Re: [RFC PATCH v2 00/32] x86: Secure Encrypted Virtualization (AMD)
Hi Bjorn, On 03/03/2017 02:33 PM, Bjorn Helgaas wrote: On Thu, Mar 02, 2017 at 10:12:01AM -0500, Brijesh Singh wrote: This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFCv4 [1]. What kernel version is this series based on? This patch series is based off of the master branch of tip. Commit a27cb9e1b2b4 ("Merge branch 'WIP.sched/core'") Tom's RFC v4 patches (http://marc.info/?l=linux-mm=148725973013686=2) Accidentally, I ended up rebasing SEV RFCv2 patches from updated SME v4 instead of original SME v4. So you may need to apply patch [1] [1] http://marc.info/?l=linux-mm=148857523132253=2 Optionally, I have posted the full git tree here [2] [2] https://github.com/codomania/tip/branches ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Re: [RFC PATCH v2 00/32] x86: Secure Encrypted Virtualization (AMD)
On Fri, Mar 03, 2017 at 02:33:23PM -0600, Bjorn Helgaas wrote: > On Thu, Mar 02, 2017 at 10:12:01AM -0500, Brijesh Singh wrote: > > This RFC series provides support for AMD's new Secure Encrypted > > Virtualization > > (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFCv4 > > [1]. > > What kernel version is this series based on? Yeah, see that mail in [1]: https://lkml.kernel.org/r/20170216154158.19244.66630.st...@tlendack-t1.amdoffice.net "This patch series is based off of the master branch of tip. Commit a27cb9e1b2b4 ("Merge branch 'WIP.sched/core'")" $ git describe a27cb9e1b2b4 v4.10-rc7-681-ga27cb9e1b2b4 So you need the SME pile first and then that SVE pile. But the first patch needs refreshing as it is using a different base than the SME pile. :-) Tom, Brijesh, perhaps you guys could push a full tree somewhere - github or so - for people to pull, in addition to the patchset on lkml. Thanks. -- Regards/Gruss, Boris. SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) -- ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
Re: [RFC PATCH v2 00/32] x86: Secure Encrypted Virtualization (AMD)
On Thu, Mar 02, 2017 at 10:12:01AM -0500, Brijesh Singh wrote: > This RFC series provides support for AMD's new Secure Encrypted Virtualization > (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFCv4 > [1]. What kernel version is this series based on? ___ devel mailing list de...@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
[RFC PATCH v2 00/32] x86: Secure Encrypted Virtualization (AMD)
This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. This RFC is build upon Secure Memory Encryption (SME) RFCv4 [1]. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. When enabled, SEV hardware tags all code and data with its VM ASID which indicates which VM the data originated from or is intended for. This tag is kept with the data at all times when inside the SOC, and prevents that data from being used by anyone other than the owner. While the tag protects VM data inside the SOC, AES with 128 bit encryption protects data outside the SOC. When data leaves or enters the SOC, it is encrypted/decrypted respectively by hardware with a key based on the associated tag. SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit, and is fully controlled by the guest. Due to security reasons all the DMA operations inside the guest must be performed on shared pages (C-bit clear). Note that since C-bit is only controllable by the guest OS when it is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the C-bit to a 1. SEV is designed to protect guest VMs from a benign but vulnerable (i.e. not fully malicious) hypervisor. In particular, it reduces the attack surface of guest VMs and can prevent certain types of VM-escape bugs (e.g. hypervisor read-anywhere) from being used to steal guest data. The RFC series also expands crypto driver (ccp.ko) to include the support for Platform Security Processor (PSP) which is used for communicating with SEV firmware that runs within the AMD secure processor providing a secure key management interfaces. The hypervisor uses this interface to encrypt the bootstrap code and perform common activities such as launching, running, snapshotting, migrating and debugging encrypted guest. A new ioctl (KVM_MEMORY_ENCRYPT_OP) is introduced which can be used by Qemu to issue SEV guest life cycle commands. The RFC series also includes patches required in guest OS to enable SEV feature. A guest OS can check SEV support by calling KVM_FEATURE cpuid instruction. The patch breakdown: * [1 - 17]: guest OS specific changes when SEV is active * [18]: already queued in kvm upstream tree but was not in tip tree hence its included so that build does not fail * [19 - 21]: since CCP and PSP shares the same PCIe ID hence the patch expands the CCP driver by creating a high level AMD Secure Processor (SP) framework to allow integration of PSP device into ccp.ko. * [22 - 32]: hypervisor changes to support memory encryption The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf KVM Forum Presentation: http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf [1] http://marc.info/?l=linux-kernel=148725974113693=2 --- Based on the feedbacks, we have started adding the SEV guest support in OVMF BIOS. This series has been tested using EDK2/OVMF BIOS, the initial EDK2 patches has been submmited on edk2 mailing list for discussion. TODO: - add support for migration commands - update QEMU RFC's to SEV spec 0.14 - investigate virtio and vfio support for SEV guest - investigate SMM support for SEV guest - add support for nested virtualization Changes since v1: - update to newer SEV key management API spec (0.12 -> 0.14) - expand the CCP driver and integrate the PSP interface support - remove the usage of SEV ref_count and release the SEV FW resources in kvm_x86_ops->vm_destroy - acquire the kvm->lock before executing the SEV commands and release on exit. - rename ioctl from KVM_SEV_ISSUE_CMD to KVM_MEMORY_ENCRYPT_OP - extend KVM_MEMORY_ENCRYPT_OP ioctl to require file descriptor for the SEV device. A program without access to /dev/sev will not be able to issue SEV commands - update vmcb on succesful LAUNCH_FINISH to indicate that SEV is active - serveral fixes based on Paolo's review feedbacks - add APIs to support sharing the guest physical address with hypervisor - update kvm pvclock driver to use the shared buffer when SEV is active - pin the SEV guest memory Brijesh Singh (18): x86: mm: Provide