From 54648e0e5a45acf2e472430ee83bb8dfa057fb30 Mon Sep 17 00:00:00 2001 From: jiangxin Date: Tue, 24 Aug 2021 14:57:28 +0800 Subject: [PATCH] target/i386: csv: Add CSV3 context CSV/CSV2/CSV3 are the secure virtualization features on Hygon CPUs. The CSV and CSV2 are compatible with the AMD SEV and SEV-ES, respectively. From CSV3, we introduced more secure features to protect the guest, users can bit 6 of the guest policy to run a CSV3 guest. Add the context and the build option. Signed-off-by: Xin Jiang Signed-off-by: hanliyang --- target/i386/csv.c | 11 +++++++++++ target/i386/csv.h | 17 +++++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/target/i386/csv.c b/target/i386/csv.c index 88fb05ac37..9a1de04db7 100644 --- a/target/i386/csv.c +++ b/target/i386/csv.c @@ -18,3 +18,14 @@ #include "csv.h" bool csv_kvm_cpu_reset_inhibit; + +Csv3GuestState csv3_guest = { 0 }; + +bool +csv3_enabled(void) +{ + if (!is_hygon_cpu()) + return false; + + return sev_es_enabled() && (csv3_guest.policy & GUEST_POLICY_CSV3_BIT); +} diff --git a/target/i386/csv.h b/target/i386/csv.h index 05e7fd8dc1..ea87c1ba27 100644 --- a/target/i386/csv.h +++ b/target/i386/csv.h @@ -14,6 +14,9 @@ #ifndef I386_CSV_H #define I386_CSV_H +#include "qapi/qapi-commands-misc-target.h" + +#define GUEST_POLICY_CSV3_BIT (1 << 6) #define GUEST_POLICY_REUSE_ASID (1 << 7) #ifdef CONFIG_CSV @@ -40,9 +43,12 @@ static bool __attribute__((unused)) is_hygon_cpu(void) return false; } +bool csv3_enabled(void); + #else #define is_hygon_cpu() (false) +#define csv3_enabled() (false) #endif @@ -66,4 +72,15 @@ int csv_load_queued_incoming_pages(QEMUFile *f); int csv_save_outgoing_cpu_state(QEMUFile *f, uint64_t *bytes_sent); int csv_load_incoming_cpu_state(QEMUFile *f); +/* CSV3 */ +struct Csv3GuestState { + uint32_t policy; + int sev_fd; + void *state; +}; + +typedef struct Csv3GuestState Csv3GuestState; + +extern struct Csv3GuestState csv3_guest; + #endif -- 2.41.0.windows.1