On Mon, Oct 12, 2020 at 05:21:15PM +0100, Dr. David Alan Gilbert wrote:
* Tobin Feldman-Fitzthum (tobin@linux.vnet.ibm.com) wrote:
> AMD SEV allows a guest owner to inject a secret blob
> into the memory of a virtual machine. The secret is
> encrypted with the SEV Transport Encryption Key and
> integrity is guaranteed with the Transport Integrity
> Key. Although QEMU faciliates the injection of the
Trivial typo s/faciliates/facilitates/
> launch secret, it cannot access the secret.
>
> Signed-off-by: Tobin Feldman-Fitzthum <tobin@linux.vnet.ibm.com>
> ---
> include/monitor/monitor.h | 3 ++
> include/sysemu/sev.h | 2 ++
> monitor/misc.c | 8 ++---
> qapi/misc-target.json | 18 +++++++++++
> target/i386/monitor.c | 9 ++++++
> target/i386/sev-stub.c | 5 +++
> target/i386/sev.c | 66 +++++++++++++++++++++++++++++++++++++++
> target/i386/trace-events | 1 +
> 8 files changed, 108 insertions(+), 4 deletions(-)
> diff --git a/qapi/misc-target.json b/qapi/misc-target.json
> index dee3b45930..d145f916b3 100644
> --- a/qapi/misc-target.json
> +++ b/qapi/misc-target.json
> @@ -200,6 +200,24 @@
> { 'command': 'query-sev-capabilities', 'returns': 'SevCapability',
> 'if': 'defined(TARGET_I386)' }
>
> +##
> +# @sev-inject-launch-secret:
> +#
> +# This command injects a secret blob into memory of SEV guest.
> +#
> +# @packet-header: the launch secret packet header encoded in base64
> +#
> +# @secret: the launch secret data to be injected encoded in base64
Just to double check, this "secret" is /not/ in clear text, so there's
no way either QEMU nor the QMP client can access sensitive info, right
?
If 'secret' was clear text, then we would need to pass the data across
QMP in a different way.
> +#
> +# @gpa: the guest physical address where secret will be injected.
> +#
> +# Since: 5.1
s/5.1/5.2/
> +#
> +##
> +{ 'command': 'sev-inject-launch-secret',
> + 'data': { 'packet-header': 'str', 'secret': 'str', 'gpa': 'uint64' },
> + 'if': 'defined(TARGET_I386)' }
> +
> ##
> # @dump-skeys:
> #
> diff --git a/target/i386/monitor.c b/target/i386/monitor.c
> index 27ebfa3ad2..42bcfe6dc0 100644
> --- a/target/i386/monitor.c
> +++ b/target/i386/monitor.c
> @@ -736,3 +736,12 @@ SevCapability *qmp_query_sev_capabilities(Error **errp)
>
> return data;
> }
> +
> +void qmp_sev_inject_launch_secret(const char *packet_hdr,
> + const char *secret, uint64_t gpa,
> + Error **errp)
> +{
> + if (sev_inject_launch_secret(packet_hdr, secret, gpa) != 0) {
> + error_setg(errp, "SEV inject secret failed");
This generic error message is useless - sev_inject_launch_secret()
needs
to take the 'errp' parameter and report what actually failed.
> + }
> +}
> diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
> index e5ee13309c..fed4588185 100644
> --- a/target/i386/sev-stub.c
> +++ b/target/i386/sev-stub.c
> @@ -48,3 +48,8 @@ SevCapability *sev_get_capabilities(void)
> {
> return NULL;
> }
> +int sev_inject_launch_secret(const char *hdr, const char *secret,
> + uint64_t gpa)
> +{
> + return 1;
> +}
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index d273174ad3..cbeb8f2e02 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -28,6 +28,8 @@
> #include "sysemu/runstate.h"
> #include "trace.h"
> #include "migration/blocker.h"
> +#include "exec/address-spaces.h"
> +#include "monitor/monitor.h"
>
> #define TYPE_SEV_GUEST "sev-guest"
> #define SEV_GUEST(obj) \
> @@ -769,6 +771,70 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t
len)
> return 0;
> }
>
> +int sev_inject_launch_secret(const char *packet_hdr,
> + const char *secret, uint64_t gpa)
> +{
> + struct kvm_sev_launch_secret input;
> + guchar *data = NULL, *hdr = NULL;
If you declare with 'g_autofree' you don't need the manual 'g_free'
calls later. This in turn means you can get rid of the "goto err"
jumps and instead directly return.
> + int error, ret = 1;
> + void *hva;
> + gsize hdr_sz = 0, data_sz = 0;
> + Error *local_err = NULL;
Declare with
g_autoptr(Error) local_err = NULL
to fix the leak David mentions
> + MemoryRegion *mr = NULL;
> +
> + /* secret can be inject only in this state */
> + if (!sev_check_state(sev_guest, SEV_STATE_LAUNCH_SECRET)) {
> + error_report("SEV: Not in correct state. (LSECRET) %x",
> + sev_guest->state);
> + return 1;
> + }
> +
> + hdr = g_base64_decode(packet_hdr, &hdr_sz);
> + if (!hdr || !hdr_sz) {
> + error_report("SEV: Failed to decode sequence header");
> + return 1;
> + }
> +
> + data = g_base64_decode(secret, &data_sz);
> + if (!data || !data_sz) {
> + error_report("SEV: Failed to decode data");
> + goto err;
> + }
> +
> + hva = gpa2hva(&mr, gpa, data_sz, &local_err);
> + if (!hva) {
> + error_report("SEV: Failed to calculate guest address.");
Note this is leaking local_err; you need to turn that into probably an
error_reportf_err(local_err, "SEV: Failed to calculate guest
address:");
Actually this method needs to take an "Error **errp" parameter, so that
the
error is propagated back to the QMP command handler, and from there
back to the client app.
Also the '5.1' above needs to change to 5.2.
I think with that it looks OK to me.
> + goto err;
> + }
> +
> + input.hdr_uaddr = (uint64_t)(unsigned long)hdr;
> + input.hdr_len = hdr_sz;
> +
> + input.trans_uaddr = (uint64_t)(unsigned long)data;
> + input.trans_len = data_sz;
> +
> + input.guest_uaddr = (uint64_t)(unsigned long)hva;
> + input.guest_len = data_sz;
> +
> + trace_kvm_sev_launch_secret(gpa, input.guest_uaddr,
> + input.trans_uaddr, input.trans_len);
> +
> + ret = sev_ioctl(sev_guest->sev_fd, KVM_SEV_LAUNCH_SECRET,
> + &input, &error);
> + if (ret) {
> + error_report("SEV: failed to inject secret ret=%d fw_error=%d '%s'",
> + ret, error, fw_error_to_str(error));
> + goto err;
> + }
> +
> + ret = 0;
> +
> +err:
> + g_free(data);
> + g_free(hdr);
> + return ret;
> +}
Regards,
Daniel