From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Paolo Bonzini" <pbonzini@redhat.com>,
"Eduardo Habkost" <ehabkost@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Daniel P. Berrangé" <berrange@redhat.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
kvm@vger.kernel.org, "Dov Murik" <dovmurik@linux.ibm.com>,
"Brijesh Singh" <brijesh.singh@amd.com>
Subject: [PULL 1/6] qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option
Date: Thu, 18 Nov 2021 13:35:27 +0000 [thread overview]
Message-ID: <20211118133532.2029166-2-berrange@redhat.com> (raw)
In-Reply-To: <20211118133532.2029166-1-berrange@redhat.com>
From: Dov Murik <dovmurik@linux.ibm.com>
Introduce new boolean 'kernel-hashes' option on the sev-guest object.
It will be used to to decide whether to add the hashes of
kernel/initrd/cmdline to SEV guest memory when booting with -kernel.
The default value is 'off'.
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
qapi/qom.json | 7 ++++++-
qemu-options.hx | 6 +++++-
target/i386/sev.c | 20 ++++++++++++++++++++
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/qapi/qom.json b/qapi/qom.json
index ccd1167808..eeb5395ff3 100644
--- a/qapi/qom.json
+++ b/qapi/qom.json
@@ -769,6 +769,10 @@
# @reduced-phys-bits: number of bits in physical addresses that become
# unavailable when SEV is enabled
#
+# @kernel-hashes: if true, add hashes of kernel/initrd/cmdline to a
+# designated guest firmware page for measured boot
+# with -kernel (default: false) (since 6.2)
+#
# Since: 2.12
##
{ 'struct': 'SevGuestProperties',
@@ -778,7 +782,8 @@
'*policy': 'uint32',
'*handle': 'uint32',
'*cbitpos': 'uint32',
- 'reduced-phys-bits': 'uint32' } }
+ 'reduced-phys-bits': 'uint32',
+ '*kernel-hashes': 'bool' } }
##
# @ObjectType:
diff --git a/qemu-options.hx b/qemu-options.hx
index 7749f59300..ae2c6dbbfc 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -5189,7 +5189,7 @@ SRST
-object secret,id=sec0,keyid=secmaster0,format=base64,\\
data=$SECRET,iv=$(<iv.b64)
- ``-object sev-guest,id=id,cbitpos=cbitpos,reduced-phys-bits=val,[sev-device=string,policy=policy,handle=handle,dh-cert-file=file,session-file=file]``
+ ``-object sev-guest,id=id,cbitpos=cbitpos,reduced-phys-bits=val,[sev-device=string,policy=policy,handle=handle,dh-cert-file=file,session-file=file,kernel-hashes=on|off]``
Create a Secure Encrypted Virtualization (SEV) guest object,
which can be used to provide the guest memory encryption support
on AMD processors.
@@ -5229,6 +5229,10 @@ SRST
session with the guest owner to negotiate keys used for
attestation. The file must be encoded in base64.
+ The ``kernel-hashes`` adds the hashes of given kernel/initrd/
+ cmdline to a designated guest firmware page for measured Linux
+ boot with -kernel. The default is off. (Since 6.2)
+
e.g to launch a SEV guest
.. parsed-literal::
diff --git a/target/i386/sev.c b/target/i386/sev.c
index eede07f11d..cad32812f5 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -62,6 +62,7 @@ struct SevGuestState {
char *session_file;
uint32_t cbitpos;
uint32_t reduced_phys_bits;
+ bool kernel_hashes;
/* runtime state */
uint32_t handle;
@@ -327,6 +328,20 @@ sev_guest_set_sev_device(Object *obj, const char *value, Error **errp)
sev->sev_device = g_strdup(value);
}
+static bool sev_guest_get_kernel_hashes(Object *obj, Error **errp)
+{
+ SevGuestState *sev = SEV_GUEST(obj);
+
+ return sev->kernel_hashes;
+}
+
+static void sev_guest_set_kernel_hashes(Object *obj, bool value, Error **errp)
+{
+ SevGuestState *sev = SEV_GUEST(obj);
+
+ sev->kernel_hashes = value;
+}
+
static void
sev_guest_class_init(ObjectClass *oc, void *data)
{
@@ -345,6 +360,11 @@ sev_guest_class_init(ObjectClass *oc, void *data)
sev_guest_set_session_file);
object_class_property_set_description(oc, "session-file",
"guest owners session parameters (encoded with base64)");
+ object_class_property_add_bool(oc, "kernel-hashes",
+ sev_guest_get_kernel_hashes,
+ sev_guest_set_kernel_hashes);
+ object_class_property_set_description(oc, "kernel-hashes",
+ "add kernel hashes to guest firmware for measured Linux boot");
}
static void
--
2.31.1
WARNING: multiple messages have this Message-ID (diff)
From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Eduardo Habkost" <ehabkost@redhat.com>,
kvm@vger.kernel.org, "Marcelo Tosatti" <mtosatti@redhat.com>,
"Markus Armbruster" <armbru@redhat.com>,
"Dov Murik" <dovmurik@linux.ibm.com>,
"Brijesh Singh" <brijesh.singh@amd.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Eric Blake" <eblake@redhat.com>
Subject: [PULL 1/6] qapi/qom, target/i386: sev-guest: Introduce kernel-hashes=on|off option
Date: Thu, 18 Nov 2021 13:35:27 +0000 [thread overview]
Message-ID: <20211118133532.2029166-2-berrange@redhat.com> (raw)
In-Reply-To: <20211118133532.2029166-1-berrange@redhat.com>
From: Dov Murik <dovmurik@linux.ibm.com>
Introduce new boolean 'kernel-hashes' option on the sev-guest object.
It will be used to to decide whether to add the hashes of
kernel/initrd/cmdline to SEV guest memory when booting with -kernel.
The default value is 'off'.
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
qapi/qom.json | 7 ++++++-
qemu-options.hx | 6 +++++-
target/i386/sev.c | 20 ++++++++++++++++++++
3 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/qapi/qom.json b/qapi/qom.json
index ccd1167808..eeb5395ff3 100644
--- a/qapi/qom.json
+++ b/qapi/qom.json
@@ -769,6 +769,10 @@
# @reduced-phys-bits: number of bits in physical addresses that become
# unavailable when SEV is enabled
#
+# @kernel-hashes: if true, add hashes of kernel/initrd/cmdline to a
+# designated guest firmware page for measured boot
+# with -kernel (default: false) (since 6.2)
+#
# Since: 2.12
##
{ 'struct': 'SevGuestProperties',
@@ -778,7 +782,8 @@
'*policy': 'uint32',
'*handle': 'uint32',
'*cbitpos': 'uint32',
- 'reduced-phys-bits': 'uint32' } }
+ 'reduced-phys-bits': 'uint32',
+ '*kernel-hashes': 'bool' } }
##
# @ObjectType:
diff --git a/qemu-options.hx b/qemu-options.hx
index 7749f59300..ae2c6dbbfc 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -5189,7 +5189,7 @@ SRST
-object secret,id=sec0,keyid=secmaster0,format=base64,\\
data=$SECRET,iv=$(<iv.b64)
- ``-object sev-guest,id=id,cbitpos=cbitpos,reduced-phys-bits=val,[sev-device=string,policy=policy,handle=handle,dh-cert-file=file,session-file=file]``
+ ``-object sev-guest,id=id,cbitpos=cbitpos,reduced-phys-bits=val,[sev-device=string,policy=policy,handle=handle,dh-cert-file=file,session-file=file,kernel-hashes=on|off]``
Create a Secure Encrypted Virtualization (SEV) guest object,
which can be used to provide the guest memory encryption support
on AMD processors.
@@ -5229,6 +5229,10 @@ SRST
session with the guest owner to negotiate keys used for
attestation. The file must be encoded in base64.
+ The ``kernel-hashes`` adds the hashes of given kernel/initrd/
+ cmdline to a designated guest firmware page for measured Linux
+ boot with -kernel. The default is off. (Since 6.2)
+
e.g to launch a SEV guest
.. parsed-literal::
diff --git a/target/i386/sev.c b/target/i386/sev.c
index eede07f11d..cad32812f5 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -62,6 +62,7 @@ struct SevGuestState {
char *session_file;
uint32_t cbitpos;
uint32_t reduced_phys_bits;
+ bool kernel_hashes;
/* runtime state */
uint32_t handle;
@@ -327,6 +328,20 @@ sev_guest_set_sev_device(Object *obj, const char *value, Error **errp)
sev->sev_device = g_strdup(value);
}
+static bool sev_guest_get_kernel_hashes(Object *obj, Error **errp)
+{
+ SevGuestState *sev = SEV_GUEST(obj);
+
+ return sev->kernel_hashes;
+}
+
+static void sev_guest_set_kernel_hashes(Object *obj, bool value, Error **errp)
+{
+ SevGuestState *sev = SEV_GUEST(obj);
+
+ sev->kernel_hashes = value;
+}
+
static void
sev_guest_class_init(ObjectClass *oc, void *data)
{
@@ -345,6 +360,11 @@ sev_guest_class_init(ObjectClass *oc, void *data)
sev_guest_set_session_file);
object_class_property_set_description(oc, "session-file",
"guest owners session parameters (encoded with base64)");
+ object_class_property_add_bool(oc, "kernel-hashes",
+ sev_guest_get_kernel_hashes,
+ sev_guest_set_kernel_hashes);
+ object_class_property_set_description(oc, "kernel-hashes",
+ "add kernel hashes to guest firmware for measured Linux boot");
}
static void
--
2.31.1
next prev parent reply other threads:[~2021-11-18 13:36 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-18 13:35 [PULL 0/6 for-6.2] AMD SEV patches Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé [this message]
2021-11-18 13:35 ` [PULL 1/6] qapi/qom, target/i386: sev-guest: Introduce kernel-hashes=on|off option Daniel P. Berrangé
2021-11-18 13:35 ` [PULL 2/6] target/i386/sev: Add kernel hashes only if sev-guest.kernel-hashes=on Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé
2021-11-18 13:35 ` [PULL 3/6] target/i386/sev: Rephrase error message when no hashes table in guest firmware Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé
2021-11-18 13:35 ` [PULL 4/6] target/i386/sev: Fail when invalid hashes table area detected Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé
2021-11-18 13:35 ` [PULL 5/6] target/i386/sev: Perform padding calculations at compile-time Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé
2021-11-18 13:35 ` [PULL 6/6] target/i386/sev: Replace qemu_map_ram_ptr with address_space_map Daniel P. Berrangé
2021-11-18 13:35 ` Daniel P. Berrangé
2021-11-18 16:37 ` [PULL 0/6 for-6.2] AMD SEV patches Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211118133532.2029166-2-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=brijesh.singh@amd.com \
--cc=dovmurik@linux.ibm.com \
--cc=eblake@redhat.com \
--cc=ehabkost@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.