From: David Gibson <david@gibson.dropbear.id.au>
To: dgilbert@redhat.com, frankja@linux.ibm.com, pair@us.redhat.com,
qemu-devel@nongnu.org, brijesh.singh@amd.com
Cc: kvm@vger.kernel.org, qemu-ppc@nongnu.org,
David Gibson <david@gibson.dropbear.id.au>,
Richard Henderson <rth@twiddle.net>,
cohuck@redhat.com, Paolo Bonzini <pbonzini@redhat.com>,
Marcel Apfelbaum <marcel.apfelbaum@gmail.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Eduardo Habkost <ehabkost@redhat.com>,
qemu-devel@nongnu.-rg, mdroth@linux.vnet.ibm.com
Subject: [RFC 10/18] guest memory protection: Add guest memory protection interface
Date: Thu, 14 May 2020 16:41:12 +1000 [thread overview]
Message-ID: <20200514064120.449050-11-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20200514064120.449050-1-david@gibson.dropbear.id.au>
Several architectures have mechanisms which are designed to protect guest
memory from interference or eavesdropping by a compromised hypervisor. AMD
SEV does this with in-chip memory encryption and Intel has a similar
mechanism. POWER's Protected Execution Framework (PEF) accomplishes a
similar goal using an ultravisor and new memory protection features,
instead of encryption.
This introduces a new GuestMemoryProtection QOM interface which we'll use
to (partially) unify handling of these various mechanisms.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
backends/Makefile.objs | 2 ++
backends/guest-memory-protection.c | 29 +++++++++++++++++++++
include/exec/guest-memory-protection.h | 36 ++++++++++++++++++++++++++
3 files changed, 67 insertions(+)
create mode 100644 backends/guest-memory-protection.c
create mode 100644 include/exec/guest-memory-protection.h
diff --git a/backends/Makefile.objs b/backends/Makefile.objs
index 28a847cd57..e4fb4f5280 100644
--- a/backends/Makefile.objs
+++ b/backends/Makefile.objs
@@ -21,3 +21,5 @@ common-obj-$(CONFIG_LINUX) += hostmem-memfd.o
common-obj-$(CONFIG_GIO) += dbus-vmstate.o
dbus-vmstate.o-cflags = $(GIO_CFLAGS)
dbus-vmstate.o-libs = $(GIO_LIBS)
+
+common-obj-y += guest-memory-protection.o
diff --git a/backends/guest-memory-protection.c b/backends/guest-memory-protection.c
new file mode 100644
index 0000000000..7e538214f7
--- /dev/null
+++ b/backends/guest-memory-protection.c
@@ -0,0 +1,29 @@
+#/*
+ * QEMU Guest Memory Protection interface
+ *
+ * Copyright: David Gibson, Red Hat Inc. 2020
+ *
+ * Authors:
+ * David Gibson <david@gibson.dropbear.id.au>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later. See the COPYING file in the top-level directory.
+ *
+ */
+
+#include "qemu/osdep.h"
+
+#include "exec/guest-memory-protection.h"
+
+static const TypeInfo guest_memory_protection_info = {
+ .name = TYPE_GUEST_MEMORY_PROTECTION,
+ .parent = TYPE_INTERFACE,
+ .class_size = sizeof(GuestMemoryProtectionClass),
+};
+
+static void guest_memory_protection_register_types(void)
+{
+ type_register_static(&guest_memory_protection_info);
+}
+
+type_init(guest_memory_protection_register_types)
diff --git a/include/exec/guest-memory-protection.h b/include/exec/guest-memory-protection.h
new file mode 100644
index 0000000000..38e9b01667
--- /dev/null
+++ b/include/exec/guest-memory-protection.h
@@ -0,0 +1,36 @@
+#/*
+ * QEMU Guest Memory Protection interface
+ *
+ * Copyright: David Gibson, Red Hat Inc. 2020
+ *
+ * Authors:
+ * David Gibson <david@gibson.dropbear.id.au>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * later. See the COPYING file in the top-level directory.
+ *
+ */
+#ifndef QEMU_GUEST_MEMORY_PROTECTION_H
+#define QEMU_GUEST_MEMORY_PROTECTION_H
+
+#include "qom/object.h"
+
+typedef struct GuestMemoryProtection GuestMemoryProtection;
+
+#define TYPE_GUEST_MEMORY_PROTECTION "guest-memory-protection"
+#define GUEST_MEMORY_PROTECTION(obj) \
+ INTERFACE_CHECK(GuestMemoryProtection, (obj), \
+ TYPE_GUEST_MEMORY_PROTECTION)
+#define GUEST_MEMORY_PROTECTION_CLASS(klass) \
+ OBJECT_CLASS_CHECK(GuestMemoryProtectionClass, (klass), \
+ TYPE_GUEST_MEMORY_PROTECTION)
+#define GUEST_MEMORY_PROTECTION_GET_CLASS(obj) \
+ OBJECT_GET_CLASS(GuestMemoryProtectionClass, (obj), \
+ TYPE_GUEST_MEMORY_PROTECTION)
+
+typedef struct GuestMemoryProtectionClass {
+ InterfaceClass parent;
+} GuestMemoryProtectionClass;
+
+#endif /* QEMU_GUEST_MEMORY_PROTECTION_H */
+
--
2.26.2
next prev parent reply other threads:[~2020-05-14 6:41 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 6:41 [RFC 00/18] Refactor configuration of guest memory protection David Gibson
2020-05-14 6:41 ` [RFC 01/18] target/i386: sev: Remove unused QSevGuestInfoClass David Gibson
2020-05-14 6:41 ` [RFC 02/18] target/i386: sev: Move local structure definitions into .c file David Gibson
2020-05-14 6:41 ` [RFC 03/18] target/i386: sev: Rename QSevGuestInfo David Gibson
2020-05-14 6:41 ` [RFC 04/18] target/i386: sev: Embed SEVState in SevGuestState David Gibson
2020-05-14 6:41 ` [RFC 05/18] target/i386: sev: Partial cleanup to sev_state global David Gibson
2020-05-14 6:41 ` [RFC 06/18] target/i386: sev: Remove redundant cbitpos and reduced_phys_bits fields David Gibson
2020-05-14 6:41 ` [RFC 07/18] target/i386: sev: Remove redundant policy field David Gibson
2020-05-14 6:41 ` [RFC 08/18] target/i386: sev: Remove redundant handle field David Gibson
2020-05-14 6:41 ` [RFC 09/18] target/i386: sev: Unify SEVState and SevGuestState David Gibson
2020-05-14 6:41 ` David Gibson [this message]
2020-05-14 6:41 ` [RFC 11/18] guest memory protection: Handle memory encrption via interface David Gibson
2020-05-14 6:41 ` [RFC 12/18] guest memory protection: Perform KVM init " David Gibson
2020-05-14 6:41 ` [RFC 13/18] guest memory protection: Move side effect out of machine_set_memory_encryption() David Gibson
2020-05-14 6:41 ` [RFC 14/18] guest memory protection: Rework the "memory-encryption" property David Gibson
2020-05-14 6:41 ` [RFC 15/18] guest memory protection: Decouple kvm_memcrypt_*() helpers from KVM David Gibson
2020-05-14 6:41 ` [RFC 16/18] use errp for gmpo kvm_init David Gibson
2020-05-14 17:09 ` Dr. David Alan Gilbert
2020-05-15 0:14 ` David Gibson
2020-05-15 0:20 ` David Gibson
2020-05-14 6:41 ` [RFC 17/18] spapr: Added PEF based guest memory protection David Gibson
2020-05-14 6:41 ` [RFC 18/18] guest memory protection: Alter virtio default properties for protected guests David Gibson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200514064120.449050-11-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=brijesh.singh@amd.com \
--cc=cohuck@redhat.com \
--cc=dgilbert@redhat.com \
--cc=ehabkost@redhat.com \
--cc=frankja@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=marcel.apfelbaum@gmail.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=mst@redhat.com \
--cc=pair@us.redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.-rg \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=rth@twiddle.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).