* [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
This patch series provides support for AMD's new Secure Encrypted
Virtualization (SEV) feature.
SEV is an extension to the AMD-V architecture which supports running
multiple VMs under the control of a hypervisor. The SEV feature allows
the memory contents of a virtual machine (VM) to be transparently encrypted
with a key unique to the guest VM. The memory controller contains a
high performance encryption engine which can be programmed with multiple
keys for use by a different VMs in the system. The programming and
management of these keys is handled by the AMD Secure Processor firmware
which exposes a commands for these tasks.
The KVM SEV patch series introduced a new ioctl (KVM_MEMORY_ENCRYPTION_OP)
which is used by qemu to issue the SEV commands to assist performing
common hypervisor activities such as a launching, running, snapshooting,
migration and debugging guests.
The following links provide additional details:
AMD Memory Encryption whitepaper:
http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
AMD64 Architecture Programmer's Manual:
http://support.amd.com/TechDocs/24593.pdf
SME is section 7.10
SEV is section 15.34
Secure Encrypted Virutualization Key Management:
http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
KVM Forum slides:
http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
Video of the KVM Forum Talk:
https://www.youtube.com/watch?v=RcvQ1xN55Ew
---
The complete patch series is available :
https://github.com/codomania/qemu/tree/v11
Using these patches we have succesfully booted and tested a guest both with and
without SEV enabled.
TODO:
* Add SEV guest migration support
* Add SEV guest snapshot and restore support
Changes since v10:
- rebase to latest qemu
- minor fixes reported during review
Changes since v9:
- move sev specific header definition in target/i386/sev_i386.h
- add new QMP query-sev-capabilities - the command will be used by libvirt
to query the SEV capabilities information.
- move sev specific QMP command implementation in target/i386/monitor.c. The
sev commands are disabled for non x86 architecture
- update 'info sev' command to display human readiable format for policy
- use g_new0 to allocate to structure memory
- update qemu-options.hx to include cbitspos and reduced-phys-bit field
Changes since v8:
- update 'query-sev' command to use enum type for SEV state.
- populate memory encryption cpuid when only SEV is enabled.
Changes since v7:
- move sev.c from accel/kvm to target/i386
- update query-sev-launch-measure to return error when measurement is not available
- update flatview_read to use slow path when attrs.debug=1 is set
- fix the buffer overflow
- use '-' when adding new member in SevInfo QMP structure
Changes since v6:
- add support to specify cbitpos in sev-guest object
- add 'info sev' HMP command
- add 'query-sev' and 'query-launch-measure' QMP commands
- rework the logic to query the memory encryption mask when walking
guest pagetable for debug
Changes since v5:
- drop MEMTXTATTRS_DEBUG macro, caller now specify attrs.debug=1 when needed.
- drop DPRINTF and use trace points to output the debug messages
Changes since v4:
- extend sev-guest object to add new properties 'dh-cert-file', 'session-file' etc.
- emit SEV_MEASUREMENT event when measurement is available
- add migration blocker
- add memory encryption cpuid support
- rebase the series with recent qemu tree
Changes since v3:
- update to newer SEV spec (0.12 -> 0.14)
- update to newer KVM RFC and use KVM_MEMORY_ENCRYPTION_OP ioctl instead
of KVM_ISSUE_SEV.
- add support to encrypt plfash
Changes since v2:
- rename ram_ops to ram_debug_ops
- use '-' rather than '_' when adding new member in KvmInfo struct
- update sev object to use link properties when referencing other objects
- use ldq_phys_debug in tlb_info_64 and mem_info_64.
- remove sev-guest-policy object, we will revisit it after basic SEV
guest support is merged.
- remove kernel API from doc and add SEV guest LAUNCH model. The doc will
be updated as we integerate the remaining SEV APIs.
Changes since v1:
- Added Documentation
- Added security-policy object.
- Drop sev config parsing support and create new objects to get/set SEV
specific parameters
- Added sev-guest-info object.
- Added sev-launch-info object.
- Added kvm_memory_encrytion_* APIs. The idea behind this was to allow adding
a non SEV memory encrytion object without modifying interfaces.
- Drop patch to load OS image at fixed location.
- updated LAUNCH_FINISH command structure. Now the structure contains
just 'measurement' field. Other fields are not used and will also be removed
from newer SEV firmware API spec.
Brijesh Singh (28):
memattrs: add debug attribute
exec: add ram_debug_ops support
exec: add debug version of physical memory read and write API
monitor/i386: use debug APIs when accessing guest memory
machine: add -memory-encryption property
kvm: update kvm.h to include memory encryption ioctls
docs: add AMD Secure Encrypted Virtualization (SEV)
target/i386: add Secure Encrypted Virtulization (SEV) object
qmp: add query-sev command
include: add psp-sev.h header file
sev/i386: add command to initialize the memory encryption context
sev/i386: register the guest memory range which may contain encrypted
data
kvm: introduce memory encryption APIs
hmp: add 'info sev' command
sev/i386: add command to create launch memory encryption context
sev/i386: add command to encrypt guest memory region
target/i386: encrypt bios rom
sev/i386: add support to LAUNCH_MEASURE command
sev/i386: finalize the SEV guest launch flow
hw/i386: set ram_debug_ops when memory encryption is enabled
sev/i386: add debug encrypt and decrypt commands
target/i386: clear C-bit when walking SEV guest page table
qmp: add query-sev-launch-measure command
sev/i386: add migration blocker
cpu/i386: populate CPUID 0x8000_001F when SEV is active
qmp: add query-sev-capabilities command
sev/i386: add sev_get_capabilities()
tests/qmp-test: blacklist sev specific qmp commands
accel/kvm/kvm-all.c | 49 +++
accel/stubs/kvm-stub.c | 14 +
cpus.c | 2 +-
disas.c | 2 +-
docs/amd-memory-encryption.txt | 109 ++++++
exec.c | 83 +++-
hmp-commands-info.hx | 16 +
hmp.h | 1 +
hw/core/machine.c | 22 ++
hw/i386/pc.c | 9 +
hw/i386/pc_sysfw.c | 19 +
include/exec/cpu-common.h | 15 +
include/exec/memattrs.h | 2 +
include/exec/memory.h | 30 +-
include/hw/boards.h | 1 +
include/sysemu/kvm.h | 25 ++
include/sysemu/sev.h | 22 ++
linux-headers/linux/kvm.h | 90 +++++
linux-headers/linux/psp-sev.h | 142 +++++++
monitor.c | 27 +-
qapi/misc.json | 147 +++++++
qemu-options.hx | 49 ++-
stubs/Makefile.objs | 1 +
stubs/sev.c | 30 ++
target/i386/Makefile.objs | 4 +-
target/i386/cpu.c | 13 +
target/i386/helper.c | 31 +-
target/i386/monitor.c | 193 ++++++---
target/i386/sev-stub.c | 51 +++
target/i386/sev.c | 863 +++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 93 +++++
target/i386/trace-events | 11 +
tests/qmp-test.c | 5 +
33 files changed, 2086 insertions(+), 85 deletions(-)
create mode 100644 docs/amd-memory-encryption.txt
create mode 100644 include/sysemu/sev.h
create mode 100644 linux-headers/linux/psp-sev.h
create mode 100644 stubs/sev.c
create mode 100644 target/i386/sev-stub.c
create mode 100644 target/i386/sev.c
create mode 100644 target/i386/sev_i386.h
--
2.14.3
^ permalink raw reply [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
This patch series provides support for AMD's new Secure Encrypted
Virtualization (SEV) feature.
SEV is an extension to the AMD-V architecture which supports running
multiple VMs under the control of a hypervisor. The SEV feature allows
the memory contents of a virtual machine (VM) to be transparently encrypted
with a key unique to the guest VM. The memory controller contains a
high performance encryption engine which can be programmed with multiple
keys for use by a different VMs in the system. The programming and
management of these keys is handled by the AMD Secure Processor firmware
which exposes a commands for these tasks.
The KVM SEV patch series introduced a new ioctl (KVM_MEMORY_ENCRYPTION_OP)
which is used by qemu to issue the SEV commands to assist performing
common hypervisor activities such as a launching, running, snapshooting,
migration and debugging guests.
The following links provide additional details:
AMD Memory Encryption whitepaper:
http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
AMD64 Architecture Programmer's Manual:
http://support.amd.com/TechDocs/24593.pdf
SME is section 7.10
SEV is section 15.34
Secure Encrypted Virutualization Key Management:
http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
KVM Forum slides:
http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
Video of the KVM Forum Talk:
https://www.youtube.com/watch?v=RcvQ1xN55Ew
---
The complete patch series is available :
https://github.com/codomania/qemu/tree/v11
Using these patches we have succesfully booted and tested a guest both with and
without SEV enabled.
TODO:
* Add SEV guest migration support
* Add SEV guest snapshot and restore support
Changes since v10:
- rebase to latest qemu
- minor fixes reported during review
Changes since v9:
- move sev specific header definition in target/i386/sev_i386.h
- add new QMP query-sev-capabilities - the command will be used by libvirt
to query the SEV capabilities information.
- move sev specific QMP command implementation in target/i386/monitor.c. The
sev commands are disabled for non x86 architecture
- update 'info sev' command to display human readiable format for policy
- use g_new0 to allocate to structure memory
- update qemu-options.hx to include cbitspos and reduced-phys-bit field
Changes since v8:
- update 'query-sev' command to use enum type for SEV state.
- populate memory encryption cpuid when only SEV is enabled.
Changes since v7:
- move sev.c from accel/kvm to target/i386
- update query-sev-launch-measure to return error when measurement is not available
- update flatview_read to use slow path when attrs.debug=1 is set
- fix the buffer overflow
- use '-' when adding new member in SevInfo QMP structure
Changes since v6:
- add support to specify cbitpos in sev-guest object
- add 'info sev' HMP command
- add 'query-sev' and 'query-launch-measure' QMP commands
- rework the logic to query the memory encryption mask when walking
guest pagetable for debug
Changes since v5:
- drop MEMTXTATTRS_DEBUG macro, caller now specify attrs.debug=1 when needed.
- drop DPRINTF and use trace points to output the debug messages
Changes since v4:
- extend sev-guest object to add new properties 'dh-cert-file', 'session-file' etc.
- emit SEV_MEASUREMENT event when measurement is available
- add migration blocker
- add memory encryption cpuid support
- rebase the series with recent qemu tree
Changes since v3:
- update to newer SEV spec (0.12 -> 0.14)
- update to newer KVM RFC and use KVM_MEMORY_ENCRYPTION_OP ioctl instead
of KVM_ISSUE_SEV.
- add support to encrypt plfash
Changes since v2:
- rename ram_ops to ram_debug_ops
- use '-' rather than '_' when adding new member in KvmInfo struct
- update sev object to use link properties when referencing other objects
- use ldq_phys_debug in tlb_info_64 and mem_info_64.
- remove sev-guest-policy object, we will revisit it after basic SEV
guest support is merged.
- remove kernel API from doc and add SEV guest LAUNCH model. The doc will
be updated as we integerate the remaining SEV APIs.
Changes since v1:
- Added Documentation
- Added security-policy object.
- Drop sev config parsing support and create new objects to get/set SEV
specific parameters
- Added sev-guest-info object.
- Added sev-launch-info object.
- Added kvm_memory_encrytion_* APIs. The idea behind this was to allow adding
a non SEV memory encrytion object without modifying interfaces.
- Drop patch to load OS image at fixed location.
- updated LAUNCH_FINISH command structure. Now the structure contains
just 'measurement' field. Other fields are not used and will also be removed
from newer SEV firmware API spec.
Brijesh Singh (28):
memattrs: add debug attribute
exec: add ram_debug_ops support
exec: add debug version of physical memory read and write API
monitor/i386: use debug APIs when accessing guest memory
machine: add -memory-encryption property
kvm: update kvm.h to include memory encryption ioctls
docs: add AMD Secure Encrypted Virtualization (SEV)
target/i386: add Secure Encrypted Virtulization (SEV) object
qmp: add query-sev command
include: add psp-sev.h header file
sev/i386: add command to initialize the memory encryption context
sev/i386: register the guest memory range which may contain encrypted
data
kvm: introduce memory encryption APIs
hmp: add 'info sev' command
sev/i386: add command to create launch memory encryption context
sev/i386: add command to encrypt guest memory region
target/i386: encrypt bios rom
sev/i386: add support to LAUNCH_MEASURE command
sev/i386: finalize the SEV guest launch flow
hw/i386: set ram_debug_ops when memory encryption is enabled
sev/i386: add debug encrypt and decrypt commands
target/i386: clear C-bit when walking SEV guest page table
qmp: add query-sev-launch-measure command
sev/i386: add migration blocker
cpu/i386: populate CPUID 0x8000_001F when SEV is active
qmp: add query-sev-capabilities command
sev/i386: add sev_get_capabilities()
tests/qmp-test: blacklist sev specific qmp commands
accel/kvm/kvm-all.c | 49 +++
accel/stubs/kvm-stub.c | 14 +
cpus.c | 2 +-
disas.c | 2 +-
docs/amd-memory-encryption.txt | 109 ++++++
exec.c | 83 +++-
hmp-commands-info.hx | 16 +
hmp.h | 1 +
hw/core/machine.c | 22 ++
hw/i386/pc.c | 9 +
hw/i386/pc_sysfw.c | 19 +
include/exec/cpu-common.h | 15 +
include/exec/memattrs.h | 2 +
include/exec/memory.h | 30 +-
include/hw/boards.h | 1 +
include/sysemu/kvm.h | 25 ++
include/sysemu/sev.h | 22 ++
linux-headers/linux/kvm.h | 90 +++++
linux-headers/linux/psp-sev.h | 142 +++++++
monitor.c | 27 +-
qapi/misc.json | 147 +++++++
qemu-options.hx | 49 ++-
stubs/Makefile.objs | 1 +
stubs/sev.c | 30 ++
target/i386/Makefile.objs | 4 +-
target/i386/cpu.c | 13 +
target/i386/helper.c | 31 +-
target/i386/monitor.c | 193 ++++++---
target/i386/sev-stub.c | 51 +++
target/i386/sev.c | 863 +++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 93 +++++
target/i386/trace-events | 11 +
tests/qmp-test.c | 5 +
33 files changed, 2086 insertions(+), 85 deletions(-)
create mode 100644 docs/amd-memory-encryption.txt
create mode 100644 include/sysemu/sev.h
create mode 100644 linux-headers/linux/psp-sev.h
create mode 100644 stubs/sev.c
create mode 100644 target/i386/sev-stub.c
create mode 100644 target/i386/sev.c
create mode 100644 target/i386/sev_i386.h
--
2.14.3
^ permalink raw reply [flat|nested] 74+ messages in thread
* [PATCH v11 01/28] memattrs: add debug attribute
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
Extend the MemTxAttrs to include 'debug' flag. The flag can be used as
general indicator that operation was triggered by the debugger.
Later in the patch series we set the debug=1 when issuing a memory access
from the gdbstub or HMP commands. This patch is prerequisite to support
debugging the encrypted guest. If we see request with debug=1 then we
will need to use encryption APIs to access the guest memory.
Cc: Alistair Francis <alistair.francis@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
include/exec/memattrs.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
index d4a16420984b..08099e4f7e72 100644
--- a/include/exec/memattrs.h
+++ b/include/exec/memattrs.h
@@ -37,6 +37,8 @@ typedef struct MemTxAttrs {
unsigned int user:1;
/* Requester ID (for MSI for example) */
unsigned int requester_id:16;
+ /* Memory access request from the debugger */
+ unsigned int debug:1;
} MemTxAttrs;
/* Bus masters which don't specify any attributes will get this,
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 01/28] memattrs: add debug attribute
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
Extend the MemTxAttrs to include 'debug' flag. The flag can be used as
general indicator that operation was triggered by the debugger.
Later in the patch series we set the debug=1 when issuing a memory access
from the gdbstub or HMP commands. This patch is prerequisite to support
debugging the encrypted guest. If we see request with debug=1 then we
will need to use encryption APIs to access the guest memory.
Cc: Alistair Francis <alistair.francis@xilinx.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
include/exec/memattrs.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/exec/memattrs.h b/include/exec/memattrs.h
index d4a16420984b..08099e4f7e72 100644
--- a/include/exec/memattrs.h
+++ b/include/exec/memattrs.h
@@ -37,6 +37,8 @@ typedef struct MemTxAttrs {
unsigned int user:1;
/* Requester ID (for MSI for example) */
unsigned int requester_id:16;
+ /* Memory access request from the debugger */
+ unsigned int debug:1;
} MemTxAttrs;
/* Bus masters which don't specify any attributes will get this,
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 02/28] exec: add ram_debug_ops support
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
Currently, the guest memory access for the debug purpose is performed
using the memcpy(). Lets extend the 'struct MemoryRegion' to include
ram_debug_ops callbacks. The ram_debug_ops can be used to override
memcpy() with something else.
The feature can be used by encrypted guest -- which can register
callbacks to override memcpy() with memory encryption/decryption APIs.
a typical usage:
mem_read(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
mem_write(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
MemoryRegionRAMReadWriteOps ops;
ops.read = mem_read;
ops.write = mem_write;
memory_region_init_ram(mem, NULL, "memory", size, NULL);
memory_region_set_ram_debug_ops(mem, ops);
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
exec.c | 43 ++++++++++++++++++++++++++++++++-----------
include/exec/memory.h | 30 +++++++++++++++++++++++++++++-
2 files changed, 61 insertions(+), 12 deletions(-)
diff --git a/exec.c b/exec.c
index 4d8addb263a0..4408cd26c989 100644
--- a/exec.c
+++ b/exec.c
@@ -3054,7 +3054,11 @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
} else {
/* RAM case */
ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
- memcpy(ptr, buf, l);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ptr, buf, l, attrs);
+ } else {
+ memcpy(ptr, buf, l);
+ }
invalidate_and_set_dirty(mr, addr1, l);
}
@@ -3152,7 +3156,11 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
} else {
/* RAM case */
ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
- memcpy(buf, ptr, l);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->read(buf, ptr, l, attrs);
+ } else {
+ memcpy(buf, ptr, l);
+ }
}
if (release_lock) {
@@ -3226,7 +3234,8 @@ enum write_rom_type {
};
static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
- hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
+ hwaddr addr, const uint8_t *buf, int len, MemTxAttrs attrs,
+ enum write_rom_type type)
{
hwaddr l;
uint8_t *ptr;
@@ -3246,7 +3255,11 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
switch (type) {
case WRITE_DATA:
- memcpy(ptr, buf, l);
+ if (mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ptr, buf, l, attrs);
+ } else {
+ memcpy(ptr, buf, l);
+ }
invalidate_and_set_dirty(mr, addr1, l);
break;
case FLUSH_CACHE:
@@ -3265,7 +3278,9 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
const uint8_t *buf, int len)
{
- cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
+ cpu_physical_memory_write_rom_internal(as, addr, buf, len,
+ MEMTXATTRS_UNSPECIFIED,
+ WRITE_DATA);
}
void cpu_flush_icache_range(hwaddr start, int len)
@@ -3280,8 +3295,9 @@ void cpu_flush_icache_range(hwaddr start, int len)
return;
}
- cpu_physical_memory_write_rom_internal(&address_space_memory,
- start, NULL, len, FLUSH_CACHE);
+ cpu_physical_memory_write_rom_internal(&address_space_memory, start, NULL,
+ len, MEMTXATTRS_UNSPECIFIED,
+ FLUSH_CACHE);
}
typedef struct {
@@ -3596,6 +3612,10 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
page = addr & TARGET_PAGE_MASK;
phys_addr = cpu_get_phys_page_attrs_debug(cpu, page, &attrs);
asidx = cpu_asidx_from_attrs(cpu, attrs);
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
/* if no physical page mapped, return an error */
if (phys_addr == -1)
return -1;
@@ -3604,13 +3624,14 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
l = len;
phys_addr += (addr & ~TARGET_PAGE_MASK);
if (is_write) {
- cpu_physical_memory_write_rom(cpu->cpu_ases[asidx].as,
- phys_addr, buf, l);
+ cpu_physical_memory_write_rom_internal(cpu->cpu_ases[asidx].as,
+ phys_addr, buf, l, attrs,
+ WRITE_DATA);
} else {
address_space_rw(cpu->cpu_ases[asidx].as, phys_addr,
- MEMTXATTRS_UNSPECIFIED,
- buf, l, 0);
+ attrs, buf, l, 0);
}
+
len -= l;
buf += l;
addr += l;
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 15e81113bac9..4a18bb3b38ec 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -223,6 +223,18 @@ typedef struct IOMMUMemoryRegionClass {
typedef struct CoalescedMemoryRange CoalescedMemoryRange;
typedef struct MemoryRegionIoeventfd MemoryRegionIoeventfd;
+/* Memory Region RAM debug callback */
+typedef struct MemoryRegionRAMReadWriteOps MemoryRegionRAMReadWriteOps;
+
+struct MemoryRegionRAMReadWriteOps {
+ /* Write data into guest memory */
+ int (*write) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+ /* Read data from guest memory */
+ int (*read) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+};
+
struct MemoryRegion {
Object parent_obj;
@@ -262,6 +274,7 @@ struct MemoryRegion {
const char *name;
unsigned ioeventfd_nb;
MemoryRegionIoeventfd *ioeventfds;
+ const MemoryRegionRAMReadWriteOps *ram_debug_ops;
};
struct IOMMUMemoryRegion {
@@ -655,6 +668,21 @@ void memory_region_init_rom_device_nomigrate(MemoryRegion *mr,
uint64_t size,
Error **errp);
+/**
+ * memory_region_set_ram_debug_ops: Set debug access ops for a given memory
+ * region.
+ *
+ * @mr: the #MemoryRegion to be initialized
+ * @ops: a function that will be used for when accessing @target region during
+ * debug
+ */
+static inline void
+memory_region_set_ram_debug_ops(MemoryRegion *mr,
+ const MemoryRegionRAMReadWriteOps *ops)
+{
+ mr->ram_debug_ops = ops;
+}
+
/**
* memory_region_init_reservation: Initialize a memory region that reserves
* I/O space.
@@ -1938,7 +1966,7 @@ MemTxResult flatview_read(FlatView *fv, hwaddr addr, MemTxAttrs attrs,
void *ptr;
MemoryRegion *mr;
- if (__builtin_constant_p(len)) {
+ if (__builtin_constant_p(len) && !attrs.debug) {
if (len) {
rcu_read_lock();
l = len;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 02/28] exec: add ram_debug_ops support
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
Currently, the guest memory access for the debug purpose is performed
using the memcpy(). Lets extend the 'struct MemoryRegion' to include
ram_debug_ops callbacks. The ram_debug_ops can be used to override
memcpy() with something else.
The feature can be used by encrypted guest -- which can register
callbacks to override memcpy() with memory encryption/decryption APIs.
a typical usage:
mem_read(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
mem_write(uint8_t *dst, uint8_t *src, uint32_t len, MemTxAttrs *attrs);
MemoryRegionRAMReadWriteOps ops;
ops.read = mem_read;
ops.write = mem_write;
memory_region_init_ram(mem, NULL, "memory", size, NULL);
memory_region_set_ram_debug_ops(mem, ops);
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
exec.c | 43 ++++++++++++++++++++++++++++++++-----------
include/exec/memory.h | 30 +++++++++++++++++++++++++++++-
2 files changed, 61 insertions(+), 12 deletions(-)
diff --git a/exec.c b/exec.c
index 4d8addb263a0..4408cd26c989 100644
--- a/exec.c
+++ b/exec.c
@@ -3054,7 +3054,11 @@ static MemTxResult flatview_write_continue(FlatView *fv, hwaddr addr,
} else {
/* RAM case */
ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
- memcpy(ptr, buf, l);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ptr, buf, l, attrs);
+ } else {
+ memcpy(ptr, buf, l);
+ }
invalidate_and_set_dirty(mr, addr1, l);
}
@@ -3152,7 +3156,11 @@ MemTxResult flatview_read_continue(FlatView *fv, hwaddr addr,
} else {
/* RAM case */
ptr = qemu_ram_ptr_length(mr->ram_block, addr1, &l, false);
- memcpy(buf, ptr, l);
+ if (attrs.debug && mr->ram_debug_ops) {
+ mr->ram_debug_ops->read(buf, ptr, l, attrs);
+ } else {
+ memcpy(buf, ptr, l);
+ }
}
if (release_lock) {
@@ -3226,7 +3234,8 @@ enum write_rom_type {
};
static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
- hwaddr addr, const uint8_t *buf, int len, enum write_rom_type type)
+ hwaddr addr, const uint8_t *buf, int len, MemTxAttrs attrs,
+ enum write_rom_type type)
{
hwaddr l;
uint8_t *ptr;
@@ -3246,7 +3255,11 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
ptr = qemu_map_ram_ptr(mr->ram_block, addr1);
switch (type) {
case WRITE_DATA:
- memcpy(ptr, buf, l);
+ if (mr->ram_debug_ops) {
+ mr->ram_debug_ops->write(ptr, buf, l, attrs);
+ } else {
+ memcpy(ptr, buf, l);
+ }
invalidate_and_set_dirty(mr, addr1, l);
break;
case FLUSH_CACHE:
@@ -3265,7 +3278,9 @@ static inline void cpu_physical_memory_write_rom_internal(AddressSpace *as,
void cpu_physical_memory_write_rom(AddressSpace *as, hwaddr addr,
const uint8_t *buf, int len)
{
- cpu_physical_memory_write_rom_internal(as, addr, buf, len, WRITE_DATA);
+ cpu_physical_memory_write_rom_internal(as, addr, buf, len,
+ MEMTXATTRS_UNSPECIFIED,
+ WRITE_DATA);
}
void cpu_flush_icache_range(hwaddr start, int len)
@@ -3280,8 +3295,9 @@ void cpu_flush_icache_range(hwaddr start, int len)
return;
}
- cpu_physical_memory_write_rom_internal(&address_space_memory,
- start, NULL, len, FLUSH_CACHE);
+ cpu_physical_memory_write_rom_internal(&address_space_memory, start, NULL,
+ len, MEMTXATTRS_UNSPECIFIED,
+ FLUSH_CACHE);
}
typedef struct {
@@ -3596,6 +3612,10 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
page = addr & TARGET_PAGE_MASK;
phys_addr = cpu_get_phys_page_attrs_debug(cpu, page, &attrs);
asidx = cpu_asidx_from_attrs(cpu, attrs);
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
/* if no physical page mapped, return an error */
if (phys_addr == -1)
return -1;
@@ -3604,13 +3624,14 @@ int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
l = len;
phys_addr += (addr & ~TARGET_PAGE_MASK);
if (is_write) {
- cpu_physical_memory_write_rom(cpu->cpu_ases[asidx].as,
- phys_addr, buf, l);
+ cpu_physical_memory_write_rom_internal(cpu->cpu_ases[asidx].as,
+ phys_addr, buf, l, attrs,
+ WRITE_DATA);
} else {
address_space_rw(cpu->cpu_ases[asidx].as, phys_addr,
- MEMTXATTRS_UNSPECIFIED,
- buf, l, 0);
+ attrs, buf, l, 0);
}
+
len -= l;
buf += l;
addr += l;
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 15e81113bac9..4a18bb3b38ec 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -223,6 +223,18 @@ typedef struct IOMMUMemoryRegionClass {
typedef struct CoalescedMemoryRange CoalescedMemoryRange;
typedef struct MemoryRegionIoeventfd MemoryRegionIoeventfd;
+/* Memory Region RAM debug callback */
+typedef struct MemoryRegionRAMReadWriteOps MemoryRegionRAMReadWriteOps;
+
+struct MemoryRegionRAMReadWriteOps {
+ /* Write data into guest memory */
+ int (*write) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+ /* Read data from guest memory */
+ int (*read) (uint8_t *dest, const uint8_t *src,
+ uint32_t len, MemTxAttrs attrs);
+};
+
struct MemoryRegion {
Object parent_obj;
@@ -262,6 +274,7 @@ struct MemoryRegion {
const char *name;
unsigned ioeventfd_nb;
MemoryRegionIoeventfd *ioeventfds;
+ const MemoryRegionRAMReadWriteOps *ram_debug_ops;
};
struct IOMMUMemoryRegion {
@@ -655,6 +668,21 @@ void memory_region_init_rom_device_nomigrate(MemoryRegion *mr,
uint64_t size,
Error **errp);
+/**
+ * memory_region_set_ram_debug_ops: Set debug access ops for a given memory
+ * region.
+ *
+ * @mr: the #MemoryRegion to be initialized
+ * @ops: a function that will be used for when accessing @target region during
+ * debug
+ */
+static inline void
+memory_region_set_ram_debug_ops(MemoryRegion *mr,
+ const MemoryRegionRAMReadWriteOps *ops)
+{
+ mr->ram_debug_ops = ops;
+}
+
/**
* memory_region_init_reservation: Initialize a memory region that reserves
* I/O space.
@@ -1938,7 +1966,7 @@ MemTxResult flatview_read(FlatView *fv, hwaddr addr, MemTxAttrs attrs,
void *ptr;
MemoryRegion *mr;
- if (__builtin_constant_p(len)) {
+ if (__builtin_constant_p(len) && !attrs.debug) {
if (len) {
rcu_read_lock();
l = len;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 03/28] exec: add debug version of physical memory read and write API
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
Adds the following new APIs
- cpu_physical_memory_read_debug
- cpu_physical_memory_write_debug
- cpu_physical_memory_rw_debug
- ldl_phys_debug
- ldq_phys_debug
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
---
exec.c | 40 ++++++++++++++++++++++++++++++++++++++++
include/exec/cpu-common.h | 15 +++++++++++++++
2 files changed, 55 insertions(+)
diff --git a/exec.c b/exec.c
index 4408cd26c989..633be92d2b3a 100644
--- a/exec.c
+++ b/exec.c
@@ -3596,6 +3596,46 @@ void address_space_cache_destroy(MemoryRegionCache *cache)
#define RCU_READ_UNLOCK() rcu_read_unlock()
#include "memory_ldst.inc.c"
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr)
+{
+ MemTxAttrs attrs;
+ int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ uint32_t val;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(cpu->cpu_ases[asidx].as, addr, attrs,
+ (void *) &val, 4, 0);
+
+ return tswap32(val);
+}
+
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr)
+{
+ MemTxAttrs attrs;
+ int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ uint64_t val;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(cpu->cpu_ases[asidx].as, addr, attrs,
+ (void *) &val, 8, 0);
+ return val;
+}
+
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write)
+{
+ MemTxAttrs attrs;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(&address_space_memory, addr, attrs, buf, len, is_write);
+}
+
/* virtual memory access for debug (includes writing to ROM) */
int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
uint8_t *buf, int len, int is_write)
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index 74341b19d26a..fa01385d4f1b 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -77,11 +77,26 @@ size_t qemu_ram_pagesize_largest(void);
void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
int len, int is_write);
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write);
static inline void cpu_physical_memory_read(hwaddr addr,
void *buf, int len)
{
cpu_physical_memory_rw(addr, buf, len, 0);
}
+static inline void cpu_physical_memory_read_debug(hwaddr addr,
+ void *buf, int len)
+{
+ cpu_physical_memory_rw_debug(addr, buf, len, 0);
+}
+static inline void cpu_physical_memory_write_debug(hwaddr addr,
+ const void *buf, int len)
+{
+ cpu_physical_memory_rw_debug(addr, (void *)buf, len, 1);
+}
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr);
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr);
+
static inline void cpu_physical_memory_write(hwaddr addr,
const void *buf, int len)
{
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 03/28] exec: add debug version of physical memory read and write API
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
Adds the following new APIs
- cpu_physical_memory_read_debug
- cpu_physical_memory_write_debug
- cpu_physical_memory_rw_debug
- ldl_phys_debug
- ldq_phys_debug
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
---
exec.c | 40 ++++++++++++++++++++++++++++++++++++++++
include/exec/cpu-common.h | 15 +++++++++++++++
2 files changed, 55 insertions(+)
diff --git a/exec.c b/exec.c
index 4408cd26c989..633be92d2b3a 100644
--- a/exec.c
+++ b/exec.c
@@ -3596,6 +3596,46 @@ void address_space_cache_destroy(MemoryRegionCache *cache)
#define RCU_READ_UNLOCK() rcu_read_unlock()
#include "memory_ldst.inc.c"
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr)
+{
+ MemTxAttrs attrs;
+ int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ uint32_t val;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(cpu->cpu_ases[asidx].as, addr, attrs,
+ (void *) &val, 4, 0);
+
+ return tswap32(val);
+}
+
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr)
+{
+ MemTxAttrs attrs;
+ int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ uint64_t val;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(cpu->cpu_ases[asidx].as, addr, attrs,
+ (void *) &val, 8, 0);
+ return val;
+}
+
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write)
+{
+ MemTxAttrs attrs;
+
+ /* set debug attrs to indicate memory access is from the debugger */
+ attrs.debug = 1;
+
+ address_space_rw(&address_space_memory, addr, attrs, buf, len, is_write);
+}
+
/* virtual memory access for debug (includes writing to ROM) */
int cpu_memory_rw_debug(CPUState *cpu, target_ulong addr,
uint8_t *buf, int len, int is_write)
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index 74341b19d26a..fa01385d4f1b 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -77,11 +77,26 @@ size_t qemu_ram_pagesize_largest(void);
void cpu_physical_memory_rw(hwaddr addr, uint8_t *buf,
int len, int is_write);
+void cpu_physical_memory_rw_debug(hwaddr addr, uint8_t *buf,
+ int len, int is_write);
static inline void cpu_physical_memory_read(hwaddr addr,
void *buf, int len)
{
cpu_physical_memory_rw(addr, buf, len, 0);
}
+static inline void cpu_physical_memory_read_debug(hwaddr addr,
+ void *buf, int len)
+{
+ cpu_physical_memory_rw_debug(addr, buf, len, 0);
+}
+static inline void cpu_physical_memory_write_debug(hwaddr addr,
+ const void *buf, int len)
+{
+ cpu_physical_memory_rw_debug(addr, (void *)buf, len, 1);
+}
+uint32_t ldl_phys_debug(CPUState *cpu, hwaddr addr);
+uint64_t ldq_phys_debug(CPUState *cpu, hwaddr addr);
+
static inline void cpu_physical_memory_write(hwaddr addr,
const void *buf, int len)
{
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 04/28] monitor/i386: use debug APIs when accessing guest memory
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
Updates HMP commands to use the debug version of APIs when accessing the
guest memory.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
cpus.c | 2 +-
disas.c | 2 +-
monitor.c | 6 +++---
target/i386/helper.c | 14 ++++++------
target/i386/monitor.c | 60 +++++++++++++++++++++++++++------------------------
5 files changed, 44 insertions(+), 40 deletions(-)
diff --git a/cpus.c b/cpus.c
index 4f5f88edba9e..e88d33210101 100644
--- a/cpus.c
+++ b/cpus.c
@@ -2268,7 +2268,7 @@ void qmp_pmemsave(int64_t addr, int64_t size, const char *filename,
l = sizeof(buf);
if (l > size)
l = size;
- cpu_physical_memory_read(addr, buf, l);
+ cpu_physical_memory_read_debug(addr, buf, l);
if (fwrite(buf, 1, l, f) != l) {
error_setg(errp, QERR_IO_ERROR);
goto exit;
diff --git a/disas.c b/disas.c
index d4ad1089efb3..fcedbf263302 100644
--- a/disas.c
+++ b/disas.c
@@ -586,7 +586,7 @@ static int
physical_read_memory(bfd_vma memaddr, bfd_byte *myaddr, int length,
struct disassemble_info *info)
{
- cpu_physical_memory_read(memaddr, myaddr, length);
+ cpu_physical_memory_read_debug(memaddr, myaddr, length);
return 0;
}
diff --git a/monitor.c b/monitor.c
index a4417f26cde3..3f4ba902266b 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1368,7 +1368,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
if (l > line_size)
l = line_size;
if (is_physical) {
- cpu_physical_memory_read(addr, buf, l);
+ cpu_physical_memory_read_debug(addr, buf, l);
} else {
if (cpu_memory_rw_debug(cs, addr, buf, l, 0) < 0) {
monitor_printf(mon, " Cannot access memory\n");
@@ -1574,8 +1574,8 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
sum = 0;
for(addr = start; addr < (start + size); addr++) {
- uint8_t val = address_space_ldub(&address_space_memory, addr,
- MEMTXATTRS_UNSPECIFIED, NULL);
+ uint8_t val;
+ cpu_physical_memory_read_debug(addr, &val, 1);
/* BSD sum algorithm ('sum' Unix command) */
sum = (sum >> 1) | (sum << 15);
sum += val;
diff --git a/target/i386/helper.c b/target/i386/helper.c
index 9fba146b7fb0..58fb6eec562a 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -757,7 +757,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
if (la57) {
pml5e_addr = ((env->cr[3] & ~0xfff) +
(((addr >> 48) & 0x1ff) << 3)) & a20_mask;
- pml5e = x86_ldq_phys(cs, pml5e_addr);
+ pml5e = ldq_phys_debug(cs, pml5e_addr);
if (!(pml5e & PG_PRESENT_MASK)) {
return -1;
}
@@ -767,7 +767,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pml4e_addr = ((pml5e & PG_ADDRESS_MASK) +
(((addr >> 39) & 0x1ff) << 3)) & a20_mask;
- pml4e = x86_ldq_phys(cs, pml4e_addr);
+ pml4e = ldq_phys_debug(cs, pml4e_addr);
if (!(pml4e & PG_PRESENT_MASK)) {
return -1;
}
@@ -788,14 +788,14 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
{
pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
a20_mask;
- pdpe = x86_ldq_phys(cs, pdpe_addr);
+ pdpe = ldq_phys_debug(cs, pdpe_addr);
if (!(pdpe & PG_PRESENT_MASK))
return -1;
}
pde_addr = ((pdpe & PG_ADDRESS_MASK) +
(((addr >> 21) & 0x1ff) << 3)) & a20_mask;
- pde = x86_ldq_phys(cs, pde_addr);
+ pde = ldq_phys_debug(cs, pde_addr);
if (!(pde & PG_PRESENT_MASK)) {
return -1;
}
@@ -808,7 +808,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pte_addr = ((pde & PG_ADDRESS_MASK) +
(((addr >> 12) & 0x1ff) << 3)) & a20_mask;
page_size = 4096;
- pte = x86_ldq_phys(cs, pte_addr);
+ pte = ldq_phys_debug(cs, pte_addr);
}
if (!(pte & PG_PRESENT_MASK)) {
return -1;
@@ -818,7 +818,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
/* page directory entry */
pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask;
- pde = x86_ldl_phys(cs, pde_addr);
+ pde = ldl_phys_debug(cs, pde_addr);
if (!(pde & PG_PRESENT_MASK))
return -1;
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -827,7 +827,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else {
/* page directory entry */
pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask;
- pte = x86_ldl_phys(cs, pte_addr);
+ pte = ldl_phys_debug(cs, pte_addr);
if (!(pte & PG_PRESENT_MASK)) {
return -1;
}
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 75429129fde0..55ea10deb8ef 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -68,7 +68,7 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
pgd = env->cr[3] & ~0xfff;
for(l1 = 0; l1 < 1024; l1++) {
- cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+ cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -76,7 +76,8 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
print_pte(mon, env, (l1 << 22), pde, ~((1 << 21) - 1));
} else {
for(l2 = 0; l2 < 1024; l2++) {
- cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+ cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 22) + (l2 << 12),
@@ -97,12 +98,12 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
pdp_addr = env->cr[3] & ~0x1f;
for (l1 = 0; l1 < 4; l1++) {
- cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -112,7 +113,8 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
@@ -137,7 +139,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t pdp_addr, pd_addr, pt_addr;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
@@ -145,7 +147,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (!(pdpe & PG_PRESENT_MASK)) {
continue;
@@ -160,7 +162,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (!(pde & PG_PRESENT_MASK)) {
continue;
@@ -175,9 +177,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr
- + l4 * 8,
- &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l4 * 8, &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l0 << 48) + (l1 << 39) +
@@ -198,7 +198,7 @@ static void tlb_info_la57(Monitor *mon, CPUArchState *env)
pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
for (l0 = 0; l0 < 512; l0++) {
- cpu_physical_memory_read(pml5_addr + l0 * 8, &pml5e, 8);
+ cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
pml5e = le64_to_cpu(pml5e);
if (pml5e & PG_PRESENT_MASK) {
tlb_info_la48(mon, env, l0, pml5e & 0x3fffffffff000ULL);
@@ -273,7 +273,7 @@ static void mem_info_32(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for(l1 = 0; l1 < 1024; l1++) {
- cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+ cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
end = l1 << 22;
if (pde & PG_PRESENT_MASK) {
@@ -282,7 +282,8 @@ static void mem_info_32(Monitor *mon, CPUArchState *env)
mem_print(mon, &start, &last_prot, end, prot);
} else {
for(l2 = 0; l2 < 1024; l2++) {
- cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+ cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
end = (l1 << 22) + (l2 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -315,13 +316,13 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 4; l1++) {
- cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = l1 << 30;
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
end = (l1 << 30) + (l2 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -332,7 +333,8 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l1 << 30) + (l2 << 21) + (l3 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -371,13 +373,13 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
end = l1 << 39;
if (pml4e & PG_PRESENT_MASK) {
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
@@ -389,7 +391,8 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
} else {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8,
+ &pde, 8);
pde = le64_to_cpu(pde);
end = (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -401,9 +404,9 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr
- + l4 * 8,
- &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr
+ + l4 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
@@ -448,7 +451,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l0 = 0; l0 < 512; l0++) {
- cpu_physical_memory_read(pml5_addr + l0 * 8, &pml5e, 8);
+ cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
pml5e = le64_to_cpu(pml5e);
end = l0 << 48;
if (!(pml5e & PG_PRESENT_MASK)) {
@@ -459,7 +462,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pml4_addr = pml5e & 0x3fffffffff000ULL;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
end = (l0 << 48) + (l1 << 39);
if (!(pml4e & PG_PRESENT_MASK)) {
@@ -470,7 +473,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = (l0 << 48) + (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
@@ -489,7 +492,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
pde = le64_to_cpu(pde);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -508,7 +511,8 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr + l4 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l4 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 04/28] monitor/i386: use debug APIs when accessing guest memory
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
Updates HMP commands to use the debug version of APIs when accessing the
guest memory.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
cpus.c | 2 +-
disas.c | 2 +-
monitor.c | 6 +++---
target/i386/helper.c | 14 ++++++------
target/i386/monitor.c | 60 +++++++++++++++++++++++++++------------------------
5 files changed, 44 insertions(+), 40 deletions(-)
diff --git a/cpus.c b/cpus.c
index 4f5f88edba9e..e88d33210101 100644
--- a/cpus.c
+++ b/cpus.c
@@ -2268,7 +2268,7 @@ void qmp_pmemsave(int64_t addr, int64_t size, const char *filename,
l = sizeof(buf);
if (l > size)
l = size;
- cpu_physical_memory_read(addr, buf, l);
+ cpu_physical_memory_read_debug(addr, buf, l);
if (fwrite(buf, 1, l, f) != l) {
error_setg(errp, QERR_IO_ERROR);
goto exit;
diff --git a/disas.c b/disas.c
index d4ad1089efb3..fcedbf263302 100644
--- a/disas.c
+++ b/disas.c
@@ -586,7 +586,7 @@ static int
physical_read_memory(bfd_vma memaddr, bfd_byte *myaddr, int length,
struct disassemble_info *info)
{
- cpu_physical_memory_read(memaddr, myaddr, length);
+ cpu_physical_memory_read_debug(memaddr, myaddr, length);
return 0;
}
diff --git a/monitor.c b/monitor.c
index a4417f26cde3..3f4ba902266b 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1368,7 +1368,7 @@ static void memory_dump(Monitor *mon, int count, int format, int wsize,
if (l > line_size)
l = line_size;
if (is_physical) {
- cpu_physical_memory_read(addr, buf, l);
+ cpu_physical_memory_read_debug(addr, buf, l);
} else {
if (cpu_memory_rw_debug(cs, addr, buf, l, 0) < 0) {
monitor_printf(mon, " Cannot access memory\n");
@@ -1574,8 +1574,8 @@ static void hmp_sum(Monitor *mon, const QDict *qdict)
sum = 0;
for(addr = start; addr < (start + size); addr++) {
- uint8_t val = address_space_ldub(&address_space_memory, addr,
- MEMTXATTRS_UNSPECIFIED, NULL);
+ uint8_t val;
+ cpu_physical_memory_read_debug(addr, &val, 1);
/* BSD sum algorithm ('sum' Unix command) */
sum = (sum >> 1) | (sum << 15);
sum += val;
diff --git a/target/i386/helper.c b/target/i386/helper.c
index 9fba146b7fb0..58fb6eec562a 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -757,7 +757,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
if (la57) {
pml5e_addr = ((env->cr[3] & ~0xfff) +
(((addr >> 48) & 0x1ff) << 3)) & a20_mask;
- pml5e = x86_ldq_phys(cs, pml5e_addr);
+ pml5e = ldq_phys_debug(cs, pml5e_addr);
if (!(pml5e & PG_PRESENT_MASK)) {
return -1;
}
@@ -767,7 +767,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pml4e_addr = ((pml5e & PG_ADDRESS_MASK) +
(((addr >> 39) & 0x1ff) << 3)) & a20_mask;
- pml4e = x86_ldq_phys(cs, pml4e_addr);
+ pml4e = ldq_phys_debug(cs, pml4e_addr);
if (!(pml4e & PG_PRESENT_MASK)) {
return -1;
}
@@ -788,14 +788,14 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
{
pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
a20_mask;
- pdpe = x86_ldq_phys(cs, pdpe_addr);
+ pdpe = ldq_phys_debug(cs, pdpe_addr);
if (!(pdpe & PG_PRESENT_MASK))
return -1;
}
pde_addr = ((pdpe & PG_ADDRESS_MASK) +
(((addr >> 21) & 0x1ff) << 3)) & a20_mask;
- pde = x86_ldq_phys(cs, pde_addr);
+ pde = ldq_phys_debug(cs, pde_addr);
if (!(pde & PG_PRESENT_MASK)) {
return -1;
}
@@ -808,7 +808,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pte_addr = ((pde & PG_ADDRESS_MASK) +
(((addr >> 12) & 0x1ff) << 3)) & a20_mask;
page_size = 4096;
- pte = x86_ldq_phys(cs, pte_addr);
+ pte = ldq_phys_debug(cs, pte_addr);
}
if (!(pte & PG_PRESENT_MASK)) {
return -1;
@@ -818,7 +818,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
/* page directory entry */
pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask;
- pde = x86_ldl_phys(cs, pde_addr);
+ pde = ldl_phys_debug(cs, pde_addr);
if (!(pde & PG_PRESENT_MASK))
return -1;
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -827,7 +827,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else {
/* page directory entry */
pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask;
- pte = x86_ldl_phys(cs, pte_addr);
+ pte = ldl_phys_debug(cs, pte_addr);
if (!(pte & PG_PRESENT_MASK)) {
return -1;
}
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 75429129fde0..55ea10deb8ef 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -68,7 +68,7 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
pgd = env->cr[3] & ~0xfff;
for(l1 = 0; l1 < 1024; l1++) {
- cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+ cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -76,7 +76,8 @@ static void tlb_info_32(Monitor *mon, CPUArchState *env)
print_pte(mon, env, (l1 << 22), pde, ~((1 << 21) - 1));
} else {
for(l2 = 0; l2 < 1024; l2++) {
- cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+ cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 22) + (l2 << 12),
@@ -97,12 +98,12 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
pdp_addr = env->cr[3] & ~0x1f;
for (l1 = 0; l1 < 4; l1++) {
- cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -112,7 +113,8 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
@@ -137,7 +139,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t pdp_addr, pd_addr, pt_addr;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
@@ -145,7 +147,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
if (!(pdpe & PG_PRESENT_MASK)) {
continue;
@@ -160,7 +162,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
pde = le64_to_cpu(pde);
if (!(pde & PG_PRESENT_MASK)) {
continue;
@@ -175,9 +177,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr
- + l4 * 8,
- &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l4 * 8, &pte, 8);
pte = le64_to_cpu(pte);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l0 << 48) + (l1 << 39) +
@@ -198,7 +198,7 @@ static void tlb_info_la57(Monitor *mon, CPUArchState *env)
pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
for (l0 = 0; l0 < 512; l0++) {
- cpu_physical_memory_read(pml5_addr + l0 * 8, &pml5e, 8);
+ cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
pml5e = le64_to_cpu(pml5e);
if (pml5e & PG_PRESENT_MASK) {
tlb_info_la48(mon, env, l0, pml5e & 0x3fffffffff000ULL);
@@ -273,7 +273,7 @@ static void mem_info_32(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for(l1 = 0; l1 < 1024; l1++) {
- cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
+ cpu_physical_memory_read_debug(pgd + l1 * 4, &pde, 4);
pde = le32_to_cpu(pde);
end = l1 << 22;
if (pde & PG_PRESENT_MASK) {
@@ -282,7 +282,8 @@ static void mem_info_32(Monitor *mon, CPUArchState *env)
mem_print(mon, &start, &last_prot, end, prot);
} else {
for(l2 = 0; l2 < 1024; l2++) {
- cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
+ cpu_physical_memory_read_debug((pde & ~0xfff) + l2 * 4,
+ &pte, 4);
pte = le32_to_cpu(pte);
end = (l1 << 22) + (l2 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -315,13 +316,13 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 4; l1++) {
- cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = l1 << 30;
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
pde = le64_to_cpu(pde);
end = (l1 << 30) + (l2 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -332,7 +333,8 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l3 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l1 << 30) + (l2 << 21) + (l3 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -371,13 +373,13 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
end = l1 << 39;
if (pml4e & PG_PRESENT_MASK) {
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
@@ -389,7 +391,8 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
} else {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8,
+ &pde, 8);
pde = le64_to_cpu(pde);
end = (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -401,9 +404,9 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
} else {
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr
- + l4 * 8,
- &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr
+ + l4 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
@@ -448,7 +451,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
last_prot = 0;
start = -1;
for (l0 = 0; l0 < 512; l0++) {
- cpu_physical_memory_read(pml5_addr + l0 * 8, &pml5e, 8);
+ cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
pml5e = le64_to_cpu(pml5e);
end = l0 << 48;
if (!(pml5e & PG_PRESENT_MASK)) {
@@ -459,7 +462,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pml4_addr = pml5e & 0x3fffffffff000ULL;
for (l1 = 0; l1 < 512; l1++) {
- cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
+ cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
pml4e = le64_to_cpu(pml4e);
end = (l0 << 48) + (l1 << 39);
if (!(pml4e & PG_PRESENT_MASK)) {
@@ -470,7 +473,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
- cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
+ cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
pdpe = le64_to_cpu(pdpe);
end = (l0 << 48) + (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
@@ -489,7 +492,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
- cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
+ cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
pde = le64_to_cpu(pde);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
@@ -508,7 +511,8 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
- cpu_physical_memory_read(pt_addr + l4 * 8, &pte, 8);
+ cpu_physical_memory_read_debug(pt_addr + l4 * 8,
+ &pte, 8);
pte = le64_to_cpu(pte);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 05/28] machine: add -memory-encryption property
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hw/core/machine.c | 22 ++++++++++++++++++++++
include/hw/boards.h | 1 +
qemu-options.hx | 5 ++++-
3 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 5e2bbcdacedb..2040177664d5 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp)
return ms->enforce_config_section;
}
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->memory_encryption);
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->memory_encryption);
+ ms->memory_encryption = g_strdup(value);
+}
+
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
{
strList *item = g_new0(strList, 1);
@@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
&error_abort);
object_class_property_set_description(oc, "enforce-config-section",
"Set on to enforce configuration section migration", &error_abort);
+
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption,
+ &error_abort);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encyption object to use", &error_abort);
}
static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index efb0a9edfdf1..8ce9a7a21d3d 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -243,6 +243,7 @@ struct MachineState {
bool suppress_vmdesc;
bool enforce_config_section;
bool enable_graphics;
+ char *memory_encryption;
ram_addr_t ram_size;
ram_addr_t maxram_size;
diff --git a/qemu-options.hx b/qemu-options.hx
index 2a22a62f743b..c157946af308 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
" suppress-vmdesc=on|off disables self-describing migration (default=off)\n"
" nvdimm=on|off controls NVDIMM support (default=off)\n"
" enforce-config-section=on|off enforce configuration section migration (default=off)\n"
- " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n",
+ " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n"
+ " memory-encryption=@var{} memory encryption object to use (default=none)\n",
QEMU_ARCH_ALL)
STEXI
@item -machine [type=]@var{name}[,prop=@var{value}[,...]]
@@ -110,6 +111,8 @@ code to send configuration section even if the machine-type sets the
@option{migration.send-configuration} property to @var{off}.
NOTE: this parameter is deprecated. Please use @option{-global}
@option{migration.send-configuration}=@var{on|off} instead.
+@item memory-encryption=@var{}
+Memory encryption object to use. The default is none.
@end table
ETEXI
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 05/28] machine: add -memory-encryption property
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
When CPU supports memory encryption feature, the property can be used to
specify the encryption object to use when launching an encrypted guest.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Marcel Apfelbaum <marcel@redhat.com>
Cc: Stefan Hajnoczi <stefanha@gmail.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hw/core/machine.c | 22 ++++++++++++++++++++++
include/hw/boards.h | 1 +
qemu-options.hx | 5 ++++-
3 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/hw/core/machine.c b/hw/core/machine.c
index 5e2bbcdacedb..2040177664d5 100644
--- a/hw/core/machine.c
+++ b/hw/core/machine.c
@@ -334,6 +334,22 @@ static bool machine_get_enforce_config_section(Object *obj, Error **errp)
return ms->enforce_config_section;
}
+static char *machine_get_memory_encryption(Object *obj, Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ return g_strdup(ms->memory_encryption);
+}
+
+static void machine_set_memory_encryption(Object *obj, const char *value,
+ Error **errp)
+{
+ MachineState *ms = MACHINE(obj);
+
+ g_free(ms->memory_encryption);
+ ms->memory_encryption = g_strdup(value);
+}
+
void machine_class_allow_dynamic_sysbus_dev(MachineClass *mc, const char *type)
{
strList *item = g_new0(strList, 1);
@@ -612,6 +628,12 @@ static void machine_class_init(ObjectClass *oc, void *data)
&error_abort);
object_class_property_set_description(oc, "enforce-config-section",
"Set on to enforce configuration section migration", &error_abort);
+
+ object_class_property_add_str(oc, "memory-encryption",
+ machine_get_memory_encryption, machine_set_memory_encryption,
+ &error_abort);
+ object_class_property_set_description(oc, "memory-encryption",
+ "Set memory encyption object to use", &error_abort);
}
static void machine_class_base_init(ObjectClass *oc, void *data)
diff --git a/include/hw/boards.h b/include/hw/boards.h
index efb0a9edfdf1..8ce9a7a21d3d 100644
--- a/include/hw/boards.h
+++ b/include/hw/boards.h
@@ -243,6 +243,7 @@ struct MachineState {
bool suppress_vmdesc;
bool enforce_config_section;
bool enable_graphics;
+ char *memory_encryption;
ram_addr_t ram_size;
ram_addr_t maxram_size;
diff --git a/qemu-options.hx b/qemu-options.hx
index 2a22a62f743b..c157946af308 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -43,7 +43,8 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \
" suppress-vmdesc=on|off disables self-describing migration (default=off)\n"
" nvdimm=on|off controls NVDIMM support (default=off)\n"
" enforce-config-section=on|off enforce configuration section migration (default=off)\n"
- " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n",
+ " s390-squash-mcss=on|off (deprecated) controls support for squashing into default css (default=off)\n"
+ " memory-encryption=@var{} memory encryption object to use (default=none)\n",
QEMU_ARCH_ALL)
STEXI
@item -machine [type=]@var{name}[,prop=@var{value}[,...]]
@@ -110,6 +111,8 @@ code to send configuration section even if the machine-type sets the
@option{migration.send-configuration} property to @var{off}.
NOTE: this parameter is deprecated. Please use @option{-global}
@option{migration.send-configuration}=@var{on|off} instead.
+@item memory-encryption=@var{}
+Memory encryption object to use. The default is none.
@end table
ETEXI
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 06/28] kvm: update kvm.h to include memory encryption ioctls
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
Updates kmv.h to include memory encryption ioctls and SEV commands.
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
| 90 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 90 insertions(+)
--git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index d92c9b2f0ed2..aed22309950d 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -1362,6 +1362,96 @@ struct kvm_s390_ucas_mapping {
/* Available with KVM_CAP_S390_CMMA_MIGRATION */
#define KVM_S390_GET_CMMA_BITS _IOWR(KVMIO, 0xb8, struct kvm_s390_cmma_log)
#define KVM_S390_SET_CMMA_BITS _IOW(KVMIO, 0xb9, struct kvm_s390_cmma_log)
+/* Memory Encryption Commands */
+#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long)
+
+struct kvm_enc_region {
+ __u64 addr;
+ __u64 size;
+};
+
+#define KVM_MEMORY_ENCRYPT_REG_REGION _IOR(KVMIO, 0xbb, struct kvm_enc_region)
+#define KVM_MEMORY_ENCRYPT_UNREG_REGION _IOR(KVMIO, 0xbc, struct kvm_enc_region)
+
+/* Secure Encrypted Virtualization command */
+enum sev_cmd_id {
+ /* Guest initialization commands */
+ KVM_SEV_INIT = 0,
+ KVM_SEV_ES_INIT,
+ /* Guest launch commands */
+ KVM_SEV_LAUNCH_START,
+ KVM_SEV_LAUNCH_UPDATE_DATA,
+ KVM_SEV_LAUNCH_UPDATE_VMSA,
+ KVM_SEV_LAUNCH_SECRET,
+ KVM_SEV_LAUNCH_MEASURE,
+ KVM_SEV_LAUNCH_FINISH,
+ /* Guest migration commands (outgoing) */
+ KVM_SEV_SEND_START,
+ KVM_SEV_SEND_UPDATE_DATA,
+ KVM_SEV_SEND_UPDATE_VMSA,
+ KVM_SEV_SEND_FINISH,
+ /* Guest migration commands (incoming) */
+ KVM_SEV_RECEIVE_START,
+ KVM_SEV_RECEIVE_UPDATE_DATA,
+ KVM_SEV_RECEIVE_UPDATE_VMSA,
+ KVM_SEV_RECEIVE_FINISH,
+ /* Guest status and debug commands */
+ KVM_SEV_GUEST_STATUS,
+ KVM_SEV_DBG_DECRYPT,
+ KVM_SEV_DBG_ENCRYPT,
+ /* Guest certificates commands */
+ KVM_SEV_CERT_EXPORT,
+
+ KVM_SEV_NR_MAX,
+};
+
+struct kvm_sev_cmd {
+ __u32 id;
+ __u64 data;
+ __u32 error;
+ __u32 sev_fd;
+};
+
+struct kvm_sev_launch_start {
+ __u32 handle;
+ __u32 policy;
+ __u64 dh_uaddr;
+ __u32 dh_len;
+ __u64 session_uaddr;
+ __u32 session_len;
+};
+
+struct kvm_sev_launch_update_data {
+ __u64 uaddr;
+ __u32 len;
+};
+
+
+struct kvm_sev_launch_secret {
+ __u64 hdr_uaddr;
+ __u32 hdr_len;
+ __u64 guest_uaddr;
+ __u32 guest_len;
+ __u64 trans_uaddr;
+ __u32 trans_len;
+};
+
+struct kvm_sev_launch_measure {
+ __u64 uaddr;
+ __u32 len;
+};
+
+struct kvm_sev_guest_status {
+ __u32 handle;
+ __u32 policy;
+ __u32 state;
+};
+
+struct kvm_sev_dbg {
+ __u64 src_uaddr;
+ __u64 dst_uaddr;
+ __u32 len;
+};
#define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0)
#define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1)
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 06/28] kvm: update kvm.h to include memory encryption ioctls
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
Updates kmv.h to include memory encryption ioctls and SEV commands.
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
| 90 +++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 90 insertions(+)
--git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h
index d92c9b2f0ed2..aed22309950d 100644
--- a/linux-headers/linux/kvm.h
+++ b/linux-headers/linux/kvm.h
@@ -1362,6 +1362,96 @@ struct kvm_s390_ucas_mapping {
/* Available with KVM_CAP_S390_CMMA_MIGRATION */
#define KVM_S390_GET_CMMA_BITS _IOWR(KVMIO, 0xb8, struct kvm_s390_cmma_log)
#define KVM_S390_SET_CMMA_BITS _IOW(KVMIO, 0xb9, struct kvm_s390_cmma_log)
+/* Memory Encryption Commands */
+#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long)
+
+struct kvm_enc_region {
+ __u64 addr;
+ __u64 size;
+};
+
+#define KVM_MEMORY_ENCRYPT_REG_REGION _IOR(KVMIO, 0xbb, struct kvm_enc_region)
+#define KVM_MEMORY_ENCRYPT_UNREG_REGION _IOR(KVMIO, 0xbc, struct kvm_enc_region)
+
+/* Secure Encrypted Virtualization command */
+enum sev_cmd_id {
+ /* Guest initialization commands */
+ KVM_SEV_INIT = 0,
+ KVM_SEV_ES_INIT,
+ /* Guest launch commands */
+ KVM_SEV_LAUNCH_START,
+ KVM_SEV_LAUNCH_UPDATE_DATA,
+ KVM_SEV_LAUNCH_UPDATE_VMSA,
+ KVM_SEV_LAUNCH_SECRET,
+ KVM_SEV_LAUNCH_MEASURE,
+ KVM_SEV_LAUNCH_FINISH,
+ /* Guest migration commands (outgoing) */
+ KVM_SEV_SEND_START,
+ KVM_SEV_SEND_UPDATE_DATA,
+ KVM_SEV_SEND_UPDATE_VMSA,
+ KVM_SEV_SEND_FINISH,
+ /* Guest migration commands (incoming) */
+ KVM_SEV_RECEIVE_START,
+ KVM_SEV_RECEIVE_UPDATE_DATA,
+ KVM_SEV_RECEIVE_UPDATE_VMSA,
+ KVM_SEV_RECEIVE_FINISH,
+ /* Guest status and debug commands */
+ KVM_SEV_GUEST_STATUS,
+ KVM_SEV_DBG_DECRYPT,
+ KVM_SEV_DBG_ENCRYPT,
+ /* Guest certificates commands */
+ KVM_SEV_CERT_EXPORT,
+
+ KVM_SEV_NR_MAX,
+};
+
+struct kvm_sev_cmd {
+ __u32 id;
+ __u64 data;
+ __u32 error;
+ __u32 sev_fd;
+};
+
+struct kvm_sev_launch_start {
+ __u32 handle;
+ __u32 policy;
+ __u64 dh_uaddr;
+ __u32 dh_len;
+ __u64 session_uaddr;
+ __u32 session_len;
+};
+
+struct kvm_sev_launch_update_data {
+ __u64 uaddr;
+ __u32 len;
+};
+
+
+struct kvm_sev_launch_secret {
+ __u64 hdr_uaddr;
+ __u32 hdr_len;
+ __u64 guest_uaddr;
+ __u32 guest_len;
+ __u64 trans_uaddr;
+ __u32 trans_len;
+};
+
+struct kvm_sev_launch_measure {
+ __u64 uaddr;
+ __u32 len;
+};
+
+struct kvm_sev_guest_status {
+ __u32 handle;
+ __u32 policy;
+ __u32 state;
+};
+
+struct kvm_sev_dbg {
+ __u64 src_uaddr;
+ __u64 dst_uaddr;
+ __u32 len;
+};
#define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0)
#define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1)
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 07/28] docs: add AMD Secure Encrypted Virtualization (SEV)
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
Create a documentation entry to describe the AMD Secure Encrypted
Virtualization (SEV) feature.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
docs/amd-memory-encryption.txt | 92 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 92 insertions(+)
create mode 100644 docs/amd-memory-encryption.txt
diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
new file mode 100644
index 000000000000..72a92b6c6353
--- /dev/null
+++ b/docs/amd-memory-encryption.txt
@@ -0,0 +1,92 @@
+Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
+
+SEV is an extension to the AMD-V architecture which supports running encrypted
+virtual machine (VMs) under the control of KVM. Encrypted VMs have their pages
+(code and data) secured such that only the guest itself has access to the
+unencrypted version. Each encrypted VM is associated with a unique encryption
+key; if its data is accessed to a different entity using a different key the
+encrypted guests data will be incorrectly decrypted, leading to unintelligible
+data.
+
+The key management of this feature is handled by separate processor known as
+AMD secure processor (AMD-SP) which is present in AMD SOCs. Firmware running
+inside the AMD-SP provide commands to support common VM lifecycle. This
+includes commands for launching, snapshotting, migrating and debugging the
+encrypted guest. Those SEV command can be issued via KVM_MEMORY_ENCRYPT_OP
+ioctls.
+
+Launching
+---------
+Boot images (such as bios) must be encrypted before guest can be booted.
+MEMORY_ENCRYPT_OP ioctl provides commands to encrypt the images :LAUNCH_START,
+LAUNCH_UPDATE_DATA, LAUNCH_MEASURE and LAUNCH_FINISH. These four commands
+together generate a fresh memory encryption key for the VM, encrypt the boot
+images and provide a measurement than can be used as an attestation of the
+successful launch.
+
+LAUNCH_START is called first to create a cryptographic launch context within
+the firmware. To create this context, guest owner must provides guest policy,
+its public Diffie-Hellman key (PDH) and session parameters. These inputs
+should be treated as binary blob and must be passed as-is to the SEV firmware.
+
+The guest policy is passed as plaintext and hypervisor may able to read it
+but should not modify it (any modification of the policy bits will result
+in bad measurement). The guest policy is a 4-byte data structure containing
+several flags that restricts what can be done on running SEV guest.
+See KM Spec section 3 and 6.2 for more details.
+
+Guest owners provided DH certificate and session parameters will be used to
+establish a cryptographic session with the guest owner to negotiate keys used
+for the attestation.
+
+LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic context
+created via LAUNCH_START command. If required, this command can be called
+multiple times to encrypt different memory regions. The command also calculates
+the measurement of the memory contents as it encrypts.
+
+LAUNCH_MEASURE command can be used to retrieve the measurement of encrypted
+memory. This measurement is a signature of the memory contents that can be
+sent to the guest owner as an attestation that the memory was encrypted
+correctly by the firmware. The guest owner may wait to provide the guest
+confidential information until it can verify the attestation measurement.
+Since the guest owner knows the initial contents of the guest at boot, the
+attestation measurement can be verified by comparing it to what the guest owner
+expects.
+
+LAUNCH_FINISH command finalizes the guest launch and destroy's the cryptographic
+context.
+
+See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the
+complete flow chart.
+
+Debugging
+-----------
+Since memory contents of SEV guest is encrypted hence hypervisor access to the
+guest memory will get a cipher text. If guest policy allows debugging, then
+hypervisor can use DEBUG_DECRYPT and DEBUG_ENCRYPT commands access the guest
+memory region for debug purposes.
+
+Snapshot/Restore
+-----------------
+TODO
+
+Live Migration
+----------------
+TODO
+
+References
+-----------------
+
+AMD Memory Encryption whitepaper:
+http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
+
+Secure Encrypted Virutualization Key Management:
+[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
+
+KVM Forum slides:
+http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
+
+AMD64 Architecture Programmer's Manual:
+ http://support.amd.com/TechDocs/24593.pdf
+ SME is section 7.10
+ SEV is section 15.34
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 07/28] docs: add AMD Secure Encrypted Virtualization (SEV)
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
Create a documentation entry to describe the AMD Secure Encrypted
Virtualization (SEV) feature.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
docs/amd-memory-encryption.txt | 92 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 92 insertions(+)
create mode 100644 docs/amd-memory-encryption.txt
diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
new file mode 100644
index 000000000000..72a92b6c6353
--- /dev/null
+++ b/docs/amd-memory-encryption.txt
@@ -0,0 +1,92 @@
+Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
+
+SEV is an extension to the AMD-V architecture which supports running encrypted
+virtual machine (VMs) under the control of KVM. Encrypted VMs have their pages
+(code and data) secured such that only the guest itself has access to the
+unencrypted version. Each encrypted VM is associated with a unique encryption
+key; if its data is accessed to a different entity using a different key the
+encrypted guests data will be incorrectly decrypted, leading to unintelligible
+data.
+
+The key management of this feature is handled by separate processor known as
+AMD secure processor (AMD-SP) which is present in AMD SOCs. Firmware running
+inside the AMD-SP provide commands to support common VM lifecycle. This
+includes commands for launching, snapshotting, migrating and debugging the
+encrypted guest. Those SEV command can be issued via KVM_MEMORY_ENCRYPT_OP
+ioctls.
+
+Launching
+---------
+Boot images (such as bios) must be encrypted before guest can be booted.
+MEMORY_ENCRYPT_OP ioctl provides commands to encrypt the images :LAUNCH_START,
+LAUNCH_UPDATE_DATA, LAUNCH_MEASURE and LAUNCH_FINISH. These four commands
+together generate a fresh memory encryption key for the VM, encrypt the boot
+images and provide a measurement than can be used as an attestation of the
+successful launch.
+
+LAUNCH_START is called first to create a cryptographic launch context within
+the firmware. To create this context, guest owner must provides guest policy,
+its public Diffie-Hellman key (PDH) and session parameters. These inputs
+should be treated as binary blob and must be passed as-is to the SEV firmware.
+
+The guest policy is passed as plaintext and hypervisor may able to read it
+but should not modify it (any modification of the policy bits will result
+in bad measurement). The guest policy is a 4-byte data structure containing
+several flags that restricts what can be done on running SEV guest.
+See KM Spec section 3 and 6.2 for more details.
+
+Guest owners provided DH certificate and session parameters will be used to
+establish a cryptographic session with the guest owner to negotiate keys used
+for the attestation.
+
+LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic context
+created via LAUNCH_START command. If required, this command can be called
+multiple times to encrypt different memory regions. The command also calculates
+the measurement of the memory contents as it encrypts.
+
+LAUNCH_MEASURE command can be used to retrieve the measurement of encrypted
+memory. This measurement is a signature of the memory contents that can be
+sent to the guest owner as an attestation that the memory was encrypted
+correctly by the firmware. The guest owner may wait to provide the guest
+confidential information until it can verify the attestation measurement.
+Since the guest owner knows the initial contents of the guest at boot, the
+attestation measurement can be verified by comparing it to what the guest owner
+expects.
+
+LAUNCH_FINISH command finalizes the guest launch and destroy's the cryptographic
+context.
+
+See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the
+complete flow chart.
+
+Debugging
+-----------
+Since memory contents of SEV guest is encrypted hence hypervisor access to the
+guest memory will get a cipher text. If guest policy allows debugging, then
+hypervisor can use DEBUG_DECRYPT and DEBUG_ENCRYPT commands access the guest
+memory region for debug purposes.
+
+Snapshot/Restore
+-----------------
+TODO
+
+Live Migration
+----------------
+TODO
+
+References
+-----------------
+
+AMD Memory Encryption whitepaper:
+http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
+
+Secure Encrypted Virutualization Key Management:
+[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
+
+KVM Forum slides:
+http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
+
+AMD64 Architecture Programmer's Manual:
+ http://support.amd.com/TechDocs/24593.pdf
+ SME is section 7.10
+ SEV is section 15.34
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
Add a new memory encryption object 'sev-guest'. The object will be used
to create enrypted VMs on AMD EPYC CPU. The object provides the properties
to pass guest owner's public Diffie-hellman key, guest policy and session
information required to create the memory encryption context within the
SEV firmware.
e.g to launch SEV guest
# $QEMU \
-object sev-guest,id=sev0 \
-machine ....,memory-encryption=sev0
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
docs/amd-memory-encryption.txt | 17 +++
qemu-options.hx | 44 ++++++++
target/i386/Makefile.objs | 2 +-
target/i386/sev.c | 228 +++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 61 +++++++++++
5 files changed, 351 insertions(+), 1 deletion(-)
create mode 100644 target/i386/sev.c
create mode 100644 target/i386/sev_i386.h
diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
index 72a92b6c6353..05266fd41b23 100644
--- a/docs/amd-memory-encryption.txt
+++ b/docs/amd-memory-encryption.txt
@@ -35,10 +35,21 @@ in bad measurement). The guest policy is a 4-byte data structure containing
several flags that restricts what can be done on running SEV guest.
See KM Spec section 3 and 6.2 for more details.
+The guest policy can be provided via the 'policy' property (see below)
+
+# ${QEMU} \
+ sev-guest,id=sev0,policy=0x1...\
+
Guest owners provided DH certificate and session parameters will be used to
establish a cryptographic session with the guest owner to negotiate keys used
for the attestation.
+The DH certificate and session blob can be provided via 'dh-cert-file' and
+'session-file' property (see below
+
+# ${QEMU} \
+ sev-guest,id=sev0,dh-cert-file=<file1>,session-file=<file2>
+
LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic context
created via LAUNCH_START command. If required, this command can be called
multiple times to encrypt different memory regions. The command also calculates
@@ -59,6 +70,12 @@ context.
See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the
complete flow chart.
+To launch a SEV guest
+
+# ${QEMU} \
+ -machine ...,memory-encryption=sev0 \
+ -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1
+
Debugging
-----------
Since memory contents of SEV guest is encrypted hence hypervisor access to the
diff --git a/qemu-options.hx b/qemu-options.hx
index c157946af308..1808593221ba 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4356,6 +4356,50 @@ contents of @code{iv.b64} to the second secret
data=$SECRET,iv=$(<iv.b64)
@end example
+@item -object sev-guest,id=@var{id},cbitpos=@var{cbitpos},reduced-phys-bits=@var{val},[sev-device=@var{string},policy=@var{policy},handle=@var{handle},dh-cert-file=@var{file},session-file=@var{file}]
+
+Create a Secure Encrypted Virtualization (SEV) guest object, which can be used
+to provide the guest memory encryption support on AMD processors.
+
+When memory encryption is enabled, one of the physical address bit (aka the
+C-bit) is utilized to mark if a memory page is protected. The @option{cbitpos}
+is used to provide the C-bit position. The C-bit position is Host family dependent
+hence user must provide this value. On EPYC, the value should be 47.
+
+When memory encryption is enabled, we loose certain bits in physical address space.
+The @option{reduced-phys-bits} is used to provide the number of bits we loose in
+physical address space. Similar to C-bit, the value is Host family dependent.
+On EPYC, the value should be 5.
+
+The @option{sev-device} provides the device file to use for communicating with
+the SEV firmware running inside AMD Secure Processor. The default device is
+'/dev/sev'. If hardware supports memory encryption then /dev/sev devices are
+created by CCP driver.
+
+The @option{policy} provides the guest policy to be enforced by the SEV firmware
+and restrict what configuration and operational commands can be performed on this
+guest by the hypervisor. The policy should be provided by the guest owner and is
+bound to the guest and cannot be changed throughout the lifetime of the guest.
+The default is 0.
+
+If guest @option{policy} allows sharing the key with another SEV guest then
+@option{handle} can be use to provide handle of the guest from which to share
+the key.
+
+The @option{dh-cert-file} and @option{session-file} provides the guest owner's
+Public Diffie-Hillman key defined in SEV spec. The PDH and session parameters
+are used for establishing a cryptographic session with the guest owner to
+negotiate keys used for attestation. The file must be encoded in base64.
+
+e.g to launch a SEV guest
+@example
+ # $QEMU \
+ ......
+ -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 \
+ -machine ...,memory-encryption=sev0
+ .....
+
+@end example
@end table
ETEXI
diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
index f5c6ef20a7bb..76aeaeae2750 100644
--- a/target/i386/Makefile.objs
+++ b/target/i386/Makefile.objs
@@ -4,7 +4,7 @@ obj-$(CONFIG_TCG) += bpt_helper.o cc_helper.o excp_helper.o fpu_helper.o
obj-$(CONFIG_TCG) += int_helper.o mem_helper.o misc_helper.o mpx_helper.o
obj-$(CONFIG_TCG) += seg_helper.o smm_helper.o svm_helper.o
obj-$(CONFIG_SOFTMMU) += machine.o arch_memory_mapping.o arch_dump.o monitor.o
-obj-$(CONFIG_KVM) += kvm.o hyperv.o
+obj-$(CONFIG_KVM) += kvm.o hyperv.o sev.o
obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
# HAX support
ifdef CONFIG_WIN32
diff --git a/target/i386/sev.c b/target/i386/sev.c
new file mode 100644
index 000000000000..ab42e4a456d2
--- /dev/null
+++ b/target/i386/sev.c
@@ -0,0 +1,228 @@
+/*
+ * QEMU SEV support
+ *
+ * Copyright Advanced Micro Devices 2016-2018
+ *
+ * Author:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qom/object_interfaces.h"
+#include "qemu/base64.h"
+#include "sysemu/kvm.h"
+#include "sev_i386.h"
+#include "sysemu/sysemu.h"
+
+#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
+#define DEFAULT_SEV_DEVICE "/dev/sev"
+
+static void
+qsev_guest_finalize(Object *obj)
+{
+}
+
+static char *
+qsev_guest_get_session_file(Object *obj, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ return s->session_file ? g_strdup(s->session_file) : NULL;
+}
+
+static void
+qsev_guest_set_session_file(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ s->session_file = g_strdup(value);
+}
+
+static char *
+qsev_guest_get_dh_cert_file(Object *obj, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ return g_strdup(s->dh_cert_file);
+}
+
+static void
+qsev_guest_set_dh_cert_file(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ s->dh_cert_file = g_strdup(value);
+}
+
+static char *
+qsev_guest_get_sev_device(Object *obj, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ return g_strdup(sev->sev_device);
+}
+
+static void
+qsev_guest_set_sev_device(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ sev->sev_device = g_strdup(value);
+}
+
+static void
+qsev_guest_class_init(ObjectClass *oc, void *data)
+{
+ object_class_property_add_str(oc, "sev-device",
+ qsev_guest_get_sev_device,
+ qsev_guest_set_sev_device,
+ NULL);
+ object_class_property_set_description(oc, "sev-device",
+ "SEV device to use", NULL);
+ object_class_property_add_str(oc, "dh-cert-file",
+ qsev_guest_get_dh_cert_file,
+ qsev_guest_set_dh_cert_file,
+ NULL);
+ object_class_property_set_description(oc, "dh-cert-file",
+ "guest owners DH certificate (encoded with base64)", NULL);
+ object_class_property_add_str(oc, "session-file",
+ qsev_guest_get_session_file,
+ qsev_guest_set_session_file,
+ NULL);
+ object_class_property_set_description(oc, "session-file",
+ "guest owners session parameters (encoded with base64)", NULL);
+}
+
+static void
+qsev_guest_set_handle(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->handle = value;
+}
+
+static void
+qsev_guest_set_policy(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->policy = value;
+}
+
+static void
+qsev_guest_set_cbitpos(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->cbitpos = value;
+}
+
+static void
+qsev_guest_set_reduced_phys_bits(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->reduced_phys_bits = value;
+}
+
+static void
+qsev_guest_get_policy(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->policy;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_handle(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->handle;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_cbitpos(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->cbitpos;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_reduced_phys_bits(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->reduced_phys_bits;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_init(Object *obj)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ sev->sev_device = g_strdup(DEFAULT_SEV_DEVICE);
+ sev->policy = DEFAULT_GUEST_POLICY;
+ object_property_add(obj, "policy", "uint32", qsev_guest_get_policy,
+ qsev_guest_set_policy, NULL, NULL, NULL);
+ object_property_add(obj, "handle", "uint32", qsev_guest_get_handle,
+ qsev_guest_set_handle, NULL, NULL, NULL);
+ object_property_add(obj, "cbitpos", "uint32", qsev_guest_get_cbitpos,
+ qsev_guest_set_cbitpos, NULL, NULL, NULL);
+ object_property_add(obj, "reduced-phys-bits", "uint32",
+ qsev_guest_get_reduced_phys_bits,
+ qsev_guest_set_reduced_phys_bits, NULL, NULL, NULL);
+}
+
+/* sev guest info */
+static const TypeInfo qsev_guest_info = {
+ .parent = TYPE_OBJECT,
+ .name = TYPE_QSEV_GUEST_INFO,
+ .instance_size = sizeof(QSevGuestInfo),
+ .instance_finalize = qsev_guest_finalize,
+ .class_size = sizeof(QSevGuestInfoClass),
+ .class_init = qsev_guest_class_init,
+ .instance_init = qsev_guest_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void
+sev_register_types(void)
+{
+ type_register_static(&qsev_guest_info);
+}
+
+type_init(sev_register_types);
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
new file mode 100644
index 000000000000..caf879c3b874
--- /dev/null
+++ b/target/i386/sev_i386.h
@@ -0,0 +1,61 @@
+/*
+ * QEMU Secure Encrypted Virutualization (SEV) support
+ *
+ * Copyright: Advanced Micro Devices, 2016-2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_SEV_I386_H
+#define QEMU_SEV_I386_H
+
+#include "qom/object.h"
+#include "qapi/error.h"
+#include "sysemu/kvm.h"
+#include "qemu/error-report.h"
+
+#define SEV_POLICY_NODBG 0x1
+#define SEV_POLICY_NOKS 0x2
+#define SEV_POLICY_ES 0x4
+#define SEV_POLICY_NOSEND 0x8
+#define SEV_POLICY_DOMAIN 0x10
+#define SEV_POLICY_SEV 0x20
+
+#define TYPE_QSEV_GUEST_INFO "sev-guest"
+#define QSEV_GUEST_INFO(obj) \
+ OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO)
+
+typedef struct QSevGuestInfo QSevGuestInfo;
+typedef struct QSevGuestInfoClass QSevGuestInfoClass;
+
+/**
+ * QSevGuestInfo:
+ *
+ * The QSevGuestInfo object is used for creating a SEV guest.
+ *
+ * # $QEMU \
+ * -object sev-guest,id=sev0 \
+ * -machine ...,memory-encryption=sev0
+ */
+struct QSevGuestInfo {
+ Object parent_obj;
+
+ char *sev_device;
+ uint32_t policy;
+ uint32_t handle;
+ char *dh_cert_file;
+ char *session_file;
+ uint32_t cbitpos;
+ uint32_t reduced_phys_bits;
+};
+
+struct QSevGuestInfoClass {
+ ObjectClass parent_class;
+};
+
+#endif
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
Add a new memory encryption object 'sev-guest'. The object will be used
to create enrypted VMs on AMD EPYC CPU. The object provides the properties
to pass guest owner's public Diffie-hellman key, guest policy and session
information required to create the memory encryption context within the
SEV firmware.
e.g to launch SEV guest
# $QEMU \
-object sev-guest,id=sev0 \
-machine ....,memory-encryption=sev0
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
docs/amd-memory-encryption.txt | 17 +++
qemu-options.hx | 44 ++++++++
target/i386/Makefile.objs | 2 +-
target/i386/sev.c | 228 +++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 61 +++++++++++
5 files changed, 351 insertions(+), 1 deletion(-)
create mode 100644 target/i386/sev.c
create mode 100644 target/i386/sev_i386.h
diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt
index 72a92b6c6353..05266fd41b23 100644
--- a/docs/amd-memory-encryption.txt
+++ b/docs/amd-memory-encryption.txt
@@ -35,10 +35,21 @@ in bad measurement). The guest policy is a 4-byte data structure containing
several flags that restricts what can be done on running SEV guest.
See KM Spec section 3 and 6.2 for more details.
+The guest policy can be provided via the 'policy' property (see below)
+
+# ${QEMU} \
+ sev-guest,id=sev0,policy=0x1...\
+
Guest owners provided DH certificate and session parameters will be used to
establish a cryptographic session with the guest owner to negotiate keys used
for the attestation.
+The DH certificate and session blob can be provided via 'dh-cert-file' and
+'session-file' property (see below
+
+# ${QEMU} \
+ sev-guest,id=sev0,dh-cert-file=<file1>,session-file=<file2>
+
LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic context
created via LAUNCH_START command. If required, this command can be called
multiple times to encrypt different memory regions. The command also calculates
@@ -59,6 +70,12 @@ context.
See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the
complete flow chart.
+To launch a SEV guest
+
+# ${QEMU} \
+ -machine ...,memory-encryption=sev0 \
+ -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1
+
Debugging
-----------
Since memory contents of SEV guest is encrypted hence hypervisor access to the
diff --git a/qemu-options.hx b/qemu-options.hx
index c157946af308..1808593221ba 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4356,6 +4356,50 @@ contents of @code{iv.b64} to the second secret
data=$SECRET,iv=$(<iv.b64)
@end example
+@item -object sev-guest,id=@var{id},cbitpos=@var{cbitpos},reduced-phys-bits=@var{val},[sev-device=@var{string},policy=@var{policy},handle=@var{handle},dh-cert-file=@var{file},session-file=@var{file}]
+
+Create a Secure Encrypted Virtualization (SEV) guest object, which can be used
+to provide the guest memory encryption support on AMD processors.
+
+When memory encryption is enabled, one of the physical address bit (aka the
+C-bit) is utilized to mark if a memory page is protected. The @option{cbitpos}
+is used to provide the C-bit position. The C-bit position is Host family dependent
+hence user must provide this value. On EPYC, the value should be 47.
+
+When memory encryption is enabled, we loose certain bits in physical address space.
+The @option{reduced-phys-bits} is used to provide the number of bits we loose in
+physical address space. Similar to C-bit, the value is Host family dependent.
+On EPYC, the value should be 5.
+
+The @option{sev-device} provides the device file to use for communicating with
+the SEV firmware running inside AMD Secure Processor. The default device is
+'/dev/sev'. If hardware supports memory encryption then /dev/sev devices are
+created by CCP driver.
+
+The @option{policy} provides the guest policy to be enforced by the SEV firmware
+and restrict what configuration and operational commands can be performed on this
+guest by the hypervisor. The policy should be provided by the guest owner and is
+bound to the guest and cannot be changed throughout the lifetime of the guest.
+The default is 0.
+
+If guest @option{policy} allows sharing the key with another SEV guest then
+@option{handle} can be use to provide handle of the guest from which to share
+the key.
+
+The @option{dh-cert-file} and @option{session-file} provides the guest owner's
+Public Diffie-Hillman key defined in SEV spec. The PDH and session parameters
+are used for establishing a cryptographic session with the guest owner to
+negotiate keys used for attestation. The file must be encoded in base64.
+
+e.g to launch a SEV guest
+@example
+ # $QEMU \
+ ......
+ -object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 \
+ -machine ...,memory-encryption=sev0
+ .....
+
+@end example
@end table
ETEXI
diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
index f5c6ef20a7bb..76aeaeae2750 100644
--- a/target/i386/Makefile.objs
+++ b/target/i386/Makefile.objs
@@ -4,7 +4,7 @@ obj-$(CONFIG_TCG) += bpt_helper.o cc_helper.o excp_helper.o fpu_helper.o
obj-$(CONFIG_TCG) += int_helper.o mem_helper.o misc_helper.o mpx_helper.o
obj-$(CONFIG_TCG) += seg_helper.o smm_helper.o svm_helper.o
obj-$(CONFIG_SOFTMMU) += machine.o arch_memory_mapping.o arch_dump.o monitor.o
-obj-$(CONFIG_KVM) += kvm.o hyperv.o
+obj-$(CONFIG_KVM) += kvm.o hyperv.o sev.o
obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
# HAX support
ifdef CONFIG_WIN32
diff --git a/target/i386/sev.c b/target/i386/sev.c
new file mode 100644
index 000000000000..ab42e4a456d2
--- /dev/null
+++ b/target/i386/sev.c
@@ -0,0 +1,228 @@
+/*
+ * QEMU SEV support
+ *
+ * Copyright Advanced Micro Devices 2016-2018
+ *
+ * Author:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qom/object_interfaces.h"
+#include "qemu/base64.h"
+#include "sysemu/kvm.h"
+#include "sev_i386.h"
+#include "sysemu/sysemu.h"
+
+#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
+#define DEFAULT_SEV_DEVICE "/dev/sev"
+
+static void
+qsev_guest_finalize(Object *obj)
+{
+}
+
+static char *
+qsev_guest_get_session_file(Object *obj, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ return s->session_file ? g_strdup(s->session_file) : NULL;
+}
+
+static void
+qsev_guest_set_session_file(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ s->session_file = g_strdup(value);
+}
+
+static char *
+qsev_guest_get_dh_cert_file(Object *obj, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ return g_strdup(s->dh_cert_file);
+}
+
+static void
+qsev_guest_set_dh_cert_file(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *s = QSEV_GUEST_INFO(obj);
+
+ s->dh_cert_file = g_strdup(value);
+}
+
+static char *
+qsev_guest_get_sev_device(Object *obj, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ return g_strdup(sev->sev_device);
+}
+
+static void
+qsev_guest_set_sev_device(Object *obj, const char *value, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ sev->sev_device = g_strdup(value);
+}
+
+static void
+qsev_guest_class_init(ObjectClass *oc, void *data)
+{
+ object_class_property_add_str(oc, "sev-device",
+ qsev_guest_get_sev_device,
+ qsev_guest_set_sev_device,
+ NULL);
+ object_class_property_set_description(oc, "sev-device",
+ "SEV device to use", NULL);
+ object_class_property_add_str(oc, "dh-cert-file",
+ qsev_guest_get_dh_cert_file,
+ qsev_guest_set_dh_cert_file,
+ NULL);
+ object_class_property_set_description(oc, "dh-cert-file",
+ "guest owners DH certificate (encoded with base64)", NULL);
+ object_class_property_add_str(oc, "session-file",
+ qsev_guest_get_session_file,
+ qsev_guest_set_session_file,
+ NULL);
+ object_class_property_set_description(oc, "session-file",
+ "guest owners session parameters (encoded with base64)", NULL);
+}
+
+static void
+qsev_guest_set_handle(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->handle = value;
+}
+
+static void
+qsev_guest_set_policy(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->policy = value;
+}
+
+static void
+qsev_guest_set_cbitpos(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->cbitpos = value;
+}
+
+static void
+qsev_guest_set_reduced_phys_bits(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+ uint32_t value;
+
+ visit_type_uint32(v, name, &value, errp);
+ sev->reduced_phys_bits = value;
+}
+
+static void
+qsev_guest_get_policy(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->policy;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_handle(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->handle;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_cbitpos(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->cbitpos;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_get_reduced_phys_bits(Object *obj, Visitor *v, const char *name,
+ void *opaque, Error **errp)
+{
+ uint32_t value;
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ value = sev->reduced_phys_bits;
+ visit_type_uint32(v, name, &value, errp);
+}
+
+static void
+qsev_guest_init(Object *obj)
+{
+ QSevGuestInfo *sev = QSEV_GUEST_INFO(obj);
+
+ sev->sev_device = g_strdup(DEFAULT_SEV_DEVICE);
+ sev->policy = DEFAULT_GUEST_POLICY;
+ object_property_add(obj, "policy", "uint32", qsev_guest_get_policy,
+ qsev_guest_set_policy, NULL, NULL, NULL);
+ object_property_add(obj, "handle", "uint32", qsev_guest_get_handle,
+ qsev_guest_set_handle, NULL, NULL, NULL);
+ object_property_add(obj, "cbitpos", "uint32", qsev_guest_get_cbitpos,
+ qsev_guest_set_cbitpos, NULL, NULL, NULL);
+ object_property_add(obj, "reduced-phys-bits", "uint32",
+ qsev_guest_get_reduced_phys_bits,
+ qsev_guest_set_reduced_phys_bits, NULL, NULL, NULL);
+}
+
+/* sev guest info */
+static const TypeInfo qsev_guest_info = {
+ .parent = TYPE_OBJECT,
+ .name = TYPE_QSEV_GUEST_INFO,
+ .instance_size = sizeof(QSevGuestInfo),
+ .instance_finalize = qsev_guest_finalize,
+ .class_size = sizeof(QSevGuestInfoClass),
+ .class_init = qsev_guest_class_init,
+ .instance_init = qsev_guest_init,
+ .interfaces = (InterfaceInfo[]) {
+ { TYPE_USER_CREATABLE },
+ { }
+ }
+};
+
+static void
+sev_register_types(void)
+{
+ type_register_static(&qsev_guest_info);
+}
+
+type_init(sev_register_types);
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
new file mode 100644
index 000000000000..caf879c3b874
--- /dev/null
+++ b/target/i386/sev_i386.h
@@ -0,0 +1,61 @@
+/*
+ * QEMU Secure Encrypted Virutualization (SEV) support
+ *
+ * Copyright: Advanced Micro Devices, 2016-2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_SEV_I386_H
+#define QEMU_SEV_I386_H
+
+#include "qom/object.h"
+#include "qapi/error.h"
+#include "sysemu/kvm.h"
+#include "qemu/error-report.h"
+
+#define SEV_POLICY_NODBG 0x1
+#define SEV_POLICY_NOKS 0x2
+#define SEV_POLICY_ES 0x4
+#define SEV_POLICY_NOSEND 0x8
+#define SEV_POLICY_DOMAIN 0x10
+#define SEV_POLICY_SEV 0x20
+
+#define TYPE_QSEV_GUEST_INFO "sev-guest"
+#define QSEV_GUEST_INFO(obj) \
+ OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO)
+
+typedef struct QSevGuestInfo QSevGuestInfo;
+typedef struct QSevGuestInfoClass QSevGuestInfoClass;
+
+/**
+ * QSevGuestInfo:
+ *
+ * The QSevGuestInfo object is used for creating a SEV guest.
+ *
+ * # $QEMU \
+ * -object sev-guest,id=sev0 \
+ * -machine ...,memory-encryption=sev0
+ */
+struct QSevGuestInfo {
+ Object parent_obj;
+
+ char *sev_device;
+ uint32_t policy;
+ uint32_t handle;
+ char *dh_cert_file;
+ char *session_file;
+ uint32_t cbitpos;
+ uint32_t reduced_phys_bits;
+};
+
+struct QSevGuestInfoClass {
+ ObjectClass parent_class;
+};
+
+#endif
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 09/28] qmp: add query-sev command
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
The QMP query command can used to retrieve the SEV information when
memory encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
monitor.c | 7 +++++
qapi/misc.json | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/monitor.c | 8 ++++++
3 files changed, 91 insertions(+)
diff --git a/monitor.c b/monitor.c
index 3f4ba902266b..2225cf5030dc 100644
--- a/monitor.c
+++ b/monitor.c
@@ -983,6 +983,7 @@ static void qmp_unregister_commands_hack(void)
#endif
#ifndef TARGET_I386
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
+ qmp_unregister_command(&qmp_commands, "query-sev");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4103,6 +4104,12 @@ void qmp_rtc_reset_reinjection(Error **errp)
{
error_setg(errp, QERR_FEATURE_DISABLED, "rtc-reset-reinjection");
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index a1702c906098..fcf3bfc66a15 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3199,3 +3199,79 @@
# Since: 2.9
##
{ 'command': 'query-vm-generation-id', 'returns': 'GuidInfo' }
+
+
+##
+# @SevState:
+#
+# An enumeration of SEV state information used during @query-sev.
+#
+# @uninit: The guest is uninitialized.
+#
+# @lupdate: The guest is currently being launched and plaintext and
+# reigster state is being imported.
+#
+# @lsecret: The guest is currently being launched and ciphertext data
+# are being imported.
+#
+# @running: The guest is fully launched or migrated in.
+#
+# @supdate: The guest is currently being migrated out to another machine.
+#
+# @rupdate: The guest is currently being migrated from another machine.
+#
+# Since: 2.12
+##
+{ 'enum': 'SevState',
+ 'data': ['uninit', 'lupdate', 'lsecret', 'running', 'supdate', 'rupdate' ] }
+
+##
+# @SevInfo:
+#
+# Information about Secure Encrypted Virtualization (SEV) support
+#
+# @enabled: true if SEV is active
+#
+# @api-major: SEV API major version
+#
+# @api-minor: SEV API minor version
+#
+# @build-id: SEV FW build id
+#
+# @policy: SEV policy value
+#
+# @state: SEV guest state
+#
+# @handle: SEV firmware handle
+#
+# Since: 2.12
+##
+{ 'struct': 'SevInfo',
+ 'data': { 'enabled': 'bool',
+ 'api-major': 'uint8',
+ 'api-minor' : 'uint8',
+ 'build-id' : 'uint8',
+ 'policy' : 'uint32',
+ 'state' : 'SevState',
+ 'handle' : 'uint32'
+ }
+}
+
+##
+# @query-sev:
+#
+# Returns information about SEV
+#
+# Returns: @SevInfo
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev" }
+# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
+# "build-id" : 0, "policy" : 0, "state" : "running",
+# "handle" : 1 } }
+#
+##
+{ 'command': 'query-sev', 'returns': 'SevInfo' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 55ea10deb8ef..27b99adf395b 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -30,6 +30,8 @@
#include "hw/i386/pc.h"
#include "sysemu/kvm.h"
#include "hmp.h"
+#include "sev_i386.h"
+#include "qapi/qapi-commands-misc.h"
static void print_pte(Monitor *mon, CPUArchState *env, hwaddr addr,
@@ -665,3 +667,9 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict)
ioapic_dump_state(mon, qdict);
}
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 09/28] qmp: add query-sev command
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
The QMP query command can used to retrieve the SEV information when
memory encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
monitor.c | 7 +++++
qapi/misc.json | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/monitor.c | 8 ++++++
3 files changed, 91 insertions(+)
diff --git a/monitor.c b/monitor.c
index 3f4ba902266b..2225cf5030dc 100644
--- a/monitor.c
+++ b/monitor.c
@@ -983,6 +983,7 @@ static void qmp_unregister_commands_hack(void)
#endif
#ifndef TARGET_I386
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
+ qmp_unregister_command(&qmp_commands, "query-sev");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4103,6 +4104,12 @@ void qmp_rtc_reset_reinjection(Error **errp)
{
error_setg(errp, QERR_FEATURE_DISABLED, "rtc-reset-reinjection");
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index a1702c906098..fcf3bfc66a15 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3199,3 +3199,79 @@
# Since: 2.9
##
{ 'command': 'query-vm-generation-id', 'returns': 'GuidInfo' }
+
+
+##
+# @SevState:
+#
+# An enumeration of SEV state information used during @query-sev.
+#
+# @uninit: The guest is uninitialized.
+#
+# @lupdate: The guest is currently being launched and plaintext and
+# reigster state is being imported.
+#
+# @lsecret: The guest is currently being launched and ciphertext data
+# are being imported.
+#
+# @running: The guest is fully launched or migrated in.
+#
+# @supdate: The guest is currently being migrated out to another machine.
+#
+# @rupdate: The guest is currently being migrated from another machine.
+#
+# Since: 2.12
+##
+{ 'enum': 'SevState',
+ 'data': ['uninit', 'lupdate', 'lsecret', 'running', 'supdate', 'rupdate' ] }
+
+##
+# @SevInfo:
+#
+# Information about Secure Encrypted Virtualization (SEV) support
+#
+# @enabled: true if SEV is active
+#
+# @api-major: SEV API major version
+#
+# @api-minor: SEV API minor version
+#
+# @build-id: SEV FW build id
+#
+# @policy: SEV policy value
+#
+# @state: SEV guest state
+#
+# @handle: SEV firmware handle
+#
+# Since: 2.12
+##
+{ 'struct': 'SevInfo',
+ 'data': { 'enabled': 'bool',
+ 'api-major': 'uint8',
+ 'api-minor' : 'uint8',
+ 'build-id' : 'uint8',
+ 'policy' : 'uint32',
+ 'state' : 'SevState',
+ 'handle' : 'uint32'
+ }
+}
+
+##
+# @query-sev:
+#
+# Returns information about SEV
+#
+# Returns: @SevInfo
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev" }
+# <- { "return": { "enabled": true, "api-major" : 0, "api-minor" : 0,
+# "build-id" : 0, "policy" : 0, "state" : "running",
+# "handle" : 1 } }
+#
+##
+{ 'command': 'query-sev', 'returns': 'SevInfo' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 55ea10deb8ef..27b99adf395b 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -30,6 +30,8 @@
#include "hw/i386/pc.h"
#include "sysemu/kvm.h"
#include "hmp.h"
+#include "sev_i386.h"
+#include "qapi/qapi-commands-misc.h"
static void print_pte(Monitor *mon, CPUArchState *env, hwaddr addr,
@@ -665,3 +667,9 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict)
ioapic_dump_state(mon, qdict);
}
}
+
+SevInfo *qmp_query_sev(Error **errp)
+{
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 10/28] include: add psp-sev.h header file
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
The header file provide the ioctl command and structure to communicate
with /dev/sev device.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
| 142 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 142 insertions(+)
create mode 100644 linux-headers/linux/psp-sev.h
--git a/linux-headers/linux/psp-sev.h b/linux-headers/linux/psp-sev.h
new file mode 100644
index 000000000000..33e247471ae0
--- /dev/null
+++ b/linux-headers/linux/psp-sev.h
@@ -0,0 +1,142 @@
+/*
+ * Userspace interface for AMD Secure Encrypted Virtualization (SEV)
+ * platform management commands.
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * SEV spec 0.14 is available at:
+ * http://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __PSP_SEV_USER_H__
+#define __PSP_SEV_USER_H__
+
+#include <linux/types.h>
+
+/**
+ * SEV platform commands
+ */
+enum {
+ SEV_FACTORY_RESET = 0,
+ SEV_PLATFORM_STATUS,
+ SEV_PEK_GEN,
+ SEV_PEK_CSR,
+ SEV_PDH_GEN,
+ SEV_PDH_CERT_EXPORT,
+ SEV_PEK_CERT_IMPORT,
+
+ SEV_MAX,
+};
+
+/**
+ * SEV Firmware status code
+ */
+typedef enum {
+ SEV_RET_SUCCESS = 0,
+ SEV_RET_INVALID_PLATFORM_STATE,
+ SEV_RET_INVALID_GUEST_STATE,
+ SEV_RET_INAVLID_CONFIG,
+ SEV_RET_INVALID_LEN,
+ SEV_RET_ALREADY_OWNED,
+ SEV_RET_INVALID_CERTIFICATE,
+ SEV_RET_POLICY_FAILURE,
+ SEV_RET_INACTIVE,
+ SEV_RET_INVALID_ADDRESS,
+ SEV_RET_BAD_SIGNATURE,
+ SEV_RET_BAD_MEASUREMENT,
+ SEV_RET_ASID_OWNED,
+ SEV_RET_INVALID_ASID,
+ SEV_RET_WBINVD_REQUIRED,
+ SEV_RET_DFFLUSH_REQUIRED,
+ SEV_RET_INVALID_GUEST,
+ SEV_RET_INVALID_COMMAND,
+ SEV_RET_ACTIVE,
+ SEV_RET_HWSEV_RET_PLATFORM,
+ SEV_RET_HWSEV_RET_UNSAFE,
+ SEV_RET_UNSUPPORTED,
+ SEV_RET_MAX,
+} sev_ret_code;
+
+/**
+ * struct sev_user_data_status - PLATFORM_STATUS command parameters
+ *
+ * @major: major API version
+ * @minor: minor API version
+ * @state: platform state
+ * @flags: platform config flags
+ * @build: firmware build id for API version
+ * @guest_count: number of active guests
+ */
+struct sev_user_data_status {
+ __u8 api_major; /* Out */
+ __u8 api_minor; /* Out */
+ __u8 state; /* Out */
+ __u32 flags; /* Out */
+ __u8 build; /* Out */
+ __u32 guest_count; /* Out */
+} __attribute__((packed));
+
+/**
+ * struct sev_user_data_pek_csr - PEK_CSR command parameters
+ *
+ * @address: PEK certificate chain
+ * @length: length of certificate
+ */
+struct sev_user_data_pek_csr {
+ __u64 address; /* In */
+ __u32 length; /* In/Out */
+} __attribute__((packed));
+
+/**
+ * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters
+ *
+ * @pek_address: PEK certificate chain
+ * @pek_len: length of PEK certificate
+ * @oca_address: OCA certificate chain
+ * @oca_len: length of OCA certificate
+ */
+struct sev_user_data_pek_cert_import {
+ __u64 pek_cert_address; /* In */
+ __u32 pek_cert_len; /* In */
+ __u64 oca_cert_address; /* In */
+ __u32 oca_cert_len; /* In */
+} __attribute__((packed));
+
+/**
+ * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
+ *
+ * @pdh_address: PDH certificate address
+ * @pdh_len: length of PDH certificate
+ * @cert_chain_address: PDH certificate chain
+ * @cert_chain_len: length of PDH certificate chain
+ */
+struct sev_user_data_pdh_cert_export {
+ __u64 pdh_cert_address; /* In */
+ __u32 pdh_cert_len; /* In/Out */
+ __u64 cert_chain_address; /* In */
+ __u32 cert_chain_len; /* In/Out */
+} __attribute__((packed));
+
+/**
+ * struct sev_issue_cmd - SEV ioctl parameters
+ *
+ * @cmd: SEV commands to execute
+ * @opaque: pointer to the command structure
+ * @error: SEV FW return code on failure
+ */
+struct sev_issue_cmd {
+ __u32 cmd; /* In */
+ __u64 data; /* In */
+ __u32 error; /* Out */
+} __attribute__((packed));
+
+#define SEV_IOC_TYPE 'S'
+#define SEV_ISSUE_CMD _IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd)
+
+#endif /* __PSP_USER_SEV_H */
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 10/28] include: add psp-sev.h header file
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
The header file provide the ioctl command and structure to communicate
with /dev/sev device.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
| 142 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 142 insertions(+)
create mode 100644 linux-headers/linux/psp-sev.h
--git a/linux-headers/linux/psp-sev.h b/linux-headers/linux/psp-sev.h
new file mode 100644
index 000000000000..33e247471ae0
--- /dev/null
+++ b/linux-headers/linux/psp-sev.h
@@ -0,0 +1,142 @@
+/*
+ * Userspace interface for AMD Secure Encrypted Virtualization (SEV)
+ * platform management commands.
+ *
+ * Copyright (C) 2016-2017 Advanced Micro Devices, Inc.
+ *
+ * Author: Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * SEV spec 0.14 is available at:
+ * http://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef __PSP_SEV_USER_H__
+#define __PSP_SEV_USER_H__
+
+#include <linux/types.h>
+
+/**
+ * SEV platform commands
+ */
+enum {
+ SEV_FACTORY_RESET = 0,
+ SEV_PLATFORM_STATUS,
+ SEV_PEK_GEN,
+ SEV_PEK_CSR,
+ SEV_PDH_GEN,
+ SEV_PDH_CERT_EXPORT,
+ SEV_PEK_CERT_IMPORT,
+
+ SEV_MAX,
+};
+
+/**
+ * SEV Firmware status code
+ */
+typedef enum {
+ SEV_RET_SUCCESS = 0,
+ SEV_RET_INVALID_PLATFORM_STATE,
+ SEV_RET_INVALID_GUEST_STATE,
+ SEV_RET_INAVLID_CONFIG,
+ SEV_RET_INVALID_LEN,
+ SEV_RET_ALREADY_OWNED,
+ SEV_RET_INVALID_CERTIFICATE,
+ SEV_RET_POLICY_FAILURE,
+ SEV_RET_INACTIVE,
+ SEV_RET_INVALID_ADDRESS,
+ SEV_RET_BAD_SIGNATURE,
+ SEV_RET_BAD_MEASUREMENT,
+ SEV_RET_ASID_OWNED,
+ SEV_RET_INVALID_ASID,
+ SEV_RET_WBINVD_REQUIRED,
+ SEV_RET_DFFLUSH_REQUIRED,
+ SEV_RET_INVALID_GUEST,
+ SEV_RET_INVALID_COMMAND,
+ SEV_RET_ACTIVE,
+ SEV_RET_HWSEV_RET_PLATFORM,
+ SEV_RET_HWSEV_RET_UNSAFE,
+ SEV_RET_UNSUPPORTED,
+ SEV_RET_MAX,
+} sev_ret_code;
+
+/**
+ * struct sev_user_data_status - PLATFORM_STATUS command parameters
+ *
+ * @major: major API version
+ * @minor: minor API version
+ * @state: platform state
+ * @flags: platform config flags
+ * @build: firmware build id for API version
+ * @guest_count: number of active guests
+ */
+struct sev_user_data_status {
+ __u8 api_major; /* Out */
+ __u8 api_minor; /* Out */
+ __u8 state; /* Out */
+ __u32 flags; /* Out */
+ __u8 build; /* Out */
+ __u32 guest_count; /* Out */
+} __attribute__((packed));
+
+/**
+ * struct sev_user_data_pek_csr - PEK_CSR command parameters
+ *
+ * @address: PEK certificate chain
+ * @length: length of certificate
+ */
+struct sev_user_data_pek_csr {
+ __u64 address; /* In */
+ __u32 length; /* In/Out */
+} __attribute__((packed));
+
+/**
+ * struct sev_user_data_cert_import - PEK_CERT_IMPORT command parameters
+ *
+ * @pek_address: PEK certificate chain
+ * @pek_len: length of PEK certificate
+ * @oca_address: OCA certificate chain
+ * @oca_len: length of OCA certificate
+ */
+struct sev_user_data_pek_cert_import {
+ __u64 pek_cert_address; /* In */
+ __u32 pek_cert_len; /* In */
+ __u64 oca_cert_address; /* In */
+ __u32 oca_cert_len; /* In */
+} __attribute__((packed));
+
+/**
+ * struct sev_user_data_pdh_cert_export - PDH_CERT_EXPORT command parameters
+ *
+ * @pdh_address: PDH certificate address
+ * @pdh_len: length of PDH certificate
+ * @cert_chain_address: PDH certificate chain
+ * @cert_chain_len: length of PDH certificate chain
+ */
+struct sev_user_data_pdh_cert_export {
+ __u64 pdh_cert_address; /* In */
+ __u32 pdh_cert_len; /* In/Out */
+ __u64 cert_chain_address; /* In */
+ __u32 cert_chain_len; /* In/Out */
+} __attribute__((packed));
+
+/**
+ * struct sev_issue_cmd - SEV ioctl parameters
+ *
+ * @cmd: SEV commands to execute
+ * @opaque: pointer to the command structure
+ * @error: SEV FW return code on failure
+ */
+struct sev_issue_cmd {
+ __u32 cmd; /* In */
+ __u64 data; /* In */
+ __u32 error; /* Out */
+} __attribute__((packed));
+
+#define SEV_IOC_TYPE 'S'
+#define SEV_ISSUE_CMD _IOWR(SEV_IOC_TYPE, 0x0, struct sev_issue_cmd)
+
+#endif /* __PSP_USER_SEV_H */
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 11/28] sev/i386: add command to initialize the memory encryption context
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
When memory encryption is enabled, KVM_SEV_INIT command is used to
initialize the platform. The command loads the SEV related persistent
data from non-volatile storage and initializes the platform context.
This command should be first issued before invoking any other guest
commands provided by the SEV firmware.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 16 ++++
include/sysemu/sev.h | 22 +++++
stubs/Makefile.objs | 1 +
stubs/sev.c | 21 +++++
target/i386/Makefile.objs | 2 +-
target/i386/monitor.c | 11 ++-
target/i386/sev-stub.c | 41 +++++++++
target/i386/sev.c | 219 ++++++++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 29 ++++++
target/i386/trace-events | 3 +
10 files changed, 362 insertions(+), 3 deletions(-)
create mode 100644 include/sysemu/sev.h
create mode 100644 stubs/sev.c
create mode 100644 target/i386/sev-stub.c
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index b91fcb7160d3..a6473522be11 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -38,6 +38,7 @@
#include "qemu/event_notifier.h"
#include "trace.h"
#include "hw/irq.h"
+#include "sysemu/sev.h"
#include "hw/boards.h"
@@ -103,6 +104,9 @@ struct KVMState
#endif
KVMMemoryListener memory_listener;
QLIST_HEAD(, KVMParkedVcpu) kvm_parked_vcpus;
+
+ /* memory encryption */
+ void *memcrypt_handle;
};
KVMState *kvm_state;
@@ -1636,6 +1640,18 @@ static int kvm_init(MachineState *ms)
kvm_state = s;
+ /*
+ * if memory encryption object is specified then initialize the memory
+ * encryption context.
+ */
+ if (ms->memory_encryption) {
+ kvm_state->memcrypt_handle = sev_guest_init(ms->memory_encryption);
+ if (!kvm_state->memcrypt_handle) {
+ ret = -1;
+ goto err;
+ }
+ }
+
ret = kvm_arch_init(ms, s);
if (ret < 0) {
goto err;
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
new file mode 100644
index 000000000000..3f6a26e92789
--- /dev/null
+++ b/include/sysemu/sev.h
@@ -0,0 +1,22 @@
+/*
+ * QEMU Secure Encrypted Virutualization (SEV) support
+ *
+ * Copyright: Advanced Micro Devices, 2016-2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_SEV_H
+#define QEMU_SEV_H
+
+#include "sysemu/kvm.h"
+
+void *sev_guest_init(const char *id);
+int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len);
+void sev_set_debug_ops(void *handle, MemoryRegion *mr);
+#endif
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 2d59d8409162..31b36fdfdb88 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -43,3 +43,4 @@ stub-obj-y += xen-common.o
stub-obj-y += xen-hvm.o
stub-obj-y += pci-host-piix.o
stub-obj-y += ram-block.o
+stub-obj-y += sev.o
diff --git a/stubs/sev.c b/stubs/sev.c
new file mode 100644
index 000000000000..4a5cc5569e5f
--- /dev/null
+++ b/stubs/sev.c
@@ -0,0 +1,21 @@
+/*
+ * QEMU SEV stub
+ *
+ * Copyright Advanced Micro Devices 2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sysemu/sev.h"
+
+void *sev_guest_init(const char *id)
+{
+ return NULL;
+}
diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
index 76aeaeae2750..741cb080eb17 100644
--- a/target/i386/Makefile.objs
+++ b/target/i386/Makefile.objs
@@ -5,7 +5,7 @@ obj-$(CONFIG_TCG) += int_helper.o mem_helper.o misc_helper.o mpx_helper.o
obj-$(CONFIG_TCG) += seg_helper.o smm_helper.o svm_helper.o
obj-$(CONFIG_SOFTMMU) += machine.o arch_memory_mapping.o arch_dump.o monitor.o
obj-$(CONFIG_KVM) += kvm.o hyperv.o sev.o
-obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
+obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o sev-stub.o
# HAX support
ifdef CONFIG_WIN32
obj-$(CONFIG_HAX) += hax-all.o hax-mem.o hax-windows.o
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 27b99adf395b..29de61996371 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -670,6 +670,13 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict)
SevInfo *qmp_query_sev(Error **errp)
{
- error_setg(errp, "SEV feature is not available");
- return NULL;
+ SevInfo *info;
+
+ info = sev_get_info();
+ if (!info) {
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+ }
+
+ return info;
}
diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
new file mode 100644
index 000000000000..c86d8c139237
--- /dev/null
+++ b/target/i386/sev-stub.c
@@ -0,0 +1,41 @@
+/*
+ * QEMU SEV stub
+ *
+ * Copyright Advanced Micro Devices 2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sev_i386.h"
+
+SevInfo *sev_get_info(void)
+{
+ return NULL;
+}
+
+bool sev_enabled(void)
+{
+ return false;
+}
+
+uint64_t sev_get_me_mask(void)
+{
+ return ~0;
+}
+
+uint32_t sev_get_cbit_position(void)
+{
+ return 0;
+}
+
+uint32_t sev_get_reduced_phys_bits(void)
+{
+ return 0;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index ab42e4a456d2..2c9fd67eaaec 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -18,10 +18,88 @@
#include "sysemu/kvm.h"
#include "sev_i386.h"
#include "sysemu/sysemu.h"
+#include "trace.h"
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
+static SEVState *sev_state;
+
+static const char *const sev_fw_errlist[] = {
+ "",
+ "Platform state is invalid",
+ "Guest state is invalid",
+ "Platform configuration is invalid",
+ "Buffer too small",
+ "Platform is already owned",
+ "Certificate is invalid",
+ "Policy is not allowed",
+ "Guest is not active",
+ "Invalid address",
+ "Bad signature",
+ "Bad measurement",
+ "Asid is already owned",
+ "Invalid ASID",
+ "WBINVD is required",
+ "DF_FLUSH is required",
+ "Guest handle is invalid",
+ "Invalid command",
+ "Guest is active",
+ "Hardware error",
+ "Hardware unsafe",
+ "Feature not supported",
+ "Invalid parameter"
+};
+
+#define SEV_FW_MAX_ERROR ARRAY_SIZE(sev_fw_errlist)
+
+static int
+sev_ioctl(int fd, int cmd, void *data, int *error)
+{
+ int r;
+ struct kvm_sev_cmd input;
+
+ memset(&input, 0x0, sizeof(input));
+
+ input.id = cmd;
+ input.sev_fd = fd;
+ input.data = (__u64)data;
+
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &input);
+
+ if (error) {
+ *error = input.error;
+ }
+
+ return r;
+}
+
+static int
+sev_platform_ioctl(int fd, int cmd, void *data, int *error)
+{
+ int r;
+ struct sev_issue_cmd arg;
+
+ arg.cmd = cmd;
+ arg.data = (unsigned long)data;
+ r = ioctl(fd, SEV_ISSUE_CMD, &arg);
+ if (error) {
+ *error = arg.error;
+ }
+
+ return r;
+}
+
+static const char *
+fw_error_to_str(int code)
+{
+ if (code >= SEV_FW_MAX_ERROR) {
+ return "unknown error";
+ }
+
+ return sev_fw_errlist[code];
+}
+
static void
qsev_guest_finalize(Object *obj)
{
@@ -219,6 +297,147 @@ static const TypeInfo qsev_guest_info = {
}
};
+static QSevGuestInfo *
+lookup_sev_guest_info(const char *id)
+{
+ Object *obj;
+ QSevGuestInfo *info;
+
+ obj = object_resolve_path_component(object_get_objects_root(), id);
+ if (!obj) {
+ return NULL;
+ }
+
+ info = (QSevGuestInfo *)
+ object_dynamic_cast(obj, TYPE_QSEV_GUEST_INFO);
+ if (!info) {
+ return NULL;
+ }
+
+ return info;
+}
+
+bool
+sev_enabled(void)
+{
+ return sev_state ? true : false;
+}
+
+uint64_t
+sev_get_me_mask(void)
+{
+ return sev_state ? sev_state->me_mask : ~0;
+}
+
+uint32_t
+sev_get_cbit_position(void)
+{
+ return sev_state ? sev_state->cbitpos : 0;
+}
+
+uint32_t
+sev_get_reduced_phys_bits(void)
+{
+ return sev_state ? sev_state->reduced_phys_bits : 0;
+}
+
+SevInfo *
+sev_get_info(void)
+{
+ SevInfo *info;
+
+ info = g_new0(SevInfo, 1);
+ info->enabled = sev_state ? true : false;
+
+ if (info->enabled) {
+ info->api_major = sev_state->api_major;
+ info->api_minor = sev_state->api_minor;
+ info->build_id = sev_state->build_id;
+ info->policy = sev_state->policy;
+ info->state = sev_state->state;
+ info->handle = sev_state->handle;
+ }
+
+ return info;
+}
+
+void *
+sev_guest_init(const char *id)
+{
+ SEVState *s;
+ char *devname;
+ int ret, fw_error;
+ uint32_t ebx;
+ uint32_t host_cbitpos;
+ struct sev_user_data_status status = {};
+
+ s = g_new0(SEVState, 1);
+ s->sev_info = lookup_sev_guest_info(id);
+ if (!s->sev_info) {
+ error_report("%s: '%s' is not a valid '%s' object",
+ __func__, id, TYPE_QSEV_GUEST_INFO);
+ goto err;
+ }
+
+ sev_state = s;
+ s->state = SEV_STATE_UNINIT;
+
+ host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
+ host_cbitpos = ebx & 0x3f;
+
+ s->cbitpos = object_property_get_int(OBJECT(s->sev_info), "cbitpos", NULL);
+ if (host_cbitpos != s->cbitpos) {
+ error_report("%s: cbitpos check failed, host '%d' requested '%d'",
+ __func__, host_cbitpos, s->cbitpos);
+ goto err;
+ }
+
+ s->reduced_phys_bits = object_property_get_int(OBJECT(s->sev_info),
+ "reduced-phys-bits", NULL);
+ if (s->reduced_phys_bits < 1) {
+ error_report("%s: reduced_phys_bits check failed, it should be >=1,"
+ "' requested '%d'", __func__, s->reduced_phys_bits);
+ goto err;
+ }
+
+ s->me_mask = ~(1UL << s->cbitpos);
+
+ devname = object_property_get_str(OBJECT(s->sev_info), "sev-device", NULL);
+ s->sev_fd = open(devname, O_RDWR);
+ if (s->sev_fd < 0) {
+ error_report("%s: Failed to open %s '%s'", __func__,
+ devname, strerror(errno));
+ goto err;
+ }
+ g_free(devname);
+
+ ret = sev_platform_ioctl(s->sev_fd, SEV_PLATFORM_STATUS, &status,
+ &fw_error);
+ if (ret) {
+ error_report("%s: failed to get platform status ret=%d"
+ "fw_error='%d: %s'", __func__, ret, fw_error,
+ fw_error_to_str(fw_error));
+ goto err;
+ }
+ s->build_id = status.build;
+ s->api_major = status.api_major;
+ s->api_minor = status.api_minor;
+
+ trace_kvm_sev_init();
+ ret = sev_ioctl(s->sev_fd, KVM_SEV_INIT, NULL, &fw_error);
+ if (ret) {
+ error_report("%s: failed to initialize ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ goto err;
+ }
+
+ return s;
+err:
+ g_free(sev_state);
+ sev_state = NULL;
+ return NULL;
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index caf879c3b874..c06be12c8079 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -14,10 +14,17 @@
#ifndef QEMU_SEV_I386_H
#define QEMU_SEV_I386_H
+#include <linux/kvm.h>
+#include <linux/psp-sev.h>
+
+#include <sys/ioctl.h>
+
#include "qom/object.h"
#include "qapi/error.h"
#include "sysemu/kvm.h"
+#include "sysemu/sev.h"
#include "qemu/error-report.h"
+#include "qapi/qapi-commands-misc.h"
#define SEV_POLICY_NODBG 0x1
#define SEV_POLICY_NOKS 0x2
@@ -30,6 +37,12 @@
#define QSEV_GUEST_INFO(obj) \
OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO)
+extern bool sev_enabled(void);
+extern uint64_t sev_get_me_mask(void);
+extern SevInfo *sev_get_info(void);
+extern uint32_t sev_get_cbit_position(void);
+extern uint32_t sev_get_reduced_phys_bits(void);
+
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
@@ -58,4 +71,20 @@ struct QSevGuestInfoClass {
ObjectClass parent_class;
};
+struct SEVState {
+ QSevGuestInfo *sev_info;
+ uint8_t api_major;
+ uint8_t api_minor;
+ uint8_t build_id;
+ uint32_t policy;
+ uint64_t me_mask;
+ uint32_t cbitpos;
+ uint32_t reduced_phys_bits;
+ uint32_t handle;
+ int sev_fd;
+ SevState state;
+};
+
+typedef struct SEVState SEVState;
+
#endif
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 3153fd445488..797b716751b7 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -5,3 +5,6 @@ kvm_x86_fixup_msi_error(uint32_t gsi) "VT-d failed to remap interrupt for GSI %"
kvm_x86_add_msi_route(int virq) "Adding route entry for virq %d"
kvm_x86_remove_msi_route(int virq) "Removing route entry for virq %d"
kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
+
+# target/i386/sev.c
+kvm_sev_init(void) ""
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 11/28] sev/i386: add command to initialize the memory encryption context
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
When memory encryption is enabled, KVM_SEV_INIT command is used to
initialize the platform. The command loads the SEV related persistent
data from non-volatile storage and initializes the platform context.
This command should be first issued before invoking any other guest
commands provided by the SEV firmware.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 16 ++++
include/sysemu/sev.h | 22 +++++
stubs/Makefile.objs | 1 +
stubs/sev.c | 21 +++++
target/i386/Makefile.objs | 2 +-
target/i386/monitor.c | 11 ++-
target/i386/sev-stub.c | 41 +++++++++
target/i386/sev.c | 219 ++++++++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 29 ++++++
target/i386/trace-events | 3 +
10 files changed, 362 insertions(+), 3 deletions(-)
create mode 100644 include/sysemu/sev.h
create mode 100644 stubs/sev.c
create mode 100644 target/i386/sev-stub.c
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index b91fcb7160d3..a6473522be11 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -38,6 +38,7 @@
#include "qemu/event_notifier.h"
#include "trace.h"
#include "hw/irq.h"
+#include "sysemu/sev.h"
#include "hw/boards.h"
@@ -103,6 +104,9 @@ struct KVMState
#endif
KVMMemoryListener memory_listener;
QLIST_HEAD(, KVMParkedVcpu) kvm_parked_vcpus;
+
+ /* memory encryption */
+ void *memcrypt_handle;
};
KVMState *kvm_state;
@@ -1636,6 +1640,18 @@ static int kvm_init(MachineState *ms)
kvm_state = s;
+ /*
+ * if memory encryption object is specified then initialize the memory
+ * encryption context.
+ */
+ if (ms->memory_encryption) {
+ kvm_state->memcrypt_handle = sev_guest_init(ms->memory_encryption);
+ if (!kvm_state->memcrypt_handle) {
+ ret = -1;
+ goto err;
+ }
+ }
+
ret = kvm_arch_init(ms, s);
if (ret < 0) {
goto err;
diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
new file mode 100644
index 000000000000..3f6a26e92789
--- /dev/null
+++ b/include/sysemu/sev.h
@@ -0,0 +1,22 @@
+/*
+ * QEMU Secure Encrypted Virutualization (SEV) support
+ *
+ * Copyright: Advanced Micro Devices, 2016-2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#ifndef QEMU_SEV_H
+#define QEMU_SEV_H
+
+#include "sysemu/kvm.h"
+
+void *sev_guest_init(const char *id);
+int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len);
+void sev_set_debug_ops(void *handle, MemoryRegion *mr);
+#endif
diff --git a/stubs/Makefile.objs b/stubs/Makefile.objs
index 2d59d8409162..31b36fdfdb88 100644
--- a/stubs/Makefile.objs
+++ b/stubs/Makefile.objs
@@ -43,3 +43,4 @@ stub-obj-y += xen-common.o
stub-obj-y += xen-hvm.o
stub-obj-y += pci-host-piix.o
stub-obj-y += ram-block.o
+stub-obj-y += sev.o
diff --git a/stubs/sev.c b/stubs/sev.c
new file mode 100644
index 000000000000..4a5cc5569e5f
--- /dev/null
+++ b/stubs/sev.c
@@ -0,0 +1,21 @@
+/*
+ * QEMU SEV stub
+ *
+ * Copyright Advanced Micro Devices 2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sysemu/sev.h"
+
+void *sev_guest_init(const char *id)
+{
+ return NULL;
+}
diff --git a/target/i386/Makefile.objs b/target/i386/Makefile.objs
index 76aeaeae2750..741cb080eb17 100644
--- a/target/i386/Makefile.objs
+++ b/target/i386/Makefile.objs
@@ -5,7 +5,7 @@ obj-$(CONFIG_TCG) += int_helper.o mem_helper.o misc_helper.o mpx_helper.o
obj-$(CONFIG_TCG) += seg_helper.o smm_helper.o svm_helper.o
obj-$(CONFIG_SOFTMMU) += machine.o arch_memory_mapping.o arch_dump.o monitor.o
obj-$(CONFIG_KVM) += kvm.o hyperv.o sev.o
-obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o
+obj-$(call lnot,$(CONFIG_KVM)) += kvm-stub.o sev-stub.o
# HAX support
ifdef CONFIG_WIN32
obj-$(CONFIG_HAX) += hax-all.o hax-mem.o hax-windows.o
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 27b99adf395b..29de61996371 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -670,6 +670,13 @@ void hmp_info_io_apic(Monitor *mon, const QDict *qdict)
SevInfo *qmp_query_sev(Error **errp)
{
- error_setg(errp, "SEV feature is not available");
- return NULL;
+ SevInfo *info;
+
+ info = sev_get_info();
+ if (!info) {
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+ }
+
+ return info;
}
diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
new file mode 100644
index 000000000000..c86d8c139237
--- /dev/null
+++ b/target/i386/sev-stub.c
@@ -0,0 +1,41 @@
+/*
+ * QEMU SEV stub
+ *
+ * Copyright Advanced Micro Devices 2018
+ *
+ * Authors:
+ * Brijesh Singh <brijesh.singh@amd.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "sev_i386.h"
+
+SevInfo *sev_get_info(void)
+{
+ return NULL;
+}
+
+bool sev_enabled(void)
+{
+ return false;
+}
+
+uint64_t sev_get_me_mask(void)
+{
+ return ~0;
+}
+
+uint32_t sev_get_cbit_position(void)
+{
+ return 0;
+}
+
+uint32_t sev_get_reduced_phys_bits(void)
+{
+ return 0;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index ab42e4a456d2..2c9fd67eaaec 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -18,10 +18,88 @@
#include "sysemu/kvm.h"
#include "sev_i386.h"
#include "sysemu/sysemu.h"
+#include "trace.h"
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
+static SEVState *sev_state;
+
+static const char *const sev_fw_errlist[] = {
+ "",
+ "Platform state is invalid",
+ "Guest state is invalid",
+ "Platform configuration is invalid",
+ "Buffer too small",
+ "Platform is already owned",
+ "Certificate is invalid",
+ "Policy is not allowed",
+ "Guest is not active",
+ "Invalid address",
+ "Bad signature",
+ "Bad measurement",
+ "Asid is already owned",
+ "Invalid ASID",
+ "WBINVD is required",
+ "DF_FLUSH is required",
+ "Guest handle is invalid",
+ "Invalid command",
+ "Guest is active",
+ "Hardware error",
+ "Hardware unsafe",
+ "Feature not supported",
+ "Invalid parameter"
+};
+
+#define SEV_FW_MAX_ERROR ARRAY_SIZE(sev_fw_errlist)
+
+static int
+sev_ioctl(int fd, int cmd, void *data, int *error)
+{
+ int r;
+ struct kvm_sev_cmd input;
+
+ memset(&input, 0x0, sizeof(input));
+
+ input.id = cmd;
+ input.sev_fd = fd;
+ input.data = (__u64)data;
+
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_OP, &input);
+
+ if (error) {
+ *error = input.error;
+ }
+
+ return r;
+}
+
+static int
+sev_platform_ioctl(int fd, int cmd, void *data, int *error)
+{
+ int r;
+ struct sev_issue_cmd arg;
+
+ arg.cmd = cmd;
+ arg.data = (unsigned long)data;
+ r = ioctl(fd, SEV_ISSUE_CMD, &arg);
+ if (error) {
+ *error = arg.error;
+ }
+
+ return r;
+}
+
+static const char *
+fw_error_to_str(int code)
+{
+ if (code >= SEV_FW_MAX_ERROR) {
+ return "unknown error";
+ }
+
+ return sev_fw_errlist[code];
+}
+
static void
qsev_guest_finalize(Object *obj)
{
@@ -219,6 +297,147 @@ static const TypeInfo qsev_guest_info = {
}
};
+static QSevGuestInfo *
+lookup_sev_guest_info(const char *id)
+{
+ Object *obj;
+ QSevGuestInfo *info;
+
+ obj = object_resolve_path_component(object_get_objects_root(), id);
+ if (!obj) {
+ return NULL;
+ }
+
+ info = (QSevGuestInfo *)
+ object_dynamic_cast(obj, TYPE_QSEV_GUEST_INFO);
+ if (!info) {
+ return NULL;
+ }
+
+ return info;
+}
+
+bool
+sev_enabled(void)
+{
+ return sev_state ? true : false;
+}
+
+uint64_t
+sev_get_me_mask(void)
+{
+ return sev_state ? sev_state->me_mask : ~0;
+}
+
+uint32_t
+sev_get_cbit_position(void)
+{
+ return sev_state ? sev_state->cbitpos : 0;
+}
+
+uint32_t
+sev_get_reduced_phys_bits(void)
+{
+ return sev_state ? sev_state->reduced_phys_bits : 0;
+}
+
+SevInfo *
+sev_get_info(void)
+{
+ SevInfo *info;
+
+ info = g_new0(SevInfo, 1);
+ info->enabled = sev_state ? true : false;
+
+ if (info->enabled) {
+ info->api_major = sev_state->api_major;
+ info->api_minor = sev_state->api_minor;
+ info->build_id = sev_state->build_id;
+ info->policy = sev_state->policy;
+ info->state = sev_state->state;
+ info->handle = sev_state->handle;
+ }
+
+ return info;
+}
+
+void *
+sev_guest_init(const char *id)
+{
+ SEVState *s;
+ char *devname;
+ int ret, fw_error;
+ uint32_t ebx;
+ uint32_t host_cbitpos;
+ struct sev_user_data_status status = {};
+
+ s = g_new0(SEVState, 1);
+ s->sev_info = lookup_sev_guest_info(id);
+ if (!s->sev_info) {
+ error_report("%s: '%s' is not a valid '%s' object",
+ __func__, id, TYPE_QSEV_GUEST_INFO);
+ goto err;
+ }
+
+ sev_state = s;
+ s->state = SEV_STATE_UNINIT;
+
+ host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
+ host_cbitpos = ebx & 0x3f;
+
+ s->cbitpos = object_property_get_int(OBJECT(s->sev_info), "cbitpos", NULL);
+ if (host_cbitpos != s->cbitpos) {
+ error_report("%s: cbitpos check failed, host '%d' requested '%d'",
+ __func__, host_cbitpos, s->cbitpos);
+ goto err;
+ }
+
+ s->reduced_phys_bits = object_property_get_int(OBJECT(s->sev_info),
+ "reduced-phys-bits", NULL);
+ if (s->reduced_phys_bits < 1) {
+ error_report("%s: reduced_phys_bits check failed, it should be >=1,"
+ "' requested '%d'", __func__, s->reduced_phys_bits);
+ goto err;
+ }
+
+ s->me_mask = ~(1UL << s->cbitpos);
+
+ devname = object_property_get_str(OBJECT(s->sev_info), "sev-device", NULL);
+ s->sev_fd = open(devname, O_RDWR);
+ if (s->sev_fd < 0) {
+ error_report("%s: Failed to open %s '%s'", __func__,
+ devname, strerror(errno));
+ goto err;
+ }
+ g_free(devname);
+
+ ret = sev_platform_ioctl(s->sev_fd, SEV_PLATFORM_STATUS, &status,
+ &fw_error);
+ if (ret) {
+ error_report("%s: failed to get platform status ret=%d"
+ "fw_error='%d: %s'", __func__, ret, fw_error,
+ fw_error_to_str(fw_error));
+ goto err;
+ }
+ s->build_id = status.build;
+ s->api_major = status.api_major;
+ s->api_minor = status.api_minor;
+
+ trace_kvm_sev_init();
+ ret = sev_ioctl(s->sev_fd, KVM_SEV_INIT, NULL, &fw_error);
+ if (ret) {
+ error_report("%s: failed to initialize ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ goto err;
+ }
+
+ return s;
+err:
+ g_free(sev_state);
+ sev_state = NULL;
+ return NULL;
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index caf879c3b874..c06be12c8079 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -14,10 +14,17 @@
#ifndef QEMU_SEV_I386_H
#define QEMU_SEV_I386_H
+#include <linux/kvm.h>
+#include <linux/psp-sev.h>
+
+#include <sys/ioctl.h>
+
#include "qom/object.h"
#include "qapi/error.h"
#include "sysemu/kvm.h"
+#include "sysemu/sev.h"
#include "qemu/error-report.h"
+#include "qapi/qapi-commands-misc.h"
#define SEV_POLICY_NODBG 0x1
#define SEV_POLICY_NOKS 0x2
@@ -30,6 +37,12 @@
#define QSEV_GUEST_INFO(obj) \
OBJECT_CHECK(QSevGuestInfo, (obj), TYPE_QSEV_GUEST_INFO)
+extern bool sev_enabled(void);
+extern uint64_t sev_get_me_mask(void);
+extern SevInfo *sev_get_info(void);
+extern uint32_t sev_get_cbit_position(void);
+extern uint32_t sev_get_reduced_phys_bits(void);
+
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
@@ -58,4 +71,20 @@ struct QSevGuestInfoClass {
ObjectClass parent_class;
};
+struct SEVState {
+ QSevGuestInfo *sev_info;
+ uint8_t api_major;
+ uint8_t api_minor;
+ uint8_t build_id;
+ uint32_t policy;
+ uint64_t me_mask;
+ uint32_t cbitpos;
+ uint32_t reduced_phys_bits;
+ uint32_t handle;
+ int sev_fd;
+ SevState state;
+};
+
+typedef struct SEVState SEVState;
+
#endif
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 3153fd445488..797b716751b7 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -5,3 +5,6 @@ kvm_x86_fixup_msi_error(uint32_t gsi) "VT-d failed to remap interrupt for GSI %"
kvm_x86_add_msi_route(int virq) "Adding route entry for virq %d"
kvm_x86_remove_msi_route(int virq) "Removing route entry for virq %d"
kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
+
+# target/i386/sev.c
+kvm_sev_init(void) ""
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 12/28] sev/i386: register the guest memory range which may contain encrypted data
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
When SEV is enabled, the hardware encryption engine uses a tweak such
that the two identical plaintext at different location will have a
different ciphertexts. So swapping or moving a ciphertexts of two guest
pages will not result in plaintexts being swapped. Hence relocating
a physical backing pages of the SEV guest will require some additional
steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be
used to register/unregister the guest memory region which may contain the
encrypted data. KVM driver will internally handle the relocating physical
backing pages of registered memory regions.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev.c | 42 ++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 2 ++
2 files changed, 44 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 2c9fd67eaaec..a17b0c525f9b 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -100,6 +100,46 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static void
+sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size)
+{
+ int r;
+ struct kvm_enc_region range;
+
+ range.addr = (__u64)host;
+ range.size = size;
+
+ trace_kvm_memcrypt_register_region(host, size);
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_REG_REGION, &range);
+ if (r) {
+ error_report("%s: failed to register region (%p+%#lx) error '%s'",
+ __func__, host, size, strerror(errno));
+ exit(1);
+ }
+}
+
+static void
+sev_ram_block_removed(RAMBlockNotifier *n, void *host, size_t size)
+{
+ int r;
+ struct kvm_enc_region range;
+
+ range.addr = (__u64)host;
+ range.size = size;
+
+ trace_kvm_memcrypt_unregister_region(host, size);
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_UNREG_REGION, &range);
+ if (r) {
+ error_report("%s: failed to unregister region (%p+%#lx)",
+ __func__, host, size);
+ }
+}
+
+static struct RAMBlockNotifier sev_ram_notifier = {
+ .ram_block_added = sev_ram_block_added,
+ .ram_block_removed = sev_ram_block_removed,
+};
+
static void
qsev_guest_finalize(Object *obj)
{
@@ -431,6 +471,8 @@ sev_guest_init(const char *id)
goto err;
}
+ ram_block_notifier_add(&sev_ram_notifier);
+
return s;
err:
g_free(sev_state);
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 797b716751b7..ffa3d2250425 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -8,3 +8,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
# target/i386/sev.c
kvm_sev_init(void) ""
+kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
+kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 12/28] sev/i386: register the guest memory range which may contain encrypted data
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
When SEV is enabled, the hardware encryption engine uses a tweak such
that the two identical plaintext at different location will have a
different ciphertexts. So swapping or moving a ciphertexts of two guest
pages will not result in plaintexts being swapped. Hence relocating
a physical backing pages of the SEV guest will require some additional
steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be
used to register/unregister the guest memory region which may contain the
encrypted data. KVM driver will internally handle the relocating physical
backing pages of registered memory regions.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev.c | 42 ++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 2 ++
2 files changed, 44 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 2c9fd67eaaec..a17b0c525f9b 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -100,6 +100,46 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static void
+sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size)
+{
+ int r;
+ struct kvm_enc_region range;
+
+ range.addr = (__u64)host;
+ range.size = size;
+
+ trace_kvm_memcrypt_register_region(host, size);
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_REG_REGION, &range);
+ if (r) {
+ error_report("%s: failed to register region (%p+%#lx) error '%s'",
+ __func__, host, size, strerror(errno));
+ exit(1);
+ }
+}
+
+static void
+sev_ram_block_removed(RAMBlockNotifier *n, void *host, size_t size)
+{
+ int r;
+ struct kvm_enc_region range;
+
+ range.addr = (__u64)host;
+ range.size = size;
+
+ trace_kvm_memcrypt_unregister_region(host, size);
+ r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_UNREG_REGION, &range);
+ if (r) {
+ error_report("%s: failed to unregister region (%p+%#lx)",
+ __func__, host, size);
+ }
+}
+
+static struct RAMBlockNotifier sev_ram_notifier = {
+ .ram_block_added = sev_ram_block_added,
+ .ram_block_removed = sev_ram_block_removed,
+};
+
static void
qsev_guest_finalize(Object *obj)
{
@@ -431,6 +471,8 @@ sev_guest_init(const char *id)
goto err;
}
+ ram_block_notifier_add(&sev_ram_notifier);
+
return s;
err:
g_free(sev_state);
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 797b716751b7..ffa3d2250425 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -8,3 +8,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
# target/i386/sev.c
kvm_sev_init(void) ""
+kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
+kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 13/28] kvm: introduce memory encryption APIs
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
Inorder to integerate the Secure Encryption Virtualization (SEV) support
add few high-level memory encryption APIs which can be used for encrypting
the guest memory region.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 30 ++++++++++++++++++++++++++++++
accel/stubs/kvm-stub.c | 14 ++++++++++++++
include/sysemu/kvm.h | 25 +++++++++++++++++++++++++
3 files changed, 69 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index a6473522be11..975ba3845234 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -107,6 +107,8 @@ struct KVMState
/* memory encryption */
void *memcrypt_handle;
+ int (*memcrypt_encrypt_data)(void *handle, uint8_t *ptr, uint64_t len);
+ void (*memcrypt_debug_ops)(void *handle, MemoryRegion *mr);
};
KVMState *kvm_state;
@@ -142,6 +144,34 @@ int kvm_get_max_memslots(void)
return s->nr_slots;
}
+bool kvm_memcrypt_enabled(void)
+{
+ if (kvm_state && kvm_state->memcrypt_handle) {
+ return true;
+ }
+
+ return false;
+}
+
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
+{
+ if (kvm_state->memcrypt_handle &&
+ kvm_state->memcrypt_encrypt_data) {
+ return kvm_state->memcrypt_encrypt_data(kvm_state->memcrypt_handle,
+ ptr, len);
+ }
+
+ return 1;
+}
+
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
+{
+ if (kvm_state->memcrypt_handle &&
+ kvm_state->memcrypt_debug_ops) {
+ kvm_state->memcrypt_debug_ops(kvm_state->memcrypt_handle, mr);
+ }
+}
+
static KVMSlot *kvm_get_free_slot(KVMMemoryListener *kml)
{
KVMState *s = kvm_state;
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index c964af3e1c97..5739712a67e3 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -105,6 +105,20 @@ int kvm_on_sigbus(int code, void *addr)
return 1;
}
+bool kvm_memcrypt_enabled(void)
+{
+ return false;
+}
+
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
+{
+ return 1;
+}
+
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
+{
+}
+
#ifndef CONFIG_USER_ONLY
int kvm_irqchip_add_msi_route(KVMState *s, int vector, PCIDevice *dev)
{
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
index 85002ac49a54..d69bd1ff2b07 100644
--- a/include/sysemu/kvm.h
+++ b/include/sysemu/kvm.h
@@ -231,6 +231,31 @@ int kvm_destroy_vcpu(CPUState *cpu);
*/
bool kvm_arm_supports_user_irq(void);
+/**
+ * kvm_memcrypt_enabled - return boolean indicating whether memory encryption
+ * is enabled
+ * Returns: 1 memory encryption is enabled
+ * 0 memory encryption is disabled
+ */
+bool kvm_memcrypt_enabled(void);
+
+/**
+ * kvm_memcrypt_encrypt_data: encrypt the memory range
+ *
+ * Return: 1 failed to encrypt the range
+ * 0 succesfully encrypted memory region
+ */
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len);
+
+/**
+ * kvm_memcrypt_set_debug_ram_ops: set debug_ram_ops callback
+ *
+ * When debug_ram_ops is set, debug access to this memory region will use
+ * memory encryption APIs.
+ */
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr);
+
+
#ifdef NEED_CPU_H
#include "cpu.h"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 13/28] kvm: introduce memory encryption APIs
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
Inorder to integerate the Secure Encryption Virtualization (SEV) support
add few high-level memory encryption APIs which can be used for encrypting
the guest memory region.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 30 ++++++++++++++++++++++++++++++
accel/stubs/kvm-stub.c | 14 ++++++++++++++
include/sysemu/kvm.h | 25 +++++++++++++++++++++++++
3 files changed, 69 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index a6473522be11..975ba3845234 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -107,6 +107,8 @@ struct KVMState
/* memory encryption */
void *memcrypt_handle;
+ int (*memcrypt_encrypt_data)(void *handle, uint8_t *ptr, uint64_t len);
+ void (*memcrypt_debug_ops)(void *handle, MemoryRegion *mr);
};
KVMState *kvm_state;
@@ -142,6 +144,34 @@ int kvm_get_max_memslots(void)
return s->nr_slots;
}
+bool kvm_memcrypt_enabled(void)
+{
+ if (kvm_state && kvm_state->memcrypt_handle) {
+ return true;
+ }
+
+ return false;
+}
+
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
+{
+ if (kvm_state->memcrypt_handle &&
+ kvm_state->memcrypt_encrypt_data) {
+ return kvm_state->memcrypt_encrypt_data(kvm_state->memcrypt_handle,
+ ptr, len);
+ }
+
+ return 1;
+}
+
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
+{
+ if (kvm_state->memcrypt_handle &&
+ kvm_state->memcrypt_debug_ops) {
+ kvm_state->memcrypt_debug_ops(kvm_state->memcrypt_handle, mr);
+ }
+}
+
static KVMSlot *kvm_get_free_slot(KVMMemoryListener *kml)
{
KVMState *s = kvm_state;
diff --git a/accel/stubs/kvm-stub.c b/accel/stubs/kvm-stub.c
index c964af3e1c97..5739712a67e3 100644
--- a/accel/stubs/kvm-stub.c
+++ b/accel/stubs/kvm-stub.c
@@ -105,6 +105,20 @@ int kvm_on_sigbus(int code, void *addr)
return 1;
}
+bool kvm_memcrypt_enabled(void)
+{
+ return false;
+}
+
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len)
+{
+ return 1;
+}
+
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr)
+{
+}
+
#ifndef CONFIG_USER_ONLY
int kvm_irqchip_add_msi_route(KVMState *s, int vector, PCIDevice *dev)
{
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
index 85002ac49a54..d69bd1ff2b07 100644
--- a/include/sysemu/kvm.h
+++ b/include/sysemu/kvm.h
@@ -231,6 +231,31 @@ int kvm_destroy_vcpu(CPUState *cpu);
*/
bool kvm_arm_supports_user_irq(void);
+/**
+ * kvm_memcrypt_enabled - return boolean indicating whether memory encryption
+ * is enabled
+ * Returns: 1 memory encryption is enabled
+ * 0 memory encryption is disabled
+ */
+bool kvm_memcrypt_enabled(void);
+
+/**
+ * kvm_memcrypt_encrypt_data: encrypt the memory range
+ *
+ * Return: 1 failed to encrypt the range
+ * 0 succesfully encrypted memory region
+ */
+int kvm_memcrypt_encrypt_data(uint8_t *ptr, uint64_t len);
+
+/**
+ * kvm_memcrypt_set_debug_ram_ops: set debug_ram_ops callback
+ *
+ * When debug_ram_ops is set, debug access to this memory region will use
+ * memory encryption APIs.
+ */
+void kvm_memcrypt_set_debug_ops(MemoryRegion *mr);
+
+
#ifdef NEED_CPU_H
#include "cpu.h"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 14/28] hmp: add 'info sev' command
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
The command can be used to show the SEV information when memory
encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hmp-commands-info.hx | 16 ++++++++++++++++
hmp.h | 1 +
target/i386/monitor.c | 20 ++++++++++++++++++++
3 files changed, 37 insertions(+)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index ad590a4ffb2b..ddfcd5adcca6 100644
--- a/hmp-commands-info.hx
+++ b/hmp-commands-info.hx
@@ -867,6 +867,22 @@ Display the amount of initially allocated and present hotpluggable (if
enabled) memory in bytes.
ETEXI
+#if defined(TARGET_I386)
+ {
+ .name = "sev",
+ .args_type = "",
+ .params = "",
+ .help = "show SEV information",
+ .cmd = hmp_info_sev,
+ },
+#endif
+
+STEXI
+@item info sev
+@findex info sev
+Show SEV information.
+ETEXI
+
STEXI
@end table
ETEXI
diff --git a/hmp.h b/hmp.h
index b89733876de1..4e2ec375b0f4 100644
--- a/hmp.h
+++ b/hmp.h
@@ -143,5 +143,6 @@ void hmp_info_ramblock(Monitor *mon, const QDict *qdict);
void hmp_hotpluggable_cpus(Monitor *mon, const QDict *qdict);
void hmp_info_vm_generation_id(Monitor *mon, const QDict *qdict);
void hmp_info_memory_size_summary(Monitor *mon, const QDict *qdict);
+void hmp_info_sev(Monitor *mon, const QDict *qdict);
#endif
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 29de61996371..4d9019626031 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -29,6 +29,7 @@
#include "qapi/qmp/qdict.h"
#include "hw/i386/pc.h"
#include "sysemu/kvm.h"
+#include "sysemu/sev.h"
#include "hmp.h"
#include "sev_i386.h"
#include "qapi/qapi-commands-misc.h"
@@ -680,3 +681,22 @@ SevInfo *qmp_query_sev(Error **errp)
return info;
}
+
+void hmp_info_sev(Monitor *mon, const QDict *qdict)
+{
+ SevInfo *info = sev_get_info();
+
+ if (info && info->enabled) {
+ monitor_printf(mon, "handle: %d\n", info->handle);
+ monitor_printf(mon, "state: %s\n", SevState_str(info->state));
+ monitor_printf(mon, "build: %d\n", info->build_id);
+ monitor_printf(mon, "api version: %d.%d\n",
+ info->api_major, info->api_minor);
+ monitor_printf(mon, "debug: %s\n",
+ info->policy & SEV_POLICY_NODBG ? "off" : "on");
+ monitor_printf(mon, "key-sharing: %s\n",
+ info->policy & SEV_POLICY_NOKS ? "off" : "on");
+ } else {
+ monitor_printf(mon, "SEV is not enabled\n");
+ }
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 14/28] hmp: add 'info sev' command
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
The command can be used to show the SEV information when memory
encryption is enabled on AMD platform.
Cc: Eric Blake <eblake@redhat.com>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hmp-commands-info.hx | 16 ++++++++++++++++
hmp.h | 1 +
target/i386/monitor.c | 20 ++++++++++++++++++++
3 files changed, 37 insertions(+)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index ad590a4ffb2b..ddfcd5adcca6 100644
--- a/hmp-commands-info.hx
+++ b/hmp-commands-info.hx
@@ -867,6 +867,22 @@ Display the amount of initially allocated and present hotpluggable (if
enabled) memory in bytes.
ETEXI
+#if defined(TARGET_I386)
+ {
+ .name = "sev",
+ .args_type = "",
+ .params = "",
+ .help = "show SEV information",
+ .cmd = hmp_info_sev,
+ },
+#endif
+
+STEXI
+@item info sev
+@findex info sev
+Show SEV information.
+ETEXI
+
STEXI
@end table
ETEXI
diff --git a/hmp.h b/hmp.h
index b89733876de1..4e2ec375b0f4 100644
--- a/hmp.h
+++ b/hmp.h
@@ -143,5 +143,6 @@ void hmp_info_ramblock(Monitor *mon, const QDict *qdict);
void hmp_hotpluggable_cpus(Monitor *mon, const QDict *qdict);
void hmp_info_vm_generation_id(Monitor *mon, const QDict *qdict);
void hmp_info_memory_size_summary(Monitor *mon, const QDict *qdict);
+void hmp_info_sev(Monitor *mon, const QDict *qdict);
#endif
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 29de61996371..4d9019626031 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -29,6 +29,7 @@
#include "qapi/qmp/qdict.h"
#include "hw/i386/pc.h"
#include "sysemu/kvm.h"
+#include "sysemu/sev.h"
#include "hmp.h"
#include "sev_i386.h"
#include "qapi/qapi-commands-misc.h"
@@ -680,3 +681,22 @@ SevInfo *qmp_query_sev(Error **errp)
return info;
}
+
+void hmp_info_sev(Monitor *mon, const QDict *qdict)
+{
+ SevInfo *info = sev_get_info();
+
+ if (info && info->enabled) {
+ monitor_printf(mon, "handle: %d\n", info->handle);
+ monitor_printf(mon, "state: %s\n", SevState_str(info->state));
+ monitor_printf(mon, "build: %d\n", info->build_id);
+ monitor_printf(mon, "api version: %d.%d\n",
+ info->api_major, info->api_minor);
+ monitor_printf(mon, "debug: %s\n",
+ info->policy & SEV_POLICY_NODBG ? "off" : "on");
+ monitor_printf(mon, "key-sharing: %s\n",
+ info->policy & SEV_POLICY_NOKS ? "off" : "on");
+ } else {
+ monitor_printf(mon, "SEV is not enabled\n");
+ }
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 15/28] sev/i386: add command to create launch memory encryption context
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK).
The encryption key created with the command will be used for encrypting
the bootstrap images (such as guest bios).
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev.c | 86 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 2 ++
2 files changed, 88 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index a17b0c525f9b..1c8fcf32df93 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -100,6 +100,17 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static void
+sev_set_guest_state(SevState new_state)
+{
+ assert(new_state < SEV_STATE__MAX);
+ assert(sev_state);
+
+ trace_kvm_sev_change_state(SevState_str(sev_state->state),
+ SevState_str(new_state));
+ sev_state->state = new_state;
+}
+
static void
sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size)
{
@@ -401,6 +412,75 @@ sev_get_info(void)
return info;
}
+static int
+sev_read_file_base64(const char *filename, guchar **data, gsize *len)
+{
+ gsize sz;
+ gchar *base64;
+ GError *error = NULL;
+
+ if (!g_file_get_contents(filename, &base64, &sz, &error)) {
+ error_report("failed to read '%s' (%s)", filename, error->message);
+ return -1;
+ }
+
+ *data = g_base64_decode(base64, len);
+ return 0;
+}
+
+static int
+sev_launch_start(SEVState *s)
+{
+ gsize sz;
+ int ret = 1;
+ int fw_error;
+ QSevGuestInfo *sev = s->sev_info;
+ struct kvm_sev_launch_start *start;
+ guchar *session = NULL, *dh_cert = NULL;
+
+ start = g_new0(struct kvm_sev_launch_start, 1);
+
+ start->handle = object_property_get_int(OBJECT(sev), "handle",
+ &error_abort);
+ start->policy = object_property_get_int(OBJECT(sev), "policy",
+ &error_abort);
+ if (sev->session_file) {
+ if (sev_read_file_base64(sev->session_file, &session, &sz) < 0) {
+ return 1;
+ }
+ start->session_uaddr = (unsigned long)session;
+ start->session_len = sz;
+ }
+
+ if (sev->dh_cert_file) {
+ if (sev_read_file_base64(sev->dh_cert_file, &dh_cert, &sz) < 0) {
+ return 1;
+ }
+ start->dh_uaddr = (unsigned long)dh_cert;
+ start->dh_len = sz;
+ }
+
+ trace_kvm_sev_launch_start(start->policy, session, dh_cert);
+ ret = sev_ioctl(s->sev_fd, KVM_SEV_LAUNCH_START, start, &fw_error);
+ if (ret < 0) {
+ error_report("%s: LAUNCH_START ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ return 1;
+ }
+
+ object_property_set_int(OBJECT(sev), start->handle, "handle",
+ &error_abort);
+ sev_set_guest_state(SEV_STATE_LUPDATE);
+ s->handle = start->handle;
+ s->policy = start->policy;
+
+ g_free(start);
+ g_free(session);
+ g_free(dh_cert);
+
+ return 0;
+}
+
void *
sev_guest_init(const char *id)
{
@@ -471,6 +551,12 @@ sev_guest_init(const char *id)
goto err;
}
+ ret = sev_launch_start(s);
+ if (ret) {
+ error_report("%s: failed to create encryption context", __func__);
+ goto err;
+ }
+
ram_block_notifier_add(&sev_ram_notifier);
return s;
diff --git a/target/i386/trace-events b/target/i386/trace-events
index ffa3d2250425..9402251e9991 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -10,3 +10,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
kvm_sev_init(void) ""
kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
+kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
+kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 15/28] sev/i386: add command to create launch memory encryption context
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK).
The encryption key created with the command will be used for encrypting
the bootstrap images (such as guest bios).
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev.c | 86 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 2 ++
2 files changed, 88 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index a17b0c525f9b..1c8fcf32df93 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -100,6 +100,17 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static void
+sev_set_guest_state(SevState new_state)
+{
+ assert(new_state < SEV_STATE__MAX);
+ assert(sev_state);
+
+ trace_kvm_sev_change_state(SevState_str(sev_state->state),
+ SevState_str(new_state));
+ sev_state->state = new_state;
+}
+
static void
sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size)
{
@@ -401,6 +412,75 @@ sev_get_info(void)
return info;
}
+static int
+sev_read_file_base64(const char *filename, guchar **data, gsize *len)
+{
+ gsize sz;
+ gchar *base64;
+ GError *error = NULL;
+
+ if (!g_file_get_contents(filename, &base64, &sz, &error)) {
+ error_report("failed to read '%s' (%s)", filename, error->message);
+ return -1;
+ }
+
+ *data = g_base64_decode(base64, len);
+ return 0;
+}
+
+static int
+sev_launch_start(SEVState *s)
+{
+ gsize sz;
+ int ret = 1;
+ int fw_error;
+ QSevGuestInfo *sev = s->sev_info;
+ struct kvm_sev_launch_start *start;
+ guchar *session = NULL, *dh_cert = NULL;
+
+ start = g_new0(struct kvm_sev_launch_start, 1);
+
+ start->handle = object_property_get_int(OBJECT(sev), "handle",
+ &error_abort);
+ start->policy = object_property_get_int(OBJECT(sev), "policy",
+ &error_abort);
+ if (sev->session_file) {
+ if (sev_read_file_base64(sev->session_file, &session, &sz) < 0) {
+ return 1;
+ }
+ start->session_uaddr = (unsigned long)session;
+ start->session_len = sz;
+ }
+
+ if (sev->dh_cert_file) {
+ if (sev_read_file_base64(sev->dh_cert_file, &dh_cert, &sz) < 0) {
+ return 1;
+ }
+ start->dh_uaddr = (unsigned long)dh_cert;
+ start->dh_len = sz;
+ }
+
+ trace_kvm_sev_launch_start(start->policy, session, dh_cert);
+ ret = sev_ioctl(s->sev_fd, KVM_SEV_LAUNCH_START, start, &fw_error);
+ if (ret < 0) {
+ error_report("%s: LAUNCH_START ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ return 1;
+ }
+
+ object_property_set_int(OBJECT(sev), start->handle, "handle",
+ &error_abort);
+ sev_set_guest_state(SEV_STATE_LUPDATE);
+ s->handle = start->handle;
+ s->policy = start->policy;
+
+ g_free(start);
+ g_free(session);
+ g_free(dh_cert);
+
+ return 0;
+}
+
void *
sev_guest_init(const char *id)
{
@@ -471,6 +551,12 @@ sev_guest_init(const char *id)
goto err;
}
+ ret = sev_launch_start(s);
+ if (ret) {
+ error_report("%s: failed to create encryption context", __func__);
+ goto err;
+ }
+
ram_block_notifier_add(&sev_ram_notifier);
return s;
diff --git a/target/i386/trace-events b/target/i386/trace-events
index ffa3d2250425..9402251e9991 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -10,3 +10,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes"
kvm_sev_init(void) ""
kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
+kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
+kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 16/28] sev/i386: add command to encrypt guest memory region
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
The KVM_SEV_LAUNCH_UPDATE_DATA command is used to encrypt a guest memory
region using the VM Encryption Key created using LAUNCH_START.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 2 ++
stubs/sev.c | 5 +++++
target/i386/sev.c | 43 +++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
4 files changed, 51 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 975ba3845234..411aa87719e6 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -1680,6 +1680,8 @@ static int kvm_init(MachineState *ms)
ret = -1;
goto err;
}
+
+ kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
}
ret = kvm_arch_init(ms, s);
diff --git a/stubs/sev.c b/stubs/sev.c
index 4a5cc5569e5f..2e20f3b73a5b 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -15,6 +15,11 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
+{
+ return 1;
+}
+
void *sev_guest_init(const char *id)
{
return NULL;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 1c8fcf32df93..6a5f026e8fc6 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -100,6 +100,13 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static bool
+sev_check_state(SevState state)
+{
+ assert(sev_state);
+ return sev_state->state == state ? true : false;
+}
+
static void
sev_set_guest_state(SevState new_state)
{
@@ -481,6 +488,29 @@ sev_launch_start(SEVState *s)
return 0;
}
+static int
+sev_launch_update_data(uint8_t *addr, uint64_t len)
+{
+ int ret, fw_error;
+ struct kvm_sev_launch_update_data update;
+
+ if (!addr || !len) {
+ return 1;
+ }
+
+ update.uaddr = (__u64)addr;
+ update.len = len;
+ trace_kvm_sev_launch_update_data(addr, len);
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_UPDATE_DATA,
+ &update, &fw_error);
+ if (ret) {
+ error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ }
+
+ return ret;
+}
+
void *
sev_guest_init(const char *id)
{
@@ -566,6 +596,19 @@ err:
return NULL;
}
+int
+sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
+{
+ assert(handle);
+
+ /* if SEV is in update state then encrypt the data else do nothing */
+ if (sev_check_state(SEV_STATE_LUPDATE)) {
+ return sev_launch_update_data(ptr, len);
+ }
+
+ return 0;
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 9402251e9991..c0cd8e93217f 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -12,3 +12,4 @@ kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
+kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 16/28] sev/i386: add command to encrypt guest memory region
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
The KVM_SEV_LAUNCH_UPDATE_DATA command is used to encrypt a guest memory
region using the VM Encryption Key created using LAUNCH_START.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 2 ++
stubs/sev.c | 5 +++++
target/i386/sev.c | 43 +++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
4 files changed, 51 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 975ba3845234..411aa87719e6 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -1680,6 +1680,8 @@ static int kvm_init(MachineState *ms)
ret = -1;
goto err;
}
+
+ kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
}
ret = kvm_arch_init(ms, s);
diff --git a/stubs/sev.c b/stubs/sev.c
index 4a5cc5569e5f..2e20f3b73a5b 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -15,6 +15,11 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
+{
+ return 1;
+}
+
void *sev_guest_init(const char *id)
{
return NULL;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 1c8fcf32df93..6a5f026e8fc6 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -100,6 +100,13 @@ fw_error_to_str(int code)
return sev_fw_errlist[code];
}
+static bool
+sev_check_state(SevState state)
+{
+ assert(sev_state);
+ return sev_state->state == state ? true : false;
+}
+
static void
sev_set_guest_state(SevState new_state)
{
@@ -481,6 +488,29 @@ sev_launch_start(SEVState *s)
return 0;
}
+static int
+sev_launch_update_data(uint8_t *addr, uint64_t len)
+{
+ int ret, fw_error;
+ struct kvm_sev_launch_update_data update;
+
+ if (!addr || !len) {
+ return 1;
+ }
+
+ update.uaddr = (__u64)addr;
+ update.len = len;
+ trace_kvm_sev_launch_update_data(addr, len);
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_UPDATE_DATA,
+ &update, &fw_error);
+ if (ret) {
+ error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
+ __func__, ret, fw_error, fw_error_to_str(fw_error));
+ }
+
+ return ret;
+}
+
void *
sev_guest_init(const char *id)
{
@@ -566,6 +596,19 @@ err:
return NULL;
}
+int
+sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
+{
+ assert(handle);
+
+ /* if SEV is in update state then encrypt the data else do nothing */
+ if (sev_check_state(SEV_STATE_LUPDATE)) {
+ return sev_launch_update_data(ptr, len);
+ }
+
+ return 0;
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index 9402251e9991..c0cd8e93217f 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -12,3 +12,4 @@ kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
+kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 17/28] target/i386: encrypt bios rom
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
SEV requires that guest bios must be encrypted before booting the guest.
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hw/i386/pc_sysfw.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 4325575e7d82..73ac783f2055 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -113,6 +113,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
pflash_t *system_flash;
MemoryRegion *flash_mem;
char name[64];
+ void *flash_ptr;
+ int ret, flash_size;
sector_bits = 12;
sector_size = 1 << sector_bits;
@@ -169,6 +171,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
if (unit == 0) {
flash_mem = pflash_cfi01_get_memory(system_flash);
pc_isa_bios_init(rom_memory, flash_mem, size);
+
+ /* Encrypt the pflash boot ROM */
+ if (kvm_memcrypt_enabled()) {
+ flash_ptr = memory_region_get_ram_ptr(flash_mem);
+ flash_size = memory_region_size(flash_mem);
+ ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size);
+ if (ret) {
+ error_report("failed to encrypt pflash rom");
+ exit(1);
+ }
+ }
}
}
}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 17/28] target/i386: encrypt bios rom
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
SEV requires that guest bios must be encrypted before booting the guest.
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hw/i386/pc_sysfw.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 4325575e7d82..73ac783f2055 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -113,6 +113,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
pflash_t *system_flash;
MemoryRegion *flash_mem;
char name[64];
+ void *flash_ptr;
+ int ret, flash_size;
sector_bits = 12;
sector_size = 1 << sector_bits;
@@ -169,6 +171,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
if (unit == 0) {
flash_mem = pflash_cfi01_get_memory(system_flash);
pc_isa_bios_init(rom_memory, flash_mem, size);
+
+ /* Encrypt the pflash boot ROM */
+ if (kvm_memcrypt_enabled()) {
+ flash_ptr = memory_region_get_ram_ptr(flash_mem);
+ flash_size = memory_region_size(flash_mem);
+ ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size);
+ if (ret) {
+ error_report("failed to encrypt pflash rom");
+ exit(1);
+ }
+ }
}
}
}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 18/28] sev/i386: add support to LAUNCH_MEASURE command
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
During machine creation we encrypted the guest bios image, the
LAUNCH_MEASURE command can be used to retrieve the measurement of
the encrypted memory region. This measurement is a signature of
the memory contents that can be sent to the guest owner as an
attestation that the memory was encrypted correctly by the firmware.
VM management tools like libvirt can query the measurement using
query-sev-launch-measure QMP command.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev-stub.c | 5 ++++
target/i386/sev.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 2 ++
target/i386/trace-events | 1 +
4 files changed, 71 insertions(+)
diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
index c86d8c139237..2f61c32ec975 100644
--- a/target/i386/sev-stub.c
+++ b/target/i386/sev-stub.c
@@ -39,3 +39,8 @@ uint32_t sev_get_reduced_phys_bits(void)
{
return 0;
}
+
+char *sev_get_launch_measurement(void)
+{
+ return NULL;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 6a5f026e8fc6..e01c753be3ec 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -511,6 +511,68 @@ sev_launch_update_data(uint8_t *addr, uint64_t len)
return ret;
}
+static void
+sev_launch_get_measure(Notifier *notifier, void *unused)
+{
+ int ret, error;
+ guchar *data;
+ SEVState *s = sev_state;
+ struct kvm_sev_launch_measure *measurement;
+
+ if (!sev_check_state(SEV_STATE_LUPDATE)) {
+ return;
+ }
+
+ measurement = g_new0(struct kvm_sev_launch_measure, 1);
+
+ /* query the measurement blob length */
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_MEASURE,
+ measurement, &error);
+ if (!measurement->len) {
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(errno));
+ goto free_measurement;
+ }
+
+ data = g_new0(guchar, measurement->len);
+ measurement->uaddr = (unsigned long)data;
+
+ /* get the measurement blob */
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_MEASURE,
+ measurement, &error);
+ if (ret) {
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(errno));
+ goto free_data;
+ }
+
+ sev_set_guest_state(SEV_STATE_LSECRET);
+
+ /* encode the measurement value and emit the event */
+ s->measurement = g_base64_encode(data, measurement->len);
+ trace_kvm_sev_launch_measurement(s->measurement);
+
+free_data:
+ g_free(data);
+free_measurement:
+ g_free(measurement);
+}
+
+char *
+sev_get_launch_measurement(void)
+{
+ if (sev_state &&
+ sev_state->state >= SEV_STATE_LSECRET) {
+ return g_strdup(sev_state->measurement);
+ }
+
+ return NULL;
+}
+
+static Notifier sev_machine_done_notify = {
+ .notify = sev_launch_get_measure,
+};
+
void *
sev_guest_init(const char *id)
{
@@ -588,6 +650,7 @@ sev_guest_init(const char *id)
}
ram_block_notifier_add(&sev_ram_notifier);
+ qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
return s;
err:
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index c06be12c8079..c21d1f31d712 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -42,6 +42,7 @@ extern uint64_t sev_get_me_mask(void);
extern SevInfo *sev_get_info(void);
extern uint32_t sev_get_cbit_position(void);
extern uint32_t sev_get_reduced_phys_bits(void);
+extern char *sev_get_launch_measurement(void);
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
@@ -83,6 +84,7 @@ struct SEVState {
uint32_t handle;
int sev_fd;
SevState state;
+ gchar *measurement;
};
typedef struct SEVState SEVState;
diff --git a/target/i386/trace-events b/target/i386/trace-events
index c0cd8e93217f..f7a1a1e6b85c 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -13,3 +13,4 @@ kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
+kvm_sev_launch_measurement(const char *value) "data %s"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 18/28] sev/i386: add support to LAUNCH_MEASURE command
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
During machine creation we encrypted the guest bios image, the
LAUNCH_MEASURE command can be used to retrieve the measurement of
the encrypted memory region. This measurement is a signature of
the memory contents that can be sent to the guest owner as an
attestation that the memory was encrypted correctly by the firmware.
VM management tools like libvirt can query the measurement using
query-sev-launch-measure QMP command.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev-stub.c | 5 ++++
target/i386/sev.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 2 ++
target/i386/trace-events | 1 +
4 files changed, 71 insertions(+)
diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
index c86d8c139237..2f61c32ec975 100644
--- a/target/i386/sev-stub.c
+++ b/target/i386/sev-stub.c
@@ -39,3 +39,8 @@ uint32_t sev_get_reduced_phys_bits(void)
{
return 0;
}
+
+char *sev_get_launch_measurement(void)
+{
+ return NULL;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 6a5f026e8fc6..e01c753be3ec 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -511,6 +511,68 @@ sev_launch_update_data(uint8_t *addr, uint64_t len)
return ret;
}
+static void
+sev_launch_get_measure(Notifier *notifier, void *unused)
+{
+ int ret, error;
+ guchar *data;
+ SEVState *s = sev_state;
+ struct kvm_sev_launch_measure *measurement;
+
+ if (!sev_check_state(SEV_STATE_LUPDATE)) {
+ return;
+ }
+
+ measurement = g_new0(struct kvm_sev_launch_measure, 1);
+
+ /* query the measurement blob length */
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_MEASURE,
+ measurement, &error);
+ if (!measurement->len) {
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(errno));
+ goto free_measurement;
+ }
+
+ data = g_new0(guchar, measurement->len);
+ measurement->uaddr = (unsigned long)data;
+
+ /* get the measurement blob */
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_MEASURE,
+ measurement, &error);
+ if (ret) {
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(errno));
+ goto free_data;
+ }
+
+ sev_set_guest_state(SEV_STATE_LSECRET);
+
+ /* encode the measurement value and emit the event */
+ s->measurement = g_base64_encode(data, measurement->len);
+ trace_kvm_sev_launch_measurement(s->measurement);
+
+free_data:
+ g_free(data);
+free_measurement:
+ g_free(measurement);
+}
+
+char *
+sev_get_launch_measurement(void)
+{
+ if (sev_state &&
+ sev_state->state >= SEV_STATE_LSECRET) {
+ return g_strdup(sev_state->measurement);
+ }
+
+ return NULL;
+}
+
+static Notifier sev_machine_done_notify = {
+ .notify = sev_launch_get_measure,
+};
+
void *
sev_guest_init(const char *id)
{
@@ -588,6 +650,7 @@ sev_guest_init(const char *id)
}
ram_block_notifier_add(&sev_ram_notifier);
+ qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
return s;
err:
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index c06be12c8079..c21d1f31d712 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -42,6 +42,7 @@ extern uint64_t sev_get_me_mask(void);
extern SevInfo *sev_get_info(void);
extern uint32_t sev_get_cbit_position(void);
extern uint32_t sev_get_reduced_phys_bits(void);
+extern char *sev_get_launch_measurement(void);
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
@@ -83,6 +84,7 @@ struct SEVState {
uint32_t handle;
int sev_fd;
SevState state;
+ gchar *measurement;
};
typedef struct SEVState SEVState;
diff --git a/target/i386/trace-events b/target/i386/trace-events
index c0cd8e93217f..f7a1a1e6b85c 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -13,3 +13,4 @@ kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
+kvm_sev_launch_measurement(const char *value) "data %s"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 19/28] sev/i386: finalize the SEV guest launch flow
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
SEV launch flow requires us to issue LAUNCH_FINISH command before guest
is ready to run.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev.c | 29 +++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
2 files changed, 30 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index e01c753be3ec..5fbb3105ccd4 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -573,6 +573,34 @@ static Notifier sev_machine_done_notify = {
.notify = sev_launch_get_measure,
};
+static void
+sev_launch_finish(SEVState *s)
+{
+ int ret, error;
+
+ trace_kvm_sev_launch_finish();
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_FINISH, 0, &error);
+ if (ret) {
+ error_report("%s: LAUNCH_FINISH ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(error));
+ exit(1);
+ }
+
+ sev_set_guest_state(SEV_STATE_RUNNING);
+}
+
+static void
+sev_vm_state_change(void *opaque, int running, RunState state)
+{
+ SEVState *s = opaque;
+
+ if (running) {
+ if (!sev_check_state(SEV_STATE_RUNNING)) {
+ sev_launch_finish(s);
+ }
+ }
+}
+
void *
sev_guest_init(const char *id)
{
@@ -651,6 +679,7 @@ sev_guest_init(const char *id)
ram_block_notifier_add(&sev_ram_notifier);
qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
+ qemu_add_vm_change_state_handler(sev_vm_state_change, s);
return s;
err:
diff --git a/target/i386/trace-events b/target/i386/trace-events
index f7a1a1e6b85c..b1fbde6e40fe 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -14,3 +14,4 @@ kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
+kvm_sev_launch_finish(void) ""
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 19/28] sev/i386: finalize the SEV guest launch flow
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
SEV launch flow requires us to issue LAUNCH_FINISH command before guest
is ready to run.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/sev.c | 29 +++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
2 files changed, 30 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index e01c753be3ec..5fbb3105ccd4 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -573,6 +573,34 @@ static Notifier sev_machine_done_notify = {
.notify = sev_launch_get_measure,
};
+static void
+sev_launch_finish(SEVState *s)
+{
+ int ret, error;
+
+ trace_kvm_sev_launch_finish();
+ ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_FINISH, 0, &error);
+ if (ret) {
+ error_report("%s: LAUNCH_FINISH ret=%d fw_error=%d '%s'",
+ __func__, ret, error, fw_error_to_str(error));
+ exit(1);
+ }
+
+ sev_set_guest_state(SEV_STATE_RUNNING);
+}
+
+static void
+sev_vm_state_change(void *opaque, int running, RunState state)
+{
+ SEVState *s = opaque;
+
+ if (running) {
+ if (!sev_check_state(SEV_STATE_RUNNING)) {
+ sev_launch_finish(s);
+ }
+ }
+}
+
void *
sev_guest_init(const char *id)
{
@@ -651,6 +679,7 @@ sev_guest_init(const char *id)
ram_block_notifier_add(&sev_ram_notifier);
qemu_add_machine_init_done_notifier(&sev_machine_done_notify);
+ qemu_add_vm_change_state_handler(sev_vm_state_change, s);
return s;
err:
diff --git a/target/i386/trace-events b/target/i386/trace-events
index f7a1a1e6b85c..b1fbde6e40fe 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -14,3 +14,4 @@ kvm_sev_change_state(const char *old, const char *new) "%s -> %s"
kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session %p pdh %p"
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
+kvm_sev_launch_finish(void) ""
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 20/28] hw/i386: set ram_debug_ops when memory encryption is enabled
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
When memory encryption is enabled, the guest RAM and boot flash ROM will
contain the encrypted data. By setting the debug ops allow us to invoke
encryption APIs when accessing the memory for the debug purposes.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hw/i386/pc.c | 9 +++++++++
hw/i386/pc_sysfw.c | 6 ++++++
2 files changed, 15 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 94cfd40ef2c8..2aed48cdf13d 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1360,6 +1360,15 @@ void pc_memory_init(PCMachineState *pcms,
e820_add_entry(0x100000000ULL, pcms->above_4g_mem_size, E820_RAM);
}
+ /*
+ * When memory encryption is enabled, the guest RAM will be encrypted with
+ * a guest unique key. Set the debug ops so that any debug access to the
+ * guest RAM will go through the memory encryption APIs.
+ */
+ if (kvm_memcrypt_enabled()) {
+ kvm_memcrypt_set_debug_ops(ram);
+ }
+
if (!pcmc->has_reserved_memory &&
(machine->ram_slots ||
(machine->maxram_size > machine->ram_size))) {
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 73ac783f2055..845240f97293 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -181,6 +181,12 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
error_report("failed to encrypt pflash rom");
exit(1);
}
+
+ /*
+ * The pflash ROM is encrypted, set the debug ops so that any
+ * debug accesses will use memory encryption APIs.
+ */
+ kvm_memcrypt_set_debug_ops(flash_mem);
}
}
}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 20/28] hw/i386: set ram_debug_ops when memory encryption is enabled
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
When memory encryption is enabled, the guest RAM and boot flash ROM will
contain the encrypted data. By setting the debug ops allow us to invoke
encryption APIs when accessing the memory for the debug purposes.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
hw/i386/pc.c | 9 +++++++++
hw/i386/pc_sysfw.c | 6 ++++++
2 files changed, 15 insertions(+)
diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 94cfd40ef2c8..2aed48cdf13d 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1360,6 +1360,15 @@ void pc_memory_init(PCMachineState *pcms,
e820_add_entry(0x100000000ULL, pcms->above_4g_mem_size, E820_RAM);
}
+ /*
+ * When memory encryption is enabled, the guest RAM will be encrypted with
+ * a guest unique key. Set the debug ops so that any debug access to the
+ * guest RAM will go through the memory encryption APIs.
+ */
+ if (kvm_memcrypt_enabled()) {
+ kvm_memcrypt_set_debug_ops(ram);
+ }
+
if (!pcmc->has_reserved_memory &&
(machine->ram_slots ||
(machine->maxram_size > machine->ram_size))) {
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 73ac783f2055..845240f97293 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -181,6 +181,12 @@ static void pc_system_flash_init(MemoryRegion *rom_memory)
error_report("failed to encrypt pflash rom");
exit(1);
}
+
+ /*
+ * The pflash ROM is encrypted, set the debug ops so that any
+ * debug accesses will use memory encryption APIs.
+ */
+ kvm_memcrypt_set_debug_ops(flash_mem);
}
}
}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for
decrypting and encrypting guest memory region. The command works only if
the guest policy allows the debugging.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 1 +
stubs/sev.c | 4 ++++
target/i386/sev.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
4 files changed, 63 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 411aa87719e6..8089173491dd 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -1682,6 +1682,7 @@ static int kvm_init(MachineState *ms)
}
kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
+ kvm_state->memcrypt_debug_ops = sev_set_debug_ops;
}
ret = kvm_arch_init(ms, s);
diff --git a/stubs/sev.c b/stubs/sev.c
index 2e20f3b73a5b..73f5c7f93a67 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -15,6 +15,10 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+void sev_set_debug_ops(void *handle, MemoryRegion *mr)
+{
+}
+
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
{
return 1;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 5fbb3105ccd4..bcfc09558c8c 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -24,6 +24,7 @@
#define DEFAULT_SEV_DEVICE "/dev/sev"
static SEVState *sev_state;
+static MemoryRegionRAMReadWriteOps sev_ops;
static const char *const sev_fw_errlist[] = {
"",
@@ -601,6 +602,46 @@ sev_vm_state_change(void *opaque, int running, RunState state)
}
}
+static int
+sev_dbg_enc_dec(uint8_t *dst, const uint8_t *src, uint32_t len, bool write)
+{
+ int ret, error;
+ struct kvm_sev_dbg dbg;
+
+ dbg.src_uaddr = (unsigned long)src;
+ dbg.dst_uaddr = (unsigned long)dst;
+ dbg.len = len;
+
+ trace_kvm_sev_debug(write ? "encrypt" : "decrypt", src, dst, len);
+ ret = sev_ioctl(sev_state->sev_fd,
+ write ? KVM_SEV_DBG_ENCRYPT : KVM_SEV_DBG_DECRYPT,
+ &dbg, &error);
+ if (ret) {
+ error_report("%s (%s) %#llx->%#llx+%#x ret=%d fw_error=%d '%s'",
+ __func__, write ? "write" : "read", dbg.src_uaddr,
+ dbg.dst_uaddr, dbg.len, ret, error,
+ fw_error_to_str(error));
+ }
+
+ return ret;
+}
+
+static int
+sev_mem_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+ assert(attrs.debug);
+
+ return sev_dbg_enc_dec(dst, src, len, false);
+}
+
+static int
+sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+ assert(attrs.debug);
+
+ return sev_dbg_enc_dec(dst, src, len, true);
+}
+
void *
sev_guest_init(const char *id)
{
@@ -701,6 +742,22 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
return 0;
}
+void
+sev_set_debug_ops(void *handle, MemoryRegion *mr)
+{
+ SEVState *s = (SEVState *)handle;
+
+ /* If policy does not allow debug then no need to register ops */
+ if (s->policy & SEV_POLICY_NODBG) {
+ return;
+ }
+
+ sev_ops.read = sev_mem_read;
+ sev_ops.write = sev_mem_write;
+
+ memory_region_set_ram_debug_ops(mr, &sev_ops);
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index b1fbde6e40fe..00aa6e98d810 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -15,3 +15,4 @@ kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
kvm_sev_launch_finish(void) ""
+kvm_sev_debug(const char *op, const uint8_t *src, uint8_t *dst, int len) "(%s) src %p dst %p len %d"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for
decrypting and encrypting guest memory region. The command works only if
the guest policy allows the debugging.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
accel/kvm/kvm-all.c | 1 +
stubs/sev.c | 4 ++++
target/i386/sev.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/trace-events | 1 +
4 files changed, 63 insertions(+)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 411aa87719e6..8089173491dd 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -1682,6 +1682,7 @@ static int kvm_init(MachineState *ms)
}
kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
+ kvm_state->memcrypt_debug_ops = sev_set_debug_ops;
}
ret = kvm_arch_init(ms, s);
diff --git a/stubs/sev.c b/stubs/sev.c
index 2e20f3b73a5b..73f5c7f93a67 100644
--- a/stubs/sev.c
+++ b/stubs/sev.c
@@ -15,6 +15,10 @@
#include "qemu-common.h"
#include "sysemu/sev.h"
+void sev_set_debug_ops(void *handle, MemoryRegion *mr)
+{
+}
+
int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
{
return 1;
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 5fbb3105ccd4..bcfc09558c8c 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -24,6 +24,7 @@
#define DEFAULT_SEV_DEVICE "/dev/sev"
static SEVState *sev_state;
+static MemoryRegionRAMReadWriteOps sev_ops;
static const char *const sev_fw_errlist[] = {
"",
@@ -601,6 +602,46 @@ sev_vm_state_change(void *opaque, int running, RunState state)
}
}
+static int
+sev_dbg_enc_dec(uint8_t *dst, const uint8_t *src, uint32_t len, bool write)
+{
+ int ret, error;
+ struct kvm_sev_dbg dbg;
+
+ dbg.src_uaddr = (unsigned long)src;
+ dbg.dst_uaddr = (unsigned long)dst;
+ dbg.len = len;
+
+ trace_kvm_sev_debug(write ? "encrypt" : "decrypt", src, dst, len);
+ ret = sev_ioctl(sev_state->sev_fd,
+ write ? KVM_SEV_DBG_ENCRYPT : KVM_SEV_DBG_DECRYPT,
+ &dbg, &error);
+ if (ret) {
+ error_report("%s (%s) %#llx->%#llx+%#x ret=%d fw_error=%d '%s'",
+ __func__, write ? "write" : "read", dbg.src_uaddr,
+ dbg.dst_uaddr, dbg.len, ret, error,
+ fw_error_to_str(error));
+ }
+
+ return ret;
+}
+
+static int
+sev_mem_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+ assert(attrs.debug);
+
+ return sev_dbg_enc_dec(dst, src, len, false);
+}
+
+static int
+sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
+{
+ assert(attrs.debug);
+
+ return sev_dbg_enc_dec(dst, src, len, true);
+}
+
void *
sev_guest_init(const char *id)
{
@@ -701,6 +742,22 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
return 0;
}
+void
+sev_set_debug_ops(void *handle, MemoryRegion *mr)
+{
+ SEVState *s = (SEVState *)handle;
+
+ /* If policy does not allow debug then no need to register ops */
+ if (s->policy & SEV_POLICY_NODBG) {
+ return;
+ }
+
+ sev_ops.read = sev_mem_read;
+ sev_ops.write = sev_mem_write;
+
+ memory_region_set_ram_debug_ops(mr, &sev_ops);
+}
+
static void
sev_register_types(void)
{
diff --git a/target/i386/trace-events b/target/i386/trace-events
index b1fbde6e40fe..00aa6e98d810 100644
--- a/target/i386/trace-events
+++ b/target/i386/trace-events
@@ -15,3 +15,4 @@ kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session
kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
kvm_sev_launch_measurement(const char *value) "data %s"
kvm_sev_launch_finish(void) ""
+kvm_sev_debug(const char *op, const uint8_t *src, uint8_t *dst, int len) "(%s) src %p dst %p len %d"
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 22/28] target/i386: clear C-bit when walking SEV guest page table
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
In SEV-enabled guest the pte entry will have C-bit set, we need to
clear the C-bit when walking the page table.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/helper.c | 31 +++++++++++++----------
target/i386/monitor.c | 68 +++++++++++++++++++++++++++++++++------------------
2 files changed, 62 insertions(+), 37 deletions(-)
diff --git a/target/i386/helper.c b/target/i386/helper.c
index 58fb6eec562a..dc5c7005cf13 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -21,6 +21,7 @@
#include "cpu.h"
#include "exec/exec-all.h"
#include "sysemu/kvm.h"
+#include "sev_i386.h"
#include "kvm_i386.h"
#ifndef CONFIG_USER_ONLY
#include "sysemu/sysemu.h"
@@ -732,6 +733,9 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
int32_t a20_mask;
uint32_t page_offset;
int page_size;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
a20_mask = x86_get_a20_mask(env);
if (!(env->cr[0] & CR0_PG_MASK)) {
@@ -755,25 +759,25 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
}
if (la57) {
- pml5e_addr = ((env->cr[3] & ~0xfff) +
+ pml5e_addr = ((env->cr[3] & ~0xfff & me_mask) +
(((addr >> 48) & 0x1ff) << 3)) & a20_mask;
- pml5e = ldq_phys_debug(cs, pml5e_addr);
+ pml5e = ldq_phys_debug(cs, pml5e_addr) & me_mask;
if (!(pml5e & PG_PRESENT_MASK)) {
return -1;
}
} else {
- pml5e = env->cr[3];
+ pml5e = env->cr[3] & me_mask;
}
pml4e_addr = ((pml5e & PG_ADDRESS_MASK) +
(((addr >> 39) & 0x1ff) << 3)) & a20_mask;
- pml4e = ldq_phys_debug(cs, pml4e_addr);
+ pml4e = ldq_phys_debug(cs, pml4e_addr) & me_mask;
if (!(pml4e & PG_PRESENT_MASK)) {
return -1;
}
pdpe_addr = ((pml4e & PG_ADDRESS_MASK) +
(((addr >> 30) & 0x1ff) << 3)) & a20_mask;
- pdpe = x86_ldq_phys(cs, pdpe_addr);
+ pdpe = ldq_phys_debug(cs, pdpe_addr) & me_mask;
if (!(pdpe & PG_PRESENT_MASK)) {
return -1;
}
@@ -786,16 +790,16 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else
#endif
{
- pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
- a20_mask;
- pdpe = ldq_phys_debug(cs, pdpe_addr);
+ pdpe_addr = ((env->cr[3] & ~0x1f & me_mask) + ((addr >> 27) & 0x18))
+ & a20_mask;
+ pdpe = ldq_phys_debug(cs, pdpe_addr) & me_mask;
if (!(pdpe & PG_PRESENT_MASK))
return -1;
}
pde_addr = ((pdpe & PG_ADDRESS_MASK) +
(((addr >> 21) & 0x1ff) << 3)) & a20_mask;
- pde = ldq_phys_debug(cs, pde_addr);
+ pde = ldq_phys_debug(cs, pde_addr) & me_mask;
if (!(pde & PG_PRESENT_MASK)) {
return -1;
}
@@ -808,7 +812,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pte_addr = ((pde & PG_ADDRESS_MASK) +
(((addr >> 12) & 0x1ff) << 3)) & a20_mask;
page_size = 4096;
- pte = ldq_phys_debug(cs, pte_addr);
+ pte = ldq_phys_debug(cs, pte_addr) & me_mask;
}
if (!(pte & PG_PRESENT_MASK)) {
return -1;
@@ -817,8 +821,9 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
uint32_t pde;
/* page directory entry */
- pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask;
- pde = ldl_phys_debug(cs, pde_addr);
+ pde_addr = ((env->cr[3] & ~0xfff & me_mask) + ((addr >> 20) & 0xffc))
+ & a20_mask;
+ pde = ldl_phys_debug(cs, pde_addr) & me_mask;
if (!(pde & PG_PRESENT_MASK))
return -1;
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -827,7 +832,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else {
/* page directory entry */
pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask;
- pte = ldl_phys_debug(cs, pte_addr);
+ pte = ldl_phys_debug(cs, pte_addr) & me_mask;
if (!(pte & PG_PRESENT_MASK)) {
return -1;
}
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 4d9019626031..7df31c3cdf1b 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -98,16 +98,20 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
unsigned int l1, l2, l3;
uint64_t pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
pdp_addr = env->cr[3] & ~0x1f;
+ pdp_addr &= me_mask;
for (l1 = 0; l1 < 4; l1++) {
cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
/* 2M pages with PAE, CR4.PSE is ignored */
@@ -118,7 +122,7 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pt_addr + l3 * 8,
&pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
+ (l3 << 12),
@@ -140,10 +144,13 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t l1, l2, l3, l4;
uint64_t pml4e, pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
- pml4e = le64_to_cpu(pml4e);
+ pml4e = le64_to_cpu(pml4e & me_mask);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
}
@@ -151,7 +158,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
if (!(pdpe & PG_PRESENT_MASK)) {
continue;
}
@@ -166,7 +173,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
if (!(pde & PG_PRESENT_MASK)) {
continue;
}
@@ -181,7 +188,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
cpu_physical_memory_read_debug(pt_addr + l4 * 8, &pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l0 << 48) + (l1 << 39) +
(l2 << 30) + (l3 << 21) + (l4 << 12),
@@ -198,11 +205,14 @@ static void tlb_info_la57(Monitor *mon, CPUArchState *env)
uint64_t l0;
uint64_t pml5e;
uint64_t pml5_addr;
+ uint64_t me_mask;
- pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
+ me_mask = sev_get_me_mask();
+
+ pml5_addr = env->cr[3] & 0x3fffffffff000ULL & me_mask;
for (l0 = 0; l0 < 512; l0++) {
cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
- pml5e = le64_to_cpu(pml5e);
+ pml5e = le64_to_cpu(pml5e & me_mask);
if (pml5e & PG_PRESENT_MASK) {
tlb_info_la48(mon, env, l0, pml5e & 0x3fffffffff000ULL);
}
@@ -230,7 +240,8 @@ void hmp_info_tlb(Monitor *mon, const QDict *qdict)
if (env->cr[4] & CR4_LA57_MASK) {
tlb_info_la57(mon, env);
} else {
- tlb_info_la48(mon, env, 0, env->cr[3] & 0x3fffffffff000ULL);
+ tlb_info_la48(mon, env, 0, env->cr[3] & 0x3fffffffff000ULL &
+ sev_get_me_mask());
}
} else
#endif
@@ -314,19 +325,22 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
uint64_t pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
hwaddr start, end;
+ uint64_t me_mask;
- pdp_addr = env->cr[3] & ~0x1f;
+ me_mask = sev_get_me_mask();
+
+ pdp_addr = env->cr[3] & ~0x1f & me_mask;
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 4; l1++) {
cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
end = l1 << 30;
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
end = (l1 << 30) + (l2 << 21);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -338,7 +352,7 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pt_addr + l3 * 8,
&pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
end = (l1 << 30) + (l2 << 21) + (l3 << 12);
if (pte & PG_PRESENT_MASK) {
prot = pte & pde & (PG_USER_MASK | PG_RW_MASK |
@@ -371,19 +385,22 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
uint64_t l1, l2, l3, l4;
uint64_t pml4e, pdpe, pde, pte;
uint64_t pml4_addr, pdp_addr, pd_addr, pt_addr, start, end;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
- pml4_addr = env->cr[3] & 0x3fffffffff000ULL;
+ pml4_addr = env->cr[3] & 0x3fffffffff000ULL & me_mask;
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
- pml4e = le64_to_cpu(pml4e);
+ pml4e = le64_to_cpu(pml4e & me_mask);
end = l1 << 39;
if (pml4e & PG_PRESENT_MASK) {
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
end = (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
if (pdpe & PG_PSE_MASK) {
@@ -396,7 +413,7 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pd_addr + l3 * 8,
&pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
end = (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -410,7 +427,7 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
cpu_physical_memory_read_debug(pt_addr
+ l4 * 8,
&pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
end = (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -449,13 +466,16 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
uint64_t l0, l1, l2, l3, l4;
uint64_t pml5e, pml4e, pdpe, pde, pte;
uint64_t pml5_addr, pml4_addr, pdp_addr, pd_addr, pt_addr, start, end;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
- pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
+ pml5_addr = env->cr[3] & 0x3fffffffff000ULL & me_mask;
last_prot = 0;
start = -1;
for (l0 = 0; l0 < 512; l0++) {
cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
- pml5e = le64_to_cpu(pml5e);
+ pml5e = le64_to_cpu(pml5e & me_mask);
end = l0 << 48;
if (!(pml5e & PG_PRESENT_MASK)) {
prot = 0;
@@ -466,7 +486,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pml4_addr = pml5e & 0x3fffffffff000ULL;
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
- pml4e = le64_to_cpu(pml4e);
+ pml4e = le64_to_cpu(pml4e & me_mask);
end = (l0 << 48) + (l1 << 39);
if (!(pml4e & PG_PRESENT_MASK)) {
prot = 0;
@@ -477,7 +497,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
end = (l0 << 48) + (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
prot = 0;
@@ -496,7 +516,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
prot = 0;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 22/28] target/i386: clear C-bit when walking SEV guest page table
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
In SEV-enabled guest the pte entry will have C-bit set, we need to
clear the C-bit when walking the page table.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/helper.c | 31 +++++++++++++----------
target/i386/monitor.c | 68 +++++++++++++++++++++++++++++++++------------------
2 files changed, 62 insertions(+), 37 deletions(-)
diff --git a/target/i386/helper.c b/target/i386/helper.c
index 58fb6eec562a..dc5c7005cf13 100644
--- a/target/i386/helper.c
+++ b/target/i386/helper.c
@@ -21,6 +21,7 @@
#include "cpu.h"
#include "exec/exec-all.h"
#include "sysemu/kvm.h"
+#include "sev_i386.h"
#include "kvm_i386.h"
#ifndef CONFIG_USER_ONLY
#include "sysemu/sysemu.h"
@@ -732,6 +733,9 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
int32_t a20_mask;
uint32_t page_offset;
int page_size;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
a20_mask = x86_get_a20_mask(env);
if (!(env->cr[0] & CR0_PG_MASK)) {
@@ -755,25 +759,25 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
}
if (la57) {
- pml5e_addr = ((env->cr[3] & ~0xfff) +
+ pml5e_addr = ((env->cr[3] & ~0xfff & me_mask) +
(((addr >> 48) & 0x1ff) << 3)) & a20_mask;
- pml5e = ldq_phys_debug(cs, pml5e_addr);
+ pml5e = ldq_phys_debug(cs, pml5e_addr) & me_mask;
if (!(pml5e & PG_PRESENT_MASK)) {
return -1;
}
} else {
- pml5e = env->cr[3];
+ pml5e = env->cr[3] & me_mask;
}
pml4e_addr = ((pml5e & PG_ADDRESS_MASK) +
(((addr >> 39) & 0x1ff) << 3)) & a20_mask;
- pml4e = ldq_phys_debug(cs, pml4e_addr);
+ pml4e = ldq_phys_debug(cs, pml4e_addr) & me_mask;
if (!(pml4e & PG_PRESENT_MASK)) {
return -1;
}
pdpe_addr = ((pml4e & PG_ADDRESS_MASK) +
(((addr >> 30) & 0x1ff) << 3)) & a20_mask;
- pdpe = x86_ldq_phys(cs, pdpe_addr);
+ pdpe = ldq_phys_debug(cs, pdpe_addr) & me_mask;
if (!(pdpe & PG_PRESENT_MASK)) {
return -1;
}
@@ -786,16 +790,16 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else
#endif
{
- pdpe_addr = ((env->cr[3] & ~0x1f) + ((addr >> 27) & 0x18)) &
- a20_mask;
- pdpe = ldq_phys_debug(cs, pdpe_addr);
+ pdpe_addr = ((env->cr[3] & ~0x1f & me_mask) + ((addr >> 27) & 0x18))
+ & a20_mask;
+ pdpe = ldq_phys_debug(cs, pdpe_addr) & me_mask;
if (!(pdpe & PG_PRESENT_MASK))
return -1;
}
pde_addr = ((pdpe & PG_ADDRESS_MASK) +
(((addr >> 21) & 0x1ff) << 3)) & a20_mask;
- pde = ldq_phys_debug(cs, pde_addr);
+ pde = ldq_phys_debug(cs, pde_addr) & me_mask;
if (!(pde & PG_PRESENT_MASK)) {
return -1;
}
@@ -808,7 +812,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
pte_addr = ((pde & PG_ADDRESS_MASK) +
(((addr >> 12) & 0x1ff) << 3)) & a20_mask;
page_size = 4096;
- pte = ldq_phys_debug(cs, pte_addr);
+ pte = ldq_phys_debug(cs, pte_addr) & me_mask;
}
if (!(pte & PG_PRESENT_MASK)) {
return -1;
@@ -817,8 +821,9 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
uint32_t pde;
/* page directory entry */
- pde_addr = ((env->cr[3] & ~0xfff) + ((addr >> 20) & 0xffc)) & a20_mask;
- pde = ldl_phys_debug(cs, pde_addr);
+ pde_addr = ((env->cr[3] & ~0xfff & me_mask) + ((addr >> 20) & 0xffc))
+ & a20_mask;
+ pde = ldl_phys_debug(cs, pde_addr) & me_mask;
if (!(pde & PG_PRESENT_MASK))
return -1;
if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
@@ -827,7 +832,7 @@ hwaddr x86_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
} else {
/* page directory entry */
pte_addr = ((pde & ~0xfff) + ((addr >> 10) & 0xffc)) & a20_mask;
- pte = ldl_phys_debug(cs, pte_addr);
+ pte = ldl_phys_debug(cs, pte_addr) & me_mask;
if (!(pte & PG_PRESENT_MASK)) {
return -1;
}
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 4d9019626031..7df31c3cdf1b 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -98,16 +98,20 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
unsigned int l1, l2, l3;
uint64_t pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
pdp_addr = env->cr[3] & ~0x1f;
+ pdp_addr &= me_mask;
for (l1 = 0; l1 < 4; l1++) {
cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
/* 2M pages with PAE, CR4.PSE is ignored */
@@ -118,7 +122,7 @@ static void tlb_info_pae32(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pt_addr + l3 * 8,
&pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l1 << 30) + (l2 << 21)
+ (l3 << 12),
@@ -140,10 +144,13 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
uint64_t l1, l2, l3, l4;
uint64_t pml4e, pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
- pml4e = le64_to_cpu(pml4e);
+ pml4e = le64_to_cpu(pml4e & me_mask);
if (!(pml4e & PG_PRESENT_MASK)) {
continue;
}
@@ -151,7 +158,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
if (!(pdpe & PG_PRESENT_MASK)) {
continue;
}
@@ -166,7 +173,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
if (!(pde & PG_PRESENT_MASK)) {
continue;
}
@@ -181,7 +188,7 @@ static void tlb_info_la48(Monitor *mon, CPUArchState *env,
pt_addr = pde & 0x3fffffffff000ULL;
for (l4 = 0; l4 < 512; l4++) {
cpu_physical_memory_read_debug(pt_addr + l4 * 8, &pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
if (pte & PG_PRESENT_MASK) {
print_pte(mon, env, (l0 << 48) + (l1 << 39) +
(l2 << 30) + (l3 << 21) + (l4 << 12),
@@ -198,11 +205,14 @@ static void tlb_info_la57(Monitor *mon, CPUArchState *env)
uint64_t l0;
uint64_t pml5e;
uint64_t pml5_addr;
+ uint64_t me_mask;
- pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
+ me_mask = sev_get_me_mask();
+
+ pml5_addr = env->cr[3] & 0x3fffffffff000ULL & me_mask;
for (l0 = 0; l0 < 512; l0++) {
cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
- pml5e = le64_to_cpu(pml5e);
+ pml5e = le64_to_cpu(pml5e & me_mask);
if (pml5e & PG_PRESENT_MASK) {
tlb_info_la48(mon, env, l0, pml5e & 0x3fffffffff000ULL);
}
@@ -230,7 +240,8 @@ void hmp_info_tlb(Monitor *mon, const QDict *qdict)
if (env->cr[4] & CR4_LA57_MASK) {
tlb_info_la57(mon, env);
} else {
- tlb_info_la48(mon, env, 0, env->cr[3] & 0x3fffffffff000ULL);
+ tlb_info_la48(mon, env, 0, env->cr[3] & 0x3fffffffff000ULL &
+ sev_get_me_mask());
}
} else
#endif
@@ -314,19 +325,22 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
uint64_t pdpe, pde, pte;
uint64_t pdp_addr, pd_addr, pt_addr;
hwaddr start, end;
+ uint64_t me_mask;
- pdp_addr = env->cr[3] & ~0x1f;
+ me_mask = sev_get_me_mask();
+
+ pdp_addr = env->cr[3] & ~0x1f & me_mask;
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 4; l1++) {
cpu_physical_memory_read_debug(pdp_addr + l1 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
end = l1 << 30;
if (pdpe & PG_PRESENT_MASK) {
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pd_addr + l2 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
end = (l1 << 30) + (l2 << 21);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -338,7 +352,7 @@ static void mem_info_pae32(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pt_addr + l3 * 8,
&pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
end = (l1 << 30) + (l2 << 21) + (l3 << 12);
if (pte & PG_PRESENT_MASK) {
prot = pte & pde & (PG_USER_MASK | PG_RW_MASK |
@@ -371,19 +385,22 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
uint64_t l1, l2, l3, l4;
uint64_t pml4e, pdpe, pde, pte;
uint64_t pml4_addr, pdp_addr, pd_addr, pt_addr, start, end;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
- pml4_addr = env->cr[3] & 0x3fffffffff000ULL;
+ pml4_addr = env->cr[3] & 0x3fffffffff000ULL & me_mask;
last_prot = 0;
start = -1;
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
- pml4e = le64_to_cpu(pml4e);
+ pml4e = le64_to_cpu(pml4e & me_mask);
end = l1 << 39;
if (pml4e & PG_PRESENT_MASK) {
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
end = (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
if (pdpe & PG_PSE_MASK) {
@@ -396,7 +413,7 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pd_addr + l3 * 8,
&pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
end = (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
if (pde & PG_PSE_MASK) {
@@ -410,7 +427,7 @@ static void mem_info_la48(Monitor *mon, CPUArchState *env)
cpu_physical_memory_read_debug(pt_addr
+ l4 * 8,
&pte, 8);
- pte = le64_to_cpu(pte);
+ pte = le64_to_cpu(pte & me_mask);
end = (l1 << 39) + (l2 << 30) +
(l3 << 21) + (l4 << 12);
if (pte & PG_PRESENT_MASK) {
@@ -449,13 +466,16 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
uint64_t l0, l1, l2, l3, l4;
uint64_t pml5e, pml4e, pdpe, pde, pte;
uint64_t pml5_addr, pml4_addr, pdp_addr, pd_addr, pt_addr, start, end;
+ uint64_t me_mask;
+
+ me_mask = sev_get_me_mask();
- pml5_addr = env->cr[3] & 0x3fffffffff000ULL;
+ pml5_addr = env->cr[3] & 0x3fffffffff000ULL & me_mask;
last_prot = 0;
start = -1;
for (l0 = 0; l0 < 512; l0++) {
cpu_physical_memory_read_debug(pml5_addr + l0 * 8, &pml5e, 8);
- pml5e = le64_to_cpu(pml5e);
+ pml5e = le64_to_cpu(pml5e & me_mask);
end = l0 << 48;
if (!(pml5e & PG_PRESENT_MASK)) {
prot = 0;
@@ -466,7 +486,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pml4_addr = pml5e & 0x3fffffffff000ULL;
for (l1 = 0; l1 < 512; l1++) {
cpu_physical_memory_read_debug(pml4_addr + l1 * 8, &pml4e, 8);
- pml4e = le64_to_cpu(pml4e);
+ pml4e = le64_to_cpu(pml4e & me_mask);
end = (l0 << 48) + (l1 << 39);
if (!(pml4e & PG_PRESENT_MASK)) {
prot = 0;
@@ -477,7 +497,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pdp_addr = pml4e & 0x3fffffffff000ULL;
for (l2 = 0; l2 < 512; l2++) {
cpu_physical_memory_read_debug(pdp_addr + l2 * 8, &pdpe, 8);
- pdpe = le64_to_cpu(pdpe);
+ pdpe = le64_to_cpu(pdpe & me_mask);
end = (l0 << 48) + (l1 << 39) + (l2 << 30);
if (pdpe & PG_PRESENT_MASK) {
prot = 0;
@@ -496,7 +516,7 @@ static void mem_info_la57(Monitor *mon, CPUArchState *env)
pd_addr = pdpe & 0x3fffffffff000ULL;
for (l3 = 0; l3 < 512; l3++) {
cpu_physical_memory_read_debug(pd_addr + l3 * 8, &pde, 8);
- pde = le64_to_cpu(pde);
+ pde = le64_to_cpu(pde & me_mask);
end = (l0 << 48) + (l1 << 39) + (l2 << 30) + (l3 << 21);
if (pde & PG_PRESENT_MASK) {
prot = 0;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 23/28] qmp: add query-sev-launch-measure command
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
The command can be used by libvirt to retrieve the measurement of SEV guest.
This measurement is a signature of the memory contents that was encrypted
through the LAUNCH_UPDATE_DATA.
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
monitor.c | 7 +++++++
qapi/misc.json | 29 +++++++++++++++++++++++++++++
target/i386/monitor.c | 17 +++++++++++++++++
3 files changed, 53 insertions(+)
diff --git a/monitor.c b/monitor.c
index 2225cf5030dc..d53ecc5ddab3 100644
--- a/monitor.c
+++ b/monitor.c
@@ -984,6 +984,7 @@ static void qmp_unregister_commands_hack(void)
#ifndef TARGET_I386
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
qmp_unregister_command(&qmp_commands, "query-sev");
+ qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4110,6 +4111,12 @@ SevInfo *qmp_query_sev(Error **errp)
error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
return NULL;
}
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index fcf3bfc66a15..66c8229ec406 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3275,3 +3275,32 @@
#
##
{ 'command': 'query-sev', 'returns': 'SevInfo' }
+
+##
+# @SevLaunchMeasureInfo:
+#
+# SEV Guest Launch measurement information
+#
+# @data: the measurement value encoded in base64
+#
+# Since: 2.12
+#
+##
+{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'} }
+
+##
+# @query-sev-launch-measure:
+#
+# Query the SEV guest launch information.
+#
+# Returns: The @SevLaunchMeasureInfo for the guest
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev-launch-measure" }
+# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
+#
+##
+{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 7df31c3cdf1b..e5596bbc0fc2 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -720,3 +720,20 @@ void hmp_info_sev(Monitor *mon, const QDict *qdict)
monitor_printf(mon, "SEV is not enabled\n");
}
}
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+ char *data;
+ SevLaunchMeasureInfo *info;
+
+ data = sev_get_launch_measurement();
+ if (!data) {
+ error_setg(errp, "Measurement is not available");
+ return NULL;
+ }
+
+ info = g_malloc0(sizeof(*info));
+ info->data = data;
+
+ return info;
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 23/28] qmp: add query-sev-launch-measure command
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
The command can be used by libvirt to retrieve the measurement of SEV guest.
This measurement is a signature of the memory contents that was encrypted
through the LAUNCH_UPDATE_DATA.
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
monitor.c | 7 +++++++
qapi/misc.json | 29 +++++++++++++++++++++++++++++
target/i386/monitor.c | 17 +++++++++++++++++
3 files changed, 53 insertions(+)
diff --git a/monitor.c b/monitor.c
index 2225cf5030dc..d53ecc5ddab3 100644
--- a/monitor.c
+++ b/monitor.c
@@ -984,6 +984,7 @@ static void qmp_unregister_commands_hack(void)
#ifndef TARGET_I386
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
qmp_unregister_command(&qmp_commands, "query-sev");
+ qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4110,6 +4111,12 @@ SevInfo *qmp_query_sev(Error **errp)
error_setg(errp, QERR_FEATURE_DISABLED, "query-sev");
return NULL;
}
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index fcf3bfc66a15..66c8229ec406 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3275,3 +3275,32 @@
#
##
{ 'command': 'query-sev', 'returns': 'SevInfo' }
+
+##
+# @SevLaunchMeasureInfo:
+#
+# SEV Guest Launch measurement information
+#
+# @data: the measurement value encoded in base64
+#
+# Since: 2.12
+#
+##
+{ 'struct': 'SevLaunchMeasureInfo', 'data': {'data': 'str'} }
+
+##
+# @query-sev-launch-measure:
+#
+# Query the SEV guest launch information.
+#
+# Returns: The @SevLaunchMeasureInfo for the guest
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev-launch-measure" }
+# <- { "return": { "data": "4l8LXeNlSPUDlXPJG5966/8%YZ" } }
+#
+##
+{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 7df31c3cdf1b..e5596bbc0fc2 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -720,3 +720,20 @@ void hmp_info_sev(Monitor *mon, const QDict *qdict)
monitor_printf(mon, "SEV is not enabled\n");
}
}
+
+SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
+{
+ char *data;
+ SevLaunchMeasureInfo *info;
+
+ data = sev_get_launch_measurement();
+ if (!data) {
+ error_setg(errp, "Measurement is not available");
+ return NULL;
+ }
+
+ info = g_malloc0(sizeof(*info));
+ info->data = data;
+
+ return info;
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 24/28] sev/i386: add migration blocker
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
SEV guest migration is not implemented yet.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
target/i386/sev.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index bcfc09558c8c..0eb2c855bc4d 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -19,12 +19,14 @@
#include "sev_i386.h"
#include "sysemu/sysemu.h"
#include "trace.h"
+#include "migration/blocker.h"
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
static SEVState *sev_state;
static MemoryRegionRAMReadWriteOps sev_ops;
+static Error *sev_mig_blocker;
static const char *const sev_fw_errlist[] = {
"",
@@ -578,6 +580,7 @@ static void
sev_launch_finish(SEVState *s)
{
int ret, error;
+ Error *local_err = NULL;
trace_kvm_sev_launch_finish();
ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_FINISH, 0, &error);
@@ -588,6 +591,16 @@ sev_launch_finish(SEVState *s)
}
sev_set_guest_state(SEV_STATE_RUNNING);
+
+ /* add migration blocker */
+ error_setg(&sev_mig_blocker,
+ "SEV: Migration is not implemented");
+ ret = migrate_add_blocker(sev_mig_blocker, &local_err);
+ if (local_err) {
+ error_report_err(local_err);
+ error_free(sev_mig_blocker);
+ exit(1);
+ }
}
static void
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 24/28] sev/i386: add migration blocker
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
SEV guest migration is not implemented yet.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
target/i386/sev.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index bcfc09558c8c..0eb2c855bc4d 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -19,12 +19,14 @@
#include "sev_i386.h"
#include "sysemu/sysemu.h"
#include "trace.h"
+#include "migration/blocker.h"
#define DEFAULT_GUEST_POLICY 0x1 /* disable debug */
#define DEFAULT_SEV_DEVICE "/dev/sev"
static SEVState *sev_state;
static MemoryRegionRAMReadWriteOps sev_ops;
+static Error *sev_mig_blocker;
static const char *const sev_fw_errlist[] = {
"",
@@ -578,6 +580,7 @@ static void
sev_launch_finish(SEVState *s)
{
int ret, error;
+ Error *local_err = NULL;
trace_kvm_sev_launch_finish();
ret = sev_ioctl(sev_state->sev_fd, KVM_SEV_LAUNCH_FINISH, 0, &error);
@@ -588,6 +591,16 @@ sev_launch_finish(SEVState *s)
}
sev_set_guest_state(SEV_STATE_RUNNING);
+
+ /* add migration blocker */
+ error_setg(&sev_mig_blocker,
+ "SEV: Migration is not implemented");
+ ret = migrate_add_blocker(sev_mig_blocker, &local_err);
+ if (local_err) {
+ error_report_err(local_err);
+ error_free(sev_mig_blocker);
+ exit(1);
+ }
}
static void
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 25/28] cpu/i386: populate CPUID 0x8000_001F when SEV is active
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
When SEV is enabled, CPUID 0x8000_001F should provide additional
information regarding the feature (such as which page table bit is used
to mark the pages as encrypted etc).
The details for memory encryption CPUID is available in AMD APM
(https://support.amd.com/TechDocs/24594.pdf) Section E.4.17
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/cpu.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 2c04645ceac9..647f792ba123 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -26,6 +26,7 @@
#include "sysemu/hvf.h"
#include "sysemu/cpus.h"
#include "kvm_i386.h"
+#include "sev_i386.h"
#include "qemu/error-report.h"
#include "qemu/option.h"
@@ -3612,6 +3613,13 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
*ecx = 0;
*edx = 0;
break;
+ case 0x8000001F:
+ *eax = sev_enabled() ? 0x2 : 0;
+ *ebx = sev_get_cbit_position();
+ *ebx |= sev_get_reduced_phys_bits() << 6;
+ *ecx = 0;
+ *edx = 0;
+ break;
default:
/* reserved values: zero */
*eax = 0;
@@ -4041,6 +4049,11 @@ static void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
}
+
+ /* SEV requires CPUID[0x8000001F] */
+ if (sev_enabled()) {
+ x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
+ }
}
/* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 25/28] cpu/i386: populate CPUID 0x8000_001F when SEV is active
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
When SEV is enabled, CPUID 0x8000_001F should provide additional
information regarding the feature (such as which page table bit is used
to mark the pages as encrypted etc).
The details for memory encryption CPUID is available in AMD APM
(https://support.amd.com/TechDocs/24594.pdf) Section E.4.17
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/cpu.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 2c04645ceac9..647f792ba123 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -26,6 +26,7 @@
#include "sysemu/hvf.h"
#include "sysemu/cpus.h"
#include "kvm_i386.h"
+#include "sev_i386.h"
#include "qemu/error-report.h"
#include "qemu/option.h"
@@ -3612,6 +3613,13 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count,
*ecx = 0;
*edx = 0;
break;
+ case 0x8000001F:
+ *eax = sev_enabled() ? 0x2 : 0;
+ *ebx = sev_get_cbit_position();
+ *ebx |= sev_get_reduced_phys_bits() << 6;
+ *ecx = 0;
+ *edx = 0;
+ break;
default:
/* reserved values: zero */
*eax = 0;
@@ -4041,6 +4049,11 @@ static void x86_cpu_expand_features(X86CPU *cpu, Error **errp)
if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) {
x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A);
}
+
+ /* SEV requires CPUID[0x8000001F] */
+ if (sev_enabled()) {
+ x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F);
+ }
}
/* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 26/28] qmp: add query-sev-capabilities command
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
The command can be used by libvirt to query the SEV capabilities.
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
monitor.c | 7 +++++++
qapi/misc.json | 42 ++++++++++++++++++++++++++++++++++++++++++
target/i386/monitor.c | 6 ++++++
3 files changed, 55 insertions(+)
diff --git a/monitor.c b/monitor.c
index d53ecc5ddab3..29ce695a80d5 100644
--- a/monitor.c
+++ b/monitor.c
@@ -985,6 +985,7 @@ static void qmp_unregister_commands_hack(void)
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
qmp_unregister_command(&qmp_commands, "query-sev");
qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
+ qmp_unregister_command(&qmp_commands, "query-sev-capabilities");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4117,6 +4118,12 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
return NULL;
}
+
+SevCapability *qmp_query_sev_capabilities(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-capabilities");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index 66c8229ec406..f34848831a4b 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3304,3 +3304,45 @@
#
##
{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
+
+##
+# @SevCapability:
+#
+# The struct describes capability for a Secure Encrypted Virtualization
+# feature.
+#
+# @pdh: Platform Diffie-Hellman key
+#
+# @cert-chain: PDH certificate chain
+#
+# @cbitpos: C-bit location in page table entry
+#
+# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
+# enabled
+#
+# Since: 2.12
+##
+{ 'struct': 'SevCapability',
+ 'data': { 'pdh': 'str',
+ 'cert-chain': 'str',
+ 'cbitpos': 'int',
+ 'reduced-phys-bits': 'int'} }
+
+##
+# @query-sev-capabilities:
+#
+# This command is used to get the SEV capabilities, and is supported on AMD
+# X86 platforms only.
+#
+# Returns: SevCapability objects.
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev-capabilities" }
+# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
+# "cbitpos": 47, "reduced-phys-bits": 5}}
+#
+##
+{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index e5596bbc0fc2..33e6bade693b 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -737,3 +737,9 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
return info;
}
+
+SevCapability *qmp_query_sev_capabilities(Error **errp)
+{
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 26/28] qmp: add query-sev-capabilities command
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
The command can be used by libvirt to query the SEV capabilities.
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
monitor.c | 7 +++++++
qapi/misc.json | 42 ++++++++++++++++++++++++++++++++++++++++++
target/i386/monitor.c | 6 ++++++
3 files changed, 55 insertions(+)
diff --git a/monitor.c b/monitor.c
index d53ecc5ddab3..29ce695a80d5 100644
--- a/monitor.c
+++ b/monitor.c
@@ -985,6 +985,7 @@ static void qmp_unregister_commands_hack(void)
qmp_unregister_command(&qmp_commands, "rtc-reset-reinjection");
qmp_unregister_command(&qmp_commands, "query-sev");
qmp_unregister_command(&qmp_commands, "query-sev-launch-measure");
+ qmp_unregister_command(&qmp_commands, "query-sev-capabilities");
#endif
#ifndef TARGET_S390X
qmp_unregister_command(&qmp_commands, "dump-skeys");
@@ -4117,6 +4118,12 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-launch-measure");
return NULL;
}
+
+SevCapability *qmp_query_sev_capabilities(Error **errp)
+{
+ error_setg(errp, QERR_FEATURE_DISABLED, "query-sev-capabilities");
+ return NULL;
+}
#endif
#ifndef TARGET_S390X
diff --git a/qapi/misc.json b/qapi/misc.json
index 66c8229ec406..f34848831a4b 100644
--- a/qapi/misc.json
+++ b/qapi/misc.json
@@ -3304,3 +3304,45 @@
#
##
{ 'command': 'query-sev-launch-measure', 'returns': 'SevLaunchMeasureInfo' }
+
+##
+# @SevCapability:
+#
+# The struct describes capability for a Secure Encrypted Virtualization
+# feature.
+#
+# @pdh: Platform Diffie-Hellman key
+#
+# @cert-chain: PDH certificate chain
+#
+# @cbitpos: C-bit location in page table entry
+#
+# @reduced-phys-bits: Number of physical Address bit reduction when SEV is
+# enabled
+#
+# Since: 2.12
+##
+{ 'struct': 'SevCapability',
+ 'data': { 'pdh': 'str',
+ 'cert-chain': 'str',
+ 'cbitpos': 'int',
+ 'reduced-phys-bits': 'int'} }
+
+##
+# @query-sev-capabilities:
+#
+# This command is used to get the SEV capabilities, and is supported on AMD
+# X86 platforms only.
+#
+# Returns: SevCapability objects.
+#
+# Since: 2.12
+#
+# Example:
+#
+# -> { "execute": "query-sev-capabilities" }
+# <- { "return": { "pdh": "8CCDD8DDD", "cert-chain": "888CCCDDDEE",
+# "cbitpos": 47, "reduced-phys-bits": 5}}
+#
+##
+{ 'command': 'query-sev-capabilities', 'returns': 'SevCapability' }
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index e5596bbc0fc2..33e6bade693b 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -737,3 +737,9 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
return info;
}
+
+SevCapability *qmp_query_sev_capabilities(Error **errp)
+{
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+}
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 27/28] sev/i386: add sev_get_capabilities()
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Richard Henderson,
Peter Crosthwaite, Paolo Bonzini
The function can be used to get the current SEV capabilities.
The capabilities include platform diffie-hellman key (pdh) and certificate
chain. The key can be provided to the external entities which wants to
establish a trusted channel between SEV firmware and guest owner.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/monitor.c | 11 +++++--
target/i386/sev-stub.c | 5 +++
target/i386/sev.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 1 +
4 files changed, 98 insertions(+), 2 deletions(-)
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 33e6bade693b..79fa9bd7a3e3 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -740,6 +740,13 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
SevCapability *qmp_query_sev_capabilities(Error **errp)
{
- error_setg(errp, "SEV feature is not available");
- return NULL;
+ SevCapability *data;
+
+ data = sev_get_capabilities();
+ if (!data) {
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+ }
+
+ return data;
}
diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
index 2f61c32ec975..59a003a4ebe6 100644
--- a/target/i386/sev-stub.c
+++ b/target/i386/sev-stub.c
@@ -44,3 +44,8 @@ char *sev_get_launch_measurement(void)
{
return NULL;
}
+
+SevCapability *sev_get_capabilities(void)
+{
+ return NULL;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 0eb2c855bc4d..f838cf7e3720 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -422,6 +422,89 @@ sev_get_info(void)
return info;
}
+static int
+sev_get_pdh_info(int fd, guchar **pdh, size_t *pdh_len, guchar **cert_chain,
+ size_t *cert_chain_len)
+{
+ guchar *pdh_data, *cert_chain_data;
+ struct sev_user_data_pdh_cert_export export = {};
+ int err, r;
+
+ /* query the certificate length */
+ r = sev_platform_ioctl(fd, SEV_PDH_CERT_EXPORT, &export, &err);
+ if (r < 0) {
+ if (err != SEV_RET_INVALID_LEN) {
+ error_report("failed to export PDH cert ret=%d fw_err=%d (%s)",
+ r, err, fw_error_to_str(err));
+ return 1;
+ }
+ }
+
+ pdh_data = g_new(guchar, export.pdh_cert_len);
+ cert_chain_data = g_new(guchar, export.cert_chain_len);
+ export.pdh_cert_address = (unsigned long)pdh_data;
+ export.cert_chain_address = (unsigned long)cert_chain_data;
+
+ r = sev_platform_ioctl(fd, SEV_PDH_CERT_EXPORT, &export, &err);
+ if (r < 0) {
+ error_report("failed to export PDH cert ret=%d fw_err=%d (%s)",
+ r, err, fw_error_to_str(err));
+ goto e_free;
+ }
+
+ *pdh = pdh_data;
+ *pdh_len = export.pdh_cert_len;
+ *cert_chain = cert_chain_data;
+ *cert_chain_len = export.cert_chain_len;
+ return 0;
+
+e_free:
+ g_free(pdh_data);
+ g_free(cert_chain_data);
+ return 1;
+}
+
+SevCapability *
+sev_get_capabilities(void)
+{
+ SevCapability *cap;
+ guchar *pdh_data, *cert_chain_data;
+ size_t pdh_len = 0, cert_chain_len = 0;
+ uint32_t ebx;
+ int fd;
+
+ fd = open(DEFAULT_SEV_DEVICE, O_RDWR);
+ if (fd < 0) {
+ error_report("%s: Failed to open %s '%s'", __func__,
+ DEFAULT_SEV_DEVICE, strerror(errno));
+ return NULL;
+ }
+
+ if (sev_get_pdh_info(fd, &pdh_data, &pdh_len,
+ &cert_chain_data, &cert_chain_len)) {
+ return NULL;
+ }
+
+ cap = g_new0(SevCapability, 1);
+ cap->pdh = g_base64_encode(pdh_data, pdh_len);
+ cap->cert_chain = g_base64_encode(cert_chain_data, cert_chain_len);
+
+ host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
+ cap->cbitpos = ebx & 0x3f;
+
+ /*
+ * When SEV feature is enabled, we loose one bit in guest physical
+ * addressing.
+ */
+ cap->reduced_phys_bits = 1;
+
+ g_free(pdh_data);
+ g_free(cert_chain_data);
+
+ close(fd);
+ return cap;
+}
+
static int
sev_read_file_base64(const char *filename, guchar **data, gsize *len)
{
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index c21d1f31d712..cd802e4b4178 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -43,6 +43,7 @@ extern SevInfo *sev_get_info(void);
extern uint32_t sev_get_cbit_position(void);
extern uint32_t sev_get_reduced_phys_bits(void);
extern char *sev_get_launch_measurement(void);
+extern SevCapability *sev_get_capabilities(void);
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 27/28] sev/i386: add sev_get_capabilities()
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh, Richard Henderson
The function can be used to get the current SEV capabilities.
The capabilities include platform diffie-hellman key (pdh) and certificate
chain. The key can be provided to the external entities which wants to
establish a trusted channel between SEV firmware and guest owner.
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
target/i386/monitor.c | 11 +++++--
target/i386/sev-stub.c | 5 +++
target/i386/sev.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++
target/i386/sev_i386.h | 1 +
4 files changed, 98 insertions(+), 2 deletions(-)
diff --git a/target/i386/monitor.c b/target/i386/monitor.c
index 33e6bade693b..79fa9bd7a3e3 100644
--- a/target/i386/monitor.c
+++ b/target/i386/monitor.c
@@ -740,6 +740,13 @@ SevLaunchMeasureInfo *qmp_query_sev_launch_measure(Error **errp)
SevCapability *qmp_query_sev_capabilities(Error **errp)
{
- error_setg(errp, "SEV feature is not available");
- return NULL;
+ SevCapability *data;
+
+ data = sev_get_capabilities();
+ if (!data) {
+ error_setg(errp, "SEV feature is not available");
+ return NULL;
+ }
+
+ return data;
}
diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c
index 2f61c32ec975..59a003a4ebe6 100644
--- a/target/i386/sev-stub.c
+++ b/target/i386/sev-stub.c
@@ -44,3 +44,8 @@ char *sev_get_launch_measurement(void)
{
return NULL;
}
+
+SevCapability *sev_get_capabilities(void)
+{
+ return NULL;
+}
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 0eb2c855bc4d..f838cf7e3720 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -422,6 +422,89 @@ sev_get_info(void)
return info;
}
+static int
+sev_get_pdh_info(int fd, guchar **pdh, size_t *pdh_len, guchar **cert_chain,
+ size_t *cert_chain_len)
+{
+ guchar *pdh_data, *cert_chain_data;
+ struct sev_user_data_pdh_cert_export export = {};
+ int err, r;
+
+ /* query the certificate length */
+ r = sev_platform_ioctl(fd, SEV_PDH_CERT_EXPORT, &export, &err);
+ if (r < 0) {
+ if (err != SEV_RET_INVALID_LEN) {
+ error_report("failed to export PDH cert ret=%d fw_err=%d (%s)",
+ r, err, fw_error_to_str(err));
+ return 1;
+ }
+ }
+
+ pdh_data = g_new(guchar, export.pdh_cert_len);
+ cert_chain_data = g_new(guchar, export.cert_chain_len);
+ export.pdh_cert_address = (unsigned long)pdh_data;
+ export.cert_chain_address = (unsigned long)cert_chain_data;
+
+ r = sev_platform_ioctl(fd, SEV_PDH_CERT_EXPORT, &export, &err);
+ if (r < 0) {
+ error_report("failed to export PDH cert ret=%d fw_err=%d (%s)",
+ r, err, fw_error_to_str(err));
+ goto e_free;
+ }
+
+ *pdh = pdh_data;
+ *pdh_len = export.pdh_cert_len;
+ *cert_chain = cert_chain_data;
+ *cert_chain_len = export.cert_chain_len;
+ return 0;
+
+e_free:
+ g_free(pdh_data);
+ g_free(cert_chain_data);
+ return 1;
+}
+
+SevCapability *
+sev_get_capabilities(void)
+{
+ SevCapability *cap;
+ guchar *pdh_data, *cert_chain_data;
+ size_t pdh_len = 0, cert_chain_len = 0;
+ uint32_t ebx;
+ int fd;
+
+ fd = open(DEFAULT_SEV_DEVICE, O_RDWR);
+ if (fd < 0) {
+ error_report("%s: Failed to open %s '%s'", __func__,
+ DEFAULT_SEV_DEVICE, strerror(errno));
+ return NULL;
+ }
+
+ if (sev_get_pdh_info(fd, &pdh_data, &pdh_len,
+ &cert_chain_data, &cert_chain_len)) {
+ return NULL;
+ }
+
+ cap = g_new0(SevCapability, 1);
+ cap->pdh = g_base64_encode(pdh_data, pdh_len);
+ cap->cert_chain = g_base64_encode(cert_chain_data, cert_chain_len);
+
+ host_cpuid(0x8000001F, 0, NULL, &ebx, NULL, NULL);
+ cap->cbitpos = ebx & 0x3f;
+
+ /*
+ * When SEV feature is enabled, we loose one bit in guest physical
+ * addressing.
+ */
+ cap->reduced_phys_bits = 1;
+
+ g_free(pdh_data);
+ g_free(cert_chain_data);
+
+ close(fd);
+ return cap;
+}
+
static int
sev_read_file_base64(const char *filename, guchar **data, gsize *len)
{
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index c21d1f31d712..cd802e4b4178 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -43,6 +43,7 @@ extern SevInfo *sev_get_info(void);
extern uint32_t sev_get_cbit_position(void);
extern uint32_t sev_get_reduced_phys_bits(void);
extern char *sev_get_launch_measurement(void);
+extern SevCapability *sev_get_capabilities(void);
typedef struct QSevGuestInfo QSevGuestInfo;
typedef struct QSevGuestInfoClass QSevGuestInfoClass;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [PATCH v11 28/28] tests/qmp-test: blacklist sev specific qmp commands
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 16:50 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Brijesh Singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Dr. David Alan Gilbert,
Alistair Francis, Cornelia Huck, Peter Crosthwaite,
Paolo Bonzini
Blacklist the following commands to fix the 'make check' failure.
query-sev-launch-measure: it returns meaninful data only when we launch
SEV guest otherwise the command returns an error.
query-sev: it return an error when SEV is not available on host (e.g non
X86 platform or KVM is disabled at the build time)
query-sev-capabilities: it returns an error when SEV feature is not
available on host machine.
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
tests/qmp-test.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/qmp-test.c b/tests/qmp-test.c
index 22445d9ec258..7470c6b754bc 100644
--- a/tests/qmp-test.c
+++ b/tests/qmp-test.c
@@ -204,6 +204,11 @@ static bool query_is_blacklisted(const char *cmd)
"query-gic-capabilities", /* arm */
/* Success depends on target-specific build configuration: */
"query-pci", /* CONFIG_PCI */
+ /* Success depends on launching SEV guest */
+ "query-sev-launch-measure",
+ /* Success depends on Host or Hypervisor SEV support */
+ "query-sev",
+ "query-sev-capabilities",
NULL
};
int i;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* [Qemu-devel] [PATCH v11 28/28] tests/qmp-test: blacklist sev specific qmp commands
@ 2018-03-07 16:50 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 16:50 UTC (permalink / raw)
To: qemu-devel
Cc: Alistair Francis, Christian Borntraeger, Cornelia Huck,
Daniel P . Berrange, Dr. David Alan Gilbert, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Brijesh Singh
Blacklist the following commands to fix the 'make check' failure.
query-sev-launch-measure: it returns meaninful data only when we launch
SEV guest otherwise the command returns an error.
query-sev: it return an error when SEV is not available on host (e.g non
X86 platform or KVM is disabled at the build time)
query-sev-capabilities: it returns an error when SEV feature is not
available on host machine.
Cc: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>
Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
tests/qmp-test.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tests/qmp-test.c b/tests/qmp-test.c
index 22445d9ec258..7470c6b754bc 100644
--- a/tests/qmp-test.c
+++ b/tests/qmp-test.c
@@ -204,6 +204,11 @@ static bool query_is_blacklisted(const char *cmd)
"query-gic-capabilities", /* arm */
/* Success depends on target-specific build configuration: */
"query-pci", /* CONFIG_PCI */
+ /* Success depends on launching SEV guest */
+ "query-sev-launch-measure",
+ /* Success depends on Host or Hypervisor SEV support */
+ "query-sev",
+ "query-sev-capabilities",
NULL
};
int i;
--
2.14.3
^ permalink raw reply related [flat|nested] 74+ messages in thread
* Re: [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 17:24 ` no-reply
-1 siblings, 0 replies; 74+ messages in thread
From: no-reply @ 2018-03-07 17:24 UTC (permalink / raw)
To: brijesh.singh
Cc: peter.maydell, brijesh.singh, kvm, mst, stefanha, qemu-devel,
armbru, edgar.iglesias, agraf, brogers, borntraeger, marcel, bp,
Thomas.Lendacky, famz, ehabkost, richard.henderson, dgilbert,
alistair.francis, cornelia.huck, crosthwaite.peter, pbonzini
Hi,
This series failed docker-mingw@fedora build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
Type: series
Message-id: 20180307165038.88640-1-brijesh.singh@amd.com
Subject: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
# Let docker tests dump environment info
export SHOW_ENV=1
export J=8
time make docker-test-mingw@fedora
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
4fbea75df6 tests/qmp-test: blacklist sev specific qmp commands
dee06afe23 sev/i386: add sev_get_capabilities()
4bc4467cbd qmp: add query-sev-capabilities command
b96190fd71 cpu/i386: populate CPUID 0x8000_001F when SEV is active
3c60cdc4ec sev/i386: add migration blocker
a9ab0a27b2 qmp: add query-sev-launch-measure command
7a9005e7b3 target/i386: clear C-bit when walking SEV guest page table
1758f0ec5d sev/i386: add debug encrypt and decrypt commands
31a61f5fe9 hw/i386: set ram_debug_ops when memory encryption is enabled
346e90b176 sev/i386: finalize the SEV guest launch flow
38cf6ff868 sev/i386: add support to LAUNCH_MEASURE command
a9df6d98ec target/i386: encrypt bios rom
baa46b9faf sev/i386: add command to encrypt guest memory region
41354b73a4 sev/i386: add command to create launch memory encryption context
4d35f32583 hmp: add 'info sev' command
16598f2cc1 kvm: introduce memory encryption APIs
36b000c77c sev/i386: register the guest memory range which may contain encrypted data
435a482830 sev/i386: add command to initialize the memory encryption context
1c37bac2fa include: add psp-sev.h header file
ea9d68aad5 qmp: add query-sev command
e85ff63940 target/i386: add Secure Encrypted Virtulization (SEV) object
9605c92f32 docs: add AMD Secure Encrypted Virtualization (SEV)
52514277fb kvm: update kvm.h to include memory encryption ioctls
2398a21fbd machine: add -memory-encryption property
40ba67a92d monitor/i386: use debug APIs when accessing guest memory
7a060f2310 exec: add debug version of physical memory read and write API
6533e78730 exec: add ram_debug_ops support
94ffe21118 memattrs: add debug attribute
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/dtc'...
Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
BUILD fedora
make[1]: Entering directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
GEN /var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot'...
done.
Checking out files: 45% (2690/5948)
Checking out files: 46% (2737/5948)
Checking out files: 47% (2796/5948)
Checking out files: 48% (2856/5948)
Checking out files: 49% (2915/5948)
Checking out files: 50% (2974/5948)
Checking out files: 51% (3034/5948)
Checking out files: 52% (3093/5948)
Checking out files: 53% (3153/5948)
Checking out files: 54% (3212/5948)
Checking out files: 55% (3272/5948)
Checking out files: 56% (3331/5948)
Checking out files: 57% (3391/5948)
Checking out files: 58% (3450/5948)
Checking out files: 59% (3510/5948)
Checking out files: 60% (3569/5948)
Checking out files: 61% (3629/5948)
Checking out files: 62% (3688/5948)
Checking out files: 63% (3748/5948)
Checking out files: 64% (3807/5948)
Checking out files: 65% (3867/5948)
Checking out files: 66% (3926/5948)
Checking out files: 67% (3986/5948)
Checking out files: 68% (4045/5948)
Checking out files: 69% (4105/5948)
Checking out files: 70% (4164/5948)
Checking out files: 71% (4224/5948)
Checking out files: 72% (4283/5948)
Checking out files: 73% (4343/5948)
Checking out files: 74% (4402/5948)
Checking out files: 75% (4461/5948)
Checking out files: 76% (4521/5948)
Checking out files: 77% (4580/5948)
Checking out files: 78% (4640/5948)
Checking out files: 79% (4699/5948)
Checking out files: 80% (4759/5948)
Checking out files: 81% (4818/5948)
Checking out files: 82% (4878/5948)
Checking out files: 83% (4937/5948)
Checking out files: 84% (4997/5948)
Checking out files: 85% (5056/5948)
Checking out files: 86% (5116/5948)
Checking out files: 87% (5175/5948)
Checking out files: 88% (5235/5948)
Checking out files: 89% (5294/5948)
Checking out files: 90% (5354/5948)
Checking out files: 91% (5413/5948)
Checking out files: 92% (5473/5948)
Checking out files: 93% (5532/5948)
Checking out files: 94% (5592/5948)
Checking out files: 95% (5651/5948)
Checking out files: 96% (5711/5948)
Checking out files: 97% (5770/5948)
Checking out files: 98% (5830/5948)
Checking out files: 99% (5889/5948)
Checking out files: 100% (5948/5948)
Checking out files: 100% (5948/5948), done.
Your branch is up-to-date with 'origin/test'.
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/dtc'...
Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
Submodule 'ui/keycodemapdb' (git://git.qemu.org/keycodemapdb.git) registered for path 'ui/keycodemapdb'
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/ui/keycodemapdb'...
Submodule path 'ui/keycodemapdb': checked out '6b3d716e2b6472eb7189d3220552280ef3d832ce'
COPY RUNNER
RUN test-mingw in qemu:fedora
Packages installed:
PyYAML-3.12-5.fc27.x86_64
SDL-devel-1.2.15-29.fc27.x86_64
bc-1.07.1-3.fc27.x86_64
bison-3.0.4-8.fc27.x86_64
bzip2-1.0.6-24.fc27.x86_64
ccache-3.3.5-1.fc27.x86_64
clang-5.0.1-1.fc27.x86_64
findutils-4.6.0-14.fc27.x86_64
flex-2.6.1-5.fc27.x86_64
gcc-7.3.1-2.fc27.x86_64
gcc-c++-7.3.1-2.fc27.x86_64
gettext-0.19.8.1-12.fc27.x86_64
git-2.14.3-2.fc27.x86_64
glib2-devel-2.54.3-2.fc27.x86_64
hostname-3.18-4.fc27.x86_64
libaio-devel-0.3.110-9.fc27.x86_64
libasan-7.3.1-2.fc27.x86_64
libfdt-devel-1.4.6-1.fc27.x86_64
libubsan-7.3.1-2.fc27.x86_64
make-4.2.1-4.fc27.x86_64
mingw32-SDL-1.2.15-9.fc27.noarch
mingw32-bzip2-1.0.6-9.fc27.noarch
mingw32-curl-7.54.1-2.fc27.noarch
mingw32-glib2-2.54.1-1.fc27.noarch
mingw32-gmp-6.1.2-2.fc27.noarch
mingw32-gnutls-3.5.13-2.fc27.noarch
mingw32-gtk2-2.24.31-4.fc27.noarch
mingw32-gtk3-3.22.16-1.fc27.noarch
mingw32-libjpeg-turbo-1.5.1-3.fc27.noarch
mingw32-libpng-1.6.29-2.fc27.noarch
mingw32-libssh2-1.8.0-3.fc27.noarch
mingw32-libtasn1-4.13-1.fc27.noarch
mingw32-nettle-3.3-3.fc27.noarch
mingw32-pixman-0.34.0-3.fc27.noarch
mingw32-pkg-config-0.28-9.fc27.x86_64
mingw64-SDL-1.2.15-9.fc27.noarch
mingw64-bzip2-1.0.6-9.fc27.noarch
mingw64-curl-7.54.1-2.fc27.noarch
mingw64-glib2-2.54.1-1.fc27.noarch
mingw64-gmp-6.1.2-2.fc27.noarch
mingw64-gnutls-3.5.13-2.fc27.noarch
mingw64-gtk2-2.24.31-4.fc27.noarch
mingw64-gtk3-3.22.16-1.fc27.noarch
mingw64-libjpeg-turbo-1.5.1-3.fc27.noarch
mingw64-libpng-1.6.29-2.fc27.noarch
mingw64-libssh2-1.8.0-3.fc27.noarch
mingw64-libtasn1-4.13-1.fc27.noarch
mingw64-nettle-3.3-3.fc27.noarch
mingw64-pixman-0.34.0-3.fc27.noarch
mingw64-pkg-config-0.28-9.fc27.x86_64
nettle-devel-3.4-1.fc27.x86_64
perl-5.26.1-402.fc27.x86_64
pixman-devel-0.34.0-4.fc27.x86_64
python3-3.6.2-13.fc27.x86_64
sparse-0.5.1-2.fc27.x86_64
tar-1.29-7.fc27.x86_64
which-2.21-4.fc27.x86_64
zlib-devel-1.2.11-4.fc27.x86_64
Environment variables:
TARGET_LIST=
PACKAGES=ccache gettext git tar PyYAML sparse flex bison python3 bzip2 hostname glib2-devel pixman-devel zlib-devel SDL-devel libfdt-devel gcc gcc-c++ clang make perl which bc findutils libaio-devel nettle-devel libasan libubsan mingw32-pixman mingw32-glib2 mingw32-gmp mingw32-SDL mingw32-pkg-config mingw32-gtk2 mingw32-gtk3 mingw32-gnutls mingw32-nettle mingw32-libtasn1 mingw32-libjpeg-turbo mingw32-libpng mingw32-curl mingw32-libssh2 mingw32-bzip2 mingw64-pixman mingw64-glib2 mingw64-gmp mingw64-SDL mingw64-pkg-config mingw64-gtk2 mingw64-gtk3 mingw64-gnutls mingw64-nettle mingw64-libtasn1 mingw64-libjpeg-turbo mingw64-libpng mingw64-curl mingw64-libssh2 mingw64-bzip2
J=8
V=
HOSTNAME=939c73c338e1
DEBUG=
SHOW_ENV=1
PWD=/
HOME=/root
CCACHE_DIR=/var/tmp/ccache
DISTTAG=f27container
QEMU_CONFIGURE_OPTS=--python=/usr/bin/python3
FGC=f27
TEST_DIR=/tmp/qemu-test
SHLVL=1
FEATURES=mingw clang pyyaml asan dtc
PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
MAKEFLAGS= -j8
EXTRA_CONFIGURE_OPTS=
_=/usr/bin/env
Configure options:
--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/tmp/qemu-test/install --python=/usr/bin/python3 --cross-prefix=x86_64-w64-mingw32- --enable-trace-backends=simple --enable-gnutls --enable-nettle --enable-curl --enable-vnc --enable-bzip2 --enable-guest-agent --with-sdlabi=1.2 --with-gtkabi=2.0
Install prefix /tmp/qemu-test/install
BIOS directory /tmp/qemu-test/install
firmware path /tmp/qemu-test/install/share/qemu-firmware
binary directory /tmp/qemu-test/install
library directory /tmp/qemu-test/install/lib
module directory /tmp/qemu-test/install/lib
libexec directory /tmp/qemu-test/install/libexec
include directory /tmp/qemu-test/install/include
config directory /tmp/qemu-test/install
local state directory queried at runtime
Windows SDK no
Source path /tmp/qemu-test/src
GIT binary git
GIT submodules
C compiler x86_64-w64-mingw32-gcc
Host C compiler cc
C++ compiler x86_64-w64-mingw32-g++
Objective-C compiler clang
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
QEMU_CFLAGS -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/pixman-1 -I$(SRC_PATH)/dtc/libfdt -Werror -DHAS_LIBSSH2_SFTP_FSYNC -mms-bitfields -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/glib-2.0 -I/usr/x86_64-w64-mingw32/sys-root/mingw/lib/glib-2.0/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -m64 -mcx16 -mthreads -D__USE_MINGW_ANSI_STDIO=1 -DWIN32_LEAN_AND_MEAN -DWINVER=0x501 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wexpansion-to-defined -Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-strong -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/p11-kit-1 -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/libpng16
LDFLAGS -Wl,--nxcompat -Wl,--no-seh -Wl,--dynamicbase -Wl,--warn-common -m64 -g
make make
install install
python /usr/bin/python3 -B
smbd /usr/sbin/smbd
module support no
host CPU x86_64
host big endian no
target list x86_64-softmmu aarch64-softmmu
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
SDL support yes (1.2.15)
GTK support yes (2.24.31)
GTK GL support no
VTE support no
TLS priority NORMAL
GNUTLS support yes
GNUTLS rnd yes
libgcrypt no
libgcrypt kdf no
nettle yes (3.3)
nettle kdf yes
libtasn1 yes
curses support no
virgl support no
curl support yes
mingw32 support yes
Audio drivers dsound
Block whitelist (rw)
Block whitelist (ro)
VirtFS support no
Multipath support no
VNC support yes
VNC SASL support no
VNC JPEG support yes
VNC PNG support yes
xen support no
brlapi support no
bluez support no
Documentation no
PIE no
vde support no
netmap support no
Linux AIO support no
ATTR/XATTR support no
Install blobs yes
KVM support no
HAX support yes
HVF support no
WHPX support no
TCG support yes
TCG debug enabled no
TCG interpreter no
malloc trim support no
RDMA support no
fdt support yes
preadv support no
fdatasync no
madvise no
posix_madvise no
posix_memalign no
libcap-ng support no
vhost-net support no
vhost-crypto support no
vhost-scsi support no
vhost-vsock support no
vhost-user support no
Trace backends simple
Trace output file trace-<pid>
spice support no
rbd support no
xfsctl support no
smartcard support no
libusb no
usb net redir no
OpenGL support no
OpenGL dmabufs no
libiscsi support no
libnfs support no
build guest agent yes
QGA VSS support no
QGA w32 disk info yes
QGA MSI support no
seccomp support no
coroutine backend win32
coroutine pool yes
debug stack usage no
crypto afalg no
GlusterFS support no
gcov gcov
gcov enabled no
TPM support yes
libssh2 support yes
TPM passthrough no
TPM emulator no
QOM debugging yes
Live block migration yes
lzo support no
snappy support no
bzip2 support yes
NUMA host support no
libxml2 no
tcmalloc support no
jemalloc support no
avx2 optimization yes
replication support yes
VxHS block device no
capstone no
WARNING: Use of GTK 2.0 is deprecated and will be removed in
WARNING: future releases. Please switch to using GTK 3.0
WARNING: Use of SDL 1.2 is deprecated and will be removed in
WARNING: future releases. Please switch to using SDL 2.0
mkdir -p dtc/libfdt
mkdir -p dtc/tests
GEN x86_64-softmmu/config-devices.mak.tmp
GEN aarch64-softmmu/config-devices.mak.tmp
GEN config-host.h
GEN qemu-options.def
GEN qapi-gen
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
GEN x86_64-softmmu/config-devices.mak
GEN aarch64-softmmu/config-devices.mak
GEN trace/generated-helpers.c
GEN module_block.h
GEN ui/input-keymap-atset1-to-qcode.c
GEN ui/input-keymap-linux-to-qcode.c
GEN ui/input-keymap-qcode-to-atset1.c
GEN ui/input-keymap-qcode-to-atset2.c
GEN ui/input-keymap-qcode-to-atset3.c
GEN ui/input-keymap-qcode-to-linux.c
GEN ui/input-keymap-qcode-to-qnum.c
GEN ui/input-keymap-qcode-to-sun.c
GEN ui/input-keymap-qnum-to-qcode.c
GEN ui/input-keymap-usb-to-qcode.c
GEN ui/input-keymap-win32-to-qcode.c
GEN ui/input-keymap-x11-to-qcode.c
GEN ui/input-keymap-xorgevdev-to-qcode.c
GEN ui/input-keymap-xorgkbd-to-qcode.c
GEN ui/input-keymap-xorgxquartz-to-qcode.c
GEN ui/input-keymap-xorgxwin-to-qcode.c
GEN tests/test-qapi-gen
GEN trace-root.h
GEN util/trace.h
GEN crypto/trace.h
GEN io/trace.h
GEN migration/trace.h
GEN block/trace.h
GEN chardev/trace.h
GEN hw/block/trace.h
GEN hw/block/dataplane/trace.h
GEN hw/char/trace.h
GEN hw/intc/trace.h
GEN hw/net/trace.h
GEN hw/rdma/trace.h
GEN hw/rdma/vmw/trace.h
GEN hw/virtio/trace.h
GEN hw/audio/trace.h
GEN hw/misc/trace.h
GEN hw/misc/macio/trace.h
GEN hw/usb/trace.h
GEN hw/scsi/trace.h
GEN hw/nvram/trace.h
GEN hw/display/trace.h
GEN hw/input/trace.h
GEN hw/timer/trace.h
GEN hw/dma/trace.h
GEN hw/sparc/trace.h
GEN hw/sparc64/trace.h
GEN hw/sd/trace.h
GEN hw/isa/trace.h
GEN hw/mem/trace.h
GEN hw/i386/trace.h
GEN hw/i386/xen/trace.h
GEN hw/9pfs/trace.h
GEN hw/ppc/trace.h
GEN hw/pci/trace.h
GEN hw/pci-host/trace.h
GEN hw/s390x/trace.h
GEN hw/vfio/trace.h
GEN hw/acpi/trace.h
GEN hw/arm/trace.h
GEN hw/alpha/trace.h
GEN hw/hppa/trace.h
GEN hw/xen/trace.h
GEN hw/ide/trace.h
GEN ui/trace.h
GEN audio/trace.h
GEN net/trace.h
GEN target/arm/trace.h
GEN target/i386/trace.h
GEN target/mips/trace.h
GEN target/sparc/trace.h
GEN target/s390x/trace.h
GEN target/ppc/trace.h
GEN qom/trace.h
GEN linux-user/trace.h
GEN qapi/trace.h
GEN accel/tcg/trace.h
GEN accel/kvm/trace.h
GEN nbd/trace.h
GEN scsi/trace.h
GEN trace-root.c
GEN util/trace.c
GEN crypto/trace.c
GEN io/trace.c
GEN migration/trace.c
GEN block/trace.c
GEN chardev/trace.c
GEN hw/block/trace.c
GEN hw/block/dataplane/trace.c
GEN hw/char/trace.c
GEN hw/intc/trace.c
GEN hw/net/trace.c
GEN hw/rdma/trace.c
GEN hw/rdma/vmw/trace.c
GEN hw/virtio/trace.c
GEN hw/audio/trace.c
GEN hw/misc/trace.c
GEN hw/misc/macio/trace.c
GEN hw/usb/trace.c
GEN hw/scsi/trace.c
GEN hw/nvram/trace.c
GEN hw/display/trace.c
GEN hw/input/trace.c
GEN hw/timer/trace.c
GEN hw/dma/trace.c
GEN hw/sparc/trace.c
GEN hw/sparc64/trace.c
GEN hw/sd/trace.c
GEN hw/isa/trace.c
GEN hw/mem/trace.c
GEN hw/i386/trace.c
GEN hw/i386/xen/trace.c
GEN hw/9pfs/trace.c
GEN hw/ppc/trace.c
GEN hw/pci/trace.c
GEN hw/pci-host/trace.c
GEN hw/s390x/trace.c
GEN hw/vfio/trace.c
GEN hw/acpi/trace.c
GEN hw/arm/trace.c
GEN hw/alpha/trace.c
GEN hw/hppa/trace.c
GEN hw/xen/trace.c
GEN hw/ide/trace.c
GEN ui/trace.c
GEN audio/trace.c
GEN net/trace.c
GEN target/arm/trace.c
GEN target/i386/trace.c
GEN target/mips/trace.c
GEN target/sparc/trace.c
GEN target/s390x/trace.c
GEN target/ppc/trace.c
GEN qom/trace.c
GEN linux-user/trace.c
GEN qapi/trace.c
GEN accel/tcg/trace.c
GEN accel/kvm/trace.c
GEN nbd/trace.c
GEN scsi/trace.c
GEN config-all-devices.mak
DEP /tmp/qemu-test/src/dtc/tests/dumptrees.c
DEP /tmp/qemu-test/src/dtc/tests/trees.S
DEP /tmp/qemu-test/src/dtc/tests/testutils.c
DEP /tmp/qemu-test/src/dtc/tests/value-labels.c
DEP /tmp/qemu-test/src/dtc/tests/asm_tree_dump.c
DEP /tmp/qemu-test/src/dtc/tests/truncated_property.c
DEP /tmp/qemu-test/src/dtc/tests/check_path.c
DEP /tmp/qemu-test/src/dtc/tests/overlay_bad_fixup.c
DEP /tmp/qemu-test/src/dtc/tests/overlay.c
DEP /tmp/qemu-test/src/dtc/tests/subnode_iterate.c
DEP /tmp/qemu-test/src/dtc/tests/property_iterate.c
DEP /tmp/qemu-test/src/dtc/tests/integer-expressions.c
DEP /tmp/qemu-test/src/dtc/tests/utilfdt_test.c
DEP /tmp/qemu-test/src/dtc/tests/path_offset_aliases.c
DEP /tmp/qemu-test/src/dtc/tests/add_subnode_with_nops.c
DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_unordered.c
DEP /tmp/qemu-test/src/dtc/tests/dtb_reverse.c
DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_ordered.c
DEP /tmp/qemu-test/src/dtc/tests/extra-terminating-null.c
DEP /tmp/qemu-test/src/dtc/tests/incbin.c
DEP /tmp/qemu-test/src/dtc/tests/boot-cpuid.c
DEP /tmp/qemu-test/src/dtc/tests/phandle_format.c
DEP /tmp/qemu-test/src/dtc/tests/path-references.c
DEP /tmp/qemu-test/src/dtc/tests/references.c
DEP /tmp/qemu-test/src/dtc/tests/propname_escapes.c
DEP /tmp/qemu-test/src/dtc/tests/string_escapes.c
DEP /tmp/qemu-test/src/dtc/tests/appendprop2.c
DEP /tmp/qemu-test/src/dtc/tests/appendprop1.c
DEP /tmp/qemu-test/src/dtc/tests/del_node.c
DEP /tmp/qemu-test/src/dtc/tests/setprop.c
DEP /tmp/qemu-test/src/dtc/tests/del_property.c
DEP /tmp/qemu-test/src/dtc/tests/set_name.c
DEP /tmp/qemu-test/src/dtc/tests/rw_tree1.c
DEP /tmp/qemu-test/src/dtc/tests/open_pack.c
DEP /tmp/qemu-test/src/dtc/tests/nopulate.c
DEP /tmp/qemu-test/src/dtc/tests/mangle-layout.c
DEP /tmp/qemu-test/src/dtc/tests/move_and_save.c
DEP /tmp/qemu-test/src/dtc/tests/sw_tree1.c
DEP /tmp/qemu-test/src/dtc/tests/nop_node.c
DEP /tmp/qemu-test/src/dtc/tests/nop_property.c
DEP /tmp/qemu-test/src/dtc/tests/setprop_inplace.c
DEP /tmp/qemu-test/src/dtc/tests/stringlist.c
DEP /tmp/qemu-test/src/dtc/tests/addr_size_cells.c
DEP /tmp/qemu-test/src/dtc/tests/notfound.c
DEP /tmp/qemu-test/src/dtc/tests/sized_cells.c
DEP /tmp/qemu-test/src/dtc/tests/char_literal.c
DEP /tmp/qemu-test/src/dtc/tests/get_alias.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_compatible.c
DEP /tmp/qemu-test/src/dtc/tests/node_check_compatible.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_phandle.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_prop_value.c
DEP /tmp/qemu-test/src/dtc/tests/parent_offset.c
DEP /tmp/qemu-test/src/dtc/tests/supernode_atdepth_offset.c
DEP /tmp/qemu-test/src/dtc/tests/get_path.c
DEP /tmp/qemu-test/src/dtc/tests/get_phandle.c
DEP /tmp/qemu-test/src/dtc/tests/getprop.c
DEP /tmp/qemu-test/src/dtc/tests/get_name.c
DEP /tmp/qemu-test/src/dtc/tests/path_offset.c
DEP /tmp/qemu-test/src/dtc/tests/subnode_offset.c
DEP /tmp/qemu-test/src/dtc/tests/root_node.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_overlay.c
DEP /tmp/qemu-test/src/dtc/tests/find_property.c
DEP /tmp/qemu-test/src/dtc/tests/get_mem_rsv.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_addresses.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_empty_tree.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_strerror.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_rw.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_sw.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_wip.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_ro.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt.c
DEP /tmp/qemu-test/src/dtc/util.c
DEP /tmp/qemu-test/src/dtc/fdtoverlay.c
DEP /tmp/qemu-test/src/dtc/fdtput.c
DEP /tmp/qemu-test/src/dtc/fdtget.c
DEP /tmp/qemu-test/src/dtc/fdtdump.c
LEX convert-dtsv0-lexer.lex.c
DEP /tmp/qemu-test/src/dtc/srcpos.c
BISON dtc-parser.tab.c
LEX dtc-lexer.lex.c
DEP /tmp/qemu-test/src/dtc/treesource.c
DEP /tmp/qemu-test/src/dtc/livetree.c
DEP /tmp/qemu-test/src/dtc/fstree.c
DEP /tmp/qemu-test/src/dtc/flattree.c
DEP /tmp/qemu-test/src/dtc/dtc.c
DEP /tmp/qemu-test/src/dtc/data.c
DEP /tmp/qemu-test/src/dtc/checks.c
DEP convert-dtsv0-lexer.lex.c
DEP dtc-lexer.lex.c
DEP dtc-parser.tab.c
CHK version_gen.h
UPD version_gen.h
DEP /tmp/qemu-test/src/dtc/util.c
CC libfdt/fdt.o
CC libfdt/fdt_ro.o
CC libfdt/fdt_wip.o
CC libfdt/fdt_sw.o
CC libfdt/fdt_empty_tree.o
CC libfdt/fdt_rw.o
CC libfdt/fdt_strerror.o
CC libfdt/fdt_addresses.o
CC libfdt/fdt_overlay.o
AR libfdt/libfdt.a
x86_64-w64-mingw32-ar: creating libfdt/libfdt.a
a - libfdt/fdt.o
a - libfdt/fdt_ro.o
a - libfdt/fdt_wip.o
a - libfdt/fdt_sw.o
a - libfdt/fdt_rw.o
a - libfdt/fdt_strerror.o
a - libfdt/fdt_empty_tree.o
a - libfdt/fdt_addresses.o
a - libfdt/fdt_overlay.o
RC version.o
mkdir -p dtc/libfdt
mkdir -p dtc/tests
GEN qga/qapi-generated/qapi-gen
CC qapi/qapi-types.o
CC qapi/qapi-types-block-core.o
CC qapi/qapi-builtin-types.o
CC qapi/qapi-types-char.o
CC qapi/qapi-types-block.o
CC qapi/qapi-types-common.o
CC qapi/qapi-types-crypto.o
CC qapi/qapi-types-introspect.o
CC qapi/qapi-types-misc.o
CC qapi/qapi-types-migration.o
CC qapi/qapi-types-net.o
CC qapi/qapi-types-rocker.o
CC qapi/qapi-types-run-state.o
CC qapi/qapi-types-sockets.o
CC qapi/qapi-types-tpm.o
CC qapi/qapi-types-trace.o
CC qapi/qapi-types-transaction.o
CC qapi/qapi-types-ui.o
CC qapi/qapi-builtin-visit.o
CC qapi/qapi-visit.o
CC qapi/qapi-visit-block-core.o
CC qapi/qapi-visit-char.o
CC qapi/qapi-visit-block.o
CC qapi/qapi-visit-common.o
CC qapi/qapi-visit-crypto.o
CC qapi/qapi-visit-introspect.o
CC qapi/qapi-visit-migration.o
CC qapi/qapi-visit-misc.o
CC qapi/qapi-visit-net.o
CC qapi/qapi-visit-rocker.o
CC qapi/qapi-visit-run-state.o
CC qapi/qapi-visit-sockets.o
CC qapi/qapi-visit-tpm.o
CC qapi/qapi-visit-transaction.o
CC qapi/qapi-visit-trace.o
CC qapi/qapi-visit-ui.o
CC qapi/qapi-events.o
CC qapi/qapi-events-block-core.o
CC qapi/qapi-events-block.o
CC qapi/qapi-events-char.o
CC qapi/qapi-events-common.o
CC qapi/qapi-events-crypto.o
CC qapi/qapi-events-introspect.o
CC qapi/qapi-events-migration.o
CC qapi/qapi-events-misc.o
CC qapi/qapi-events-net.o
CC qapi/qapi-events-rocker.o
CC qapi/qapi-events-run-state.o
CC qapi/qapi-events-sockets.o
CC qapi/qapi-events-tpm.o
CC qapi/qapi-events-trace.o
CC qapi/qapi-events-transaction.o
CC qapi/qapi-events-ui.o
CC qapi/qapi-introspect.o
CC qapi/qapi-visit-core.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qobject-input-visitor.o
CC qapi/qobject-output-visitor.o
CC qapi/qmp-registry.o
CC qapi/qmp-dispatch.o
CC qapi/string-input-visitor.o
CC qapi/string-output-visitor.o
CC qapi/opts-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qnum.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qbool.o
CC qobject/qlist.o
CC qobject/qlit.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
CC trace/simple.o
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/bufferiszero.o
CC util/lockcnt.o
CC util/aiocb.o
CC util/async.o
CC util/aio-wait.o
CC util/thread-pool.o
CC util/qemu-timer.o
CC util/main-loop.o
CC util/iohandler.o
CC util/aio-win32.o
CC util/event_notifier-win32.o
CC util/oslib-win32.o
CC util/qemu-thread-win32.o
CC util/envlist.o
CC util/path.o
CC util/module.o
CC util/host-utils.o
CC util/bitmap.o
CC util/bitops.o
CC util/hbitmap.o
CC util/fifo8.o
CC util/acl.o
CC util/cacheinfo.o
CC util/error.o
CC util/qemu-error.o
CC util/id.o
CC util/iov.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/qemu-progress.o
CC util/keyval.o
CC util/hexdump.o
CC util/crc32c.o
CC util/throttle.o
CC util/uuid.o
CC util/getauxval.o
CC util/readline.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-win32.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/pagesize.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC util/stats64.o
CC util/systemd.o
CC trace-root.o
CC util/trace.o
CC crypto/trace.o
CC io/trace.o
CC migration/trace.o
CC block/trace.o
CC chardev/trace.o
CC hw/block/trace.o
CC hw/block/dataplane/trace.o
CC hw/char/trace.o
CC hw/intc/trace.o
CC hw/net/trace.o
CC hw/rdma/trace.o
CC hw/rdma/vmw/trace.o
CC hw/virtio/trace.o
CC hw/audio/trace.o
CC hw/misc/trace.o
CC hw/misc/macio/trace.o
CC hw/usb/trace.o
CC hw/scsi/trace.o
CC hw/nvram/trace.o
CC hw/display/trace.o
CC hw/input/trace.o
CC hw/timer/trace.o
CC hw/dma/trace.o
CC hw/sparc/trace.o
CC hw/sparc64/trace.o
CC hw/sd/trace.o
CC hw/isa/trace.o
CC hw/mem/trace.o
CC hw/i386/trace.o
CC hw/i386/xen/trace.o
CC hw/9pfs/trace.o
CC hw/ppc/trace.o
CC hw/pci/trace.o
CC hw/pci-host/trace.o
CC hw/s390x/trace.o
CC hw/vfio/trace.o
CC hw/acpi/trace.o
CC hw/arm/trace.o
CC hw/alpha/trace.o
CC hw/hppa/trace.o
CC hw/xen/trace.o
CC hw/ide/trace.o
CC ui/trace.o
CC audio/trace.o
CC net/trace.o
CC target/arm/trace.o
CC target/i386/trace.o
CC target/mips/trace.o
CC target/sparc/trace.o
CC target/s390x/trace.o
CC target/ppc/trace.o
CC qom/trace.o
CC linux-user/trace.o
CC qapi/trace.o
CC accel/tcg/trace.o
CC accel/kvm/trace.o
CC nbd/trace.o
CC scsi/trace.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
CC stubs/arch-query-cpu-model-expansion.o
CC stubs/arch-query-cpu-model-comparison.o
CC stubs/arch-query-cpu-model-baseline.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
CC stubs/clock-warp.o
CC stubs/cpu-get-clock.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/error-printf.o
CC stubs/fdset.o
CC stubs/gdbstub.o
CC stubs/get-vm-name.o
CC stubs/iothread.o
CC stubs/iothread-lock.o
CC stubs/is-daemonized.o
CC stubs/machine-init-done.o
CC stubs/migr-blocker.o
CC stubs/change-state-handler.o
CC stubs/monitor.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/runstate-check.o
CC stubs/set-fd-handler.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/tpm.o
CC stubs/trace-control.o
CC stubs/uuid.o
CC stubs/vm-stop.o
CC stubs/vmstate.o
CC stubs/fd-register.o
CC stubs/qmp_pc_dimm.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/pc_madt_cpu_entry.o
CC stubs/vmgenid.o
CC stubs/xen-common.o
CC stubs/xen-hvm.o
CC stubs/pci-host-piix.o
CC stubs/ram-block.o
CC stubs/sev.o
GEN qemu-img-cmds.h
CC block.o
CC blockjob.o
CC qemu-io-cmds.o
CC replication.o
CC block/raw-format.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vpc.o
CC block/vvfat.o
CC block/dmg.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qcow2-cache.o
CC block/qcow2-bitmap.o
CC block/qed.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/vhdx.o
CC block/vhdx-endian.o
CC block/vhdx-log.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/file-win32.o
CC block/win32-aio.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/backup.o
CC block/replication.o
CC block/throttle.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC scsi/utils.o
CC block/curl.o
CC block/ssh.o
CC block/dmg-bz2.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-nettle.o
CC crypto/hmac.o
CC crypto/hmac-nettle.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
CC crypto/tlscredsx509.o
CC crypto/tlssession.o
CC crypto/secret.o
CC crypto/random-gnutls.o
CC crypto/pbkdf.o
CC crypto/pbkdf-nettle.o
CC crypto/ivgen.o
CC crypto/ivgen-essiv.o
CC crypto/ivgen-plain.o
CC crypto/ivgen-plain64.o
CC crypto/afsplit.o
CC crypto/xts.o
CC crypto/block.o
CC crypto/block-qcow.o
CC crypto/block-luks.o
CC io/channel.o
CC io/channel-buffer.o
CC io/channel-command.o
CC io/channel-file.o
CC io/channel-socket.o
CC io/channel-tls.o
CC io/channel-watch.o
CC io/channel-websock.o
CC io/channel-util.o
CC io/dns-resolver.o
CC io/net-listener.o
CC io/task.o
CC qom/object.o
CC qom/container.o
CC qom/qom-qobject.o
CC qom/object_interfaces.o
CC qemu-io.o
CC blockdev.o
CC blockdev-nbd.o
CC bootdevice.o
CC iothread.o
CC qdev-monitor.o
CC device-hotplug.o
CC os-win32.o
CC bt-host.o
CC bt-vhci.o
CC dma-helpers.o
CC vl.o
CC tpm.o
CC device_tree.o
CC qapi/qapi-commands.o
CC qapi/qapi-commands-block-core.o
CC qapi/qapi-commands-block.o
CC qapi/qapi-commands-char.o
CC qapi/qapi-commands-common.o
CC qapi/qapi-commands-crypto.o
CC qapi/qapi-commands-introspect.o
CC qapi/qapi-commands-migration.o
CC qapi/qapi-commands-misc.o
CC qapi/qapi-commands-net.o
CC qapi/qapi-commands-rocker.o
CC qapi/qapi-commands-run-state.o
CC qapi/qapi-commands-sockets.o
CC qapi/qapi-commands-tpm.o
CC qapi/qapi-commands-trace.o
CC qapi/qapi-commands-transaction.o
CC qapi/qapi-commands-ui.o
CC qmp.o
CC hmp.o
CC cpus-common.o
CC audio/audio.o
CC audio/noaudio.o
CC audio/wavaudio.o
CC audio/mixeng.o
CC audio/dsoundaudio.o
CC audio/audio_win_int.o
CC audio/wavcapture.o
CC backends/rng.o
CC backends/rng-egd.o
CC backends/tpm.o
CC backends/hostmem.o
CC backends/hostmem-ram.o
CC backends/cryptodev.o
CC backends/cryptodev-builtin.o
CC backends/cryptodev-vhost.o
CC block/stream.o
CC chardev/msmouse.o
CC chardev/wctablet.o
CC chardev/testdev.o
CC disas/arm.o
CXX disas/arm-a64.o
CC disas/i386.o
CXX disas/libvixl/vixl/utils.o
CXX disas/libvixl/vixl/compiler-intrinsics.o
CXX disas/libvixl/vixl/a64/instructions-a64.o
CXX disas/libvixl/vixl/a64/decoder-a64.o
CXX disas/libvixl/vixl/a64/disasm-a64.o
CC hw/acpi/core.o
CC hw/acpi/piix4.o
CC hw/acpi/pcihp.o
CC hw/acpi/ich9.o
CC hw/acpi/tco.o
CC hw/acpi/cpu_hotplug.o
CC hw/acpi/memory_hotplug.o
CC hw/acpi/cpu.o
CC hw/acpi/nvdimm.o
CC hw/acpi/vmgenid.o
CC hw/acpi/acpi_interface.o
CC hw/acpi/bios-linker-loader.o
CC hw/acpi/aml-build.o
CC hw/acpi/ipmi.o
CC hw/acpi/acpi-stub.o
CC hw/acpi/ipmi-stub.o
CC hw/audio/sb16.o
CC hw/audio/es1370.o
CC hw/audio/ac97.o
CC hw/audio/fmopl.o
CC hw/audio/adlib.o
CC hw/audio/gus.o
CC hw/audio/gusemu_hal.o
CC hw/audio/gusemu_mixer.o
CC hw/audio/cs4231a.o
CC hw/audio/intel-hda.o
CC hw/audio/hda-codec.o
CC hw/audio/pcspk.o
CC hw/audio/wm8750.o
CC hw/audio/pl041.o
CC hw/audio/lm4549.o
CC hw/audio/marvell_88w8618.o
CC hw/audio/soundhw.o
CC hw/block/block.o
CC hw/block/cdrom.o
CC hw/block/hd-geometry.o
CC hw/block/fdc.o
CC hw/block/m25p80.o
CC hw/block/nand.o
CC hw/block/pflash_cfi01.o
CC hw/block/pflash_cfi02.o
CC hw/block/ecc.o
CC hw/block/onenand.o
CC hw/block/nvme.o
CC hw/bt/core.o
CC hw/bt/l2cap.o
CC hw/bt/sdp.o
CC hw/bt/hci.o
CC hw/bt/hid.o
CC hw/bt/hci-csr.o
CC hw/char/ipoctal232.o
CC hw/char/parallel.o
CC hw/char/pl011.o
CC hw/char/serial.o
CC hw/char/serial-isa.o
CC hw/char/serial-pci.o
CC hw/char/virtio-console.o
CC hw/char/cadence_uart.o
CC hw/char/cmsdk-apb-uart.o
CC hw/char/debugcon.o
CC hw/char/imx_serial.o
CC hw/core/qdev.o
CC hw/core/qdev-properties.o
CC hw/core/bus.o
CC hw/core/reset.o
CC hw/core/qdev-fw.o
CC hw/core/fw-path-provider.o
CC hw/core/irq.o
CC hw/core/hotplug.o
CC hw/core/nmi.o
CC hw/core/stream.o
CC hw/core/ptimer.o
CC hw/core/sysbus.o
CC hw/core/machine.o
CC hw/core/loader.o
CC hw/core/qdev-properties-system.o
CC hw/core/register.o
CC hw/core/or-irq.o
CC hw/core/split-irq.o
CC hw/core/platform-bus.o
CC hw/cpu/core.o
CC hw/display/ads7846.o
CC hw/display/cirrus_vga.o
CC hw/display/pl110.o
CC hw/display/sii9022.o
CC hw/display/ssd0303.o
CC hw/display/ssd0323.o
CC hw/display/vga-pci.o
CC hw/display/vga-isa.o
CC hw/display/vmware_vga.o
CC hw/display/blizzard.o
CC hw/display/exynos4210_fimd.o
CC hw/display/framebuffer.o
CC hw/display/tc6393xb.o
CC hw/dma/pl080.o
CC hw/dma/pl330.o
CC hw/dma/i8257.o
CC hw/dma/xilinx_axidma.o
CC hw/dma/xlnx-zynq-devcfg.o
CC hw/gpio/max7310.o
CC hw/gpio/pl061.o
CC hw/gpio/zaurus.o
CC hw/gpio/gpio_key.o
CC hw/i2c/core.o
CC hw/i2c/smbus.o
CC hw/i2c/smbus_eeprom.o
CC hw/i2c/i2c-ddc.o
CC hw/i2c/versatile_i2c.o
CC hw/i2c/smbus_ich9.o
CC hw/i2c/pm_smbus.o
CC hw/i2c/bitbang_i2c.o
CC hw/i2c/exynos4210_i2c.o
CC hw/i2c/imx_i2c.o
CC hw/i2c/aspeed_i2c.o
CC hw/ide/core.o
CC hw/ide/atapi.o
CC hw/ide/qdev.o
CC hw/ide/pci.o
CC hw/ide/isa.o
CC hw/ide/piix.o
CC hw/ide/microdrive.o
CC hw/ide/ahci.o
CC hw/ide/ich.o
CC hw/ide/ahci-allwinner.o
CC hw/input/hid.o
CC hw/input/lm832x.o
CC hw/input/pckbd.o
CC hw/input/pl050.o
CC hw/input/ps2.o
CC hw/input/stellaris_input.o
CC hw/input/tsc2005.o
CC hw/input/virtio-input.o
CC hw/input/virtio-input-hid.o
CC hw/intc/i8259_common.o
CC hw/intc/i8259.o
CC hw/intc/pl190.o
CC hw/intc/xlnx-pmu-iomod-intc.o
CC hw/intc/xlnx-zynqmp-ipi.o
CC hw/intc/imx_avic.o
CC hw/intc/imx_gpcv2.o
CC hw/intc/realview_gic.o
CC hw/intc/ioapic_common.o
CC hw/intc/arm_gic_common.o
CC hw/intc/arm_gic.o
CC hw/intc/arm_gicv2m.o
CC hw/intc/arm_gicv3_common.o
CC hw/intc/arm_gicv3.o
CC hw/intc/arm_gicv3_dist.o
CC hw/intc/arm_gicv3_redist.o
CC hw/intc/arm_gicv3_its_common.o
CC hw/intc/intc.o
CC hw/ipack/ipack.o
CC hw/ipack/tpci200.o
CC hw/ipmi/ipmi.o
CC hw/ipmi/ipmi_bmc_sim.o
CC hw/ipmi/ipmi_bmc_extern.o
CC hw/ipmi/isa_ipmi_kcs.o
CC hw/ipmi/isa_ipmi_bt.o
CC hw/isa/isa-bus.o
CC hw/isa/apm.o
CC hw/mem/pc-dimm.o
CC hw/mem/nvdimm.o
CC hw/misc/applesmc.o
CC hw/misc/max111x.o
CC hw/misc/tmp105.o
CC hw/misc/tmp421.o
CC hw/misc/debugexit.o
CC hw/misc/sga.o
CC hw/misc/pc-testdev.o
CC hw/misc/pci-testdev.o
CC hw/misc/edu.o
CC hw/misc/unimp.o
CC hw/misc/vmcoreinfo.o
CC hw/misc/arm_l2x0.o
CC hw/misc/arm_integrator_debug.o
CC hw/misc/a9scu.o
CC hw/misc/arm11scu.o
CC hw/net/ne2000.o
CC hw/net/eepro100.o
CC hw/net/pcnet-pci.o
CC hw/net/pcnet.o
CC hw/net/e1000.o
CC hw/net/e1000x_common.o
CC hw/net/net_tx_pkt.o
CC hw/net/net_rx_pkt.o
CC hw/net/e1000e.o
CC hw/net/e1000e_core.o
CC hw/net/rtl8139.o
CC hw/net/vmxnet3.o
CC hw/net/smc91c111.o
CC hw/net/lan9118.o
CC hw/net/ne2000-isa.o
CC hw/net/xgmac.o
CC hw/net/xilinx_axienet.o
CC hw/net/allwinner_emac.o
CC hw/net/imx_fec.o
CC hw/net/cadence_gem.o
CC hw/net/stellaris_enet.o
CC hw/net/ftgmac100.o
CC hw/net/rocker/rocker.o
CC hw/net/rocker/rocker_fp.o
CC hw/net/rocker/rocker_desc.o
CC hw/net/rocker/rocker_world.o
CC hw/net/rocker/rocker_of_dpa.o
CC hw/net/can/can_sja1000.o
CC hw/net/can/can_kvaser_pci.o
CC hw/net/can/can_pcm3680_pci.o
CC hw/net/can/can_mioe3680_pci.o
CC hw/nvram/eeprom93xx.o
CC hw/nvram/eeprom_at24c.o
CC hw/nvram/fw_cfg.o
CC hw/nvram/chrp_nvram.o
CC hw/pci-bridge/pci_bridge_dev.o
CC hw/pci-bridge/pcie_root_port.o
CC hw/pci-bridge/gen_pcie_root_port.o
CC hw/pci-bridge/pcie_pci_bridge.o
CC hw/pci-bridge/pci_expander_bridge.o
CC hw/pci-bridge/xio3130_upstream.o
CC hw/pci-bridge/xio3130_downstream.o
CC hw/pci-bridge/ioh3420.o
CC hw/pci-bridge/i82801b11.o
CC hw/pci-host/pam.o
CC hw/pci-host/versatile.o
CC hw/pci-host/piix.o
CC hw/pci-host/q35.o
CC hw/pci-host/gpex.o
CC hw/pci/pci.o
CC hw/pci/pci_bridge.o
CC hw/pci/msix.o
CC hw/pci/msi.o
CC hw/pci/shpc.o
CC hw/pci/slotid_cap.o
CC hw/pci/pci_host.o
CC hw/pci/pcie_host.o
CC hw/pci/pcie.o
CC hw/pci/pcie_aer.o
CC hw/pci/pcie_port.o
CC hw/pci/pci-stub.o
CC hw/pcmcia/pcmcia.o
CC hw/scsi/scsi-disk.o
CC hw/scsi/scsi-generic.o
CC hw/scsi/scsi-bus.o
CC hw/scsi/lsi53c895a.o
CC hw/scsi/mptsas.o
CC hw/scsi/mptconfig.o
CC hw/scsi/mptendian.o
CC hw/scsi/megasas.o
CC hw/scsi/vmw_pvscsi.o
CC hw/scsi/esp.o
CC hw/scsi/esp-pci.o
CC hw/sd/pl181.o
CC hw/sd/ssi-sd.o
CC hw/sd/sd.o
CC hw/sd/core.o
CC hw/sd/sdhci.o
CC hw/smbios/smbios.o
CC hw/smbios/smbios_type_38.o
CC hw/smbios/smbios-stub.o
CC hw/smbios/smbios_type_38-stub.o
CC hw/ssi/pl022.o
CC hw/ssi/ssi.o
CC hw/ssi/xilinx_spips.o
CC hw/ssi/aspeed_smc.o
CC hw/ssi/stm32f2xx_spi.o
CC hw/ssi/mss-spi.o
CC hw/timer/arm_timer.o
CC hw/timer/arm_mptimer.o
CC hw/timer/armv7m_systick.o
CC hw/timer/a9gtimer.o
CC hw/timer/cadence_ttc.o
CC hw/timer/ds1338.o
CC hw/timer/hpet.o
CC hw/timer/i8254_common.o
CC hw/timer/i8254.o
CC hw/timer/pl031.o
CC hw/timer/twl92230.o
CC hw/timer/imx_epit.o
CC hw/timer/imx_gpt.o
CC hw/timer/xlnx-zynqmp-rtc.o
CC hw/timer/stm32f2xx_timer.o
CC hw/timer/aspeed_timer.o
CC hw/timer/cmsdk-apb-timer.o
CC hw/timer/mss-timer.o
CC hw/tpm/tpm_util.o
CC hw/tpm/tpm_tis.o
CC hw/tpm/tpm_crb.o
CC hw/usb/core.o
CC hw/usb/combined-packet.o
CC hw/usb/bus.o
CC hw/usb/libhw.o
CC hw/usb/desc.o
CC hw/usb/desc-msos.o
CC hw/usb/hcd-uhci.o
CC hw/usb/hcd-ohci.o
CC hw/usb/hcd-ehci.o
CC hw/usb/hcd-ehci-pci.o
CC hw/usb/hcd-ehci-sysbus.o
CC hw/usb/hcd-xhci.o
CC hw/usb/hcd-xhci-nec.o
CC hw/usb/hcd-musb.o
CC hw/usb/dev-hub.o
CC hw/usb/dev-hid.o
CC hw/usb/dev-wacom.o
CC hw/usb/dev-storage.o
CC hw/usb/dev-uas.o
CC hw/usb/dev-audio.o
CC hw/usb/dev-serial.o
CC hw/usb/dev-network.o
CC hw/usb/dev-bluetooth.o
CC hw/usb/dev-smartcard-reader.o
CC hw/usb/host-stub.o
CC hw/virtio/virtio-rng.o
CC hw/virtio/virtio-pci.o
CC hw/virtio/virtio-bus.o
CC hw/virtio/virtio-mmio.o
CC hw/virtio/vhost-stub.o
CC hw/watchdog/watchdog.o
CC hw/watchdog/wdt_i6300esb.o
CC hw/watchdog/wdt_ib700.o
CC hw/watchdog/wdt_aspeed.o
CC migration/migration.o
CC migration/socket.o
CC migration/fd.o
CC migration/exec.o
CC migration/tls.o
CC migration/channel.o
CC migration/savevm.o
CC migration/colo-comm.o
CC migration/colo.o
CC migration/colo-failover.o
CC migration/vmstate.o
CC migration/vmstate-types.o
CC migration/page_cache.o
CC migration/qemu-file.o
CC migration/global_state.o
CC migration/qemu-file-channel.o
CC migration/xbzrle.o
CC migration/postcopy-ram.o
CC migration/qjson.o
CC migration/block.o
CC net/net.o
CC net/queue.o
CC net/checksum.o
CC net/util.o
CC net/hub.o
CC net/socket.o
CC net/dump.o
CC net/eth.o
CC net/slirp.o
CC net/filter.o
CC net/filter-buffer.o
CC net/filter-mirror.o
CC net/colo-compare.o
CC net/colo.o
CC net/filter-rewriter.o
CC net/filter-replay.o
CC net/tap-win32.o
CC net/can/can_core.o
CC net/can/can_host.o
CC qom/cpu.o
CC replay/replay.o
CC replay/replay-internal.o
CC replay/replay-events.o
CC replay/replay-time.o
CC replay/replay-input.o
CC replay/replay-char.o
CC replay/replay-snapshot.o
CC replay/replay-net.o
CC replay/replay-audio.o
CC slirp/cksum.o
CC slirp/if.o
CC slirp/ip_icmp.o
CC slirp/ip6_icmp.o
CC slirp/ip6_input.o
CC slirp/ip6_output.o
CC slirp/ip_input.o
CC slirp/ip_output.o
CC slirp/dnssearch.o
CC slirp/dhcpv6.o
CC slirp/slirp.o
CC slirp/mbuf.o
CC slirp/misc.o
CC slirp/sbuf.o
CC slirp/socket.o
CC slirp/tcp_input.o
CC slirp/tcp_output.o
CC slirp/tcp_subr.o
CC slirp/tcp_timer.o
CC slirp/udp.o
CC slirp/udp6.o
CC slirp/bootp.o
CC slirp/tftp.o
CC slirp/arp_table.o
CC slirp/ndp_table.o
CC slirp/ncsi.o
CC ui/keymaps.o
CC ui/console.o
CC ui/cursor.o
CC ui/qemu-pixman.o
CC ui/input.o
CC ui/input-keymap.o
CC ui/input-legacy.o
CC ui/vnc.o
CC ui/vnc-enc-zlib.o
CC ui/vnc-enc-hextile.o
CC ui/vnc-enc-tight.o
CC ui/vnc-enc-zrle.o
CC ui/vnc-palette.o
CC ui/vnc-auth-vencrypt.o
CC ui/vnc-ws.o
CC ui/vnc-jobs.o
CC ui/sdl.o
CC ui/sdl_zoom.o
CC ui/gtk.o
CC chardev/char.o
CC chardev/char-console.o
CC chardev/char-fe.o
CC chardev/char-file.o
CC chardev/char-io.o
CC chardev/char-mux.o
CC chardev/char-null.o
CC chardev/char-pipe.o
CC chardev/char-ringbuf.o
CC chardev/char-serial.o
CC chardev/char-socket.o
CC chardev/char-stdio.o
CC chardev/char-udp.o
CC chardev/char-win.o
CC chardev/char-win-stdio.o
CC qga/commands.o
CC qga/guest-agent-command-state.o
CC qga/main.o
AS optionrom/multiboot.o
AS optionrom/linuxboot.o
CC qga/commands-win32.o
CC optionrom/linuxboot_dma.o
AS optionrom/kvmvapic.o
BUILD optionrom/multiboot.img
BUILD optionrom/linuxboot.img
BUILD optionrom/linuxboot_dma.img
CC qga/channel-win32.o
BUILD optionrom/kvmvapic.img
BUILD optionrom/multiboot.raw
CC qga/service-win32.o
BUILD optionrom/linuxboot.raw
BUILD optionrom/linuxboot_dma.raw
CC qga/vss-win32.o
BUILD optionrom/kvmvapic.raw
SIGN optionrom/multiboot.bin
SIGN optionrom/linuxboot.bin
SIGN optionrom/linuxboot_dma.bin
SIGN optionrom/kvmvapic.bin
CC qga/qapi-generated/qga-qapi-visit.o
CC qga/qapi-generated/qga-qapi-commands.o
CC qga/qapi-generated/qga-qapi-types.o
AR libqemuutil.a
CC qemu-img.o
LINK qemu-ga.exe
LINK qemu-io.exe
GEN x86_64-softmmu/hmp-commands.h
GEN x86_64-softmmu/hmp-commands-info.h
GEN x86_64-softmmu/config-target.h
GEN aarch64-softmmu/config-target.h
GEN aarch64-softmmu/hmp-commands.h
GEN aarch64-softmmu/hmp-commands-info.h
CC x86_64-softmmu/exec.o
CC x86_64-softmmu/tcg/tcg.o
CC x86_64-softmmu/tcg/tcg-op.o
CC x86_64-softmmu/tcg/tcg-op-vec.o
CC x86_64-softmmu/tcg/tcg-op-gvec.o
CC x86_64-softmmu/tcg/tcg-common.o
CC aarch64-softmmu/exec.o
CC aarch64-softmmu/tcg/tcg.o
CC x86_64-softmmu/tcg/optimize.o
LINK qemu-img.exe
CC aarch64-softmmu/tcg/tcg-op.o
CC x86_64-softmmu/fpu/softfloat.o
CC aarch64-softmmu/tcg/tcg-op-vec.o
CC x86_64-softmmu/disas.o
GEN x86_64-softmmu/gdbstub-xml.c
CC x86_64-softmmu/arch_init.o
CC x86_64-softmmu/cpus.o
CC x86_64-softmmu/monitor.o
CC x86_64-softmmu/gdbstub.o
CC aarch64-softmmu/tcg/tcg-op-gvec.o
CC x86_64-softmmu/balloon.o
CC x86_64-softmmu/ioport.o
CC x86_64-softmmu/numa.o
CC aarch64-softmmu/tcg/tcg-common.o
CC x86_64-softmmu/qtest.o
CC aarch64-softmmu/tcg/optimize.o
CC x86_64-softmmu/memory.o
CC x86_64-softmmu/memory_mapping.o
CC x86_64-softmmu/dump.o
CC x86_64-softmmu/migration/ram.o
CC x86_64-softmmu/accel/accel.o
CC x86_64-softmmu/accel/stubs/hvf-stub.o
CC x86_64-softmmu/accel/stubs/whpx-stub.o
CC aarch64-softmmu/disas.o
CC aarch64-softmmu/fpu/softfloat.o
CC x86_64-softmmu/accel/stubs/kvm-stub.o
GEN aarch64-softmmu/gdbstub-xml.c
CC aarch64-softmmu/arch_init.o
CC aarch64-softmmu/cpus.o
CC x86_64-softmmu/accel/tcg/tcg-all.o
CC aarch64-softmmu/monitor.o
CC aarch64-softmmu/gdbstub.o
CC x86_64-softmmu/accel/tcg/cputlb.o
CC x86_64-softmmu/accel/tcg/tcg-runtime.o
CC x86_64-softmmu/accel/tcg/tcg-runtime-gvec.o
CC x86_64-softmmu/accel/tcg/cpu-exec.o
CC x86_64-softmmu/accel/tcg/cpu-exec-common.o
CC x86_64-softmmu/accel/tcg/translate-all.o
CC x86_64-softmmu/accel/tcg/translator.o
CC x86_64-softmmu/hw/block/virtio-blk.o
CC x86_64-softmmu/hw/block/dataplane/virtio-blk.o
CC x86_64-softmmu/hw/char/virtio-serial-bus.o
CC x86_64-softmmu/hw/core/generic-loader.o
CC x86_64-softmmu/hw/core/null-machine.o
CC x86_64-softmmu/hw/display/vga.o
CC x86_64-softmmu/hw/display/virtio-gpu.o
CC x86_64-softmmu/hw/display/virtio-gpu-3d.o
CC x86_64-softmmu/hw/display/virtio-gpu-pci.o
CC x86_64-softmmu/hw/display/virtio-vga.o
CC x86_64-softmmu/hw/intc/apic.o
CC x86_64-softmmu/hw/intc/apic_common.o
CC x86_64-softmmu/hw/intc/ioapic.o
CC x86_64-softmmu/hw/isa/lpc_ich9.o
CC x86_64-softmmu/hw/misc/pvpanic.o
CC aarch64-softmmu/ioport.o
CC aarch64-softmmu/balloon.o
CC x86_64-softmmu/hw/misc/mmio_interface.o
CC aarch64-softmmu/numa.o
CC aarch64-softmmu/qtest.o
CC aarch64-softmmu/memory.o
CC x86_64-softmmu/hw/net/virtio-net.o
CC x86_64-softmmu/hw/net/vhost_net.o
CC aarch64-softmmu/memory_mapping.o
CC x86_64-softmmu/hw/scsi/virtio-scsi.o
CC aarch64-softmmu/dump.o
CC x86_64-softmmu/hw/scsi/virtio-scsi-dataplane.o
CC aarch64-softmmu/migration/ram.o
CC aarch64-softmmu/accel/accel.o
CC x86_64-softmmu/hw/timer/mc146818rtc.o
CC aarch64-softmmu/accel/stubs/hax-stub.o
CC x86_64-softmmu/hw/virtio/virtio.o
CC x86_64-softmmu/hw/virtio/virtio-balloon.o
CC x86_64-softmmu/hw/virtio/virtio-crypto.o
CC x86_64-softmmu/hw/virtio/virtio-crypto-pci.o
CC x86_64-softmmu/hw/i386/multiboot.o
CC aarch64-softmmu/accel/stubs/whpx-stub.o
CC x86_64-softmmu/hw/i386/pc.o
CC aarch64-softmmu/accel/stubs/hvf-stub.o
CC x86_64-softmmu/hw/i386/pc_piix.o
CC aarch64-softmmu/accel/stubs/kvm-stub.o
CC x86_64-softmmu/hw/i386/pc_q35.o
CC aarch64-softmmu/accel/tcg/tcg-all.o
CC aarch64-softmmu/accel/tcg/cputlb.o
CC aarch64-softmmu/accel/tcg/tcg-runtime.o
CC aarch64-softmmu/accel/tcg/tcg-runtime-gvec.o
CC aarch64-softmmu/accel/tcg/cpu-exec.o
CC x86_64-softmmu/hw/i386/pc_sysfw.o
CC aarch64-softmmu/accel/tcg/cpu-exec-common.o
CC x86_64-softmmu/hw/i386/x86-iommu.o
CC x86_64-softmmu/hw/i386/intel_iommu.o
CC aarch64-softmmu/accel/tcg/translate-all.o
CC x86_64-softmmu/hw/i386/amd_iommu.o
CC aarch64-softmmu/accel/tcg/translator.o
CC aarch64-softmmu/hw/adc/stm32f2xx_adc.o
CC x86_64-softmmu/hw/i386/vmport.o
CC aarch64-softmmu/hw/block/virtio-blk.o
CC aarch64-softmmu/hw/block/dataplane/virtio-blk.o
CC aarch64-softmmu/hw/char/exynos4210_uart.o
CC x86_64-softmmu/hw/i386/vmmouse.o
CC aarch64-softmmu/hw/char/omap_uart.o
CC x86_64-softmmu/hw/i386/kvmvapic.o
CC x86_64-softmmu/hw/i386/acpi-build.o
CC aarch64-softmmu/hw/char/digic-uart.o
CC x86_64-softmmu/target/i386/helper.o
CC aarch64-softmmu/hw/char/stm32f2xx_usart.o
CC aarch64-softmmu/hw/char/bcm2835_aux.o
CC aarch64-softmmu/hw/char/virtio-serial-bus.o
CC aarch64-softmmu/hw/core/generic-loader.o
CC x86_64-softmmu/target/i386/cpu.o
In file included from /tmp/qemu-test/src/target/i386/helper.c:24:0:
/tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
#include <linux/kvm.h>
^~~~~~~~~~~~~
compilation terminated.
make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/helper.o] Error 1
make[1]: *** Waiting for unfinished jobs....
CC aarch64-softmmu/hw/core/null-machine.o
CC aarch64-softmmu/hw/cpu/arm11mpcore.o
CC aarch64-softmmu/hw/cpu/realview_mpcore.o
CC aarch64-softmmu/hw/cpu/a9mpcore.o
CC aarch64-softmmu/hw/cpu/a15mpcore.o
CC aarch64-softmmu/hw/display/omap_dss.o
In file included from /tmp/qemu-test/src/target/i386/cpu.c:29:0:
/tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
#include <linux/kvm.h>
^~~~~~~~~~~~~
compilation terminated.
make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/cpu.o] Error 1
make: *** [Makefile:472: subdir-x86_64-softmmu] Error 2
make: *** Waiting for unfinished jobs....
CC aarch64-softmmu/hw/display/omap_lcdc.o
CC aarch64-softmmu/hw/display/pxa2xx_lcd.o
CC aarch64-softmmu/hw/display/bcm2835_fb.o
CC aarch64-softmmu/hw/display/vga.o
CC aarch64-softmmu/hw/display/virtio-gpu.o
CC aarch64-softmmu/hw/display/virtio-gpu-3d.o
CC aarch64-softmmu/hw/display/virtio-gpu-pci.o
CC aarch64-softmmu/hw/display/dpcd.o
CC aarch64-softmmu/hw/display/xlnx_dp.o
CC aarch64-softmmu/hw/dma/xlnx_dpdma.o
CC aarch64-softmmu/hw/dma/omap_dma.o
CC aarch64-softmmu/hw/dma/soc_dma.o
CC aarch64-softmmu/hw/dma/pxa2xx_dma.o
CC aarch64-softmmu/hw/dma/bcm2835_dma.o
CC aarch64-softmmu/hw/gpio/omap_gpio.o
CC aarch64-softmmu/hw/gpio/imx_gpio.o
CC aarch64-softmmu/hw/gpio/bcm2835_gpio.o
CC aarch64-softmmu/hw/i2c/omap_i2c.o
CC aarch64-softmmu/hw/input/pxa2xx_keypad.o
CC aarch64-softmmu/hw/input/tsc210x.o
CC aarch64-softmmu/hw/intc/armv7m_nvic.o
CC aarch64-softmmu/hw/intc/exynos4210_gic.o
CC aarch64-softmmu/hw/intc/exynos4210_combiner.o
CC aarch64-softmmu/hw/intc/omap_intc.o
CC aarch64-softmmu/hw/intc/bcm2835_ic.o
CC aarch64-softmmu/hw/intc/bcm2836_control.o
CC aarch64-softmmu/hw/intc/allwinner-a10-pic.o
CC aarch64-softmmu/hw/intc/aspeed_vic.o
CC aarch64-softmmu/hw/intc/arm_gicv3_cpuif.o
CC aarch64-softmmu/hw/misc/arm_sysctl.o
CC aarch64-softmmu/hw/misc/cbus.o
CC aarch64-softmmu/hw/misc/exynos4210_pmu.o
CC aarch64-softmmu/hw/misc/exynos4210_clk.o
CC aarch64-softmmu/hw/misc/exynos4210_rng.o
CC aarch64-softmmu/hw/misc/imx_ccm.o
CC aarch64-softmmu/hw/misc/imx31_ccm.o
CC aarch64-softmmu/hw/misc/imx25_ccm.o
CC aarch64-softmmu/hw/misc/imx6_ccm.o
CC aarch64-softmmu/hw/misc/imx6_src.o
CC aarch64-softmmu/hw/misc/imx7_ccm.o
CC aarch64-softmmu/hw/misc/imx2_wdt.o
CC aarch64-softmmu/hw/misc/imx7_snvs.o
CC aarch64-softmmu/hw/misc/imx7_gpr.o
CC aarch64-softmmu/hw/misc/mst_fpga.o
CC aarch64-softmmu/hw/misc/omap_clk.o
CC aarch64-softmmu/hw/misc/omap_gpmc.o
CC aarch64-softmmu/hw/misc/omap_l4.o
CC aarch64-softmmu/hw/misc/omap_sdrc.o
CC aarch64-softmmu/hw/misc/omap_tap.o
CC aarch64-softmmu/hw/misc/bcm2835_mbox.o
CC aarch64-softmmu/hw/misc/bcm2835_property.o
CC aarch64-softmmu/hw/misc/bcm2835_rng.o
CC aarch64-softmmu/hw/misc/zynq_slcr.o
CC aarch64-softmmu/hw/misc/zynq-xadc.o
CC aarch64-softmmu/hw/misc/stm32f2xx_syscfg.o
CC aarch64-softmmu/hw/misc/mps2-fpgaio.o
CC aarch64-softmmu/hw/misc/mps2-scc.o
CC aarch64-softmmu/hw/misc/tz-ppc.o
CC aarch64-softmmu/hw/misc/iotkit-secctl.o
CC aarch64-softmmu/hw/misc/auxbus.o
CC aarch64-softmmu/hw/misc/aspeed_scu.o
CC aarch64-softmmu/hw/misc/aspeed_sdmc.o
CC aarch64-softmmu/hw/misc/mmio_interface.o
CC aarch64-softmmu/hw/misc/msf2-sysreg.o
CC aarch64-softmmu/hw/net/virtio-net.o
CC aarch64-softmmu/hw/net/vhost_net.o
CC aarch64-softmmu/hw/pcmcia/pxa2xx.o
CC aarch64-softmmu/hw/scsi/virtio-scsi.o
CC aarch64-softmmu/hw/scsi/virtio-scsi-dataplane.o
CC aarch64-softmmu/hw/sd/omap_mmc.o
CC aarch64-softmmu/hw/sd/pxa2xx_mmci.o
CC aarch64-softmmu/hw/sd/bcm2835_sdhost.o
CC aarch64-softmmu/hw/ssi/omap_spi.o
CC aarch64-softmmu/hw/ssi/imx_spi.o
CC aarch64-softmmu/hw/timer/exynos4210_mct.o
CC aarch64-softmmu/hw/timer/exynos4210_pwm.o
CC aarch64-softmmu/hw/timer/exynos4210_rtc.o
CC aarch64-softmmu/hw/timer/omap_gptimer.o
CC aarch64-softmmu/hw/timer/omap_synctimer.o
CC aarch64-softmmu/hw/timer/pxa2xx_timer.o
CC aarch64-softmmu/hw/timer/digic-timer.o
CC aarch64-softmmu/hw/timer/allwinner-a10-pit.o
CC aarch64-softmmu/hw/usb/tusb6010.o
CC aarch64-softmmu/hw/usb/chipidea.o
CC aarch64-softmmu/hw/virtio/virtio.o
CC aarch64-softmmu/hw/virtio/virtio-balloon.o
CC aarch64-softmmu/hw/virtio/virtio-crypto.o
CC aarch64-softmmu/hw/virtio/virtio-crypto-pci.o
CC aarch64-softmmu/hw/arm/boot.o
CC aarch64-softmmu/hw/arm/collie.o
CC aarch64-softmmu/hw/arm/exynos4_boards.o
CC aarch64-softmmu/hw/arm/gumstix.o
CC aarch64-softmmu/hw/arm/highbank.o
CC aarch64-softmmu/hw/arm/digic_boards.o
CC aarch64-softmmu/hw/arm/integratorcp.o
CC aarch64-softmmu/hw/arm/mainstone.o
CC aarch64-softmmu/hw/arm/musicpal.o
CC aarch64-softmmu/hw/arm/nseries.o
CC aarch64-softmmu/hw/arm/omap_sx1.o
CC aarch64-softmmu/hw/arm/palm.o
CC aarch64-softmmu/hw/arm/realview.o
CC aarch64-softmmu/hw/arm/spitz.o
CC aarch64-softmmu/hw/arm/stellaris.o
CC aarch64-softmmu/hw/arm/tosa.o
CC aarch64-softmmu/hw/arm/versatilepb.o
CC aarch64-softmmu/hw/arm/vexpress.o
CC aarch64-softmmu/hw/arm/virt.o
CC aarch64-softmmu/hw/arm/xilinx_zynq.o
CC aarch64-softmmu/hw/arm/z2.o
CC aarch64-softmmu/hw/arm/virt-acpi-build.o
CC aarch64-softmmu/hw/arm/netduino2.o
CC aarch64-softmmu/hw/arm/sysbus-fdt.o
CC aarch64-softmmu/hw/arm/armv7m.o
CC aarch64-softmmu/hw/arm/exynos4210.o
CC aarch64-softmmu/hw/arm/pxa2xx.o
CC aarch64-softmmu/hw/arm/pxa2xx_gpio.o
CC aarch64-softmmu/hw/arm/pxa2xx_pic.o
CC aarch64-softmmu/hw/arm/digic.o
CC aarch64-softmmu/hw/arm/omap1.o
CC aarch64-softmmu/hw/arm/omap2.o
CC aarch64-softmmu/hw/arm/strongarm.o
CC aarch64-softmmu/hw/arm/allwinner-a10.o
CC aarch64-softmmu/hw/arm/cubieboard.o
CC aarch64-softmmu/hw/arm/bcm2835_peripherals.o
CC aarch64-softmmu/hw/arm/bcm2836.o
CC aarch64-softmmu/hw/arm/raspi.o
CC aarch64-softmmu/hw/arm/stm32f205_soc.o
CC aarch64-softmmu/hw/arm/xlnx-zynqmp.o
CC aarch64-softmmu/hw/arm/xlnx-zcu102.o
CC aarch64-softmmu/hw/arm/fsl-imx25.o
CC aarch64-softmmu/hw/arm/imx25_pdk.o
CC aarch64-softmmu/hw/arm/fsl-imx31.o
CC aarch64-softmmu/hw/arm/kzm.o
CC aarch64-softmmu/hw/arm/fsl-imx6.o
CC aarch64-softmmu/hw/arm/sabrelite.o
CC aarch64-softmmu/hw/arm/aspeed_soc.o
CC aarch64-softmmu/hw/arm/aspeed.o
CC aarch64-softmmu/hw/arm/mps2.o
CC aarch64-softmmu/hw/arm/mps2-tz.o
CC aarch64-softmmu/hw/arm/msf2-soc.o
CC aarch64-softmmu/hw/arm/msf2-som.o
CC aarch64-softmmu/hw/arm/iotkit.o
CC aarch64-softmmu/target/arm/arm-semi.o
CC aarch64-softmmu/target/arm/machine.o
CC aarch64-softmmu/target/arm/psci.o
CC aarch64-softmmu/target/arm/arch_dump.o
CC aarch64-softmmu/target/arm/monitor.o
CC aarch64-softmmu/target/arm/kvm-stub.o
CC aarch64-softmmu/target/arm/translate.o
CC aarch64-softmmu/target/arm/op_helper.o
CC aarch64-softmmu/target/arm/helper.o
CC aarch64-softmmu/target/arm/cpu.o
CC aarch64-softmmu/target/arm/neon_helper.o
CC aarch64-softmmu/target/arm/iwmmxt_helper.o
CC aarch64-softmmu/target/arm/vec_helper.o
CC aarch64-softmmu/target/arm/gdbstub.o
CC aarch64-softmmu/target/arm/cpu64.o
CC aarch64-softmmu/target/arm/translate-a64.o
CC aarch64-softmmu/target/arm/helper-a64.o
CC aarch64-softmmu/target/arm/gdbstub64.o
CC aarch64-softmmu/target/arm/crypto_helper.o
CC aarch64-softmmu/target/arm/arm-powerctl.o
GEN trace/generated-helpers.c
CC aarch64-softmmu/trace/control-target.o
CC aarch64-softmmu/gdbstub-xml.o
CC aarch64-softmmu/trace/generated-helpers.o
LINK aarch64-softmmu/qemu-system-aarch64w.exe
GEN aarch64-softmmu/qemu-system-aarch64.exe
Traceback (most recent call last):
File "./tests/docker/docker.py", line 407, in <module>
sys.exit(main())
File "./tests/docker/docker.py", line 404, in main
return args.cmdobj.run(args, argv)
File "./tests/docker/docker.py", line 261, in run
return Docker().run(argv, args.keep, quiet=args.quiet)
File "./tests/docker/docker.py", line 229, in run
quiet=quiet)
File "./tests/docker/docker.py", line 147, in _do_check
return subprocess.check_call(self._command + cmd, **kwargs)
File "/usr/lib64/python2.7/subprocess.py", line 186, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['docker', 'run', '--label', 'com.qemu.instance.uuid=9bef6af0222b11e8bca752540069c830', '-u', '0', '--security-opt', 'seccomp=unconfined', '--rm', '--net=none', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=8', '-e', 'DEBUG=', '-e', 'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/root/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945:/var/tmp/qemu:z,ro', 'qemu:fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit status 2
make[1]: *** [tests/docker/Makefile.include:129: docker-run] Error 1
make[1]: Leaving directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
make: *** [tests/docker/Makefile.include:163: docker-run-test-mingw@fedora] Error 2
real 5m52.411s
user 0m4.700s
sys 0m4.017s
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
@ 2018-03-07 17:24 ` no-reply
0 siblings, 0 replies; 74+ messages in thread
From: no-reply @ 2018-03-07 17:24 UTC (permalink / raw)
To: brijesh.singh
Cc: famz, qemu-devel, peter.maydell, kvm, mst, stefanha, agraf,
edgar.iglesias, armbru, brogers, borntraeger, marcel, bp,
Thomas.Lendacky, ehabkost, richard.henderson, dgilbert,
alistair.francis, cornelia.huck, crosthwaite.peter, pbonzini
Hi,
This series failed docker-mingw@fedora build test. Please find the testing commands and
their output below. If you have Docker installed, you can probably reproduce it
locally.
Type: series
Message-id: 20180307165038.88640-1-brijesh.singh@amd.com
Subject: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
# Let docker tests dump environment info
export SHOW_ENV=1
export J=8
time make docker-test-mingw@fedora
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
4fbea75df6 tests/qmp-test: blacklist sev specific qmp commands
dee06afe23 sev/i386: add sev_get_capabilities()
4bc4467cbd qmp: add query-sev-capabilities command
b96190fd71 cpu/i386: populate CPUID 0x8000_001F when SEV is active
3c60cdc4ec sev/i386: add migration blocker
a9ab0a27b2 qmp: add query-sev-launch-measure command
7a9005e7b3 target/i386: clear C-bit when walking SEV guest page table
1758f0ec5d sev/i386: add debug encrypt and decrypt commands
31a61f5fe9 hw/i386: set ram_debug_ops when memory encryption is enabled
346e90b176 sev/i386: finalize the SEV guest launch flow
38cf6ff868 sev/i386: add support to LAUNCH_MEASURE command
a9df6d98ec target/i386: encrypt bios rom
baa46b9faf sev/i386: add command to encrypt guest memory region
41354b73a4 sev/i386: add command to create launch memory encryption context
4d35f32583 hmp: add 'info sev' command
16598f2cc1 kvm: introduce memory encryption APIs
36b000c77c sev/i386: register the guest memory range which may contain encrypted data
435a482830 sev/i386: add command to initialize the memory encryption context
1c37bac2fa include: add psp-sev.h header file
ea9d68aad5 qmp: add query-sev command
e85ff63940 target/i386: add Secure Encrypted Virtulization (SEV) object
9605c92f32 docs: add AMD Secure Encrypted Virtualization (SEV)
52514277fb kvm: update kvm.h to include memory encryption ioctls
2398a21fbd machine: add -memory-encryption property
40ba67a92d monitor/i386: use debug APIs when accessing guest memory
7a060f2310 exec: add debug version of physical memory read and write API
6533e78730 exec: add ram_debug_ops support
94ffe21118 memattrs: add debug attribute
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/dtc'...
Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
BUILD fedora
make[1]: Entering directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
GEN /var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot'...
done.
Checking out files: 45% (2690/5948)
Checking out files: 46% (2737/5948)
Checking out files: 47% (2796/5948)
Checking out files: 48% (2856/5948)
Checking out files: 49% (2915/5948)
Checking out files: 50% (2974/5948)
Checking out files: 51% (3034/5948)
Checking out files: 52% (3093/5948)
Checking out files: 53% (3153/5948)
Checking out files: 54% (3212/5948)
Checking out files: 55% (3272/5948)
Checking out files: 56% (3331/5948)
Checking out files: 57% (3391/5948)
Checking out files: 58% (3450/5948)
Checking out files: 59% (3510/5948)
Checking out files: 60% (3569/5948)
Checking out files: 61% (3629/5948)
Checking out files: 62% (3688/5948)
Checking out files: 63% (3748/5948)
Checking out files: 64% (3807/5948)
Checking out files: 65% (3867/5948)
Checking out files: 66% (3926/5948)
Checking out files: 67% (3986/5948)
Checking out files: 68% (4045/5948)
Checking out files: 69% (4105/5948)
Checking out files: 70% (4164/5948)
Checking out files: 71% (4224/5948)
Checking out files: 72% (4283/5948)
Checking out files: 73% (4343/5948)
Checking out files: 74% (4402/5948)
Checking out files: 75% (4461/5948)
Checking out files: 76% (4521/5948)
Checking out files: 77% (4580/5948)
Checking out files: 78% (4640/5948)
Checking out files: 79% (4699/5948)
Checking out files: 80% (4759/5948)
Checking out files: 81% (4818/5948)
Checking out files: 82% (4878/5948)
Checking out files: 83% (4937/5948)
Checking out files: 84% (4997/5948)
Checking out files: 85% (5056/5948)
Checking out files: 86% (5116/5948)
Checking out files: 87% (5175/5948)
Checking out files: 88% (5235/5948)
Checking out files: 89% (5294/5948)
Checking out files: 90% (5354/5948)
Checking out files: 91% (5413/5948)
Checking out files: 92% (5473/5948)
Checking out files: 93% (5532/5948)
Checking out files: 94% (5592/5948)
Checking out files: 95% (5651/5948)
Checking out files: 96% (5711/5948)
Checking out files: 97% (5770/5948)
Checking out files: 98% (5830/5948)
Checking out files: 99% (5889/5948)
Checking out files: 100% (5948/5948)
Checking out files: 100% (5948/5948), done.
Your branch is up-to-date with 'origin/test'.
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/dtc'...
Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
Submodule 'ui/keycodemapdb' (git://git.qemu.org/keycodemapdb.git) registered for path 'ui/keycodemapdb'
Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/ui/keycodemapdb'...
Submodule path 'ui/keycodemapdb': checked out '6b3d716e2b6472eb7189d3220552280ef3d832ce'
COPY RUNNER
RUN test-mingw in qemu:fedora
Packages installed:
PyYAML-3.12-5.fc27.x86_64
SDL-devel-1.2.15-29.fc27.x86_64
bc-1.07.1-3.fc27.x86_64
bison-3.0.4-8.fc27.x86_64
bzip2-1.0.6-24.fc27.x86_64
ccache-3.3.5-1.fc27.x86_64
clang-5.0.1-1.fc27.x86_64
findutils-4.6.0-14.fc27.x86_64
flex-2.6.1-5.fc27.x86_64
gcc-7.3.1-2.fc27.x86_64
gcc-c++-7.3.1-2.fc27.x86_64
gettext-0.19.8.1-12.fc27.x86_64
git-2.14.3-2.fc27.x86_64
glib2-devel-2.54.3-2.fc27.x86_64
hostname-3.18-4.fc27.x86_64
libaio-devel-0.3.110-9.fc27.x86_64
libasan-7.3.1-2.fc27.x86_64
libfdt-devel-1.4.6-1.fc27.x86_64
libubsan-7.3.1-2.fc27.x86_64
make-4.2.1-4.fc27.x86_64
mingw32-SDL-1.2.15-9.fc27.noarch
mingw32-bzip2-1.0.6-9.fc27.noarch
mingw32-curl-7.54.1-2.fc27.noarch
mingw32-glib2-2.54.1-1.fc27.noarch
mingw32-gmp-6.1.2-2.fc27.noarch
mingw32-gnutls-3.5.13-2.fc27.noarch
mingw32-gtk2-2.24.31-4.fc27.noarch
mingw32-gtk3-3.22.16-1.fc27.noarch
mingw32-libjpeg-turbo-1.5.1-3.fc27.noarch
mingw32-libpng-1.6.29-2.fc27.noarch
mingw32-libssh2-1.8.0-3.fc27.noarch
mingw32-libtasn1-4.13-1.fc27.noarch
mingw32-nettle-3.3-3.fc27.noarch
mingw32-pixman-0.34.0-3.fc27.noarch
mingw32-pkg-config-0.28-9.fc27.x86_64
mingw64-SDL-1.2.15-9.fc27.noarch
mingw64-bzip2-1.0.6-9.fc27.noarch
mingw64-curl-7.54.1-2.fc27.noarch
mingw64-glib2-2.54.1-1.fc27.noarch
mingw64-gmp-6.1.2-2.fc27.noarch
mingw64-gnutls-3.5.13-2.fc27.noarch
mingw64-gtk2-2.24.31-4.fc27.noarch
mingw64-gtk3-3.22.16-1.fc27.noarch
mingw64-libjpeg-turbo-1.5.1-3.fc27.noarch
mingw64-libpng-1.6.29-2.fc27.noarch
mingw64-libssh2-1.8.0-3.fc27.noarch
mingw64-libtasn1-4.13-1.fc27.noarch
mingw64-nettle-3.3-3.fc27.noarch
mingw64-pixman-0.34.0-3.fc27.noarch
mingw64-pkg-config-0.28-9.fc27.x86_64
nettle-devel-3.4-1.fc27.x86_64
perl-5.26.1-402.fc27.x86_64
pixman-devel-0.34.0-4.fc27.x86_64
python3-3.6.2-13.fc27.x86_64
sparse-0.5.1-2.fc27.x86_64
tar-1.29-7.fc27.x86_64
which-2.21-4.fc27.x86_64
zlib-devel-1.2.11-4.fc27.x86_64
Environment variables:
TARGET_LIST=
PACKAGES=ccache gettext git tar PyYAML sparse flex bison python3 bzip2 hostname glib2-devel pixman-devel zlib-devel SDL-devel libfdt-devel gcc gcc-c++ clang make perl which bc findutils libaio-devel nettle-devel libasan libubsan mingw32-pixman mingw32-glib2 mingw32-gmp mingw32-SDL mingw32-pkg-config mingw32-gtk2 mingw32-gtk3 mingw32-gnutls mingw32-nettle mingw32-libtasn1 mingw32-libjpeg-turbo mingw32-libpng mingw32-curl mingw32-libssh2 mingw32-bzip2 mingw64-pixman mingw64-glib2 mingw64-gmp mingw64-SDL mingw64-pkg-config mingw64-gtk2 mingw64-gtk3 mingw64-gnutls mingw64-nettle mingw64-libtasn1 mingw64-libjpeg-turbo mingw64-libpng mingw64-curl mingw64-libssh2 mingw64-bzip2
J=8
V=
HOSTNAME=939c73c338e1
DEBUG=
SHOW_ENV=1
PWD=/
HOME=/root
CCACHE_DIR=/var/tmp/ccache
DISTTAG=f27container
QEMU_CONFIGURE_OPTS=--python=/usr/bin/python3
FGC=f27
TEST_DIR=/tmp/qemu-test
SHLVL=1
FEATURES=mingw clang pyyaml asan dtc
PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
MAKEFLAGS= -j8
EXTRA_CONFIGURE_OPTS=
_=/usr/bin/env
Configure options:
--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/tmp/qemu-test/install --python=/usr/bin/python3 --cross-prefix=x86_64-w64-mingw32- --enable-trace-backends=simple --enable-gnutls --enable-nettle --enable-curl --enable-vnc --enable-bzip2 --enable-guest-agent --with-sdlabi=1.2 --with-gtkabi=2.0
Install prefix /tmp/qemu-test/install
BIOS directory /tmp/qemu-test/install
firmware path /tmp/qemu-test/install/share/qemu-firmware
binary directory /tmp/qemu-test/install
library directory /tmp/qemu-test/install/lib
module directory /tmp/qemu-test/install/lib
libexec directory /tmp/qemu-test/install/libexec
include directory /tmp/qemu-test/install/include
config directory /tmp/qemu-test/install
local state directory queried at runtime
Windows SDK no
Source path /tmp/qemu-test/src
GIT binary git
GIT submodules
C compiler x86_64-w64-mingw32-gcc
Host C compiler cc
C++ compiler x86_64-w64-mingw32-g++
Objective-C compiler clang
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
QEMU_CFLAGS -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/pixman-1 -I$(SRC_PATH)/dtc/libfdt -Werror -DHAS_LIBSSH2_SFTP_FSYNC -mms-bitfields -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/glib-2.0 -I/usr/x86_64-w64-mingw32/sys-root/mingw/lib/glib-2.0/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -m64 -mcx16 -mthreads -D__USE_MINGW_ANSI_STDIO=1 -DWIN32_LEAN_AND_MEAN -DWINVER=0x501 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wexpansion-to-defined -Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-strong -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/p11-kit-1 -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/libpng16
LDFLAGS -Wl,--nxcompat -Wl,--no-seh -Wl,--dynamicbase -Wl,--warn-common -m64 -g
make make
install install
python /usr/bin/python3 -B
smbd /usr/sbin/smbd
module support no
host CPU x86_64
host big endian no
target list x86_64-softmmu aarch64-softmmu
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
SDL support yes (1.2.15)
GTK support yes (2.24.31)
GTK GL support no
VTE support no
TLS priority NORMAL
GNUTLS support yes
GNUTLS rnd yes
libgcrypt no
libgcrypt kdf no
nettle yes (3.3)
nettle kdf yes
libtasn1 yes
curses support no
virgl support no
curl support yes
mingw32 support yes
Audio drivers dsound
Block whitelist (rw)
Block whitelist (ro)
VirtFS support no
Multipath support no
VNC support yes
VNC SASL support no
VNC JPEG support yes
VNC PNG support yes
xen support no
brlapi support no
bluez support no
Documentation no
PIE no
vde support no
netmap support no
Linux AIO support no
ATTR/XATTR support no
Install blobs yes
KVM support no
HAX support yes
HVF support no
WHPX support no
TCG support yes
TCG debug enabled no
TCG interpreter no
malloc trim support no
RDMA support no
fdt support yes
preadv support no
fdatasync no
madvise no
posix_madvise no
posix_memalign no
libcap-ng support no
vhost-net support no
vhost-crypto support no
vhost-scsi support no
vhost-vsock support no
vhost-user support no
Trace backends simple
Trace output file trace-<pid>
spice support no
rbd support no
xfsctl support no
smartcard support no
libusb no
usb net redir no
OpenGL support no
OpenGL dmabufs no
libiscsi support no
libnfs support no
build guest agent yes
QGA VSS support no
QGA w32 disk info yes
QGA MSI support no
seccomp support no
coroutine backend win32
coroutine pool yes
debug stack usage no
crypto afalg no
GlusterFS support no
gcov gcov
gcov enabled no
TPM support yes
libssh2 support yes
TPM passthrough no
TPM emulator no
QOM debugging yes
Live block migration yes
lzo support no
snappy support no
bzip2 support yes
NUMA host support no
libxml2 no
tcmalloc support no
jemalloc support no
avx2 optimization yes
replication support yes
VxHS block device no
capstone no
WARNING: Use of GTK 2.0 is deprecated and will be removed in
WARNING: future releases. Please switch to using GTK 3.0
WARNING: Use of SDL 1.2 is deprecated and will be removed in
WARNING: future releases. Please switch to using SDL 2.0
mkdir -p dtc/libfdt
mkdir -p dtc/tests
GEN x86_64-softmmu/config-devices.mak.tmp
GEN aarch64-softmmu/config-devices.mak.tmp
GEN config-host.h
GEN qemu-options.def
GEN qapi-gen
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
GEN x86_64-softmmu/config-devices.mak
GEN aarch64-softmmu/config-devices.mak
GEN trace/generated-helpers.c
GEN module_block.h
GEN ui/input-keymap-atset1-to-qcode.c
GEN ui/input-keymap-linux-to-qcode.c
GEN ui/input-keymap-qcode-to-atset1.c
GEN ui/input-keymap-qcode-to-atset2.c
GEN ui/input-keymap-qcode-to-atset3.c
GEN ui/input-keymap-qcode-to-linux.c
GEN ui/input-keymap-qcode-to-qnum.c
GEN ui/input-keymap-qcode-to-sun.c
GEN ui/input-keymap-qnum-to-qcode.c
GEN ui/input-keymap-usb-to-qcode.c
GEN ui/input-keymap-win32-to-qcode.c
GEN ui/input-keymap-x11-to-qcode.c
GEN ui/input-keymap-xorgevdev-to-qcode.c
GEN ui/input-keymap-xorgkbd-to-qcode.c
GEN ui/input-keymap-xorgxquartz-to-qcode.c
GEN ui/input-keymap-xorgxwin-to-qcode.c
GEN tests/test-qapi-gen
GEN trace-root.h
GEN util/trace.h
GEN crypto/trace.h
GEN io/trace.h
GEN migration/trace.h
GEN block/trace.h
GEN chardev/trace.h
GEN hw/block/trace.h
GEN hw/block/dataplane/trace.h
GEN hw/char/trace.h
GEN hw/intc/trace.h
GEN hw/net/trace.h
GEN hw/rdma/trace.h
GEN hw/rdma/vmw/trace.h
GEN hw/virtio/trace.h
GEN hw/audio/trace.h
GEN hw/misc/trace.h
GEN hw/misc/macio/trace.h
GEN hw/usb/trace.h
GEN hw/scsi/trace.h
GEN hw/nvram/trace.h
GEN hw/display/trace.h
GEN hw/input/trace.h
GEN hw/timer/trace.h
GEN hw/dma/trace.h
GEN hw/sparc/trace.h
GEN hw/sparc64/trace.h
GEN hw/sd/trace.h
GEN hw/isa/trace.h
GEN hw/mem/trace.h
GEN hw/i386/trace.h
GEN hw/i386/xen/trace.h
GEN hw/9pfs/trace.h
GEN hw/ppc/trace.h
GEN hw/pci/trace.h
GEN hw/pci-host/trace.h
GEN hw/s390x/trace.h
GEN hw/vfio/trace.h
GEN hw/acpi/trace.h
GEN hw/arm/trace.h
GEN hw/alpha/trace.h
GEN hw/hppa/trace.h
GEN hw/xen/trace.h
GEN hw/ide/trace.h
GEN ui/trace.h
GEN audio/trace.h
GEN net/trace.h
GEN target/arm/trace.h
GEN target/i386/trace.h
GEN target/mips/trace.h
GEN target/sparc/trace.h
GEN target/s390x/trace.h
GEN target/ppc/trace.h
GEN qom/trace.h
GEN linux-user/trace.h
GEN qapi/trace.h
GEN accel/tcg/trace.h
GEN accel/kvm/trace.h
GEN nbd/trace.h
GEN scsi/trace.h
GEN trace-root.c
GEN util/trace.c
GEN crypto/trace.c
GEN io/trace.c
GEN migration/trace.c
GEN block/trace.c
GEN chardev/trace.c
GEN hw/block/trace.c
GEN hw/block/dataplane/trace.c
GEN hw/char/trace.c
GEN hw/intc/trace.c
GEN hw/net/trace.c
GEN hw/rdma/trace.c
GEN hw/rdma/vmw/trace.c
GEN hw/virtio/trace.c
GEN hw/audio/trace.c
GEN hw/misc/trace.c
GEN hw/misc/macio/trace.c
GEN hw/usb/trace.c
GEN hw/scsi/trace.c
GEN hw/nvram/trace.c
GEN hw/display/trace.c
GEN hw/input/trace.c
GEN hw/timer/trace.c
GEN hw/dma/trace.c
GEN hw/sparc/trace.c
GEN hw/sparc64/trace.c
GEN hw/sd/trace.c
GEN hw/isa/trace.c
GEN hw/mem/trace.c
GEN hw/i386/trace.c
GEN hw/i386/xen/trace.c
GEN hw/9pfs/trace.c
GEN hw/ppc/trace.c
GEN hw/pci/trace.c
GEN hw/pci-host/trace.c
GEN hw/s390x/trace.c
GEN hw/vfio/trace.c
GEN hw/acpi/trace.c
GEN hw/arm/trace.c
GEN hw/alpha/trace.c
GEN hw/hppa/trace.c
GEN hw/xen/trace.c
GEN hw/ide/trace.c
GEN ui/trace.c
GEN audio/trace.c
GEN net/trace.c
GEN target/arm/trace.c
GEN target/i386/trace.c
GEN target/mips/trace.c
GEN target/sparc/trace.c
GEN target/s390x/trace.c
GEN target/ppc/trace.c
GEN qom/trace.c
GEN linux-user/trace.c
GEN qapi/trace.c
GEN accel/tcg/trace.c
GEN accel/kvm/trace.c
GEN nbd/trace.c
GEN scsi/trace.c
GEN config-all-devices.mak
DEP /tmp/qemu-test/src/dtc/tests/dumptrees.c
DEP /tmp/qemu-test/src/dtc/tests/trees.S
DEP /tmp/qemu-test/src/dtc/tests/testutils.c
DEP /tmp/qemu-test/src/dtc/tests/value-labels.c
DEP /tmp/qemu-test/src/dtc/tests/asm_tree_dump.c
DEP /tmp/qemu-test/src/dtc/tests/truncated_property.c
DEP /tmp/qemu-test/src/dtc/tests/check_path.c
DEP /tmp/qemu-test/src/dtc/tests/overlay_bad_fixup.c
DEP /tmp/qemu-test/src/dtc/tests/overlay.c
DEP /tmp/qemu-test/src/dtc/tests/subnode_iterate.c
DEP /tmp/qemu-test/src/dtc/tests/property_iterate.c
DEP /tmp/qemu-test/src/dtc/tests/integer-expressions.c
DEP /tmp/qemu-test/src/dtc/tests/utilfdt_test.c
DEP /tmp/qemu-test/src/dtc/tests/path_offset_aliases.c
DEP /tmp/qemu-test/src/dtc/tests/add_subnode_with_nops.c
DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_unordered.c
DEP /tmp/qemu-test/src/dtc/tests/dtb_reverse.c
DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_ordered.c
DEP /tmp/qemu-test/src/dtc/tests/extra-terminating-null.c
DEP /tmp/qemu-test/src/dtc/tests/incbin.c
DEP /tmp/qemu-test/src/dtc/tests/boot-cpuid.c
DEP /tmp/qemu-test/src/dtc/tests/phandle_format.c
DEP /tmp/qemu-test/src/dtc/tests/path-references.c
DEP /tmp/qemu-test/src/dtc/tests/references.c
DEP /tmp/qemu-test/src/dtc/tests/propname_escapes.c
DEP /tmp/qemu-test/src/dtc/tests/string_escapes.c
DEP /tmp/qemu-test/src/dtc/tests/appendprop2.c
DEP /tmp/qemu-test/src/dtc/tests/appendprop1.c
DEP /tmp/qemu-test/src/dtc/tests/del_node.c
DEP /tmp/qemu-test/src/dtc/tests/setprop.c
DEP /tmp/qemu-test/src/dtc/tests/del_property.c
DEP /tmp/qemu-test/src/dtc/tests/set_name.c
DEP /tmp/qemu-test/src/dtc/tests/rw_tree1.c
DEP /tmp/qemu-test/src/dtc/tests/open_pack.c
DEP /tmp/qemu-test/src/dtc/tests/nopulate.c
DEP /tmp/qemu-test/src/dtc/tests/mangle-layout.c
DEP /tmp/qemu-test/src/dtc/tests/move_and_save.c
DEP /tmp/qemu-test/src/dtc/tests/sw_tree1.c
DEP /tmp/qemu-test/src/dtc/tests/nop_node.c
DEP /tmp/qemu-test/src/dtc/tests/nop_property.c
DEP /tmp/qemu-test/src/dtc/tests/setprop_inplace.c
DEP /tmp/qemu-test/src/dtc/tests/stringlist.c
DEP /tmp/qemu-test/src/dtc/tests/addr_size_cells.c
DEP /tmp/qemu-test/src/dtc/tests/notfound.c
DEP /tmp/qemu-test/src/dtc/tests/sized_cells.c
DEP /tmp/qemu-test/src/dtc/tests/char_literal.c
DEP /tmp/qemu-test/src/dtc/tests/get_alias.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_compatible.c
DEP /tmp/qemu-test/src/dtc/tests/node_check_compatible.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_phandle.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_prop_value.c
DEP /tmp/qemu-test/src/dtc/tests/parent_offset.c
DEP /tmp/qemu-test/src/dtc/tests/supernode_atdepth_offset.c
DEP /tmp/qemu-test/src/dtc/tests/get_path.c
DEP /tmp/qemu-test/src/dtc/tests/get_phandle.c
DEP /tmp/qemu-test/src/dtc/tests/getprop.c
DEP /tmp/qemu-test/src/dtc/tests/get_name.c
DEP /tmp/qemu-test/src/dtc/tests/path_offset.c
DEP /tmp/qemu-test/src/dtc/tests/subnode_offset.c
DEP /tmp/qemu-test/src/dtc/tests/root_node.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_overlay.c
DEP /tmp/qemu-test/src/dtc/tests/find_property.c
DEP /tmp/qemu-test/src/dtc/tests/get_mem_rsv.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_addresses.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_empty_tree.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_strerror.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_rw.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_sw.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_wip.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_ro.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt.c
DEP /tmp/qemu-test/src/dtc/util.c
DEP /tmp/qemu-test/src/dtc/fdtoverlay.c
DEP /tmp/qemu-test/src/dtc/fdtput.c
DEP /tmp/qemu-test/src/dtc/fdtget.c
DEP /tmp/qemu-test/src/dtc/fdtdump.c
LEX convert-dtsv0-lexer.lex.c
DEP /tmp/qemu-test/src/dtc/srcpos.c
BISON dtc-parser.tab.c
LEX dtc-lexer.lex.c
DEP /tmp/qemu-test/src/dtc/treesource.c
DEP /tmp/qemu-test/src/dtc/livetree.c
DEP /tmp/qemu-test/src/dtc/fstree.c
DEP /tmp/qemu-test/src/dtc/flattree.c
DEP /tmp/qemu-test/src/dtc/dtc.c
DEP /tmp/qemu-test/src/dtc/data.c
DEP /tmp/qemu-test/src/dtc/checks.c
DEP convert-dtsv0-lexer.lex.c
DEP dtc-lexer.lex.c
DEP dtc-parser.tab.c
CHK version_gen.h
UPD version_gen.h
DEP /tmp/qemu-test/src/dtc/util.c
CC libfdt/fdt.o
CC libfdt/fdt_ro.o
CC libfdt/fdt_wip.o
CC libfdt/fdt_sw.o
CC libfdt/fdt_empty_tree.o
CC libfdt/fdt_rw.o
CC libfdt/fdt_strerror.o
CC libfdt/fdt_addresses.o
CC libfdt/fdt_overlay.o
AR libfdt/libfdt.a
x86_64-w64-mingw32-ar: creating libfdt/libfdt.a
a - libfdt/fdt.o
a - libfdt/fdt_ro.o
a - libfdt/fdt_wip.o
a - libfdt/fdt_sw.o
a - libfdt/fdt_rw.o
a - libfdt/fdt_strerror.o
a - libfdt/fdt_empty_tree.o
a - libfdt/fdt_addresses.o
a - libfdt/fdt_overlay.o
RC version.o
mkdir -p dtc/libfdt
mkdir -p dtc/tests
GEN qga/qapi-generated/qapi-gen
CC qapi/qapi-types.o
CC qapi/qapi-types-block-core.o
CC qapi/qapi-builtin-types.o
CC qapi/qapi-types-char.o
CC qapi/qapi-types-block.o
CC qapi/qapi-types-common.o
CC qapi/qapi-types-crypto.o
CC qapi/qapi-types-introspect.o
CC qapi/qapi-types-misc.o
CC qapi/qapi-types-migration.o
CC qapi/qapi-types-net.o
CC qapi/qapi-types-rocker.o
CC qapi/qapi-types-run-state.o
CC qapi/qapi-types-sockets.o
CC qapi/qapi-types-tpm.o
CC qapi/qapi-types-trace.o
CC qapi/qapi-types-transaction.o
CC qapi/qapi-types-ui.o
CC qapi/qapi-builtin-visit.o
CC qapi/qapi-visit.o
CC qapi/qapi-visit-block-core.o
CC qapi/qapi-visit-char.o
CC qapi/qapi-visit-block.o
CC qapi/qapi-visit-common.o
CC qapi/qapi-visit-crypto.o
CC qapi/qapi-visit-introspect.o
CC qapi/qapi-visit-migration.o
CC qapi/qapi-visit-misc.o
CC qapi/qapi-visit-net.o
CC qapi/qapi-visit-rocker.o
CC qapi/qapi-visit-run-state.o
CC qapi/qapi-visit-sockets.o
CC qapi/qapi-visit-tpm.o
CC qapi/qapi-visit-transaction.o
CC qapi/qapi-visit-trace.o
CC qapi/qapi-visit-ui.o
CC qapi/qapi-events.o
CC qapi/qapi-events-block-core.o
CC qapi/qapi-events-block.o
CC qapi/qapi-events-char.o
CC qapi/qapi-events-common.o
CC qapi/qapi-events-crypto.o
CC qapi/qapi-events-introspect.o
CC qapi/qapi-events-migration.o
CC qapi/qapi-events-misc.o
CC qapi/qapi-events-net.o
CC qapi/qapi-events-rocker.o
CC qapi/qapi-events-run-state.o
CC qapi/qapi-events-sockets.o
CC qapi/qapi-events-tpm.o
CC qapi/qapi-events-trace.o
CC qapi/qapi-events-transaction.o
CC qapi/qapi-events-ui.o
CC qapi/qapi-introspect.o
CC qapi/qapi-visit-core.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qobject-input-visitor.o
CC qapi/qobject-output-visitor.o
CC qapi/qmp-registry.o
CC qapi/qmp-dispatch.o
CC qapi/string-input-visitor.o
CC qapi/string-output-visitor.o
CC qapi/opts-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qnum.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qbool.o
CC qobject/qlist.o
CC qobject/qlit.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
CC trace/simple.o
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/bufferiszero.o
CC util/lockcnt.o
CC util/aiocb.o
CC util/async.o
CC util/aio-wait.o
CC util/thread-pool.o
CC util/qemu-timer.o
CC util/main-loop.o
CC util/iohandler.o
CC util/aio-win32.o
CC util/event_notifier-win32.o
CC util/oslib-win32.o
CC util/qemu-thread-win32.o
CC util/envlist.o
CC util/path.o
CC util/module.o
CC util/host-utils.o
CC util/bitmap.o
CC util/bitops.o
CC util/hbitmap.o
CC util/fifo8.o
CC util/acl.o
CC util/cacheinfo.o
CC util/error.o
CC util/qemu-error.o
CC util/id.o
CC util/iov.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/qemu-progress.o
CC util/keyval.o
CC util/hexdump.o
CC util/crc32c.o
CC util/throttle.o
CC util/uuid.o
CC util/getauxval.o
CC util/readline.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-win32.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/pagesize.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC util/stats64.o
CC util/systemd.o
CC trace-root.o
CC util/trace.o
CC crypto/trace.o
CC io/trace.o
CC migration/trace.o
CC block/trace.o
CC chardev/trace.o
CC hw/block/trace.o
CC hw/block/dataplane/trace.o
CC hw/char/trace.o
CC hw/intc/trace.o
CC hw/net/trace.o
CC hw/rdma/trace.o
CC hw/rdma/vmw/trace.o
CC hw/virtio/trace.o
CC hw/audio/trace.o
CC hw/misc/trace.o
CC hw/misc/macio/trace.o
CC hw/usb/trace.o
CC hw/scsi/trace.o
CC hw/nvram/trace.o
CC hw/display/trace.o
CC hw/input/trace.o
CC hw/timer/trace.o
CC hw/dma/trace.o
CC hw/sparc/trace.o
CC hw/sparc64/trace.o
CC hw/sd/trace.o
CC hw/isa/trace.o
CC hw/mem/trace.o
CC hw/i386/trace.o
CC hw/i386/xen/trace.o
CC hw/9pfs/trace.o
CC hw/ppc/trace.o
CC hw/pci/trace.o
CC hw/pci-host/trace.o
CC hw/s390x/trace.o
CC hw/vfio/trace.o
CC hw/acpi/trace.o
CC hw/arm/trace.o
CC hw/alpha/trace.o
CC hw/hppa/trace.o
CC hw/xen/trace.o
CC hw/ide/trace.o
CC ui/trace.o
CC audio/trace.o
CC net/trace.o
CC target/arm/trace.o
CC target/i386/trace.o
CC target/mips/trace.o
CC target/sparc/trace.o
CC target/s390x/trace.o
CC target/ppc/trace.o
CC qom/trace.o
CC linux-user/trace.o
CC qapi/trace.o
CC accel/tcg/trace.o
CC accel/kvm/trace.o
CC nbd/trace.o
CC scsi/trace.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
CC stubs/arch-query-cpu-model-expansion.o
CC stubs/arch-query-cpu-model-comparison.o
CC stubs/arch-query-cpu-model-baseline.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
CC stubs/clock-warp.o
CC stubs/cpu-get-clock.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/error-printf.o
CC stubs/fdset.o
CC stubs/gdbstub.o
CC stubs/get-vm-name.o
CC stubs/iothread.o
CC stubs/iothread-lock.o
CC stubs/is-daemonized.o
CC stubs/machine-init-done.o
CC stubs/migr-blocker.o
CC stubs/change-state-handler.o
CC stubs/monitor.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/runstate-check.o
CC stubs/set-fd-handler.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/tpm.o
CC stubs/trace-control.o
CC stubs/uuid.o
CC stubs/vm-stop.o
CC stubs/vmstate.o
CC stubs/fd-register.o
CC stubs/qmp_pc_dimm.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/pc_madt_cpu_entry.o
CC stubs/vmgenid.o
CC stubs/xen-common.o
CC stubs/xen-hvm.o
CC stubs/pci-host-piix.o
CC stubs/ram-block.o
CC stubs/sev.o
GEN qemu-img-cmds.h
CC block.o
CC blockjob.o
CC qemu-io-cmds.o
CC replication.o
CC block/raw-format.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vpc.o
CC block/vvfat.o
CC block/dmg.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qcow2-cache.o
CC block/qcow2-bitmap.o
CC block/qed.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/vhdx.o
CC block/vhdx-endian.o
CC block/vhdx-log.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/file-win32.o
CC block/win32-aio.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/backup.o
CC block/replication.o
CC block/throttle.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC scsi/utils.o
CC block/curl.o
CC block/ssh.o
CC block/dmg-bz2.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-nettle.o
CC crypto/hmac.o
CC crypto/hmac-nettle.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
CC crypto/tlscredsx509.o
CC crypto/tlssession.o
CC crypto/secret.o
CC crypto/random-gnutls.o
CC crypto/pbkdf.o
CC crypto/pbkdf-nettle.o
CC crypto/ivgen.o
CC crypto/ivgen-essiv.o
CC crypto/ivgen-plain.o
CC crypto/ivgen-plain64.o
CC crypto/afsplit.o
CC crypto/xts.o
CC crypto/block.o
CC crypto/block-qcow.o
CC crypto/block-luks.o
CC io/channel.o
CC io/channel-buffer.o
CC io/channel-command.o
CC io/channel-file.o
CC io/channel-socket.o
CC io/channel-tls.o
CC io/channel-watch.o
CC io/channel-websock.o
CC io/channel-util.o
CC io/dns-resolver.o
CC io/net-listener.o
CC io/task.o
CC qom/object.o
CC qom/container.o
CC qom/qom-qobject.o
CC qom/object_interfaces.o
CC qemu-io.o
CC blockdev.o
CC blockdev-nbd.o
CC bootdevice.o
CC iothread.o
CC qdev-monitor.o
CC device-hotplug.o
CC os-win32.o
CC bt-host.o
CC bt-vhci.o
CC dma-helpers.o
CC vl.o
CC tpm.o
CC device_tree.o
CC qapi/qapi-commands.o
CC qapi/qapi-commands-block-core.o
CC qapi/qapi-commands-block.o
CC qapi/qapi-commands-char.o
CC qapi/qapi-commands-common.o
CC qapi/qapi-commands-crypto.o
CC qapi/qapi-commands-introspect.o
CC qapi/qapi-commands-migration.o
CC qapi/qapi-commands-misc.o
CC qapi/qapi-commands-net.o
CC qapi/qapi-commands-rocker.o
CC qapi/qapi-commands-run-state.o
CC qapi/qapi-commands-sockets.o
CC qapi/qapi-commands-tpm.o
CC qapi/qapi-commands-trace.o
CC qapi/qapi-commands-transaction.o
CC qapi/qapi-commands-ui.o
CC qmp.o
CC hmp.o
CC cpus-common.o
CC audio/audio.o
CC audio/noaudio.o
CC audio/wavaudio.o
CC audio/mixeng.o
CC audio/dsoundaudio.o
CC audio/audio_win_int.o
CC audio/wavcapture.o
CC backends/rng.o
CC backends/rng-egd.o
CC backends/tpm.o
CC backends/hostmem.o
CC backends/hostmem-ram.o
CC backends/cryptodev.o
CC backends/cryptodev-builtin.o
CC backends/cryptodev-vhost.o
CC block/stream.o
CC chardev/msmouse.o
CC chardev/wctablet.o
CC chardev/testdev.o
CC disas/arm.o
CXX disas/arm-a64.o
CC disas/i386.o
CXX disas/libvixl/vixl/utils.o
CXX disas/libvixl/vixl/compiler-intrinsics.o
CXX disas/libvixl/vixl/a64/instructions-a64.o
CXX disas/libvixl/vixl/a64/decoder-a64.o
CXX disas/libvixl/vixl/a64/disasm-a64.o
CC hw/acpi/core.o
CC hw/acpi/piix4.o
CC hw/acpi/pcihp.o
CC hw/acpi/ich9.o
CC hw/acpi/tco.o
CC hw/acpi/cpu_hotplug.o
CC hw/acpi/memory_hotplug.o
CC hw/acpi/cpu.o
CC hw/acpi/nvdimm.o
CC hw/acpi/vmgenid.o
CC hw/acpi/acpi_interface.o
CC hw/acpi/bios-linker-loader.o
CC hw/acpi/aml-build.o
CC hw/acpi/ipmi.o
CC hw/acpi/acpi-stub.o
CC hw/acpi/ipmi-stub.o
CC hw/audio/sb16.o
CC hw/audio/es1370.o
CC hw/audio/ac97.o
CC hw/audio/fmopl.o
CC hw/audio/adlib.o
CC hw/audio/gus.o
CC hw/audio/gusemu_hal.o
CC hw/audio/gusemu_mixer.o
CC hw/audio/cs4231a.o
CC hw/audio/intel-hda.o
CC hw/audio/hda-codec.o
CC hw/audio/pcspk.o
CC hw/audio/wm8750.o
CC hw/audio/pl041.o
CC hw/audio/lm4549.o
CC hw/audio/marvell_88w8618.o
CC hw/audio/soundhw.o
CC hw/block/block.o
CC hw/block/cdrom.o
CC hw/block/hd-geometry.o
CC hw/block/fdc.o
CC hw/block/m25p80.o
CC hw/block/nand.o
CC hw/block/pflash_cfi01.o
CC hw/block/pflash_cfi02.o
CC hw/block/ecc.o
CC hw/block/onenand.o
CC hw/block/nvme.o
CC hw/bt/core.o
CC hw/bt/l2cap.o
CC hw/bt/sdp.o
CC hw/bt/hci.o
CC hw/bt/hid.o
CC hw/bt/hci-csr.o
CC hw/char/ipoctal232.o
CC hw/char/parallel.o
CC hw/char/pl011.o
CC hw/char/serial.o
CC hw/char/serial-isa.o
CC hw/char/serial-pci.o
CC hw/char/virtio-console.o
CC hw/char/cadence_uart.o
CC hw/char/cmsdk-apb-uart.o
CC hw/char/debugcon.o
CC hw/char/imx_serial.o
CC hw/core/qdev.o
CC hw/core/qdev-properties.o
CC hw/core/bus.o
CC hw/core/reset.o
CC hw/core/qdev-fw.o
CC hw/core/fw-path-provider.o
CC hw/core/irq.o
CC hw/core/hotplug.o
CC hw/core/nmi.o
CC hw/core/stream.o
CC hw/core/ptimer.o
CC hw/core/sysbus.o
CC hw/core/machine.o
CC hw/core/loader.o
CC hw/core/qdev-properties-system.o
CC hw/core/register.o
CC hw/core/or-irq.o
CC hw/core/split-irq.o
CC hw/core/platform-bus.o
CC hw/cpu/core.o
CC hw/display/ads7846.o
CC hw/display/cirrus_vga.o
CC hw/display/pl110.o
CC hw/display/sii9022.o
CC hw/display/ssd0303.o
CC hw/display/ssd0323.o
CC hw/display/vga-pci.o
CC hw/display/vga-isa.o
CC hw/display/vmware_vga.o
CC hw/display/blizzard.o
CC hw/display/exynos4210_fimd.o
CC hw/display/framebuffer.o
CC hw/display/tc6393xb.o
CC hw/dma/pl080.o
CC hw/dma/pl330.o
CC hw/dma/i8257.o
CC hw/dma/xilinx_axidma.o
CC hw/dma/xlnx-zynq-devcfg.o
CC hw/gpio/max7310.o
CC hw/gpio/pl061.o
CC hw/gpio/zaurus.o
CC hw/gpio/gpio_key.o
CC hw/i2c/core.o
CC hw/i2c/smbus.o
CC hw/i2c/smbus_eeprom.o
CC hw/i2c/i2c-ddc.o
CC hw/i2c/versatile_i2c.o
CC hw/i2c/smbus_ich9.o
CC hw/i2c/pm_smbus.o
CC hw/i2c/bitbang_i2c.o
CC hw/i2c/exynos4210_i2c.o
CC hw/i2c/imx_i2c.o
CC hw/i2c/aspeed_i2c.o
CC hw/ide/core.o
CC hw/ide/atapi.o
CC hw/ide/qdev.o
CC hw/ide/pci.o
CC hw/ide/isa.o
CC hw/ide/piix.o
CC hw/ide/microdrive.o
CC hw/ide/ahci.o
CC hw/ide/ich.o
CC hw/ide/ahci-allwinner.o
CC hw/input/hid.o
CC hw/input/lm832x.o
CC hw/input/pckbd.o
CC hw/input/pl050.o
CC hw/input/ps2.o
CC hw/input/stellaris_input.o
CC hw/input/tsc2005.o
CC hw/input/virtio-input.o
CC hw/input/virtio-input-hid.o
CC hw/intc/i8259_common.o
CC hw/intc/i8259.o
CC hw/intc/pl190.o
CC hw/intc/xlnx-pmu-iomod-intc.o
CC hw/intc/xlnx-zynqmp-ipi.o
CC hw/intc/imx_avic.o
CC hw/intc/imx_gpcv2.o
CC hw/intc/realview_gic.o
CC hw/intc/ioapic_common.o
CC hw/intc/arm_gic_common.o
CC hw/intc/arm_gic.o
CC hw/intc/arm_gicv2m.o
CC hw/intc/arm_gicv3_common.o
CC hw/intc/arm_gicv3.o
CC hw/intc/arm_gicv3_dist.o
CC hw/intc/arm_gicv3_redist.o
CC hw/intc/arm_gicv3_its_common.o
CC hw/intc/intc.o
CC hw/ipack/ipack.o
CC hw/ipack/tpci200.o
CC hw/ipmi/ipmi.o
CC hw/ipmi/ipmi_bmc_sim.o
CC hw/ipmi/ipmi_bmc_extern.o
CC hw/ipmi/isa_ipmi_kcs.o
CC hw/ipmi/isa_ipmi_bt.o
CC hw/isa/isa-bus.o
CC hw/isa/apm.o
CC hw/mem/pc-dimm.o
CC hw/mem/nvdimm.o
CC hw/misc/applesmc.o
CC hw/misc/max111x.o
CC hw/misc/tmp105.o
CC hw/misc/tmp421.o
CC hw/misc/debugexit.o
CC hw/misc/sga.o
CC hw/misc/pc-testdev.o
CC hw/misc/pci-testdev.o
CC hw/misc/edu.o
CC hw/misc/unimp.o
CC hw/misc/vmcoreinfo.o
CC hw/misc/arm_l2x0.o
CC hw/misc/arm_integrator_debug.o
CC hw/misc/a9scu.o
CC hw/misc/arm11scu.o
CC hw/net/ne2000.o
CC hw/net/eepro100.o
CC hw/net/pcnet-pci.o
CC hw/net/pcnet.o
CC hw/net/e1000.o
CC hw/net/e1000x_common.o
CC hw/net/net_tx_pkt.o
CC hw/net/net_rx_pkt.o
CC hw/net/e1000e.o
CC hw/net/e1000e_core.o
CC hw/net/rtl8139.o
CC hw/net/vmxnet3.o
CC hw/net/smc91c111.o
CC hw/net/lan9118.o
CC hw/net/ne2000-isa.o
CC hw/net/xgmac.o
CC hw/net/xilinx_axienet.o
CC hw/net/allwinner_emac.o
CC hw/net/imx_fec.o
CC hw/net/cadence_gem.o
CC hw/net/stellaris_enet.o
CC hw/net/ftgmac100.o
CC hw/net/rocker/rocker.o
CC hw/net/rocker/rocker_fp.o
CC hw/net/rocker/rocker_desc.o
CC hw/net/rocker/rocker_world.o
CC hw/net/rocker/rocker_of_dpa.o
CC hw/net/can/can_sja1000.o
CC hw/net/can/can_kvaser_pci.o
CC hw/net/can/can_pcm3680_pci.o
CC hw/net/can/can_mioe3680_pci.o
CC hw/nvram/eeprom93xx.o
CC hw/nvram/eeprom_at24c.o
CC hw/nvram/fw_cfg.o
CC hw/nvram/chrp_nvram.o
CC hw/pci-bridge/pci_bridge_dev.o
CC hw/pci-bridge/pcie_root_port.o
CC hw/pci-bridge/gen_pcie_root_port.o
CC hw/pci-bridge/pcie_pci_bridge.o
CC hw/pci-bridge/pci_expander_bridge.o
CC hw/pci-bridge/xio3130_upstream.o
CC hw/pci-bridge/xio3130_downstream.o
CC hw/pci-bridge/ioh3420.o
CC hw/pci-bridge/i82801b11.o
CC hw/pci-host/pam.o
CC hw/pci-host/versatile.o
CC hw/pci-host/piix.o
CC hw/pci-host/q35.o
CC hw/pci-host/gpex.o
CC hw/pci/pci.o
CC hw/pci/pci_bridge.o
CC hw/pci/msix.o
CC hw/pci/msi.o
CC hw/pci/shpc.o
CC hw/pci/slotid_cap.o
CC hw/pci/pci_host.o
CC hw/pci/pcie_host.o
CC hw/pci/pcie.o
CC hw/pci/pcie_aer.o
CC hw/pci/pcie_port.o
CC hw/pci/pci-stub.o
CC hw/pcmcia/pcmcia.o
CC hw/scsi/scsi-disk.o
CC hw/scsi/scsi-generic.o
CC hw/scsi/scsi-bus.o
CC hw/scsi/lsi53c895a.o
CC hw/scsi/mptsas.o
CC hw/scsi/mptconfig.o
CC hw/scsi/mptendian.o
CC hw/scsi/megasas.o
CC hw/scsi/vmw_pvscsi.o
CC hw/scsi/esp.o
CC hw/scsi/esp-pci.o
CC hw/sd/pl181.o
CC hw/sd/ssi-sd.o
CC hw/sd/sd.o
CC hw/sd/core.o
CC hw/sd/sdhci.o
CC hw/smbios/smbios.o
CC hw/smbios/smbios_type_38.o
CC hw/smbios/smbios-stub.o
CC hw/smbios/smbios_type_38-stub.o
CC hw/ssi/pl022.o
CC hw/ssi/ssi.o
CC hw/ssi/xilinx_spips.o
CC hw/ssi/aspeed_smc.o
CC hw/ssi/stm32f2xx_spi.o
CC hw/ssi/mss-spi.o
CC hw/timer/arm_timer.o
CC hw/timer/arm_mptimer.o
CC hw/timer/armv7m_systick.o
CC hw/timer/a9gtimer.o
CC hw/timer/cadence_ttc.o
CC hw/timer/ds1338.o
CC hw/timer/hpet.o
CC hw/timer/i8254_common.o
CC hw/timer/i8254.o
CC hw/timer/pl031.o
CC hw/timer/twl92230.o
CC hw/timer/imx_epit.o
CC hw/timer/imx_gpt.o
CC hw/timer/xlnx-zynqmp-rtc.o
CC hw/timer/stm32f2xx_timer.o
CC hw/timer/aspeed_timer.o
CC hw/timer/cmsdk-apb-timer.o
CC hw/timer/mss-timer.o
CC hw/tpm/tpm_util.o
CC hw/tpm/tpm_tis.o
CC hw/tpm/tpm_crb.o
CC hw/usb/core.o
CC hw/usb/combined-packet.o
CC hw/usb/bus.o
CC hw/usb/libhw.o
CC hw/usb/desc.o
CC hw/usb/desc-msos.o
CC hw/usb/hcd-uhci.o
CC hw/usb/hcd-ohci.o
CC hw/usb/hcd-ehci.o
CC hw/usb/hcd-ehci-pci.o
CC hw/usb/hcd-ehci-sysbus.o
CC hw/usb/hcd-xhci.o
CC hw/usb/hcd-xhci-nec.o
CC hw/usb/hcd-musb.o
CC hw/usb/dev-hub.o
CC hw/usb/dev-hid.o
CC hw/usb/dev-wacom.o
CC hw/usb/dev-storage.o
CC hw/usb/dev-uas.o
CC hw/usb/dev-audio.o
CC hw/usb/dev-serial.o
CC hw/usb/dev-network.o
CC hw/usb/dev-bluetooth.o
CC hw/usb/dev-smartcard-reader.o
CC hw/usb/host-stub.o
CC hw/virtio/virtio-rng.o
CC hw/virtio/virtio-pci.o
CC hw/virtio/virtio-bus.o
CC hw/virtio/virtio-mmio.o
CC hw/virtio/vhost-stub.o
CC hw/watchdog/watchdog.o
CC hw/watchdog/wdt_i6300esb.o
CC hw/watchdog/wdt_ib700.o
CC hw/watchdog/wdt_aspeed.o
CC migration/migration.o
CC migration/socket.o
CC migration/fd.o
CC migration/exec.o
CC migration/tls.o
CC migration/channel.o
CC migration/savevm.o
CC migration/colo-comm.o
CC migration/colo.o
CC migration/colo-failover.o
CC migration/vmstate.o
CC migration/vmstate-types.o
CC migration/page_cache.o
CC migration/qemu-file.o
CC migration/global_state.o
CC migration/qemu-file-channel.o
CC migration/xbzrle.o
CC migration/postcopy-ram.o
CC migration/qjson.o
CC migration/block.o
CC net/net.o
CC net/queue.o
CC net/checksum.o
CC net/util.o
CC net/hub.o
CC net/socket.o
CC net/dump.o
CC net/eth.o
CC net/slirp.o
CC net/filter.o
CC net/filter-buffer.o
CC net/filter-mirror.o
CC net/colo-compare.o
CC net/colo.o
CC net/filter-rewriter.o
CC net/filter-replay.o
CC net/tap-win32.o
CC net/can/can_core.o
CC net/can/can_host.o
CC qom/cpu.o
CC replay/replay.o
CC replay/replay-internal.o
CC replay/replay-events.o
CC replay/replay-time.o
CC replay/replay-input.o
CC replay/replay-char.o
CC replay/replay-snapshot.o
CC replay/replay-net.o
CC replay/replay-audio.o
CC slirp/cksum.o
CC slirp/if.o
CC slirp/ip_icmp.o
CC slirp/ip6_icmp.o
CC slirp/ip6_input.o
CC slirp/ip6_output.o
CC slirp/ip_input.o
CC slirp/ip_output.o
CC slirp/dnssearch.o
CC slirp/dhcpv6.o
CC slirp/slirp.o
CC slirp/mbuf.o
CC slirp/misc.o
CC slirp/sbuf.o
CC slirp/socket.o
CC slirp/tcp_input.o
CC slirp/tcp_output.o
CC slirp/tcp_subr.o
CC slirp/tcp_timer.o
CC slirp/udp.o
CC slirp/udp6.o
CC slirp/bootp.o
CC slirp/tftp.o
CC slirp/arp_table.o
CC slirp/ndp_table.o
CC slirp/ncsi.o
CC ui/keymaps.o
CC ui/console.o
CC ui/cursor.o
CC ui/qemu-pixman.o
CC ui/input.o
CC ui/input-keymap.o
CC ui/input-legacy.o
CC ui/vnc.o
CC ui/vnc-enc-zlib.o
CC ui/vnc-enc-hextile.o
CC ui/vnc-enc-tight.o
CC ui/vnc-enc-zrle.o
CC ui/vnc-palette.o
CC ui/vnc-auth-vencrypt.o
CC ui/vnc-ws.o
CC ui/vnc-jobs.o
CC ui/sdl.o
CC ui/sdl_zoom.o
CC ui/gtk.o
CC chardev/char.o
CC chardev/char-console.o
CC chardev/char-fe.o
CC chardev/char-file.o
CC chardev/char-io.o
CC chardev/char-mux.o
CC chardev/char-null.o
CC chardev/char-pipe.o
CC chardev/char-ringbuf.o
CC chardev/char-serial.o
CC chardev/char-socket.o
CC chardev/char-stdio.o
CC chardev/char-udp.o
CC chardev/char-win.o
CC chardev/char-win-stdio.o
CC qga/commands.o
CC qga/guest-agent-command-state.o
CC qga/main.o
AS optionrom/multiboot.o
AS optionrom/linuxboot.o
CC qga/commands-win32.o
CC optionrom/linuxboot_dma.o
AS optionrom/kvmvapic.o
BUILD optionrom/multiboot.img
BUILD optionrom/linuxboot.img
BUILD optionrom/linuxboot_dma.img
CC qga/channel-win32.o
BUILD optionrom/kvmvapic.img
BUILD optionrom/multiboot.raw
CC qga/service-win32.o
BUILD optionrom/linuxboot.raw
BUILD optionrom/linuxboot_dma.raw
CC qga/vss-win32.o
BUILD optionrom/kvmvapic.raw
SIGN optionrom/multiboot.bin
SIGN optionrom/linuxboot.bin
SIGN optionrom/linuxboot_dma.bin
SIGN optionrom/kvmvapic.bin
CC qga/qapi-generated/qga-qapi-visit.o
CC qga/qapi-generated/qga-qapi-commands.o
CC qga/qapi-generated/qga-qapi-types.o
AR libqemuutil.a
CC qemu-img.o
LINK qemu-ga.exe
LINK qemu-io.exe
GEN x86_64-softmmu/hmp-commands.h
GEN x86_64-softmmu/hmp-commands-info.h
GEN x86_64-softmmu/config-target.h
GEN aarch64-softmmu/config-target.h
GEN aarch64-softmmu/hmp-commands.h
GEN aarch64-softmmu/hmp-commands-info.h
CC x86_64-softmmu/exec.o
CC x86_64-softmmu/tcg/tcg.o
CC x86_64-softmmu/tcg/tcg-op.o
CC x86_64-softmmu/tcg/tcg-op-vec.o
CC x86_64-softmmu/tcg/tcg-op-gvec.o
CC x86_64-softmmu/tcg/tcg-common.o
CC aarch64-softmmu/exec.o
CC aarch64-softmmu/tcg/tcg.o
CC x86_64-softmmu/tcg/optimize.o
LINK qemu-img.exe
CC aarch64-softmmu/tcg/tcg-op.o
CC x86_64-softmmu/fpu/softfloat.o
CC aarch64-softmmu/tcg/tcg-op-vec.o
CC x86_64-softmmu/disas.o
GEN x86_64-softmmu/gdbstub-xml.c
CC x86_64-softmmu/arch_init.o
CC x86_64-softmmu/cpus.o
CC x86_64-softmmu/monitor.o
CC x86_64-softmmu/gdbstub.o
CC aarch64-softmmu/tcg/tcg-op-gvec.o
CC x86_64-softmmu/balloon.o
CC x86_64-softmmu/ioport.o
CC x86_64-softmmu/numa.o
CC aarch64-softmmu/tcg/tcg-common.o
CC x86_64-softmmu/qtest.o
CC aarch64-softmmu/tcg/optimize.o
CC x86_64-softmmu/memory.o
CC x86_64-softmmu/memory_mapping.o
CC x86_64-softmmu/dump.o
CC x86_64-softmmu/migration/ram.o
CC x86_64-softmmu/accel/accel.o
CC x86_64-softmmu/accel/stubs/hvf-stub.o
CC x86_64-softmmu/accel/stubs/whpx-stub.o
CC aarch64-softmmu/disas.o
CC aarch64-softmmu/fpu/softfloat.o
CC x86_64-softmmu/accel/stubs/kvm-stub.o
GEN aarch64-softmmu/gdbstub-xml.c
CC aarch64-softmmu/arch_init.o
CC aarch64-softmmu/cpus.o
CC x86_64-softmmu/accel/tcg/tcg-all.o
CC aarch64-softmmu/monitor.o
CC aarch64-softmmu/gdbstub.o
CC x86_64-softmmu/accel/tcg/cputlb.o
CC x86_64-softmmu/accel/tcg/tcg-runtime.o
CC x86_64-softmmu/accel/tcg/tcg-runtime-gvec.o
CC x86_64-softmmu/accel/tcg/cpu-exec.o
CC x86_64-softmmu/accel/tcg/cpu-exec-common.o
CC x86_64-softmmu/accel/tcg/translate-all.o
CC x86_64-softmmu/accel/tcg/translator.o
CC x86_64-softmmu/hw/block/virtio-blk.o
CC x86_64-softmmu/hw/block/dataplane/virtio-blk.o
CC x86_64-softmmu/hw/char/virtio-serial-bus.o
CC x86_64-softmmu/hw/core/generic-loader.o
CC x86_64-softmmu/hw/core/null-machine.o
CC x86_64-softmmu/hw/display/vga.o
CC x86_64-softmmu/hw/display/virtio-gpu.o
CC x86_64-softmmu/hw/display/virtio-gpu-3d.o
CC x86_64-softmmu/hw/display/virtio-gpu-pci.o
CC x86_64-softmmu/hw/display/virtio-vga.o
CC x86_64-softmmu/hw/intc/apic.o
CC x86_64-softmmu/hw/intc/apic_common.o
CC x86_64-softmmu/hw/intc/ioapic.o
CC x86_64-softmmu/hw/isa/lpc_ich9.o
CC x86_64-softmmu/hw/misc/pvpanic.o
CC aarch64-softmmu/ioport.o
CC aarch64-softmmu/balloon.o
CC x86_64-softmmu/hw/misc/mmio_interface.o
CC aarch64-softmmu/numa.o
CC aarch64-softmmu/qtest.o
CC aarch64-softmmu/memory.o
CC x86_64-softmmu/hw/net/virtio-net.o
CC x86_64-softmmu/hw/net/vhost_net.o
CC aarch64-softmmu/memory_mapping.o
CC x86_64-softmmu/hw/scsi/virtio-scsi.o
CC aarch64-softmmu/dump.o
CC x86_64-softmmu/hw/scsi/virtio-scsi-dataplane.o
CC aarch64-softmmu/migration/ram.o
CC aarch64-softmmu/accel/accel.o
CC x86_64-softmmu/hw/timer/mc146818rtc.o
CC aarch64-softmmu/accel/stubs/hax-stub.o
CC x86_64-softmmu/hw/virtio/virtio.o
CC x86_64-softmmu/hw/virtio/virtio-balloon.o
CC x86_64-softmmu/hw/virtio/virtio-crypto.o
CC x86_64-softmmu/hw/virtio/virtio-crypto-pci.o
CC x86_64-softmmu/hw/i386/multiboot.o
CC aarch64-softmmu/accel/stubs/whpx-stub.o
CC x86_64-softmmu/hw/i386/pc.o
CC aarch64-softmmu/accel/stubs/hvf-stub.o
CC x86_64-softmmu/hw/i386/pc_piix.o
CC aarch64-softmmu/accel/stubs/kvm-stub.o
CC x86_64-softmmu/hw/i386/pc_q35.o
CC aarch64-softmmu/accel/tcg/tcg-all.o
CC aarch64-softmmu/accel/tcg/cputlb.o
CC aarch64-softmmu/accel/tcg/tcg-runtime.o
CC aarch64-softmmu/accel/tcg/tcg-runtime-gvec.o
CC aarch64-softmmu/accel/tcg/cpu-exec.o
CC x86_64-softmmu/hw/i386/pc_sysfw.o
CC aarch64-softmmu/accel/tcg/cpu-exec-common.o
CC x86_64-softmmu/hw/i386/x86-iommu.o
CC x86_64-softmmu/hw/i386/intel_iommu.o
CC aarch64-softmmu/accel/tcg/translate-all.o
CC x86_64-softmmu/hw/i386/amd_iommu.o
CC aarch64-softmmu/accel/tcg/translator.o
CC aarch64-softmmu/hw/adc/stm32f2xx_adc.o
CC x86_64-softmmu/hw/i386/vmport.o
CC aarch64-softmmu/hw/block/virtio-blk.o
CC aarch64-softmmu/hw/block/dataplane/virtio-blk.o
CC aarch64-softmmu/hw/char/exynos4210_uart.o
CC x86_64-softmmu/hw/i386/vmmouse.o
CC aarch64-softmmu/hw/char/omap_uart.o
CC x86_64-softmmu/hw/i386/kvmvapic.o
CC x86_64-softmmu/hw/i386/acpi-build.o
CC aarch64-softmmu/hw/char/digic-uart.o
CC x86_64-softmmu/target/i386/helper.o
CC aarch64-softmmu/hw/char/stm32f2xx_usart.o
CC aarch64-softmmu/hw/char/bcm2835_aux.o
CC aarch64-softmmu/hw/char/virtio-serial-bus.o
CC aarch64-softmmu/hw/core/generic-loader.o
CC x86_64-softmmu/target/i386/cpu.o
In file included from /tmp/qemu-test/src/target/i386/helper.c:24:0:
/tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
#include <linux/kvm.h>
^~~~~~~~~~~~~
compilation terminated.
make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/helper.o] Error 1
make[1]: *** Waiting for unfinished jobs....
CC aarch64-softmmu/hw/core/null-machine.o
CC aarch64-softmmu/hw/cpu/arm11mpcore.o
CC aarch64-softmmu/hw/cpu/realview_mpcore.o
CC aarch64-softmmu/hw/cpu/a9mpcore.o
CC aarch64-softmmu/hw/cpu/a15mpcore.o
CC aarch64-softmmu/hw/display/omap_dss.o
In file included from /tmp/qemu-test/src/target/i386/cpu.c:29:0:
/tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
#include <linux/kvm.h>
^~~~~~~~~~~~~
compilation terminated.
make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/cpu.o] Error 1
make: *** [Makefile:472: subdir-x86_64-softmmu] Error 2
make: *** Waiting for unfinished jobs....
CC aarch64-softmmu/hw/display/omap_lcdc.o
CC aarch64-softmmu/hw/display/pxa2xx_lcd.o
CC aarch64-softmmu/hw/display/bcm2835_fb.o
CC aarch64-softmmu/hw/display/vga.o
CC aarch64-softmmu/hw/display/virtio-gpu.o
CC aarch64-softmmu/hw/display/virtio-gpu-3d.o
CC aarch64-softmmu/hw/display/virtio-gpu-pci.o
CC aarch64-softmmu/hw/display/dpcd.o
CC aarch64-softmmu/hw/display/xlnx_dp.o
CC aarch64-softmmu/hw/dma/xlnx_dpdma.o
CC aarch64-softmmu/hw/dma/omap_dma.o
CC aarch64-softmmu/hw/dma/soc_dma.o
CC aarch64-softmmu/hw/dma/pxa2xx_dma.o
CC aarch64-softmmu/hw/dma/bcm2835_dma.o
CC aarch64-softmmu/hw/gpio/omap_gpio.o
CC aarch64-softmmu/hw/gpio/imx_gpio.o
CC aarch64-softmmu/hw/gpio/bcm2835_gpio.o
CC aarch64-softmmu/hw/i2c/omap_i2c.o
CC aarch64-softmmu/hw/input/pxa2xx_keypad.o
CC aarch64-softmmu/hw/input/tsc210x.o
CC aarch64-softmmu/hw/intc/armv7m_nvic.o
CC aarch64-softmmu/hw/intc/exynos4210_gic.o
CC aarch64-softmmu/hw/intc/exynos4210_combiner.o
CC aarch64-softmmu/hw/intc/omap_intc.o
CC aarch64-softmmu/hw/intc/bcm2835_ic.o
CC aarch64-softmmu/hw/intc/bcm2836_control.o
CC aarch64-softmmu/hw/intc/allwinner-a10-pic.o
CC aarch64-softmmu/hw/intc/aspeed_vic.o
CC aarch64-softmmu/hw/intc/arm_gicv3_cpuif.o
CC aarch64-softmmu/hw/misc/arm_sysctl.o
CC aarch64-softmmu/hw/misc/cbus.o
CC aarch64-softmmu/hw/misc/exynos4210_pmu.o
CC aarch64-softmmu/hw/misc/exynos4210_clk.o
CC aarch64-softmmu/hw/misc/exynos4210_rng.o
CC aarch64-softmmu/hw/misc/imx_ccm.o
CC aarch64-softmmu/hw/misc/imx31_ccm.o
CC aarch64-softmmu/hw/misc/imx25_ccm.o
CC aarch64-softmmu/hw/misc/imx6_ccm.o
CC aarch64-softmmu/hw/misc/imx6_src.o
CC aarch64-softmmu/hw/misc/imx7_ccm.o
CC aarch64-softmmu/hw/misc/imx2_wdt.o
CC aarch64-softmmu/hw/misc/imx7_snvs.o
CC aarch64-softmmu/hw/misc/imx7_gpr.o
CC aarch64-softmmu/hw/misc/mst_fpga.o
CC aarch64-softmmu/hw/misc/omap_clk.o
CC aarch64-softmmu/hw/misc/omap_gpmc.o
CC aarch64-softmmu/hw/misc/omap_l4.o
CC aarch64-softmmu/hw/misc/omap_sdrc.o
CC aarch64-softmmu/hw/misc/omap_tap.o
CC aarch64-softmmu/hw/misc/bcm2835_mbox.o
CC aarch64-softmmu/hw/misc/bcm2835_property.o
CC aarch64-softmmu/hw/misc/bcm2835_rng.o
CC aarch64-softmmu/hw/misc/zynq_slcr.o
CC aarch64-softmmu/hw/misc/zynq-xadc.o
CC aarch64-softmmu/hw/misc/stm32f2xx_syscfg.o
CC aarch64-softmmu/hw/misc/mps2-fpgaio.o
CC aarch64-softmmu/hw/misc/mps2-scc.o
CC aarch64-softmmu/hw/misc/tz-ppc.o
CC aarch64-softmmu/hw/misc/iotkit-secctl.o
CC aarch64-softmmu/hw/misc/auxbus.o
CC aarch64-softmmu/hw/misc/aspeed_scu.o
CC aarch64-softmmu/hw/misc/aspeed_sdmc.o
CC aarch64-softmmu/hw/misc/mmio_interface.o
CC aarch64-softmmu/hw/misc/msf2-sysreg.o
CC aarch64-softmmu/hw/net/virtio-net.o
CC aarch64-softmmu/hw/net/vhost_net.o
CC aarch64-softmmu/hw/pcmcia/pxa2xx.o
CC aarch64-softmmu/hw/scsi/virtio-scsi.o
CC aarch64-softmmu/hw/scsi/virtio-scsi-dataplane.o
CC aarch64-softmmu/hw/sd/omap_mmc.o
CC aarch64-softmmu/hw/sd/pxa2xx_mmci.o
CC aarch64-softmmu/hw/sd/bcm2835_sdhost.o
CC aarch64-softmmu/hw/ssi/omap_spi.o
CC aarch64-softmmu/hw/ssi/imx_spi.o
CC aarch64-softmmu/hw/timer/exynos4210_mct.o
CC aarch64-softmmu/hw/timer/exynos4210_pwm.o
CC aarch64-softmmu/hw/timer/exynos4210_rtc.o
CC aarch64-softmmu/hw/timer/omap_gptimer.o
CC aarch64-softmmu/hw/timer/omap_synctimer.o
CC aarch64-softmmu/hw/timer/pxa2xx_timer.o
CC aarch64-softmmu/hw/timer/digic-timer.o
CC aarch64-softmmu/hw/timer/allwinner-a10-pit.o
CC aarch64-softmmu/hw/usb/tusb6010.o
CC aarch64-softmmu/hw/usb/chipidea.o
CC aarch64-softmmu/hw/virtio/virtio.o
CC aarch64-softmmu/hw/virtio/virtio-balloon.o
CC aarch64-softmmu/hw/virtio/virtio-crypto.o
CC aarch64-softmmu/hw/virtio/virtio-crypto-pci.o
CC aarch64-softmmu/hw/arm/boot.o
CC aarch64-softmmu/hw/arm/collie.o
CC aarch64-softmmu/hw/arm/exynos4_boards.o
CC aarch64-softmmu/hw/arm/gumstix.o
CC aarch64-softmmu/hw/arm/highbank.o
CC aarch64-softmmu/hw/arm/digic_boards.o
CC aarch64-softmmu/hw/arm/integratorcp.o
CC aarch64-softmmu/hw/arm/mainstone.o
CC aarch64-softmmu/hw/arm/musicpal.o
CC aarch64-softmmu/hw/arm/nseries.o
CC aarch64-softmmu/hw/arm/omap_sx1.o
CC aarch64-softmmu/hw/arm/palm.o
CC aarch64-softmmu/hw/arm/realview.o
CC aarch64-softmmu/hw/arm/spitz.o
CC aarch64-softmmu/hw/arm/stellaris.o
CC aarch64-softmmu/hw/arm/tosa.o
CC aarch64-softmmu/hw/arm/versatilepb.o
CC aarch64-softmmu/hw/arm/vexpress.o
CC aarch64-softmmu/hw/arm/virt.o
CC aarch64-softmmu/hw/arm/xilinx_zynq.o
CC aarch64-softmmu/hw/arm/z2.o
CC aarch64-softmmu/hw/arm/virt-acpi-build.o
CC aarch64-softmmu/hw/arm/netduino2.o
CC aarch64-softmmu/hw/arm/sysbus-fdt.o
CC aarch64-softmmu/hw/arm/armv7m.o
CC aarch64-softmmu/hw/arm/exynos4210.o
CC aarch64-softmmu/hw/arm/pxa2xx.o
CC aarch64-softmmu/hw/arm/pxa2xx_gpio.o
CC aarch64-softmmu/hw/arm/pxa2xx_pic.o
CC aarch64-softmmu/hw/arm/digic.o
CC aarch64-softmmu/hw/arm/omap1.o
CC aarch64-softmmu/hw/arm/omap2.o
CC aarch64-softmmu/hw/arm/strongarm.o
CC aarch64-softmmu/hw/arm/allwinner-a10.o
CC aarch64-softmmu/hw/arm/cubieboard.o
CC aarch64-softmmu/hw/arm/bcm2835_peripherals.o
CC aarch64-softmmu/hw/arm/bcm2836.o
CC aarch64-softmmu/hw/arm/raspi.o
CC aarch64-softmmu/hw/arm/stm32f205_soc.o
CC aarch64-softmmu/hw/arm/xlnx-zynqmp.o
CC aarch64-softmmu/hw/arm/xlnx-zcu102.o
CC aarch64-softmmu/hw/arm/fsl-imx25.o
CC aarch64-softmmu/hw/arm/imx25_pdk.o
CC aarch64-softmmu/hw/arm/fsl-imx31.o
CC aarch64-softmmu/hw/arm/kzm.o
CC aarch64-softmmu/hw/arm/fsl-imx6.o
CC aarch64-softmmu/hw/arm/sabrelite.o
CC aarch64-softmmu/hw/arm/aspeed_soc.o
CC aarch64-softmmu/hw/arm/aspeed.o
CC aarch64-softmmu/hw/arm/mps2.o
CC aarch64-softmmu/hw/arm/mps2-tz.o
CC aarch64-softmmu/hw/arm/msf2-soc.o
CC aarch64-softmmu/hw/arm/msf2-som.o
CC aarch64-softmmu/hw/arm/iotkit.o
CC aarch64-softmmu/target/arm/arm-semi.o
CC aarch64-softmmu/target/arm/machine.o
CC aarch64-softmmu/target/arm/psci.o
CC aarch64-softmmu/target/arm/arch_dump.o
CC aarch64-softmmu/target/arm/monitor.o
CC aarch64-softmmu/target/arm/kvm-stub.o
CC aarch64-softmmu/target/arm/translate.o
CC aarch64-softmmu/target/arm/op_helper.o
CC aarch64-softmmu/target/arm/helper.o
CC aarch64-softmmu/target/arm/cpu.o
CC aarch64-softmmu/target/arm/neon_helper.o
CC aarch64-softmmu/target/arm/iwmmxt_helper.o
CC aarch64-softmmu/target/arm/vec_helper.o
CC aarch64-softmmu/target/arm/gdbstub.o
CC aarch64-softmmu/target/arm/cpu64.o
CC aarch64-softmmu/target/arm/translate-a64.o
CC aarch64-softmmu/target/arm/helper-a64.o
CC aarch64-softmmu/target/arm/gdbstub64.o
CC aarch64-softmmu/target/arm/crypto_helper.o
CC aarch64-softmmu/target/arm/arm-powerctl.o
GEN trace/generated-helpers.c
CC aarch64-softmmu/trace/control-target.o
CC aarch64-softmmu/gdbstub-xml.o
CC aarch64-softmmu/trace/generated-helpers.o
LINK aarch64-softmmu/qemu-system-aarch64w.exe
GEN aarch64-softmmu/qemu-system-aarch64.exe
Traceback (most recent call last):
File "./tests/docker/docker.py", line 407, in <module>
sys.exit(main())
File "./tests/docker/docker.py", line 404, in main
return args.cmdobj.run(args, argv)
File "./tests/docker/docker.py", line 261, in run
return Docker().run(argv, args.keep, quiet=args.quiet)
File "./tests/docker/docker.py", line 229, in run
quiet=quiet)
File "./tests/docker/docker.py", line 147, in _do_check
return subprocess.check_call(self._command + cmd, **kwargs)
File "/usr/lib64/python2.7/subprocess.py", line 186, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['docker', 'run', '--label', 'com.qemu.instance.uuid=9bef6af0222b11e8bca752540069c830', '-u', '0', '--security-opt', 'seccomp=unconfined', '--rm', '--net=none', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=8', '-e', 'DEBUG=', '-e', 'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/root/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945:/var/tmp/qemu:z,ro', 'qemu:fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit status 2
make[1]: *** [tests/docker/Makefile.include:129: docker-run] Error 1
make[1]: Leaving directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
make: *** [tests/docker/Makefile.include:163: docker-run-test-mingw@fedora] Error 2
real 5m52.411s
user 0m4.700s
sys 0m4.017s
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 17:27 ` Dr. David Alan Gilbert
-1 siblings, 0 replies; 74+ messages in thread
From: Dr. David Alan Gilbert @ 2018-03-07 17:27 UTC (permalink / raw)
To: Brijesh Singh
Cc: Peter Maydell, kvm, Michael S. Tsirkin, Stefan Hajnoczi,
qemu-devel, Alexander Graf, Edgar E. Iglesias, Markus Armbruster,
Bruce Rogers, Christian Borntraeger, Marcel Apfelbaum,
Borislav Petkov, Thomas Lendacky, Eduardo Habkost,
Richard Henderson, Alistair Francis, Cornelia Huck,
Richard Henderson, Peter Crosthwaite, Paolo Bonzini
* Brijesh Singh (brijesh.singh@amd.com) wrote:
> KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for
> decrypting and encrypting guest memory region. The command works only if
> the guest policy allows the debugging.
>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Richard Henderson <rth@twiddle.net>
> Cc: Eduardo Habkost <ehabkost@redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
> accel/kvm/kvm-all.c | 1 +
> stubs/sev.c | 4 ++++
> target/i386/sev.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++
> target/i386/trace-events | 1 +
> 4 files changed, 63 insertions(+)
>
> diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> index 411aa87719e6..8089173491dd 100644
> --- a/accel/kvm/kvm-all.c
> +++ b/accel/kvm/kvm-all.c
> @@ -1682,6 +1682,7 @@ static int kvm_init(MachineState *ms)
> }
>
> kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
> + kvm_state->memcrypt_debug_ops = sev_set_debug_ops;
> }
>
> ret = kvm_arch_init(ms, s);
> diff --git a/stubs/sev.c b/stubs/sev.c
> index 2e20f3b73a5b..73f5c7f93a67 100644
> --- a/stubs/sev.c
> +++ b/stubs/sev.c
> @@ -15,6 +15,10 @@
> #include "qemu-common.h"
> #include "sysemu/sev.h"
>
> +void sev_set_debug_ops(void *handle, MemoryRegion *mr)
> +{
> +}
> +
> int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
> {
> return 1;
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index 5fbb3105ccd4..bcfc09558c8c 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -24,6 +24,7 @@
> #define DEFAULT_SEV_DEVICE "/dev/sev"
>
> static SEVState *sev_state;
> +static MemoryRegionRAMReadWriteOps sev_ops;
>
> static const char *const sev_fw_errlist[] = {
> "",
> @@ -601,6 +602,46 @@ sev_vm_state_change(void *opaque, int running, RunState state)
> }
> }
>
> +static int
> +sev_dbg_enc_dec(uint8_t *dst, const uint8_t *src, uint32_t len, bool write)
> +{
> + int ret, error;
> + struct kvm_sev_dbg dbg;
> +
> + dbg.src_uaddr = (unsigned long)src;
> + dbg.dst_uaddr = (unsigned long)dst;
> + dbg.len = len;
> +
> + trace_kvm_sev_debug(write ? "encrypt" : "decrypt", src, dst, len);
> + ret = sev_ioctl(sev_state->sev_fd,
> + write ? KVM_SEV_DBG_ENCRYPT : KVM_SEV_DBG_DECRYPT,
> + &dbg, &error);
> + if (ret) {
> + error_report("%s (%s) %#llx->%#llx+%#x ret=%d fw_error=%d '%s'",
> + __func__, write ? "write" : "read", dbg.src_uaddr,
> + dbg.dst_uaddr, dbg.len, ret, error,
> + fw_error_to_str(error));
> + }
> +
> + return ret;
> +}
> +
> +static int
> +sev_mem_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> +{
> + assert(attrs.debug);
> +
> + return sev_dbg_enc_dec(dst, src, len, false);
> +}
> +
> +static int
> +sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> +{
> + assert(attrs.debug);
> +
> + return sev_dbg_enc_dec(dst, src, len, true);
> +}
> +
> void *
> sev_guest_init(const char *id)
> {
> @@ -701,6 +742,22 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
> return 0;
> }
>
> +void
> +sev_set_debug_ops(void *handle, MemoryRegion *mr)
> +{
> + SEVState *s = (SEVState *)handle;
> +
> + /* If policy does not allow debug then no need to register ops */
> + if (s->policy & SEV_POLICY_NODBG) {
> + return;
> + }
So what happens if someone tries to use a gdb or monitor command when
policy didn't allow debug? Does it end up with an obvious error
somehow?
Dave
> + sev_ops.read = sev_mem_read;
> + sev_ops.write = sev_mem_write;
> +
> + memory_region_set_ram_debug_ops(mr, &sev_ops);
> +}
> +
> static void
> sev_register_types(void)
> {
> diff --git a/target/i386/trace-events b/target/i386/trace-events
> index b1fbde6e40fe..00aa6e98d810 100644
> --- a/target/i386/trace-events
> +++ b/target/i386/trace-events
> @@ -15,3 +15,4 @@ kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session
> kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
> kvm_sev_launch_measurement(const char *value) "data %s"
> kvm_sev_launch_finish(void) ""
> +kvm_sev_debug(const char *op, const uint8_t *src, uint8_t *dst, int len) "(%s) src %p dst %p len %d"
> --
> 2.14.3
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
@ 2018-03-07 17:27 ` Dr. David Alan Gilbert
0 siblings, 0 replies; 74+ messages in thread
From: Dr. David Alan Gilbert @ 2018-03-07 17:27 UTC (permalink / raw)
To: Brijesh Singh
Cc: qemu-devel, Alistair Francis, Christian Borntraeger,
Cornelia Huck, Daniel P . Berrange, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Richard Henderson
* Brijesh Singh (brijesh.singh@amd.com) wrote:
> KVM_SEV_DBG_DECRYPT and KVM_SEV_DBG_ENCRYPT commands are used for
> decrypting and encrypting guest memory region. The command works only if
> the guest policy allows the debugging.
>
> Cc: Paolo Bonzini <pbonzini@redhat.com>
> Cc: Richard Henderson <rth@twiddle.net>
> Cc: Eduardo Habkost <ehabkost@redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
> accel/kvm/kvm-all.c | 1 +
> stubs/sev.c | 4 ++++
> target/i386/sev.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++
> target/i386/trace-events | 1 +
> 4 files changed, 63 insertions(+)
>
> diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
> index 411aa87719e6..8089173491dd 100644
> --- a/accel/kvm/kvm-all.c
> +++ b/accel/kvm/kvm-all.c
> @@ -1682,6 +1682,7 @@ static int kvm_init(MachineState *ms)
> }
>
> kvm_state->memcrypt_encrypt_data = sev_encrypt_data;
> + kvm_state->memcrypt_debug_ops = sev_set_debug_ops;
> }
>
> ret = kvm_arch_init(ms, s);
> diff --git a/stubs/sev.c b/stubs/sev.c
> index 2e20f3b73a5b..73f5c7f93a67 100644
> --- a/stubs/sev.c
> +++ b/stubs/sev.c
> @@ -15,6 +15,10 @@
> #include "qemu-common.h"
> #include "sysemu/sev.h"
>
> +void sev_set_debug_ops(void *handle, MemoryRegion *mr)
> +{
> +}
> +
> int sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
> {
> return 1;
> diff --git a/target/i386/sev.c b/target/i386/sev.c
> index 5fbb3105ccd4..bcfc09558c8c 100644
> --- a/target/i386/sev.c
> +++ b/target/i386/sev.c
> @@ -24,6 +24,7 @@
> #define DEFAULT_SEV_DEVICE "/dev/sev"
>
> static SEVState *sev_state;
> +static MemoryRegionRAMReadWriteOps sev_ops;
>
> static const char *const sev_fw_errlist[] = {
> "",
> @@ -601,6 +602,46 @@ sev_vm_state_change(void *opaque, int running, RunState state)
> }
> }
>
> +static int
> +sev_dbg_enc_dec(uint8_t *dst, const uint8_t *src, uint32_t len, bool write)
> +{
> + int ret, error;
> + struct kvm_sev_dbg dbg;
> +
> + dbg.src_uaddr = (unsigned long)src;
> + dbg.dst_uaddr = (unsigned long)dst;
> + dbg.len = len;
> +
> + trace_kvm_sev_debug(write ? "encrypt" : "decrypt", src, dst, len);
> + ret = sev_ioctl(sev_state->sev_fd,
> + write ? KVM_SEV_DBG_ENCRYPT : KVM_SEV_DBG_DECRYPT,
> + &dbg, &error);
> + if (ret) {
> + error_report("%s (%s) %#llx->%#llx+%#x ret=%d fw_error=%d '%s'",
> + __func__, write ? "write" : "read", dbg.src_uaddr,
> + dbg.dst_uaddr, dbg.len, ret, error,
> + fw_error_to_str(error));
> + }
> +
> + return ret;
> +}
> +
> +static int
> +sev_mem_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> +{
> + assert(attrs.debug);
> +
> + return sev_dbg_enc_dec(dst, src, len, false);
> +}
> +
> +static int
> +sev_mem_write(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> +{
> + assert(attrs.debug);
> +
> + return sev_dbg_enc_dec(dst, src, len, true);
> +}
> +
> void *
> sev_guest_init(const char *id)
> {
> @@ -701,6 +742,22 @@ sev_encrypt_data(void *handle, uint8_t *ptr, uint64_t len)
> return 0;
> }
>
> +void
> +sev_set_debug_ops(void *handle, MemoryRegion *mr)
> +{
> + SEVState *s = (SEVState *)handle;
> +
> + /* If policy does not allow debug then no need to register ops */
> + if (s->policy & SEV_POLICY_NODBG) {
> + return;
> + }
So what happens if someone tries to use a gdb or monitor command when
policy didn't allow debug? Does it end up with an obvious error
somehow?
Dave
> + sev_ops.read = sev_mem_read;
> + sev_ops.write = sev_mem_write;
> +
> + memory_region_set_ram_debug_ops(mr, &sev_ops);
> +}
> +
> static void
> sev_register_types(void)
> {
> diff --git a/target/i386/trace-events b/target/i386/trace-events
> index b1fbde6e40fe..00aa6e98d810 100644
> --- a/target/i386/trace-events
> +++ b/target/i386/trace-events
> @@ -15,3 +15,4 @@ kvm_sev_launch_start(int policy, void *session, void *pdh) "policy 0x%x session
> kvm_sev_launch_update_data(void *addr, uint64_t len) "addr %p len 0x%" PRIu64
> kvm_sev_launch_measurement(const char *value) "data %s"
> kvm_sev_launch_finish(void) ""
> +kvm_sev_debug(const char *op, const uint8_t *src, uint8_t *dst, int len) "(%s) src %p dst %p len %d"
> --
> 2.14.3
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
2018-03-07 17:27 ` [Qemu-devel] " Dr. David Alan Gilbert
@ 2018-03-07 17:40 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 17:40 UTC (permalink / raw)
To: Dr. David Alan Gilbert
Cc: Peter Maydell, brijesh.singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, qemu-devel, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Alistair Francis,
Cornelia Huck, Richard Henderson, Peter Crosthwaite,
Paolo Bonzini
On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
[...]
>> +{
>> + SEVState *s = (SEVState *)handle;
>> +
>> + /* If policy does not allow debug then no need to register ops */
>> + if (s->policy & SEV_POLICY_NODBG) {
>> + return;
>> + }
>
> So what happens if someone tries to use a gdb or monitor command when
> policy didn't allow debug? Does it end up with an obvious error
> somehow?
>
In those cases caller will get encrypted bytes, leading to
unintelligible data. It can sometime translate into obvious errors e.g
caller tries to walk guest pagtable and it gets garbage and will have
trouble dumping the pgtables etc. Many times qemu calls ldphys_*
functions to access the data it may get tricky to report the errors.
-Brijesh
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
@ 2018-03-07 17:40 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 17:40 UTC (permalink / raw)
To: Dr. David Alan Gilbert
Cc: brijesh.singh, qemu-devel, Alistair Francis,
Christian Borntraeger, Cornelia Huck, Daniel P . Berrange,
Michael S. Tsirkin, Edgar E. Iglesias, Eduardo Habkost,
Eric Blake, kvm, Marcel Apfelbaum, Markus Armbruster,
Paolo Bonzini, Peter Crosthwaite, Peter Maydell,
Richard Henderson, Stefan Hajnoczi, Thomas Lendacky,
Borislav Petkov, Alexander Graf, Bruce Rogers, Richard Henderson
On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
[...]
>> +{
>> + SEVState *s = (SEVState *)handle;
>> +
>> + /* If policy does not allow debug then no need to register ops */
>> + if (s->policy & SEV_POLICY_NODBG) {
>> + return;
>> + }
>
> So what happens if someone tries to use a gdb or monitor command when
> policy didn't allow debug? Does it end up with an obvious error
> somehow?
>
In those cases caller will get encrypted bytes, leading to
unintelligible data. It can sometime translate into obvious errors e.g
caller tries to walk guest pagtable and it gets garbage and will have
trouble dumping the pgtables etc. Many times qemu calls ldphys_*
functions to access the data it may get tricky to report the errors.
-Brijesh
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
2018-03-07 17:40 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 18:24 ` Dr. David Alan Gilbert
-1 siblings, 0 replies; 74+ messages in thread
From: Dr. David Alan Gilbert @ 2018-03-07 18:24 UTC (permalink / raw)
To: Brijesh Singh
Cc: Peter Maydell, kvm, Michael S. Tsirkin, Stefan Hajnoczi,
qemu-devel, Alexander Graf, Edgar E. Iglesias, Markus Armbruster,
Bruce Rogers, Christian Borntraeger, Marcel Apfelbaum,
Borislav Petkov, Thomas Lendacky, Eduardo Habkost,
Richard Henderson, Alistair Francis, Cornelia Huck,
Richard Henderson, Peter Crosthwaite, Paolo Bonzini
* Brijesh Singh (brijesh.singh@amd.com) wrote:
>
>
> On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
>
> [...]
>
> > > +{
> > > + SEVState *s = (SEVState *)handle;
> > > +
> > > + /* If policy does not allow debug then no need to register ops */
> > > + if (s->policy & SEV_POLICY_NODBG) {
> > > + return;
> > > + }
> >
> > So what happens if someone tries to use a gdb or monitor command when
> > policy didn't allow debug? Does it end up with an obvious error
> > somehow?
> >
>
> In those cases caller will get encrypted bytes, leading to unintelligible
> data. It can sometime translate into obvious errors e.g caller tries to
> walk guest pagtable and it gets garbage and will have trouble dumping the
> pgtables etc. Many times qemu calls ldphys_* functions to access the data it
> may get tricky to report the errors.
So would it make sense to have something like:
sev_mem_cant_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
{
error_report("SEV Guest policy does not allow debug access");
return -EPERM;
}
void
sev_set_debug_ops(void *handle, MemoryRegion *mr)
{
SEVState *s = (SEVState *)handle;
/* If policy does not allow debug then no need to register ops */
if (s->policy & SEV_POLICY_NODBG) {
sev_ops.read = sev_mem_cant_read;
sev_ops.write = sev_mem_cant_write;
} else {
sev_ops.read = sev_mem_read;
sev_ops.write = sev_mem_write;
}
Dave
>
> -Brijesh
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
@ 2018-03-07 18:24 ` Dr. David Alan Gilbert
0 siblings, 0 replies; 74+ messages in thread
From: Dr. David Alan Gilbert @ 2018-03-07 18:24 UTC (permalink / raw)
To: Brijesh Singh
Cc: qemu-devel, Alistair Francis, Christian Borntraeger,
Cornelia Huck, Daniel P . Berrange, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Richard Henderson
* Brijesh Singh (brijesh.singh@amd.com) wrote:
>
>
> On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
>
> [...]
>
> > > +{
> > > + SEVState *s = (SEVState *)handle;
> > > +
> > > + /* If policy does not allow debug then no need to register ops */
> > > + if (s->policy & SEV_POLICY_NODBG) {
> > > + return;
> > > + }
> >
> > So what happens if someone tries to use a gdb or monitor command when
> > policy didn't allow debug? Does it end up with an obvious error
> > somehow?
> >
>
> In those cases caller will get encrypted bytes, leading to unintelligible
> data. It can sometime translate into obvious errors e.g caller tries to
> walk guest pagtable and it gets garbage and will have trouble dumping the
> pgtables etc. Many times qemu calls ldphys_* functions to access the data it
> may get tricky to report the errors.
So would it make sense to have something like:
sev_mem_cant_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
{
error_report("SEV Guest policy does not allow debug access");
return -EPERM;
}
void
sev_set_debug_ops(void *handle, MemoryRegion *mr)
{
SEVState *s = (SEVState *)handle;
/* If policy does not allow debug then no need to register ops */
if (s->policy & SEV_POLICY_NODBG) {
sev_ops.read = sev_mem_cant_read;
sev_ops.write = sev_mem_cant_write;
} else {
sev_ops.read = sev_mem_read;
sev_ops.write = sev_mem_write;
}
Dave
>
> -Brijesh
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
2018-03-07 18:24 ` [Qemu-devel] " Dr. David Alan Gilbert
@ 2018-03-07 19:38 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 19:38 UTC (permalink / raw)
To: Dr. David Alan Gilbert
Cc: Peter Maydell, brijesh.singh, kvm, Michael S. Tsirkin,
Stefan Hajnoczi, qemu-devel, Alexander Graf, Edgar E. Iglesias,
Markus Armbruster, Bruce Rogers, Christian Borntraeger,
Marcel Apfelbaum, Borislav Petkov, Thomas Lendacky,
Eduardo Habkost, Richard Henderson, Alistair Francis,
Cornelia Huck, Richard Henderson, Peter Crosthwaite,
Paolo Bonzini
On 3/7/18 12:24 PM, Dr. David Alan Gilbert wrote:
> * Brijesh Singh (brijesh.singh@amd.com) wrote:
>>
>> On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
>>
>> [...]
>>
>>>> +{
>>>> + SEVState *s = (SEVState *)handle;
>>>> +
>>>> + /* If policy does not allow debug then no need to register ops */
>>>> + if (s->policy & SEV_POLICY_NODBG) {
>>>> + return;
>>>> + }
>>> So what happens if someone tries to use a gdb or monitor command when
>>> policy didn't allow debug? Does it end up with an obvious error
>>> somehow?
>>>
>> In those cases caller will get encrypted bytes, leading to unintelligible
>> data. It can sometime translate into obvious errors e.g caller tries to
>> walk guest pagtable and it gets garbage and will have trouble dumping the
>> pgtables etc. Many times qemu calls ldphys_* functions to access the data it
>> may get tricky to report the errors.
> So would it make sense to have something like:
>
> sev_mem_cant_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> {
> error_report("SEV Guest policy does not allow debug access");
>
> return -EPERM;
> }
In very early patches we had something similar but I was not sure if
that was right thing. Any debug accesses were printing ton of messages
and also in some case caller actually wants to dump the memory content
(e.g x /10gx 0x000).. what we should return in those cases ? In my
approach was if debug was not enabled then simply don't decrypt the
memory and provide the raw data.
There was some discussion to have very high level security policy which
may have attribute like debug=on|off, if debug is disabled then QEMU
monitor can display messages like debug not allowed to better inform user.
> void
> sev_set_debug_ops(void *handle, MemoryRegion *mr)
> {
> SEVState *s = (SEVState *)handle;
>
> /* If policy does not allow debug then no need to register ops */
> if (s->policy & SEV_POLICY_NODBG) {
> sev_ops.read = sev_mem_cant_read;
> sev_ops.write = sev_mem_cant_write;
> } else {
> sev_ops.read = sev_mem_read;
> sev_ops.write = sev_mem_write;
> }
>
> Dave
>
>> -Brijesh
> --
> Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
@ 2018-03-07 19:38 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 19:38 UTC (permalink / raw)
To: Dr. David Alan Gilbert
Cc: brijesh.singh, qemu-devel, Alistair Francis,
Christian Borntraeger, Cornelia Huck, Daniel P . Berrange,
Michael S. Tsirkin, Edgar E. Iglesias, Eduardo Habkost,
Eric Blake, kvm, Marcel Apfelbaum, Markus Armbruster,
Paolo Bonzini, Peter Crosthwaite, Peter Maydell,
Richard Henderson, Stefan Hajnoczi, Thomas Lendacky,
Borislav Petkov, Alexander Graf, Bruce Rogers, Richard Henderson
On 3/7/18 12:24 PM, Dr. David Alan Gilbert wrote:
> * Brijesh Singh (brijesh.singh@amd.com) wrote:
>>
>> On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
>>
>> [...]
>>
>>>> +{
>>>> + SEVState *s = (SEVState *)handle;
>>>> +
>>>> + /* If policy does not allow debug then no need to register ops */
>>>> + if (s->policy & SEV_POLICY_NODBG) {
>>>> + return;
>>>> + }
>>> So what happens if someone tries to use a gdb or monitor command when
>>> policy didn't allow debug? Does it end up with an obvious error
>>> somehow?
>>>
>> In those cases caller will get encrypted bytes, leading to unintelligible
>> data. It can sometime translate into obvious errors e.g caller tries to
>> walk guest pagtable and it gets garbage and will have trouble dumping the
>> pgtables etc. Many times qemu calls ldphys_* functions to access the data it
>> may get tricky to report the errors.
> So would it make sense to have something like:
>
> sev_mem_cant_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> {
> error_report("SEV Guest policy does not allow debug access");
>
> return -EPERM;
> }
In very early patches we had something similar but I was not sure if
that was right thing. Any debug accesses were printing ton of messages
and also in some case caller actually wants to dump the memory content
(e.g x /10gx 0x000).. what we should return in those cases ? In my
approach was if debug was not enabled then simply don't decrypt the
memory and provide the raw data.
There was some discussion to have very high level security policy which
may have attribute like debug=on|off, if debug is disabled then QEMU
monitor can display messages like debug not allowed to better inform user.
> void
> sev_set_debug_ops(void *handle, MemoryRegion *mr)
> {
> SEVState *s = (SEVState *)handle;
>
> /* If policy does not allow debug then no need to register ops */
> if (s->policy & SEV_POLICY_NODBG) {
> sev_ops.read = sev_mem_cant_read;
> sev_ops.write = sev_mem_cant_write;
> } else {
> sev_ops.read = sev_mem_read;
> sev_ops.write = sev_mem_write;
> }
>
> Dave
>
>> -Brijesh
> --
> Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
2018-03-07 19:38 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-07 20:11 ` Dr. David Alan Gilbert
-1 siblings, 0 replies; 74+ messages in thread
From: Dr. David Alan Gilbert @ 2018-03-07 20:11 UTC (permalink / raw)
To: Brijesh Singh
Cc: Peter Maydell, kvm, Michael S. Tsirkin, Stefan Hajnoczi,
qemu-devel, Alexander Graf, Edgar E. Iglesias, Markus Armbruster,
Bruce Rogers, Christian Borntraeger, Marcel Apfelbaum,
Borislav Petkov, Thomas Lendacky, Eduardo Habkost,
Richard Henderson, Alistair Francis, Cornelia Huck,
Richard Henderson, Peter Crosthwaite, Paolo Bonzini
* Brijesh Singh (brijesh.singh@amd.com) wrote:
>
>
> On 3/7/18 12:24 PM, Dr. David Alan Gilbert wrote:
> > * Brijesh Singh (brijesh.singh@amd.com) wrote:
> >>
> >> On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
> >>
> >> [...]
> >>
> >>>> +{
> >>>> + SEVState *s = (SEVState *)handle;
> >>>> +
> >>>> + /* If policy does not allow debug then no need to register ops */
> >>>> + if (s->policy & SEV_POLICY_NODBG) {
> >>>> + return;
> >>>> + }
> >>> So what happens if someone tries to use a gdb or monitor command when
> >>> policy didn't allow debug? Does it end up with an obvious error
> >>> somehow?
> >>>
> >> In those cases caller will get encrypted bytes, leading to unintelligible
> >> data. It can sometime translate into obvious errors e.g caller tries to
> >> walk guest pagtable and it gets garbage and will have trouble dumping the
> >> pgtables etc. Many times qemu calls ldphys_* functions to access the data it
> >> may get tricky to report the errors.
> > So would it make sense to have something like:
> >
> > sev_mem_cant_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> > {
> > error_report("SEV Guest policy does not allow debug access");
> >
> > return -EPERM;
> > }
>
> In very early patches we had something similar but I was not sure if
> that was right thing. Any debug accesses were printing ton of messages
OK, if it would generate silly amounts of debug then leave it as is;
but I bet it'll confuse someone in the future when they try and dig
through it for debug without realising SEV-debug is there!
Dave
> and also in some case caller actually wants to dump the memory content
> (e.g x /10gx 0x000).. what we should return in those cases ? In my
> approach was if debug was not enabled then simply don't decrypt the
> memory and provide the raw data.
>
> There was some discussion to have very high level security policy which
> may have attribute like debug=on|off, if debug is disabled then QEMU
> monitor can display messages like debug not allowed to better inform user.
>
>
> > void
> > sev_set_debug_ops(void *handle, MemoryRegion *mr)
> > {
> > SEVState *s = (SEVState *)handle;
> >
> > /* If policy does not allow debug then no need to register ops */
> > if (s->policy & SEV_POLICY_NODBG) {
> > sev_ops.read = sev_mem_cant_read;
> > sev_ops.write = sev_mem_cant_write;
> > } else {
> > sev_ops.read = sev_mem_read;
> > sev_ops.write = sev_mem_write;
> > }
> >
> > Dave
> >
> >> -Brijesh
> > --
> > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands
@ 2018-03-07 20:11 ` Dr. David Alan Gilbert
0 siblings, 0 replies; 74+ messages in thread
From: Dr. David Alan Gilbert @ 2018-03-07 20:11 UTC (permalink / raw)
To: Brijesh Singh
Cc: qemu-devel, Alistair Francis, Christian Borntraeger,
Cornelia Huck, Daniel P . Berrange, Michael S. Tsirkin,
Edgar E. Iglesias, Eduardo Habkost, Eric Blake, kvm,
Marcel Apfelbaum, Markus Armbruster, Paolo Bonzini,
Peter Crosthwaite, Peter Maydell, Richard Henderson,
Stefan Hajnoczi, Thomas Lendacky, Borislav Petkov,
Alexander Graf, Bruce Rogers, Richard Henderson
* Brijesh Singh (brijesh.singh@amd.com) wrote:
>
>
> On 3/7/18 12:24 PM, Dr. David Alan Gilbert wrote:
> > * Brijesh Singh (brijesh.singh@amd.com) wrote:
> >>
> >> On 03/07/2018 11:27 AM, Dr. David Alan Gilbert wrote:
> >>
> >> [...]
> >>
> >>>> +{
> >>>> + SEVState *s = (SEVState *)handle;
> >>>> +
> >>>> + /* If policy does not allow debug then no need to register ops */
> >>>> + if (s->policy & SEV_POLICY_NODBG) {
> >>>> + return;
> >>>> + }
> >>> So what happens if someone tries to use a gdb or monitor command when
> >>> policy didn't allow debug? Does it end up with an obvious error
> >>> somehow?
> >>>
> >> In those cases caller will get encrypted bytes, leading to unintelligible
> >> data. It can sometime translate into obvious errors e.g caller tries to
> >> walk guest pagtable and it gets garbage and will have trouble dumping the
> >> pgtables etc. Many times qemu calls ldphys_* functions to access the data it
> >> may get tricky to report the errors.
> > So would it make sense to have something like:
> >
> > sev_mem_cant_read(uint8_t *dst, const uint8_t *src, uint32_t len, MemTxAttrs attrs)
> > {
> > error_report("SEV Guest policy does not allow debug access");
> >
> > return -EPERM;
> > }
>
> In very early patches we had something similar but I was not sure if
> that was right thing. Any debug accesses were printing ton of messages
OK, if it would generate silly amounts of debug then leave it as is;
but I bet it'll confuse someone in the future when they try and dig
through it for debug without realising SEV-debug is there!
Dave
> and also in some case caller actually wants to dump the memory content
> (e.g x /10gx 0x000).. what we should return in those cases ? In my
> approach was if debug was not enabled then simply don't decrypt the
> memory and provide the raw data.
>
> There was some discussion to have very high level security policy which
> may have attribute like debug=on|off, if debug is disabled then QEMU
> monitor can display messages like debug not allowed to better inform user.
>
>
> > void
> > sev_set_debug_ops(void *handle, MemoryRegion *mr)
> > {
> > SEVState *s = (SEVState *)handle;
> >
> > /* If policy does not allow debug then no need to register ops */
> > if (s->policy & SEV_POLICY_NODBG) {
> > sev_ops.read = sev_mem_cant_read;
> > sev_ops.write = sev_mem_cant_write;
> > } else {
> > sev_ops.read = sev_mem_read;
> > sev_ops.write = sev_mem_write;
> > }
> >
> > Dave
> >
> >> -Brijesh
> > --
> > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
>
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
2018-03-07 17:24 ` [Qemu-devel] " no-reply
@ 2018-03-07 20:35 ` Brijesh Singh
-1 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 20:35 UTC (permalink / raw)
To: qemu-devel
Cc: edgar.iglesias, peter.maydell, bp, famz, ehabkost, kvm, mst,
stefanha, alistair.francis, crosthwaite.peter, richard.henderson,
agraf, armbru, borntraeger, pbonzini, marcel, brijesh.singh,
Thomas.Lendacky, brogers, cornelia.huck, dgilbert
Hi,
I have root caused and fixed the build issue seen with mingw32 compiler,
the patch is very trivial (see below).
I am looking for direction on how to submit the fix, should I resubmit
the whole series or just send the updated patch marked as "Patch v11.1
..." ? The "patch v11 11/28" included these headers in sev_i386.h, we
need to move them in sev.c to fix this issue.
thanks
-------
diff --git a/target/i386/sev.c b/target/i386/sev.c
index f838cf7e3720..826bdff7bf2e 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -11,6 +11,11 @@
*
*/
+#include <linux/psp-sev.h>
+#include <linux/kvm.h>
+
+#include <sys/ioctl.h>
+
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index cd802e4b4178..b8622dfb1e49 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -14,11 +14,6 @@
#ifndef QEMU_SEV_I386_H
#define QEMU_SEV_I386_H
-#include <linux/kvm.h>
-#include <linux/psp-sev.h>
-
-#include <sys/ioctl.h>
-
#include "qom/object.h"
#include "qapi/error.h"
#include "sysemu/kvm.h"
On 3/7/18 11:24 AM, no-reply@patchew.org wrote:
> Hi,
>
> This series failed docker-mingw@fedora build test. Please find the testing commands and
> their output below. If you have Docker installed, you can probably reproduce it
> locally.
>
> Type: series
> Message-id: 20180307165038.88640-1-brijesh.singh@amd.com
> Subject: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
>
> === TEST SCRIPT BEGIN ===
> #!/bin/bash
> set -e
> git submodule update --init dtc
> # Let docker tests dump environment info
> export SHOW_ENV=1
> export J=8
> time make docker-test-mingw@fedora
> === TEST SCRIPT END ===
>
> Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
> Switched to a new branch 'test'
> 4fbea75df6 tests/qmp-test: blacklist sev specific qmp commands
> dee06afe23 sev/i386: add sev_get_capabilities()
> 4bc4467cbd qmp: add query-sev-capabilities command
> b96190fd71 cpu/i386: populate CPUID 0x8000_001F when SEV is active
> 3c60cdc4ec sev/i386: add migration blocker
> a9ab0a27b2 qmp: add query-sev-launch-measure command
> 7a9005e7b3 target/i386: clear C-bit when walking SEV guest page table
> 1758f0ec5d sev/i386: add debug encrypt and decrypt commands
> 31a61f5fe9 hw/i386: set ram_debug_ops when memory encryption is enabled
> 346e90b176 sev/i386: finalize the SEV guest launch flow
> 38cf6ff868 sev/i386: add support to LAUNCH_MEASURE command
> a9df6d98ec target/i386: encrypt bios rom
> baa46b9faf sev/i386: add command to encrypt guest memory region
> 41354b73a4 sev/i386: add command to create launch memory encryption context
> 4d35f32583 hmp: add 'info sev' command
> 16598f2cc1 kvm: introduce memory encryption APIs
> 36b000c77c sev/i386: register the guest memory range which may contain encrypted data
> 435a482830 sev/i386: add command to initialize the memory encryption context
> 1c37bac2fa include: add psp-sev.h header file
> ea9d68aad5 qmp: add query-sev command
> e85ff63940 target/i386: add Secure Encrypted Virtulization (SEV) object
> 9605c92f32 docs: add AMD Secure Encrypted Virtualization (SEV)
> 52514277fb kvm: update kvm.h to include memory encryption ioctls
> 2398a21fbd machine: add -memory-encryption property
> 40ba67a92d monitor/i386: use debug APIs when accessing guest memory
> 7a060f2310 exec: add debug version of physical memory read and write API
> 6533e78730 exec: add ram_debug_ops support
> 94ffe21118 memattrs: add debug attribute
>
> === OUTPUT BEGIN ===
> Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/dtc'...
> Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
> BUILD fedora
> make[1]: Entering directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
> GEN /var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot'...
> done.
> Checking out files: 45% (2690/5948)
> Checking out files: 46% (2737/5948)
> Checking out files: 47% (2796/5948)
> Checking out files: 48% (2856/5948)
> Checking out files: 49% (2915/5948)
> Checking out files: 50% (2974/5948)
> Checking out files: 51% (3034/5948)
> Checking out files: 52% (3093/5948)
> Checking out files: 53% (3153/5948)
> Checking out files: 54% (3212/5948)
> Checking out files: 55% (3272/5948)
> Checking out files: 56% (3331/5948)
> Checking out files: 57% (3391/5948)
> Checking out files: 58% (3450/5948)
> Checking out files: 59% (3510/5948)
> Checking out files: 60% (3569/5948)
> Checking out files: 61% (3629/5948)
> Checking out files: 62% (3688/5948)
> Checking out files: 63% (3748/5948)
> Checking out files: 64% (3807/5948)
> Checking out files: 65% (3867/5948)
> Checking out files: 66% (3926/5948)
> Checking out files: 67% (3986/5948)
> Checking out files: 68% (4045/5948)
> Checking out files: 69% (4105/5948)
> Checking out files: 70% (4164/5948)
> Checking out files: 71% (4224/5948)
> Checking out files: 72% (4283/5948)
> Checking out files: 73% (4343/5948)
> Checking out files: 74% (4402/5948)
> Checking out files: 75% (4461/5948)
> Checking out files: 76% (4521/5948)
> Checking out files: 77% (4580/5948)
> Checking out files: 78% (4640/5948)
> Checking out files: 79% (4699/5948)
> Checking out files: 80% (4759/5948)
> Checking out files: 81% (4818/5948)
> Checking out files: 82% (4878/5948)
> Checking out files: 83% (4937/5948)
> Checking out files: 84% (4997/5948)
> Checking out files: 85% (5056/5948)
> Checking out files: 86% (5116/5948)
> Checking out files: 87% (5175/5948)
> Checking out files: 88% (5235/5948)
> Checking out files: 89% (5294/5948)
> Checking out files: 90% (5354/5948)
> Checking out files: 91% (5413/5948)
> Checking out files: 92% (5473/5948)
> Checking out files: 93% (5532/5948)
> Checking out files: 94% (5592/5948)
> Checking out files: 95% (5651/5948)
> Checking out files: 96% (5711/5948)
> Checking out files: 97% (5770/5948)
> Checking out files: 98% (5830/5948)
> Checking out files: 99% (5889/5948)
> Checking out files: 100% (5948/5948)
> Checking out files: 100% (5948/5948), done.
> Your branch is up-to-date with 'origin/test'.
> Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/dtc'...
> Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
> Submodule 'ui/keycodemapdb' (git://git.qemu.org/keycodemapdb.git) registered for path 'ui/keycodemapdb'
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/ui/keycodemapdb'...
> Submodule path 'ui/keycodemapdb': checked out '6b3d716e2b6472eb7189d3220552280ef3d832ce'
> COPY RUNNER
> RUN test-mingw in qemu:fedora
> Packages installed:
> PyYAML-3.12-5.fc27.x86_64
> SDL-devel-1.2.15-29.fc27.x86_64
> bc-1.07.1-3.fc27.x86_64
> bison-3.0.4-8.fc27.x86_64
> bzip2-1.0.6-24.fc27.x86_64
> ccache-3.3.5-1.fc27.x86_64
> clang-5.0.1-1.fc27.x86_64
> findutils-4.6.0-14.fc27.x86_64
> flex-2.6.1-5.fc27.x86_64
> gcc-7.3.1-2.fc27.x86_64
> gcc-c++-7.3.1-2.fc27.x86_64
> gettext-0.19.8.1-12.fc27.x86_64
> git-2.14.3-2.fc27.x86_64
> glib2-devel-2.54.3-2.fc27.x86_64
> hostname-3.18-4.fc27.x86_64
> libaio-devel-0.3.110-9.fc27.x86_64
> libasan-7.3.1-2.fc27.x86_64
> libfdt-devel-1.4.6-1.fc27.x86_64
> libubsan-7.3.1-2.fc27.x86_64
> make-4.2.1-4.fc27.x86_64
> mingw32-SDL-1.2.15-9.fc27.noarch
> mingw32-bzip2-1.0.6-9.fc27.noarch
> mingw32-curl-7.54.1-2.fc27.noarch
> mingw32-glib2-2.54.1-1.fc27.noarch
> mingw32-gmp-6.1.2-2.fc27.noarch
> mingw32-gnutls-3.5.13-2.fc27.noarch
> mingw32-gtk2-2.24.31-4.fc27.noarch
> mingw32-gtk3-3.22.16-1.fc27.noarch
> mingw32-libjpeg-turbo-1.5.1-3.fc27.noarch
> mingw32-libpng-1.6.29-2.fc27.noarch
> mingw32-libssh2-1.8.0-3.fc27.noarch
> mingw32-libtasn1-4.13-1.fc27.noarch
> mingw32-nettle-3.3-3.fc27.noarch
> mingw32-pixman-0.34.0-3.fc27.noarch
> mingw32-pkg-config-0.28-9.fc27.x86_64
> mingw64-SDL-1.2.15-9.fc27.noarch
> mingw64-bzip2-1.0.6-9.fc27.noarch
> mingw64-curl-7.54.1-2.fc27.noarch
> mingw64-glib2-2.54.1-1.fc27.noarch
> mingw64-gmp-6.1.2-2.fc27.noarch
> mingw64-gnutls-3.5.13-2.fc27.noarch
> mingw64-gtk2-2.24.31-4.fc27.noarch
> mingw64-gtk3-3.22.16-1.fc27.noarch
> mingw64-libjpeg-turbo-1.5.1-3.fc27.noarch
> mingw64-libpng-1.6.29-2.fc27.noarch
> mingw64-libssh2-1.8.0-3.fc27.noarch
> mingw64-libtasn1-4.13-1.fc27.noarch
> mingw64-nettle-3.3-3.fc27.noarch
> mingw64-pixman-0.34.0-3.fc27.noarch
> mingw64-pkg-config-0.28-9.fc27.x86_64
> nettle-devel-3.4-1.fc27.x86_64
> perl-5.26.1-402.fc27.x86_64
> pixman-devel-0.34.0-4.fc27.x86_64
> python3-3.6.2-13.fc27.x86_64
> sparse-0.5.1-2.fc27.x86_64
> tar-1.29-7.fc27.x86_64
> which-2.21-4.fc27.x86_64
> zlib-devel-1.2.11-4.fc27.x86_64
>
> Environment variables:
> TARGET_LIST=
> PACKAGES=ccache gettext git tar PyYAML sparse flex bison python3 bzip2 hostname glib2-devel pixman-devel zlib-devel SDL-devel libfdt-devel gcc gcc-c++ clang make perl which bc findutils libaio-devel nettle-devel libasan libubsan mingw32-pixman mingw32-glib2 mingw32-gmp mingw32-SDL mingw32-pkg-config mingw32-gtk2 mingw32-gtk3 mingw32-gnutls mingw32-nettle mingw32-libtasn1 mingw32-libjpeg-turbo mingw32-libpng mingw32-curl mingw32-libssh2 mingw32-bzip2 mingw64-pixman mingw64-glib2 mingw64-gmp mingw64-SDL mingw64-pkg-config mingw64-gtk2 mingw64-gtk3 mingw64-gnutls mingw64-nettle mingw64-libtasn1 mingw64-libjpeg-turbo mingw64-libpng mingw64-curl mingw64-libssh2 mingw64-bzip2
> J=8
> V=
> HOSTNAME=939c73c338e1
> DEBUG=
> SHOW_ENV=1
> PWD=/
> HOME=/root
> CCACHE_DIR=/var/tmp/ccache
> DISTTAG=f27container
> QEMU_CONFIGURE_OPTS=--python=/usr/bin/python3
> FGC=f27
> TEST_DIR=/tmp/qemu-test
> SHLVL=1
> FEATURES=mingw clang pyyaml asan dtc
> PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
> MAKEFLAGS= -j8
> EXTRA_CONFIGURE_OPTS=
> _=/usr/bin/env
>
> Configure options:
> --enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/tmp/qemu-test/install --python=/usr/bin/python3 --cross-prefix=x86_64-w64-mingw32- --enable-trace-backends=simple --enable-gnutls --enable-nettle --enable-curl --enable-vnc --enable-bzip2 --enable-guest-agent --with-sdlabi=1.2 --with-gtkabi=2.0
> Install prefix /tmp/qemu-test/install
> BIOS directory /tmp/qemu-test/install
> firmware path /tmp/qemu-test/install/share/qemu-firmware
> binary directory /tmp/qemu-test/install
> library directory /tmp/qemu-test/install/lib
> module directory /tmp/qemu-test/install/lib
> libexec directory /tmp/qemu-test/install/libexec
> include directory /tmp/qemu-test/install/include
> config directory /tmp/qemu-test/install
> local state directory queried at runtime
> Windows SDK no
> Source path /tmp/qemu-test/src
> GIT binary git
> GIT submodules
> C compiler x86_64-w64-mingw32-gcc
> Host C compiler cc
> C++ compiler x86_64-w64-mingw32-g++
> Objective-C compiler clang
> ARFLAGS rv
> CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
> QEMU_CFLAGS -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/pixman-1 -I$(SRC_PATH)/dtc/libfdt -Werror -DHAS_LIBSSH2_SFTP_FSYNC -mms-bitfields -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/glib-2.0 -I/usr/x86_64-w64-mingw32/sys-root/mingw/lib/glib-2.0/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -m64 -mcx16 -mthreads -D__USE_MINGW_ANSI_STDIO=1 -DWIN32_LEAN_AND_MEAN -DWINVER=0x501 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wexpansion-to-defined -Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-strong -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/p11-kit-1 -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/libpng16
> LDFLAGS -Wl,--nxcompat -Wl,--no-seh -Wl,--dynamicbase -Wl,--warn-common -m64 -g
> make make
> install install
> python /usr/bin/python3 -B
> smbd /usr/sbin/smbd
> module support no
> host CPU x86_64
> host big endian no
> target list x86_64-softmmu aarch64-softmmu
> gprof enabled no
> sparse enabled no
> strip binaries yes
> profiler no
> static build no
> SDL support yes (1.2.15)
> GTK support yes (2.24.31)
> GTK GL support no
> VTE support no
> TLS priority NORMAL
> GNUTLS support yes
> GNUTLS rnd yes
> libgcrypt no
> libgcrypt kdf no
> nettle yes (3.3)
> nettle kdf yes
> libtasn1 yes
> curses support no
> virgl support no
> curl support yes
> mingw32 support yes
> Audio drivers dsound
> Block whitelist (rw)
> Block whitelist (ro)
> VirtFS support no
> Multipath support no
> VNC support yes
> VNC SASL support no
> VNC JPEG support yes
> VNC PNG support yes
> xen support no
> brlapi support no
> bluez support no
> Documentation no
> PIE no
> vde support no
> netmap support no
> Linux AIO support no
> ATTR/XATTR support no
> Install blobs yes
> KVM support no
> HAX support yes
> HVF support no
> WHPX support no
> TCG support yes
> TCG debug enabled no
> TCG interpreter no
> malloc trim support no
> RDMA support no
> fdt support yes
> preadv support no
> fdatasync no
> madvise no
> posix_madvise no
> posix_memalign no
> libcap-ng support no
> vhost-net support no
> vhost-crypto support no
> vhost-scsi support no
> vhost-vsock support no
> vhost-user support no
> Trace backends simple
> Trace output file trace-<pid>
> spice support no
> rbd support no
> xfsctl support no
> smartcard support no
> libusb no
> usb net redir no
> OpenGL support no
> OpenGL dmabufs no
> libiscsi support no
> libnfs support no
> build guest agent yes
> QGA VSS support no
> QGA w32 disk info yes
> QGA MSI support no
> seccomp support no
> coroutine backend win32
> coroutine pool yes
> debug stack usage no
> crypto afalg no
> GlusterFS support no
> gcov gcov
> gcov enabled no
> TPM support yes
> libssh2 support yes
> TPM passthrough no
> TPM emulator no
> QOM debugging yes
> Live block migration yes
> lzo support no
> snappy support no
> bzip2 support yes
> NUMA host support no
> libxml2 no
> tcmalloc support no
> jemalloc support no
> avx2 optimization yes
> replication support yes
> VxHS block device no
> capstone no
>
> WARNING: Use of GTK 2.0 is deprecated and will be removed in
> WARNING: future releases. Please switch to using GTK 3.0
>
> WARNING: Use of SDL 1.2 is deprecated and will be removed in
> WARNING: future releases. Please switch to using SDL 2.0
> mkdir -p dtc/libfdt
> mkdir -p dtc/tests
> GEN x86_64-softmmu/config-devices.mak.tmp
> GEN aarch64-softmmu/config-devices.mak.tmp
> GEN config-host.h
> GEN qemu-options.def
> GEN qapi-gen
> GEN trace/generated-tcg-tracers.h
> GEN trace/generated-helpers-wrappers.h
> GEN trace/generated-helpers.h
> GEN x86_64-softmmu/config-devices.mak
> GEN aarch64-softmmu/config-devices.mak
> GEN trace/generated-helpers.c
> GEN module_block.h
> GEN ui/input-keymap-atset1-to-qcode.c
> GEN ui/input-keymap-linux-to-qcode.c
> GEN ui/input-keymap-qcode-to-atset1.c
> GEN ui/input-keymap-qcode-to-atset2.c
> GEN ui/input-keymap-qcode-to-atset3.c
> GEN ui/input-keymap-qcode-to-linux.c
> GEN ui/input-keymap-qcode-to-qnum.c
> GEN ui/input-keymap-qcode-to-sun.c
> GEN ui/input-keymap-qnum-to-qcode.c
> GEN ui/input-keymap-usb-to-qcode.c
> GEN ui/input-keymap-win32-to-qcode.c
> GEN ui/input-keymap-x11-to-qcode.c
> GEN ui/input-keymap-xorgevdev-to-qcode.c
> GEN ui/input-keymap-xorgkbd-to-qcode.c
> GEN ui/input-keymap-xorgxquartz-to-qcode.c
> GEN ui/input-keymap-xorgxwin-to-qcode.c
> GEN tests/test-qapi-gen
> GEN trace-root.h
> GEN util/trace.h
> GEN crypto/trace.h
> GEN io/trace.h
> GEN migration/trace.h
> GEN block/trace.h
> GEN chardev/trace.h
> GEN hw/block/trace.h
> GEN hw/block/dataplane/trace.h
> GEN hw/char/trace.h
> GEN hw/intc/trace.h
> GEN hw/net/trace.h
> GEN hw/rdma/trace.h
> GEN hw/rdma/vmw/trace.h
> GEN hw/virtio/trace.h
> GEN hw/audio/trace.h
> GEN hw/misc/trace.h
> GEN hw/misc/macio/trace.h
> GEN hw/usb/trace.h
> GEN hw/scsi/trace.h
> GEN hw/nvram/trace.h
> GEN hw/display/trace.h
> GEN hw/input/trace.h
> GEN hw/timer/trace.h
> GEN hw/dma/trace.h
> GEN hw/sparc/trace.h
> GEN hw/sparc64/trace.h
> GEN hw/sd/trace.h
> GEN hw/isa/trace.h
> GEN hw/mem/trace.h
> GEN hw/i386/trace.h
> GEN hw/i386/xen/trace.h
> GEN hw/9pfs/trace.h
> GEN hw/ppc/trace.h
> GEN hw/pci/trace.h
> GEN hw/pci-host/trace.h
> GEN hw/s390x/trace.h
> GEN hw/vfio/trace.h
> GEN hw/acpi/trace.h
> GEN hw/arm/trace.h
> GEN hw/alpha/trace.h
> GEN hw/hppa/trace.h
> GEN hw/xen/trace.h
> GEN hw/ide/trace.h
> GEN ui/trace.h
> GEN audio/trace.h
> GEN net/trace.h
> GEN target/arm/trace.h
> GEN target/i386/trace.h
> GEN target/mips/trace.h
> GEN target/sparc/trace.h
> GEN target/s390x/trace.h
> GEN target/ppc/trace.h
> GEN qom/trace.h
> GEN linux-user/trace.h
> GEN qapi/trace.h
> GEN accel/tcg/trace.h
> GEN accel/kvm/trace.h
> GEN nbd/trace.h
> GEN scsi/trace.h
> GEN trace-root.c
> GEN util/trace.c
> GEN crypto/trace.c
> GEN io/trace.c
> GEN migration/trace.c
> GEN block/trace.c
> GEN chardev/trace.c
> GEN hw/block/trace.c
> GEN hw/block/dataplane/trace.c
> GEN hw/char/trace.c
> GEN hw/intc/trace.c
> GEN hw/net/trace.c
> GEN hw/rdma/trace.c
> GEN hw/rdma/vmw/trace.c
> GEN hw/virtio/trace.c
> GEN hw/audio/trace.c
> GEN hw/misc/trace.c
> GEN hw/misc/macio/trace.c
> GEN hw/usb/trace.c
> GEN hw/scsi/trace.c
> GEN hw/nvram/trace.c
> GEN hw/display/trace.c
> GEN hw/input/trace.c
> GEN hw/timer/trace.c
> GEN hw/dma/trace.c
> GEN hw/sparc/trace.c
> GEN hw/sparc64/trace.c
> GEN hw/sd/trace.c
> GEN hw/isa/trace.c
> GEN hw/mem/trace.c
> GEN hw/i386/trace.c
> GEN hw/i386/xen/trace.c
> GEN hw/9pfs/trace.c
> GEN hw/ppc/trace.c
> GEN hw/pci/trace.c
> GEN hw/pci-host/trace.c
> GEN hw/s390x/trace.c
> GEN hw/vfio/trace.c
> GEN hw/acpi/trace.c
> GEN hw/arm/trace.c
> GEN hw/alpha/trace.c
> GEN hw/hppa/trace.c
> GEN hw/xen/trace.c
> GEN hw/ide/trace.c
> GEN ui/trace.c
> GEN audio/trace.c
> GEN net/trace.c
> GEN target/arm/trace.c
> GEN target/i386/trace.c
> GEN target/mips/trace.c
> GEN target/sparc/trace.c
> GEN target/s390x/trace.c
> GEN target/ppc/trace.c
> GEN qom/trace.c
> GEN linux-user/trace.c
> GEN qapi/trace.c
> GEN accel/tcg/trace.c
> GEN accel/kvm/trace.c
> GEN nbd/trace.c
> GEN scsi/trace.c
> GEN config-all-devices.mak
> DEP /tmp/qemu-test/src/dtc/tests/dumptrees.c
> DEP /tmp/qemu-test/src/dtc/tests/trees.S
> DEP /tmp/qemu-test/src/dtc/tests/testutils.c
> DEP /tmp/qemu-test/src/dtc/tests/value-labels.c
> DEP /tmp/qemu-test/src/dtc/tests/asm_tree_dump.c
> DEP /tmp/qemu-test/src/dtc/tests/truncated_property.c
> DEP /tmp/qemu-test/src/dtc/tests/check_path.c
> DEP /tmp/qemu-test/src/dtc/tests/overlay_bad_fixup.c
> DEP /tmp/qemu-test/src/dtc/tests/overlay.c
> DEP /tmp/qemu-test/src/dtc/tests/subnode_iterate.c
> DEP /tmp/qemu-test/src/dtc/tests/property_iterate.c
> DEP /tmp/qemu-test/src/dtc/tests/integer-expressions.c
> DEP /tmp/qemu-test/src/dtc/tests/utilfdt_test.c
> DEP /tmp/qemu-test/src/dtc/tests/path_offset_aliases.c
> DEP /tmp/qemu-test/src/dtc/tests/add_subnode_with_nops.c
> DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_unordered.c
> DEP /tmp/qemu-test/src/dtc/tests/dtb_reverse.c
> DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_ordered.c
> DEP /tmp/qemu-test/src/dtc/tests/extra-terminating-null.c
> DEP /tmp/qemu-test/src/dtc/tests/incbin.c
> DEP /tmp/qemu-test/src/dtc/tests/boot-cpuid.c
> DEP /tmp/qemu-test/src/dtc/tests/phandle_format.c
> DEP /tmp/qemu-test/src/dtc/tests/path-references.c
> DEP /tmp/qemu-test/src/dtc/tests/references.c
> DEP /tmp/qemu-test/src/dtc/tests/propname_escapes.c
> DEP /tmp/qemu-test/src/dtc/tests/string_escapes.c
> DEP /tmp/qemu-test/src/dtc/tests/appendprop2.c
> DEP /tmp/qemu-test/src/dtc/tests/appendprop1.c
> DEP /tmp/qemu-test/src/dtc/tests/del_node.c
> DEP /tmp/qemu-test/src/dtc/tests/setprop.c
> DEP /tmp/qemu-test/src/dtc/tests/del_property.c
> DEP /tmp/qemu-test/src/dtc/tests/set_name.c
> DEP /tmp/qemu-test/src/dtc/tests/rw_tree1.c
> DEP /tmp/qemu-test/src/dtc/tests/open_pack.c
> DEP /tmp/qemu-test/src/dtc/tests/nopulate.c
> DEP /tmp/qemu-test/src/dtc/tests/mangle-layout.c
> DEP /tmp/qemu-test/src/dtc/tests/move_and_save.c
> DEP /tmp/qemu-test/src/dtc/tests/sw_tree1.c
> DEP /tmp/qemu-test/src/dtc/tests/nop_node.c
> DEP /tmp/qemu-test/src/dtc/tests/nop_property.c
> DEP /tmp/qemu-test/src/dtc/tests/setprop_inplace.c
> DEP /tmp/qemu-test/src/dtc/tests/stringlist.c
> DEP /tmp/qemu-test/src/dtc/tests/addr_size_cells.c
> DEP /tmp/qemu-test/src/dtc/tests/notfound.c
> DEP /tmp/qemu-test/src/dtc/tests/sized_cells.c
> DEP /tmp/qemu-test/src/dtc/tests/char_literal.c
> DEP /tmp/qemu-test/src/dtc/tests/get_alias.c
> DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_compatible.c
> DEP /tmp/qemu-test/src/dtc/tests/node_check_compatible.c
> DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_phandle.c
> DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_prop_value.c
> DEP /tmp/qemu-test/src/dtc/tests/parent_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/supernode_atdepth_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/get_path.c
> DEP /tmp/qemu-test/src/dtc/tests/get_phandle.c
> DEP /tmp/qemu-test/src/dtc/tests/getprop.c
> DEP /tmp/qemu-test/src/dtc/tests/get_name.c
> DEP /tmp/qemu-test/src/dtc/tests/path_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/subnode_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/root_node.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_overlay.c
> DEP /tmp/qemu-test/src/dtc/tests/find_property.c
> DEP /tmp/qemu-test/src/dtc/tests/get_mem_rsv.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_addresses.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_empty_tree.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_strerror.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_rw.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_sw.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_wip.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_ro.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt.c
> DEP /tmp/qemu-test/src/dtc/util.c
> DEP /tmp/qemu-test/src/dtc/fdtoverlay.c
> DEP /tmp/qemu-test/src/dtc/fdtput.c
> DEP /tmp/qemu-test/src/dtc/fdtget.c
> DEP /tmp/qemu-test/src/dtc/fdtdump.c
> LEX convert-dtsv0-lexer.lex.c
> DEP /tmp/qemu-test/src/dtc/srcpos.c
> BISON dtc-parser.tab.c
> LEX dtc-lexer.lex.c
> DEP /tmp/qemu-test/src/dtc/treesource.c
> DEP /tmp/qemu-test/src/dtc/livetree.c
> DEP /tmp/qemu-test/src/dtc/fstree.c
> DEP /tmp/qemu-test/src/dtc/flattree.c
> DEP /tmp/qemu-test/src/dtc/dtc.c
> DEP /tmp/qemu-test/src/dtc/data.c
> DEP /tmp/qemu-test/src/dtc/checks.c
> DEP convert-dtsv0-lexer.lex.c
> DEP dtc-lexer.lex.c
> DEP dtc-parser.tab.c
> CHK version_gen.h
> UPD version_gen.h
> DEP /tmp/qemu-test/src/dtc/util.c
> CC libfdt/fdt.o
> CC libfdt/fdt_ro.o
> CC libfdt/fdt_wip.o
> CC libfdt/fdt_sw.o
> CC libfdt/fdt_empty_tree.o
> CC libfdt/fdt_rw.o
> CC libfdt/fdt_strerror.o
> CC libfdt/fdt_addresses.o
> CC libfdt/fdt_overlay.o
> AR libfdt/libfdt.a
> x86_64-w64-mingw32-ar: creating libfdt/libfdt.a
> a - libfdt/fdt.o
> a - libfdt/fdt_ro.o
> a - libfdt/fdt_wip.o
> a - libfdt/fdt_sw.o
> a - libfdt/fdt_rw.o
> a - libfdt/fdt_strerror.o
> a - libfdt/fdt_empty_tree.o
> a - libfdt/fdt_addresses.o
> a - libfdt/fdt_overlay.o
> RC version.o
> mkdir -p dtc/libfdt
> mkdir -p dtc/tests
> GEN qga/qapi-generated/qapi-gen
> CC qapi/qapi-types.o
> CC qapi/qapi-types-block-core.o
> CC qapi/qapi-builtin-types.o
> CC qapi/qapi-types-char.o
> CC qapi/qapi-types-block.o
> CC qapi/qapi-types-common.o
> CC qapi/qapi-types-crypto.o
> CC qapi/qapi-types-introspect.o
> CC qapi/qapi-types-misc.o
> CC qapi/qapi-types-migration.o
> CC qapi/qapi-types-net.o
> CC qapi/qapi-types-rocker.o
> CC qapi/qapi-types-run-state.o
> CC qapi/qapi-types-sockets.o
> CC qapi/qapi-types-tpm.o
> CC qapi/qapi-types-trace.o
> CC qapi/qapi-types-transaction.o
> CC qapi/qapi-types-ui.o
> CC qapi/qapi-builtin-visit.o
> CC qapi/qapi-visit.o
> CC qapi/qapi-visit-block-core.o
> CC qapi/qapi-visit-char.o
> CC qapi/qapi-visit-block.o
> CC qapi/qapi-visit-common.o
> CC qapi/qapi-visit-crypto.o
> CC qapi/qapi-visit-introspect.o
> CC qapi/qapi-visit-migration.o
> CC qapi/qapi-visit-misc.o
> CC qapi/qapi-visit-net.o
> CC qapi/qapi-visit-rocker.o
> CC qapi/qapi-visit-run-state.o
> CC qapi/qapi-visit-sockets.o
> CC qapi/qapi-visit-tpm.o
> CC qapi/qapi-visit-transaction.o
> CC qapi/qapi-visit-trace.o
> CC qapi/qapi-visit-ui.o
> CC qapi/qapi-events.o
> CC qapi/qapi-events-block-core.o
> CC qapi/qapi-events-block.o
> CC qapi/qapi-events-char.o
> CC qapi/qapi-events-common.o
> CC qapi/qapi-events-crypto.o
> CC qapi/qapi-events-introspect.o
> CC qapi/qapi-events-migration.o
> CC qapi/qapi-events-misc.o
> CC qapi/qapi-events-net.o
> CC qapi/qapi-events-rocker.o
> CC qapi/qapi-events-run-state.o
> CC qapi/qapi-events-sockets.o
> CC qapi/qapi-events-tpm.o
> CC qapi/qapi-events-trace.o
> CC qapi/qapi-events-transaction.o
> CC qapi/qapi-events-ui.o
> CC qapi/qapi-introspect.o
> CC qapi/qapi-visit-core.o
> CC qapi/qapi-dealloc-visitor.o
> CC qapi/qobject-input-visitor.o
> CC qapi/qobject-output-visitor.o
> CC qapi/qmp-registry.o
> CC qapi/qmp-dispatch.o
> CC qapi/string-input-visitor.o
> CC qapi/string-output-visitor.o
> CC qapi/opts-visitor.o
> CC qapi/qapi-clone-visitor.o
> CC qapi/qmp-event.o
> CC qapi/qapi-util.o
> CC qobject/qnull.o
> CC qobject/qnum.o
> CC qobject/qstring.o
> CC qobject/qdict.o
> CC qobject/qbool.o
> CC qobject/qlist.o
> CC qobject/qlit.o
> CC qobject/qjson.o
> CC qobject/qobject.o
> CC qobject/json-lexer.o
> CC qobject/json-streamer.o
> CC qobject/json-parser.o
> CC trace/simple.o
> CC trace/control.o
> CC trace/qmp.o
> CC util/osdep.o
> CC util/cutils.o
> CC util/unicode.o
> CC util/qemu-timer-common.o
> CC util/bufferiszero.o
> CC util/lockcnt.o
> CC util/aiocb.o
> CC util/async.o
> CC util/aio-wait.o
> CC util/thread-pool.o
> CC util/qemu-timer.o
> CC util/main-loop.o
> CC util/iohandler.o
> CC util/aio-win32.o
> CC util/event_notifier-win32.o
> CC util/oslib-win32.o
> CC util/qemu-thread-win32.o
> CC util/envlist.o
> CC util/path.o
> CC util/module.o
> CC util/host-utils.o
> CC util/bitmap.o
> CC util/bitops.o
> CC util/hbitmap.o
> CC util/fifo8.o
> CC util/acl.o
> CC util/cacheinfo.o
> CC util/error.o
> CC util/qemu-error.o
> CC util/id.o
> CC util/iov.o
> CC util/qemu-config.o
> CC util/qemu-sockets.o
> CC util/uri.o
> CC util/notify.o
> CC util/qemu-option.o
> CC util/qemu-progress.o
> CC util/keyval.o
> CC util/hexdump.o
> CC util/crc32c.o
> CC util/throttle.o
> CC util/uuid.o
> CC util/getauxval.o
> CC util/readline.o
> CC util/rcu.o
> CC util/qemu-coroutine.o
> CC util/qemu-coroutine-lock.o
> CC util/qemu-coroutine-io.o
> CC util/qemu-coroutine-sleep.o
> CC util/coroutine-win32.o
> CC util/buffer.o
> CC util/timed-average.o
> CC util/base64.o
> CC util/log.o
> CC util/pagesize.o
> CC util/qdist.o
> CC util/qht.o
> CC util/range.o
> CC util/stats64.o
> CC util/systemd.o
> CC trace-root.o
> CC util/trace.o
> CC crypto/trace.o
> CC io/trace.o
> CC migration/trace.o
> CC block/trace.o
> CC chardev/trace.o
> CC hw/block/trace.o
> CC hw/block/dataplane/trace.o
> CC hw/char/trace.o
> CC hw/intc/trace.o
> CC hw/net/trace.o
> CC hw/rdma/trace.o
> CC hw/rdma/vmw/trace.o
> CC hw/virtio/trace.o
> CC hw/audio/trace.o
> CC hw/misc/trace.o
> CC hw/misc/macio/trace.o
> CC hw/usb/trace.o
> CC hw/scsi/trace.o
> CC hw/nvram/trace.o
> CC hw/display/trace.o
> CC hw/input/trace.o
> CC hw/timer/trace.o
> CC hw/dma/trace.o
> CC hw/sparc/trace.o
> CC hw/sparc64/trace.o
> CC hw/sd/trace.o
> CC hw/isa/trace.o
> CC hw/mem/trace.o
> CC hw/i386/trace.o
> CC hw/i386/xen/trace.o
> CC hw/9pfs/trace.o
> CC hw/ppc/trace.o
> CC hw/pci/trace.o
> CC hw/pci-host/trace.o
> CC hw/s390x/trace.o
> CC hw/vfio/trace.o
> CC hw/acpi/trace.o
> CC hw/arm/trace.o
> CC hw/alpha/trace.o
> CC hw/hppa/trace.o
> CC hw/xen/trace.o
> CC hw/ide/trace.o
> CC ui/trace.o
> CC audio/trace.o
> CC net/trace.o
> CC target/arm/trace.o
> CC target/i386/trace.o
> CC target/mips/trace.o
> CC target/sparc/trace.o
> CC target/s390x/trace.o
> CC target/ppc/trace.o
> CC qom/trace.o
> CC linux-user/trace.o
> CC qapi/trace.o
> CC accel/tcg/trace.o
> CC accel/kvm/trace.o
> CC nbd/trace.o
> CC scsi/trace.o
> CC crypto/pbkdf-stub.o
> CC stubs/arch-query-cpu-def.o
> CC stubs/arch-query-cpu-model-expansion.o
> CC stubs/arch-query-cpu-model-comparison.o
> CC stubs/arch-query-cpu-model-baseline.o
> CC stubs/bdrv-next-monitor-owned.o
> CC stubs/blk-commit-all.o
> CC stubs/blockdev-close-all-bdrv-states.o
> CC stubs/clock-warp.o
> CC stubs/cpu-get-clock.o
> CC stubs/cpu-get-icount.o
> CC stubs/dump.o
> CC stubs/error-printf.o
> CC stubs/fdset.o
> CC stubs/gdbstub.o
> CC stubs/get-vm-name.o
> CC stubs/iothread.o
> CC stubs/iothread-lock.o
> CC stubs/is-daemonized.o
> CC stubs/machine-init-done.o
> CC stubs/migr-blocker.o
> CC stubs/change-state-handler.o
> CC stubs/monitor.o
> CC stubs/notify-event.o
> CC stubs/qtest.o
> CC stubs/replay.o
> CC stubs/runstate-check.o
> CC stubs/set-fd-handler.o
> CC stubs/slirp.o
> CC stubs/sysbus.o
> CC stubs/tpm.o
> CC stubs/trace-control.o
> CC stubs/uuid.o
> CC stubs/vm-stop.o
> CC stubs/vmstate.o
> CC stubs/fd-register.o
> CC stubs/qmp_pc_dimm.o
> CC stubs/target-monitor-defs.o
> CC stubs/target-get-monitor-def.o
> CC stubs/pc_madt_cpu_entry.o
> CC stubs/vmgenid.o
> CC stubs/xen-common.o
> CC stubs/xen-hvm.o
> CC stubs/pci-host-piix.o
> CC stubs/ram-block.o
> CC stubs/sev.o
> GEN qemu-img-cmds.h
> CC block.o
> CC blockjob.o
> CC qemu-io-cmds.o
> CC replication.o
> CC block/raw-format.o
> CC block/qcow.o
> CC block/vdi.o
> CC block/vmdk.o
> CC block/cloop.o
> CC block/bochs.o
> CC block/vpc.o
> CC block/vvfat.o
> CC block/dmg.o
> CC block/qcow2.o
> CC block/qcow2-refcount.o
> CC block/qcow2-cluster.o
> CC block/qcow2-snapshot.o
> CC block/qcow2-cache.o
> CC block/qcow2-bitmap.o
> CC block/qed.o
> CC block/qed-l2-cache.o
> CC block/qed-table.o
> CC block/qed-cluster.o
> CC block/qed-check.o
> CC block/vhdx.o
> CC block/vhdx-endian.o
> CC block/vhdx-log.o
> CC block/quorum.o
> CC block/parallels.o
> CC block/blkdebug.o
> CC block/blkverify.o
> CC block/blkreplay.o
> CC block/block-backend.o
> CC block/snapshot.o
> CC block/qapi.o
> CC block/file-win32.o
> CC block/win32-aio.o
> CC block/null.o
> CC block/mirror.o
> CC block/commit.o
> CC block/io.o
> CC block/throttle-groups.o
> CC block/nbd.o
> CC block/nbd-client.o
> CC block/sheepdog.o
> CC block/accounting.o
> CC block/dirty-bitmap.o
> CC block/write-threshold.o
> CC block/backup.o
> CC block/replication.o
> CC block/throttle.o
> CC block/crypto.o
> CC nbd/server.o
> CC nbd/client.o
> CC nbd/common.o
> CC scsi/utils.o
> CC block/curl.o
> CC block/ssh.o
> CC block/dmg-bz2.o
> CC crypto/init.o
> CC crypto/hash.o
> CC crypto/hash-nettle.o
> CC crypto/hmac.o
> CC crypto/hmac-nettle.o
> CC crypto/aes.o
> CC crypto/desrfb.o
> CC crypto/cipher.o
> CC crypto/tlscreds.o
> CC crypto/tlscredsanon.o
> CC crypto/tlscredsx509.o
> CC crypto/tlssession.o
> CC crypto/secret.o
> CC crypto/random-gnutls.o
> CC crypto/pbkdf.o
> CC crypto/pbkdf-nettle.o
> CC crypto/ivgen.o
> CC crypto/ivgen-essiv.o
> CC crypto/ivgen-plain.o
> CC crypto/ivgen-plain64.o
> CC crypto/afsplit.o
> CC crypto/xts.o
> CC crypto/block.o
> CC crypto/block-qcow.o
> CC crypto/block-luks.o
> CC io/channel.o
> CC io/channel-buffer.o
> CC io/channel-command.o
> CC io/channel-file.o
> CC io/channel-socket.o
> CC io/channel-tls.o
> CC io/channel-watch.o
> CC io/channel-websock.o
> CC io/channel-util.o
> CC io/dns-resolver.o
> CC io/net-listener.o
> CC io/task.o
> CC qom/object.o
> CC qom/container.o
> CC qom/qom-qobject.o
> CC qom/object_interfaces.o
> CC qemu-io.o
> CC blockdev.o
> CC blockdev-nbd.o
> CC bootdevice.o
> CC iothread.o
> CC qdev-monitor.o
> CC device-hotplug.o
> CC os-win32.o
> CC bt-host.o
> CC bt-vhci.o
> CC dma-helpers.o
> CC vl.o
> CC tpm.o
> CC device_tree.o
> CC qapi/qapi-commands.o
> CC qapi/qapi-commands-block-core.o
> CC qapi/qapi-commands-block.o
> CC qapi/qapi-commands-char.o
> CC qapi/qapi-commands-common.o
> CC qapi/qapi-commands-crypto.o
> CC qapi/qapi-commands-introspect.o
> CC qapi/qapi-commands-migration.o
> CC qapi/qapi-commands-misc.o
> CC qapi/qapi-commands-net.o
> CC qapi/qapi-commands-rocker.o
> CC qapi/qapi-commands-run-state.o
> CC qapi/qapi-commands-sockets.o
> CC qapi/qapi-commands-tpm.o
> CC qapi/qapi-commands-trace.o
> CC qapi/qapi-commands-transaction.o
> CC qapi/qapi-commands-ui.o
> CC qmp.o
> CC hmp.o
> CC cpus-common.o
> CC audio/audio.o
> CC audio/noaudio.o
> CC audio/wavaudio.o
> CC audio/mixeng.o
> CC audio/dsoundaudio.o
> CC audio/audio_win_int.o
> CC audio/wavcapture.o
> CC backends/rng.o
> CC backends/rng-egd.o
> CC backends/tpm.o
> CC backends/hostmem.o
> CC backends/hostmem-ram.o
> CC backends/cryptodev.o
> CC backends/cryptodev-builtin.o
> CC backends/cryptodev-vhost.o
> CC block/stream.o
> CC chardev/msmouse.o
> CC chardev/wctablet.o
> CC chardev/testdev.o
> CC disas/arm.o
> CXX disas/arm-a64.o
> CC disas/i386.o
> CXX disas/libvixl/vixl/utils.o
> CXX disas/libvixl/vixl/compiler-intrinsics.o
> CXX disas/libvixl/vixl/a64/instructions-a64.o
> CXX disas/libvixl/vixl/a64/decoder-a64.o
> CXX disas/libvixl/vixl/a64/disasm-a64.o
> CC hw/acpi/core.o
> CC hw/acpi/piix4.o
> CC hw/acpi/pcihp.o
> CC hw/acpi/ich9.o
> CC hw/acpi/tco.o
> CC hw/acpi/cpu_hotplug.o
> CC hw/acpi/memory_hotplug.o
> CC hw/acpi/cpu.o
> CC hw/acpi/nvdimm.o
> CC hw/acpi/vmgenid.o
> CC hw/acpi/acpi_interface.o
> CC hw/acpi/bios-linker-loader.o
> CC hw/acpi/aml-build.o
> CC hw/acpi/ipmi.o
> CC hw/acpi/acpi-stub.o
> CC hw/acpi/ipmi-stub.o
> CC hw/audio/sb16.o
> CC hw/audio/es1370.o
> CC hw/audio/ac97.o
> CC hw/audio/fmopl.o
> CC hw/audio/adlib.o
> CC hw/audio/gus.o
> CC hw/audio/gusemu_hal.o
> CC hw/audio/gusemu_mixer.o
> CC hw/audio/cs4231a.o
> CC hw/audio/intel-hda.o
> CC hw/audio/hda-codec.o
> CC hw/audio/pcspk.o
> CC hw/audio/wm8750.o
> CC hw/audio/pl041.o
> CC hw/audio/lm4549.o
> CC hw/audio/marvell_88w8618.o
> CC hw/audio/soundhw.o
> CC hw/block/block.o
> CC hw/block/cdrom.o
> CC hw/block/hd-geometry.o
> CC hw/block/fdc.o
> CC hw/block/m25p80.o
> CC hw/block/nand.o
> CC hw/block/pflash_cfi01.o
> CC hw/block/pflash_cfi02.o
> CC hw/block/ecc.o
> CC hw/block/onenand.o
> CC hw/block/nvme.o
> CC hw/bt/core.o
> CC hw/bt/l2cap.o
> CC hw/bt/sdp.o
> CC hw/bt/hci.o
> CC hw/bt/hid.o
> CC hw/bt/hci-csr.o
> CC hw/char/ipoctal232.o
> CC hw/char/parallel.o
> CC hw/char/pl011.o
> CC hw/char/serial.o
> CC hw/char/serial-isa.o
> CC hw/char/serial-pci.o
> CC hw/char/virtio-console.o
> CC hw/char/cadence_uart.o
> CC hw/char/cmsdk-apb-uart.o
> CC hw/char/debugcon.o
> CC hw/char/imx_serial.o
> CC hw/core/qdev.o
> CC hw/core/qdev-properties.o
> CC hw/core/bus.o
> CC hw/core/reset.o
> CC hw/core/qdev-fw.o
> CC hw/core/fw-path-provider.o
> CC hw/core/irq.o
> CC hw/core/hotplug.o
> CC hw/core/nmi.o
> CC hw/core/stream.o
> CC hw/core/ptimer.o
> CC hw/core/sysbus.o
> CC hw/core/machine.o
> CC hw/core/loader.o
> CC hw/core/qdev-properties-system.o
> CC hw/core/register.o
> CC hw/core/or-irq.o
> CC hw/core/split-irq.o
> CC hw/core/platform-bus.o
> CC hw/cpu/core.o
> CC hw/display/ads7846.o
> CC hw/display/cirrus_vga.o
> CC hw/display/pl110.o
> CC hw/display/sii9022.o
> CC hw/display/ssd0303.o
> CC hw/display/ssd0323.o
> CC hw/display/vga-pci.o
> CC hw/display/vga-isa.o
> CC hw/display/vmware_vga.o
> CC hw/display/blizzard.o
> CC hw/display/exynos4210_fimd.o
> CC hw/display/framebuffer.o
> CC hw/display/tc6393xb.o
> CC hw/dma/pl080.o
> CC hw/dma/pl330.o
> CC hw/dma/i8257.o
> CC hw/dma/xilinx_axidma.o
> CC hw/dma/xlnx-zynq-devcfg.o
> CC hw/gpio/max7310.o
> CC hw/gpio/pl061.o
> CC hw/gpio/zaurus.o
> CC hw/gpio/gpio_key.o
> CC hw/i2c/core.o
> CC hw/i2c/smbus.o
> CC hw/i2c/smbus_eeprom.o
> CC hw/i2c/i2c-ddc.o
> CC hw/i2c/versatile_i2c.o
> CC hw/i2c/smbus_ich9.o
> CC hw/i2c/pm_smbus.o
> CC hw/i2c/bitbang_i2c.o
> CC hw/i2c/exynos4210_i2c.o
> CC hw/i2c/imx_i2c.o
> CC hw/i2c/aspeed_i2c.o
> CC hw/ide/core.o
> CC hw/ide/atapi.o
> CC hw/ide/qdev.o
> CC hw/ide/pci.o
> CC hw/ide/isa.o
> CC hw/ide/piix.o
> CC hw/ide/microdrive.o
> CC hw/ide/ahci.o
> CC hw/ide/ich.o
> CC hw/ide/ahci-allwinner.o
> CC hw/input/hid.o
> CC hw/input/lm832x.o
> CC hw/input/pckbd.o
> CC hw/input/pl050.o
> CC hw/input/ps2.o
> CC hw/input/stellaris_input.o
> CC hw/input/tsc2005.o
> CC hw/input/virtio-input.o
> CC hw/input/virtio-input-hid.o
> CC hw/intc/i8259_common.o
> CC hw/intc/i8259.o
> CC hw/intc/pl190.o
> CC hw/intc/xlnx-pmu-iomod-intc.o
> CC hw/intc/xlnx-zynqmp-ipi.o
> CC hw/intc/imx_avic.o
> CC hw/intc/imx_gpcv2.o
> CC hw/intc/realview_gic.o
> CC hw/intc/ioapic_common.o
> CC hw/intc/arm_gic_common.o
> CC hw/intc/arm_gic.o
> CC hw/intc/arm_gicv2m.o
> CC hw/intc/arm_gicv3_common.o
> CC hw/intc/arm_gicv3.o
> CC hw/intc/arm_gicv3_dist.o
> CC hw/intc/arm_gicv3_redist.o
> CC hw/intc/arm_gicv3_its_common.o
> CC hw/intc/intc.o
> CC hw/ipack/ipack.o
> CC hw/ipack/tpci200.o
> CC hw/ipmi/ipmi.o
> CC hw/ipmi/ipmi_bmc_sim.o
> CC hw/ipmi/ipmi_bmc_extern.o
> CC hw/ipmi/isa_ipmi_kcs.o
> CC hw/ipmi/isa_ipmi_bt.o
> CC hw/isa/isa-bus.o
> CC hw/isa/apm.o
> CC hw/mem/pc-dimm.o
> CC hw/mem/nvdimm.o
> CC hw/misc/applesmc.o
> CC hw/misc/max111x.o
> CC hw/misc/tmp105.o
> CC hw/misc/tmp421.o
> CC hw/misc/debugexit.o
> CC hw/misc/sga.o
> CC hw/misc/pc-testdev.o
> CC hw/misc/pci-testdev.o
> CC hw/misc/edu.o
> CC hw/misc/unimp.o
> CC hw/misc/vmcoreinfo.o
> CC hw/misc/arm_l2x0.o
> CC hw/misc/arm_integrator_debug.o
> CC hw/misc/a9scu.o
> CC hw/misc/arm11scu.o
> CC hw/net/ne2000.o
> CC hw/net/eepro100.o
> CC hw/net/pcnet-pci.o
> CC hw/net/pcnet.o
> CC hw/net/e1000.o
> CC hw/net/e1000x_common.o
> CC hw/net/net_tx_pkt.o
> CC hw/net/net_rx_pkt.o
> CC hw/net/e1000e.o
> CC hw/net/e1000e_core.o
> CC hw/net/rtl8139.o
> CC hw/net/vmxnet3.o
> CC hw/net/smc91c111.o
> CC hw/net/lan9118.o
> CC hw/net/ne2000-isa.o
> CC hw/net/xgmac.o
> CC hw/net/xilinx_axienet.o
> CC hw/net/allwinner_emac.o
> CC hw/net/imx_fec.o
> CC hw/net/cadence_gem.o
> CC hw/net/stellaris_enet.o
> CC hw/net/ftgmac100.o
> CC hw/net/rocker/rocker.o
> CC hw/net/rocker/rocker_fp.o
> CC hw/net/rocker/rocker_desc.o
> CC hw/net/rocker/rocker_world.o
> CC hw/net/rocker/rocker_of_dpa.o
> CC hw/net/can/can_sja1000.o
> CC hw/net/can/can_kvaser_pci.o
> CC hw/net/can/can_pcm3680_pci.o
> CC hw/net/can/can_mioe3680_pci.o
> CC hw/nvram/eeprom93xx.o
> CC hw/nvram/eeprom_at24c.o
> CC hw/nvram/fw_cfg.o
> CC hw/nvram/chrp_nvram.o
> CC hw/pci-bridge/pci_bridge_dev.o
> CC hw/pci-bridge/pcie_root_port.o
> CC hw/pci-bridge/gen_pcie_root_port.o
> CC hw/pci-bridge/pcie_pci_bridge.o
> CC hw/pci-bridge/pci_expander_bridge.o
> CC hw/pci-bridge/xio3130_upstream.o
> CC hw/pci-bridge/xio3130_downstream.o
> CC hw/pci-bridge/ioh3420.o
> CC hw/pci-bridge/i82801b11.o
> CC hw/pci-host/pam.o
> CC hw/pci-host/versatile.o
> CC hw/pci-host/piix.o
> CC hw/pci-host/q35.o
> CC hw/pci-host/gpex.o
> CC hw/pci/pci.o
> CC hw/pci/pci_bridge.o
> CC hw/pci/msix.o
> CC hw/pci/msi.o
> CC hw/pci/shpc.o
> CC hw/pci/slotid_cap.o
> CC hw/pci/pci_host.o
> CC hw/pci/pcie_host.o
> CC hw/pci/pcie.o
> CC hw/pci/pcie_aer.o
> CC hw/pci/pcie_port.o
> CC hw/pci/pci-stub.o
> CC hw/pcmcia/pcmcia.o
> CC hw/scsi/scsi-disk.o
> CC hw/scsi/scsi-generic.o
> CC hw/scsi/scsi-bus.o
> CC hw/scsi/lsi53c895a.o
> CC hw/scsi/mptsas.o
> CC hw/scsi/mptconfig.o
> CC hw/scsi/mptendian.o
> CC hw/scsi/megasas.o
> CC hw/scsi/vmw_pvscsi.o
> CC hw/scsi/esp.o
> CC hw/scsi/esp-pci.o
> CC hw/sd/pl181.o
> CC hw/sd/ssi-sd.o
> CC hw/sd/sd.o
> CC hw/sd/core.o
> CC hw/sd/sdhci.o
> CC hw/smbios/smbios.o
> CC hw/smbios/smbios_type_38.o
> CC hw/smbios/smbios-stub.o
> CC hw/smbios/smbios_type_38-stub.o
> CC hw/ssi/pl022.o
> CC hw/ssi/ssi.o
> CC hw/ssi/xilinx_spips.o
> CC hw/ssi/aspeed_smc.o
> CC hw/ssi/stm32f2xx_spi.o
> CC hw/ssi/mss-spi.o
> CC hw/timer/arm_timer.o
> CC hw/timer/arm_mptimer.o
> CC hw/timer/armv7m_systick.o
> CC hw/timer/a9gtimer.o
> CC hw/timer/cadence_ttc.o
> CC hw/timer/ds1338.o
> CC hw/timer/hpet.o
> CC hw/timer/i8254_common.o
> CC hw/timer/i8254.o
> CC hw/timer/pl031.o
> CC hw/timer/twl92230.o
> CC hw/timer/imx_epit.o
> CC hw/timer/imx_gpt.o
> CC hw/timer/xlnx-zynqmp-rtc.o
> CC hw/timer/stm32f2xx_timer.o
> CC hw/timer/aspeed_timer.o
> CC hw/timer/cmsdk-apb-timer.o
> CC hw/timer/mss-timer.o
> CC hw/tpm/tpm_util.o
> CC hw/tpm/tpm_tis.o
> CC hw/tpm/tpm_crb.o
> CC hw/usb/core.o
> CC hw/usb/combined-packet.o
> CC hw/usb/bus.o
> CC hw/usb/libhw.o
> CC hw/usb/desc.o
> CC hw/usb/desc-msos.o
> CC hw/usb/hcd-uhci.o
> CC hw/usb/hcd-ohci.o
> CC hw/usb/hcd-ehci.o
> CC hw/usb/hcd-ehci-pci.o
> CC hw/usb/hcd-ehci-sysbus.o
> CC hw/usb/hcd-xhci.o
> CC hw/usb/hcd-xhci-nec.o
> CC hw/usb/hcd-musb.o
> CC hw/usb/dev-hub.o
> CC hw/usb/dev-hid.o
> CC hw/usb/dev-wacom.o
> CC hw/usb/dev-storage.o
> CC hw/usb/dev-uas.o
> CC hw/usb/dev-audio.o
> CC hw/usb/dev-serial.o
> CC hw/usb/dev-network.o
> CC hw/usb/dev-bluetooth.o
> CC hw/usb/dev-smartcard-reader.o
> CC hw/usb/host-stub.o
> CC hw/virtio/virtio-rng.o
> CC hw/virtio/virtio-pci.o
> CC hw/virtio/virtio-bus.o
> CC hw/virtio/virtio-mmio.o
> CC hw/virtio/vhost-stub.o
> CC hw/watchdog/watchdog.o
> CC hw/watchdog/wdt_i6300esb.o
> CC hw/watchdog/wdt_ib700.o
> CC hw/watchdog/wdt_aspeed.o
> CC migration/migration.o
> CC migration/socket.o
> CC migration/fd.o
> CC migration/exec.o
> CC migration/tls.o
> CC migration/channel.o
> CC migration/savevm.o
> CC migration/colo-comm.o
> CC migration/colo.o
> CC migration/colo-failover.o
> CC migration/vmstate.o
> CC migration/vmstate-types.o
> CC migration/page_cache.o
> CC migration/qemu-file.o
> CC migration/global_state.o
> CC migration/qemu-file-channel.o
> CC migration/xbzrle.o
> CC migration/postcopy-ram.o
> CC migration/qjson.o
> CC migration/block.o
> CC net/net.o
> CC net/queue.o
> CC net/checksum.o
> CC net/util.o
> CC net/hub.o
> CC net/socket.o
> CC net/dump.o
> CC net/eth.o
> CC net/slirp.o
> CC net/filter.o
> CC net/filter-buffer.o
> CC net/filter-mirror.o
> CC net/colo-compare.o
> CC net/colo.o
> CC net/filter-rewriter.o
> CC net/filter-replay.o
> CC net/tap-win32.o
> CC net/can/can_core.o
> CC net/can/can_host.o
> CC qom/cpu.o
> CC replay/replay.o
> CC replay/replay-internal.o
> CC replay/replay-events.o
> CC replay/replay-time.o
> CC replay/replay-input.o
> CC replay/replay-char.o
> CC replay/replay-snapshot.o
> CC replay/replay-net.o
> CC replay/replay-audio.o
> CC slirp/cksum.o
> CC slirp/if.o
> CC slirp/ip_icmp.o
> CC slirp/ip6_icmp.o
> CC slirp/ip6_input.o
> CC slirp/ip6_output.o
> CC slirp/ip_input.o
> CC slirp/ip_output.o
> CC slirp/dnssearch.o
> CC slirp/dhcpv6.o
> CC slirp/slirp.o
> CC slirp/mbuf.o
> CC slirp/misc.o
> CC slirp/sbuf.o
> CC slirp/socket.o
> CC slirp/tcp_input.o
> CC slirp/tcp_output.o
> CC slirp/tcp_subr.o
> CC slirp/tcp_timer.o
> CC slirp/udp.o
> CC slirp/udp6.o
> CC slirp/bootp.o
> CC slirp/tftp.o
> CC slirp/arp_table.o
> CC slirp/ndp_table.o
> CC slirp/ncsi.o
> CC ui/keymaps.o
> CC ui/console.o
> CC ui/cursor.o
> CC ui/qemu-pixman.o
> CC ui/input.o
> CC ui/input-keymap.o
> CC ui/input-legacy.o
> CC ui/vnc.o
> CC ui/vnc-enc-zlib.o
> CC ui/vnc-enc-hextile.o
> CC ui/vnc-enc-tight.o
> CC ui/vnc-enc-zrle.o
> CC ui/vnc-palette.o
> CC ui/vnc-auth-vencrypt.o
> CC ui/vnc-ws.o
> CC ui/vnc-jobs.o
> CC ui/sdl.o
> CC ui/sdl_zoom.o
> CC ui/gtk.o
> CC chardev/char.o
> CC chardev/char-console.o
> CC chardev/char-fe.o
> CC chardev/char-file.o
> CC chardev/char-io.o
> CC chardev/char-mux.o
> CC chardev/char-null.o
> CC chardev/char-pipe.o
> CC chardev/char-ringbuf.o
> CC chardev/char-serial.o
> CC chardev/char-socket.o
> CC chardev/char-stdio.o
> CC chardev/char-udp.o
> CC chardev/char-win.o
> CC chardev/char-win-stdio.o
> CC qga/commands.o
> CC qga/guest-agent-command-state.o
> CC qga/main.o
> AS optionrom/multiboot.o
> AS optionrom/linuxboot.o
> CC qga/commands-win32.o
> CC optionrom/linuxboot_dma.o
> AS optionrom/kvmvapic.o
> BUILD optionrom/multiboot.img
> BUILD optionrom/linuxboot.img
> BUILD optionrom/linuxboot_dma.img
> CC qga/channel-win32.o
> BUILD optionrom/kvmvapic.img
> BUILD optionrom/multiboot.raw
> CC qga/service-win32.o
> BUILD optionrom/linuxboot.raw
> BUILD optionrom/linuxboot_dma.raw
> CC qga/vss-win32.o
> BUILD optionrom/kvmvapic.raw
> SIGN optionrom/multiboot.bin
> SIGN optionrom/linuxboot.bin
> SIGN optionrom/linuxboot_dma.bin
> SIGN optionrom/kvmvapic.bin
> CC qga/qapi-generated/qga-qapi-visit.o
> CC qga/qapi-generated/qga-qapi-commands.o
> CC qga/qapi-generated/qga-qapi-types.o
> AR libqemuutil.a
> CC qemu-img.o
> LINK qemu-ga.exe
> LINK qemu-io.exe
> GEN x86_64-softmmu/hmp-commands.h
> GEN x86_64-softmmu/hmp-commands-info.h
> GEN x86_64-softmmu/config-target.h
> GEN aarch64-softmmu/config-target.h
> GEN aarch64-softmmu/hmp-commands.h
> GEN aarch64-softmmu/hmp-commands-info.h
> CC x86_64-softmmu/exec.o
> CC x86_64-softmmu/tcg/tcg.o
> CC x86_64-softmmu/tcg/tcg-op.o
> CC x86_64-softmmu/tcg/tcg-op-vec.o
> CC x86_64-softmmu/tcg/tcg-op-gvec.o
> CC x86_64-softmmu/tcg/tcg-common.o
> CC aarch64-softmmu/exec.o
> CC aarch64-softmmu/tcg/tcg.o
> CC x86_64-softmmu/tcg/optimize.o
> LINK qemu-img.exe
> CC aarch64-softmmu/tcg/tcg-op.o
> CC x86_64-softmmu/fpu/softfloat.o
> CC aarch64-softmmu/tcg/tcg-op-vec.o
> CC x86_64-softmmu/disas.o
> GEN x86_64-softmmu/gdbstub-xml.c
> CC x86_64-softmmu/arch_init.o
> CC x86_64-softmmu/cpus.o
> CC x86_64-softmmu/monitor.o
> CC x86_64-softmmu/gdbstub.o
> CC aarch64-softmmu/tcg/tcg-op-gvec.o
> CC x86_64-softmmu/balloon.o
> CC x86_64-softmmu/ioport.o
> CC x86_64-softmmu/numa.o
> CC aarch64-softmmu/tcg/tcg-common.o
> CC x86_64-softmmu/qtest.o
> CC aarch64-softmmu/tcg/optimize.o
> CC x86_64-softmmu/memory.o
> CC x86_64-softmmu/memory_mapping.o
> CC x86_64-softmmu/dump.o
> CC x86_64-softmmu/migration/ram.o
> CC x86_64-softmmu/accel/accel.o
> CC x86_64-softmmu/accel/stubs/hvf-stub.o
> CC x86_64-softmmu/accel/stubs/whpx-stub.o
> CC aarch64-softmmu/disas.o
> CC aarch64-softmmu/fpu/softfloat.o
> CC x86_64-softmmu/accel/stubs/kvm-stub.o
> GEN aarch64-softmmu/gdbstub-xml.c
> CC aarch64-softmmu/arch_init.o
> CC aarch64-softmmu/cpus.o
> CC x86_64-softmmu/accel/tcg/tcg-all.o
> CC aarch64-softmmu/monitor.o
> CC aarch64-softmmu/gdbstub.o
> CC x86_64-softmmu/accel/tcg/cputlb.o
> CC x86_64-softmmu/accel/tcg/tcg-runtime.o
> CC x86_64-softmmu/accel/tcg/tcg-runtime-gvec.o
> CC x86_64-softmmu/accel/tcg/cpu-exec.o
> CC x86_64-softmmu/accel/tcg/cpu-exec-common.o
> CC x86_64-softmmu/accel/tcg/translate-all.o
> CC x86_64-softmmu/accel/tcg/translator.o
> CC x86_64-softmmu/hw/block/virtio-blk.o
> CC x86_64-softmmu/hw/block/dataplane/virtio-blk.o
> CC x86_64-softmmu/hw/char/virtio-serial-bus.o
> CC x86_64-softmmu/hw/core/generic-loader.o
> CC x86_64-softmmu/hw/core/null-machine.o
> CC x86_64-softmmu/hw/display/vga.o
> CC x86_64-softmmu/hw/display/virtio-gpu.o
> CC x86_64-softmmu/hw/display/virtio-gpu-3d.o
> CC x86_64-softmmu/hw/display/virtio-gpu-pci.o
> CC x86_64-softmmu/hw/display/virtio-vga.o
> CC x86_64-softmmu/hw/intc/apic.o
> CC x86_64-softmmu/hw/intc/apic_common.o
> CC x86_64-softmmu/hw/intc/ioapic.o
> CC x86_64-softmmu/hw/isa/lpc_ich9.o
> CC x86_64-softmmu/hw/misc/pvpanic.o
> CC aarch64-softmmu/ioport.o
> CC aarch64-softmmu/balloon.o
> CC x86_64-softmmu/hw/misc/mmio_interface.o
> CC aarch64-softmmu/numa.o
> CC aarch64-softmmu/qtest.o
> CC aarch64-softmmu/memory.o
> CC x86_64-softmmu/hw/net/virtio-net.o
> CC x86_64-softmmu/hw/net/vhost_net.o
> CC aarch64-softmmu/memory_mapping.o
> CC x86_64-softmmu/hw/scsi/virtio-scsi.o
> CC aarch64-softmmu/dump.o
> CC x86_64-softmmu/hw/scsi/virtio-scsi-dataplane.o
> CC aarch64-softmmu/migration/ram.o
> CC aarch64-softmmu/accel/accel.o
> CC x86_64-softmmu/hw/timer/mc146818rtc.o
> CC aarch64-softmmu/accel/stubs/hax-stub.o
> CC x86_64-softmmu/hw/virtio/virtio.o
> CC x86_64-softmmu/hw/virtio/virtio-balloon.o
> CC x86_64-softmmu/hw/virtio/virtio-crypto.o
> CC x86_64-softmmu/hw/virtio/virtio-crypto-pci.o
> CC x86_64-softmmu/hw/i386/multiboot.o
> CC aarch64-softmmu/accel/stubs/whpx-stub.o
> CC x86_64-softmmu/hw/i386/pc.o
> CC aarch64-softmmu/accel/stubs/hvf-stub.o
> CC x86_64-softmmu/hw/i386/pc_piix.o
> CC aarch64-softmmu/accel/stubs/kvm-stub.o
> CC x86_64-softmmu/hw/i386/pc_q35.o
> CC aarch64-softmmu/accel/tcg/tcg-all.o
> CC aarch64-softmmu/accel/tcg/cputlb.o
> CC aarch64-softmmu/accel/tcg/tcg-runtime.o
> CC aarch64-softmmu/accel/tcg/tcg-runtime-gvec.o
> CC aarch64-softmmu/accel/tcg/cpu-exec.o
> CC x86_64-softmmu/hw/i386/pc_sysfw.o
> CC aarch64-softmmu/accel/tcg/cpu-exec-common.o
> CC x86_64-softmmu/hw/i386/x86-iommu.o
> CC x86_64-softmmu/hw/i386/intel_iommu.o
> CC aarch64-softmmu/accel/tcg/translate-all.o
> CC x86_64-softmmu/hw/i386/amd_iommu.o
> CC aarch64-softmmu/accel/tcg/translator.o
> CC aarch64-softmmu/hw/adc/stm32f2xx_adc.o
> CC x86_64-softmmu/hw/i386/vmport.o
> CC aarch64-softmmu/hw/block/virtio-blk.o
> CC aarch64-softmmu/hw/block/dataplane/virtio-blk.o
> CC aarch64-softmmu/hw/char/exynos4210_uart.o
> CC x86_64-softmmu/hw/i386/vmmouse.o
> CC aarch64-softmmu/hw/char/omap_uart.o
> CC x86_64-softmmu/hw/i386/kvmvapic.o
> CC x86_64-softmmu/hw/i386/acpi-build.o
> CC aarch64-softmmu/hw/char/digic-uart.o
> CC x86_64-softmmu/target/i386/helper.o
> CC aarch64-softmmu/hw/char/stm32f2xx_usart.o
> CC aarch64-softmmu/hw/char/bcm2835_aux.o
> CC aarch64-softmmu/hw/char/virtio-serial-bus.o
> CC aarch64-softmmu/hw/core/generic-loader.o
> CC x86_64-softmmu/target/i386/cpu.o
> In file included from /tmp/qemu-test/src/target/i386/helper.c:24:0:
> /tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
> #include <linux/kvm.h>
> ^~~~~~~~~~~~~
> compilation terminated.
> make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/helper.o] Error 1
> make[1]: *** Waiting for unfinished jobs....
> CC aarch64-softmmu/hw/core/null-machine.o
> CC aarch64-softmmu/hw/cpu/arm11mpcore.o
> CC aarch64-softmmu/hw/cpu/realview_mpcore.o
> CC aarch64-softmmu/hw/cpu/a9mpcore.o
> CC aarch64-softmmu/hw/cpu/a15mpcore.o
> CC aarch64-softmmu/hw/display/omap_dss.o
> In file included from /tmp/qemu-test/src/target/i386/cpu.c:29:0:
> /tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
> #include <linux/kvm.h>
> ^~~~~~~~~~~~~
> compilation terminated.
> make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/cpu.o] Error 1
> make: *** [Makefile:472: subdir-x86_64-softmmu] Error 2
> make: *** Waiting for unfinished jobs....
> CC aarch64-softmmu/hw/display/omap_lcdc.o
> CC aarch64-softmmu/hw/display/pxa2xx_lcd.o
> CC aarch64-softmmu/hw/display/bcm2835_fb.o
> CC aarch64-softmmu/hw/display/vga.o
> CC aarch64-softmmu/hw/display/virtio-gpu.o
> CC aarch64-softmmu/hw/display/virtio-gpu-3d.o
> CC aarch64-softmmu/hw/display/virtio-gpu-pci.o
> CC aarch64-softmmu/hw/display/dpcd.o
> CC aarch64-softmmu/hw/display/xlnx_dp.o
> CC aarch64-softmmu/hw/dma/xlnx_dpdma.o
> CC aarch64-softmmu/hw/dma/omap_dma.o
> CC aarch64-softmmu/hw/dma/soc_dma.o
> CC aarch64-softmmu/hw/dma/pxa2xx_dma.o
> CC aarch64-softmmu/hw/dma/bcm2835_dma.o
> CC aarch64-softmmu/hw/gpio/omap_gpio.o
> CC aarch64-softmmu/hw/gpio/imx_gpio.o
> CC aarch64-softmmu/hw/gpio/bcm2835_gpio.o
> CC aarch64-softmmu/hw/i2c/omap_i2c.o
> CC aarch64-softmmu/hw/input/pxa2xx_keypad.o
> CC aarch64-softmmu/hw/input/tsc210x.o
> CC aarch64-softmmu/hw/intc/armv7m_nvic.o
> CC aarch64-softmmu/hw/intc/exynos4210_gic.o
> CC aarch64-softmmu/hw/intc/exynos4210_combiner.o
> CC aarch64-softmmu/hw/intc/omap_intc.o
> CC aarch64-softmmu/hw/intc/bcm2835_ic.o
> CC aarch64-softmmu/hw/intc/bcm2836_control.o
> CC aarch64-softmmu/hw/intc/allwinner-a10-pic.o
> CC aarch64-softmmu/hw/intc/aspeed_vic.o
> CC aarch64-softmmu/hw/intc/arm_gicv3_cpuif.o
> CC aarch64-softmmu/hw/misc/arm_sysctl.o
> CC aarch64-softmmu/hw/misc/cbus.o
> CC aarch64-softmmu/hw/misc/exynos4210_pmu.o
> CC aarch64-softmmu/hw/misc/exynos4210_clk.o
> CC aarch64-softmmu/hw/misc/exynos4210_rng.o
> CC aarch64-softmmu/hw/misc/imx_ccm.o
> CC aarch64-softmmu/hw/misc/imx31_ccm.o
> CC aarch64-softmmu/hw/misc/imx25_ccm.o
> CC aarch64-softmmu/hw/misc/imx6_ccm.o
> CC aarch64-softmmu/hw/misc/imx6_src.o
> CC aarch64-softmmu/hw/misc/imx7_ccm.o
> CC aarch64-softmmu/hw/misc/imx2_wdt.o
> CC aarch64-softmmu/hw/misc/imx7_snvs.o
> CC aarch64-softmmu/hw/misc/imx7_gpr.o
> CC aarch64-softmmu/hw/misc/mst_fpga.o
> CC aarch64-softmmu/hw/misc/omap_clk.o
> CC aarch64-softmmu/hw/misc/omap_gpmc.o
> CC aarch64-softmmu/hw/misc/omap_l4.o
> CC aarch64-softmmu/hw/misc/omap_sdrc.o
> CC aarch64-softmmu/hw/misc/omap_tap.o
> CC aarch64-softmmu/hw/misc/bcm2835_mbox.o
> CC aarch64-softmmu/hw/misc/bcm2835_property.o
> CC aarch64-softmmu/hw/misc/bcm2835_rng.o
> CC aarch64-softmmu/hw/misc/zynq_slcr.o
> CC aarch64-softmmu/hw/misc/zynq-xadc.o
> CC aarch64-softmmu/hw/misc/stm32f2xx_syscfg.o
> CC aarch64-softmmu/hw/misc/mps2-fpgaio.o
> CC aarch64-softmmu/hw/misc/mps2-scc.o
> CC aarch64-softmmu/hw/misc/tz-ppc.o
> CC aarch64-softmmu/hw/misc/iotkit-secctl.o
> CC aarch64-softmmu/hw/misc/auxbus.o
> CC aarch64-softmmu/hw/misc/aspeed_scu.o
> CC aarch64-softmmu/hw/misc/aspeed_sdmc.o
> CC aarch64-softmmu/hw/misc/mmio_interface.o
> CC aarch64-softmmu/hw/misc/msf2-sysreg.o
> CC aarch64-softmmu/hw/net/virtio-net.o
> CC aarch64-softmmu/hw/net/vhost_net.o
> CC aarch64-softmmu/hw/pcmcia/pxa2xx.o
> CC aarch64-softmmu/hw/scsi/virtio-scsi.o
> CC aarch64-softmmu/hw/scsi/virtio-scsi-dataplane.o
> CC aarch64-softmmu/hw/sd/omap_mmc.o
> CC aarch64-softmmu/hw/sd/pxa2xx_mmci.o
> CC aarch64-softmmu/hw/sd/bcm2835_sdhost.o
> CC aarch64-softmmu/hw/ssi/omap_spi.o
> CC aarch64-softmmu/hw/ssi/imx_spi.o
> CC aarch64-softmmu/hw/timer/exynos4210_mct.o
> CC aarch64-softmmu/hw/timer/exynos4210_pwm.o
> CC aarch64-softmmu/hw/timer/exynos4210_rtc.o
> CC aarch64-softmmu/hw/timer/omap_gptimer.o
> CC aarch64-softmmu/hw/timer/omap_synctimer.o
> CC aarch64-softmmu/hw/timer/pxa2xx_timer.o
> CC aarch64-softmmu/hw/timer/digic-timer.o
> CC aarch64-softmmu/hw/timer/allwinner-a10-pit.o
> CC aarch64-softmmu/hw/usb/tusb6010.o
> CC aarch64-softmmu/hw/usb/chipidea.o
> CC aarch64-softmmu/hw/virtio/virtio.o
> CC aarch64-softmmu/hw/virtio/virtio-balloon.o
> CC aarch64-softmmu/hw/virtio/virtio-crypto.o
> CC aarch64-softmmu/hw/virtio/virtio-crypto-pci.o
> CC aarch64-softmmu/hw/arm/boot.o
> CC aarch64-softmmu/hw/arm/collie.o
> CC aarch64-softmmu/hw/arm/exynos4_boards.o
> CC aarch64-softmmu/hw/arm/gumstix.o
> CC aarch64-softmmu/hw/arm/highbank.o
> CC aarch64-softmmu/hw/arm/digic_boards.o
> CC aarch64-softmmu/hw/arm/integratorcp.o
> CC aarch64-softmmu/hw/arm/mainstone.o
> CC aarch64-softmmu/hw/arm/musicpal.o
> CC aarch64-softmmu/hw/arm/nseries.o
> CC aarch64-softmmu/hw/arm/omap_sx1.o
> CC aarch64-softmmu/hw/arm/palm.o
> CC aarch64-softmmu/hw/arm/realview.o
> CC aarch64-softmmu/hw/arm/spitz.o
> CC aarch64-softmmu/hw/arm/stellaris.o
> CC aarch64-softmmu/hw/arm/tosa.o
> CC aarch64-softmmu/hw/arm/versatilepb.o
> CC aarch64-softmmu/hw/arm/vexpress.o
> CC aarch64-softmmu/hw/arm/virt.o
> CC aarch64-softmmu/hw/arm/xilinx_zynq.o
> CC aarch64-softmmu/hw/arm/z2.o
> CC aarch64-softmmu/hw/arm/virt-acpi-build.o
> CC aarch64-softmmu/hw/arm/netduino2.o
> CC aarch64-softmmu/hw/arm/sysbus-fdt.o
> CC aarch64-softmmu/hw/arm/armv7m.o
> CC aarch64-softmmu/hw/arm/exynos4210.o
> CC aarch64-softmmu/hw/arm/pxa2xx.o
> CC aarch64-softmmu/hw/arm/pxa2xx_gpio.o
> CC aarch64-softmmu/hw/arm/pxa2xx_pic.o
> CC aarch64-softmmu/hw/arm/digic.o
> CC aarch64-softmmu/hw/arm/omap1.o
> CC aarch64-softmmu/hw/arm/omap2.o
> CC aarch64-softmmu/hw/arm/strongarm.o
> CC aarch64-softmmu/hw/arm/allwinner-a10.o
> CC aarch64-softmmu/hw/arm/cubieboard.o
> CC aarch64-softmmu/hw/arm/bcm2835_peripherals.o
> CC aarch64-softmmu/hw/arm/bcm2836.o
> CC aarch64-softmmu/hw/arm/raspi.o
> CC aarch64-softmmu/hw/arm/stm32f205_soc.o
> CC aarch64-softmmu/hw/arm/xlnx-zynqmp.o
> CC aarch64-softmmu/hw/arm/xlnx-zcu102.o
> CC aarch64-softmmu/hw/arm/fsl-imx25.o
> CC aarch64-softmmu/hw/arm/imx25_pdk.o
> CC aarch64-softmmu/hw/arm/fsl-imx31.o
> CC aarch64-softmmu/hw/arm/kzm.o
> CC aarch64-softmmu/hw/arm/fsl-imx6.o
> CC aarch64-softmmu/hw/arm/sabrelite.o
> CC aarch64-softmmu/hw/arm/aspeed_soc.o
> CC aarch64-softmmu/hw/arm/aspeed.o
> CC aarch64-softmmu/hw/arm/mps2.o
> CC aarch64-softmmu/hw/arm/mps2-tz.o
> CC aarch64-softmmu/hw/arm/msf2-soc.o
> CC aarch64-softmmu/hw/arm/msf2-som.o
> CC aarch64-softmmu/hw/arm/iotkit.o
> CC aarch64-softmmu/target/arm/arm-semi.o
> CC aarch64-softmmu/target/arm/machine.o
> CC aarch64-softmmu/target/arm/psci.o
> CC aarch64-softmmu/target/arm/arch_dump.o
> CC aarch64-softmmu/target/arm/monitor.o
> CC aarch64-softmmu/target/arm/kvm-stub.o
> CC aarch64-softmmu/target/arm/translate.o
> CC aarch64-softmmu/target/arm/op_helper.o
> CC aarch64-softmmu/target/arm/helper.o
> CC aarch64-softmmu/target/arm/cpu.o
> CC aarch64-softmmu/target/arm/neon_helper.o
> CC aarch64-softmmu/target/arm/iwmmxt_helper.o
> CC aarch64-softmmu/target/arm/vec_helper.o
> CC aarch64-softmmu/target/arm/gdbstub.o
> CC aarch64-softmmu/target/arm/cpu64.o
> CC aarch64-softmmu/target/arm/translate-a64.o
> CC aarch64-softmmu/target/arm/helper-a64.o
> CC aarch64-softmmu/target/arm/gdbstub64.o
> CC aarch64-softmmu/target/arm/crypto_helper.o
> CC aarch64-softmmu/target/arm/arm-powerctl.o
> GEN trace/generated-helpers.c
> CC aarch64-softmmu/trace/control-target.o
> CC aarch64-softmmu/gdbstub-xml.o
> CC aarch64-softmmu/trace/generated-helpers.o
> LINK aarch64-softmmu/qemu-system-aarch64w.exe
> GEN aarch64-softmmu/qemu-system-aarch64.exe
> Traceback (most recent call last):
> File "./tests/docker/docker.py", line 407, in <module>
> sys.exit(main())
> File "./tests/docker/docker.py", line 404, in main
> return args.cmdobj.run(args, argv)
> File "./tests/docker/docker.py", line 261, in run
> return Docker().run(argv, args.keep, quiet=args.quiet)
> File "./tests/docker/docker.py", line 229, in run
> quiet=quiet)
> File "./tests/docker/docker.py", line 147, in _do_check
> return subprocess.check_call(self._command + cmd, **kwargs)
> File "/usr/lib64/python2.7/subprocess.py", line 186, in check_call
> raise CalledProcessError(retcode, cmd)
> subprocess.CalledProcessError: Command '['docker', 'run', '--label', 'com.qemu.instance.uuid=9bef6af0222b11e8bca752540069c830', '-u', '0', '--security-opt', 'seccomp=unconfined', '--rm', '--net=none', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=8', '-e', 'DEBUG=', '-e', 'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/root/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945:/var/tmp/qemu:z,ro', 'qemu:fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit status 2
> make[1]: *** [tests/docker/Makefile.include:129: docker-run] Error 1
> make[1]: Leaving directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
> make: *** [tests/docker/Makefile.include:163: docker-run-test-mingw@fedora] Error 2
>
> real 5m52.411s
> user 0m4.700s
> sys 0m4.017s
> === OUTPUT END ===
>
> Test command exited with code: 2
>
>
> ---
> Email generated automatically by Patchew [http://patchew.org/].
> Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply related [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
@ 2018-03-07 20:35 ` Brijesh Singh
0 siblings, 0 replies; 74+ messages in thread
From: Brijesh Singh @ 2018-03-07 20:35 UTC (permalink / raw)
To: qemu-devel
Cc: brijesh.singh, famz, peter.maydell, kvm, mst, stefanha, agraf,
edgar.iglesias, armbru, brogers, borntraeger, marcel, bp,
Thomas.Lendacky, ehabkost, richard.henderson, dgilbert,
alistair.francis, cornelia.huck, crosthwaite.peter, pbonzini
Hi,
I have root caused and fixed the build issue seen with mingw32 compiler,
the patch is very trivial (see below).
I am looking for direction on how to submit the fix, should I resubmit
the whole series or just send the updated patch marked as "Patch v11.1
..." ? The "patch v11 11/28" included these headers in sev_i386.h, we
need to move them in sev.c to fix this issue.
thanks
-------
diff --git a/target/i386/sev.c b/target/i386/sev.c
index f838cf7e3720..826bdff7bf2e 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -11,6 +11,11 @@
*
*/
+#include <linux/psp-sev.h>
+#include <linux/kvm.h>
+
+#include <sys/ioctl.h>
+
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qom/object_interfaces.h"
diff --git a/target/i386/sev_i386.h b/target/i386/sev_i386.h
index cd802e4b4178..b8622dfb1e49 100644
--- a/target/i386/sev_i386.h
+++ b/target/i386/sev_i386.h
@@ -14,11 +14,6 @@
#ifndef QEMU_SEV_I386_H
#define QEMU_SEV_I386_H
-#include <linux/kvm.h>
-#include <linux/psp-sev.h>
-
-#include <sys/ioctl.h>
-
#include "qom/object.h"
#include "qapi/error.h"
#include "sysemu/kvm.h"
On 3/7/18 11:24 AM, no-reply@patchew.org wrote:
> Hi,
>
> This series failed docker-mingw@fedora build test. Please find the testing commands and
> their output below. If you have Docker installed, you can probably reproduce it
> locally.
>
> Type: series
> Message-id: 20180307165038.88640-1-brijesh.singh@amd.com
> Subject: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
>
> === TEST SCRIPT BEGIN ===
> #!/bin/bash
> set -e
> git submodule update --init dtc
> # Let docker tests dump environment info
> export SHOW_ENV=1
> export J=8
> time make docker-test-mingw@fedora
> === TEST SCRIPT END ===
>
> Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
> Switched to a new branch 'test'
> 4fbea75df6 tests/qmp-test: blacklist sev specific qmp commands
> dee06afe23 sev/i386: add sev_get_capabilities()
> 4bc4467cbd qmp: add query-sev-capabilities command
> b96190fd71 cpu/i386: populate CPUID 0x8000_001F when SEV is active
> 3c60cdc4ec sev/i386: add migration blocker
> a9ab0a27b2 qmp: add query-sev-launch-measure command
> 7a9005e7b3 target/i386: clear C-bit when walking SEV guest page table
> 1758f0ec5d sev/i386: add debug encrypt and decrypt commands
> 31a61f5fe9 hw/i386: set ram_debug_ops when memory encryption is enabled
> 346e90b176 sev/i386: finalize the SEV guest launch flow
> 38cf6ff868 sev/i386: add support to LAUNCH_MEASURE command
> a9df6d98ec target/i386: encrypt bios rom
> baa46b9faf sev/i386: add command to encrypt guest memory region
> 41354b73a4 sev/i386: add command to create launch memory encryption context
> 4d35f32583 hmp: add 'info sev' command
> 16598f2cc1 kvm: introduce memory encryption APIs
> 36b000c77c sev/i386: register the guest memory range which may contain encrypted data
> 435a482830 sev/i386: add command to initialize the memory encryption context
> 1c37bac2fa include: add psp-sev.h header file
> ea9d68aad5 qmp: add query-sev command
> e85ff63940 target/i386: add Secure Encrypted Virtulization (SEV) object
> 9605c92f32 docs: add AMD Secure Encrypted Virtualization (SEV)
> 52514277fb kvm: update kvm.h to include memory encryption ioctls
> 2398a21fbd machine: add -memory-encryption property
> 40ba67a92d monitor/i386: use debug APIs when accessing guest memory
> 7a060f2310 exec: add debug version of physical memory read and write API
> 6533e78730 exec: add ram_debug_ops support
> 94ffe21118 memattrs: add debug attribute
>
> === OUTPUT BEGIN ===
> Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/dtc'...
> Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
> BUILD fedora
> make[1]: Entering directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
> GEN /var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot'...
> done.
> Checking out files: 45% (2690/5948)
> Checking out files: 46% (2737/5948)
> Checking out files: 47% (2796/5948)
> Checking out files: 48% (2856/5948)
> Checking out files: 49% (2915/5948)
> Checking out files: 50% (2974/5948)
> Checking out files: 51% (3034/5948)
> Checking out files: 52% (3093/5948)
> Checking out files: 53% (3153/5948)
> Checking out files: 54% (3212/5948)
> Checking out files: 55% (3272/5948)
> Checking out files: 56% (3331/5948)
> Checking out files: 57% (3391/5948)
> Checking out files: 58% (3450/5948)
> Checking out files: 59% (3510/5948)
> Checking out files: 60% (3569/5948)
> Checking out files: 61% (3629/5948)
> Checking out files: 62% (3688/5948)
> Checking out files: 63% (3748/5948)
> Checking out files: 64% (3807/5948)
> Checking out files: 65% (3867/5948)
> Checking out files: 66% (3926/5948)
> Checking out files: 67% (3986/5948)
> Checking out files: 68% (4045/5948)
> Checking out files: 69% (4105/5948)
> Checking out files: 70% (4164/5948)
> Checking out files: 71% (4224/5948)
> Checking out files: 72% (4283/5948)
> Checking out files: 73% (4343/5948)
> Checking out files: 74% (4402/5948)
> Checking out files: 75% (4461/5948)
> Checking out files: 76% (4521/5948)
> Checking out files: 77% (4580/5948)
> Checking out files: 78% (4640/5948)
> Checking out files: 79% (4699/5948)
> Checking out files: 80% (4759/5948)
> Checking out files: 81% (4818/5948)
> Checking out files: 82% (4878/5948)
> Checking out files: 83% (4937/5948)
> Checking out files: 84% (4997/5948)
> Checking out files: 85% (5056/5948)
> Checking out files: 86% (5116/5948)
> Checking out files: 87% (5175/5948)
> Checking out files: 88% (5235/5948)
> Checking out files: 89% (5294/5948)
> Checking out files: 90% (5354/5948)
> Checking out files: 91% (5413/5948)
> Checking out files: 92% (5473/5948)
> Checking out files: 93% (5532/5948)
> Checking out files: 94% (5592/5948)
> Checking out files: 95% (5651/5948)
> Checking out files: 96% (5711/5948)
> Checking out files: 97% (5770/5948)
> Checking out files: 98% (5830/5948)
> Checking out files: 99% (5889/5948)
> Checking out files: 100% (5948/5948)
> Checking out files: 100% (5948/5948), done.
> Your branch is up-to-date with 'origin/test'.
> Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/dtc'...
> Submodule path 'dtc': checked out 'e54388015af1fb4bf04d0bca99caba1074d9cc42'
> Submodule 'ui/keycodemapdb' (git://git.qemu.org/keycodemapdb.git) registered for path 'ui/keycodemapdb'
> Cloning into '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945/qemu.tar.vroot/ui/keycodemapdb'...
> Submodule path 'ui/keycodemapdb': checked out '6b3d716e2b6472eb7189d3220552280ef3d832ce'
> COPY RUNNER
> RUN test-mingw in qemu:fedora
> Packages installed:
> PyYAML-3.12-5.fc27.x86_64
> SDL-devel-1.2.15-29.fc27.x86_64
> bc-1.07.1-3.fc27.x86_64
> bison-3.0.4-8.fc27.x86_64
> bzip2-1.0.6-24.fc27.x86_64
> ccache-3.3.5-1.fc27.x86_64
> clang-5.0.1-1.fc27.x86_64
> findutils-4.6.0-14.fc27.x86_64
> flex-2.6.1-5.fc27.x86_64
> gcc-7.3.1-2.fc27.x86_64
> gcc-c++-7.3.1-2.fc27.x86_64
> gettext-0.19.8.1-12.fc27.x86_64
> git-2.14.3-2.fc27.x86_64
> glib2-devel-2.54.3-2.fc27.x86_64
> hostname-3.18-4.fc27.x86_64
> libaio-devel-0.3.110-9.fc27.x86_64
> libasan-7.3.1-2.fc27.x86_64
> libfdt-devel-1.4.6-1.fc27.x86_64
> libubsan-7.3.1-2.fc27.x86_64
> make-4.2.1-4.fc27.x86_64
> mingw32-SDL-1.2.15-9.fc27.noarch
> mingw32-bzip2-1.0.6-9.fc27.noarch
> mingw32-curl-7.54.1-2.fc27.noarch
> mingw32-glib2-2.54.1-1.fc27.noarch
> mingw32-gmp-6.1.2-2.fc27.noarch
> mingw32-gnutls-3.5.13-2.fc27.noarch
> mingw32-gtk2-2.24.31-4.fc27.noarch
> mingw32-gtk3-3.22.16-1.fc27.noarch
> mingw32-libjpeg-turbo-1.5.1-3.fc27.noarch
> mingw32-libpng-1.6.29-2.fc27.noarch
> mingw32-libssh2-1.8.0-3.fc27.noarch
> mingw32-libtasn1-4.13-1.fc27.noarch
> mingw32-nettle-3.3-3.fc27.noarch
> mingw32-pixman-0.34.0-3.fc27.noarch
> mingw32-pkg-config-0.28-9.fc27.x86_64
> mingw64-SDL-1.2.15-9.fc27.noarch
> mingw64-bzip2-1.0.6-9.fc27.noarch
> mingw64-curl-7.54.1-2.fc27.noarch
> mingw64-glib2-2.54.1-1.fc27.noarch
> mingw64-gmp-6.1.2-2.fc27.noarch
> mingw64-gnutls-3.5.13-2.fc27.noarch
> mingw64-gtk2-2.24.31-4.fc27.noarch
> mingw64-gtk3-3.22.16-1.fc27.noarch
> mingw64-libjpeg-turbo-1.5.1-3.fc27.noarch
> mingw64-libpng-1.6.29-2.fc27.noarch
> mingw64-libssh2-1.8.0-3.fc27.noarch
> mingw64-libtasn1-4.13-1.fc27.noarch
> mingw64-nettle-3.3-3.fc27.noarch
> mingw64-pixman-0.34.0-3.fc27.noarch
> mingw64-pkg-config-0.28-9.fc27.x86_64
> nettle-devel-3.4-1.fc27.x86_64
> perl-5.26.1-402.fc27.x86_64
> pixman-devel-0.34.0-4.fc27.x86_64
> python3-3.6.2-13.fc27.x86_64
> sparse-0.5.1-2.fc27.x86_64
> tar-1.29-7.fc27.x86_64
> which-2.21-4.fc27.x86_64
> zlib-devel-1.2.11-4.fc27.x86_64
>
> Environment variables:
> TARGET_LIST=
> PACKAGES=ccache gettext git tar PyYAML sparse flex bison python3 bzip2 hostname glib2-devel pixman-devel zlib-devel SDL-devel libfdt-devel gcc gcc-c++ clang make perl which bc findutils libaio-devel nettle-devel libasan libubsan mingw32-pixman mingw32-glib2 mingw32-gmp mingw32-SDL mingw32-pkg-config mingw32-gtk2 mingw32-gtk3 mingw32-gnutls mingw32-nettle mingw32-libtasn1 mingw32-libjpeg-turbo mingw32-libpng mingw32-curl mingw32-libssh2 mingw32-bzip2 mingw64-pixman mingw64-glib2 mingw64-gmp mingw64-SDL mingw64-pkg-config mingw64-gtk2 mingw64-gtk3 mingw64-gnutls mingw64-nettle mingw64-libtasn1 mingw64-libjpeg-turbo mingw64-libpng mingw64-curl mingw64-libssh2 mingw64-bzip2
> J=8
> V=
> HOSTNAME=939c73c338e1
> DEBUG=
> SHOW_ENV=1
> PWD=/
> HOME=/root
> CCACHE_DIR=/var/tmp/ccache
> DISTTAG=f27container
> QEMU_CONFIGURE_OPTS=--python=/usr/bin/python3
> FGC=f27
> TEST_DIR=/tmp/qemu-test
> SHLVL=1
> FEATURES=mingw clang pyyaml asan dtc
> PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
> MAKEFLAGS= -j8
> EXTRA_CONFIGURE_OPTS=
> _=/usr/bin/env
>
> Configure options:
> --enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/tmp/qemu-test/install --python=/usr/bin/python3 --cross-prefix=x86_64-w64-mingw32- --enable-trace-backends=simple --enable-gnutls --enable-nettle --enable-curl --enable-vnc --enable-bzip2 --enable-guest-agent --with-sdlabi=1.2 --with-gtkabi=2.0
> Install prefix /tmp/qemu-test/install
> BIOS directory /tmp/qemu-test/install
> firmware path /tmp/qemu-test/install/share/qemu-firmware
> binary directory /tmp/qemu-test/install
> library directory /tmp/qemu-test/install/lib
> module directory /tmp/qemu-test/install/lib
> libexec directory /tmp/qemu-test/install/libexec
> include directory /tmp/qemu-test/install/include
> config directory /tmp/qemu-test/install
> local state directory queried at runtime
> Windows SDK no
> Source path /tmp/qemu-test/src
> GIT binary git
> GIT submodules
> C compiler x86_64-w64-mingw32-gcc
> Host C compiler cc
> C++ compiler x86_64-w64-mingw32-g++
> Objective-C compiler clang
> ARFLAGS rv
> CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
> QEMU_CFLAGS -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/pixman-1 -I$(SRC_PATH)/dtc/libfdt -Werror -DHAS_LIBSSH2_SFTP_FSYNC -mms-bitfields -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/glib-2.0 -I/usr/x86_64-w64-mingw32/sys-root/mingw/lib/glib-2.0/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -m64 -mcx16 -mthreads -D__USE_MINGW_ANSI_STDIO=1 -DWIN32_LEAN_AND_MEAN -DWINVER=0x501 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wexpansion-to-defined -Wendif-labels -Wno-shift-negative-value -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-strong -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/p11-kit-1 -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include -I/usr/x86_64-w64-mingw32/sys-root/mingw/include/libpng16
> LDFLAGS -Wl,--nxcompat -Wl,--no-seh -Wl,--dynamicbase -Wl,--warn-common -m64 -g
> make make
> install install
> python /usr/bin/python3 -B
> smbd /usr/sbin/smbd
> module support no
> host CPU x86_64
> host big endian no
> target list x86_64-softmmu aarch64-softmmu
> gprof enabled no
> sparse enabled no
> strip binaries yes
> profiler no
> static build no
> SDL support yes (1.2.15)
> GTK support yes (2.24.31)
> GTK GL support no
> VTE support no
> TLS priority NORMAL
> GNUTLS support yes
> GNUTLS rnd yes
> libgcrypt no
> libgcrypt kdf no
> nettle yes (3.3)
> nettle kdf yes
> libtasn1 yes
> curses support no
> virgl support no
> curl support yes
> mingw32 support yes
> Audio drivers dsound
> Block whitelist (rw)
> Block whitelist (ro)
> VirtFS support no
> Multipath support no
> VNC support yes
> VNC SASL support no
> VNC JPEG support yes
> VNC PNG support yes
> xen support no
> brlapi support no
> bluez support no
> Documentation no
> PIE no
> vde support no
> netmap support no
> Linux AIO support no
> ATTR/XATTR support no
> Install blobs yes
> KVM support no
> HAX support yes
> HVF support no
> WHPX support no
> TCG support yes
> TCG debug enabled no
> TCG interpreter no
> malloc trim support no
> RDMA support no
> fdt support yes
> preadv support no
> fdatasync no
> madvise no
> posix_madvise no
> posix_memalign no
> libcap-ng support no
> vhost-net support no
> vhost-crypto support no
> vhost-scsi support no
> vhost-vsock support no
> vhost-user support no
> Trace backends simple
> Trace output file trace-<pid>
> spice support no
> rbd support no
> xfsctl support no
> smartcard support no
> libusb no
> usb net redir no
> OpenGL support no
> OpenGL dmabufs no
> libiscsi support no
> libnfs support no
> build guest agent yes
> QGA VSS support no
> QGA w32 disk info yes
> QGA MSI support no
> seccomp support no
> coroutine backend win32
> coroutine pool yes
> debug stack usage no
> crypto afalg no
> GlusterFS support no
> gcov gcov
> gcov enabled no
> TPM support yes
> libssh2 support yes
> TPM passthrough no
> TPM emulator no
> QOM debugging yes
> Live block migration yes
> lzo support no
> snappy support no
> bzip2 support yes
> NUMA host support no
> libxml2 no
> tcmalloc support no
> jemalloc support no
> avx2 optimization yes
> replication support yes
> VxHS block device no
> capstone no
>
> WARNING: Use of GTK 2.0 is deprecated and will be removed in
> WARNING: future releases. Please switch to using GTK 3.0
>
> WARNING: Use of SDL 1.2 is deprecated and will be removed in
> WARNING: future releases. Please switch to using SDL 2.0
> mkdir -p dtc/libfdt
> mkdir -p dtc/tests
> GEN x86_64-softmmu/config-devices.mak.tmp
> GEN aarch64-softmmu/config-devices.mak.tmp
> GEN config-host.h
> GEN qemu-options.def
> GEN qapi-gen
> GEN trace/generated-tcg-tracers.h
> GEN trace/generated-helpers-wrappers.h
> GEN trace/generated-helpers.h
> GEN x86_64-softmmu/config-devices.mak
> GEN aarch64-softmmu/config-devices.mak
> GEN trace/generated-helpers.c
> GEN module_block.h
> GEN ui/input-keymap-atset1-to-qcode.c
> GEN ui/input-keymap-linux-to-qcode.c
> GEN ui/input-keymap-qcode-to-atset1.c
> GEN ui/input-keymap-qcode-to-atset2.c
> GEN ui/input-keymap-qcode-to-atset3.c
> GEN ui/input-keymap-qcode-to-linux.c
> GEN ui/input-keymap-qcode-to-qnum.c
> GEN ui/input-keymap-qcode-to-sun.c
> GEN ui/input-keymap-qnum-to-qcode.c
> GEN ui/input-keymap-usb-to-qcode.c
> GEN ui/input-keymap-win32-to-qcode.c
> GEN ui/input-keymap-x11-to-qcode.c
> GEN ui/input-keymap-xorgevdev-to-qcode.c
> GEN ui/input-keymap-xorgkbd-to-qcode.c
> GEN ui/input-keymap-xorgxquartz-to-qcode.c
> GEN ui/input-keymap-xorgxwin-to-qcode.c
> GEN tests/test-qapi-gen
> GEN trace-root.h
> GEN util/trace.h
> GEN crypto/trace.h
> GEN io/trace.h
> GEN migration/trace.h
> GEN block/trace.h
> GEN chardev/trace.h
> GEN hw/block/trace.h
> GEN hw/block/dataplane/trace.h
> GEN hw/char/trace.h
> GEN hw/intc/trace.h
> GEN hw/net/trace.h
> GEN hw/rdma/trace.h
> GEN hw/rdma/vmw/trace.h
> GEN hw/virtio/trace.h
> GEN hw/audio/trace.h
> GEN hw/misc/trace.h
> GEN hw/misc/macio/trace.h
> GEN hw/usb/trace.h
> GEN hw/scsi/trace.h
> GEN hw/nvram/trace.h
> GEN hw/display/trace.h
> GEN hw/input/trace.h
> GEN hw/timer/trace.h
> GEN hw/dma/trace.h
> GEN hw/sparc/trace.h
> GEN hw/sparc64/trace.h
> GEN hw/sd/trace.h
> GEN hw/isa/trace.h
> GEN hw/mem/trace.h
> GEN hw/i386/trace.h
> GEN hw/i386/xen/trace.h
> GEN hw/9pfs/trace.h
> GEN hw/ppc/trace.h
> GEN hw/pci/trace.h
> GEN hw/pci-host/trace.h
> GEN hw/s390x/trace.h
> GEN hw/vfio/trace.h
> GEN hw/acpi/trace.h
> GEN hw/arm/trace.h
> GEN hw/alpha/trace.h
> GEN hw/hppa/trace.h
> GEN hw/xen/trace.h
> GEN hw/ide/trace.h
> GEN ui/trace.h
> GEN audio/trace.h
> GEN net/trace.h
> GEN target/arm/trace.h
> GEN target/i386/trace.h
> GEN target/mips/trace.h
> GEN target/sparc/trace.h
> GEN target/s390x/trace.h
> GEN target/ppc/trace.h
> GEN qom/trace.h
> GEN linux-user/trace.h
> GEN qapi/trace.h
> GEN accel/tcg/trace.h
> GEN accel/kvm/trace.h
> GEN nbd/trace.h
> GEN scsi/trace.h
> GEN trace-root.c
> GEN util/trace.c
> GEN crypto/trace.c
> GEN io/trace.c
> GEN migration/trace.c
> GEN block/trace.c
> GEN chardev/trace.c
> GEN hw/block/trace.c
> GEN hw/block/dataplane/trace.c
> GEN hw/char/trace.c
> GEN hw/intc/trace.c
> GEN hw/net/trace.c
> GEN hw/rdma/trace.c
> GEN hw/rdma/vmw/trace.c
> GEN hw/virtio/trace.c
> GEN hw/audio/trace.c
> GEN hw/misc/trace.c
> GEN hw/misc/macio/trace.c
> GEN hw/usb/trace.c
> GEN hw/scsi/trace.c
> GEN hw/nvram/trace.c
> GEN hw/display/trace.c
> GEN hw/input/trace.c
> GEN hw/timer/trace.c
> GEN hw/dma/trace.c
> GEN hw/sparc/trace.c
> GEN hw/sparc64/trace.c
> GEN hw/sd/trace.c
> GEN hw/isa/trace.c
> GEN hw/mem/trace.c
> GEN hw/i386/trace.c
> GEN hw/i386/xen/trace.c
> GEN hw/9pfs/trace.c
> GEN hw/ppc/trace.c
> GEN hw/pci/trace.c
> GEN hw/pci-host/trace.c
> GEN hw/s390x/trace.c
> GEN hw/vfio/trace.c
> GEN hw/acpi/trace.c
> GEN hw/arm/trace.c
> GEN hw/alpha/trace.c
> GEN hw/hppa/trace.c
> GEN hw/xen/trace.c
> GEN hw/ide/trace.c
> GEN ui/trace.c
> GEN audio/trace.c
> GEN net/trace.c
> GEN target/arm/trace.c
> GEN target/i386/trace.c
> GEN target/mips/trace.c
> GEN target/sparc/trace.c
> GEN target/s390x/trace.c
> GEN target/ppc/trace.c
> GEN qom/trace.c
> GEN linux-user/trace.c
> GEN qapi/trace.c
> GEN accel/tcg/trace.c
> GEN accel/kvm/trace.c
> GEN nbd/trace.c
> GEN scsi/trace.c
> GEN config-all-devices.mak
> DEP /tmp/qemu-test/src/dtc/tests/dumptrees.c
> DEP /tmp/qemu-test/src/dtc/tests/trees.S
> DEP /tmp/qemu-test/src/dtc/tests/testutils.c
> DEP /tmp/qemu-test/src/dtc/tests/value-labels.c
> DEP /tmp/qemu-test/src/dtc/tests/asm_tree_dump.c
> DEP /tmp/qemu-test/src/dtc/tests/truncated_property.c
> DEP /tmp/qemu-test/src/dtc/tests/check_path.c
> DEP /tmp/qemu-test/src/dtc/tests/overlay_bad_fixup.c
> DEP /tmp/qemu-test/src/dtc/tests/overlay.c
> DEP /tmp/qemu-test/src/dtc/tests/subnode_iterate.c
> DEP /tmp/qemu-test/src/dtc/tests/property_iterate.c
> DEP /tmp/qemu-test/src/dtc/tests/integer-expressions.c
> DEP /tmp/qemu-test/src/dtc/tests/utilfdt_test.c
> DEP /tmp/qemu-test/src/dtc/tests/path_offset_aliases.c
> DEP /tmp/qemu-test/src/dtc/tests/add_subnode_with_nops.c
> DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_unordered.c
> DEP /tmp/qemu-test/src/dtc/tests/dtb_reverse.c
> DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_ordered.c
> DEP /tmp/qemu-test/src/dtc/tests/extra-terminating-null.c
> DEP /tmp/qemu-test/src/dtc/tests/incbin.c
> DEP /tmp/qemu-test/src/dtc/tests/boot-cpuid.c
> DEP /tmp/qemu-test/src/dtc/tests/phandle_format.c
> DEP /tmp/qemu-test/src/dtc/tests/path-references.c
> DEP /tmp/qemu-test/src/dtc/tests/references.c
> DEP /tmp/qemu-test/src/dtc/tests/propname_escapes.c
> DEP /tmp/qemu-test/src/dtc/tests/string_escapes.c
> DEP /tmp/qemu-test/src/dtc/tests/appendprop2.c
> DEP /tmp/qemu-test/src/dtc/tests/appendprop1.c
> DEP /tmp/qemu-test/src/dtc/tests/del_node.c
> DEP /tmp/qemu-test/src/dtc/tests/setprop.c
> DEP /tmp/qemu-test/src/dtc/tests/del_property.c
> DEP /tmp/qemu-test/src/dtc/tests/set_name.c
> DEP /tmp/qemu-test/src/dtc/tests/rw_tree1.c
> DEP /tmp/qemu-test/src/dtc/tests/open_pack.c
> DEP /tmp/qemu-test/src/dtc/tests/nopulate.c
> DEP /tmp/qemu-test/src/dtc/tests/mangle-layout.c
> DEP /tmp/qemu-test/src/dtc/tests/move_and_save.c
> DEP /tmp/qemu-test/src/dtc/tests/sw_tree1.c
> DEP /tmp/qemu-test/src/dtc/tests/nop_node.c
> DEP /tmp/qemu-test/src/dtc/tests/nop_property.c
> DEP /tmp/qemu-test/src/dtc/tests/setprop_inplace.c
> DEP /tmp/qemu-test/src/dtc/tests/stringlist.c
> DEP /tmp/qemu-test/src/dtc/tests/addr_size_cells.c
> DEP /tmp/qemu-test/src/dtc/tests/notfound.c
> DEP /tmp/qemu-test/src/dtc/tests/sized_cells.c
> DEP /tmp/qemu-test/src/dtc/tests/char_literal.c
> DEP /tmp/qemu-test/src/dtc/tests/get_alias.c
> DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_compatible.c
> DEP /tmp/qemu-test/src/dtc/tests/node_check_compatible.c
> DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_phandle.c
> DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_prop_value.c
> DEP /tmp/qemu-test/src/dtc/tests/parent_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/supernode_atdepth_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/get_path.c
> DEP /tmp/qemu-test/src/dtc/tests/get_phandle.c
> DEP /tmp/qemu-test/src/dtc/tests/getprop.c
> DEP /tmp/qemu-test/src/dtc/tests/get_name.c
> DEP /tmp/qemu-test/src/dtc/tests/path_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/subnode_offset.c
> DEP /tmp/qemu-test/src/dtc/tests/root_node.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_overlay.c
> DEP /tmp/qemu-test/src/dtc/tests/find_property.c
> DEP /tmp/qemu-test/src/dtc/tests/get_mem_rsv.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_addresses.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_empty_tree.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_strerror.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_rw.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_sw.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_wip.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt_ro.c
> DEP /tmp/qemu-test/src/dtc/libfdt/fdt.c
> DEP /tmp/qemu-test/src/dtc/util.c
> DEP /tmp/qemu-test/src/dtc/fdtoverlay.c
> DEP /tmp/qemu-test/src/dtc/fdtput.c
> DEP /tmp/qemu-test/src/dtc/fdtget.c
> DEP /tmp/qemu-test/src/dtc/fdtdump.c
> LEX convert-dtsv0-lexer.lex.c
> DEP /tmp/qemu-test/src/dtc/srcpos.c
> BISON dtc-parser.tab.c
> LEX dtc-lexer.lex.c
> DEP /tmp/qemu-test/src/dtc/treesource.c
> DEP /tmp/qemu-test/src/dtc/livetree.c
> DEP /tmp/qemu-test/src/dtc/fstree.c
> DEP /tmp/qemu-test/src/dtc/flattree.c
> DEP /tmp/qemu-test/src/dtc/dtc.c
> DEP /tmp/qemu-test/src/dtc/data.c
> DEP /tmp/qemu-test/src/dtc/checks.c
> DEP convert-dtsv0-lexer.lex.c
> DEP dtc-lexer.lex.c
> DEP dtc-parser.tab.c
> CHK version_gen.h
> UPD version_gen.h
> DEP /tmp/qemu-test/src/dtc/util.c
> CC libfdt/fdt.o
> CC libfdt/fdt_ro.o
> CC libfdt/fdt_wip.o
> CC libfdt/fdt_sw.o
> CC libfdt/fdt_empty_tree.o
> CC libfdt/fdt_rw.o
> CC libfdt/fdt_strerror.o
> CC libfdt/fdt_addresses.o
> CC libfdt/fdt_overlay.o
> AR libfdt/libfdt.a
> x86_64-w64-mingw32-ar: creating libfdt/libfdt.a
> a - libfdt/fdt.o
> a - libfdt/fdt_ro.o
> a - libfdt/fdt_wip.o
> a - libfdt/fdt_sw.o
> a - libfdt/fdt_rw.o
> a - libfdt/fdt_strerror.o
> a - libfdt/fdt_empty_tree.o
> a - libfdt/fdt_addresses.o
> a - libfdt/fdt_overlay.o
> RC version.o
> mkdir -p dtc/libfdt
> mkdir -p dtc/tests
> GEN qga/qapi-generated/qapi-gen
> CC qapi/qapi-types.o
> CC qapi/qapi-types-block-core.o
> CC qapi/qapi-builtin-types.o
> CC qapi/qapi-types-char.o
> CC qapi/qapi-types-block.o
> CC qapi/qapi-types-common.o
> CC qapi/qapi-types-crypto.o
> CC qapi/qapi-types-introspect.o
> CC qapi/qapi-types-misc.o
> CC qapi/qapi-types-migration.o
> CC qapi/qapi-types-net.o
> CC qapi/qapi-types-rocker.o
> CC qapi/qapi-types-run-state.o
> CC qapi/qapi-types-sockets.o
> CC qapi/qapi-types-tpm.o
> CC qapi/qapi-types-trace.o
> CC qapi/qapi-types-transaction.o
> CC qapi/qapi-types-ui.o
> CC qapi/qapi-builtin-visit.o
> CC qapi/qapi-visit.o
> CC qapi/qapi-visit-block-core.o
> CC qapi/qapi-visit-char.o
> CC qapi/qapi-visit-block.o
> CC qapi/qapi-visit-common.o
> CC qapi/qapi-visit-crypto.o
> CC qapi/qapi-visit-introspect.o
> CC qapi/qapi-visit-migration.o
> CC qapi/qapi-visit-misc.o
> CC qapi/qapi-visit-net.o
> CC qapi/qapi-visit-rocker.o
> CC qapi/qapi-visit-run-state.o
> CC qapi/qapi-visit-sockets.o
> CC qapi/qapi-visit-tpm.o
> CC qapi/qapi-visit-transaction.o
> CC qapi/qapi-visit-trace.o
> CC qapi/qapi-visit-ui.o
> CC qapi/qapi-events.o
> CC qapi/qapi-events-block-core.o
> CC qapi/qapi-events-block.o
> CC qapi/qapi-events-char.o
> CC qapi/qapi-events-common.o
> CC qapi/qapi-events-crypto.o
> CC qapi/qapi-events-introspect.o
> CC qapi/qapi-events-migration.o
> CC qapi/qapi-events-misc.o
> CC qapi/qapi-events-net.o
> CC qapi/qapi-events-rocker.o
> CC qapi/qapi-events-run-state.o
> CC qapi/qapi-events-sockets.o
> CC qapi/qapi-events-tpm.o
> CC qapi/qapi-events-trace.o
> CC qapi/qapi-events-transaction.o
> CC qapi/qapi-events-ui.o
> CC qapi/qapi-introspect.o
> CC qapi/qapi-visit-core.o
> CC qapi/qapi-dealloc-visitor.o
> CC qapi/qobject-input-visitor.o
> CC qapi/qobject-output-visitor.o
> CC qapi/qmp-registry.o
> CC qapi/qmp-dispatch.o
> CC qapi/string-input-visitor.o
> CC qapi/string-output-visitor.o
> CC qapi/opts-visitor.o
> CC qapi/qapi-clone-visitor.o
> CC qapi/qmp-event.o
> CC qapi/qapi-util.o
> CC qobject/qnull.o
> CC qobject/qnum.o
> CC qobject/qstring.o
> CC qobject/qdict.o
> CC qobject/qbool.o
> CC qobject/qlist.o
> CC qobject/qlit.o
> CC qobject/qjson.o
> CC qobject/qobject.o
> CC qobject/json-lexer.o
> CC qobject/json-streamer.o
> CC qobject/json-parser.o
> CC trace/simple.o
> CC trace/control.o
> CC trace/qmp.o
> CC util/osdep.o
> CC util/cutils.o
> CC util/unicode.o
> CC util/qemu-timer-common.o
> CC util/bufferiszero.o
> CC util/lockcnt.o
> CC util/aiocb.o
> CC util/async.o
> CC util/aio-wait.o
> CC util/thread-pool.o
> CC util/qemu-timer.o
> CC util/main-loop.o
> CC util/iohandler.o
> CC util/aio-win32.o
> CC util/event_notifier-win32.o
> CC util/oslib-win32.o
> CC util/qemu-thread-win32.o
> CC util/envlist.o
> CC util/path.o
> CC util/module.o
> CC util/host-utils.o
> CC util/bitmap.o
> CC util/bitops.o
> CC util/hbitmap.o
> CC util/fifo8.o
> CC util/acl.o
> CC util/cacheinfo.o
> CC util/error.o
> CC util/qemu-error.o
> CC util/id.o
> CC util/iov.o
> CC util/qemu-config.o
> CC util/qemu-sockets.o
> CC util/uri.o
> CC util/notify.o
> CC util/qemu-option.o
> CC util/qemu-progress.o
> CC util/keyval.o
> CC util/hexdump.o
> CC util/crc32c.o
> CC util/throttle.o
> CC util/uuid.o
> CC util/getauxval.o
> CC util/readline.o
> CC util/rcu.o
> CC util/qemu-coroutine.o
> CC util/qemu-coroutine-lock.o
> CC util/qemu-coroutine-io.o
> CC util/qemu-coroutine-sleep.o
> CC util/coroutine-win32.o
> CC util/buffer.o
> CC util/timed-average.o
> CC util/base64.o
> CC util/log.o
> CC util/pagesize.o
> CC util/qdist.o
> CC util/qht.o
> CC util/range.o
> CC util/stats64.o
> CC util/systemd.o
> CC trace-root.o
> CC util/trace.o
> CC crypto/trace.o
> CC io/trace.o
> CC migration/trace.o
> CC block/trace.o
> CC chardev/trace.o
> CC hw/block/trace.o
> CC hw/block/dataplane/trace.o
> CC hw/char/trace.o
> CC hw/intc/trace.o
> CC hw/net/trace.o
> CC hw/rdma/trace.o
> CC hw/rdma/vmw/trace.o
> CC hw/virtio/trace.o
> CC hw/audio/trace.o
> CC hw/misc/trace.o
> CC hw/misc/macio/trace.o
> CC hw/usb/trace.o
> CC hw/scsi/trace.o
> CC hw/nvram/trace.o
> CC hw/display/trace.o
> CC hw/input/trace.o
> CC hw/timer/trace.o
> CC hw/dma/trace.o
> CC hw/sparc/trace.o
> CC hw/sparc64/trace.o
> CC hw/sd/trace.o
> CC hw/isa/trace.o
> CC hw/mem/trace.o
> CC hw/i386/trace.o
> CC hw/i386/xen/trace.o
> CC hw/9pfs/trace.o
> CC hw/ppc/trace.o
> CC hw/pci/trace.o
> CC hw/pci-host/trace.o
> CC hw/s390x/trace.o
> CC hw/vfio/trace.o
> CC hw/acpi/trace.o
> CC hw/arm/trace.o
> CC hw/alpha/trace.o
> CC hw/hppa/trace.o
> CC hw/xen/trace.o
> CC hw/ide/trace.o
> CC ui/trace.o
> CC audio/trace.o
> CC net/trace.o
> CC target/arm/trace.o
> CC target/i386/trace.o
> CC target/mips/trace.o
> CC target/sparc/trace.o
> CC target/s390x/trace.o
> CC target/ppc/trace.o
> CC qom/trace.o
> CC linux-user/trace.o
> CC qapi/trace.o
> CC accel/tcg/trace.o
> CC accel/kvm/trace.o
> CC nbd/trace.o
> CC scsi/trace.o
> CC crypto/pbkdf-stub.o
> CC stubs/arch-query-cpu-def.o
> CC stubs/arch-query-cpu-model-expansion.o
> CC stubs/arch-query-cpu-model-comparison.o
> CC stubs/arch-query-cpu-model-baseline.o
> CC stubs/bdrv-next-monitor-owned.o
> CC stubs/blk-commit-all.o
> CC stubs/blockdev-close-all-bdrv-states.o
> CC stubs/clock-warp.o
> CC stubs/cpu-get-clock.o
> CC stubs/cpu-get-icount.o
> CC stubs/dump.o
> CC stubs/error-printf.o
> CC stubs/fdset.o
> CC stubs/gdbstub.o
> CC stubs/get-vm-name.o
> CC stubs/iothread.o
> CC stubs/iothread-lock.o
> CC stubs/is-daemonized.o
> CC stubs/machine-init-done.o
> CC stubs/migr-blocker.o
> CC stubs/change-state-handler.o
> CC stubs/monitor.o
> CC stubs/notify-event.o
> CC stubs/qtest.o
> CC stubs/replay.o
> CC stubs/runstate-check.o
> CC stubs/set-fd-handler.o
> CC stubs/slirp.o
> CC stubs/sysbus.o
> CC stubs/tpm.o
> CC stubs/trace-control.o
> CC stubs/uuid.o
> CC stubs/vm-stop.o
> CC stubs/vmstate.o
> CC stubs/fd-register.o
> CC stubs/qmp_pc_dimm.o
> CC stubs/target-monitor-defs.o
> CC stubs/target-get-monitor-def.o
> CC stubs/pc_madt_cpu_entry.o
> CC stubs/vmgenid.o
> CC stubs/xen-common.o
> CC stubs/xen-hvm.o
> CC stubs/pci-host-piix.o
> CC stubs/ram-block.o
> CC stubs/sev.o
> GEN qemu-img-cmds.h
> CC block.o
> CC blockjob.o
> CC qemu-io-cmds.o
> CC replication.o
> CC block/raw-format.o
> CC block/qcow.o
> CC block/vdi.o
> CC block/vmdk.o
> CC block/cloop.o
> CC block/bochs.o
> CC block/vpc.o
> CC block/vvfat.o
> CC block/dmg.o
> CC block/qcow2.o
> CC block/qcow2-refcount.o
> CC block/qcow2-cluster.o
> CC block/qcow2-snapshot.o
> CC block/qcow2-cache.o
> CC block/qcow2-bitmap.o
> CC block/qed.o
> CC block/qed-l2-cache.o
> CC block/qed-table.o
> CC block/qed-cluster.o
> CC block/qed-check.o
> CC block/vhdx.o
> CC block/vhdx-endian.o
> CC block/vhdx-log.o
> CC block/quorum.o
> CC block/parallels.o
> CC block/blkdebug.o
> CC block/blkverify.o
> CC block/blkreplay.o
> CC block/block-backend.o
> CC block/snapshot.o
> CC block/qapi.o
> CC block/file-win32.o
> CC block/win32-aio.o
> CC block/null.o
> CC block/mirror.o
> CC block/commit.o
> CC block/io.o
> CC block/throttle-groups.o
> CC block/nbd.o
> CC block/nbd-client.o
> CC block/sheepdog.o
> CC block/accounting.o
> CC block/dirty-bitmap.o
> CC block/write-threshold.o
> CC block/backup.o
> CC block/replication.o
> CC block/throttle.o
> CC block/crypto.o
> CC nbd/server.o
> CC nbd/client.o
> CC nbd/common.o
> CC scsi/utils.o
> CC block/curl.o
> CC block/ssh.o
> CC block/dmg-bz2.o
> CC crypto/init.o
> CC crypto/hash.o
> CC crypto/hash-nettle.o
> CC crypto/hmac.o
> CC crypto/hmac-nettle.o
> CC crypto/aes.o
> CC crypto/desrfb.o
> CC crypto/cipher.o
> CC crypto/tlscreds.o
> CC crypto/tlscredsanon.o
> CC crypto/tlscredsx509.o
> CC crypto/tlssession.o
> CC crypto/secret.o
> CC crypto/random-gnutls.o
> CC crypto/pbkdf.o
> CC crypto/pbkdf-nettle.o
> CC crypto/ivgen.o
> CC crypto/ivgen-essiv.o
> CC crypto/ivgen-plain.o
> CC crypto/ivgen-plain64.o
> CC crypto/afsplit.o
> CC crypto/xts.o
> CC crypto/block.o
> CC crypto/block-qcow.o
> CC crypto/block-luks.o
> CC io/channel.o
> CC io/channel-buffer.o
> CC io/channel-command.o
> CC io/channel-file.o
> CC io/channel-socket.o
> CC io/channel-tls.o
> CC io/channel-watch.o
> CC io/channel-websock.o
> CC io/channel-util.o
> CC io/dns-resolver.o
> CC io/net-listener.o
> CC io/task.o
> CC qom/object.o
> CC qom/container.o
> CC qom/qom-qobject.o
> CC qom/object_interfaces.o
> CC qemu-io.o
> CC blockdev.o
> CC blockdev-nbd.o
> CC bootdevice.o
> CC iothread.o
> CC qdev-monitor.o
> CC device-hotplug.o
> CC os-win32.o
> CC bt-host.o
> CC bt-vhci.o
> CC dma-helpers.o
> CC vl.o
> CC tpm.o
> CC device_tree.o
> CC qapi/qapi-commands.o
> CC qapi/qapi-commands-block-core.o
> CC qapi/qapi-commands-block.o
> CC qapi/qapi-commands-char.o
> CC qapi/qapi-commands-common.o
> CC qapi/qapi-commands-crypto.o
> CC qapi/qapi-commands-introspect.o
> CC qapi/qapi-commands-migration.o
> CC qapi/qapi-commands-misc.o
> CC qapi/qapi-commands-net.o
> CC qapi/qapi-commands-rocker.o
> CC qapi/qapi-commands-run-state.o
> CC qapi/qapi-commands-sockets.o
> CC qapi/qapi-commands-tpm.o
> CC qapi/qapi-commands-trace.o
> CC qapi/qapi-commands-transaction.o
> CC qapi/qapi-commands-ui.o
> CC qmp.o
> CC hmp.o
> CC cpus-common.o
> CC audio/audio.o
> CC audio/noaudio.o
> CC audio/wavaudio.o
> CC audio/mixeng.o
> CC audio/dsoundaudio.o
> CC audio/audio_win_int.o
> CC audio/wavcapture.o
> CC backends/rng.o
> CC backends/rng-egd.o
> CC backends/tpm.o
> CC backends/hostmem.o
> CC backends/hostmem-ram.o
> CC backends/cryptodev.o
> CC backends/cryptodev-builtin.o
> CC backends/cryptodev-vhost.o
> CC block/stream.o
> CC chardev/msmouse.o
> CC chardev/wctablet.o
> CC chardev/testdev.o
> CC disas/arm.o
> CXX disas/arm-a64.o
> CC disas/i386.o
> CXX disas/libvixl/vixl/utils.o
> CXX disas/libvixl/vixl/compiler-intrinsics.o
> CXX disas/libvixl/vixl/a64/instructions-a64.o
> CXX disas/libvixl/vixl/a64/decoder-a64.o
> CXX disas/libvixl/vixl/a64/disasm-a64.o
> CC hw/acpi/core.o
> CC hw/acpi/piix4.o
> CC hw/acpi/pcihp.o
> CC hw/acpi/ich9.o
> CC hw/acpi/tco.o
> CC hw/acpi/cpu_hotplug.o
> CC hw/acpi/memory_hotplug.o
> CC hw/acpi/cpu.o
> CC hw/acpi/nvdimm.o
> CC hw/acpi/vmgenid.o
> CC hw/acpi/acpi_interface.o
> CC hw/acpi/bios-linker-loader.o
> CC hw/acpi/aml-build.o
> CC hw/acpi/ipmi.o
> CC hw/acpi/acpi-stub.o
> CC hw/acpi/ipmi-stub.o
> CC hw/audio/sb16.o
> CC hw/audio/es1370.o
> CC hw/audio/ac97.o
> CC hw/audio/fmopl.o
> CC hw/audio/adlib.o
> CC hw/audio/gus.o
> CC hw/audio/gusemu_hal.o
> CC hw/audio/gusemu_mixer.o
> CC hw/audio/cs4231a.o
> CC hw/audio/intel-hda.o
> CC hw/audio/hda-codec.o
> CC hw/audio/pcspk.o
> CC hw/audio/wm8750.o
> CC hw/audio/pl041.o
> CC hw/audio/lm4549.o
> CC hw/audio/marvell_88w8618.o
> CC hw/audio/soundhw.o
> CC hw/block/block.o
> CC hw/block/cdrom.o
> CC hw/block/hd-geometry.o
> CC hw/block/fdc.o
> CC hw/block/m25p80.o
> CC hw/block/nand.o
> CC hw/block/pflash_cfi01.o
> CC hw/block/pflash_cfi02.o
> CC hw/block/ecc.o
> CC hw/block/onenand.o
> CC hw/block/nvme.o
> CC hw/bt/core.o
> CC hw/bt/l2cap.o
> CC hw/bt/sdp.o
> CC hw/bt/hci.o
> CC hw/bt/hid.o
> CC hw/bt/hci-csr.o
> CC hw/char/ipoctal232.o
> CC hw/char/parallel.o
> CC hw/char/pl011.o
> CC hw/char/serial.o
> CC hw/char/serial-isa.o
> CC hw/char/serial-pci.o
> CC hw/char/virtio-console.o
> CC hw/char/cadence_uart.o
> CC hw/char/cmsdk-apb-uart.o
> CC hw/char/debugcon.o
> CC hw/char/imx_serial.o
> CC hw/core/qdev.o
> CC hw/core/qdev-properties.o
> CC hw/core/bus.o
> CC hw/core/reset.o
> CC hw/core/qdev-fw.o
> CC hw/core/fw-path-provider.o
> CC hw/core/irq.o
> CC hw/core/hotplug.o
> CC hw/core/nmi.o
> CC hw/core/stream.o
> CC hw/core/ptimer.o
> CC hw/core/sysbus.o
> CC hw/core/machine.o
> CC hw/core/loader.o
> CC hw/core/qdev-properties-system.o
> CC hw/core/register.o
> CC hw/core/or-irq.o
> CC hw/core/split-irq.o
> CC hw/core/platform-bus.o
> CC hw/cpu/core.o
> CC hw/display/ads7846.o
> CC hw/display/cirrus_vga.o
> CC hw/display/pl110.o
> CC hw/display/sii9022.o
> CC hw/display/ssd0303.o
> CC hw/display/ssd0323.o
> CC hw/display/vga-pci.o
> CC hw/display/vga-isa.o
> CC hw/display/vmware_vga.o
> CC hw/display/blizzard.o
> CC hw/display/exynos4210_fimd.o
> CC hw/display/framebuffer.o
> CC hw/display/tc6393xb.o
> CC hw/dma/pl080.o
> CC hw/dma/pl330.o
> CC hw/dma/i8257.o
> CC hw/dma/xilinx_axidma.o
> CC hw/dma/xlnx-zynq-devcfg.o
> CC hw/gpio/max7310.o
> CC hw/gpio/pl061.o
> CC hw/gpio/zaurus.o
> CC hw/gpio/gpio_key.o
> CC hw/i2c/core.o
> CC hw/i2c/smbus.o
> CC hw/i2c/smbus_eeprom.o
> CC hw/i2c/i2c-ddc.o
> CC hw/i2c/versatile_i2c.o
> CC hw/i2c/smbus_ich9.o
> CC hw/i2c/pm_smbus.o
> CC hw/i2c/bitbang_i2c.o
> CC hw/i2c/exynos4210_i2c.o
> CC hw/i2c/imx_i2c.o
> CC hw/i2c/aspeed_i2c.o
> CC hw/ide/core.o
> CC hw/ide/atapi.o
> CC hw/ide/qdev.o
> CC hw/ide/pci.o
> CC hw/ide/isa.o
> CC hw/ide/piix.o
> CC hw/ide/microdrive.o
> CC hw/ide/ahci.o
> CC hw/ide/ich.o
> CC hw/ide/ahci-allwinner.o
> CC hw/input/hid.o
> CC hw/input/lm832x.o
> CC hw/input/pckbd.o
> CC hw/input/pl050.o
> CC hw/input/ps2.o
> CC hw/input/stellaris_input.o
> CC hw/input/tsc2005.o
> CC hw/input/virtio-input.o
> CC hw/input/virtio-input-hid.o
> CC hw/intc/i8259_common.o
> CC hw/intc/i8259.o
> CC hw/intc/pl190.o
> CC hw/intc/xlnx-pmu-iomod-intc.o
> CC hw/intc/xlnx-zynqmp-ipi.o
> CC hw/intc/imx_avic.o
> CC hw/intc/imx_gpcv2.o
> CC hw/intc/realview_gic.o
> CC hw/intc/ioapic_common.o
> CC hw/intc/arm_gic_common.o
> CC hw/intc/arm_gic.o
> CC hw/intc/arm_gicv2m.o
> CC hw/intc/arm_gicv3_common.o
> CC hw/intc/arm_gicv3.o
> CC hw/intc/arm_gicv3_dist.o
> CC hw/intc/arm_gicv3_redist.o
> CC hw/intc/arm_gicv3_its_common.o
> CC hw/intc/intc.o
> CC hw/ipack/ipack.o
> CC hw/ipack/tpci200.o
> CC hw/ipmi/ipmi.o
> CC hw/ipmi/ipmi_bmc_sim.o
> CC hw/ipmi/ipmi_bmc_extern.o
> CC hw/ipmi/isa_ipmi_kcs.o
> CC hw/ipmi/isa_ipmi_bt.o
> CC hw/isa/isa-bus.o
> CC hw/isa/apm.o
> CC hw/mem/pc-dimm.o
> CC hw/mem/nvdimm.o
> CC hw/misc/applesmc.o
> CC hw/misc/max111x.o
> CC hw/misc/tmp105.o
> CC hw/misc/tmp421.o
> CC hw/misc/debugexit.o
> CC hw/misc/sga.o
> CC hw/misc/pc-testdev.o
> CC hw/misc/pci-testdev.o
> CC hw/misc/edu.o
> CC hw/misc/unimp.o
> CC hw/misc/vmcoreinfo.o
> CC hw/misc/arm_l2x0.o
> CC hw/misc/arm_integrator_debug.o
> CC hw/misc/a9scu.o
> CC hw/misc/arm11scu.o
> CC hw/net/ne2000.o
> CC hw/net/eepro100.o
> CC hw/net/pcnet-pci.o
> CC hw/net/pcnet.o
> CC hw/net/e1000.o
> CC hw/net/e1000x_common.o
> CC hw/net/net_tx_pkt.o
> CC hw/net/net_rx_pkt.o
> CC hw/net/e1000e.o
> CC hw/net/e1000e_core.o
> CC hw/net/rtl8139.o
> CC hw/net/vmxnet3.o
> CC hw/net/smc91c111.o
> CC hw/net/lan9118.o
> CC hw/net/ne2000-isa.o
> CC hw/net/xgmac.o
> CC hw/net/xilinx_axienet.o
> CC hw/net/allwinner_emac.o
> CC hw/net/imx_fec.o
> CC hw/net/cadence_gem.o
> CC hw/net/stellaris_enet.o
> CC hw/net/ftgmac100.o
> CC hw/net/rocker/rocker.o
> CC hw/net/rocker/rocker_fp.o
> CC hw/net/rocker/rocker_desc.o
> CC hw/net/rocker/rocker_world.o
> CC hw/net/rocker/rocker_of_dpa.o
> CC hw/net/can/can_sja1000.o
> CC hw/net/can/can_kvaser_pci.o
> CC hw/net/can/can_pcm3680_pci.o
> CC hw/net/can/can_mioe3680_pci.o
> CC hw/nvram/eeprom93xx.o
> CC hw/nvram/eeprom_at24c.o
> CC hw/nvram/fw_cfg.o
> CC hw/nvram/chrp_nvram.o
> CC hw/pci-bridge/pci_bridge_dev.o
> CC hw/pci-bridge/pcie_root_port.o
> CC hw/pci-bridge/gen_pcie_root_port.o
> CC hw/pci-bridge/pcie_pci_bridge.o
> CC hw/pci-bridge/pci_expander_bridge.o
> CC hw/pci-bridge/xio3130_upstream.o
> CC hw/pci-bridge/xio3130_downstream.o
> CC hw/pci-bridge/ioh3420.o
> CC hw/pci-bridge/i82801b11.o
> CC hw/pci-host/pam.o
> CC hw/pci-host/versatile.o
> CC hw/pci-host/piix.o
> CC hw/pci-host/q35.o
> CC hw/pci-host/gpex.o
> CC hw/pci/pci.o
> CC hw/pci/pci_bridge.o
> CC hw/pci/msix.o
> CC hw/pci/msi.o
> CC hw/pci/shpc.o
> CC hw/pci/slotid_cap.o
> CC hw/pci/pci_host.o
> CC hw/pci/pcie_host.o
> CC hw/pci/pcie.o
> CC hw/pci/pcie_aer.o
> CC hw/pci/pcie_port.o
> CC hw/pci/pci-stub.o
> CC hw/pcmcia/pcmcia.o
> CC hw/scsi/scsi-disk.o
> CC hw/scsi/scsi-generic.o
> CC hw/scsi/scsi-bus.o
> CC hw/scsi/lsi53c895a.o
> CC hw/scsi/mptsas.o
> CC hw/scsi/mptconfig.o
> CC hw/scsi/mptendian.o
> CC hw/scsi/megasas.o
> CC hw/scsi/vmw_pvscsi.o
> CC hw/scsi/esp.o
> CC hw/scsi/esp-pci.o
> CC hw/sd/pl181.o
> CC hw/sd/ssi-sd.o
> CC hw/sd/sd.o
> CC hw/sd/core.o
> CC hw/sd/sdhci.o
> CC hw/smbios/smbios.o
> CC hw/smbios/smbios_type_38.o
> CC hw/smbios/smbios-stub.o
> CC hw/smbios/smbios_type_38-stub.o
> CC hw/ssi/pl022.o
> CC hw/ssi/ssi.o
> CC hw/ssi/xilinx_spips.o
> CC hw/ssi/aspeed_smc.o
> CC hw/ssi/stm32f2xx_spi.o
> CC hw/ssi/mss-spi.o
> CC hw/timer/arm_timer.o
> CC hw/timer/arm_mptimer.o
> CC hw/timer/armv7m_systick.o
> CC hw/timer/a9gtimer.o
> CC hw/timer/cadence_ttc.o
> CC hw/timer/ds1338.o
> CC hw/timer/hpet.o
> CC hw/timer/i8254_common.o
> CC hw/timer/i8254.o
> CC hw/timer/pl031.o
> CC hw/timer/twl92230.o
> CC hw/timer/imx_epit.o
> CC hw/timer/imx_gpt.o
> CC hw/timer/xlnx-zynqmp-rtc.o
> CC hw/timer/stm32f2xx_timer.o
> CC hw/timer/aspeed_timer.o
> CC hw/timer/cmsdk-apb-timer.o
> CC hw/timer/mss-timer.o
> CC hw/tpm/tpm_util.o
> CC hw/tpm/tpm_tis.o
> CC hw/tpm/tpm_crb.o
> CC hw/usb/core.o
> CC hw/usb/combined-packet.o
> CC hw/usb/bus.o
> CC hw/usb/libhw.o
> CC hw/usb/desc.o
> CC hw/usb/desc-msos.o
> CC hw/usb/hcd-uhci.o
> CC hw/usb/hcd-ohci.o
> CC hw/usb/hcd-ehci.o
> CC hw/usb/hcd-ehci-pci.o
> CC hw/usb/hcd-ehci-sysbus.o
> CC hw/usb/hcd-xhci.o
> CC hw/usb/hcd-xhci-nec.o
> CC hw/usb/hcd-musb.o
> CC hw/usb/dev-hub.o
> CC hw/usb/dev-hid.o
> CC hw/usb/dev-wacom.o
> CC hw/usb/dev-storage.o
> CC hw/usb/dev-uas.o
> CC hw/usb/dev-audio.o
> CC hw/usb/dev-serial.o
> CC hw/usb/dev-network.o
> CC hw/usb/dev-bluetooth.o
> CC hw/usb/dev-smartcard-reader.o
> CC hw/usb/host-stub.o
> CC hw/virtio/virtio-rng.o
> CC hw/virtio/virtio-pci.o
> CC hw/virtio/virtio-bus.o
> CC hw/virtio/virtio-mmio.o
> CC hw/virtio/vhost-stub.o
> CC hw/watchdog/watchdog.o
> CC hw/watchdog/wdt_i6300esb.o
> CC hw/watchdog/wdt_ib700.o
> CC hw/watchdog/wdt_aspeed.o
> CC migration/migration.o
> CC migration/socket.o
> CC migration/fd.o
> CC migration/exec.o
> CC migration/tls.o
> CC migration/channel.o
> CC migration/savevm.o
> CC migration/colo-comm.o
> CC migration/colo.o
> CC migration/colo-failover.o
> CC migration/vmstate.o
> CC migration/vmstate-types.o
> CC migration/page_cache.o
> CC migration/qemu-file.o
> CC migration/global_state.o
> CC migration/qemu-file-channel.o
> CC migration/xbzrle.o
> CC migration/postcopy-ram.o
> CC migration/qjson.o
> CC migration/block.o
> CC net/net.o
> CC net/queue.o
> CC net/checksum.o
> CC net/util.o
> CC net/hub.o
> CC net/socket.o
> CC net/dump.o
> CC net/eth.o
> CC net/slirp.o
> CC net/filter.o
> CC net/filter-buffer.o
> CC net/filter-mirror.o
> CC net/colo-compare.o
> CC net/colo.o
> CC net/filter-rewriter.o
> CC net/filter-replay.o
> CC net/tap-win32.o
> CC net/can/can_core.o
> CC net/can/can_host.o
> CC qom/cpu.o
> CC replay/replay.o
> CC replay/replay-internal.o
> CC replay/replay-events.o
> CC replay/replay-time.o
> CC replay/replay-input.o
> CC replay/replay-char.o
> CC replay/replay-snapshot.o
> CC replay/replay-net.o
> CC replay/replay-audio.o
> CC slirp/cksum.o
> CC slirp/if.o
> CC slirp/ip_icmp.o
> CC slirp/ip6_icmp.o
> CC slirp/ip6_input.o
> CC slirp/ip6_output.o
> CC slirp/ip_input.o
> CC slirp/ip_output.o
> CC slirp/dnssearch.o
> CC slirp/dhcpv6.o
> CC slirp/slirp.o
> CC slirp/mbuf.o
> CC slirp/misc.o
> CC slirp/sbuf.o
> CC slirp/socket.o
> CC slirp/tcp_input.o
> CC slirp/tcp_output.o
> CC slirp/tcp_subr.o
> CC slirp/tcp_timer.o
> CC slirp/udp.o
> CC slirp/udp6.o
> CC slirp/bootp.o
> CC slirp/tftp.o
> CC slirp/arp_table.o
> CC slirp/ndp_table.o
> CC slirp/ncsi.o
> CC ui/keymaps.o
> CC ui/console.o
> CC ui/cursor.o
> CC ui/qemu-pixman.o
> CC ui/input.o
> CC ui/input-keymap.o
> CC ui/input-legacy.o
> CC ui/vnc.o
> CC ui/vnc-enc-zlib.o
> CC ui/vnc-enc-hextile.o
> CC ui/vnc-enc-tight.o
> CC ui/vnc-enc-zrle.o
> CC ui/vnc-palette.o
> CC ui/vnc-auth-vencrypt.o
> CC ui/vnc-ws.o
> CC ui/vnc-jobs.o
> CC ui/sdl.o
> CC ui/sdl_zoom.o
> CC ui/gtk.o
> CC chardev/char.o
> CC chardev/char-console.o
> CC chardev/char-fe.o
> CC chardev/char-file.o
> CC chardev/char-io.o
> CC chardev/char-mux.o
> CC chardev/char-null.o
> CC chardev/char-pipe.o
> CC chardev/char-ringbuf.o
> CC chardev/char-serial.o
> CC chardev/char-socket.o
> CC chardev/char-stdio.o
> CC chardev/char-udp.o
> CC chardev/char-win.o
> CC chardev/char-win-stdio.o
> CC qga/commands.o
> CC qga/guest-agent-command-state.o
> CC qga/main.o
> AS optionrom/multiboot.o
> AS optionrom/linuxboot.o
> CC qga/commands-win32.o
> CC optionrom/linuxboot_dma.o
> AS optionrom/kvmvapic.o
> BUILD optionrom/multiboot.img
> BUILD optionrom/linuxboot.img
> BUILD optionrom/linuxboot_dma.img
> CC qga/channel-win32.o
> BUILD optionrom/kvmvapic.img
> BUILD optionrom/multiboot.raw
> CC qga/service-win32.o
> BUILD optionrom/linuxboot.raw
> BUILD optionrom/linuxboot_dma.raw
> CC qga/vss-win32.o
> BUILD optionrom/kvmvapic.raw
> SIGN optionrom/multiboot.bin
> SIGN optionrom/linuxboot.bin
> SIGN optionrom/linuxboot_dma.bin
> SIGN optionrom/kvmvapic.bin
> CC qga/qapi-generated/qga-qapi-visit.o
> CC qga/qapi-generated/qga-qapi-commands.o
> CC qga/qapi-generated/qga-qapi-types.o
> AR libqemuutil.a
> CC qemu-img.o
> LINK qemu-ga.exe
> LINK qemu-io.exe
> GEN x86_64-softmmu/hmp-commands.h
> GEN x86_64-softmmu/hmp-commands-info.h
> GEN x86_64-softmmu/config-target.h
> GEN aarch64-softmmu/config-target.h
> GEN aarch64-softmmu/hmp-commands.h
> GEN aarch64-softmmu/hmp-commands-info.h
> CC x86_64-softmmu/exec.o
> CC x86_64-softmmu/tcg/tcg.o
> CC x86_64-softmmu/tcg/tcg-op.o
> CC x86_64-softmmu/tcg/tcg-op-vec.o
> CC x86_64-softmmu/tcg/tcg-op-gvec.o
> CC x86_64-softmmu/tcg/tcg-common.o
> CC aarch64-softmmu/exec.o
> CC aarch64-softmmu/tcg/tcg.o
> CC x86_64-softmmu/tcg/optimize.o
> LINK qemu-img.exe
> CC aarch64-softmmu/tcg/tcg-op.o
> CC x86_64-softmmu/fpu/softfloat.o
> CC aarch64-softmmu/tcg/tcg-op-vec.o
> CC x86_64-softmmu/disas.o
> GEN x86_64-softmmu/gdbstub-xml.c
> CC x86_64-softmmu/arch_init.o
> CC x86_64-softmmu/cpus.o
> CC x86_64-softmmu/monitor.o
> CC x86_64-softmmu/gdbstub.o
> CC aarch64-softmmu/tcg/tcg-op-gvec.o
> CC x86_64-softmmu/balloon.o
> CC x86_64-softmmu/ioport.o
> CC x86_64-softmmu/numa.o
> CC aarch64-softmmu/tcg/tcg-common.o
> CC x86_64-softmmu/qtest.o
> CC aarch64-softmmu/tcg/optimize.o
> CC x86_64-softmmu/memory.o
> CC x86_64-softmmu/memory_mapping.o
> CC x86_64-softmmu/dump.o
> CC x86_64-softmmu/migration/ram.o
> CC x86_64-softmmu/accel/accel.o
> CC x86_64-softmmu/accel/stubs/hvf-stub.o
> CC x86_64-softmmu/accel/stubs/whpx-stub.o
> CC aarch64-softmmu/disas.o
> CC aarch64-softmmu/fpu/softfloat.o
> CC x86_64-softmmu/accel/stubs/kvm-stub.o
> GEN aarch64-softmmu/gdbstub-xml.c
> CC aarch64-softmmu/arch_init.o
> CC aarch64-softmmu/cpus.o
> CC x86_64-softmmu/accel/tcg/tcg-all.o
> CC aarch64-softmmu/monitor.o
> CC aarch64-softmmu/gdbstub.o
> CC x86_64-softmmu/accel/tcg/cputlb.o
> CC x86_64-softmmu/accel/tcg/tcg-runtime.o
> CC x86_64-softmmu/accel/tcg/tcg-runtime-gvec.o
> CC x86_64-softmmu/accel/tcg/cpu-exec.o
> CC x86_64-softmmu/accel/tcg/cpu-exec-common.o
> CC x86_64-softmmu/accel/tcg/translate-all.o
> CC x86_64-softmmu/accel/tcg/translator.o
> CC x86_64-softmmu/hw/block/virtio-blk.o
> CC x86_64-softmmu/hw/block/dataplane/virtio-blk.o
> CC x86_64-softmmu/hw/char/virtio-serial-bus.o
> CC x86_64-softmmu/hw/core/generic-loader.o
> CC x86_64-softmmu/hw/core/null-machine.o
> CC x86_64-softmmu/hw/display/vga.o
> CC x86_64-softmmu/hw/display/virtio-gpu.o
> CC x86_64-softmmu/hw/display/virtio-gpu-3d.o
> CC x86_64-softmmu/hw/display/virtio-gpu-pci.o
> CC x86_64-softmmu/hw/display/virtio-vga.o
> CC x86_64-softmmu/hw/intc/apic.o
> CC x86_64-softmmu/hw/intc/apic_common.o
> CC x86_64-softmmu/hw/intc/ioapic.o
> CC x86_64-softmmu/hw/isa/lpc_ich9.o
> CC x86_64-softmmu/hw/misc/pvpanic.o
> CC aarch64-softmmu/ioport.o
> CC aarch64-softmmu/balloon.o
> CC x86_64-softmmu/hw/misc/mmio_interface.o
> CC aarch64-softmmu/numa.o
> CC aarch64-softmmu/qtest.o
> CC aarch64-softmmu/memory.o
> CC x86_64-softmmu/hw/net/virtio-net.o
> CC x86_64-softmmu/hw/net/vhost_net.o
> CC aarch64-softmmu/memory_mapping.o
> CC x86_64-softmmu/hw/scsi/virtio-scsi.o
> CC aarch64-softmmu/dump.o
> CC x86_64-softmmu/hw/scsi/virtio-scsi-dataplane.o
> CC aarch64-softmmu/migration/ram.o
> CC aarch64-softmmu/accel/accel.o
> CC x86_64-softmmu/hw/timer/mc146818rtc.o
> CC aarch64-softmmu/accel/stubs/hax-stub.o
> CC x86_64-softmmu/hw/virtio/virtio.o
> CC x86_64-softmmu/hw/virtio/virtio-balloon.o
> CC x86_64-softmmu/hw/virtio/virtio-crypto.o
> CC x86_64-softmmu/hw/virtio/virtio-crypto-pci.o
> CC x86_64-softmmu/hw/i386/multiboot.o
> CC aarch64-softmmu/accel/stubs/whpx-stub.o
> CC x86_64-softmmu/hw/i386/pc.o
> CC aarch64-softmmu/accel/stubs/hvf-stub.o
> CC x86_64-softmmu/hw/i386/pc_piix.o
> CC aarch64-softmmu/accel/stubs/kvm-stub.o
> CC x86_64-softmmu/hw/i386/pc_q35.o
> CC aarch64-softmmu/accel/tcg/tcg-all.o
> CC aarch64-softmmu/accel/tcg/cputlb.o
> CC aarch64-softmmu/accel/tcg/tcg-runtime.o
> CC aarch64-softmmu/accel/tcg/tcg-runtime-gvec.o
> CC aarch64-softmmu/accel/tcg/cpu-exec.o
> CC x86_64-softmmu/hw/i386/pc_sysfw.o
> CC aarch64-softmmu/accel/tcg/cpu-exec-common.o
> CC x86_64-softmmu/hw/i386/x86-iommu.o
> CC x86_64-softmmu/hw/i386/intel_iommu.o
> CC aarch64-softmmu/accel/tcg/translate-all.o
> CC x86_64-softmmu/hw/i386/amd_iommu.o
> CC aarch64-softmmu/accel/tcg/translator.o
> CC aarch64-softmmu/hw/adc/stm32f2xx_adc.o
> CC x86_64-softmmu/hw/i386/vmport.o
> CC aarch64-softmmu/hw/block/virtio-blk.o
> CC aarch64-softmmu/hw/block/dataplane/virtio-blk.o
> CC aarch64-softmmu/hw/char/exynos4210_uart.o
> CC x86_64-softmmu/hw/i386/vmmouse.o
> CC aarch64-softmmu/hw/char/omap_uart.o
> CC x86_64-softmmu/hw/i386/kvmvapic.o
> CC x86_64-softmmu/hw/i386/acpi-build.o
> CC aarch64-softmmu/hw/char/digic-uart.o
> CC x86_64-softmmu/target/i386/helper.o
> CC aarch64-softmmu/hw/char/stm32f2xx_usart.o
> CC aarch64-softmmu/hw/char/bcm2835_aux.o
> CC aarch64-softmmu/hw/char/virtio-serial-bus.o
> CC aarch64-softmmu/hw/core/generic-loader.o
> CC x86_64-softmmu/target/i386/cpu.o
> In file included from /tmp/qemu-test/src/target/i386/helper.c:24:0:
> /tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
> #include <linux/kvm.h>
> ^~~~~~~~~~~~~
> compilation terminated.
> make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/helper.o] Error 1
> make[1]: *** Waiting for unfinished jobs....
> CC aarch64-softmmu/hw/core/null-machine.o
> CC aarch64-softmmu/hw/cpu/arm11mpcore.o
> CC aarch64-softmmu/hw/cpu/realview_mpcore.o
> CC aarch64-softmmu/hw/cpu/a9mpcore.o
> CC aarch64-softmmu/hw/cpu/a15mpcore.o
> CC aarch64-softmmu/hw/display/omap_dss.o
> In file included from /tmp/qemu-test/src/target/i386/cpu.c:29:0:
> /tmp/qemu-test/src/target/i386/sev_i386.h:17:10: fatal error: linux/kvm.h: No such file or directory
> #include <linux/kvm.h>
> ^~~~~~~~~~~~~
> compilation terminated.
> make[1]: *** [/tmp/qemu-test/src/rules.mak:66: target/i386/cpu.o] Error 1
> make: *** [Makefile:472: subdir-x86_64-softmmu] Error 2
> make: *** Waiting for unfinished jobs....
> CC aarch64-softmmu/hw/display/omap_lcdc.o
> CC aarch64-softmmu/hw/display/pxa2xx_lcd.o
> CC aarch64-softmmu/hw/display/bcm2835_fb.o
> CC aarch64-softmmu/hw/display/vga.o
> CC aarch64-softmmu/hw/display/virtio-gpu.o
> CC aarch64-softmmu/hw/display/virtio-gpu-3d.o
> CC aarch64-softmmu/hw/display/virtio-gpu-pci.o
> CC aarch64-softmmu/hw/display/dpcd.o
> CC aarch64-softmmu/hw/display/xlnx_dp.o
> CC aarch64-softmmu/hw/dma/xlnx_dpdma.o
> CC aarch64-softmmu/hw/dma/omap_dma.o
> CC aarch64-softmmu/hw/dma/soc_dma.o
> CC aarch64-softmmu/hw/dma/pxa2xx_dma.o
> CC aarch64-softmmu/hw/dma/bcm2835_dma.o
> CC aarch64-softmmu/hw/gpio/omap_gpio.o
> CC aarch64-softmmu/hw/gpio/imx_gpio.o
> CC aarch64-softmmu/hw/gpio/bcm2835_gpio.o
> CC aarch64-softmmu/hw/i2c/omap_i2c.o
> CC aarch64-softmmu/hw/input/pxa2xx_keypad.o
> CC aarch64-softmmu/hw/input/tsc210x.o
> CC aarch64-softmmu/hw/intc/armv7m_nvic.o
> CC aarch64-softmmu/hw/intc/exynos4210_gic.o
> CC aarch64-softmmu/hw/intc/exynos4210_combiner.o
> CC aarch64-softmmu/hw/intc/omap_intc.o
> CC aarch64-softmmu/hw/intc/bcm2835_ic.o
> CC aarch64-softmmu/hw/intc/bcm2836_control.o
> CC aarch64-softmmu/hw/intc/allwinner-a10-pic.o
> CC aarch64-softmmu/hw/intc/aspeed_vic.o
> CC aarch64-softmmu/hw/intc/arm_gicv3_cpuif.o
> CC aarch64-softmmu/hw/misc/arm_sysctl.o
> CC aarch64-softmmu/hw/misc/cbus.o
> CC aarch64-softmmu/hw/misc/exynos4210_pmu.o
> CC aarch64-softmmu/hw/misc/exynos4210_clk.o
> CC aarch64-softmmu/hw/misc/exynos4210_rng.o
> CC aarch64-softmmu/hw/misc/imx_ccm.o
> CC aarch64-softmmu/hw/misc/imx31_ccm.o
> CC aarch64-softmmu/hw/misc/imx25_ccm.o
> CC aarch64-softmmu/hw/misc/imx6_ccm.o
> CC aarch64-softmmu/hw/misc/imx6_src.o
> CC aarch64-softmmu/hw/misc/imx7_ccm.o
> CC aarch64-softmmu/hw/misc/imx2_wdt.o
> CC aarch64-softmmu/hw/misc/imx7_snvs.o
> CC aarch64-softmmu/hw/misc/imx7_gpr.o
> CC aarch64-softmmu/hw/misc/mst_fpga.o
> CC aarch64-softmmu/hw/misc/omap_clk.o
> CC aarch64-softmmu/hw/misc/omap_gpmc.o
> CC aarch64-softmmu/hw/misc/omap_l4.o
> CC aarch64-softmmu/hw/misc/omap_sdrc.o
> CC aarch64-softmmu/hw/misc/omap_tap.o
> CC aarch64-softmmu/hw/misc/bcm2835_mbox.o
> CC aarch64-softmmu/hw/misc/bcm2835_property.o
> CC aarch64-softmmu/hw/misc/bcm2835_rng.o
> CC aarch64-softmmu/hw/misc/zynq_slcr.o
> CC aarch64-softmmu/hw/misc/zynq-xadc.o
> CC aarch64-softmmu/hw/misc/stm32f2xx_syscfg.o
> CC aarch64-softmmu/hw/misc/mps2-fpgaio.o
> CC aarch64-softmmu/hw/misc/mps2-scc.o
> CC aarch64-softmmu/hw/misc/tz-ppc.o
> CC aarch64-softmmu/hw/misc/iotkit-secctl.o
> CC aarch64-softmmu/hw/misc/auxbus.o
> CC aarch64-softmmu/hw/misc/aspeed_scu.o
> CC aarch64-softmmu/hw/misc/aspeed_sdmc.o
> CC aarch64-softmmu/hw/misc/mmio_interface.o
> CC aarch64-softmmu/hw/misc/msf2-sysreg.o
> CC aarch64-softmmu/hw/net/virtio-net.o
> CC aarch64-softmmu/hw/net/vhost_net.o
> CC aarch64-softmmu/hw/pcmcia/pxa2xx.o
> CC aarch64-softmmu/hw/scsi/virtio-scsi.o
> CC aarch64-softmmu/hw/scsi/virtio-scsi-dataplane.o
> CC aarch64-softmmu/hw/sd/omap_mmc.o
> CC aarch64-softmmu/hw/sd/pxa2xx_mmci.o
> CC aarch64-softmmu/hw/sd/bcm2835_sdhost.o
> CC aarch64-softmmu/hw/ssi/omap_spi.o
> CC aarch64-softmmu/hw/ssi/imx_spi.o
> CC aarch64-softmmu/hw/timer/exynos4210_mct.o
> CC aarch64-softmmu/hw/timer/exynos4210_pwm.o
> CC aarch64-softmmu/hw/timer/exynos4210_rtc.o
> CC aarch64-softmmu/hw/timer/omap_gptimer.o
> CC aarch64-softmmu/hw/timer/omap_synctimer.o
> CC aarch64-softmmu/hw/timer/pxa2xx_timer.o
> CC aarch64-softmmu/hw/timer/digic-timer.o
> CC aarch64-softmmu/hw/timer/allwinner-a10-pit.o
> CC aarch64-softmmu/hw/usb/tusb6010.o
> CC aarch64-softmmu/hw/usb/chipidea.o
> CC aarch64-softmmu/hw/virtio/virtio.o
> CC aarch64-softmmu/hw/virtio/virtio-balloon.o
> CC aarch64-softmmu/hw/virtio/virtio-crypto.o
> CC aarch64-softmmu/hw/virtio/virtio-crypto-pci.o
> CC aarch64-softmmu/hw/arm/boot.o
> CC aarch64-softmmu/hw/arm/collie.o
> CC aarch64-softmmu/hw/arm/exynos4_boards.o
> CC aarch64-softmmu/hw/arm/gumstix.o
> CC aarch64-softmmu/hw/arm/highbank.o
> CC aarch64-softmmu/hw/arm/digic_boards.o
> CC aarch64-softmmu/hw/arm/integratorcp.o
> CC aarch64-softmmu/hw/arm/mainstone.o
> CC aarch64-softmmu/hw/arm/musicpal.o
> CC aarch64-softmmu/hw/arm/nseries.o
> CC aarch64-softmmu/hw/arm/omap_sx1.o
> CC aarch64-softmmu/hw/arm/palm.o
> CC aarch64-softmmu/hw/arm/realview.o
> CC aarch64-softmmu/hw/arm/spitz.o
> CC aarch64-softmmu/hw/arm/stellaris.o
> CC aarch64-softmmu/hw/arm/tosa.o
> CC aarch64-softmmu/hw/arm/versatilepb.o
> CC aarch64-softmmu/hw/arm/vexpress.o
> CC aarch64-softmmu/hw/arm/virt.o
> CC aarch64-softmmu/hw/arm/xilinx_zynq.o
> CC aarch64-softmmu/hw/arm/z2.o
> CC aarch64-softmmu/hw/arm/virt-acpi-build.o
> CC aarch64-softmmu/hw/arm/netduino2.o
> CC aarch64-softmmu/hw/arm/sysbus-fdt.o
> CC aarch64-softmmu/hw/arm/armv7m.o
> CC aarch64-softmmu/hw/arm/exynos4210.o
> CC aarch64-softmmu/hw/arm/pxa2xx.o
> CC aarch64-softmmu/hw/arm/pxa2xx_gpio.o
> CC aarch64-softmmu/hw/arm/pxa2xx_pic.o
> CC aarch64-softmmu/hw/arm/digic.o
> CC aarch64-softmmu/hw/arm/omap1.o
> CC aarch64-softmmu/hw/arm/omap2.o
> CC aarch64-softmmu/hw/arm/strongarm.o
> CC aarch64-softmmu/hw/arm/allwinner-a10.o
> CC aarch64-softmmu/hw/arm/cubieboard.o
> CC aarch64-softmmu/hw/arm/bcm2835_peripherals.o
> CC aarch64-softmmu/hw/arm/bcm2836.o
> CC aarch64-softmmu/hw/arm/raspi.o
> CC aarch64-softmmu/hw/arm/stm32f205_soc.o
> CC aarch64-softmmu/hw/arm/xlnx-zynqmp.o
> CC aarch64-softmmu/hw/arm/xlnx-zcu102.o
> CC aarch64-softmmu/hw/arm/fsl-imx25.o
> CC aarch64-softmmu/hw/arm/imx25_pdk.o
> CC aarch64-softmmu/hw/arm/fsl-imx31.o
> CC aarch64-softmmu/hw/arm/kzm.o
> CC aarch64-softmmu/hw/arm/fsl-imx6.o
> CC aarch64-softmmu/hw/arm/sabrelite.o
> CC aarch64-softmmu/hw/arm/aspeed_soc.o
> CC aarch64-softmmu/hw/arm/aspeed.o
> CC aarch64-softmmu/hw/arm/mps2.o
> CC aarch64-softmmu/hw/arm/mps2-tz.o
> CC aarch64-softmmu/hw/arm/msf2-soc.o
> CC aarch64-softmmu/hw/arm/msf2-som.o
> CC aarch64-softmmu/hw/arm/iotkit.o
> CC aarch64-softmmu/target/arm/arm-semi.o
> CC aarch64-softmmu/target/arm/machine.o
> CC aarch64-softmmu/target/arm/psci.o
> CC aarch64-softmmu/target/arm/arch_dump.o
> CC aarch64-softmmu/target/arm/monitor.o
> CC aarch64-softmmu/target/arm/kvm-stub.o
> CC aarch64-softmmu/target/arm/translate.o
> CC aarch64-softmmu/target/arm/op_helper.o
> CC aarch64-softmmu/target/arm/helper.o
> CC aarch64-softmmu/target/arm/cpu.o
> CC aarch64-softmmu/target/arm/neon_helper.o
> CC aarch64-softmmu/target/arm/iwmmxt_helper.o
> CC aarch64-softmmu/target/arm/vec_helper.o
> CC aarch64-softmmu/target/arm/gdbstub.o
> CC aarch64-softmmu/target/arm/cpu64.o
> CC aarch64-softmmu/target/arm/translate-a64.o
> CC aarch64-softmmu/target/arm/helper-a64.o
> CC aarch64-softmmu/target/arm/gdbstub64.o
> CC aarch64-softmmu/target/arm/crypto_helper.o
> CC aarch64-softmmu/target/arm/arm-powerctl.o
> GEN trace/generated-helpers.c
> CC aarch64-softmmu/trace/control-target.o
> CC aarch64-softmmu/gdbstub-xml.o
> CC aarch64-softmmu/trace/generated-helpers.o
> LINK aarch64-softmmu/qemu-system-aarch64w.exe
> GEN aarch64-softmmu/qemu-system-aarch64.exe
> Traceback (most recent call last):
> File "./tests/docker/docker.py", line 407, in <module>
> sys.exit(main())
> File "./tests/docker/docker.py", line 404, in main
> return args.cmdobj.run(args, argv)
> File "./tests/docker/docker.py", line 261, in run
> return Docker().run(argv, args.keep, quiet=args.quiet)
> File "./tests/docker/docker.py", line 229, in run
> quiet=quiet)
> File "./tests/docker/docker.py", line 147, in _do_check
> return subprocess.check_call(self._command + cmd, **kwargs)
> File "/usr/lib64/python2.7/subprocess.py", line 186, in check_call
> raise CalledProcessError(retcode, cmd)
> subprocess.CalledProcessError: Command '['docker', 'run', '--label', 'com.qemu.instance.uuid=9bef6af0222b11e8bca752540069c830', '-u', '0', '--security-opt', 'seccomp=unconfined', '--rm', '--net=none', '-e', 'TARGET_LIST=', '-e', 'EXTRA_CONFIGURE_OPTS=', '-e', 'V=', '-e', 'J=8', '-e', 'DEBUG=', '-e', 'SHOW_ENV=1', '-e', 'CCACHE_DIR=/var/tmp/ccache', '-v', '/root/.cache/qemu-docker-ccache:/var/tmp/ccache:z', '-v', '/var/tmp/patchew-tester-tmp-99e1alq5/src/docker-src.2018-03-07-12.18.40.16945:/var/tmp/qemu:z,ro', 'qemu:fedora', '/var/tmp/qemu/run', 'test-mingw']' returned non-zero exit status 2
> make[1]: *** [tests/docker/Makefile.include:129: docker-run] Error 1
> make[1]: Leaving directory '/var/tmp/patchew-tester-tmp-99e1alq5/src'
> make: *** [tests/docker/Makefile.include:163: docker-run-test-mingw@fedora] Error 2
>
> real 5m52.411s
> user 0m4.700s
> sys 0m4.017s
> === OUTPUT END ===
>
> Test command exited with code: 2
>
>
> ---
> Email generated automatically by Patchew [http://patchew.org/].
> Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply related [flat|nested] 74+ messages in thread
* Re: [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
2018-03-07 20:35 ` [Qemu-devel] " Brijesh Singh
@ 2018-03-08 1:10 ` Fam Zheng
-1 siblings, 0 replies; 74+ messages in thread
From: Fam Zheng @ 2018-03-08 1:10 UTC (permalink / raw)
To: Brijesh Singh
Cc: edgar.iglesias, Peter Maydell, bp, Eduardo Habkost, kvm, mst,
Stefan Hajnoczi, alistair.francis, crosthwaite.peter,
Richard Henderson, agraf, QEMU Developers, Christian Borntraeger,
dgilbert, marcel, Paolo Bonzini, Thomas.Lendacky, brogers,
cornelia.huck, Markus Armbruster
On Thu, Mar 8, 2018 at 4:35 AM, Brijesh Singh <brijesh.singh@amd.com> wrote:
> Hi,
>
> I have root caused and fixed the build issue seen with mingw32 compiler,
> the patch is very trivial (see below).
>
> I am looking for direction on how to submit the fix, should I resubmit
> the whole series or just send the updated patch marked as "Patch v11.1
> ..." ? The "patch v11 11/28" included these headers in sev_i386.h, we
> need to move them in sev.c to fix this issue.
Please increment the version number and submit another whole series.
Fam
^ permalink raw reply [flat|nested] 74+ messages in thread
* Re: [Qemu-devel] [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD)
@ 2018-03-08 1:10 ` Fam Zheng
0 siblings, 0 replies; 74+ messages in thread
From: Fam Zheng @ 2018-03-08 1:10 UTC (permalink / raw)
To: Brijesh Singh
Cc: QEMU Developers, Peter Maydell, kvm, mst, Stefan Hajnoczi, agraf,
edgar.iglesias, Markus Armbruster, brogers,
Christian Borntraeger, marcel, bp, Thomas.Lendacky,
Eduardo Habkost, Richard Henderson, dgilbert, alistair.francis,
cornelia.huck, crosthwaite.peter, Paolo Bonzini
On Thu, Mar 8, 2018 at 4:35 AM, Brijesh Singh <brijesh.singh@amd.com> wrote:
> Hi,
>
> I have root caused and fixed the build issue seen with mingw32 compiler,
> the patch is very trivial (see below).
>
> I am looking for direction on how to submit the fix, should I resubmit
> the whole series or just send the updated patch marked as "Patch v11.1
> ..." ? The "patch v11 11/28" included these headers in sev_i386.h, we
> need to move them in sev.c to fix this issue.
Please increment the version number and submit another whole series.
Fam
^ permalink raw reply [flat|nested] 74+ messages in thread
end of thread, other threads:[~2018-03-08 1:11 UTC | newest]
Thread overview: 74+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-07 16:50 [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 01/28] memattrs: add debug attribute Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 02/28] exec: add ram_debug_ops support Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 03/28] exec: add debug version of physical memory read and write API Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 04/28] monitor/i386: use debug APIs when accessing guest memory Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 05/28] machine: add -memory-encryption property Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 06/28] kvm: update kvm.h to include memory encryption ioctls Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 07/28] docs: add AMD Secure Encrypted Virtualization (SEV) Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 08/28] target/i386: add Secure Encrypted Virtulization (SEV) object Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 09/28] qmp: add query-sev command Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 10/28] include: add psp-sev.h header file Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 11/28] sev/i386: add command to initialize the memory encryption context Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 12/28] sev/i386: register the guest memory range which may contain encrypted data Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 13/28] kvm: introduce memory encryption APIs Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 14/28] hmp: add 'info sev' command Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 15/28] sev/i386: add command to create launch memory encryption context Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 16/28] sev/i386: add command to encrypt guest memory region Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 17/28] target/i386: encrypt bios rom Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 18/28] sev/i386: add support to LAUNCH_MEASURE command Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 19/28] sev/i386: finalize the SEV guest launch flow Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 20/28] hw/i386: set ram_debug_ops when memory encryption is enabled Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 21/28] sev/i386: add debug encrypt and decrypt commands Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 17:27 ` Dr. David Alan Gilbert
2018-03-07 17:27 ` [Qemu-devel] " Dr. David Alan Gilbert
2018-03-07 17:40 ` Brijesh Singh
2018-03-07 17:40 ` [Qemu-devel] " Brijesh Singh
2018-03-07 18:24 ` Dr. David Alan Gilbert
2018-03-07 18:24 ` [Qemu-devel] " Dr. David Alan Gilbert
2018-03-07 19:38 ` Brijesh Singh
2018-03-07 19:38 ` [Qemu-devel] " Brijesh Singh
2018-03-07 20:11 ` Dr. David Alan Gilbert
2018-03-07 20:11 ` [Qemu-devel] " Dr. David Alan Gilbert
2018-03-07 16:50 ` [PATCH v11 22/28] target/i386: clear C-bit when walking SEV guest page table Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 23/28] qmp: add query-sev-launch-measure command Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 24/28] sev/i386: add migration blocker Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 25/28] cpu/i386: populate CPUID 0x8000_001F when SEV is active Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 26/28] qmp: add query-sev-capabilities command Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 27/28] sev/i386: add sev_get_capabilities() Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 16:50 ` [PATCH v11 28/28] tests/qmp-test: blacklist sev specific qmp commands Brijesh Singh
2018-03-07 16:50 ` [Qemu-devel] " Brijesh Singh
2018-03-07 17:24 ` [PATCH v11 00/28] x86: Secure Encrypted Virtualization (AMD) no-reply
2018-03-07 17:24 ` [Qemu-devel] " no-reply
2018-03-07 20:35 ` Brijesh Singh
2018-03-07 20:35 ` [Qemu-devel] " Brijesh Singh
2018-03-08 1:10 ` Fam Zheng
2018-03-08 1:10 ` [Qemu-devel] " Fam Zheng
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.