Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoin

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoin

From:	Dov Murik
Subject:	Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context
Date:	Thu, 5 Aug 2021 16:06:27 +0300
User-agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0


On 04/08/2021 14:56, Ashish Kalra wrote:
> From: Brijesh Singh <brijesh.singh@amd.com>
> 
> The user provides the target machine's Platform Diffie-Hellman key (PDH)
> and certificate chain before starting the SEV guest migration. Cache the
> certificate chain as we need them while creating the outgoing context.
> 
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> Co-developed-by: Ashish Kalra <ashish.kalra@amd.com>
> Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
> ---
>  include/sysemu/sev.h |  2 ++
>  target/i386/sev.c    | 61 ++++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 63 insertions(+)
> 
> diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
> index 94d821d737..64fc88d3c5 100644
> --- a/include/sysemu/sev.h
> +++ b/include/sysemu/sev.h
> @@ -14,11 +14,13 @@
>  #ifndef QEMU_SEV_H
>  #define QEMU_SEV_H
> 
> +#include <qapi/qapi-types-migration.h>
>  #include "sysemu/kvm.h"
> 
>  bool sev_enabled(void);
>  int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
>  int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp);
> +int sev_save_setup(MigrationParameters *p);
>  int sev_inject_launch_secret(const char *hdr, const char *secret,
>                               uint64_t gpa, Error **errp);
> 
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index 83df8c09f6..5e7c87764c 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -24,6 +24,7 @@
>  #include "qemu/module.h"
>  #include "qemu/uuid.h"
>  #include "sysemu/kvm.h"
> +#include "sysemu/sev.h"
>  #include "sev_i386.h"
>  #include "sysemu/sysemu.h"
>  #include "sysemu/runstate.h"
> @@ -68,6 +69,12 @@ struct SevGuestState {
>      int sev_fd;
>      SevState state;
>      gchar *measurement;
> +    guchar *remote_pdh;
> +    size_t remote_pdh_len;
> +    guchar *remote_plat_cert;
> +    size_t remote_plat_cert_len;
> +    guchar *amd_cert;
> +    size_t amd_cert_len;
> 
>      uint32_t reset_cs;
>      uint32_t reset_ip;
> @@ -116,6 +123,12 @@ static const char *const sev_fw_errlist[] = {
> 
>  #define SEV_FW_MAX_ERROR      ARRAY_SIZE(sev_fw_errlist)
> 
> +#define SEV_FW_BLOB_MAX_SIZE            0x4000          /* 16KB */
> +
> +static struct ConfidentialGuestMemoryEncryptionOps sev_memory_encryption_ops 
> = {
> +    .save_setup = sev_save_setup,
> +};
> +
>  static int
>  sev_ioctl(int fd, int cmd, void *data, int *error)
>  {
> @@ -772,6 +785,50 @@ sev_vm_state_change(void *opaque, bool running, RunState 
> state)
>      }
>  }
> 
> +static inline bool check_blob_length(size_t value)
> +{
> +    if (value > SEV_FW_BLOB_MAX_SIZE) {
> +        error_report("invalid length max=%d got=%ld",
> +                     SEV_FW_BLOB_MAX_SIZE, value);
> +        return false;
> +    }
> +
> +    return true;
> +}
> +
> +int sev_save_setup(MigrationParameters *p)
> +{
> +    SevGuestState *s = sev_guest;
> +    const char *pdh = p->sev_pdh;
> +    const char *plat_cert = p->sev_plat_cert;
> +    const char *amd_cert = p->sev_amd_cert;
> +
> +    s->remote_pdh = g_base64_decode(pdh, &s->remote_pdh_len);

You should check    if (!s->remote_pdh)   to detect decoding failure
(for all g_base64_decode calls here).

Though I must say, it would be better to check validity of the
user-supplied base64 earlier (when migrate-set-parameters QMP call
occurs), and not later when migration starts.


> +    if (!check_blob_length(s->remote_pdh_len)) {
> +        goto error;
> +    }
> +
> +    s->remote_plat_cert = g_base64_decode(plat_cert,
> +                                          &s->remote_plat_cert_len);
> +    if (!check_blob_length(s->remote_plat_cert_len)) {
> +        goto error;
> +    }
> +
> +    s->amd_cert = g_base64_decode(amd_cert, &s->amd_cert_len);
> +    if (!check_blob_length(s->amd_cert_len)) {
> +        goto error;
> +    }
> +
> +    return 0;
> +
> +error:
> +    g_free(s->remote_pdh);
> +    g_free(s->remote_plat_cert);
> +    g_free(s->amd_cert);
> +
> +    return 1;
> +}
> +
>  int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
>  {
>      SevGuestState *sev
> @@ -781,6 +838,8 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error 
> **errp)
>      uint32_t ebx;
>      uint32_t host_cbitpos;
>      struct sev_user_data_status status = {};
> +    ConfidentialGuestSupportClass *cgs_class =
> +        (ConfidentialGuestSupportClass *) object_get_class(OBJECT(cgs));
> 
>      if (!sev) {
>          return 0;
> @@ -870,6 +929,8 @@ int sev_kvm_init(ConfidentialGuestSupport *cgs, Error 
> **errp)
>      qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
>      qemu_add_vm_change_state_handler(sev_vm_state_change, sev);
> 
> +    cgs_class->memory_encryption_ops = &sev_memory_encryption_ops;
> +
>      cgs->ready = true;
> 
>      return 0;
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v4 02/14] doc: update AMD SEV to include Live migration flow, (continued)
- [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, Ashish Kalra, 2021/08/04
  - Re: [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, Dov Murik, 2021/08/05
    - Re: [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, Ashish Kalra, 2021/08/05
  - Re: [PATCH v4 03/14] migration.json: add AMD SEV specific migration parameters, Eric Blake, 2021/08/05
- [PATCH v4 04/14] confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs, Ashish Kalra, 2021/08/04
  - Re: [PATCH v4 04/14] confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs, Dov Murik, 2021/08/05
    - Re: [PATCH v4 04/14] confidential guest support: introduce ConfidentialGuestMemoryEncryptionOps for encrypted VMs, Ashish Kalra, 2021/08/05
- [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context, Ashish Kalra, 2021/08/04
  - Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context, Dov Murik <=
    - Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context, Ashish Kalra, 2021/08/05
- [PATCH v4 06/14] target/i386: sev: do not create launch context for an incoming guest, Ashish Kalra, 2021/08/04
- [PATCH v4 07/14] target/i386: sev: add support to encrypt the outgoing page, Ashish Kalra, 2021/08/04
  - Re: [PATCH v4 07/14] target/i386: sev: add support to encrypt the outgoing page, Dov Murik, 2021/08/05
- [PATCH v4 08/14] target/i386: sev: add support to load incoming encrypted page, Ashish Kalra, 2021/08/04
- [PATCH v4 09/14] kvm: Add support for SEV shared regions list and KVM_EXIT_HYPERCALL., Ashish Kalra, 2021/08/04
- [PATCH v4 10/14] migration: add support to migrate shared regions list, Ashish Kalra, 2021/08/04
- [PATCH v4 11/14] migration/ram: add support to send encrypted pages, Ashish Kalra, 2021/08/04
- [PATCH v4 12/14] migration/ram: Force encrypted status for flash0 & flash1 devices., Ashish Kalra, 2021/08/04
- [PATCH v4 13/14] migration: for SEV live migration bump downtime limit to 1s., Ashish Kalra, 2021/08/04

Prev by Date: [PATCH v1] s390x/tcg: fix and optimize SPX (SET PREFIX)
Next by Date: Re: [PATCH v7 06/10] qapi: replace if condition list with dict {'all': [...]}
Previous by thread: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context
Next by thread: Re: [PATCH v4 05/14] target/i386: sev: provide callback to setup outgoing context
Index(es):
- Date
- Thread