From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-oi0-x243.google.com (mail-oi0-x243.google.com [IPv6:2607:f8b0:4003:c06::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id EB6E52193CF44 for ; Tue, 25 Apr 2017 09:36:00 -0700 (PDT) Received: by mail-oi0-x243.google.com with SMTP id y11so35428889oie.1 for ; Tue, 25 Apr 2017 09:36:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=61v9iDI/S1pFXs21aqLoeqm28UpmlTZcmV3kYfZKaVY=; b=ZOPeMsukYppaCgCf2Ypd5ofxfTmXNy9+TLgIQYARmHOSW2cGDV1N6XbZT6XzQXg2vt tradh6H1GZ7eHesM1kHSnsdNtUc/C5s/ACYKHAfIC368HbMWI4RKAKt3nu8qFlRSbTKo VvjsQbq7pT0iBre/+LUwhX5UMEL19I4xMFxjz+s807kMcEjN23ZeiGc/mayOCNlAgJpb Hwt8qS7tkcExIL5JT0xmmChF+UQ/U+/0mihenKB9905CyZmf1j3IkaGevkZ/I0bUQfY4 /2wiZx8kIaEPOOB9xF2kl3S7VRGrgRnTHBa9lJ0XR39zfbKwx5sbKicPYJ9jWVdKHiHt YcFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=61v9iDI/S1pFXs21aqLoeqm28UpmlTZcmV3kYfZKaVY=; b=g7SKbjJ+xmvuiTrAB4hx3w673wou8oLn9KfAw63SFWGSsWVNOk8x58QIZVt4dqqodD MmeWxvuWm8aH4+PaISEZHDFJXvJJnqc+Xx2RxjhM+C6BZs9jki8RNS8k+PC8BRi8FIvB V3mSKshqbgb/VFdDOveutt9+ZWJ5BSO3ox4pjfr/8vY04OoSmQkM6SsofU3FKPTvrxBs kUYDtLsod6oQInrLHUrv65PI3A4fppkgFXSz2uPHj08MdzgmcXeSUiIBCfd+H46d8x9n zgQzAo4X6Qcgx26Ej3NKsq60j6m2xuK9Xx9PGf1HFA4kNwlK82jWXwRKAEUz8Yxir+/D gLbQ== X-Gm-Message-State: AN3rC/54CaI3qbU3YRTGQ/xXG/DIavy83wtA2Naq1gCnhvMZtfHZ0TcV oXWh3P0JrGLoXw== X-Received: by 10.157.0.65 with SMTP id 59mr15056230ota.196.1493138159909; Tue, 25 Apr 2017 09:35:59 -0700 (PDT) Received: from brijesh-build-machine.amd.com ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id j17sm9666356ota.24.2017.04.25.09.35.59 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Tue, 25 Apr 2017 09:35:59 -0700 (PDT) From: Brijesh Singh To: edk2-devel@lists.01.org, lersek@redhat.com, jordan.l.justen@intel.com Cc: jiewen.yao@intel.com, leo.duran@amd.com, star.zeng@intel.com, liming.gao@intel.com, ard.biesheuvel@linaro.org, brijesh.singh@amd.com, William.Tambe@amd.com, thomas.lendacky@amd.com Date: Tue, 25 Apr 2017 12:34:09 -0400 Message-Id: <1493138064-7816-1-git-send-email-brijesh.ksingh@gmail.com> X-Mailer: git-send-email 2.7.4 Subject: [RFC v3 00/15] x86: Secure Encrypted Virtualization (AMD) X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Apr 2017 16:36:01 -0000 From: Brijesh Singh This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. The SEV feature allows the memory contents of a virtual machine (VM) to be transparently encrypted with a key unique to the guest VM. The memory controller contains a high performance encryption engine which can be programmed with multiple keys for use by a different VMs in the system. The programming and management of these keys is handled by the AMD Secure Processor firmware which exposes a commands for these tasks. SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit, and is fully controlled by the guest. Due to security reasons all the DMA operations inside the guest must be performed on shared pages (C-bit clear). Note that since C-bit is only controllable by the guest OS when it is operating in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the C-bit to a 1. The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf KVM Forum Presentation: http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf [1] http://marc.info/?l=linux-mm&m=148846752931115&w=2 --- Patch series is based on: - commit 205a4b0c1537 (MdeModulePkg/DeviceManagerUiLib: Fix the network device MAC display issue) - plus BmDmaLib introduced by Leo Duran (https://lists.01.org/pipermail/edk2-devel/2017-March/008109.html) The full source is available @ https://github.com/codomania/edk2/tree/sev-rfc-3 The patch series is tested with OvmfIa32.dsc, OvmfIa32X64.dsc and OvmfX64.dsc. Since memory encryption bit is not accessiable when processor is in 32-bit mode hence any DMA access in this mode would cause assert. I have also tested suspend and resume path, it seems to be working fine. I still need to work to finish adding the SEV Dma support in QemuFwCfgS3Lib package (see TODO). Changes since v2: - move memory encryption CPUID and MSR definition into UefiCpuPkg - fix the argument order for SUB instruction in ResetVector and add more comments - update PlatformPei to use BaseMemEncryptSevLib - break the overlong comment lines to 79 chars - variable aligment and other formating fixes - split the SEV DMA support patch for QemuFwCfgLib into multiple patches as recommended by Laszlo - add AmdSevDxe driver which runs early in DXE phase and clear the C-bit from MMIO memory region - drop 'QemuVideoDxe: Clear C-bit from framebuffer' patch since AmdSevDxe driver takes care of clearing the C-bit from MMIO region - verified that Qemu PFLASH works fine with SEV guest, found a KVM driver issue which was trigger #PF when PFLASH was enabled. I have submitted patch to fix it in upstream http://marc.info/?l=kvm&m=149304930814202&w=2 Changes since v1: - bug fixes in OvmfPkg/ResetVector (pointed by Tom Lendacky) - add SEV CPUID and MSR register definition in standard include file - remove the MemEncryptLib dependency from PlatformPei. Move AmdSevInitialize() implementation in local file inside the PlatformPei package - rename MemCryptSevLib to MemEncryptSevLib and add functions to set or clear memory encryption attribute on memory region - integerate SEV support in BmDmaLib - split QemuFwCfgDxePei.c into QemuFwCfgDxe.c and QemuFwCfgPei.c to allow building seperate QemuFwCfgLib for Dxe and Pei phase (recommended by Laszlo Ersek) - add SEV support in QemuFwCfgLib - clear the memory encryption attribute from framebuffer memory region TODO: - SEV DMA support in QemuFwCfgS3Lib - investigate SMM/SMI support - add virtio support Brijesh Singh (15): UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR OvmfPkg/ResetVector: Set C-bit when building initial page table OvmfPkg: Update dsc to use IoLib from BaseIoLibIntrinsicSev.inf OvmfPkg/BaseMemcryptSevLib: Add SEV helper library OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is enabled OvmfPkg/DxeBmDmaLib: Import DxeBmDmaLib package OvmfPkg/BmDmaLib: Add SEV support OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library OvmfPkg/QemuFwCfgLib: Prepare for SEV support OvmfPkg/QemuFwCfgLib: Implement SEV internal function for SEC phase OvmfPkg/QemuFwCfgLib: Implement SEV internal functions for PEI phase OvmfPkg/QemuFwCfgLib: Implement SEV internal function for Dxe phase OvmfPkg/QemuFwCfgLib: Add option to dynamic alloc FW_CFG_DMA Access OvmfPkg/QemuFwCfgLib: Add SEV support OvmfPkg/AmdSevDxe: Add AmdSevDxe driver OvmfPkg/OvmfPkgIa32.dsc | 11 +- OvmfPkg/OvmfPkgIa32X64.dsc | 12 +- OvmfPkg/OvmfPkgX64.dsc | 12 +- OvmfPkg/OvmfPkgIa32X64.fdf | 2 + OvmfPkg/OvmfPkgX64.fdf | 2 + OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 43 ++ OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf | 50 +++ OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf | 42 ++ OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} | 7 +- OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} | 7 +- OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf | 1 + OvmfPkg/PlatformPei/PlatformPei.inf | 3 + OvmfPkg/Include/Library/BmDmaLib.h | 161 ++++++++ OvmfPkg/Include/Library/MemEncryptSevLib.h | 79 ++++ OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.h | 34 ++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h | 182 +++++++++ OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h | 36 ++ OvmfPkg/PlatformPei/Platform.h | 5 + UefiCpuPkg/Include/Register/Amd/Cpuid.h | 162 ++++++++ UefiCpuPkg/Include/Register/Amd/Fam17Msr.h | 62 +++ UefiCpuPkg/Include/Register/Amd/Msr.h | 29 ++ OvmfPkg/AmdSevDxe/AmdSevDxe.c | 67 ++++ OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c | 124 ++++++ OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c | 43 ++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c | 123 ++++++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c | 412 ++++++++++++++++++++ OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c | 409 +++++++++++++++++++ OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgDxe.c} | 69 ++++ OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c | 67 +++- OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgPei.c} | 72 +++- OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c | 57 +++ OvmfPkg/PlatformPei/AmdSev.c | 62 +++ OvmfPkg/PlatformPei/Platform.c | 1 + OvmfPkg/ResetVector/Ia32/PageTables64.asm | 70 +++- 34 files changed, 2493 insertions(+), 25 deletions(-) create mode 100644 OvmfPkg/AmdSevDxe/AmdSevDxe.inf create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf copy OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} (83%) rename OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} (83%) create mode 100644 OvmfPkg/Include/Library/BmDmaLib.h create mode 100644 OvmfPkg/Include/Library/MemEncryptSevLib.h create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.h create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h create mode 100644 UefiCpuPkg/Include/Register/Amd/Cpuid.h create mode 100644 UefiCpuPkg/Include/Register/Amd/Fam17Msr.h create mode 100644 UefiCpuPkg/Include/Register/Amd/Msr.h create mode 100644 OvmfPkg/AmdSevDxe/AmdSevDxe.c create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c copy OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgDxe.c} (62%) rename OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgPeiDxe.c => QemuFwCfgPei.c} (61%) create mode 100644 OvmfPkg/PlatformPei/AmdSev.c -- 2.7.4