[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v10 11/28] sev/i386: add command to initialize t
From: |
Brijesh Singh |
Subject: |
Re: [Qemu-devel] [PATCH v10 11/28] sev/i386: add command to initialize the memory encryption context |
Date: |
Wed, 7 Mar 2018 07:19:02 -0600 |
User-agent: |
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
Hi Laszlo,
On 3/5/18 7:37 AM, Laszlo Ersek wrote:
> Hi Brijesh,
>
> I triggered an assertion failure here:
>
> On 02/28/18 22:10, Brijesh Singh wrote:
>> When memory encryption is enabled, KVM_SEV_INIT command is used to
>> initialize the platform. The command loads the SEV related persistent
>> data from non-volatile storage and initializes the platform context.
>> This command should be first issued before invoking any other guest
>> commands provided by the SEV firmware.
>>
>> Cc: Paolo Bonzini <address@hidden>
>> Cc: Richard Henderson <address@hidden>
>> Cc: Eduardo Habkost <address@hidden>
>> Signed-off-by: Brijesh Singh <address@hidden>
>> ---
>> accel/kvm/kvm-all.c | 15 ++++
>> include/sysemu/sev.h | 22 +++++
>> stubs/Makefile.objs | 1 +
>> stubs/sev.c | 21 +++++
>> target/i386/Makefile.objs | 2 +-
>> target/i386/monitor.c | 11 ++-
>> target/i386/sev-stub.c | 41 +++++++++
>> target/i386/sev.c | 222
>> ++++++++++++++++++++++++++++++++++++++++++++++
>> target/i386/sev_i386.h | 29 ++++++
>> target/i386/trace-events | 3 +
>> 10 files changed, 364 insertions(+), 3 deletions(-)
>> create mode 100644 include/sysemu/sev.h
>> create mode 100644 stubs/sev.c
>> create mode 100644 target/i386/sev-stub.c
> [...]
>
>> @@ -1636,6 +1640,17 @@ static int kvm_init(MachineState *ms)
>>
>> kvm_state = s;
>>
>> + /*
>> + * if memory encryption object is specified then initialize the memory
>> + * encryption context.
>> + */
>> + if (ms->memory_encryption) {
>> + kvm_state->memcrypt_handle = sev_guest_init(ms->memory_encryption);
>> + if (!kvm_state->memcrypt_handle) {
>> + goto err;
>> + }
>> + }
>> +
> You should set the "err" variable to a negative error code; otherwise
> the assertion at the "err" label will trigger:
>
> err:
> assert(ret < 0);
Noted, will fix in v11. thanks for reporting this.