| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Nov 2017 15:57:13 -0800
From: Steve Rutherford <srutherford@...gle.com>
To: Brijesh Singh <brijesh.singh@....com>
Cc: x86@...nel.org, KVM list <kvm@...r.kernel.org>,
LKML <linux-kernel@...r.kernel.org>,
Borislav Petkov <bp@...en8.de>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...e.de>,
Andy Lutomirski <luto@...nel.org>,
Tom Lendacky <thomas.lendacky@....com>,
Paolo Bonzini <pbonzini@...hat.com>,
Radim KrĠmář
<rkrcmar@...hat.com>
Subject: Re: [Part1 PATCH v7 00/17] x86: Secure Encrypted Virtualization (AMD)
One piece that seems missing here is the handling of the vmm
communication exception. What's the plan for non-automatic exits? In
particular, what's the plan for emulated devices that are currently
accessed through MMIO (e.g. the IOAPIC)?
Maybe I'm getting ahead of myself: What's the testing story? (since I
don't think linux would boot with these patches, I'm curious what you
are doing to ensure these pieces work)
On Fri, Oct 20, 2017 at 7:30 AM, Brijesh Singh <brijesh.singh@....com> wrote:
> This part of Secure Encrypted Virtualization (SEV) series focuses on the
> changes required in a guest OS for SEV support.
>
> When SEV is active, the memory content of guest OS will be transparently
> encrypted with a key unique to the guest VM.
>
> SEV guests have concept of private and shared memory. Private memory is
> encrypted with the guest-specific key, while shared memory may be encrypted with
> hypervisor key. Certain type of memory (namely insruction pages and guest page
> tables) are always treated as private. Due to security reasons all DMA
> operations inside the guest must be performed on shared memory.
>
> The SEV feature is enabled by the hypervisor, and guest can identify it through
> CPUID function and the 0xc0010131 (F17H_SEV) MSR. When enabled, page table
> entries will determine how memory is accessed. If a page table entry has the
> memory encryption mask set, then that memory will be accessed using
> guest-specific key. Certain memory (instruction pages, page tables) will always
> be accessed using guest-specific key.
>
> This patch series builds upon the Secure Memory Encryption (SME) feature. Unlike
> SME, when SEV is enabled, all the data (e.g EFI, kernel, initrd, etc) will have
> been placed into memory as encrypted by the guest BIOS.
>
> The approach that this patch series takes is to encrypt everything possible
> starting early in the boot. Since the DMA operations inside guest must be
> performed on shared memory hence it uses SW-IOTLB to complete the DMA operations.
>
> The following links provide additional details:
>
> AMD Memory Encryption whitepaper:
> http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
>
> AMD64 Architecture Programmer's Manual:
> http://support.amd.com/TechDocs/24593.pdf
> SME is section 7.10
> SEV is section 15.34
>
> Secure Encrypted Virutualization Key Management:
> http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf
>
> KVM Forum Presentation:
> http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
>
> SEV Guest BIOS support:
> SEV support has been accepted into EDKII/OVMF BIOS
> https://github.com/tianocore/edk2/commits/master
>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Ingo Molnar <mingo@...hat.com>
> Cc: "H. Peter Anvin" <hpa@...or.com>
> Cc: Borislav Petkov <bp@...e.de>
> Cc: Andy Lutomirski <luto@...nel.org>
> Cc: Tom Lendacky <thomas.lendacky@....com>
> Cc: Brijesh Singh <brijesh.singh@....com>
> Cc: Paolo Bonzini <pbonzini@...hat.com>
> Cc: "Radim KrĠmář" <rkrcmar@...hat.com>
> Cc: kvm@...r.kernel.org
> Cc: linux-kernel@...r.kernel.org
> Cc: x86@...nel.org
>
> ---
> This series is based on tip/master commit : 7ffee292ddca (Merge branch 'x86/urgent')
>
> Complete git tree is available: https://github.com/codomania/tip/tree/sev-v7-p1
>
> Changes since v6:
> * include jump_label.h to fix the build error seen with one of the randconfig
>
> Changes since v5:
> * enhance early_set_memory_decrypted() to do memory contents encrypt/decrypt in
> addition to C bit changes.
>
> Changes since v4:
> * rename per-CPU define to DEFINE_PER_CPU_DECRYPTED
> * add more comments in per-CPU section definition
> * rename __sev_active() to sev_key_active() to use more obivious naming
> * changes to address v4 feedbacks
>
> Changes since v3:
> * use static key to branch the unrolling of rep ins/outs when SEV is active
> * simplify the memory encryption detection logic
> * rename per-cpu define to DEFINE_PER_CPU_UNENCRYPTED
> * simplfy the logic to map per-cpu as unencrypted
> * changes to address v3 feedbacks
>
> Changes since v2:
> * add documentation
> * update early_set_memory_* to use kernel_physical_mapping_init()
> to split larger page into smaller (recommended by Boris)
> * changes to address v2 feedback
> * drop hypervisor specific patches, those patches will be included in part 2
>
> Brijesh Singh (5):
> Documentation/x86: Add AMD Secure Encrypted Virtualization (SEV)
> description
> x86: Add support for changing memory encryption attribute in early
> boot
> percpu: Introduce DEFINE_PER_CPU_DECRYPTED
> X86/KVM: Decrypt shared per-cpu variables when SEV is active
> X86/KVM: Clear encryption attribute when SEV is active
>
> Tom Lendacky (12):
> x86/mm: Add Secure Encrypted Virtualization (SEV) support
> x86/mm: Don't attempt to encrypt initrd under SEV
> x86/realmode: Don't decrypt trampoline area under SEV
> x86/mm: Use encrypted access of boot related data with SEV
> x86/mm: Include SEV for encryption memory attribute changes
> x86/efi: Access EFI data as encrypted when SEV is active
> resource: Consolidate resource walking code
> resource: Provide resource struct in resource walk callback
> x86/mm, resource: Use PAGE_KERNEL protection for ioremap of memory
> pages
> x86/mm: Add DMA support for SEV memory encryption
> x86/boot: Add early boot support when running with SEV active
> x86/io: Unroll string I/O when SEV is active
>
> Documentation/x86/amd-memory-encryption.txt | 30 ++-
> arch/powerpc/kernel/machine_kexec_file_64.c | 12 +-
> arch/x86/boot/compressed/Makefile | 1 +
> arch/x86/boot/compressed/head_64.S | 16 ++
> arch/x86/boot/compressed/mem_encrypt.S | 120 +++++++++++
> arch/x86/boot/compressed/misc.h | 2 +
> arch/x86/boot/compressed/pagetable.c | 8 +-
> arch/x86/entry/vdso/vma.c | 5 +-
> arch/x86/include/asm/io.h | 43 +++-
> arch/x86/include/asm/mem_encrypt.h | 14 ++
> arch/x86/include/asm/msr-index.h | 3 +
> arch/x86/include/uapi/asm/kvm_para.h | 1 -
> arch/x86/kernel/crash.c | 18 +-
> arch/x86/kernel/kvm.c | 40 +++-
> arch/x86/kernel/kvmclock.c | 65 +++++-
> arch/x86/kernel/pmem.c | 2 +-
> arch/x86/kernel/setup.c | 6 +-
> arch/x86/mm/ioremap.c | 123 +++++++++---
> arch/x86/mm/mem_encrypt.c | 300 +++++++++++++++++++++++++++-
> arch/x86/mm/pageattr.c | 4 +-
> arch/x86/platform/efi/efi_64.c | 16 +-
> arch/x86/realmode/init.c | 5 +-
> include/asm-generic/vmlinux.lds.h | 19 ++
> include/linux/ioport.h | 7 +-
> include/linux/kexec.h | 2 +-
> include/linux/mem_encrypt.h | 7 +-
> include/linux/percpu-defs.h | 15 ++
> kernel/kexec_file.c | 5 +-
> kernel/resource.c | 76 ++++---
> lib/swiotlb.c | 5 +-
> 30 files changed, 847 insertions(+), 123 deletions(-)
> create mode 100644 arch/x86/boot/compressed/mem_encrypt.S
>
> --
> 2.9.5
>
Powered by blists - more mailing lists