Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging

* SEV and SGX cleanups (Philippe, Dov)
* bugfixes for "check-block"
* bugfix for static build
* ObjectOptions cleanups (Thomas)
* binutils fix for PVH (Cole)
* HVF cleanup (Alex)

# gpg: Signature made Wed 13 Oct 2021 01:47:56 AM PDT
# gpg:                using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg:                issuer "[email protected]"
# gpg: Good signature from "Paolo Bonzini <[email protected]>" [full]
# gpg:                 aka "Paolo Bonzini <[email protected]>" [full]

* remotes/bonzini/tags/for-upstream: (40 commits)
  ebpf: really include it only in system emulators
  target/i386/sev: Use local variable for kvm_sev_launch_measure
  target/i386/sev: Use local variable for kvm_sev_launch_start
  monitor: Tidy up find_device_state()
  Revert "hw/misc: applesmc: use host osk as default on macs"
  hw/i386/sgx: Move qmp_query_sgx() and hmp_info_sgx() to hw/i386/sgx.c
  hw/i386/sgx: Move qmp_query_sgx_capabilities() to hw/i386/sgx.c
  hw/i386/sgx: Have sgx_epc_get_section() return a boolean
  MAINTAINERS: Cover SGX documentation file with X86/KVM section
  hvf: Determine slot count from struct layout
  tests: tcg: Fix PVH test with binutils 2.36+
  qapi: Make some ObjectTypes depend on the build settings
  MAINTAINERS: Cover SEV-related files with X86/KVM section
  monitor: Reduce hmp_info_sev() declaration
  target/i386/sev: Move qmp_query_sev() & hmp_info_sev() to sev.c
  target/i386/sev: Move qmp_query_sev_launch_measure() to sev.c
  target/i386/sev: Move qmp_query_sev_capabilities() to sev.c
  target/i386/sev: Move qmp_sev_inject_launch_secret() to sev.c
  target/i386/sev: Move qmp_query_sev_attestation_report() to sev.c
  target/i386/sev: Remove stubs by using code elision
  ...

Signed-off-by: Richard Henderson <[email protected]>

Author: rth7680

MAINTAINERS

@@ -417,7 +417,10 @@ M: Paolo Bonzini <[email protected]>
 M: Marcelo Tosatti <[email protected]>
 L: [email protected]
 S: Supported
+F: docs/amd-memory-encryption.txt
+F: docs/system/i386/sgx.rst
 F: target/i386/kvm/
+F: target/i386/sev*
 F: scripts/kvm/vmxcap
 
 Guest CPU Cores (other accelerators)
@@ -2502,6 +2505,7 @@ Memory API
 M: Paolo Bonzini <[email protected]>
 M: Peter Xu <[email protected]>
 M: David Hildenbrand <[email protected]>
+R: Philippe Mathieu-Daudé <[email protected]>
 S: Supported
 F: include/exec/ioport.h
 F: include/exec/memop.h

accel/hvf/hvf-accel-ops.c

@@ -321,7 +321,7 @@ static int hvf_accel_init(MachineState *ms)
 
     s = g_new0(HVFState, 1);
 
-    s->num_slots = 32;
+    s->num_slots = ARRAY_SIZE(s->slots);
     for (x = 0; x < s->num_slots; ++x) {
         s->slots[x].size = 0;
         s->slots[x].slot_id = x;

accel/kvm/meson.build

@@ -3,6 +3,5 @@ kvm_ss.add(files(
   'kvm-all.c',
   'kvm-accel-ops.c',
 ))
-kvm_ss.add(when: 'CONFIG_SEV', if_false: files('sev-stub.c'))
 
 specific_ss.add_all(when: 'CONFIG_KVM', if_true: kvm_ss)

hw/i386/pc_sysfw.c

@@ -37,7 +37,7 @@
 #include "hw/qdev-properties.h"
 #include "hw/block/flash.h"
 #include "sysemu/kvm.h"
-#include "sysemu/sev.h"
+#include "sev.h"
 
 #define FLASH_SECTOR_SIZE 4096
 

hw/i386/sgx-stub.c

@@ -1,26 +1,34 @@
 #include "qemu/osdep.h"
+#include "monitor/monitor.h"
+#include "monitor/hmp-target.h"
 #include "hw/i386/pc.h"
 #include "hw/i386/sgx-epc.h"
-#include "hw/i386/sgx.h"
+#include "qapi/error.h"
+#include "qapi/qapi-commands-misc-target.h"
 
-SGXInfo *sgx_get_info(Error **errp)
+SGXInfo *qmp_query_sgx(Error **errp)
 {
     error_setg(errp, "SGX support is not compiled in");
     return NULL;
 }
 
-SGXInfo *sgx_get_capabilities(Error **errp)
+SGXInfo *qmp_query_sgx_capabilities(Error **errp)
 {
     error_setg(errp, "SGX support is not compiled in");
     return NULL;
 }
 
+void hmp_info_sgx(Monitor *mon, const QDict *qdict)
+{
+    monitor_printf(mon, "SGX is not available in this QEMU\n");
+}
+
 void pc_machine_init_sgx_epc(PCMachineState *pcms)
 {
     memset(&pcms->sgx_epc, 0, sizeof(SGXEPCState));
 }
 
-int sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
+bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
 {
     g_assert_not_reached();
 }

hw/i386/sgx.c

@@ -15,9 +15,11 @@
 #include "hw/i386/sgx-epc.h"
 #include "hw/mem/memory-device.h"
 #include "monitor/qdev.h"
+#include "monitor/monitor.h"
+#include "monitor/hmp-target.h"
 #include "qapi/error.h"
+#include "qapi/qapi-commands-misc-target.h"
 #include "exec/address-spaces.h"
-#include "hw/i386/sgx.h"
 #include "sysemu/hw_accel.h"
 
 #define SGX_MAX_EPC_SECTIONS            8
@@ -57,7 +59,7 @@ static uint64_t sgx_calc_host_epc_section_size(void)
     return size;
 }
 
-SGXInfo *sgx_get_capabilities(Error **errp)
+SGXInfo *qmp_query_sgx_capabilities(Error **errp)
 {
     SGXInfo *info = NULL;
     uint32_t eax, ebx, ecx, edx;
@@ -85,7 +87,7 @@ SGXInfo *sgx_get_capabilities(Error **errp)
     return info;
 }
 
-SGXInfo *sgx_get_info(Error **errp)
+SGXInfo *qmp_query_sgx(Error **errp)
 {
     SGXInfo *info = NULL;
     X86MachineState *x86ms;
@@ -115,21 +117,42 @@ SGXInfo *sgx_get_info(Error **errp)
     return info;
 }
 
-int sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
+void hmp_info_sgx(Monitor *mon, const QDict *qdict)
+{
+    Error *err = NULL;
+    g_autoptr(SGXInfo) info = qmp_query_sgx(&err);
+
+    if (err) {
+        error_report_err(err);
+        return;
+    }
+    monitor_printf(mon, "SGX support: %s\n",
+                   info->sgx ? "enabled" : "disabled");
+    monitor_printf(mon, "SGX1 support: %s\n",
+                   info->sgx1 ? "enabled" : "disabled");
+    monitor_printf(mon, "SGX2 support: %s\n",
+                   info->sgx2 ? "enabled" : "disabled");
+    monitor_printf(mon, "FLC support: %s\n",
+                   info->flc ? "enabled" : "disabled");
+    monitor_printf(mon, "size: %" PRIu64 "\n",
+                   info->section_size);
+}
+
+bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
 {
     PCMachineState *pcms = PC_MACHINE(qdev_get_machine());
     SGXEPCDevice *epc;
 
     if (pcms->sgx_epc.size == 0 || pcms->sgx_epc.nr_sections <= section_nr) {
-        return 1;
+        return true;
     }
 
     epc = pcms->sgx_epc.sections[section_nr];
 
     *addr = epc->addr;
     *size = memory_device_get_region_size(MEMORY_DEVICE(epc), &error_fatal);
 
-    return 0;
+    return false;
 }
 
 void pc_machine_init_sgx_epc(PCMachineState *pcms)

hw/i386/x86.c

@@ -47,7 +47,7 @@
 #include "hw/i386/fw_cfg.h"
 #include "hw/intc/i8259.h"
 #include "hw/rtc/mc146818rtc.h"
-#include "target/i386/sev_i386.h"
+#include "target/i386/sev.h"
 
 #include "hw/acpi/cpu_hotplug.h"
 #include "hw/irq.h"

hw/misc/applesmc.c

@@ -38,171 +38,6 @@
 #include "qemu/timer.h"
 #include "qom/object.h"
 
-#if defined(__APPLE__) && defined(__MACH__)
-#include <IOKit/IOKitLib.h>
-
-enum {
-    kSMCSuccess     = 0x00,
-    kSMCKeyNotFound = 0x84
-};
-
-enum {
-    kSMCUserClientOpen  = 0x00,
-    kSMCUserClientClose = 0x01,
-    kSMCHandleYPCEvent  = 0x02,
-    kSMCReadKey         = 0x05,
-    kSMCGetKeyInfo      = 0x09
-};
-
-typedef struct SMCVersion {
-    uint8_t  major;
-    uint8_t  minor;
-    uint8_t  build;
-    uint8_t  reserved;
-    uint16_t release;
-} SMCVersion;
-
-typedef struct SMCPLimitData {
-    uint16_t version;
-    uint16_t length;
-    uint32_t cpuPLimit;
-    uint32_t gpuPLimit;
-    uint32_t memPLimit;
-} SMCPLimitData;
-
-typedef struct SMCKeyInfoData {
-    IOByteCount dataSize;
-    uint32_t    dataType;
-    uint8_t     dataAttributes;
-} SMCKeyInfoData;
-
-typedef struct {
-    uint32_t       key;
-    SMCVersion     vers;
-    SMCPLimitData  pLimitData;
-    SMCKeyInfoData keyInfo;
-    uint8_t        result;
-    uint8_t        status;
-    uint8_t        data8;
-    uint32_t       data32;
-    uint8_t        bytes[32];
-} SMCParamStruct;
-
-static IOReturn smc_call_struct_method(uint32_t selector,
-                                       SMCParamStruct *inputStruct,
-                                       SMCParamStruct *outputStruct)
-{
-    IOReturn ret;
-
-    size_t inputStructCnt = sizeof(SMCParamStruct);
-    size_t outputStructCnt = sizeof(SMCParamStruct);
-
-    io_service_t smcService = IO_OBJECT_NULL;
-    io_connect_t smcConnect = IO_OBJECT_NULL;
-
-    smcService = IOServiceGetMatchingService(kIOMasterPortDefault,
-                                             IOServiceMatching("AppleSMC"));
-    if (smcService == IO_OBJECT_NULL) {
-        ret = kIOReturnNotFound;
-        goto exit;
-    }
-
-    ret = IOServiceOpen(smcService, mach_task_self(), 1, &smcConnect);
-    if (ret != kIOReturnSuccess) {
-        smcConnect = IO_OBJECT_NULL;
-        goto exit;
-    }
-    if (smcConnect == IO_OBJECT_NULL) {
-        ret = kIOReturnError;
-        goto exit;
-    }
-
-    ret = IOConnectCallMethod(smcConnect, kSMCUserClientOpen,
-                              NULL, 0, NULL, 0,
-                              NULL, NULL, NULL, NULL);
-    if (ret != kIOReturnSuccess) {
-        goto exit;
-    }
-
-    ret = IOConnectCallStructMethod(smcConnect, selector,
-                                    inputStruct, inputStructCnt,
-                                    outputStruct, &outputStructCnt);
-
-exit:
-    if (smcConnect != IO_OBJECT_NULL) {
-        IOConnectCallMethod(smcConnect, kSMCUserClientClose,
-                            NULL, 0, NULL, 0, NULL,
-                            NULL, NULL, NULL);
-        IOServiceClose(smcConnect);
-    }
-
-    return ret;
-}
-
-static IOReturn smc_read_key(uint32_t key,
-                             uint8_t *bytes,
-                             IOByteCount *dataSize)
-{
-    IOReturn ret;
-
-    SMCParamStruct inputStruct;
-    SMCParamStruct outputStruct;
-
-    if (key == 0 || bytes == NULL) {
-        ret = kIOReturnCannotWire;
-        goto exit;
-    }
-
-    /* determine key's data size */
-    memset(&inputStruct, 0, sizeof(SMCParamStruct));
-    inputStruct.data8 = kSMCGetKeyInfo;
-    inputStruct.key = key;
-
-    memset(&outputStruct, 0, sizeof(SMCParamStruct));
-    ret = smc_call_struct_method(kSMCHandleYPCEvent, &inputStruct, &outputStruct);
-    if (ret != kIOReturnSuccess) {
-        goto exit;
-    }
-    if (outputStruct.result == kSMCKeyNotFound) {
-        ret = kIOReturnNotFound;
-        goto exit;
-    }
-    if (outputStruct.result != kSMCSuccess) {
-        ret = kIOReturnInternalError;
-        goto exit;
-    }
-
-    /* get key value */
-    memset(&inputStruct, 0, sizeof(SMCParamStruct));
-    inputStruct.data8 = kSMCReadKey;
-    inputStruct.key = key;
-    inputStruct.keyInfo.dataSize = outputStruct.keyInfo.dataSize;
-
-    memset(&outputStruct, 0, sizeof(SMCParamStruct));
-    ret = smc_call_struct_method(kSMCHandleYPCEvent, &inputStruct, &outputStruct);
-    if (ret != kIOReturnSuccess) {
-        goto exit;
-    }
-    if (outputStruct.result == kSMCKeyNotFound) {
-        ret = kIOReturnNotFound;
-        goto exit;
-    }
-    if (outputStruct.result != kSMCSuccess) {
-        ret = kIOReturnInternalError;
-        goto exit;
-    }
-
-    memset(bytes, 0, *dataSize);
-    if (*dataSize > inputStruct.keyInfo.dataSize) {
-        *dataSize = inputStruct.keyInfo.dataSize;
-    }
-    memcpy(bytes, outputStruct.bytes, *dataSize);
-
-exit:
-    return ret;
-}
-#endif
-
 /* #define DEBUG_SMC */
 
 #define APPLESMC_DEFAULT_IOBASE        0x300
@@ -480,7 +315,6 @@ static const MemoryRegionOps applesmc_err_io_ops = {
 static void applesmc_isa_realize(DeviceState *dev, Error **errp)
 {
     AppleSMCState *s = APPLE_SMC(dev);
-    bool valid_key = false;
 
     memory_region_init_io(&s->io_data, OBJECT(s), &applesmc_data_io_ops, s,
                           "applesmc-data", 1);
@@ -497,31 +331,7 @@ static void applesmc_isa_realize(DeviceState *dev, Error **errp)
     isa_register_ioport(&s->parent_obj, &s->io_err,
                         s->iobase + APPLESMC_ERR_PORT);
 
-    if (s->osk) {
-        valid_key = strlen(s->osk) == 64;
-    } else {
-#if defined(__APPLE__) && defined(__MACH__)
-        IOReturn ret;
-        IOByteCount size = 32;
-
-        ret = smc_read_key('OSK0', (uint8_t *) default_osk, &size);
-        if (ret != kIOReturnSuccess) {
-            goto failure;
-        }
-
-        ret = smc_read_key('OSK1', (uint8_t *) default_osk + size, &size);
-        if (ret != kIOReturnSuccess) {
-            goto failure;
-        }
-
-        warn_report("Using AppleSMC with host key");
-        valid_key = true;
-        s->osk = default_osk;
-failure:;
-#endif
-    }
-
-    if (!valid_key) {
+    if (!s->osk || (strlen(s->osk) != 64)) {
         warn_report("Using AppleSMC with invalid key");
         s->osk = default_osk;
     }

include/hw/i386/sgx-epc.h

@@ -55,7 +55,7 @@ typedef struct SGXEPCState {
     int nr_sections;
 } SGXEPCState;
 
-int sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size);
+bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size);
 
 static inline uint64_t sgx_epc_above_4g_end(SGXEPCState *sgx_epc)
 {