From patchwork Thu Mar 2 09:23:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dov Murik X-Patchwork-Id: 13156875 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 40F10C678D4 for ; Thu, 2 Mar 2023 09:25:15 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pXfAV-0006EW-UF; Thu, 02 Mar 2023 04:24:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAU-0006Cy-B3 for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:06 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5] helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAS-0002yR-Gs for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:06 -0500 Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3228ZkuI021884; Thu, 2 Mar 2023 09:23:58 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=hq6+PiXSjq/SERbehe6IHlKkSd1zE0ohkKg6DQTbGvY=; b=tnlMVcTsri4iO9R4qPHTXPf4EGQskLGlVix3458UlMA/Ds2Wv+sp6T6MPrxOyYtiEfnj AgmZ8c7tE0/7rSV4fiZIyQK/imqpEjoBTP+763U+la+kbGafQWQc1PAIy7REe7ydd871 xfzG6OBk+7bj49wepaK+tXha97pzV4ZheMk/SpkcMlAXDrdGrpLWqqDWp98uDOK72dY2 9T9pTvizt6Qmoxhz/KVe8v/vJOdkKY7DmB6OoERss3fs1Zsu3jwd9jy2AO7bZ+uhGGQ/ 5+KZFrUgJHGLLHq3vhYHQEvpXss8pP6+/1TdsqRwqD02WC7muFjEO+Jv5DoeEyDSavvA RA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2re31buj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:23:58 +0000 Received: from m0098416.ppops.net (m0098416.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 3228tLls009110; Thu, 2 Mar 2023 09:23:58 GMT Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2re31bu7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:23:57 +0000 Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 32264gHT020103; Thu, 2 Mar 2023 09:23:57 GMT Received: from smtprelay04.wdc07v.mail.ibm.com ([9.208.129.114]) by ppma02wdc.us.ibm.com (PPS) with ESMTPS id 3nybe241g8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:23:57 +0000 Received: from smtpav05.wdc07v.mail.ibm.com (smtpav05.wdc07v.mail.ibm.com [10.39.53.232]) by smtprelay04.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3229NtrO36307622 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 2 Mar 2023 09:23:55 GMT Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 641B958043; Thu, 2 Mar 2023 09:23:55 +0000 (GMT) Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E8A8658059; Thu, 2 Mar 2023 09:23:53 +0000 (GMT) Received: from amdmilan1.watson.ibm.com (unknown [9.2.130.16]) by smtpav05.wdc07v.mail.ibm.com (Postfix) with ESMTP; Thu, 2 Mar 2023 09:23:53 +0000 (GMT) From: Dov Murik To: qemu-devel@nongnu.org Cc: Dov Murik , Paolo Bonzini , =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= , "Dr . David Alan Gilbert" , Eduardo Habkost , Eric Blake , Markus Armbruster , Marcelo Tosatti , Gerd Hoffmann , James Bottomley , Tom Lendacky , Michael Roth , Ashish Kalra , Mario Smarduch , Tobin Feldman-Fitzthum Subject: [RFC PATCH v3 1/4] qapi, i386: Move kernel-hashes to SevCommonProperties Date: Thu, 2 Mar 2023 09:23:44 +0000 Message-Id: <20230302092347.1988853-2-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230302092347.1988853-1-dovmurik@linux.ibm.com> References: <20230302092347.1988853-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: GbBSxo5EroMT4xog73rnnTlIOqtFFGPH X-Proofpoint-ORIG-GUID: U76tqW2Hdntgm3lYUppAtYydfiVryD45 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-02_04,2023-03-02_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 clxscore=1015 mlxscore=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 bulkscore=0 suspectscore=0 impostorscore=0 spamscore=0 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303020078 Received-SPF: pass client-ip=148.163.158.5; envelope-from=dovmurik@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -19 X-Spam_score: -2.0 X-Spam_bar: -- X-Spam_report: (-2.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In order to enable kernel-hashes for SNP, pull it from SevGuestProperties to its parent SevCommonProperties so it will be available for both SEV and SNP. Signed-off-by: Dov Murik --- qapi/qom.json | 12 ++++++------ target/i386/sev.c | 44 ++++++++++++++++++-------------------------- 2 files changed, 24 insertions(+), 32 deletions(-) diff --git a/qapi/qom.json b/qapi/qom.json index 33abba0e04..9b2897d54c 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -836,6 +836,10 @@ # @reduced-phys-bits: number of bits in physical addresses that become # unavailable when SEV is enabled # +# @kernel-hashes: if true, add hashes of kernel/initrd/cmdline to a +# designated guest firmware page for measured boot +# with -kernel (default: false) (since 6.2) +# # @upm-mode: configure Unmapped Private Memory mode # # @discard: configure how discarding is handled for memory after @@ -848,6 +852,7 @@ 'data': { '*sev-device': 'str', '*cbitpos': 'uint32', 'reduced-phys-bits': 'uint32', + '*kernel-hashes': 'bool', '*upm-mode': 'bool', '*discard': 'str' } } @@ -864,10 +869,6 @@ # # @handle: SEV firmware handle (default: 0) # -# @kernel-hashes: if true, add hashes of kernel/initrd/cmdline to a -# designated guest firmware page for measured boot -# with -kernel (default: false) (since 6.2) -# # Since: 2.12 ## { 'struct': 'SevGuestProperties', @@ -875,8 +876,7 @@ 'data': { '*dh-cert-file': 'str', '*session-file': 'str', '*policy': 'uint32', - '*handle': 'uint32', - '*kernel-hashes': 'bool' } } + '*handle': 'uint32' } } ## # @SevSnpGuestProperties: diff --git a/target/i386/sev.c b/target/i386/sev.c index 758e8225c2..6b8e85888f 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -64,6 +64,7 @@ struct SevCommonState { char *sev_device; uint32_t cbitpos; uint32_t reduced_phys_bits; + bool kernel_hashes; bool upm_mode; char *discard; @@ -88,7 +89,6 @@ struct SevGuestState { uint32_t policy; char *dh_cert_file; char *session_file; - bool kernel_hashes; }; struct SevSnpGuestState { @@ -390,6 +390,16 @@ sev_common_set_sev_device(Object *obj, const char *value, Error **errp) SEV_COMMON(obj)->sev_device = g_strdup(value); } +static bool sev_common_get_kernel_hashes(Object *obj, Error **errp) +{ + return SEV_COMMON(obj)->kernel_hashes; +} + +static void sev_common_set_kernel_hashes(Object *obj, bool value, Error **errp) +{ + SEV_COMMON(obj)->kernel_hashes = value; +} + static bool sev_common_get_upm_mode(Object *obj, Error **errp) { return SEV_COMMON(obj)->upm_mode; @@ -420,6 +430,11 @@ sev_common_class_init(ObjectClass *oc, void *data) sev_common_set_sev_device); object_class_property_set_description(oc, "sev-device", "SEV device to use"); + object_class_property_add_bool(oc, "kernel-hashes", + sev_common_get_kernel_hashes, + sev_common_set_kernel_hashes); + object_class_property_set_description(oc, "kernel-hashes", + "add kernel hashes to guest firmware for measured Linux boot"); object_class_property_add_bool(oc, "upm-mode", sev_common_get_upm_mode, sev_common_set_upm_mode); @@ -484,20 +499,6 @@ sev_guest_set_session_file(Object *obj, const char *value, Error **errp) SEV_GUEST(obj)->session_file = g_strdup(value); } -static bool sev_guest_get_kernel_hashes(Object *obj, Error **errp) -{ - SevGuestState *sev_guest = SEV_GUEST(obj); - - return sev_guest->kernel_hashes; -} - -static void sev_guest_set_kernel_hashes(Object *obj, bool value, Error **errp) -{ - SevGuestState *sev = SEV_GUEST(obj); - - sev->kernel_hashes = value; -} - static void sev_guest_class_init(ObjectClass *oc, void *data) { @@ -511,11 +512,6 @@ sev_guest_class_init(ObjectClass *oc, void *data) sev_guest_set_session_file); object_class_property_set_description(oc, "session-file", "guest owners session parameters (encoded with base64)"); - object_class_property_add_bool(oc, "kernel-hashes", - sev_guest_get_kernel_hashes, - sev_guest_set_kernel_hashes); - object_class_property_set_description(oc, "kernel-hashes", - "add kernel hashes to guest firmware for measured Linux boot"); } static void @@ -2088,16 +2084,12 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) MemTxAttrs attrs = { 0 }; bool ret = true; SevCommonState *sev_common = SEV_COMMON(MACHINE(qdev_get_machine())->cgs); - SevGuestState *sev_guest = - (SevGuestState *)object_dynamic_cast(OBJECT(sev_common), - TYPE_SEV_GUEST); /* * Only add the kernel hashes if the sev-guest configuration explicitly - * stated kernel-hashes=on. Currently only enabled for SEV/SEV-ES guests, - * so check for TYPE_SEV_GUEST as well. + * stated kernel-hashes=on. */ - if (sev_guest && !sev_guest->kernel_hashes) { + if (!sev_common->kernel_hashes) { return false; } From patchwork Thu Mar 2 09:23:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dov Murik X-Patchwork-Id: 13156877 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 7D05AC7EE30 for ; Thu, 2 Mar 2023 09:25:34 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pXfAW-0006GK-SM; Thu, 02 Mar 2023 04:24:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAV-0006Eo-Oj for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:07 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAS-0002yw-Ln for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:07 -0500 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3228HNto007430; Thu, 2 Mar 2023 09:24:01 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=tjt2l/Ru2eYa0JCmd9E9NLId+1aX4WjU2UiGwTwLCVM=; b=sWZYQlEWI1S5KrRhnr2nKedWJPKbhSXMpPLu2hC3LR8bl/0a51nT6oNJf+k5kgr7VzNd xJHPdok1ivxSlhWtHChOGdynyDGgsxWj+EUhfh5ayfpQdBe9VIh0WFQkyWMFRov6ezFM k5sNlofq9JonqUP6AcUDttZo+Gul6n31Mupz4FHevDEijPNr4c35rBd4Ar3q1Bjnejqi w6Gq5als7u06rF8XquaZvEVTspE4/q+1qKwad0kCTgEFV2La9rCL40kOYODGVLOzK1kT JXApZQaqMNlL/fXFozP6G1q7BtZpncHAaT06gexEc9II6Yu3Mf0IRfkIqr+Bwgy/i52K Lg== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2r5essrq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:01 +0000 Received: from m0098404.ppops.net (m0098404.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 3228jQqN025947; Thu, 2 Mar 2023 09:24:00 GMT Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2r5essra-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:00 +0000 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3227PUoQ017448; Thu, 2 Mar 2023 09:23:59 GMT Received: from smtprelay06.wdc07v.mail.ibm.com ([9.208.129.118]) by ppma01dal.us.ibm.com (PPS) with ESMTPS id 3nybchtwg0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:23:59 +0000 Received: from smtpav05.wdc07v.mail.ibm.com (smtpav05.wdc07v.mail.ibm.com [10.39.53.232]) by smtprelay06.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3229Nvo14194958 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 2 Mar 2023 09:23:57 GMT Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1AD0E58053; Thu, 2 Mar 2023 09:23:57 +0000 (GMT) Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 904FA58059; Thu, 2 Mar 2023 09:23:55 +0000 (GMT) Received: from amdmilan1.watson.ibm.com (unknown [9.2.130.16]) by smtpav05.wdc07v.mail.ibm.com (Postfix) with ESMTP; Thu, 2 Mar 2023 09:23:55 +0000 (GMT) From: Dov Murik To: qemu-devel@nongnu.org Cc: Dov Murik , Paolo Bonzini , =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= , "Dr . David Alan Gilbert" , Eduardo Habkost , Eric Blake , Markus Armbruster , Marcelo Tosatti , Gerd Hoffmann , James Bottomley , Tom Lendacky , Michael Roth , Ashish Kalra , Mario Smarduch , Tobin Feldman-Fitzthum Subject: [RFC PATCH v3 2/4] i386/sev: Extract build_kernel_loader_hashes Date: Thu, 2 Mar 2023 09:23:45 +0000 Message-Id: <20230302092347.1988853-3-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230302092347.1988853-1-dovmurik@linux.ibm.com> References: <20230302092347.1988853-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 6I4nRYyxb0z6an6Jusdlnq1XcpS9K0xh X-Proofpoint-ORIG-GUID: koVNGdW3Em589boMeZ8P6_1_lLZMccSi X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-02_04,2023-03-02_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxlogscore=999 malwarescore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 phishscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 bulkscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303020078 Received-SPF: pass client-ip=148.163.156.1; envelope-from=dovmurik@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -19 X-Spam_score: -2.0 X-Spam_bar: -- X-Spam_report: (-2.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Extract the building of the kernel hashes table out from sev_add_kernel_loader_hashes() to allow building it in other memory areas (for SNP support). No functional change intended. Signed-off-by: Dov Murik --- target/i386/sev.c | 110 ++++++++++++++++++++++++++-------------------- 1 file changed, 62 insertions(+), 48 deletions(-) diff --git a/target/i386/sev.c b/target/i386/sev.c index 6b8e85888f..a3c5c10f5f 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -2065,50 +2065,16 @@ static const QemuUUID sev_cmdline_entry_guid = { 0x4d, 0x36, 0xab, 0x2a) }; -/* - * Add the hashes of the linux kernel/initrd/cmdline to an encrypted guest page - * which is included in SEV's initial memory measurement. - */ -bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) +static bool build_kernel_loader_hashes(PaddedSevHashTable *padded_ht, + SevKernelLoaderContext *ctx, + Error **errp) { - uint8_t *data; - SevHashTableDescriptor *area; SevHashTable *ht; - PaddedSevHashTable *padded_ht; uint8_t cmdline_hash[HASH_SIZE]; uint8_t initrd_hash[HASH_SIZE]; uint8_t kernel_hash[HASH_SIZE]; uint8_t *hashp; size_t hash_len = HASH_SIZE; - hwaddr mapped_len = sizeof(*padded_ht); - MemTxAttrs attrs = { 0 }; - bool ret = true; - SevCommonState *sev_common = SEV_COMMON(MACHINE(qdev_get_machine())->cgs); - - /* - * Only add the kernel hashes if the sev-guest configuration explicitly - * stated kernel-hashes=on. - */ - if (!sev_common->kernel_hashes) { - return false; - } - - if (!pc_system_ovmf_table_find(SEV_HASH_TABLE_RV_GUID, &data, NULL)) { - error_setg(errp, "SEV: kernel specified but guest firmware " - "has no hashes table GUID"); - return false; - } - - if (sev_snp_enabled()) { - return false; - } - - area = (SevHashTableDescriptor *)data; - if (!area->base || area->size < sizeof(PaddedSevHashTable)) { - error_setg(errp, "SEV: guest firmware hashes table area is invalid " - "(base=0x%x size=0x%x)", area->base, area->size); - return false; - } /* * Calculate hash of kernel command-line with the terminating null byte. If @@ -2145,16 +2111,6 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) } assert(hash_len == HASH_SIZE); - /* - * Populate the hashes table in the guest's memory at the OVMF-designated - * area for the SEV hashes table - */ - padded_ht = address_space_map(&address_space_memory, area->base, - &mapped_len, true, attrs); - if (!padded_ht || mapped_len != sizeof(*padded_ht)) { - error_setg(errp, "SEV: cannot map hashes table guest memory area"); - return false; - } ht = &padded_ht->ht; ht->guid = sev_hash_table_header_guid; @@ -2175,7 +2131,65 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) /* zero the excess data so the measurement can be reliably calculated */ memset(padded_ht->padding, 0, sizeof(padded_ht->padding)); - if (sev_encrypt_flash(area->base, (uint8_t *)padded_ht, sizeof(*padded_ht), errp) < 0) { + return true; +} + +/* + * Add the hashes of the linux kernel/initrd/cmdline to an encrypted guest page + * which is included in SEV's initial memory measurement. + */ +bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) +{ + uint8_t *data; + SevHashTableDescriptor *area; + PaddedSevHashTable *padded_ht; + hwaddr mapped_len = sizeof(*padded_ht); + MemTxAttrs attrs = { 0 }; + bool ret = true; + SevCommonState *sev_common = SEV_COMMON(MACHINE(qdev_get_machine())->cgs); + + /* + * Only add the kernel hashes if the sev-guest configuration explicitly + * stated kernel-hashes=on. + */ + if (!sev_common->kernel_hashes) { + return false; + } + + if (!pc_system_ovmf_table_find(SEV_HASH_TABLE_RV_GUID, &data, NULL)) { + error_setg(errp, "SEV: kernel specified but guest firmware " + "has no hashes table GUID"); + return false; + } + + if (sev_snp_enabled()) { + return false; + } + + area = (SevHashTableDescriptor *)data; + if (!area->base || area->size < sizeof(PaddedSevHashTable)) { + error_setg(errp, "SEV: guest firmware hashes table area is invalid " + "(base=0x%x size=0x%x)", area->base, area->size); + return false; + } + + /* + * Populate the hashes table in the guest's memory at the OVMF-designated + * area for the SEV hashes table + */ + padded_ht = address_space_map(&address_space_memory, area->base, + &mapped_len, true, attrs); + if (!padded_ht || mapped_len != sizeof(*padded_ht)) { + error_setg(errp, "SEV: cannot map hashes table guest memory area"); + return false; + } + + if (build_kernel_loader_hashes(padded_ht, ctx, errp)) { + if (sev_encrypt_flash(area->base, (uint8_t *)padded_ht, + sizeof(*padded_ht), errp) < 0) { + ret = false; + } + } else { ret = false; } From patchwork Thu Mar 2 09:23:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dov Murik X-Patchwork-Id: 13156876 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id B43E2C678D4 for ; Thu, 2 Mar 2023 09:25:25 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pXfAa-0006IA-9N; Thu, 02 Mar 2023 04:24:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAY-0006HT-OP for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:10 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAX-0002zt-3w for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:10 -0500 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3228HAxo006439; Thu, 2 Mar 2023 09:24:05 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=+kykg0JiluwnhLvda5rirxI9DFW2F0Z9NViicfTgT6s=; b=Tqn+JLdYK5021YuKuIu0PtXb1KI9+4KENo4bATdD/l4vHkZaR04+5ehrzZQ5t3UomuON LtRqljVr0cwwNKbsmj3UvUWcG0NTN0xyNKluOUL1hT1/UlzmKhvpwwSuIt2hI9BvEGXO Gc+AQRRc1NTV4ukHgsvkk0aL3gMSvnP0ZmH03UAnEKozH9TBpFITTykdrzfB/QlldTbz wlfr4lUFeAY8XJMfJslTmWLPi0PhuWVka2Ldi633+RtFw2t04ZnsTPPeBfUQkGPKvhm5 keNbHiGJMnpVzxR9mVGO03bI6iAlO4XiPZL3WueCj/OgPb0rh5/rDPoHO7IEX97BoU21 fA== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2r5essu5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:05 +0000 Received: from m0098404.ppops.net (m0098404.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 3229InA9021788; Thu, 2 Mar 2023 09:24:04 GMT Received: from ppma04dal.us.ibm.com (7a.29.35a9.ip4.static.sl-reverse.com [169.53.41.122]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2r5esstj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:04 +0000 Received: from pps.filterd (ppma04dal.us.ibm.com [127.0.0.1]) by ppma04dal.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3227kWLN005616; Thu, 2 Mar 2023 09:24:03 GMT Received: from smtprelay07.wdc07v.mail.ibm.com ([9.208.129.116]) by ppma04dal.us.ibm.com (PPS) with ESMTPS id 3nybexjy6m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:03 +0000 Received: from smtpav05.wdc07v.mail.ibm.com (smtpav05.wdc07v.mail.ibm.com [10.39.53.232]) by smtprelay07.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3229O10R131742 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 2 Mar 2023 09:24:01 GMT Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AD14858053; Thu, 2 Mar 2023 09:23:58 +0000 (GMT) Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4225758059; Thu, 2 Mar 2023 09:23:57 +0000 (GMT) Received: from amdmilan1.watson.ibm.com (unknown [9.2.130.16]) by smtpav05.wdc07v.mail.ibm.com (Postfix) with ESMTP; Thu, 2 Mar 2023 09:23:57 +0000 (GMT) From: Dov Murik To: qemu-devel@nongnu.org Cc: Dov Murik , Paolo Bonzini , =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= , "Dr . David Alan Gilbert" , Eduardo Habkost , Eric Blake , Markus Armbruster , Marcelo Tosatti , Gerd Hoffmann , James Bottomley , Tom Lendacky , Michael Roth , Ashish Kalra , Mario Smarduch , Tobin Feldman-Fitzthum Subject: [RFC PATCH v3 3/4] i386/sev: Reorder struct declarations Date: Thu, 2 Mar 2023 09:23:46 +0000 Message-Id: <20230302092347.1988853-4-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230302092347.1988853-1-dovmurik@linux.ibm.com> References: <20230302092347.1988853-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: 6n3vBw9KbpP8w-4km2WxW7Fp8MygQWMD X-Proofpoint-ORIG-GUID: IJAAkW4CEfKvdhxNypN7gXmFZiX9i4Ti X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-02_04,2023-03-02_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxlogscore=958 malwarescore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 phishscore=0 mlxscore=0 impostorscore=0 priorityscore=1501 bulkscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303020078 Received-SPF: pass client-ip=148.163.156.1; envelope-from=dovmurik@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -19 X-Spam_score: -2.0 X-Spam_bar: -- X-Spam_report: (-2.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Move the declaration of PaddedSevHashTable before SevSnpGuest so we can add a new such field to the latter. No functional change intended. Signed-off-by: Dov Murik --- target/i386/sev.c | 56 +++++++++++++++++++++++------------------------ 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/target/i386/sev.c b/target/i386/sev.c index a3c5c10f5f..126e40ec26 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -40,6 +40,34 @@ #include "exec/address-spaces.h" #include "exec/ramblock.h" +/* hard code sha256 digest size */ +#define HASH_SIZE 32 + +typedef struct QEMU_PACKED SevHashTableEntry { + QemuUUID guid; + uint16_t len; + uint8_t hash[HASH_SIZE]; +} SevHashTableEntry; + +typedef struct QEMU_PACKED SevHashTable { + QemuUUID guid; + uint16_t len; + SevHashTableEntry cmdline; + SevHashTableEntry initrd; + SevHashTableEntry kernel; +} SevHashTable; + +/* + * Data encrypted by sev_encrypt_flash() must be padded to a multiple of + * 16 bytes. + */ +typedef struct QEMU_PACKED PaddedSevHashTable { + SevHashTable ht; + uint8_t padding[ROUND_UP(sizeof(SevHashTable), 16) - sizeof(SevHashTable)]; +} PaddedSevHashTable; + +QEMU_BUILD_BUG_ON(sizeof(PaddedSevHashTable) % 16 != 0); + #define TYPE_SEV_COMMON "sev-common" OBJECT_DECLARE_SIMPLE_TYPE(SevCommonState, SEV_COMMON) #define TYPE_SEV_GUEST "sev-guest" @@ -123,34 +151,6 @@ typedef struct QEMU_PACKED SevHashTableDescriptor { uint32_t size; } SevHashTableDescriptor; -/* hard code sha256 digest size */ -#define HASH_SIZE 32 - -typedef struct QEMU_PACKED SevHashTableEntry { - QemuUUID guid; - uint16_t len; - uint8_t hash[HASH_SIZE]; -} SevHashTableEntry; - -typedef struct QEMU_PACKED SevHashTable { - QemuUUID guid; - uint16_t len; - SevHashTableEntry cmdline; - SevHashTableEntry initrd; - SevHashTableEntry kernel; -} SevHashTable; - -/* - * Data encrypted by sev_encrypt_flash() must be padded to a multiple of - * 16 bytes. - */ -typedef struct QEMU_PACKED PaddedSevHashTable { - SevHashTable ht; - uint8_t padding[ROUND_UP(sizeof(SevHashTable), 16) - sizeof(SevHashTable)]; -} PaddedSevHashTable; - -QEMU_BUILD_BUG_ON(sizeof(PaddedSevHashTable) % 16 != 0); - static Error *sev_mig_blocker; static const char *const sev_fw_errlist[] = { From patchwork Thu Mar 2 09:23:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dov Murik X-Patchwork-Id: 13156878 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 74700C6FA8E for ; Thu, 2 Mar 2023 09:25:34 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pXfAX-0006Gq-L4; Thu, 02 Mar 2023 04:24:09 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAV-0006FC-Rk for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:07 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5] helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pXfAU-0002zI-1p for qemu-devel@nongnu.org; Thu, 02 Mar 2023 04:24:07 -0500 Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3228ZlEO021904; Thu, 2 Mar 2023 09:24:03 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding; s=pp1; bh=vPLk/e2oosadXWIcQOfevRiTO6C/yOzd4FWWULnuD1s=; b=Hdbutq4lYE9zhHqKA6oHBc1DlUxoUKmv7cMv0KvBFlw+UiiiV+2v/pBUQ+YObryusH4i YJ9SCMzpQ8TPSPi29C0j5Xg+w3Aoy/yCFpHDxfFGkZZXRu9aKFvJNkUMWmXq6w9gmfa1 hsiu9kuiVe5A0P/ff+zlWp88h9TBdEDT5D1cCqmTI4ANDyRLRbBMG9vIqtpp+/Wc6m/f 5FmPv11SPMdZdX8Y6rvreeJWGWsIeVeqWv/O7LBK6Ngb8GTnLxH8oXL1Vq4EWPZdzvnY 6h5vYkv8PpfJ3+7mIf4/m/sCZ1BH3aQdZL9lyX4Cc86gX2pQJhnudpwvxa1tgJqx4QO4 Tw== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2re31bws-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:03 +0000 Received: from m0098416.ppops.net (m0098416.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 32290Mh2029080; Thu, 2 Mar 2023 09:24:02 GMT Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3p2re31bw9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:02 +0000 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 3226KaPC024608; Thu, 2 Mar 2023 09:24:01 GMT Received: from smtprelay03.dal12v.mail.ibm.com ([9.208.130.98]) by ppma05wdc.us.ibm.com (PPS) with ESMTPS id 3nybe9v1w3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 02 Mar 2023 09:24:01 +0000 Received: from smtpav05.wdc07v.mail.ibm.com (smtpav05.wdc07v.mail.ibm.com [10.39.53.232]) by smtprelay03.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 3229O0o543581842 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 2 Mar 2023 09:24:00 GMT Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4F75F5805D; Thu, 2 Mar 2023 09:24:00 +0000 (GMT) Received: from smtpav05.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D4CAA58061; Thu, 2 Mar 2023 09:23:58 +0000 (GMT) Received: from amdmilan1.watson.ibm.com (unknown [9.2.130.16]) by smtpav05.wdc07v.mail.ibm.com (Postfix) with ESMTP; Thu, 2 Mar 2023 09:23:58 +0000 (GMT) From: Dov Murik To: qemu-devel@nongnu.org Cc: Dov Murik , Paolo Bonzini , =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= , "Dr . David Alan Gilbert" , Eduardo Habkost , Eric Blake , Markus Armbruster , Marcelo Tosatti , Gerd Hoffmann , James Bottomley , Tom Lendacky , Michael Roth , Ashish Kalra , Mario Smarduch , Tobin Feldman-Fitzthum Subject: [RFC PATCH v3 4/4] i386/sev: Allow measured direct kernel boot on SNP Date: Thu, 2 Mar 2023 09:23:47 +0000 Message-Id: <20230302092347.1988853-5-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230302092347.1988853-1-dovmurik@linux.ibm.com> References: <20230302092347.1988853-1-dovmurik@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Jgbc9TQqoLwV-E0tPTkh-LVw3JJCY1jM X-Proofpoint-ORIG-GUID: liQZoXhzBQJ3lJrtW2djRp2NnCXATgd5 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22 definitions=2023-03-02_04,2023-03-02_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 clxscore=1015 mlxscore=0 lowpriorityscore=0 priorityscore=1501 adultscore=0 bulkscore=0 suspectscore=0 impostorscore=0 spamscore=0 phishscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2303020078 Received-SPF: pass client-ip=148.163.158.5; envelope-from=dovmurik@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -19 X-Spam_score: -2.0 X-Spam_bar: -- X-Spam_report: (-2.0 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org In SNP, the hashes page designated with a specific metadata entry published in AmdSev OVMF. Therefore, if the user enabled kernel hashes (for measured direct boot), QEMU should prepare the content of hashes table, and during the processing of the metadata entry it copy the content into the designated page and encrypt it. Note that in SNP (unlike SEV and SEV-ES) the measurements is done in whole 4KB pages. Therefore QEMU zeros the whole page that includes the hashes table, and fills in the kernel hashes area in that page, and then encrypts the whole page. The rest of the page is reserved for SEV launch secrets which are not usable anyway on SNP. If the user disabled kernel hashes, QEMU pre-validates the kernel hashes page as a zero page. Signed-off-by: Dov Murik --- include/hw/i386/pc.h | 2 ++ target/i386/sev.c | 40 ++++++++++++++++++++++++++++++++++++---- 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/include/hw/i386/pc.h b/include/hw/i386/pc.h index 2b8212b416..32b5ca45ec 100644 --- a/include/hw/i386/pc.h +++ b/include/hw/i386/pc.h @@ -163,6 +163,8 @@ typedef enum { SEV_DESC_TYPE_SNP_SECRETS, /* The section contains address that can be used as a CPUID page */ SEV_DESC_TYPE_CPUID, + /* The section contains the region for kernel hashes for measured direct boot */ + SEV_DESC_TYPE_SNP_KERNEL_HASHES = 0x10, } ovmf_sev_metadata_desc_type; diff --git a/target/i386/sev.c b/target/i386/sev.c index 126e40ec26..ef47fd748f 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -131,6 +131,9 @@ struct SevSnpGuestState { struct kvm_snp_init kvm_init_conf; struct kvm_sev_snp_launch_start kvm_start_conf; struct kvm_sev_snp_launch_finish kvm_finish_conf; + + uint32_t kernel_hashes_offset; + PaddedSevHashTable *kernel_hashes_data; }; #define DEFAULT_GUEST_POLICY 0x1 /* disable debug */ @@ -1529,6 +1532,23 @@ snp_launch_update_cpuid(SevSnpGuestState *sev_snp, uint32_t cpuid_addr, return 0; } +static int +snp_launch_update_kernel_hashes(SevSnpGuestState *sev_snp, uint32_t addr, + void *hva, uint32_t len) +{ + int type = KVM_SEV_SNP_PAGE_TYPE_ZERO; + if (sev_snp->sev_common.kernel_hashes) { + assert(sev_snp->kernel_hashes_data); + assert((sev_snp->kernel_hashes_offset + + sizeof(*sev_snp->kernel_hashes_data)) <= len); + memset(hva, 0, len); + memcpy(hva + sev_snp->kernel_hashes_offset, sev_snp->kernel_hashes_data, + sizeof(*sev_snp->kernel_hashes_data)); + type = KVM_SEV_SNP_PAGE_TYPE_NORMAL; + } + return sev_snp_launch_update(sev_snp, addr, hva, len, type); +} + static int snp_metadata_desc_to_page_type(int desc_type) { @@ -1537,6 +1557,7 @@ snp_metadata_desc_to_page_type(int desc_type) case SEV_DESC_TYPE_SNP_SEC_MEM: return KVM_SEV_SNP_PAGE_TYPE_ZERO; case SEV_DESC_TYPE_SNP_SECRETS: return KVM_SEV_SNP_PAGE_TYPE_SECRETS; case SEV_DESC_TYPE_CPUID: return KVM_SEV_SNP_PAGE_TYPE_CPUID; + case SEV_DESC_TYPE_SNP_KERNEL_HASHES: return KVM_SEV_SNP_PAGE_TYPE_NORMAL; default: return -1; } } @@ -1568,6 +1589,9 @@ snp_populate_metadata_pages(SevSnpGuestState *sev_snp, if (type == KVM_SEV_SNP_PAGE_TYPE_CPUID) { ret = snp_launch_update_cpuid(sev_snp, desc->base, hva, desc->len); + } else if (desc->type == SEV_DESC_TYPE_SNP_KERNEL_HASHES) { + ret = snp_launch_update_kernel_hashes(sev_snp, desc->base, hva, + desc->len); } else { ret = sev_snp_launch_update(sev_snp, desc->base, hva, desc->len, type); @@ -2162,10 +2186,6 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) return false; } - if (sev_snp_enabled()) { - return false; - } - area = (SevHashTableDescriptor *)data; if (!area->base || area->size < sizeof(PaddedSevHashTable)) { error_setg(errp, "SEV: guest firmware hashes table area is invalid " @@ -2173,6 +2193,18 @@ bool sev_add_kernel_loader_hashes(SevKernelLoaderContext *ctx, Error **errp) return false; } + if (sev_snp_enabled()) { + /* + * SNP: Populate the hashes table in an area that later in + * snp_launch_update_kernel_hashes() will be copied to the guest memory + * and encrypted. + */ + SevSnpGuestState *sev_snp_guest = SEV_SNP_GUEST(sev_common); + sev_snp_guest->kernel_hashes_offset = area->base & ~TARGET_PAGE_MASK; + sev_snp_guest->kernel_hashes_data = g_new0(PaddedSevHashTable, 1); + return build_kernel_loader_hashes(sev_snp_guest->kernel_hashes_data, ctx, errp); + } + /* * Populate the hashes table in the guest's memory at the OVMF-designated * area for the SEV hashes table