From nobody Tue Apr 7 01:05:26 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1773752154; cv=none; d=zohomail.com; s=zohoarc; b=Md/Pmd7J1ajOtYFf4v1gmrtKkTsfK4jTDQIsAb6rhIRMcgBXNTxfUICIsELwoqx+hM7adPdMRoieAzn7CJOmHH9pR/x7BHuYHnIQvYh3K+SzeuOrlE0D/uxuF89XH/jxC1WpRgDyE+tlIoO0MPesWMyPGqPkVuwr7nadojONV3U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1773752154; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=HnctF6qlKuP/O4jPD04oEBtM7p9ArQpqPxLkJHbnIDY=; b=Sfe2LG02G6dXz29ww09bj1MpfIXIj16FVjbYMNU0xhE/mbjHqtcUlR8bdSEVdwxJ+fOwynwoZxqCpuzcJCxW1c+xv0iDD6B7aF6Dxt7GHXCFl2o2vuamFd/wnA1FQVKcd0vvrKEvBVv/BBIbBC0HCJS9Dj6c8qKpKwua/VahPdA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1773752154979823.1233937471364; Tue, 17 Mar 2026 05:55:54 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1w2Twa-00007J-BK; Tue, 17 Mar 2026 08:54:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1w2Sl8-0003TY-7b for qemu-devel@nongnu.org; Tue, 17 Mar 2026 07:38:52 -0400 Received: from mail-wm1-x330.google.com ([2a00:1450:4864:20::330]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1w2Sl1-0007sR-UX for qemu-devel@nongnu.org; Tue, 17 Mar 2026 07:38:47 -0400 Received: by mail-wm1-x330.google.com with SMTP id 5b1f17b1804b1-4853fd7b59aso34847605e9.2 for ; Tue, 17 Mar 2026 04:38:40 -0700 (PDT) Received: from DesktopTC.localdomain (host-87-27-45-215.business.telecomitalia.it. [87.27.45.215]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-4856eaee04fsm62721365e9.13.2026.03.17.04.38.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Mar 2026 04:38:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1773747519; x=1774352319; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HnctF6qlKuP/O4jPD04oEBtM7p9ArQpqPxLkJHbnIDY=; b=GNtH5DdBy96pLfCJFhcIhQbLBOzVk9rkw8Jw939jyy5QH7umx8pk0Bm8axqKvG68a+ Y26SrfzVvOgXJreIQhFvNJNh5DKen0FCAJHU3kTUTEzxpQg9z14FS4nVp7z87voCKz4P cY+hJPj0dvxe8apPNQymT50PlkpNK+9eVnBU/qZFw/fIsv+siM8UaczS34ktxinRfRtC 7alzR5HID+ErBDNLzpzv74n41HQyHApjskez5fgXC+wqpHcjEB7LEbSZzo0PSSnfRLOf KAMLo+n2r65iGDNLuYVCri9VYwFnIUKwxTTjawN2EPUP1HPgU9rZ0K6BDklJSg1nIsZb L6hA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773747519; x=1774352319; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=HnctF6qlKuP/O4jPD04oEBtM7p9ArQpqPxLkJHbnIDY=; b=MD9oca9+CL1wk+qdzk3ypzCihO55t/Cq8jebj7QCTdUcPkToHWz/JZpahXWADy6XDk 1s4QFpGs0eYANlkhcwcYPA+A2e2PZSWrZvK39cL4LIGkRVCcUj6hIjVzQ8nzFeMT8iZZ o5YLe/GK+Dbny2DmRaGIKBH0aivEIgQONxMGLxaanjM7k6rL9T0Tr2nA5KkCNwzrDAO+ 3EFxjtDsZPmGz+1HNj8G4b0qHUsXCuzNuyYIvhm+NhsAeTpbjqabuz94LoVII2cWQdHP p2WD37bDZxkfOh0b2jI9mBBm2+5J0FGOif61lKwvu/YhdJvkZbULf68Q2iruk3YoRWtU /tKQ== X-Gm-Message-State: AOJu0YzLCWHhMZCZe4FEGdPqS3wdFKHUAFnsQkJt2OcC4EwXkpxep1kY 3dKvJysB75dF7VQeiLC+oORhXunXeJtDQFTj2DKWXmGBuCwvLhEFKXNWkdn7KqdM X-Gm-Gg: ATEYQzzLhYohRN5Gb0PSrU9yQNCAbLa+EI+AQ7ThD3X3+rchhH/pzN0Gb1X1JepsaSb QV0dmrQj5RMwjRv+yuVRyXYbiC21M3Bo8e+K5tLVW/F270wV45U3kNx253vzFuhnolKBlLDr1KG d+dNzFMd/ti4VA+T3i1CAEcviJg7JVj38Fr4EhZ+OP1YK0HgRSWM8ryUIVy63H1oL+Z+SOXynKo qefwNSrfkfKvJV+hFGnxQKU0hXvNbg/WV26dkeZP2kI8JMaCaFMS/29WEkD2EGcI8tvSBzu5UUH ljTjOtgsERaFmyZ3QCqN7KUJFNOtembXhmoVIzud6pzJy00+lPiMEEcWLi6AKg85tBa+aeBy1x5 Tz33vMXONcY2I2LmMhPTALo2M09W9GsMV8q0JXoa772g8BQqbzX+qAcO9s4hwKGw5XqjlZRu5q+ GZJ3a6sQm9fBzk1LJs0dOwKrjbF9Lw0BJW4XuM8Nk32FrPQ0IQ+c4Q0oFz8b0oW4DaHfLKG9Mth NhUmojLE2vy+cFQqvoaEIsZmXA5rDU= X-Received: by 2002:a05:600c:5251:b0:485:3ff1:d5c5 with SMTP id 5b1f17b1804b1-485566cdc17mr272033305e9.7.1773747519106; Tue, 17 Mar 2026 04:38:39 -0700 (PDT) From: Tommaso Califano To: qemu-devel@nongnu.org Cc: kvm@vger.kernel.org, Eduardo Habkost , Markus Armbruster , Zhao Liu , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , Marcelo Tosatti , Eric Blake , Oliver Steffen , Stefano Garzarella , Giuseppe Lettieri , Paolo Bonzini , Luigi Leonardi , Richard Henderson , Tommaso Califano Subject: [PATCH 4/5] i386/sev: Add launch measurement emulation and TIK property Date: Tue, 17 Mar 2026 12:38:39 +0100 Message-ID: <20260317113840.33017-5-califano.tommaso@gmail.com> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260317113840.33017-1-califano.tommaso@gmail.com> References: <20260317113840.33017-1-califano.tommaso@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::330; envelope-from=califano.tommaso@gmail.com; helo=mail-wm1-x330.google.com X-Spam_score_int: -3 X-Spam_score: -0.4 X-Spam_bar: / X-Spam_report: (-0.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, MIME_BASE64_TEXT=1.741, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Tue, 17 Mar 2026 08:54:34 -0400 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1773752157171154100 Content-Type: text/plain; charset="utf-8" The next step for completing the SEV launch emulation is to implement the "query-sev-launch-measure" feature, responsible for returning the measurement. In this case the measurement will be computed in QEMU. Implement sev_emulated_launch_get_measure() to emulate the LAUNCH_MEASURE command per AMD SEV API spec section 6.5.1. It generates a random 16-byte mnonce, computes the launch digest as SHA-256 over ld_data, then derives the measurement via HMAC-SHA256 (TIK;0x04|| API version || build ID || policy || launch digest || mnonce). The base64-encoded result (32-byte HMAC + 16-byte mnonce) populates "query-sev-launch-measure" data, advancing state to LAUNCH_SECRET for secret injection. The TIK is supplied via 16-byte binary file specified in new SevEmulatedProperty "tik" path; absent this, keys default to zeroed. Example QEMU arguments with the key passed: -cpu "EPYC-Milan" \ -accel tcg \ -object sev-emulated,id=3Dsev0,cbitpos=3D47,reduced-phys-bits=3D1,\ tik=3D/path/to/tik.bin \ -machine memory-encryption=3Dsev0 Signed-off-by: Tommaso Califano --- qapi/qom.json | 3 +- target/i386/sev.c | 155 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 157 insertions(+), 1 deletion(-) diff --git a/qapi/qom.json b/qapi/qom.json index 35cda819ec..affb5024b5 100644 --- a/qapi/qom.json +++ b/qapi/qom.json @@ -1064,11 +1064,12 @@ # This object functionally emulates AMD SEV hardware via TCG, so # it does not require real hardware to run. # +# @tik: binary file of the SEV TIK (default: all 0). # Since: 10.1.0 ## { 'struct': 'SevEmulatedProperties', 'base': 'SevGuestProperties', - 'data': {}} + 'data': {'*tik': 'str'}} =20 ## # @SevSnpGuestProperties: diff --git a/target/i386/sev.c b/target/i386/sev.c index 5904f2c983..5b1c001633 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -48,6 +48,8 @@ #include "hw/i386/e820_memory_layout.h" #include "qemu/queue.h" #include "qemu/cutils.h" +#include "crypto/hmac.h" +#include "crypto/random.h" =20 OBJECT_DECLARE_TYPE(SevCommonState, SevCommonStateClass, SEV_COMMON) OBJECT_DECLARE_TYPE(SevGuestState, SevCommonStateClass, SEV_GUEST) @@ -72,6 +74,9 @@ OBJECT_DECLARE_TYPE(SevSnpGuestState, SevCommonStateClass= , SEV_SNP_GUEST) #define FAKE_API_MAJOR 1 #define FAKE_API_MINOR 40 =20 +/* SEV TEK, TIK and IV size in byte for emulation */ +#define TEK_TIK_IV_SIZE 16 + typedef struct QEMU_PACKED SevHashTableEntry { QemuUUID guid; uint16_t len; @@ -197,6 +202,7 @@ struct SevGuestState { =20 typedef struct SevEmulatedState { SevGuestState parent_obj; + uint8_t *tik; QEMUIOVector ld_data; } SevEmulatedState; =20 @@ -1431,6 +1437,89 @@ sev_launch_get_measure(Notifier *notifier, void *unu= sed) trace_kvm_sev_launch_measurement(sev_guest->measurement); } =20 +static void +sev_emulated_launch_get_measure(Notifier *notifier, void *unused) +{ + SevCommonState *sev_common =3D SEV_COMMON(MACHINE(qdev_get_machine())-= >cgs); + SevGuestState *sev_guest =3D SEV_GUEST(sev_common); + SevEmulatedState *sev_emulated =3D SEV_EMULATED(sev_guest); + + uint8_t prefix =3D 0x04; + uint8_t concat_data[56]; + uint8_t mnonce[16]; + uint8_t *hmac_raw; + uint8_t *ld; + gsize hmac_len, ld_len; + GByteArray *measure_raw =3D g_byte_array_sized_new(48); + QCryptoHmac *hmac =3D NULL; + Error *err =3D NULL; + + if (!sev_check_state(sev_common, SEV_STATE_LAUNCH_UPDATE)) { + return; + } + + /* Generate the mnonce (16B) */ + if (qcrypto_random_bytes(mnonce, sizeof(mnonce), &err) < 0) { + error_report_err(err); + return; + } + + /* Compute the Launch Digest (ld) */ + if (qcrypto_hash_bytesv(QCRYPTO_HASH_ALGO_SHA256, sev_emulated->ld_dat= a.iov, + sev_emulated->ld_data.niov, &ld, &ld_len, &err) < = 0){ + error_report_err(err); + return; + } + assert(ld_len =3D=3D HASH_SIZE); + + /* + * The HMAC is calculated as specified in SEV API spec in section 6.5.= 1: + * HMAC(0x04 || API_MAJOR || API_MINOR || BUILD || GCTX.POLICY + * || GCTX.LD || MNONCE; GCTX.TIK) + */ + concat_data[0] =3D prefix; + concat_data[1] =3D sev_common->api_major; + concat_data[2] =3D sev_common->api_minor; + concat_data[3] =3D sev_common->build_id; + memcpy(&concat_data[4], &sev_guest->policy, 4); + memcpy(&concat_data[8], ld, ld_len); + memcpy(&concat_data[40], mnonce, 16); + + g_free(ld); + + /* Initialize HMAC with TIK */ + hmac =3D qcrypto_hmac_new(QCRYPTO_HASH_ALGO_SHA256, + (uint8_t *)sev_emulated->tik, + TEK_TIK_IV_SIZE, + &err); + if (!hmac) { + error_report_err(err); + return; + } + + /* Compute the HMAC */ + if (qcrypto_hmac_bytes(hmac, (char *)concat_data, sizeof(concat_data), + &hmac_raw, &hmac_len, &err) < 0) { + error_report_err(err); + qcrypto_hmac_free(hmac); + return; + } + qcrypto_hmac_free(hmac); + assert(hmac_len =3D=3D HASH_SIZE); + + /* Construct the measurement: HMAC(32B) + mnonce(16B) */ + g_byte_array_append(measure_raw, hmac_raw, 32); + g_byte_array_append(measure_raw, mnonce, 16); + + g_free(hmac_raw); + + sev_guest->measurement =3D + g_base64_encode(measure_raw->data, measure_raw->len); + g_byte_array_free(measure_raw, TRUE); + + sev_set_guest_state(sev_common, SEV_STATE_LAUNCH_SECRET); +} + static char *sev_get_launch_measurement(void) { ConfidentialGuestSupport *cgs =3D MACHINE(qdev_get_machine())->cgs; @@ -1466,6 +1555,10 @@ static Notifier sev_machine_done_notify =3D { .notify =3D sev_launch_get_measure, }; =20 +static Notifier sev_emu_machine_done_notify =3D { + .notify =3D sev_emulated_launch_get_measure, +}; + static void sev_launch_finish(SevCommonState *sev_common) { @@ -3054,6 +3147,9 @@ static int sev_emulated_init(ConfidentialGuestSupport= *cgs, Error **errp) qemu_add_vm_change_state_handler(sev_vm_state_change, sev_common); =20 cgs->ready =3D true; + + qemu_add_machine_init_done_notifier(&sev_emu_machine_done_notify); + return 0; } =20 @@ -3076,6 +3172,48 @@ sev_emulated_launch_finish(SevCommonState *sev_commo= n) sev_set_guest_state(sev_common, SEV_STATE_RUNNING); } =20 +static void sev_emulated_read_key(uint8_t *key, + const char *key_filename, Error **errp) +{ + gsize len; + FILE *fp =3D fopen(key_filename, "rb"); + + if (!fp) { + error_setg(errp, "SEV-EMULATED: Failed to open %s", key_filename); + return; + } + + len =3D fread(key, 1, TEK_TIK_IV_SIZE, fp); + + fclose(fp); + + if (len !=3D TEK_TIK_IV_SIZE) { + error_setg(errp, "parameter length: key size %" G_GSIZE_FORMAT + " is not equal to %u", + len, TEK_TIK_IV_SIZE); + return; + } +} + +static char *sev_emulated_get_tik(Object *obj, Error **errp) +{ + SevEmulatedState *sev_emulated =3D SEV_EMULATED(obj); + + return g_memdup2(sev_emulated->tik, TEK_TIK_IV_SIZE); +} + +static void sev_emulated_set_tik( + Object *obj, const char *key_filename, Error **errp) +{ + SevEmulatedState *sev_emulated =3D SEV_EMULATED(obj); + + sev_emulated_read_key( + sev_emulated->tik, + key_filename, + errp + ); +} + static void sev_emulated_class_init(ObjectClass *oc, const void *data) { SevCommonStateClass *scc =3D SEV_COMMON_CLASS(oc); @@ -3084,6 +3222,22 @@ static void sev_emulated_class_init(ObjectClass *oc,= const void *data) klass->kvm_init =3D sev_emulated_init; scc->launch_update_data =3D sev_emulated_launch_update_data; scc->launch_finish =3D sev_emulated_launch_finish; + + /* Adding emulation specific property */ + object_class_property_add_str(oc, "tik", + sev_emulated_get_tik, + sev_emulated_set_tik); + object_class_property_set_description(oc, "tik", + "Path to the binary file containing the" + "SEV Transport Integrity Key (16 bytes)"); +} + +static void sev_emulated_instance_init(Object *obj) +{ + SevEmulatedState *sev_emulated =3D SEV_EMULATED(obj); + + /* Initialize the key for emulation */ + sev_emulated->tik =3D g_malloc0(TEK_TIK_IV_SIZE); } =20 /* guest info specific sev/sev-es */ @@ -3100,6 +3254,7 @@ static const TypeInfo sev_emulated_info =3D { .parent =3D TYPE_SEV_GUEST, .name =3D TYPE_SEV_EMULATED, .instance_size =3D sizeof(SevEmulatedState), + .instance_init =3D sev_emulated_instance_init, .class_init =3D sev_emulated_class_init }; =20 --=20 2.53.0