conf: domain: sev: Make 'cbitpos' & 'reducedPhysBits' attrs optional

These XML attributes have been mandatory since the introduction of SEV
support to libvirt. This design decision was based on QEMU's
requirement for these to be mandatory for migration purposes, as
differences in these values across platforms must result in the
pre-migration checks failing (not that migration with SEV works at the
time of this patch).

Expecting the user to specify these is cumbersome and the same XML
cannot be re-used across different revisions of SEV. Since
we have SEV platform information saved in QEMU capabilities, we can
make the attributes optional and should fill them in automatically
in the QEMU driver right before starting it.

Resolves: https://gitlab.com/libvirt/libvirt/-/issues/57

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Daniel Henrique Barboza <danielhb413@gmail.com>
This commit is contained in:
Erik Skultety 2020-10-09 15:15:21 +02:00
parent ccb40cf288
commit 2508d10f67
5 changed files with 113 additions and 22 deletions

View File

@ -467,12 +467,16 @@
<value>sev</value> <value>sev</value>
</attribute> </attribute>
<interleave> <interleave>
<element name="cbitpos"> <optional>
<data type="unsignedInt"/> <element name="cbitpos">
</element> <data type="unsignedInt"/>
<element name="reducedPhysBits"> </element>
<data type="unsignedInt"/> </optional>
</element> <optional>
<element name="reducedPhysBits">
<data type="unsignedInt"/>
</element>
</optional>
<element name="policy"> <element name="policy">
<ref name="hexuint"/> <ref name="hexuint"/>
</element> </element>

View File

@ -16764,6 +16764,7 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
virDomainSEVDefPtr def; virDomainSEVDefPtr def;
unsigned long policy; unsigned long policy;
g_autofree char *type = NULL; g_autofree char *type = NULL;
int rc = -1;
def = g_new0(virDomainSEVDef, 1); def = g_new0(virDomainSEVDef, 1);
@ -16788,25 +16789,35 @@ virDomainSEVDefParseXML(xmlNodePtr sevNode,
goto error; goto error;
} }
if (virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch security cbitpos"));
goto error;
}
if (virXPathUInt("string(./reducedPhysBits)", ctxt,
&def->reduced_phys_bits) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch security reduced-phys-bits"));
goto error;
}
if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) { if (virXPathULongHex("string(./policy)", ctxt, &policy) < 0) {
virReportError(VIR_ERR_XML_ERROR, "%s", virReportError(VIR_ERR_XML_ERROR, "%s",
_("failed to get launch security policy")); _("failed to get launch security policy"));
goto error; goto error;
} }
/* the following attributes are platform dependent and if missing, we can
* autofill them from domain capabilities later
*/
rc = virXPathUInt("string(./cbitpos)", ctxt, &def->cbitpos);
if (rc == 0) {
def->haveCbitpos = true;
} else if (rc == -2) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("Invalid format for launch security cbitpos"));
goto error;
}
rc = virXPathUInt("string(./reducedPhysBits)", ctxt,
&def->reduced_phys_bits);
if (rc == 0) {
def->haveReducedPhysBits = true;
} else if (rc == -2) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("Invalid format for launch security "
"reduced-phys-bits"));
goto error;
}
def->policy = policy; def->policy = policy;
def->dh_cert = virXPathString("string(./dhCert)", ctxt); def->dh_cert = virXPathString("string(./dhCert)", ctxt);
def->session = virXPathString("string(./session)", ctxt); def->session = virXPathString("string(./session)", ctxt);
@ -28958,9 +28969,12 @@ virDomainSEVDefFormat(virBufferPtr buf, virDomainSEVDefPtr sev)
virDomainLaunchSecurityTypeToString(sev->sectype)); virDomainLaunchSecurityTypeToString(sev->sectype));
virBufferAdjustIndent(buf, 2); virBufferAdjustIndent(buf, 2);
virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n", sev->cbitpos); if (sev->haveCbitpos)
virBufferAsprintf(buf, "<reducedPhysBits>%d</reducedPhysBits>\n", virBufferAsprintf(buf, "<cbitpos>%d</cbitpos>\n", sev->cbitpos);
sev->reduced_phys_bits);
if (sev->haveReducedPhysBits)
virBufferAsprintf(buf, "<reducedPhysBits>%d</reducedPhysBits>\n",
sev->reduced_phys_bits);
virBufferAsprintf(buf, "<policy>0x%04x</policy>\n", sev->policy); virBufferAsprintf(buf, "<policy>0x%04x</policy>\n", sev->policy);
if (sev->dh_cert) if (sev->dh_cert)
virBufferEscapeString(buf, "<dhCert>%s</dhCert>\n", sev->dh_cert); virBufferEscapeString(buf, "<dhCert>%s</dhCert>\n", sev->dh_cert);

View File

@ -0,0 +1,37 @@
LC_ALL=C \
PATH=/bin \
HOME=/tmp/lib/domain--1-QEMUGuest1 \
USER=test \
LOGNAME=test \
XDG_DATA_HOME=/tmp/lib/domain--1-QEMUGuest1/.local/share \
XDG_CACHE_HOME=/tmp/lib/domain--1-QEMUGuest1/.cache \
XDG_CONFIG_HOME=/tmp/lib/domain--1-QEMUGuest1/.config \
QEMU_AUDIO_DRV=none \
/usr/bin/qemu-system-x86_64 \
-name guest=QEMUGuest1,debug-threads=on \
-S \
-object secret,id=masterKey0,format=raw,\
file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
-machine pc-1.0,accel=kvm,usb=off,dump-guest-core=off,memory-encryption=sev0 \
-m 214 \
-realtime mlock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
-display none \
-no-user-config \
-nodefaults \
-chardev socket,id=charmonitor,fd=1729,server,nowait \
-mon chardev=charmonitor,id=monitor,mode=control \
-rtc base=utc \
-no-shutdown \
-no-acpi \
-boot strict=on \
-device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=none,id=drive-ide0-0-0 \
-device ide-hd,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0,bootindex=1 \
-object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1,policy=0x1,\
dh-cert-file=/tmp/lib/domain--1-QEMUGuest1/dh_cert.base64,\
session-file=/tmp/lib/domain--1-QEMUGuest1/session.base64 \
-sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
resourcecontrol=deny \
-msg timestamp=on

View File

@ -0,0 +1,35 @@
<domain type='kvm'>
<name>QEMUGuest1</name>
<uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
<memory unit='KiB'>219100</memory>
<currentMemory unit='KiB'>219100</currentMemory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='x86_64' machine='pc-1.0'>hvm</type>
<boot dev='hd'/>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/bin/qemu-system-x86_64</emulator>
<disk type='block' device='disk'>
<driver name='qemu' type='raw'/>
<source dev='/dev/HostVG/QEMUGuest1'/>
<target dev='hda' bus='ide'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='usb' index='0'/>
<controller type='ide' index='0'/>
<controller type='pci' index='0' model='pci-root'/>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<memballoon model='none'/>
</devices>
<launchSecurity type='sev'>
<policy>0x0001</policy>
<dhCert>AQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAAAQAAAAAOAAA</dhCert>
<session>IHAVENOIDEABUTJUSTPROVIDINGASTRING</session>
</launchSecurity>
</domain>

View File

@ -3319,6 +3319,7 @@ mymain(void)
DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-auto", "s390x"); DO_TEST_CAPS_ARCH_LATEST("vhost-vsock-ccw-auto", "s390x");
DO_TEST_CAPS_VER("launch-security-sev", "2.12.0"); DO_TEST_CAPS_VER("launch-security-sev", "2.12.0");
DO_TEST_CAPS_VER("launch-security-sev-missing-platform-info", "2.12.0");
DO_TEST_CAPS_LATEST("vhost-user-fs-fd-memory"); DO_TEST_CAPS_LATEST("vhost-user-fs-fd-memory");
DO_TEST_CAPS_LATEST("vhost-user-fs-hugepages"); DO_TEST_CAPS_LATEST("vhost-user-fs-hugepages");