From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35708) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bk0MU-00025k-NP for qemu-devel@nongnu.org; Tue, 13 Sep 2016 22:55:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bk0MP-0003Eu-PN for qemu-devel@nongnu.org; Tue, 13 Sep 2016 22:55:45 -0400 Received: from mx1.redhat.com ([209.132.183.28]:35790) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bk0MP-0003EY-HE for qemu-devel@nongnu.org; Tue, 13 Sep 2016 22:55:41 -0400 Date: Wed, 14 Sep 2016 05:55:37 +0300 From: "Michael S. Tsirkin" Message-ID: <20160914053810-mutt-send-email-mst@kernel.org> References: <147377800565.11859.4411044563640180545.stgit@brijesh-build-machine> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <147377800565.11859.4411044563640180545.stgit@brijesh-build-machine> Subject: Re: [Qemu-devel] [RFC PATCH v1 00/22] x86: Secure Encrypted Virtualization (AMD) List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Brijesh Singh Cc: ehabkost@redhat.com, crosthwaite.peter@gmail.com, armbru@redhat.com, p.fedin@samsung.com, qemu-devel@nongnu.org, lcapitulino@redhat.com, pbonzini@redhat.com, rth@twiddle.net On Tue, Sep 13, 2016 at 10:46:46AM -0400, Brijesh Singh wrote: > This RFC series provides support for AMD's new Secure Encrypted > Virtualization (SEV) feature. This RFC is based KVM RFC [1]. > > SEV is an extension to the AMD-V architecture which supports running > multiple VMs under the control of a hypervisor. The SEV feature allows > the memory contents of a virtual machine (VM) to be transparently encrypted > with a key unique to the guest VM. The memory controller contains a > high performance encryption engine which can be programmed with multiple > keys for use by a different VMs in the system. The programming and > management of these keys is handled by the AMD Secure Processor firmware > which exposes a commands for these tasks. > > SEV is designed to protect guest VMs from a benign but vulnerable > (i.e. not fully malicious) hypervisor. Not fully malicious? This sounds kind of weird. In my humble opinion, the attack needs to be much better defined to be of any use. I attempt to do this below. > In particular, it reduces the attack > surface of guest VMs and can prevent certain types of VM-escape bugs > (e.g. hypervisor read-anywhere) from being used to steal guest data. To rephrase this in terms I understand: someone gets to read all hypervisor memory, we do not want this someone to be able to read all guest memory too. Sounds reasonable. But I don't think you need to break features like debugging: clearly if you decrypt memory it is readable in hypervisor memory, but I think that's fine since it's encrypted if you do not debug. In other words policy should not be up to guest since fundamentally hypervisor is benign. > The KVM RFC introduced a new ioctl (KVM_SEV_ISSUE_CMD) which can be > used by qemu to enable SEV for secure guest and assist performing common > hypervisor activities such as a launching, running, snapshooting, migration > and debugging a guests data. > > > The following links provide additional details: > > AMD Memory Encryption whitepaper: > > http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf > > AMD64 Architecture Programmer's Manual: > http://support.amd.com/TechDocs/24593.pdf > SME is section 7.10 > SEV is section 15.34 > > Secure Encrypted Virutualization Key Management: > http://support.amd.com/TechDocs/55766_SEV-KM API_Spec.pdf > > KVM Forum slides: > http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf > > KVM RFC link: > > [1] http://marc.info/?l=kvm&m=147191038624432&w=2 > > --- > > TODO: > - send seabios RFC's on seabios mailing list > - implement SEV guest migration command support > - implement SEV snapshotting command support > - virtio support in SEV guest > > Brijesh Singh (22): > exec: add guest RAM read/write ops > cpu-common: add debug version of physical memory read/write > monitor: use debug version of physical memory read api > memattrs: add SEV debug attrs > i386: add new option to enable SEV guest > sev: add initial SEV support > sev: add SEV launch start command > sev: add SEV launch update command > sev: add SEV launch finish command > sev: add SEV debug decrypt command > sev: add SEV debug encrypt command > sev: add SEV guest status command > hmp: update 'info kvm' to display SEV status > sev: provide SEV-enabled guest RAM read/write ops > i386: sev: register RAM read/write ops for BIOS and PC.RAM region > i386: pc: load OS images at fixed location in SEV-enabled guest > target-i386: add cpuid Fn8000_001f > i386: clear C-bit in SEV guest page table walk > exec: set debug attribute in SEV-enabled guest > fw_cfg: sev: disable dma in real mode > hw: add pre and post system reset callback > loader: reload bios image on ROM reset in SEV-enabled guest > > > Makefile.target | 2 > disas.c | 2 > exec.c | 323 ++++++++++++++++++++----- > hmp.c | 14 + > hw/core/loader.c | 7 - > hw/i386/pc.c | 99 ++++++++ > hw/i386/pc_sysfw.c | 6 > hw/nvram/fw_cfg.c | 6 > include/exec/cpu-common.h | 12 + > include/exec/memattrs.h | 4 > include/exec/memory.h | 25 ++ > include/hw/hw.h | 2 > include/sysemu/kvm.h | 10 + > include/sysemu/sev.h | 104 ++++++++ > kvm-all.c | 6 > monitor.c | 2 > qapi-schema.json | 4 > qemu-options.hx | 6 > qmp.c | 1 > sev.c | 574 +++++++++++++++++++++++++++++++++++++++++++++ > target-i386/cpu.c | 3 > target-i386/helper.c | 36 ++- > target-i386/monitor.c | 50 +++- > vl.c | 74 ++++++ > 24 files changed, 1288 insertions(+), 84 deletions(-) > create mode 100644 include/sysemu/sev.h > create mode 100644 sev.c > > -- > > Brijesh Singh