Received: by 10.223.164.202 with SMTP id h10csp1289012wrb; Wed, 15 Nov 2017 17:03:54 -0800 (PST) X-Google-Smtp-Source: AGs4zMaq8ZuhAHqsSeRLUrSFt7yqG759Rb/5mpiDUomheWenuZ+u5BFoTiSbZWgzK3AbMCLXyQzY X-Received: by 10.99.167.79 with SMTP id w15mr17137417pgo.390.1510794234131; Wed, 15 Nov 2017 17:03:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510794234; cv=none; d=google.com; s=arc-20160816; b=SSDOi0AYpqO+f2qb0BVXZ/sKWWF68mCuMPP/m3+zPc8G0Coc+JdMf8ot7qPjTyEcZE 9jiaJL0qDmW46VMOAmGpBgsMPY5+VgJKk0k1zWrneWMP8ajENbe3Xv7SQnIPNVXqcKyU IWjKt767m7bq86hBAJH+KcFk+A6aUJwUxUGR66u6bFdSWnBcp+mRIB2s/H/bLkyp3a1u gzTOtRy7DqC/+6pC2M+foWpDMF38f7Se/kpPBjLZtw1qM2UvH7433cBWX8GMHIgk6Xva DFvwUdj8mdYZD12q8sIfgFhnh2djOsEc0hOtMhSgLVBkS2uttJvmDdtjzygU4d76FQXg 876Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:arc-authentication-results; bh=gLs5VWjZj67wF9V69S/c5rQrnTrokJQBP3huv34+oJQ=; b=lkuFK4ICwoQ64cH4XKXAp1FW5apjF21aZsQ339FObDxHw6/CfKP7ovtJyzL7FvUfx1 zmVGHrXUWNDh9nGLHz1kP7Ou1xXDEvk91BbmJvy4zKLQ7TbNVFHhvnYty5uVuURfqPNF FhMS8MC8z13svuwzHXv+35CwVCX6mHQsMKwiLgnasW9XLi6ZDQUraj+n/pPr7tY/bs7d f72JJuKORd2yEhVE6pp9vIfmMhvEjTiJC+EF3tlTNTTYBu1Cx3z3f8L38FAFUgP0ayWT mJQaI7Nig8D0dCPKgoyefrI8BKP0jSj+6eQEloryHG57/GzWSWSPZi9IduZtE3CIbgnl UnZg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=uaORmxMy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f6si18301253pgq.406.2017.11.15.17.03.41; Wed, 15 Nov 2017 17:03:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=uaORmxMy; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932629AbdKOX6B (ORCPT + 89 others); Wed, 15 Nov 2017 18:58:01 -0500 Received: from mail-io0-f196.google.com ([209.85.223.196]:34833 "EHLO mail-io0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932208AbdKOX5z (ORCPT ); Wed, 15 Nov 2017 18:57:55 -0500 Received: by mail-io0-f196.google.com with SMTP id i38so3435074iod.2 for ; Wed, 15 Nov 2017 15:57:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=gLs5VWjZj67wF9V69S/c5rQrnTrokJQBP3huv34+oJQ=; b=uaORmxMyz5IT9RpQ5qgvAjfcHUgOD9kyLaW6TWn39DxKBm3iM7w2oMio7CebRDmjqE 11mrt3FxyVaRyxQkcbi+gawINiDKk6wjSDkW5fQoOBWLCyf5XAIQSD50WoGineOzYWQ/ UhhScqf72XVrvoa8D/n02LCD4uhfQVS88UcJZ1l+G5XMnHsGAzFr9d9WhMRF4Dl6z4XT sIZ5Ayg6CQkhvlXN0BH1o4sACCJG/RQFlHCHUHznJPSNsvGs9LnPTo6cWy3ZDcazOmBk Na+xDGQkaXkJtX3UGyZ8v7zUY+pUf23TZNElqvqbpbv9EEecuNr2HpK0J4LDuics1vZM eOBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=gLs5VWjZj67wF9V69S/c5rQrnTrokJQBP3huv34+oJQ=; b=AWIJsn5cSY2Fa6osPE29X725SRHgwKsoBfHirbMNkZWBSNyJ8QIwyrUBDMRWWe7i3u 4Xv42sS/8Bc8CV81uc15qKE4yGDyI36h693NObrWHLGgpfxlMvU2hfces9uNHJfr1duI plQVeBHfpDVSYVQ2MePrYq4IusJv8ZuXgzknUcQMHSDyYGSd0WmA4oClXg9hmPP9gIhS kydImWzpNwC6NlHTczoo4U8s2G2PHzF0n1Sm3YbdLZVkFXq65jD4UwqKGwMpDkEItGXa MfIpLTW0TeHdx6jyXdcEs7Q5vhF2OyJYAGc9tA5dxkkjhZuGX/6YD70BN4BUzEYR6mHA ASEQ== X-Gm-Message-State: AJaThX5H3KQjESJwg7fhpehegjdK47tWWHmmQ+fjAfdzHzn2JjL52C2n h+61mQowjYVkzDyYO2GfXLA8xhQbIfJKzdEKN1UfDA== X-Received: by 10.107.88.15 with SMTP id m15mr21529752iob.51.1510790273872; Wed, 15 Nov 2017 15:57:53 -0800 (PST) MIME-Version: 1.0 Received: by 10.79.210.18 with HTTP; Wed, 15 Nov 2017 15:57:13 -0800 (PST) In-Reply-To: <20171020143059.3291-1-brijesh.singh@amd.com> References: <20171020143059.3291-1-brijesh.singh@amd.com> From: Steve Rutherford Date: Wed, 15 Nov 2017 15:57:13 -0800 Message-ID: Subject: Re: [Part1 PATCH v7 00/17] x86: Secure Encrypted Virtualization (AMD) To: Brijesh Singh Cc: x86@kernel.org, KVM list , LKML , Borislav Petkov , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Borislav Petkov , Andy Lutomirski , Tom Lendacky , Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LDg+KAnsOCIG3Dg8aSw4LCocOD4oCmw6LigJ7Cog==?= Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org One piece that seems missing here is the handling of the vmm communication exception. What's the plan for non-automatic exits? In particular, what's the plan for emulated devices that are currently accessed through MMIO (e.g. the IOAPIC)? Maybe I'm getting ahead of myself: What's the testing story? (since I don't think linux would boot with these patches, I'm curious what you are doing to ensure these pieces work) On Fri, Oct 20, 2017 at 7:30 AM, Brijesh Singh wrot= e: > This part of Secure Encrypted Virtualization (SEV) series focuses on the > changes required in a guest OS for SEV support. > > When SEV is active, the memory content of guest OS will be transparently > encrypted with a key unique to the guest VM. > > SEV guests have concept of private and shared memory. Private memory is > encrypted with the guest-specific key, while shared memory may be encrypt= ed with > hypervisor key. Certain type of memory (namely insruction pages and guest= page > tables) are always treated as private. Due to security reasons all DMA > operations inside the guest must be performed on shared memory. > > The SEV feature is enabled by the hypervisor, and guest can identify it t= hrough > CPUID function and the 0xc0010131 (F17H_SEV) MSR. When enabled, page tabl= e > entries will determine how memory is accessed. If a page table entry has = the > memory encryption mask set, then that memory will be accessed using > guest-specific key. Certain memory (instruction pages, page tables) will = always > be accessed using guest-specific key. > > This patch series builds upon the Secure Memory Encryption (SME) feature.= Unlike > SME, when SEV is enabled, all the data (e.g EFI, kernel, initrd, etc) wil= l have > been placed into memory as encrypted by the guest BIOS. > > The approach that this patch series takes is to encrypt everything possib= le > starting early in the boot. Since the DMA operations inside guest must be > performed on shared memory hence it uses SW-IOTLB to complete the DMA ope= rations. > > The following links provide additional details: > > AMD Memory Encryption whitepaper: > http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory= _Encryption_Whitepaper_v7-Public.pdf > > AMD64 Architecture Programmer's Manual: > http://support.amd.com/TechDocs/24593.pdf > SME is section 7.10 > SEV is section 15.34 > > Secure Encrypted Virutualization Key Management: > http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf > > KVM Forum Presentation: > http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtuali= zatoin_Memory_Encryption_Technology.pdf > > SEV Guest BIOS support: > SEV support has been accepted into EDKII/OVMF BIOS > https://github.com/tianocore/edk2/commits/master > > Cc: Thomas Gleixner > Cc: Ingo Molnar > Cc: "H. Peter Anvin" > Cc: Borislav Petkov > Cc: Andy Lutomirski > Cc: Tom Lendacky > Cc: Brijesh Singh > Cc: Paolo Bonzini > Cc: "Radim Kr=C3=83=E2=80=9E=C3=82 m=C3=83=C6=92=C3=82=C2=A1=C3=83=E2=80= =A6=C3=A2=E2=80=9E=C2=A2" > Cc: kvm@vger.kernel.org > Cc: linux-kernel@vger.kernel.org > Cc: x86@kernel.org > > --- > This series is based on tip/master commit : 7ffee292ddca (Merge branch 'x= 86/urgent') > > Complete git tree is available: https://github.com/codomania/tip/tree/sev= -v7-p1 > > Changes since v6: > * include jump_label.h to fix the build error seen with one of the randc= onfig > > Changes since v5: > * enhance early_set_memory_decrypted() to do memory contents encrypt/dec= rypt in > addition to C bit changes. > > Changes since v4: > * rename per-CPU define to DEFINE_PER_CPU_DECRYPTED > * add more comments in per-CPU section definition > * rename __sev_active() to sev_key_active() to use more obivious naming > * changes to address v4 feedbacks > > Changes since v3: > * use static key to branch the unrolling of rep ins/outs when SEV is act= ive > * simplify the memory encryption detection logic > * rename per-cpu define to DEFINE_PER_CPU_UNENCRYPTED > * simplfy the logic to map per-cpu as unencrypted > * changes to address v3 feedbacks > > Changes since v2: > * add documentation > * update early_set_memory_* to use kernel_physical_mapping_init() > to split larger page into smaller (recommended by Boris) > * changes to address v2 feedback > * drop hypervisor specific patches, those patches will be included in pa= rt 2 > > Brijesh Singh (5): > Documentation/x86: Add AMD Secure Encrypted Virtualization (SEV) > description > x86: Add support for changing memory encryption attribute in early > boot > percpu: Introduce DEFINE_PER_CPU_DECRYPTED > X86/KVM: Decrypt shared per-cpu variables when SEV is active > X86/KVM: Clear encryption attribute when SEV is active > > Tom Lendacky (12): > x86/mm: Add Secure Encrypted Virtualization (SEV) support > x86/mm: Don't attempt to encrypt initrd under SEV > x86/realmode: Don't decrypt trampoline area under SEV > x86/mm: Use encrypted access of boot related data with SEV > x86/mm: Include SEV for encryption memory attribute changes > x86/efi: Access EFI data as encrypted when SEV is active > resource: Consolidate resource walking code > resource: Provide resource struct in resource walk callback > x86/mm, resource: Use PAGE_KERNEL protection for ioremap of memory > pages > x86/mm: Add DMA support for SEV memory encryption > x86/boot: Add early boot support when running with SEV active > x86/io: Unroll string I/O when SEV is active > > Documentation/x86/amd-memory-encryption.txt | 30 ++- > arch/powerpc/kernel/machine_kexec_file_64.c | 12 +- > arch/x86/boot/compressed/Makefile | 1 + > arch/x86/boot/compressed/head_64.S | 16 ++ > arch/x86/boot/compressed/mem_encrypt.S | 120 +++++++++++ > arch/x86/boot/compressed/misc.h | 2 + > arch/x86/boot/compressed/pagetable.c | 8 +- > arch/x86/entry/vdso/vma.c | 5 +- > arch/x86/include/asm/io.h | 43 +++- > arch/x86/include/asm/mem_encrypt.h | 14 ++ > arch/x86/include/asm/msr-index.h | 3 + > arch/x86/include/uapi/asm/kvm_para.h | 1 - > arch/x86/kernel/crash.c | 18 +- > arch/x86/kernel/kvm.c | 40 +++- > arch/x86/kernel/kvmclock.c | 65 +++++- > arch/x86/kernel/pmem.c | 2 +- > arch/x86/kernel/setup.c | 6 +- > arch/x86/mm/ioremap.c | 123 +++++++++--- > arch/x86/mm/mem_encrypt.c | 300 ++++++++++++++++++++++= +++++- > arch/x86/mm/pageattr.c | 4 +- > arch/x86/platform/efi/efi_64.c | 16 +- > arch/x86/realmode/init.c | 5 +- > include/asm-generic/vmlinux.lds.h | 19 ++ > include/linux/ioport.h | 7 +- > include/linux/kexec.h | 2 +- > include/linux/mem_encrypt.h | 7 +- > include/linux/percpu-defs.h | 15 ++ > kernel/kexec_file.c | 5 +- > kernel/resource.c | 76 ++++--- > lib/swiotlb.c | 5 +- > 30 files changed, 847 insertions(+), 123 deletions(-) > create mode 100644 arch/x86/boot/compressed/mem_encrypt.S > > -- > 2.9.5 > From 1581787886872450890@xxx Fri Oct 20 14:41:21 +0000 2017 X-GM-THRID: 1581787886872450890 X-Gmail-Labels: Inbox,Category Forums