Skip to content
Snippets Groups Projects
Select Git revision
  • feature/libtcg-rebase default protected
1 result
Search by author
  • Any Author
  • Anton Anton anjo
1 author
  1. Dec 10, 2021
  3. Jul 09, 2021
  5. Jun 17, 2021
  7. Jun 01, 2021
    • Brijesh Singh's avatar
      target/i386/sev: add support to query the attestation report · 3ea1a802
      Brijesh Singh authored 
      
The SEV FW >= 0.23 added a new command that can be used to query the
attestation report containing the SHA-256 digest of the guest memory
and VMSA encrypted with the LAUNCH_UPDATE and sign it with the PEK.

Note, we already have a command (LAUNCH_MEASURE) that can be used to
query the SHA-256 digest of the guest memory encrypted through the
LAUNCH_UPDATE. The main difference between previous and this command
is that the report is signed with the PEK and unlike the LAUNCH_MEASURE
command the ATTESATION_REPORT command can be called while the guest
is running.

Add a QMP interface "query-sev-attestation-report" that can be used
to get the report encoded in base64.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Cc: Eric Blake <eblake@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: kvm@vger.kernel.org
Reviewed-by: default avatarJames Bottomley <jejb@linux.ibm.com>
Tested-by: default avatarJames Bottomley <jejb@linux.ibm.com>
Signed-off-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
Reviewed-by: default avatarConnor Kuehl <ckuehl@redhat.com>
Message-Id: <20210429170728.24322-1-brijesh.singh@amd.com>
Signed-off-by: default avatarEduardo Habkost <ehabkost@redhat.com>
      3ea1a802
  9. Jan 21, 2021
  11. Nov 01, 2020
  13. Oct 08, 2020
  15. Sep 29, 2020
  17. Jul 10, 2020
  19. Jun 18, 2020
  21. Apr 28, 2020
  23. Feb 26, 2020
  25. Jan 08, 2020
  27. Dec 16, 2019
  29. Oct 15, 2019
  31. Sep 16, 2019
    • Wanpeng Li's avatar
      i386/kvm: support guest access CORE cstate · d38d201f
      Wanpeng Li authored 
      
Allow guest reads CORE cstate when exposing host CPU power management capabilities
to the guest. PKG cstate is restricted to avoid a guest to get the whole package
information in multi-tenant scenario.

Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: default avatarWanpeng Li <wanpengli@tencent.com>
Message-Id: <1563154124-18579-1-git-send-email-wanpengli@tencent.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      d38d201f
  33. Jun 21, 2019
    • Liran Alon's avatar
      linux-headers: sync with latest KVM headers from Linux 5.2 · 1d33bea4
      Liran Alon authored 
      
Improve the KVM_{GET,SET}_NESTED_STATE structs by detailing the format
of VMX nested state data in a struct.

In order to avoid changing the ioctl values of
KVM_{GET,SET}_NESTED_STATE, there is a need to preserve
sizeof(struct kvm_nested_state). This is done by defining the data
struct as "data.vmx[0]". It was the most elegant way I found to
preserve struct size while still keeping struct readable and easy to
maintain. It does have a misfortunate side-effect that now it has to be
accessed as "data.vmx[0]" rather than just "data.vmx".

Because we are already modifying these structs, I also modified the
following:
* Define the "format" field values as macros.
* Rename vmcs_pa to vmcs12_pa for better readability.

Signed-off-by: default avatarLiran Alon <liran.alon@oracle.com>
Reviewed-by: default avatarMaran Wilson <maran.wilson@oracle.com>
Message-Id: <20190619162140.133674-7-liran.alon@oracle.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
      1d33bea4
  35. May 21, 2019
  37. Apr 25, 2019
  39. Feb 04, 2019
  41. Oct 19, 2018
  43. Oct 12, 2018
  45. Aug 20, 2018
  47. Jun 22, 2018
  49. Jun 01, 2018
  51. May 23, 2018
  53. Mar 13, 2018
  55. Jan 22, 2018
  57. Dec 13, 2017
  59. Sep 29, 2017
  61. Sep 05, 2017
  63. Aug 31, 2017
  65. Jul 18, 2017
  67. Jul 14, 2017
  69. May 19, 2017
  71. Feb 28, 2017