From mboxrd@z Thu Jan 1 00:00:00 1970 From: Brijesh Singh Subject: [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Date: Mon, 22 Aug 2016 19:21:52 -0400 Message-ID: <147190811185.9268.8427842212955719186.stgit@brijesh-build-machine> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , < Return-path: Sender: owner-linux-mm@kvack.org List-Id: linux-crypto.vger.kernel.org This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFC. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. When enabled, SEV hardware tags all code and data with its VM ASID which indicates which VM the data originated from or is intended for. This tag is kept with the data at all times when inside the SOC, and prevents that data from being used by anyone other than the owner. While the tag protects VM data inside the SOC, AES with 128 bit encryption protects data outside the SOC. When data leaves or enters the SOC, it is encrypted/decrypted respectively by hardware with a key based on the associated tag. SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit, and is fully controlled by the guest. Due to security reasons all the DMA operations inside the guest must be performed on shared pages (C-bit clear). Note that since C-bit is only controllable by the guest OS when it is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the C-bit to a 1. SEV is designed to protect guest VMs from a benign but vulnerable (i.e. not fully malicious) hypervisor. In particular, it reduces the attack surface of guest VMs and can prevent certain types of VM-escape bugs (e.g. hypervisor read-anywhere) from being used to steal guest data. The RFC series also includes a crypto driver (psp.ko) which communicates with SEV firmware that runs within the AMD secure processor provides a secure key management interfaces. The hypervisor uses this interface to enable SEV for secure guest and perform common hypervisor activities such as launching, running, snapshotting , migrating and debugging a guest. A new ioctl (KVM_SEV_ISSUE_CMD) is introduced which will enable Qemu to send commands to the SEV firmware during guest life cycle. The RFC series also includes patches required in guest OS to enable SEV feature. A guest OS can check SEV support by calling KVM_FEATURE cpuid instruction. The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Spec.pdf --- TODO: - send qemu/seabios RFC's on respective mailing list - integrate the psp driver with CCP driver (they share the PCI id's) - add SEV guest migration command support - add SEV snapshotting command support - determine how to do ioremap of physical memory with mem encryption enabled (e.g acpi tables) - determine how to share the guest memory with hypervisor for to support pvclock driver Brijesh Singh (11): crypto: add AMD Platform Security Processor driver KVM: SVM: prepare to reserve asid for SEV guest KVM: SVM: prepare for SEV guest management API support KVM: introduce KVM_SEV_ISSUE_CMD ioctl KVM: SVM: add SEV launch start command KVM: SVM: add SEV launch update command KVM: SVM: add SEV_LAUNCH_FINISH command KVM: SVM: add KVM_SEV_GUEST_STATUS command KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command KVM: SVM: add command to query SEV API version Tom Lendacky (17): kvm: svm: Add support for additional SVM NPF error codes kvm: svm: Add kvm_fast_pio_in support kvm: svm: Use the hardware provided GPA instead of page walk x86: Secure Encrypted Virtualization (SEV) support KVM: SVM: prepare for new bit definition in nested_ctl KVM: SVM: Add SEV feature definitions to KVM x86: Do not encrypt memory areas if SEV is enabled Access BOOT related data encrypted with SEV active x86/efi: Access EFI data as encrypted when SEV is active x86: Change early_ioremap to early_memremap for BOOT data x86: Don't decrypt trampoline area if SEV is active x86: DMA support for SEV memory encryption iommu/amd: AMD IOMMU support for SEV x86: Don't set the SME MSR bit when SEV is active x86: Unroll string I/O when SEV is active x86: Add support to determine if running with SEV enabled KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature arch/x86/boot/compressed/Makefile | 2 arch/x86/boot/compressed/head_64.S | 19 + arch/x86/boot/compressed/mem_encrypt.S | 123 ++++ arch/x86/include/asm/io.h | 26 + arch/x86/include/asm/kvm_emulate.h | 3 arch/x86/include/asm/kvm_host.h | 27 + arch/x86/include/asm/mem_encrypt.h | 3 arch/x86/include/asm/svm.h | 3 arch/x86/include/uapi/asm/hyperv.h | 4 arch/x86/include/uapi/asm/kvm_para.h | 4 arch/x86/kernel/acpi/boot.c | 4 arch/x86/kernel/head64.c | 4 arch/x86/kernel/mem_encrypt.S | 44 ++ arch/x86/kernel/mpparse.c | 10 arch/x86/kernel/setup.c | 7 arch/x86/kernel/x8664_ksyms_64.c | 1 arch/x86/kvm/cpuid.c | 4 arch/x86/kvm/mmu.c | 20 + arch/x86/kvm/svm.c | 906 ++++++++++++++++++++++++++++++++ arch/x86/kvm/x86.c | 73 +++ arch/x86/mm/ioremap.c | 7 arch/x86/mm/mem_encrypt.c | 50 ++ arch/x86/platform/efi/efi_64.c | 14 arch/x86/realmode/init.c | 11 drivers/crypto/Kconfig | 11 drivers/crypto/Makefile | 1 drivers/crypto/psp/Kconfig | 8 drivers/crypto/psp/Makefile | 3 drivers/crypto/psp/psp-dev.c | 220 ++++++++ drivers/crypto/psp/psp-dev.h | 95 +++ drivers/crypto/psp/psp-ops.c | 454 ++++++++++++++++ drivers/crypto/psp/psp-pci.c | 376 +++++++++++++ drivers/sfi/sfi_core.c | 6 include/linux/ccp-psp.h | 833 +++++++++++++++++++++++++++++ include/uapi/linux/Kbuild | 1 include/uapi/linux/ccp-psp.h | 182 ++++++ include/uapi/linux/kvm.h | 125 ++++ 37 files changed, 3643 insertions(+), 41 deletions(-) create mode 100644 arch/x86/boot/compressed/mem_encrypt.S create mode 100644 drivers/crypto/psp/Kconfig create mode 100644 drivers/crypto/psp/Makefile create mode 100644 drivers/crypto/psp/psp-dev.c create mode 100644 drivers/crypto/psp/psp-dev.h create mode 100644 drivers/crypto/psp/psp-ops.c create mode 100644 drivers/crypto/psp/psp-pci.c create mode 100644 include/linux/ccp-psp.h create mode 100644 include/uapi/linux/ccp-psp.h -- Brijesh Singh -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756721AbcHVX4b (ORCPT ); Mon, 22 Aug 2016 19:56:31 -0400 Received: from mail-co1nam03on0052.outbound.protection.outlook.com ([104.47.40.52]:17633 "EHLO NAM03-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752094AbcHVX42 (ORCPT ); Mon, 22 Aug 2016 19:56:28 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Subject: [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) From: Brijesh Singh To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Date: Mon, 22 Aug 2016 19:21:52 -0400 Message-ID: <147190811185.9268.8427842212955719186.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BLUPR0401CA0019.namprd04.prod.outlook.com (10.162.114.157) To BLUPR12MB0658.namprd12.prod.outlook.com (10.163.217.28) X-MS-Office365-Filtering-Correlation-Id: 92a20613-ce74-4233-901f-08d3cae322c7 X-Microsoft-Exchange-Diagnostics: 1;BLUPR12MB0658;2:w0WJSXKCIoAbfNCIEE4fl1gUulmy98qs7OnHxvBRnc9NPBCWmAEJ6py6Yv2cGWozQwXICKl40N+OaBUcYiK6sZ2PRuwu7Hz87FIiZOT+PLwtdKdIAa1rAbvJW3F5uKe1Aoy/GJHOLs3G+GQTkUNbCzyCaIcSP1eLcG5d+0aGcQRvEp7GEZXvNIRxWehD64sa;3:6s8Q+Bh7x7X49THKNADrPQXRvvDz9/IbRrUjsK6HVLp/bGuSwHisrVsJXmQUDMPmv0RCGiZQ2VAVH/ed2lxyIG5FVfbhYbk228R7ASfgIFyX62g1ekVx2zZK0xvSfuIw X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR12MB0658; X-Microsoft-Exchange-Diagnostics: 1;BLUPR12MB0658;25:yw8g4piz8B/1RIusbA2dUMpz3jmXWePSGYHomoEx+Tz6WB1XgyIMMm35ERVHN/hAQWX2qqCK+Iy40kpmbP9qkLHEBJ2WQI7dRSKa3HDuHlEXti6m4zZ0rAN++Z15nMoC0Vmf+SJCiqgMrwt1vq8TnrxevI+LbzKzHbrxml0cnpvGCUXAr62+Md/BYWUDxkClZIKO8Y2uRaW+q9a8trPeonf5qF0YYDot6MpoKvaRSB3B7LevBNmil4wicOGVtdsXRgX+aTN6VgaS61xlkfF/72GUJwZ8F/SvNwYxLzBjRVhKOAxVPF8AipnjS1JY9FWCpueZ9/lP6yPP4X/isden1P79feEQR43NUj8kIZNolkUUumJe8g24Pn/Y0hrG3QZzpAFJDBOKp46qrPOhI6JdnnQdPkNwgrE7xXw5vcJfgvbx2phA6YiUhCQuVKxJx9VfYQ1Z0PTS7doOPcMCDeAvWdsFUvHla8eCjYxSyGNU7oFNuXoYQ+KWgdBAGRaG1df30NCNO2Km9Ov/Hg51aOqWqtlKlFQndYY9MB1t4ta27tQt79IwdcIh5ZsqfunYdM6ShpONSc4I81aRR/Q++KvgMB97ZAU5jV57JoQpjYLJinYd6iXVK6sro2FwIAvyGWwT+YA3u1QKl+te7nT/Kh6a/texBZqLQyD5w8Nvv93RLl6fTZIgqXeapj+y2gbNSutBQurKXLZNgJIC270nHSm5Jcknt/4s78iff4AkjsGgRJgmF7gM3Ab3hJDTPx1CFNeRN0GzUzL9mPgbbXNXrvxy/9DrJu0y1+V3lZv4Db+TnjQ/AivUUbApefgbBkK3pHM6IVoLA0UsBw5DA96YCpLaWj6nNTgNDo0GuGEROK136UQ= X-Microsoft-Exchange-Diagnostics: 1;BLUPR12MB0658;31:Oq1dbn9cOzts+sY8rKLhntgMj+aft+mmd8f5k3W4NT3+GwwmXZ/ud3pK0zOJqeVZWIk1pLLHsmciYpwian8hDLH9weJTPRMBy1W5elowC5UGzOj5tLTIb7V+oOUTp7Df+SDBedv1SNhjLUnHzDwAmVl0wPYw24PJT65SWIrHl5gOPiHK/9riZ5Z35iVVnPaBNYatgc/A9r1ABqoTB6Zx5ew0fONSBLMVIzJY+UzkmHg=;20:++SyinmuK18xR6sDH4HE/tzMlLzI2361N0rZGPwDFdyLwA8aCOrYSVQbN9v8bIOV3BmnByVVvm+WYh/AjcrpNXfGKwLbVBGJPJK/qnzIgRLzehz+Agf9aPXX+lavfD8hFGab4m1kxRpBMixfWJhFN+uWodoNGXfljGgNzNowpE/3i+WJkA83FYIMhC2s4gbrz9sjYE+kR2xTPI6PkPsr7gtKKqdqMffIqDFRPJKS15LjJxt3U26yg2WaaBO9lqDnVMCPL4xoeZEZvRj5s4QZFIbWSO+3rtpMbpjj9q28uxxohU90QWaqmhxOP+7q5iaXytWEgJhFTvRRNnYf/gN4ouN22JbJZCNMb0gOifWcLFCpor/7E43A11nCGxdIEamaxjSo54progWHSK2K6UtmBZR7e2P2MfFU24UxVMB/PYLSUEzfMBAuN8mVpVWlVziuue8Rd1GTgNGjZ1kzW10WNxavh74BkVOxSPSboNmdjAqV7VlR2WxBQ6vn063u9ISu X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(192374486261705)(767451399110)(17755550239193); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026);SRVR:BLUPR12MB0658;BCL:0;PCL:0;RULEID:;SRVR:BLUPR12MB0658; X-Microsoft-Exchange-Diagnostics: 1;BLUPR12MB0658;4:UukkJ2qUu1HzDS0QKRcKKfiVypGTlCp2ccmVtr61s/qnWFU2mSr04Ik8wqkf/KACukFZhOmvD0G9wzY3zPAM6Knch7dqbDo3KiPJSYEvHeTeHXJunj9Ala7lRGLeso8OHQbDf84rqZYH1vs6r4Nqu7eRCdVtm8OOk6NRVWfPv3MFjmvD2Vqzgyr3nyx1++57pDMlhJ2FsDyr3O5+jMC76dIMSf3fDcbnMxzfKR7Ef/VNSezEgJyRmsbexRTzLSfvBsSl935AIakqLZtBeToxevynxAul+ax6sJmeypfo9N64brtHr0Ib7lOM4EEzZAp3RcSa0YcTHa+/iBAQhBxeF6HcLeejunqV0sza52ajs1/xWP+/DUF9s1z6OhOG12iRauDW/FNHDV1khu+nzxFCkrpg0FS0FSO9X6ubtMcgA1sgPYE2Mj2DOExDV6wLh6lvwmgwSMPqV2CL28c41i/0eHBwlCu+WUZRE9OlP0bQ2qapl2w7h3+nBaOHE8yxXiXr1bjXY5QcNa8NV5sOFfYtwQ== X-Forefront-PRVS: 00429279BA X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(189002)(199003)(1720100001)(50466002)(68736007)(81166006)(81156014)(8676002)(23676002)(86362001)(66066001)(47776003)(105586002)(2201001)(189998001)(106356001)(107886002)(33716001)(97736004)(33646002)(15975445007)(5001770100001)(229853001)(77096005)(103116003)(4001350100001)(42186005)(2906002)(83506001)(230700001)(3846002)(305945005)(586003)(6116002)(50986999)(54356999)(9686002)(7406005)(92566002)(101416001)(7416002)(5660300001)(7846002)(7736002)(19580395003)(921003)(1121003)(217873001)(2101003)(83996005);DIR:OUT;SFP:1101;SCL:1;SRVR:BLUPR12MB0658;H:[127.0.1.1];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTFVQUjEyTUIwNjU4OzIzOkpXM3RIVHU4cVJLUnFEdk9jTXBuOVg3VDNC?= =?utf-8?B?SmFOOHRKSkZtaU5Wcm1TWWg2bEtaZC9HWFV5MlJDcXB6VUxNNURXVmVDakNF?= =?utf-8?B?bnVRdUhLWXlBaS9LaC9ZdWczY05BaGQvS2x4ZkdMS0R4ZGFiRDlqL2tGWm9O?= =?utf-8?B?eGpvUzg4c2NIL0lzRWV1RmpjcjBLQ3dOK2U2SUxlT2NiSHVzdlJpRmxuMmVC?= =?utf-8?B?ZXNmeEpkV3ZtdTRZc0RVUDZpQXBmeExTVWJNZXFpM2hzSEs4RnJGc2tHZGYv?= =?utf-8?B?ZDlERVdSSWt2YXlycGFlMTRKZEppYmhZaEpMekxmWFV2RTEzZk1qTURQYXVO?= =?utf-8?B?N2tkbUwxak5MVkRGRm9SbXNLZFJDUm5RWnFNVlVKdjRxbW9kbTFnZTcrRThq?= =?utf-8?B?dzdHMUNUWVExR0RSQjJ1ZWpLbkdlUDlqT2k3UDdxYXluNzZwN0crMzU0bTRh?= =?utf-8?B?RnVlcnVWL3pzaThQTlNpb0w0bTcyWWlLaVZIRnVUdEVwOTBTbVNmY3U3NWJW?= =?utf-8?B?ektpSk1KN1lSMVphNHFObS81N0Jqck5DdEFxQ2ZYeE55ZEh5N2ttUmpJbHlm?= =?utf-8?B?UnhqUG43NUIvcXN5Vld1VS9kQUxPdW9DOEdraHpsZjlEWFRqcFVTUzVoenB2?= =?utf-8?B?U2orUDk1QWY2MTNZNjhZSldrT1FaTW9ua2QxbHJtT1p3bVhHeXFKY1hZUnNx?= =?utf-8?B?YWZFUFM1QmFmM3dFWUNSSUNuS0gwVXNYU3ovaGRJRkYzMllvVTlYQkRQU1pL?= =?utf-8?B?Yml4NmRHMW5sZC8yMHJqZ0dkZ1loTUlxbkFNdnBsdUF3d21adXlMbEhINmZp?= =?utf-8?B?eExEL1VvZEtLZ1VncjQvaDB3Y000d1ZNZmk2dzVRZFhiNG9vbnZQdmxWbjY4?= =?utf-8?B?RWEwT0NHZk9uMVI5RzRTQ2NBT0ZzdG53UWRPSEdhbmp4TlNFTUt3SzR4THEr?= =?utf-8?B?ODIwKzE2K1NleVhOQllhOXR5b3lzb1lPUXR1aGpFcFZtWlpUMTN5MUNPUXV4?= =?utf-8?B?SFhvc3ozSVNjc1BqeXpiTFRtTFA5QWk2R3dtNDBQeHc4OFdQRlZPakpPZFdN?= =?utf-8?B?VnVjcGxPaXZJUlNvTmgwbmJwWG5qeTYyTnJhb29memRXUGRzaUdlQ2g1RlVZ?= =?utf-8?B?bWJyNzFCSDduRk1zTk11NW5mNEUxTDRsblROc1k2UHFHL3JnQWdSeHBJcEg0?= =?utf-8?B?bkZNc2x1UUs5dVlOQVU2SU0yODZkektVVFc0ckZXMFJnUW1iUWFzQXVoaXJJ?= =?utf-8?B?M3RieVZjb3FNaXhQOGxKUXN4aWN2dzY4TWhOZzlaMWlxdXY0L1ZISVJQOVpH?= =?utf-8?B?eTVwTXlvL3dsNzlkcm02SnB2U00yNE9LaDJIYXRiVUdxeDcvMG9UZUZWSGdi?= =?utf-8?B?aFcxUDlPZ2ZUdFV6L3NEbjVTTVFicktOY3RqSFpPNUVtRUFkY0VyOFN2OGtQ?= =?utf-8?B?V20yenZiM1VNZk1rRDZYbjBIc09TT2w2REJRTjFUVFZxdU93WWF5YjVUU29U?= =?utf-8?B?Z3BvR3NBNW8waHlRS3NMM1U2dWNHSnN2WEkvOU8rZEhSUFlRRWlWV1lnZnBO?= =?utf-8?B?VlJrSGJlajVoVjJwWmJSUEtmczNsRllVejNXTTZLKytpYVo3L2JQQWVXRHF1?= =?utf-8?B?MzhacVZoWUVRcVZxdi9MT3FZcjJvTkJrNkdwbmNBZ1k4VzBMc1NpRFAyRHM0?= =?utf-8?B?S2RySWRtV0doUEdRTVBQcWVuc09Sak0yZ3FWRzc5dXM1RVEyZTJjM04zK1BW?= =?utf-8?Q?BXXSjdFzGLwIZo5kmRvfNubEQmlFLm7aDUm3Y=3D?= X-Microsoft-Exchange-Diagnostics: 1;BLUPR12MB0658;6:mHVoFXyZOsXUvpJpad0fhLPeAIaAzvKfJA2agXQA5l59SUcxzbRb3kRUwnt010ScjcPUm9Hug8ATy+NEzYenJsfmMJWlPz/hhsD9Jama4LrRWO3/vekOjneHUZwoyGd+1FbgFWdpCCDJiiF2uxJNNFougS/LYV/S+NmvrHdJBZgHWZ+iiy7D+PpRtcxLLJDmE3t1MbUxB5qKM8nk+v3jkpqlFF0Ly2A651mhoKXxfk85M5Wv9DVtmp2CblHi5ctWkDzEh5KbFbjfwBjmZwouOlAFuzSkPxc1nwdarWdrpo6p0CHh005ICBmzRg0NS/aWTn9OOMZZDBJ/VixTyd+kcg==;5:Daqr1DW2o5ay4Ar1DEigxk5L9wq7BohddBKT41iXK8LqC7SWdzQjxu8Ohww1FRRCXfCHVeakT96cHjPUV6WUnZ/D1Ri/MKCtXJIstHqDuNbq87u1llg4qe6tttO9qdvPhyhNlv8PbPZv6cTMOc++pQ==;24:b2Q8grI+LeNL6u+yAFw3J4cyvr8UW6jss67UeLD7GxqYAsrBWa1wj+eqKY0hcrGX/YE0P60CrTlPqVvyyIEDgpyZoyJglLo6ndjF3AYvSa0=;7:q6KHIcnBmMj4WHPaqosMMk8NT+H1+j08p2wgQHTjAyIs4Y2i/KZ/bDM89fGPCDNZWQwMy95aBUCPqT2IBk7kBfUL/nsTeU7CFDyi5Jbzatwc9n7nTZBkLsJucvujPT8qZkfZPy9WSGdb3lrFH4bKYEufSd3oXi0oyS9OOxNg3j7KGHA+TnEjvSMy3qORTHaHTpXkTDekURk2QnIrxkPWeq1eIA4MyeHUpq7T+gXcG4oTAVEDfsA8RBSEu7cz+f+5 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;BLUPR12MB0658;20:WECdNSItBujh1uujt/FwMOTm4ip85Eay5eKVslJaLFRY3cAui3zmrzAOc1+SI4eE20XLhzlyPC1NCxULEL7uaH2GeUueEitJDZlHKaXeQ+brRekd7ENIKdRF4la9LfeylyCtC/sLJK2Vc7LFl1SBl9oiDB9rfm7GVQuVpZ5tfQeukoNyDtnO4fsrTjG/shAQ0EKNRbmgIPXJAYHRGTR07yOko/fCchvx25Rbaww+Mw6B/LMiQt6aFVFDQuxqeNw+ X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Aug 2016 23:21:56.0116 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR12MB0658 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFC. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. When enabled, SEV hardware tags all code and data with its VM ASID which indicates which VM the data originated from or is intended for. This tag is kept with the data at all times when inside the SOC, and prevents that data from being used by anyone other than the owner. While the tag protects VM data inside the SOC, AES with 128 bit encryption protects data outside the SOC. When data leaves or enters the SOC, it is encrypted/decrypted respectively by hardware with a key based on the associated tag. SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit, and is fully controlled by the guest. Due to security reasons all the DMA operations inside the guest must be performed on shared pages (C-bit clear). Note that since C-bit is only controllable by the guest OS when it is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the C-bit to a 1. SEV is designed to protect guest VMs from a benign but vulnerable (i.e. not fully malicious) hypervisor. In particular, it reduces the attack surface of guest VMs and can prevent certain types of VM-escape bugs (e.g. hypervisor read-anywhere) from being used to steal guest data. The RFC series also includes a crypto driver (psp.ko) which communicates with SEV firmware that runs within the AMD secure processor provides a secure key management interfaces. The hypervisor uses this interface to enable SEV for secure guest and perform common hypervisor activities such as launching, running, snapshotting , migrating and debugging a guest. A new ioctl (KVM_SEV_ISSUE_CMD) is introduced which will enable Qemu to send commands to the SEV firmware during guest life cycle. The RFC series also includes patches required in guest OS to enable SEV feature. A guest OS can check SEV support by calling KVM_FEATURE cpuid instruction. The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Spec.pdf --- TODO: - send qemu/seabios RFC's on respective mailing list - integrate the psp driver with CCP driver (they share the PCI id's) - add SEV guest migration command support - add SEV snapshotting command support - determine how to do ioremap of physical memory with mem encryption enabled (e.g acpi tables) - determine how to share the guest memory with hypervisor for to support pvclock driver Brijesh Singh (11): crypto: add AMD Platform Security Processor driver KVM: SVM: prepare to reserve asid for SEV guest KVM: SVM: prepare for SEV guest management API support KVM: introduce KVM_SEV_ISSUE_CMD ioctl KVM: SVM: add SEV launch start command KVM: SVM: add SEV launch update command KVM: SVM: add SEV_LAUNCH_FINISH command KVM: SVM: add KVM_SEV_GUEST_STATUS command KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command KVM: SVM: add command to query SEV API version Tom Lendacky (17): kvm: svm: Add support for additional SVM NPF error codes kvm: svm: Add kvm_fast_pio_in support kvm: svm: Use the hardware provided GPA instead of page walk x86: Secure Encrypted Virtualization (SEV) support KVM: SVM: prepare for new bit definition in nested_ctl KVM: SVM: Add SEV feature definitions to KVM x86: Do not encrypt memory areas if SEV is enabled Access BOOT related data encrypted with SEV active x86/efi: Access EFI data as encrypted when SEV is active x86: Change early_ioremap to early_memremap for BOOT data x86: Don't decrypt trampoline area if SEV is active x86: DMA support for SEV memory encryption iommu/amd: AMD IOMMU support for SEV x86: Don't set the SME MSR bit when SEV is active x86: Unroll string I/O when SEV is active x86: Add support to determine if running with SEV enabled KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature arch/x86/boot/compressed/Makefile | 2 arch/x86/boot/compressed/head_64.S | 19 + arch/x86/boot/compressed/mem_encrypt.S | 123 ++++ arch/x86/include/asm/io.h | 26 + arch/x86/include/asm/kvm_emulate.h | 3 arch/x86/include/asm/kvm_host.h | 27 + arch/x86/include/asm/mem_encrypt.h | 3 arch/x86/include/asm/svm.h | 3 arch/x86/include/uapi/asm/hyperv.h | 4 arch/x86/include/uapi/asm/kvm_para.h | 4 arch/x86/kernel/acpi/boot.c | 4 arch/x86/kernel/head64.c | 4 arch/x86/kernel/mem_encrypt.S | 44 ++ arch/x86/kernel/mpparse.c | 10 arch/x86/kernel/setup.c | 7 arch/x86/kernel/x8664_ksyms_64.c | 1 arch/x86/kvm/cpuid.c | 4 arch/x86/kvm/mmu.c | 20 + arch/x86/kvm/svm.c | 906 ++++++++++++++++++++++++++++++++ arch/x86/kvm/x86.c | 73 +++ arch/x86/mm/ioremap.c | 7 arch/x86/mm/mem_encrypt.c | 50 ++ arch/x86/platform/efi/efi_64.c | 14 arch/x86/realmode/init.c | 11 drivers/crypto/Kconfig | 11 drivers/crypto/Makefile | 1 drivers/crypto/psp/Kconfig | 8 drivers/crypto/psp/Makefile | 3 drivers/crypto/psp/psp-dev.c | 220 ++++++++ drivers/crypto/psp/psp-dev.h | 95 +++ drivers/crypto/psp/psp-ops.c | 454 ++++++++++++++++ drivers/crypto/psp/psp-pci.c | 376 +++++++++++++ drivers/sfi/sfi_core.c | 6 include/linux/ccp-psp.h | 833 +++++++++++++++++++++++++++++ include/uapi/linux/Kbuild | 1 include/uapi/linux/ccp-psp.h | 182 ++++++ include/uapi/linux/kvm.h | 125 ++++ 37 files changed, 3643 insertions(+), 41 deletions(-) create mode 100644 arch/x86/boot/compressed/mem_encrypt.S create mode 100644 drivers/crypto/psp/Kconfig create mode 100644 drivers/crypto/psp/Makefile create mode 100644 drivers/crypto/psp/psp-dev.c create mode 100644 drivers/crypto/psp/psp-dev.h create mode 100644 drivers/crypto/psp/psp-ops.c create mode 100644 drivers/crypto/psp/psp-pci.c create mode 100644 include/linux/ccp-psp.h create mode 100644 include/uapi/linux/ccp-psp.h -- Brijesh Singh From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-it0-f71.google.com (mail-it0-f71.google.com [209.85.214.71]) by kanga.kvack.org (Postfix) with ESMTP id 879646B0264 for ; Mon, 22 Aug 2016 19:22:19 -0400 (EDT) Received: by mail-it0-f71.google.com with SMTP id f6so6486695ith.2 for ; Mon, 22 Aug 2016 16:22:19 -0700 (PDT) Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0081.outbound.protection.outlook.com. [104.47.37.81]) by mx.google.com with ESMTPS id v19si143038otv.265.2016.08.22.16.22.18 for (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 22 Aug 2016 16:22:18 -0700 (PDT) Subject: [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) From: Brijesh Singh Date: Mon, 22 Aug 2016 19:21:52 -0400 Message-ID: <147190811185.9268.8427842212955719186.stgit@brijesh-build-machine> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: kvm@vger.kernel.org, rkrcmar@redhat.com, matt@codeblueprint.co.uk, linus.walleij@linaro.org, linux-mm@kvack.org, paul.gortmaker@windriver.com, hpa@zytor.com, dan.j.williams@intel.com, aarcange@redhat.com, sfr@canb.auug.org.au, andriy.shevchenko@linux.intel.com, herbert@gondor.apana.org.au, bhe@redhat.com, xemul@parallels.com, joro@8bytes.org, x86@kernel.org, mingo@redhat.com, labbott@fedoraproject.org--to=linux-efi, msalter@redhat.com, ross.zwisler@linux.intel.com, bp@suse.de, dyoung@redhat.com, thomas.lendacky@amd.com, jroedel@suse.de, keescook@chromium.org, toshi.kani@hpe.com, mathieu.desnoyers@efficios.com, devel@linuxdriverproject.org, tglx@linutronix.de, mchehab@kernel.org, iamjoonsoo.kim@lge.com, simon.guinot@sequanux.org, tony.luck@intel.com, alexandre.bounine@idt.com, kuleshovmail@gmail.com, linux-kernel@vger.kernel.org, mcgrof@kernel.org, linux-crypto@vger.kernel.org, pbonzini@redhat.com, akpm@linux-foundation.org, davem@davemloft.net This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFC. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. When enabled, SEV hardware tags all code and data with its VM ASID which indicates which VM the data originated from or is intended for. This tag is kept with the data at all times when inside the SOC, and prevents that data from being used by anyone other than the owner. While the tag protects VM data inside the SOC, AES with 128 bit encryption protects data outside the SOC. When data leaves or enters the SOC, it is encrypted/decrypted respectively by hardware with a key based on the associated tag. SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit, and is fully controlled by the guest. Due to security reasons all the DMA operations inside the guest must be performed on shared pages (C-bit clear). Note that since C-bit is only controllable by the guest OS when it is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the C-bit to a 1. SEV is designed to protect guest VMs from a benign but vulnerable (i.e. not fully malicious) hypervisor. In particular, it reduces the attack surface of guest VMs and can prevent certain types of VM-escape bugs (e.g. hypervisor read-anywhere) from being used to steal guest data. The RFC series also includes a crypto driver (psp.ko) which communicates with SEV firmware that runs within the AMD secure processor provides a secure key management interfaces. The hypervisor uses this interface to enable SEV for secure guest and perform common hypervisor activities such as launching, running, snapshotting , migrating and debugging a guest. A new ioctl (KVM_SEV_ISSUE_CMD) is introduced which will enable Qemu to send commands to the SEV firmware during guest life cycle. The RFC series also includes patches required in guest OS to enable SEV feature. A guest OS can check SEV support by calling KVM_FEATURE cpuid instruction. The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Spec.pdf --- TODO: - send qemu/seabios RFC's on respective mailing list - integrate the psp driver with CCP driver (they share the PCI id's) - add SEV guest migration command support - add SEV snapshotting command support - determine how to do ioremap of physical memory with mem encryption enabled (e.g acpi tables) - determine how to share the guest memory with hypervisor for to support pvclock driver Brijesh Singh (11): crypto: add AMD Platform Security Processor driver KVM: SVM: prepare to reserve asid for SEV guest KVM: SVM: prepare for SEV guest management API support KVM: introduce KVM_SEV_ISSUE_CMD ioctl KVM: SVM: add SEV launch start command KVM: SVM: add SEV launch update command KVM: SVM: add SEV_LAUNCH_FINISH command KVM: SVM: add KVM_SEV_GUEST_STATUS command KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command KVM: SVM: add command to query SEV API version Tom Lendacky (17): kvm: svm: Add support for additional SVM NPF error codes kvm: svm: Add kvm_fast_pio_in support kvm: svm: Use the hardware provided GPA instead of page walk x86: Secure Encrypted Virtualization (SEV) support KVM: SVM: prepare for new bit definition in nested_ctl KVM: SVM: Add SEV feature definitions to KVM x86: Do not encrypt memory areas if SEV is enabled Access BOOT related data encrypted with SEV active x86/efi: Access EFI data as encrypted when SEV is active x86: Change early_ioremap to early_memremap for BOOT data x86: Don't decrypt trampoline area if SEV is active x86: DMA support for SEV memory encryption iommu/amd: AMD IOMMU support for SEV x86: Don't set the SME MSR bit when SEV is active x86: Unroll string I/O when SEV is active x86: Add support to determine if running with SEV enabled KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature arch/x86/boot/compressed/Makefile | 2 arch/x86/boot/compressed/head_64.S | 19 + arch/x86/boot/compressed/mem_encrypt.S | 123 ++++ arch/x86/include/asm/io.h | 26 + arch/x86/include/asm/kvm_emulate.h | 3 arch/x86/include/asm/kvm_host.h | 27 + arch/x86/include/asm/mem_encrypt.h | 3 arch/x86/include/asm/svm.h | 3 arch/x86/include/uapi/asm/hyperv.h | 4 arch/x86/include/uapi/asm/kvm_para.h | 4 arch/x86/kernel/acpi/boot.c | 4 arch/x86/kernel/head64.c | 4 arch/x86/kernel/mem_encrypt.S | 44 ++ arch/x86/kernel/mpparse.c | 10 arch/x86/kernel/setup.c | 7 arch/x86/kernel/x8664_ksyms_64.c | 1 arch/x86/kvm/cpuid.c | 4 arch/x86/kvm/mmu.c | 20 + arch/x86/kvm/svm.c | 906 ++++++++++++++++++++++++++++++++ arch/x86/kvm/x86.c | 73 +++ arch/x86/mm/ioremap.c | 7 arch/x86/mm/mem_encrypt.c | 50 ++ arch/x86/platform/efi/efi_64.c | 14 arch/x86/realmode/init.c | 11 drivers/crypto/Kconfig | 11 drivers/crypto/Makefile | 1 drivers/crypto/psp/Kconfig | 8 drivers/crypto/psp/Makefile | 3 drivers/crypto/psp/psp-dev.c | 220 ++++++++ drivers/crypto/psp/psp-dev.h | 95 +++ drivers/crypto/psp/psp-ops.c | 454 ++++++++++++++++ drivers/crypto/psp/psp-pci.c | 376 +++++++++++++ drivers/sfi/sfi_core.c | 6 include/linux/ccp-psp.h | 833 +++++++++++++++++++++++++++++ include/uapi/linux/Kbuild | 1 include/uapi/linux/ccp-psp.h | 182 ++++++ include/uapi/linux/kvm.h | 125 ++++ 37 files changed, 3643 insertions(+), 41 deletions(-) create mode 100644 arch/x86/boot/compressed/mem_encrypt.S create mode 100644 drivers/crypto/psp/Kconfig create mode 100644 drivers/crypto/psp/Makefile create mode 100644 drivers/crypto/psp/psp-dev.c create mode 100644 drivers/crypto/psp/psp-dev.h create mode 100644 drivers/crypto/psp/psp-ops.c create mode 100644 drivers/crypto/psp/psp-pci.c create mode 100644 include/linux/ccp-psp.h create mode 100644 include/uapi/linux/ccp-psp.h -- Brijesh Singh -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org