From nobody Tue May  7 20:05:41 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.129.124 as permitted sender) client-ip=170.10.129.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1665950795; cv=none;
	d=zohomail.com; s=zohoarc;
	b=bwDnQt9QPJANrUMzn+hzxS4BM/kseUUnsFQA1ajAUhVyGSdqGGeh21zQzQ5PIbMolQW17G2o2gI2+BPgHXUNwllToBmk9afRxHtTjHF6gqiCvtHnxgEb0hwq4GWRVH7c+RfXWk8V5MBPHtLrqOjQ14Ll8L155eCK3wYVaP8tNIk=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1665950795;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=P7k+kPhnzqVPtncwWNh8totjm6j3bUBiXhWKSVE4tgw=;
	b=Obn0XwBjaAk/9+csqhxnU14zb1GcF2s6CXIgb0pFX+TBR6ErhZus0VkNxXg9iALOyUcZSMvNFwyXBEd78/wK9ZVo8dn9KrRGJXwoRxtLR77Z1xj1xsjtFGSCmjxRAp0xeuGikBQcfS1RZ65IKwtjQol1YMvrcxzMUyf4xgegNTY=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<crobinso@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com
	with SMTPS id 1665950795662264.8953892256841;
 Sun, 16 Oct 2022 13:06:35 -0700 (PDT)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-583-pIvKtJwrPnaCeuLTcw-VQQ-1; Sun, 16 Oct 2022 16:06:30 -0400
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com
 [10.11.54.3])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id EFFAD3C0F45C;
	Sun, 16 Oct 2022 20:06:27 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 901291111C8E;
	Sun, 16 Oct 2022 20:06:25 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 5B6C2194658D;
	Sun, 16 Oct 2022 20:06:25 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id F3691194658C for <libvir-list@listman.corp.redhat.com>;
 Sun, 16 Oct 2022 20:06:23 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 78DCF63A54; Sun, 16 Oct 2022 20:06:23 +0000 (UTC)
Received: from colepc.redhat.com (unknown [10.22.8.23])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 500F34EA4A;
 Sun, 16 Oct 2022 20:06:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1665950794;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=P7k+kPhnzqVPtncwWNh8totjm6j3bUBiXhWKSVE4tgw=;
	b=XgamKxrU27BunWwmD/mABWOXkOoiuANICdEi3BsfI9MZE1xdxgh6Zx0SlJCKIGh8EcOR1z
	uYJznx2TzxWnCNQ2Eg9GYCnIYXXxdP8DLSkhTZ3Erd2Jaq+NtK4cJvqITH45bzUQiURqrF
	Au98qzSNb1wFwUY+rPldx+5WSdeuPcU=
X-MC-Unique: pIvKtJwrPnaCeuLTcw-VQQ-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Cole Robinson <crobinso@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] qemu: Report sev measurement value and nonce explicitly
Date: Sun, 16 Oct 2022 16:06:14 -0400
Message-Id: 
 <fc3aa1f8b77d45e06c41bbc5a95e18d9bbd80a3f.1665950774.git.crobinso@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Cc: Cole Robinson <crobinso@redhat.com>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.3
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1665950797663100001
Content-Type: text/plain; charset="utf-8"

The value returned by qemu's query-sev-launch-measure comes
straight from the LAUNCH_MEASURE SEV firmware command. It's two
values packed together: first 32 bytes is the launch measurement,
last 16 bytes is the nonce.

This combined value is really just an artifact of the return value
of the firmware command, it has no direct usage. Users want the two
individual values. But because qemu and libvirt do not separate them
apart, every app that wants to process this value will have to do
it manually.

This performs the split for the user, and delivers the values in two
new TYPED_PARAM fields: sev-measurement-value, sev-measurement-nonce

Signed-off-by: Cole Robinson <crobinso@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
---
 include/libvirt/libvirt-domain.h | 22 ++++++++++++++++++++++
 src/qemu/qemu_driver.c           | 23 +++++++++++++++++++++++
 2 files changed, 45 insertions(+)

diff --git a/include/libvirt/libvirt-domain.h b/include/libvirt/libvirt-dom=
ain.h
index 8357aea797..55723ba150 100644
--- a/include/libvirt/libvirt-domain.h
+++ b/include/libvirt/libvirt-domain.h
@@ -6317,6 +6317,28 @@ int virDomainSetLifecycleAction(virDomainPtr domain,
  */
 # define VIR_DOMAIN_LAUNCH_SECURITY_SEV_SECRET_SET_ADDRESS "sev-secret-set=
-address"
=20
+/**
+ * VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT_VALUE:
+ *
+ * Macro represents the measurement value of the SEV guest,
+ * extracted from the compound VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT =
value,
+ * as VIR_TYPED_PARAM_STRING.
+ *
+ * Since: 8.9.0
+ */
+# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT_VALUE "sev-measurement=
-value"
+
+/**
+ * VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT_NONCE:
+ *
+ * Macro represents the measurement nonce of the SEV guest,
+ * extracted from the compound VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT =
value,
+ * as VIR_TYPED_PARAM_STRING.
+ *
+ * Since: 8.9.0
+ */
+# define VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT_NONCE "sev-measurement=
-nonce"
+
 int virDomainGetLaunchSecurityInfo(virDomainPtr domain,
                                    virTypedParameterPtr *params,
                                    int *nparams,
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 40d23b5723..590e8f3fab 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -19951,10 +19951,14 @@ qemuDomainGetSEVInfo(virDomainObj *vm,
     int ret =3D -1;
     int rv;
     g_autofree char *tmp =3D NULL;
+    g_autofree char *measurement =3D NULL;
+    g_autofree char *measurement_val =3D NULL;
+    g_autofree char *nonce =3D NULL;
     unsigned int apiMajor =3D 0;
     unsigned int apiMinor =3D 0;
     unsigned int buildID =3D 0;
     unsigned int policy =3D 0;
+    size_t measurement_size =3D 0;
     int maxpar =3D 0;
=20
     virCheckFlags(VIR_TYPED_PARAM_STRING_OKAY, -1);
@@ -19982,6 +19986,17 @@ qemuDomainGetSEVInfo(virDomainObj *vm,
     if (rv < 0)
         goto endjob;
=20
+    measurement =3D (char *) g_base64_decode(tmp, &measurement_size);
+    if (measurement_size !=3D 48) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("unexpected SEV measurement size %zu, expected 48=
"),
+                       measurement_size);
+        goto endjob;
+    }
+
+    measurement_val =3D g_base64_encode((unsigned char *) measurement, 32);
+    nonce =3D g_base64_encode((unsigned char *) measurement + 32, 16);
+
     if (virTypedParamsAddString(params, nparams, &maxpar,
                                 VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT,
                                 tmp) < 0)
@@ -20002,6 +20017,14 @@ qemuDomainGetSEVInfo(virDomainObj *vm,
                               VIR_DOMAIN_LAUNCH_SECURITY_SEV_POLICY,
                               policy) < 0)
         goto endjob;
+    if (virTypedParamsAddString(params, nparams, &maxpar,
+                                VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT=
_VALUE,
+                                measurement_val) < 0)
+        goto endjob;
+    if (virTypedParamsAddString(params, nparams, &maxpar,
+                                VIR_DOMAIN_LAUNCH_SECURITY_SEV_MEASUREMENT=
_NONCE,
+                                nonce) < 0)
+        goto endjob;
=20
     ret =3D 0;
=20
--=20
2.37.3