From nobody Thu May 2 20:43:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=quarantine dis=quarantine) header.from=suse.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1639543595076258.45940965929447; Tue, 14 Dec 2021 20:46:35 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-498-sOTG5gAdNY-Cs_vsUm9kSw-1; Tue, 14 Dec 2021 23:46:29 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 0AE46185302D; Wed, 15 Dec 2021 04:46:25 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4391170F52; Wed, 15 Dec 2021 04:46:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 477301809CB8; Wed, 15 Dec 2021 04:46:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1BF4kING029857 for ; Tue, 14 Dec 2021 23:46:18 -0500 Received: by smtp.corp.redhat.com (Postfix) id 0785F492D1D; Wed, 15 Dec 2021 04:46:18 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 02232492D18 for ; Wed, 15 Dec 2021 04:46:17 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C0116101A52D for ; Wed, 15 Dec 2021 04:46:17 +0000 (UTC) Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-176-dOljUtgeO5asm8a8HiU7yg-1; Tue, 14 Dec 2021 23:46:15 -0500 Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05lp2110.outbound.protection.outlook.com [104.47.17.110]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-23-VqysBFZtPXmKTBr_NRI2hg-1; Wed, 15 Dec 2021 05:46:13 +0100 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) by AM0PR0402MB3633.eurprd04.prod.outlook.com (2603:10a6:208:c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16; Wed, 15 Dec 2021 04:46:12 +0000 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3]) by AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3%5]) with mapi id 15.20.4778.018; Wed, 15 Dec 2021 04:46:12 +0000 X-MC-Unique: sOTG5gAdNY-Cs_vsUm9kSw-1 X-MC-Unique: dOljUtgeO5asm8a8HiU7yg-1 X-MC-Unique: VqysBFZtPXmKTBr_NRI2hg-1 From: Jim Fehlig To: libvir-list@redhat.com Subject: [PATCH V3 1/4] libvirt: Introduce virDomainSetLaunchSecurityState public API Date: Tue, 14 Dec 2021 21:46:03 -0700 Message-ID: <20211215044606.31974-2-jfehlig@suse.com> In-Reply-To: <20211215044606.31974-1-jfehlig@suse.com> References: <20211215044606.31974-1-jfehlig@suse.com> X-ClientProxiedBy: AS8PR04CA0037.eurprd04.prod.outlook.com (2603:10a6:20b:312::12) To AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ce2cafe0-4e3e-4ad1-fda6-08d9bf85d1e0 X-MS-TrafficTypeDiagnostic: AM0PR0402MB3633:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0 X-Microsoft-Antispam-Message-Info: txKqUmjU5qPgGtSJmC50vPSBvnK3S8muDz0G+pNd2kVMvIppEIRRkGY4TVBjdw6yN8K0EM/ol55kT9mq0xylPssiAt6J97r/K4JCRs/0LUsFX6dVhLd9FmSX/du8OWIQQ0f+O0JKq0AzQGHKpsPmJhse0yAcK34afktAAwFMS9al0YXeMtUQ74jUfrY372Je9kakA8gQpJuHAhsz6SY7cKA/x90JZZ8hEHx5NQsRi5v9ESCY84T1tuHxt1SPiMzgfMzrISelGYcP6K92lsYd+eKrwDjGZY9wsMWK0z/2KYR2DTzAbmbXB40oq2wM72hAA/CdVQm5uSQA0jAS0VcPpDjF6neGcq2PZiVgYHILIc5f1NULwnujaA2jR5bGIH/decgiFoC17v023SpGbtqGdoUlHfdqLHadCw+XwXVtody+0Bs/z2lFowcSedj3AcN5iJc+7h6aW4V+HrXq7NrAYpX7IQZ3izA7ryZDQqUvm9yKXSfI7cS/tMtGX3/3t3BIAnYf9Q1BSvmKrLTdModW8KvCGYb6dAW+hAbYPgv5ubSeSQu30U2dbgPz6fJupRNb4goVwxccO3u5EvHmPXLXRSBqkwIekSyLySzjpmFCuhWgUcG+kEnkt9XQ4w3O6NbB6MkPgefraUyf7NjJioDTlMcyprwpTlzhxYPSLtHjE6ZS0jcSRCNsBw4F1fGpKE2oCu3D0yRZGLFKERLcQvumiB+YdwG6UvXwqO7m7MPPBrwDckYWQHeRKGI4CQq3PbHNno8PBbDxBXRJJi4p1/sYjUbypMTzWCvcGcwTUOpif50NjpatHKcXYgRHGhywnnFv X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR04MB4899.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(1076003)(8936002)(6916009)(86362001)(2616005)(26005)(4326008)(966005)(6666004)(2906002)(186003)(8676002)(6486002)(5660300002)(6512007)(450100002)(6506007)(83380400001)(316002)(508600001)(66556008)(66476007)(66946007)(38100700002)(36756003)(145543001)(213903007); DIR:OUT; SFP:1101 X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Z6I8mH+dzC1asOweyf/beooTkqPQjPrD+zIHZ0Vlx8rNh+S4bp6+w8CZvaPD?= =?us-ascii?Q?w+niDpjvS7TFLwSDwMFJAM8174yMrkjG/xI/evBBJ9wV+LAchCfWSwCnRSxN?= =?us-ascii?Q?1uqjvX3qhJHSOIancFox4qhH732tmxcZGzYUxj1nVB3WlRfGSQmWzwz7wDYY?= =?us-ascii?Q?Ltgu/9i11gp42UGjD9pse41nWio8cevDRJsUvN82oMgcF/3FOKkn+Gjtszhr?= =?us-ascii?Q?AgWrCSaP8IAfznZKBmZFaqgdui06Di0I3ORLgtoWsUd3Ouo753LzVZ52SlLi?= =?us-ascii?Q?iIh8SzXPf4HTpvFz3lPIVlP/+HWIGY7H9ZW/bHYcLQDL1lqetbdN9iYB8FgE?= =?us-ascii?Q?YQkHiFP8ChJaKRC3JzMBmbY0Sp9CWqc/Y2sCN6Dh+qL0QkTcCBiZDlczg3CY?= =?us-ascii?Q?93Hwv4aNuQrK0f0aSUMGOoZIqxowaYVECCxoaTaGTv/iYjnYoHcyuewOGBWB?= =?us-ascii?Q?94obiRvJ2sYsluIuaiFIycg7tByDYBMIrsp/DSg2HDjLXZSXacD/6xw43kB3?= =?us-ascii?Q?0pkLtHg0YWJLo3ceFN6ox1Q87bVWDRpl6VkBAAQNcLaLejZYWmuXcG8B1v+h?= =?us-ascii?Q?imUWdOiSMKoXfjF96TJk8E+Txod4SkDwLlRYGLwkpE8M2T1D4+z6oQd95WBd?= =?us-ascii?Q?5S6fnuwfNwXQiiCGGFTgB3ZloXModR9s18rwbZsjSXhgbGOgh56Oouf7svrn?= =?us-ascii?Q?NgWw7WsvOfr/vdtEq3Ot9va2+9UO4jhUi+cJsxYuJbA6ekto2xKt9hzRfLZm?= =?us-ascii?Q?bN0nh9fTZJ9o7W3aMgOdo6xz83D3CvpqPLbzT2jWAskgnk5iY0jcLxG3RuZm?= =?us-ascii?Q?WWCun28Z21mqgF9tKkHLo4WaRE6n3KHf3/18zkmRcl68AJtnvvVwzVvR3M2W?= =?us-ascii?Q?754Zni7VEIRtD0lNjatGPHT59BxfeYT3zzxcQE38nmHylvxkLfJ+6bXbALdL?= =?us-ascii?Q?7yYpsFwmHoy+ioTR6EUMt/uKtZBmIN0KtADegwRb9K63xM5aKmXfbbDR9Gbx?= =?us-ascii?Q?cTsvCs59d448gufIOGFv//nWJnz9sn1vx40mpq7z8tCPsySwqUxHTiNnPSK/?= =?us-ascii?Q?PDLfcUh2KmPXNzedZWO7lSRxtS+qe/ocml+lqL8BduC7nnyLRElrW9MePFm0?= =?us-ascii?Q?xn0E/1423LUxp5PPZfxSBDckK69Yt7tUJk1JJNv4uRrwc5GmiKj9gngBHC1o?= =?us-ascii?Q?EXT/dM/h1+caT8K8eChfYHZOGZ6OQboQSKaEDaCuiBx+7tQ6lS9FVKbKcJSL?= =?us-ascii?Q?ygCaWOjcyid8mqbNYATanby52N2uaTZPiQQIdPHC1gzEdrJ3uE59c1sLejf5?= =?us-ascii?Q?aDaPV68L+dbOGo8QmJKpFW/ExSCOx3h4u6hdm+IpLcScr0se7U4gFd6e45sK?= =?us-ascii?Q?f5xEex1btZqBf0V2VVW/N0NJzFl+MNkR1iLZG8qM0Mo5oDa0OE2kuyPSyVxg?= =?us-ascii?Q?EYqkXuAkPiysPVJGwDxMSkMfPP5NMk3AAjeMRFRyfa2qP4AkKKa20fB8OiKB?= =?us-ascii?Q?CK3vPKP3CTH4wXodgPIaX6ntfLKBsqcg57KsxX0X0T6Ivr1O4rJCC70BLQN4?= =?us-ascii?Q?5vFZYecyeD0X3oQ0dR7UpPhCnZGA1dvF6TKpsYiCgXGfyTWAQoH1Wvk2Oi40?= =?us-ascii?Q?MIFbFYQpvgZ6ZgHicmMj8Is=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: ce2cafe0-4e3e-4ad1-fda6-08d9bf85d1e0 X-MS-Exchange-CrossTenant-AuthSource: AM0PR04MB4899.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2021 04:46:12.5186 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: hRB+y3mfNmyDSVXP3amMaT+Len7PvTL2/3EE7x7S3gxku3o8f0UL19lG8quzaoW76Urjjcs5Uw16zltGNpUjOQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0402MB3633 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.85 on 10.11.54.9 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 1BF4kING029857 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1639543596378100003 This API allows setting a launch secret within a guests's memory. The launch secret is created by the guest owner after retrieving and verifying the launch measurement with virDomainGetLaunchSecurityInfo. The API uses virTypedParameter for input, allowing it to be expanded to support other confidential computing technologies. In the case of SEV, a basic guest launch workflow is described in the SEV API spec in section "1.3.1 Launch" https://www.amd.com/system/files/TechDocs/55766_SEV-KM_API_Specification.pdf Signed-off-by: Jim Fehlig Reviewed-by: Daniel P. Berrang=C3=A9 --- include/libvirt/libvirt-domain.h | 36 +++++++++++++++++++ src/driver-hypervisor.h | 7 ++++ src/libvirt-domain.c | 62 ++++++++++++++++++++++++++++++++ src/libvirt_public.syms | 5 +++ 4 files changed, 110 insertions(+) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom= ain.h index 5d3e15766e..5f0a9b7572 100644 --- a/include/libvirt/libvirt-domain.h +++ b/include/libvirt/libvirt-domain.h @@ -5102,6 +5102,7 @@ int virDomainSetLifecycleAction(virDomainPtr domain, # define VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT "sev-measurement" =20 /** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MAJOR: * * Macro represents the API major version of the SEV host, @@ -5133,11 +5134,46 @@ int virDomainSetLifecycleAction(virDomainPtr domain, */ # define VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY "sev-policy" =20 +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEADER: + * + * A macro used to represent the SEV launch secret header. The secret head= er + * is a base64-encoded VIR_TYPED_PARAM_STRING containing artifacts needed = by + * the SEV firmware to recover the plain text of the launch secret. See + * section "6.6 LAUNCH_SECRET" in the SEV API specification for a detailed + * description of the secret header. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEADER "sev-secret-header" + +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET: + * + * A macro used to represent the SEV launch secret. The secret is a + * base64-encoded VIR_TYPED_PARAM_STRING containing an encrypted launch + * secret. The secret is created by the domain owner after the SEV launch + * measurement is retrieved and verified. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET "sev-secret" + +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_SET_ADDRESS: + * + * A macro used to represent the physical address within the guest's memory + * where the secret will be set, as VIR_TYPED_PARAM_ULLONG. If not specifi= ed, + * the address will be determined by the hypervisor. + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_SET_ADDRESS "sev-secret-set= -address" + int virDomainGetLaunchSecurityInfo(virDomainPtr domain, virTypedParameterPtr *params, int *nparams, unsigned int flags); =20 +int virDomainSetLaunchSecurityState(virDomainPtr domain, + virTypedParameterPtr params, + int nparams, + unsigned int flags); + typedef enum { VIR_DOMAIN_GUEST_INFO_USERS =3D (1 << 0), /* return active users */ VIR_DOMAIN_GUEST_INFO_OS =3D (1 << 1), /* return OS information */ diff --git a/src/driver-hypervisor.h b/src/driver-hypervisor.h index d642af8a37..c83fb648a2 100644 --- a/src/driver-hypervisor.h +++ b/src/driver-hypervisor.h @@ -1333,6 +1333,12 @@ typedef int int *nparams, unsigned int flags); =20 +typedef int +(*virDrvDomainSetLaunchSecurityState)(virDomainPtr domain, + virTypedParameterPtr params, + int nparams, + unsigned int flags); + typedef virDomainCheckpointPtr (*virDrvDomainCheckpointCreateXML)(virDomainPtr domain, const char *xmlDesc, @@ -1661,6 +1667,7 @@ struct _virHypervisorDriver { virDrvConnectBaselineHypervisorCPU connectBaselineHypervisorCPU; virDrvNodeGetSEVInfo nodeGetSEVInfo; virDrvDomainGetLaunchSecurityInfo domainGetLaunchSecurityInfo; + virDrvDomainSetLaunchSecurityState domainSetLaunchSecurityState; virDrvDomainCheckpointCreateXML domainCheckpointCreateXML; virDrvDomainCheckpointGetXMLDesc domainCheckpointGetXMLDesc; virDrvDomainListAllCheckpoints domainListAllCheckpoints; diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c index 5708ff839b..82b0822d12 100644 --- a/src/libvirt-domain.c +++ b/src/libvirt-domain.c @@ -12844,6 +12844,68 @@ int virDomainGetLaunchSecurityInfo(virDomainPtr do= main, } =20 =20 +/** + * virDomainSetLaunchSecurityState: + * @domain: a domain object + * @params: pointer to launch security parameter objects + * @nparams: number of launch security parameters + * @flags: currently used, set to 0. + * + * Set a launch security secret in the guest's memory. The guest must be + * in a paused state, e.g. in state VIR_DOMIAN_PAUSED as reported by + * virDomainGetState. On success, the guest can be transitioned to a + * running state. On failure, the guest should be destroyed. + * + * A basic guest attestation process can be achieved by: + * - Start a secure guest in the paused state by passing VIR_DOMAIN_START_= PAUSED + * to one of the virDomainCreate APIs + * - Retrieve the guest launch measurement with virDomainGetLaunchSecurity= Info + * - Verify launch measurement and generate a secret for the guest + * - Set the secret in the guest's memory with virDomainSetLaunchSecurityS= tate + * - Start running the guest with virDomainResume + * + * See VIR_DOMAIN_LAUNCH_SECURITY_* for a detailed description of accepted + * launch security parameters. + * + * Returns -1 in case of failure, 0 in case of success. + */ +int virDomainSetLaunchSecurityState(virDomainPtr domain, + virTypedParameterPtr params, + int nparams, + unsigned int flags) +{ + virConnectPtr conn =3D domain->conn; + + VIR_DOMAIN_DEBUG(domain, "params=3D%p, nparams=3D%d flags=3D0x%x", + params, nparams, flags); + VIR_TYPED_PARAMS_DEBUG(params, nparams); + + virResetLastError(); + + virCheckDomainReturn(domain, -1); + virCheckNonNullArgGoto(params, error); + virCheckPositiveArgGoto(nparams, error); + virCheckReadOnlyGoto(domain->conn->flags, error); + + if (virTypedParameterValidateSet(conn, params, nparams) < 0) + goto error; + + if (conn->driver->domainSetLaunchSecurityState) { + int ret; + ret =3D conn->driver->domainSetLaunchSecurityState(domain, params, + nparams, flags); + if (ret < 0) + goto error; + return ret; + } + virReportUnsupportedError(); + + error: + virDispatchError(domain->conn); + return -1; +} + + /** * virDomainAgentSetResponseTimeout: * @domain: a domain object diff --git a/src/libvirt_public.syms b/src/libvirt_public.syms index 788a967df7..f93692c427 100644 --- a/src/libvirt_public.syms +++ b/src/libvirt_public.syms @@ -911,4 +911,9 @@ LIBVIRT_7.8.0 { virNetworkCreateXMLFlags; } LIBVIRT_7.7.0; =20 +LIBVIRT_8.0.0 { + global: + virDomainSetLaunchSecurityState; +} LIBVIRT_7.8.0; + # .... define new API here using predicted next version number .... --=20 2.34.1 From nobody Thu May 2 20:43:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=quarantine dis=quarantine) header.from=suse.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1639543611931999.5410223950598; Tue, 14 Dec 2021 20:46:51 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-581-hvFV9uNhNhW8Ioq41Iwg9Q-1; Tue, 14 Dec 2021 23:46:47 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 43902102CB29; Wed, 15 Dec 2021 04:46:42 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 27C4B6EC6E; Wed, 15 Dec 2021 04:46:42 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id F191F4A7CA; Wed, 15 Dec 2021 04:46:41 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1BF4kNeh029891 for ; Tue, 14 Dec 2021 23:46:23 -0500 Received: by smtp.corp.redhat.com (Postfix) id A12A92180141; Wed, 15 Dec 2021 04:46:23 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 9AA4D218015D for ; Wed, 15 Dec 2021 04:46:20 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 93C6C85A5A8 for ; Wed, 15 Dec 2021 04:46:20 +0000 (UTC) Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-283-rStX6SrLN36MgOYU-RW5vQ-1; Tue, 14 Dec 2021 23:46:18 -0500 Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05lp2112.outbound.protection.outlook.com [104.47.17.112]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-29-C59Yao3gNFaQCmDJ-H-ugw-1; Wed, 15 Dec 2021 05:46:16 +0100 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) by AM0PR0402MB3633.eurprd04.prod.outlook.com (2603:10a6:208:c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16; Wed, 15 Dec 2021 04:46:15 +0000 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3]) by AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3%5]) with mapi id 15.20.4778.018; Wed, 15 Dec 2021 04:46:15 +0000 X-MC-Unique: hvFV9uNhNhW8Ioq41Iwg9Q-1 X-MC-Unique: rStX6SrLN36MgOYU-RW5vQ-1 X-MC-Unique: C59Yao3gNFaQCmDJ-H-ugw-1 From: Jim Fehlig To: libvir-list@redhat.com Subject: [PATCH V3 2/4] remote: Add RPC support for the virDomainSetLaunchSecurityState API Date: Tue, 14 Dec 2021 21:46:04 -0700 Message-ID: <20211215044606.31974-3-jfehlig@suse.com> In-Reply-To: <20211215044606.31974-1-jfehlig@suse.com> References: <20211215044606.31974-1-jfehlig@suse.com> X-ClientProxiedBy: AS8PR04CA0056.eurprd04.prod.outlook.com (2603:10a6:20b:312::31) To AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1a3514b1-c339-443a-2d42-08d9bf85d3c0 X-MS-TrafficTypeDiagnostic: AM0PR0402MB3633:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:116 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0 X-Microsoft-Antispam-Message-Info: IrV49MfZQ0UV/f+mGEPPRrdNNqvOWNN1yt0e/j+RymnLEQK/0lj6of/lZdN/+pWM2T7Bqni9MLBamrMl4x2sggjmbMyW4nKjcB5PVyOFb5rKYKNTtWbBSViLK0dYnDRhify5AaNU/WPWdZMCbmM8kB7rnz5OAsBWjxR19ojvaUCyuG2HUgdQL5DZTDw2mtGfqjZW74irzK1DlrRnNaJW3YZdyxUucxDuapu37BfzRVOs6M0JR7efTjC/Cf95YndOhmCs5xzcBzLySxBJlSIIbpq9Oz3DDCKfagMWQDmmPTasXnCNOfTL3ZXCmkOvX8qAcXrh3V2AHu2wO5o5rn/kkJqeuk/z7/t3SgcJ0Qy2NcSrFB5WDZqlfqu0RCmegtQj0QkM71rGois0gx2CNyGtHH7Lao2yoKflDwqbOudsTh1D41czR9z6HeXf8f1Dxxo5gFZSu3RN/2PVknKSnyasxu09WtXOAa2ojY92I5SGtyN7yizdPqH4FNL1U43VzrADcr8JRChgSXLHrBb1KNrzD9SEBbMarolLZvEvBCV9uVJHY19tfbAS3NJeybeS5xoyxywKnMqyN1KHm8JB1xFELVit1JZf08BEPoAlcKFRymywYgx4eIVH3zRU61nTapQUyEV31aP1Pucy5D6tFL4fKhHVZvV7B+lcwWGk9LrtP0HLXTZZzBjmSfKbiA6enZ3uwSkWi3T0VTrQSuSP9GIyhBcvg8xYiia8EX0OCFPZlTo= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR04MB4899.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(1076003)(8936002)(6916009)(86362001)(2616005)(26005)(4326008)(6666004)(2906002)(186003)(8676002)(6486002)(5660300002)(6512007)(450100002)(6506007)(83380400001)(316002)(508600001)(66556008)(66476007)(66946007)(38100700002)(36756003)(145543001)(213903007); DIR:OUT; SFP:1101 X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?lgRV9HazAkG89Q+Y1kPiXtJ2qhVg6JwS2Domwpyk/c94YGUS4d1kw8SW3m4y?= =?us-ascii?Q?icYxDrk2vMC3bllGGzDYN6IAlTV623VKcMoF7DLhkVNx/Tp0M8ODfqvO5f4I?= =?us-ascii?Q?Xm0Nyogaxa+fSc3uo0bwLQX7sWSBuhTryYw+7OLf4DaSJPW5S6fiT3HYd00V?= =?us-ascii?Q?GzMNULm2Qp7o+3c/aP0MH+MvWT7plFINbnXhbTIVe/9mhptPAgpH07dKxoOY?= =?us-ascii?Q?Id2nbyqdTGmXjStbSdX3L+0MtpzJ/q3KAW/EUeP8vmlxmxRoT98X0/QLiamD?= =?us-ascii?Q?bHrzZc6Tan3HrNEmR1fTim7bRHbnCiCGABpDVymk7l/jyPKVJPMu1fr320mf?= =?us-ascii?Q?OfwQDXQKnUXH1sNDydo2DKfyF4BnmhOzpUlLOVUlYA2YVVZHHseZ3xcNVabJ?= =?us-ascii?Q?iwGEiqfNFH9WQjeQb1IwS8SfE2jDdNCV0GdjXTwxduwmLkQ9FWo7cedOhr0k?= =?us-ascii?Q?4IEyB85/+5WaLnb9LSbcNpGLjXL7VV51q41xlnpW+Q4Jbxnx6brRzKJum5bI?= =?us-ascii?Q?zy1Q3Qy1b6RQUx9GVXwsKdN3OfcZjCVJu15MuIiX5RKcqV8BZ5gy/zI8av8h?= =?us-ascii?Q?FAIFQ7Q4Qg/UwGABEKW4hC4RwBH69RSsyZWNe+5MChFlY0oYk4FCQSCEkaVU?= =?us-ascii?Q?Y7ZiDrVnjbmjoTfgGpBwbfvDjCTW0P3SzKPPtl2O70CSbb+qrgTg0jRv+1kO?= =?us-ascii?Q?xnwOjWQSzcfpv5bHS2EuxR0mzG+DSb2aoQIjbGB20HhKQixti71HRfTGfyzU?= =?us-ascii?Q?bqKTVs7omQEOT99/hWBU95V7LAX7L09xUVxpfyi86tgPSMoumRBQkfTVSIHt?= =?us-ascii?Q?EaLmfnVnh/jY4vI8TvGol7RCPx0asLXDbAJgRA3HLZPc0Utk/C9oRw7Q8KeD?= =?us-ascii?Q?ouMIVBNgZ44/FR/GRLHbawXQXPOU2mrON68HPzCyrf060ScI2sIqW/k0gB1U?= =?us-ascii?Q?wTpOYlKDJVgun4j+0vH181I0S1nfgGhehmehlZqz98rR1XEDHN1+34NNASTt?= =?us-ascii?Q?WymcGewZ+68t0Dk7lsVbk5xlMaLlAGvZ6mwzXu9Kfv8xP5HrK++yEvIJVgLp?= =?us-ascii?Q?swLgRWzhtxsYz19/h5fUomJ+Kn/w46Xjnbm9AAp98TmobImJVCK/hP9d6JTO?= =?us-ascii?Q?7HEDS+LVzqYhq+0vBCjAgGfTFufKvpmA7WaNqPgvb1Na6xqn6PAedireax6z?= =?us-ascii?Q?9vjb5OJniqL09jTHq5WwnjYnx1vy4OU/HAN3qqbzfovBhllkUiN5pChZtY5g?= =?us-ascii?Q?nd8aPNZUvZwQEa4reQ/AxrCR5+gibJrw+UmVXM7wm1MSYIHHKJhv/USmSFr+?= =?us-ascii?Q?uTh4reeKoMcYEPDmp2FYnC0NsVK7n2QIpU+R9fA80azqLHY/3ptXSX/Ymz6A?= =?us-ascii?Q?C6jXKYX2Kj+ghkL+mkJPgGb+Ej1e4OyV4YXfNI/ME4xGxNH8YJXIp/4d+n07?= =?us-ascii?Q?uGtcYDX/Ph/U+M8qv60fqm9ia/XaX7AlkEukpCNeAHBcdr8flSeya+HJj+Fc?= =?us-ascii?Q?41EOSgyCCIJ8pHQeZnvI3PNlMOou0n0NnmmfKQx1/Oxt1VaU3naRcPPtD2OK?= =?us-ascii?Q?c4uh7FtQndXLo17P6oOAfJ5xwJZNFAjmq9Gud8QaDiAdtHcr89s9bV2Lpukz?= =?us-ascii?Q?J2FfXiWCK0mI5DaMCnPkD9Y=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1a3514b1-c339-443a-2d42-08d9bf85d3c0 X-MS-Exchange-CrossTenant-AuthSource: AM0PR04MB4899.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2021 04:46:15.6747 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: a3YIgzoILWbVNF3Ng8Bm8rtStXkZdqkwWUnS2cObXV59dWkwFX3aVwA96rhspBkcwsCDl9+QelISiU51HAm2sA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0402MB3633 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 1BF4kNeh029891 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1639543613667100001 Signed-off-by: Jim Fehlig Reviewed-by: Daniel P. Berrang=C3=A9 --- src/remote/remote_driver.c | 1 + src/remote/remote_protocol.x | 17 ++++++++++++++++- src/remote_protocol-structs | 9 +++++++++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 5b179a927d..5b7ccfaebd 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -8600,6 +8600,7 @@ static virHypervisorDriver hypervisor_driver =3D { .domainAuthorizedSSHKeysSet =3D remoteDomainAuthorizedSSHKeysSet, /* 6= .10.0 */ .domainGetMessages =3D remoteDomainGetMessages, /* 7.1.0 */ .domainStartDirtyRateCalc =3D remoteDomainStartDirtyRateCalc, /* 7.2.0= */ + .domainSetLaunchSecurityState =3D remoteDomainSetLaunchSecurityState, = /* 8.0.0 */ }; =20 static virNetworkDriver network_driver =3D { diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index 60010778ca..4f13cef662 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -272,6 +272,9 @@ const REMOTE_NODE_SEV_INFO_MAX =3D 64; /* Upper limit on number of launch security information entries */ const REMOTE_DOMAIN_LAUNCH_SECURITY_INFO_PARAMS_MAX =3D 64; =20 +/* Upper limit on number of launch security state entries */ +const REMOTE_DOMAIN_LAUNCH_SECURITY_STATE_PARAMS_MAX =3D 64; + /* Upper limit on number of parameters describing a guest */ const REMOTE_DOMAIN_GUEST_INFO_PARAMS_MAX =3D 2048; =20 @@ -3642,6 +3645,12 @@ struct remote_domain_get_launch_security_info_ret { remote_typed_param params; }; =20 +struct remote_domain_set_launch_security_state_args { + remote_nonnull_domain dom; + remote_typed_param params; + unsigned int flags; +}; + /* nwfilter binding */ =20 struct remote_nwfilter_binding_lookup_by_port_dev_args { @@ -6905,5 +6914,11 @@ enum remote_procedure { * @generate: both * @acl: none */ - REMOTE_PROC_DOMAIN_EVENT_MEMORY_DEVICE_SIZE_CHANGE =3D 438 + REMOTE_PROC_DOMAIN_EVENT_MEMORY_DEVICE_SIZE_CHANGE =3D 438, + + /** + * @generate: both + * @acl: domain:write + */ + REMOTE_PROC_DOMAIN_SET_LAUNCH_SECURITY_STATE =3D 439 }; diff --git a/src/remote_protocol-structs b/src/remote_protocol-structs index dbef4ace79..d88176781d 100644 --- a/src/remote_protocol-structs +++ b/src/remote_protocol-structs @@ -3005,6 +3005,14 @@ struct remote_domain_get_launch_security_info_ret { remote_typed_param * params_val; } params; }; +struct remote_domain_set_launch_security_state_args { + remote_nonnull_domain dom; + struct { + u_int params_len; + remote_typed_param * params_val; + } params; + u_int flags; +}; struct remote_nwfilter_binding_lookup_by_port_dev_args { remote_nonnull_string name; }; @@ -3680,4 +3688,5 @@ enum remote_procedure { REMOTE_PROC_NODE_DEVICE_IS_ACTIVE =3D 436, REMOTE_PROC_NETWORK_CREATE_XML_FLAGS =3D 437, REMOTE_PROC_DOMAIN_EVENT_MEMORY_DEVICE_SIZE_CHANGE =3D 438, + REMOTE_PROC_DOMAIN_SET_LAUNCH_SECURITY_STATE =3D 439, }; --=20 2.34.1 From nobody Thu May 2 20:43:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=quarantine dis=quarantine) header.from=suse.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1639543596050455.85706898889737; Tue, 14 Dec 2021 20:46:36 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-568-WpkXD4CzNsuRJNx17Aq0eA-1; Tue, 14 Dec 2021 23:46:31 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1E1CF102CB8F; Wed, 15 Dec 2021 04:46:27 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0012B1059588; Wed, 15 Dec 2021 04:46:26 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 9DFE54CA9B; Wed, 15 Dec 2021 04:46:26 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1BF4kOWk029896 for ; Tue, 14 Dec 2021 23:46:24 -0500 Received: by smtp.corp.redhat.com (Postfix) id 9DD951427AF6; Wed, 15 Dec 2021 04:46:24 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast08.extmail.prod.ext.rdu2.redhat.com [10.11.55.24]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 987A11400AFD for ; Wed, 15 Dec 2021 04:46:24 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6D0683800E8B for ; Wed, 15 Dec 2021 04:46:24 +0000 (UTC) Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-373-B_3b5nLHOV-uhIh4CqgEVA-1; Tue, 14 Dec 2021 23:46:22 -0500 Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05lp2105.outbound.protection.outlook.com [104.47.17.105]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-33-YOKAqsbgODylIcc5METXCA-1; Wed, 15 Dec 2021 05:46:20 +0100 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) by AM0PR0402MB3633.eurprd04.prod.outlook.com (2603:10a6:208:c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16; Wed, 15 Dec 2021 04:46:19 +0000 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3]) by AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3%5]) with mapi id 15.20.4778.018; Wed, 15 Dec 2021 04:46:19 +0000 X-MC-Unique: WpkXD4CzNsuRJNx17Aq0eA-1 X-MC-Unique: B_3b5nLHOV-uhIh4CqgEVA-1 X-MC-Unique: YOKAqsbgODylIcc5METXCA-1 From: Jim Fehlig To: libvir-list@redhat.com Subject: [PATCH V3 3/4] qemu: Implement the virDomainSetLaunchSecurityState API Date: Tue, 14 Dec 2021 21:46:05 -0700 Message-ID: <20211215044606.31974-4-jfehlig@suse.com> In-Reply-To: <20211215044606.31974-1-jfehlig@suse.com> References: <20211215044606.31974-1-jfehlig@suse.com> X-ClientProxiedBy: FR0P281CA0085.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1e::9) To AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 73d9a55f-2bb7-49d0-56e0-08d9bf85d5fc X-MS-TrafficTypeDiagnostic: AM0PR0402MB3633:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:34 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0 X-Microsoft-Antispam-Message-Info: 0iiOm1Jbd9pMi0YZwRSzXSChhawRLW3IfUxzZ0fyS3qqPAI2EaaCs/GHYR+OZjrWd6fOqGAUvDRhgX+GuaEPEAWtKwBHXM9MS3stSMPqXDVzV9byITatZLfva3RuCPKvbOIO/mFLOas+A9HA6LClECPOv9bLlvrIlF52OOjBJQG6WeaA1aFVkkoKwtk67w/9cQV7F+T61X9uBY+oy7BvbgUzrqvY7gcP1DWef8lrwO2J6lScI1BY1B3cJxbhYqzqJcP24mPeCDKW1gJobtl+gA/RJzwaGOxpIN3HyoVi3YtCwcVKMi1HJzbFABAujfepB+DVQuplTq0x6cNT/bH2Mq095SN5wifBiSvkdtByJHuiuTJWYhG6M4tgonktBihZtYgu7ttYNza48Y4tRvBN2qoP/h4q4I1now7asHh/WvSIxBHyXkQYuC2DZyOCrjrKSgYO/D2p/STOTLzhA0evMeosLQ+3j2huMGwwoFgqRi7vB9iG53w5MbN9u2D9opLfZQwpYHAU/6422PCetKGxdxx+wfL8bESeC1ebliXvGvj4+/+Xhi/AOnD8hTB0c/2RXbQO8UCy3FzolR20cYC1xRDbPE8h5TIB4c3XCVM7tU5e/SYBSVFDrPtIJ24eRCjNz79MyFSuWCRbyHAYKXoP3x8sF0apz7Q/N2Jc8n70qmBn9bEcpEcQqw16GYy1/gihA1noVpC2lbGJ30zhab4MkYY0SOUM/FAghaiXTcqZKjs= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR04MB4899.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(1076003)(8936002)(6916009)(86362001)(2616005)(26005)(6666004)(2906002)(186003)(8676002)(6486002)(5660300002)(6512007)(6506007)(83380400001)(316002)(508600001)(66556008)(66476007)(66946007)(38100700002)(36756003)(145543001)(213903007); DIR:OUT; SFP:1101 X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?GKeFhnXowj8xQdSUgJ132ezAA2TxBZ4Wbd98ZjHnc/5jzk4zcsX0FOV75FJI?= =?us-ascii?Q?bLiwgAIzyG5R/6gVjmtXVf78JbhHNWcQrW+VeMpnwDXkg5fpMLwz1gBQVVQR?= =?us-ascii?Q?H+7V4WygkbQ4/sbhTFBx3Li1B/vzQ1owjf9AZQ2i/zQ8pL9BXRR+kZ70r3ws?= =?us-ascii?Q?sCMi5RceQyOsw1viGC/eYbrwUmgSSg26hHV2QpWNv5BMBkup+APYQZ5dTHqB?= =?us-ascii?Q?JhK1MWvYEMLf3rlJK4crG8wd8R2lCzkgssOz3IsK3UEVUCBjKiUCa/lnrmwX?= =?us-ascii?Q?9POv2oGq063qBVrbuAQ8uEPbKsJ4uz0xy+ZHJZq7DjXeQQ2DBK0NQfwhXluM?= =?us-ascii?Q?Z/2i9DQjK2WsaAar7D8TTg+tk8nA9OZvOy0IvOigH8DJeIWADgLw0GTBn9dV?= =?us-ascii?Q?xaKUH75ZGSbYvxONOZgtEVgulfIzMQND6FeoN8TiWb7KxaxQeeFmUhIufDs7?= =?us-ascii?Q?nOyiMYZ/J0VjrvXMEMWvK0xG4D6gXrbakhGSUdJaKzlRcKbwP72DNezpaXJS?= =?us-ascii?Q?XoKYw/sH+yiO8jT6BbhoCfcSrLn1k4THM2GR6S7no60i2PLGS4g0PYfQzqmU?= =?us-ascii?Q?7WcTpKNYPFJcJWAQPijjGQEzP6zCnerj5M62olBw+TfIrOTPb6OXeY8SxWlx?= =?us-ascii?Q?UUnWuaoSZBdFfBljNEoAJpU9uET+v1Kvsx+SHvzAoG5ZBo3vXGx/bcJwKz0/?= =?us-ascii?Q?F12PA2R6zls7NAeUfPe7askVL+DCgDVb4cOsUSNj1WkAFoOrPA8dzgC1xD6d?= =?us-ascii?Q?GosFNVYh/XRXaaajyS/U+AWiqrsHUCpZ5mLGHajeR5HEtR92lUf++8U7zFMj?= =?us-ascii?Q?jdusSYmjBFNRjaiEbxxQJ/PdbNzX3BBbaxveU0SH7Fon517RhIOEEnsJLv3q?= =?us-ascii?Q?zYASz5xoqngX5gA1WtbJgqEfg6ai8h3wuKlrFUvAjlMJmzkD5sxjRu3+xUjr?= =?us-ascii?Q?G/1jmDQj3DLRrtdAE7J8gmcPDpfcX5yIQScQCOnJKkU5hoIF5Yrnmd0XUxUt?= =?us-ascii?Q?EfuZFcYVfIkHmfq1rw1KKb0MQjlCy7NwNfMa3Cet+OFxsuRdeZexkoTnijJE?= =?us-ascii?Q?3somoDVIIWYjcrbIgQCRdEYLWVLKFAffHRuZoPAzRP9odbxW7ihNMzSuPIIu?= =?us-ascii?Q?XAGlM3HeJWNVttU491EpWGJXzGAS4jqpf7BRhViCmmP+TQhH68pB0CXxq9mT?= =?us-ascii?Q?tygVsMAw3yv0vVF7fTlFA56rGQdQMZ4rQtFGO1zoEIvY8WfMf77e1tj3XZsv?= =?us-ascii?Q?hUu17b/c8rdB+gGuorTELQ2JqI7gxopSMwAh1dNSPgsdc4cptDA9yKsd2c/w?= =?us-ascii?Q?F1Eg2Zqe4u0XPI9UoOD2a7M4mqG9NNe9bwWIU4ji4itPb8EJW8mnEsX2LYoQ?= =?us-ascii?Q?iWtP9tLqiP/wRtEky/AtIDHXaJEyMQYuGNfCI3RppbC9ILtqmZvr3IIZUE+I?= =?us-ascii?Q?4T+3vXunKxu/BwDJ6z/E4yMgnU+Dyz//eazobLrQtesIzrNzmatISUraexTm?= =?us-ascii?Q?dmHp9fTr44Al3oHZHEu0KBs067AgYXBRA4G3w8sv/rmw5/nrAuPKUpfmD7va?= =?us-ascii?Q?+Avc2kpFeho84dAlEPdLr9lyREIAV8EORVImhwictZbA/dMQOtaxBZ62pRgm?= =?us-ascii?Q?i3YIct22ABMCB/1PDAeSU2Y=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: 73d9a55f-2bb7-49d0-56e0-08d9bf85d5fc X-MS-Exchange-CrossTenant-AuthSource: AM0PR04MB4899.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2021 04:46:19.4088 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: c10uJt0UTu/yLKVcZQuJ4hjmxQdstQbRcFfY0xV5hHWAXazhcXiBxn8z2m8Hr+pYEXA7UNnnUGfAYuex0ikMhQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0402MB3633 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.85 on 10.11.54.7 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 1BF4kOWk029896 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1639543598288100005 Content-Type: text/plain; charset="utf-8" Set a launch secret in guest memory using the sev-inject-launch-secret QMP API. Only supported for SEV-enabled guests in a paused state. Signed-off-by: Jim Fehlig Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_driver.c | 88 ++++++++++++++++++++++++++++++++++++ src/qemu/qemu_monitor.c | 14 ++++++ src/qemu/qemu_monitor.h | 7 +++ src/qemu/qemu_monitor_json.c | 45 ++++++++++++++++++ src/qemu/qemu_monitor_json.h | 6 +++ tests/qemumonitorjsontest.c | 3 ++ 6 files changed, 163 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index aae622ea5d..889892a097 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -20070,6 +20070,93 @@ qemuDomainGetLaunchSecurityInfo(virDomainPtr domai= n, return ret; } =20 + +static int +qemuDomainSetLaunchSecurityState(virDomainPtr domain, + virTypedParameterPtr params, + int nparams, + unsigned int flags) +{ + virQEMUDriver *driver =3D domain->conn->privateData; + virDomainObj *vm; + int ret =3D -1; + int rc; + size_t i; + g_autofree char *secrethdr =3D NULL; + g_autofree char *secret =3D NULL; + unsigned long long setaddr =3D 0; + bool hasSetaddr =3D false; + int state; + + virCheckFlags(0, -1); + if (virTypedParamsValidate(params, nparams, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEADE= R, + VIR_TYPED_PARAM_STRING, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET, + VIR_TYPED_PARAM_STRING, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_SET_A= DDRESS, + VIR_TYPED_PARAM_ULLONG, + NULL) < 0) + return -1; + + if (!(vm =3D qemuDomainObjFromDomain(domain))) + goto cleanup; + + if (virDomainSetLaunchSecurityStateEnsureACL(domain->conn, vm->def) < = 0) + goto cleanup; + + /* Currently only SEV is supported */ + if (!vm->def->sec || + vm->def->sec->sectype !=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) { + virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", + _("setting a launch secret is only supported in SEV= -enabled domains")); + goto cleanup; + } + + for (i =3D 0; i < nparams; i++) { + virTypedParameterPtr param =3D ¶ms[i]; + + if (STREQ(param->field, VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEAD= ER)) { + secrethdr =3D g_strdup(param->value.s); + } else if (STREQ(param->field, VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECR= ET)) { + secret =3D g_strdup(param->value.s); + } else if (STREQ(param->field, VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECR= ET_SET_ADDRESS)) { + setaddr =3D param->value.ul; + hasSetaddr =3D true; + } + } + + if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) < 0) + goto cleanup; + + if (virDomainObjCheckActive(vm) < 0) + goto endjob; + + state =3D virDomainObjGetState(vm, NULL); + if (state !=3D VIR_DOMAIN_PAUSED) { + virReportError(VIR_ERR_OPERATION_INVALID, + "%s", _("domain must be in a paused state")); + goto endjob; + } + + qemuDomainObjEnterMonitor(driver, vm); + rc =3D qemuMonitorSetLaunchSecurityState(QEMU_DOMAIN_PRIVATE(vm)->mon, + secrethdr, secret, setaddr, has= Setaddr); + qemuDomainObjExitMonitor(driver, vm); + if (rc < 0) + goto endjob; + + ret =3D 0; + + endjob: + qemuDomainObjEndJob(driver, vm); + + cleanup: + virDomainObjEndAPI(&vm); + return ret; +} + + static const unsigned int qemuDomainGetGuestInfoSupportedTypes =3D VIR_DOMAIN_GUEST_INFO_USERS | VIR_DOMAIN_GUEST_INFO_OS | @@ -20943,6 +21030,7 @@ static virHypervisorDriver qemuHypervisorDriver =3D= { .domainAuthorizedSSHKeysSet =3D qemuDomainAuthorizedSSHKeysSet, /* 6.1= 0.0 */ .domainGetMessages =3D qemuDomainGetMessages, /* 7.1.0 */ .domainStartDirtyRateCalc =3D qemuDomainStartDirtyRateCalc, /* 7.2.0 */ + .domainSetLaunchSecurityState =3D qemuDomainSetLaunchSecurityState, /*= 8.0.0 */ }; =20 =20 diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index dda6ae9796..5272d49c2e 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4379,6 +4379,20 @@ qemuMonitorGetSEVInfo(qemuMonitor *mon, } =20 =20 +int +qemuMonitorSetLaunchSecurityState(qemuMonitor *mon, + const char *secrethdr, + const char *secret, + unsigned long long setaddr, + bool hasSetaddr) +{ + QEMU_CHECK_MONITOR(mon); + + return qemuMonitorJSONSetLaunchSecurityState(mon, secrethdr, secret, + setaddr, hasSetaddr); +} + + int qemuMonitorGetPRManagerInfo(qemuMonitor *mon, GHashTable **retinfo) diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index 29746f0b8e..87826e6268 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1454,6 +1454,13 @@ qemuMonitorGetSEVInfo(qemuMonitor *mon, ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5); =20 +int +qemuMonitorSetLaunchSecurityState(qemuMonitor *mon, + const char *secrethdr, + const char *secret, + unsigned long long setaddr, + bool hasSetaddr); + typedef struct _qemuMonitorPRManagerInfo qemuMonitorPRManagerInfo; struct _qemuMonitorPRManagerInfo { bool connected; diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index a3d6eca569..37ee859a33 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -8262,6 +8262,51 @@ qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, } =20 =20 +/** + * Set a launch secret in guest memory + * + * Example JSON: + * + * { "execute" : "sev-inject-launch-secret", + * "data": { "packet-header": "str", "secret": "str", "gpa": "uint64" } } + * + * The guest physical address (gpa) parameter is optional + */ +int +qemuMonitorJSONSetLaunchSecurityState(qemuMonitor *mon, + const char *secrethdr, + const char *secret, + unsigned long long setaddr, + bool hasSetaddr) +{ + g_autoptr(virJSONValue) cmd =3D NULL; + g_autoptr(virJSONValue) reply =3D NULL; + + if (hasSetaddr) { + cmd =3D qemuMonitorJSONMakeCommand("sev-inject-launch-secret", + "s:packet-header", secrethdr, + "s:secret", secret, + "U:gpa", setaddr, + NULL); + } else { + cmd =3D qemuMonitorJSONMakeCommand("sev-inject-launch-secret", + "s:packet-header", secrethdr, + "s:secret", secret, + NULL); + } + if (cmd =3D=3D NULL) + return -1; + + if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0) + return -1; + + if (qemuMonitorJSONCheckError(cmd, reply) < 0) + return -1; + + return 0; +} + + /* * Example return data * diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index e88dfc9d50..64d9ebdaa3 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -476,6 +476,12 @@ qemuMonitorJSONGetVersion(qemuMonitor *mon, char **package) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) ATTRIBUTE_NONNULL(4); =20 +int qemuMonitorJSONSetLaunchSecurityState(qemuMonitor *mon, + const char *secrethdr, + const char *secret, + unsigned long long setaddr, + bool hasSetaddr); + int qemuMonitorJSONGetMachines(qemuMonitor *mon, qemuMonitorMachineInfo ***machines) diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c index 1b0bd0870d..48e2a457ab 100644 --- a/tests/qemumonitorjsontest.c +++ b/tests/qemumonitorjsontest.c @@ -1196,6 +1196,8 @@ GEN_TEST_FUNC(qemuMonitorJSONSetAction, QEMU_MONITOR_ACTION_REBOOT_RESET, QEMU_MONITOR_ACTION_WATCHDOG_SHUTDOWN, QEMU_MONITOR_ACTION_PANIC_SHUTDOWN) +GEN_TEST_FUNC(qemuMonitorJSONSetLaunchSecurityState, "sev_secret_header", + "sev_secret", 0, true) =20 static int testQemuMonitorJSONqemuMonitorJSONNBDServerStart(const void *opaque) @@ -3067,6 +3069,7 @@ mymain(void) DO_TEST_GEN(qemuMonitorJSONJobComplete); DO_TEST_GEN(qemuMonitorJSONBlockJobCancel); DO_TEST_GEN(qemuMonitorJSONSetAction); + DO_TEST_GEN(qemuMonitorJSONSetLaunchSecurityState); DO_TEST(qemuMonitorJSONGetBalloonInfo); DO_TEST(qemuMonitorJSONGetBlockInfo); DO_TEST(qemuMonitorJSONGetAllBlockStatsInfo); --=20 2.34.1 From nobody Thu May 2 20:43:26 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=quarantine dis=quarantine) header.from=suse.com Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1639543615966480.9777668771968; Tue, 14 Dec 2021 20:46:55 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-55-yGxOqUkCNdyUr4yCdrw1gw-1; Tue, 14 Dec 2021 23:46:51 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B3C7B81CCB4; Wed, 15 Dec 2021 04:46:45 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 944527D4A3; Wed, 15 Dec 2021 04:46:45 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 668321809CB9; Wed, 15 Dec 2021 04:46:45 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 1BF4kSbn029911 for ; Tue, 14 Dec 2021 23:46:28 -0500 Received: by smtp.corp.redhat.com (Postfix) id E083B2180151; Wed, 15 Dec 2021 04:46:27 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast01.extmail.prod.ext.rdu2.redhat.com [10.11.55.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D87CC2180141 for ; Wed, 15 Dec 2021 04:46:27 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-2.mimecast.com [207.211.31.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A819D85A5A8 for ; Wed, 15 Dec 2021 04:46:27 +0000 (UTC) Received: from de-smtp-delivery-102.mimecast.com (de-smtp-delivery-102.mimecast.com [194.104.109.102]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-557-wr-tdEOyP2KX1iDCZyOPsA-1; Tue, 14 Dec 2021 23:46:26 -0500 Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05lp2108.outbound.protection.outlook.com [104.47.17.108]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id de-mta-35-QykLlFuQONat0FDIzPVTeQ-1; Wed, 15 Dec 2021 05:46:23 +0100 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) by AM0PR0402MB3633.eurprd04.prod.outlook.com (2603:10a6:208:c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4778.16; Wed, 15 Dec 2021 04:46:22 +0000 Received: from AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3]) by AM0PR04MB4899.eurprd04.prod.outlook.com ([fe80::2491:2b2f:154a:acf3%5]) with mapi id 15.20.4778.018; Wed, 15 Dec 2021 04:46:22 +0000 X-MC-Unique: yGxOqUkCNdyUr4yCdrw1gw-1 X-MC-Unique: wr-tdEOyP2KX1iDCZyOPsA-1 X-MC-Unique: QykLlFuQONat0FDIzPVTeQ-1 From: Jim Fehlig To: libvir-list@redhat.com Subject: [PATCH V3 4/4] tools: Add domsetlaunchsecstate virsh command Date: Tue, 14 Dec 2021 21:46:06 -0700 Message-ID: <20211215044606.31974-5-jfehlig@suse.com> In-Reply-To: <20211215044606.31974-1-jfehlig@suse.com> References: <20211215044606.31974-1-jfehlig@suse.com> X-ClientProxiedBy: FR0P281CA0079.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:1e::19) To AM0PR04MB4899.eurprd04.prod.outlook.com (2603:10a6:208:c5::16) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a38e8dc3-605e-4c46-4924-08d9bf85d7ff X-MS-TrafficTypeDiagnostic: AM0PR0402MB3633:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0 X-Microsoft-Antispam-Message-Info: p+nLzL1bn3oSKCWdcsADsrRRT6NdDwvnsxNxsi3qvABGoj25atUmNOUHWachkrM4vpaDEnuLkNI3pbRIpVBpfJHnkqT1q8mULe8Tv4yI0D32vgt/G/bvN0nddT5+puVAe4K5616rF3v37cWkpFaz7oMCVfZkn3lbwciRolBN64tLcxXElrMtpAkKrOEx7d591sqgfH0U5CLRhdpXRGi6Eturx05ychmLfM0MSdV+ksrRWG7/8jeAruHBq+qB4Q15sH4mQJSUbIepJOZgR9lFRii+CUNBr1A62k2yIQtsNZASSf1gIcVDP6B3RcOn7YIUNSTO4BTU2/BcVvGW2wHkDXC4Sr9zqG02APj4BOyq3gzRwzbeAvZ4cgXjIl5f8t1XkkfVBm6Bl1LIOC3E07ENt8KtvwPaSEeASrOaZ6x9ce4vwLv+pCcUDgvgIa+Xfsr3IP5LDIILSNq9yK3q2AS4y9N3b7BziXi+/WnzcAdapnmGxbkrjuzDyPDCMcQ+b7NsyA9TigYkWcbBUILTXU9J0rIm1bDNmXWR3egAbwEXFEDu5ZsAYQPZyuYvDX0ku89DTeo348kAUhKu0pOBHIpOXp/zSJS7D1pHYHWW7EXMpWyTptURAFCP14Q93oIbARA1naauEgtf9r9aT5rc3qhyoA== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR04MB4899.eurprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(1076003)(8936002)(6916009)(86362001)(2616005)(26005)(6666004)(2906002)(186003)(8676002)(6486002)(5660300002)(6512007)(6506007)(83380400001)(316002)(508600001)(66556008)(66476007)(66946007)(38100700002)(36756003); DIR:OUT; SFP:1101 X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?45U0G5dXd+cOnEIbFEFhchhUe2hcWR1b4WPB/ILgKAXfQDDSItHg5mIwfG1s?= =?us-ascii?Q?zQJAzAAk+rHuyYbTk71ETcItguUiHfVZSy/PaP5HH6/Jd/KQQ1Y5YIx0XODt?= =?us-ascii?Q?E5YOtcwMXq0lhXSGu9QBHK5cCzmd7REDZCZZY/L0pwlGY6L3gn3VXwF5eN6o?= =?us-ascii?Q?q6dWr9/2JUHci6Uu1D1ULB6qjHfR40iBEA82+s6BJVpIfH8AnSm9bUfyhKMc?= =?us-ascii?Q?N9sxBX+hVDzXt8Lh6xYKMluulEWWxmb6G7psBc/P9GBFHfLr+9c2yxhSp9SH?= =?us-ascii?Q?6MpbP+wKqZTh4GtS7ADHdG/Tl6mx8WBR2M9gAdbbux1W1Lwvoa3jK2mhBPN3?= =?us-ascii?Q?5/cNQ25btgdCENr5qamWUnP1XQLP3Ccu8+6t06yIKwufzrwQQRKREOSAMXyj?= =?us-ascii?Q?VFYnWO1wCOPAFxJKqVnuxW28U3Vc/u6D3h2tgTJNc5HFx15TDRe+kCDI8FVO?= =?us-ascii?Q?/if28HgAazrBjaF16GwXIzxTE4oi5VMfAsS0R48GgY63E5i0H9nfc/Ezil3l?= =?us-ascii?Q?qUItaRdK/Axhigz+jJj6VM5ve90VZdwpQCpUc0KvNIV2n2pQzN1TkzLTkZN6?= =?us-ascii?Q?y13US8szeh43O9JkCguoXhV/bkm8/iBf+/uacpvr61KqBgVPRePLEgbU5++9?= =?us-ascii?Q?WwtLpoGYG6npXHIbK5KX3AUuWc5L4ZQXreBgpKFz+nmfhKI9scLdhqp7SnBW?= =?us-ascii?Q?sfWPYIeiYPddszrpH5bBq23RtLAa3DOD00YbY6Ctrs+XQyjZh5fx76lDTAWg?= =?us-ascii?Q?+dbXFTS/BZzZZTYmgAg93ox1wDLBu/Wr1HS+wJWtZK0NYGGaZ93oH+/qLFma?= =?us-ascii?Q?/k6Kzi1Ch4lew+S+po85csJwh54N6cpD06Jfwmdew7fQiEZX278V6NBap9ke?= =?us-ascii?Q?5jlcmU0iOFFHe/RnU91BRN65h/HwijMthwEakVKjjGUKfk+dg1E0eUHqFZYR?= =?us-ascii?Q?exPfGCFvJCfvTaxIRLIrrqQw6yVVh+wcOfyFVVie9/Z+E+VFBRga5vapHjfd?= =?us-ascii?Q?yMW/3YxRrLkvhoSWEBvkMMCT7mUCpW5LDsPYOhF6BZGYfez28mhDxIyHKPDH?= =?us-ascii?Q?zcz7LdIuNlXhEro6Haq7RH6KHSQePCluSlbrXZ4gggIJoqwhbJ/AwlUrHXAd?= =?us-ascii?Q?woQ7JsqsEmFoZsCYCQoXHzhXdPThVvgHkxfSXBuTzfV+J4eXmzOac3iVqEUU?= =?us-ascii?Q?haoeJH2Qdow9/f4AreME8Ai58MNgasVG03bTkMBnlGeAIursZyWunjWRk57W?= =?us-ascii?Q?/yMOGkv7WVVatsFnYx6CkdxBP4CpvJ0+rd0VRvfb8oXHk4vS/Bq3GX3IKi2Y?= =?us-ascii?Q?lxLK4lwPA5Vtr40AuhgMLLis6WK+0TsW/MRacicFsDa0UV7H5ue6FeBtmAOd?= =?us-ascii?Q?oKH+/UzV3aOB5mvIxWanWWKmmzPaNGoY5QgfwllR7d+HeJ76ZWCINuGcZs2h?= =?us-ascii?Q?5MmpmlIuKuH+aYxrw498ldgmFCvvyAvic52InCANXOM4sAmoLMjx0zKoEeDl?= =?us-ascii?Q?9hCs9wN3yuhX/+w4oGsEoa6y4exum/Rfea4y3UhlAWfbVZStkbNQ76M1GmkC?= =?us-ascii?Q?ZC/HHXEMq/TMv8s2sGAO49h0Q7fqhBbvEl2G6CAaxZdjSqBtEb2S2CGEgB8z?= =?us-ascii?Q?/UtX9V1nLEOv1lQ0FXfEogY=3D?= X-OriginatorOrg: suse.com X-MS-Exchange-CrossTenant-Network-Message-Id: a38e8dc3-605e-4c46-4924-08d9bf85d7ff X-MS-Exchange-CrossTenant-AuthSource: AM0PR04MB4899.eurprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2021 04:46:22.7835 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Kiz3vFEFuglrL23ReryGR8SaKITblJPWTNpuNYCf+HL0wA4EYHEPzhjjQJMWG5DvHePFFueWM8tOktt8cLFQDw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR0402MB3633 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-MIME-Autoconverted: from quoted-printable to 8bit by lists01.pubmisc.prod.ext.phx2.redhat.com id 1BF4kSbn029911 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1639543618165100001 Content-Type: text/plain; charset="utf-8" After attesting a domain with the help of domlaunchsecinfo, domsetlaunchsecstate can be used to set a secret in the guest domain's memory prior to running the vcpus. Signed-off-by: Jim Fehlig Reviewed-by: Daniel P. Berrang=C3=A9 --- Some questions and RFC regarding this patch: I'm not really fond of the command and function names and would appreciate suggestions :-). Also, is reading the secret header and secret from a file sufficient? The sev-tool 'package_secret' command writes the secret to a file. Lastly, I'm not sure what sizes to expect for secret and secret header. I may have overlooked it, but didn't find anything related to the size in the docs. I've temporarily set it to VSH_MAX_XML_FILE until we know a reasonable value. docs/manpages/virsh.rst | 25 ++++++++++ tools/virsh-domain.c | 107 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 132 insertions(+) diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst index e828f7ef68..0700b6e5df 100644 --- a/docs/manpages/virsh.rst +++ b/docs/manpages/virsh.rst @@ -2088,6 +2088,31 @@ launch security protection is active. If none is act= ive, no parameters will be reported. =20 =20 +domsetlaunchsecstate +-------------------- + +**Syntax:** + +:: + + domsetlaunchsecstate domain --secrethdr hdr-filename + --secret secret-filename [--set-address address] + +Set a launch security secret in the guest's memory. The guest must have a +launchSecurity type enabled in its configuration and be in a paused state. +On success, the guest can be transitioned to a running state. On failure, +the guest should be destroyed. + +*--secrethdr* specifies a filename containing the base64-encoded secret he= ader. +The header includes artifacts needed by the hypervisor firmware to recover= the +plain text of the launch secret. *--secret* specifies the filename contain= ing +the base64-encoded encrypted launch secret. + +The *--set-address* option can be used to specify a physical address within +the guest's memory to set the secret. If not specified, the address will be +determined by the hypervisor. + + dommemstat ---------- =20 diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index c748fe2ba9..57978efef9 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -9570,6 +9570,107 @@ cmdDomLaunchSecInfo(vshControl * ctl, const vshCmd = * cmd) return ret; } =20 +/* + * "domsetlaunchsecstate" command + */ +static const vshCmdInfo info_domsetlaunchsecstate[] =3D { + {.name =3D "help", + .data =3D N_("Set domain launch security state") + }, + {.name =3D "desc", + .data =3D N_("Set a secret in the guest domain's memory") + }, + {.name =3D NULL} +}; + +static const vshCmdOptDef opts_domsetlaunchsecstate[] =3D { + VIRSH_COMMON_OPT_DOMAIN_FULL(0), + {.name =3D "secrethdr", + .type =3D VSH_OT_STRING, + .flags =3D VSH_OFLAG_REQ_OPT, + .help =3D N_("path to file containing the secret header"), + }, + {.name =3D "secret", + .type =3D VSH_OT_STRING, + .flags =3D VSH_OFLAG_REQ_OPT, + .help =3D N_("path to file containing the secret"), + }, + {.name =3D "set-address", + .type =3D VSH_OT_INT, + .help =3D N_("physical address within the guest domain's memory to se= t the secret"), + }, + {.name =3D NULL} +}; + +static bool +cmdDomSetLaunchSecState(vshControl * ctl, const vshCmd * cmd) +{ + g_autoptr(virshDomain) dom =3D NULL; + const char *sechdrfile =3D NULL; + const char *secfile =3D NULL; + g_autofree char *sechdr =3D NULL; + g_autofree char *sec =3D NULL; + unsigned long long setaddr; + virTypedParameterPtr params =3D NULL; + int nparams =3D 0; + int maxparams =3D 0; + int rv; + bool ret =3D false; + + if (!(dom =3D virshCommandOptDomain(ctl, cmd, NULL))) + return false; + + if (vshCommandOptStringReq(ctl, cmd, "secrethdr", &sechdrfile) < 0) + return false; + + if (vshCommandOptStringReq(ctl, cmd, "secret", &secfile) < 0) + return false; + + if (sechdrfile =3D=3D NULL || secfile =3D=3D NULL) + return false; + + if (virFileReadAll(sechdrfile, VSH_MAX_XML_FILE, &sechdr) < 0) { + vshSaveLibvirtError(); + return false; + } + + if (virFileReadAll(secfile, VSH_MAX_XML_FILE, &sec) < 0) { + vshSaveLibvirtError(); + return false; + } + + if (virTypedParamsAddString(¶ms, &nparams, &maxparams, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEAD= ER, + sechdr) < 0) + return false; + + if (virTypedParamsAddString(¶ms, &nparams, &maxparams, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET, + sec) < 0) + return false; + + + if ((rv =3D vshCommandOptULongLong(ctl, cmd, "set-address", &setaddr))= < 0) { + return false; + } else if (rv > 0) { + if (virTypedParamsAddULLong(¶ms, &nparams, &maxparams, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_= SET_ADDRESS, + setaddr) < 0) + return false; + } + + if (virDomainSetLaunchSecurityState(dom, params, nparams, 0) !=3D 0) { + vshError(ctl, "%s", _("Unable to set launch security state")); + goto cleanup; + } + + ret =3D true; + + cleanup: + virTypedParamsFree(params, nparams); + return ret; +} + /* * "qemu-monitor-command" command */ @@ -14595,6 +14696,12 @@ const vshCmdDef domManagementCmds[] =3D { .info =3D info_domlaunchsecinfo, .flags =3D 0 }, + {.name =3D "domsetlaunchsecstate", + .handler =3D cmdDomSetLaunchSecState, + .opts =3D opts_domsetlaunchsecstate, + .info =3D info_domsetlaunchsecstate, + .flags =3D 0 + }, {.name =3D "domname", .handler =3D cmdDomname, .opts =3D opts_domname, --=20 2.34.1