From: "Michael S. Tsirkin" <mst@redhat.com>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: ehabkost@redhat.com, crosthwaite.peter@gmail.com,
armbru@redhat.com, p.fedin@samsung.com, qemu-devel@nongnu.org,
lcapitulino@redhat.com, pbonzini@redhat.com, rth@twiddle.net
Subject: Re: [Qemu-devel] [RFC PATCH v1 16/22] i386: pc: load OS images at fixed location in SEV-enabled guest
Date: Tue, 13 Sep 2016 21:37:28 +0300 [thread overview]
Message-ID: <20160913183728.qcmhrxii44pug7ck@redhat.com> (raw)
In-Reply-To: <147377816978.11859.942423377333907417.stgit@brijesh-build-machine>
On Tue, Sep 13, 2016 at 10:49:29AM -0400, Brijesh Singh wrote:
> Typically linux kernel, initrd and cmdline are build and loaded
> into guest memory through linux optionrom. The linux optionrom is
> probed and executed by SeaBIOS. This method will not work for
> SEV-enabled guest.
>
> In SEV-enabled guest all the code and data must be copied using SEV
> launch command prior to starting the guest (i.e before first vmrun).
> The data copied using SEV launch command will be encrypted using guest
> owner's key. This patch loads kernel, initrd and cmdline blobs at fixed
> location into guest memory and builds etc/sev_cfg config file. The cfg
> file provide the below structure
>
> struct sev_cfg {
> u32 kernel_addr, initrd_addr, cmdline_addr;
> u32 kernel_size, initrd_size, cmdline_size;
> }
>
> The config file can be used by SeaBIOS to locate OS images into guest
> RAM and build linux boot entry code.
>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
I don't think we want to give users this kind of
control over how we manage memory internally
for what is essentially a debugging feature at this point.
Isn't there a way to first launch guest, and then have it
encrypt itself once it's running?
If not, I guess it's not too bad if -kernel does not
work with sev debug feature - just load kernel from disk.
> ---
> hw/i386/pc.c | 94 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 93 insertions(+), 1 deletion(-)
>
> diff --git a/hw/i386/pc.c b/hw/i386/pc.c
> index 1471df4..f2c7472 100644
> --- a/hw/i386/pc.c
> +++ b/hw/i386/pc.c
> @@ -104,6 +104,15 @@ static struct e820_entry *e820_table;
> static unsigned e820_entries;
> struct hpet_fw_config hpet_cfg = {.count = UINT8_MAX};
>
> +struct sev_cfg_data {
> + uint32_t kernel_addr;
> + uint32_t initrd_addr;
> + uint32_t cmdline_addr;
> + uint32_t kernel_size;
> + uint32_t initrd_size;
> + uint32_t cmdline_size;
> +} QEMU_PACKED __attribute((__aligned__(4)));
> +
> void gsi_handler(void *opaque, int n, int level)
> {
> GSIState *s = opaque;
> @@ -824,6 +833,86 @@ struct setup_data {
> uint8_t data[0];
> } __attribute__((packed));
>
> +#define round_up(x, align) ((x + align) & ~(align - 1))
> +
> +static void sev_load_file_fixed(const char *filename, int start,
> + int *end, int *sz)
> +{
> + FILE *f;
> + int sz_aligned, ret;
> + char *data;
> +
> + f = fopen(filename, "rb");
> + if (!f) {
> + fprintf(stderr, "qemu: could not load '%s': %s\n",
> + filename, strerror(errno));
> + exit(1);
> + }
> +
> + /* SEV update commands needs 16-byte aligned length */
> + *sz = get_file_size(f);
> + sz_aligned = round_up(*sz, 16);
> + data = g_malloc(sz_aligned);
> + ret = fread(data, 1, *sz, f);
> + if (ret != *sz) {
> + fprintf(stderr, "qemu: failed to read %d bytes from %s\n",
> + *sz, filename);
> + exit(1);
> + }
> + rom_add_blob_fixed(filename, data, sz_aligned, start);
> + *end = start + sz_aligned;
> + fclose(f);
> + g_free(data);
> +}
> +
> +/* load kernel, initrd and cmdline blobs at fixed location into guest
> + * memory and generate etc/sev config file.
> + */
> +static void sev_load_linux(PCMachineState *pcms,
> + FWCfgState *fw_cfg)
> +{
> + FILE *f;
> + int cmdline_size, kernel_size, initrd_size;
> + int initrd_addr, kernel_addr, cmdline_addr, end;
> + MachineState *machine = MACHINE(pcms);
> + const char *kernel_cmdline = machine->kernel_cmdline;
> + struct sev_cfg_data *sev_cfg;
> + char *cmdline_string;
> +
> + /* load kernel command line string */
> + cmdline_addr = 0x1000000;
> + cmdline_size = round_up(strlen(kernel_cmdline), 16);
> + cmdline_string = g_malloc(cmdline_size);
> + strncpy(cmdline_string, kernel_cmdline, strlen(kernel_cmdline));
> + rom_add_blob_fixed("cmdline", cmdline_string, cmdline_size, cmdline_addr);
> + g_free(cmdline_string);
> +
> + /* load linux kernel */
> + kernel_addr = cmdline_addr + cmdline_size;
> + sev_load_file_fixed(machine->kernel_filename, kernel_addr,
> + &initrd_addr, &kernel_size);
> +
> + /* load initrd */
> + f = fopen(machine->initrd_filename, "rb");
> + if (f) {
> + sev_load_file_fixed(machine->initrd_filename, initrd_addr,
> + &end, &initrd_size);
> + } else {
> + initrd_addr = 0;
> + initrd_size = 0;
> + }
> +
> + sev_cfg = g_malloc0(sizeof(*sev_cfg));
> + sev_cfg->kernel_addr = kernel_addr;
> + sev_cfg->initrd_addr = initrd_addr;
> + sev_cfg->cmdline_addr = cmdline_addr;
> + sev_cfg->kernel_size = kernel_size;
> + sev_cfg->initrd_size = initrd_size;
> + sev_cfg->cmdline_size = cmdline_size;
> +
> + fw_cfg_add_file(fw_cfg, "etc/sev_cfg", sev_cfg, sizeof(*sev_cfg));
> +}
> +
> static void load_linux(PCMachineState *pcms,
> FWCfgState *fw_cfg)
> {
> @@ -1471,7 +1560,10 @@ void pc_memory_init(PCMachineState *pcms,
> }
>
> if (linux_boot) {
> - load_linux(pcms, fw_cfg);
> + if (kvm_sev_enabled())
> + sev_load_linux(pcms, fw_cfg);
> + else
> + load_linux(pcms, fw_cfg);
> }
>
> for (i = 0; i < nb_option_roms; i++) {
next prev parent reply other threads:[~2016-09-13 18:37 UTC|newest]
Thread overview: 125+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-13 14:46 [Qemu-devel] [RFC PATCH v1 00/22] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2016-09-13 14:46 ` [Qemu-devel] [RFC PATCH v1 01/22] exec: add guest RAM read/write ops Brijesh Singh
2016-09-13 14:47 ` [Qemu-devel] [RFC PATCH v1 02/22] cpu-common: add debug version of physical memory read/write Brijesh Singh
2016-09-13 14:47 ` [Qemu-devel] [RFC PATCH v1 03/22] monitor: use debug version of physical memory read api Brijesh Singh
2016-09-13 14:47 ` [Qemu-devel] [RFC PATCH v1 04/22] memattrs: add SEV debug attrs Brijesh Singh
2016-09-13 23:00 ` Paolo Bonzini
2016-09-14 20:30 ` Brijesh Singh
2016-09-13 14:47 ` [Qemu-devel] [RFC PATCH v1 05/22] i386: add new option to enable SEV guest Brijesh Singh
2016-09-13 22:41 ` Paolo Bonzini
2016-09-14 8:41 ` Daniel P. Berrange
2016-09-14 9:11 ` Paolo Bonzini
2016-09-13 14:47 ` [Qemu-devel] [RFC PATCH v1 06/22] sev: add initial SEV support Brijesh Singh
2016-09-13 15:58 ` Eduardo Habkost
2016-09-13 19:54 ` Brijesh Singh
2016-09-13 20:10 ` Michael S. Tsirkin
2016-09-13 22:00 ` Eduardo Habkost
2016-09-14 8:30 ` Daniel P. Berrange
2016-09-14 11:54 ` Eduardo Habkost
2016-09-14 11:58 ` Daniel P. Berrange
2016-09-14 16:10 ` Brijesh Singh
2016-09-14 16:13 ` Daniel P. Berrange
2016-09-14 16:20 ` Michael S. Tsirkin
2016-09-14 18:46 ` Brijesh Singh
2016-09-14 20:23 ` Michael S. Tsirkin
2016-09-14 8:37 ` Daniel P. Berrange
2016-09-13 14:47 ` [Qemu-devel] [RFC PATCH v1 07/22] sev: add SEV launch start command Brijesh Singh
2016-09-13 14:48 ` [Qemu-devel] [RFC PATCH v1 08/22] sev: add SEV launch update command Brijesh Singh
2016-09-13 14:48 ` [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command Brijesh Singh
2016-09-13 22:15 ` Eduardo Habkost
2016-09-13 14:48 ` [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command Brijesh Singh
2016-09-14 2:28 ` Michael S. Tsirkin
2016-09-14 8:57 ` Paolo Bonzini
2016-09-14 13:05 ` Michael S. Tsirkin
2016-09-14 13:07 ` Paolo Bonzini
2016-09-14 13:23 ` Daniel P. Berrange
2016-09-14 13:32 ` Michael S. Tsirkin
2016-09-14 13:37 ` Daniel P. Berrange
2016-09-14 13:50 ` Michael S. Tsirkin
2016-09-14 14:08 ` Eduardo Habkost
2016-09-14 14:14 ` Paolo Bonzini
2016-09-14 14:38 ` Michael S. Tsirkin
2016-09-14 15:17 ` Michael S. Tsirkin
2016-09-14 14:15 ` Daniel P. Berrange
2016-09-14 14:48 ` Michael S. Tsirkin
2016-09-14 15:06 ` Daniel P. Berrange
2016-09-14 15:46 ` Michael S. Tsirkin
2016-09-14 17:35 ` Eduardo Habkost
2016-09-14 22:05 ` Michael S. Tsirkin
2016-09-15 14:58 ` Eduardo Habkost
2016-09-14 13:27 ` [Qemu-devel] [PATCH v2] virtio_pci: Limit DMA mask to 44 bits for legacy virtio devices Michael S. Tsirkin
2016-09-14 13:36 ` [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command Brijesh Singh
2016-09-14 13:48 ` Michael S. Tsirkin
2016-09-14 14:19 ` Paolo Bonzini
2016-09-14 15:02 ` Michael S. Tsirkin
2016-09-14 16:53 ` Paolo Bonzini
2016-09-14 18:15 ` Michael S. Tsirkin
2016-09-14 18:45 ` Paolo Bonzini
2016-09-14 19:24 ` Michael S. Tsirkin
2016-09-14 19:58 ` Paolo Bonzini
2016-09-14 20:36 ` Michael S. Tsirkin
2016-09-14 20:44 ` Paolo Bonzini
2016-09-14 21:25 ` Brijesh Singh
2016-09-14 21:38 ` Michael S. Tsirkin
2016-09-13 14:48 ` [Qemu-devel] [RFC PATCH v1 11/22] sev: add SEV debug encrypt command Brijesh Singh
2016-09-13 14:48 ` [Qemu-devel] [RFC PATCH v1 12/22] sev: add SEV guest status command Brijesh Singh
2016-09-13 14:48 ` [Qemu-devel] [RFC PATCH v1 13/22] hmp: update 'info kvm' to display SEV status Brijesh Singh
2016-09-13 16:09 ` Eric Blake
2016-09-14 16:16 ` Brijesh Singh
2016-09-15 4:13 ` Michael S. Tsirkin
2016-09-13 23:01 ` Paolo Bonzini
2016-09-13 14:49 ` [Qemu-devel] [RFC PATCH v1 14/22] sev: provide SEV-enabled guest RAM read/write ops Brijesh Singh
2016-09-13 14:49 ` [Qemu-devel] [RFC PATCH v1 15/22] i386: sev: register RAM read/write ops for BIOS and PC.RAM region Brijesh Singh
2016-09-13 23:05 ` Paolo Bonzini
2016-09-14 20:59 ` Brijesh Singh
2016-09-14 21:00 ` Paolo Bonzini
2016-09-14 21:47 ` Brijesh Singh
2016-09-14 21:52 ` Paolo Bonzini
2016-09-14 22:06 ` Brijesh Singh
2016-09-14 22:17 ` Paolo Bonzini
2016-09-14 22:26 ` Brijesh Singh
2016-09-15 14:13 ` Brijesh Singh
2016-09-15 15:19 ` Paolo Bonzini
2016-09-13 14:49 ` [Qemu-devel] [RFC PATCH v1 17/22] target-i386: add cpuid Fn8000_001f Brijesh Singh
2016-09-13 23:07 ` Paolo Bonzini
2016-09-21 16:20 ` Brijesh Singh
2016-09-21 16:24 ` Paolo Bonzini
2016-09-21 18:21 ` Eduardo Habkost
2016-09-13 14:49 ` [Qemu-devel] [RFC PATCH v1 18/22] i386: clear C-bit in SEV guest page table walk Brijesh Singh
2016-09-13 14:49 ` [Qemu-devel] [RFC PATCH v1 19/22] exec: set debug attribute in SEV-enabled guest Brijesh Singh
2016-09-13 23:06 ` Paolo Bonzini
2016-09-13 14:50 ` [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode Brijesh Singh
2016-09-13 18:39 ` Michael S. Tsirkin
2016-09-13 20:46 ` Brijesh Singh
2016-09-13 20:55 ` Michael S. Tsirkin
2016-09-13 22:53 ` Paolo Bonzini
2016-09-14 2:33 ` Michael S. Tsirkin
2016-09-14 8:58 ` Paolo Bonzini
2016-09-21 18:00 ` [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode Message-ID: <20160921205731-mutt-send-email-mst@kernel.org> Michael S. Tsirkin
2016-09-14 12:09 ` [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode Eduardo Habkost
2016-09-14 13:01 ` Paolo Bonzini
2016-09-14 13:14 ` Michael S. Tsirkin
2016-09-14 13:51 ` Eduardo Habkost
2016-09-14 16:10 ` Michael S. Tsirkin
2016-09-14 17:25 ` Eduardo Habkost
2016-09-21 18:03 ` Michael S. Tsirkin
2016-09-21 18:19 ` Brijesh Singh
2016-09-13 14:50 ` [Qemu-devel] [RFC PATCH v1 21/22] hw: add pre and post system reset callback Brijesh Singh
2016-09-13 22:47 ` Paolo Bonzini
2016-09-14 16:19 ` Brijesh Singh
2016-09-13 14:50 ` [Qemu-devel] [RFC PATCH v1 22/22] loader: reload bios image on ROM reset in SEV-enabled guest Brijesh Singh
2016-09-13 18:47 ` Michael S. Tsirkin
2016-09-13 22:59 ` Paolo Bonzini
2016-09-14 2:38 ` Michael S. Tsirkin
2016-09-14 20:29 ` Brijesh Singh
2016-09-14 20:38 ` Paolo Bonzini
2016-09-14 21:09 ` Michael S. Tsirkin
2016-09-14 21:11 ` Paolo Bonzini
2016-09-14 21:24 ` Brijesh Singh
2016-09-13 15:20 ` [Qemu-devel] [RFC PATCH v1 00/22] x86: Secure Encrypted Virtualization (AMD) Eduardo Habkost
[not found] ` <147377816978.11859.942423377333907417.stgit@brijesh-build-machine>
2016-09-13 18:37 ` Michael S. Tsirkin [this message]
2016-09-21 15:55 ` [Qemu-devel] [RFC PATCH v1 16/22] i386: pc: load OS images at fixed location in SEV-enabled guest Brijesh Singh
2016-09-21 15:58 ` Paolo Bonzini
2016-09-21 16:08 ` Brijesh Singh
2016-09-21 16:17 ` Paolo Bonzini
2016-09-14 2:55 ` [Qemu-devel] [RFC PATCH v1 00/22] x86: Secure Encrypted Virtualization (AMD) Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160913183728.qcmhrxii44pug7ck@redhat.com \
--to=mst@redhat.com \
--cc=armbru@redhat.com \
--cc=brijesh.singh@amd.com \
--cc=crosthwaite.peter@gmail.com \
--cc=ehabkost@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=p.fedin@samsung.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).