From nobody Sat Feb 7 07:15:20 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1518450423738255.66159257832817; Mon, 12 Feb 2018 07:47:03 -0800 (PST) Received: from localhost ([::1]:45595 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1elGJq-0001rz-Q9 for importer@patchew.org; Mon, 12 Feb 2018 10:47:02 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55844) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1elGBV-0003RM-5T for qemu-devel@nongnu.org; Mon, 12 Feb 2018 10:38:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1elGBR-00046V-J9 for qemu-devel@nongnu.org; Mon, 12 Feb 2018 10:38:25 -0500 Received: from mail-by2nam01on0078.outbound.protection.outlook.com ([104.47.34.78]:9788 helo=NAM01-BY2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1elGBR-00044L-6s for qemu-devel@nongnu.org; Mon, 12 Feb 2018 10:38:21 -0500 Received: from wsp141597wss.amd.com (165.204.78.1) by BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.485.10; Mon, 12 Feb 2018 15:38:16 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=xXvACLrfpehZLH0SjkeiADdJ4znbMLSP7yX2jztf8Gk=; b=h0Hjz6gbzq0VivLwk2vQIQGyA7YD+BVURcfipaolgYujX+e90iq5tB6t9S3P7R3NNYjwyuENRVYqwPzUQJuOmvlqJH6ttL+FBLL3W/QRgNuFrIslEi6HraNPWBBNyCZhtnMhhjwu4Ix6X6hhbCqggSx0KrwwQLt3eqlYl2t4Bsk= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: qemu-devel@nongnu.org Date: Mon, 12 Feb 2018 09:36:57 -0600 Message-Id: <20180212153715.87555-11-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180212153715.87555-1-brijesh.singh@amd.com> References: <20180212153715.87555-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0801CA0004.namprd08.prod.outlook.com (10.161.215.142) To BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 6f7f1045-c939-43ab-2fd1-08d5722ea3b0 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:BY2PR12MB0146; X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 3:8OKPq2KVCywA91mp7bBm43Q7F/HDn1Nc7CGbrsSos2MtROPY2abyxMmQex2WYbmx5w3ZTfKNB1s3kgGKWGI9FBVTdxQjGQ7eMEIg+GXu5/IBRN2MoLNXFtOECqf6lBmpd9FqpXcKBuicWyQzDOivBwSuOJEPcQ3l1kNdeAMnrolPAXxhGNiKEYwAEoPyTjMUQLuxZf9+iH28hmOO3LfOyeqYbhWx7jTNhZvT0woOOucko6OCKArlOXAkZ7pbORyd; 25:kjR+c2RIfk4SZLX7ylBZ2WtHIjWONg+sGi9KQPU+h1w4CIZgc9Vsvv+MupIX2aT+5s0oDADXjPFckGVrOO2A+huj8iPT+8ZGinBrzPL6I3r11geI+u5LAxOqqWpJqBoxCAfNC+qtvjcPb7k0VNGH5DP4r9amSzaoRD0vmet8ITs6TD8l7SoPOp3aqbCGxz8Mdq8eIBAbVx4KxumyFx+njlS7ja9azN8LzFCwasZjNy42zzTpfVJrCzWi1mPFg/v4jgFQw9QuehY/MJnZH/awEWC8vT9T+oa+D+6vIo9sI11a8DHcX94DKaThzhegM19t9O/LyKD+etVR1sZL3IHrlQ==; 31:Z3C+5IOa15MOe5QrP/GXqEtRDvNE3UCN9gk+joI35O5pXJJ7rM8QMhYb7Furp7dHVQ9XHid9ls9H+YOVB65N9bVTL5+1obl+C/t8unF0OCjDnHiohp/BOjplG3VZ4JoIv0gNyVl6Q7clAPFsDewXibu7tSbo2CO4vP3EHRStx7WucpwlwUPIJizgnizPCo/f6ByvsFiDRX5uvOkowx5VgyvOXECE8UN6Z5JQ+Ifo8eU= X-MS-TrafficTypeDiagnostic: BY2PR12MB0146: X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 20:OBjo2DACxyKbjljBhCziH/sv6j1fPUm+l/SpZ8wwkmmk0NJ8cnlFAG0DUs+uVFPr0lqTsb+4oUNmyR4vO0XIczi1nOeHC1/7veXBuxx2WWI5qNK0HruFO6ckSFYXvXDZSyDsSqTxUXgbB6R4bT7uWDVHVg0nZBYAYCp6T2Ofw6Tn7nYGaITQ92sbtP8Ujc3Eris80wj/r+sT7C5B+OIHMLsCKQnEAAimt/byVrVL2clO2HcQOgjudcjthbBSinr1GVwVE/upIUCbtq4GpT2gVI0raCEc2rDCokvdPOAL9oSZcl/Pnh4sdw4j8LOxetot/xqb0FmTS9/mu2jINssPxfGBx3EOwQ9LP60WXysf6Bfm4fa6HSA14mLtQW/XbbV2v+D/VN+4Ch3Jrsa3kvWp9W9nh2CJNz8ZcTYpknTPO6nQ+6AdddGvctUH3r64hajWTYKQApHT7LlBfwJQuQpw2fOZOtlY6lOv45AFjxei0iVJW7O2URqQrEwEqK9eZf4I; 4:xQNjxqq8csiM/aZWuN2x50/JUInM7nTRzaRz42HFa8rriN5EACqP7TgIs6HMLjJbyRJVbaTk7e9I10EG9ncUNZYY8Frk69+DFHqox4Z1aloCywIuYFpSDFsHgvtWtZNJMeUSM/fAUeHXRh3F7DXwzh/nygAWECxFHI/roW4Mgq04djb1U31Rv5obp11fLVpbmGm2sf16B5TazU/4ZkxKLOhwISJMG4Kktmj/NW/KiVhoxMdZxMDTNb1KNkp7j+5L6L4wiFiFDyTIxM/v2noqw7KOucLUos7CCsUInUf6AvXd7nKG0sUonOaHzutMZixi X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(93006095)(93001095)(10201501046)(3002001)(3231101)(2400082)(944501161)(6055026)(6041288)(20161123564045)(20161123558120)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(6072148)(201708071742011); SRVR:BY2PR12MB0146; BCL:0; PCL:0; RULEID:; SRVR:BY2PR12MB0146; X-Forefront-PRVS: 0581B5AB35 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39380400002)(39860400002)(346002)(396003)(366004)(376002)(199004)(189003)(25786009)(53416004)(66066001)(8676002)(7416002)(105586002)(59450400001)(81156014)(76176011)(81166006)(5660300001)(97736004)(186003)(16526019)(8936002)(106356001)(50226002)(575784001)(2361001)(6116002)(3846002)(47776003)(305945005)(1076002)(86362001)(26005)(2351001)(7736002)(478600001)(51416003)(36756003)(4326008)(2906002)(53936002)(6666003)(2950100002)(8656006)(52116002)(6486002)(48376002)(39060400002)(68736007)(54906003)(16586007)(7696005)(386003)(316002)(6916009)(50466002)(8666007); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR12MB0146; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BY2PR12MB0146; 23:xO9/ZuWV9qvrVqzCbgtnAA1rnBajetnhrL3JbpMMB?= =?us-ascii?Q?Lw+TTLSD69z56cVCDtaDLTlOS/cwb64S8GlJlcYFmI7bf09ZfAjLHHXt9oHq?= =?us-ascii?Q?TIC67mgVWVxesQDQtSWeaL2lD+HjyYT9JcXMin3ZFH8iJ+GSTC0YCovYcPHH?= =?us-ascii?Q?ckO/hSZj5y3s7wY/EjTGutsaH2oUVociDmjSUfaS7QVtCNjlo94ute9c5Gco?= =?us-ascii?Q?2gcnXreN1TehcAKECUh6O3KgIiKHkUsnGeUG+HjfjUYK5+L/ja42bJZQgPBF?= =?us-ascii?Q?O0Kw/V5uWlSx1IHJfg/JCMrOma+xjWneTLDcS/XdXG5NeJlw5rJruiaFxPv0?= =?us-ascii?Q?UvRjVnPMXmb65HJBmS3zcI22egP+hNy2ez07NW3+cwB8xWaDQC8tYLaS40Gg?= =?us-ascii?Q?7UuvEVs97xAR7cYffzDru1cd117B/IMcxTZiCMQCp/6OjF8hwGuv3o63XS7J?= =?us-ascii?Q?3m2LXT6tPq3/PtS/s9YhQbzNCK4hIIeLWQpR3tkcdilgzK+rv4JhKHl2IeI0?= =?us-ascii?Q?2Fdt9QAETMZzSYe1PHAkvVBkYetFOsZJLHveqiSu0rvvSVDpsbBF9zjAjxk+?= =?us-ascii?Q?0JBCNZKGdN3hD6gTaukcX9H75+NEXGxQD7uVz++nhuEEq5VZQu8Uy6knZ1sh?= =?us-ascii?Q?IH6ANvoLkljdO8YFQat6Dgss7bomfUR7hii/Kl9KKC/HfnytZytnZVGmgaya?= =?us-ascii?Q?wB9WNyIXNOOJOZoJ4/XlGv/JNzNcxmC2wmXLShN7fowAKRjh4SzlJI47vFIj?= =?us-ascii?Q?qHmfzcBaLGcvT2W7CYkGz2AMEA0cYgUg5GYW/DMST81R2G7xse4819ELcOHj?= =?us-ascii?Q?/QfsHIoOScYOE0MapDDbzDrmCKatZbUf5g4RYiS9JQe5aURKF9WLfwFH9MWn?= =?us-ascii?Q?Yx8v/RbBs3Ss7ZUQYleiLD5c2OY8mGlVlhl+BoGs82r8Ipg8ELuqyRCd7ATB?= =?us-ascii?Q?qGCn3+LURQJ2LqIcq6/li7ZB5z0jw3JrqDlsrbZg+derI2GaXkgMGDJYeDj6?= =?us-ascii?Q?R7LB9G5AbyVb2YQ3/TZjd8OajfGjI4ZJXtrfH+TIp4TYQLb6drC1/L9PdQpJ?= =?us-ascii?Q?/SJC3/aOO1aDNjbKujsmevT28gSGjgMWkoTQ1WwNuFfuxmyFFMxRac9W+3BU?= =?us-ascii?Q?+J+/955ywEd7oZ8XHy2iF3+uVOArl15f60AFOZAGBxsrkMXngQr2CFEaLHKJ?= =?us-ascii?Q?arkL5Faf8YR0AXPX/6icFrrEAenUwT+2AphIxbS8dKqtcT6Nar1XH+F0L0hO?= =?us-ascii?Q?ovlsCMhqyFMUstRoq4faRz1Enjp0Lh7NT7G1vaFlh2hc0OovmT4gfEmFCPxs?= =?us-ascii?Q?lu8S04VmG6KqcScRSZZSVsgjK+xexTWiYN8XQaL1a3t?= X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 6:WXM2GbkoKUzD1+aBGP18JGe1HpT6EhLLXYQyBrS4W6FabZbGeqSpbwqDc2GBxgOWu6N3JYU9SMfqBw7KA4X4UmYz7bvjsluQ+NcQR1Z4X8uMenvplBK5U4U031/Q7P39PhqF07qs6888lI9PWFFSXI3nkj3LtRf/6Lwq3stQVyyUZjxsqBDeHHCqplZQ5qeGQ+RmC4kJnZIvEMhTccHt3T8ixlxU1XHOX/Eqj3JaAojqtWVLAJhbTOnIFrL7jh8BRKW5ghkKgH1odEmzMWShw+qT0CND5bFVinYGjtX0SL0HS2b2eZuSXDXf7Kfi4oz6vcj/d5Cm1V0rlhY/C6HtEGkV7RKMyPJ5dH4CYFX2uRc=; 5:+ELBWn+zg0ptLgM9rTPbnmQWL/Pd0gcjx18Hw5RahbWTsW4Mws8lhVJbImbJ+YZr9t3cOQWowOoS5BijVaTzed6MBdkOPUiTvNXfFiCTlNWtiVsz4OX7DNBB9rKcXnzdIwyWI2ek001UwjkoKvPHCtD4faX8ObGMj98J/UUTS6c=; 24:oEYzvaTWzxOHwzXzEzcYZAas6VsckZHmCQrfUSCzjO4k4lRdIT4XQXUG88jMXz/NsAbsVVqmlEy6PXpA0/w/Ab1CPGraTwVarPYSFY1GXXQ=; 7:47zOqhwedm9uTtN5UHEE2gh8IjaBwHbdQ51v7ievpH66E51Oo/g8RmT/u72bbB86TRsKxFjtdgbiPAW9EWnkAcV/ZsBdZxxdJ1AT9wL0TzmiOZVl20sNT4XSMzOyuqExwIB5vEVOqbGJRPpbSvdKKjkuEToGp/OR0Tk6CEfcd4xcbBohWCaAPtayLBPJOnAbW+D/V3gRtWgOsdHzJn+gpGbsqaFiYz+s4QfJtpm4MtYnBTF3k2d+U4y1Q8A3kzWK SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 20:bTXZWuYlLWq08/fGUmagDeF2ZviGCEaRsD73sw2YiYBvla9kMOBn3lS7NNfzywstZBsxRC02cNRSbPg64d2XQTFrCx/gzoJ7wv34Nqx+wB7smUxYcx8SfK2Nqaz1IrVrHDJdKPARcwOmvOpLbM5uqMagdS48lpcyrzcSjoaBDmtaFpCCQFv1wXfPeUH3w7IiTtgUJcPEyUs+5Vr204ICynPYNhtgapdk7aifzIUaKY4LkNXYVdcKjlA81ZKlB+wk X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Feb 2018 15:38:16.5434 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6f7f1045-c939-43ab-2fd1-08d5722ea3b0 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR12MB0146 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.34.78 Subject: [Qemu-devel] [PATCH v8 10/28] sev/i386: add command to initialize the memory encryption context X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Richard Henderson , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When memory encryption is enabled, KVM_SEV_INIT command is used to initialize the platform. The command loads the SEV related persistent data from non-volatile storage and initializes the platform context. This command should be first issued before invoking any other guest commands provided by the SEV firmware. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- accel/kvm/kvm-all.c | 15 +++++ include/sysemu/sev.h | 16 +++++ stubs/Makefile.objs | 1 + stubs/sev.c | 43 +++++++++++++ target/i386/sev.c | 161 +++++++++++++++++++++++++++++++++++++++++++= ++++ target/i386/trace-events | 3 + 6 files changed, 239 insertions(+) create mode 100644 stubs/sev.c diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index b91fcb7160d3..300fc3cd44ce 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -38,6 +38,7 @@ #include "qemu/event_notifier.h" #include "trace.h" #include "hw/irq.h" +#include "sysemu/sev.h" =20 #include "hw/boards.h" =20 @@ -103,6 +104,9 @@ struct KVMState #endif KVMMemoryListener memory_listener; QLIST_HEAD(, KVMParkedVcpu) kvm_parked_vcpus; + + /* memory encryption */ + void *memcrypt_handle; }; =20 KVMState *kvm_state; @@ -1636,6 +1640,17 @@ static int kvm_init(MachineState *ms) =20 kvm_state =3D s; =20 + /* + * if memory encryption object is specified then initialize the memory + * encryption context. + */ + if (ms->memory_encryption) { + kvm_state->memcrypt_handle =3D sev_guest_init(ms->memory_encryptio= n); + if (!kvm_state->memcrypt_handle) { + goto err; + } + } + ret =3D kvm_arch_init(ms, s); if (ret < 0) { goto err; diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h index eed679653dbc..121e7e4aa44c 100644 --- a/include/sysemu/sev.h +++ b/include/sysemu/sev.h @@ -14,6 +14,8 @@ #ifndef QEMU_SEV_H #define QEMU_SEV_H =20 +#include + #include "qom/object.h" #include "qapi/error.h" #include "sysemu/kvm.h" @@ -23,6 +25,12 @@ #define QSEV_GUEST_INFO(obj) \ OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO) =20 +extern bool sev_enabled(void); +extern uint64_t sev_get_me_mask(void); +extern void sev_get_current_state(char **state); +extern void sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *bu= ild); +extern void sev_get_policy(uint32_t *policy); + typedef struct QSevGuestInfo QSevGuestInfo; typedef struct QSevGuestInfoClass QSevGuestInfoClass; =20 @@ -50,5 +58,13 @@ struct QSevGuestInfoClass { ObjectClass parent_class; }; =20 +struct SEVState { + QSevGuestInfo *sev_info; +}; + +typedef struct SEVState SEVState; + +void *sev_guest_init(const char *id); + #endif =20 diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs index 2d59d8409162..31b36fdfdb88 100644 --- a/stubs/Makefile.objs +++ b/stubs/Makefile.objs @@ -43,3 +43,4 @@ stub-obj-y +=3D xen-common.o stub-obj-y +=3D xen-hvm.o stub-obj-y +=3D pci-host-piix.o stub-obj-y +=3D ram-block.o +stub-obj-y +=3D sev.o diff --git a/stubs/sev.c b/stubs/sev.c new file mode 100644 index 000000000000..e3076f009a48 --- /dev/null +++ b/stubs/sev.c @@ -0,0 +1,43 @@ +/* + * QEMU SEV stub + * + * Copyright Advanced Micro Devices 2018 + * + * Authors: + * Brijesh Singh + * + * This work is licensed under the terms of the GNU GPL, version 2 or late= r. + * See the COPYING file in the top-level directory. + * + */ + +#include "qemu/osdep.h" +#include "qemu-common.h" +#include "sysemu/sev.h" + +void sev_get_current_state(char **state) +{ +} + +bool sev_enabled(void) +{ + return false; +} + +void *sev_guest_init(const char *id) +{ + return NULL; +} + +uint64_t sev_get_me_mask(void) +{ + return ~0UL; +} + +void sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build) +{ +} + +void sev_get_policy(uint32_t *policy) +{ +} diff --git a/target/i386/sev.c b/target/i386/sev.c index 57e092a0bddd..d5fd975792b8 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -18,10 +18,74 @@ #include "sysemu/kvm.h" #include "sysemu/sev.h" #include "sysemu/sysemu.h" +#include "trace.h" =20 #define DEFAULT_GUEST_POLICY 0x1 /* disable debug */ #define DEFAULT_SEV_DEVICE "/dev/sev" =20 +static uint64_t me_mask; +static bool sev_active; +static int sev_fd; + +#define SEV_FW_MAX_ERROR 0x17 + +static const char *const sev_fw_errlist[] =3D { + "", + "Platform state is invalid", + "Guest state is invalid", + "Platform configuration is invalid", + "Buffer too small", + "Platform is already owned", + "Certificate is invalid", + "Policy is not allowed", + "Guest is not active", + "Invalid address", + "Bad signature", + "Bad measurement", + "Asid is already owned", + "Invalid ASID", + "WBINVD is required", + "DF_FLUSH is required", + "Guest handle is invalid", + "Invalid command", + "Guest is active", + "Hardware error", + "Hardware unsafe", + "Feature not supported", + "Invalid parameter" +}; + +static int +sev_ioctl(int cmd, void *data, int *error) +{ + int r; + struct kvm_sev_cmd input; + + memset(&input, 0x0, sizeof(input)); + + input.id =3D cmd; + input.sev_fd =3D sev_fd; + input.data =3D (__u64)data; + + r =3D kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &input); + + if (error) { + *error =3D input.error; + } + + return r; +} + +static const char * +fw_error_to_str(int code) +{ + if (code >=3D SEV_FW_MAX_ERROR) { + return "unknown error"; + } + + return sev_fw_errlist[code]; +} + static void qsev_guest_finalize(Object *obj) { @@ -205,6 +269,103 @@ static const TypeInfo qsev_guest_info =3D { } }; =20 +static QSevGuestInfo * +lookup_sev_guest_info(const char *id) +{ + Object *obj; + QSevGuestInfo *info; + + obj =3D object_resolve_path_component(object_get_objects_root(), id); + if (!obj) { + return NULL; + } + + info =3D (QSevGuestInfo *) + object_dynamic_cast(obj, TYPE_QSEV_GUEST_INFO); + if (!info) { + return NULL; + } + + return info; +} + +uint64_t +sev_get_me_mask(void) +{ + return ~me_mask; +} + +void +sev_get_current_state(char **state) +{ +} + +bool +sev_enabled(void) +{ + return sev_active; +} + +void +sev_get_fw_version(uint8_t *major, uint8_t *minor, uint8_t *build) +{ +} + +void +sev_get_policy(uint32_t *policy) +{ +} + +void * +sev_guest_init(const char *id) +{ + SEVState *s; + char *devname; + int ret, fw_error; + uint32_t host_cbitpos, cbitpos; + + s =3D g_new0(SEVState, 1); + s->sev_info =3D lookup_sev_guest_info(id); + if (!s->sev_info) { + error_report("%s: '%s' is not a valid '%s' object", + __func__, id, TYPE_QSEV_GUEST_INFO); + goto err; + } + + host_cbitpos =3D sev_get_host_cbitpos(); + cbitpos =3D object_property_get_int(OBJECT(s->sev_info), "cbitpos", NU= LL); + if (host_cbitpos !=3D cbitpos) { + error_report("%s: cbitpos check failed, host '%d' request '%d'", + __func__, host_cbitpos, cbitpos); + goto err; + } + + me_mask =3D (1UL << cbitpos); + + devname =3D object_property_get_str(OBJECT(s->sev_info), "sev-device",= NULL); + sev_fd =3D open(devname, O_RDWR); + if (sev_fd < 0) { + error_report("%s: Failed to open %s '%s'", __func__, + devname, strerror(errno)); + goto err; + } + g_free(devname); + + trace_kvm_sev_init(); + ret =3D sev_ioctl(KVM_SEV_INIT, NULL, &fw_error); + if (ret) { + error_report("%s: failed to initialize ret=3D%d fw_error=3D%d '%s'= ", + __func__, ret, fw_error, fw_error_to_str(fw_error)); + goto err; + } + + sev_active =3D true; + return s; +err: + g_free(s); + return NULL; +} + static void sev_register_types(void) { diff --git a/target/i386/trace-events b/target/i386/trace-events index 3153fd445488..797b716751b7 100644 --- a/target/i386/trace-events +++ b/target/i386/trace-events @@ -5,3 +5,6 @@ kvm_x86_fixup_msi_error(uint32_t gsi) "VT-d failed to remap= interrupt for GSI %" kvm_x86_add_msi_route(int virq) "Adding route entry for virq %d" kvm_x86_remove_msi_route(int virq) "Removing route entry for virq %d" kvm_x86_update_msi_routes(int num) "Updated %d MSI routes" + +# target/i386/sev.c +kvm_sev_init(void) "" --=20 2.14.3