From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752576AbdLEBFv (ORCPT ); Mon, 4 Dec 2017 20:05:51 -0500 Received: from mail-bn3nam01on0088.outbound.protection.outlook.com ([104.47.33.88]:33708 "EHLO NAM01-BN3-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751982AbdLEBFQ (ORCPT ); Mon, 4 Dec 2017 20:05:16 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v9 08/38] KVM: Introduce KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl Date: Mon, 4 Dec 2017 19:04:08 -0600 Message-Id: <20171205010438.5773-9-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0b74b5a1-75c1-4350-401a-08d53b7c3669 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286);SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;3:HM8nlwqbjQVfjtxMBC96sarw24PdkL1k8mnnjzGjPcEeti3Hv8weVgAlA5o12Ci25DVRS0cgt9lNEza6x+eezk1jLnHPYG0CltRU5D6sT4kMQ5SiMpqV1EwjIIOegWHcfoZgj3AUyBP91+e6/oltwRgKqO/FSz8eJp82R4b31LTA1id8vinXSKX3ogjPS8pvgSgtm2gPWMtrrgJewk6PTnsIgCftSjbuIKbOw4ZV5MwlHUcaQfwws2luz81z9f03;25:IzbSP/O0Pc2pg3zbbp3d/7Ua67xLwW3fwFIRdbjO4P0h79NLnSGhuumCpxZMrE4EoEjDMVC44WIVGtsZF7b5QovtqdJskS4gTVFhkrT/moxzCdXDX2fbHQIjkdcpxv5XH9Dt3ufMhRdiyg5aiIfrUy/bGYi0RVITVTvFRio2isTdJZsaSsqTTle7qvIjJTxwpFiI9nVcLWS+lQHBv7kgndJ1M4wOVZU1ba3b6T7flcpsyX1OkNV0Inoe5YD05OcAhJEvfOtVKDSgwGCHiqMN+IhMv+y6LF2fSDk8MVgpnNNrMYHonzUBz+bBT3QhIt5UaYVA19sLWUvexG/QQ6EVtg==;31:NyHHmH+jAKKpgmrzGmKDXoMez0vMIJ98IRbNpWSir+ujQGmxB5fYwLdyPVkEzJxZDbl+rLRQ7gNv8T1T8xHe1PXggsgIVX2bXV3lr0GbDOHd4INr0Nkxpoawmp6PbtHT0ROOtpWceFH/+tXPdvvVrS0sa5RHBf4jqcVL+bTFJY2togom2AY0XVDwoqNuvDnE4BWw+ctKKv/1eauc6MjIOg2qX+UfIEDDvDWLoAvRoi8= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:KSfEXw5n/GnXmTkknDhjoZjoOprQ/hshkyagRnEvUPI8X0smv096vk2+NL5yu+NVrckdhFR9byGdAlGOYizd2slRilcz8+iK2dk6dApPdxbz0N2QHazzCz+ZdE1WeqhdMG10b+bxGJh7ORk/oJZllvBuU9BxujofUjXQe4rPz9G+Cv3SeEv/fzZnPQUYPgmpv7aipGBmPRlf91VGcaxru9sRRw1D6AQtIE2HKfGw4sKrXgxHSZSX4EV0gOLPxltSrNIqugZlqAv6bfj2uEj/bK+0PfwjxUEHk/gGPtH6sEOeKBoudxnvrEbWgdgeCw2mF+qtwbV2UEej5a6yt8AcB7EPqD/x8JXcZct9JG0x/g3IFTEUVSdVqAValq6fvxPYEIT+F2qn+kRT3Va2Qs6LWXvD5+Uk6gJ9PsiZMtP+rlcD4Qo0kxTxP+end1rsL/mV9mXxGRHy3bNdfIKh8L54gHkWUGwgKFV6kQhra1/kDj73hGeJASFPQHkVkd56lWVh;4:xI1arwXN4zcl4FZUzXLqEFC9CxCyHccrnrWhRzcVpJPKUGc1JT9a7Dlmr3M+fTihHkl1IWIc0gCXKBAUfjQa1LCTyc9G5d2k8Q/yboMG58eJ7S7WGyxW0WcFeM5kztiIjxZSAmRZJ58uZ0trNv3rH/0pjCDxb0FOl7jrxAqQXLKHW644d6fUOUID+bR+I0ykw/dPeuY1S4ryqusNuKvAAwRiv4VgFK4JU3Cwo3UpNG8/PIqqJj5/6Kn+NiAfi9wk9tKKH7uYKLzrn1HP7IyFBVfYbFZ84I8XPTcm/e9xlF4AW/SexJ9joWSnE0yO4qubI3rKlR4GQrDddrnoRwzXRw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011);SRVR:CY1PR12MB0149;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(7416002)(2870700001)(101416001)(23676004)(52116002)(97736004)(86362001)(575784001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(2950100002)(7736002)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003);DIR:OUT;SFP:1101;SCL:1;SRVR:CY1PR12MB0149;H:wsp141597wss.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOlM5ZzZ5NTRWWGNvVS8xSzVtWGhZTXo4Zm9D?= =?utf-8?B?NEZ3YWJWdnV2V0E4NkhXVmJhZGZDWGl6SDV5K0ZrcGJJRjhRMWZjL2ZuaFpC?= =?utf-8?B?R25yMVlZSXdSeDRsekYvMUNBMW9NQ2RaK1JNUmNhekRtTmhSa24rNDR4ZVZZ?= =?utf-8?B?TjFEczlRZmRsWjZ1b285ZytLZ09FQW1SOWZUT3pEblY0MklRUk1LTEFRU3RD?= =?utf-8?B?WEFodU1uSFNMYk1HZTFVcTRhMHBFTHI3NXA3Q0dhK0p4OVBsUkp4NWVPRVpK?= =?utf-8?B?UTlhSVFWRmRQb3poRXNmNzJsWmJ3L1FxRjNNd1RCQ1lSdzJLK2l4amxER092?= =?utf-8?B?YUdZdGVxT2F3c290OFMwNytnM1A2OTc5NWFQVUNCQW9oZWU2NEdWcDRKeEoz?= =?utf-8?B?amsrbWcwbEZRckRwaWhiRmdxZzdXcnZTU3BtTnYzd09WMXhLVnJlWXFOd1lN?= =?utf-8?B?Ny9FcW5Ddm9BVmtralc2MzJlL2paRC9EU0ZtMkZTNmttLzJ4WFNrV0VhTGdS?= =?utf-8?B?YXhsNGZqempFNllaMVpyb3NBY0F6dml4WDBQdmR1S2xFOW43NnJqQk1Za1pP?= =?utf-8?B?bEFYdkNwNllIa3dJMkhKSnQzZHk2cjhuV0x4d3JVRWNXNVFjYUpacUdyUlRt?= =?utf-8?B?c2c3VnJ2bmE4clgvYTlKOXJWTnBsdlJjZWE0a1NPL0N5Sy96N3RLRmd0aFp0?= =?utf-8?B?V3prQ1NTNkxVNFEvczdYK2tnQzB2Zk5Ic2VFenFoNEV2ZjJQWGpRcXZzRXV0?= =?utf-8?B?ZGgvSmExVmVEZ2dyc0xUYkxDbkNXMmNGa0NTUXBTcHkyRGVQM0h6YVJkQlhT?= =?utf-8?B?NXlTOEc0akVjRlExK2JqSW9hWlBxR0JrVlIwazk1TndxYlN3emxTOEVzZnNL?= =?utf-8?B?UmJpK1VYNzIwUW9pN0VYMjcveG9EaHhGN2RnVDB2TDR2bVpmdkd0UThlUkhs?= =?utf-8?B?Y2ExVGd5OGVlamdqeEdmZnEvakd2WG1lY1hDRklGUEdvKzJCbEY1OWUvRTRD?= =?utf-8?B?TCt3OVROVUdSQ0hWUk5hZk9KU20wMFZrNnJVZlJWOUV0WGJVWkh4cFlJVmRM?= =?utf-8?B?V0E5RmNJUjVlckJGMUI1RWQwWkViTE9aUDJPNHhHU3RpM1lncHZKTDVYTm5i?= =?utf-8?B?cUFISXNLMDBKSUdEclZaaFU5Qmh5UjM3NHphWmRCdklGYkRDU0dscGtscENC?= =?utf-8?B?c0lkMnpCVU5HL0FId3BUL0hreU1ZRExNL0cxd2FwaFVReUdTNU8vZndiZFJW?= =?utf-8?B?bUxpVHJ1cFpjY0thSjM5VU4wdGdrVE1sZTk2ekoveElKdWxZYjNRVDAxOGhU?= =?utf-8?B?dGptL1NHQ2g0NkQ2Mk1nRmxYRUlkMG0wa1NCbU84M1RiZjJkZVd5bzgxV2Zp?= =?utf-8?B?d0pIend5U2ZoTUZSSlptZXFROWZFV3FvRXFadVFPNVZLaElwZjI4Ny84TXZx?= =?utf-8?B?RkRiN2hCZXNGbXdick1pcEJnRnJOcDkxd2tvMk1qZmFPZnBoczR4L1Erc2Ny?= =?utf-8?Q?hKNgZksKaugGCg5QXeLe+3c6A=3D?= X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;6:sDcUZtzNI537u5lufy1X7s1gatydlSwEN8rjLT/6deYpKd75LyH7+jGw0KUiQJtEshakgzbEey06yOn2f0SxPOgncnmJuESGZkkQBZUzTTso8Th1ZLXL73cjbPURkRgY0F7hUBksHpHC2lQMZ4hT5i5zmWfuUZ1GYnRYaSR4k6AfZ0KNs3yr9AgbzE1PAorIPu26a9jrtK8MzimqyOJTTUU9f8jSfGhFxYP+GmOJs97Q3rrID+euYa5PNsSYBAQ9/tKqqC1C1Ldne/VEc6vV45ahcSthwgraR84P5zjBWk2JXT4tfGK0WLeNKe84qRMinThK3Ro9m0DpmMCEd+8o4phx7IYQt/qDrgFO1eCS9d0=;5:+2fnGYDBy1IDraFV6NsLp9k9YHrgV8t/ewCCbzThf2pGc2qTURjOz3aD0ttXjHgdojiuLd3QhAvCSHfqIleagG0xyUNeBCP9Y5D0ZBp1alNivH9kC5fHPDNrkyPb5qAdiCgwD6WKc5REAAU7mltSVraM/ZqWzmLC0ht1r/+4wbc=;24:V6eR8C580Pqa8/ADVVYxDB+WZzvIaV3Jr5xD8DryDv+we/KDVdrusFU3+zY68Fyie67ScBajIE9CP4lLGl+QtU/MV0JEr715hdf8Ruix6Hg=;7:nkvvS+2Dxfspq9kzPG+8Iqe1VWqWfbvdYrBCd6d7mDuoR9isEkP5uBvrlCRymH7Y3xo1WS4PkYf33J47eiilEgwkkygAlaD8Iv1bG1aVSZWV+EPNE+cUvI+uYAk4s+OfkFtqZKA7wZ1vPQDpgEsvDhTUog0kfJPdk2nlJG/4QmkOq0/ukA7QblltOQNChAW6M5aluaclmNQLjMEZkAMT+d3cENl1wknbsDHBZtn/IOkL/2CPSx26ZKCBVrsyHZ/w SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;CY1PR12MB0149;20:ua6GlZtq8y6J3wjllSLVnLuKiojptb4NGsKeHf64KdLQbQHo5jTUgGaYIyq2bKO2vXxa1cBJLh0eeYp5Je7ervdG9G9sFGY6Pyw7oOQh7RODWXK1HdCM/4W1LNUaPbi0BNpXFSApyYDoGWiqyDyWaEnmkBeTYd0GJC1YxLLIz7D5fPQPAMO1z6fJHjNwGrCynihCDdMEuFTBFIsqd9v7l84Zg5zVKeDgQZ6jmXQ0gN8VemNnOZvbRa0rTteaFir2 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:01.1550 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0b74b5a1-75c1-4350-401a-08d53b7c3669 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If hardware supports memory encryption then KVM_MEMORY_ENCRYPT_REG_REGION and KVM_MEMORY_ENCRYPT_UNREG_REGION ioctl's can be used by userspace to register/unregister the guest memory regions which may contain the encrypted data (e.g guest RAM, PCI BAR, SMRAM etc). Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Improvements-by: Borislav Petkov Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov --- Documentation/virtual/kvm/api.txt | 34 ++++++++++++++++++++++++++++++++++ arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 24 ++++++++++++++++++++++++ include/uapi/linux/kvm.h | 8 ++++++++ 4 files changed, 68 insertions(+) diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index c8755be35543..c2ced6a44bbb 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt @@ -3410,6 +3410,40 @@ Currently, this ioctl is used for issuing Secure Encrypted Virtualization (SEV) commands on AMD Processors. The SEV commands are defined in Documentation/virtual/kvm/amd-memory-encryption.txt. +4.110 KVM_MEMORY_ENCRYPT_REG_REGION + +Capability: basic +Architectures: x86 +Type: system +Parameters: struct kvm_enc_region (in) +Returns: 0 on success; -1 on error + +This ioctl can be used to register a guest memory region which may +contain encrypted data (e.g. guest RAM, SMRAM etc). + +It is used in the SEV-enabled guest. When encryption is enabled, a guest +memory region may contain encrypted data. The SEV memory encryption +engine uses a tweak such that two identical plaintext pages, each at +different locations will have differing ciphertexts. So swapping or +moving ciphertext of those pages will not result in plaintext being +swapped. So relocating (or migrating) physical backing pages for the SEV +guest will require some additional steps. + +Note: The current SEV key management spec does not provide commands to +swap or migrate (move) ciphertext pages. Hence, for now we pin the guest +memory region registered with the ioctl. + +4.111 KVM_MEMORY_ENCRYPT_UNREG_REGION + +Capability: basic +Architectures: x86 +Type: system +Parameters: struct kvm_enc_region (in) +Returns: 0 on success; -1 on error + +This ioctl can be used to unregister the guest memory region registered +with KVM_MEMORY_ENCRYPT_REG_REGION ioctl above. + 5. The kvm_run structure ------------------------ diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index c87e214d55df..58b7cc30466b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1068,6 +1068,8 @@ struct kvm_x86_ops { int (*enable_smi_window)(struct kvm_vcpu *vcpu); int (*mem_enc_op)(struct kvm *kvm, void __user *argp); + int (*mem_enc_reg_region)(struct kvm *kvm, struct kvm_enc_region *argp); + int (*mem_enc_unreg_region)(struct kvm *kvm, struct kvm_enc_region *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 7bbed0c0ba79..926f55cecf2e 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4287,6 +4287,30 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_x86_ops->mem_enc_op(kvm, argp); break; } + case KVM_MEMORY_ENCRYPT_REG_REGION: { + struct kvm_enc_region region; + + r = -EFAULT; + if (copy_from_user(®ion, argp, sizeof(region))) + goto out; + + r = -ENOTTY; + if (kvm_x86_ops->mem_enc_reg_region) + r = kvm_x86_ops->mem_enc_reg_region(kvm, ®ion); + break; + } + case KVM_MEMORY_ENCRYPT_UNREG_REGION: { + struct kvm_enc_region region; + + r = -EFAULT; + if (copy_from_user(®ion, argp, sizeof(region))) + goto out; + + r = -ENOTTY; + if (kvm_x86_ops->mem_enc_unreg_region) + r = kvm_x86_ops->mem_enc_unreg_region(kvm, ®ion); + break; + } default: r = -ENOTTY; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index addd0cf4445f..c8c65190907d 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1361,6 +1361,14 @@ struct kvm_s390_ucas_mapping { /* Memory Encryption Commands */ #define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long) +struct kvm_enc_region { + __u64 addr; + __u64 size; +}; + +#define KVM_MEMORY_ENCRYPT_REG_REGION _IOR(KVMIO, 0xbb, struct kvm_enc_region) +#define KVM_MEMORY_ENCRYPT_UNREG_REGION _IOR(KVMIO, 0xbc, struct kvm_enc_region) + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) -- 2.9.5