From: Kai Huang <kaih.linux@gmail.com>
To: pbonzini@redhat.com, rkrcmar@redhat.com, kvm@vger.kernel.org
Subject: [PATCH 08/10] kvm: vmx: add guest's IA32_SGXLEPUBKEYHASHn runtime switch support
Date: Mon, 8 May 2017 17:24:31 +1200 [thread overview]
Message-ID: <20170508052434.3627-9-kai.huang@linux.intel.com> (raw)
In-Reply-To: <20170508052434.3627-1-kai.huang@linux.intel.com>
If SGX runtime launch control is enabled on host (IA32_FEATURE_CONTROL[17]
is set), KVM can support running multiple guests with each running LE signed
with different RSA pubkey. KVM traps IA32_SGXLEPUBKEYHASHn MSR write from
and keeps the values to vcpu internally, and when vcpu is scheduled in, KVM
write those values to real IA32_SGXLEPUBKEYHASHn MSR.
Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
---
arch/x86/include/asm/msr-index.h | 5 ++
arch/x86/kvm/vmx.c | 123 +++++++++++++++++++++++++++++++++++++++
2 files changed, 128 insertions(+)
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index e3770f570bb9..70482b951b0f 100644
--- a/arch/x86/include/asm/msr-index.h
+++ b/arch/x86/include/asm/msr-index.h
@@ -417,6 +417,11 @@
#define MSR_IA32_TSC_ADJUST 0x0000003b
#define MSR_IA32_BNDCFGS 0x00000d90
+#define MSR_IA32_SGXLEPUBKEYHASH0 0x0000008c
+#define MSR_IA32_SGXLEPUBKEYHASH1 0x0000008d
+#define MSR_IA32_SGXLEPUBKEYHASH2 0x0000008e
+#define MSR_IA32_SGXLEPUBKEYHASH3 0x0000008f
+
#define MSR_IA32_XSS 0x00000da0
#define FEATURE_CONTROL_LOCKED (1<<0)
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index a16539594a99..c96332b9dd44 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -656,6 +656,9 @@ struct vcpu_vmx {
*/
u64 msr_ia32_feature_control;
u64 msr_ia32_feature_control_valid_bits;
+
+ /* SGX Launch Control public key hash */
+ u64 msr_ia32_sgxlepubkeyhash[4];
};
enum segment_cache_field {
@@ -2244,6 +2247,70 @@ static void decache_tsc_multiplier(struct vcpu_vmx *vmx)
vmcs_write64(TSC_MULTIPLIER, vmx->current_tsc_ratio);
}
+static bool cpu_sgx_lepubkeyhash_writable(void)
+{
+ u64 val, sgx_lc_enabled_mask = (FEATURE_CONTROL_LOCKED |
+ FEATURE_CONTROL_SGX_LAUNCH_CONTROL_ENABLE);
+
+ rdmsrl(MSR_IA32_FEATURE_CONTROL, val);
+
+ return ((val & sgx_lc_enabled_mask) == sgx_lc_enabled_mask);
+}
+
+static bool vmx_sgx_lc_disabled_in_bios(struct kvm_vcpu *vcpu)
+{
+ return (to_vmx(vcpu)->msr_ia32_feature_control & FEATURE_CONTROL_LOCKED)
+ && (!(to_vmx(vcpu)->msr_ia32_feature_control &
+ FEATURE_CONTROL_SGX_LAUNCH_CONTROL_ENABLE));
+}
+
+#define SGX_INTEL_DEFAULT_LEPUBKEYHASH0 0xa6053e051270b7ac
+#define SGX_INTEL_DEFAULT_LEPUBKEYHASH1 0x6cfbe8ba8b3b413d
+#define SGX_INTEL_DEFAULT_LEPUBKEYHASH2 0xc4916d99f2b3735d
+#define SGX_INTEL_DEFAULT_LEPUBKEYHASH3 0xd4f8c05909f9bb3b
+
+static void vmx_sgx_init_lepubkeyhash(struct kvm_vcpu *vcpu)
+{
+ u64 h0, h1, h2, h3;
+
+ /*
+ * If runtime launch control is enabled (IA32_SGXLEPUBKEYHASHn is
+ * writable), we set guest's default value to be Intel's default
+ * hash (which is fixed value and can be hard-coded). Otherwise,
+ * guest can only use machine's IA32_SGXLEPUBKEYHASHn so set guest's
+ * default to that.
+ */
+ if (cpu_sgx_lepubkeyhash_writable()) {
+ h0 = SGX_INTEL_DEFAULT_LEPUBKEYHASH0;
+ h1 = SGX_INTEL_DEFAULT_LEPUBKEYHASH1;
+ h2 = SGX_INTEL_DEFAULT_LEPUBKEYHASH2;
+ h3 = SGX_INTEL_DEFAULT_LEPUBKEYHASH3;
+ }
+ else {
+ rdmsrl(MSR_IA32_SGXLEPUBKEYHASH0, h0);
+ rdmsrl(MSR_IA32_SGXLEPUBKEYHASH1, h1);
+ rdmsrl(MSR_IA32_SGXLEPUBKEYHASH2, h2);
+ rdmsrl(MSR_IA32_SGXLEPUBKEYHASH3, h3);
+ }
+
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[0] = h0;
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[1] = h1;
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[2] = h2;
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[3] = h3;
+}
+
+static void vmx_sgx_lepubkeyhash_load(struct kvm_vcpu *vcpu)
+{
+ wrmsrl(MSR_IA32_SGXLEPUBKEYHASH0,
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[0]);
+ wrmsrl(MSR_IA32_SGXLEPUBKEYHASH1,
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[1]);
+ wrmsrl(MSR_IA32_SGXLEPUBKEYHASH2,
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[2]);
+ wrmsrl(MSR_IA32_SGXLEPUBKEYHASH3,
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[3]);
+}
+
/*
* Switches to specified vcpu, until a matching vcpu_put(), but assumes
* vcpu mutex is already taken.
@@ -2316,6 +2383,14 @@ static void vmx_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
vmx_vcpu_pi_load(vcpu, cpu);
vmx->host_pkru = read_pkru();
+
+ /*
+ * Load guset's SGX LE pubkey hash if runtime launch control is
+ * enabled.
+ */
+ if (guest_cpuid_has_sgx_launch_control(vcpu) &&
+ cpu_sgx_lepubkeyhash_writable())
+ vmx_sgx_lepubkeyhash_load(vcpu);
}
static void vmx_vcpu_pi_put(struct kvm_vcpu *vcpu)
@@ -3225,6 +3300,19 @@ static int vmx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
case MSR_IA32_FEATURE_CONTROL:
msr_info->data = to_vmx(vcpu)->msr_ia32_feature_control;
break;
+ case MSR_IA32_SGXLEPUBKEYHASH0 ... MSR_IA32_SGXLEPUBKEYHASH3:
+ /*
+ * SDM 35.1 Model-Specific Registers, table 35-2.
+ * Read permitted if CPUID.0x12.0:EAX[0] = 1. (We have
+ * guaranteed this will be true if guest_cpuid_has_sgx
+ * is true.)
+ */
+ if (!guest_cpuid_has_sgx(vcpu))
+ return 1;
+ msr_info->data =
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[msr_info->index -
+ MSR_IA32_SGXLEPUBKEYHASH0];
+ break;
case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC:
if (!nested_vmx_allowed(vcpu))
return 1;
@@ -3344,6 +3432,37 @@ static int vmx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr_info)
* SGX has been enabled in BIOS before using SGX.
*/
break;
+ case MSR_IA32_SGXLEPUBKEYHASH0 ... MSR_IA32_SGXLEPUBKEYHASH3:
+ /*
+ * SDM 35.1 Model-Specific Registers, table 35-2.
+ * - If CPUID.0x7.0:ECX[30] = 1, FEATURE_CONTROL[17] is
+ * available.
+ * - Write permitted if CPUID.0x12.0:EAX[0] = 1 &&
+ * FEATURE_CONTROL[17] = 1 && FEATURE_CONTROL[0] = 1.
+ */
+ if (!guest_cpuid_has_sgx(vcpu) ||
+ !guest_cpuid_has_sgx_launch_control(vcpu))
+ return 1;
+ /*
+ * Don't let userspace set guest's IA32_SGXLEPUBKEYHASHn,
+ * if machine's IA32_SGXLEPUBKEYHASHn cannot be changed at
+ * runtime. Note to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash are
+ * set to default in vmx_create_vcpu therefore guest is able
+ * to get the machine's IA32_SGXLEPUBKEYHASHn by rdmsr in
+ * guest.
+ */
+ if (!cpu_sgx_lepubkeyhash_writable())
+ return 1;
+ /*
+ * If guest's FEATURE_CONTROL[17] is not set, guest's
+ * IA32_SGXLEPUBKEYHASHn are not writeable from guest.
+ */
+ if (!vmx_sgx_lc_disabled_in_bios(vcpu) &&
+ !msr_info->host_initiated)
+ return 1;
+ to_vmx(vcpu)->msr_ia32_sgxlepubkeyhash[msr_index -
+ MSR_IA32_SGXLEPUBKEYHASH0] = data;
+ break;
case MSR_IA32_VMX_BASIC ... MSR_IA32_VMX_VMFUNC:
if (!msr_info->host_initiated)
return 1; /* they are read-only */
@@ -9305,6 +9424,10 @@ static struct kvm_vcpu *vmx_create_vcpu(struct kvm *kvm, unsigned int id)
vmx->nested.vpid02 = allocate_vpid();
}
+ /* Set vcpu's default IA32_SGXLEPUBKEYHASHn */
+ if (enable_sgx && boot_cpu_has(X86_FEATURE_SGX_LAUNCH_CONTROL))
+ vmx_sgx_init_lepubkeyhash(&vmx->vcpu);
+
vmx->nested.posted_intr_nv = -1;
vmx->nested.current_vmptr = -1ull;
vmx->nested.current_vmcs12 = NULL;
--
2.11.0
next prev parent reply other threads:[~2017-05-08 5:25 UTC|newest]
Thread overview: 78+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-08 5:24 [RFC PATCH 00/10] Basic KVM SGX Virtualization support Kai Huang
2017-05-08 5:24 ` [PATCH 01/10] x86: add SGX Launch Control definition to cpufeature Kai Huang
2017-05-08 5:24 ` [PATCH 02/10] kvm: vmx: add ENCLS VMEXIT detection Kai Huang
2017-05-08 5:24 ` [PATCH 03/10] kvm: vmx: detect presence of host SGX driver Kai Huang
2017-05-08 5:24 ` [PATCH 04/10] kvm: sgx: new functions to init and destory SGX for guest Kai Huang
2017-05-08 5:24 ` [PATCH 05/10] kvm: x86: add KVM_GET_SUPPORTED_CPUID SGX support Kai Huang
2017-05-08 5:24 ` [PATCH 06/10] kvm: x86: add KVM_SET_CPUID2 " Kai Huang
2017-05-08 5:24 ` [PATCH 07/10] kvm: vmx: add SGX IA32_FEATURE_CONTROL MSR emulation Kai Huang
2017-05-08 5:24 ` Kai Huang [this message]
2017-05-12 0:32 ` [PATCH 08/10] kvm: vmx: add guest's IA32_SGXLEPUBKEYHASHn runtime switch support Huang, Kai
2017-05-12 3:28 ` [intel-sgx-kernel-dev] " Andy Lutomirski
2017-05-12 4:56 ` Huang, Kai
2017-05-12 6:11 ` Andy Lutomirski
2017-05-12 18:48 ` Christopherson, Sean J
2017-05-12 20:50 ` Christopherson, Sean J
2017-05-16 0:59 ` Huang, Kai
2017-05-16 1:22 ` Huang, Kai
2017-05-16 0:48 ` Huang, Kai
2017-05-16 14:21 ` Paolo Bonzini
2017-05-18 7:54 ` Huang, Kai
2017-05-18 8:58 ` Paolo Bonzini
2017-05-17 0:09 ` Andy Lutomirski
2017-05-18 7:45 ` Huang, Kai
2017-06-06 20:52 ` Huang, Kai
2017-06-06 21:22 ` Andy Lutomirski
2017-06-06 22:51 ` Huang, Kai
2017-06-07 14:45 ` Cohen, Haim
2017-06-08 12:31 ` Jarkko Sakkinen
2017-06-08 23:47 ` Huang, Kai
2017-06-08 23:53 ` Andy Lutomirski
2017-06-09 15:38 ` Cohen, Haim
2017-06-10 12:23 ` Jarkko Sakkinen
2017-06-11 22:45 ` Huang, Kai
2017-06-12 8:36 ` Jarkko Sakkinen
2017-06-12 9:53 ` Huang, Kai
2017-06-12 16:24 ` Andy Lutomirski
2017-06-12 22:08 ` Huang, Kai
2017-06-12 23:00 ` Andy Lutomirski
2017-06-16 3:46 ` Huang, Kai
2017-06-16 4:11 ` Andy Lutomirski
2017-06-16 4:33 ` Huang, Kai
2017-06-16 9:34 ` Huang, Kai
2017-06-16 16:03 ` Andy Lutomirski
2017-06-16 16:25 ` Andy Lutomirski
2017-06-16 16:31 ` Christopherson, Sean J
2017-06-16 16:43 ` Andy Lutomirski
2017-06-13 18:57 ` Jarkko Sakkinen
2017-06-13 19:05 ` Jarkko Sakkinen
2017-06-13 20:13 ` Sean Christopherson
2017-06-14 9:37 ` Jarkko Sakkinen
2017-06-14 15:11 ` Christopherson, Sean J
2017-06-14 17:03 ` Jarkko Sakkinen
2017-06-13 23:28 ` Huang, Kai
2017-06-14 9:44 ` Jarkko Sakkinen
2017-07-19 15:04 ` Sean Christopherson
2017-05-15 12:46 ` Jarkko Sakkinen
2017-05-15 23:56 ` Huang, Kai
2017-05-16 14:23 ` Paolo Bonzini
2017-05-17 14:21 ` Sean Christopherson
2017-05-18 8:14 ` Huang, Kai
2017-05-20 21:55 ` Andy Lutomirski
2017-05-23 5:43 ` Huang, Kai
2017-05-23 5:55 ` Huang, Kai
2017-05-23 16:34 ` Andy Lutomirski
2017-05-23 16:43 ` Paolo Bonzini
2017-05-24 8:20 ` Huang, Kai
2017-05-20 13:23 ` Jarkko Sakkinen
2017-05-08 5:24 ` [PATCH 09/10] kvm: vmx: handle ENCLS VMEXIT Kai Huang
2017-05-08 8:08 ` Paolo Bonzini
2017-05-10 1:30 ` Huang, Kai
2017-05-08 5:24 ` [PATCH 10/10] kvm: vmx: handle VMEXIT from SGX Enclave Kai Huang
2017-05-08 8:22 ` Paolo Bonzini
2017-05-11 9:34 ` Huang, Kai
2017-06-19 5:02 ` Huang, Kai
2017-06-27 15:29 ` Radim Krčmář
2017-06-28 22:22 ` Huang, Kai
2017-05-08 5:24 ` [PATCH 11/11] kvm: vmx: workaround FEATURE_CONTROL[17] is not set by BIOS Kai Huang
2017-05-08 5:29 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170508052434.3627-9-kai.huang@linux.intel.com \
--to=kaih.linux@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.