From: Brijesh Singh <brijesh.singh@amd.com>
To: x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: "Brijesh Singh" <brijesh.singh@amd.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Joerg Roedel" <joro@8bytes.org>, "Borislav Petkov" <bp@suse.de>,
"Tom Lendacky" <thomas.lendacky@amd.com>
Subject: [Part2 PATCH v5 16/31] KVM: Define SEV key management command id
Date: Wed, 4 Oct 2017 08:13:57 -0500 [thread overview]
Message-ID: <20171004131412.13038-17-brijesh.singh@amd.com> (raw)
In-Reply-To: <20171004131412.13038-1-brijesh.singh@amd.com>
Define Secure Encrypted Virtualization (SEV) key management command id
and structure. The command definition is available in SEV KM [1] spec
0.14 and Documentation/virtual/kvm/amd-memory-encryption.txt
[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Borislav Petkov <bp@suse.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
.../virtual/kvm/amd-memory-encryption.txt | 191 +++++++++++++++++++++
include/uapi/linux/kvm.h | 79 +++++++++
2 files changed, 270 insertions(+)
diff --git a/Documentation/virtual/kvm/amd-memory-encryption.txt b/Documentation/virtual/kvm/amd-memory-encryption.txt
index 26472b4cdbaf..8c79946b4d43 100644
--- a/Documentation/virtual/kvm/amd-memory-encryption.txt
+++ b/Documentation/virtual/kvm/amd-memory-encryption.txt
@@ -36,3 +36,194 @@ setting the SEV bit before executing VMRUN.
SEV hardware uses ASIDs to associate a memory encryption key with a VM.
Hence, the ASID for the SEV-enabled guests must be from 1 to a maximum value
defined in the CPUID 0x8000001f[ecx] field.
+
+SEV Key Management
+------------------
+The Key management for the SEV guest is handled by a separate processor known as
+the AMD Secure Processor (AMD-SP). Firmware running inside the AMD-SP provides a
+secure key management interface to perform common hypervisor activities such as
+encrypting bootstrap code, snapshot, migrating and debugging the guest. For
+more information, see SEV Key Management spec at
+
+http://support.amd.com/TechDocs/55766_SEV-KM%20API_Specification.pdf
+
+KVM implements the following commands to support SEV guests common lifecycle
+events such as launching, running, snapshotting, migrating and decommissioning
+guests.
+
+1. KVM_SEV_INIT
+
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_INIT command is used by the hypervisor to initialize the SEV platform
+context. In a typical workflow, this command should be the first command issued.
+
+2. KVM_SEV_LAUNCH_START
+
+Parameters: struct kvm_sev_launch_start (in/out)
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_LAUNCH_START command is used for creating the memory encryption
+context. To create the encryption context, user must provide a guest policy,
+the owner's public Diffie-Hellman (PDH) key and session information.
+
+struct kvm_sev_launch_start {
+ /* if zero then firmware creates a new handle */
+ __u32 handle;
+
+ /* guest's policy */
+ __u32 policy;
+
+ /* userspace address pointing to the guest owner's PDH key */
+ __u64 dh_uaddr;
+ __u32 dh_len;
+
+ /* userspace address which points to the guest session information */
+ __u64 session_addr;
+ __u32 session_len;
+};
+
+On success, the 'handle' field contain a new handle and on error, a negative value.
+
+For more details, see SEV spec Section 6.2.
+
+3. KVM_SEV_LAUNCH_UPDATE_DATA
+
+Parameters (in): struct kvm_sev_launch_update_data
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_LAUNCH_UPDATE_DATA is used for encrypting the memory region. It also
+calculates a measurement of the memory contents. The measurement is a signature
+of the memory contents that can be sent to the guest owner as an attestation
+that the memory was encrypted correctly by the firmware.
+
+struct kvm_sev_launch_update {
+ /* userspace address need to be encrypted (must be 16-byte aligned) */
+ __u64 uaddr;
+
+ /* length of the data to be encrypted (must be 16-byte aligned) */
+ __u32 len;
+};
+
+For more details, see SEV spec Section 6.3.
+
+4. KVM_SEV_LAUNCH_MEASURE
+
+Parameters (in): struct kvm_sev_launch_measure
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_LAUNCH_MEASURE command is used to retrieve the measurement
+of the data encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA. The guest owner
+may wait to provide the guest with confidential information until it can
+verify the measurement. Since the guest owner knows the initial contents
+of the guest at boot, the measurement can be verified by comparing it to
+what the guest owner expects.
+
+struct kvm_sev_launch_measure {
+ /* where to copy the measurement */
+ __u64 uaddr;
+
+ /* length of measurement blob */
+ __u32 len;
+};
+
+For more details on the measurement verification flow, see SEV spec Section 6.4
+
+5. KVM_SEV_LAUNCH_FINISH
+
+Returns: 0 on success, -negative on error
+
+After completion of the launch flow, the KVM_SEV_LAUNCH_FINISH command can be
+issued to make the guest ready for the execution.
+
+6. KVM_SEV_GUEST_STATUS
+
+Parameters (out): struct kvm_sev_guest_status
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_GUEST_STATUS command is used to retrieve status information about a
+SEV-enabled guest.
+
+struct kvm_sev_guest_status {
+ /* guest handle */
+ __u32 handle;
+
+ /* guest policy */
+ __u32 policy;
+
+ /* guest state (see below) */
+ __u8 state;
+};
+
+SEV guest state:
+
+enum {
+ SEV_STATE_INVALID = 0;
+ SEV_STATE_LAUNCHING, /* guest is currently being launched */
+ SEV_STATE_SECRET, /* guest is being launched and ready to accept the ciphertext data */
+ SEV_STATE_RUNNING, /* guest is fully launched and running */
+ SEV_STATE_RECEIVING, /* guest is being migrated in from another SEV machine */
+ SEV_STATE_SENDING /* guest is getting migrated out to another SEV machine */
+};
+
+7. KVM_SEV_DBG_DECRYPT
+
+Parameters (in): struct kvm_sev_dbg
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_DEBUG_DECRYPT command can be used by the hypervisor to request the
+firmware to decrypt the data at the given memory region.
+
+struct kvm_sev_dbg {
+ /* userspace address of data to decrypt */
+ __u64 src_uaddr;
+ /* userspace address of destination */
+ __u64 dst_uaddr;
+
+ /* length of memory region to decrypt */
+ __u32 len;
+};
+
+The command returns an error if guest policy does not allow debugging.
+
+8. KVM_SEV_DBG_ENCRYPT
+
+Parameters (in): struct kvm_sev_dbg
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_DEBUG_ENCRYPT command can be used by the hypervisor to request the
+firmware to encrypt the data at the given memory region.
+
+struct kvm_sev_dbg {
+ /* userspace address of data to encrypt */
+ __u64 src_uaddr;
+ /* userspace address of destination */
+ __u64 dst_uaddr;
+
+ /* length of memory region to encrypt */
+ __u32 len;
+};
+
+The command returns an error if guest policy does not allow debugging.
+
+9. KVM_SEV_LAUNCH_SECRET
+
+Parameters (in): struct kvm_sev_launch_secret
+Returns: 0 on success, -negative on error
+
+The KVM_SEV_LAUNCH_SECRET command can be used by the hypervisor to inject a secret
+data after the measurement has been validated by the guest owner.
+
+struct kvm_sev_launch_secret {
+ /* userspace address containing the packet header */
+ __u64 hdr_uaddr;
+ __u32 hdr_len;
+
+ /* the guest memory region where the secret should be injected */
+ __u64 guest_uaddr;
+ __u32 guest_len;
+
+ /* the hypervisor memory region which contains the secret */
+ __u64 trans_uaddr;
+ __u32 trans_len;
+};
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index d595d3970390..115c75156711 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -1368,6 +1368,85 @@ struct kvm_enc_region {
struct kvm_enc_region)
#define KVM_MEMORY_ENCRYPT_UNREGISTER_REGION _IOR(KVMIO, 0xbc,\
struct kvm_enc_region)
+/* Secure Encrypted Virtualization command */
+enum sev_cmd_id {
+ /* Guest initialization commands */
+ KVM_SEV_INIT = 0,
+ KVM_SEV_ES_INIT,
+ /* Guest launch commands */
+ KVM_SEV_LAUNCH_START,
+ KVM_SEV_LAUNCH_UPDATE_DATA,
+ KVM_SEV_LAUNCH_UPDATE_VMSA,
+ KVM_SEV_LAUNCH_SECRET,
+ KVM_SEV_LAUNCH_MEASURE,
+ KVM_SEV_LAUNCH_FINISH,
+ /* Guest migration commands (outgoing) */
+ KVM_SEV_SEND_START,
+ KVM_SEV_SEND_UPDATE_DATA,
+ KVM_SEV_SEND_UPDATE_VMSA,
+ KVM_SEV_SEND_FINISH,
+ /* Guest migration commands (incoming) */
+ KVM_SEV_RECEIVE_START,
+ KVM_SEV_RECEIVE_UPDATE_DATA,
+ KVM_SEV_RECEIVE_UPDATE_VMSA,
+ KVM_SEV_RECEIVE_FINISH,
+ /* Guest status and debug commands */
+ KVM_SEV_GUEST_STATUS,
+ KVM_SEV_DBG_DECRYPT,
+ KVM_SEV_DBG_ENCRYPT,
+ /* Guest certificates commands */
+ KVM_SEV_CERT_EXPORT,
+
+ KVM_SEV_NR_MAX,
+};
+
+struct kvm_sev_cmd {
+ __u32 id;
+ __u64 data;
+ __u32 error;
+ __u32 sev_fd;
+};
+
+struct kvm_sev_launch_start {
+ __u32 handle;
+ __u32 policy;
+ __u64 dh_uaddr;
+ __u32 dh_len;
+ __u64 session_uaddr;
+ __u32 session_len;
+};
+
+struct kvm_sev_launch_update_data {
+ __u64 uaddr;
+ __u32 len;
+};
+
+
+struct kvm_sev_launch_secret {
+ __u64 hdr_uaddr;
+ __u32 hdr_len;
+ __u64 guest_uaddr;
+ __u32 guest_len;
+ __u64 trans_uaddr;
+ __u32 trans_len;
+};
+
+struct kvm_sev_launch_measure {
+ __u64 uaddr;
+ __u32 len;
+};
+
+struct kvm_sev_guest_status {
+ __u32 handle;
+ __u32 policy;
+ __u32 state;
+};
+
+struct kvm_sev_dbg {
+ __u64 src_uaddr;
+ __u64 dst_uaddr;
+ __u32 len;
+};
#define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0)
#define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1)
--
2.9.5
next prev parent reply other threads:[~2017-10-04 13:15 UTC|newest]
Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-04 13:13 [Part2 PATCH v5 00/31] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 01/31] Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization (SEV) Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 02/31] x86/CPU/AMD: Add the Secure Encrypted Virtualization CPU feature Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 03/31] kvm: svm: prepare for new bit definition in nested_ctl Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 04/31] kvm: svm: Add SEV feature definitions to KVM Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 05/31] KVM: SVM: Prepare to reserve asid for SEV guest Brijesh Singh
2017-10-04 14:33 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 06/31] KVM: X86: Extend CPUID range to include new leaf Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 07/31] KVM: Introduce KVM_MEMORY_ENCRYPT_OP ioctl Brijesh Singh
2017-10-04 14:50 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 08/31] KVM: Introduce KVM_MEMORY_ENCRYPT_REGISTER_REGION ioctl Brijesh Singh
2017-10-04 15:19 ` Borislav Petkov
2017-10-04 17:18 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 09/31] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support Brijesh Singh
2017-10-04 21:47 ` Borislav Petkov
2017-10-04 23:06 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 10/31] crypto: ccp: Add Platform Security Processor (PSP) device support Brijesh Singh
2017-10-05 9:56 ` Borislav Petkov
2017-10-06 23:09 ` [Part2 PATCH v5.1 " Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 11/31] crypto: ccp: Define SEV key management command id Brijesh Singh
2017-10-05 20:56 ` Borislav Petkov
2017-10-08 21:14 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 12/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Brijesh Singh
2017-10-06 18:49 ` Borislav Petkov
2017-10-06 19:48 ` Brijesh Singh
2017-10-07 18:13 ` Brijesh Singh
2017-10-07 1:05 ` [Part2 PATCH v5.1 12.1/31] " Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.2/31] crypto: ccp: Define SEV userspace ioctl and command id Brijesh Singh
2017-10-07 14:20 ` Borislav Petkov
2017-10-08 21:18 ` Brijesh Singh
2017-10-11 16:46 ` [Part2 PATCH v5.2 12.1/31] " Brijesh Singh
2017-10-12 13:27 ` Borislav Petkov
2017-10-12 14:18 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.3/31] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command Brijesh Singh
2017-10-11 14:32 ` Borislav Petkov
2017-10-11 16:55 ` [Part2 PATCH v5.2 " Brijesh Singh
2017-10-12 14:13 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS " Brijesh Singh
2017-10-11 17:01 ` [Part2 PATCH v5.2 " Brijesh Singh
2017-10-11 17:02 ` [Part2 PATCH v5.1 " Borislav Petkov
2017-10-11 19:49 ` Brijesh Singh
2017-10-11 20:04 ` Borislav Petkov
2017-10-11 20:10 ` Borislav Petkov
2017-10-11 20:10 ` Brijesh Singh
2017-10-11 20:28 ` Borislav Petkov
2017-10-11 20:45 ` Brijesh Singh
2017-10-11 20:53 ` Brijesh Singh
2017-10-11 20:54 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN " Brijesh Singh
2017-10-12 18:28 ` Borislav Petkov
2017-10-12 20:11 ` Brijesh Singh
2017-10-12 20:21 ` Borislav Petkov
2017-10-12 20:34 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.6/31] crypto: ccp: Implement SEV_PDH_GEN " Brijesh Singh
2017-10-12 18:48 ` Borislav Petkov
2017-10-12 20:21 ` Brijesh Singh
2017-10-12 20:23 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.7/31] crypto: ccp: Implement SEV_PEK_CSR " Brijesh Singh
2017-10-12 19:53 ` Borislav Petkov
2017-10-13 2:24 ` Brijesh Singh
2017-10-13 4:13 ` Brijesh Singh
2017-10-13 10:20 ` Borislav Petkov
2017-10-13 9:14 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.8/31] crypto: ccp: Implement SEV_PEK_CERT_IMPORT " Brijesh Singh
2017-10-13 14:53 ` Borislav Petkov
2017-10-13 16:09 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.9/31] crypto: ccp: Implement SEV_PDH_CERT_EXPORT " Brijesh Singh
2017-10-13 15:01 ` Borislav Petkov
2017-10-07 18:40 ` [Part2 PATCH v5.1 12.1/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Borislav Petkov
2017-10-08 13:30 ` Brijesh Singh
2017-10-08 14:00 ` Borislav Petkov
2017-10-09 0:11 ` Brijesh Singh
2017-10-09 15:21 ` Borislav Petkov
2017-10-10 15:00 ` Brijesh Singh
2017-10-10 18:43 ` Tom Lendacky
2017-10-10 20:04 ` Borislav Petkov
2017-10-11 14:19 ` Borislav Petkov
2017-10-11 14:23 ` Brijesh Singh
2017-10-11 16:50 ` [Part2 PATCH v5.2 12.2/31] " Brijesh Singh
2017-10-12 14:08 ` Borislav Petkov
2017-10-12 21:11 ` Brijesh Singh
2017-10-12 21:41 ` Borislav Petkov
2017-10-12 21:52 ` Brijesh Singh
2017-10-12 22:22 ` Borislav Petkov
2017-10-12 18:21 ` Borislav Petkov
2017-10-12 20:05 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 13/31] KVM: X86: Add CONFIG_KVM_AMD_SEV Brijesh Singh
2017-10-13 16:44 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 14/31] KVM: SVM: Add sev module_param Brijesh Singh
2017-10-13 16:46 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 15/31] KVM: SVM: Reserve ASID range for SEV guest Brijesh Singh
2017-10-13 16:58 ` Borislav Petkov
2017-10-04 13:13 ` Brijesh Singh [this message]
2017-10-13 18:54 ` [Part2 PATCH v5 16/31] KVM: Define SEV key management command id Borislav Petkov
2017-10-14 10:06 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 17/31] KVM: SVM: Add KVM_SEV_INIT command Brijesh Singh
2017-10-14 9:21 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 18/31] KVM: SVM: VMRUN should use assosiated ASID when SEV is enabled Brijesh Singh
2017-10-14 9:27 ` Borislav Petkov
2017-10-04 13:14 ` [Part2 PATCH v5 19/31] KVM: SVM: Add support for KVM_SEV_LAUNCH_START command Brijesh Singh
2017-10-14 10:08 ` Borislav Petkov
2017-10-04 13:14 ` [Part2 PATCH v5 20/31] KVM: SVM: Add support for KVM_SEV_LAUNCH_UPDATE_DATA command Brijesh Singh
2017-10-14 14:59 ` Borislav Petkov
2017-10-04 13:14 ` [Part2 PATCH v5 21/31] KVM: SVM: Add support for KVM_SEV_LAUNCH_MEASURE command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 22/31] KVM: SVM: Add support for SEV LAUNCH_FINISH command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 23/31] KVM: SVM: Add support for SEV GUEST_STATUS command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 24/31] KVM: SVM: Add support for SEV DEBUG_DECRYPT command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 25/31] KVM: SVM: Add support for SEV DEBUG_ENCRYPT command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 26/31] KVM: SVM: Add support for SEV LAUNCH_SECRET command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 27/31] KVM: SVM: Pin guest memory when SEV is active Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 28/31] KVM: X86: Add memory encryption enabled ops Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 29/31] KVM: SVM: Clear C-bit from the page fault address Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171004131412.13038-17-brijesh.singh@amd.com \
--to=brijesh.singh@amd.com \
--cc=bp@suse.de \
--cc=hpa@zytor.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.