subject:"\[RFC Part2 PATCH v3 15\/26\] KVM\: SVM\: Add support for SEV LAUNCH

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Borislav Petkov

On Wed, Sep 13, 2017 at 01:58:31PM -0500, Brijesh Singh wrote: > Actually reversed fields are not exposed in userspace structure. Ok. > The current approach is -- while handling the command we copy the value > from userspace structure into FW compatible structure and also populate > missing

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Borislav Petkov

On Wed, Sep 13, 2017 at 01:58:31PM -0500, Brijesh Singh wrote: > Actually reversed fields are not exposed in userspace structure. Ok. > The current approach is -- while handling the command we copy the value > from userspace structure into FW compatible structure and also populate > missing

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Brijesh Singh

On 09/13/2017 01:37 PM, Borislav Petkov wrote: On Wed, Sep 13, 2017 at 01:23:08PM -0500, Brijesh Singh wrote: Yes, I will add some upper bound check on the length field and add the sanity-check just after copying the parameters from userspace Also, you could either fail the command if some

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Brijesh Singh

On 09/13/2017 01:37 PM, Borislav Petkov wrote: On Wed, Sep 13, 2017 at 01:23:08PM -0500, Brijesh Singh wrote: Yes, I will add some upper bound check on the length field and add the sanity-check just after copying the parameters from userspace Also, you could either fail the command if some

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Borislav Petkov

On Wed, Sep 13, 2017 at 01:23:08PM -0500, Brijesh Singh wrote: > Yes, I will add some upper bound check on the length field and add the > sanity-check just after copying the parameters from userspace Also, you could either fail the command if some of the reserved fields are set - picky - or zero

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Borislav Petkov

On Wed, Sep 13, 2017 at 01:23:08PM -0500, Brijesh Singh wrote: > Yes, I will add some upper bound check on the length field and add the > sanity-check just after copying the parameters from userspace Also, you could either fail the command if some of the reserved fields are set - picky - or zero

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Brijesh Singh

On 09/13/2017 12:25 PM, Borislav Petkov wrote: ... +static void sev_deactivate_handle(struct kvm *kvm, int *error); +static void sev_decommission_handle(struct kvm *kvm, int *error); Please move code in a way that you don't need those forward declarations. Also, I'm wondering if having all

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Brijesh Singh

On 09/13/2017 12:25 PM, Borislav Petkov wrote: ... +static void sev_deactivate_handle(struct kvm *kvm, int *error); +static void sev_decommission_handle(struct kvm *kvm, int *error); Please move code in a way that you don't need those forward declarations. Also, I'm wondering if having all

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Borislav Petkov

On Mon, Jul 24, 2017 at 03:02:52PM -0500, Brijesh Singh wrote: > The command is used to bootstrap SEV guest from unencrypted boot images. > The command creates a new VM encryption key (VEK) using the guest owner's s/The command/It/ > policy, public DH certificates, and session information. > >

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-09-13 Thread Borislav Petkov

On Mon, Jul 24, 2017 at 03:02:52PM -0500, Brijesh Singh wrote: > The command is used to bootstrap SEV guest from unencrypted boot images. > The command creates a new VM encryption key (VEK) using the guest owner's s/The command/It/ > policy, public DH certificates, and session information. > >

[RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-07-24 Thread Brijesh Singh

The command is used to bootstrap SEV guest from unencrypted boot images. The command creates a new VM encryption key (VEK) using the guest owner's policy, public DH certificates, and session information. Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 165

[RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

2017-07-24 Thread Brijesh Singh

The command is used to bootstrap SEV guest from unencrypted boot images. The command creates a new VM encryption key (VEK) using the guest owner's policy, public DH certificates, and session information. Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 165

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

[RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

[RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV LAUNCH_START command

12 matches

Site Navigation

Mail list logo

Footer information