From: Brijesh Singh <brijesh.ksingh@gmail.com>
To: edk2-devel@lists.01.org, lersek@redhat.com, jordan.l.justen@intel.com
Cc: jiewen.yao@intel.com, leo.duran@amd.com, star.zeng@intel.com,
liming.gao@intel.com, ard.biesheuvel@linaro.org,
brijesh.singh@amd.com, William.Tambe@amd.com,
thomas.lendacky@amd.com
Subject: [RFC v3 00/15] x86: Secure Encrypted Virtualization (AMD)
Date: Tue, 25 Apr 2017 12:34:09 -0400 [thread overview]
Message-ID: <1493138064-7816-1-git-send-email-brijesh.ksingh@gmail.com> (raw)
From: Brijesh Singh <brijesh.singh@amd.com>
This RFC series provides support for AMD's new Secure Encrypted
Virtualization (SEV) feature.
SEV is an extension to the AMD-V architecture which supports running
multiple VMs under the control of a hypervisor. The SEV feature allows
the memory contents of a virtual machine (VM) to be transparently encrypted
with a key unique to the guest VM. The memory controller contains a
high performance encryption engine which can be programmed with multiple
keys for use by a different VMs in the system. The programming and
management of these keys is handled by the AMD Secure Processor firmware
which exposes a commands for these tasks.
SEV guest VMs have the concept of private and shared memory. Private memory is
encrypted with the guest-specific key, while shared memory may be encrypted
with hypervisor key. Certain types of memory (namely instruction pages and
guest page tables) are always treated as private memory by the hardware.
For data memory, SEV guest VMs can choose which pages they would like to be
private. The choice is done using the standard CPU page tables using the C-bit,
and is fully controlled by the guest. Due to security reasons all the DMA
operations inside the guest must be performed on shared pages (C-bit clear).
Note that since C-bit is only controllable by the guest OS when it is operating
in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the
C-bit to a 1.
The following links provide additional details:
AMD Memory Encryption whitepaper:
http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
AMD64 Architecture Programmer's Manual:
http://support.amd.com/TechDocs/24593.pdf
SME is section 7.10
SEV is section 15.34
Secure Encrypted Virutualization Key Management:
http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
KVM Forum Presentation:
http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
[1] http://marc.info/?l=linux-mm&m=148846752931115&w=2
---
Patch series is based on:
- commit 205a4b0c1537 (MdeModulePkg/DeviceManagerUiLib: Fix the network device MAC display issue)
- plus BmDmaLib introduced by Leo Duran (https://lists.01.org/pipermail/edk2-devel/2017-March/008109.html)
The full source is available @ https://github.com/codomania/edk2/tree/sev-rfc-3
The patch series is tested with OvmfIa32.dsc, OvmfIa32X64.dsc and OvmfX64.dsc.
Since memory encryption bit is not accessiable when processor is in 32-bit mode
hence any DMA access in this mode would cause assert. I have also tested suspend
and resume path, it seems to be working fine. I still need to work to finish
adding the SEV Dma support in QemuFwCfgS3Lib package (see TODO).
Changes since v2:
- move memory encryption CPUID and MSR definition into UefiCpuPkg
- fix the argument order for SUB instruction in ResetVector and add more
comments
- update PlatformPei to use BaseMemEncryptSevLib
- break the overlong comment lines to 79 chars
- variable aligment and other formating fixes
- split the SEV DMA support patch for QemuFwCfgLib into multiple patches as
recommended by Laszlo
- add AmdSevDxe driver which runs early in DXE phase and clear the C-bit
from MMIO memory region
- drop 'QemuVideoDxe: Clear C-bit from framebuffer' patch since AmdSevDxe
driver takes care of clearing the C-bit from MMIO region
- verified that Qemu PFLASH works fine with SEV guest, found a KVM driver issue
which was trigger #PF when PFLASH was enabled. I have submitted patch to
fix it in upstream http://marc.info/?l=kvm&m=149304930814202&w=2
Changes since v1:
- bug fixes in OvmfPkg/ResetVector (pointed by Tom Lendacky)
- add SEV CPUID and MSR register definition in standard include file
- remove the MemEncryptLib dependency from PlatformPei. Move AmdSevInitialize()
implementation in local file inside the PlatformPei package
- rename MemCryptSevLib to MemEncryptSevLib and add functions to set or
clear memory encryption attribute on memory region
- integerate SEV support in BmDmaLib
- split QemuFwCfgDxePei.c into QemuFwCfgDxe.c and QemuFwCfgPei.c to
allow building seperate QemuFwCfgLib for Dxe and Pei phase
(recommended by Laszlo Ersek)
- add SEV support in QemuFwCfgLib
- clear the memory encryption attribute from framebuffer memory region
TODO:
- SEV DMA support in QemuFwCfgS3Lib
- investigate SMM/SMI support
- add virtio support
Brijesh Singh (15):
UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR
OvmfPkg/ResetVector: Set C-bit when building initial page table
OvmfPkg: Update dsc to use IoLib from BaseIoLibIntrinsicSev.inf
OvmfPkg/BaseMemcryptSevLib: Add SEV helper library
OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is enabled
OvmfPkg/DxeBmDmaLib: Import DxeBmDmaLib package
OvmfPkg/BmDmaLib: Add SEV support
OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library
OvmfPkg/QemuFwCfgLib: Prepare for SEV support
OvmfPkg/QemuFwCfgLib: Implement SEV internal function for SEC phase
OvmfPkg/QemuFwCfgLib: Implement SEV internal functions for PEI phase
OvmfPkg/QemuFwCfgLib: Implement SEV internal function for Dxe phase
OvmfPkg/QemuFwCfgLib: Add option to dynamic alloc FW_CFG_DMA Access
OvmfPkg/QemuFwCfgLib: Add SEV support
OvmfPkg/AmdSevDxe: Add AmdSevDxe driver
OvmfPkg/OvmfPkgIa32.dsc | 11 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 12 +-
OvmfPkg/OvmfPkgX64.dsc | 12 +-
OvmfPkg/OvmfPkgIa32X64.fdf | 2 +
OvmfPkg/OvmfPkgX64.fdf | 2 +
OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 43 ++
OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf | 50 +++
OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf | 42 ++
OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} | 7 +-
OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} | 7 +-
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf | 1 +
OvmfPkg/PlatformPei/PlatformPei.inf | 3 +
OvmfPkg/Include/Library/BmDmaLib.h | 161 ++++++++
OvmfPkg/Include/Library/MemEncryptSevLib.h | 79 ++++
OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.h | 34 ++
OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h | 182 +++++++++
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h | 36 ++
OvmfPkg/PlatformPei/Platform.h | 5 +
UefiCpuPkg/Include/Register/Amd/Cpuid.h | 162 ++++++++
UefiCpuPkg/Include/Register/Amd/Fam17Msr.h | 62 +++
UefiCpuPkg/Include/Register/Amd/Msr.h | 29 ++
OvmfPkg/AmdSevDxe/AmdSevDxe.c | 67 ++++
OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c | 124 ++++++
OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c | 43 ++
OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c | 123 ++++++
OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c | 412 ++++++++++++++++++++
OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c | 409 +++++++++++++++++++
OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgDxe.c} | 69 ++++
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c | 67 +++-
OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgPei.c} | 72 +++-
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c | 57 +++
OvmfPkg/PlatformPei/AmdSev.c | 62 +++
OvmfPkg/PlatformPei/Platform.c | 1 +
OvmfPkg/ResetVector/Ia32/PageTables64.asm | 70 +++-
34 files changed, 2493 insertions(+), 25 deletions(-)
create mode 100644 OvmfPkg/AmdSevDxe/AmdSevDxe.inf
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf
copy OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} (83%)
rename OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} (83%)
create mode 100644 OvmfPkg/Include/Library/BmDmaLib.h
create mode 100644 OvmfPkg/Include/Library/MemEncryptSevLib.h
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.h
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h
create mode 100644 UefiCpuPkg/Include/Register/Amd/Cpuid.h
create mode 100644 UefiCpuPkg/Include/Register/Amd/Fam17Msr.h
create mode 100644 UefiCpuPkg/Include/Register/Amd/Msr.h
create mode 100644 OvmfPkg/AmdSevDxe/AmdSevDxe.c
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c
create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c
copy OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgDxe.c} (62%)
rename OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgPei.c} (61%)
create mode 100644 OvmfPkg/PlatformPei/AmdSev.c
--
2.7.4
next reply other threads:[~2017-04-25 16:36 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-25 16:34 Brijesh Singh [this message]
2017-04-25 16:34 ` [RFC v3 01/15] UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR Brijesh Singh
2017-04-25 16:34 ` [RFC v3 02/15] OvmfPkg/ResetVector: Set C-bit when building initial page table Brijesh Singh
2017-04-25 16:34 ` [RFC v3 03/15] OvmfPkg: Update dsc to use IoLib from BaseIoLibIntrinsicSev.inf Brijesh Singh
2017-04-25 16:34 ` [RFC v3 04/15] OvmfPkg/BaseMemcryptSevLib: Add SEV helper library Brijesh Singh
2017-04-25 16:34 ` [RFC v3 05/15] OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is enabled Brijesh Singh
2017-04-25 16:34 ` [RFC v3 06/15] OvmfPkg/DxeBmDmaLib: Import DxeBmDmaLib package Brijesh Singh
2017-04-25 16:34 ` [RFC v3 07/15] OvmfPkg/BmDmaLib: Add SEV support Brijesh Singh
2017-04-25 16:34 ` [RFC v3 08/15] OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library Brijesh Singh
2017-04-25 16:34 ` [RFC v3 09/15] OvmfPkg/QemuFwCfgLib: Prepare for SEV support Brijesh Singh
2017-04-25 16:34 ` [RFC v3 10/15] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for SEC phase Brijesh Singh
2017-04-25 16:34 ` [RFC v3 11/15] OvmfPkg/QemuFwCfgLib: Implement SEV internal functions for PEI phase Brijesh Singh
2017-04-25 16:34 ` [RFC v3 12/15] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for Dxe phase Brijesh Singh
2017-04-25 16:34 ` [RFC v3 13/15] OvmfPkg/QemuFwCfgLib: Add option to dynamic alloc FW_CFG_DMA Access Brijesh Singh
2017-04-25 16:34 ` [RFC v3 14/15] OvmfPkg/QemuFwCfgLib: Add SEV support Brijesh Singh
2017-04-25 16:34 ` [RFC v3 15/15] OvmfPkg/AmdSevDxe: Add AmdSevDxe driver Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1493138064-7816-1-git-send-email-brijesh.ksingh@gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox