From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-x241.google.com (mail-io0-x241.google.com [IPv6:2607:f8b0:4001:c06::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id BBCE280333 for ; Mon, 6 Mar 2017 15:27:31 -0800 (PST) Received: by mail-io0-x241.google.com with SMTP id f84so20059181ioj.0 for ; Mon, 06 Mar 2017 15:27:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:date:message-id:user-agent:mime-version :content-transfer-encoding; bh=TKa5Sk7nD1YPiOSSNqkxiOzCbY0+eF5Mg1K30h79ZBE=; b=g8eaRVKqE+m6h85InwvwP0D6KXdGG2P3pezZVB5Odzwu8t428nUZWgvKw9lciuoN2X lFRgaZMP7aErX9TnKN35TwcOEf832hubE+Rt+vSZC3C5I6sJzdDoEneiola1c1JVnCHe Qtt1B9Vqos7MuD7opNwetJUK8qSdk1QakLXPrZeNCkI8Xg+ontQPW4oljyPNJKkRiWAX PRZl73NGqM+ucZGYDGApn4dZ99elBtHXYng8k3rKeqsS7CqLVrpQPe00uwp7k1JxWa9P 8l1MLciblkOCZ/TyNUkHkdOo/pi8VFyxzWSsQuxzGkaihbx92nilyk4os4YSPNSICqzU 4+0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=TKa5Sk7nD1YPiOSSNqkxiOzCbY0+eF5Mg1K30h79ZBE=; b=QmWZICJ3C1Kc+LzSgfe1w7hnZgxd/AwO2Cf0e1DkYECXlVf5gMbe76fFD7lhfGwc4H AAw/uVbF6DGD++AAO1LbqhKLGvC++yV+Uqou0yCGsNLts4yaGwYUihyFdJa70hyixFLT N/A4R2EP3r6xXCw20kVghdDu7SmXj1l/5Uo1ZxXBeURynQxHSvgPgrDzCHr77DcUdOto KKohBp2epIycXFIW/Hq6uR05qP36NKzTanWgIz5jxMvhzo3CHvcbjc+wzlfHBVivm/LJ LX6a8AtJo8bxZLf73UuJXa8Z/9OWaOdP2bUTmBeHLXSA898r/hDGXfGbrl/iN1H5XlFb YxJA== X-Gm-Message-State: AMke39nac+AXhmGQSNenq3CYs4oniMJ6f1aE+8L02IslFqwnR6wi6BDbCzz/6TTdACBa4A== X-Received: by 10.107.203.7 with SMTP id b7mr17560514iog.115.1488842850836; Mon, 06 Mar 2017 15:27:30 -0800 (PST) Received: from [127.0.1.1] ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id k68sm9319066iod.13.2017.03.06.15.27.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 15:27:30 -0800 (PST) From: Brijesh Singh X-Google-Original-From: Brijesh Singh To: jordan.l.justen@intel.com, edk2-devel@ml01.01.org, lersek@redhat.com Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, brijesh.sing@amd.com Date: Mon, 06 Mar 2017 18:27:29 -0500 Message-ID: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Subject: [RFC PATCH v1 0/5] x86: Secure Encrypted Virtualization (AMD) X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Mar 2017 23:27:32 -0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. The SEV feature allows the memory contents of a virtual machine (VM) to be transparently encrypted with a key unique to the guest VM. The memory controller contains a high performance encryption engine which can be programmed with multiple keys for use by a different VMs in the system. The programming and management of these keys is handled by the AMD Secure Processor firmware which exposes a commands for these tasks. SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit, and is fully controlled by the guest. Due to security reasons all the DMA operations inside the guest must be performed on shared pages (C-bit clear). Note that since C-bit is only controllable by the guest OS when it is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the C-bit to a 1. KVM SEV RFC [1] extends the KVM_FEATURE cpuid instruction to indicate whether SEV is enabled. When SEV is enabled then OVMF can use cpuid Fn8000_001F[BX] to get the C-bit position in PTE. The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf KVM Forum Presentation: http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf [1] http://marc.info/?l=linux-mm&m=148846752931115&w=2 --- Patch is based on commit a11928f (BaseTools/Source/C/Makefiles: Fix NmakeSubdirs.bat always return 0) TODO: - Unroll the IoFifo write function when SEV is active. - Clear the encryption attribute from VGA framebuffer memory so that hypervisor can read the guest framebuffer console - add DMA support when SEV is active Since the DMA operations must be performed on shread pages, I am thinking that once the DMA library patch [2] is accepted then I can import it in OvmfPkg and make the SEV specific changes (mainly clearing the C-bit on DMA addresses). [2] https://lists.01.org/pipermail/edk2-devel/2017-March/008109.html - investigate SMM/SMI support - add virtio support Brijesh Singh (5): OvmfPkg/ResetVector: Set memory encryption when SEV is active OvmfPkg/MemcryptSevLib: Add SEV helper library OvmfPkg/PlatformPei: Initialize SEV support OvmfPkg/BaseIoLibIntrinsic: import BaseIoLibIntrinsic package OvmfPkg/BaseIoLibIntrinsic: Unroll String I/O when SEV is active OvmfPkg/Include/Library/MemcryptSevLib.h | 42 ++++++ .../BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf | 3 .../BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni | 0 .../BaseIoLibIntrinsicInternal.h | 0 OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm | 0 .../Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm | 19 +++ .../Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm | 141 ++++++++++++++++++++ OvmfPkg/Library/BaseIoLibIntrinsic/IoHighLevel.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLib.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibArm.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibEbc.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibGcc.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIcc.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIpf.c | 0 .../Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibMsc.c | 0 OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm | 0 OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm | 19 +++ .../Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm | 143 ++++++++++++++++++++ OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.c | 66 +++++++++ OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf | 44 ++++++ OvmfPkg/OvmfPkgIa32X64.dsc | 6 + OvmfPkg/OvmfPkgX64.dsc | 6 + OvmfPkg/PlatformPei/Platform.c | 6 + OvmfPkg/PlatformPei/PlatformPei.inf | 1 OvmfPkg/ResetVector/Ia32/PageTables64.asm | 52 +++++++ 26 files changed, 545 insertions(+), 3 deletions(-) create mode 100644 OvmfPkg/Include/Library/MemcryptSevLib.h copy MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf => OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf (94%) copy MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni => OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni (100%) copy MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h => OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h (100%) copy MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm => OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm (100%) copy MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm => OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm (87%) create mode 100644 OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm copy MdePkg/Library/BaseIoLibIntrinsic/IoHighLevel.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoHighLevel.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLib.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLib.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibArm.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibArm.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibEbc.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibEbc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibGcc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibIcc.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIcc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibIpf.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIpf.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c => OvmfPkg/Library/BaseIoLibIntrinsic/IoLibMsc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm => OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm (100%) copy MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm => OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm (88%) create mode 100644 OvmfPkg/Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm create mode 100644 OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.c create mode 100644 OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf -- Brijesh Singh