From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.60777.1629321673109525331 for ; Wed, 18 Aug 2021 14:21:13 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=R4Z0K2/E; spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: tobin@linux.ibm.com) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17IL4W8t108006; Wed, 18 Aug 2021 17:21:09 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=y9Xf+MBIhNlRyfEJg1SajDSpLZrvAe9vdxIRzlpA/Ac=; b=R4Z0K2/EaOQ3EoQpd/ekrImJHFfJDdnktEds8oWef5SyWhmuhaeMaSh8foSvlQXpjEtl F9twPJEYK3Mwa8DSGS9APvI/B51OVtseLPYZik9UQJFLqZQ9N7K6msMNIt7PND2JrZkD pSCT/wxAG8MN91NtBSHIeHnaVzmYYtYbIUVZGqPAar8xVgl5DEC12vMA9PDS4MipxkLj oKBAExM3tuxW6KkL4PjInQRADMYLkCzHc8j5SJApP6CWsxF7ABzJUOltecnrDWl4/nr0 q9av8OAorXe3Y3QzVPjoFCG/GLCwHiEQHB79cDKgJad8nyL8ZhgRgQZUWvP+NhZLuo6q 5w== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3agfdy4sca-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 18 Aug 2021 17:21:09 -0400 Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 17IL4nBf109015; Wed, 18 Aug 2021 17:21:08 -0400 Received: from ppma02dal.us.ibm.com (a.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.10]) by mx0a-001b2d01.pphosted.com with ESMTP id 3agfdy4sbh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 18 Aug 2021 17:21:08 -0400 Received: from pps.filterd (ppma02dal.us.ibm.com [127.0.0.1]) by ppma02dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 17ILIRGB001798; Wed, 18 Aug 2021 21:21:07 GMT Received: from b03cxnp08028.gho.boulder.ibm.com (b03cxnp08028.gho.boulder.ibm.com [9.17.130.20]) by ppma02dal.us.ibm.com with ESMTP id 3aeexx723d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 18 Aug 2021 21:21:07 +0000 Received: from b03ledav005.gho.boulder.ibm.com (b03ledav005.gho.boulder.ibm.com [9.17.130.236]) by b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 17ILL5rH30212442 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 18 Aug 2021 21:21:05 GMT Received: from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id ACD2DBE054; Wed, 18 Aug 2021 21:21:05 +0000 (GMT) Received: from b03ledav005.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 96953BE053; Wed, 18 Aug 2021 21:21:04 +0000 (GMT) Received: from amdrome1.watson.ibm.com (unknown [9.2.130.16]) by b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP; Wed, 18 Aug 2021 21:21:04 +0000 (GMT) From: "Tobin Feldman-Fitzthum" To: tobin@ibm.com, dovmurik@linux.vnet.ibm.com, jejb@linux.ibm.com, frankeh@us.ibm.com, pbonzini@redhat.com, ashish.kalra@amd.com, thomas.lendacky@amd.com, brijesh.singh@amd.com, dgilbert@redhat.com, srutherford@google.com, devel@edk2.groups.io, ard.biesheuvel@arm.com, jiewen.yao@intel.com Subject: [RFC PATCH 0/9] Firmware Support for Fast Live Migration for AMD SEV Date: Wed, 18 Aug 2021 17:20:39 -0400 Message-Id: <20210818212048.162626-1-tobin@linux.ibm.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: b3sNlxAWjzmKJ0AI13ewHXc-34KvVAi4 X-Proofpoint-ORIG-GUID: stvAOgy2xOSe5h7h44yCi_IkgdG-eQfs X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.790 definitions=2021-08-18_07:2021-08-17,2021-08-18 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1011 suspectscore=0 lowpriorityscore=0 spamscore=0 impostorscore=0 phishscore=0 priorityscore=1501 mlxlogscore=999 mlxscore=0 bulkscore=0 malwarescore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2107140000 definitions=main-2108180130 Content-Transfer-Encoding: 8bit With AMD SEV the hypervisor cannot decrypt or move guest memory pages. This makes migration tricky. While the AMD Secure Processor can export/import pages wrapped with a transport key, the bandwidth is limited. We look to provide similar support via firmware. In particular, we implement a Migration Handler (MH) in OVMF. The MH runs in a separate mirror VM that shares the memory of the guest. To migrate a guest, the HV asks the MH on the source to export wrapped pages, which the MH on the target will import. To start the MH on the source or the target the HV boots the mirror VM to a custom entry vector implemented in these patches. This RFC does not include encryption support. The pages are passed to/from the HV in plaintext. This RFC depends on mirror VM support already upstreamed in KVM, AMD page encryption status tracking (Ashish Kalra's v6 OVMF live migration patches), mirror VM support in QEMU (Ashish's v1 QEMU RFC), page encryption status tracking support in QEMU (Ashish QEMU guest live migration support v4), and MH support in QEMU (coming soon). This RFC is aimed at SEV only. The general design carries over to SEV-ES and SEV-SNP, but extra support is required. Dov Murik (1): OvmfPkg/AmdSev: Build page table for migration handler Tobin Feldman-Fitzthum (8): OvmfPkg/AmdSev: Base for Confidential Migration Handler OvmfPkg/PlatfomPei: Set Confidential Migration PCD OvmfPkg/AmdSev: Setup Migration Handler Mailbox OvmfPkg/AmdSev: MH support for mailbox protocol OvmfPkg/AmdSev: Don't overwrite mailbox or pagetables OvmfPkg/AmdSev: Don't overwrite MH stack OvmfPkg/AmdSev: Add Migration Handler entry point OvmfPkg/ResetVector: Expose Migration Handler Entry Addresses OvmfPkg/OvmfPkg.dec | 13 + OvmfPkg/AmdSev/AmdSevX64.dsc | 2 + OvmfPkg/AmdSev/AmdSevX64.fdf | 16 +- .../ConfidentialMigrationDxe.inf | 38 +++ .../ConfidentialMigrationPei.inf | 37 +++ OvmfPkg/PlatformPei/PlatformPei.inf | 2 + OvmfPkg/ResetVector/ResetVector.inf | 1 + .../ConfidentialMigration/VirtualMemory.h | 177 ++++++++++++ .../ConfidentialMigrationDxe.c | 272 ++++++++++++++++++ .../ConfidentialMigrationPei.c | 31 ++ OvmfPkg/PlatformPei/Platform.c | 10 + .../MigrationEntryPoint.nasm | 51 ++++ OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 13 + OvmfPkg/ResetVector/ResetVector.nasmb | 1 + 14 files changed, 660 insertions(+), 4 deletions(-) create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationDxe.inf create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationPei.inf create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/VirtualMemory.h create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationDxe.c create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationPei.c create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/MigrationEntryPoint.nasm -- 2.20.1