDEyoMJMdyPmssKbjXR+6B62csHQ3rdMMX9cPljFUFrFrMiQ3TM3ZHQkGsJXJdZfUaIPCd9G4A8k=; 7:LSJBFAASMqjLAUjP1lpQjmmuT6REuHc4Fc/OZSbWNTOTywXuhqHAXuV4TmplyTD+3GdX5VRQ/JxGIZc9oRgVru/97IigbUO5cRlFt74vUWMggKYc/Evnm7nXxrqyZARTAoib4C26NNXWv/MpHUlq6zl8MgPwm0SK1kc/TTe4YmTsQtEQ9ZFyZ2aHcyjp3lwSy96MSf66vWZZBcLzpM75bLNPvU1u1Q4w/QqF+VVcjVw6XtaqLJd6jluQ6/1nwXT1 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:aHs3CWKxw1uGUG7VUygca+pAl8HNHCqJW7Kn7gYNuVyTAhP2IOIrA3UgZKqJnwTLY8I43kOY+LkDAjD7qTBYa3kc9QLpRJcfRMslVFQa2s0IUzU9zyvwHdNOk8RQ/7eElHQ/pXTVjSwH/uSHU6bwZke542z/mb/jbjMGVxSl+FdGGdyOTD2gwYUs13YAKkibmjJgslIE9pozV3YohDksJqmHAsklAbMiGBPaHsv4CImXa3eBZHu+my1T0ZHilxVZ Subject: [Qemu-devel] [PATCH v12 23/28] qmp: add query-sev-launch-measure command Precedence: list Cc: Peter Maydell <peter.maydell@linaro.org>, Brijesh Singh <brijesh.singh@amd.com>, kvm@vger.kernel.org, "Michael S. Tsirkin" <mst@redhat.com>, Stefan Hajnoczi <stefanha@gmail.com>, Alexander Graf <agraf@suse.de>, "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>, Markus Armbruster <armbru@redhat.com>, Bruce Rogers <brogers@suse.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Marcel Apfelbaum <marcel@redhat.com>, Borislav Petkov <bp@suse.de>, Thomas Lendacky <Thomas.Lendacky@amd.com>, Eduardo Habkost <ehabkost@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>, Alistair Francis <alistair.francis@xilinx.com>, Cornelia Huck <cornelia.huck@de.ibm.com>, Peter Crosthwaite <crosthwaite.peter@gmail.com>, Paolo Bonzini <pbonzini@redhat.com> Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>

Message ID

20180308124901.83533-24-brijesh.singh@amd.com (mailing list archive)

State

New, archived

Headers

From: Brijesh Singh <brijesh.singh@amd.com>
To: qemu-devel@nongnu.org
Date: Thu,  8 Mar 2018 06:48:56 -0600
Message-ID: <20180308124901.83533-24-brijesh.singh@amd.com>
In-Reply-To: <20180308124901.83533-1-brijesh.singh@amd.com>
References: <20180308124901.83533-1-brijesh.singh@amd.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Received-SPF: None (protection.outlook.com: amd.com does not designate
	permitted sender hosts)
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2018 12:50:20.0969
	(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: f6939de4-daaa-4987-32a8-08d584f327c2
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156
X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy]
X-Received-From: 104.47.37.85
Subject: [Qemu-devel] [PATCH v12 23/28] qmp: add query-sev-launch-measure
	command
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Peter Maydell <peter.maydell@linaro.org>,
	Brijesh Singh <brijesh.singh@amd.com>, kvm@vger.kernel.org,
	"Michael S. Tsirkin" <mst@redhat.com>,
	Stefan Hajnoczi <stefanha@gmail.com>, Alexander Graf <agraf@suse.de>, 
	"Edgar E. Iglesias" <edgar.iglesias@xilinx.com>,
	Markus Armbruster <armbru@redhat.com>, Bruce Rogers <brogers@suse.com>,
	Christian Borntraeger <borntraeger@de.ibm.com>,
	Marcel Apfelbaum <marcel@redhat.com>, Borislav Petkov <bp@suse.de>,
	Thomas Lendacky <Thomas.Lendacky@amd.com>,
	Eduardo Habkost <ehabkost@redhat.com>,
	Richard Henderson <richard.henderson@linaro.org>,
	"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
	Alistair Francis <alistair.francis@xilinx.com>,
	Cornelia Huck <cornelia.huck@de.ibm.com>,
	Peter Crosthwaite <crosthwaite.peter@gmail.com>,
	Paolo Bonzini <pbonzini@redhat.com>
Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Commit Message

Brijesh Singh March 8, 2018, 12:48 p.m. UTC

The command can be used by libvirt to retrieve the measurement of SEV guest.
This measurement is a signature of the memory contents that was encrypted
through the LAUNCH_UPDATE_DATA.

Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 monitor.c             |  7 +++++++
 qapi/misc.json        | 29 +++++++++++++++++++++++++++++
 target/i386/monitor.c | 17 +++++++++++++++++
 3 files changed, 53 insertions(+)

Comments

Daniel P. Berrangé March 8, 2018, 5:03 p.m. UTC | #1

On Thu, Mar 08, 2018 at 06:48:56AM -0600, Brijesh Singh wrote:
> The command can be used by libvirt to retrieve the measurement of SEV guest.
> This measurement is a signature of the memory contents that was encrypted
> through the LAUNCH_UPDATE_DATA.
> 
> Cc: "Daniel P. Berrangé" <berrange@redhat.com>
> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
> Cc: Markus Armbruster <armbru@redhat.com>
> Reviewed-by: Eric Blake <eblake@redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
>  monitor.c             |  7 +++++++
>  qapi/misc.json        | 29 +++++++++++++++++++++++++++++
>  target/i386/monitor.c | 17 +++++++++++++++++
>  3 files changed, 53 insertions(+)
> 
> diff --git a/monitor.c b/monitor.c
> index 2225cf5030dc..d53ecc5ddab3 100644
> --- a/monitor.c
> +++ b/monitor.c
> @@ -984,6 +984,7 @@ static void qmp_unregister_commands_hack(void)
>  #ifndef TARGET_I386
>      qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
>      qmp_unregister_command(&qmp_commands, "query-sev");
> +    qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
>  #endif
>  #ifndef TARGET_S390X
>      qmp_unregister_command(&qmp_commands, "dump-skeys");
> @@ -4110,6 +4111,12 @@ SevInfo *qmp_query_sev(Error **errp)
>      error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
>      return NULL;
>  }
> +
> +SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
> +{
> +    error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
> +    return NULL;
> +}
>  #endif
>  
>  #ifndef TARGET_S390X
> diff --git a/qapi/misc.json b/qapi/misc.json
> index 14681729f8fc..a39c43aa64b1 100644
> --- a/qapi/misc.json
> +++ b/qapi/misc.json
> @@ -3277,3 +3277,32 @@
>  #
>  ##
>  { 'command': 'query-sev', 'returns': 'SevInfo' }
> +
> +##
> +# @SevLaunchMeasureInfo:
> +#
> +# SEV Guest Launch measurement information
> +#
> +# @data: the measurement value encoded in base64
> +#
> +# Since: 2.12
> +#
> +##
> +{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'} }
> +
> +##
> +# @query-sev-launch-measure:
> +#
> +# Query the SEV guest launch information.
> +#
> +# Returns: The @SevLaunchMeasureInfo for the guest
> +#
> +# Since: 2.12
> +#
> +# Example:
> +#
> +# -> { "execute": "query-sev-launch-measure" }
> +# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
> +#
> +##
> +{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
> diff --git a/target/i386/monitor.c b/target/i386/monitor.c
> index 7df31c3cdf1b..e5596bbc0fc2 100644
> --- a/target/i386/monitor.c
> +++ b/target/i386/monitor.c
> @@ -720,3 +720,20 @@ void hmp_info_sev(Monitor *mon, const QDict *qdict)
>          monitor_printf(mon, "SEV is not enabled\n");
>      }
>  }
> +
> +SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
> +{
> +    char *data;
> +    SevLaunchMeasureInfo *info;
> +
> +    data = sev_get_launch_measurement();
> +    if (!data) {
> +        error_setg(errp, "Measurement is not available");
> +        return NULL;
> +    }
> +
> +    info = g_malloc0(sizeof(*info));

Minor preference for   g_new0(SevLaunchMeasureInfo, 1);

> +    info->data = data;
> +
> +    return info;
> +}

Regardless though

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel

diff --git a/monitor.c b/monitor.c
index 2225cf5030dc..d53ecc5ddab3 100644
--- a/monitor.c
+++ b/monitor.c
@@ -984,6 +984,7 @@  static void qmp_unregister_commands_hack(void)
 #ifndef TARGET_I386
     qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
     qmp_unregister_command(&qmp_commands, "query-sev");
+    qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
 #endif
 #ifndef TARGET_S390X
     qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4110,6 +4111,12 @@  SevInfo *qmp_query_sev(Error **errp)
     error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
     return NULL;
 }
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+    error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
+    return NULL;
+}
 #endif
 
 #ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index 14681729f8fc..a39c43aa64b1 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3277,3 +3277,32 @@ 
 #
 ##
 { 'command': 'query-sev', 'returns': 'SevInfo' }
+
+##
+# @SevLaunchMeasureInfo:
+#
+# SEV Guest Launch measurement information
+#
+# @data: the measurement value encoded in base64
+#
+# Since: 2.12
+#
+##
+{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'} }
+
+##
+# @query-sev-launch-measure:
+#
+# Query the SEV guest launch information.
+#
+# Returns: The @SevLaunchMeasureInfo for the guest
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev-launch-measure" }
+# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
+#
+##
+{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 7df31c3cdf1b..e5596bbc0fc2 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -720,3 +720,20 @@  void hmp_info_sev(Monitor *mon, const QDict *qdict)
         monitor_printf(mon, "SEV is not enabled\n");
     }
 }
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+    char *data;
+    SevLaunchMeasureInfo *info;
+
+    data = sev_get_launch_measurement();
+    if (!data) {
+        error_setg(errp, "Measurement is not available");
+        return NULL;
+    }
+
+    info = g_malloc0(sizeof(*info));
+    info->data = data;
+
+    return info;
+}

[v12,23/28] qmp: add query-sev-launch-measure command

Commit Message

Comments

Patch