[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[RFC PATCH 4/8] i386/sev: Replace UPDATE_DATA ioctl with sev library equ
|
From: |
Tyler Fanelli |
|
Subject: |
[RFC PATCH 4/8] i386/sev: Replace UPDATE_DATA ioctl with sev library equivalent |
|
Date: |
Thu, 14 Sep 2023 12:33:55 -0400 |
UPDATE_DATA takes the VM's file descriptor, a guest memory region to
be encrypted, as well as the size of the aforementioned guest memory
region.
If this API ioctl call fails, fw_error will be set accordingly.
Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
---
target/i386/sev.c | 31 ++++++-------------------------
1 file changed, 6 insertions(+), 25 deletions(-)
diff --git a/target/i386/sev.c b/target/i386/sev.c
index 49be072cbc..615021a1a3 100644
--- a/target/i386/sev.c
+++ b/target/i386/sev.c
@@ -715,29 +715,6 @@ sev_read_file_base64(const char *filename, guchar **data,
gsize *len)
return 0;
}
-static int
-sev_launch_update_data(SevGuestState *sev, uint8_t *addr, uint64_t len)
-{
- int ret, fw_error;
- struct kvm_sev_launch_update_data update;
-
- if (!addr || !len) {
- return 1;
- }
-
- update.uaddr = (__u64)(unsigned long)addr;
- update.len = len;
- trace_kvm_sev_launch_update_data(addr, len);
- ret = sev_ioctl(sev->sev_fd, KVM_SEV_LAUNCH_UPDATE_DATA,
- &update, &fw_error);
- if (ret) {
- error_report("%s: LAUNCH_UPDATE ret=%d fw_error=%d '%s'",
- __func__, ret, fw_error, fw_error_to_str(fw_error));
- }
-
- return ret;
-}
-
static int
sev_launch_update_vmsa(SevGuestState *sev)
{
@@ -1009,15 +986,19 @@ out:
int
sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp)
{
+ KVMState *s = kvm_state;
+ int fw_error;
+
if (!sev_guest) {
return 0;
}
/* if SEV is in update state then encrypt the data else do nothing */
if (sev_check_state(sev_guest, SEV_STATE_LAUNCH_UPDATE)) {
- int ret = sev_launch_update_data(sev_guest, ptr, len);
+ int ret = sev_launch_update_data(s->vmfd, (__u64) ptr, len, &fw_error);
if (ret < 0) {
- error_setg(errp, "SEV: Failed to encrypt pflash rom");
+ error_setg(errp, "SEV: Failed to encrypt pflash rom fw_err=%d",
+ fw_error);
return ret;
}
}
--
2.40.1
- [RFC PATCH 5/8] i386/sev: Replace LAUNCH_UPDATE_VMSA ioctl with sev library equivalent, (continued)
- [RFC PATCH 5/8] i386/sev: Replace LAUNCH_UPDATE_VMSA ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 6/8] i386/sev: Replace LAUNCH_MEASURE ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 8/8] i386/sev: Replace LAUNCH_FINISH ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 7/8] i386/sev: Replace LAUNCH_SECRET ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- Re: [RFC PATCH 0/8] i386/sev: Use C API of Rust SEV library, Philippe Mathieu-Daudé, 2023/09/14
- [RFC PATCH 0/8] i386/sev: Use C API of Rust SEV library, Tyler Fanelli, 2023/09/14
- [RFC PATCH 5/8] i386/sev: Replace LAUNCH_UPDATE_VMSA ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 7/8] i386/sev: Replace LAUNCH_SECRET ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 8/8] i386/sev: Replace LAUNCH_FINISH ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 4/8] i386/sev: Replace UPDATE_DATA ioctl with sev library equivalent,
Tyler Fanelli <=
- [RFC PATCH 1/8] Add SEV Rust library as dependency with CONFIG_SEV, Tyler Fanelli, 2023/09/14
- [RFC PATCH 6/8] i386/sev: Replace LAUNCH_MEASURE ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 3/8] i386/sev: Replace LAUNCH_START ioctl with sev library equivalent, Tyler Fanelli, 2023/09/14
- [RFC PATCH 2/8] i386/sev: Replace INIT and ES_INIT ioctls with sev library equivalents, Tyler Fanelli, 2023/09/14