public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [RESEND] [RFC PATCH v2 00/10] x86: Secure Encrypted Virtualization (AMD)
@ 2017-03-21 21:12 Brijesh Singh
  2017-03-21 21:12 ` [RFC PATCH v2 01/10] OvmfPkg/Include: Define SEV specific CPUID and MSR Brijesh Singh
                   ` (9 more replies)
  0 siblings, 10 replies; 44+ messages in thread
From: Brijesh Singh @ 2017-03-21 21:12 UTC (permalink / raw)
  To: michael.d.kinney, jordan.l.justen, edk2-devel, lersek, liming.gao
  Cc: leo.duran, brijesh.singh, Thomas.Lendacky

(Sorry for churn, correcting Laszlo's email address) 

This RFC series provides support for AMD's new Secure Encrypted 
Virtualization (SEV) feature.

SEV is an extension to the AMD-V architecture which supports running
multiple VMs under the control of a hypervisor. The SEV feature allows
the memory contents of a virtual machine (VM) to be transparently encrypted
with a key unique to the guest VM. The memory controller contains a
high performance encryption engine which can be programmed with multiple
keys for use by a different VMs in the system. The programming and
management of these keys is handled by the AMD Secure Processor firmware
which exposes a commands for these tasks.

SEV guest VMs have the concept of private and shared memory.  Private memory is
encrypted with the guest-specific key, while shared memory may be encrypted
with hypervisor key.  Certain types of memory (namely instruction pages and
guest page tables) are always treated as private memory by the hardware.
For data memory, SEV guest VMs can choose which pages they would like to be
private. The choice is done using the standard CPU page tables using the C-bit,
and is fully controlled by the guest. Due to security reasons all the DMA
operations inside the  guest must be performed on shared pages (C-bit clear).
Note that since C-bit is only controllable by the guest OS when it is operating
in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the
C-bit to a 1.

The following links provide additional details:

AMD Memory Encryption whitepaper:
http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf

AMD64 Architecture Programmer's Manual:
    http://support.amd.com/TechDocs/24593.pdf
    SME is section 7.10
    SEV is section 15.34

Secure Encrypted Virutualization Key Management:
http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf

KVM Forum Presentation:
http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf

[1] http://marc.info/?l=linux-mm&m=148846752931115&w=2

---

Patch series is based on commit 5d5a190 (ArmVirtPkg/HighMemDxe: check new regions against GCD memory space map)
plus I have cherry-picked https://lists.01.org/pipermail/edk2-devel/2017-March/008109.html and
https://lists.01.org/pipermail/edk2-devel/2017-March/008756.html.

source is also available @ https://github.com/codomania/edk2/tree/sev-rfc-2

The patch series is tested with OvmfIa32.dsc, OvmfIa32X64.dsc and OvmfX64.dsc.
Since memory encryption bit is not accessiable when processor is in 32-bit mode
hence any DMA access in this mode would cause assert. I have also tested the
suspend and resume path, it seems to be working fine. I still need to work to
finish adding the SEV Dma support in QemuFwCfgS3Lib package (see TODO).

Changes since v1:
 - bug fixes in OvmfPkg/ResetVector (pointed by Tom Lendacky)
 - add SEV CPUID and MSR register definition in standard include file
 - remove the MemEncryptLib dependency from PlatformPei. Move AmdSevInitialize()
   implementation in local file inside the PlatformPei package
 - rename MemCryptSevLib to MemEncryptSevLib and add functions to set or
   clear memory encryption attribute on memory region
 - integerate SEV support in BmDmaLib
 - split QemuFwCfgDxePei.c into QemuFwCfgDxe.c and QemuFwCfgPei.c to
   allow building seperate QemuFwCfgLib for Dxe and Pei phase
   (recommended by Laszlo Ersek)
 - add SEV support in QemuFwCfgLib
 - clear the memory encryption attribute from framebuffer memory region


TODO:
 - add support for accessing QEMU system flash device when SEV is enabled
 - add support for DMA operation in QemuFwCfgS3Lib when SEV is enabled
 - investigate SMM/SMI support
 - add virtio support

Brijesh Singh (10):
      OvmfPkg/Include: Define SEV specific CPUID and MSR
      OvmfPkg/ResetVector: add memory encryption mask when SEV is enabled
      OvmfPkg/PlatformPei: Add Secure Encrypted Virutualization (SEV) support
      OvmfPkg/BaseMemcryptSevLib: Add SEV helper library
      OvmfPkg/DxeBmDmaLib: Import DxeBmDmaLib package
      OvmfPkg/DxeBmDmaLib: Fix AllocateBounceBuffer parameter
      OvmfPkg/BmDmaLib: Add SEV support
      OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library support
      OvmfPkg/QemuFwCfgLib: Add Secure Encrypted Virtualization (SEV) support
      OvmfPkg/QemuVideoDxe: Clear the C-bit from framebuffer region when SEV is enabled


 OvmfPkg/Include/Library/BmDmaLib.h                 |    0 
 OvmfPkg/Include/Library/MemEncryptSevLib.h         |   69 +++
 OvmfPkg/Include/Register/AmdSevMap.h               |  133 +++++++
 .../BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf  |   46 ++
 .../BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c   |  124 ++++++
 .../BaseMemEncryptSevLib/X64/MemEncryptSevLib.c    |  120 ++++++
 .../BaseMemEncryptSevLib/X64/VirtualMemory.c       |  304 +++++++++++++++
 .../BaseMemEncryptSevLib/X64/VirtualMemory.h       |  158 ++++++++
 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c          |  409 ++++++++++++++++++++
 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf        |   42 ++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c        |  189 +++++++++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf   |    8 
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c        |  112 +++++
 .../Library/QemuFwCfgLib/QemuFwCfgLibInternal.h    |   38 ++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c        |  209 ++++++++++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiDxe.c     |  116 ------
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf   |    8 
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c        |   82 ++++
 OvmfPkg/OvmfPkgIa32.dsc                            |   10 
 OvmfPkg/OvmfPkgIa32X64.dsc                         |   10 
 OvmfPkg/OvmfPkgX64.dsc                             |   10 
 OvmfPkg/PlatformPei/AmdSev.c                       |   97 +++++
 OvmfPkg/PlatformPei/Platform.c                     |    1 
 OvmfPkg/PlatformPei/Platform.h                     |    5 
 OvmfPkg/PlatformPei/PlatformPei.inf                |    2 
 OvmfPkg/QemuVideoDxe/Gop.c                         |   15 +
 OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf              |    1 
 OvmfPkg/ResetVector/Ia32/PageTables64.asm          |   62 +++
 28 files changed, 2252 insertions(+), 128 deletions(-)
 copy MdeModulePkg/Include/Library/BmDmaLib.h => OvmfPkg/Include/Library/BmDmaLib.h (100%)
 create mode 100644 OvmfPkg/Include/Library/MemEncryptSevLib.h
 create mode 100644 OvmfPkg/Include/Register/AmdSevMap.h
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h
 create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c
 create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf
 create mode 100644 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
 copy OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} (82%)
 create mode 100644 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
 delete mode 100644 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiDxe.c
 rename OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} (83%)
 create mode 100644 OvmfPkg/PlatformPei/AmdSev.c

-- 

Brijesh Singh



^ permalink raw reply	[flat|nested] 44+ messages in thread
* [RFC PATCH v2 00/10] x86: Secure Encrypted Virtualization (AMD)
@ 2017-03-21 20:59 Brijesh Singh
  2017-03-21 20:59 ` [RFC PATCH v2 01/10] OvmfPkg/Include: Define SEV specific CPUID and MSR Brijesh Singh
  0 siblings, 1 reply; 44+ messages in thread
From: Brijesh Singh @ 2017-03-21 20:59 UTC (permalink / raw)
  To: michael.d.kinney, ersek, edk2-devel, liming.gao, jordan.l.justen
  Cc: leo.duran, brijesh.singh, Thomas.Lendacky

This RFC series provides support for AMD's new Secure Encrypted 
Virtualization (SEV) feature.

SEV is an extension to the AMD-V architecture which supports running
multiple VMs under the control of a hypervisor. The SEV feature allows
the memory contents of a virtual machine (VM) to be transparently encrypted
with a key unique to the guest VM. The memory controller contains a
high performance encryption engine which can be programmed with multiple
keys for use by a different VMs in the system. The programming and
management of these keys is handled by the AMD Secure Processor firmware
which exposes a commands for these tasks.

SEV guest VMs have the concept of private and shared memory.  Private memory is
encrypted with the guest-specific key, while shared memory may be encrypted
with hypervisor key.  Certain types of memory (namely instruction pages and
guest page tables) are always treated as private memory by the hardware.
For data memory, SEV guest VMs can choose which pages they would like to be
private. The choice is done using the standard CPU page tables using the C-bit,
and is fully controlled by the guest. Due to security reasons all the DMA
operations inside the  guest must be performed on shared pages (C-bit clear).
Note that since C-bit is only controllable by the guest OS when it is operating
in 64-bit or 32-bit PAE mode, in all other modes the SEV hardware forces the
C-bit to a 1.

The following links provide additional details:

AMD Memory Encryption whitepaper:
http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf

AMD64 Architecture Programmer's Manual:
    http://support.amd.com/TechDocs/24593.pdf
    SME is section 7.10
    SEV is section 15.34

Secure Encrypted Virutualization Key Management:
http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf

KVM Forum Presentation:
http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf

[1] http://marc.info/?l=linux-mm&m=148846752931115&w=2

---

Patch series is based on commit 5d5a190 (ArmVirtPkg/HighMemDxe: check new regions against GCD memory space map)
plus I have cherry-picked https://lists.01.org/pipermail/edk2-devel/2017-March/008109.html and
https://lists.01.org/pipermail/edk2-devel/2017-March/008756.html.

source is also available @ https://github.com/codomania/edk2/tree/sev-rfc-2

The patch series is tested with OvmfIa32.dsc, OvmfIa32X64.dsc and OvmfX64.dsc.
Since memory encryption bit is not accessiable when processor is in 32-bit mode
hence any DMA access in this mode would cause assert. I have also tested the
suspend and resume path, it seems to be working fine. I still need to work to
finish adding the SEV Dma support in QemuFwCfgS3Lib package (see TODO).

Changes since v1:
 - bug fixes in OvmfPkg/ResetVector (pointed by Tom Lendacky)
 - add SEV CPUID and MSR register definition in standard include file
 - remove the MemEncryptLib dependency from PlatformPei. Move AmdSevInitialize()
   implementation in local file inside the PlatformPei package
 - rename MemCryptSevLib to MemEncryptSevLib and add functions to set or
   clear memory encryption attribute on memory region
 - integerate SEV support in BmDmaLib
 - split QemuFwCfgDxePei.c into QemuFwCfgDxe.c and QemuFwCfgPei.c to
   allow building seperate QemuFwCfgLib for Dxe and Pei phase
   (recommended by Laszlo Ersek)
 - add SEV support in QemuFwCfgLib
 - clear the memory encryption attribute from framebuffer memory region


TODO:
 - add support for accessing QEMU system flash device when SEV is enabled
 - add support for DMA operation in QemuFwCfgS3Lib when SEV is enabled
 - investigate SMM/SMI support
 - add virtio support

Brijesh Singh (10):
      OvmfPkg/Include: Define SEV specific CPUID and MSR
      OvmfPkg/ResetVector: add memory encryption mask when SEV is enabled
      OvmfPkg/PlatformPei: Add Secure Encrypted Virutualization (SEV) support
      OvmfPkg/BaseMemcryptSevLib: Add SEV helper library
      OvmfPkg/DxeBmDmaLib: Import DxeBmDmaLib package
      OvmfPkg/DxeBmDmaLib: Fix AllocateBounceBuffer parameter
      OvmfPkg/BmDmaLib: Add SEV support
      OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library support
      OvmfPkg/QemuFwCfgLib: Add Secure Encrypted Virtualization (SEV) support
      OvmfPkg/QemuVideoDxe: Clear the C-bit from framebuffer region when SEV is enabled


 OvmfPkg/Include/Library/BmDmaLib.h                 |    0 
 OvmfPkg/Include/Library/MemEncryptSevLib.h         |   69 +++
 OvmfPkg/Include/Register/AmdSevMap.h               |  133 +++++++
 .../BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf  |   46 ++
 .../BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c   |  124 ++++++
 .../BaseMemEncryptSevLib/X64/MemEncryptSevLib.c    |  120 ++++++
 .../BaseMemEncryptSevLib/X64/VirtualMemory.c       |  304 +++++++++++++++
 .../BaseMemEncryptSevLib/X64/VirtualMemory.h       |  158 ++++++++
 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c          |  409 ++++++++++++++++++++
 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf        |   42 ++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c        |  189 +++++++++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf   |    8 
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c        |  112 +++++
 .../Library/QemuFwCfgLib/QemuFwCfgLibInternal.h    |   38 ++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c        |  209 ++++++++++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiDxe.c     |  116 ------
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf   |    8 
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c        |   82 ++++
 OvmfPkg/OvmfPkgIa32.dsc                            |   10 
 OvmfPkg/OvmfPkgIa32X64.dsc                         |   10 
 OvmfPkg/OvmfPkgX64.dsc                             |   10 
 OvmfPkg/PlatformPei/AmdSev.c                       |   97 +++++
 OvmfPkg/PlatformPei/Platform.c                     |    1 
 OvmfPkg/PlatformPei/Platform.h                     |    5 
 OvmfPkg/PlatformPei/PlatformPei.inf                |    2 
 OvmfPkg/QemuVideoDxe/Gop.c                         |   15 +
 OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf              |    1 
 OvmfPkg/ResetVector/Ia32/PageTables64.asm          |   62 +++
 28 files changed, 2252 insertions(+), 128 deletions(-)
 copy MdeModulePkg/Include/Library/BmDmaLib.h => OvmfPkg/Include/Library/BmDmaLib.h (100%)
 create mode 100644 OvmfPkg/Include/Library/MemEncryptSevLib.h
 create mode 100644 OvmfPkg/Include/Register/AmdSevMap.h
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
 create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h
 create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.c
 create mode 100644 OvmfPkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf
 create mode 100644 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
 copy OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgDxeLib.inf} (82%)
 create mode 100644 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
 delete mode 100644 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiDxe.c
 rename OvmfPkg/Library/QemuFwCfgLib/{QemuFwCfgLib.inf => QemuFwCfgPeiLib.inf} (83%)
 create mode 100644 OvmfPkg/PlatformPei/AmdSev.c

-- 

Brijesh Singh



^ permalink raw reply	[flat|nested] 44+ messages in thread

end of thread, other threads:[~2017-03-28  8:14 UTC | newest]

Thread overview: 44+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-03-21 21:12 [RESEND] [RFC PATCH v2 00/10] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-03-21 21:12 ` [RFC PATCH v2 01/10] OvmfPkg/Include: Define SEV specific CPUID and MSR Brijesh Singh
2017-03-22 16:03   ` Laszlo Ersek
2017-03-23  7:42     ` Fan, Jeff
2017-03-23  9:19       ` Laszlo Ersek
2017-03-27  7:57         ` Fan, Jeff
2017-03-27 11:58           ` Brijesh Singh
2017-03-27 17:33             ` Laszlo Ersek
2017-03-28  0:45             ` Fan, Jeff
2017-03-28  2:19               ` Duran, Leo
2017-03-28  2:25                 ` Fan, Jeff
2017-03-27 15:59           ` Duran, Leo
2017-03-27 16:07             ` Brijesh Singh
2017-03-21 21:12 ` [RFC PATCH v2 02/10] OvmfPkg/ResetVector: add memory encryption mask when SEV is enabled Brijesh Singh
2017-03-22 20:20   ` Laszlo Ersek
2017-03-23 15:05     ` Brijesh Singh
2017-03-23 16:16       ` Laszlo Ersek
2017-03-23 16:48         ` Brijesh Singh
2017-03-23 16:54           ` Laszlo Ersek
2017-03-23 17:44             ` Brijesh Singh
2017-03-21 21:13 ` [RFC PATCH v2 03/10] OvmfPkg/PlatformPei: Add Secure Encrypted Virutualization (SEV) support Brijesh Singh
2017-03-27  8:23   ` Laszlo Ersek
2017-03-27 12:22     ` Brijesh Singh
2017-03-21 21:13 ` [RFC PATCH v2 04/10] OvmfPkg/BaseMemcryptSevLib: Add SEV helper library Brijesh Singh
2017-03-27  9:19   ` Laszlo Ersek
2017-03-27 10:07     ` Laszlo Ersek
2017-03-27 18:44       ` Brijesh Singh
2017-03-28  8:14         ` Laszlo Ersek
2017-03-21 21:13 ` [RFC PATCH v2 05/10] OvmfPkg/DxeBmDmaLib: Import DxeBmDmaLib package Brijesh Singh
2017-03-27  9:22   ` Laszlo Ersek
2017-03-21 21:13 ` [RFC PATCH v2 06/10] OvmfPkg/DxeBmDmaLib: Fix AllocateBounceBuffer parameter Brijesh Singh
2017-03-27  9:21   ` Laszlo Ersek
2017-03-27 18:40     ` Brijesh Singh
2017-03-21 21:13 ` [RFC PATCH v2 07/10] OvmfPkg/BmDmaLib: Add SEV support Brijesh Singh
2017-03-27  9:28   ` Laszlo Ersek
2017-03-21 21:13 ` [RFC PATCH v2 08/10] OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library support Brijesh Singh
2017-03-27  9:41   ` Laszlo Ersek
2017-03-21 21:13 ` [RFC PATCH v2 09/10] OvmfPkg/QemuFwCfgLib: Add Secure Encrypted Virtualization (SEV) support Brijesh Singh
2017-03-27 10:19   ` Laszlo Ersek
2017-03-27 19:24     ` Brijesh Singh
2017-03-28  8:12       ` Laszlo Ersek
2017-03-21 21:13 ` [RFC PATCH v2 10/10] OvmfPkg/QemuVideoDxe: Clear the C-bit from framebuffer region when SEV is enabled Brijesh Singh
2017-03-27 10:29   ` Laszlo Ersek
  -- strict thread matches above, loose matches on Subject: below --
2017-03-21 20:59 [RFC PATCH v2 00/10] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-03-21 20:59 ` [RFC PATCH v2 01/10] OvmfPkg/Include: Define SEV specific CPUID and MSR Brijesh Singh

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox