From 2f102637866bb554df10944f5095e59b5c2b63d2 Mon Sep 17 00:00:00 2001
From: xiongmengbiao <xiongmengbiao@hygon.cn>
Date: Mon, 5 Feb 2024 10:45:05 +0800
Subject: [PATCH] Support tkm key isolation

Signed-off-by: xiongmengbiao <xiongmengbiao@hygon.cn>
---
 0035-newfeature-support-vpsp.patch | 191 +++++++++++++++++++++++++++++
 qemu.spec                          |   8 +-
 2 files changed, 198 insertions(+), 1 deletion(-)
 create mode 100644 0035-newfeature-support-vpsp.patch

diff --git a/0035-newfeature-support-vpsp.patch b/0035-newfeature-support-vpsp.patch
new file mode 100644
index 0000000..05a4bd6
--- /dev/null
+++ b/0035-newfeature-support-vpsp.patch
@@ -0,0 +1,191 @@
+From 445b34648510cfae60fa52311199dcf9e6b3c24d Mon Sep 17 00:00:00 2001
+From: xiongmengbiao <xiongmengbiao@hygon.cn>
+Date: Thu, 30 Nov 2023 13:47:21 +0800
+Subject: [PATCH] [newfeature]: support vpsp
+
+simulate a psp misc device for support tkm's key isolation
+
+Change-Id: I4d9fb5a8722e90a62c52eb97069c613834ced63f
+Signed-off-by: xiongmengbiao <xiongmengbiao@hygon.cn>
+---
+ hw/misc/Kconfig     |   4 ++
+ hw/misc/meson.build |   1 +
+ hw/misc/psp.c       | 141 ++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 146 insertions(+)
+ create mode 100644 hw/misc/psp.c
+
+diff --git a/hw/misc/Kconfig b/hw/misc/Kconfig
+index cc8a8c1418..2ea5c68eb5 100644
+--- a/hw/misc/Kconfig
++++ b/hw/misc/Kconfig
+@@ -200,4 +200,8 @@ config IOSB
+ config XLNX_VERSAL_TRNG
+     bool
+ 
++config PSP_DEV
++    bool
++    default y
++
+ source macio/Kconfig
+diff --git a/hw/misc/meson.build b/hw/misc/meson.build
+index 36c20d5637..28cba0ac28 100644
+--- a/hw/misc/meson.build
++++ b/hw/misc/meson.build
+@@ -9,6 +9,7 @@ system_ss.add(when: 'CONFIG_UNIMP', if_true: files('unimp.c'))
+ system_ss.add(when: 'CONFIG_EMPTY_SLOT', if_true: files('empty_slot.c'))
+ system_ss.add(when: 'CONFIG_LED', if_true: files('led.c'))
+ system_ss.add(when: 'CONFIG_PVPANIC_COMMON', if_true: files('pvpanic.c'))
++system_ss.add(when: 'CONFIG_PSP_DEV', if_true: files('psp.c'))
+ 
+ # ARM devices
+ system_ss.add(when: 'CONFIG_PL310', if_true: files('arm_l2x0.c'))
+diff --git a/hw/misc/psp.c b/hw/misc/psp.c
+new file mode 100644
+index 0000000000..1cfbab859e
+--- /dev/null
++++ b/hw/misc/psp.c
+@@ -0,0 +1,141 @@
++/*
++ * hygon psp device emulation
++ *
++ * Copyright 2024 HYGON Corp.
++ *
++ * This work is licensed under the terms of the GNU GPL, version 2 or (at
++ * your option) any later version. See the COPYING file in the top-level
++ * directory.
++ */
++
++#include "qemu/osdep.h"
++#include "qemu/compiler.h"
++#include "qemu/error-report.h"
++#include "qapi/error.h"
++#include "migration/vmstate.h"
++#include "hw/qdev-properties.h"
++#include "sysemu/runstate.h"
++#include <sys/ioctl.h>
++
++#define TYPE_PSP_DEV "psp"
++OBJECT_DECLARE_SIMPLE_TYPE(PSPDevState, PSP_DEV)
++
++struct PSPDevState {
++    /* Private */
++    DeviceState pdev;
++
++    /* Public */
++    Notifier shutdown_notifier;
++    int dev_fd;
++    uint8_t enabled;
++
++    /**
++     * vid is used to identify a virtual machine in qemu.
++     * When a virtual machine accesses a tkm key,
++     * the TKM module uses different key spaces based on different vids.
++    */
++    uint32_t vid;
++};
++
++#define PSP_DEV_PATH "/dev/hygon_psp_config"
++#define HYGON_PSP_IOC_TYPE      'H'
++#define PSP_IOC_MUTEX_ENABLE    _IOWR(HYGON_PSP_IOC_TYPE, 1, NULL)
++#define PSP_IOC_MUTEX_DISABLE   _IOWR(HYGON_PSP_IOC_TYPE, 2, NULL)
++#define PSP_IOC_VPSP_OPT        _IOWR(HYGON_PSP_IOC_TYPE, 3, NULL)
++
++enum VPSP_DEV_CTRL_OPCODE {
++    VPSP_OP_VID_ADD,
++    VPSP_OP_VID_DEL,
++};
++
++struct psp_dev_ctrl {
++    unsigned char op;
++    union {
++        unsigned int vid;
++        unsigned char reserved[128];
++    } data;
++};
++
++static void psp_dev_destroy(PSPDevState *state)
++{
++    struct psp_dev_ctrl ctrl = { 0 };
++    if (state && state->dev_fd >= 0) {
++        if (state->enabled) {
++            ctrl.op = VPSP_OP_VID_DEL;
++            if (ioctl(state->dev_fd, PSP_IOC_VPSP_OPT, &ctrl) < 0) {
++                error_report("VPSP_OP_VID_DEL: %d", -errno);
++            } else {
++                state->enabled = false;
++            }
++        }
++        qemu_close(state->dev_fd);
++        state->dev_fd = -1;
++    }
++}
++
++/**
++ * Guest OS performs shut down operations through 'shutdown' and 'powerdown' event.
++ * The 'powerdown' event will also trigger 'shutdown' in the end,
++ * so only attention to the 'shutdown' event.
++ *
++ * When Guest OS trigger 'reboot' or 'reset' event, to do nothing.
++*/
++static void psp_dev_shutdown_notify(Notifier *notifier, void *data)
++{
++    PSPDevState *state = container_of(notifier, PSPDevState, shutdown_notifier);
++    psp_dev_destroy(state);
++}
++
++static void psp_dev_realize(DeviceState *dev, Error **errp)
++{
++    struct psp_dev_ctrl ctrl = { 0 };
++    PSPDevState *state = PSP_DEV(dev);
++
++    state->dev_fd = qemu_open_old(PSP_DEV_PATH, O_RDWR);
++    if (state->dev_fd < 0) {
++        error_setg(errp, "fail to open %s, errno %d.", PSP_DEV_PATH, errno);
++        goto end;
++    }
++
++    ctrl.op = VPSP_OP_VID_ADD;
++    ctrl.data.vid = state->vid;
++    if (ioctl(state->dev_fd, PSP_IOC_VPSP_OPT, &ctrl) < 0) {
++        error_setg(errp, "psp_dev_realize VPSP_OP_VID_ADD vid %d, return %d", ctrl.data.vid, -errno);
++        goto end;
++    }
++
++    state->enabled = true;
++    state->shutdown_notifier.notify = psp_dev_shutdown_notify;
++    qemu_register_shutdown_notifier(&state->shutdown_notifier);
++end:
++    return;
++}
++
++static struct Property psp_dev_properties[] = {
++    DEFINE_PROP_UINT32("vid", PSPDevState, vid, 0),
++    DEFINE_PROP_END_OF_LIST(),
++};
++
++static void psp_dev_class_init(ObjectClass *klass, void *data)
++{
++    DeviceClass *dc = DEVICE_CLASS(klass);
++
++    dc->desc = "PSP Device";
++    dc->realize = psp_dev_realize;
++    set_bit(DEVICE_CATEGORY_MISC, dc->categories);
++    device_class_set_props(dc, psp_dev_properties);
++}
++
++static const TypeInfo psp_dev_info = {
++    .name = TYPE_PSP_DEV,
++    .parent = TYPE_DEVICE,
++    .instance_size = sizeof(PSPDevState),
++    .class_init = psp_dev_class_init,
++};
++
++static void psp_dev_register_types(void)
++{
++    type_register_static(&psp_dev_info);
++}
++
++type_init(psp_dev_register_types)
+-- 
+2.41.0
+
diff --git a/qemu.spec b/qemu.spec
index 3213065..ff299c6 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -1,4 +1,4 @@
-%define anolis_release 7
+%define anolis_release 8
 
 %bcond_with check
 
@@ -298,6 +298,8 @@ Patch0032: 0032-hw-intc-loongarch_extioi-Add-virt-extension-support-.patch
 Patch0033: 0033-target-loongarch-kvm-Add-pmu-support.patch
 Patch0034: 0034-target-loongarch-Fix-qemu-system-loongarch64-assert-.patch
 
+Patch0035: 0035-newfeature-support-vpsp.patch
+
 Patch1001: 1001-i386-cpu-Clear-FEAT_XSAVE_XSS_LO-HI-leafs-when-CPUID.patch
 Patch1002: 1002-i386-cpu-Mask-with-XCR0-XSS-mask-for-FEAT_XSAVE_XCR0.patch
 Patch1003: 1003-i386-cpuid-Decrease-cpuid_i-when-skipping-CPUID-leaf.patch
@@ -1861,6 +1863,10 @@ useradd -r -u 107 -g qemu -G kvm -d / -s /sbin/nologin \
 %endif
 
 %changelog
+* Sun Apr 7 2024 Mengbiao Xiong <xiongmengbiao@hygon.cn> - 2:8.2.0-8
+- Patch0035: 0035-newfeature-support-vpsp.patch
+  (Support tkm key isolation)
+
 * Sun Apr 7 2024 Song Gao <gaosong@loongson.cn> - 2:8.2.0-7
   Enable build LoongArch kvm_package.
 
-- 
Gitee