From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718882625064102.6064049210479; Thu, 20 Jun 2024 04:23:45 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 011C4C95; Thu, 20 Jun 2024 07:23:43 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 4844BB66; Thu, 20 Jun 2024 07:23:01 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id CF245B25; Thu, 20 Jun 2024 07:22:56 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 70006B03 for ; Thu, 20 Jun 2024 07:22:56 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-101-UmM1YTmDNDGtnh5phFV2Tw-1; Thu, 20 Jun 2024 07:22:54 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 1776019560B3 for ; Thu, 20 Jun 2024 11:22:54 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 357E11955E72 for ; Thu, 20 Jun 2024 11:22:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882576; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dUl41jUCYj/BdxRZeRj+RUtX3ueRmb+gJmE6oWi6E0Y=; b=WhO5hvaW18QUXE75GDM/AXlXCPKS1yppI3f0vwIbMM6MiKfALzov9FCoLssxvkx5YTyicC SnUwCRZJjRioTBye5ijwiZYNX14DNmVcuFcbEgXMyNMTm0EcTIlKmfKCdDm+vdq1wWucwb jkvlccg5BHONc5hphYqcju7oFLic7rc= X-MC-Unique: UmM1YTmDNDGtnh5phFV2Tw-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 01/12] qemu_monitor_json: Report error in error paths in SEV related code Date: Thu, 20 Jun 2024 13:22:38 +0200 Message-ID: <153c3d816062ab6cf66810bdc7f11f1754a09264.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: WOJORJSUG4NSA4EB57FGG3CZNFHTQOPQ X-Message-ID-Hash: WOJORJSUG4NSA4EB57FGG3CZNFHTQOPQ X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882626845100001 Content-Type: text/plain; charset="utf-8"; x-default="true" While working on qemuMonitorJSONGetSEVMeasurement() and qemuMonitorJSONGetSEVInfo() I've noticed that if these functions fail, they do so without appropriate error set. Fill in error reporting. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_monitor_json.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index c5e758e7f8..8f8f3c95f0 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -7961,8 +7961,11 @@ qemuMonitorJSONGetSEVMeasurement(qemuMonitor *mon) if (!(data =3D qemuMonitorJSONGetReply(cmd, reply, VIR_JSON_TYPE_OBJEC= T))) return NULL; =20 - if (!(tmp =3D virJSONValueObjectGetString(data, "data"))) + if (!(tmp =3D virJSONValueObjectGetString(data, "data"))) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev-launch-measure reply was missing 'data= '")); return NULL; + } =20 return g_strdup(tmp); } @@ -8005,8 +8008,11 @@ qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, if (virJSONValueObjectGetNumberUint(data, "api-major", apiMajor) < 0 || virJSONValueObjectGetNumberUint(data, "api-minor", apiMinor) < 0 || virJSONValueObjectGetNumberUint(data, "build-id", buildID) < 0 || - virJSONValueObjectGetNumberUint(data, "policy", policy) < 0) + virJSONValueObjectGetNumberUint(data, "policy", policy) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev reply was missing some data")); return -1; + } =20 return 0; } --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 171888265993885.42259189398555; Thu, 20 Jun 2024 04:24:19 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id D88BFBAB; Thu, 20 Jun 2024 07:24:18 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 46C70C5E; Thu, 20 Jun 2024 07:23:04 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 33337B24; Thu, 20 Jun 2024 07:22:58 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 881B8B08 for ; Thu, 20 Jun 2024 07:22:57 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-393-XHUms4APNIW3Y9Xj-GS8KQ-1; Thu, 20 Jun 2024 07:22:55 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 2CF0719560A1 for ; Thu, 20 Jun 2024 11:22:55 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 63DB41955F2D for ; Thu, 20 Jun 2024 11:22:54 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882577; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6tn3XAf/58QVdf0Zm3pl3k9DXKdaahscEpKetLy6h20=; b=guuNjB05WkgYjG9Mw5Qtzff6Jg/Uucp2oMU5pEkIOtovceqySegojiNlyyI62f4DXVAtwo +4Xdqz9FO3Pfl5LFd9a4HXT9LHPBD4sJKuS+8CUrDR+E7P0Nkr4cZcJJasF9YY+r1MMwut NPvwV8O8UpB3xfRO9mqZvzMHlNJgff8= X-MC-Unique: XHUms4APNIW3Y9Xj-GS8KQ-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 02/12] conf: Move some members of virDomainSEVDef into virDomainSEVCommonDef Date: Thu, 20 Jun 2024 13:22:39 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: DMKMX57FFH5AZPO7POW6W5DR5SDYHKI7 X-Message-ID-Hash: DMKMX57FFH5AZPO7POW6W5DR5SDYHKI7 X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882660881100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Some parts of SEV are to be shared with SEV SNP. In order to reuse XML parsing / formatting code cleanly, let's move those common bits into a new struct (virDomainSEVCommonDef) and adjust rest of the code. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_conf.c | 55 +++++++++++++++++++++---------- src/conf/domain_conf.h | 13 +++++--- src/conf/schemas/domaincommon.rng | 24 ++++++++------ src/conf/virconftypes.h | 2 ++ src/qemu/qemu_command.c | 8 ++--- src/qemu/qemu_process.c | 12 +++---- src/qemu/qemu_validate.c | 2 +- 7 files changed, 74 insertions(+), 42 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 2f1e99865b..9179cc18bb 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -13621,8 +13621,8 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node, =20 =20 static int -virDomainSEVDefParseXML(virDomainSEVDef *def, - xmlXPathContextPtr ctxt) +virDomainSEVCommonDefParseXML(virDomainSEVCommonDef *def, + xmlXPathContextPtr ctxt) { int rc; =20 @@ -13630,12 +13630,6 @@ virDomainSEVDefParseXML(virDomainSEVDef *def, &def->kernel_hashes) < 0) return -1; =20 - if (virXPathUIntBase("string(./policy)", ctxt, 16, &def->policy) < 0) { - virReportError(VIR_ERR_XML_ERROR, "%s", - _("failed to get launch security policy")); - return -1; - } - /* the following attributes are platform dependent and if missing, we = can * autofill them from domain capabilities later */ @@ -13658,6 +13652,23 @@ virDomainSEVDefParseXML(virDomainSEVDef *def, return -1; } =20 + return 0; +} + + +static int +virDomainSEVDefParseXML(virDomainSEVDef *def, + xmlXPathContextPtr ctxt) +{ + if (virDomainSEVCommonDefParseXML(&def->common, ctxt) < 0) + return -1; + + if (virXPathUIntBase("string(./policy)", ctxt, 16, &def->policy) < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("failed to get launch security policy")); + return -1; + } + def->dh_cert =3D virXPathString("string(./dhCert)", ctxt); def->session =3D virXPathString("string(./session)", ctxt); =20 @@ -26641,6 +26652,24 @@ virDomainKeyWrapDefFormat(virBuffer *buf, virDomai= nKeyWrapDef *keywrap) } =20 =20 +static void +virDomainSEVCommonDefFormat(virBuffer *attrBuf, + virBuffer *childBuf, + virDomainSEVCommonDef *def) +{ + if (def->kernel_hashes !=3D VIR_TRISTATE_BOOL_ABSENT) + virBufferAsprintf(attrBuf, " kernelHashes=3D'%s'", + virTristateBoolTypeToString(def->kernel_hashes)); + + if (def->haveCbitpos) + virBufferAsprintf(childBuf, "%d\n", def->cbitpo= s); + + if (def->haveReducedPhysBits) + virBufferAsprintf(childBuf, "%d= \n", + def->reduced_phys_bits); +} + + static void virDomainSecDefFormat(virBuffer *buf, virDomainSecDef *sec) { @@ -26657,16 +26686,8 @@ virDomainSecDefFormat(virBuffer *buf, virDomainSec= Def *sec) case VIR_DOMAIN_LAUNCH_SECURITY_SEV: { virDomainSEVDef *sev =3D &sec->data.sev; =20 - if (sev->kernel_hashes !=3D VIR_TRISTATE_BOOL_ABSENT) - virBufferAsprintf(&attrBuf, " kernelHashes=3D'%s'", - virTristateBoolTypeToString(sev->kernel_hash= es)); + virDomainSEVCommonDefFormat(&attrBuf, &childBuf, &sev->common); =20 - if (sev->haveCbitpos) - virBufferAsprintf(&childBuf, "%d\n", sev->c= bitpos); - - if (sev->haveReducedPhysBits) - virBufferAsprintf(&childBuf, "%d\n", - sev->reduced_phys_bits); virBufferAsprintf(&childBuf, "0x%04x\n", sev->pol= icy); virBufferEscapeString(&childBuf, "%s\n", sev->dh_= cert); =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index cdab6ef2da..c6c3c2e2a5 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2866,10 +2866,7 @@ typedef enum { } virDomainLaunchSecurity; =20 =20 -struct _virDomainSEVDef { - char *dh_cert; - char *session; - unsigned int policy; +struct _virDomainSEVCommonDef { bool haveCbitpos; unsigned int cbitpos; bool haveReducedPhysBits; @@ -2877,6 +2874,14 @@ struct _virDomainSEVDef { virTristateBool kernel_hashes; }; =20 + +struct _virDomainSEVDef { + virDomainSEVCommonDef common; + char *dh_cert; + char *session; + unsigned int policy; +}; + struct _virDomainSecDef { virDomainLaunchSecurity sectype; union { diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index a46a824f88..9a7649df1c 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -524,6 +524,19 @@ =20 + + + + + + + + + + + + + sev @@ -534,16 +547,7 @@ - - - - - - - - - - + diff --git a/src/conf/virconftypes.h b/src/conf/virconftypes.h index 0779bc224b..34bb1e262f 100644 --- a/src/conf/virconftypes.h +++ b/src/conf/virconftypes.h @@ -210,6 +210,8 @@ typedef struct _virDomainResctrlMonDef virDomainResctrl= MonDef; =20 typedef struct _virDomainResourceDef virDomainResourceDef; =20 +typedef struct _virDomainSEVCommonDef virDomainSEVCommonDef; + typedef struct _virDomainSEVDef virDomainSEVDef; =20 typedef struct _virDomainSecDef virDomainSecDef; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 2d0eddc79e..a32cb8f8e9 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -9728,7 +9728,7 @@ qemuBuildSEVCommandLine(virDomainObj *vm, virCommand = *cmd, g_autofree char *sessionpath =3D NULL; =20 VIR_DEBUG("policy=3D0x%x cbitpos=3D%d reduced_phys_bits=3D%d", - sev->policy, sev->cbitpos, sev->reduced_phys_bits); + sev->policy, sev->common.cbitpos, sev->common.reduced_phys_b= its); =20 if (sev->dh_cert) dhpath =3D g_strdup_printf("%s/dh_cert.base64", priv->libDir); @@ -9737,12 +9737,12 @@ qemuBuildSEVCommandLine(virDomainObj *vm, virComman= d *cmd, sessionpath =3D g_strdup_printf("%s/session.base64", priv->libDir); =20 if (qemuMonitorCreateObjectProps(&props, "sev-guest", "lsec0", - "u:cbitpos", sev->cbitpos, - "u:reduced-phys-bits", sev->reduced_p= hys_bits, + "u:cbitpos", sev->common.cbitpos, + "u:reduced-phys-bits", sev->common.re= duced_phys_bits, "u:policy", sev->policy, "S:dh-cert-file", dhpath, "S:session-file", sessionpath, - "T:kernel-hashes", sev->kernel_hashes, + "T:kernel-hashes", sev->common.kernel= _hashes, NULL) < 0) return -1; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index ae6594e10e..9886a11245 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6569,14 +6569,14 @@ qemuProcessUpdateSEVInfo(virDomainObj *vm) * mandatory on QEMU cmdline */ sevCaps =3D virQEMUCapsGetSEVCapabilities(qemuCaps); - if (!sev->haveCbitpos) { - sev->cbitpos =3D sevCaps->cbitpos; - sev->haveCbitpos =3D true; + if (!sev->common.haveCbitpos) { + sev->common.cbitpos =3D sevCaps->cbitpos; + sev->common.haveCbitpos =3D true; } =20 - if (!sev->haveReducedPhysBits) { - sev->reduced_phys_bits =3D sevCaps->reduced_phys_bits; - sev->haveReducedPhysBits =3D true; + if (!sev->common.haveReducedPhysBits) { + sev->common.reduced_phys_bits =3D sevCaps->reduced_phys_bits; + sev->common.haveReducedPhysBits =3D true; } =20 return 0; diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index b82d937a0d..a00ec8e940 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -1318,7 +1318,7 @@ qemuValidateDomainDef(const virDomainDef *def, return -1; } =20 - if (def->sec->data.sev.kernel_hashes !=3D VIR_TRISTATE_BOOL_AB= SENT && + if (def->sec->data.sev.common.kernel_hashes !=3D VIR_TRISTATE_= BOOL_ABSENT && !virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST_KERNEL_HASHE= S)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("SEV measured direct kernel boot is not s= upported with this QEMU binary")); --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718882679573985.0854896779213; Thu, 20 Jun 2024 04:24:39 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 839DDB03; Thu, 20 Jun 2024 07:24:38 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id EC51D11DF; Thu, 20 Jun 2024 07:23:05 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 15E7AB08; Thu, 20 Jun 2024 07:22:59 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id A62DEB08 for ; Thu, 20 Jun 2024 07:22:58 -0400 (EDT) Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-310-tMTeUuVSOgSzh1ja5p1JEw-1; Thu, 20 Jun 2024 07:22:57 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 69FC919560AE for ; Thu, 20 Jun 2024 11:22:56 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 8835C19560AE for ; Thu, 20 Jun 2024 11:22:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882578; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=f4+5mLS1Nywn2H77ma5xHOKBJz3J8lq0cBopWapY53Q=; b=Da27k9qQm2914mEiJfiKroF4DNRvbVqE7AkK5F7/dncY/hYSGZZ5OmbVGc3p8TjyCM29om oegb2fIsb8M0asca4R0gwRcJqIqn2x369sZv32erTcu3Eo7u465+etb7UIHuDVlWS41glA 1jSPxRh5a6Vn2RLs0AeTW4B2aA35yjw= X-MC-Unique: tMTeUuVSOgSzh1ja5p1JEw-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 03/12] conf: Separate SEV formatting into a function Date: Thu, 20 Jun 2024 13:22:40 +0200 Message-ID: <2038e878b21cc8d2eadce18251dba1ab1f8e9b63.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 4P2W6U77OB55DFI5QZDC2KUUPSQNXMOI X-Message-ID-Hash: 4P2W6U77OB55DFI5QZDC2KUUPSQNXMOI X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882680934100001 Content-Type: text/plain; charset="utf-8"; x-default="true" To avoid convolution of switch() inside of virDomainSecDefFormat() even more (as new sectypes are added), move formatting into a separate function. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_conf.c | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 9179cc18bb..264f182d05 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -26670,6 +26670,19 @@ virDomainSEVCommonDefFormat(virBuffer *attrBuf, } =20 =20 +static void +virDomainSEVDefFormat(virBuffer *attrBuf, + virBuffer *childBuf, + virDomainSEVDef *def) +{ + virDomainSEVCommonDefFormat(attrBuf, childBuf, &def->common); + + virBufferAsprintf(childBuf, "0x%04x\n", def->policy); + virBufferEscapeString(childBuf, "%s\n", def->dh_cert); + virBufferEscapeString(childBuf, "%s\n", def->sessio= n); +} + + static void virDomainSecDefFormat(virBuffer *buf, virDomainSecDef *sec) { @@ -26683,18 +26696,9 @@ virDomainSecDefFormat(virBuffer *buf, virDomainSec= Def *sec) virDomainLaunchSecurityTypeToString(sec->sectype)); =20 switch ((virDomainLaunchSecurity) sec->sectype) { - case VIR_DOMAIN_LAUNCH_SECURITY_SEV: { - virDomainSEVDef *sev =3D &sec->data.sev; - - virDomainSEVCommonDefFormat(&attrBuf, &childBuf, &sev->common); - - virBufferAsprintf(&childBuf, "0x%04x\n", sev->pol= icy); - virBufferEscapeString(&childBuf, "%s\n", sev->dh_= cert); - - virBufferEscapeString(&childBuf, "%s\n", sev->s= ession); - + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + virDomainSEVDefFormat(&attrBuf, &childBuf, &sec->data.sev); break; - } =20 case VIR_DOMAIN_LAUNCH_SECURITY_PV: break; --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718882711394526.8275619941746; Thu, 20 Jun 2024 04:25:11 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 4E0141240; Thu, 20 Jun 2024 07:25:10 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id A0AE61080; Thu, 20 Jun 2024 07:23:10 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 1B07DCA9; Thu, 20 Jun 2024 07:23:07 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id D37C3CA8 for ; Thu, 20 Jun 2024 07:22:59 -0400 (EDT) Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-275-l62SMzBVMAe55L3OUAF8WA-1; Thu, 20 Jun 2024 07:22:58 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 7A77019560BA for ; Thu, 20 Jun 2024 11:22:57 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id B572F19560AE for ; Thu, 20 Jun 2024 11:22:56 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882579; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=x3Nu7x2751/SnBlqe5prKV/cU48oJml4J/hwm2QyxTQ=; b=e3+4RGBZeqg280iXFbE3XJy6kb5dzbItV+jRxZSjFSrIzVMBI94fkSEr0fZlEVROoytaOI urxDUGoQjSzEB6uRbLwp+WXlGrU4kDEKnkK7BbMRgTFtrbyCDulvhrUAx5igyDBMmF8jhg lsQrhJeTx6q2ojURzxUTW9R/hhcrjdI= X-MC-Unique: l62SMzBVMAe55L3OUAF8WA-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 04/12] Drop needless typecast to virDomainLaunchSecurity Date: Thu, 20 Jun 2024 13:22:41 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: JKYLGY4VS5JIV3VILFAYHGSQAEYETEQE X-Message-ID-Hash: JKYLGY4VS5JIV3VILFAYHGSQAEYETEQE X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882713036100001 Content-Type: text/plain; charset="utf-8"; x-default="true" The sectype member of _virDomainSecDef struct is already declared as of virDomainLaunchSecurity type. There's no need to typecast it to the very same type when passing it to switch(). Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/conf/domain_conf.c | 6 +++--- src/qemu/qemu_command.c | 4 ++-- src/qemu/qemu_firmware.c | 2 +- src/qemu/qemu_namespace.c | 2 +- src/qemu/qemu_process.c | 2 +- src/qemu/qemu_validate.c | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 264f182d05..102a011be8 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3830,7 +3830,7 @@ virDomainSecDefFree(virDomainSecDef *def) if (!def) return; =20 - switch ((virDomainLaunchSecurity) def->sectype) { + switch (def->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: g_free(def->data.sev.dh_cert); g_free(def->data.sev.session); @@ -13690,7 +13690,7 @@ virDomainSecDefParseXML(xmlNodePtr lsecNode, &sec->sectype) < 0) return NULL; =20 - switch ((virDomainLaunchSecurity) sec->sectype) { + switch (sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: if (virDomainSEVDefParseXML(&sec->data.sev, ctxt) < 0) return NULL; @@ -26695,7 +26695,7 @@ virDomainSecDefFormat(virBuffer *buf, virDomainSecD= ef *sec) virBufferAsprintf(&attrBuf, " type=3D'%s'", virDomainLaunchSecurityTypeToString(sec->sectype)); =20 - switch ((virDomainLaunchSecurity) sec->sectype) { + switch (sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: virDomainSEVDefFormat(&attrBuf, &childBuf, &sec->data.sev); break; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index a32cb8f8e9..1879fa608c 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -7054,7 +7054,7 @@ qemuBuildMachineCommandLine(virCommand *cmd, qemuAppendLoadparmMachineParm(&buf, def); =20 if (def->sec) { - switch ((virDomainLaunchSecurity) def->sec->sectype) { + switch (def->sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_CONFIDENTAL_GUE= ST_SUPPORT)) { virBufferAddLit(&buf, ",confidential-guest-support=3Dlsec0= "); @@ -9777,7 +9777,7 @@ qemuBuildSecCommandLine(virDomainObj *vm, virCommand = *cmd, if (!sec) return 0; =20 - switch ((virDomainLaunchSecurity) sec->sectype) { + switch (sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: return qemuBuildSEVCommandLine(vm, cmd, &sec->data.sev); break; diff --git a/src/qemu/qemu_firmware.c b/src/qemu/qemu_firmware.c index 78844e3066..8946dc1aa5 100644 --- a/src/qemu/qemu_firmware.c +++ b/src/qemu/qemu_firmware.c @@ -1323,7 +1323,7 @@ qemuFirmwareMatchDomain(const virDomainDef *def, } =20 if (def->sec) { - switch ((virDomainLaunchSecurity) def->sec->sectype) { + switch (def->sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: if (!supportsSEV) { VIR_DEBUG("Domain requires SEV, firmware '%s' doesn't supp= ort it", diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index 915d44310f..fb7c9329dd 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -651,7 +651,7 @@ qemuDomainSetupLaunchSecurity(virDomainObj *vm, if (!sec) return 0; =20 - switch ((virDomainLaunchSecurity) sec->sectype) { + switch (sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: VIR_DEBUG("Setting up launch security for SEV"); =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 9886a11245..f730cd1828 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6806,7 +6806,7 @@ qemuProcessPrepareLaunchSecurityGuestInput(virDomainO= bj *vm) if (!sec) return 0; =20 - switch ((virDomainLaunchSecurity) sec->sectype) { + switch (sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: return qemuProcessPrepareSEVGuestInput(vm); case VIR_DOMAIN_LAUNCH_SECURITY_PV: diff --git a/src/qemu/qemu_validate.c b/src/qemu/qemu_validate.c index a00ec8e940..05ee477456 100644 --- a/src/qemu/qemu_validate.c +++ b/src/qemu/qemu_validate.c @@ -1310,7 +1310,7 @@ qemuValidateDomainDef(const virDomainDef *def, return -1; =20 if (def->sec) { - switch ((virDomainLaunchSecurity) def->sec->sectype) { + switch (def->sec->sectype) { case VIR_DOMAIN_LAUNCH_SECURITY_SEV: if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_SEV_GUEST)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718882773517798.3522320464235; Thu, 20 Jun 2024 04:26:13 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 6E379103C; Thu, 20 Jun 2024 07:26:12 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 81812E88; Thu, 20 Jun 2024 07:23:22 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 7ADB3BC1; Thu, 20 Jun 2024 07:23:16 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id EC79511E9 for ; Thu, 20 Jun 2024 07:23:02 -0400 (EDT) Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-356-prxaTrh2OpG7AFnIhnVR2g-1; Thu, 20 Jun 2024 07:23:00 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 9E9D81956063 for ; Thu, 20 Jun 2024 11:22:58 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id DA08619560AE for ; Thu, 20 Jun 2024 11:22:57 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882582; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7JvXiGUtEyvr9VEgta0UKvYHWNVE3lKeHLw1Pd+v5g8=; b=dy3wNo2hYk/ZBDBXMrK0jhMNpNXv28v1jjaDcglhVcigbm6vs+NH2UzfOf+Ap9bZJfZIam X74GMDtFAo/7tZKb2ssHyzHI50HAQUlrn1ZI2/Aflb7DddkfbX6yE/aIJ8pPkDDTY05GFq jM0ZDU3q9NFV0vibeU287Xhc1wQlVqo= X-MC-Unique: prxaTrh2OpG7AFnIhnVR2g-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 05/12] src: Convert some _virDomainSecDef::sectype checks to switch() Date: Thu, 20 Jun 2024 13:22:42 +0200 Message-ID: <7d53eafc5384523ea3a6a06c356ad84ba51559ca.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: APKR6CSZQTZKV34VN5GWQ5Q4UKUUWINA X-Message-ID-Hash: APKR6CSZQTZKV34VN5GWQ5Q4UKUUWINA X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882775283100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In a few instances there is a plain if() check for _virDomainSecDef::sectype. While this works perfectly for now, soon there'll be another type and we can utilize compiler to identify all the places that need adaptation. Switch those if() statements to switch(). Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_cgroup.c | 18 ++++++++++++++---- src/qemu/qemu_driver.c | 16 ++++++++++++++-- src/qemu/qemu_process.c | 17 +++++++++++++---- src/security/security_dac.c | 32 +++++++++++++++++++++++++------- 4 files changed, 66 insertions(+), 17 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 5a5ba763a0..9e559c7c4f 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -845,10 +845,20 @@ qemuSetupDevicesCgroup(virDomainObj *vm) return -1; } =20 - if (vm->def->sec && - vm->def->sec->sectype =3D=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV && - qemuSetupSEVCgroup(vm) < 0) - return -1; + if (vm->def->sec) { + switch (vm->def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + if (qemuSetupSEVCgroup(vm) < 0) + return -1; + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + break; + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + virReportEnumRangeError(virDomainLaunchSecurity, vm->def->sec-= >sectype); + return -1; + } + } =20 return 0; } diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 3fd401fd3b..eb1612b9d7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19111,10 +19111,22 @@ qemuDomainGetLaunchSecurityInfo(virDomainPtr doma= in, if (virDomainGetLaunchSecurityInfoEnsureACL(domain->conn, vm->def) < 0) goto cleanup; =20 - if (vm->def->sec && - vm->def->sec->sectype =3D=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) { + if (!vm->def->sec) { + ret =3D 0; + goto cleanup; + } + + switch (vm->def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: if (qemuDomainGetSEVInfo(vm, params, nparams, flags) < 0) goto cleanup; + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + break; + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + virReportEnumRangeError(virDomainLaunchSecurity, vm->def->sec->sec= type); + return -1; } =20 ret =3D 0; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index f730cd1828..d14975180a 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -6741,11 +6741,20 @@ qemuProcessPrepareDomain(virQEMUDriver *driver, for (i =3D 0; i < vm->def->nshmems; i++) qemuDomainPrepareShmemChardev(vm->def->shmems[i]); =20 - if (vm->def->sec && - vm->def->sec->sectype =3D=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) { - VIR_DEBUG("Updating SEV platform info"); - if (qemuProcessUpdateSEVInfo(vm) < 0) + if (vm->def->sec) { + switch (vm->def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + VIR_DEBUG("Updating SEV platform info"); + if (qemuProcessUpdateSEVInfo(vm) < 0) + return -1; + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + break; + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + virReportEnumRangeError(virDomainLaunchSecurity, vm->def->sec-= >sectype); return -1; + } } =20 return 0; diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 669b90125c..d0864313c1 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1951,10 +1951,19 @@ virSecurityDACRestoreAllLabel(virSecurityManager *m= gr, rc =3D -1; } =20 - if (def->sec && - def->sec->sectype =3D=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) { - if (virSecurityDACRestoreSEVLabel(mgr, def) < 0) - rc =3D -1; + if (def->sec) { + switch (def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + if (virSecurityDACRestoreSEVLabel(mgr, def) < 0) + rc =3D -1; + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + break; + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + virReportEnumRangeError(virDomainLaunchSecurity, def->sec->sec= type); + return -1; + } } =20 for (i =3D 0; i < def->nsysinfo; i++) { @@ -2175,10 +2184,19 @@ virSecurityDACSetAllLabel(virSecurityManager *mgr, return -1; } =20 - if (def->sec && - def->sec->sectype =3D=3D VIR_DOMAIN_LAUNCH_SECURITY_SEV) { - if (virSecurityDACSetSEVLabel(mgr, def) < 0) + if (def->sec) { + switch (def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + if (virSecurityDACSetSEVLabel(mgr, def) < 0) + return -1; + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + break; + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + virReportEnumRangeError(virDomainLaunchSecurity, def->sec->sec= type); return -1; + } } =20 if (virSecurityDACGetImageIds(secdef, priv, &user, &group)) --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 171888274760360.941674225673296; Thu, 20 Jun 2024 04:25:47 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 83048BA6; Thu, 20 Jun 2024 07:25:46 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 3C095121D; Thu, 20 Jun 2024 07:23:20 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 389DCCAD; Thu, 20 Jun 2024 07:23:16 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 80F69BAC for ; Thu, 20 Jun 2024 07:23:02 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-256-5KeRSALOOdixBLTMdfH_CQ-1; Thu, 20 Jun 2024 07:23:00 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id DFF0119560BD for ; Thu, 20 Jun 2024 11:22:59 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 0C2D719560AE for ; Thu, 20 Jun 2024 11:22:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882582; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Nf6+X7yYx1+KxOjpgk9L6vMgHlQI36c1ukrMbzppGc8=; b=HmQFbRbuAvQqNZOHapo3tp9As8DgJPyMUeoqM2L6AyuCYnkqaJygWT3WKjjLeghhza1J08 LDj2czETFm1/zMjCOq4k6HsDcNRUcaX6Zh0f0YqeUpdpnfhoaBOOs8P61RhufkR8w7JwuW 7PUdeIP9GPAa7eVqH4xPUsmYQB9UL/Y= X-MC-Unique: 5KeRSALOOdixBLTMdfH_CQ-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 06/12] qemu_monitor: Allow querying SEV-SNP state in 'query-sev' Date: Thu, 20 Jun 2024 13:22:43 +0200 Message-ID: <14c374cb56f00cdfd5f1273d486aa8548fefd290.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: Y6KTJV7MZ4SLK3UFZCIETGN4454NNDSA X-Message-ID-Hash: Y6KTJV7MZ4SLK3UFZCIETGN4454NNDSA X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882749202100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In QEMU commit v9.0.0-1155-g59d3740cb4 the return type of 'query-sev' monitor command changed to accommodate SEV-SNP. Even though we currently support launching plain SNP guests, this will soon change. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_driver.c | 32 ++++++++++-------- src/qemu/qemu_monitor.c | 7 ++-- src/qemu/qemu_monitor.h | 41 +++++++++++++++++++---- src/qemu/qemu_monitor_json.c | 63 ++++++++++++++++++++++++++++------ src/qemu/qemu_monitor_json.h | 8 ++--- tests/qemumonitorjsontest.c | 65 ++++++++++++++++++++++++++++++++---- 6 files changed, 167 insertions(+), 49 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index eb1612b9d7..068c721d9f 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19036,10 +19036,7 @@ qemuDomainGetSEVInfo(virDomainObj *vm, int ret =3D -1; int rv; g_autofree char *tmp =3D NULL; - unsigned int apiMajor =3D 0; - unsigned int apiMinor =3D 0; - unsigned int buildID =3D 0; - unsigned int policy =3D 0; + qemuMonitorSEVInfo info =3D { }; int maxpar =3D 0; =20 virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1); @@ -19054,14 +19051,12 @@ qemuDomainGetSEVInfo(virDomainObj *vm, qemuDomainObjEnterMonitor(vm); tmp =3D qemuMonitorGetSEVMeasurement(QEMU_DOMAIN_PRIVATE(vm)->mon); =20 - if (!tmp) { qemuDomainObjExitMonitor(vm); goto endjob; } =20 - rv =3D qemuMonitorGetSEVInfo(QEMU_DOMAIN_PRIVATE(vm)->mon, - &apiMajor, &apiMinor, &buildID, &policy); + rv =3D qemuMonitorGetSEVInfo(QEMU_DOMAIN_PRIVATE(vm)->mon, &info); qemuDomainObjExitMonitor(vm); =20 if (rv < 0) @@ -19073,21 +19068,30 @@ qemuDomainGetSEVInfo(virDomainObj *vm, goto endjob; if (virTypedParamsAddUInt(params, nparams, &maxpar, VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MAJOR, - apiMajor) < 0) + info.apiMajor) < 0) goto endjob; if (virTypedParamsAddUInt(params, nparams, &maxpar, VIR_DOMAIN_LAUNCH_SECURITY_SEV_API_MINOR, - apiMinor) < 0) + info.apiMinor) < 0) goto endjob; if (virTypedParamsAddUInt(params, nparams, &maxpar, VIR_DOMAIN_LAUNCH_SECURITY_SEV_BUILD_ID, - buildID) < 0) - goto endjob; - if (virTypedParamsAddUInt(params, nparams, &maxpar, - VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY, - policy) < 0) + info.buildID) < 0) goto endjob; =20 + switch (info.type) { + case QEMU_MONITOR_SEV_GUEST_TYPE_SEV: + if (virTypedParamsAddUInt(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY, + info.data.sev.policy) < 0) + goto endjob; + break; + + case QEMU_MONITOR_SEV_GUEST_TYPE_SEV_SNP: + case QEMU_MONITOR_SEV_GUEST_TYPE_LAST: + break; + } + ret =3D 0; =20 endjob: diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 34e2ccab97..b1c0c6a064 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -4043,14 +4043,11 @@ qemuMonitorGetSEVMeasurement(qemuMonitor *mon) =20 int qemuMonitorGetSEVInfo(qemuMonitor *mon, - unsigned int *apiMajor, - unsigned int *apiMinor, - unsigned int *buildID, - unsigned int *policy) + qemuMonitorSEVInfo *info) { QEMU_CHECK_MONITOR(mon); =20 - return qemuMonitorJSONGetSEVInfo(mon, apiMajor, apiMinor, buildID, pol= icy); + return qemuMonitorJSONGetSEVInfo(mon, info); } =20 =20 diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index b78f539c85..8dde3f9fff 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -1334,14 +1334,43 @@ int qemuMonitorBlockdevMediumInsert(qemuMonitor *mo= n, char * qemuMonitorGetSEVMeasurement(qemuMonitor *mon); =20 +typedef struct _qemuMonitorSEVGuestInfo qemuMonitorSEVGuestInfo; +struct _qemuMonitorSEVGuestInfo { + unsigned int policy; + unsigned int handle; +}; + +typedef struct _qemuMonitorSEVSNPGuestInfo qemuMonitorSEVSNPGuestInfo; +struct _qemuMonitorSEVSNPGuestInfo { + unsigned long long snp_policy; +}; + + +typedef enum { + QEMU_MONITOR_SEV_GUEST_TYPE_SEV, + QEMU_MONITOR_SEV_GUEST_TYPE_SEV_SNP, + + QEMU_MONITOR_SEV_GUEST_TYPE_LAST +} qemuMonitorSEVGuestType; + +VIR_ENUM_DECL(qemuMonitorSEVGuest); + +typedef struct _qemuMonitorSEVInfo qemuMonitorSEVInfo; +struct _qemuMonitorSEVInfo { + unsigned int apiMajor; + unsigned int apiMinor; + unsigned int buildID; + qemuMonitorSEVGuestType type; + union { + qemuMonitorSEVGuestInfo sev; + qemuMonitorSEVSNPGuestInfo sev_snp; + } data; +}; + int qemuMonitorGetSEVInfo(qemuMonitor *mon, - unsigned int *apiMajor, - unsigned int *apiMinor, - unsigned int *buildID, - unsigned int *policy) - ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) - ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5); + qemuMonitorSEVInfo *info) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2); =20 int qemuMonitorSetLaunchSecurityState(qemuMonitor *mon, diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index 8f8f3c95f0..5a6af90ac8 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -7971,6 +7971,10 @@ qemuMonitorJSONGetSEVMeasurement(qemuMonitor *mon) } =20 =20 +VIR_ENUM_IMPL(qemuMonitorSEVGuest, + QEMU_MONITOR_SEV_GUEST_TYPE_LAST, + "sev", "sev-snp"); + /** * Retrieve info about the SEV setup, returning those fields that * are required to do a launch attestation, as per @@ -7984,13 +7988,15 @@ qemuMonitorJSONGetSEVMeasurement(qemuMonitor *mon) * { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0, * "build-id" : 0, "policy" : 0, "state" : "running", * "handle" : 1 } } + * + * Or newer (as of QEMU v9.0.0-1155-g59d3740cb4): + * + * {"return": {"enabled": true, "api-minor": 55, "handle": 1, "state": "l= aunch-secret", + * "api-major": 1, "sev-type": "sev", "build-id": 21, "policy= ": 1}} */ int qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, - unsigned int *apiMajor, - unsigned int *apiMinor, - unsigned int *buildID, - unsigned int *policy) + qemuMonitorSEVInfo *info) { g_autoptr(virJSONValue) cmd =3D NULL; g_autoptr(virJSONValue) reply =3D NULL; @@ -8005,16 +8011,51 @@ qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, if (!(data =3D qemuMonitorJSONGetReply(cmd, reply, VIR_JSON_TYPE_OBJEC= T))) return -1; =20 - if (virJSONValueObjectGetNumberUint(data, "api-major", apiMajor) < 0 || - virJSONValueObjectGetNumberUint(data, "api-minor", apiMinor) < 0 || - virJSONValueObjectGetNumberUint(data, "build-id", buildID) < 0 || - virJSONValueObjectGetNumberUint(data, "policy", policy) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("query-sev reply was missing some data")); - return -1; + if (virJSONValueObjectGetNumberUint(data, "api-major", &info->apiMajor= ) < 0 || + virJSONValueObjectGetNumberUint(data, "api-minor", &info->apiMinor= ) < 0 || + virJSONValueObjectGetNumberUint(data, "build-id", &info->buildID) = < 0) { + goto error_report; + } + + if (virJSONValueObjectHasKey(data, "sev-type")) { + const char *sevTypeStr =3D virJSONValueObjectGetString(data, "sev-= type"); + int sevType; + + if ((sevType =3D qemuMonitorSEVGuestTypeFromString(sevTypeStr)) < = 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("unknown SEV type '%1$s'"), + sevTypeStr); + return -1; + } + + info->type =3D sevType; + } else { + info->type =3D QEMU_MONITOR_SEV_GUEST_TYPE_SEV; + } + + switch (info->type) { + case QEMU_MONITOR_SEV_GUEST_TYPE_SEV: + if (virJSONValueObjectGetNumberUint(data, "policy", &info->data.se= v.policy) < 0 || + virJSONValueObjectGetNumberUint(data, "handle", &info->data.se= v.handle) < 0) { + goto error_report; + } + break; + + case QEMU_MONITOR_SEV_GUEST_TYPE_SEV_SNP: + if (virJSONValueObjectGetNumberUlong(data, "snp-policy", &info->da= ta.sev_snp.snp_policy) < 0) + goto error_report; + break; + + case QEMU_MONITOR_SEV_GUEST_TYPE_LAST: + break; } =20 return 0; + + error_report: + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("query-sev reply was missing some data")); + return -1; } =20 =20 diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index 9684660d86..921dd34ed2 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -417,12 +417,8 @@ qemuMonitorJSONGetSEVMeasurement(qemuMonitor *mon); =20 int qemuMonitorJSONGetSEVInfo(qemuMonitor *mon, - unsigned int *apiMajor, - unsigned int *apiMinor, - unsigned int *buildID, - unsigned int *policy) - ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) - ATTRIBUTE_NONNULL(4) ATTRIBUTE_NONNULL(5); + qemuMonitorSEVInfo *info) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2); =20 int qemuMonitorJSONGetVersion(qemuMonitor *mon, diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c index 45cee23798..66d0c127ca 100644 --- a/tests/qemumonitorjsontest.c +++ b/tests/qemumonitorjsontest.c @@ -2730,10 +2730,7 @@ testQemuMonitorJSONGetSEVInfo(const void *opaque) const testGenericData *data =3D opaque; virDomainXMLOption *xmlopt =3D data->xmlopt; g_autoptr(qemuMonitorTest) test =3D NULL; - unsigned int apiMajor =3D 0; - unsigned int apiMinor =3D 0; - unsigned int buildID =3D 0; - unsigned int policy =3D 0; + qemuMonitorSEVInfo info =3D { }; =20 if (!(test =3D qemuMonitorTestNewSchema(xmlopt, data->schema))) return -1; @@ -2753,16 +2750,70 @@ testQemuMonitorJSONGetSEVInfo(const void *opaque) "}") < 0) return -1; =20 - if (qemuMonitorGetSEVInfo(qemuMonitorTestGetMonitor(test), - &apiMajor, &apiMinor, &buildID, &policy) < 0) + if (qemuMonitorGetSEVInfo(qemuMonitorTestGetMonitor(test), &info) < 0) return -1; =20 - if (apiMajor !=3D 1 || apiMinor !=3D 8 || buildID !=3D 834 || policy != =3D 3) { + if (info.apiMajor !=3D 1 || info.apiMinor !=3D 8 || info.buildID !=3D = 834 || + info.type !=3D QEMU_MONITOR_SEV_GUEST_TYPE_SEV || + info.data.sev.policy !=3D 3 || info.data.sev.handle !=3D 0) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", "Unexpected SEV info values"); return -1; } =20 + if (qemuMonitorTestAddItem(test, "query-sev", + "{" + " \"return\": {" + " \"enabled\": true," + " \"api-minor\": 55," + " \"handle\": 1," + " \"state\": \"running\"," + " \"api-major\": 1," + " \"sev-type\": \"sev\"," + " \"build-id\": 21," + " \"policy\": 1" + " }," + " \"id\": \"libvirt-16\"" + "}") < 0) + return -1; + + if (qemuMonitorGetSEVInfo(qemuMonitorTestGetMonitor(test), &info) < 0) + return -1; + + if (info.apiMajor !=3D 1 || info.apiMinor !=3D 55 || info.buildID !=3D= 21 || + info.type !=3D QEMU_MONITOR_SEV_GUEST_TYPE_SEV || + info.data.sev.policy !=3D 1 || info.data.sev.handle !=3D 1) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "Unexpected SEV info values"); + return -1; + } + + if (qemuMonitorTestAddItem(test, "query-sev", + "{" + " \"return\": {" + " \"enabled\": true," + " \"api-minor\": 55," + " \"state\": \"running\"," + " \"api-major\": 1," + " \"sev-type\": \"sev-snp\"," + " \"build-id\": 21," + " \"snp-policy\": 196608" + " }," + " \"id\": \"libvirt-16\"" + "}") < 0) + return -1; + + if (qemuMonitorGetSEVInfo(qemuMonitorTestGetMonitor(test), &info) < 0) + return -1; + + if (info.apiMajor !=3D 1 || info.apiMinor !=3D 55 || info.buildID !=3D= 21 || + info.type !=3D QEMU_MONITOR_SEV_GUEST_TYPE_SEV_SNP || + info.data.sev_snp.snp_policy !=3D 0x30000) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "Unexpected SEV SNP info values"); + return -1; + } + return 0; } =20 --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 171888279424512.727824058501938; Thu, 20 Jun 2024 04:26:34 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 37059A6F; Thu, 20 Jun 2024 07:26:33 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 9459F125F; Thu, 20 Jun 2024 07:23:24 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id EDCBDCF9; Thu, 20 Jun 2024 07:23:16 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id DA816C5D for ; Thu, 20 Jun 2024 07:23:03 -0400 (EDT) Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-428-KQmcEKhGP2K_zDS7jkGBfA-1; Thu, 20 Jun 2024 07:23:02 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 42D9519560BA for ; Thu, 20 Jun 2024 11:23:01 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 4767019560AE for ; Thu, 20 Jun 2024 11:22:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882583; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rT9Zbvwgg4KxkUd7Gz+VRE31FcpWOW2FuxV/Pfl3fd0=; b=e91pVqWAh739DUbIku4g3rOtuucE1adARtHpQH4dzHF8dVPuP7UNhqRvpFtgAhpMnmU0FM ziwkZjIOhitJt54kbnrIIyJI4uLspdchHDNIqewc4cb4kSkERC30cqoWT9LIi7YS2cIk+K W6aXrlK/D4oXCe7jNBeFTcdhuS+mmik= X-MC-Unique: KQmcEKhGP2K_zDS7jkGBfA-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 07/12] qemu: Report snp-policy in virDomainGetLaunchSecurityInfo() Date: Thu, 20 Jun 2024 13:22:44 +0200 Message-ID: <878b96a1a33bc523abf09e0fc73a41ce0bbdc1db.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: PRSE4P5QVMZBZZ7T6XGLIL6TEJNMRINC X-Message-ID-Hash: PRSE4P5QVMZBZZ7T6XGLIL6TEJNMRINC X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882795388100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- include/libvirt/libvirt-domain.h | 10 ++++++++++ src/qemu/qemu_driver.c | 6 ++++++ 2 files changed, 16 insertions(+) diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom= ain.h index 2f5b01bbfe..8f00e9e959 100644 --- a/include/libvirt/libvirt-domain.h +++ b/include/libvirt/libvirt-domain.h @@ -6312,6 +6312,16 @@ int virDomainSetLifecycleAction(virDomainPtr domain, */ # define VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY "sev-policy" =20 +/** + * VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP_POLICY: + * + * Macro represents the policy of the SEV-SNP guest, + * as VIR_TYPED_PARAM_ULLONG. + * + * Since: 10.5.0 + */ +# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP_POLICY "sev-snp-policy" + /** * VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_HEADER: * diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 068c721d9f..1a71857147 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -19088,6 +19088,12 @@ qemuDomainGetSEVInfo(virDomainObj *vm, break; =20 case QEMU_MONITOR_SEV_GUEST_TYPE_SEV_SNP: + if (virTypedParamsAddULLong(params, nparams, &maxpar, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP_POL= ICY, + info.data.sev_snp.snp_policy) < 0) + goto endjob; + break; + case QEMU_MONITOR_SEV_GUEST_TYPE_LAST: break; } --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718882822662430.3668791216521; Thu, 20 Jun 2024 04:27:02 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 91A5FA39; Thu, 20 Jun 2024 07:27:01 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id D5DEC11B3; Thu, 20 Jun 2024 07:23:25 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 7D580CF9; Thu, 20 Jun 2024 07:23:17 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 88847120E for ; Thu, 20 Jun 2024 07:23:04 -0400 (EDT) Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-360-L6-oiZnCNAWpXGlfU0S1Vg-1; Thu, 20 Jun 2024 07:23:03 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 31DF71956070 for ; Thu, 20 Jun 2024 11:23:02 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 6C43A1955F2D for ; Thu, 20 Jun 2024 11:23:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882584; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xnpXkdc5tvU7jK3soEzXEV4+XBX3OrqSPL0bCDlmkJo=; b=XLDlA7JGxcL2jJt8DsGLvRbchqRN8sBe+g2ZAVPHDBegET+vJTq6sbU/Q8KSuCfM5Zmcni KfJ4/bFnWavEQYy2ctWoVtFs5bBjjSuyxImnVgnN6v787QJjGnPqlE42QPdZrmSCQOO0xT +auJ7RgQXS18dtavtgtBIxy7tvNCHcw= X-MC-Unique: L6-oiZnCNAWpXGlfU0S1Vg-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 08/12] qemu_capabilities: Introduce QEMU_CAPS_SEV_SNP_GUEST Date: Thu, 20 Jun 2024 13:22:45 +0200 Message-ID: <03bc1c5240456229263dbaacb5a6a3ea1b25e9a0.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: JODDIBUU3R3T5MNWDMOEKOUV3YP55CUZ X-Message-ID-Hash: JODDIBUU3R3T5MNWDMOEKOUV3YP55CUZ X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1718882823539100001 Content-Type: text/plain; charset="utf-8"; x-default="true" This capability tracks sev-snp-guest object availability. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_capabilities.c | 4 ++++ src/qemu/qemu_capabilities.h | 3 +++ tests/qemucapabilitiesdata/caps_9.1.0_x86_64.xml | 1 + 3 files changed, 8 insertions(+) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 28c20a9555..fe704d16dd 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -708,6 +708,9 @@ VIR_ENUM_IMPL(virQEMUCaps, "usb-mtp", /* QEMU_CAPS_DEVICE_USB_MTP */ "machine.virt.ras", /* QEMU_CAPS_MACHINE_VIRT_RAS */ "virtio-sound", /* QEMU_CAPS_DEVICE_VIRTIO_SOUND */ + + /* 460 */ + "sev-snp-guest", /* QEMU_CAPS_SEV_SNP_GUEST */ ); =20 =20 @@ -1393,6 +1396,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[= ] =3D { { "usb-mtp", QEMU_CAPS_DEVICE_USB_MTP }, { "virtio-sound-pci", QEMU_CAPS_DEVICE_VIRTIO_SOUND }, { "virtio-sound-device", QEMU_CAPS_DEVICE_VIRTIO_SOUND }, + { "sev-snp-guest", QEMU_CAPS_SEV_SNP_GUEST }, }; =20 =20 diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 00b4066e9a..a98da8c2eb 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -688,6 +688,9 @@ typedef enum { /* virQEMUCapsFlags grouping marker for = syntax-check */ QEMU_CAPS_MACHINE_VIRT_RAS, /* -machine virt,ras=3D */ QEMU_CAPS_DEVICE_VIRTIO_SOUND, /* -device virtio-sound-* */ =20 + /* 460 */ + QEMU_CAPS_SEV_SNP_GUEST, /* -object sev-snp-guest */ + QEMU_CAPS_LAST /* this must always be the last item */ } virQEMUCapsFlags; =20 diff --git a/tests/qemucapabilitiesdata/caps_9.1.0_x86_64.xml b/tests/qemuc= apabilitiesdata/caps_9.1.0_x86_64.xml index e0332ce1e8..a9973a0913 100644 --- a/tests/qemucapabilitiesdata/caps_9.1.0_x86_64.xml +++ b/tests/qemucapabilitiesdata/caps_9.1.0_x86_64.xml @@ -203,6 +203,7 @@ + 9000050 43100246 v9.0.0-1388-g80e8f06021-dirty --=20 2.44.2 From nobody Mon Sep 16 19:15:07 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1718882918; cv=none; d=zohomail.com; s=zohoarc; b=QDwGrpeAqwj0FcDscOjDtrXSZRanhttprUu5xgId9BOLAkwsdo9um5WlmxUTCJmP0p2GyMLBAjMT3LYFbVftqsUSuHjgHPiq9GXweOueJA9w+eyoqAowBoUTK4vURt2eta++yQZA9h79CSf78Th8grlZFPje2/g1pY/wkZt1FbU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1718882918; h=Content-Type:Content-Transfer-Encoding:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To:Cc; bh=SujLOIV/RteQaEmsewZsrs+joHr7d8uxbIG3GGN55PA=; b=C1bX0V2fFqy/vE80gYrXS536Gy0utqc84P23kpBhjuO9BPhVTBANZyZ4GqZZHCQvfAb/Ao9uCcUoKuqp2g4t0kYmTEPdBncXmegRy9YjAH5PT3j5r7n6TqHnH318Kw2FCGhYObt+VmqPBT2zD5q60YK3ayuz/JcxmzrCYNPqtNY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1718882918542790.723079559588; Thu, 20 Jun 2024 04:28:38 -0700 (PDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 61B74BD0; Thu, 20 Jun 2024 07:28:37 -0400 (EDT) Received: from lists.libvirt.org (localhost [IPv6:::1]) by lists.libvirt.org (Postfix) with ESMTP id 4E14611AE; Thu, 20 Jun 2024 07:23:30 -0400 (EDT) Received: by lists.libvirt.org (Postfix, from userid 996) id 910E3C91; Thu, 20 Jun 2024 07:23:20 -0400 (EDT) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 437C2121E for ; Thu, 20 Jun 2024 07:23:06 -0400 (EDT) Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-222-HrZasJpYMg2TBYhDfGK0jA-1; Thu, 20 Jun 2024 07:23:04 -0400 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 8F0DC19560BA for ; Thu, 20 Jun 2024 11:23:03 +0000 (UTC) Received: from maggie.brq.redhat.com (unknown [10.43.3.102]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 9138B19560AE for ; Thu, 20 Jun 2024 11:23:02 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org X-Spam-Level: ** X-Spam-Status: No, score=2.5 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1718882585; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SujLOIV/RteQaEmsewZsrs+joHr7d8uxbIG3GGN55PA=; b=FSmq8incimbdjGtOu1ypW3wRCZBJWBMBChOLtOF/KdsQs3Vh10O2CiPDAygRRvxfZCsLn/ kQYpzKUvVRL73IJBFVLWhgvHFlU+XjMi2Ry28U7yg3Kpvb3NbEYeAWmF3fJhhf9BeRazVm Y4OU8HolqVGK/M43XWHUSBKBKvUlrFM= X-MC-Unique: HrZasJpYMg2TBYhDfGK0jA-1 From: Michal Privoznik To: devel@lists.libvirt.org Subject: [PATCH 09/12] conf: Introduce SEV-SNP support Date: Thu, 20 Jun 2024 13:22:46 +0200 Message-ID: <7906bd82e291d4b3031b31a3d59e6cd91bb6b15c.1718882351.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 3VTPRGSLIJC7APLG6XVYKU3IS42BOBXT X-Message-ID-Hash: 3VTPRGSLIJC7APLG6XVYKU3IS42BOBXT X-MailFrom: mprivozn@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; header-match-config-2; header-match-config-3; header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.2.2 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1718882920035100001 Content-Type: text/plain; charset="utf-8"; x-default="true" SEV-SNP is an enhancement of SEV/SEV-ES and thus it shares some fields with it. Nevertheless, on XML level, it's yet another type of . Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- docs/formatdomain.rst | 108 ++++++++++++++++++ src/conf/domain_conf.c | 73 ++++++++++++ src/conf/domain_conf.h | 15 +++ src/conf/domain_validate.c | 44 +++++++ src/conf/schemas/domaincommon.rng | 49 ++++++++ src/conf/virconftypes.h | 2 + src/qemu/qemu_cgroup.c | 1 + src/qemu/qemu_command.c | 4 + src/qemu/qemu_driver.c | 1 + src/qemu/qemu_firmware.c | 3 + src/qemu/qemu_namespace.c | 1 + src/qemu/qemu_process.c | 3 + src/qemu/qemu_validate.c | 9 ++ src/security/security_dac.c | 2 + ...launch-security-sev-snp.x86_64-latest.args | 34 ++++++ .../launch-security-sev-snp.x86_64-latest.xml | 1 + .../launch-security-sev-snp.xml | 47 ++++++++ tests/qemuxmlconftest.c | 2 + 18 files changed, 399 insertions(+) create mode 100644 tests/qemuxmlconfdata/launch-security-sev-snp.x86_64-la= test.args create mode 120000 tests/qemuxmlconfdata/launch-security-sev-snp.x86_64-la= test.xml create mode 100644 tests/qemuxmlconfdata/launch-security-sev-snp.xml diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 00f861e385..5c09b87d2b 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -8867,6 +8867,114 @@ spec `__ session blob defined in the SEV API spec. See SEV spec LAUNCH_START sec= tion for the session blob format. =20 + +Some modern AMD processors support Secure Encrypted Virtualization with Se= cure +Nested Paging enhancement, also known as SEV-SNP. :since:`Since 10.5.0` To +enable it ```` should be used. It shares = some +attributes and elements with ``type=3D'sev'`` but differs in others. Examp= le configuration: + +:: + + + ... + + 47 + 1 + 0x00030000 + ... + ... + ... + .../hostData> + + ... + + +The ```` element accepts the following attributes: + +``kernelHashes`` + The optional ``kernelHashes`` attribute indicates whether the + hashes of the kernel, ramdisk and command line should be included + in the measurement done by the firmware. This is only valid if + using direct kernel boot. + +``authorKey`` + The optional ``authorKey`` attribute indicates whether ```` el= ement + contains the 'AUTHOR_KEY' field defined SEV-SNP firmware ABI. + +``vcek`` + The optional ``vcek`` attribute indicates whether the guest is allowed = to + chose between VLEK (Versioned Loaded Endorsement Key) or VCEK (Versioned + Chip Endorsement Key) when requesting attestation reports from firmwar= e. + Set this to ``no`` to disable the use of VCEK. + +Aforementioned SEV-SNP firmware ABI can be found here: +``__ + +The ```` element then accepts the following child element= s: + +``cbitpos`` + The required ``cbitpos`` element provides the C-bit (aka encryption bit) + location in guest page table entry. The value of ``cbitpos`` is hypervi= sor + dependent and can be obtained through the ``sev`` element from the doma= in + capabilities. +``reducedPhysBits`` + The required ``reducedPhysBits`` element provides the physical address = bit + reduction. Similar to ``cbitpos`` the value of ``reduced-phys-bit`` is + hypervisor dependent and can be obtained through the ``sev`` element fr= om the + domain capabilities. +``policy`` + The required ``policy`` element provides the guest policy which must be + maintained by the SEV-SNP firmware. This policy is enforced by the firm= ware + and restricts what configuration and operational commands can be perfor= med + on this guest by the hypervisor. The guest policy provided during guest + launch is bound to the guest and cannot be changed throughout the lifet= ime + of the guest. The policy is also transmitted during snapshot and migrat= ion + flows and enforced on the destination platform. The guest policy is a 6= 4bit + unsigned number with the fields shown in table (See section `4.3 Guest + Policy` in aforementioned firmware ABI specification): + + =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + Bit(s) Description + =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + 63:25 Reserved. Must be zero. + 24 Ciphertext hiding must be enabled when set, otherwise may be ena= bled or disabled. + 23 Running Average Power Limit (RAPL) must be disabled when set. + 22 Require AES 256 XTS for memory encryption when set, otherwise AE= S 128 XEX may be allowed. + 21 CXL can be populated with devices or memory when set. + 20 Guest can be activated only on one socket when set. + 19 Debugging is allowed when set. + 18 Association with a migration agent is allowed when set. + 17 Reserved. Must be set. + 16 SMT is allowed. + 15:8 The minimum ABI major version required for this guest to run. + 7:0 The minimum ABI minor version required for this guest to run. + =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + + The default value is hypervisor dependant and QEMU defaults to value 0x= 30000 + meaning no minimum ABI major/minor version is required and SMT is allow= ed. + +``guestVisibleWorkarounds`` + The optional ``guestVisibleWorkarounds`` element is a 16-byte, + base64-encoded blob to report hypervisor-defined workarounds, correspon= ding + to the 'GOSVW' parameter of the SNP_LAUNCH_START command defined in the + SEV-SNP firmware ABI. + +``idBlock`` + The optional ``idBlock`` element is a 96-byte, base64-encoded blob to + provide the 'ID Block' structure for the SNP_LAUNCH_FINISH command defi= ned + in the SEV-SNP firmware ABI. + +``idAuth`` + The optional ``idAuth`` element is a 4096-byte, base64-encoded blob to + provide the 'ID Authentication Information Structure' for the + SNP_LAUNCH_FINISH command defined in the SEV-SNP firmware ABI. + +``hostData`` + The optional ``hostData`` element is a 32-byte, base64-encoded, user-de= fined + blob to provide to the guest, as documented for the 'HOST_DATA' paramet= er of + the SNP_LAUNCH_FINISH command in the SEV-SNP firmware ABI. + + Example configs =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =20 diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 102a011be8..cb1154b23f 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1509,6 +1509,7 @@ VIR_ENUM_IMPL(virDomainLaunchSecurity, VIR_DOMAIN_LAUNCH_SECURITY_LAST, "", "sev", + "sev-snp", "s390-pv", ); =20 @@ -3835,6 +3836,12 @@ virDomainSecDefFree(virDomainSecDef *def) g_free(def->data.sev.dh_cert); g_free(def->data.sev.session); break; + case VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP: + g_free(def->data.sev_snp.guest_visible_workarounds); + g_free(def->data.sev_snp.id_block); + g_free(def->data.sev_snp.id_auth); + g_free(def->data.sev_snp.host_data); + break; case VIR_DOMAIN_LAUNCH_SECURITY_PV: case VIR_DOMAIN_LAUNCH_SECURITY_NONE: case VIR_DOMAIN_LAUNCH_SECURITY_LAST: @@ -13676,6 +13683,36 @@ virDomainSEVDefParseXML(virDomainSEVDef *def, } =20 =20 +static int +virDomainSEVSNPDefParseXML(virDomainSEVSNPDef *def, + xmlXPathContextPtr ctxt) +{ + if (virDomainSEVCommonDefParseXML(&def->common, ctxt) < 0) + return -1; + + if (virXMLPropTristateBool(ctxt->node, "authorKey", VIR_XML_PROP_NONE, + &def->author_key) < 0) + return -1; + + if (virXMLPropTristateBool(ctxt->node, "vcek", VIR_XML_PROP_NONE, + &def->vcek) < 0) + return -1; + + if (virXPathULongLongBase("string(./policy)", ctxt, 16, &def->policy) = < 0) { + virReportError(VIR_ERR_XML_ERROR, "%s", + _("failed to get launch security policy")); + return -1; + } + + def->guest_visible_workarounds =3D virXPathString("string(./guestVisib= leWorkarounds)", ctxt); + def->id_block =3D virXPathString("string(./idBlock)", ctxt); + def->id_auth =3D virXPathString("string(./idAuth)", ctxt); + def->host_data =3D virXPathString("string(./hostData)", ctxt); + + return 0; +} + + static virDomainSecDef * virDomainSecDefParseXML(xmlNodePtr lsecNode, xmlXPathContextPtr ctxt) @@ -13695,6 +13732,10 @@ virDomainSecDefParseXML(xmlNodePtr lsecNode, if (virDomainSEVDefParseXML(&sec->data.sev, ctxt) < 0) return NULL; break; + case VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP: + if (virDomainSEVSNPDefParseXML(&sec->data.sev_snp, ctxt) < 0) + return NULL; + break; case VIR_DOMAIN_LAUNCH_SECURITY_PV: break; case VIR_DOMAIN_LAUNCH_SECURITY_NONE: @@ -26683,6 +26724,34 @@ virDomainSEVDefFormat(virBuffer *attrBuf, } =20 =20 +static void +virDomainSEVSNPDefFormat(virBuffer *attrBuf, + virBuffer *childBuf, + virDomainSEVSNPDef *def) +{ + virDomainSEVCommonDefFormat(attrBuf, childBuf, &def->common); + + if (def->author_key !=3D VIR_TRISTATE_BOOL_ABSENT) { + virBufferAsprintf(attrBuf, " authorKey=3D'%s'", + virTristateBoolTypeToString(def->author_key)); + } + + if (def->vcek !=3D VIR_TRISTATE_BOOL_ABSENT) { + virBufferAsprintf(attrBuf, " vcek=3D'%s'", + virTristateBoolTypeToString(def->vcek)); + } + + virBufferAsprintf(childBuf, "0x%08llx\n", def->policy= ); + + virBufferEscapeString(childBuf, + "%s\n", + def->guest_visible_workarounds); + virBufferEscapeString(childBuf, "%s\n", def->id_blo= ck); + virBufferEscapeString(childBuf, "%s\n", def->id_auth); + virBufferEscapeString(childBuf, "%s\n", def->host= _data); +} + + static void virDomainSecDefFormat(virBuffer *buf, virDomainSecDef *sec) { @@ -26700,6 +26769,10 @@ virDomainSecDefFormat(virBuffer *buf, virDomainSec= Def *sec) virDomainSEVDefFormat(&attrBuf, &childBuf, &sec->data.sev); break; =20 + case VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP: + virDomainSEVSNPDefFormat(&attrBuf, &childBuf, &sec->data.sev_snp); + break; + case VIR_DOMAIN_LAUNCH_SECURITY_PV: break; =20 diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index c6c3c2e2a5..2818a9f1f5 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2860,6 +2860,7 @@ struct _virDomainKeyWrapDef { typedef enum { VIR_DOMAIN_LAUNCH_SECURITY_NONE, VIR_DOMAIN_LAUNCH_SECURITY_SEV, + VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP, VIR_DOMAIN_LAUNCH_SECURITY_PV, =20 VIR_DOMAIN_LAUNCH_SECURITY_LAST, @@ -2882,10 +2883,24 @@ struct _virDomainSEVDef { unsigned int policy; }; =20 + +struct _virDomainSEVSNPDef { + virDomainSEVCommonDef common; + unsigned long long policy; + char *guest_visible_workarounds; + char *id_block; + char *id_auth; + char *host_data; + virTristateBool author_key; + virTristateBool vcek; +}; + + struct _virDomainSecDef { virDomainLaunchSecurity sectype; union { virDomainSEVDef sev; + virDomainSEVSNPDef sev_snp; } data; }; =20 diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c index 395e036e8f..0661caef68 100644 --- a/src/conf/domain_validate.c +++ b/src/conf/domain_validate.c @@ -1800,6 +1800,47 @@ virDomainDefValidateIOThreads(const virDomainDef *de= f) } =20 =20 +#define CHECK_BASE64_LEN(val, elemName, exp_len) \ +{ \ + size_t len; \ + g_autofree unsigned char *tmp =3D NULL; \ + if (val && (tmp =3D g_base64_decode(val, &len)) && len !=3D exp_len) {= \ + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, \ + _("Unexpected length of '%1$s', expected %2$u got %= 3$zu"), \ + elemName, exp_len, len); \ + return -1; \ + } \ +} + +static int +virDomainDefLaunchSecurityValidate(const virDomainDef *def) +{ + virDomainSEVSNPDef *sev_snp; + + if (!def->sec) + return 0; + + switch (def->sec->sectype) { + case VIR_DOMAIN_LAUNCH_SECURITY_SEV_SNP: + sev_snp =3D &def->sec->data.sev_snp; + + CHECK_BASE64_LEN(sev_snp->guest_visible_workarounds, "guestVisible= Workarounds", 16); + CHECK_BASE64_LEN(sev_snp->id_block, "idBlock", 96); + CHECK_BASE64_LEN(sev_snp->id_auth, "idAuth", 4096); + CHECK_BASE64_LEN(sev_snp->host_data, "hostData", 32); + break; + + case VIR_DOMAIN_LAUNCH_SECURITY_NONE: + case VIR_DOMAIN_LAUNCH_SECURITY_SEV: + case VIR_DOMAIN_LAUNCH_SECURITY_PV: + case VIR_DOMAIN_LAUNCH_SECURITY_LAST: + } + + return 0; +} + +#undef CHECK_BASE64_LEN + static int virDomainDefValidateInternal(const virDomainDef *def, virDomainXMLOption *xmlopt) @@ -1855,6 +1896,9 @@ virDomainDefValidateInternal(const virDomainDef *def, if (virDomainDefValidateIOThreads(def) < 0) return -1; =20 + if (virDomainDefLaunchSecurityValidate(def) < 0) + return -1; + return 0; } =20 diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincom= mon.rng index 9a7649df1c..844a931deb 100644 --- a/src/conf/schemas/domaincommon.rng +++ b/src/conf/schemas/domaincommon.rng @@ -515,6 +515,9 @@ + + + s390-pv @@ -569,6 +572,52 @@ =20 + + + sev-snp + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +