[Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Int

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Int

From:	Richard Henderson
Subject:	[Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Introduce kernel-...
Date:	Thu, 18 Nov 2021 06:07:33 -0800

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: 55cdf566412695b4fc052065c7970632129cd65b
      
https://github.com/qemu/qemu/commit/55cdf566412695b4fc052065c7970632129cd65b
  Author: Dov Murik <dovmurik@linux.ibm.com>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M qapi/qom.json
    M qemu-options.hx
    M target/i386/sev.c

  Log Message:
  -----------
  qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option

Introduce new boolean 'kernel-hashes' option on the sev-guest object.
It will be used to to decide whether to add the hashes of
kernel/initrd/cmdline to SEV guest memory when booting with -kernel.
The default value is 'off'.

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 9dbe0c93f00d3aef9ac386c390595d370cfad677
      
https://github.com/qemu/qemu/commit/9dbe0c93f00d3aef9ac386c390595d370cfad677
  Author: Dov Murik <dovmurik@linux.ibm.com>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M target/i386/sev.c

  Log Message:
  -----------
  target/i386/sev: Add kernel hashes only if sev-guest.kernel-hashes=on

Commit cff03145ed3c ("sev/i386: Introduce sev_add_kernel_loader_hashes
for measured linux boot", 2021-09-30) introduced measured direct boot
with -kernel, using an OVMF-designated hashes table which QEMU fills.

However, if OVMF doesn't designate such an area, QEMU would completely
abort the VM launch.  This breaks launching with -kernel using older
OVMF images which don't publish the SEV_HASH_TABLE_RV_GUID.

Fix that so QEMU will only look for the hashes table if the sev-guest
kernel-hashes option is set to on.  Otherwise, QEMU won't look for the
designated area in OVMF and won't fill that area.

To enable addition of kernel hashes, launch the guest with:

    -object sev-guest,...,kernel-hashes=on

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reported-by: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 5a0294a21c7677498bf40a447cc4a417d51a3cf4
      
https://github.com/qemu/qemu/commit/5a0294a21c7677498bf40a447cc4a417d51a3cf4
  Author: Dov Murik <dovmurik@linux.ibm.com>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M target/i386/sev.c

  Log Message:
  -----------
  target/i386/sev: Rephrase error message when no hashes table in guest firmware

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: a0190bf15044d2410e84f9a12aeac9ed56bd58b0
      
https://github.com/qemu/qemu/commit/a0190bf15044d2410e84f9a12aeac9ed56bd58b0
  Author: Dov Murik <dovmurik@linux.ibm.com>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M target/i386/sev.c

  Log Message:
  -----------
  target/i386/sev: Fail when invalid hashes table area detected

Commit cff03145ed3c ("sev/i386: Introduce sev_add_kernel_loader_hashes
for measured linux boot", 2021-09-30) introduced measured direct boot
with -kernel, using an OVMF-designated hashes table which QEMU fills.

However, no checks are performed on the validity of the hashes area
designated by OVMF.  Specifically, if OVMF publishes the
SEV_HASH_TABLE_RV_GUID entry but it is filled with zeroes, this will
cause QEMU to write the hashes entries over the first page of the
guest's memory (GPA 0).

Add validity checks to the published area.  If the hashes table area's
base address is zero, or its size is too small to fit the aligned hashes
table, display an error and stop the guest launch.  In such case, the
following error will be displayed:

    qemu-system-x86_64: SEV: guest firmware hashes table area is invalid 
(base=0x0 size=0x0)

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reported-by: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: ddcc0d898e4040b1795254fac8ac4f8514b0ecb8
      
https://github.com/qemu/qemu/commit/ddcc0d898e4040b1795254fac8ac4f8514b0ecb8
  Author: Dov Murik <dovmurik@linux.ibm.com>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M target/i386/sev.c

  Log Message:
  -----------
  target/i386/sev: Perform padding calculations at compile-time

In sev_add_kernel_loader_hashes, the sizes of structs are known at
compile-time, so calculate needed padding at compile-time.

No functional change intended.

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 58603ba2680fa35eade630e4b040e96953a11021
      
https://github.com/qemu/qemu/commit/58603ba2680fa35eade630e4b040e96953a11021
  Author: Dov Murik <dovmurik@linux.ibm.com>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M target/i386/sev.c

  Log Message:
  -----------
  target/i386/sev: Replace qemu_map_ram_ptr with address_space_map

Use address_space_map/unmap and check for errors.

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Brijesh Singh <brijesh.singh@amd.com>
[Two lines wrapped for length - Daniel]
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>


  Commit: 44a3aa0608f01274418487b655d42467c1d8334e
      
https://github.com/qemu/qemu/commit/44a3aa0608f01274418487b655d42467c1d8334e
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2021-11-18 (Thu, 18 Nov 2021)

  Changed paths:
    M qapi/qom.json
    M qemu-options.hx
    M target/i386/sev.c

  Log Message:
  -----------
  Merge tag 'sev-hashes-pull-request' of https://gitlab.com/berrange/qemu into 
staging

Add property for requesting AMD SEV measured kernel launch

 - The 'sev-guest' object gains a boolean 'kernel-hashes' property
   which must be enabled to request a measured kernel launch.

# gpg: Signature made Thu 18 Nov 2021 02:33:25 PM CET
# gpg:                using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]

* tag 'sev-hashes-pull-request' of https://gitlab.com/berrange/qemu:
  target/i386/sev: Replace qemu_map_ram_ptr with address_space_map
  target/i386/sev: Perform padding calculations at compile-time
  target/i386/sev: Fail when invalid hashes table area detected
  target/i386/sev: Rephrase error message when no hashes table in guest firmware
  target/i386/sev: Add kernel hashes only if sev-guest.kernel-hashes=on
  qapi/qom,target/i386: sev-guest: Introduce kernel-hashes=on|off option

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>


Compare: https://github.com/qemu/qemu/compare/0055ecca84cb...44a3aa0608f0

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Introduce kernel-..., Richard Henderson <=
- [Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Introduce kernel-..., Richard Henderson, 2021/11/18

Prev by Date: [Qemu-commits] [qemu/qemu] f3bc3a: vfio: Fix memory leak of hostwin
Next by Date: [Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Introduce kernel-...
Previous by thread: [Qemu-commits] [qemu/qemu] f3bc3a: vfio: Fix memory leak of hostwin
Next by thread: [Qemu-commits] [qemu/qemu] 55cdf5: qapi/qom, target/i386: sev-guest: Introduce kernel-...
Index(es):
- Date
- Thread