On Tue, Aug 13, 2024 at 04:01:14PM GMT, Roy Hopkins wrote:
>For confidential guests a policy can be provided that defines the
>security level, debug status, expected launch measurement and other
>parameters that define the configuration of the confidential platform.
>
>This commit adds a new function named set_guest_policy() that can be
>implemented by each confidential platform, such as AMD SEV to set the
>policy. This will allow configuration of the policy from a
>multi-platform resource such as an IGVM file without the IGVM processor
>requiring specific implementation details for each platform.
>
>Signed-off-by: Roy Hopkins <roy.hopkins@suse.com>
>Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
>Acked-by: Michael S. Tsirkin <mst@redhat.com>
>---
> backends/confidential-guest-support.c | 12 ++++++++++++
> include/exec/confidential-guest-support.h | 21 +++++++++++++++++++++
> 2 files changed, 33 insertions(+)
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
>
>diff --git a/backends/confidential-guest-support.c b/backends/confidential-guest-support.c
>index 68e6fd9d18..3c46b2cd6b 100644
>--- a/backends/confidential-guest-support.c
>+++ b/backends/confidential-guest-support.c
>@@ -38,6 +38,17 @@ static int set_guest_state(hwaddr gpa, uint8_t *ptr, uint64_t len,
> return -1;
> }
>
>+static int set_guest_policy(ConfidentialGuestPolicyType policy_type,
>+ uint64_t policy,
>+ void *policy_data1, uint32_t policy_data1_size,
>+ void *policy_data2, uint32_t policy_data2_size,
>+ Error **errp)
>+{
>+ error_setg(errp,
>+ "Setting confidential guest policy is not supported for this platform");
>+ return -1;
>+}
>+
> static int get_mem_map_entry(int index, ConfidentialGuestMemoryMapEntry *entry,
> Error **errp)
> {
>@@ -52,6 +63,7 @@ static void confidential_guest_support_class_init(ObjectClass *oc, void *data)
> ConfidentialGuestSupportClass *cgsc = CONFIDENTIAL_GUEST_SUPPORT_CLASS(oc);
> cgsc->check_support = check_support;
> cgsc->set_guest_state = set_guest_state;
>+ cgsc->set_guest_policy = set_guest_policy;
> cgsc->get_mem_map_entry = get_mem_map_entry;
> }
>
>diff --git a/include/exec/confidential-guest-support.h b/include/exec/confidential-guest-support.h
>index 058c7535ca..6a9ccc2454 100644
>--- a/include/exec/confidential-guest-support.h
>+++ b/include/exec/confidential-guest-support.h
>@@ -59,6 +59,10 @@ typedef enum ConfidentialGuestPageType {
> CGS_PAGE_TYPE_REQUIRED_MEMORY,
> } ConfidentialGuestPageType;
>
>+typedef enum ConfidentialGuestPolicyType {
>+ GUEST_POLICY_SEV,
>+} ConfidentialGuestPolicyType;
>+
> struct ConfidentialGuestSupport {
> Object parent;
>
>@@ -123,6 +127,23 @@ typedef struct ConfidentialGuestSupportClass {
> ConfidentialGuestPageType memory_type,
> uint16_t cpu_index, Error **errp);
>
>+ /*
>+ * Set the guest policy. The policy can be used to configure the
>+ * confidential platform, such as if debug is enabled or not and can contain
>+ * information about expected launch measurements, signed verification of
>+ * guest configuration and other platform data.
>+ *
>+ * The format of the policy data is specific to each platform. For example,
>+ * SEV-SNP uses a policy bitfield in the 'policy' argument and provides an
>+ * ID block and ID authentication in the 'policy_data' parameters. The type
>+ * of policy data is identified by the 'policy_type' argument.
>+ */
>+ int (*set_guest_policy)(ConfidentialGuestPolicyType policy_type,
>+ uint64_t policy,
>+ void *policy_data1, uint32_t policy_data1_size,
>+ void *policy_data2, uint32_t policy_data2_size,
>+ Error **errp);
>+
> /*
> * Iterate the system memory map, getting the entry with the given index
> * that can be populated into guest memory.
>--
>2.43.0
>