From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Pankaj Gupta <pankaj.gupta@amd.com>
Cc: qemu-devel@nongnu.org, brijesh.singh@amd.com,
dovmurik@linux.ibm.com, armbru@redhat.com, michael.roth@amd.com,
xiaoyao.li@intel.com, pbonzini@redhat.com,
thomas.lendacky@amd.com, isaku.yamahata@intel.com,
kvm@vger.kernel.org, anisinha@redhat.com
Subject: Re: [PATCH v4 29/31] hw/i386/sev: Allow use of pflash in conjunction with -bios
Date: Mon, 3 Jun 2024 12:55:43 +0100 [thread overview]
Message-ID: <Zl2vP9hohrgaPMTs@redhat.com> (raw)
In-Reply-To: <20240530111643.1091816-30-pankaj.gupta@amd.com>
On Thu, May 30, 2024 at 06:16:41AM -0500, Pankaj Gupta wrote:
> From: Michael Roth <michael.roth@amd.com>
>
> SEV-ES and SEV-SNP support OVMF images with non-volatile storage in
> cases where the storage area is generated as a separate image as part
> of the OVMF build process.
IIUC, right now all OVMF builds for SEV/-ES/-SNP should be done as so
called "stateless" image. ie *without* any separate NVRAM image, because
that image will not be covered by the VM boot measurement and thus the
NVRAM state is liable to undermine trust of the VM.
Using NVRAM for SNP is theoretically possible in future but would be
reliant on SVSM providing a secure encryption mechanism on the storage.
>
> Currently these are exposed with unit=0 corresponding to the actual BIOS
> image, and unit=1 corresponding to the storage image. However, pflash
> images are mapped guest memory using read-only memslots, which are not
> allowed in conjunction with guest_memfd-backed ranges. This makes that
> approach unusable for SEV-SNP, where the BIOS range will be encrypted
> and mapped as private guest_memfd-backed memory. For this reason,
> SEV-SNP will instead rely on -bios to handle loading the BIOS image.
>
> To allow for pflash to still be used for the storage image, rework the
> existing logic to remove assumptions that unit=0 contains the BIOS image
> when SEV-SNP, so that it can instead be used to handle only the storage
> image.
Mixing both BIOS and pflash is pretty undesirable, not least because
that setup cannot be currently represented by the firmware descriptor
format described by docs/interop/firmware.json.
So at the very least this patch is incomplete, as it would need to
propose changes to the firmware.json to allow this setup to be expressed.
I really wish we didn't have to introduce this though - is there really
no way to make it possible to use pflash for both CODE & VARS with SNP,
as is done with traditional VMs, so we don't diverge in setup, needing
yet more changes up the mgmt stack ?
>
> Signed-off-by: Michael Roth <michael.roth@amd.com>
> Signed-off-by: Pankaj Gupta <pankaj.gupta@amd.com>
> ---
> hw/i386/pc_sysfw.c | 47 +++++++++++++++++++++++++++++-----------------
> 1 file changed, 30 insertions(+), 17 deletions(-)
>
> diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
> index def77a442d..7f97e62b16 100644
> --- a/hw/i386/pc_sysfw.c
> +++ b/hw/i386/pc_sysfw.c
> @@ -125,21 +125,10 @@ void pc_system_flash_cleanup_unused(PCMachineState *pcms)
> }
> }
>
> -/*
> - * Map the pcms->flash[] from 4GiB downward, and realize.
> - * Map them in descending order, i.e. pcms->flash[0] at the top,
> - * without gaps.
> - * Stop at the first pcms->flash[0] lacking a block backend.
> - * Set each flash's size from its block backend. Fatal error if the
> - * size isn't a non-zero multiple of 4KiB, or the total size exceeds
> - * pcms->max_fw_size.
> - *
> - * If pcms->flash[0] has a block backend, its memory is passed to
> - * pc_isa_bios_init(). Merging several flash devices for isa-bios is
> - * not supported.
> - */
> -static void pc_system_flash_map(PCMachineState *pcms,
> - MemoryRegion *rom_memory)
> +static void pc_system_flash_map_partial(PCMachineState *pcms,
> + MemoryRegion *rom_memory,
> + hwaddr offset,
> + bool storage_only)
> {
> X86MachineState *x86ms = X86_MACHINE(pcms);
> PCMachineClass *pcmc = PC_MACHINE_GET_CLASS(pcms);
> @@ -154,6 +143,8 @@ static void pc_system_flash_map(PCMachineState *pcms,
>
> assert(PC_MACHINE_GET_CLASS(pcms)->pci_enabled);
>
> + total_size = offset;
> +
> for (i = 0; i < ARRAY_SIZE(pcms->flash); i++) {
> hwaddr gpa;
>
> @@ -192,7 +183,7 @@ static void pc_system_flash_map(PCMachineState *pcms,
> sysbus_realize_and_unref(SYS_BUS_DEVICE(system_flash), &error_fatal);
> sysbus_mmio_map(SYS_BUS_DEVICE(system_flash), 0, gpa);
>
> - if (i == 0) {
> + if (i == 0 && !storage_only) {
> flash_mem = pflash_cfi01_get_memory(system_flash);
> if (pcmc->isa_bios_alias) {
> x86_isa_bios_init(&x86ms->isa_bios, rom_memory, flash_mem,
> @@ -211,6 +202,25 @@ static void pc_system_flash_map(PCMachineState *pcms,
> }
> }
>
> +/*
> + * Map the pcms->flash[] from 4GiB downward, and realize.
> + * Map them in descending order, i.e. pcms->flash[0] at the top,
> + * without gaps.
> + * Stop at the first pcms->flash[0] lacking a block backend.
> + * Set each flash's size from its block backend. Fatal error if the
> + * size isn't a non-zero multiple of 4KiB, or the total size exceeds
> + * pcms->max_fw_size.
> + *
> + * If pcms->flash[0] has a block backend, its memory is passed to
> + * pc_isa_bios_init(). Merging several flash devices for isa-bios is
> + * not supported.
> + */
> +static void pc_system_flash_map(PCMachineState *pcms,
> + MemoryRegion *rom_memory)
> +{
> + pc_system_flash_map_partial(pcms, rom_memory, 0, false);
> +}
> +
> void pc_system_firmware_init(PCMachineState *pcms,
> MemoryRegion *rom_memory)
> {
> @@ -238,9 +248,12 @@ void pc_system_firmware_init(PCMachineState *pcms,
> }
> }
>
> - if (!pflash_blk[0]) {
> + if (!pflash_blk[0] || sev_snp_enabled()) {
> /* Machine property pflash0 not set, use ROM mode */
> x86_bios_rom_init(X86_MACHINE(pcms), "bios.bin", rom_memory, false);
> + if (sev_snp_enabled()) {
> + pc_system_flash_map_partial(pcms, rom_memory, 3653632, true);
> + }
> } else {
> if (kvm_enabled() && !kvm_readonly_mem_enabled()) {
> /*
> --
> 2.34.1
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2024-06-03 11:56 UTC|newest]
Thread overview: 73+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-30 11:16 [PATCH v4 00/31] Add AMD Secure Nested Paging (SEV-SNP) support Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 01/31] i386/sev: Replace error_report with error_setg Pankaj Gupta
2024-06-03 11:57 ` Daniel P. Berrangé
2024-05-30 11:16 ` [PATCH v4 02/31] linux-headers: Update to current kvm/next Pankaj Gupta
2024-05-31 14:38 ` Liam Merwick via
2024-05-31 15:37 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 03/31] memory: Introduce memory_region_init_ram_guest_memfd() Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 04/31] i386/sev: Introduce "sev-common" type to encapsulate common SEV state Pankaj Gupta
2024-05-31 11:03 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 05/31] i386/sev: Move sev_launch_update to separate class method Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 06/31] i386/sev: Move sev_launch_finish " Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 07/31] i386/sev: Introduce 'sev-snp-guest' object Pankaj Gupta
2024-05-31 11:06 ` Paolo Bonzini
2024-06-03 12:02 ` Daniel P. Berrangé
2024-06-03 17:48 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 08/31] i386/sev: Add a sev_snp_enabled() helper Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 09/31] i386/sev: Add sev_kvm_init() override for SEV class Pankaj Gupta
2024-05-31 11:06 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 10/31] i386/sev: Add snp_kvm_init() override for SNP class Pankaj Gupta
2024-05-31 11:07 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 11/31] i386/cpu: Set SEV-SNP CPUID bit when SNP enabled Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 12/31] i386/sev: Don't return launch measurements for SEV-SNP guests Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 13/31] i386/sev: Add a class method to determine KVM VM type for SNP guests Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 14/31] i386/sev: Update query-sev QAPI format to handle SEV-SNP Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 15/31] i386/sev: Add the SNP launch start context Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 16/31] i386/sev: Add handling to encrypt/finalize guest launch data Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 17/31] i386/sev: Set CPU state to protected once SNP guest payload is finalized Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 18/31] hw/i386/sev: Add function to get SEV metadata from OVMF header Pankaj Gupta
2024-05-31 15:19 ` Liam Merwick via
2024-05-31 15:41 ` Paolo Bonzini
2024-05-31 16:41 ` Liam Merwick via
2024-05-30 11:16 ` [PATCH v4 19/31] i386/sev: Add support for populating OVMF metadata pages Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 20/31] i386/sev: Add support for SNP CPUID validation Pankaj Gupta
2024-07-02 3:07 ` Xiaoyao Li
2024-07-04 0:34 ` Michael Roth
2024-07-04 4:09 ` Xiaoyao Li
2024-07-04 5:31 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 21/31] i386/sev: Extract build_kernel_loader_hashes Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 22/31] i386/sev: Reorder struct declarations Pankaj Gupta
2024-05-31 11:12 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 23/31] i386/sev: Allow measured direct kernel boot on SNP Pankaj Gupta
2024-05-31 11:14 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 24/31] hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 25/31] i386/sev: Invoke launch_updata_data() for SEV class Pankaj Gupta
2024-05-31 11:10 ` Paolo Bonzini
2024-05-30 11:16 ` [PATCH v4 26/31] i386/sev: Invoke launch_updata_data() for SNP class Pankaj Gupta
2024-05-30 11:16 ` [PATCH v4 27/31] hw/i386/sev: Use guest_memfd for legacy ROMs Pankaj Gupta
2024-05-31 11:27 ` Paolo Bonzini
2024-06-14 8:58 ` Xiaoyao Li
2024-06-14 10:02 ` Gupta, Pankaj
2024-05-30 11:16 ` [PATCH v4 28/31] hw/i386: Add support for loading BIOS using guest_memfd Pankaj Gupta
2024-05-31 11:22 ` Paolo Bonzini
2024-06-14 8:34 ` Xiaoyao Li
2024-06-14 8:48 ` Gupta, Pankaj
2024-06-14 9:03 ` Xiaoyao Li
2024-05-30 11:16 ` [PATCH v4 29/31] hw/i386/sev: Allow use of pflash in conjunction with -bios Pankaj Gupta
2024-05-31 12:33 ` Paolo Bonzini
2024-06-03 11:55 ` Daniel P. Berrangé [this message]
2024-06-03 13:38 ` Paolo Bonzini
2024-06-04 9:03 ` Hoffmann, Gerd
2024-06-03 14:27 ` Michael Roth via
2024-06-03 14:31 ` Paolo Bonzini
2024-06-03 16:31 ` Michael Roth
2024-05-30 11:16 ` [PATCH v4 30/31] i386/kvm: Add KVM_EXIT_HYPERCALL handling for KVM_HC_MAP_GPA_RANGE Pankaj Gupta
2024-07-04 8:53 ` Binbin Wu
2024-05-30 11:16 ` [PATCH v4 31/31] i386/sev: Enable KVM_HC_MAP_GPA_RANGE hcall for SNP guests Pankaj Gupta
2024-05-31 11:20 ` [PATCH v4 00/31] Add AMD Secure Nested Paging (SEV-SNP) support Paolo Bonzini
2024-05-31 17:34 ` Paolo Bonzini
2024-05-31 17:40 ` Gupta, Pankaj
2024-05-31 17:53 ` Paolo Bonzini
2024-06-01 4:57 ` Gupta, Pankaj
2024-06-03 14:15 ` Michael Roth
2024-06-03 14:22 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zl2vP9hohrgaPMTs@redhat.com \
--to=berrange@redhat.com \
--cc=anisinha@redhat.com \
--cc=armbru@redhat.com \
--cc=brijesh.singh@amd.com \
--cc=dovmurik@linux.ibm.com \
--cc=isaku.yamahata@intel.com \
--cc=kvm@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=pankaj.gupta@amd.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thomas.lendacky@amd.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).