From: Paolo Bonzini <pbonzini@redhat.com>
To: Borislav Petkov <bp@suse.de>,
Brijesh Singh <brijesh.singh@amd.com>,
thomas.lendacky@amd.com
Cc: simon.guinot@sequanux.org, linux-efi@vger.kernel.org,
kvm@vger.kernel.org, rkrcmar@redhat.com,
matt@codeblueprint.co.uk, linus.walleij@linaro.org,
linux-mm@kvack.org, paul.gortmaker@windriver.com, hpa@zytor.com,
dan.j.williams@intel.com, aarcange@redhat.com,
sfr@canb.auug.org.au, andriy.shevchenko@linux.intel.com,
herbert@gondor.apana.org.au, bhe@redhat.com, xemul@parallels.com,
joro@8bytes.org, x86@kernel.org, mingo@redhat.com,
msalter@redhat.com, ross.zwisler@linux.intel.com,
dyoung@redhat.com, jroedel@suse.de, keescook@chromium.org,
toshi.kani@hpe.com, mathieu.desnoyers@efficios.com,
devel@linuxdriverproject.org, tglx@linutronix.de,
mchehab@kernel.org, iamjoonsoo.kim@lge.com,
labbott@fedoraproject.org, tony.luck@intel.com,
alexandre.bounine@idt.com, kuleshovmail@gmail.com,
linux-kernel@vger.kernel.org, mcgrof@kernel.org,
linux-crypto@vger.kernel.org, akpm@linux-foundation.org,
davem@davemloft.net
Subject: Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
Date: Thu, 22 Sep 2016 16:45:51 +0200 [thread overview]
Message-ID: <464461b7-1efb-0af1-dd3e-eb919a2578e9@redhat.com> (raw)
In-Reply-To: <20160922143545.3kl7khff6vqk7b2t@pd.tnic>
On 22/09/2016 16:35, Borislav Petkov wrote:
>> > @@ -230,6 +230,10 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
>> > efi_scratch.efi_pgt = (pgd_t *)__sme_pa(efi_pgd);
>> > pgd = efi_pgd;
>> >
>> > + flags = _PAGE_NX | _PAGE_RW;
>> > + if (sev_active)
>> > + flags |= _PAGE_ENC;
> So this is confusing me. There's this patch which says EFI data is
> accessed in the clear:
>
> https://lkml.kernel.org/r/20160822223738.29880.6909.stgit@tlendack-t1.amdoffice.net
>
> but now here it is encrypted when SEV is enabled.
>
> Do you mean, it is encrypted here because we're in the guest kernel?
I suspect this patch is untested, and also wrong. :)
The main difference between the SME and SEV encryption, from the point
of view of the kernel, is that real-mode always writes unencrypted in
SME and always writes encrypted in SEV. But UEFI can run in 64-bit mode
and learn about the C bit, so EFI boot data should be unprotected in SEV
guests.
Because the firmware volume is written to high memory in encrypted form,
and because the PEI phase runs in 32-bit mode, the firmware code will be
encrypted; on the other hand, data that is placed in low memory for the
kernel can be unencrypted, thus limiting differences between SME and SEV.
Important: I don't know what you guys are doing for SEV and
Windows guests, but if you are doing something I would really
appreciate doing things in the open. If Linux and Windows end
up doing different things with EFI boot data, ACPI tables, etc.
it will be a huge pain. On the other hand, if we can enjoy
being first, that's great.
In fact, I have suggested in the QEMU list that SEV guests should always
use UEFI; because BIOS runs in real-mode or 32-bit non-paging protected
mode, BIOS must always write encrypted data, which becomes painful in
the kernel.
And regarding the above "important" point, all I know is that Microsoft
for sure will be happy to restrict SEV to UEFI guests. :)
There are still some differences, mostly around the real mode trampoline
executed by the kernel, but they should be much smaller.
Paolo
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2016-09-22 14:46 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-22 23:23 [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2016-08-22 23:23 ` [RFC PATCH v1 01/28] kvm: svm: Add support for additional SVM NPF error codes Brijesh Singh
2016-09-13 9:56 ` Borislav Petkov
2016-08-22 23:23 ` [RFC PATCH v1 02/28] kvm: svm: Add kvm_fast_pio_in support Brijesh Singh
2016-09-21 10:58 ` Borislav Petkov
2016-08-22 23:24 ` [RFC PATCH v1 03/28] kvm: svm: Use the hardware provided GPA instead of page walk Brijesh Singh
2016-09-21 17:16 ` Borislav Petkov
2016-08-22 23:24 ` [RFC PATCH v1 04/28] x86: Secure Encrypted Virtualization (SEV) support Brijesh Singh
2016-09-22 15:00 ` Borislav Petkov
2016-08-22 23:24 ` [RFC PATCH v1 05/28] KVM: SVM: prepare for new bit definition in nested_ctl Brijesh Singh
2016-09-22 14:17 ` Borislav Petkov
2016-08-22 23:24 ` [RFC PATCH v1 06/28] KVM: SVM: Add SEV feature definitions to KVM Brijesh Singh
2016-08-22 23:24 ` [RFC PATCH v1 07/28] x86: Do not encrypt memory areas if SEV is enabled Brijesh Singh
2016-08-22 23:25 ` [RFC PATCH v1 08/28] Access BOOT related data encrypted with SEV active Brijesh Singh
2016-08-22 23:25 ` [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active Brijesh Singh
2016-09-22 14:35 ` Borislav Petkov
2016-09-22 14:45 ` Paolo Bonzini [this message]
2016-09-22 14:59 ` Borislav Petkov
2016-09-22 15:05 ` Paolo Bonzini
2016-09-22 17:07 ` Borislav Petkov
2016-09-22 17:08 ` Paolo Bonzini
2016-09-22 17:27 ` Borislav Petkov
2016-09-22 19:04 ` Tom Lendacky
2016-09-22 19:11 ` Borislav Petkov
2016-09-22 19:49 ` Tom Lendacky
2016-09-22 20:10 ` Borislav Petkov
2016-09-22 18:59 ` Tom Lendacky
2016-09-22 18:47 ` Tom Lendacky
2016-09-22 18:50 ` Paolo Bonzini
2016-09-22 17:46 ` Tom Lendacky
2016-09-22 18:23 ` Paolo Bonzini
2016-09-22 18:37 ` Borislav Petkov
2016-09-22 18:44 ` Paolo Bonzini
2016-09-23 9:33 ` Kai Huang
2016-09-23 9:50 ` Borislav Petkov
2016-08-22 23:25 ` [RFC PATCH v1 10/28] x86: Change early_ioremap to early_memremap for BOOT data Brijesh Singh
2016-08-22 23:25 ` [RFC PATCH v1 11/28] x86: Don't decrypt trampoline area if SEV is active Brijesh Singh
2016-08-22 23:26 ` [RFC PATCH v1 12/28] x86: DMA support for SEV memory encryption Brijesh Singh
2016-08-22 23:26 ` [RFC PATCH v1 13/28] iommu/amd: AMD IOMMU support for SEV Brijesh Singh
2016-08-22 23:26 ` [RFC PATCH v1 14/28] x86: Don't set the SME MSR bit when SEV is active Brijesh Singh
2016-08-22 23:26 ` [RFC PATCH v1 15/28] x86: Unroll string I/O " Brijesh Singh
2016-08-22 23:26 ` [RFC PATCH v1 16/28] x86: Add support to determine if running with SEV enabled Brijesh Singh
2016-08-22 23:27 ` [RFC PATCH v1 17/28] KVM: SVM: Enable SEV by setting the SEV_ENABLE cpu feature Brijesh Singh
2016-08-22 23:27 ` [RFC PATCH v1 18/28] crypto: add AMD Platform Security Processor driver Brijesh Singh
2016-08-23 7:14 ` Herbert Xu
2016-08-24 12:02 ` Tom Lendacky
2016-08-22 23:27 ` [RFC PATCH v1 19/28] KVM: SVM: prepare to reserve asid for SEV guest Brijesh Singh
2016-10-13 10:17 ` Paolo Bonzini
2016-08-22 23:28 ` [RFC PATCH v1 20/28] KVM: SVM: prepare for SEV guest management API support Brijesh Singh
2016-10-13 10:41 ` Paolo Bonzini
2016-08-22 23:28 ` [RFC PATCH v1 21/28] KVM: introduce KVM_SEV_ISSUE_CMD ioctl Brijesh Singh
2016-10-13 10:45 ` Paolo Bonzini
2016-10-17 17:57 ` Brijesh Singh
2016-10-17 20:14 ` Paolo Bonzini
2016-10-18 19:32 ` Brijesh Singh
2016-10-18 21:44 ` Paolo Bonzini
2016-08-22 23:28 ` [RFC PATCH v1 22/28] KVM: SVM: add SEV launch start command Brijesh Singh
2016-10-13 11:12 ` Paolo Bonzini
2016-08-22 23:28 ` [RFC PATCH v1 23/28] KVM: SVM: add SEV launch update command Brijesh Singh
2016-08-22 23:28 ` [RFC PATCH v1 24/28] KVM: SVM: add SEV_LAUNCH_FINISH command Brijesh Singh
2016-10-13 11:16 ` Paolo Bonzini
2016-08-22 23:29 ` [RFC PATCH v1 25/28] KVM: SVM: add KVM_SEV_GUEST_STATUS command Brijesh Singh
2016-08-22 23:29 ` [RFC PATCH v1 26/28] KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command Brijesh Singh
2016-08-22 23:29 ` [RFC PATCH v1 27/28] KVM: SVM: add KVM_SEV_DEBUG_ENCRYPT command Brijesh Singh
2016-08-22 23:29 ` [RFC PATCH v1 28/28] KVM: SVM: add command to query SEV API version Brijesh Singh
2016-10-13 11:19 ` [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD) Paolo Bonzini
2016-10-17 13:51 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=464461b7-1efb-0af1-dd3e-eb919a2578e9@redhat.com \
--to=pbonzini@redhat.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=alexandre.bounine@idt.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=bhe@redhat.com \
--cc=bp@suse.de \
--cc=brijesh.singh@amd.com \
--cc=dan.j.williams@intel.com \
--cc=davem@davemloft.net \
--cc=devel@linuxdriverproject.org \
--cc=dyoung@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=hpa@zytor.com \
--cc=iamjoonsoo.kim@lge.com \
--cc=joro@8bytes.org \
--cc=jroedel@suse.de \
--cc=keescook@chromium.org \
--cc=kuleshovmail@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=labbott@fedoraproject.org \
--cc=linus.walleij@linaro.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mathieu.desnoyers@efficios.com \
--cc=matt@codeblueprint.co.uk \
--cc=mcgrof@kernel.org \
--cc=mchehab@kernel.org \
--cc=mingo@redhat.com \
--cc=msalter@redhat.com \
--cc=paul.gortmaker@windriver.com \
--cc=rkrcmar@redhat.com \
--cc=ross.zwisler@linux.intel.com \
--cc=sfr@canb.auug.org.au \
--cc=simon.guinot@sequanux.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tony.luck@intel.com \
--cc=toshi.kani@hpe.com \
--cc=x86@kernel.org \
--cc=xemul@parallels.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).