From patchwork Thu Mar 2 15:18:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9600553 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id D40BA60522 for ; Thu, 2 Mar 2017 15:44:40 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C4F78285B1 for ; Thu, 2 Mar 2017 15:44:40 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id B89DD285B3; Thu, 2 Mar 2017 15:44:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4D93D285B5 for ; Thu, 2 Mar 2017 15:44:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752653AbdCBPm6 (ORCPT ); Thu, 2 Mar 2017 10:42:58 -0500 Received: from mail-bl2nam02on0057.outbound.protection.outlook.com ([104.47.38.57]:50579 "EHLO NAM02-BL2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751628AbdCBPlh (ORCPT ); Thu, 2 Mar 2017 10:41:37 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=5HFi7oijsH8ZzeRZiY2Ur7rRhkOFxFrktRDWVXBG7Tk=; b=eCn6gAusMQW99mOjj7PJdlZmXUHJepfY/xsETHsOqn7PA40IjgzsbOQoq0TqOaJ5OPXZpI0rsD2gnfCMA7a3I8ovUHM96COVi2V9dGPzud7d0qlkwoiEzV0cg/lG/EfppMWOmscyMg7pNjythtfkZgYxxMHlmZAqQ62mY/9RCic= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from [127.0.1.1] (165.204.77.1) by BN6PR12MB1601.namprd12.prod.outlook.com (10.172.20.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12; Thu, 2 Mar 2017 15:18:44 +0000 Subject: [RFC PATCH v2 31/32] kvm: svm: Add support for SEV LAUNCH_MEASURE command From: Brijesh Singh To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Date: Thu, 2 Mar 2017 10:18:40 -0500 Message-ID: <148846791999.2349.16796756305829956919.stgit@brijesh-build-machine> In-Reply-To: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> References: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: MWHPR10CA0011.namprd10.prod.outlook.com (10.172.48.21) To BN6PR12MB1601.namprd12.prod.outlook.com (10.172.20.23) X-MS-Office365-Filtering-Correlation-Id: 94ed922a-f3ab-4e2a-b4bd-08d4617f6f31 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:BN6PR12MB1601; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1601; 3:YP7bbDyKaGqFHxdBFWDVfO5M2bLQy9RxE2F1SI4liATrtryfydGKvu+Mr+/KllXXYxw70mLebPUrQ/qsiB//GhNtT/g0VLIIWJbsaronWruJ1UhZXON3lgbZuhwOhg8H2dCafVscvYe02FnbrHiktYECdYMSAkv3an7H/dvv9bLV3UdzmtpjBxYCq0w1y18MJyLFTN6bRRYPqx6pRf3kuDCA7s0wnQWBjLyVNg1f8LuNREtjJAAlrrdzMAnILkf2ImcMPnxXlNxDOlywJajUaQC+jW0W2wIhtLfguddx/FU=; 25:5n2pjZHa9mnHJf4mn72xmodv0OI0dV5SIMxyXQU/RyPqqs/BnPCw0nQXTHOPnWHGvBmviScwuSdR3G3BNTu+pBgN4H5nKf5J+qWTHMefVDHm2Z5oF5qYj8L9IlPB8ue4ietsNYw/+OlHDsx/sZ4bK221c9AZc4Ie9czLhh1tq9kbbCY7HzQS1WdQZG4Q3zO9eKO7lS6Pc0gW5IzMFTaJAoW0pcx+vPuLJP6wTWVhEcqzvlvAIzdwvmHRopOsKkBg19xLKXM6tRXN/9hvKZMKt7Q+JSZ8lMoKuelGIP8nYwTEgNBi1msLjS2esdTStpsWgc2sgIjn8yqaZXpSnBWRE/J1AFze1sbB8u7gRzjF+fwMFPBBzZOR4sFYlv5PxBXcIlA3zmTTyFLdO99jXSbSdSfUoEJCm1iFtQiGwpqlppA61SO+CNuN4dBiAl+X/G2/R0VqCE3yhrL8ZoCJK58yTA== X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1601; 31:KY5QwqBh3wU/Cite90UqUnXCIqRrXwTlN7n8DHKP6DfmknydVCvOdoSQTrzte56Lbz8Om3POycUhq8y0kf8rPK/lNB6Lbpr4rJA4C8GhgIlsT6atOFKzofXF/slvr+9OaLKS+bvqfh1y11x4hBv00Y0+Ey4nUnmyzNx7/oGSFmVn3N8MO56qAhiZA/qXH0lxqPoyV5WT/uTYCIgY3kaCawkx3JnXNhKkycvROiIVMZVwLDgXA4c/xSA6IcOmlwIV; 20:trJGMw+ESmoik4PrYpxOcAovdf7zX4K2LTjaKdcKLickHW9DT6XnbGEWTBWYI4K89i9k1kd2aET+NIciVg302bdKDBV9eUq8XQJwzUDyvP9NtFeCQU+dyw1CdFBPs+a2DScGaCA3a6dNJrZV6pv6KboCJTS7M+9pp6//dsMeup4SE5I55gyPVqxxA/FeH6Vb69R4/SP9FrfJ9J9l3HFZvcZREOsE9sFAlIIYKYwLbmmjwCPu1f8f+xApaDZGfQT3zFsYWeQG4MG6haLMvdm+H/mzTdsHvId/BqyIMo2Do0K4Kw3yvZre8MYZY9W2YPrg2er0L8MulzOksTx8bHCl23p5HQMUCd3SPVU+d8OVfQT5UC1b842VICHNuaDRsH+sLBZW4OjmO4DAsdRhQVEA66v2rmqDvU4Hpk9uoEaMqhId9yZOvKhe93LtUvJ7X4CBXzK4AnV/F3mIRJJP1bBdbPvXUmB+GMJM+ArylV5Jakrlx+lG234jEMSeezeoka/b X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123558025)(20161123555025)(20161123564025)(20161123560025)(20161123562025)(6072148); SRVR:BN6PR12MB1601; BCL:0; PCL:0; RULEID:; SRVR:BN6PR12MB1601; X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1601; 4:KlL2v67zrVkr9yKYUBEBApROeh3wSOX69Uhglvy8RhGpDIo3DGB7DA3ZMJ3gMAFsuC8jrSG+T4E+WbqtkQKNtQVAaHVf8eQo0tRmfZp58Yg2UzZq956qf5SE/rCpxnQmvggmGqbX328EtUx0eMxQWsyuOwgsp3L0/S6KzPupXHnLVurO0gVT5ZL+IK544ua+7Q0mdC/NQ85zG1WqM1ehbjr+VABGmQIRQYz53vHT18GYcrQHbR2xueH5V05skZzImfD75SwUz1hPALw4igfBdWzGKHI70idGIGmEUIGQ4zlCw8YsNKcPW0Y0tORXno/RA+ME+k72GRSMzQLZH959sQEk/Gr2W0oN+JUrftV55NEw6wqbHw6ChPAGCwZ+QhoP9uOyyoJbuxGTuD07kUO/ZGmvCDFmzNvLHFQZZMuNzL7hp5hYlq01ivYD3KEKitzPWuIGCdgt3TUE8zG9KoF782J4JTmPhZgw/2wwtHBJGCqWW9kHqCn3znZByvNspuxDUcVVSrDT/SyGiSlpojVbE7xSUleUQxalamaS2RBIUWBuQmQMops0BXys8y69LiXTYtQt9TIhLcNiDi0Ak0lapU0waPE0WGQ6Sa5jzDmfYnqmPcGi9ppQkZEBwdYXa2VBLfFpAZwVlvxve66qVPbVVoQ4sFjYBDGHIjPP6X+Ud8c= X-Forefront-PRVS: 023495660C X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6049001)(6009001)(7916002)(39410400002)(39450400003)(39840400002)(39860400002)(39850400002)(53936002)(33716001)(4001350100001)(38730400002)(92566002)(8676002)(3846002)(7416002)(23676002)(81166006)(6116002)(77096006)(25786008)(7406005)(2201001)(90366009)(54356999)(33646002)(76176999)(50986999)(6486002)(86362001)(9686003)(83506001)(2950100002)(6666003)(230700001)(47776003)(66066001)(1191002)(7736002)(42186005)(2906002)(305945005)(50466002)(5660300001)(189998001)(103116003)(921003)(2101003)(83996005)(84006005)(217873001)(1121003); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR12MB1601; H:[127.0.1.1]; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTjZQUjEyTUIxNjAxOzIzOmlLTkFBR0E4bkFUVUlrb2dwa0V3dVZwR2Zs?= =?utf-8?B?UEdGdlVSNFBOSm5nN2FDTGw0ckoyVG5GYWJCa0YyMWk1aUJHWWIzbzFRSkNL?= =?utf-8?B?UlJRS0N1Q1UwOWxnNTNMTEQ3akhNeGNNUlpVRFMxUHFvYmdDbEtjeitPeEJw?= =?utf-8?B?Q2xKYTVlajljUCtDN1VQQU82TXA5bDE5SU1sMGNaQk9oQ3NDR3MxZkRRYjJk?= =?utf-8?B?eUpHcnNnTURmRzNnWVhmZUl0OGo4SHZIaWtzdUVUeityNThaSGlFeTFybEZN?= =?utf-8?B?TE45YjlCbTNGS0ZiTHBMQ3k0SXZGcjBVQVJGMENSUjYxcWl1Y1ZVT01Qd0Z1?= =?utf-8?B?QkVnQ3g5YVI1Um1GaHBXUjhXYzBqMVo3cW5UMUU0bFpWMDZJMW1INUE5SnJU?= =?utf-8?B?K0w0VmZQQjhJRWdDNkdvaUJvcnQxUlc1N2E4bG1Zb2pZQ1dGT0k0R1FQOGMw?= =?utf-8?B?cFcwTno2NUVmQ2hnb3RublppR21MeEYvR29NdVc4OWxKQk1pM3V6RjVxTEJu?= =?utf-8?B?bVY1aStIQ2VoUXE0THg3U01CYkNLVTh2TFR3SlJ1S3M5WEVrRCtxRmI0TTdq?= =?utf-8?B?N0hBOWc0ZzVpOXhSZHRGQjdvTmljVGViZ3ZiSzhQTG1rbEt4T3VhUktzN2lk?= =?utf-8?B?UlNXVi8vcEU1WlZsbm9sYXdYWjhveWNtOENHMWJFaGlqbFVWSTRiZGdveVdS?= =?utf-8?B?Vi9VK1A1QmNWaTBxNHB2VXNINHBOMW5XM1dUQjdFcTZJeEN3K1Y3QWo2TWVF?= =?utf-8?B?RjFqQXhLZDRsam9PV2tROGwwLzA2b0puRjVGeUEya2RLc1hVeGpjM3l6SWhR?= =?utf-8?B?Nk9LTkR6TDN2VzROVGxPSm9ydXZDVmM2ZndBbmRUbVprT0k5NWpGZ2RabGNB?= =?utf-8?B?aG43d1RYSzUvL0ZaL3FGMERoYTVZL3F6Q0dqQ3dINitiQnVHZGZYSjdxMkhQ?= =?utf-8?B?RlNBakR5SGdyVXBSTXZrRDZmS1RHV293SlM5bzVkWnhpQ0VISHRpbERyTlpF?= =?utf-8?B?T250anpYd3c5dWpKcUlCNUM1UzRkckl2WW4zQVZJQW5wS1BpQUtDVzVTMVE1?= =?utf-8?B?S0VmQUUwaFpIeHM5KzRyb0pad0dDcDBySXBNV1lGa1JpdnYyQlJFTVVMT2tR?= =?utf-8?B?dlh5UTRoSlBRQ0ZtT0xzT1ZyRkt2OXdtaVB4T2FPZ0tGWm1hSWhLdnhBQkpG?= =?utf-8?B?aXFib3pRZ3BYd3RTRnZhZjUvTjdkakFZeGVRcEhQOGZSdjJrS0tiNHdaL2Rj?= =?utf-8?B?KzdFMG9PeUZBWWdlVklSTTZ2ZDZ0cmtsYWU3NDhuakxWSnNCaWpBcUczK1Jw?= =?utf-8?B?VlpaWWE2UDVWb2x4aXQrMEdNclhrRGtDemkxaVE1ZktnSFlUSXMrMHJzVzh1?= =?utf-8?B?a0ptTUVLSEk3cVVoeTd6TlFpS1VyTnhBOFp5N2hvS3EwWEt0WkVRRHluSith?= =?utf-8?B?S29mUlZOano3UkpBSTVZcCtYaW5RTk1hMXNLU1RnNGViSHVSQTR4L2lFa2FN?= =?utf-8?B?SWM4SEdVNlF1eEtxYTVSamp2RVNlZEFRdjArUXRLeVZmaXdJTUdkRGViQndu?= =?utf-8?B?a3hIU1RjNVovUEtvcHU4QnBNd3BPdzFvQVk4b1dqTUQ5ei9HM0NCWk5SQ3Fo?= =?utf-8?B?QnNmRCtMdWFNVXZRaVlYblZMM2NwdUJIaGpDTkl5NWJsWFBIYXdZbGNEWjVY?= =?utf-8?B?aFRoN2hieEc1QmJCVFFCZHpFT0RmOGJVam5kZG9IYXVHMHBFQ3lGZ09XUlJB?= =?utf-8?B?ekZVTy91OUp5amtlVVNydz09?= X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1601; 6:ww83vpNBdiV4UTzLYQ9qas2gsmPQhfQfMxELQqeENZ5UV5CHSE2RGLmUa2a31PTHNdDaPtolbw1OCn2gqmFQq4kbC8J/CAwdkVCZbtCiUIUaVQjoXCBuVg+cg2TtqWX/JfA9gNJKh5eKYkcNPJuJYMKqstTGWBVfao4i/IOc9z+dh5iwrj02lj42FR5SHFG2RMP9zZ70v1ANCfsQUAXimclPk3j1o7hHwG47wNCWoQm+JYfYbgLQDKkbgXi4iG4fF2jkPsZ4ZRTmIaWJXnCKqAKwHATyLeLtjTxF5fIz758BYrq7c7OURgobGR1h2Hvue/rD3ep3CNjstOh/8We9xzrHysj8QdAOQk+9q682vomKPlRmBcZFsL0QgJngALtNLeJo4lpkxyxHC86HFzhhpbiX7gtrVek9ENpvaXOWp3A=; 5:d/9GU792nwnny55g/dR73PtfNkJMdn/UFbqqS1EB5EpAcjeSgHlxCuFpvo/3uUwIt7DMJ+Xz3VOKPBbttcZJEPu+wtd3lp66viDFiXIbXkDfYRGpsbJB0O8i3vFyi4zAFC9Znt1lOm5THkBu7H4IHg==; 24:N2WjTzp6hAJod4QCxRnublQS5YctEnvmlZfylHT8w0ZBus73yQyICpnvoqT3KTD1c+nXN8xkhIxGBuKOut81bHksMUbiyjC6BG1AHaClM5w= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR12MB1601; 7:VQsojPfx2pSkEg8eg6eCNtOEf8/KLc81Ge2yfPWdAEHIM4WufbI4I+saWz/n7uim5LWdL55LusHEQ/VSj6LpAwhV3ihqfWLWmyqKuUg5QmkW51Xtjo2stZT6WL/IUQz8GFqoHo/QRL5KythRRP2kA0/2Lq+9XDn9XHkPiNKVSrLJ9CleLoB3mPso6KYS8pZZCw6LF0X4twxibAsYrcWCJ9v//a9SSPXmUXDjPds6YFPx423dtwhlvx+8xiA8iMY4B9wt9/fhaUfTCyxIzxRk7cSqu7+QtsbhjSbDIPZrF1S/WwzWGicxWYNO+xXbaiN062ypra81nJHEqMFIKBGLiw==; 20:sFagOgbQuHLPtsTdWQE78K9Kt/DHzIopn5m59DYhRMtiwNq5geTYfddAl4y9Q37FX+itg/LGwcfG8IfvJmGsYiGYeV0bkl+sCSjgLK9YWuZpI2kvlzpA4paxY9dbG01z1++aiz8yRx3KU9Qz5gC/4jgN1v7XGnBrLpmNse651G7yD+TgYRFIAu4QGo2bIZ47cJYggZ1kNwuAIZdkoGM7Fgq3kpMkwsNo35HBZOM8g3SEN4dkjR8LeILOcMh/kh8a X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2017 15:18:44.7631 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR12MB1601 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The command is used to retrieve the measurement of memory encrypted through the LAUNCH_UPDATE_DATA command. This measurement can be used for attestation purposes. Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 64899ed..13996d6 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -6141,6 +6141,54 @@ static int sev_dbg_encrypt(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_launch_measure(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + int ret; + void *addr = NULL; + struct kvm_sev_launch_measure params; + struct sev_data_launch_measure *data; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void *)argp->data, + sizeof(struct kvm_sev_launch_measure))) + return -EFAULT; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + if (params.address && params.length) { + ret = -EFAULT; + addr = kzalloc(params.length, GFP_KERNEL); + if (!addr) + goto err_1; + data->address = __psp_pa(addr); + data->length = params.length; + } + + data->handle = sev_get_handle(kvm); + ret = sev_issue_cmd(kvm, SEV_CMD_LAUNCH_MEASURE, data, &argp->error); + + /* copy the measurement to userspace */ + if (addr && + copy_to_user((void *)params.address, addr, params.length)) { + ret = -EFAULT; + goto err_1; + } + + params.length = data->length; + if (copy_to_user((void *)argp->data, ¶ms, + sizeof(struct kvm_sev_launch_measure))) + ret = -EFAULT; + + kfree(addr); +err_1: + kfree(data); + return ret; +} + static int amd_memory_encryption_cmd(struct kvm *kvm, void __user *argp) { int r = -ENOTTY; @@ -6176,6 +6224,10 @@ static int amd_memory_encryption_cmd(struct kvm *kvm, void __user *argp) r = sev_dbg_encrypt(kvm, &sev_cmd); break; } + case KVM_SEV_LAUNCH_MEASURE: { + r = sev_launch_measure(kvm, &sev_cmd); + break; + } default: break; }