[Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command

From:	Brijesh Singh
Subject:	[Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command
Date:	Tue, 13 Sep 2016 10:48:27 -0400
User-agent:	StGit/0.17.1-dirty

The SEV DEBUG_DECRYPT command is used for decrypting a guest memory
for the debugging purposes. Note that debugging is permitting only
when guest policy allows it.

For more information see [1], section 7.1

[1] http://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf

The following KVM RFC patches defines and implements this command

http://marc.info/?l=kvm&m=147190852423972&w=2
http://marc.info/?l=kvm&m=147191068524579&w=2

Signed-off-by: Brijesh Singh <address@hidden>
---
 include/sysemu/sev.h |   10 ++++++++++
 sev.c                |   23 +++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h
index ab03c5d..5872c3e 100644
--- a/include/sysemu/sev.h
+++ b/include/sysemu/sev.h
@@ -55,4 +55,14 @@ int kvm_sev_guest_finish(void);
  */
 int kvm_sev_guest_measurement(uint8_t *measurement);
 
+/**
+ * kvm_sev_dbg_decrypt -  decrypt the guest memory for debugging purposes
+ * @src - guest memory address
+ * @dest - host memory address where the decrypted data should be copied
+ * @length - length of memory region
+ *
+ * Returns: 0 on success and dest will contains the decrypted data
+ */
+int kvm_sev_dbg_decrypt(uint8_t *dest, const uint8_t *src, uint32_t len);
+
 #endif
diff --git a/sev.c b/sev.c
index 055ed83..c7031d3 100644
--- a/sev.c
+++ b/sev.c
@@ -432,3 +432,26 @@ int kvm_sev_guest_measurement(uint8_t *out)
 
     return 0;
 }
+
+int kvm_sev_dbg_decrypt(uint8_t *dst, const uint8_t *src, uint32_t len)
+{
+    int ret;
+    struct kvm_sev_dbg_decrypt decrypt;
+    struct kvm_sev_issue_cmd input;
+
+    decrypt.src_addr = (unsigned long)src;
+    decrypt.dst_addr = (unsigned long)dst;
+    decrypt.length = len;
+
+    input.cmd = KVM_SEV_DBG_DECRYPT;
+    input.opaque = (unsigned long)&decrypt;
+    ret = kvm_vm_ioctl(kvm_state, KVM_SEV_ISSUE_CMD, &input);
+    if (ret) {
+        fprintf(stderr, "SEV: dbg_decrypt failed ret=%d(%#010x)\n",
+                ret, input.ret_code);
+        return 1;
+    }
+
+    DPRINTF("SEV: DBG_DECRYPT dst %p src %p sz %d\n", dst, src, len);
+    return 0;
+}

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [RFC PATCH v1 01/22] exec: add guest RAM read/write ops, (continued)
- [Qemu-devel] [RFC PATCH v1 01/22] exec: add guest RAM read/write ops, Brijesh Singh, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 03/22] monitor: use debug version of physical memory read api, Brijesh Singh, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 11/22] sev: add SEV debug encrypt command, Brijesh Singh, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 13/22] hmp: update 'info kvm' to display SEV status, Brijesh Singh, 2016/09/13
  - Re: [Qemu-devel] [RFC PATCH v1 13/22] hmp: update 'info kvm' to display SEV status, Eric Blake, 2016/09/13
  - Re: [Qemu-devel] [RFC PATCH v1 13/22] hmp: update 'info kvm' to display SEV status, Paolo Bonzini, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 14/22] sev: provide SEV-enabled guest RAM read/write ops, Brijesh Singh, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 02/22] cpu-common: add debug version of physical memory read/write, Brijesh Singh, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command, Brijesh Singh, 2016/09/13
  - Re: [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command, Eduardo Habkost, 2016/09/13
- [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Brijesh Singh <=
  - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/13
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Daniel P. Berrange, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Daniel P. Berrange, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Michael S. Tsirkin, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Eduardo Habkost, 2016/09/14
    - Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command, Paolo Bonzini, 2016/09/14

Prev by Date: [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command
Next by Date: [Qemu-devel] [RFC PATCH v1 08/22] sev: add SEV launch update command
Previous by thread: Re: [Qemu-devel] [RFC PATCH v1 09/22] sev: add SEV launch finish command
Next by thread: Re: [Qemu-devel] [RFC PATCH v1 10/22] sev: add SEV debug decrypt command
Index(es):
- Date
- Thread