Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Ashish Kalra <ashish.kalra@amd.com>
To: Dov Murik <dovmurik@linux.ibm.com>
Cc: qemu-devel@nongnu.org, pbonzini@redhat.com,
	Thomas.Lendacky@amd.com, brijesh.singh@amd.com,
	dgilbert@redhat.com, ehabkost@redhat.com,
	dovmurik@linux.vnet.ibm.com, tobin@ibm.com, jejb@linux.ibm.com
Subject: Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context
Date: Thu, 5 Aug 2021 14:45:35 +0000	[thread overview]
Message-ID: <20210805144535.GE23670@ashkalra_ubuntu_server> (raw)
In-Reply-To: <d0fd1154-669a-c5af-188e-9e7ba15b989e@linux.ibm.com>

On Thu, Aug 05, 2021 at 04:06:27PM +0300, Dov Murik wrote:
> 
> 
> On 04/08/2021 14:56, Ashish Kalra wrote:
> > From: Brijesh Singh <brijesh.singh@amd.com>
> > 
> > The user provides the target machine's Platform Diffie-Hellman key (PDH)
> > and certificate chain before starting the SEV guest migration. Cache the
> > certificate chain as we need them while creating the outgoing context.
> > 
> > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> > Co-developed-by: Ashish Kalra <ashish.kalra@amd.com>
> > Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
> > ---
> >  include/sysemu/sev.h |  2 ++
> >  target/i386/sev.c    | 61 ++++++++++++++++++++++++++++++++++++++++++++
> >  2 files changed, 63 insertions(+)
> > 
> > diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
> > index 94d821d737..64fc88d3c5 100644
> > --- a/include/sysemu/sev.h
> > +++ b/include/sysemu/sev.h
> > @@ -14,11 +14,13 @@
> >  #ifndef QEMU_SEV_H
> >  #define QEMU_SEV_H
> > 
> > +#include <qapi/qapi-types-migration.h>
> >  #include "sysemu/kvm.h"
> > 
> >  bool sev_enabled(void);
> >  int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
> >  int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp);
> > +int sev_save_setup(MigrationParameters *p);
> >  int sev_inject_launch_secret(const char *hdr, const char *secret,
> >                               uint64_t gpa, Error **errp);
> > 
> > diff --git a/target/i386/sev.c b/target/i386/sev.c
> > index 83df8c09f6..5e7c87764c 100644
> > --- a/target/i386/sev.c
> > +++ b/target/i386/sev.c
> > @@ -24,6 +24,7 @@
> >  #include "qemu/module.h"
> >  #include "qemu/uuid.h"
> >  #include "sysemu/kvm.h"
> > +#include "sysemu/sev.h"
> >  #include "sev_i386.h"
> >  #include "sysemu/sysemu.h"
> >  #include "sysemu/runstate.h"
> > @@ -68,6 +69,12 @@ struct SevGuestState {
> >      int sev_fd;
> >      SevState state;
> >      gchar *measurement;
> > +    guchar *remote_pdh;
> > +    size_t remote_pdh_len;
> > +    guchar *remote_plat_cert;
> > +    size_t remote_plat_cert_len;
> > +    guchar *amd_cert;
> > +    size_t amd_cert_len;
> > 
> >      uint32_t reset_cs;
> >      uint32_t reset_ip;
> > @@ -116,6 +123,12 @@ static const char *const sev_fw_errlist[] = {
> > 
> >  #define SEV_FW_MAX_ERROR      ARRAY_SIZE(sev_fw_errlist)
> > 
> > +#define SEV_FW_BLOB_MAX_SIZE            0x4000          /* 16KB */
> > +
> > +static struct ConfidentialGuestMemoryEncryptionOps sev_memory_encryption_ops = {
> > +    .save_setup = sev_save_setup,
> > +};
> > +
> >  static int
> >  sev_ioctl(int fd, int cmd, void *data, int *error)
> >  {
> > @@ -772,6 +785,50 @@ sev_vm_state_change(void *opaque, bool running, RunState state)
> >      }
> >  }
> > 
> > +static inline bool check_blob_length(size_t value)
> > +{
> > +    if (value > SEV_FW_BLOB_MAX_SIZE) {
> > +        error_report("invalid length max=%d got=%ld",
> > +                     SEV_FW_BLOB_MAX_SIZE, value);
> > +        return false;
> > +    }
> > +
> > +    return true;
> > +}
> > +
> > +int sev_save_setup(MigrationParameters *p)
> > +{
> > +    SevGuestState *s = sev_guest;
> > +    const char *pdh = p->sev_pdh;
> > +    const char *plat_cert = p->sev_plat_cert;
> > +    const char *amd_cert = p->sev_amd_cert;
> > +
> > +    s->remote_pdh = g_base64_decode(pdh, &s->remote_pdh_len);
> 
> You should check    if (!s->remote_pdh)   to detect decoding failure
> (for all g_base64_decode calls here).
> 
Ok.

Thanks,
Ashish

> Though I must say, it would be better to check validity of the
> user-supplied base64 earlier (when migrate-set-parameters QMP call
> occurs), and not later when migration starts.
> 
> 
> > +    if (!check_blob_length(s->remote_pdh_len)) {
> > +        goto error;
> > +    }
> > +
> > +    s->remote_plat_cert = g_base64_decode(plat_cert,
> > +                                          &s->remote_plat_cert_len);
> > +    if (!check_blob_length(s->remote_plat_cert_len)) {
> > +        goto error;
> > +    }
> > +
> > +    s->amd_cert = g_base64_decode(amd_cert, &s->amd_cert_len);
> > +    if (!check_blob_length(s->amd_cert_len)) {
> > +        goto error;
> > +    }
> > +
> > +    return 0;
> > +
> > +error:
> > +    g_free(s->remote_pdh);
> > +    g_free(s->remote_plat_cert);
> > +    g_free(s->amd_cert);
> > +
> > +    return 1;
> > +}
> > +
> >  int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
> >  {
> >      SevGuestState *sev
> > @@ -781,6 +838,8 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
> >      uint32_t ebx;
> >      uint32_t host_cbitpos;
> >      struct sev_user_data_status status = {};
> > +    ConfidentialGuestSupportClass *cgs_class =
> > +        (ConfidentialGuestSupportClass *) object_get_class(OBJECT(cgs));
> > 
> >      if (!sev) {
> >          return 0;
> > @@ -870,6 +929,8 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
> >      qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
> >      qemu_add_vm_change_state_handler(sev_vm_state_change, sev);
> > 
> > +    cgs_class->memory_encryption_ops = &sev_memory_encryption_ops;
> > +
> >      cgs->ready = true;
> > 
> >      return 0;
> >

next prev parent reply	other threads:[~2021-08-05 14:47 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-04 11:52 [PATCH v4 00/14] Add SEV guest live migration support Ashish Kalra
2021-08-04 11:53 ` [PATCH v4 01/14] doc: update AMD SEV API spec web link Ashish Kalra
2021-08-16 18:44   ` Dr. David Alan Gilbert
2021-08-04 11:53 ` [PATCH v4 02/14] doc: update AMD SEV to include Live migration flow Ashish Kalra
2021-08-05  6:34   ` Dov Murik
2021-08-05  9:39     ` Ashish Kalra
2021-09-10  9:53   ` Daniel P. Berrangé
2021-08-04 11:54 ` [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters Ashish Kalra
2021-08-05  9:42   ` Dov Murik
2021-08-05 14:41     ` Ashish Kalra
2021-08-05 20:18   ` Eric Blake
2021-08-04 11:55 ` [PATCH v4 04/14] confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs Ashish Kalra
2021-08-05 12:20   ` Dov Murik
2021-08-05 14:43     ` Ashish Kalra
2021-08-04 11:56 ` [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context Ashish Kalra
2021-08-05 13:06   ` Dov Murik
2021-08-05 14:45     ` Ashish Kalra [this message]
2021-08-04 11:56 ` [PATCH v4 06/14] target/i386: sev: do not create launch context for an incoming guest Ashish Kalra
2021-08-04 11:56 ` [PATCH v4 07/14] target/i386: sev: add support to encrypt the outgoing page Ashish Kalra
2021-08-05 14:35   ` Dov Murik
2021-08-04 11:57 ` [PATCH v4 08/14] target/i386: sev: add support to load incoming encrypted page Ashish Kalra
2021-08-04 11:57 ` [PATCH v4 09/14] kvm: Add support for SEV shared regions list and KVM_EXIT_HYPERCALL Ashish Kalra
2021-08-04 11:57 ` [PATCH v4 10/14] migration: add support to migrate shared regions list Ashish Kalra
2021-09-10  7:54   ` Wang, Wei W
2021-09-10  8:47     ` Ashish Kalra
2021-09-10  9:11       ` Wang, Wei W
2021-09-10  9:42         ` Ashish Kalra
2021-08-04 11:58 ` [PATCH v4 11/14] migration/ram: add support to send encrypted pages Ashish Kalra
2021-08-04 11:59 ` [PATCH v4 12/14] migration/ram: Force encrypted status for flash0 & flash1 devices Ashish Kalra
2021-08-04 11:59 ` [PATCH v4 13/14] migration: for SEV live migration bump downtime limit to 1s Ashish Kalra
2021-09-10  9:43   ` Daniel P. Berrangé
2021-09-10 10:18     ` Ashish Kalra via
2021-08-04 12:00 ` [PATCH v4 14/14] kvm: Add support for userspace MSR filtering and handling of MSR_KVM_MIGRATION_CONTROL Ashish Kalra
2021-09-10  7:56   ` Wang, Wei W
2021-09-10  9:14     ` Ashish Kalra
2021-09-10  9:36       ` Wang, Wei W

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210805144535.GE23670@ashkalra_ubuntu_server \
    --to=ashish.kalra@amd.com \
    --cc=Thomas.Lendacky@amd.com \
    --cc=brijesh.singh@amd.com \
    --cc=dgilbert@redhat.com \
    --cc=dovmurik@linux.ibm.com \
    --cc=dovmurik@linux.vnet.ibm.com \
    --cc=ehabkost@redhat.com \
    --cc=jejb@linux.ibm.com \
    --cc=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=tobin@ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).