[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC PATCH v2 6/9] i386/sev: Replace LAUNCH_MEASURE ioctl with sev libra
|
From: |
Tyler Fanelli |
|
Subject: |
[RFC PATCH v2 6/9] i386/sev: Replace LAUNCH_MEASURE ioctl with sev library equivalent |
|
Date: |
Wed, 4 Oct 2023 16:34:15 -0400 |
The LAUNCH_MEASURE API returns the measurement of the launched guest's
memory pages (and VMCB save areas if ES is enabled). The caller is
responsible for ensuring that the pointer (identified as the "data"
argument) is a valid pointer that can hold the guest's measurement (a
measurement in SEV is 48 bytes in size).
If this API ioctl call fails, fw_error will be set accordingly.
Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
---
target/i386/sev.c | 24 ++++++------------------
target/i386/sev.h | 2 ++
2 files changed, 8 insertions(+), 18 deletions(-)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index a5bd1653ef..3e2a3e07a7 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -721,7 +721,6 @@ sev_launch_get_measure(Notifier *notifier, void *unused)
SevGuestState *sev = sev_guest;
int ret, fw_error;
g_autofree guchar *data = NULL;
- struct kvm_sev_launch_measure measurement = {};
KVMState *s = kvm_state;
if (!sev_check_state(sev, SEV_STATE_LAUNCH_UPDATE)) {
@@ -738,31 +737,20 @@ sev_launch_get_measure(Notifier *notifier, void *unused)
}
}
- /* query the measurement blob length */
- ret = sev_ioctl(sev->sev_fd, KVM_SEV_LAUNCH_MEASURE,
- &measurement, &fw_error);
- if (!measurement.len) {
- error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
- __func__, ret, fw_error, fw_error_to_str(fw_error));
- return;
- }
+ data = g_malloc(SEV_MEASUREMENT_SIZE);
- data = g_new0(guchar, measurement.len);
- measurement.uaddr = (unsigned long)data;
-
- /* get the measurement blob */
- ret = sev_ioctl(sev->sev_fd, KVM_SEV_LAUNCH_MEASURE,
- &measurement, &fw_error);
+ ret = sev_launch_measure(s->vmfd, data, &fw_error);
if (ret) {
- error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'",
- __func__, ret, fw_error, fw_error_to_str(fw_error));
+ error_report("%s: LAUNCH_MEASURE ret=%d fw_error=%d '%s'", __func__,
+ ret, fw_error, fw_error_to_str(fw_error));
+
return;
}
sev_set_guest_state(sev, SEV_STATE_LAUNCH_SECRET);
/* encode the measurement value and emit the event */
- sev->measurement = g_base64_encode(data, measurement.len);
+ sev->measurement = g_base64_encode(data, SEV_MEASUREMENT_SIZE);
trace_kvm_sev_launch_measurement(sev->measurement);
}
diff --git a/target/i386/sev.h b/target/i386/sev.h
index e7499c95b1..acb181358e 100644
--- a/target/i386/sev.h
+++ b/target/i386/sev.h
@@ -38,6 +38,8 @@ typedef struct SevKernelLoaderContext {
size_t cmdline_size;
} SevKernelLoaderContext;
+#define SEV_MEASUREMENT_SIZE 48
+
#ifdef CONFIG_SEV
bool sev_enabled(void);
bool sev_es_enabled(void);
--
2.40.1
- [RFC PATCH v2 0/9] i386/sev: Use C API of Rust SEV library, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 3/9] i386/sev: Replace LAUNCH_START ioctl with sev library equivalent, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 6/9] i386/sev: Replace LAUNCH_MEASURE ioctl with sev library equivalent,
Tyler Fanelli <=
- [RFC PATCH v2 4/9] i386/sev: Replace UPDATE_DATA ioctl with sev library equivalent, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 2/9] i386/sev: Replace INIT and ES_INIT ioctls with sev library equivalents, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 7/9] i386/sev: Replace LAUNCH_SECRET ioctl with sev library equivalent, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 5/9] i386/sev: Replace LAUNCH_UPDATE_VMSA ioctl with sev library equivalent, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 8/9] i386/sev: Replace LAUNCH_FINISH ioctl with sev library equivalent, Tyler Fanelli, 2023/10/04
- [RFC PATCH v2 1/9] Add Rust SEV library as subproject, Tyler Fanelli, 2023/10/04