Re: [PATCH v3] SEV: QMP support for Inject-Launch-Secret

["Daniel P. Berrangé" <berrange@redhat.com>]

On Mon, Oct 12, 2020 at 05:21:15PM +0100, Dr. David Alan Gilbert wrote:
> * Tobin Feldman-Fitzthum (tobin@linux.vnet.ibm.com) wrote:
> > AMD SEV allows a guest owner to inject a secret blob
> > into the memory of a virtual machine. The secret is
> > encrypted with the SEV Transport Encryption Key and
> > integrity is guaranteed with the Transport Integrity
> > Key. Although QEMU faciliates the injection of the

Trivial typo  s/faciliates/facilitates/

> > launch secret, it cannot access the secret.
> > 
> > Signed-off-by: Tobin Feldman-Fitzthum <tobin@linux.vnet.ibm.com>
> > ---
> >  include/monitor/monitor.h |  3 ++
> >  include/sysemu/sev.h      |  2 ++
> >  monitor/misc.c            |  8 ++---
> >  qapi/misc-target.json     | 18 +++++++++++
> >  target/i386/monitor.c     |  9 ++++++
> >  target/i386/sev-stub.c    |  5 +++
> >  target/i386/sev.c         | 66 +++++++++++++++++++++++++++++++++++++++
> >  target/i386/trace-events  |  1 +
> >  8 files changed, 108 insertions(+), 4 deletions(-)


> > diff --git a/qapi/misc-target.json b/qapi/misc-target.json
> > index dee3b45930..d145f916b3 100644
> > --- a/qapi/misc-target.json
> > +++ b/qapi/misc-target.json
> > @@ -200,6 +200,24 @@
> >  { 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
> >    'if': 'defined(TARGET_I386)' }
> >  
> > +##
> > +# @sev-inject-launch-secret:
> > +#
> > +# This command injects a secret blob into memory of SEV guest.
> > +#
> > +# @packet-header: the launch secret packet header encoded in base64
> > +#
> > +# @secret: the launch secret data to be injected encoded in base64

Just to double check, this "secret" is /not/ in clear text, so there's
no way either QEMU nor the QMP client can access sensitive info, right ?

If 'secret' was clear text, then we would need to pass the data across
QMP in a different way.

> > +#
> > +# @gpa: the guest physical address where secret will be injected.
> > +#
> > +# Since: 5.1

s/5.1/5.2/

> > +#
> > +##
> > +{ 'command': 'sev-inject-launch-secret',
> > +  'data': { 'packet-header': 'str', 'secret': 'str', 'gpa': 'uint64' },
> > +  'if': 'defined(TARGET_I386)' }
> > +
> >  ##
> >  # @dump-skeys:
> >  #
> > diff --git a/target/i386/monitor.c b/target/i386/monitor.c
> > index 27ebfa3ad2..42bcfe6dc0 100644
> > --- a/target/i386/monitor.c
> > +++ b/target/i386/monitor.c
> > @@ -736,3 +736,12 @@ SevCapability *qmp_query_sev_capabilities(Error **errp)
> >  
> >      return data;
> >  }
> > +
> > +void qmp_sev_inject_launch_secret(const char *packet_hdr,
> > +                                  const char *secret, uint64_t gpa,
> > +                                  Error **errp)
> > +{
> > +    if (sev_inject_launch_secret(packet_hdr, secret, gpa) != 0) {
> > +        error_setg(errp, "SEV inject secret failed");

This generic error message is useless - sev_inject_launch_secret() needs
to take the 'errp' parameter and report what actually failed.

> > +    }
> > +}
> > diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
> > index e5ee13309c..fed4588185 100644
> > --- a/target/i386/sev-stub.c
> > +++ b/target/i386/sev-stub.c
> > @@ -48,3 +48,8 @@ SevCapability *sev_get_capabilities(void)
> >  {
> >      return NULL;
> >  }
> > +int sev_inject_launch_secret(const char *hdr, const char *secret,
> > +                             uint64_t gpa)
> > +{
> > +    return 1;
> > +}
> > diff --git a/target/i386/sev.c b/target/i386/sev.c
> > index d273174ad3..cbeb8f2e02 100644
> > --- a/target/i386/sev.c
> > +++ b/target/i386/sev.c
> > @@ -28,6 +28,8 @@
> >  #include "sysemu/runstate.h"
> >  #include "trace.h"
> >  #include "migration/blocker.h"
> > +#include "exec/address-spaces.h"
> > +#include "monitor/monitor.h"
> >  
> >  #define TYPE_SEV_GUEST "sev-guest"
> >  #define SEV_GUEST(obj)                                          \
> > @@ -769,6 +771,70 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
> >      return 0;
> >  }
> >  
> > +int sev_inject_launch_secret(const char *packet_hdr,
> > +                             const char *secret, uint64_t gpa)
> > +{
> > +    struct kvm_sev_launch_secret input;
> > +    guchar *data = NULL, *hdr = NULL;

If you declare with  'g_autofree' you don't need the manual 'g_free'
calls later. This in turn means you can get rid of the "goto err"
jumps and instead directly return.

> > +    int error, ret = 1;
> > +    void *hva;
> > +    gsize hdr_sz = 0, data_sz = 0;
> > +    Error *local_err = NULL;

Declare with

   g_autoptr(Error) local_err = NULL

to fix the leak David mentions


> > +    MemoryRegion *mr = NULL;
> > +
> > +    /* secret can be inject only in this state */
> > +    if (!sev_check_state(sev_guest, SEV_STATE_LAUNCH_SECRET)) {
> > +        error_report("SEV: Not in correct state. (LSECRET) %x",
> > +                     sev_guest->state);
> > +        return 1;
> > +    }
> > +
> > +    hdr = g_base64_decode(packet_hdr, &hdr_sz);
> > +    if (!hdr || !hdr_sz) {
> > +        error_report("SEV: Failed to decode sequence header");
> > +        return 1;
> > +    }
> > +
> > +    data = g_base64_decode(secret, &data_sz);
> > +    if (!data || !data_sz) {
> > +        error_report("SEV: Failed to decode data");
> > +        goto err;
> > +    }
> > +
> > +    hva = gpa2hva(&mr, gpa, data_sz, &local_err);
> > +    if (!hva) {
> > +        error_report("SEV: Failed to calculate guest address.");
> 
> Note this is leaking local_err; you need to turn that into probably an
>   error_reportf_err(local_err, "SEV: Failed to calculate guest address:");

Actually this method needs to take an "Error **errp" parameter, so that the
error is propagated back to the QMP command handler, and from there
back to the client app.

> Also the '5.1' above needs to change to 5.2.
> 
> I think with that it looks OK to me.

> > +        goto err;
> > +    }
> > +
> > +    input.hdr_uaddr = (uint64_t)(unsigned long)hdr;
> > +    input.hdr_len = hdr_sz;
> > +
> > +    input.trans_uaddr = (uint64_t)(unsigned long)data;
> > +    input.trans_len = data_sz;
> > +
> > +    input.guest_uaddr = (uint64_t)(unsigned long)hva;
> > +    input.guest_len = data_sz;
> > +
> > +    trace_kvm_sev_launch_secret(gpa, input.guest_uaddr,
> > +                                input.trans_uaddr, input.trans_len);
> > +
> > +    ret = sev_ioctl(sev_guest->sev_fd, KVM_SEV_LAUNCH_SECRET,
> > +                    &input, &error);
> > +    if (ret) {
> > +        error_report("SEV: failed to inject secret ret=%d fw_error=%d '%s'",
> > +                     ret, error, fw_error_to_str(error));
> > +        goto err;
> > +    }
> > +
> > +    ret = 0;
> > +
> > +err:
> > +    g_free(data);
> > +    g_free(hdr);
> > +    return ret;
> > +}


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|