From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43800) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjqSm-0003lv-54 for qemu-devel@nongnu.org; Tue, 13 Sep 2016 12:21:37 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bjqSg-00042f-Eg for qemu-devel@nongnu.org; Tue, 13 Sep 2016 12:21:35 -0400 Received: from mail-bn3nam01on0051.outbound.protection.outlook.com ([104.47.33.51]:20960 helo=NAM01-BN3-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bjqSg-000428-6f for qemu-devel@nongnu.org; Tue, 13 Sep 2016 12:21:30 -0400 From: Brijesh Singh Date: Tue, 13 Sep 2016 10:47:58 -0400 Message-ID: <147377807842.11859.9369429600797537189.stgit@brijesh-build-machine> In-Reply-To: <147377800565.11859.4411044563640180545.stgit@brijesh-build-machine> References: <147377800565.11859.4411044563640180545.stgit@brijesh-build-machine> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] [RFC PATCH v1 07/22] sev: add SEV launch start command List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: ehabkost@redhat.com, crosthwaite.peter@gmail.com, armbru@redhat.com, mst@redhat.com, p.fedin@samsung.com, qemu-devel@nongnu.org, lcapitulino@redhat.com, pbonzini@redhat.com, rth@twiddle.net The SEV LAUNCH_START commands is used to initiated the process to launch a guest into SEV-enabled mode. The various parameters needed during this command should be provided through the SEV configuration file. For more information on command structure see [1] [1] http://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf The following kvm RFC patches defines and implements this command http://marc.info/?l=kvm&m=147190852423972&w=2 http://marc.info/?l=kvm&m=147190946024236&w=2 Signed-off-by: Brijesh Singh --- include/sysemu/sev.h | 7 ++++++ sev.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 65 insertions(+), 3 deletions(-) diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h index 0ee8aff..b8a7afa 100644 --- a/include/sysemu/sev.h +++ b/include/sysemu/sev.h @@ -23,5 +23,12 @@ */ int sev_init(KVMState *kvm_state); +/** + * kvm_sev_guest_start - initiate the process to launch a guest into SEV mode. + * + * Returns: 0 on success, or 1 on failure. + */ +int kvm_sev_guest_start(void); + #endif diff --git a/sev.c b/sev.c index 2d71ca6..40a126a 100644 --- a/sev.c +++ b/sev.c @@ -46,6 +46,10 @@ do { } while (0) #endif +enum { + SEV_LAUNCH_START = 0x1, +}; + struct SEVInfo { uint8_t state; /* guest current state */ uint8_t type; /* guest type (encrypted, unencrypted) */ @@ -271,12 +275,63 @@ int sev_init(KVMState *kvm_state) goto err; } - /* call SEV launch start APIs based on guest type */ - - return 0; + return kvm_sev_guest_start(); err: free(sev_info); sev_info = NULL; return 1; } +static int sev_launch_start(void) +{ + int ret; + SEVInfo *s = sev_info; + struct kvm_sev_issue_cmd input; + struct kvm_sev_launch_start *start = s->launch_start; + + input.cmd = KVM_SEV_LAUNCH_START; + input.opaque = (__u64)start; + ret = kvm_vm_ioctl(kvm_state, KVM_SEV_ISSUE_CMD, &input); + if (ret) { + fprintf(stderr, "SEV: launch start failed ret=%d(%#010x)\n", + ret, input.ret_code); + exit(EXIT_FAILURE); + } + + s->state = SEV_LAUNCH_START; + + DPRINTF("SEV: Launch Started\n"); + return 0; +} + +int kvm_sev_guest_start(void) +{ + SEVInfo *s = sev_info; + + if (!s) { + return 1; + } + + /* Guest launch is in progress */ + if (s->state == SEV_LAUNCH_START) { + return 1; + } + + if (s->type == UNENCRYPTED_GUEST) { + /* If we are requested to launch the guest which need to accepts the + * unencrypted images then use the LAUNCH_* command. + */ + + /* parse the config file to get the parameters */ + if (!s->launch_start && + (parse_sev_cfg(s, LAUNCH_OPTS, cfg_file) || !s->launch_start)) { + fprintf(stderr, "SEV: failed to get SEV LAUNCH parameters\n"); + exit(EXIT_FAILURE); + } + + return sev_launch_start(); + } + + return 1; +} +