From: Jean-Philippe Brucker <jean-philippe@linaro.org>
To: peter.maydell@linaro.org, richard.henderson@linaro.org
Cc: philmd@linaro.org, pbonzini@redhat.com, alex.bennee@linaro.org,
qemu-devel@nongnu.org, qemu-arm@nongnu.org,
Jean-Philippe Brucker <jean-philippe@linaro.org>
Subject: [PATCH v2 11/22] hw/core/loader: Add ROM loader notifier
Date: Fri, 19 Apr 2024 16:56:59 +0100 [thread overview]
Message-ID: <20240419155709.318866-13-jean-philippe@linaro.org> (raw)
In-Reply-To: <20240419155709.318866-2-jean-philippe@linaro.org>
Add a function to register a notifier, that is invoked after a ROM gets
loaded into guest memory.
It will be used by Arm confidential guest support, in order to register
all blobs loaded into memory with KVM, so that their content is part of
the initial VM measurement and contribute to the guest attestation.
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
---
v1->v2: new
---
include/hw/loader.h | 15 +++++++++++++++
hw/core/loader.c | 15 +++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/include/hw/loader.h b/include/hw/loader.h
index 8685e27334..79fab25dd9 100644
--- a/include/hw/loader.h
+++ b/include/hw/loader.h
@@ -356,6 +356,21 @@ void hmp_info_roms(Monitor *mon, const QDict *qdict);
ssize_t rom_add_vga(const char *file);
ssize_t rom_add_option(const char *file, int32_t bootindex);
+typedef struct RomLoaderNotify {
+ /* Parameters passed to rom_add_blob() */
+ hwaddr addr;
+ size_t len;
+ size_t max_len;
+} RomLoaderNotify;
+
+/**
+ * rom_add_load_notifier - Add a notifier for loaded images
+ *
+ * Add a notifier that will be invoked with a RomLoaderNotify structure for each
+ * blob loaded into guest memory, after the blob is loaded.
+ */
+void rom_add_load_notifier(Notifier *notifier);
+
/* This is the usual maximum in uboot, so if a uImage overflows this, it would
* overflow on real hardware too. */
#define UBOOT_MAX_GUNZIP_BYTES (64 << 20)
diff --git a/hw/core/loader.c b/hw/core/loader.c
index b8e52f3fb0..4bd236cf89 100644
--- a/hw/core/loader.c
+++ b/hw/core/loader.c
@@ -67,6 +67,8 @@
#include <zlib.h>
static int roms_loaded;
+static NotifierList rom_loader_notifier =
+ NOTIFIER_LIST_INITIALIZER(rom_loader_notifier);
/* return the size or -1 if error */
int64_t get_image_size(const char *filename)
@@ -1209,6 +1211,11 @@ MemoryRegion *rom_add_blob(const char *name, const void *blob, size_t len,
return mr;
}
+void rom_add_load_notifier(Notifier *notifier)
+{
+ notifier_list_add(&rom_loader_notifier, notifier);
+}
+
/* This function is specific for elf program because we don't need to allocate
* all the rom. We just allocate the first part and the rest is just zeros. This
* is why romsize and datasize are different. Also, this function takes its own
@@ -1250,6 +1257,7 @@ ssize_t rom_add_option(const char *file, int32_t bootindex)
static void rom_reset(void *unused)
{
Rom *rom;
+ RomLoaderNotify notify;
QTAILQ_FOREACH(rom, &roms, next) {
if (rom->fw_file) {
@@ -1298,6 +1306,13 @@ static void rom_reset(void *unused)
cpu_flush_icache_range(rom->addr, rom->datasize);
trace_loader_write_rom(rom->name, rom->addr, rom->datasize, rom->isrom);
+
+ notify = (RomLoaderNotify) {
+ .addr = rom->addr,
+ .len = rom->datasize,
+ .max_len = rom->romsize,
+ };
+ notifier_list_notify(&rom_loader_notifier, ¬ify);
}
}
--
2.44.0
next prev parent reply other threads:[~2024-04-19 16:08 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-19 15:56 [PATCH v2 00/22] arm: Run CCA VMs with KVM Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 01/22] kvm: Merge kvm_check_extension() and kvm_vm_check_extension() Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 02/22] target/arm: Add confidential guest support Jean-Philippe Brucker
2024-04-19 16:25 ` Daniel P. Berrangé
2024-04-23 9:44 ` Jean-Philippe Brucker
2024-04-23 9:49 ` Daniel P. Berrangé
2024-04-23 12:15 ` Markus Armbruster
2024-04-19 15:56 ` [PATCH v2 03/22] target/arm/kvm: Return immediately on error in kvm_arch_init() Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 04/22] target/arm/kvm-rme: Initialize realm Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 05/22] hw/arm/virt: Add support for Arm RME Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 06/22] hw/arm/virt: Disable DTB randomness for confidential VMs Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 07/22] hw/arm/virt: Reserve one bit of guest-physical address for RME Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 08/22] target/arm/kvm: Split kvm_arch_get/put_registers Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 09/22] target/arm/kvm-rme: Initialize vCPU Jean-Philippe Brucker
2024-04-19 15:56 ` [PATCH v2 10/22] target/arm/kvm: Create scratch VM as Realm if necessary Jean-Philippe Brucker
2024-04-19 15:56 ` Jean-Philippe Brucker [this message]
2024-04-19 15:57 ` [PATCH v2 12/22] target/arm/kvm-rme: Populate Realm memory Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 13/22] hw/arm/boot: Register Linux BSS section for confidential guests Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 14/22] target/arm/kvm-rme: Add Realm Personalization Value parameter Jean-Philippe Brucker
2024-04-23 12:17 ` Markus Armbruster
2024-04-23 12:20 ` Peter Maydell
2024-04-23 12:30 ` Daniel P. Berrangé
2024-04-23 12:35 ` Markus Armbruster
2024-04-19 15:57 ` [PATCH v2 15/22] target/arm/kvm-rme: Add measurement algorithm property Jean-Philippe Brucker
2024-04-23 12:23 ` Markus Armbruster
2024-04-19 15:57 ` [PATCH v2 16/22] target/arm/cpu: Set number of breakpoints and watchpoints in KVM Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 17/22] target/arm/cpu: Set number of PMU counters " Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 18/22] target/arm/kvm: Disable Realm reboot Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 19/22] target/arm/cpu: Inform about reading confidential CPU registers Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 20/22] target/arm/kvm-rme: Enable guest memfd Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 21/22] hw/arm/virt: Move virt_flash_create() to machvirt_init() Jean-Philippe Brucker
2024-04-19 15:57 ` [PATCH v2 22/22] hw/arm/virt: Use RAM instead of flash for confidential guest firmware Jean-Philippe Brucker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240419155709.318866-13-jean-philippe@linaro.org \
--to=jean-philippe@linaro.org \
--cc=alex.bennee@linaro.org \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).