From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752262AbdJDNPB (ORCPT ); Wed, 4 Oct 2017 09:15:01 -0400 Received: from mail-cys01nam02on0084.outbound.protection.outlook.com ([104.47.37.84]:31550 "EHLO NAM02-CY1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751490AbdJDNOx (ORCPT ); Wed, 4 Oct 2017 09:14:53 -0400 From: Brijesh Singh To: x86@kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v5 07/31] KVM: Introduce KVM_MEMORY_ENCRYPT_OP ioctl Date: Wed, 4 Oct 2017 08:13:48 -0500 Message-Id: <20171004131412.13038-8-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171004131412.13038-1-brijesh.singh@amd.com> References: <20171004131412.13038-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: MWHPR2201CA0056.namprd22.prod.outlook.com (10.172.59.30) To SN1PR12MB0160.namprd12.prod.outlook.com (10.162.3.147) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 980d24f2-6c92-4510-00bc-08d50b29e5a4 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(2017030254152)(48565401081)(2017052603199)(201703131423075)(201703031133081)(201702281549075);SRVR:SN1PR12MB0160; X-Microsoft-Exchange-Diagnostics: 1;SN1PR12MB0160;3:Dri5bDqlmtFz5lNnsBKp8x0NiP/wxNkPVpAffuscEn+hYeoC6bmEBxaRPCJ07nabypWWAz2md4c6An5cWJjUehmjlkUvMQXdC7Wyd7t6nTFPXiOCyLmLXQaQTuqyXVKfQv3aYzb7KwvBmU1Jhv1EGX7uGVlXGOBrIO7jYFEAi10/Hp+qi6ervRTucS/nSz/tTRTi8LVlhyr2wfgW+YiMCbVpys3NZcWw17B93P+XLnAmFKXCOVm21xDBGJ4ySR+z;25:WwSKGR+uR5xIBduZ/OruakDEJgqHmXdAgfjfZx/sQsVK2lz1RU6woWm4tnxZpv07Eh3oJlXpxeoO0RH/g+J3T7WDL2jYhQ0qgl+xnqaSqXkv4pbtY7dEbYXPVqUQYgmtO9b0NWSxe0pMQEJZjcCvxGi8BqxifZ9QUSWHGxTLk6xv7yStuxLVY3KHBff1WlP2z/I3/OXgMRiqvf161Z6u8oYZqt9UlYu42s6oYRGhifnkMpJqCujGsPV+vviciQqyi5Gi+ZzV2NFKEV8rNeHR4C58rR6auwNa7GBS7bDU8ei5FGYJij1ENHp/cS1h2eIWQxgsPu5fvfSjgJru0Ty0Og==;31:IvwXDst4hxU3GgWsNEMTvaro8ZAxAizMT1f2xFmQWB7bGDwKQSk5eAKUARduI9pNJ7zcopMYOupY5ImvsEkLSsI7zh2cdvAOvlEdk8ussfoFlkYL9kmYOHMxZ5y9vjAL4PIyXDs8RorKdc5jCL5LsDkGQeMA9jlHFgkhynTYovHGngy1EcQte449kX3E1dI4IGlTuOci6OAd3ZCUHKbpGI8cZqas4XF0mxnNxfcNKe4= X-MS-TrafficTypeDiagnostic: SN1PR12MB0160: X-Microsoft-Exchange-Diagnostics: 1;SN1PR12MB0160;20:x5s6dvRRl8MJct2k5v91SOykhtTgLDuv8OUm8xsVUbGhOmsUjJmEzwX11sNzCELnbtTA6zuwbuTN/w9BWoHB/rh1RFN6/rHWuVvQ/AN2SBR0GaEkMXhUDJVD66S8r14dq8OMe2dUl+kHkV71IfZ1wXQxqfLTFZzqajFdj21qQlpAtVpBw1Nbcb852LDvODpuYp+UZDlx7MpQqW+vQtEh54YqmVwZT8arXTo+Cf3lslegB4NpiFiuZDH9MDc3uMunya05Jhi+kzUNP2gRAcPQ9tMXKrs7CkXateeGwq9YSq+JuyZmC30VD5+GfT1wIqfMUe6LlS5xCETLkdHV6sPOco/SRTmRxsiGJGOpHN8Eh5PXgBCwN9tWpr9/F0agigMrTAB0U20WkZYv5VIXwZWg25z9dceY4FFKRrg8rOP8i5mr9CvOwbcETF9fVe4HsYJHLXvdaZRbOnJYBwCWz755jNVOvbRhKvP7XkoUHyJ3G3zGyzL3j0ehcKu+kx7sYRXO;4:0onNqS9DqhCtpUwEIaMrbs7TF2O8LmLhweZlJqYCgKwf2REPFeJldXlzRLsPR+uqyhqKbixmPPTFXOc7NGbzjsBngt51oLRAnI4DJBqPVi75B+eaeKeteJB5q9Bsy0YI9KUdDsdQpwYHnvp6MC7pXATaVyIKpiYXYHgTKntjJdidwtX0wt2JMycHh255XxjSgIQ5DQ4vZGzftLa09rSxZgS8jURX6ATzF6HnkTSOQDcfNOZlkHj7BQl/p2epRrdpgEUxl6g3FFQshvgmdaVQoc3Oqw3peq5jlfQ01ckaJMFinpLtaBMfl5UtposQsZCQcX7uieTDTBSLKvB1qOYZwg== X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(8121501046)(5005006)(100000703101)(100105400095)(3002001)(93006095)(93001095)(10201501046)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123562025)(20161123555025)(20161123560025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:SN1PR12MB0160;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:SN1PR12MB0160; X-Forefront-PRVS: 0450A714CB X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(39860400002)(346002)(376002)(199003)(189002)(97736004)(86362001)(23676002)(76176999)(53936002)(50986999)(1076002)(6116002)(3846002)(478600001)(36756003)(47776003)(101416001)(33646002)(6486002)(66066001)(189998001)(68736007)(105586002)(53416004)(50466002)(4326008)(54906003)(8936002)(305945005)(2870700001)(81166006)(5660300001)(81156014)(25786009)(2906002)(8676002)(7736002)(2950100002)(7416002)(50226002)(106356001)(316002)(16526018);DIR:OUT;SFP:1101;SCL:1;SRVR:SN1PR12MB0160;H:ubuntu-010236106000.amd.com;FPR:;SPF:None;PTR:InfoNoRecords;A:1;MX:1;LANG:en; Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtTTjFQUjEyTUIwMTYwOzIzOnBPOUN1YlRJa0I5N2cvYWVPVm8yUUp4UkFz?= =?utf-8?B?Y1lKVGRrRGJ5TWlmcWFhcGFHUXhOaWpVMExYbkVjQUJnS01MZDUrTUlwaGpZ?= =?utf-8?B?U3pqN241Z2hBRkRLb0dkbDhPMmZjSEJZRlJ3cDhvMzVoMlc5RCtnNTJxSE9Y?= =?utf-8?B?bDEwbG5HYmRYNkVoeW1LOXVFaGQ1UjhnS1lNdm9mS3ZJcGhnVVJOYm84WVFl?= =?utf-8?B?ZlhUNGJDOU1UY0t5L2Ntc2tVVk8yMk5mOW9FYnh2SzRWRFRGWm9ZVkw0VHlq?= =?utf-8?B?b3FzSzluNGRRbHlmZ1FLak5xbzVZRlBPdk4zdGVLZmV2Z3hDdWwyWkExRmZ4?= =?utf-8?B?WlFGNWJLTE1LU3d2S0VuRUdnOFl5L0xMUHF3VWo1UmRqdXhZSHNteFBXbThx?= =?utf-8?B?MUFBdUZXcmdoNWN5OE45YnQ5bFZEVFJSNlU4U1h2SXJDd0FjcDhMUnRZNncv?= =?utf-8?B?cnp5R0pZV2dEeWJIRXdFQktrWlcydkovM3BiTExSYkJ3Ym9UYTdnSDBET3JX?= =?utf-8?B?VTIwbGp1NUc2VXROQkdlN0NGWTgxR0RLcmltOUNkZDI5d0tVNmpPb0pxelhv?= =?utf-8?B?eUdybUZ6ZTZSWDQ4bUVEV25ZVzg4NXdtc1hwSlgyNmJGZWtrY08vY3Q5V2xs?= =?utf-8?B?czNZbkZkOUVmMW5tb1hzRE45K2Z4REJNazBGOWRhMUZPMFNSK2pNRTRqSE1s?= =?utf-8?B?eDQ4cVRLZ0h4M3dXcFB4ZzRTUU9xZkZlNlczczcrQzh6TE52bXZUYXRET3ZK?= =?utf-8?B?VFNxSXg5K3F6SjJ3Q293cGNiNTNBTDNlZFhSa2g4YzVVbGpPYnlpaHFXNk5s?= =?utf-8?B?RllnUTlZNzNzZGQzM2VqU241d1lDb01XOXFRaSs5QnpjVVJ6Um9IZzZOR3p5?= =?utf-8?B?YnlYOW9zYjdsLzM2Yk9Kb3hHMnFQQUgvYnBiSUFaNzQvT1NGMGt5ckcwRmpB?= =?utf-8?B?bUZ5aW5YUDkxV005NzJMRjhDUzJoZzFac0lLM0ltcGg4UW5rZkJ3a21MZTV3?= =?utf-8?B?ajB2dW85L0lrakJwZXJMV2dEeXF3dEVFcU9HSXJXdlpQN0FTUjB6RXB3T0Fw?= =?utf-8?B?NjJmeTU0S1hYbmpXYXI4WXVJVWxvVzFUdHBidW5iRm9XRFRJTG44L2Z2M2k4?= =?utf-8?B?bWMxNVJLZDJyL09xL0EyV00zaERoTCtCTmUvQkw2OFdQbjZiMWJkVllUb25X?= =?utf-8?B?OHFLeFNIV2E5VFpLSUpGMHVWaExxaGMzSGJYa0k5NjgxM3ZTQ3JraE9BZktQ?= =?utf-8?B?VlgvUHUvQnAwclF4N3YyWk8vdDRoa1l4Y2ZxVDdjQyswSjFRczQ4TkY5WGx4?= =?utf-8?B?UkdnV3JOM09ZNlo5bGk3SU1HdEZlY3BCY3NYUWt5alZlSnVqSVV5bG13Ukcv?= =?utf-8?B?TFd3YkRwdERqRDdRRmZjYlM2RnRiOWg5TTFXOE1YWnFjZXdVSC91bEZ6dE9Y?= =?utf-8?Q?8kVmc3AACcvSBUd/zKIrQz2cOaq?= X-Microsoft-Exchange-Diagnostics: 1;SN1PR12MB0160;6:LKP/H7U5eGgKDl4JlAOXMqy3o/9unXnYqrDpQP7vOfOybbvB+HdBlpQPm+xar2Ou/BLW/VNyBXeA8djQwsrdftVa5mmOIkF+xAp1MPlhd4h3q7KlzxPInnwW1tPnuouokEVdwMoFnEJmgPpwwcJxbWbJTuUKk7DhIBSJD+7sHKJHlw/H1iIHZZ58Dmty3cURt6d6aeKa2gPHK4jshwVIuuBDj6SGnnT/benYMTwTYoOANnrSrWRohhZ8SqbkNU1bqmExXfmEwJJkbyhE+Hj9jgWR6P8ecARmm6jxlOnw6GM3snEyrlKK0K+UoK0io969I9dvqs3SrgZiD3eXFODTRQ==;5:cM0wFNXIQmaPnYvev++pTvfJNAO88/tePgl7BKw/49dj4SwIeyK/JxPqHpYaZ9IRjGCi94knTLZWgrtdPk2Ur53vZyEzkqyIeHdnrYAePOKZ1qpew/ptWFBlayO1XOk6C5ciYgoAnUx81oX+PwLIWg==;24:8xrNbK2wQWl4IAyJ3UenloWXw77Anv96AzKaq+i7W8wkTTnoPfYImlgjxBTWbtv9hY5dNMe8W+Yet9IDHYeiWKh2YkplDEQRZuYpZNzM3fQ=;7:DgiaZIdGJXJw9mRZr8z9BG7F+IpuBpXUHWiPt8JHbmOrGF8kZFbIjeF/rJSoucTvpZVkp1wIJXqLdlbM5TO8jhsoFeyGLUyZhBQoqSbsa4a7AS/MTVHgwo/PCxfNZ2b3DMJyqoK7uvRoAWvfdsxhTvadYERLoal1oZ/oXjY3GqOlDayn2yZSD+cv5qS5crQGYDlQCn+FhtmwX/a4sBkDdj/NDemX8Ww+6S0B+fV5G8c= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;SN1PR12MB0160;20:n0/oF024M7t3H/lrYpW8hYnfWogqHe2AgplsDezivK9iVmPVgjQDj1LgKrmRNDKZ9+o9u0TDVSFGwy++rJP2sCen4qGWvaSG5mwkYFNyN7d6OiAEZbF6FG4QqD3hWOlZAbu0te7IjPiHL/Mh886rtdeMNugWcINR7SeqPxz7mu190NZSK0WL/XNoAHaCplYT8aiXwfRX9hZACDAmhpZbUXxdPjR8TsxIIGlH0/XUlMzQhhmN+Ln1gUsnfxxOw20C X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Oct 2017 13:14:50.0838 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0160 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If hardware supports memory encryption then KVM_MEMORY_ENCRYPT_OP ioctl can be used by qemu to issue a platform specific memory encryption commands. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh Reviewed-by: Paolo Bonzini --- Documentation/virtual/kvm/api.txt | 16 ++++++++++++++++ arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/x86.c | 12 ++++++++++++ include/uapi/linux/kvm.h | 2 ++ 4 files changed, 32 insertions(+) diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index e63a35fafef0..cc1aa76ee6cd 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt @@ -3390,6 +3390,22 @@ invalid, if invalid pages are written to (e.g. after the end of memory) or if no page table is present for the addresses (e.g. when using hugepages). +4.109 KVM_MEMORY_ENCRYPT_OP + +Capability: basic +Architectures: x86 +Type: system +Parameters: a opaque platform specific structure (in/out) +Returns: 0 on success; -1 on error + +If platform supports creating encrypted VMs then this ioctl can be used for +issuing a platform specific memory encryption commands to manage the encrypted +VMs. + +Currently, this ioctl is used for issuing Secure Encrypted Virtualization (SEV) +commands on AMD Processors. The SEV commands are defined in +Documentation/virtual/kvm/amd-memory-encryption.txt. + 5. The kvm_run structure ------------------------ diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index c73e493adf07..48001ca48c14 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1061,6 +1061,8 @@ struct kvm_x86_ops { void (*cancel_hv_timer)(struct kvm_vcpu *vcpu); void (*setup_mce)(struct kvm_vcpu *vcpu); + + int (*mem_enc_op)(struct kvm *kvm, void __user *argp); }; struct kvm_arch_async_pf { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 03869eb7fcd6..a68e8ca78dd8 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4010,6 +4010,14 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, return r; } +static int kvm_vm_ioctl_mem_enc_op(struct kvm *kvm, void __user *argp) +{ + if (kvm_x86_ops->mem_enc_op) + return kvm_x86_ops->mem_enc_op(kvm, argp); + + return -ENOTTY; +} + long kvm_arch_vm_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg) { @@ -4270,6 +4278,10 @@ long kvm_arch_vm_ioctl(struct file *filp, r = kvm_vm_ioctl_enable_cap(kvm, &cap); break; } + case KVM_MEMORY_ENCRYPT_OP: { + r = kvm_vm_ioctl_mem_enc_op(kvm, argp); + break; + } default: r = -ENOTTY; } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 838887587411..4a39d99c5f99 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1356,6 +1356,8 @@ struct kvm_s390_ucas_mapping { /* Available with KVM_CAP_S390_CMMA_MIGRATION */ #define KVM_S390_GET_CMMA_BITS _IOWR(KVMIO, 0xb8, struct kvm_s390_cmma_log) #define KVM_S390_SET_CMMA_BITS _IOW(KVMIO, 0xb9, struct kvm_s390_cmma_log) +/* Memory Encryption Commands */ +#define KVM_MEMORY_ENCRYPT_OP _IOWR(KVMIO, 0xba, unsigned long) #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) -- 2.9.5