From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: Brijesh Singh <brijesh.singh@amd.com>
Cc: qemu-devel@nongnu.org, kvm@vger.kernel.org,
Paolo Bonzini <pbonzini@redhat.com>,
Tom Lendacky <Thomas.Lendacky@amd.com>,
Peter Maydell <peter.maydell@linaro.org>,
Richard Henderson <richard.henderson@linaro.org>,
"Edgar E. Iglesias" <edgar.iglesias@xilinx.com>,
Eduardo Habkost <ehabkost@redhat.com>,
Stefan Hajnoczi <stefanha@gmail.com>,
Eric Blake <eblake@redhat.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Daniel P . Berrange" <berrange@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v6 10/23] sev: add command to initialize the memory encryption context
Date: Thu, 1 Feb 2018 15:46:10 +0000 [thread overview]
Message-ID: <20180201154609.GF2457@work-vm> (raw)
In-Reply-To: <ea80d75d-3ccb-9643-656e-f644d7e891f9@amd.com>
* Brijesh Singh (brijesh.singh@amd.com) wrote:
>
>
> On 02/01/2018 06:13 AM, Dr. David Alan Gilbert wrote:
> > * Brijesh Singh (brijesh.singh@amd.com) wrote:
> > > When memory encryption is enabled, KVM_SEV_INIT command is used to
> > > initialize the platform. The command loads the SEV related persistent
> > > data from non-volatile storage and initializes the platform context.
> > > This command should be first issued before invoking any other guest
> > > commands provided by the SEV firmware.
> >
> > Some minor comments rather than full review.
> >
> > > Cc: Paolo Bonzini <pbonzini@redhat.com>
> > > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> > > ---
> > > accel/kvm/kvm-all.c | 15 ++++++
> > > accel/kvm/sev.c | 124 +++++++++++++++++++++++++++++++++++++++++++++++++
> > > accel/kvm/trace-events | 2 +
> > > include/sysemu/sev.h | 10 ++++
> > > 4 files changed, 151 insertions(+)
> > >
> > > diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> > > index f290f487a573..a9b16846675e 100644
> > > --- a/accel/kvm/kvm-all.c
> > > +++ b/accel/kvm/kvm-all.c
> > > @@ -38,6 +38,7 @@
> > > #include "qemu/event_notifier.h"
> > > #include "trace.h"
> > > #include "hw/irq.h"
> > > +#include "sysemu/sev.h"
> > > #include "hw/boards.h"
> > > @@ -103,6 +104,9 @@ struct KVMState
> > > #endif
> > > KVMMemoryListener memory_listener;
> > > QLIST_HEAD(, KVMParkedVcpu) kvm_parked_vcpus;
> > > +
> > > + /* memory encryption */
> > > + void *memcrypt_handle;
> > > };
> > > KVMState *kvm_state;
> > > @@ -1632,6 +1636,17 @@ static int kvm_init(MachineState *ms)
> > > kvm_state = s;
> > > + /*
> > > + * if memory encryption object is specified then initialize the memory
> > > + * encryption context.
> > > + * */
> >
> > Style: should be */
>
>
> Ah noted, I will fix this.
>
>
> >
> > > + if (ms->memory_encryption) {
> > > + kvm_state->memcrypt_handle = sev_guest_init(ms->memory_encryption);
> > > + if (!kvm_state->memcrypt_handle) {
> > > + goto err;
> > > + }
> > > + }
> > > +
> > > ret = kvm_arch_init(ms, s);
> > > if (ret < 0) {
> > > goto err;
> > > diff --git a/accel/kvm/sev.c b/accel/kvm/sev.c
> > > index e93fdfeb0c8f..be1791e510b3 100644
> > > --- a/accel/kvm/sev.c
> > > +++ b/accel/kvm/sev.c
> > > @@ -18,10 +18,72 @@
> > > #include "sysemu/kvm.h"
> > > #include "sysemu/sev.h"
> > > #include "sysemu/sysemu.h"
> > > +#include "trace.h"
> > > #define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
> > > #define DEFAULT_SEV_DEVICE "/dev/sev"
> > > +static int sev_fd;
> > > +
> > > +#define SEV_FW_MAX_ERROR 0x17
> > > +
> > > +static char sev_fw_errlist[SEV_FW_MAX_ERROR][100] = {
> >
> > Perhaps:
> > static const char *sev_few_errlist[] = {
> > ?
> >
>
> Sure, we can make it const, i will take care of this in next rev.
>
>
> > > + "",
> > > + "Platform state is invalid",
> > > + "Guest state is invalid",
> > > + "Platform configuration is invalid",
> > > + "Buffer too small",
> > > + "Platform is already owned",
> > > + "Certificate is invalid",
> > > + "Policy is not allowed",
> > > + "Guest is not active",
> > > + "Invalid address",
> > > + "Bad signature",
> > > + "Bad measurement",
> > > + "Asid is already owned",
> > > + "Invalid ASID",
> > > + "WBINVD is required",
> > > + "DF_FLUSH is required",
> > > + "Guest handle is invalid",
> > > + "Invalid command",
> > > + "Guest is active",
> > > + "Hardware error",
> > > + "Hardware unsafe",
> > > + "Feature not supported",
> > > + "Invalid parameter"
> > > +};
> > > +
> > > +static int
> > > +sev_ioctl(int cmd, void *data, int *error)
> > > +{
> > > + int r;
> > > + struct kvm_sev_cmd input;
> > > +
> > > + memset(&input, 0x0, sizeof(input));
> > > +
> > > + input.id = cmd;
> > > + input.sev_fd = sev_fd;
> > > + input.data = (__u64)data;
> > > +
> > > + r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &input);
> > > +
> > > + if (error) {
> > > + *error = input.error;
> > > + }
> > > +
> > > + return r;
> > > +}
> > > +
> > > +static char *
> > > +fw_error_to_str(int code)
> > > +{
> > > + if (code > SEV_FW_MAX_ERROR) {
> >
> > I'm trying to convince myself whether that should be >= and whether the
> > maximum error is really 0x16 ? Your list up there has 23 entries
> > so I think trying to access error 0x17 would be bad.
> >
>
> Good catch, it should be >=.
>
>
> > > + return NULL;
> >
> > It might be better to return 'No error' or the like unless you're going
> > to be testing for NULL; that way you never end up with a Null getting
> > out.
> >
>
> Sure, I can do that.
>
>
> > > + }
> > > +
> > > + return sev_fw_errlist[code];
> > > +}
> > > +
> > > static void
> > > qsev_guest_finalize(Object *obj)
> > > {
> > > @@ -170,6 +232,68 @@ static const TypeInfo qsev_guest_info = {
> > > }
> > > };
> > > +static QSevGuestInfo *
> > > +lookup_sev_guest_info(const char *id)
> > > +{
> > > + Object *obj;
> > > + QSevGuestInfo *info;
> > > +
> > > + obj = object_resolve_path_component(object_get_objects_root(), id);
> > > + if (!obj) {
> > > + return NULL;
> > > + }
> > > +
> > > + info = (QSevGuestInfo *)
> > > + object_dynamic_cast(obj, TYPE_QSEV_GUEST_INFO);
> > > + if (!info) {
> > > + return NULL;
> > > + }
> > > +
> > > + return info;
> > > +}
> > > +
> > > +void *
> > > +sev_guest_init(const char *id)
> > > +{
> > > + SEVState *s;
> > > + char *devname;
> > > + int ret, fw_error;
> > > +
> > > + s = g_malloc0(sizeof(SEVState));
> >
> > g_new0 is easier.
>
>
> Sure, I can switch to using g_new0.
>
>
> >
> > > + if (!s) {
> > > + return NULL;
> > > + }
> >
> > and allocation aborts rather than returning NULL (unless you use the
> > _try_ version of g_new)
>
>
> Agreed, I will abort on allocation failure.
No, I mean you don't need to, since g_new0 etc will abort themselves
on an allocation failure; there's no need to check.
Dave
>
> >
> > > +
> > > + s->sev_info = lookup_sev_guest_info(id);
> > > + if (!s->sev_info) {
> > > + error_report("%s: '%s' is not a valid '%s' object",
> > > + __func__, id, TYPE_QSEV_GUEST_INFO);
> > > + goto err;
> > > + }
> > > +
> > > + devname = object_property_get_str(OBJECT(s->sev_info), "sev-device", NULL);
> > > + sev_fd = open(devname, O_RDWR);
> > > + if (sev_fd < 0) {
> > > + error_report("%s: Failed to open %s '%s'", __func__,
> > > + devname, strerror(errno));
> > > + goto err;
> > > + }
> > > + g_free(devname);
> > > +
> > > + trace_kvm_sev_init();
> > > + ret = sev_ioctl(KVM_SEV_INIT, NULL, &fw_error);
> > > + if (ret) {
> > > + error_report("%s: failed to initialize ret=%d fw_error=%d '%s'",
> > > + __func__, ret, fw_error, fw_error_to_str(fw_error));
> > > + goto err;
> > > + }
> > > +
> > > + return s;
> > > +err:
> > > + g_free(s);
> > > + return NULL;
> > > +}
> > > +
> > > static void
> > > sev_register_types(void)
> > > {
> > > diff --git a/accel/kvm/trace-events b/accel/kvm/trace-events
> > > index f89ba5578dc1..ea487e5a5913 100644
> > > --- a/accel/kvm/trace-events
> > > +++ b/accel/kvm/trace-events
> > > @@ -13,3 +13,5 @@ kvm_irqchip_add_msi_route(char *name, int vector, int virq) "dev %s vector %d vi
> > > kvm_irqchip_update_msi_route(int virq) "Updating MSI route virq=%d"
> > > kvm_irqchip_release_virq(int virq) "virq %d"
> > > +# sev.c
> > > +kvm_sev_init(void) ""
> > > diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
> > > index d2621a9d1100..6aec25bc05e5 100644
> > > --- a/include/sysemu/sev.h
> > > +++ b/include/sysemu/sev.h
> > > @@ -14,6 +14,8 @@
> > > #ifndef QEMU_SEV_H
> > > #define QEMU_SEV_H
> > > +#include <linux/kvm.h>
> > > +
> > > #include "qom/object.h"
> > > #include "qapi/error.h"
> > > #include "sysemu/kvm.h"
> > > @@ -49,5 +51,13 @@ struct QSevGuestInfoClass {
> > > ObjectClass parent_class;
> > > };
> > > +struct SEVState {
> > > + QSevGuestInfo *sev_info;
> > > +};
> > > +
> > > +typedef struct SEVState SEVState;
> > > +
> > > +void *sev_guest_init(const char *id);
> > > +
> > > #endif
> > > --
> > > 2.9.5
> > >
> >
> > Dave
> >
> > --
> > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
> >
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2018-02-01 15:46 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-29 17:41 [Qemu-devel] [PATCH v6 00/23] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 01/23] memattrs: add debug attribute Brijesh Singh
2018-01-30 21:59 ` Edgar E. Iglesias
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 02/23] exec: add ram_debug_ops support Brijesh Singh
2018-01-30 21:59 ` Edgar E. Iglesias
2018-01-30 22:34 ` Brijesh Singh
2018-01-30 22:37 ` Edgar E. Iglesias
2018-01-30 23:26 ` Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 03/23] exec: add debug version of physical memory read and write API Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 04/23] monitor/i386: use debug APIs when accessing guest memory Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 05/23] target/i386: add memory encryption feature cpuid support Brijesh Singh
2018-01-30 17:49 ` Dr. David Alan Gilbert
2018-01-30 21:46 ` Brijesh Singh
2018-01-30 22:15 ` Brijesh Singh
2018-01-31 9:57 ` Dr. David Alan Gilbert
2018-01-31 13:41 ` Eduardo Habkost
2018-01-31 16:05 ` Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 06/23] machine: add -memory-encryption property Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 07/23] kvm: update kvm.h to include memory encryption ioctls Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 08/23] docs: add AMD Secure Encrypted Virtualization (SEV) Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 09/23] accel: add Secure Encrypted Virtulization (SEV) object Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 10/23] sev: add command to initialize the memory encryption context Brijesh Singh
2018-02-01 12:13 ` Dr. David Alan Gilbert
2018-02-01 15:33 ` Brijesh Singh
2018-02-01 15:46 ` Dr. David Alan Gilbert [this message]
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 11/23] sev: register the guest memory range which may contain encrypted data Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 12/23] kvm: introduce memory encryption APIs Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 13/23] hmp: display memory encryption support in 'info kvm' Brijesh Singh
2018-01-31 17:43 ` Markus Armbruster
2018-02-01 15:21 ` Brijesh Singh
2018-02-01 17:58 ` Dr. David Alan Gilbert
2018-02-01 19:55 ` Brijesh Singh
2018-02-01 20:04 ` Dr. David Alan Gilbert
2018-02-02 13:08 ` Daniel P. Berrangé
2018-02-02 13:46 ` Brijesh Singh
2018-02-02 15:24 ` Dr. David Alan Gilbert
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 14/23] sev: add command to create launch memory encryption context Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 15/23] sev: add command to encrypt guest memory region Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 16/23] target/i386: encrypt bios rom Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 17/23] qapi: add SEV_MEASUREMENT event Brijesh Singh
2018-01-31 17:45 ` Markus Armbruster
2018-02-01 15:25 ` Brijesh Singh
2018-02-01 15:28 ` Eric Blake
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 18/23] sev: emit the " Brijesh Singh
2018-01-30 20:08 ` Dr. David Alan Gilbert
2018-01-30 22:13 ` Brijesh Singh
2018-02-01 17:27 ` Dr. David Alan Gilbert
2018-02-02 15:11 ` Brijesh Singh
2018-02-02 15:16 ` Daniel P. Berrangé
2018-02-08 16:17 ` Brijesh Singh
2018-02-08 16:22 ` Daniel P. Berrangé
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 19/23] sev: Finalize the SEV guest launch flow Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 20/23] hw: i386: set ram_debug_ops when memory encryption is enabled Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 21/23] sev: add debug encrypt and decrypt commands Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 22/23] target/i386: clear C-bit when walking SEV guest page table Brijesh Singh
2018-01-29 17:41 ` [Qemu-devel] [PATCH v6 23/23] sev: add migration blocker Brijesh Singh
2018-01-29 18:13 ` [Qemu-devel] [PATCH v6 00/23] x86: Secure Encrypted Virtualization (AMD) no-reply
2018-01-29 18:17 ` no-reply
2018-01-29 18:19 ` no-reply
2018-01-29 18:31 ` no-reply
2018-02-06 15:51 ` Bruce Rogers
2018-02-07 1:07 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180201154609.GF2457@work-vm \
--to=dgilbert@redhat.com \
--cc=Thomas.Lendacky@amd.com \
--cc=berrange@redhat.com \
--cc=brijesh.singh@amd.com \
--cc=eblake@redhat.com \
--cc=edgar.iglesias@xilinx.com \
--cc=ehabkost@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=stefanha@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).