From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.9 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A, SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D8198C433EF for ; Fri, 3 Sep 2021 08:16:00 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 6ACD560E93 for ; Fri, 3 Sep 2021 08:15:59 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 6ACD560E93 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org Received: by kanga.kvack.org (Postfix) id BBA23900002; Fri, 3 Sep 2021 04:15:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B6A198D0001; Fri, 3 Sep 2021 04:15:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A0A52900002; Fri, 3 Sep 2021 04:15:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0224.hostedemail.com [216.40.44.224]) by kanga.kvack.org (Postfix) with ESMTP id 90C8A8D0001 for ; Fri, 3 Sep 2021 04:15:58 -0400 (EDT) Received: from smtpin30.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id 2A3F5181AF5CC for ; Fri, 3 Sep 2021 08:15:58 +0000 (UTC) X-FDA: 78545553996.30.FE63A8F Received: from mx0a-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by imf10.hostedemail.com (Postfix) with ESMTP id A32DC6001995 for ; Fri, 3 Sep 2021 08:15:57 +0000 (UTC) Received: from pps.filterd (m0098414.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 18388u2k120999; Fri, 3 Sep 2021 04:15:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=subject : to : cc : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=pp1; bh=LeBFR5NxS59Up7fXyEdw+xXLB76JpsgZixl/tUzPLRA=; b=qegV+v9YgCr0H7ILmPi0n6AmFrk8Qi54Lw0ltVSn0osPDcmxBCYMA8Bpi/cRwiMql+yU w7KVrCynhQIePfvw4tWvFeegpay7VQlQLQ0n7J/d7mTXJo5UJsRHDcNEPMWIuHow6IOt hLq/1mUhRsD7QCWEjFQxlGsk3pTsoV6GR0F/yhgHJZLLN9uUZ400ito0cJ/XJy711O+k p0cLPFRXM0CKhCUumISYMCuAu7nA/u0UzSZ8fYyl2G5IPgEywz608PHXpeFuj84OyO90 RFxVykOfSNdjJEFH4WOtRqJLVobNOT5c+qmh5xs9609FH34rVyQ8APghEcycBhTXWzdK Fw== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 3aufcdgxsg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 03 Sep 2021 04:15:39 -0400 Received: from m0098414.ppops.net (m0098414.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 183891fA121397; Fri, 3 Sep 2021 04:15:38 -0400 Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0b-001b2d01.pphosted.com with ESMTP id 3aufcdgxry-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 03 Sep 2021 04:15:38 -0400 Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 18388p1B002414; Fri, 3 Sep 2021 08:15:37 GMT Received: from b03cxnp07029.gho.boulder.ibm.com (b03cxnp07029.gho.boulder.ibm.com [9.17.130.16]) by ppma01wdc.us.ibm.com with ESMTP id 3au6pjgy58-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 03 Sep 2021 08:15:37 +0000 Received: from b03ledav006.gho.boulder.ibm.com (b03ledav006.gho.boulder.ibm.com [9.17.130.237]) by b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1838FaQ133948086 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 3 Sep 2021 08:15:36 GMT Received: from b03ledav006.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 462D7C6063; Fri, 3 Sep 2021 08:15:36 +0000 (GMT) Received: from b03ledav006.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 657F6C6062; Fri, 3 Sep 2021 08:15:28 +0000 (GMT) Received: from [9.65.84.185] (unknown [9.65.84.185]) by b03ledav006.gho.boulder.ibm.com (Postfix) with ESMTP; Fri, 3 Sep 2021 08:15:28 +0000 (GMT) Subject: Re: [PATCH Part1 v5 35/38] x86/sev: Register SNP guest request platform device To: Brijesh Singh , Borislav Petkov Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-efi@vger.kernel.org, platform-driver-x86@vger.kernel.org, linux-coco@lists.linux.dev, linux-mm@kvack.org, Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , "H. Peter Anvin" , Ard Biesheuvel , Paolo Bonzini , Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Andy Lutomirski , Dave Hansen , Sergio Lopez , Peter Gonda , Peter Zijlstra , Srinivas Pandruvada , David Rientjes , Tobin Feldman-Fitzthum , Michael Roth , Vlastimil Babka , "Kirill A . Shutemov" , Andi Kleen , tony.luck@intel.com, marcorr@google.com, sathyanarayanan.kuppuswamy@linux.intel.com, Dov Murik References: <20210820151933.22401-1-brijesh.singh@amd.com> <20210820151933.22401-36-brijesh.singh@amd.com> <5428d654-a24d-7d8b-489c-b666d72043c1@amd.com> From: Dov Murik Message-ID: <287db163-aaac-4cc1-522f-380f97197b3d@linux.ibm.com> Date: Fri, 3 Sep 2021 11:15:26 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 MIME-Version: 1.0 In-Reply-To: <5428d654-a24d-7d8b-489c-b666d72043c1@amd.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: dwanS7qPhIIegVkAiJ4GNPDy_wPCRRKN X-Proofpoint-GUID: EFCovUVGi0-Gh9ye25R_ko_qCm0WJHiI X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.790 definitions=2021-09-03_02:2021-09-03,2021-09-03 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 suspectscore=0 impostorscore=0 lowpriorityscore=0 adultscore=0 priorityscore=1501 mlxscore=0 mlxlogscore=999 phishscore=0 bulkscore=0 spamscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2108310000 definitions=main-2109030048 Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=ibm.com header.s=pp1 header.b=qegV+v9Y; dmarc=pass (policy=none) header.from=ibm.com; spf=pass (imf10.hostedemail.com: domain of dovmurik@linux.ibm.com designates 148.163.158.5 as permitted sender) smtp.mailfrom=dovmurik@linux.ibm.com X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: A32DC6001995 X-Stat-Signature: 44ben46pcmc7q1fkrpy6tfts7z7w3sr7 X-HE-Tag: 1630656957-830831 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 02/09/2021 22:58, Brijesh Singh wrote: >=20 >=20 > On 9/2/21 11:40 AM, Borislav Petkov wrote: [...] >> >>> +static u64 find_secrets_paddr(void) >>> +{ >>> +=C2=A0=C2=A0=C2=A0 u64 pa_data =3D boot_params.cc_blob_address; >>> +=C2=A0=C2=A0=C2=A0 struct cc_blob_sev_info info; >>> +=C2=A0=C2=A0=C2=A0 void *map; >>> + >>> +=C2=A0=C2=A0=C2=A0 /* >>> +=C2=A0=C2=A0=C2=A0=C2=A0 * The CC blob contains the address of the s= ecrets page, check >>> if the >>> +=C2=A0=C2=A0=C2=A0=C2=A0 * blob is present. >>> +=C2=A0=C2=A0=C2=A0=C2=A0 */ >>> +=C2=A0=C2=A0=C2=A0 if (!pa_data) >>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 return 0; >>> + >>> +=C2=A0=C2=A0=C2=A0 map =3D early_memremap(pa_data, sizeof(info)); >>> +=C2=A0=C2=A0=C2=A0 memcpy(&info, map, sizeof(info)); >>> +=C2=A0=C2=A0=C2=A0 early_memunmap(map, sizeof(info)); >>> + >>> +=C2=A0=C2=A0=C2=A0 /* Verify that secrets page address is passed */ >> >> That's hardly verifying something - if anything, it should say >> >> =C2=A0=C2=A0=C2=A0=C2=A0/* smoke-test the secrets page passed */ >> > Noted. >=20 >>> +=C2=A0=C2=A0=C2=A0 if (info.secrets_phys && info.secrets_len =3D=3D = PAGE_SIZE) >>> +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 return info.secrets_phys; >> >> ... which begs the question: how do we verify the HV is not passing so= me >> garbage instead of an actual secrets page? >> >=20 > Unfortunately, the secrets page does not contain a magic header or uuid > which a guest can read to verify that the page is actually populated by > the PSP.=20 In the SNP FW ABI document section 8.14.2.5 there's a Table 61 titled Secrets Page Format, which states that the first field in that page is a u32 VERSION field which should equal 2h. While not as strict as GUID header, this can help detect early that the content of the SNP secrets page is invalid. -Dov > But since the page is encrypted before the launch so this page > is always accessed encrypted. If hypervisor is tricking us then all tha= t > means is guest OS will get a wrong key and will not be able to > communicate with the PSP to get the attestation reports etc. >=20 >=20 >> I guess it is that: >> >> "SNP_LAUNCH_UPDATE can insert two special pages into the guest=E2=80=99= s >> memory: the secrets page and the CPUID page. The secrets page contains >> encryption keys used by the guest to interact with the firmware. Becau= se >> the secrets page is encrypted with the guest=E2=80=99s memory encrypti= on >> key, the hypervisor cannot read the keys. The CPUID page contains >> hypervisor provided CPUID function values that it passes to the guest. >> The firmware validates these values to ensure the hypervisor is not >> providing out-of-range values." >> >> =C2=A0From "4.5 Launching a Guest" in the SNP FW ABI spec. >> >> I think that explanation above is very important wrt to explaining the >> big picture how this all works with those pages injected into the gues= t >> so I guess somewhere around here a comment should say >> >=20 > I will add more explanation. >=20 >> "See section 4.5 Launching a Guest in the SNP FW ABI spec for details >> about those special pages." >> >> or so. >>