include/sysemu/sev.h | 2 + qapi/misc-target.json | 20 +++++++ target/i386/monitor.c | 8 +++ target/i386/sev-stub.c | 5 ++ target/i386/sev.c | 113 +++++++++++++++++++++++++++++++++++++ target/i386/sev_i386.h | 16 ++++++ target/i386/trace-events | 1 + tests/qtest/qmp-cmd-test.c | 6 +- 8 files changed, 168 insertions(+), 3 deletions(-)
This patchset contains two patches. The first enables QEMU to facilitate the injection of a secret blob into the guest memory. The second enables QEMU to parse the guest ROM to determine the address at which the secret should be injected. Tobin Feldman-Fitzthum (2): sev: add sev-inject-launch-secret sev: scan guest ROM for launch secret address include/sysemu/sev.h | 2 + qapi/misc-target.json | 20 +++++++ target/i386/monitor.c | 8 +++ target/i386/sev-stub.c | 5 ++ target/i386/sev.c | 113 +++++++++++++++++++++++++++++++++++++ target/i386/sev_i386.h | 16 ++++++ target/i386/trace-events | 1 + tests/qtest/qmp-cmd-test.c | 6 +- 8 files changed, 168 insertions(+), 3 deletions(-) -- 2.20.1 (Apple Git-117)
cc'ing in Brijesh for SEV stuff, and also Paolo. * Tobin Feldman-Fitzthum (tobin@linux.vnet.ibm.com) wrote: > This patchset contains two patches. The first enables QEMU > to facilitate the injection of a secret blob into the guest > memory. > > The second enables QEMU to parse the guest ROM to determine > the address at which the secret should be injected. > > Tobin Feldman-Fitzthum (2): > sev: add sev-inject-launch-secret > sev: scan guest ROM for launch secret address > > include/sysemu/sev.h | 2 + > qapi/misc-target.json | 20 +++++++ > target/i386/monitor.c | 8 +++ > target/i386/sev-stub.c | 5 ++ > target/i386/sev.c | 113 +++++++++++++++++++++++++++++++++++++ > target/i386/sev_i386.h | 16 ++++++ > target/i386/trace-events | 1 + > tests/qtest/qmp-cmd-test.c | 6 +- > 8 files changed, 168 insertions(+), 3 deletions(-) > > -- > 2.20.1 (Apple Git-117) > > -- Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
Patchew URL: https://patchew.org/QEMU/20200528205114.42078-1-tobin@linux.vnet.ibm.com/
Hi,
This series failed the asan build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT BEGIN ===
#!/bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-debug@fedora TARGET_LIST=x86_64-softmmu J=14 NETWORK=1
=== TEST SCRIPT END ===
GEN scsi/trace.h
GEN audio/trace.h
CC /tmp/qemu-test/build/slirp/src/tcp_output.o
make: *** [Makefile:666: qapi-gen-timestamp] Error 1
make: *** Waiting for unfinished jobs....
CC /tmp/qemu-test/build/slirp/src/ndp_table.o
CC /tmp/qemu-test/build/slirp/src/bootp.o
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--label', 'com.qemu.instance.uuid=93d79e62908146289998366473c102a3', '-u', '1003', '--security-opt', 'seccomp=unconfined', '--rm', '-e', 'TARGET_LIST=x86_64-softmmu', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 'SHOW_ENV=', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-bnxinu3b/src/docker-src.2020-05-28-23.32.39.19459:/var/tmp/qemu:z,ro', 'qemu:fedora', '/var/tmp/qemu/run', 'test-debug']' returned non-zero exit status 2.
filter=--filter=label=com.qemu.instance.uuid=93d79e62908146289998366473c102a3
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-bnxinu3b/src'
make: *** [docker-run-test-debug@fedora] Error 2
real 3m13.106s
user 0m8.085s
The full log is available at
http://patchew.org/logs/20200528205114.42078-1-tobin@linux.vnet.ibm.com/testing.asan/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
Patchew URL: https://patchew.org/QEMU/20200528205114.42078-1-tobin@linux.vnet.ibm.com/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Message-id: 20200528205114.42078-1-tobin@linux.vnet.ibm.com
Subject: [PATCH 0/2] Add support for SEV Launch Secret Injection
Type: series
=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===
Switched to a new branch 'test'
fefbf6f sev: scan guest ROM for launch secret address
94d7e7b sev: add sev-inject-launch-secret
=== OUTPUT BEGIN ===
1/2 Checking commit 94d7e7bc7c3c (sev: add sev-inject-launch-secret)
ERROR: code indent should never use tabs
#26: FILE: include/sysemu/sev.h:22:
+^I^I uint64_t gpa);$
ERROR: trailing whitespace
#45: FILE: qapi/misc-target.json:213:
+ GPA provided here will be ignored if guest ROM specifies $
ERROR: suspect code indent for conditional statements (4, 6)
#72: FILE: target/i386/monitor.c:744:
+ if (sev_inject_launch_secret(packet_hdr,secret,gpa) != 0)
+ error_setg(errp, "SEV inject secret failed");
ERROR: space required after that ',' (ctx:VxV)
#72: FILE: target/i386/monitor.c:744:
+ if (sev_inject_launch_secret(packet_hdr,secret,gpa) != 0)
^
ERROR: space required after that ',' (ctx:VxV)
#72: FILE: target/i386/monitor.c:744:
+ if (sev_inject_launch_secret(packet_hdr,secret,gpa) != 0)
^
ERROR: braces {} are necessary for all arms of this statement
#72: FILE: target/i386/monitor.c:744:
+ if (sev_inject_launch_secret(packet_hdr,secret,gpa) != 0)
[...]
ERROR: code indent should never use tabs
#84: FILE: target/i386/sev-stub.c:52:
+^I^I uint64_t gpa)$
ERROR: code indent should never use tabs
#86: FILE: target/i386/sev-stub.c:54:
+^I return 1;$
ERROR: code indent should never use tabs
#136: FILE: target/i386/sev.c:776:
+^Ierror_report("Not in correct state. %x",sev_state->state);$
ERROR: space required after that ',' (ctx:VxV)
#136: FILE: target/i386/sev.c:776:
+ error_report("Not in correct state. %x",sev_state->state);
^
ERROR: code indent should never use tabs
#137: FILE: target/i386/sev.c:777:
+^Ireturn 1;$
ERROR: space required after that ',' (ctx:VxV)
#170: FILE: target/i386/sev.c:810:
+ ret = sev_ioctl(sev_state->sev_fd,KVM_SEV_LAUNCH_SECRET, input, &error);
^
ERROR: do not use C99 // comments
#207: FILE: tests/qtest/qmp-cmd-test.c:96:
+ // "query-sev-launch-measure",
ERROR: do not use C99 // comments
#211: FILE: tests/qtest/qmp-cmd-test.c:98:
+ // "query-sev",
ERROR: do not use C99 // comments
#212: FILE: tests/qtest/qmp-cmd-test.c:99:
+ // "query-sev-capabilities",
total: 15 errors, 0 warnings, 163 lines checked
Patch 1/2 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
2/2 Checking commit fefbf6f8855c (sev: scan guest ROM for launch secret address)
ERROR: space required after that ',' (ctx:VxO)
#43: FILE: target/i386/sev.c:741:
+ qemu_uuid_parse(SEV_ROM_SECRET_GUID,&secret_table_guid);
^
ERROR: space required before that '&' (ctx:OxV)
#43: FILE: target/i386/sev.c:741:
+ qemu_uuid_parse(SEV_ROM_SECRET_GUID,&secret_table_guid);
^
ERROR: space required before the open parenthesis '('
#47: FILE: target/i386/sev.c:745:
+ while(offset > 0) {
ERROR: space required before the open brace '{'
#49: FILE: target/i386/sev.c:747:
+ if(qemu_uuid_is_equal(&secret_table_guid, (QemuUUID *) secret_table)){
ERROR: space required before the open parenthesis '('
#49: FILE: target/i386/sev.c:747:
+ if(qemu_uuid_is_equal(&secret_table_guid, (QemuUUID *) secret_table)){
ERROR: space required before the open parenthesis '('
#64: FILE: target/i386/sev.c:762:
+ if(!sev_state->secret_gpa) {
ERROR: code indent should never use tabs
#66: FILE: target/i386/sev.c:764:
+^I }$
ERROR: space required after that ',' (ctx:VxV)
#76: FILE: target/i386/sev.c:803:
+ error_report("Not in correct state. %x",sev_state->state);
^
ERROR: space required before the open parenthesis '('
#85: FILE: target/i386/sev.c:819:
+ if(sev_state->secret_gpa)
ERROR: braces {} are necessary for all arms of this statement
#85: FILE: target/i386/sev.c:819:
+ if(sev_state->secret_gpa)
[...]
total: 10 errors, 0 warnings, 104 lines checked
Patch 2/2 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
=== OUTPUT END ===
Test command exited with code: 1
The full log is available at
http://patchew.org/logs/20200528205114.42078-1-tobin@linux.vnet.ibm.com/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
Patchew URL: https://patchew.org/QEMU/20200528205114.42078-1-tobin@linux.vnet.ibm.com/
Hi,
This series failed the docker-quick@centos7 build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT BEGIN ===
#!/bin/bash
make docker-image-centos7 V=1 NETWORK=1
time make docker-test-quick@centos7 SHOW_ENV=1 J=14 NETWORK=1
=== TEST SCRIPT END ===
GEN ui/input-keymap-qnum-to-qcode.c
In file included from /tmp/qemu-test/src/qapi/qapi-schema.json:85:
/tmp/qemu-test/src/qapi/misc-target.json:213:9: stray 'GPA'
make: *** [qapi-gen-timestamp] Error 1
make: *** Waiting for unfinished jobs....
CC /tmp/qemu-test/build/slirp/src/slirp.o
CC /tmp/qemu-test/build/slirp/src/vmstate.o
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--label', 'com.qemu.instance.uuid=6e1594b856a84baabe3c89fab85fce17', '-u', '1003', '--security-opt', 'seccomp=unconfined', '--rm', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/home/patchew2/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-yd1xv0uz/src/docker-src.2020-05-28-23.30.04.14959:/var/tmp/qemu:z,ro', 'qemu:centos7', '/var/tmp/qemu/run', 'test-quick']' returned non-zero exit status 2.
filter=--filter=label=com.qemu.instance.uuid=6e1594b856a84baabe3c89fab85fce17
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-yd1xv0uz/src'
make: *** [docker-run-test-quick@centos7] Error 2
real 1m59.216s
user 0m7.852s
The full log is available at
http://patchew.org/logs/20200528205114.42078-1-tobin@linux.vnet.ibm.com/testing.docker-quick@centos7/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
Patchew URL: https://patchew.org/QEMU/20200528205114.42078-1-tobin@linux.vnet.ibm.com/
Hi,
This series failed the docker-mingw@fedora build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
=== TEST SCRIPT BEGIN ===
#! /bin/bash
export ARCH=x86_64
make docker-image-fedora V=1 NETWORK=1
time make docker-test-mingw@fedora J=14 NETWORK=1
=== TEST SCRIPT END ===
GEN ui/input-keymap-xorgxquartz-to-qcode.c
In file included from /tmp/qemu-test/src/qapi/qapi-schema.json:85:
/tmp/qemu-test/src/qapi/misc-target.json:213:9: stray 'GPA'
make: *** [Makefile:666: qapi-gen-timestamp] Error 1
make: *** Waiting for unfinished jobs....
CC /tmp/qemu-test/build/slirp/src/ip6_icmp.o
CC /tmp/qemu-test/build/slirp/src/slirp.o
---
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['sudo', '-n', 'docker', 'run', '--label', 'com.qemu.instance.uuid=cb62fe08a707401d8f3632cb951681ac', '-u', '1001', '--security-opt', 'seccomp=unconfined', '--rm', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=14', '-e', 'DEBUG=', '-e', 'SHOW_ENV=', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/home/patchew/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-h6j9yyx9/src/docker-src.2020-05-28-23.37.24.24496:/var/tmp/qemu:z,ro', 'qemu:fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit status 2.
filter=--filter=label=com.qemu.instance.uuid=cb62fe08a707401d8f3632cb951681ac
make[1]: *** [docker-run] Error 1
make[1]: Leaving directory `/var/tmp/patchew-tester-tmp-h6j9yyx9/src'
make: *** [docker-run-test-mingw@fedora] Error 2
real 2m8.174s
user 0m8.497s
The full log is available at
http://patchew.org/logs/20200528205114.42078-1-tobin@linux.vnet.ibm.com/testing.docker-mingw@fedora/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
© 2016 - 2026 Red Hat, Inc.