From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933793AbdKAWJZ (ORCPT ); Wed, 1 Nov 2017 18:09:25 -0400 Received: from mail-bn3nam01on0059.outbound.protection.outlook.com ([104.47.33.59]:44352 "EHLO NAM01-BN3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S933485AbdKAVQw (ORCPT ); Wed, 1 Nov 2017 17:16:52 -0400 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky , x86@kernel.org Subject: [Part2 PATCH v7 08/38] KVM: Introduce KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl Date: Wed, 1 Nov 2017 16:15:53 -0500 Message-Id: <20171101211623.71496-9-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171101211623.71496-1-brijesh.singh@amd.com> References: <20171101211623.71496-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM5PR06CA0064.namprd06.prod.outlook.com (2603:10b6:3:37::26) To DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 5b74450f-0151-4584-972e-08d5216dd8bf X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(4534020)(4602075)(2017052603199);SRVR:DM2PR12MB0155; X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;3:kYZwevbQ2pX3Wwk6/rcm5CeokRsBR151lSevG3N5pBOJW5VqCzQ1M7ntBRyAq9at8YLQD52kUseSL42uCZpdf77pKVPszq+O4X37ho+QmSygWpbRwVwt1abCZxV5G1px43S+0dNKtSvFsO4La4aU3WT6ExzE1DIccvxStjFCbrBokTBF9j2UVHZYL5nQ8ww0uAehyrjlQWGwYTRMrQRWWX7mwYlwJ8FK7wiqc7R7hYUMMm0eRCIdFv7RDlvslgK5;25:gMS+X3z0Vkas+qOGJvWdk6j49S03N74JCMwqiLS7cAhFe8lY/Hr2/jVv1Rdboku81hwU4KthfQbg8qrlOYIAP7noX5IgHFyTdYAn8NG9OLjaK+pxm5UsZtHsDS4DaBchoB6yhxNKco6r5rLmFaB4iAQtrNLR/t6FBjfQPp2F/qntDQqYdTJGZps51FXzKxLuVV3nEzaOGiqVcJR+kYMnuKWZXDAuhr/oONtJ7MsjTEWZUJ91yjYH6NFdazEux35wTVBaqUuVmrUxgDUu8LPL7QiGakt5BAncPq+bf2+MaSUkHR7HYNatxlnyXFkuwInv/n1FAmAoyfNWm4nsgUYoHw==;31:zAqvVr6ZMBmQIki4aBN4Y2dN1mqlruPOZkyV21alqJ+09fdSAQMmJtlesJ5xalUAseg2YTbIX99sxCIt1ghTKI1R7uICw3r7zG4GZ8R8Fo7LXRDEmhIo9WNt6hQxj+Cw5J2AbkZhspSSsgbYj3Ueq31Yp3FJtwIch7Ra3uM34DuMlLlFDPSOQoP3dl3cgjxytdPk7lfAR23+AzjcqQKaLEXaT6/qSzXcDMGWkuaiB0I= X-MS-TrafficTypeDiagnostic: DM2PR12MB0155: X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;20:tZd6+Fil3YRQh5pgZQPy1llXwQT4x6EONEkrwZL45Qkjm+9GDjUGrOgK+J0xnKKumLPZdkVZ83n9jZg+OHq0b56Yes6OLuPlkf1yv/cDShRgON0DLCSt5ykLZ3fkHP5NRfqJveEigUsk1uNm2GMX22Z8Isd9uXE6hqd/c2TctF+684oKDoWMvV/OCzmg20uTujMra6CQpmOZjkDvYIoZ+L0f669EuKnARWZxyj4ciodOoB5I62yMx7/3EkJTTu6N3NQj/IGazGCbq+epm7WljkhcnRc8Qjyoh88BkoJIW2GhWTZClyDgFm8olfuQ++o/OAp2BVqLyC1EUcycfydzXmA6nWr8hueeDtLiwFrEXRyy+VxB3eRFDxQXv5trBPZlaUSoP3TX35Sw3VMFoouFFnqEHv7gf0gB07Zw4HZAz1ESh51QA0uMcCJKmlkij+sVRnB9FcEw+YbBRt0iDk1BhfDYMlRMw82Y/zDVdn+t1UEKtSPtOUW3XTM/IhLZGpWh;4:oZI9K6HFzSy79w8OO2WbWPXAxQGbNlTxKZ+nl4g7aO5dq5Wh7MJZFf/dr3ctCx39cysHyZzxCAaiTRwWj779/voyH9OHG28IsDkz071lcn+m8nvyYIVuMjlGM6sJAflG2xEr8RAaB6z9/UX84b56hJ0czlxgFpsuC/sc6RCfE4KLVkvldl38MpgtiitAYDehy7HujYuThxyndomEKUSc1JnaYq+6MXvIQ4b3ppjXTfuIORKpczGnpIXb2JhYVLJRh/ZminTU6gyCqbxlLqUbqUK0fXKNvTWQjtj7UKLmIUTN/qufrgY2KfMDq9PxlKMUHRAUezpBiSM1K+Nb19jXag== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(3231020)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123560025)(20161123555025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:DM2PR12MB0155;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:DM2PR12MB0155; X-Forefront-PRVS: 0478C23FE0 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(39860400002)(376002)(346002)(189002)(199003)(1076002)(6116002)(97736004)(66066001)(50466002)(3846002)(25786009)(4326008)(54906003)(316002)(8676002)(47776003)(36756003)(23676003)(50986999)(478600001)(7416002)(81156014)(81166006)(105586002)(53416004)(53936002)(189998001)(106356001)(2906002)(16526018)(2870700001)(76176999)(33646002)(305945005)(7736002)(86362001)(5660300001)(6486002)(101416001)(50226002)(68736007)(8936002)(2950100002)(6666003);DIR:OUT;SFP:1101;SCL:1;SRVR:DM2PR12MB0155;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU1OzIzOkM0VkZ1c3FqdVZYUW82N3VuZit6Z0VZSWsz?= =?utf-8?B?SlRHeWNkVHVyMEdxbEg4NHp5RExCWEtlWWUwREZYcmJXUldic0gwUHVYdzJi?= =?utf-8?B?N0tlMG5OZXZnLy9saWtTY1k3c0dNWnVBT1BvMTFvRWVSSWdXeWZ1K2Q3cEsv?= =?utf-8?B?ZTVIVGhsMy9RdUdSMi9hSXFoaTFJN21HVDZ1THgxb0RjM2Yvb0dmTkFMZmpB?= =?utf-8?B?Y1NQeDNEUFN5YkZBVU43Q21zcDdQSXVZK1J2a05xWDR2eUJOVVdvcU10dmxy?= =?utf-8?B?NVJkYUJnYXE0ZmJFZWIxV1d6eU5SVzNDWVpNamRDZVhBT1VlU29ZeldCaStV?= =?utf-8?B?am9LV2RmbmxWSnRITWxyWE5MNHZPcWZZNmV4cllRdWJLVWNxRzBOdmtCcU42?= =?utf-8?B?TmFTejZvT0pMeldMSkZJNTQvc2tYY1orZ1FFVmVzK01OVUtNSUN3SmdRTXBj?= =?utf-8?B?RzlSdjdsd0FMNmJsdVZkNk5sb3hiUnBTYXBEeXFvVXR4OFNoZy9kYUtVNGVy?= =?utf-8?B?N0xrcUV3ZVNpZkRCYmE4dUU0Zlk1a0g0bW9KSVlhVGluaW1RdXRUUG5ad3dF?= =?utf-8?B?S2tPV2lscGFpcVhycFlCK3hwR2tEZHdRNmlURnp1c0h0Ly9vM3V1TTZWa2Ez?= =?utf-8?B?d09UYjZwZHRsQWl6WkJwODBtVGpVODNZMGx4cnZoNkdUTkdaek83OWplVkdJ?= =?utf-8?B?TVgrUGNsQ2U2WUMwam12U2llMDBpd3FqZTgxRmdYd0pvc0F5UGJyRVZ4a3Bx?= =?utf-8?B?bW9nb2w2Vi94WVd5WHJGT1ZDTGJiSG92a0VzRVc2OGx4WmVFRU9iL2ZlZkpK?= =?utf-8?B?bFVkSW1uNHM0MVB2TytyMWxSSWR5TTBFbTRyRWZEQTJKU2N2UGhFbVFqMStk?= =?utf-8?B?eDVkTzh3clZRdmNZck5uWTJMTmNhRkx2TE9NVVZvR2NGeDlhRXNKcVE3MHpE?= =?utf-8?B?L2pLTHUvWFRGcllEeEtGejE3RFZQU0p2OExJa3h6bFhCQjFhTHcrM3NQZWtz?= =?utf-8?B?a0p2WDhPa3E3K1RxNWdseFUzbVZ1Y0JZTnhHcVZxVTUraEpiTnI5dnlrOFgw?= =?utf-8?B?aXFQaXFFQUVodTJGQ3RXOXdIYzNhSHVKUXF4RUdnZ1Q2bTNnSXd1UHNZYk9K?= =?utf-8?B?TW9lSEQ1eFZLOERLQzI5T2NnT0p1eEFNbVIyZGxEcElYZjhPZ3laNDN1dEJr?= =?utf-8?B?dE44V0kwMkNsL080YUR1emE2N2RzR3p0czluZFhwN08vQ3cxdEZTN1dtQTha?= =?utf-8?B?MHRIbklETzBTUEdQdzNXVDhFR3hZZmt4WW8vQk0wVVIxK0tKSS9Bekc3cE15?= =?utf-8?B?Z2lmRWNvck91a0pnazBuM2RJSjRSZ09wSWN6NmxReU5vaGwzVXdhUkROdFQx?= =?utf-8?B?SHVHM3lZSWlxUHRoWEU3TG1oOElUMlhnZGZSMU1ENzBpK3p6N2lvam4xVENG?= =?utf-8?Q?tvZXWueiB3YzPw4ROLjoj9jNR2s?= X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;6:RB6aODSPjFFBG1nxcDsQwxVK9IiJ10dBOW0huFbstXkU4p6zZoYe7DSDrxIKFAktHmk4IV0AebdvWGk41Yp8ZcVbULROcAkBbSJDSO051ifIjWqVGf5HhA65m9//k2+HH1aPBVoElv63KTjDb5P4TeGZvaRWaJHQUf+o5ekfkSt2qLPDAk3g3P1YIjM9q90Cv+WtkyqzusG4bRcgXcL3P7z4bM19dogT9mPOeb1MygBDsGL0bvvhTEBMmei151KKYArOKxojuNw7R1+lxf/x3U3PEBmRGqMAQ4/3vsvlXRHaf30cmfbUBo2n8qmdiQxOCNgD+YUWemLk7OsZGprSjDNHxkqHlJNSpzaG3sjihxw=;5:5a32wxOVujKugENgW3pv2ZuZa/ytXUVxZmKnLl56OodzlmiVCtSFiQVb5sW9PSy5TqtpYjyWEg1JcMrG7UZNf3xiG8GKOxgvB8vsq7Wc/5qqRd6DeLvuIzbbmvyha6aZYMzByVwAjEDLuJHZaws6GDZGRoY2nqK2ZRE67S4fdXc=;24:vh/H+/T3RBVzkQVrfrKnhqwRIgM6C16BqJ0fwKgNjUMOKps1dtNn4HHv1T08PdC6rHmoLoN5dUMiJN5E+uwK/P9QzM1PCRiWxjo+al1sqGo=;7:ZHB7Em1iVoaSqahqmLjEFzEF1umi5UflYo/zW+g1yHF/MznKhYIaLEzi7h1u+RagGT966BM4hUjq//EGGevYf5nfLaBruaZGZoGwZHZyKdvIrM5uqVq3c8xOK6ovIxs86d0LH6G+UwyH/c229SnQdgtI0hn6D1OmZjdtIFMOS3An1LRuUwsLfOy2JjyKekizvg0eOBmRhO0elI9SaEs2FHlw3Kd/FHtMK9SUf7nPoIEgyMJEZzquxRwNoGaANfTv SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0155;20:sWC2cVoyMPvt4Vt89XyresymweRXyYgTsKGhYdtamTWfJ5VKZBV1Q+/2aZkI188VgG5mbawyDO5PRXmXZKroVsy76rqBEVvlfNoMRcDUi7yHTWdUSHE95grEJV1tkoRCwxl7eP1BqPbw6f/Ny95G/7ID9qtRNNNSZG0G6dJ7LUhFarUvvTpzAfgOvSBgH4QPXB0jbI3bdf75JAo6W8N5l3YMnO+W+4f5jDxl+WPEWFBIKHR/G6axyCkV7kzw2F2P X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Nov 2017 21:16:41.0473 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5b74450f-0151-4584-972e-08d5216dd8bf X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0155 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If hardware supports memory encryption then KVM_MEMORY_ENCRYPT_REG_REGION and KVM_MEMORY_ENCRYPT_UNREG_REGION ioctl's can be used by userspace to register/unregister the guest memory regions which may contain the encrypted data (e.g guest RAM, PCI BAR, SMRAM etc). Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov --- Documentation/virtual/kvm/api.txt | 34 ++++++++++++++++++++++++++++++++++ arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 24 ++++++++++++++++++++++++ include/uapi/linux/kvm.h | 8 ++++++++ 4 files changed, 68 insertions(+) diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index fcafdae1739e..365b6e2c8be5 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt @@ -3406,6 +3406,40 @@ Currently, this ioctl is used for issuing Secure Encrypted Virtualization (SEV) commands on AMD Processors. The SEV commands are defined in Documentation/virtual/kvm/amd-memory-encryption.txt. +4.110 KVM_MEMORY_ENCRYPT_REG_REGION + +Capability: basic +Architectures: x86 +Type: system +Parameters: struct kvm_enc_region (in) +Returns: 0 on success; -1 on error + +This ioctl can be used to register a guest memory region which may +contain encrypted data (e.g. guest RAM, SMRAM etc). + +It is used in the SEV-enabled guest. When encryption is enabled, a guest +memory region may contain encrypted data. The SEV memory encryption +engine uses a tweak such that two identical plaintext pages, each at +different locations will have differing ciphertexts. So swapping or +moving ciphertext of those pages will not result in plaintext being +swapped. So relocating (or migrating) physical backing pages for the SEV +guest will require some additional steps. + +Note: The current SEV key management spec does not provide commands to +swap or migrate (move) ciphertext pages. Hence, for now we pin the guest +memory region registered with the ioctl. + +4.111 KVM_MEMORY_ENCRYPT_UNREG_REGION + +Capability: basic +Architectures: x86 +Type: system +Parameters: struct kvm_enc_region (in) +Returns: 0 on success; -1 on error + +This ioctl can be used to unregister the guest memory region registered +with KVM_MEMORY_ENCRYPT_REG_REGION ioctl above. + 5. The kvm_run structure ------------------------ diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 48001ca48c14..3af074452b2b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1063,6 +1063,8 @@ struct kvm_x86_ops { void (*setup_mce)(struct kvm_vcpu *vcpu); int (*mem_enc_op)(struct kvm *kvm, void __user *argp); + int (*mem_enc_reg_region)(struct kvm *kvm, struct kvm_enc_region *argp); + int (*mem_enc_unreg_region)(struct kvm *kvm, struct kvm_enc_region *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 4c365eb23080..d4e2c61cb6b7 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4276,6 +4276,30 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_x86_ops->mem_enc_op(kvm, argp); break; } + case KVM_MEMORY_ENCRYPT_REG_REGION: { + struct kvm_enc_region region; + + r = -EFAULT; + if (copy_from_user(®ion, argp, sizeof(region))) + goto out; + + r = -ENOTTY; + if (kvm_x86_ops->mem_enc_reg_region) + r = kvm_x86_ops->mem_enc_reg_region(kvm, ®ion); + break; + } + case KVM_MEMORY_ENCRYPT_UNREG_REGION: { + struct kvm_enc_region region; + + r = -EFAULT; + if (copy_from_user(®ion, argp, sizeof(region))) + goto out; + + r = -ENOTTY; + if (kvm_x86_ops->mem_enc_unreg_region) + r = kvm_x86_ops->mem_enc_unreg_region(kvm, ®ion); + break; + } default: r = -ENOTTY; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 4a39d99c5f99..1f9f26a8e111 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1359,6 +1359,14 @@ struct kvm_s390_ucas_mapping { /* Memory Encryption Commands */ #define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long) +struct kvm_enc_region { + __u64 addr; + __u64 size; +}; + +#define KVM_MEMORY_ENCRYPT_REG_REGION _IOR(KVMIO, 0xbb, struct kvm_enc_region) +#define KVM_MEMORY_ENCRYPT_UNREG_REGION _IOR(KVMIO, 0xbc, struct kvm_enc_region) + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) -- 2.9.5