From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209736; cv=none; d=zohomail.com; s=zohoarc; b=HuhzbXlC4WN8KqLJyp718frLRggo0spjaqmPZFTSpYZpP/OBWk07aInQ+mBFjr7gCuvNkIDnXR7Q2YUuZ9hHvLsWuvKSU0vXmvQVweumgaXE8Ey7O0nb/gcMXc57D+nZZVWNKKf2a+kIUPwAPy3MlB4DCrBhgEG47Tyw71Zty/8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209736; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Ku3Lpd4G8pVMtdaw0T0aEixUbTbjX7KwHYXFTL3Er0Q=; b=Bjh81Rhl7mKWAR9hAmMJTrK8BHVs98BSdRsWr8o6P7tVLCWOvQ/QOzQE9/zMuDYMZMlUzNNzmP1aHmb4TfvQ1GOK3ABjiRVZooDhp/IGZ5xbj4iTkKJ8+kXUYHQ2X1eACf8Ikj7FX7++2xLIk0QXCjzTKyzfQ7ONinz0OWBq5iI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1592209736649668.4676894013962; Mon, 15 Jun 2020 01:28:56 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-474-3jre9DWKNzSNjpMV6Hp-HA-1; Mon, 15 Jun 2020 04:28:47 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B691D193F568; Mon, 15 Jun 2020 08:28:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 966985C1B2; Mon, 15 Jun 2020 08:28:42 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6472D1809547; Mon, 15 Jun 2020 08:28:42 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8SeA3006724 for ; Mon, 15 Jun 2020 04:28:40 -0400 Received: by smtp.corp.redhat.com (Postfix) id B5ECC2156A2D; Mon, 15 Jun 2020 08:28:40 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B11092156A22 for ; Mon, 15 Jun 2020 08:28:37 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 18F66185A78B for ; Mon, 15 Jun 2020 08:28:37 +0000 (UTC) Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-150-YCcnfIOsOUiIgDIg54T8tQ-1; Mon, 15 Jun 2020 04:28:21 -0400 Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F84NnV045265; Mon, 15 Jun 2020 04:28:20 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 31n0j7gss4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:20 -0400 Received: from m0098417.ppops.net (m0098417.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F8CbxF075926; Mon, 15 Jun 2020 04:28:20 -0400 Received: from ppma03fra.de.ibm.com (6b.4a.5195.ip4.static.sl-reverse.com [149.81.74.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 31n0j7gsrd-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:20 -0400 Received: from pps.filterd (ppma03fra.de.ibm.com [127.0.0.1]) by ppma03fra.de.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8P35u010795; Mon, 15 Jun 2020 08:28:18 GMT Received: from b06cxnps4074.portsmouth.uk.ibm.com (d06relay11.portsmouth.uk.ibm.com [9.149.109.196]) by ppma03fra.de.ibm.com with ESMTP id 31mpe7s9ek-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:17 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SFMT39780372 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:15 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E3968A405C; Mon, 15 Jun 2020 08:28:14 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4DFC8A4060; Mon, 15 Jun 2020 08:28:14 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:14 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209735; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Ku3Lpd4G8pVMtdaw0T0aEixUbTbjX7KwHYXFTL3Er0Q=; b=VYzJHiHx918JGY2Me6TtpsFjPK+yYsdv8VxKga9cyY9/iXUQ4+m3eWw3QnxM7qQhfogOKa 0zcvcgKC2H7QQ8gYrJWvH9aHc1OLJZikXIbxgnqwojaYLWi33kcKVffY/eBhouZgyWZtTT 3bjSpTy7VC2UfELXvfVBrcHwkkuXpFs= X-MC-Unique: 3jre9DWKNzSNjpMV6Hp-HA-1 X-MC-Unique: YCcnfIOsOUiIgDIg54T8tQ-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 1/7] util: introduce a parser for kernel cmdline arguments Date: Mon, 15 Jun 2020 10:28:06 +0200 Message-Id: <20200615082812.62918-2-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_01:2020-06-15, 2020-06-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 spamscore=0 suspectscore=2 malwarescore=0 cotscore=-2147483648 clxscore=1015 adultscore=0 phishscore=0 priorityscore=1501 mlxlogscore=999 mlxscore=0 impostorscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006150066 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Introduce two utility functions to parse a kernel command line string according to the kernel code parsing rules in order to enable the caller to perform operations such as verifying whether certain argument=3Dvalue combinations are present or retrieving an argument's value. Signed-off-by: Paulo de Rezende Pinatti Signed-off-by: Boris Fiuczynski Reviewed-by: Erik Skultety --- src/libvirt_private.syms | 2 + src/util/virutil.c | 188 +++++++++++++++++++++++++++++++++++++++ src/util/virutil.h | 17 ++++ tests/utiltest.c | 144 ++++++++++++++++++++++++++++++ 4 files changed, 351 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a6af44fe1c..a206a943c5 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3433,6 +3433,8 @@ virHostGetDRMRenderNode; virHostHasIOMMU; virIndexToDiskName; virIsDevMapperDevice; +virKernelCmdlineMatchParam; +virKernelCmdlineNextParam; virMemoryLimitIsSet; virMemoryLimitTruncate; virMemoryMaxValue; diff --git a/src/util/virutil.c b/src/util/virutil.c index fb46501142..b7ea643e4a 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -1725,6 +1725,194 @@ virHostGetDRMRenderNode(void) return ret; } =20 + +static const char *virKernelCmdlineSkipQuote(const char *cmdline, + bool *is_quoted) +{ + if (cmdline[0] =3D=3D '"') { + *is_quoted =3D !(*is_quoted); + cmdline++; + } + return cmdline; +} + + +/* + * Iterate over the provided kernel command line string while honoring + * the kernel quoting rules and returns the index of the equal sign + * separating argument and value. + * + * @cmdline: target kernel command line string + * @is_quoted: indicates whether the string begins with quotes + * @res: pointer to the position immediately after the parsed parameter, + * can be used in subsequent calls to process further parameters until + * the end of the string. + * + * Returns 0 for the cases where no equal sign is found or the argument + * itself begins with the equal sign (both cases indicating that the + * argument has no value). Otherwise, returns the index of the equal + * sign in the string. + */ +static size_t virKernelCmdlineFindEqual(const char *cmdline, + bool is_quoted, + const char **res) +{ + size_t i; + size_t equal_index =3D 0; + + for (i =3D 0; cmdline[i]; i++) { + if (!(is_quoted) && g_ascii_isspace(cmdline[i])) + break; + if (equal_index =3D=3D 0 && cmdline[i] =3D=3D '=3D') { + equal_index =3D i; + continue; + } + virKernelCmdlineSkipQuote(cmdline + i, &is_quoted); + } + *res =3D cmdline + i; + return equal_index; +} + + +static char* virKernelArgNormalize(const char *arg) +{ + return virStringReplace(arg, "_", "-"); +} + + +/* + * Parse the kernel cmdline and store the next parameter in @param + * and the value of @param in @val which can be NULL if @param has + * no value. In addition returns the address right after @param=3D@value + * for possible further processing. + * + * @cmdline: kernel command line string to be checked for next parameter + * @param: pointer to hold retrieved parameter, will be NULL if none found + * @val: pointer to hold retrieved value of @param + * + * Returns a pointer to address right after @param=3D@val in the + * kernel command line, will point to the string's end (NULL) + * in case no next parameter is found + */ +const char *virKernelCmdlineNextParam(const char *cmdline, + char **param, + char **val) +{ + const char *next; + int equal_index; + bool is_quoted =3D false; + *param =3D NULL; + *val =3D NULL; + + virSkipSpaces(&cmdline); + cmdline =3D virKernelCmdlineSkipQuote(cmdline, &is_quoted); + equal_index =3D virKernelCmdlineFindEqual(cmdline, is_quoted, &next); + + if (next =3D=3D cmdline) + return next; + + /* param has no value */ + if (equal_index =3D=3D 0) { + if (is_quoted && next[-1] =3D=3D '"') + *param =3D g_strndup(cmdline, next - cmdline - 1); + else + *param =3D g_strndup(cmdline, next - cmdline); + return next; + } + + *param =3D g_strndup(cmdline, equal_index); + + if (cmdline[equal_index + 1] =3D=3D '"') { + is_quoted =3D true; + equal_index++; + } + + if (is_quoted && next[-1] =3D=3D '"') + *val =3D g_strndup(cmdline + equal_index + 1, + next - cmdline - equal_index - 2); + else + *val =3D g_strndup(cmdline + equal_index + 1, + next - cmdline - equal_index - 1); + return next; +} + + +static bool virKernelCmdlineStrCmp(const char *kernel_val, + const char *caller_val, + virKernelCmdlineFlags flags) +{ + if (flags & VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX) + return STRPREFIX(kernel_val, caller_val); + return STREQ(kernel_val, caller_val); +} + + +/* + * Try to match the provided kernel cmdline string with the provided @arg + * and the list @values of possible values according to the matching strat= egy + * defined in @flags. Possible options include: + * - VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX: do a substring comparison of val= ues + * (uses size of value provided as input) + * - VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ: do a strict string comparison of val= ues, + * this is the default if no CMP flag was specified + * - VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST: first match satisfies search, = no matter + * the order (in case of multiple argument occurrences) + * - VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST: use the result of last argument= occurrence + * (in case of multiple argument occurrences) + * + * @cmdline: kernel command line string to be checked for @arg + * @arg: kernel command line argument + * @values: array of possible values to match @arg + * @len_values: size of array, it can be 0 meaning a match will be positiv= e if the + * argument has no value. + * @flags: flag mask defining the strategy for matching and comparing + * + * Returns true if a match is found, false otherwise + */ +bool virKernelCmdlineMatchParam(const char *cmdline, + const char *arg, + const char **values, + size_t len_values, + virKernelCmdlineFlags flags) +{ + bool match =3D false; + size_t i; + const char *next =3D cmdline; + g_autofree char *arg_norm =3D virKernelArgNormalize(arg); + + while (next[0] !=3D '\0') { + g_autofree char *kparam =3D NULL; + g_autofree char *kparam_norm =3D NULL; + g_autofree char *kval =3D NULL; + next =3D virKernelCmdlineNextParam(next, &kparam, &kval); + + if (!kparam) + break; + kparam_norm =3D virKernelArgNormalize(kparam); + + if (STRNEQ(kparam_norm, arg_norm)) + continue; + + if (!kval) { + match =3D (len_values =3D=3D 0) ? true : false; + } else { + match =3D false; + for (i =3D 0; i < len_values; i++) { + if (virKernelCmdlineStrCmp(kval, values[i], flags)) { + match =3D true; + break; + } + } + } + + if (match && (flags & VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST)) + break; + } + + return match; +} + + /* * Get a password from the console input stream. * The caller must free the returned password. diff --git a/src/util/virutil.h b/src/util/virutil.h index 49b4bf440f..b1f6cfdfe4 100644 --- a/src/util/virutil.h +++ b/src/util/virutil.h @@ -147,6 +147,23 @@ bool virHostHasIOMMU(void); =20 char *virHostGetDRMRenderNode(void) G_GNUC_NO_INLINE; =20 +typedef enum { + VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX =3D 1, + VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ =3D 2, + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST =3D 4, + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST =3D 8, +} virKernelCmdlineFlags; + +const char *virKernelCmdlineNextParam(const char *cmdline, + char **param, + char **val); + +bool virKernelCmdlineMatchParam(const char *cmdline, + const char *arg, + const char **values, + size_t len_values, + virKernelCmdlineFlags flags); + /** * VIR_ASSIGN_IS_OVERFLOW: * @rvalue: value that is checked (evaluated twice) diff --git a/tests/utiltest.c b/tests/utiltest.c index 5ae04585cb..e6c1bb1050 100644 --- a/tests/utiltest.c +++ b/tests/utiltest.c @@ -254,6 +254,148 @@ testOverflowCheckMacro(const void *data G_GNUC_UNUSED) } =20 =20 +struct testKernelCmdlineNextParamData +{ + const char *cmdline; + const char *param; + const char *val; + const char *next; +}; + +static struct testKernelCmdlineNextParamData kEntries[] =3D { + { "arg1 arg2 arg3=3Dval1", "arg1", = NULL, " arg2 arg3=3Dval1" }, + { "arg1=3Dval1 arg2 arg3=3Dval3 arg4", "arg1", = "val1", " arg2 arg3=3Dval3 arg4" }, + { "arg1=3Dsub1=3Dval1,sub2=3Dval2 arg3=3Dval3 arg4", "arg1", = "sub1=3Dval1,sub2=3Dval2", " arg3=3Dval3 arg4" }, + { "arg3=3Dval3 ", "arg3", = "val3", " " }, + { "arg3=3Dval3", "arg3", = "val3", "" }, + { "arg-3=3Dval3 arg4", "arg-3", = "val3", " arg4" }, + { " arg_3=3Dval3 arg4", "arg_3", = "val3", " arg4" }, + { "arg2=3D\"value with space\" arg3=3Dval3", "arg2", = "value with space", " arg3=3Dval3" }, + { " arg2=3D\"value with space\" arg3=3Dval3", "arg2", = "value with space", " arg3=3Dval3" }, + { " \"arg2=3Dvalue with space\" arg3=3Dval3", "arg2", = "value with space", " arg3=3Dval3" }, + { "arg2=3D\"val\"ue arg3", "arg2", = "val\"ue", " arg3" }, + { "arg2=3Dvalue\" long\" arg3", "arg2", = "value\" long\"", " arg3" }, + { " \"arg2 with space=3Dvalue with space\" arg3", "arg2 with space", = "value with space", " arg3" }, + { " arg2\" with space=3Dval2\" arg3", "arg2\" with space",= "val2\"", " arg3" }, + { " arg2longer=3Dsomeval\" long\" arg2=3Dval2", "arg2longer", = "someval\" long\"", " arg2=3Dval2" }, + { "=3Dval1 arg2=3Dval2", "=3Dval1", = NULL, " arg2=3Dval2" }, + { " ", NULL, N= ULL, "" }, + { "", NULL, N= ULL, "" }, +}; + +static int +testKernelCmdlineNextParam(const void *data G_GNUC_UNUSED) +{ + char *param =3D NULL; + char *val =3D NULL; + const char *next; + size_t i; + + for (i =3D 0; i < G_N_ELEMENTS(kEntries); ++i) { + VIR_FREE(param); + VIR_FREE(val); + + next =3D virKernelCmdlineNextParam(kEntries[i].cmdline, ¶m, &v= al); + + if (STRNEQ_NULLABLE(param, kEntries[i].param) || + STRNEQ_NULLABLE(val, kEntries[i].val) || + STRNEQ(next, kEntries[i].next)) { + VIR_TEST_DEBUG("\nKernel cmdline [%s]", kEntries[i].cmdline); + VIR_TEST_DEBUG("Expect param [%s]", kEntries[i].param); + VIR_TEST_DEBUG("Actual param [%s]", param); + VIR_TEST_DEBUG("Expect value [%s]", kEntries[i].val); + VIR_TEST_DEBUG("Actual value [%s]", val); + VIR_TEST_DEBUG("Expect next [%s]", kEntries[i].next); + VIR_TEST_DEBUG("Actual next [%s]", next); + + VIR_FREE(param); + VIR_FREE(val); + + return -1; + } + } + + VIR_FREE(param); + VIR_FREE(val); + + return 0; +} + + +struct testKernelCmdlineMatchData +{ + const char *cmdline; + const char *arg; + const char *values[2]; + virKernelCmdlineFlags flags; + bool result; +}; + +static struct testKernelCmdlineMatchData kMatchEntries[] =3D { + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST | VI= R_KERNEL_CMDLINE_FLAGS_CMP_EQ, false }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST | VI= R_KERNEL_CMDLINE_FLAGS_CMP_EQ, true }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST | VI= R_KERNEL_CMDLINE_FLAGS_CMP_PREFIX, true }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"a", "b"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST | VI= R_KERNEL_CMDLINE_FLAGS_CMP_PREFIX, false }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR= _KERNEL_CMDLINE_FLAGS_CMP_EQ, false }, + {"arg1 myarg=3Dno arg2=3Dval2 myarg=3Dyes arg4=3Dval4 myarg=3Dno arg5"= , "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR= _KERNEL_CMDLINE_FLAGS_CMP_PREFIX, false }, + {"arg1 myarg=3Dno arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", = "myarg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_K= ERNEL_CMDLINE_FLAGS_CMP_EQ, true }, + {"arg1 myarg=3Dno arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", = "myarg", {"1", "y"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_K= ERNEL_CMDLINE_FLAGS_CMP_PREFIX, true }, + {"arg1 myarg=3Dno arg2=3Dval2 arg4=3Dval4 myarg arg5", "m= yarg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = true }, + {"arg1 myarg arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", "m= yarg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST, = true }, + {"arg1 myarg arg2=3Dval2 arg4=3Dval4 myarg=3Dyes arg5", "m= yarg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = false }, + {"arg1 my-arg=3Dno arg2=3Dval2 arg4=3Dval4 my_arg=3Dyes arg5", = "my-arg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = true }, + {"arg1 my-arg=3Dno arg2=3Dval2 arg4=3Dval4 my_arg=3Dyes arg5 ", = "my-arg", {"on", "yes"}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_K= ERNEL_CMDLINE_FLAGS_CMP_EQ, true }, + {"arg1 my-arg arg2=3Dval2 arg4=3Dval4 my_arg=3Dyes arg5", "m= y_arg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST, = true }, + {"arg1 my-arg arg2=3Dval2 arg4=3Dval4 my-arg=3Dyes arg5", "m= y_arg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST, = true }, + {"=3Darg1 my-arg arg2=3Dval2 arg4=3Dval4 my-arg=3Dyes arg5", = "my_arg", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST, = true }, + {"my-arg =3Darg1 arg2=3Dval2 arg4=3Dval4 my-arg=3Dyes arg5", = "=3Darg1", {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = true }, + {"arg1 arg2=3Dval2 myarg=3Dsub1=3Dval1 arg5", "m= yarg", {"sub1=3Dval1", NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = true }, + {"arg1 arg2=3D", "arg2"= , {"", ""}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST | VIR_KERNEL_= CMDLINE_FLAGS_CMP_EQ, true }, + {" ", "myarg",= {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = false }, + {"", "", = {NULL, NULL}, VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST, = false }, +}; + + +static int +testKernelCmdlineMatchParam(const void *data G_GNUC_UNUSED) +{ + bool result; + size_t i, lenValues; + + for (i =3D 0; i < G_N_ELEMENTS(kMatchEntries); ++i) { + if (kMatchEntries[i].values[0] =3D=3D NULL) + lenValues =3D 0; + else + lenValues =3D G_N_ELEMENTS(kMatchEntries[i].values); + + result =3D virKernelCmdlineMatchParam(kMatchEntries[i].cmdline, + kMatchEntries[i].arg, + kMatchEntries[i].values, + lenValues, + kMatchEntries[i].flags); + + if (result !=3D kMatchEntries[i].result) { + VIR_TEST_DEBUG("\nKernel cmdline [%s]", kMatchEntries[i].cmdli= ne); + VIR_TEST_DEBUG("Kernel argument [%s]", kMatchEntries[i].arg); + VIR_TEST_DEBUG("Kernel values [%s] [%s]", kMatchEntries[i].val= ues[0], + kMatchEntries[i].values[1]); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_CMP_PREF= IX) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX]= "); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_CMP_EQ]"); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_SEARCH_F= IRST) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRS= T]"); + if (kMatchEntries[i].flags & VIR_KERNEL_CMDLINE_FLAGS_SEARCH_L= AST) + VIR_TEST_DEBUG("Flag [VIR_KERNEL_CMDLINE_FLAGS_SEARCH_LAST= ]"); + VIR_TEST_DEBUG("Expect result [%d]", kMatchEntries[i].result); + VIR_TEST_DEBUG("Actual result [%d]", result); + + return -1; + } + } + + return 0; +} =20 =20 static int @@ -277,6 +419,8 @@ mymain(void) DO_TEST(ParseVersionString); DO_TEST(RoundValueToPowerOfTwo); DO_TEST(OverflowCheckMacro); + DO_TEST(KernelCmdlineNextParam); + DO_TEST(KernelCmdlineMatchParam); =20 return result =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; } --=20 2.26.2 From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) client-ip=205.139.110.61; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209764; cv=none; d=zohomail.com; s=zohoarc; b=j44xK6KOfqCViGeO3KOgqv/4ZNuheKF4ALo2WRBs6Glr1l1QYv4p9bNHBzNfzOh5PMyHC0XTBpHLk9FdmGtsjMSr05NsuqfF36xPldUvOjKMd6D4DdviD4E8ssk8WMPw7B0qC5/6BM2DY7OsrYLEW0LeRX1a6CoSN6RiW+JNgbg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209764; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=GzglmIHKndH2XtmpyEuWpj20gjwOCM/KWECXG+0OovM=; b=nixVqkHSy1oZLqaJXLOQqc2wamFH8Iwn+uGbJXW+2sHddjp+RDhsD/qY5zaTXSBpOF/RoyDzKZhAfmjaca06rwZpC37AGIEBPJvUZIbpJZOmGzK5T1HGEZI7K7w+mq0qYWFZlGDHq0J04M8KE3edOi6dvymLZPqYW+LHvrzyh9s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.61 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) by mx.zohomail.com with SMTPS id 1592209764297437.1232177498284; Mon, 15 Jun 2020 01:29:24 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-366-vDEICGg-MJSouZ0h9N2S2g-1; Mon, 15 Jun 2020 04:29:10 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B0580801503; Mon, 15 Jun 2020 08:29:04 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8B7D81001925; Mon, 15 Jun 2020 08:29:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5B3AD1806B0C; Mon, 15 Jun 2020 08:29:04 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8T2rH006764 for ; Mon, 15 Jun 2020 04:29:02 -0400 Received: by smtp.corp.redhat.com (Postfix) id B4336110F0B5; Mon, 15 Jun 2020 08:29:02 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id AF4D0110F0B3 for ; Mon, 15 Jun 2020 08:29:00 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 374EE8007B3 for ; Mon, 15 Jun 2020 08:29:00 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-375-svkeH2faNiacrBDFzPqilw-1; Mon, 15 Jun 2020 04:28:42 -0400 Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F8OCef025814; Mon, 15 Jun 2020 04:28:41 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 31p5er82mx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:40 -0400 Received: from m0098393.ppops.net (m0098393.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F8RnuS033868; Mon, 15 Jun 2020 04:28:21 -0400 Received: from ppma03ams.nl.ibm.com (62.31.33a9.ip4.static.sl-reverse.com [169.51.49.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 31p5er82m7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:21 -0400 Received: from pps.filterd (ppma03ams.nl.ibm.com [127.0.0.1]) by ppma03ams.nl.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8Q7VV011506; Mon, 15 Jun 2020 08:28:18 GMT Received: from b06cxnps4074.portsmouth.uk.ibm.com (d06relay11.portsmouth.uk.ibm.com [9.149.109.196]) by ppma03ams.nl.ibm.com with ESMTP id 31mpe836b6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:18 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SFIj22020340 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:15 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 88F97A405B; Mon, 15 Jun 2020 08:28:15 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 07793A4065; Mon, 15 Jun 2020 08:28:15 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:14 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209762; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=GzglmIHKndH2XtmpyEuWpj20gjwOCM/KWECXG+0OovM=; b=bl6hGMaTsflxXb89RA2rYdDLZJM6giFTM+lAe5BoqDSy71Q+PXmYcynY0cUD44Kry/Xzk5 ZAY77SdurBhrAHPL4pmWdFbrVXWVqNOPJ38wUghTuVq/EXsuryM0E1k4QtPWikoUo3pzAP ZPOAZ1LHYWFFIW5POIGEjEAoWwmNk68= X-MC-Unique: vDEICGg-MJSouZ0h9N2S2g-1 X-MC-Unique: svkeH2faNiacrBDFzPqilw-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 2/7] qemu: check if s390 secure guest support is enabled Date: Mon, 15 Jun 2020 10:28:07 +0200 Message-Id: <20200615082812.62918-3-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_01:2020-06-15, 2020-06-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 bulkscore=0 mlxlogscore=999 adultscore=0 lowpriorityscore=0 mlxscore=0 malwarescore=0 spamscore=0 impostorscore=0 suspectscore=2 clxscore=1015 priorityscore=1501 cotscore=-2147483648 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006150066 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This patch introduces a common function to verify if the availability of the so-called Secure Guest feature on the host has changed in order to invalidate the qemu capabilities cache. It can be used as an entry point for verification on different architectures. For s390 the verification consists of: - checking if /sys/firmware/uv is available: meaning the HW facility is available and the host OS supports it; - checking if the kernel cmdline contains 'prot_virt=3D1': meaning the host OS wants to use the feature. Whenever the availability of the feature does not match the secure guest flag in the cache then libvirt will re-build it in order to pick up the new set of capabilities available. Signed-off-by: Paulo de Rezende Pinatti Signed-off-by: Boris Fiuczynski Tested-by: Viktor Mihajlovski Reviewed-by: Bjoern Walk Reviewed-by: Erik Skultety --- src/qemu/qemu_capabilities.c | 56 ++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index f12769635a..1b90682113 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -23,6 +23,7 @@ =20 #include "qemu_capabilities.h" #include "viralloc.h" +#include "virarch.h" #include "vircrypto.h" #include "virlog.h" #include "virerror.h" @@ -657,6 +658,7 @@ struct _virQEMUCaps { virObject parent; =20 bool kvmSupportsNesting; + bool kvmSupportsSecureGuest; =20 char *binary; time_t ctime; @@ -1901,6 +1903,7 @@ virQEMUCapsPtr virQEMUCapsNewCopy(virQEMUCapsPtr qemu= Caps) =20 ret->invalidation =3D qemuCaps->invalidation; ret->kvmSupportsNesting =3D qemuCaps->kvmSupportsNesting; + ret->kvmSupportsSecureGuest =3D qemuCaps->kvmSupportsSecureGuest; =20 ret->ctime =3D qemuCaps->ctime; =20 @@ -4396,6 +4399,9 @@ virQEMUCapsLoadCache(virArch hostArch, if (virXPathBoolean("boolean(./kvmSupportsNesting)", ctxt) > 0) qemuCaps->kvmSupportsNesting =3D true; =20 + if (virXPathBoolean("boolean(./kvmSupportsSecureGuest)", ctxt) > 0) + qemuCaps->kvmSupportsSecureGuest =3D true; + ret =3D 0; cleanup: VIR_FREE(str); @@ -4633,6 +4639,9 @@ virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps) if (qemuCaps->kvmSupportsNesting) virBufferAddLit(&buf, "\n"); =20 + if (qemuCaps->kvmSupportsSecureGuest) + virBufferAddLit(&buf, "\n"); + virBufferAdjustIndent(&buf, -2); virBufferAddLit(&buf, "\n"); =20 @@ -4670,6 +4679,44 @@ virQEMUCapsSaveFile(void *data, } =20 =20 +/* + * Check whether IBM Secure Execution (S390) is enabled + */ +static bool +virQEMUCapsKVMSupportsSecureGuestS390(void) +{ + + g_autofree char *cmdline =3D NULL; + static const char *kValues[] =3D {"y", "Y", "on", "ON", "oN", "On", "1= "}; + + if (!virFileIsDir("/sys/firmware/uv")) + return false; + if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0) + return false; + if (virKernelCmdlineMatchParam(cmdline, "prot_virt", kValues, + G_N_ELEMENTS(kValues), + VIR_KERNEL_CMDLINE_FLAGS_SEARCH_FIRST | + VIR_KERNEL_CMDLINE_FLAGS_CMP_PREFIX)) + return true; + return false; +} + + +/* + * Check whether the secure guest functionality is enabled. + * See the specific architecture function for details on the verifications= made. + */ +static bool +virQEMUCapsKVMSupportsSecureGuest(void) +{ + virArch arch =3D virArchFromHost(); + + if (ARCH_IS_S390(arch)) + return virQEMUCapsKVMSupportsSecureGuestS390(); + return false; +} + + /* Check the kernel module parameters 'nested' file to determine if enabled * * Intel: 'kvm_intel' uses 'Y' @@ -4857,6 +4904,13 @@ virQEMUCapsIsValid(void *data, qemuCaps->binary, qemuCaps->kvmSupportsNesting); return false; } + + if (virQEMUCapsKVMSupportsSecureGuest() !=3D qemuCaps->kvmSupports= SecureGuest) { + VIR_DEBUG("Outdated capabilities for '%s': kvm kernel secure g= uest " + "value changed from %d", + qemuCaps->binary, qemuCaps->kvmSupportsSecureGuest); + return false; + } } =20 return true; @@ -5349,6 +5403,8 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch, qemuCaps->kernelVersion =3D g_strdup(kernelVersion); =20 qemuCaps->kvmSupportsNesting =3D virQEMUCapsKVMSupportsNesting(); + + qemuCaps->kvmSupportsSecureGuest =3D virQEMUCapsKVMSupportsSecureG= uest(); } =20 return qemuCaps; --=20 2.26.2 From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209725; cv=none; d=zohomail.com; s=zohoarc; b=neMUd6XwQK2CF6LVg/MK2d5Pss/VL/WFuOld54ccoUkWngEtfHlIWw83xQKJJsMDApf1ro8TLL2od6pSnNdp6+Zo3I+bIxJrmPls5uoMBzj5al6j7dg3OC9lkPqxn+3OoTknaz5p7AB5MvZJ/NNVHJI551uYA/+KbNZmcoYiiAg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209725; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=NAjwxITQJyA2HTOy5M0N0yXcJYuJd1esSiP8NQ5c+GQ=; b=WGtAKP6h/ZzDlYtUzO63WufQ1gDyppeX9Yg5CTYG6uDBfCqVUIDThi+R8+ZxnnpeGsNK+06EvIvc6mB+/4ZW54DrgUsWWrw9g6xPLYSaX7BRWcLNUcVE/prx9FTBdvKTFDw4FJdAhfO1mo2RwwilVoBXp0HzG3F/DgEC/Un5Sqc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 159220972574655.95477696324292; Mon, 15 Jun 2020 01:28:45 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-319-biH_OKDBN7Ku4Coq1i-ZtA-1; Mon, 15 Jun 2020 04:28:41 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7B9DE1005512; Mon, 15 Jun 2020 08:28:35 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7DDBB5D9CC; Mon, 15 Jun 2020 08:28:33 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7E1E5833C5; Mon, 15 Jun 2020 08:28:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8SRwU006644 for ; Mon, 15 Jun 2020 04:28:27 -0400 Received: by smtp.corp.redhat.com (Postfix) id 688D8110F0B9; Mon, 15 Jun 2020 08:28:27 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 63B9E110F0B8 for ; Mon, 15 Jun 2020 08:28:25 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id F35E28007AC for ; Mon, 15 Jun 2020 08:28:24 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-364-aUkk9PsXOz2ylIkMCHZNPw-1; Mon, 15 Jun 2020 04:28:22 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F7gp4b176342; Mon, 15 Jun 2020 04:28:21 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 31np7ba6d6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:21 -0400 Received: from m0098413.ppops.net (m0098413.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F7reWF002658; Mon, 15 Jun 2020 04:28:21 -0400 Received: from ppma04fra.de.ibm.com (6a.4a.5195.ip4.static.sl-reverse.com [149.81.74.106]) by mx0b-001b2d01.pphosted.com with ESMTP id 31np7ba6ch-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:20 -0400 Received: from pps.filterd (ppma04fra.de.ibm.com [127.0.0.1]) by ppma04fra.de.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8P6SY014247; Mon, 15 Jun 2020 08:28:19 GMT Received: from b06cxnps4075.portsmouth.uk.ibm.com (d06relay12.portsmouth.uk.ibm.com [9.149.109.197]) by ppma04fra.de.ibm.com with ESMTP id 31mpe8199j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:19 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SGxq59441384 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:16 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 33802A4054; Mon, 15 Jun 2020 08:28:16 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A97A5A4060; Mon, 15 Jun 2020 08:28:15 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:15 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209724; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=NAjwxITQJyA2HTOy5M0N0yXcJYuJd1esSiP8NQ5c+GQ=; b=JVtzD/Mzd/r6upB9lDan9UKtWxACGLylqE+jaVs6qPwmVyTx5P38mWCSPBXh06HwrWGdZe OlKefMyRJ4t0oioiFuWWyNnwr03bZzHG8pxD5VdaD9PbJ1ef36s7Hj502V2gQhEuqNWLD/ jnlZ9yrZbq9MAzylBtvqFifT4UdsYxk= X-MC-Unique: biH_OKDBN7Ku4Coq1i-ZtA-1 X-MC-Unique: aUkk9PsXOz2ylIkMCHZNPw-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 3/7] qemu: check if AMD secure guest support is enabled Date: Mon, 15 Jun 2020 10:28:08 +0200 Message-Id: <20200615082812.62918-4-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_01:2020-06-15, 2020-06-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 impostorscore=0 clxscore=1015 cotscore=-2147483648 mlxscore=0 lowpriorityscore=0 phishscore=0 suspectscore=0 spamscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006150061 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Implement secure guest check for AMD SEV (Secure Encrypted Virtualization) in order to invalidate the qemu capabilities cache in case the availability of the feature changed. For AMD SEV the verification consists of: - checking if /sys/module/kvm_amd/parameters/sev contains the value '1': meaning SEV is enabled in the host kernel; - checking if /dev/sev exists Signed-off-by: Paulo de Rezende Pinatti Signed-off-by: Boris Fiuczynski Reviewed-by: Bjoern Walk Reviewed-by: Erik Skultety --- src/qemu/qemu_capabilities.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 1b90682113..60df5b2f7f 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -4702,6 +4702,24 @@ virQEMUCapsKVMSupportsSecureGuestS390(void) } =20 =20 +/* + * Check whether AMD Secure Encrypted Virtualization (x86) is enabled + */ +static bool +virQEMUCapsKVMSupportsSecureGuestAMD(void) +{ + g_autofree char *modValue =3D NULL; + + if (virFileReadValueString(&modValue, "/sys/module/kvm_amd/parameters/= sev") < 0) + return false; + if (modValue[0] !=3D '1') + return false; + if (virFileExists(QEMU_DEV_SEV)) + return true; + return false; +} + + /* * Check whether the secure guest functionality is enabled. * See the specific architecture function for details on the verifications= made. @@ -4713,6 +4731,8 @@ virQEMUCapsKVMSupportsSecureGuest(void) =20 if (ARCH_IS_S390(arch)) return virQEMUCapsKVMSupportsSecureGuestS390(); + if (ARCH_IS_X86(arch)) + return virQEMUCapsKVMSupportsSecureGuestAMD(); return false; } =20 --=20 2.26.2 From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209726; cv=none; d=zohomail.com; s=zohoarc; b=DjG5ub+zHp2LKdi1zEasra/dvkcLOG9xvW1KE8nXaJmvTaxD6WhJmK/RVn743DxuaBvMa9+fZA651Ge2BG/kBIPhehohd4clQTijds07npTkCf0ndbFpO1Ags6Nq8QuFR+J/P25b9xWRV3IP8XLKUur+BfxTv/ON77iQCXfIOCI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209726; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=4Mpv0sMuJIr3+aYfbhO/1juXT2m5+KKV50cbXuqi8/E=; b=nxTP4DwPKDiYxJJh13FTIh1iEx8jY/GQMYe/aCGmwi3h0Aqc5UWgwBDakPm2SiVJqq3uIt5DKi0hCu/g/DhIARzT4URHeLD6r6eaqWoRjG4qKK2YaLLx3zhQZkT4RGCgXO50tXrXjX06uzpBLCCgolsvfjPZGTObmq7HLhBPJZI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1592209726302160.3023117973073; Mon, 15 Jun 2020 01:28:46 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-437-0eIIaoeWPSaniQtPgvQ4Kw-1; Mon, 15 Jun 2020 04:28:41 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7EA5FA0BD8; Mon, 15 Jun 2020 08:28:35 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 43DE55C1B2; Mon, 15 Jun 2020 08:28:34 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6D73F833C7; Mon, 15 Jun 2020 08:28:31 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8SSl3006654 for ; Mon, 15 Jun 2020 04:28:28 -0400 Received: by smtp.corp.redhat.com (Postfix) id BC19F2029F71; Mon, 15 Jun 2020 08:28:28 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B58C62029F62 for ; Mon, 15 Jun 2020 08:28:25 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B6962858F07 for ; Mon, 15 Jun 2020 08:28:25 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-398-o1uydjBKMvW8xdej6pWadw-1; Mon, 15 Jun 2020 04:28:22 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F7kcSL184051; Mon, 15 Jun 2020 04:28:22 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 31np7ba6dc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:21 -0400 Received: from m0098413.ppops.net (m0098413.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F7tDnP007154; Mon, 15 Jun 2020 04:28:21 -0400 Received: from ppma04ams.nl.ibm.com (63.31.33a9.ip4.static.sl-reverse.com [169.51.49.99]) by mx0b-001b2d01.pphosted.com with ESMTP id 31np7ba6cn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:21 -0400 Received: from pps.filterd (ppma04ams.nl.ibm.com [127.0.0.1]) by ppma04ams.nl.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8PWio031701; Mon, 15 Jun 2020 08:28:19 GMT Received: from b06cxnps4076.portsmouth.uk.ibm.com (d06relay13.portsmouth.uk.ibm.com [9.149.109.198]) by ppma04ams.nl.ibm.com with ESMTP id 31mpe7u5wj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:19 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SHJP48627880 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:17 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E0D06A4060; Mon, 15 Jun 2020 08:28:16 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4BFB3A4067; Mon, 15 Jun 2020 08:28:16 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:16 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209725; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=4Mpv0sMuJIr3+aYfbhO/1juXT2m5+KKV50cbXuqi8/E=; b=TiTlURT7sFZKBNCG6yPoBlUrabGR4w5CgCWqQOZaMKWXom6MtXRmu+QLn8sfKtQwfVg634 +ynmEuwY7w66UfdctI4Cs0wczGd/HHzrYBRRQrYQS1luLQKj1AYD7QsWwetd9PiiqG3jbR 6i+P/E1d2CWwJSIxZLY5MiSzNMv5a8E= X-MC-Unique: 0eIIaoeWPSaniQtPgvQ4Kw-1 X-MC-Unique: o1uydjBKMvW8xdej6pWadw-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 4/7] tools: secure guest check on s390 in virt-host-validate Date: Mon, 15 Jun 2020 10:28:09 +0200 Message-Id: <20200615082812.62918-5-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_01:2020-06-15, 2020-06-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 impostorscore=0 clxscore=1015 cotscore=-2147483648 mlxscore=0 lowpriorityscore=0 phishscore=0 suspectscore=0 spamscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006150061 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Boris Fiuczynski Add checking in virt-host-validate for secure guest support on s390 for IBM Secure Execution. Signed-off-by: Boris Fiuczynski Tested-by: Viktor Mihajlovski Reviewed-by: Paulo de Rezende Pinatti Reviewed-by: Bjoern Walk Reviewed-by: Erik Skultety --- tools/virt-host-validate-common.c | 60 +++++++++++++++++++++++++++++-- tools/virt-host-validate-common.h | 4 +++ tools/virt-host-validate-qemu.c | 4 +++ 3 files changed, 66 insertions(+), 2 deletions(-) diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-c= ommon.c index fbefbada96..6e03235ceb 100644 --- a/tools/virt-host-validate-common.c +++ b/tools/virt-host-validate-common.c @@ -40,7 +40,8 @@ VIR_ENUM_IMPL(virHostValidateCPUFlag, VIR_HOST_VALIDATE_CPU_FLAG_LAST, "vmx", "svm", - "sie"); + "sie", + "158"); =20 static bool quiet; =20 @@ -210,7 +211,8 @@ virBitmapPtr virHostValidateGetCPUFlags(void) * on the architecture, so check possible prefixes */ if (!STRPREFIX(line, "flags") && !STRPREFIX(line, "Features") && - !STRPREFIX(line, "features")) + !STRPREFIX(line, "features") && + !STRPREFIX(line, "facilities")) continue; =20 /* fgets() includes the trailing newline in the output buffer, @@ -439,3 +441,57 @@ bool virHostKernelModuleIsLoaded(const char *module) =20 return ret; } + + +int virHostValidateSecureGuests(const char *hvname, + virHostValidateLevel level) +{ + virBitmapPtr flags; + bool hasFac158 =3D false; + virArch arch =3D virArchFromHost(); + g_autofree char *cmdline =3D NULL; + static const char *kIBMValues[] =3D {"y", "Y", "on", "ON", "oN", "On",= "1"}; + + flags =3D virHostValidateGetCPUFlags(); + + if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_FACIL= ITY_158)) + hasFac158 =3D true; + + virBitmapFree(flags); + + virHostMsgCheck(hvname, "%s", _("for secure guest support")); + if (ARCH_IS_S390(arch)) { + if (hasFac158) { + if (!virFileIsDir("/sys/firmware/uv")) { + virHostMsgFail(level, "IBM Secure Execution not supported = by " + "the currently used kernel"); + return 0; + } + + if (virFileReadValueString(&cmdline, "/proc/cmdline") < 0) + return -1; + + if (virKernelCmdlineMatchParam(cmdline, "prot_virt", kIBMValue= s, + G_N_ELEMENTS(kIBMValues), + VIR_KERNEL_CMDLINE_FLAGS_SEARCH= _FIRST | + VIR_KERNEL_CMDLINE_FLAGS_CMP_PR= EFIX)) { + virHostMsgPass(); + return 1; + } else { + virHostMsgFail(level, + "IBM Secure Execution appears to be disable= d " + "in kernel. Add prot_virt=3D1 to kernel cmd= line " + "arguments"); + } + } else { + virHostMsgFail(level, "Hardware or firmware does not provide " + "support for IBM Secure Execution"); + } + } else { + virHostMsgFail(level, + "Unknown if this platform has Secure Guest support"= ); + return -1; + } + + return 0; +} diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-c= ommon.h index 8ae60a21de..44b5544a12 100644 --- a/tools/virt-host-validate-common.h +++ b/tools/virt-host-validate-common.h @@ -37,6 +37,7 @@ typedef enum { VIR_HOST_VALIDATE_CPU_FLAG_VMX =3D 0, VIR_HOST_VALIDATE_CPU_FLAG_SVM, VIR_HOST_VALIDATE_CPU_FLAG_SIE, + VIR_HOST_VALIDATE_CPU_FLAG_FACILITY_158, =20 VIR_HOST_VALIDATE_CPU_FLAG_LAST, } virHostValidateCPUFlag; @@ -83,4 +84,7 @@ int virHostValidateCGroupControllers(const char *hvname, int virHostValidateIOMMU(const char *hvname, virHostValidateLevel level); =20 +int virHostValidateSecureGuests(const char *hvname, + virHostValidateLevel level); + bool virHostKernelModuleIsLoaded(const char *module); diff --git a/tools/virt-host-validate-qemu.c b/tools/virt-host-validate-qem= u.c index bd717a604e..ea7f172790 100644 --- a/tools/virt-host-validate-qemu.c +++ b/tools/virt-host-validate-qemu.c @@ -127,5 +127,9 @@ int virHostValidateQEMU(void) VIR_HOST_VALIDATE_WARN) < 0) ret =3D -1; =20 + if (virHostValidateSecureGuests("QEMU", + VIR_HOST_VALIDATE_WARN) < 0) + ret =3D -1; + return ret; } --=20 2.26.2 From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209741; cv=none; d=zohomail.com; s=zohoarc; b=h6l8nAZE6syFHRdZhiVmz9Sg4XxcVjqG5L5tNIY5O8ODqn1IiiQTEpatYyHVkYHU0ZYRvpO+JRUkcKXi36k65VLJ3PZthYcxNm159AZ0ZlS6dXNkLrFRnMaRknQKwjWKlSkM72GNzQQR0Bx61k2jCnE8VCBDxksyfO9ywDONaRc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209741; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=bwk/QG4NGkBQe81M5sljpBDGYwyN8s/i3xMnYbQigz0=; b=Ir/uTGfhMIceXE1yHhVZqqVmw8bt8V3CLZ0YZFk0CoDAziGzYzrjGpsApFbXlhkAIDcp2XSP7u6V+9Gx+ofUk1Beasu+pwJ5fgYn+bsCwvhh9Gjxme9czsrneXyc8BbL8CgBqsTo296HCUNgwNwNHiwFLnheeZe00VSq8N9dUl0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1592209741490270.2148718863622; Mon, 15 Jun 2020 01:29:01 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-25-XlfQSxnEOfirko1_MEnKaQ-1; Mon, 15 Jun 2020 04:28:58 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C1C39835B47; Mon, 15 Jun 2020 08:28:52 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9E5BD60C80; Mon, 15 Jun 2020 08:28:52 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6DE251809561; Mon, 15 Jun 2020 08:28:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8STIP006666 for ; Mon, 15 Jun 2020 04:28:29 -0400 Received: by smtp.corp.redhat.com (Postfix) id 78346110F0B3; Mon, 15 Jun 2020 08:28:29 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast02.extmail.prod.ext.rdu2.redhat.com [10.11.55.18]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7369B110F0A4 for ; Mon, 15 Jun 2020 08:28:29 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5990D8007AC for ; Mon, 15 Jun 2020 08:28:29 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-486-b4_1tNh5NeiOd3LGufCrvg-1; Mon, 15 Jun 2020 04:28:24 -0400 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F83esW049883; Mon, 15 Jun 2020 04:28:23 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 31n301p474-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:23 -0400 Received: from m0098396.ppops.net (m0098396.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F8442Y052426; Mon, 15 Jun 2020 04:28:22 -0400 Received: from ppma04ams.nl.ibm.com (63.31.33a9.ip4.static.sl-reverse.com [169.51.49.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 31n301p469-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:22 -0400 Received: from pps.filterd (ppma04ams.nl.ibm.com [127.0.0.1]) by ppma04ams.nl.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8PWip031701; Mon, 15 Jun 2020 08:28:20 GMT Received: from b06cxnps4076.portsmouth.uk.ibm.com (d06relay13.portsmouth.uk.ibm.com [9.149.109.198]) by ppma04ams.nl.ibm.com with ESMTP id 31mpe7u5wm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:20 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SHa642074154 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:17 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 790A6A4054; Mon, 15 Jun 2020 08:28:17 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 04796A4065; Mon, 15 Jun 2020 08:28:17 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:16 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209740; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=bwk/QG4NGkBQe81M5sljpBDGYwyN8s/i3xMnYbQigz0=; b=I9ldHL7Fhj+V5XFknlnRPm45ZpQTJPOJRq8jBJVvGbgmSwN8Ma2A2RwAhOmG40RptBGqZr 04coz4NdQJdt/suOtc3mhWgWIxJ2RDIRvMK5OJrB8FqkOeCihfRxOmJW0yYCyIeWEgir+q 6+J+ZNbXPi7PI68qKyfxwSu/LNa9wf8= X-MC-Unique: XlfQSxnEOfirko1_MEnKaQ-1 X-MC-Unique: b4_1tNh5NeiOd3LGufCrvg-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 5/7] tools: secure guest check for AMD in virt-host-validate Date: Mon, 15 Jun 2020 10:28:10 +0200 Message-Id: <20200615082812.62918-6-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_01:2020-06-15, 2020-06-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 cotscore=-2147483648 bulkscore=0 mlxscore=0 suspectscore=0 adultscore=0 priorityscore=1501 malwarescore=0 clxscore=1015 spamscore=0 mlxlogscore=999 lowpriorityscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006150066 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Boris Fiuczynski Add checking in virt-host-validate for secure guest support on x86 for AMD Secure Encrypted Virtualization. Signed-off-by: Boris Fiuczynski Reviewed-by: Paulo de Rezende Pinatti Reviewed-by: Bjoern Walk Reviewed-by: Erik Skultety --- tools/virt-host-validate-common.c | 30 +++++++++++++++++++++++++++++- tools/virt-host-validate-common.h | 1 + 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/tools/virt-host-validate-common.c b/tools/virt-host-validate-c= ommon.c index 6e03235ceb..0e5932c17e 100644 --- a/tools/virt-host-validate-common.c +++ b/tools/virt-host-validate-common.c @@ -41,7 +41,8 @@ VIR_ENUM_IMPL(virHostValidateCPUFlag, "vmx", "svm", "sie", - "158"); + "158", + "sev"); =20 static bool quiet; =20 @@ -448,14 +449,18 @@ int virHostValidateSecureGuests(const char *hvname, { virBitmapPtr flags; bool hasFac158 =3D false; + bool hasAMDSev =3D false; virArch arch =3D virArchFromHost(); g_autofree char *cmdline =3D NULL; static const char *kIBMValues[] =3D {"y", "Y", "on", "ON", "oN", "On",= "1"}; + g_autofree char *mod_value =3D NULL; =20 flags =3D virHostValidateGetCPUFlags(); =20 if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_FACIL= ITY_158)) hasFac158 =3D true; + else if (flags && virBitmapIsBitSet(flags, VIR_HOST_VALIDATE_CPU_FLAG_= SEV)) + hasAMDSev =3D true; =20 virBitmapFree(flags); =20 @@ -487,6 +492,29 @@ int virHostValidateSecureGuests(const char *hvname, virHostMsgFail(level, "Hardware or firmware does not provide " "support for IBM Secure Execution"); } + } else if (hasAMDSev) { + if (virFileReadValueString(&mod_value, "/sys/module/kvm_amd/parame= ters/sev") < 0) { + virHostMsgFail(level, "AMD Secure Encrypted Virtualization not= " + "supported by the currently used kernel"= ); + return 0; + } + + if (mod_value[0] !=3D '1') { + virHostMsgFail(level, + "AMD Secure Encrypted Virtualization appears to= be " + "disabled in kernel. Add mem_encrypt=3Don " + "kvm_amd.sev=3D1 to kernel cmdline arguments"); + return 0; + } + + if (virFileExists("/dev/sev")) { + virHostMsgPass(); + return 1; + } else { + virHostMsgFail(level, + "AMD Secure Encrypted Virtualization appears to= be " + "disabled in firemare."); + } } else { virHostMsgFail(level, "Unknown if this platform has Secure Guest support"= ); diff --git a/tools/virt-host-validate-common.h b/tools/virt-host-validate-c= ommon.h index 44b5544a12..3df5ea0c7e 100644 --- a/tools/virt-host-validate-common.h +++ b/tools/virt-host-validate-common.h @@ -38,6 +38,7 @@ typedef enum { VIR_HOST_VALIDATE_CPU_FLAG_SVM, VIR_HOST_VALIDATE_CPU_FLAG_SIE, VIR_HOST_VALIDATE_CPU_FLAG_FACILITY_158, + VIR_HOST_VALIDATE_CPU_FLAG_SEV, =20 VIR_HOST_VALIDATE_CPU_FLAG_LAST, } virHostValidateCPUFlag; --=20 2.26.2 From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209744; cv=none; d=zohomail.com; s=zohoarc; b=cH2duHu53V+T+Qy7qH+oYWcTFg0cCewxw7i6eXj20uKMmGjr4Ttw/Kc1JTcUQTiPF9zEvcEiEiIzoGTIbACV6LLkGXdiTqoplFDheCzfHu7iN1Zz/r2732xJ7TNHgnWTn92AqKuonMAUxxAlswqj1M2zTbKrEKrUBfoQ/zZXkzo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209744; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=4bzDr6B3QwcFoVVU2mssZvTejK2HLARNv0rG1/tdhUY=; b=lb0C8AxqznRM15i3K+0/iByObl0260hcMa8mm2MPI3GCoLzCQESklM6ZHxDf4ocD52GTtMG2hENsa3NcPNUKEbTITGJKSOx9qGcbSxHjXMYdNJ8zGWcgBW7hqdDAIYKHVP9mF6zezYZbbObXNh87aUf+BDJE0tsaEpxFBjjMYAc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1592209744838875.7763582510456; Mon, 15 Jun 2020 01:29:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-339-RJZnVi7PN4yG6WzwvVTpEw-1; Mon, 15 Jun 2020 04:29:00 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5E990835B57; Mon, 15 Jun 2020 08:28:55 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3C3DF60BF1; Mon, 15 Jun 2020 08:28:55 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0E8681809557; Mon, 15 Jun 2020 08:28:55 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8SUjM006680 for ; Mon, 15 Jun 2020 04:28:30 -0400 Received: by smtp.corp.redhat.com (Postfix) id 923271C67F; Mon, 15 Jun 2020 08:28:30 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast05.extmail.prod.ext.rdu2.redhat.com [10.11.55.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8DA4E176FF for ; Mon, 15 Jun 2020 08:28:30 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 72A34833B49 for ; Mon, 15 Jun 2020 08:28:30 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-302-MKKXKmGzPXqo8Gp6mox-LQ-1; Mon, 15 Jun 2020 04:28:24 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F7kcMU183954; Mon, 15 Jun 2020 04:28:24 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 31np7ba6e0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:24 -0400 Received: from m0098413.ppops.net (m0098413.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F7reWI002658; Mon, 15 Jun 2020 04:28:23 -0400 Received: from ppma04ams.nl.ibm.com (63.31.33a9.ip4.static.sl-reverse.com [169.51.49.99]) by mx0b-001b2d01.pphosted.com with ESMTP id 31np7ba6de-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:22 -0400 Received: from pps.filterd (ppma04ams.nl.ibm.com [127.0.0.1]) by ppma04ams.nl.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8PWFt031705; Mon, 15 Jun 2020 08:28:21 GMT Received: from b06avi18878370.portsmouth.uk.ibm.com (b06avi18878370.portsmouth.uk.ibm.com [9.149.26.194]) by ppma04ams.nl.ibm.com with ESMTP id 31mpe7u5wn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:21 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SIXU62063036 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:18 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2454AA405B; Mon, 15 Jun 2020 08:28:18 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9AA79A405C; Mon, 15 Jun 2020 08:28:17 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:17 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209743; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=4bzDr6B3QwcFoVVU2mssZvTejK2HLARNv0rG1/tdhUY=; b=CCBfLiIUKdu22PpFlOqR/o2NjjPhSVS5S00rt2ugFFC6oYG14F8AeHcpPCjVxsxYPpLb0W S0kGb+SWhH/y6EECbjElG1dxbjJd76Bei1sjMjXmPebZqOVm4FFku40d/qhDG9nPbO4jrJ EGpNuYbl6hNmxtCNg5CudLMsuTtBjak= X-MC-Unique: RJZnVi7PN4yG6WzwvVTpEw-1 X-MC-Unique: MKKXKmGzPXqo8Gp6mox-LQ-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 6/7] docs: update AMD launch secure description Date: Mon, 15 Jun 2020 10:28:11 +0200 Message-Id: <20200615082812.62918-7-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-15_01:2020-06-15, 2020-06-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 adultscore=0 mlxlogscore=999 priorityscore=1501 impostorscore=0 clxscore=1015 cotscore=-2147483648 mlxscore=0 lowpriorityscore=0 phishscore=0 suspectscore=0 spamscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006150061 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Boris Fiuczynski Update document with changes in qemu capability caching and the added secure guest support checking for AMD SEV in virt-host-validate. Signed-off-by: Boris Fiuczynski Reviewed-by: Erik Skultety --- docs/kbase/launch_security_sev.rst | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_securit= y_sev.rst index 65f258587d..19b978481a 100644 --- a/docs/kbase/launch_security_sev.rst +++ b/docs/kbase/launch_security_sev.rst @@ -30,8 +30,11 @@ Enabling SEV on the host =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 Before VMs can make use of the SEV feature you need to make sure your -AMD CPU does support SEV. You can check whether SEV is among the CPU -flags with: +AMD CPU does support SEV. You can run ``libvirt-host-validate`` +(libvirt >=3D 6.5.0) to check if your host supports secure guests or you +can follow the manual checks below. + +You can manually check whether SEV is among the CPU flags with: =20 :: =20 @@ -109,7 +112,7 @@ following: =20 -Note that if libvirt was already installed and libvirtd running before +Note that if libvirt (<6.5.0) was already installed and libvirtd running b= efore enabling SEV in the kernel followed by the host reboot you need to force libvirtd to re-probe both the host and QEMU capabilities. First stop libvirtd: --=20 2.26.2 From nobody Mon Apr 29 15:55:50 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) client-ip=207.211.31.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1592209749; cv=none; d=zohomail.com; s=zohoarc; b=R6hm611Z8xdp2y5v8cA64CjQUK1dfR6jXVP2tRkLIhLoi6HKswlTQSN+g8XgekZOl6eKaK5qhF5OZ23a418BuWDncW/vgNRVgnn/3RZ9OKYSif7p7BqDDDjdN/Evi6nEyOMMJUOYij0AKS0cDyWIvmJT6gCx14N3YXKXVNA+WDo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1592209749; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=92k73Bd8v1Wz/+87N1HwMsMNQ69BLFwt/XCK7JY4osI=; b=Fr3rhcJDWa3sh2l0KH9j6gJ0BFcf0MAeH7WdOhCJXLnsJem0yXVRy6taXHen6lwBzHvgqEEfL4K+owjSSKRW1yFFfkg/DkYpTo4G8tRgeZiFI+LlRLdqKTYEVQiTXCUTp8kY06ceusbxwjc5evj30ODXaJ9Qwhs9xawbcEhDXS8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 207.211.31.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) by mx.zohomail.com with SMTPS id 1592209749448427.4596504984355; Mon, 15 Jun 2020 01:29:09 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-241-lngxhJ2_OL6h3WBmmhXt3Q-1; Mon, 15 Jun 2020 04:29:05 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9D171105250F; Mon, 15 Jun 2020 08:28:57 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7DA0A7CAC8; Mon, 15 Jun 2020 08:28:57 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 5132D833C5; Mon, 15 Jun 2020 08:28:57 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 05F8SVVj006688 for ; Mon, 15 Jun 2020 04:28:31 -0400 Received: by smtp.corp.redhat.com (Postfix) id 2DBA0176FF; Mon, 15 Jun 2020 08:28:31 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 28C9E1C735 for ; Mon, 15 Jun 2020 08:28:31 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 09CF3186E3A5 for ; Mon, 15 Jun 2020 08:28:31 +0000 (UTC) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-347-1tP4APAhPdaezvOKWqBUyg-1; Mon, 15 Jun 2020 04:28:26 -0400 Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 05F7XqTa176445; Mon, 15 Jun 2020 04:28:24 -0400 Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 31mua5xagf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:24 -0400 Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.36/8.16.0.36) with SMTP id 05F7Zeid184041; Mon, 15 Jun 2020 04:28:24 -0400 Received: from ppma01fra.de.ibm.com (46.49.7a9f.ip4.static.sl-reverse.com [159.122.73.70]) by mx0a-001b2d01.pphosted.com with ESMTP id 31mua5xafm-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 04:28:24 -0400 Received: from pps.filterd (ppma01fra.de.ibm.com [127.0.0.1]) by ppma01fra.de.ibm.com (8.16.0.42/8.16.0.42) with SMTP id 05F8Prd8024209; Mon, 15 Jun 2020 08:28:21 GMT Received: from b06avi18878370.portsmouth.uk.ibm.com (b06avi18878370.portsmouth.uk.ibm.com [9.149.26.194]) by ppma01fra.de.ibm.com with ESMTP id 31mpe7h9d7-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jun 2020 08:28:21 +0000 Received: from b06wcsmtp001.portsmouth.uk.ibm.com (b06wcsmtp001.portsmouth.uk.ibm.com [9.149.105.160]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 05F8SIcx62390740 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 15 Jun 2020 08:28:18 GMT Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BDA75A4054; Mon, 15 Jun 2020 08:28:18 +0000 (GMT) Received: from b06wcsmtp001.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3C597A405C; Mon, 15 Jun 2020 08:28:18 +0000 (GMT) Received: from normandy.boeblingen.de.ibm.com (unknown [9.145.159.41]) by b06wcsmtp001.portsmouth.uk.ibm.com (Postfix) with ESMTP; Mon, 15 Jun 2020 08:28:18 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592209748; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=92k73Bd8v1Wz/+87N1HwMsMNQ69BLFwt/XCK7JY4osI=; b=Yw36vlRsbPj516eYEZw0RoezivIKP6v+47ukmtxRHhmz5b1kNwvqR7c3PB1f+xPPQsGRMt MCQZUAiD5Zpwy4sO+4JEKrLmroYENIZfsTgpDlmQuAgjxrc0+FCpBBbZzjPYV13GcgHYp4 W1jMknRTUpwVoEAt7rXQcuyRK/ecCBo= X-MC-Unique: lngxhJ2_OL6h3WBmmhXt3Q-1 X-MC-Unique: 1tP4APAhPdaezvOKWqBUyg-1 From: Paulo de Rezende Pinatti To: libvir-list@redhat.com, fiuczy@linux.ibm.com, mihajlov@linux.ibm.com, berrange@redhat.com, brijesh.singh@amd.com, borntraeger@de.ibm.com, eskultet@redhat.com Subject: [PATCH v3 7/7] docs: Describe protected virtualization guest setup Date: Mon, 15 Jun 2020 10:28:12 +0200 Message-Id: <20200615082812.62918-8-ppinatti@linux.ibm.com> In-Reply-To: <20200615082812.62918-1-ppinatti@linux.ibm.com> References: <20200615082812.62918-1-ppinatti@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216, 18.0.687 definitions=2020-06-12_17:2020-06-12, 2020-06-12 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 bulkscore=0 spamscore=0 malwarescore=0 lowpriorityscore=0 impostorscore=0 clxscore=1015 adultscore=0 mlxscore=0 suspectscore=0 phishscore=0 priorityscore=1501 cotscore=-2147483648 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2004280000 definitions=main-2006130016 X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-loop: libvir-list@redhat.com Cc: danielhb413@gmail.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Viktor Mihajlovski Protected virtualization/IBM Secure Execution for Linux protects guest memory and state from the host. Add some basic information about technology and a brief guide on setting up secure guests with libvirt. Signed-off-by: Viktor Mihajlovski Signed-off-by: Boris Fiuczynski Reviewed-by: Paulo de Rezende Pinatti Reviewed-by: Erik Skultety --- docs/kbase.html.in | 3 + docs/kbase/s390_protected_virt.rst | 189 +++++++++++++++++++++++++++++ 2 files changed, 192 insertions(+) create mode 100644 docs/kbase/s390_protected_virt.rst diff --git a/docs/kbase.html.in b/docs/kbase.html.in index c586e0f676..241a212fa9 100644 --- a/docs/kbase.html.in +++ b/docs/kbase.html.in @@ -14,6 +14,9 @@
Secure usage
Secure usage of the libvirt APIs
=20 +
Protected virtualiz= ation on s390
+
Running secure s390 guests with IBM Secure Execution
+
Launch security=
Securely launching VMs with AMD SEV
=20 diff --git a/docs/kbase/s390_protected_virt.rst b/docs/kbase/s390_protected= _virt.rst new file mode 100644 index 0000000000..f38d16d743 --- /dev/null +++ b/docs/kbase/s390_protected_virt.rst @@ -0,0 +1,189 @@ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D +Protected Virtualization on s390 +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D + +.. contents:: + +Overview +=3D=3D=3D=3D=3D=3D=3D=3D + +Protected virtualization, also known as IBM Secure Execution is a +hardware-based privacy protection technology for s390x (IBM Z). +It allows to execute virtual machines such that the host system +has no access to a VM's state and memory contents. + +Unlike other similar technologies, the memory of a running guest +is not encrypted but protected by hardware access controls, which +may only be manipulated by trusted system firmware, called +ultravisor. + +For the cases where the host needs access to guest memory (e.g. for +paging), it can request pages to be exported to it. The exported page +will be encrypted with a unique key for the running guest by the +ultravisor. The ultravisor also computes an integrity value for +the page, and stores it in a special table, together with the page +index and a counter. This way it can verify the integrity of +the page content upon re-import into the guest. + +In other cases it may be necessary for a guest to grant the host access +to dedicated memory regions (e.g. for I/O). The guest can request +that the ultravisor removes the memory protection from individual +pages, so that they can be shared with the host. Likewise, the +guest can undo the sharing. + +A secure guest will initially start in a regular non-protected VM. +The start-up is controlled by a small bootstrap program loaded +into memory together with encrypted operating system components and +a control structure (the PV header). +The operating system components (e.g. Linux kernel, initial RAM +file system, kernel parameters) are encrypted and integrity +protected. The component encryption keys and integrity values are +stored in the PV header. +The PV header is wrapped with a public key belonging to a specific +system (in fact it can be wrapped with multiple such keys). The +matching private key is only accessible by trusted hardware and +firmware in that specific system. +Consequently, such a secure guest boot image can only be run on the +systems it has been prepared for. Its contents can't be decrypted +without access to the private key and it can't be modified as +it is integrity protected. + +Host Requirements +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +IBM Secure Execution for Linux has some hardware and firmware +requirements. The system hardware must be an IBM z15 (or newer), +or an IBM LinuxONE III (or newer). + +It is also necessary that the IBM Secure Execution feature is +enabled for that system. With libvirt >=3D 6.5.0 you can run +``libvirt-host--validate`` or otherwise check for facility '158', e.g. + +:: + + $ grep facilities /proc/cpuinfo | grep 158 + +The kernel must include the protected virtualization support +which can be verified by checking for the presence of directory +``/sys/firmware/uv``. It will only be present when both the +hardware and the kernel support are available. + +Finally, the host operating system must donate some memory to +the ultravisor needed to store memory security information. +This is achieved by specifying the following kernel command +line parameter to the host boot configuration + +:: + + prot_virt=3D1 + + +Guest Requirements +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Guest Boot +---------- + +To start a guest in protected virtualization secure mode, the +boot image must have been prepared first with the program +``genprotimg`` using the correct public key for this host. +``genprotimg`` is part of the package ``s390-tools``, or +``s390-utils``, depending on the Linux distribution being used. +It can also be found at +``_ + +The guests have to be configured to use the host CPU model, which +must contain the ``unpack`` facility indicating ultravisor guest support. + +With the following command it's possible to check whether the host +CPU model satisfies the requirement + +:: + + $ virsh domcapabilities | grep unpack + +which should return + +:: + + + +Note that on hosts with libvirt < 6.5.0 if the check fails despite +the host system actually supporting protected virtualization guests, +this can be caused by a stale libvirt capabilities cache. +To recover, run the following commands + +:: + + $ systemctl stop libvirtd + $ rm /var/cache/libvirt/qemu/capabilities/*.xml + $ systemctl start libvirtd + + +Guest I/O +--------- + +Protected virtualization guests support I/O using virtio devices. +As the virtio data structures of secure guests are not accessible +by the host, it is necessary to use shared memory ('bounce buffers'). + +To enable virtio devices to use shared buffers, it is necessary +to configure them with platform_iommu enabled. This can done by adding +``iommu=3D'on'`` to the driver element of a virtio device definition in the +guest's XML, e.g. + +:: + + + + + + + +It is mandatory to define all virtio bus devices in this way to +prevent the host from attempting to access protected memory. +Ballooning will not work and is fenced by QEMU. It should be +disabled by specifying + +:: + + + +Finally, the guest Linux must be instructed to allocate I/O +buffers using memory shared between host and guest using SWIOTLB. +This is done by adding ``swiotlb=3Dnnn`` to the guest's kernel command +line string, where ``nnn`` stands for the number of statically +allocated 2K entries. A commonly used value for swiotlb is 262144. + +Example guest definition +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +Minimal domain XML for a protected virtualization guest, essentially +it's mostly about the ``iommu`` property + +:: + + + protected + 2048000 + 2048000 + 1 + + hvm + + + + + + + + + + + + + + + + + --=20 2.26.2