From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932430AbdBPPm2 (ORCPT ); Thu, 16 Feb 2017 10:42:28 -0500 Received: from mail-bl2nam02on0085.outbound.protection.outlook.com ([104.47.38.85]:36676 "EHLO NAM02-BL2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1754622AbdBPPmW (ORCPT ); Thu, 16 Feb 2017 10:42:22 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; From: Tom Lendacky Subject: [RFC PATCH v4 01/28] x86: Documentation for AMD Secure Memory Encryption (SME) To: , , , , , , , , CC: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov Date: Thu, 16 Feb 2017 09:42:11 -0600 Message-ID: <20170216154211.19244.76656.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BN6PR17CA0029.namprd17.prod.outlook.com (10.175.189.15) To DM5PR12MB1147.namprd12.prod.outlook.com (10.168.236.142) X-MS-Office365-Filtering-Correlation-Id: c5a0fa95-1bc6-4c6c-b442-08d45682633f X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081);SRVR:DM5PR12MB1147; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;3:Jl4rjU4O9/AQx11BfSwdJW/R26J4npY2cd4VQYGs1nEgd7EFg7fdGqVsy74D9OHsSBz5QDJ2cO9Zp5kR9NZzBGNmfumDa4+SBOn0khRCNC2y8+gm/7P6wPGaIfPFztDKkTDuHq/rM1tF6WyzqsCzRmzWkg8QH8/FozLtdsCscAHyX/72VlCOEMgCYvQwMYUZH1BdoY7+EgAhZ2xAbDLFJKkIleXYs31nMyudJlt9rXuOdl12Ej9a5XsAsp+RF8+IM9jYpTpEMvPzUzffjt9eIkkQnnbEWFA7iaC2T2u+ZMo=;25:YB5UzVbnLe6hTtCtiTxgkdeWvpGbdvYTT2EALs6V9hw0hgvzF78U9YK72IavzX67SuExhYZov5NQ8Aj1OKpCLl6uaioD0bjuctG9IYpEfepUsK3Eqkrb9N/THam/Qc+spAG9HUfGlxtKkNLJFY45Y6Gby7CJJshCDl+DOXqvkEbyQ5jJdHivsQjydD8CYHQciZjb/JFR+OXljle9RqsiT8FDM8k33aikp946IxNPgsc77zyrtdRVDgEj5Ns+DNGUg7AxT/0LqXY0Gb4OEUSnCduJjLXQ6L9HH4/JWNr2OK+t0mJSEn/JcxxeugCIxTLkDnN/W6sw2LUdiu+CHh/t63vU+wdnh0RbbGiyG6PjzZBi0+2gFwjV9qXRbzHpuFVcZknJkpODYmgNX94glr2OyipJ9dXxw2gEjcbC41VmLJ1rxU2orB7ecnzmB38VH89rt26hIExpStsfJUC+E41o9A== X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;31:YobGQaUW1rzlpG3OUEDzG79hsGlv+rxjIUz0+k5gvFt5tT4FpxJ5c7V7IHTfTn9l+dIiE1W5UlhNMTpiIorCGEW4nC7SC8x45INsxwTY4KzzCbSUJkonenCfJB3BtKv1Af92/nIdqILqJD1BDLgNm/ZAIm3Czmz5/LrFticXTwR8bWdpkGIjX/EH41zrpF7j069aCPfSTVzzDL35osCRx2eEB6uGD8+96ZdWBWKE0xI=;20:zHSXp3qYPpAsHyvmBzIlQNj7zVlKsBbE8uiKzDrLXU1ik0Sec411B/NJaJvn0Gp0vopTg4OSxmYcnbx4rNReqXko8GQSSLhpfXlZfI+C8X4MUgrDMCxUO3bnyF+0i1KCIbWIXQBXRYcdJokc+AcALDvkZ0dh8DoU8bASkElTQtSsjn4/Yjzr2SIGPVjm/Fw0mqDkJgHku9SsBX1+8Dv03ESriug2eZarZA9/aBlwi+ICpk2NJ7soIO5bqfp1mwHjcHtUghwgWSEO2YdXQsDPPxxAwJcod3yw4meHGqR/DVdE/ZjdAWPy2PTvauHhja9lkpxilHLHFSGdaXr60wiiGIZgJEaDJWP5VGKpXHxeNfSF8EOZlxK23gRdBS3Q5R9YLK5XRw3OLLNxLaJX911ILcCoNjpLpjL0KuPUPlfrehJ7nn7fuHQBWsYnxq7jkW5iFtZHrg8ZdH9Cc72SEiYMfqtxM5QoHKRTsx6mkF5qTKfkisH85UezG7tpXNfAH//W X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(20558992708506)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123564025)(20161123558025)(20161123562025)(20161123555025)(20161123560025)(6072148);SRVR:DM5PR12MB1147;BCL:0;PCL:0;RULEID:;SRVR:DM5PR12MB1147; X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;4:hwoYaXOWCsX2EiDchGopHkGFVhpe9o8HyPqyqO8eBSfA2ZcnK/6UHtMgYbNOrWcMpgVoiJmP4mNCLjgdcT00JNZcVbIZPIN0MHJyVKPSf6LtStwu4Ez60iYHR1BF0zFFi4iOpBj8YNMPL+xxK59fxiYNFnOR1lZVxgXZ7eFwIhCFLvI+/TW6fNECd4pzZDi7BUWZ7q1DquNaUujyv/n2oP0mE3sLyjkxZFC7izTvGWlNluhzchhDFcKNT+wsX/lHuBFR23P9edqrQhgCvWCDFZbRb1nc0gWpy+nLUJG5Np2tbWykl5xBtggMci1QEkPdidJzIN9+l71j/ed7ncbu6i07Bszuw3AZTGnsX9u9vqGaexkdidgw+HMbDz5Vd1mRuADXa2BoiT9ETCAn9UoA2ON8U8YiWbZSCIyiTaOTgSRuwSwVSJobsIZ6Wv0fFAVsvz6wgk54fCvOsRtN9dwCYoS10oUi2YG9gGzfXGhYm7S0ZWoHFRmsN1kUp5PX0vOG1VSkb0YzIFf66ofDxqrR78fHhVwDafryvvPYDltTLkAxyRzijSN4Zx2ANG25fOvg/rCZvgIz7oxVUS1LqOzpiNksH0ZEiwsBdmWWPD+OSDI5KwKxPM3hwZSlbmMaI9+dHv02lGDS0/XJAI3mVWOyUJVcxMFqdoydo7vppjjc9QJt1BOaDdUD4i99FcvblvOUaFmsyz89he/j2m18ACiAQA== X-Forefront-PRVS: 0220D4B98D X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(6009001)(7916002)(39850400002)(39450400003)(39410400002)(39860400002)(39840400002)(199003)(189002)(55016002)(50466002)(54906002)(83506001)(3846002)(6116002)(97746001)(2950100002)(25786008)(9686003)(97736004)(389900003)(53936002)(189998001)(4001350100001)(66066001)(47776003)(68736007)(33646002)(5660300001)(92566002)(1076002)(69596002)(103116003)(7736002)(2201001)(86362001)(230700001)(4326007)(305945005)(7416002)(2906002)(54356999)(50986999)(76176999)(23676002)(81166006)(81156014)(8676002)(38730400002)(101416001)(6666003)(106356001)(53416004)(42186005)(105586002)(6506006)(71626007)(217873001);DIR:OUT;SFP:1101;SCL:1;SRVR:DM5PR12MB1147;H:tlendack-t1.amdoffice.net;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTVQUjEyTUIxMTQ3OzIzOjA3UGN1N2RrNkY4cnVsUzZFY1pYV09HTVNB?= =?utf-8?B?Qm55OURESkpPWWRmeXQxYkV1V2t1TzlaajB1N3Vjb0xaQ0RPQ294VnhKb2Fi?= =?utf-8?B?eDZUVVc0TnFCSENmTFJtZ3l5Um1DWmJWOFFXdy9uY3R4UzViYlllK21QSzV4?= =?utf-8?B?UVMxL0pocS9YSFZQSTBFOGVYSnpBSVM0SVlYNzd4YVdEZUR0NUtvQnpFQzE3?= =?utf-8?B?bUZkSStGM0puRFlobjRMdlB4cDF3THdSbGxjS3MwcEUrV0g4SldpMDMwcVAz?= =?utf-8?B?TEtlUnJtcG1hSDNFcmkxMTA2WUFrM1ozTG45NnBSNU1yWHVPdENheU9Xdm1a?= =?utf-8?B?QzREbFRKNHBDV1VseFJxa1FHU2JIcGhrUHMyeXowNmV6Ukc5bi9RWjNybXQz?= =?utf-8?B?KzFjYjRvODljZ0ZXTmE0cHpEZWZ3R096QXZYeXN0aTRMeG9kN25Za0ZSOVpE?= =?utf-8?B?N3k5WW5RTGhBWnYzUVhpUFl5WGd1bGJ1ZEM5Rk1VK2xWQmE4UEJKVWx1K2dB?= =?utf-8?B?MXJNL2thMjZ6MXJBVGtXUi9CcTVnelM1OU55d3RPbC9STVpONytzOXloTHU3?= =?utf-8?B?ZDNiQm1zeHowZFFya0FHRVpTVlRyQm0waUx1djlyaE9PSWFVSVJtZXQzdVVO?= =?utf-8?B?K25kNG5panljc1gzQTh0RkpYcHk1Uk9UVVhlcmNnSFVXckZnS1dzVmViLzJ0?= =?utf-8?B?azRJM3Zya2ZyM0Q4SEZ0dnc0SmVoM2FGYkxEcVc2aUJLMUw0S1I1STB1YkdP?= =?utf-8?B?M21kNzhWVThyVmRCYzdOZnJJOENhelJwVGpEU09WdGVXR1JHVmtnZVF1QWY2?= =?utf-8?B?TzNWMVBVZFFwSVpqdnNxaUNZbHFxV0o5TzZpRHlGbmc2elA2RE1oek92azZQ?= =?utf-8?B?WjJqUXYrNUF6QW5Hb2h0dEQwOTdkTkVBdDdmK0pqN0dWcFdkcGovT0FrdFU3?= =?utf-8?B?Q2MwUWNaR25GNHpDMWhQTnZ3L2czaVlteUhTa3VaUmtqTE5oM2VUMzNhK2xh?= =?utf-8?B?VERjOGFsRTlMTTFIVis0Tlk5WDFueEpjQ0IxMmpIUWM0WXJac250blQrajkx?= =?utf-8?B?MWFGdUlZU0JvMXA4L3N4L1BMS1ZJRmJ6cG5aRWI2UEJEVnVSZEpvbUltV0Zs?= =?utf-8?B?V003Rkxub2tGMnk0ZGRGeUJINm1nTG9Wc0NYbkZYekZvdS9PR0Nsb0NBOEs1?= =?utf-8?B?QlBNNGdXYUU3cEE5VWlVWnltbnVTNElsdjc1QkxnZkhSUDRxNmRrWGV1dkVj?= =?utf-8?B?ZDh1SjR4NWlnUkF6dzJFQ0Nyb2xWcTh2SVBQejJhVVBBTW5zdk9UYWlPbVRl?= =?utf-8?B?by82SzlRb0lPa1ZkNzloM3Fpamd2TUd0a2IyWlZVeVB0bGYvQzhROHZuTUhI?= =?utf-8?B?UDRERDNYVkVtOWl4ZGxyZ0FxYmhoamR6SmdCSHJINWk1RjVTbVhBUjJMT2JY?= =?utf-8?B?L0RvVDBZQk9qaEFIN0JWcHliamtKM24rOVVzSlNrV3duWW9GNmFlQ2htY1pq?= =?utf-8?B?SGNTMlBiRVQ5azJtRDVCUHBXY29CVW5uQ2dZSTNKR3NTN3kvWDlTdmZOMWls?= =?utf-8?B?WXd4aXU1by8wUlU4NXZPTVY3bitjNUN0ZlBicWd3UVdmNTNnK2dFTDBkTkx3?= =?utf-8?B?Z0V3RzF6WC9CbU9walE1V3FvNGQzSmFjWnBDS0pGOGN2SUUyVTMrTEJtdERZ?= =?utf-8?B?bmlZVDdXbnJ0QXhYQy9NRXQ4Nk5KcDM2Y0NOUDFOVEpEQXNqckZsSHRKUXNm?= =?utf-8?B?YkVqU05aTHBRQmIydzBEUndHVmQ3eEdzV0hmVERYREdkUElCQ3h5S1d5a0VP?= =?utf-8?B?ODdVaHJNcWI3em93UVcwK0I5UWhPNWcvMjNESW5WNlhrb1RUNkNqRHI2bHNs?= =?utf-8?B?ZWVxSkJSdDlvdU5sa1dHSEp6dElwa1pFME5udWF0NkR1dFpPWENWdUJINU9p?= =?utf-8?B?YUpoZ2lXT053PT0=?= X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;6:AE0b01dws07vN/Vzp1IUkg7UemjM67lvSTgxfDAWU45GyfhOJK2M7VDypDxmo74YnxWBL4Wl5c/sOdf/D+quzlz/Wk4iw/dYQ2jQycMeTq1nVMFFGVg+cqk7HLFZ8rJCNna+XPMNc6TQoPdd//Ra1eLKoIQZlPreDbDzzSdFM09DyMucD4WpVEF2O7Ge9A5Mi5xrRr8DLJyT2bM99gdevjMlehNeAIbO8lf/YkiTJbNUVs7Fm0rkBVHeDR0bia4olle4VCZh6/9bW7TOBfV0oCbNn1/aZAXQ88qTcUBuueufqjbAAioylr+Orgnzg3+B8a7GId59bW50r38L89/HN5F9OWnz9Dmnoo9qsthbR1DAaSekPV7ChGgtbCBJSmI1TjbFvs7Y5hyGYAPPaKadWoM7bdAh9wRY2WP35t65AMs=;5:LhsFP/JLDECXOeztth0VtjTrJJRT+GQxrgsdcjmVL7ERXV98cffB/dmpoGXG3mLILYuK1A3q9X7FDYsD4YF5DDijYMX869PwdXew14YmuKPMnPcSDplid5H7Ly5fv1QdSVDVS9hdlwbz3FhZnhSqzA==;24:5eSNevb4sD7+F+n55B+YPkRg8hfRnTfVqJ0HidKqPIJQvtPXTekyavki5YeN6u629V1SbbW2ddmQtlZkMK3CI8b8yssvs4Aor2RHRtMpeM8= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM5PR12MB1147;7:dwR0W21h2B5IK4j4zeKo2qLKSRHE8V/nThkzxjgAoUBoene/duYNxGahMxtHK7+982GTY7VkLAq/NC/S/GebOGetC5I+9Jc+JKjaL+PQZIT7B6tBpr6hOeVurDA39BtAKB3Rlr5/qekZoNNfHdQaEmbDlBx9a6AXd163FIwIde00LaG/UXiJHhQMsWWYY63oBiDH2tyGb5TAKgEP7c4t69b0F2okC3dE9WDIZdEVmq/Ww7xGajPLNhP48U9ARz9IIySFqFoojZsU/R3ponMi0JKRiA6NCa73jlcNGJjTTSo7Bcknq+Q7vWYRUsIM2i1B9UwayUS4IRvfSQgxUyqrAg==;20:N6rYCsc87qZcHYxHu2N/T21nkSrUjJ08UNK1hNIZGKs6ncnTvbBa5M0lIFyV69C4fuo/bXgnLlqzGCagF2fZ760QgaB8F//ImKgvxgY6ynCZMq0zSUZ0jBP/3Ws/8UJheyK3QF5LC2M7GrTMfsKUvj+rBSpmkFrkk+bO2DyiVRUUKMbXPXz+vgROwQw946M8VGHsXgbkO927VQbj+ge0pbesXdH1ee3UAeJddmVZsCCLFBmPRKUmOrAA0uzndwuX X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Feb 2017 15:42:15.2508 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1147 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch adds a Documenation entry to decribe the AMD Secure Memory Encryption (SME) feature. Signed-off-by: Tom Lendacky --- Documentation/admin-guide/kernel-parameters.txt | 11 ++++ Documentation/x86/amd-memory-encryption.txt | 57 +++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 Documentation/x86/amd-memory-encryption.txt diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 110745e..91c40fa 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2145,6 +2145,17 @@ memory contents and reserves bad memory regions that are detected. + mem_encrypt= [X86-64] AMD Secure Memory Encryption (SME) control + Valid arguments: on, off + Default (depends on kernel configuration option): + on (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) + off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n) + mem_encrypt=on: Activate SME + mem_encrypt=off: Do not activate SME + + Refer to the SME documentation for details on when + memory encryption can be activated. + mem_sleep_default= [SUSPEND] Default system suspend mode: s2idle - Suspend-To-Idle shallow - Power-On Suspend or equivalent (if supported) diff --git a/Documentation/x86/amd-memory-encryption.txt b/Documentation/x86/amd-memory-encryption.txt new file mode 100644 index 0000000..0938e89 --- /dev/null +++ b/Documentation/x86/amd-memory-encryption.txt @@ -0,0 +1,57 @@ +Secure Memory Encryption (SME) is a feature found on AMD processors. + +SME provides the ability to mark individual pages of memory as encrypted using +the standard x86 page tables. A page that is marked encrypted will be +automatically decrypted when read from DRAM and encrypted when written to +DRAM. SME can therefore be used to protect the contents of DRAM from physical +attacks on the system. + +A page is encrypted when a page table entry has the encryption bit set (see +below how to determine the position of the bit). The encryption bit can be +specified in the cr3 register, allowing the PGD table to be encrypted. Each +successive level of page tables can also be encrypted. + +Support for SME can be determined through the CPUID instruction. The CPUID +function 0x8000001f reports information related to SME: + + 0x8000001f[eax]: + Bit[0] indicates support for SME + 0x8000001f[ebx]: + Bit[5:0] pagetable bit number used to activate memory + encryption + Bit[11:6] reduction in physical address space, in bits, when + memory encryption is enabled (this only affects system + physical addresses, not guest physical addresses) + +If support for SME is present, MSR 0xc00100010 (SYS_CFG) can be used to +determine if SME is enabled and/or to enable memory encryption: + + 0xc0010010: + Bit[23] 0 = memory encryption features are disabled + 1 = memory encryption features are enabled + +Linux relies on BIOS to set this bit if BIOS has determined that the reduction +in the physical address space as a result of enabling memory encryption (see +CPUID information above) will not conflict with the address space resource +requirements for the system. If this bit is not set upon Linux startup then +Linux itself will not set it and memory encryption will not be possible. + +The state of SME in the Linux kernel can be documented as follows: + - Supported: + The CPU supports SME (determined through CPUID instruction). + + - Enabled: + Supported and bit 23 of the SYS_CFG MSR is set. + + - Active: + Supported, Enabled and the Linux kernel is actively applying + the encryption bit to page table entries (the SME mask in the + kernel is non-zero). + +SME can also be enabled and activated in the BIOS. If SME is enabled and +activated in the BIOS, then all memory accesses will be encrypted and it will +not be necessary to activate the Linux memory encryption support. If the BIOS +merely enables SME (sets bit 23 of the SYS_CFG MSR), then Linux can activate +memory encryption. However, if BIOS does not enable SME, then Linux will not +attempt to activate memory encryption, even if configured to do so by default +or the mem_encrypt=on command line parameter is specified. From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Lendacky Subject: [RFC PATCH v4 01/28] x86: Documentation for AMD Secure Memory Encryption (SME) Date: Thu, 16 Feb 2017 09:42:11 -0600 Message-ID: <20170216154211.19244.76656.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20170216154158.19244.66630.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: iommu-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: iommu-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-doc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, kasan-dev-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org, linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org, iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Cc: Rik van Riel , Larry Woodman , Brijesh Singh , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Radim =?utf-8?b?S3LEjW3DocWZ?= , Andrey Ryabinin , Ingo Molnar , "Michael S. Tsirkin" , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Paolo Bonzini , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov List-Id: linux-efi@vger.kernel.org This patch adds a Documenation entry to decribe the AMD Secure Memory Encryption (SME) feature. Signed-off-by: Tom Lendacky --- Documentation/admin-guide/kernel-parameters.txt | 11 ++++ Documentation/x86/amd-memory-encryption.txt | 57 +++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 Documentation/x86/amd-memory-encryption.txt diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 110745e..91c40fa 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2145,6 +2145,17 @@ memory contents and reserves bad memory regions that are detected. + mem_encrypt= [X86-64] AMD Secure Memory Encryption (SME) control + Valid arguments: on, off + Default (depends on kernel configuration option): + on (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) + off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n) + mem_encrypt=on: Activate SME + mem_encrypt=off: Do not activate SME + + Refer to the SME documentation for details on when + memory encryption can be activated. + mem_sleep_default= [SUSPEND] Default system suspend mode: s2idle - Suspend-To-Idle shallow - Power-On Suspend or equivalent (if supported) diff --git a/Documentation/x86/amd-memory-encryption.txt b/Documentation/x86/amd-memory-encryption.txt new file mode 100644 index 0000000..0938e89 --- /dev/null +++ b/Documentation/x86/amd-memory-encryption.txt @@ -0,0 +1,57 @@ +Secure Memory Encryption (SME) is a feature found on AMD processors. + +SME provides the ability to mark individual pages of memory as encrypted using +the standard x86 page tables. A page that is marked encrypted will be +automatically decrypted when read from DRAM and encrypted when written to +DRAM. SME can therefore be used to protect the contents of DRAM from physical +attacks on the system. + +A page is encrypted when a page table entry has the encryption bit set (see +below how to determine the position of the bit). The encryption bit can be +specified in the cr3 register, allowing the PGD table to be encrypted. Each +successive level of page tables can also be encrypted. + +Support for SME can be determined through the CPUID instruction. The CPUID +function 0x8000001f reports information related to SME: + + 0x8000001f[eax]: + Bit[0] indicates support for SME + 0x8000001f[ebx]: + Bit[5:0] pagetable bit number used to activate memory + encryption + Bit[11:6] reduction in physical address space, in bits, when + memory encryption is enabled (this only affects system + physical addresses, not guest physical addresses) + +If support for SME is present, MSR 0xc00100010 (SYS_CFG) can be used to +determine if SME is enabled and/or to enable memory encryption: + + 0xc0010010: + Bit[23] 0 = memory encryption features are disabled + 1 = memory encryption features are enabled + +Linux relies on BIOS to set this bit if BIOS has determined that the reduction +in the physical address space as a result of enabling memory encryption (see +CPUID information above) will not conflict with the address space resource +requirements for the system. If this bit is not set upon Linux startup then +Linux itself will not set it and memory encryption will not be possible. + +The state of SME in the Linux kernel can be documented as follows: + - Supported: + The CPU supports SME (determined through CPUID instruction). + + - Enabled: + Supported and bit 23 of the SYS_CFG MSR is set. + + - Active: + Supported, Enabled and the Linux kernel is actively applying + the encryption bit to page table entries (the SME mask in the + kernel is non-zero). + +SME can also be enabled and activated in the BIOS. If SME is enabled and +activated in the BIOS, then all memory accesses will be encrypted and it will +not be necessary to activate the Linux memory encryption support. If the BIOS +merely enables SME (sets bit 23 of the SYS_CFG MSR), then Linux can activate +memory encryption. However, if BIOS does not enable SME, then Linux will not +attempt to activate memory encryption, even if configured to do so by default +or the mem_encrypt=on command line parameter is specified. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-bl2nam02on0085.outbound.protection.outlook.com ([104.47.38.85]:36676 "EHLO NAM02-BL2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1754622AbdBPPmW (ORCPT ); Thu, 16 Feb 2017 10:42:22 -0500 From: Tom Lendacky Subject: [RFC PATCH v4 01/28] x86: Documentation for AMD Secure Memory Encryption (SME) Date: Thu, 16 Feb 2017 09:42:11 -0600 Message-ID: <20170216154211.19244.76656.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-arch-owner@vger.kernel.org List-ID: To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov Message-ID: <20170216154211.xyH6AiD6XjpVTeaHcGPuKKNkT538ONaO6A2OYfcnDE8@z> This patch adds a Documenation entry to decribe the AMD Secure Memory Encryption (SME) feature. Signed-off-by: Tom Lendacky --- Documentation/admin-guide/kernel-parameters.txt | 11 ++++ Documentation/x86/amd-memory-encryption.txt | 57 +++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 Documentation/x86/amd-memory-encryption.txt diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 110745e..91c40fa 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2145,6 +2145,17 @@ memory contents and reserves bad memory regions that are detected. + mem_encrypt= [X86-64] AMD Secure Memory Encryption (SME) control + Valid arguments: on, off + Default (depends on kernel configuration option): + on (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) + off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n) + mem_encrypt=on: Activate SME + mem_encrypt=off: Do not activate SME + + Refer to the SME documentation for details on when + memory encryption can be activated. + mem_sleep_default= [SUSPEND] Default system suspend mode: s2idle - Suspend-To-Idle shallow - Power-On Suspend or equivalent (if supported) diff --git a/Documentation/x86/amd-memory-encryption.txt b/Documentation/x86/amd-memory-encryption.txt new file mode 100644 index 0000000..0938e89 --- /dev/null +++ b/Documentation/x86/amd-memory-encryption.txt @@ -0,0 +1,57 @@ +Secure Memory Encryption (SME) is a feature found on AMD processors. + +SME provides the ability to mark individual pages of memory as encrypted using +the standard x86 page tables. A page that is marked encrypted will be +automatically decrypted when read from DRAM and encrypted when written to +DRAM. SME can therefore be used to protect the contents of DRAM from physical +attacks on the system. + +A page is encrypted when a page table entry has the encryption bit set (see +below how to determine the position of the bit). The encryption bit can be +specified in the cr3 register, allowing the PGD table to be encrypted. Each +successive level of page tables can also be encrypted. + +Support for SME can be determined through the CPUID instruction. The CPUID +function 0x8000001f reports information related to SME: + + 0x8000001f[eax]: + Bit[0] indicates support for SME + 0x8000001f[ebx]: + Bit[5:0] pagetable bit number used to activate memory + encryption + Bit[11:6] reduction in physical address space, in bits, when + memory encryption is enabled (this only affects system + physical addresses, not guest physical addresses) + +If support for SME is present, MSR 0xc00100010 (SYS_CFG) can be used to +determine if SME is enabled and/or to enable memory encryption: + + 0xc0010010: + Bit[23] 0 = memory encryption features are disabled + 1 = memory encryption features are enabled + +Linux relies on BIOS to set this bit if BIOS has determined that the reduction +in the physical address space as a result of enabling memory encryption (see +CPUID information above) will not conflict with the address space resource +requirements for the system. If this bit is not set upon Linux startup then +Linux itself will not set it and memory encryption will not be possible. + +The state of SME in the Linux kernel can be documented as follows: + - Supported: + The CPU supports SME (determined through CPUID instruction). + + - Enabled: + Supported and bit 23 of the SYS_CFG MSR is set. + + - Active: + Supported, Enabled and the Linux kernel is actively applying + the encryption bit to page table entries (the SME mask in the + kernel is non-zero). + +SME can also be enabled and activated in the BIOS. If SME is enabled and +activated in the BIOS, then all memory accesses will be encrypted and it will +not be necessary to activate the Linux memory encryption support. If the BIOS +merely enables SME (sets bit 23 of the SYS_CFG MSR), then Linux can activate +memory encryption. However, if BIOS does not enable SME, then Linux will not +attempt to activate memory encryption, even if configured to do so by default +or the mem_encrypt=on command line parameter is specified. From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tom Lendacky Subject: [RFC PATCH v4 01/28] x86: Documentation for AMD Secure Memory Encryption (SME) Date: Thu, 16 Feb 2017 09:42:11 -0600 Message-ID: <20170216154211.19244.76656.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: Rik van Riel , Larry Woodman , Brijesh Singh , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , Radim =?utf-8?b?S3LEjW3DocWZ?= , Andrey Ryabinin , Ingo Molnar , "Michael S. Tsirkin" , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Paolo Bonzini , Alexander Potapenko , Thomas Gleixner , Dmitry Vyukov To: , , , , , , , , Return-path: In-Reply-To: <20170216154158.19244.66630.stgit-qCXWGYdRb2BnqfbPTmsdiZQ+2ll4COg0XqFh9Ls21Oc@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: iommu-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: iommu-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org List-Id: kvm.vger.kernel.org This patch adds a Documenation entry to decribe the AMD Secure Memory Encryption (SME) feature. Signed-off-by: Tom Lendacky --- Documentation/admin-guide/kernel-parameters.txt | 11 ++++ Documentation/x86/amd-memory-encryption.txt | 57 +++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 Documentation/x86/amd-memory-encryption.txt diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 110745e..91c40fa 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2145,6 +2145,17 @@ memory contents and reserves bad memory regions that are detected. + mem_encrypt= [X86-64] AMD Secure Memory Encryption (SME) control + Valid arguments: on, off + Default (depends on kernel configuration option): + on (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) + off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n) + mem_encrypt=on: Activate SME + mem_encrypt=off: Do not activate SME + + Refer to the SME documentation for details on when + memory encryption can be activated. + mem_sleep_default= [SUSPEND] Default system suspend mode: s2idle - Suspend-To-Idle shallow - Power-On Suspend or equivalent (if supported) diff --git a/Documentation/x86/amd-memory-encryption.txt b/Documentation/x86/amd-memory-encryption.txt new file mode 100644 index 0000000..0938e89 --- /dev/null +++ b/Documentation/x86/amd-memory-encryption.txt @@ -0,0 +1,57 @@ +Secure Memory Encryption (SME) is a feature found on AMD processors. + +SME provides the ability to mark individual pages of memory as encrypted using +the standard x86 page tables. A page that is marked encrypted will be +automatically decrypted when read from DRAM and encrypted when written to +DRAM. SME can therefore be used to protect the contents of DRAM from physical +attacks on the system. + +A page is encrypted when a page table entry has the encryption bit set (see +below how to determine the position of the bit). The encryption bit can be +specified in the cr3 register, allowing the PGD table to be encrypted. Each +successive level of page tables can also be encrypted. + +Support for SME can be determined through the CPUID instruction. The CPUID +function 0x8000001f reports information related to SME: + + 0x8000001f[eax]: + Bit[0] indicates support for SME + 0x8000001f[ebx]: + Bit[5:0] pagetable bit number used to activate memory + encryption + Bit[11:6] reduction in physical address space, in bits, when + memory encryption is enabled (this only affects system + physical addresses, not guest physical addresses) + +If support for SME is present, MSR 0xc00100010 (SYS_CFG) can be used to +determine if SME is enabled and/or to enable memory encryption: + + 0xc0010010: + Bit[23] 0 = memory encryption features are disabled + 1 = memory encryption features are enabled + +Linux relies on BIOS to set this bit if BIOS has determined that the reduction +in the physical address space as a result of enabling memory encryption (see +CPUID information above) will not conflict with the address space resource +requirements for the system. If this bit is not set upon Linux startup then +Linux itself will not set it and memory encryption will not be possible. + +The state of SME in the Linux kernel can be documented as follows: + - Supported: + The CPU supports SME (determined through CPUID instruction). + + - Enabled: + Supported and bit 23 of the SYS_CFG MSR is set. + + - Active: + Supported, Enabled and the Linux kernel is actively applying + the encryption bit to page table entries (the SME mask in the + kernel is non-zero). + +SME can also be enabled and activated in the BIOS. If SME is enabled and +activated in the BIOS, then all memory accesses will be encrypted and it will +not be necessary to activate the Linux memory encryption support. If the BIOS +merely enables SME (sets bit 23 of the SYS_CFG MSR), then Linux can activate +memory encryption. However, if BIOS does not enable SME, then Linux will not +attempt to activate memory encryption, even if configured to do so by default +or the mem_encrypt=on command line parameter is specified. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg0-f72.google.com (mail-pg0-f72.google.com [74.125.83.72]) by kanga.kvack.org (Postfix) with ESMTP id 240AF680FEA for ; Thu, 16 Feb 2017 10:42:22 -0500 (EST) Received: by mail-pg0-f72.google.com with SMTP id v184so26350838pgv.6 for ; Thu, 16 Feb 2017 07:42:22 -0800 (PST) Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0062.outbound.protection.outlook.com. [104.47.40.62]) by mx.google.com with ESMTPS id k186si7272250pgd.113.2017.02.16.07.42.20 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 16 Feb 2017 07:42:21 -0800 (PST) From: Tom Lendacky Subject: [RFC PATCH v4 01/28] x86: Documentation for AMD Secure Memory Encryption (SME) Date: Thu, 16 Feb 2017 09:42:11 -0600 Message-ID: <20170216154211.19244.76656.stgit@tlendack-t1.amdoffice.net> In-Reply-To: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> References: <20170216154158.19244.66630.stgit@tlendack-t1.amdoffice.net> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: linux-arch@vger.kernel.org, linux-efi@vger.kernel.org, kvm@vger.kernel.org, linux-doc@vger.kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kasan-dev@googlegroups.com, linux-mm@kvack.org, iommu@lists.linux-foundation.org Cc: Rik van Riel , Radim =?utf-8?b?S3LEjW3DocWZ?= , Toshimitsu Kani , Arnd Bergmann , Jonathan Corbet , Matt Fleming , "Michael S. Tsirkin" , Joerg Roedel , Konrad Rzeszutek Wilk , Paolo Bonzini , Brijesh Singh , Ingo Molnar , Alexander Potapenko , Andy Lutomirski , "H. Peter Anvin" , Borislav Petkov , Andrey Ryabinin , Thomas Gleixner , Larry Woodman , Dmitry Vyukov This patch adds a Documenation entry to decribe the AMD Secure Memory Encryption (SME) feature. Signed-off-by: Tom Lendacky --- Documentation/admin-guide/kernel-parameters.txt | 11 ++++ Documentation/x86/amd-memory-encryption.txt | 57 +++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 Documentation/x86/amd-memory-encryption.txt diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 110745e..91c40fa 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -2145,6 +2145,17 @@ memory contents and reserves bad memory regions that are detected. + mem_encrypt= [X86-64] AMD Secure Memory Encryption (SME) control + Valid arguments: on, off + Default (depends on kernel configuration option): + on (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y) + off (CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=n) + mem_encrypt=on: Activate SME + mem_encrypt=off: Do not activate SME + + Refer to the SME documentation for details on when + memory encryption can be activated. + mem_sleep_default= [SUSPEND] Default system suspend mode: s2idle - Suspend-To-Idle shallow - Power-On Suspend or equivalent (if supported) diff --git a/Documentation/x86/amd-memory-encryption.txt b/Documentation/x86/amd-memory-encryption.txt new file mode 100644 index 0000000..0938e89 --- /dev/null +++ b/Documentation/x86/amd-memory-encryption.txt @@ -0,0 +1,57 @@ +Secure Memory Encryption (SME) is a feature found on AMD processors. + +SME provides the ability to mark individual pages of memory as encrypted using +the standard x86 page tables. A page that is marked encrypted will be +automatically decrypted when read from DRAM and encrypted when written to +DRAM. SME can therefore be used to protect the contents of DRAM from physical +attacks on the system. + +A page is encrypted when a page table entry has the encryption bit set (see +below how to determine the position of the bit). The encryption bit can be +specified in the cr3 register, allowing the PGD table to be encrypted. Each +successive level of page tables can also be encrypted. + +Support for SME can be determined through the CPUID instruction. The CPUID +function 0x8000001f reports information related to SME: + + 0x8000001f[eax]: + Bit[0] indicates support for SME + 0x8000001f[ebx]: + Bit[5:0] pagetable bit number used to activate memory + encryption + Bit[11:6] reduction in physical address space, in bits, when + memory encryption is enabled (this only affects system + physical addresses, not guest physical addresses) + +If support for SME is present, MSR 0xc00100010 (SYS_CFG) can be used to +determine if SME is enabled and/or to enable memory encryption: + + 0xc0010010: + Bit[23] 0 = memory encryption features are disabled + 1 = memory encryption features are enabled + +Linux relies on BIOS to set this bit if BIOS has determined that the reduction +in the physical address space as a result of enabling memory encryption (see +CPUID information above) will not conflict with the address space resource +requirements for the system. If this bit is not set upon Linux startup then +Linux itself will not set it and memory encryption will not be possible. + +The state of SME in the Linux kernel can be documented as follows: + - Supported: + The CPU supports SME (determined through CPUID instruction). + + - Enabled: + Supported and bit 23 of the SYS_CFG MSR is set. + + - Active: + Supported, Enabled and the Linux kernel is actively applying + the encryption bit to page table entries (the SME mask in the + kernel is non-zero). + +SME can also be enabled and activated in the BIOS. If SME is enabled and +activated in the BIOS, then all memory accesses will be encrypted and it will +not be necessary to activate the Linux memory encryption support. If the BIOS +merely enables SME (sets bit 23 of the SYS_CFG MSR), then Linux can activate +memory encryption. However, if BIOS does not enable SME, then Linux will not +attempt to activate memory encryption, even if configured to do so by default +or the mem_encrypt=on command line parameter is specified. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org