From nobody Thu May 2 22:36:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1589215386; cv=none; d=zohomail.com; s=zohoarc; b=KJVA8LXMBC5lF3rWYpqc/5g/DNINaGPBFzYbBhpra3vKSJzSiEG4LH8FivBaF44DC8kQFCxyFFQ8wxzmo2YaywI30rivIrTUKKxAPfA/FmiPApOmhWItKXtWSi0iZMXXg9ODZAJcs+7JhYss4iOwYKce+tv98Ifh0KXxIWkZUR8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589215386; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=z9nT2KJ+ItL/gBo95Tmt1bGvt7ibKwiVpUVmFR9xGsw=; b=mMtvNEOEHAz0ZqTjWpZQx40XHTOrKjpoDLtp5JGhVFDtO4jhGPwJkjMzO6HKjBjgPIGfM8lwGK+qb+tpERibMqM+M63EjkcdF0oRN9L1pE7mKBmFvNar/3Uw5htI/qeMT7xg7xKRbSDZbmge7j/MUg1re5uBJEVc6FKjQLXKEvw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1589215386044469.86957329003485; Mon, 11 May 2020 09:43:06 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-385-4zoZxuxfOGGJjiF4vPAJRA-1; Mon, 11 May 2020 12:42:39 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B23C9801503; Mon, 11 May 2020 16:42:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 92A9F6C799; Mon, 11 May 2020 16:42:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 648794CAB0; Mon, 11 May 2020 16:42:28 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04BGgNBG015781 for ; Mon, 11 May 2020 12:42:23 -0400 Received: by smtp.corp.redhat.com (Postfix) id 359102156A3B; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 307182156A3C for ; Mon, 11 May 2020 16:42:21 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 31616833B47 for ; Mon, 11 May 2020 16:42:21 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-249-pd2pY7oGP6-tr8w23oISzg-1; Mon, 11 May 2020 12:42:16 -0400 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04BGXMid137402; Mon, 11 May 2020 12:42:14 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 30ws243jrq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:14 -0400 Received: from m0098410.ppops.net (m0098410.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 04BGYSVH142622; Mon, 11 May 2020 12:42:14 -0400 Received: from ppma03ams.nl.ibm.com (62.31.33a9.ip4.static.sl-reverse.com [169.51.49.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 30ws243jr0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:14 -0400 Received: from pps.filterd (ppma03ams.nl.ibm.com [127.0.0.1]) by ppma03ams.nl.ibm.com (8.16.0.27/8.16.0.27) with SMTP id 04BGerAI025790; Mon, 11 May 2020 16:42:12 GMT Received: from b06cxnps4074.portsmouth.uk.ibm.com (d06relay11.portsmouth.uk.ibm.com [9.149.109.196]) by ppma03ams.nl.ibm.com with ESMTP id 30wm55mrmv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 16:42:11 +0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 04BGg8lR54395134 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 May 2020 16:42:08 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9791B42041; Mon, 11 May 2020 16:42:08 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 47F584204B; Mon, 11 May 2020 16:42:08 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.43.168]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 11 May 2020 16:42:08 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589215384; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=z9nT2KJ+ItL/gBo95Tmt1bGvt7ibKwiVpUVmFR9xGsw=; b=Dbib8ZwCESONTp79zoI8WIO83zeMXIRlFI0ZWZJzdES2X/sWVQWkEWmz4wzmPHGAVKNLpd aO5HufnXhYD4EqAo2hLB8mSgaqw5TbKW4Z/6aoe8PtYWtNWYrtFrDXfpugbDMjgDaTKzBP LkNjdnbvzSCkugii8VZnH+eavbXZXaI= X-MC-Unique: 4zoZxuxfOGGJjiF4vPAJRA-1 X-MC-Unique: pd2pY7oGP6-tr8w23oISzg-1 From: Boris Fiuczynski To: libvir-list@redhat.com, mihajlov@linux.ibm.com, ppinatti@linux.ibm.com, berrange@redhat.com, borntraeger@de.ibm.com, brijesh.singh@amd.com, eskultet@redhat.com Subject: [PATCH 1/6] util: introduce a parser for kernel cmdline arguments Date: Mon, 11 May 2020 18:41:56 +0200 Message-Id: <20200511164201.7954-2-fiuczy@linux.ibm.com> In-Reply-To: <20200511164201.7954-1-fiuczy@linux.ibm.com> References: <20200511164201.7954-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-11_08:2020-05-11, 2020-05-11 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 clxscore=1015 suspectscore=2 bulkscore=0 adultscore=0 impostorscore=0 mlxscore=0 lowpriorityscore=0 malwarescore=0 mlxlogscore=999 priorityscore=1501 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005110130 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Paulo de Rezende Pinatti Introduce two utility functions to parse a kernel command line string according to the kernel code parsing rules in order to enable the caller to perform operations such as verifying whether certain argument=3Dvalue combinations are present or retrieving an argument's value. Signed-off-by: Paulo de Rezende Pinatti Reviewed-by: Boris Fiuczynski --- src/libvirt_private.syms | 2 + src/util/virutil.c | 173 +++++++++++++++++++++++++++++++++++++++ src/util/virutil.h | 18 ++++ tests/utiltest.c | 130 +++++++++++++++++++++++++++++ 4 files changed, 323 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 935ef7303b..25b22a3e3f 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3428,6 +3428,8 @@ virHostGetDRMRenderNode; virHostHasIOMMU; virIndexToDiskName; virIsDevMapperDevice; +virKernelCmdlineGetValue; +virKernelCmdlineMatchParam; virMemoryLimitIsSet; virMemoryLimitTruncate; virMemoryMaxValue; diff --git a/src/util/virutil.c b/src/util/virutil.c index fb46501142..264aae8d01 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -1725,6 +1725,179 @@ virHostGetDRMRenderNode(void) return ret; } =20 + +#define VIR_IS_CMDLINE_SPACE(value) \ + (g_ascii_isspace(value) || (unsigned char) value =3D=3D 160) + + +static bool virKernelArgsAreEqual(const char *arg1, + const char *arg2, + size_t n) +{ + size_t i; + + for (i =3D 0; i < n; i++) { + if ((arg1[i] =3D=3D '-' && arg2[i] =3D=3D '_') || + (arg1[i] =3D=3D '_' && arg2[i] =3D=3D '-') || (arg1[i] =3D=3D = arg2[i])) { + if (arg1[i] =3D=3D '\0') + return true; + continue; + } + return false; + } + return true; +} + + +/* + * Parse the kernel cmdline and store the value of @arg in @val + * which can be NULL if @arg has no value or if it's not found. + * In addition, store in @next the address right after + * @arg=3D@value for possible further processing. + * + * @arg: kernel command line argument + * @cmdline: kernel command line string to be checked for @arg + * @val: pointer to hold retrieved value of @arg + * @next: pointer to hold address right after @arg=3D@val, will + * point to the string's end (NULL) in case @arg is not found + * + * Returns 0 if @arg is present in @cmdline, 1 otherwise + */ +int virKernelCmdlineGetValue(const char *arg, + const char *cmdline, + char **val, + const char **next) +{ + size_t i =3D 0, param_i; + size_t arg_len =3D strlen(arg); + bool is_quoted, match; + + *next =3D cmdline; + *val =3D NULL; + + while (cmdline[i] !=3D '\0') { + /* remove leading spaces */ + while (VIR_IS_CMDLINE_SPACE(cmdline[i])) + i++; + if (cmdline[i] =3D=3D '"') { + i++; + is_quoted =3D true; + } else { + is_quoted =3D false; + } + for (param_i =3D i; cmdline[param_i]; param_i++) { + if ((VIR_IS_CMDLINE_SPACE(cmdline[param_i]) && !is_quoted) || + cmdline[param_i] =3D=3D '=3D') + break; + if (cmdline[param_i] =3D=3D '"') + is_quoted =3D !is_quoted; + } + if (param_i-i =3D=3D arg_len && virKernelArgsAreEqual(cmdline+i, a= rg, arg_len)) + match =3D true; + else + match =3D false; + /* arg has no value */ + if (cmdline[param_i] !=3D '=3D') { + if (match) { + *next =3D cmdline+param_i; + return 0; + } + i =3D param_i; + continue; + } + param_i++; + if (cmdline[param_i] =3D=3D '\0') + break; + + if (cmdline[param_i] =3D=3D '"') { + param_i++; + is_quoted =3D !is_quoted; + } + i =3D param_i; + + for (; cmdline[param_i]; param_i++) { + if (VIR_IS_CMDLINE_SPACE(cmdline[param_i]) && !is_quoted) + break; + if (cmdline[param_i] =3D=3D '"') + is_quoted =3D !is_quoted; + } + if (match) { + *next =3D cmdline+param_i; + if (cmdline[param_i-1] =3D=3D '"') + *val =3D g_strndup(cmdline+i, param_i-i-1); + else + *val =3D g_strndup(cmdline+i, param_i-i); + return 0; + } + i =3D param_i; + } + *next =3D cmdline+i; + return 1; +} + + +#define VIR_CMDLINE_STR_CMP(kernel_val, caller_val, flags) \ + (((flags & VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ) && \ + STREQ(kernel_val, caller_val)) || ((flags & VIR_KERNEL_CMDLINE_FLAGS= _CMP_PREFIX) && \ + STRPREFIX(kernel_val, caller_val)= )) + + +/* + * Try to match the provided kernel cmdline string with the provided @arg + * and the list @values of possible values according to the matching strat= egy + * defined in @flags. Possible options include: + * - VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX: do a substring comparison of val= ues + * (uses size of value provided as input) + * - VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ: do a strict string comparison + * - VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY: first positive match satifies= search + * (in case of multiple argument occurrences) + * - VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST: use the result of last argument= occurence + * (in case of multiple argument occurrences) + * + * + * @cmdline: kernel command line string to be checked for @arg + * @arg: kernel command line argument + * @values: array of possible values to match @arg + * @len_values: size of array, it can be 0 meaning a match will be positiv= e if the + * argument has no value. + * @flags: flag mask defining the strategy for matching and comparing + * + * Returns true if a match is found, false otherwise + */ +bool virKernelCmdlineMatchParam(const char *cmdline, + const char *arg, + const char **values, + size_t len_values, + virKernelCmdlineFlags flags) +{ + bool match =3D false; + size_t i; + const char *next =3D cmdline; + g_autofree char *kval =3D NULL; + + while (next[0] !=3D '\0') { + VIR_FREE(kval); + if (virKernelCmdlineGetValue(arg, next, &kval, &next) !=3D 0) + break; + if (!kval) { + match =3D (len_values =3D=3D 0) ? true : false; + } else { + match =3D false; + for (i =3D 0; i < len_values; i++) { + if (VIR_CMDLINE_STR_CMP(kval, values[i], flags)) { + match =3D true; + break; + } + } + } + if (match && (flags & VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY)) + break; + } + + return match; +} + + /* * Get a password from the console input stream. * The caller must free the returned password. diff --git a/src/util/virutil.h b/src/util/virutil.h index 49b4bf440f..1edb415fbe 100644 --- a/src/util/virutil.h +++ b/src/util/virutil.h @@ -147,6 +147,24 @@ bool virHostHasIOMMU(void); =20 char *virHostGetDRMRenderNode(void) G_GNUC_NO_INLINE; =20 +typedef enum { + VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX =3D 1, + VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ =3D 2, + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY =3D 4, + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST =3D 8, +} virKernelCmdlineFlags; + +int virKernelCmdlineGetValue(const char *arg, + const char *cmdline, + char **val, + const char **next); + +bool virKernelCmdlineMatchParam(const char *cmdline, + const char *arg, + const char **values, + size_t len_values, + virKernelCmdlineFlags flags); + /** * VIR_ASSIGN_IS_OVERFLOW: * @rvalue: value that is checked (evaluated twice) diff --git a/tests/utiltest.c b/tests/utiltest.c index 5ae04585cb..1edc6a728e 100644 --- a/tests/utiltest.c +++ b/tests/utiltest.c @@ -254,6 +254,134 @@ testOverflowCheckMacro(const void *data G_GNUC_UNUSED) } =20 =20 +struct testKernelCmdlineGetValueData +{ + const char *cmdline; + const char *arg; + int rc; + const char *val; + size_t next; +}; + +static struct testKernelCmdlineGetValueData kEntries[] =3D { + { "arg1 arg2 arg3=3Dval1", "arg4", = 1, NULL, 19 }, + { "arg1=3Dval1 arg2 arg3=3Dval3 arg4", "arg2", = 0, NULL, 14 }, + { "arg1=3Dval1 arg2 arg3=3Dval3 arg4", "arg3", = 0, "val3", 24 }, + { "arg1=3Dval1 arg2 arg-3=3Dval3 arg4", "arg_3", = 0, "val3", 25 }, + { "arg1=3Dval1 arg2 arg_3=3Dval3 arg4", "arg-3", = 0, "val3", 25 }, + { "arg1=3Dval1 arg2 arg_3=3Dval3 arg4", "arg_3", = 0, "val3", 25 }, + { "arg1=3Dval1 arg2 arg-3=3Dval3 arg4", "arg-3", = 0, "val3", 25 }, + { "arg1=3Dval1 arg2=3D\"value with spaces\" arg3=3Dval3", "arg2", = 0, "value with spaces", 34 }, + { "arg1=3Dval1 arg2=3D\"value with spaces\" arg3=3Dval3", "arg3", = 0, "val3", 44 }, + { "arg1=3Dval1 \"arg2=3Dvalue with spaces\" arg3=3Dval3", "arg2", = 0, "value with spaces", 34 }, + { "arg1=3Dval1 \"arg2=3Dvalue with spaces\" arg3=3Dval3", "arg3", = 0, "val3", 44 }, + { "arg1=3Dval1 arg2=3D\"val\"ue arg3", "arg2", = 0, "val\"ue", 22 }, + { "arg1=3Dval1 arg2=3D\"val\"ue arg3\" escaped=3Dval2\"", "arg3\" esca= ped", 0, "val2", 42 }, + { "arg1=3Dval1 arg2longer=3Dsomeval arg2=3Dval2 arg3", "arg2", = 0, "val2", 38 }, +}; + +static int +testKernelCmdlineGetValue(const void *data G_GNUC_UNUSED) +{ + int rc; + char *val =3D NULL; + const char *next; + size_t i; + + for (i =3D 0; i < G_N_ELEMENTS(kEntries); ++i) { + VIR_FREE(val); + + rc =3D virKernelCmdlineGetValue(kEntries[i].arg, kEntries[i].cmdli= ne, + &val, &next); + + if (rc !=3D kEntries[i].rc || STRNEQ_NULLABLE(val, kEntries[i].val= ) || + (next - kEntries[i].cmdline) !=3D kEntries[i].next) { + VIR_TEST_DEBUG("\nKernel cmdline [%s]", kEntries[i].cmdline); + VIR_TEST_DEBUG("Kernel argument [%s]", kEntries[i].arg); + VIR_TEST_DEBUG("Expect rc [%d]", kEntries[i].rc); + VIR_TEST_DEBUG("Actual rc [%d]", rc); + VIR_TEST_DEBUG("Expect value [%s]", kEntries[i].val); + VIR_TEST_DEBUG("Actual value [%s]", val); + VIR_TEST_DEBUG("Expect next index [%lu]", kEntries[i].next); + VIR_TEST_DEBUG("Actual next index [%lu]", + (size_t)(next - kEntries[i].cmdline)); + + VIR_FREE(val); + + return -1; + } + } + + VIR_FREE(val); + + return 0; +} + + +struct testKernelCmdlineMatchData +{ + const char *cmdline; + const char *arg; + const char *values[2]; + virKernelCmdlineFlags flags; + bool result; +}; + +static struct testKernelCmdlineMatchData kMatchEntries[] =3D { + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY | VIR_KERN= EL_CMDLINE_FLAGS_CMP_EQ, false }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY | VIR_KERN= EL_CMDLINE_FLAGS_CMP_EQ, true }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY | VIR_KERN= EL_CMDLINE_FLAGS_CMP_PREFIX, true }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"a", "b"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY | VIR_KERN= EL_CMDLINE_FLAGS_CMP_PREFIX, false }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_KERNEL= _CMDLINE_FLAGS_CMP_EQ, false}, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_KERNEL= _CMDLINE_FLAGS_CMP_PREFIX, false}, + {"arg1 myarg=3Dno arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", = "myarg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_KERNEL_C= MDLINE_FLAGS_CMP_EQ, true }, + {"arg1 myarg=3Dno arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", = "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_KERNEL_C= MDLINE_FLAGS_CMP_PREFIX, true }, + {"arg1 myarg=3Dno arg2=3Dval2 arg4=3Dval4 myarg arg5", "m= yarg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = true }, + {"arg1 myarg arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", "m= yarg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY, = true }, + {"arg1 myarg arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", "m= yarg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = false }, +}; + + +static int +testKernelCmdlineMatchParam(const void *data G_GNUC_UNUSED) +{ + bool result; + size_t i, lenValues; + + for (i =3D 0; i < G_N_ELEMENTS(kMatchEntries); ++i) { + if (kMatchEntries[i].values[0] =3D=3D NULL) + lenValues =3D 0; + else + lenValues =3D G_N_ELEMENTS(kMatchEntries[i].values); + + result =3D virKernelCmdlineMatchParam(kMatchEntries[i].cmdline, + kMatchEntries[i].arg, + kMatchEntries[i].values, + lenValues, + kMatchEntries[i].flags); + + if (result !=3D kMatchEntries[i].result) { + VIR_TEST_DEBUG("\nKernel cmdline [%s]", kMatchEntries[i].cmdli= ne); + VIR_TEST_DEBUG("Kernel argument [%s]", kMatchEntries[i].arg); + VIR_TEST_DEBUG("Kernel values [%s] [%s]", kMatchEntries[i].val= ues[0], + kMatchEntries[i].values[1]); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_CMP_PREF= IX) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX]= "); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ]"); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_SEARCH_S= TICKY) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STIC= KY]"); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_SEARCH_L= AST) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST= ]"); + VIR_TEST_DEBUG("Expect result [%d]", kMatchEntries[i].result); + VIR_TEST_DEBUG("Actual result [%d]", result); + + return -1; + } + } + + return 0; +} =20 =20 static int @@ -277,6 +405,8 @@ mymain(void) DO_TEST(ParseVersionString); DO_TEST(RoundValueToPowerOfTwo); DO_TEST(OverflowCheckMacro); + DO_TEST(KernelCmdlineGetValue); + DO_TEST(KernelCmdlineMatchParam); =20 return result =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; } --=20 2.25.1 From nobody Thu May 2 22:36:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1589215383; cv=none; d=zohomail.com; s=zohoarc; b=nfbWAzmXTQGWrcSn3STV90eCAjb5c7KbuUMaSeMSOob0RmaPhxE/4C4qHNVV+Si4eKmpkqxidOIbLyc7kj/eMI61jfsT4G4nZ5nRUUzgRogRUFbIlvhCPmH+GDLQpTw/AYKJapcCGsDf/W32Sfr22vax4vYDYzaNnNdcE2IKocE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589215383; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=osrY7e14mV2e2lsQiDLGyhhNKkTUvQ1qZ0ymIWpW9+0=; b=Z25nGbGhTq9HOAm4GZ61PiGcCYuHTM3M9DUhs2Fl8z54j0jbjzd/NLjUnq7y5dT0ZpcMcdB3j+lfNze9qiM6SO38FJQuSjCc/2xi7Oxd6604sTH9g7+Xz0ICM1LdWVnH7P6+Xi81RB75UJebeJLBmjx126h/D5RvVQ0Rs1+bFZg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1589215383785906.5569815563131; Mon, 11 May 2020 09:43:03 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-226-jL0G7cSsMP-V0vDgmJjIQw-1; Mon, 11 May 2020 12:42:29 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 145478014D6; Mon, 11 May 2020 16:42:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A500475270; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 23CAE1809547; Mon, 11 May 2020 16:42:22 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04BGgK9N015760 for ; Mon, 11 May 2020 12:42:20 -0400 Received: by smtp.corp.redhat.com (Postfix) id E8D542029F71; Mon, 11 May 2020 16:42:19 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E49EE2029F6F for ; Mon, 11 May 2020 16:42:17 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C0622811E77 for ; Mon, 11 May 2020 16:42:17 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-215-HWsJ65d7OOGFTim7TrsTfQ-1; Mon, 11 May 2020 12:42:15 -0400 Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04BG3mvj090526; Mon, 11 May 2020 12:42:14 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 30ws5ajck3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:14 -0400 Received: from m0098414.ppops.net (m0098414.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 04BG5beX096834; Mon, 11 May 2020 12:42:13 -0400 Received: from ppma05fra.de.ibm.com (6c.4a.5195.ip4.static.sl-reverse.com [149.81.74.108]) by mx0b-001b2d01.pphosted.com with ESMTP id 30ws5ajcjn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:13 -0400 Received: from pps.filterd (ppma05fra.de.ibm.com [127.0.0.1]) by ppma05fra.de.ibm.com (8.16.0.27/8.16.0.27) with SMTP id 04BGgC4B027145; Mon, 11 May 2020 16:42:12 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma05fra.de.ibm.com with ESMTP id 30wm55hx19-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 16:42:11 +0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 04BGg9nP34996278 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 May 2020 16:42:09 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EA9F84203F; Mon, 11 May 2020 16:42:08 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id AE3CB42049; Mon, 11 May 2020 16:42:08 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.43.168]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 11 May 2020 16:42:08 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589215382; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=osrY7e14mV2e2lsQiDLGyhhNKkTUvQ1qZ0ymIWpW9+0=; b=KzRrLMgcnc9OYcKS6Wa+7txDO8ZPZ+3fl2nI2ES+zPQkPjPmamS60LTOKOKZOSKDtZaqJh Z0pPofMYh83I2WjlmIJcSUjwVh1z1V4aRVnEyyA9HZZ0Pch4OCppKDZ/1Mt23RPploA0qy F4T0fELa4by5ISrFCLXss4LuBsu8TZg= X-MC-Unique: jL0G7cSsMP-V0vDgmJjIQw-1 X-MC-Unique: HWsJ65d7OOGFTim7TrsTfQ-1 From: Boris Fiuczynski To: libvir-list@redhat.com, mihajlov@linux.ibm.com, ppinatti@linux.ibm.com, berrange@redhat.com, borntraeger@de.ibm.com, brijesh.singh@amd.com, eskultet@redhat.com Subject: [PATCH 2/6] qemu: check if s390 secure guest support is enabled Date: Mon, 11 May 2020 18:41:57 +0200 Message-Id: <20200511164201.7954-3-fiuczy@linux.ibm.com> In-Reply-To: <20200511164201.7954-1-fiuczy@linux.ibm.com> References: <20200511164201.7954-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-11_07:2020-05-11, 2020-05-11 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 clxscore=1015 priorityscore=1501 suspectscore=2 adultscore=0 impostorscore=0 malwarescore=0 mlxscore=0 lowpriorityscore=0 bulkscore=0 mlxlogscore=999 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005110126 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Paulo de Rezende Pinatti This patch introduces a common function to verify if the availability of the so-called Secure Guest feature on the host has changed in order to invalidate the qemu capabilities cache. It can be used as an entry point for verification on different architectures. For s390 the verification consists of: - checking if /sys/firmware/uv is available: meaning the HW facility is available and the host OS supports it; - checking if the kernel cmdline contains 'prot_virt=3D1': meaning the host OS wants to use the feature. Whenever the availability of the feature does not match the secure guest flag in the cache then libvirt will re-build it in order to pick up the new set of capabilities available. Signed-off-by: Paulo de Rezende Pinatti Tested-by: Viktor Mihajlovski Reviewed-by: Bjoern Walk Reviewed-by: Boris Fiuczynski --- src/qemu/qemu_capabilities.c | 56 ++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 2c6e36685e..2874bb1e7c 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -23,6 +23,7 @@ =20 #include "qemu_capabilities.h" #include "viralloc.h" +#include "virarch.h" #include "vircrypto.h" #include "virlog.h" #include "virerror.h" @@ -654,6 +655,7 @@ struct _virQEMUCaps { virObject parent; =20 bool kvmSupportsNesting; + bool kvmSupportsSecureGuest; =20 char *binary; time_t ctime; @@ -1864,6 +1866,7 @@ virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemu= Caps) =20 ret->invalidation =3D qemuCaps->invalidation; ret->kvmSupportsNesting =3D qemuCaps->kvmSupportsNesting; + ret->kvmSupportsSecureGuest =3D qemuCaps->kvmSupportsSecureGuest; =20 ret->ctime =3D qemuCaps->ctime; =20 @@ -4302,6 +4305,9 @@ virQEMUCapsLoadCache(virArch hostArch, if (virXPathBoolean("boolean(./kvmSupportsNesting)", ctxt) > 0) qemuCaps->kvmSupportsNesting =3D true; =20 + if (virXPathBoolean("boolean(./kvmSupportsSecureGuest)", ctxt) > 0) + qemuCaps->kvmSupportsSecureGuest =3D true; + ret =3D 0; cleanup: VIR_FREE(str); @@ -4535,6 +4541,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps) if (qemuCaps->kvmSupportsNesting) virBufferAddLit(&buf, "\n"); =20 + if (qemuCaps->kvmSupportsSecureGuest) + virBufferAddLit(&buf, "\n"); + virBufferAdjustIndent(&buf, -2); virBufferAddLit(&buf, "\n"); =20 @@ -4572,6 +4581,44 @@ virQEMUCapsSaveFile(void *data, } =20 =20 +/* + * Check whether IBM Secure Execution (S390) is enabled + */ +static bool +virQEMUCapsKVMSupportsSecureGuestS390(void) +{ + + g_autofree char *cmdline =3D NULL; + static const char *kValues[] =3D {"y", "Y", "1"}; + + if (!virFileIsDir("/sys/firmware/uv")) + return false; + if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0) + return false; + if (virKernelCmdlineMatchParam(cmdline, "prot_virt", kValues, + G_N_ELEMENTS(kValues), + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_STICKY | + VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX)) + return true; + return false; +} + + +/* + * Check whether the secure guest functionality is enabled. + * See the specific architecture function for details on the verifications= made. + */ +static bool +virQEMUCapsKVMSupportsSecureGuest(void) +{ + virArch arch =3D virArchFromHost(); + + if (ARCH_IS_S390(arch)) + return virQEMUCapsKVMSupportsSecureGuestS390(); + return false; +} + + /* Check the kernel module parameters 'nested' file to determine if enabled * * Intel: 'kvm_intel' uses 'Y' @@ -4750,6 +4797,13 @@ virQEMUCapsIsValid(void *data, qemuCaps->binary, qemuCaps->kvmSupportsNesting); return false; } + + if (virQEMUCapsKVMSupportsSecureGuest() !=3D qemuCaps->kvmSupports= SecureGuest) { + VIR_DEBUG("Outdated capabilities for '%s': kvm kernel secure g= uest " + "value changed from %d", + qemuCaps->binary, qemuCaps->kvmSupportsSecureGuest); + return false; + } } =20 return true; @@ -5236,6 +5290,8 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch, qemuCaps->kernelVersion =3D g_strdup(kernelVersion); =20 qemuCaps->kvmSupportsNesting =3D virQEMUCapsKVMSupportsNesting(); + + qemuCaps->kvmSupportsSecureGuest =3D virQEMUCapsKVMSupportsSecureG= uest(); } =20 return qemuCaps; --=20 2.25.1 From nobody Thu May 2 22:36:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1589215364; cv=none; d=zohomail.com; s=zohoarc; b=ndMQpZ6cwzch+/2xSxeOWs27BPGx751Lvh0rkwG+Byo39HrLwdwWteKqPC0ZhBOGVwVTIRmMGZnmNIDGjEISkj0xjyVg2lTdtwF4SRHQL1gtwKBknprfAmREEYrJ6StTHA/PSTyaJzi35ni4Lh94C/G9ELhRtzlgKBjKm+f8pb0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589215364; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=AKiXupimrVf1+8WFEo653BY2/VXQSx3tFjMnMMihDEA=; b=fQasWA1QSAjHdapAZ9ad2M7Hro7pI8LzuMBAGlzD9ROUd7GX2XUPuJHTysfQTYC7YM8k4XMsPscmM5vQ5ymd43OR9sYepxXds1fGWMtIVnz52lHGYqZHcgHHyXnkpzUrpjhO5kb+bLLdfvHfxq8ATBjAhK7pxZ7V6DHcv2w82Fg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1589215364497334.017668589736; Mon, 11 May 2020 09:42:44 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-245-MU_C3-dQMMqbpDvxdKO2DQ-1; Mon, 11 May 2020 12:42:40 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id E7E2E835B50; Mon, 11 May 2020 16:42:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C76AE5D9E5; Mon, 11 May 2020 16:42:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 977294E564; Mon, 11 May 2020 16:42:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04BGgOnI015794 for ; Mon, 11 May 2020 12:42:24 -0400 Received: by smtp.corp.redhat.com (Postfix) id F021C1055471; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast03.extmail.prod.ext.rdu2.redhat.com [10.11.55.19]) by smtp.corp.redhat.com (Postfix) with ESMTPS id EC441105546A for ; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CB0FF811E7A for ; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-413-SfvF4yisMj-yjd3Os2ZYCQ-1; Mon, 11 May 2020 12:42:18 -0400 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04BGVvaU037227; Mon, 11 May 2020 12:42:16 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 30ws44rb0s-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:15 -0400 Received: from m0187473.ppops.net (m0187473.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 04BGVw0R037249; Mon, 11 May 2020 12:42:15 -0400 Received: from ppma03fra.de.ibm.com (6b.4a.5195.ip4.static.sl-reverse.com [149.81.74.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 30ws44rayv-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:15 -0400 Received: from pps.filterd (ppma03fra.de.ibm.com [127.0.0.1]) by ppma03fra.de.ibm.com (8.16.0.27/8.16.0.27) with SMTP id 04BGetij007466; Mon, 11 May 2020 16:42:12 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma03fra.de.ibm.com with ESMTP id 30wm569wsm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 16:42:12 +0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 04BGg9hf8520084 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 May 2020 16:42:09 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5154442042; Mon, 11 May 2020 16:42:09 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0DCB542041; Mon, 11 May 2020 16:42:09 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.43.168]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 11 May 2020 16:42:08 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589215363; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=AKiXupimrVf1+8WFEo653BY2/VXQSx3tFjMnMMihDEA=; b=WhSyKPr11joAh/5yd88aV5mRxm3gqKoz9gGAMl7oSLZoSJnVxq/cnTdVrzRke+8jnPng6i hcdTwtcyd4FqEV8CvKAaF2t4AufDBYn13SHwvPGp/7qYXPUeWou+ZtIy1tufUKaT/LasS8 gADIQU6C+z1K80HaIz3QsJcRBWe4ptY= X-MC-Unique: MU_C3-dQMMqbpDvxdKO2DQ-1 X-MC-Unique: SfvF4yisMj-yjd3Os2ZYCQ-1 From: Boris Fiuczynski To: libvir-list@redhat.com, mihajlov@linux.ibm.com, ppinatti@linux.ibm.com, berrange@redhat.com, borntraeger@de.ibm.com, brijesh.singh@amd.com, eskultet@redhat.com Subject: [PATCH 3/6] qemu: check if AMD secure guest support is enabled Date: Mon, 11 May 2020 18:41:58 +0200 Message-Id: <20200511164201.7954-4-fiuczy@linux.ibm.com> In-Reply-To: <20200511164201.7954-1-fiuczy@linux.ibm.com> References: <20200511164201.7954-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-11_07:2020-05-11, 2020-05-11 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 priorityscore=1501 suspectscore=0 lowpriorityscore=0 bulkscore=0 impostorscore=0 spamscore=0 adultscore=0 phishscore=0 mlxscore=0 clxscore=1015 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005110126 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Paulo de Rezende Pinatti Implement secure guest check for AMD SEV (Secure Encrypted Virtualization) in order to invalidate the qemu capabilities cache in case the availability of the feature changed. For AMD SEV the verification consists of: - checking if /sys/module/kvm_amd/parameters/sev contains the value '1': meaning SEV is enabled in the host kernel; - checking if the kernel cmdline contains 'mem_encrypt=3Don': meaning SME memory encryption feature on the host is enabled Signed-off-by: Paulo de Rezende Pinatti Reviewed-by: Bjoern Walk Reviewed-by: Boris Fiuczynski --- docs/kbase/launch_security_sev.rst | 2 +- src/qemu/qemu_capabilities.c | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_securit= y_sev.rst index 65f258587d..fa602c7432 100644 --- a/docs/kbase/launch_security_sev.rst +++ b/docs/kbase/launch_security_sev.rst @@ -109,7 +109,7 @@ following: =20 -Note that if libvirt was already installed and libvirtd running before +Note that if libvirt (<6.4.0) was already installed and libvirtd running b= efore enabling SEV in the kernel followed by the host reboot you need to force libvirtd to re-probe both the host and QEMU capabilities. First stop libvirtd: diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 2874bb1e7c..6cf926d52d 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -4604,6 +4604,31 @@ virQEMUCapsKVMSupportsSecureGuestS390(void) } =20 =20 +/* + * Check whether AMD Secure Encrypted Virtualization (x86) is enabled + */ +static bool +virQEMUCapsKVMSupportsSecureGuestAMD(void) +{ + g_autofree char *cmdline =3D NULL; + g_autofree char *modValue =3D NULL; + static const char *kValues[] =3D {"on"}; + + if (virFileReadValueString(&modValue, "/sys/module/kvm_amd/parameters/= sev") < 0) + return false; + if (modValue[0] !=3D '1') + return false; + if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0) + return false; + if (virKernelCmdlineMatchParam(cmdline, "mem_encrypt", kValues, + G_N_ELEMENTS(kValues), + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | + VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ)) + return true; + return false; +} + + /* * Check whether the secure guest functionality is enabled. * See the specific architecture function for details on the verifications= made. @@ -4615,6 +4640,8 @@ virQEMUCapsKVMSupportsSecureGuest(void) =20 if (ARCH_IS_S390(arch)) return virQEMUCapsKVMSupportsSecureGuestS390(); + if (ARCH_IS_X86(arch)) + return virQEMUCapsKVMSupportsSecureGuestAMD(); return false; } =20 --=20 2.25.1 From nobody Thu May 2 22:36:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1589215368; cv=none; d=zohomail.com; s=zohoarc; b=IOC+iYX14h7cfktT9S3AMDAyDFOclylFVoV9iO5B5VDgMV5SwfnHrT6rc3JVHIJe9soC8GsQ8SaVI5YxEi99F1f5HzpUkvO/jSOScnABPIUNQ7fGZrozPpuB+Fod7dQi7KYLGoHrHf5wjvufufCIV+gG3N5pVy+bgKPu5KDUSBY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589215368; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6N3vYdbdIGR3fWLptCHE/8on5QK2FSy2K1wbK7smqt0=; b=hUgjBfMwZINbdjuTHTlO9JIgJXPZZBrsGPeslXEVGts/OwnXRVz4AsAwInBXwIUCHGiIDWfnheQf+RMX2Zmz7qPj8FRb/PyzJ7R3J2yBdNPUUCiwk3uAM14nT5VKvzMNDU5XTV7FefJxIQSB9XfKjQ2gzKwoaiaq90hDW3lGOqY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1589215368960956.8080071458165; Mon, 11 May 2020 09:42:48 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-311-IgzQ4YYlP76RkVOE7MOjPg-1; Mon, 11 May 2020 12:42:42 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EE40C805721; Mon, 11 May 2020 16:42:30 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C74A47527C; Mon, 11 May 2020 16:42:30 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 959E74E561; Mon, 11 May 2020 16:42:30 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04BGgPFJ015802 for ; Mon, 11 May 2020 12:42:25 -0400 Received: by smtp.corp.redhat.com (Postfix) id E0C4AF6CCB; Mon, 11 May 2020 16:42:24 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DB3C5F6CD7 for ; Mon, 11 May 2020 16:42:22 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E44898007AC for ; Mon, 11 May 2020 16:42:21 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-399-iknrgObPMfWvL9JRlUhq-A-1; Mon, 11 May 2020 12:42:17 -0400 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04BGaFs6055998; Mon, 11 May 2020 12:42:15 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 30y8wsk8fs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:15 -0400 Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 04BGaJh8056732; Mon, 11 May 2020 12:42:15 -0400 Received: from ppma01fra.de.ibm.com (46.49.7a9f.ip4.static.sl-reverse.com [159.122.73.70]) by mx0a-001b2d01.pphosted.com with ESMTP id 30y8wsk8f0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:14 -0400 Received: from pps.filterd (ppma01fra.de.ibm.com [127.0.0.1]) by ppma01fra.de.ibm.com (8.16.0.27/8.16.0.27) with SMTP id 04BGeuUq019024; Mon, 11 May 2020 16:42:12 GMT Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by ppma01fra.de.ibm.com with ESMTP id 30wm559x6v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 16:42:12 +0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 04BGg96m44040444 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 May 2020 16:42:09 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A0E614203F; Mon, 11 May 2020 16:42:09 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5D17842047; Mon, 11 May 2020 16:42:09 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.43.168]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 11 May 2020 16:42:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589215367; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=6N3vYdbdIGR3fWLptCHE/8on5QK2FSy2K1wbK7smqt0=; b=JXrrcMGnO9V79aQ+LU5v+ayzPB3XinzY9lelP6dvpAd5irfB2JbGH4UHE7WJC6GIQJfF7A 5lnbMZCPLtgZxC3W5N55nXCDAgzB3rUWHBaZ86fm+TUs1H/L9YkaMU6OJgEqFbV1EZBcpf INckplxpuAln1qTcJsjoJBzEGcyfm1Q= X-MC-Unique: IgzQ4YYlP76RkVOE7MOjPg-1 X-MC-Unique: iknrgObPMfWvL9JRlUhq-A-1 From: Boris Fiuczynski To: libvir-list@redhat.com, mihajlov@linux.ibm.com, ppinatti@linux.ibm.com, berrange@redhat.com, borntraeger@de.ibm.com, brijesh.singh@amd.com, eskultet@redhat.com Subject: [PATCH 4/6] tools: secure guest check on s390 in virt-host-validate Date: Mon, 11 May 2020 18:41:59 +0200 Message-Id: <20200511164201.7954-5-fiuczy@linux.ibm.com> In-Reply-To: <20200511164201.7954-1-fiuczy@linux.ibm.com> References: <20200511164201.7954-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-11_07:2020-05-11, 2020-05-11 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 clxscore=1015 phishscore=0 impostorscore=0 mlxscore=0 suspectscore=0 lowpriorityscore=0 adultscore=0 mlxlogscore=999 spamscore=0 bulkscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005110126 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Add checking in virt-host-validate for secure guest support on s390 for IBM Secure Execution. Signed-off-by: Boris Fiuczynski Tested-by: Viktor Mihajlovski Reviewed-by: Paulo de Rezende Pinatti Reviewed-by: Bjoern Walk --- tools/virt-host-validate-common.c | 58 +++++++++++++++++++++++++++++-- tools/virt-host-validate-common.h | 4 +++ tools/virt-host-validate-qemu.c | 4 +++ 3 files changed, 64 insertions(+), 2 deletions(-) diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-c= ommon.c index fbefbada96..dd73bd0dea 100644 --- a/tools/virt-host-validate-common.c +++ b/tools/virt-host-validate-common.c @@ -40,7 +40,8 @@ VIR_ENUM_IMPL(virHostValidateCPUFlag, VIR_HOST_VALIDATE_CPU_FLAG_LAST, "vmx", "svm", - "sie"); + "sie", + "158"); =20 static bool quiet; =20 @@ -210,7 +211,8 @@ virBitmapPtr virHostValidateGetCPUFlags(void) * on the architecture, so check possible prefixes */ if (!STRPREFIX(line, "flags") && !STRPREFIX(line, "Features") && - !STRPREFIX(line, "features")) + !STRPREFIX(line, "features") && + !STRPREFIX(line, "facilities")) continue; =20 /* fgets() includes the trailing newline in the output buffer, @@ -439,3 +441,55 @@ bool virHostKernelModuleIsLoaded(const char *module) =20 return ret; } + + +int virHostValidateSecureGuests(const char *hvname, + virHostValidateLevel level) +{ + virBitmapPtr flags; + bool hasFac158 =3D false; + virArch arch =3D virArchFromHost(); + g_autofree char *cmdline =3D NULL; + static const char *kIBMValues[] =3D {"y", "Y", "1"}; + + flags =3D virHostValidateGetCPUFlags(); + + if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_FACIL= ITY_158)) + hasFac158 =3D true; + + virBitmapFree(flags); + + virHostMsgCheck(hvname, "%s", _("for secure guest support")); + if (ARCH_IS_S390(arch)) { + if (hasFac158) { + if (!virFileIsDir("/sys/firmware/uv")) { + virHostMsgFail(level, "IBM Secure Execution not supported = by " + "the currently used kernel"); + return 0; + } + if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0) + return -1; + if (virKernelCmdlineMatchParam(cmdline, "prot_virt", kIBMValue= s, + G_N_ELEMENTS(kIBMValues), + VIR_KERNEL_CMDLINE_FLAGS_SEARCH= _STICKY | + VIR_KERNEL_CMDLINE_FLAGS_CMP_PR= EFIX)) { + virHostMsgPass(); + return 1; + } else { + virHostMsgFail(level, + "IBM Secure Execution appears to be disable= d " + "in kernel. Add prot_virt=3D1 to kernel cmd= line " + "arguments"); + } + } else { + virHostMsgFail(level, "Hardware or firmware does not provide " + "support for IBM Secure Execution"); + } + } else { + virHostMsgFail(level, + "Unknown if this platform has Secure Guest support"= ); + return -1; + } + + return 0; +} diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-c= ommon.h index 8ae60a21de..44b5544a12 100644 --- a/tools/virt-host-validate-common.h +++ b/tools/virt-host-validate-common.h @@ -37,6 +37,7 @@ typedef enum { VIR_HOST_VALIDATE_CPU_FLAG_VMX =3D 0, VIR_HOST_VALIDATE_CPU_FLAG_SVM, VIR_HOST_VALIDATE_CPU_FLAG_SIE, + VIR_HOST_VALIDATE_CPU_FLAG_FACILITY_158, =20 VIR_HOST_VALIDATE_CPU_FLAG_LAST, } virHostValidateCPUFlag; @@ -83,4 +84,7 @@ int virHostValidateCGroupControllers(const char *hvname, int virHostValidateIOMMU(const char *hvname, virHostValidateLevel level); =20 +int virHostValidateSecureGuests(const char *hvname, + virHostValidateLevel level); + bool virHostKernelModuleIsLoaded(const char *module); diff --git a/tools/virt-host-validate-qemu.c b/tools/virt-host-validate-qem= u.c index bd717a604e..ea7f172790 100644 --- a/tools/virt-host-validate-qemu.c +++ b/tools/virt-host-validate-qemu.c @@ -127,5 +127,9 @@ int virHostValidateQEMU(void) VIR_HOST_VALIDATE_WARN) < 0) ret =3D -1; =20 + if (virHostValidateSecureGuests("QEMU", + VIR_HOST_VALIDATE_WARN) < 0) + ret =3D -1; + return ret; } --=20 2.25.1 From nobody Thu May 2 22:36:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1589215352; cv=none; d=zohomail.com; s=zohoarc; b=IzzW5I3bbHVJrP0qazFk2FJvyS2CzRtdZCFjhj1tbsRY8BukE7y3qg9EpyrlX0TPJUPUBQ1gR9aP7gmmxKkPM7ZONUwN1MCzOL5eyr2ui9s2wP2SHsOuc+gsIrwTGzQ2QwbmUpW8IYP9OR/IObvrDqQrpFUmi4An/Tzt/iuc71Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589215352; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=aH7adHrbhSZVDuhZlkGy29bmhV/loEtJzBUdXLFpLjw=; b=TPgNYro0Oks7WB4EOM9qn/c3f3sdP+vu2tbq423s1/T9IBTA7CaS+Lm3Vcj6CfFX6NaQ1Y/jmAFNWnx2lpwtoLC2vYf0aRjl6puIKYdXydOukVgfuuAVapH/ZueXkr/bYbiPxT0R1NB3k3DpKg42AiwJLOJzvpS+EeUBBpuMjAc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1589215352832708.3030617124152; Mon, 11 May 2020 09:42:32 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-258-esTjYRl6OoK1u0_NLhCMVA-1; Mon, 11 May 2020 12:42:29 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 117608005AD; Mon, 11 May 2020 16:42:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DEB185C3E7; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 353954CA95; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04BGgMgD015770 for ; Mon, 11 May 2020 12:42:22 -0400 Received: by smtp.corp.redhat.com (Postfix) id 07C951055539; Mon, 11 May 2020 16:42:22 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 040AF1055535 for ; Mon, 11 May 2020 16:42:22 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DEC981049842 for ; Mon, 11 May 2020 16:42:21 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-175-LRdm9dvsMI2nDTzCGRZ47w-1; Mon, 11 May 2020 12:42:17 -0400 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04BGXOEW137476; Mon, 11 May 2020 12:42:15 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 30ws243js5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:15 -0400 Received: from m0098410.ppops.net (m0098410.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 04BGXUlK138251; Mon, 11 May 2020 12:42:15 -0400 Received: from ppma03fra.de.ibm.com (6b.4a.5195.ip4.static.sl-reverse.com [149.81.74.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 30ws243jrc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:15 -0400 Received: from pps.filterd (ppma03fra.de.ibm.com [127.0.0.1]) by ppma03fra.de.ibm.com (8.16.0.27/8.16.0.27) with SMTP id 04BGfSMx008220; Mon, 11 May 2020 16:42:12 GMT Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by ppma03fra.de.ibm.com with ESMTP id 30wm569wsn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 16:42:12 +0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 04BGgAPZ66519192 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 May 2020 16:42:10 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F0F014203F; Mon, 11 May 2020 16:42:09 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id ACF5B42041; Mon, 11 May 2020 16:42:09 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.43.168]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 11 May 2020 16:42:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589215351; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=aH7adHrbhSZVDuhZlkGy29bmhV/loEtJzBUdXLFpLjw=; b=Fg7d2pcnRnV1maHpQ0BgfOaEB1dHmBmi71Kdl0NtSL/Zpgbd33r/MT04gLxBrFoZDjXzAv saGkR0MhtCvWaGPXfAS2E3YYo7A0eq6svn72OaZHePumtZb40hi6sEBnO8bi5JxpM1VXA8 rn5iCL53mbhdOYkkCS5sXf5SlYP3BYk= X-MC-Unique: esTjYRl6OoK1u0_NLhCMVA-1 X-MC-Unique: LRdm9dvsMI2nDTzCGRZ47w-1 From: Boris Fiuczynski To: libvir-list@redhat.com, mihajlov@linux.ibm.com, ppinatti@linux.ibm.com, berrange@redhat.com, borntraeger@de.ibm.com, brijesh.singh@amd.com, eskultet@redhat.com Subject: [PATCH 5/6] tools: secure guest check for AMD in virt-host-validate Date: Mon, 11 May 2020 18:42:00 +0200 Message-Id: <20200511164201.7954-6-fiuczy@linux.ibm.com> In-Reply-To: <20200511164201.7954-1-fiuczy@linux.ibm.com> References: <20200511164201.7954-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-11_08:2020-05-11, 2020-05-11 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 clxscore=1015 suspectscore=0 bulkscore=0 adultscore=0 impostorscore=0 mlxscore=0 lowpriorityscore=0 malwarescore=0 mlxlogscore=999 priorityscore=1501 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005110130 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Add checking in virt-host-validate for secure guest support on x86 for AMD Secure Encrypted Virtualization. Signed-off-by: Boris Fiuczynski Reviewed-by: Paulo de Rezende Pinatti Reviewed-by: Bjoern Walk --- docs/kbase/launch_security_sev.rst | 7 ++++-- tools/virt-host-validate-common.c | 36 ++++++++++++++++++++++++++++-- tools/virt-host-validate-common.h | 1 + 3 files changed, 40 insertions(+), 4 deletions(-) diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_securit= y_sev.rst index fa602c7432..45166b3886 100644 --- a/docs/kbase/launch_security_sev.rst +++ b/docs/kbase/launch_security_sev.rst @@ -30,8 +30,11 @@ Enabling SEV on the host =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 Before VMs can make use of the SEV feature you need to make sure your -AMD CPU does support SEV. You can check whether SEV is among the CPU -flags with: +AMD CPU does support SEV. You can run ``libvirt-host-validate`` +(libvirt >=3D 6.4.0) to check if your host supports secure guests or you +can follow the manual checks below. + +You can manually check whether SEV is among the CPU flags with: =20 :: =20 diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-c= ommon.c index dd73bd0dea..67aa420d35 100644 --- a/tools/virt-host-validate-common.c +++ b/tools/virt-host-validate-common.c @@ -41,7 +41,8 @@ VIR_ENUM_IMPL(virHostValidateCPUFlag, "vmx", "svm", "sie", - "158"); + "158", + "sev"); =20 static bool quiet; =20 @@ -447,15 +448,19 @@ int virHostValidateSecureGuests(const char *hvname, virHostValidateLevel level) { virBitmapPtr flags; - bool hasFac158 =3D false; + bool hasFac158 =3D false, hasAMDSev =3D false; virArch arch =3D virArchFromHost(); g_autofree char *cmdline =3D NULL; static const char *kIBMValues[] =3D {"y", "Y", "1"}; + static const char *kAMDValues[] =3D {"on"}; + g_autofree char *mod_value =3D NULL; =20 flags =3D virHostValidateGetCPUFlags(); =20 if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_FACIL= ITY_158)) hasFac158 =3D true; + else if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_= SEV)) + hasAMDSev =3D true; =20 virBitmapFree(flags); =20 @@ -485,6 +490,33 @@ int virHostValidateSecureGuests(const char *hvname, virHostMsgFail(level, "Hardware or firmware does not provide " "support for IBM Secure Execution"); } + } else if (hasAMDSev) { + if (virFileReadValueString(&mod_value, "/sys/module/kvm_amd/parame= ters/sev") < 0) { + virHostMsgFail(level, "AMD Secure Encrypted Virtualization not= " + "supported by the currently used kernel"= ); + return 0; + } + if (mod_value[0] !=3D '1') { + virHostMsgFail(level, + "AMD Secure Encrypted Virtualization appears to= be " + "disabled in kernel. Add mem_encrypt=3Don " + "kvm_amd.sev=3D1 to kernel cmdline arguments"); + return 0; + } + if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0) + return -1; + if (virKernelCmdlineMatchParam(cmdline, "mem_encrypt", kAMDValues, + G_N_ELEMENTS(kAMDValues), + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAS= T | + VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ)) { + virHostMsgPass(); + return 1; + } else { + virHostMsgFail(level, + "AMD Secure Encrypted Virtualization appears to= be " + "disabled in kernel. Add mem_encrypt=3Don " + "kvm_amd.sev=3D1 to kernel cmdline arguments"); + } } else { virHostMsgFail(level, "Unknown if this platform has Secure Guest support"= ); diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-c= ommon.h index 44b5544a12..3df5ea0c7e 100644 --- a/tools/virt-host-validate-common.h +++ b/tools/virt-host-validate-common.h @@ -38,6 +38,7 @@ typedef enum { VIR_HOST_VALIDATE_CPU_FLAG_SVM, VIR_HOST_VALIDATE_CPU_FLAG_SIE, VIR_HOST_VALIDATE_CPU_FLAG_FACILITY_158, + VIR_HOST_VALIDATE_CPU_FLAG_SEV, =20 VIR_HOST_VALIDATE_CPU_FLAG_LAST, } virHostValidateCPUFlag; --=20 2.25.1 From nobody Thu May 2 22:36:37 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) client-ip=207.211.31.81; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1589215362; cv=none; d=zohomail.com; s=zohoarc; b=mk4xBhWGQmF2eO0VdduRhl4mmzhpZhYHOWiLx8svCJDw/Ekim+PNpYbNGf/maDJSZ0gMk9JpJgDiy3ho7u1CHD9/ecBJHYckTWDqExxdf6Uzzls3XMpamqZzvKtHhwIb8ZMidgfk7I4is8dMOdfGnW03PeuutS3FhjmW7ilnEJY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589215362; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=rOj4ftCGAdauazsrSdY3eqjgWgJ0HrqrrEjhoTW4lZE=; b=JLxP1P7G2ZBKml/BYfE38hByNqhYQevU0ylnZChIzloZ2yLrsuPR/HOC6rbE5BDzKkUDcRXte+OpMq4axLcjEX7GV2IIyC0IW1kIZyebtUD4ka1XrZKdJ1gqFxP8pEUebPynau+shRL5+zNlW4AvUiiXJdpwBLeJ4lGMwfpwjww= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.81 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) by mx.zohomail.com with SMTPS id 1589215362135140.22698570927548; Mon, 11 May 2020 09:42:42 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-173-fh8v7tkzO4KMtqAJJzmnSQ-1; Mon, 11 May 2020 12:42:38 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id AFD02835B41; Mon, 11 May 2020 16:42:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 923137D8C1; Mon, 11 May 2020 16:42:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 643584CAAE; Mon, 11 May 2020 16:42:28 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 04BGgNPG015782 for ; Mon, 11 May 2020 12:42:23 -0400 Received: by smtp.corp.redhat.com (Postfix) id 588711055470; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5479C105546A for ; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 37F1C916108 for ; Mon, 11 May 2020 16:42:23 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-488-G0MymvShMS2gA8kO18vhgA-1; Mon, 11 May 2020 12:42:17 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04BGXDNp037026; Mon, 11 May 2020 12:42:16 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 30wrvs3gwp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:16 -0400 Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 04BGXHgw037312; Mon, 11 May 2020 12:42:15 -0400 Received: from ppma03ams.nl.ibm.com (62.31.33a9.ip4.static.sl-reverse.com [169.51.49.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 30wrvs3gw1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 12:42:15 -0400 Received: from pps.filterd (ppma03ams.nl.ibm.com [127.0.0.1]) by ppma03ams.nl.ibm.com (8.16.0.27/8.16.0.27) with SMTP id 04BGf3Vc025834; Mon, 11 May 2020 16:42:13 GMT Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by ppma03ams.nl.ibm.com with ESMTP id 30wm55mrmy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 11 May 2020 16:42:13 +0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 04BGgAIR63701246 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 11 May 2020 16:42:10 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5BCA542041; Mon, 11 May 2020 16:42:10 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0963342042; Mon, 11 May 2020 16:42:10 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.43.168]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 11 May 2020 16:42:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1589215360; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=rOj4ftCGAdauazsrSdY3eqjgWgJ0HrqrrEjhoTW4lZE=; b=i6XdgKbXmX5/asd785L3UV8ajaidWowGEnm+1l4gg8hYHZanFIb48roUng2jFRnubw9oDQ 6sRxIe822HUu/BvxD2YAFnLgkTqx2LVTjkzRsAmV53bOiGzWuqHuK3Iji8TBemGtStJcGQ Bja4gUzfVymQOQnB8jY9EjEzOmwizx4= X-MC-Unique: fh8v7tkzO4KMtqAJJzmnSQ-1 X-MC-Unique: G0MymvShMS2gA8kO18vhgA-1 From: Boris Fiuczynski To: libvir-list@redhat.com, mihajlov@linux.ibm.com, ppinatti@linux.ibm.com, berrange@redhat.com, borntraeger@de.ibm.com, brijesh.singh@amd.com, eskultet@redhat.com Subject: [PATCH 6/6] docs: Describe protected virtualization guest setup Date: Mon, 11 May 2020 18:42:01 +0200 Message-Id: <20200511164201.7954-7-fiuczy@linux.ibm.com> In-Reply-To: <20200511164201.7954-1-fiuczy@linux.ibm.com> References: <20200511164201.7954-1-fiuczy@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.676 definitions=2020-05-11_07:2020-05-11, 2020-05-11 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 spamscore=0 lowpriorityscore=0 mlxscore=0 priorityscore=1501 phishscore=0 bulkscore=0 mlxlogscore=999 clxscore=1015 impostorscore=0 suspectscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000 definitions=main-2005110130 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Viktor Mihajlovski Protected virtualization/IBM Secure Execution for Linux protects guest memory and state from the host. Add some basic information about technology and a brief guide on setting up secure guests with libvirt. Signed-off-by: Viktor Mihajlovski Signed-off-by: Boris Fiuczynski Reviewed-by: Paulo de Rezende Pinatti --- docs/kbase.html.in | 3 + docs/kbase/s390_protected_virt.rst | 189 +++++++++++++++++++++++++++++ 2 files changed, 192 insertions(+) create mode 100644 docs/kbase/s390_protected_virt.rst diff --git a/docs/kbase.html.in b/docs/kbase.html.in index c586e0f676..241a212fa9 100644 --- a/docs/kbase.html.in +++ b/docs/kbase.html.in @@ -14,6 +14,9 @@
Secure usage
Secure usage of the libvirt APIs
=20 +
Protected virtualiz= ation on s390
+
Running secure s390 guests with IBM Secure Execution
+
Launch security=
Securely launching VMs with AMD SEV
=20 diff --git a/docs/kbase/s390_protected_virt.rst b/docs/kbase/s390_protected= _virt.rst new file mode 100644 index 0000000000..3e354455d1 --- /dev/null +++ b/docs/kbase/s390_protected_virt.rst @@ -0,0 +1,189 @@ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D +Protected Virtualization on s390 +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D + +.. contents:: + +Overview +=3D=3D=3D=3D=3D=3D=3D=3D + +Protected virtualization, also known as IBM Secure Execution is a +hardware-based privacy protection technology for s390x (IBM Z). +It allows to execute virtual machines such that the host system +has no access to a VM's state and memory contents. + +Unlike other similar technologies, the memory of a running guest +is not encrypted but protected by hardware access controls, which +may only be manipulated by trusted system firmware, called +ultravisor. + +For the cases where the host needs access to guest memory (e.g. for +paging), it can request pages to be exported to it. The exported page +will be encrypted with a unique key for the running guest by the +ultravisor. The ultravisor also computes an integrity value for +the page, and stores it in a special table, together with the page +index and a counter. This way it can verify the integrity of +the page content upon re-import into the guest. + +In other cases it may be necessary for a guest to grant the host access +to dedicated memory regions (e.g. for I/O). The guest can request +that the ultravisor removes the memory protection from individual +pages, so that they can be shared with the host. Likewise, the +guest can undo the sharing. + +A secure guest will initially start in a regular non-protected VM. +The start-up is controlled by a small bootstrap program loaded +into memory together with encrypted operating system components and +a control structure (the PV header). +The operating system components (e.g. Linux kernel, initial RAM +file system, kernel parameters) are encrypted and integrity +protected. The component encryption keys and integrity values are +stored in the PV header. +The PV header is wrapped with a public key belonging to a specific +system (in fact it can be wrapped with multiple such keys). The +matching private key is only accessible by trusted hardware and +firmware in that specific system. +Consequently, such a secure guest boot image can only be run on the +systems it has been prepared for. Its contents can't be decrypted +without access to the private key and it can't be modified as +it is integrity protected. + +Host Requirements +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +IBM Secure Execution for Linux has some hardware and firmware +requirements. The system hardware must be an IBM z15 (or newer), +or an IBM LinuxONE III (or newer). + +It is also necessary that the IBM Secure Execution feature is +enabled for that system. With libvirt >=3D 6.4.0 you can run +``libvirt-host--validate`` or otherwise check for facility '158', e.g. + +:: + + $ grep facilities /proc/cpuinfo | grep 158 + +The kernel must include the protected virtualization support +which can be verified by checking for the presence of directory +``/sys/firmware/uv``. It will only be present when both the +hardware and the kernel support are available. + +Finally, the host operating system must donate some memory to +the ultravisor needed to store memory security information. +This is achieved by specifying the following kernel command +line parameter to the host boot configuration + +:: + + prot_virt=3D1 + + +Guest Requirements +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Guest Boot +---------- + +To start a guest in protected virtualization secure mode, the +boot image must have been prepared first with the program +``genprotimg`` using the correct public key for this host. +``genprotimg`` is part of the package ``s390-tools``, or +``s390-utils``, depending on the Linux distribution being used. +It can also be found at +``_ + +The guests have to be configured to use the host CPU model, which +must contain the ``unpack`` facility indicating ultravisor guest support. + +With the following command it's possible to check whether the host +CPU model satisfies the requirement + +:: + + $ virsh domcapabilities | grep unpack + +which should return + +:: + + + +Note that on hosts with libvirt < 6.4.0 if the check fails despite +the host system actually supporting protected virtualization guests, +this can be caused by a stale libvirt capabilities cache. +To recover, run the following commands + +:: + + $ systemctl stop libvirtd + $ rm /var/cache/libvirt/qemu/capabilities/*.xml + $ systemctl start libvirtd + + +Guest I/O +--------- + +Protected virtualization guests support I/O using virtio devices. +As the virtio data structures of secure guests are not accessible +by the host, it is necessary to use shared memory ('bounce buffers'). + +To enable virtio devices to use shared buffers, it is necessary +to configure them with platform_iommu enabled. This can done by adding +``iommu=3D'on'`` to the driver element of a virtio device definition in the +guest's XML, e.g. + +:: + + + + + + + +It is mandatory to define all virtio bus devices in this way to +prevent the host from attempting to access protected memory. +Ballooning will not work and is fenced by QEMU. It should be +disabled by specifying + +:: + + + +Finally, the guest Linux must be instructed to allocate I/O +buffers using memory shared between host and guest using SWIOTLB. +This is done by adding ``swiotlb=3Dnnn`` to the guest's kernel command +line string, where ``nnn`` stands for the number of statically +allocated 2K entries. A commonly used value for swiotlb is 262144. + +Example guest definition +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Minimal domain XML for a protected virtualization guest, essentially +it's mostly about the ``iommu`` property + +:: + + + protected + 2048000 + 2048000 + 1 + + hvm + + + + + + + + + + + + + + + + + --=20 2.25.1