[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v3 16/26] hw/arm/virt: Disable DTB randomness for confidential VM
|
From: |
Jean-Philippe Brucker |
|
Subject: |
[PATCH v3 16/26] hw/arm/virt: Disable DTB randomness for confidential VMs |
|
Date: |
Mon, 25 Nov 2024 19:56:15 +0000 |
The dtb-randomness feature, which adds random seeds to the DTB, isn't
really compatible with confidential VMs since it randomizes the Realm
Initial Measurement. Enabling it is not an error, but it prevents
attestation. It also isn't useful to a Realm, which doesn't trust host
input.
Currently the feature is automatically enabled, unless the user disables
it on the command-line. Change it to OnOffAuto, and automatically
disable it for confidential VMs, unless the user explicitly enables it.
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
---
docs/system/arm/virt.rst | 9 +++++----
include/hw/arm/virt.h | 2 +-
hw/arm/virt.c | 41 +++++++++++++++++++++++++---------------
3 files changed, 32 insertions(+), 20 deletions(-)
diff --git a/docs/system/arm/virt.rst b/docs/system/arm/virt.rst
index e67e7f0f7c..c8319555a5 100644
--- a/docs/system/arm/virt.rst
+++ b/docs/system/arm/virt.rst
@@ -176,10 +176,11 @@ dtb-randomness
rng-seed and kaslr-seed nodes (in both "/chosen" and
"/secure-chosen") to use for features like the random number
generator and address space randomisation. The default is
- ``on``. You will want to disable it if your trusted boot chain
- will verify the DTB it is passed, since this option causes the
- DTB to be non-deterministic. It would be the responsibility of
- the firmware to come up with a seed and pass it on if it wants to.
+ ``off`` for confidential VMs, and ``on`` otherwise. You will want
+ to disable it if your trusted boot chain will verify the DTB it is
+ passed, since this option causes the DTB to be non-deterministic.
+ It would be the responsibility of the firmware to come up with a
+ seed and pass it on if it wants to.
dtb-kaslr-seed
A deprecated synonym for dtb-randomness.
diff --git a/include/hw/arm/virt.h b/include/hw/arm/virt.h
index aca4f8061b..e5e9f67f52 100644
--- a/include/hw/arm/virt.h
+++ b/include/hw/arm/virt.h
@@ -154,7 +154,7 @@ struct VirtMachineState {
bool virt;
bool ras;
bool mte;
- bool dtb_randomness;
+ OnOffAuto dtb_randomness;
bool second_ns_uart_present;
OnOffAuto acpi;
VirtGICType gic_version;
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 2d36640733..9836dfbdfb 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -264,6 +264,7 @@ static bool ns_el2_virt_timer_present(void)
static void create_fdt(VirtMachineState *vms)
{
+ bool dtb_randomness = true;
MachineState *ms = MACHINE(vms);
int nb_numa_nodes = ms->numa_state->num_nodes;
void *fdt = create_device_tree(&vms->fdt_size);
@@ -273,6 +274,16 @@ static void create_fdt(VirtMachineState *vms)
exit(1);
}
+ /*
+ * Including random data in the DTB causes random intial measurement on
CCA,
+ * so disable it for confidential VMs.
+ */
+ if (vms->dtb_randomness == ON_OFF_AUTO_OFF ||
+ (vms->dtb_randomness == ON_OFF_AUTO_AUTO &&
+ virt_machine_is_confidential(vms))) {
+ dtb_randomness = false;
+ }
+
ms->fdt = fdt;
/* Header */
@@ -294,13 +305,13 @@ static void create_fdt(VirtMachineState *vms)
/* /chosen must exist for load_dtb to fill in necessary properties later */
qemu_fdt_add_subnode(fdt, "/chosen");
- if (vms->dtb_randomness) {
+ if (dtb_randomness) {
create_randomness(ms, "/chosen");
}
if (vms->secure) {
qemu_fdt_add_subnode(fdt, "/secure-chosen");
- if (vms->dtb_randomness) {
+ if (dtb_randomness) {
create_randomness(ms, "/secure-chosen");
}
}
@@ -2570,18 +2581,21 @@ static void virt_set_its(Object *obj, bool value, Error
**errp)
vms->its = value;
}
-static bool virt_get_dtb_randomness(Object *obj, Error **errp)
+static void virt_get_dtb_randomness(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
{
VirtMachineState *vms = VIRT_MACHINE(obj);
+ OnOffAuto dtb_randomness = vms->dtb_randomness;
- return vms->dtb_randomness;
+ visit_type_OnOffAuto(v, name, &dtb_randomness, errp);
}
-static void virt_set_dtb_randomness(Object *obj, bool value, Error **errp)
+static void virt_set_dtb_randomness(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
{
VirtMachineState *vms = VIRT_MACHINE(obj);
- vms->dtb_randomness = value;
+ visit_type_OnOffAuto(v, name, &vms->dtb_randomness, errp);
}
static char *virt_get_oem_id(Object *obj, Error **errp)
@@ -3253,16 +3267,16 @@ static void virt_machine_class_init(ObjectClass *oc,
void *data)
"Set on/off to enable/disable "
"ITS instantiation");
- object_class_property_add_bool(oc, "dtb-randomness",
- virt_get_dtb_randomness,
- virt_set_dtb_randomness);
+ object_class_property_add(oc, "dtb-randomness", "OnOffAuto",
+ virt_get_dtb_randomness, virt_set_dtb_randomness,
+ NULL, NULL);
object_class_property_set_description(oc, "dtb-randomness",
"Set off to disable passing random
or "
"non-deterministic dtb nodes to
guest");
- object_class_property_add_bool(oc, "dtb-kaslr-seed",
- virt_get_dtb_randomness,
- virt_set_dtb_randomness);
+ object_class_property_add(oc, "dtb-kaslr-seed", "OnOffAuto",
+ virt_get_dtb_randomness, virt_set_dtb_randomness,
+ NULL, NULL);
object_class_property_set_description(oc, "dtb-kaslr-seed",
"Deprecated synonym of
dtb-randomness");
@@ -3333,9 +3347,6 @@ static void virt_instance_init(Object *obj)
/* MTE is disabled by default. */
vms->mte = false;
- /* Supply kaslr-seed and rng-seed by default */
- vms->dtb_randomness = true;
-
vms->irqmap = a15irqmap;
virt_flash_create(vms);
--
2.47.0
- Re: [PATCH v3 10/26] target/arm/kvm-rme: Add Realm Personalization Value parameter, (continued)
- [PATCH v3 07/26] target/arm/kvm: Create scratch VM as Realm if necessary, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 08/26] hw/core/loader: Add ROM loader notifier, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 09/26] target/arm/kvm-rme: Initialize Realm memory, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 11/26] target/arm/kvm-rme: Add measurement algorithm property, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 14/26] target/arm/cpu: Inform about reading confidential CPU registers, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 13/26] target/arm/cpu: Set number of PMU counters in KVM, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 16/26] hw/arm/virt: Disable DTB randomness for confidential VMs,
Jean-Philippe Brucker <=
- [PATCH v3 19/26] hw/arm/virt: Move virt_flash_create() to machvirt_init(), Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 12/26] target/arm/cpu: Set number of breakpoints and watchpoints in KVM, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 15/26] hw/arm/virt: Add support for Arm RME, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 18/26] hw/arm/boot: Mark all guest memory as RIPAS_RAM., Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 17/26] hw/arm/virt: Reserve one bit of guest-physical address for RME, Jean-Philippe Brucker, 2024/11/25
- [PATCH v3 20/26] hw/arm/virt: Use RAM instead of flash for confidential guest firmware, Jean-Philippe Brucker, 2024/11/25
- [RFC PATCH v3 21/26] hw/arm/boot: Load DTB as is for confidential VMs, Jean-Philippe Brucker, 2024/11/25
- [RFC PATCH v3 23/26] hw/tpm: Add TPM event log, Jean-Philippe Brucker, 2024/11/25
- [RFC PATCH v3 25/26] target/arm/kvm-rme: Add measurement log, Jean-Philippe Brucker, 2024/11/25