From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web08.878.1614822560607137123 for ; Wed, 03 Mar 2021 17:49:20 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=ki4h3ZEM; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: jiewen.yao@intel.com) IronPort-SDR: t6+vht+MQZgH4KQS3eouX7F1yRrHLfmUDbbKrKCp2oA/Hv4UR7kSjKEkRWUa8AZkvUL/OzUTxJ z/2YLXnyP8Gw== X-IronPort-AV: E=McAfee;i="6000,8403,9912"; a="174957158" X-IronPort-AV: E=Sophos;i="5.81,221,1610438400"; d="scan'208";a="174957158" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Mar 2021 17:49:19 -0800 IronPort-SDR: tyzY5uktGZmUHoAvvw4cZwqX/7xhyVYrXgRlSlXOv35xxfdeY0W5jMOt8Sdl6V6zLgD8RgHXiz 9iAkI436RMAg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.81,221,1610438400"; d="scan'208";a="428480592" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmsmga004.fm.intel.com with ESMTP; 03 Mar 2021 17:49:19 -0800 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Wed, 3 Mar 2021 17:49:18 -0800 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Wed, 3 Mar 2021 17:49:18 -0800 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2 via Frontend Transport; Wed, 3 Mar 2021 17:49:18 -0800 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.36.51) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2106.2; Wed, 3 Mar 2021 17:49:17 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n/E3MdFTxN5WcFRmF0dLFRR9O4LilxhE3Ci9BFtOCpaVpOc54bBPGkBrlH8n3ghBHlPmCQXhJ5A6atzegMVmF+id1e5n+6hn24VWpFp1YzLbFcpf+vQ28wrOEv4jxtTBDu/ukCXNJwwswTEcKFzQzspPA/0ya/Rt0jEVvusGxfgNZXQIJn43kBnB40bVhPmL0EaBKOzarLCn0C7jJul+UZVzRiACAoicUr+h1QJnDl8WZeyKFsD0aTAofSmUdEcs89ZzHPKZmNC0ziJaYroHhkRe5cxrGVhv3gsy0Bx4G3VUSzMOyGr4G2MS1gvwkRasHL2hCEL6MM/IR/j9wH8ExQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LelTN9FAqXjY2EgSHSpzMREH+05jS0yYlh3UhlJcsmI=; b=D3nW9e+qtQO0+CpWNhGpFKkdeo8facQZhqNJboEHRh/OwKmnn5yEpXu9YPiKaXLvDfTAqnUPJNzSSyFHv/X0J3NUTS4qSggcafwuR1GDl5Z8rRqZhd5oPknSf+An9Z6uMEAmQ6bR84SulQF59J+dT7DCNWccNx5KVx+apU7uN/PKSp8xWmS8uUsB8ekwgmADmJDmSoxEOvcg0Fc7I2urQ+JxJkUlbSv4f203qiBCsUMz5G7B+q5ZGpZeAviYhv2wczVdXJMvwYtRRcg20bPhxCYGeqPjljxqHDnkLvCr9XAEiIcW47BjOLFqzrcBHZq6wrqzZuEsu8LUWuhRkJ8kow== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LelTN9FAqXjY2EgSHSpzMREH+05jS0yYlh3UhlJcsmI=; b=ki4h3ZEM7UjANKmh8+SSz3w79dc+WUcx/lRMQTATCS1NjKnrr0V/CD8WdijncP0V1TyW6k5SDUF3V1hHuWmy56ksVYgIb0QvqTrQFpcWXp2nEckrAbwlmy256AqFRGGhTwsuL94b86xxKgLFkwcOPW2ZIMPj2f9/T56thfN+w7M= Received: from BY5PR11MB4166.namprd11.prod.outlook.com (2603:10b6:a03:191::25) by BYAPR11MB3143.namprd11.prod.outlook.com (2603:10b6:a03:92::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3890.20; Thu, 4 Mar 2021 01:49:16 +0000 Received: from BY5PR11MB4166.namprd11.prod.outlook.com ([fe80::5983:f233:56d6:8132]) by BY5PR11MB4166.namprd11.prod.outlook.com ([fe80::5983:f233:56d6:8132%4]) with mapi id 15.20.3912.018; Thu, 4 Mar 2021 01:49:16 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "tobin@linux.ibm.com" CC: Dov Murik , Tobin Feldman-Fitzthum , James Bottomley , Hubertus Franke , Brijesh Singh , Ashish Kalra , Jon Grimm , Tom Lendacky , "Yao, Jiewen" Subject: Re: [edk2-devel] [RFC PATCH 00/14] Firmware Support for Fast Live Migration for AMD SEV Thread-Topic: [edk2-devel] [RFC PATCH 00/14] Firmware Support for Fast Live Migration for AMD SEV Thread-Index: AQHXD6WGO2wl4FzFUEaMI0mL8je3S6pzERzw Date: Thu, 4 Mar 2021 01:49:16 +0000 Message-ID: References: <20210302204839.82042-1-tobin@linux.ibm.com> In-Reply-To: <20210302204839.82042-1-tobin@linux.ibm.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.202] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b9b93f9a-cd0f-41ef-e20f-08d8deafb849 x-ms-traffictypediagnostic: BYAPR11MB3143: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: jy9Sco8ltuamvVNmghwtQQM6IjVU96lRCbO8W4EuE+Cf2f4uBButi84AzvV5jtWLDRiQ9Gpb5SDlN2jzW1HdwJ+lfvEZdlndyfpmnRN3HBTogoun5m7TWQBlIIAa1p4JNe/kPw/Ql7tCjiUJ/CVBo+4p6Hfh1IRiuwEdbCP+uW2ZVg+yb9rICTLdChHKg/drlZt0+ufhBEvU6/FaIwHKUziOK/70L1hSNQBPB0QE0YXzq5czQkqQIMuQpVCdfGfHTqKT1CBHNZQyRi7/P2t/MgYv23uYz1ZtDp4neRRDOzAXOPlJRYmR0BcCqagW2GzUpgrsiRUM4E3rWqQ2NMCV86/MZRqaGK2nKfFwa8QzQNVHUG0xiLCBPR07IqQmbSXWvzD2TwKCoeiT/xEa7m50x9aatWNIZEKVZpA4EC6pts9FHHEmGTojNNH+ehzzijA53QKQ6uHa3RTsJcmYN9/wbxulNjlhDfivKTEEXt42ANrJgAG4P1CvsiEAJJhEF57agIQYpXooNSHzWd7zRM553RNhWo0abYXdqoeRGEmAwRB3oMe/FmBq+QFfcoSzoLOBl6UdtfFRI9quOhPULXWPlUz/bc0SLTY8VLMnm8jgg6Q= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR11MB4166.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(346002)(376002)(396003)(366004)(136003)(39860400002)(7696005)(8936002)(7416002)(5660300002)(64756008)(66446008)(66556008)(478600001)(966005)(66476007)(54906003)(8676002)(52536014)(53546011)(6506007)(110136005)(76116006)(316002)(186003)(19627235002)(4326008)(83380400001)(107886003)(66946007)(33656002)(26005)(2906002)(9686003)(86362001)(71200400001)(55016002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?frNjibTl8SmSjgF7296HEktVq8ORR+dBpLauO5pFC4wnAw8TGlx5E3bmD0/v?= =?us-ascii?Q?X5YkrINN70qZXyvlCcsJ4HkQM/Tfm27fto/m2JxVcozxoyZOLDOKL/9FwcAI?= =?us-ascii?Q?CPgYTpzishqzvFrpv07YCqJYotbl51BivIJ0NcKaMeBKnvRMN/bi5Zi9gpOz?= =?us-ascii?Q?LeeNDtjNQnAAhXXF943icoD4RRI4krnGd1NqeuE9KKBIfV3ijxsfYWJ0WPkv?= =?us-ascii?Q?SSfSpJGspu8kcemMUQi7hKjZBCBvTYLM10zghQN4MI8yDQUQPxyW3tOBr2n7?= =?us-ascii?Q?MqWsk5TgWiiEKqEZVKtcAjigKki/DzBmxgdMuWaqlBuFX6dL5oZMXX7Xsphl?= =?us-ascii?Q?ePOa87rKI1yHAdxsUny22tqexf41oH8hsVc/G2y9s/X/G+80abknREYFiSAR?= =?us-ascii?Q?UkAQ5FqkumYKtKI8nfo2mQdY2Zl+BoB1K92U91cYjHHgjpeSiJbVTop36xCO?= =?us-ascii?Q?TzBnHNrf3XTPD3tmYVznSBqiOU7CDikCHI+ueWHtrEN0BeHBdbQEtxUiYybN?= =?us-ascii?Q?4MP89wfLHjUsBW8bpUhcGsK5L088zUmeacbBAT8eBnFIzgypPjkdzCNrpwxQ?= =?us-ascii?Q?54YKg0z9Wq6kIUMCpIQWb+k2QliVVy8vHxWkfvf2vbSd3nzABo3FgcwhpJJl?= =?us-ascii?Q?el6LO1tMRIA7Yh/BBJktuuprwYWOzkv6NBouZc3Z6tvUgzAO90Mp1xHDiXQF?= =?us-ascii?Q?IS0G0YIT7qLo8H6NW+Y9rSxffzrzkhRajh4H0wCx7WpLVclpOzwzgiYnTPwU?= =?us-ascii?Q?NAfaoMFR7OHpkFJlG94vB+fcKbyHbCNTIpOpcauiknVOCtuZrASJ0Igh1xff?= =?us-ascii?Q?F9jihEFbuCZZT145lG4IvIfrQ0OA86wTMfdY4A9Xft0Oh2/mcCiQP3jeM7R3?= =?us-ascii?Q?zPD8F+fa8wA29MMvnxxjAYeh8G/Oru+K91oWJ8ZQMpEFuHRwBk0gJpnMsr4E?= =?us-ascii?Q?ctDHiLqxTzmHdr8CQUOOWTPPnZkjp9xFISEBPmcCsmao5WoViXPfXUDQqvuR?= =?us-ascii?Q?fCAVVZZsVNoeaPRear//WQQbaihGsBQ4oVEa+7ZegX8ImN4KK2tuqfSJXbSf?= =?us-ascii?Q?T6hpWFNmTOIM2XNCtltNWk5mgx6eGMEmzQFr4tomVYBEjqpsUDR58q5QAdno?= =?us-ascii?Q?Hul0ushTvXBRk0OseqUaJ5yN0GsE03PaR38FpEK6BmYZLQrfa1TRph1qLD8/?= =?us-ascii?Q?fvYSx1toNwzi0YdY7kA8kYJ4rPaoUx/m+GtNyde86Bif0/j/OGolPOQtOdFe?= =?us-ascii?Q?grjps5JDUKmt5P9JWdNvjxQtQIPQ1sRCJMbWpr6HRu5vvhiR9d6W0VgOqXND?= =?us-ascii?Q?l6xIwmUSPuJBYZlYCJPXCJzd?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4166.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b9b93f9a-cd0f-41ef-e20f-08d8deafb849 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2021 01:49:16.3669 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 6JwIar7GWFQiBaKS1G+hqdKwvPLdFSaBtxm9FKQtPC0zpKyNdYgt3tfKTa5uJcSxjnzqWKMKviGe11IJH4zaHQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3143 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Tobin Thanks for your patch. You may that Intel is working on TDX for the same live migration feature. Please give me some time (about 1 work week) to digest and evaluate the pa= tch and impact. Then I will provide feedback. Thank you Yao Jiewen > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Tobin > Feldman-Fitzthum > Sent: Wednesday, March 3, 2021 4:48 AM > To: devel@edk2.groups.io > Cc: Dov Murik ; Tobin Feldman-Fitzthum > ; Tobin Feldman-Fitzthum ; James > Bottomley ; Hubertus Franke ; > Brijesh Singh ; Ashish Kalra ; > Jon Grimm ; Tom Lendacky > > Subject: [edk2-devel] [RFC PATCH 00/14] Firmware Support for Fast Live > Migration for AMD SEV >=20 > This is a demonstration of fast migration for encrypted virtual machines > using a Migration Handler that lives in OVMF. This demo uses AMD SEV, > but the ideas may generalize to other confidential computing platforms. > With AMD SEV, guest memory is encrypted and the hypervisor cannot access > or move it. This makes migration tricky. In this demo, we show how the > HV can ask a Migration Handler (MH) in the firmware for an encrypted > page. The MH encrypts the page with a transport key prior to releasing > it to the HV. The target machine also runs an MH that decrypts the page > once it is passed in by the target HV. These patches are not ready for > production, but the are a full end-to-end solution that facilitates a > fast live migration between two SEV VMs. >=20 > Corresponding patches for QEMU have been posted my colleague Dov Murik > on qemu-devel. Our approach needs little kernel support, requiring only > one hypercall that the guest can use to mark a page as encrypted or > shared. This series includes updated patches from Ashish Kalra and > Brijesh Singh that allow OVMF to use this hypercall. >=20 > The MH runs continuously in the guest, waiting for communication from > the HV. The HV starts an additional vCPU for the MH but does not expose > it to the guest OS via ACPI. We use the MpService to start the MH. The > MpService is only available at runtime and processes that are started by > it are usually cleaned up on ExitBootServices. Since we need the MH to > run continuously, we had to make some modifications. Ideally a feature > could be added to the MpService to allow for the starting of > long-running processes. Besides migration, this could support other > background processes that need to operate within the encryption > boundary. For now, we have included a handful of patches that modify the > MpService to allow the MH to keep running after ExitBootServices. These > are temporary. >=20 > Ashish Kalra (2): > OvmfPkg/PlatformPei: Mark SEC GHCB page in the page encrpytion bitmap. > OvmfPkg/PlatformDxe: Add support for SEV live migration. >=20 > Brijesh Singh (1): > OvmfPkg/BaseMemEncryptLib: Support to issue unencrypted hypercall >=20 > Dov Murik (1): > OvmfPkg/AmdSev: Build page table for migration handler >=20 > Tobin Feldman-Fitzthum (10): > OvmfPkg/AmdSev: Base for Confidential Migration Handler > OvmfPkg/PlatfomPei: Set Confidential Migration PCD > OvmfPkg/AmdSev: Setup Migration Handler Mailbox > OvmfPkg/AmdSev: MH support for mailbox protocol > UefiCpuPkg/MpInitLib: temp removal of MpLib cleanup > UefiCpuPkg/MpInitLib: Allocate MP buffer as runtime memory > UefiCpuPkg/CpuExceptionHandlerLib: Exception handling as runtime > memory > OvmfPkg/AmdSev: Don't overwrite mailbox or pagetables > OvmfPkg/AmdSev: Don't overwrite MH stack > OvmfPkg/AmdSev: MH page encryption POC >=20 > OvmfPkg/OvmfPkg.dec | 11 + > OvmfPkg/AmdSev/AmdSevX64.dsc | 2 + > OvmfPkg/AmdSev/AmdSevX64.fdf | 13 +- > .../ConfidentialMigrationDxe.inf | 45 +++ > .../ConfidentialMigrationPei.inf | 35 ++ > .../DxeMemEncryptSevLib.inf | 1 + > .../PeiMemEncryptSevLib.inf | 1 + > OvmfPkg/PlatformDxe/Platform.inf | 2 + > OvmfPkg/PlatformPei/PlatformPei.inf | 2 + > UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 2 + > UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 2 + > OvmfPkg/AmdSev/ConfidentialMigration/MpLib.h | 235 +++++++++++++ > .../ConfidentialMigration/VirtualMemory.h | 177 ++++++++++ > OvmfPkg/Include/Guid/MemEncryptLib.h | 16 + > OvmfPkg/PlatformDxe/PlatformConfig.h | 5 + > .../ConfidentialMigrationDxe.c | 325 ++++++++++++++++++ > .../ConfidentialMigrationPei.c | 25 ++ > .../X64/PeiDxeVirtualMemory.c | 18 + > OvmfPkg/PlatformDxe/AmdSev.c | 99 ++++++ > OvmfPkg/PlatformDxe/Platform.c | 6 + > OvmfPkg/PlatformPei/AmdSev.c | 10 + > OvmfPkg/PlatformPei/Platform.c | 10 + > .../CpuExceptionHandlerLib/DxeException.c | 8 +- > UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 21 +- > UefiCpuPkg/Library/MpInitLib/MpLib.c | 7 +- > 25 files changed, 1061 insertions(+), 17 deletions(-) > create mode 100644 > OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationDxe.inf > create mode 100644 > OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationPei.inf > create mode 100644 OvmfPkg/AmdSev/ConfidentialMigration/MpLib.h > create mode 100644 > OvmfPkg/AmdSev/ConfidentialMigration/VirtualMemory.h > create mode 100644 OvmfPkg/Include/Guid/MemEncryptLib.h > create mode 100644 > OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationDxe.c > create mode 100644 > OvmfPkg/AmdSev/ConfidentialMigration/ConfidentialMigrationPei.c > create mode 100644 OvmfPkg/PlatformDxe/AmdSev.c >=20 > -- > 2.20.1 >=20 >=20 >=20 >=20 >=20