aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2018-03-20target/m68k: add DisasContext parameter to gen_extend()Laurent Vivier1-23/+23
This parameter will be needed to manage automatic release of temporary allocated TCG variables. Signed-off-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Message-Id: <20180319113544.704-2-laurent@vivier.eu>
2018-03-15Merge remote-tracking branch ↵Peter Maydell17-875/+161
'remotes/vivier2/tags/linux-user-for-2.12-pull-request' into staging # gpg: Signature made Tue 13 Mar 2018 17:33:03 GMT # gpg: using RSA key F30C38BD3F2FBE3C # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" # gpg: aka "Laurent Vivier <laurent@vivier.eu>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier2/tags/linux-user-for-2.12-pull-request: linux-user: init_guest_space: Add a comment about search strategy linux-user: init_guest_space: Don't try to align if we'll reject it linux-user: init_guest_space: Clean up control flow a bit linux-user: init_guest_commpage: Add a comment about size check linux-user: init_guest_space: Clarify page alignment logic linux-user: init_guest_space: Correctly handle guest_start in commpage initialization linux-user: init_guest_space: Clean up if we can't initialize the commpage linux-user: Rename validate_guest_space => init_guest_commpage linux-user: Use #if to only call validate_guest_space for 32-bit ARM target qemu-binfmt-conf.sh: add qemu-xtensa linux-user: drop unused target_msync function linux-user: fix target_mprotect/target_munmap error return values linux-user: fix assertion in shmdt linux-user: fix mmap/munmap/mprotect/mremap/shmat linux-user: Support f_flags in statfs when available. linux-user: allows to use "--systemd ALL" with qemu-binfmt-conf.sh linux-user: Remove the unused "not implemented" signal handling stubs linux-user: Drop unicore32 code Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-15Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream-sev' into ↵Peter Maydell46-420/+2653
staging * Migrate MSR_SMI_COUNT (Liran) * Update kernel headers (Gerd, myself) * SEV support (Brijesh) I have not tested non-x86 compilation, but I reordered the SEV patches so that all non-x86-specific changes go first to catch any possible issues (which weren't there anyway :)). # gpg: Signature made Tue 13 Mar 2018 16:37:06 GMT # gpg: using RSA key BFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream-sev: (22 commits) sev/i386: add sev_get_capabilities() sev/i386: qmp: add query-sev-capabilities command sev/i386: qmp: add query-sev-launch-measure command sev/i386: hmp: add 'info sev' command cpu/i386: populate CPUID 0x8000_001F when SEV is active sev/i386: add migration blocker sev/i386: finalize the SEV guest launch flow sev/i386: add support to LAUNCH_MEASURE command target/i386: encrypt bios rom sev/i386: add command to encrypt guest memory region sev/i386: add command to create launch memory encryption context sev/i386: register the guest memory range which may contain encrypted data sev/i386: add command to initialize the memory encryption context include: add psp-sev.h header file sev/i386: qmp: add query-sev command target/i386: add Secure Encrypted Virtualization (SEV) object kvm: introduce memory encryption APIs kvm: add memory encryption context docs: add AMD Secure Encrypted Virtualization (SEV) machine: add memory-encryption option ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-15Merge remote-tracking branch ↵Peter Maydell1-3/+4
'remotes/stsquad/tags/pull-travis-speedup-130318-1' into staging Some updates to reduce timeouts in Travis # gpg: Signature made Tue 13 Mar 2018 16:44:46 GMT # gpg: using RSA key FBD0DB095A9E2A44 # gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" # Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44 * remotes/stsquad/tags/pull-travis-speedup-130318-1: .travis.yml: add --disable-user with the rest of the disables .travis.yml: split default config into system and user .travis.yml: drop setting default log output Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-15Merge remote-tracking branch ↵Peter Maydell6-0/+2025
'remotes/vivier/tags/m68k-for-2.12-pull-request' into staging # gpg: Signature made Tue 13 Mar 2018 15:58:42 GMT # gpg: using RSA key F30C38BD3F2FBE3C # gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" # gpg: aka "Laurent Vivier <laurent@vivier.eu>" # gpg: aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" # Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F 5173 F30C 38BD 3F2F BE3C * remotes/vivier/tags/m68k-for-2.12-pull-request: target/m68k: implement fcosh target/m68k: implement fsinh target/m68k: implement ftanh target/m68k: implement fatanh target/m68k: implement facos target/m68k: implement fasin target/m68k: implement fatan target/m68k: implement fsincos target/m68k: implement fcos target/m68k: implement fsin target/m68k: implement ftan Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13Merge remote-tracking branch 'remotes/cody/tags/block-pull-request' into stagingPeter Maydell2-2/+2
# gpg: Signature made Tue 13 Mar 2018 12:28:21 GMT # gpg: using RSA key BDBE7B27C0DE3057 # gpg: Good signature from "Jeffrey Cody <jcody@redhat.com>" # gpg: aka "Jeffrey Cody <jeff@codyprime.org>" # gpg: aka "Jeffrey Cody <codyprime@gmail.com>" # Primary key fingerprint: 9957 4B4D 3474 90E7 9D98 D624 BDBE 7B27 C0DE 3057 * remotes/cody/tags/block-pull-request: block: include original filename when reporting invalid URIs Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13sev/i386: add sev_get_capabilities()Brijesh Singh4-2/+98
The function can be used to get the current SEV capabilities. The capabilities include platform diffie-hellman key (pdh) and certificate chain. The key can be provided to the external entities which wants to establish a trusted channel between SEV firmware and guest owner. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: qmp: add query-sev-capabilities commandBrijesh Singh4-0/+56
The command can be used by libvirt to query the SEV capabilities. Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: qmp: add query-sev-launch-measure commandBrijesh Singh4-0/+55
The command can be used by libvirt to retrieve the measurement of SEV guest. This measurement is a signature of the memory contents that was encrypted through the LAUNCH_UPDATE_DATA. Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: hmp: add 'info sev' commandBrijesh Singh3-0/+37
The command can be used to show the SEV information when memory encryption is enabled on AMD platform. Cc: Eric Blake <eblake@redhat.com> Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Reviewed-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13cpu/i386: populate CPUID 0x8000_001F when SEV is activeBrijesh Singh1-0/+13
When SEV is enabled, CPUID 0x8000_001F should provide additional information regarding the feature (such as which page table bit is used to mark the pages as encrypted etc). The details for memory encryption CPUID is available in AMD APM (https://support.amd.com/TechDocs/24594.pdf) Section E.4.17 Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: add migration blockerBrijesh Singh1-0/+13
SEV guest migration is not implemented yet. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: finalize the SEV guest launch flowBrijesh Singh2-0/+30
SEV launch flow requires us to issue LAUNCH_FINISH command before guest is ready to run. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: add support to LAUNCH_MEASURE commandBrijesh Singh4-0/+71
During machine creation we encrypted the guest bios image, the LAUNCH_MEASURE command can be used to retrieve the measurement of the encrypted memory region. This measurement is a signature of the memory contents that can be sent to the guest owner as an attestation that the memory was encrypted correctly by the firmware. VM management tools like libvirt can query the measurement using query-sev-launch-measure QMP command. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13target/i386: encrypt bios romBrijesh Singh1-0/+13
SEV requires that guest bios must be encrypted before booting the guest. Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: add command to encrypt guest memory regionBrijesh Singh2-0/+44
The KVM_SEV_LAUNCH_UPDATE_DATA command is used to encrypt a guest memory region using the VM Encryption Key created using LAUNCH_START. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: add command to create launch memory encryption contextBrijesh Singh2-0/+88
The KVM_SEV_LAUNCH_START command creates a new VM encryption key (VEK). The encryption key created with the command will be used for encrypting the bootstrap images (such as guest bios). Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: register the guest memory range which may contain encrypted dataBrijesh Singh2-0/+44
When SEV is enabled, the hardware encryption engine uses a tweak such that the two identical plaintext at different location will have a different ciphertexts. So swapping or moving a ciphertexts of two guest pages will not result in plaintexts being swapped. Hence relocating a physical backing pages of the SEV guest will require some additional steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be used to register/unregister the guest memory region which may contain the encrypted data. KVM driver will internally handle the relocating physical backing pages of registered memory regions. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13sev/i386: add command to initialize the memory encryption contextBrijesh Singh6-2/+303
When memory encryption is enabled, KVM_SEV_INIT command is used to initialize the platform. The command loads the SEV related persistent data from non-volatile storage and initializes the platform context. This command should be first issued before invoking any other guest commands provided by the SEV firmware. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13Merge remote-tracking branch ↵Peter Maydell3-3/+7
'remotes/ehabkost/tags/python-next-pull-request' into staging Python queue, 2018-03-12 # gpg: Signature made Mon 12 Mar 2018 22:10:36 GMT # gpg: using RSA key 2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/python-next-pull-request: device-crash-test: Use 'python' binary qmp.py: Encode json data before sending qemu.py: Use items() instead of iteritems() device-crash-test: New known crashes Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13.travis.yml: add --disable-user with the rest of the disablesAlex Bennée1-1/+1
As all the disabled features only affect system emulation we might as well disable user mode to save compile time. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-13.travis.yml: split default config into system and userAlex Bennée1-1/+2
As the build times have risen we keep timing out. Split the default config into system and user builds. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-13.travis.yml: drop setting default log outputAlex Bennée1-1/+1
The log backend is the default one, we don't need to explicitly set it. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-03-13target/m68k: implement fcoshLaurent Vivier5-0/+91
Using a local m68k floatx80_cosh() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-12-laurent@vivier.eu>
2018-03-13target/m68k: implement fsinhLaurent Vivier5-0/+99
Using a local m68k floatx80_sinh() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-11-laurent@vivier.eu>
2018-03-13target/m68k: implement ftanhLaurent Vivier5-0/+377
Using local m68k floatx80_tanh() and floatx80_etoxm1() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-10-laurent@vivier.eu>
2018-03-13target/m68k: implement fatanhLaurent Vivier5-0/+75
Using a local m68k floatx80_atanh() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-9-laurent@vivier.eu>
2018-03-13target/m68k: implement facosLaurent Vivier5-0/+80
Using a local m68k floatx80_acos() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-8-laurent@vivier.eu>
2018-03-13target/m68k: implement fasinLaurent Vivier5-0/+75
Using a local m68k floatx80_asin() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-7-laurent@vivier.eu>
2018-03-13target/m68k: implement fatanLaurent Vivier6-0/+341
Using a local m68k floatx80_atan() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-6-laurent@vivier.eu>
2018-03-13target/m68k: implement fsincosLaurent Vivier3-0/+20
using floatx80_sin() and floatx80_cos() Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-5-laurent@vivier.eu>
2018-03-13target/m68k: implement fcosLaurent Vivier5-0/+254
Using a local m68k floatx80_cos() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-4-laurent@vivier.eu>
2018-03-13target/m68k: implement fsinLaurent Vivier5-0/+257
Using a local m68k floatx80_sin() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-3-laurent@vivier.eu>
2018-03-13target/m68k: implement ftanLaurent Vivier6-0/+356
Using a local m68k floatx80_tan() [copied from previous: Written by Andreas Grabher for Previous, NeXT Computer Emulator.] Signed-off-by: Laurent Vivier <laurent@vivier.eu> Message-Id: <20180312202728.23790-2-laurent@vivier.eu>
2018-03-13linux-user: init_guest_space: Add a comment about search strategyLuke Shumaker1-0/+4
Signed-off-by: Luke Shumaker <lukeshu@parabola.nu> Message-Id: <20171228180814.9749-10-lukeshu@lukeshu.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-03-13Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-pull-request' ↵Peter Maydell4-2/+232
into staging x86 queue, 2018-03-12 * Intel Processor Trace support * KVM_HINTS_DEDICATED # gpg: Signature made Mon 12 Mar 2018 19:58:39 GMT # gpg: using RSA key 2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-next-pull-request: i386: Add support to get/set/migrate Intel Processor Trace feature i386: Add Intel Processor Trace feature support target-i386: add KVM_HINTS_DEDICATED performance hint Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13linux-user: init_guest_space: Don't try to align if we'll reject itLuke Shumaker1-5/+5
If the ensure-alignment code gets triggered, then the "if (host_start && real_start != current_start)" check will always trigger, so save 2 syscalls and put that check first. Note that we can't just switch to using MAP_FIXED for that check, because then we couldn't differentiate between a failure because "there isn't enough space" and "there isn't enough space *here*". Signed-off-by: Luke Shumaker <lukeshu@parabola.nu> Message-Id: <20171228180814.9749-9-lukeshu@lukeshu.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-03-13linux-user: init_guest_space: Clean up control flow a bitLuke Shumaker1-15/+19
Instead of doing if (check1) { if (check2) { success; } } retry; Do a clearer if (!check1) { goto try_again; } if (!check2) { goto try_again; } success; try_again: retry; Besides being clearer, this makes it easier to insert more checks that need to trigger a retry on check failure, or rearrange them, or anything like that. Because some indentation is changing, "ignore space change" may be useful for viewing this patch. Signed-off-by: Luke Shumaker <lukeshu@parabola.nu> Message-Id: <20171228180814.9749-8-lukeshu@lukeshu.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [lv: modified to try again fi valid == 0, not valid == -1 (error case)] Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2018-03-13block: include original filename when reporting invalid URIsDaniel P. Berrangé2-2/+2
Consider passing a JSON based block driver to "qemu-img commit" $ qemu-img commit 'json:{"driver":"qcow2","file":{"driver":"gluster",\ "volume":"gv0","path":"sn1.qcow2", "server":[{"type":\ "tcp","host":"10.73.199.197","port":"24007"}]},}' Currently it will commit the content and then report an incredibly useless error message when trying to re-open the committed image: qemu-img: invalid URI Usage: file=gluster[+transport]://[host[:port]]volume/path[?socket=...][,file.debug=N][,file.logfile=/path/filename.log] With this fix we get: qemu-img: invalid URI json:{"server.0.host": "10.73.199.197", "driver": "gluster", "path": "luks.qcow2", "server.0.type": "tcp", "server.0.port": "24007", "volume": "gv0"} Of course the root cause problem still exists, but now we know what actually needs fixing. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-id: 20180206105204.14817-1-berrange@redhat.com Signed-off-by: Jeff Cody <jcody@redhat.com>
2018-03-13Merge remote-tracking branch 'remotes/famz/tags/staging-pull-request' into ↵Peter Maydell2-4/+4
staging docker patches # gpg: Signature made Mon 12 Mar 2018 17:25:57 GMT # gpg: using RSA key CA35624C6A9171C6 # gpg: Good signature from "Fam Zheng <famz@redhat.com>" # Primary key fingerprint: 5003 7CB7 9706 0F76 F021 AD56 CA35 624C 6A91 71C6 * remotes/famz/tags/staging-pull-request: tests: make docker-test-debug@fedora run sanitizers Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2018-03-13include: add psp-sev.h header fileBrijesh Singh2-1/+143
The header file provide the ioctl command and structure to communicate with /dev/sev device. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
2018-03-13sev/i386: qmp: add query-sev commandBrijesh Singh4-0/+94
The QMP query command can used to retrieve the SEV information when memory encryption is enabled on AMD platform. Cc: Eric Blake <eblake@redhat.com> Cc: "Daniel P. Berrangé" <berrange@redhat.com> Cc: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Cc: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13target/i386: add Secure Encrypted Virtualization (SEV) objectBrijesh Singh7-0/+353
Add a new memory encryption object 'sev-guest'. The object will be used to create encrypted VMs on AMD EPYC CPU. The object provides the properties to pass guest owner's public Diffie-hellman key, guest policy and session information required to create the memory encryption context within the SEV firmware. e.g to launch SEV guest # $QEMU \ -object sev-guest,id=sev0 \ -machine ....,memory-encryption=sev0 Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13kvm: introduce memory encryption APIsBrijesh Singh5-0/+33
Inorder to integerate the Secure Encryption Virtualization (SEV) support add few high-level memory encryption APIs which can be used for encrypting the guest memory region. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: kvm@vger.kernel.org Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13kvm: add memory encryption contextBrijesh Singh7-2/+83
Split from a patch by Brijesh Singh (brijesh.singh@amd.com). Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
2018-03-13docs: add AMD Secure Encrypted Virtualization (SEV)Brijesh Singh1-0/+92
Create a documentation entry to describe the AMD Secure Encrypted Virtualization (SEV) feature. Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13machine: add memory-encryption optionBrijesh Singh3-1/+27
When CPU supports memory encryption feature, the property can be used to specify the encryption object to use when launching an encrypted guest. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Marcel Apfelbaum <marcel@redhat.com> Cc: Stefan Hajnoczi <stefanha@gmail.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13KVM: x86: Add support for save/load MSR_SMI_COUNTLiran Alon4-0/+37
This MSR returns the number of #SMIs that occurred on CPU since boot. KVM commit 52797bf9a875 ("KVM: x86: Add emulation of MSR_SMI_COUNT") introduced support for emulating this MSR. This commit adds support for QEMU to save/load this MSR for migration purposes. Signed-off-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13update Linux headers to 4.16-rc5Paolo Bonzini16-416/+930
Note that VIRTIO_GPU_CAPSET_VIRGL2 was added manually so it has to be added manually after re-running scripts/update-linux-headers.sh. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-03-13Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into ↵Peter Maydell2-32/+31
staging # gpg: Signature made Mon 12 Mar 2018 16:01:16 GMT # gpg: using RSA key 9CA4ABB381AB73C8 # gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" # gpg: aka "Stefan Hajnoczi <stefanha@gmail.com>" # Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35 775A 9CA4 ABB3 81AB 73C8 * remotes/stefanha/tags/block-pull-request: block: make BDRV_POLL_WHILE() re-entrancy safe Signed-off-by: Peter Maydell <peter.maydell@linaro.org>