| Message ID | 25c486d1790d12a27efa6af3350154c4f5bbd187.1723560001.git.roy.hopkins@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Introduce support for IGVM files | expand |
On Tue, Aug 13, 2024 at 04:01:14PM GMT, Roy Hopkins wrote: >For confidential guests a policy can be provided that defines the >security level, debug status, expected launch measurement and other >parameters that define the configuration of the confidential platform. > >This commit adds a new function named set_guest_policy() that can be >implemented by each confidential platform, such as AMD SEV to set the >policy. This will allow configuration of the policy from a >multi-platform resource such as an IGVM file without the IGVM processor >requiring specific implementation details for each platform. > >Signed-off-by: Roy Hopkins <roy.hopkins@suse.com> >Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> >Acked-by: Michael S. Tsirkin <mst@redhat.com> >--- > backends/confidential-guest-support.c | 12 ++++++++++++ > include/exec/confidential-guest-support.h | 21 +++++++++++++++++++++ > 2 files changed, 33 insertions(+) Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> > >diff --git a/backends/confidential-guest-support.c b/backends/confidential-guest-support.c >index 68e6fd9d18..3c46b2cd6b 100644 >--- a/backends/confidential-guest-support.c >+++ b/backends/confidential-guest-support.c >@@ -38,6 +38,17 @@ static int set_guest_state(hwaddr gpa, uint8_t *ptr, uint64_t len, > return -1; > } > >+static int set_guest_policy(ConfidentialGuestPolicyType policy_type, >+ uint64_t policy, >+ void *policy_data1, uint32_t policy_data1_size, >+ void *policy_data2, uint32_t policy_data2_size, >+ Error **errp) >+{ >+ error_setg(errp, >+ "Setting confidential guest policy is not supported for this platform"); >+ return -1; >+} >+ > static int get_mem_map_entry(int index, ConfidentialGuestMemoryMapEntry *entry, > Error **errp) > { >@@ -52,6 +63,7 @@ static void confidential_guest_support_class_init(ObjectClass *oc, void *data) > ConfidentialGuestSupportClass *cgsc = CONFIDENTIAL_GUEST_SUPPORT_CLASS(oc); > cgsc->check_support = check_support; > cgsc->set_guest_state = set_guest_state; >+ cgsc->set_guest_policy = set_guest_policy; > cgsc->get_mem_map_entry = get_mem_map_entry; > } > >diff --git a/include/exec/confidential-guest-support.h b/include/exec/confidential-guest-support.h >index 058c7535ca..6a9ccc2454 100644 >--- a/include/exec/confidential-guest-support.h >+++ b/include/exec/confidential-guest-support.h >@@ -59,6 +59,10 @@ typedef enum ConfidentialGuestPageType { > CGS_PAGE_TYPE_REQUIRED_MEMORY, > } ConfidentialGuestPageType; > >+typedef enum ConfidentialGuestPolicyType { >+ GUEST_POLICY_SEV, >+} ConfidentialGuestPolicyType; >+ > struct ConfidentialGuestSupport { > Object parent; > >@@ -123,6 +127,23 @@ typedef struct ConfidentialGuestSupportClass { > ConfidentialGuestPageType memory_type, > uint16_t cpu_index, Error **errp); > >+ /* >+ * Set the guest policy. The policy can be used to configure the >+ * confidential platform, such as if debug is enabled or not and can contain >+ * information about expected launch measurements, signed verification of >+ * guest configuration and other platform data. >+ * >+ * The format of the policy data is specific to each platform. For example, >+ * SEV-SNP uses a policy bitfield in the 'policy' argument and provides an >+ * ID block and ID authentication in the 'policy_data' parameters. The type >+ * of policy data is identified by the 'policy_type' argument. >+ */ >+ int (*set_guest_policy)(ConfidentialGuestPolicyType policy_type, >+ uint64_t policy, >+ void *policy_data1, uint32_t policy_data1_size, >+ void *policy_data2, uint32_t policy_data2_size, >+ Error **errp); >+ > /* > * Iterate the system memory map, getting the entry with the given index > * that can be populated into guest memory. >-- >2.43.0 >
diff --git a/backends/confidential-guest-support.c b/backends/confidential-guest-support.c index 68e6fd9d18..3c46b2cd6b 100644 --- a/backends/confidential-guest-support.c +++ b/backends/confidential-guest-support.c @@ -38,6 +38,17 @@ static int set_guest_state(hwaddr gpa, uint8_t *ptr, uint64_t len, return -1; } +static int set_guest_policy(ConfidentialGuestPolicyType policy_type, + uint64_t policy, + void *policy_data1, uint32_t policy_data1_size, + void *policy_data2, uint32_t policy_data2_size, + Error **errp) +{ + error_setg(errp, + "Setting confidential guest policy is not supported for this platform"); + return -1; +} + static int get_mem_map_entry(int index, ConfidentialGuestMemoryMapEntry *entry, Error **errp) { @@ -52,6 +63,7 @@ static void confidential_guest_support_class_init(ObjectClass *oc, void *data) ConfidentialGuestSupportClass *cgsc = CONFIDENTIAL_GUEST_SUPPORT_CLASS(oc); cgsc->check_support = check_support; cgsc->set_guest_state = set_guest_state; + cgsc->set_guest_policy = set_guest_policy; cgsc->get_mem_map_entry = get_mem_map_entry; } diff --git a/include/exec/confidential-guest-support.h b/include/exec/confidential-guest-support.h index 058c7535ca..6a9ccc2454 100644 --- a/include/exec/confidential-guest-support.h +++ b/include/exec/confidential-guest-support.h @@ -59,6 +59,10 @@ typedef enum ConfidentialGuestPageType { CGS_PAGE_TYPE_REQUIRED_MEMORY, } ConfidentialGuestPageType; +typedef enum ConfidentialGuestPolicyType { + GUEST_POLICY_SEV, +} ConfidentialGuestPolicyType; + struct ConfidentialGuestSupport { Object parent; @@ -123,6 +127,23 @@ typedef struct ConfidentialGuestSupportClass { ConfidentialGuestPageType memory_type, uint16_t cpu_index, Error **errp); + /* + * Set the guest policy. The policy can be used to configure the + * confidential platform, such as if debug is enabled or not and can contain + * information about expected launch measurements, signed verification of + * guest configuration and other platform data. + * + * The format of the policy data is specific to each platform. For example, + * SEV-SNP uses a policy bitfield in the 'policy' argument and provides an + * ID block and ID authentication in the 'policy_data' parameters. The type + * of policy data is identified by the 'policy_type' argument. + */ + int (*set_guest_policy)(ConfidentialGuestPolicyType policy_type, + uint64_t policy, + void *policy_data1, uint32_t policy_data1_size, + void *policy_data2, uint32_t policy_data2_size, + Error **errp); + /* * Iterate the system memory map, getting the entry with the given index * that can be populated into guest memory.