From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57468)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <brijesh.singh@amd.com>) id 1c1bNv-0005rC-In
	for qemu-devel@nongnu.org; Tue, 01 Nov 2016 11:54:03 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <brijesh.singh@amd.com>) id 1c1bNr-0003uZ-FR
	for qemu-devel@nongnu.org; Tue, 01 Nov 2016 11:53:59 -0400
Received: from mail-bn3nam01on0044.outbound.protection.outlook.com
	([104.47.33.44]:65360
	helo=NAM01-BN3-obe.outbound.protection.outlook.com)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <brijesh.singh@amd.com>)
	id 1c1bNr-0003uK-9i
	for qemu-devel@nongnu.org; Tue, 01 Nov 2016 11:53:55 -0400
From: Brijesh Singh <brijesh.singh@amd.com>
Date: Tue, 1 Nov 2016 11:53:48 -0400
Message-ID: <147801562823.18237.14268813373957314485.stgit@brijesh-build-machine>
In-Reply-To: <147801550845.18237.12915616525154608660.stgit@brijesh-build-machine>
References: <147801550845.18237.12915616525154608660.stgit@brijesh-build-machine>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [RFC PATCH v3 11/18] sev: add LAUNCH_UPDATE command
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Thomas.Lendacky@amd.com, ehabkost@redhat.com, crosthwaite.peter@gmail.com, armbru@redhat.com, mst@redhat.com, p.fedin@samsung.com, qemu-devel@nongnu.org, lcapitulino@redhat.com, pbonzini@redhat.com, rth@twiddle.net
Cc: brijesh.ksingh@gmail.com

The command is used to encrypt a guest memory region using the VM Encryption
Key (VEK) created by LAUNCH_START command. The firmware will also update
the measurement with the contents of the memory region. This measurement
can be retrieved by calling LAUNCH_FINISH command.

Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 sev.c |   29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/sev.c b/sev.c
index 2fbab2f..fafef6f 100644
--- a/sev.c
+++ b/sev.c
@@ -282,12 +282,41 @@ sev_launch_finish(SEVState *s)
 }
 
 static int
+sev_launch_update(SEVState *s, uint8_t *addr, uint32_t len)
+{
+    int ret;
+    struct kvm_sev_launch_update *data;
+
+    data = g_malloc0(sizeof(*data));
+    if (!data) {
+        return 1;
+    }
+
+    data->address = (__u64)addr;
+    data->length = len;
+    ret = sev_ioctl(KVM_SEV_LAUNCH_UPDATE, data);
+    if (ret) {
+        goto err;
+    }
+
+    DPRINTF("SEV: LAUNCH_UPDATE %#lx+%#x\n", (unsigned long)addr, len);
+err:
+    g_free(data);
+    return ret;
+}
+
+static int
 sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
 {
     SEVState *s = kvm_memory_encryption_get_handle();
 
     assert(s != NULL && s->state != SEV_STATE_INVALID);
 
+    if (s->state == SEV_STATE_LAUNCHING) {
+        memcpy(dst, src, len);
+        return sev_launch_update(s, dst, len);
+    }
+
     return 0;
 }