[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 33/53] target/i386: sev: fail query-sev-capabilities if QEMU canno
|
From: |
Paolo Bonzini |
|
Subject: |
[PULL 33/53] target/i386: sev: fail query-sev-capabilities if QEMU cannot use SEV |
|
Date: |
Mon, 6 Jul 2020 12:41:35 -0400 |
In some cases, such as if the kvm-amd "sev" module parameter is set
to 0, SEV will be unavailable but query-sev-capabilities will still
return all the information. This tricks libvirt into erroneously
reporting that SEV is available. Check the actual usability of the
feature and return the appropriate error if QEMU cannot use KVM
or KVM cannot use SEV.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
target/i386/sev.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 70f9ee026f..ee8588fd6c 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -450,6 +450,15 @@ sev_get_capabilities(Error **errp)
uint32_t ebx;
int fd;
+ if (!kvm_enabled()) {
+ error_setg(errp, "KVM not enabled");
+ return NULL;
+ }
+ if (kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, NULL) < 0) {
+ error_setg(errp, "SEV is not enabled in KVM");
+ return NULL;
+ }
+
fd = open(DEFAULT_SEV_DEVICE, O_RDWR);
if (fd < 0) {
error_setg_errno(errp, errno, "Failed to open %s",
--
2.26.2
- Re: [PULL 31/53] KVM: x86: believe what KVM says about WAITPKG, (continued)
- [PULL 13/53] i386: hvf: Move synchronize functions to sysemu, Paolo Bonzini, 2020/07/06
- [PULL 15/53] i386: hvf: Make long mode enter and exit clearer, Paolo Bonzini, 2020/07/06
- [PULL 30/53] target/i386: implement undocumented "smsw r32" behavior, Paolo Bonzini, 2020/07/06
- [PULL 20/53] MAINTAINERS: Fix KVM path expansion glob, Paolo Bonzini, 2020/07/06
- [PULL 32/53] target/i386: sev: provide proper error reporting for query-sev-capabilities, Paolo Bonzini, 2020/07/06
- [PULL 26/53] accel/Kconfig: Add the TCG selector, Paolo Bonzini, 2020/07/06
- [PULL 40/53] pc: fix leak in pc_system_flash_cleanup_unused, Paolo Bonzini, 2020/07/06
- [PULL 29/53] target/i386: remove gen_io_end, Paolo Bonzini, 2020/07/06
- [PULL 33/53] target/i386: sev: fail query-sev-capabilities if QEMU cannot use SEV,
Paolo Bonzini <=
- [PULL 35/53] iscsi: return -EIO when sense fields are meaningless, Paolo Bonzini, 2020/07/06
- [PULL 37/53] checkpatch: Change occurences of 'kernel' to 'qemu' in user messages, Paolo Bonzini, 2020/07/06
- [PULL 38/53] target/i386: Correct the warning message of Intel PT, Paolo Bonzini, 2020/07/06
- [PULL 41/53] softmmu: move softmmu only files from root, Paolo Bonzini, 2020/07/06
- [PULL 27/53] accel/tcg: Add stub for probe_access(), Paolo Bonzini, 2020/07/06
- [PULL 49/53] target/i386/kvm: Simplify kvm_get_mce_cap_supported(), Paolo Bonzini, 2020/07/06
- [PULL 53/53] scripts: improve message when TAP based tests fail, Paolo Bonzini, 2020/07/06
- [PULL 46/53] accel/kvm: Simplify kvm_check_extension(), Paolo Bonzini, 2020/07/06
- [PULL 47/53] accel/kvm: Simplify kvm_check_extension_list(), Paolo Bonzini, 2020/07/06
- [PULL 45/53] accel/kvm: Let kvm_check_extension use global KVM state, Paolo Bonzini, 2020/07/06