From: Brijesh Singh <brijesh.singh@amd.com>
To: x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: "Brijesh Singh" <brijesh.singh@amd.com>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Ingo Molnar" <mingo@redhat.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Radim Krčmář" <rkrcmar@redhat.com>,
"Joerg Roedel" <joro@8bytes.org>, "Borislav Petkov" <bp@suse.de>,
"Tom Lendacky" <thomas.lendacky@amd.com>
Subject: [Part2 PATCH v5 24/31] KVM: SVM: Add support for SEV DEBUG_DECRYPT command
Date: Wed, 4 Oct 2017 08:14:05 -0500 [thread overview]
Message-ID: <20171004131412.13038-25-brijesh.singh@amd.com> (raw)
In-Reply-To: <20171004131412.13038-1-brijesh.singh@amd.com>
The command is used for decrypting a guest memory region for debug
purposes.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Radim Krčmář" <rkrcmar@redhat.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: Borislav Petkov <bp@suse.de>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: x86@kernel.org
Cc: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
arch/x86/kvm/svm.c | 181 +++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 181 insertions(+)
diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c
index 693724c75e2d..373f6c34e006 100644
--- a/arch/x86/kvm/svm.c
+++ b/arch/x86/kvm/svm.c
@@ -6113,6 +6113,183 @@ static int sev_guest_status(struct kvm *kvm, struct kvm_sev_cmd *argp)
return ret;
}
+static int __sev_issue_dbg_cmd(struct kvm *kvm, unsigned long src,
+ unsigned long dst, int size,
+ int *error, bool enc)
+{
+ struct kvm_sev_info *sev = &kvm->arch.sev_info;
+ struct sev_data_dbg *data;
+ int ret;
+
+ data = kzalloc(sizeof(*data), GFP_KERNEL);
+ if (!data)
+ return -ENOMEM;
+
+ data->handle = sev->handle;
+ data->dst_addr = dst;
+ data->src_addr = src;
+ data->len = size;
+
+ ret = sev_issue_cmd(kvm,
+ enc ? SEV_CMD_DBG_ENCRYPT : SEV_CMD_DBG_DECRYPT,
+ data, error);
+ kfree(data);
+ return ret;
+}
+
+/*
+ * Decrypt source memory into userspace or kernel buffer. If destination buffer
+ * or len is not aligned to 16-byte boundary then it uses intermediate buffer.
+ */
+static int __sev_dbg_decrypt(struct kvm *kvm, unsigned long paddr,
+ unsigned long __user dst_uaddr,
+ unsigned long dst_kaddr, unsigned long dst_paddr,
+ int size, int *error)
+{
+ int ret, offset = 0, len = size;
+ struct page *tpage = NULL;
+
+ /*
+ * Debug command works with 16-byte aligned inputs, check if all inputs
+ * (src, dst and len) are 16-byte aligned. If one of the input is not
+ * aligned then we decrypt more than requested into a temporary buffer
+ * and copy the porition of data into destination buffer.
+ */
+ if (!IS_ALIGNED(paddr, 16) ||
+ !IS_ALIGNED(dst_paddr, 16) ||
+ !IS_ALIGNED(size, 16)) {
+ tpage = (void *)alloc_page(GFP_KERNEL);
+ if (!tpage)
+ return -ENOMEM;
+
+ dst_paddr = __sme_page_pa(tpage);
+
+ /*
+ * if source buffer is not aligned then offset will be used
+ * when copying the data from the temporary buffer into
+ * destination buffer.
+ */
+ offset = paddr & 15;
+
+ /* its safe to read more than requested size. */
+ len = round_up(size + offset, 16);
+
+ paddr = round_down(paddr, 16);
+
+ /*
+ * The PSP may write the memory region with different C-bit (e.g
+ * x86 cache may have a mapping with C=0 and PSP may write the same
+ * region with C=1) hence lets make sure we invalidate the caches
+ * so that we can see the recent contents after the command
+ * completes.
+ */
+ clflush_cache_range(page_address(tpage), PAGE_SIZE);
+ }
+
+ ret = __sev_issue_dbg_cmd(kvm, paddr, dst_paddr, len, error, false);
+
+ /*
+ * If temporary buffer is used then copy the data from temporary buffer
+ * into destination buffer.
+ */
+ if (!ret && tpage) {
+ /*
+ * If destination buffer is a userspace buffer then use
+ * copy_to_user otherwise memcpy.
+ */
+ if (dst_uaddr) {
+ if (copy_to_user((void __user *)(uintptr_t)dst_uaddr,
+ page_address(tpage) + offset, size))
+ ret = -EFAULT;
+ } else {
+ memcpy((void *)dst_kaddr, page_address(tpage) + offset, size);
+ }
+ }
+
+ if (tpage)
+ __free_page(tpage);
+
+ return ret;
+}
+
+static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec)
+{
+ unsigned long vaddr, vaddr_end, next_vaddr;
+ unsigned long dst_vaddr, dst_vaddr_end;
+ struct page **src_p, **dst_p;
+ struct kvm_sev_dbg debug;
+ unsigned long n;
+ int ret, size;
+
+ if (!sev_guest(kvm))
+ return -ENOTTY;
+
+ if (copy_from_user(&debug, (void __user *)(uintptr_t)argp->data,
+ sizeof(struct kvm_sev_dbg)))
+ return -EFAULT;
+
+ vaddr = debug.src_uaddr;
+ size = debug.len;
+ vaddr_end = vaddr + size;
+ dst_vaddr = debug.dst_uaddr;
+ dst_vaddr_end = dst_vaddr + size;
+
+ for (; vaddr < vaddr_end; vaddr = next_vaddr) {
+ int len, s_off, d_off;
+
+ /* lock userspace source and destination page */
+ src_p = sev_pin_memory(kvm, vaddr & PAGE_MASK, PAGE_SIZE, &n, 0);
+ if (!src_p)
+ return -EFAULT;
+
+ dst_p = sev_pin_memory(kvm, dst_vaddr & PAGE_MASK, PAGE_SIZE, &n, 1);
+ if (!dst_p) {
+ sev_unpin_memory(kvm, src_p, n);
+ return -EFAULT;
+ }
+
+ /*
+ * The PSP may write the memory region with different C-bit (e.g
+ * x86 cache may have a mapping with C=0 and PSP may write the same
+ * region with C=1) hence lets make sure we invalidate the caches
+ * so that we can see the recent contents after the command completion.
+ */
+ sev_clflush_pages(src_p, 1);
+ sev_clflush_pages(dst_p, 1);
+
+ /*
+ * since user buffer may not be page aligned, calculate the
+ * offset within the page.
+ */
+ s_off = vaddr & ~PAGE_MASK;
+ d_off = dst_vaddr & ~PAGE_MASK;
+ len = min_t(size_t, (PAGE_SIZE - s_off), size);
+
+ ret = __sev_dbg_decrypt(kvm,
+ __sme_page_pa(src_p[0]) + s_off,
+ dst_vaddr, 0,
+ __sme_page_pa(dst_p[0]) + d_off,
+ len, &argp->error);
+
+ sev_unpin_memory(kvm, src_p, 1);
+ sev_unpin_memory(kvm, dst_p, 1);
+
+ if (ret)
+ goto err;
+
+ next_vaddr = vaddr + len;
+ dst_vaddr = dst_vaddr + len;
+ size -= len;
+ }
+err:
+ return ret;
+}
+
+static int sev_dbg_decrypt(struct kvm *kvm, struct kvm_sev_cmd *argp)
+{
+ return sev_dbg_crypt(kvm, argp, true);
+}
+
static int svm_mem_enc_op(struct kvm *kvm, void __user *argp)
{
struct kvm_sev_cmd sev_cmd;
@@ -6151,6 +6328,10 @@ static int svm_mem_enc_op(struct kvm *kvm, void __user *argp)
r = sev_guest_status(kvm, &sev_cmd);
break;
}
+ case KVM_SEV_DBG_DECRYPT: {
+ r = sev_dbg_decrypt(kvm, &sev_cmd);
+ break;
+ }
default:
break;
}
--
2.9.5
next prev parent reply other threads:[~2017-10-04 13:15 UTC|newest]
Thread overview: 112+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-10-04 13:13 [Part2 PATCH v5 00/31] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 01/31] Documentation/virtual/kvm: Add AMD Secure Encrypted Virtualization (SEV) Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 02/31] x86/CPU/AMD: Add the Secure Encrypted Virtualization CPU feature Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 03/31] kvm: svm: prepare for new bit definition in nested_ctl Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 04/31] kvm: svm: Add SEV feature definitions to KVM Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 05/31] KVM: SVM: Prepare to reserve asid for SEV guest Brijesh Singh
2017-10-04 14:33 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 06/31] KVM: X86: Extend CPUID range to include new leaf Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 07/31] KVM: Introduce KVM_MEMORY_ENCRYPT_OP ioctl Brijesh Singh
2017-10-04 14:50 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 08/31] KVM: Introduce KVM_MEMORY_ENCRYPT_REGISTER_REGION ioctl Brijesh Singh
2017-10-04 15:19 ` Borislav Petkov
2017-10-04 17:18 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 09/31] crypto: ccp: Build the AMD secure processor driver only with AMD CPU support Brijesh Singh
2017-10-04 21:47 ` Borislav Petkov
2017-10-04 23:06 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 10/31] crypto: ccp: Add Platform Security Processor (PSP) device support Brijesh Singh
2017-10-05 9:56 ` Borislav Petkov
2017-10-06 23:09 ` [Part2 PATCH v5.1 " Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 11/31] crypto: ccp: Define SEV key management command id Brijesh Singh
2017-10-05 20:56 ` Borislav Petkov
2017-10-08 21:14 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 12/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Brijesh Singh
2017-10-06 18:49 ` Borislav Petkov
2017-10-06 19:48 ` Brijesh Singh
2017-10-07 18:13 ` Brijesh Singh
2017-10-07 1:05 ` [Part2 PATCH v5.1 12.1/31] " Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.2/31] crypto: ccp: Define SEV userspace ioctl and command id Brijesh Singh
2017-10-07 14:20 ` Borislav Petkov
2017-10-08 21:18 ` Brijesh Singh
2017-10-11 16:46 ` [Part2 PATCH v5.2 12.1/31] " Brijesh Singh
2017-10-12 13:27 ` Borislav Petkov
2017-10-12 14:18 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.3/31] crypto: ccp: Implement SEV_FACTORY_RESET ioctl command Brijesh Singh
2017-10-11 14:32 ` Borislav Petkov
2017-10-11 16:55 ` [Part2 PATCH v5.2 " Brijesh Singh
2017-10-12 14:13 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.4/31] crypto: ccp: Implement SEV_PLATFORM_STATUS " Brijesh Singh
2017-10-11 17:01 ` [Part2 PATCH v5.2 " Brijesh Singh
2017-10-11 17:02 ` [Part2 PATCH v5.1 " Borislav Petkov
2017-10-11 19:49 ` Brijesh Singh
2017-10-11 20:04 ` Borislav Petkov
2017-10-11 20:10 ` Borislav Petkov
2017-10-11 20:10 ` Brijesh Singh
2017-10-11 20:28 ` Borislav Petkov
2017-10-11 20:45 ` Brijesh Singh
2017-10-11 20:53 ` Brijesh Singh
2017-10-11 20:54 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.5/31] crypto: ccp: Implement SEV_PEK_GEN " Brijesh Singh
2017-10-12 18:28 ` Borislav Petkov
2017-10-12 20:11 ` Brijesh Singh
2017-10-12 20:21 ` Borislav Petkov
2017-10-12 20:34 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.6/31] crypto: ccp: Implement SEV_PDH_GEN " Brijesh Singh
2017-10-12 18:48 ` Borislav Petkov
2017-10-12 20:21 ` Brijesh Singh
2017-10-12 20:23 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.7/31] crypto: ccp: Implement SEV_PEK_CSR " Brijesh Singh
2017-10-12 19:53 ` Borislav Petkov
2017-10-13 2:24 ` Brijesh Singh
2017-10-13 4:13 ` Brijesh Singh
2017-10-13 10:20 ` Borislav Petkov
2017-10-13 9:14 ` Borislav Petkov
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.8/31] crypto: ccp: Implement SEV_PEK_CERT_IMPORT " Brijesh Singh
2017-10-13 14:53 ` Borislav Petkov
2017-10-13 16:09 ` Brijesh Singh
2017-10-07 1:06 ` [Part2 PATCH v5.1 12.9/31] crypto: ccp: Implement SEV_PDH_CERT_EXPORT " Brijesh Singh
2017-10-13 15:01 ` Borislav Petkov
2017-10-07 18:40 ` [Part2 PATCH v5.1 12.1/31] crypto: ccp: Add Secure Encrypted Virtualization (SEV) command support Borislav Petkov
2017-10-08 13:30 ` Brijesh Singh
2017-10-08 14:00 ` Borislav Petkov
2017-10-09 0:11 ` Brijesh Singh
2017-10-09 15:21 ` Borislav Petkov
2017-10-10 15:00 ` Brijesh Singh
2017-10-10 18:43 ` Tom Lendacky
2017-10-10 20:04 ` Borislav Petkov
2017-10-11 14:19 ` Borislav Petkov
2017-10-11 14:23 ` Brijesh Singh
2017-10-11 16:50 ` [Part2 PATCH v5.2 12.2/31] " Brijesh Singh
2017-10-12 14:08 ` Borislav Petkov
2017-10-12 21:11 ` Brijesh Singh
2017-10-12 21:41 ` Borislav Petkov
2017-10-12 21:52 ` Brijesh Singh
2017-10-12 22:22 ` Borislav Petkov
2017-10-12 18:21 ` Borislav Petkov
2017-10-12 20:05 ` Brijesh Singh
2017-10-04 13:13 ` [Part2 PATCH v5 13/31] KVM: X86: Add CONFIG_KVM_AMD_SEV Brijesh Singh
2017-10-13 16:44 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 14/31] KVM: SVM: Add sev module_param Brijesh Singh
2017-10-13 16:46 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 15/31] KVM: SVM: Reserve ASID range for SEV guest Brijesh Singh
2017-10-13 16:58 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 16/31] KVM: Define SEV key management command id Brijesh Singh
2017-10-13 18:54 ` Borislav Petkov
2017-10-14 10:06 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 17/31] KVM: SVM: Add KVM_SEV_INIT command Brijesh Singh
2017-10-14 9:21 ` Borislav Petkov
2017-10-04 13:13 ` [Part2 PATCH v5 18/31] KVM: SVM: VMRUN should use assosiated ASID when SEV is enabled Brijesh Singh
2017-10-14 9:27 ` Borislav Petkov
2017-10-04 13:14 ` [Part2 PATCH v5 19/31] KVM: SVM: Add support for KVM_SEV_LAUNCH_START command Brijesh Singh
2017-10-14 10:08 ` Borislav Petkov
2017-10-04 13:14 ` [Part2 PATCH v5 20/31] KVM: SVM: Add support for KVM_SEV_LAUNCH_UPDATE_DATA command Brijesh Singh
2017-10-14 14:59 ` Borislav Petkov
2017-10-04 13:14 ` [Part2 PATCH v5 21/31] KVM: SVM: Add support for KVM_SEV_LAUNCH_MEASURE command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 22/31] KVM: SVM: Add support for SEV LAUNCH_FINISH command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 23/31] KVM: SVM: Add support for SEV GUEST_STATUS command Brijesh Singh
2017-10-04 13:14 ` Brijesh Singh [this message]
2017-10-04 13:14 ` [Part2 PATCH v5 25/31] KVM: SVM: Add support for SEV DEBUG_ENCRYPT command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 26/31] KVM: SVM: Add support for SEV LAUNCH_SECRET command Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 27/31] KVM: SVM: Pin guest memory when SEV is active Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 28/31] KVM: X86: Add memory encryption enabled ops Brijesh Singh
2017-10-04 13:14 ` [Part2 PATCH v5 29/31] KVM: SVM: Clear C-bit from the page fault address Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171004131412.13038-25-brijesh.singh@amd.com \
--to=brijesh.singh@amd.com \
--cc=bp@suse.de \
--cc=hpa@zytor.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rkrcmar@redhat.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.