From patchwork Mon Jan 29 17:41:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 867231 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=amdcloud.onmicrosoft.com header.i=@amdcloud.onmicrosoft.com header.b="F3lqbVB0"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zVcTH382dz9sBd for ; Tue, 30 Jan 2018 04:49:23 +1100 (AEDT) Received: from localhost ([::1]:53681 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egDYX-0002bb-Fd for incoming@patchwork.ozlabs.org; Mon, 29 Jan 2018 12:49:21 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49173) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egDRj-0005np-Ol for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:25 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1egDRf-0003d0-QY for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:19 -0500 Received: from mail-dm3nam03on0064.outbound.protection.outlook.com ([104.47.41.64]:11072 helo=NAM03-DM3-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1egDRf-0003bl-Is for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:15 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=wfcGUbLLIoam8HMkyWvshq5YncZmKREAD+x3M7gdYac=; b=F3lqbVB0dkz1H0aeYTpC4g8OFdVAzbmDGS1cl6P2uWYV5CR90Aoi6g5ec9/T6e+7mtGXp2uQIJTDE0zrBQHqGvBCq7sg50DcgkefHGEM+QZII+8YLC24mh9TU1BDpyagAa3vVDMehp3F0+eQ0ticOvQft5BzLDUywx9jY+ZOI8U= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0154.namprd12.prod.outlook.com (2a01:111:e400:50ce::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.444.14; Mon, 29 Jan 2018 17:42:11 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Mon, 29 Jan 2018 11:41:25 -0600 Message-Id: <20180129174132.108925-17-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20180129174132.108925-1-brijesh.singh@amd.com> References: <20180129174132.108925-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR17CA0018.namprd17.prod.outlook.com (2603:10b6:404:65::28) To DM2PR12MB0154.namprd12.prod.outlook.com (2a01:111:e400:50ce::17) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 5b8334fa-f015-4c5a-ba6c-08d5673fa114 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:DM2PR12MB0154; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 3:MuwKGkQubGUElXl1Vgfs1PPBzWDiRnFsn4djWMjOyqkExmmaSRU3hwt2/moOtfXOIW/UDdy24kOZHiPzBWpE1yX2jO9v5iLWyThpi5UFlR+sP4+xykPexy+HfQTWn8kQb0zW9dL3so/nscw/Cs2r+tShXMXYhL3njQZjOYUu42LglmQsan0dMm4GrDtSBxKiUAfLMZ1bx7LM8reDlwVZL6CMyjc9OKvyXBrXpsnsOXOCYq0sm5Er2CpbcgfngzI4; 25:TDbKIISULt/kybZ+dls3MYMg0cPpqzAF8rj5z2fv4bx8VSoFhhdAJ3a7Ls+4GoLwMHbPd8X3oPN8gvqQg6n88kKd1G3V3auIy0RxSrw6FHMDWBW5MsJYZpdHbICCvZscRocfO548biDQPRhTmxcc5esZhKYhb4MnxQoCmL4EJg/ha1ws5PZx6MwRTIlr4O17GPV51yaslNk4tO2GUUFEIIFoRCkpEpnbkfclxSlUGN1zYV1mVd4nfVwj/Iel7hf3DVixau94TMgU5afeVL345rUvUdqgp97mVwTwqYdnHIrQAbFQJAh9vTmD1YR/oD9dlkXzFcv+GwxehEb/hycsPw==; 31:KfBIhZKU5aws1gUYqZM4jJ1qZUMPTAm9GyMCyQiHw8U95257x3JYCaOWL3JW+YC6AsuTXeTe38Fg1EhBf8v2Dxu04me/vyHXAqLSD6SFUMYRLi5s8hNIQXPylA6Pnyp/6/0rRne6gDibX5zzO98wzMe5PDgku/ufg8gRMgwxFWrmLgCh2OapB6BaGm3D3f72oyLTOcHsASdjMYZ4waARo/Xv8y2cagXwIXGAU3dUlEQ= X-MS-TrafficTypeDiagnostic: DM2PR12MB0154: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 20:IowtWcjAY4viG5AVlQS4WKFEahA8N0YvdNGw6ZSUad03i9mk5zp6JIJdB9PKQO1aUy5U5EhzGF0Dv7871nKJoShBWh8tbdcWVJE2PbffVhQWHp8KC9VKbiu0mqhzN96pmejC39WM6udNq6nIfxgUgD79+9nxR+b2ml9ahPcj9bK7EUFcweAy0liEvwvywtT1CO/ZtBlo/lJNbT8W/RYBNIfnGzYeAgrvNaTLQtXRk12AsP5YQjjs1vJf0GPueMCFHhd2alPqNPmqA2dCylbCnf3CCWQSP4Xqvsv9nk9OTNLIMcX2q7pyIFcq6ClYPG9X27r9l7EFIIEVvz+CcglFwR4byqt8k5r+M0wHZeenkxL0R62RqvLL465379Eed9nHqfqHL3g+BdO54JrB2H2VFdmMCobJHDOo5SaA0GQDlW+D/YavvzLDruOocQBHOiQbomniMdnKVksr90LUMJlF2y4IrQojU8Pxr44ang8/xjgFMWtPw+WJSLYSLvsumW7w; 4:9hW1UzWt8W8X019GmWy4CBBf8voWHHCD0vNrUrcAA0hY2dtRkcM7cRjFghryEKbUkEOm6vlBUqDE2HEsbmj+DRPcpzpEQ6pvRqdImGliiLQGZPGAr5g4QrGlsc1ujgDoQ2ob8swhUu39R/FTruzbeR+JQq1xbKRnA4wbi8LamOl7Pt+/nihsBBp/FeRt/6N+a4/cCO2g3IcCBR9Z9w9c3NnO28vXkABZQl649wOUj8eZOscD/bgRhlTOC01u/6yqar9lJ402DQY8Hn6d4n8dD164+obNpuLRV+UIgZCr5O8IoihcdY2CJ7KWY/qvpjG8 X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(10201501046)(3231101)(944501161)(93006095)(93001095)(3002001)(6055026)(6041288)(20161123560045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123564045)(6072148)(201708071742011); SRVR:DM2PR12MB0154; BCL:0; PCL:0; RULEID:; SRVR:DM2PR12MB0154; X-Forefront-PRVS: 0567A15835 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39860400002)(376002)(39380400002)(396003)(366004)(346002)(199004)(189003)(48376002)(8656006)(39060400002)(4326008)(6486002)(68736007)(36756003)(478600001)(26005)(97736004)(16526019)(53936002)(386003)(50466002)(86362001)(25786009)(8666007)(16586007)(54906003)(186003)(47776003)(316002)(7416002)(305945005)(7696005)(105586002)(106356001)(76176011)(51416003)(2906002)(81156014)(66066001)(81166006)(8676002)(2361001)(53416004)(3846002)(50226002)(52116002)(6116002)(2351001)(1076002)(8936002)(7736002)(6666003)(6916009)(5660300001)(2950100002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0154; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0154; 23:9a7PUrIpe1dBPOrbNWGWPeYXxI0yQkryyzrIYYb3R?= lblh3twprMPbHuXwQwyog7MZ6fHULoqaMJNylDwL/JA7AKuqrzAWH/73wCdW67WUPA+qKFfQQ4ZyKfblmkbWjkyoKx7vMeapiwmy+br8hqe9Y1zUB85bNx15ar88wtlArgMjFtmQiWlxVclYTnJ/RQxWH5vGCsBQkNzvYNohJndt0mB4aejnNl0qFZZGMWlB7xWrlYImSKKQh+5PLfItD4NrRYNUU1w564yJtRk5+ifoUfiy4kE/AqKW7IHk/30uAaq3sZXvYoILObej9L0aCYXo705glAEJ+959IlEO85hbX5DSaohuA9MyHbdeq+tuLqcIZOnPvVQlWvr6/DjQqRXjkatkaBtZOUy2Wq9f51fPMXQPKFJhv+qrpFmJeQ6UxajZD12xV80YOoGCZnTBAN25fpV+lH1Tzo7gkYsIf0hTsbqoyN6RJBvA1sYIUfT3GuqjmD5M0Mtba+XUENP3U/z6XazkjkbjD9/x+TRLjSaPnBl3YDQLCKy0EluoCsqUwt1uquolBGfjIfn2+zZMbHCZV52rHDiNV1x/pvHGE45Q2+mLtfs/31meBfaMklg9ymov8EL7xxKeahzJnkVzA7oZSTHlnLZO27yslGiuSsdJTIEmsaf92twgV/lsVU4z00e+ijg3ncYa0ITRsKZpRuUdWo2rsgNRcnIEHralEHIbP4qdxGhRr9EB466Z+USSpSiRIf5f9LO0FlwecKyH2OhWnoUpjD5ytGLmliv0AobbZZjgsg/S/FJDdrZrt8NRqQ1otYD5WgceRM+k5syr47RDDVCrZxLiDx/6kGw3U58UpBgmET5rR9HiGYb3/o7kU/DSQxo97zdohlcgM5IbuCugQ4+KflpiwryVSA1gSE1z9JpSNHA9DGxwv1e9cgVUrWyC1LHFfEpVRy44yAfGmJdPAmiYTKH8uwhOARwAKd45RLW2BKbdjwapU+VXVxSvew5W6WBDsCqkvD45ioLebKinuVzUbOxUOGCXEoiECN91scgcDEaSY/P12fcnz+FnADa429ocOmZmeiYSMA6OkRaEr0rFJQhuzR+QsOrsR8xGZEvOEZ3vehjIE3WgGyLu/j4gFLDY2wePp/OwNg0iDdTfkFy/VrNOf0dUAJGnwLTtCFgymNM6ajBjUSDluxLac0gkUWBctFUDK6vu2C8Zl1P7mGFXCjNCD3V2IejBlSY8ptEn4q7lysx9WR2r9zghdEqNUNGvnnDIsivBCfGfSLvRIpsLJm9cbGA0p1aFthoiw== X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 6:fMozNazNcdgI6DBRf7Mmuey5scjWz0XB0+XBlsdSc6IFPeMD7cyCRXGkehOmomzI5ivESE3v8Xs/R6lyBohzydzSrsUXcH7SOh9H//uerHQlcf8ZPallAYfkboRoYPNXv/juvgfAGN3rU2QudcVBYU0V4LO2aISywtur5wEm4zV8sA7Noo93n+xw9p/gpTdN+wvCvwrasrXK6lU8bDcup3yCGyu7ri1iB9BR+jlRvx/OjZbUV4W34lgsbfKBbV3Oe5Vxr+KMIKNjjs2umVCWejckuzAiLaX/bP5J5mMXyVSHPzr2FtaBDh2D+bbJlewgHPo5BfDIm49bWHec2UJBLxW6ksdpochQglAWbXgj3Jk=; 5:M42ktFizQI91qakwFAy0vuyWJi3RziIOKqHhfn9hERhSR/5XT97zfTmCsD6UZq5cb7bZFCnA2pv3TCKYjWHmy2ZXXNLwPVtdCJTK9RJOOiGs4vkBWH0qRUeJCTJ5BsepNlfRRgb7Z1Tf7zeM+K2HPWzkTSydstqxkZgMzTE/o58=; 24:Moz26Elpnno/TQCkITTiyuJEsLyh9J+sBP+wOac+bHFKv2T5QCyRYZspJNBKwii0nZlX1h79CSyYcRxImtuSOnNjKhGgJSlKNuM/gAENFhI=; 7:xXmGR8xVTI8rkTh5o1OemE5Pt4oPHcwTIdJpzlE1RvIJytQJmqBAozoTU8907vvxxam54WPRp9oqvT+uR6OLLQYmJktX23Uk7BNzfd5wLtEMZoo8bQsK4E1R8JNkqB2KReew44lvtWpDNclHRvGBQYIT7GEZaux6bRh2hNy3MSJ/OgK5UWx67CaOL4jJnJRaAqOMK2d6jQRQwZY3bfnlTp4gEm+UMZseGBsXZwhE9nLhJud56IRF9bCHkjD4fStG SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 20:xw8DTA9UdimAcT1UBEUHxACdI83eKZgMWDIO6v9hQbqlIsmWSIkI4SUj+RBUtpktWJr9TAjH+lWZz2/A2m2sWbhZNtZsP4OKReK9iU4FK/GA7SfZxBNZhWGOB9s0PFOsO+vlF6jcmDRQxfQ6K4b0E2+R8sBKsL96bIGMl5Hetz7l8Gm9HpyLyt/OjAIgYglPQO9IqnmMRaAQLFlMlFLr7d8bhxsviS0GtNQEYphk0bUdb3FDmuH92mUEs7Ptaao0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Jan 2018 17:42:11.2290 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5b8334fa-f015-4c5a-ba6c-08d5673fa114 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0154 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.41.64 Subject: [Qemu-devel] [PATCH v6 16/23] target/i386: encrypt bios rom X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Edgar E. Iglesias" , Peter Maydell , Eduardo Habkost , kvm@vger.kernel.org, Tom Lendacky , Stefan Hajnoczi , "Michael S. Tsirkin" , Richard Henderson , "Dr. David Alan Gilbert" , Brijesh Singh , Paolo Bonzini , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- hw/i386/pc_sysfw.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 6b183747fcea..8ddbbf74d330 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -112,6 +112,8 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) pflash_t *system_flash; MemoryRegion *flash_mem; char name[64]; + void *flash_ptr; + int ret, flash_size; sector_bits = 12; sector_size = 1 << sector_bits; @@ -168,6 +170,17 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) if (unit == 0) { flash_mem = pflash_cfi01_get_memory(system_flash); pc_isa_bios_init(rom_memory, flash_mem, size); + + /* Encrypt the pflash boot ROM */ + if (kvm_memcrypt_enabled()) { + flash_ptr = memory_region_get_ram_ptr(flash_mem); + flash_size = memory_region_size(flash_mem); + ret = kvm_memcrypt_encrypt_data(flash_ptr, flash_size); + if (ret) { + error_report("failed to encrypt pflash rom"); + exit(1); + } + } } } }