[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [RFC PATCH v1 08/22] sev: add SEV launch update command
From: |
Brijesh Singh |
Subject: |
[Qemu-devel] [RFC PATCH v1 08/22] sev: add SEV launch update command |
Date: |
Tue, 13 Sep 2016 10:48:09 -0400 |
User-agent: |
StGit/0.17.1-dirty |
The SEV LAUNCH_UPDATE command is used to encrypt the guest memory region.
For more information see [1], section 6.2
[1] http://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf
The following KVM RFC patches defines and implements this command
http://marc.info/?l=kvm&m=147190852423972&w=2
http://marc.info/?l=kvm&m=147190859023996&w=2
Signed-off-by: Brijesh Singh <address@hidden>
---
include/sysemu/sev.h | 9 +++++++++
sev.c | 36 ++++++++++++++++++++++++++++++++++++
2 files changed, 45 insertions(+)
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index b8a7afa..b58a9d7 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -30,5 +30,14 @@ int sev_init(KVMState *kvm_state);
*/
int kvm_sev_guest_start(void);
+/**
+ * kvm_sev_guest_update - encrypt the memory region.
+ * @address: host virtual address of memory region (must be 16-byte aligned)
+ * @len: length of memory region (must be 16-byte aligned).
+ *
+ * Returns: 0 on success, or 1 on failure.
+ */
+int kvm_sev_guest_update(uint8_t *address, uint32_t len);
+
#endif
diff --git a/sev.c b/sev.c
index 40a126a..a451dc0 100644
--- a/sev.c
+++ b/sev.c
@@ -304,6 +304,28 @@ static int sev_launch_start(void)
return 0;
}
+static int sev_launch_update(uint8_t *addr, uint32_t len)
+{
+ int ret;
+ SEVInfo *s = sev_info;
+ struct kvm_sev_issue_cmd input;
+ struct kvm_sev_launch_update *update = s->launch_update;
+
+ update->address = (uint64_t) addr;
+ update->length = len;
+ input.cmd = KVM_SEV_LAUNCH_UPDATE;
+ input.opaque = (unsigned long)update;
+ ret = kvm_vm_ioctl(kvm_state, KVM_SEV_ISSUE_CMD, &input);
+ if (ret) {
+ fprintf(stderr, "SEV: launch_update failed ret=%d (%#010x)\n",
+ ret, input.ret_code);
+ exit(EXIT_FAILURE);
+ }
+
+ DPRINTF("SEV: LAUNCH update [%#lx+0x%x]\n", (uint64_t)addr, len);
+ return 0;
+}
+
int kvm_sev_guest_start(void)
{
SEVInfo *s = sev_info;
@@ -335,3 +357,17 @@ int kvm_sev_guest_start(void)
return 1;
}
+int kvm_sev_guest_update(uint8_t *addr, uint32_t len)
+{
+ SEVInfo *s = sev_info;
+
+ if (!s) {
+ return 1;
+ }
+
+ if (s->state == SEV_LAUNCH_START) {
+ return sev_launch_update(addr, len);
+ }
+
+ return 1;
+}
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, (continued)
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Brijesh Singh, 2016/09/14
- Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
[Qemu-devel] [RFC PATCH v1 08/22] sev: add SEV launch update command,
Brijesh Singh <=
[Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode, Brijesh Singh, 2016/09/13
Re: [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode, Paolo Bonzini, 2016/09/13
Re: [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode, Eduardo Habkost, 2016/09/14
Re: [Qemu-devel] [RFC PATCH v1 20/22] fw_cfg: sev: disable dma in real mode, Paolo Bonzini, 2016/09/14