From patchwork Tue Dec 5 01:04:29 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10091859 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 98AA460327 for ; Tue, 5 Dec 2017 01:09:17 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8DE9F294CE for ; Tue, 5 Dec 2017 01:09:17 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8213B294DE; Tue, 5 Dec 2017 01:09:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0E35F294CE for ; Tue, 5 Dec 2017 01:09:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752838AbdLEBI7 (ORCPT ); Mon, 4 Dec 2017 20:08:59 -0500 Received: from mail-by2nam03on0057.outbound.protection.outlook.com ([104.47.42.57]:42880 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752602AbdLEBF4 (ORCPT ); Mon, 4 Dec 2017 20:05:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=M6Pk+TEPHGN0AIOwf1g1B878XBl7n0cyLhCQeBSGHJE=; b=5lUTPtulSG0eUz1Ve9Z4jZ/pBmRMF3vQD/r4Waw/+VoBMmwyH4fGQZqy1TEUHUsRFxKgblxxqn16kij47nx+1I2CUWhcEpvqphbhgI4kFqqJw3cZ32f6DFsKOO2fAMydB5KPh69QbeRxkdMsdgw+NvhNqZA9UUOJKFL9eX5Gim0= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Tue, 5 Dec 2017 01:05:20 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v9 29/38] KVM: SVM: Add support for KVM_SEV_LAUNCH_MEASURE command Date: Mon, 4 Dec 2017 19:04:29 -0600 Message-Id: <20171205010438.5773-30-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010438.5773-1-brijesh.singh@amd.com> References: <20171205010438.5773-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR0601CA0087.namprd06.prod.outlook.com (52.132.96.156) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3d71ca92-b45f-4f2d-848a-08d53b7c4233 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286); SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 3:5crOwpz7z0KSIM2i4d6c2l2IqUBC5rCIopvhoNIC5BLICmjFE8PEHRIQqWV5gWI9Omv7bx0xWZ5CdgZmhJj33/i7EOZwSsjNELVLQc508k5owJthW5O9SHPCsO5MhN7tx1fgRMfGiABsEeYC0kkjFzve/0o8lTRInc/flkaOTwCDRx0th6fVkXUrlF5spUx5p/TtBQ9Wsu0D60FdMdnrvG3TpVTxu/D9tRSA2eeMCKHMy6g4c4DqgmNox4UJSbmO; 25:Wj3iJlYKL2QASQA8ryUa4f49dA+XZkzotPCgwMIJ71RPY3udD42O6jVUsNlPEN6UWCgPGHkkZ1/cW9+5j8XCjC77215ZgK+L+TwyabcXtrF8FRFEzQS+X+/8mwU6bj/YYc7sGhwKwYBTh1Ysg3XhBSlUvO3fLNP+lk8rX9/pJXRtgVM0LZLQxTOVnpXJC6g8Kw2hkc1JxkLaGmi3mUDA6FDC0NHYkTfg6fpXQ+BX1FVFJ7UNljITwSOamj87VAB/HyAy94QF3Tv48vS4KTXGygo4ZfZPff0bhW16dK1SlpiugEEKYl1vGOpuea3XzUrVecpQJxZ6IuDTgjGYPhkWGA==; 31:NGTfSIW/RkleJT3nsweheGS6mblr0VaUg63bHEPrqpjB7V3gEL3Z7C8G5pkpqFnooOOlZS2dUTTs746Eo4A1uzZ6my12F1VoyEMQPhmI/4SRImji5/eQchxUlvdc9UQDw09U7JySJ3kt3I6Ony1pZDyIeUKm/U/Mkps4/coJEouMlPuUW0hBvkU9RC3p2bOaTEtihA7U2oojC8aHznucjoyR3TeEeJ3lhrpGP4430v0= X-MS-TrafficTypeDiagnostic: CY1PR12MB0149: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 20:np/vhVBnMX/zhoZKkNjSinjUQsMzk8Csu0D12zxT5F2eUpJZDfSbD12dQBgWA3GlykW4Jm3LyNoYmwIDvEZ5op8jQYzAY0sO0FgBefU4OIY9xibN2WNjNoDBwoDVwQtxQq+956sQ5CASthnf7KETZHpAeLlahlo3DdNFoNewD+MPNnShgRV+Zusiyaeo3acWhwFwINMYn/mGr7Azk/W0tKE8y1EdpvBnr6OVsJTA1Rxclp7bxbPRDOdyVCgD6SWUAWZdwaRBNK157Bf+5hBCag5a8zkZg6Stx4vX9rCSCI5yh8c8AqiFzY9uYwRJD3Of1h5fNn+rDIDtbbi/CNL46W2nxVlwbdVch7aPDGXRiegisoP3zNS3JkgrnjgYeY5gM2hbvVXE7xQSlnn1qTJ7sjUH/BnN2xdoxciAKqVsFldAu++6NqTBRJs/l8DrF2QAKzgZzibbzRfhGsfMqkec56SoC9uiiNaTGCA5rfVlD6Nt2EeYTXw5kHlC9gXohjOr; 4:KPHvOnpwb2btENmDI6K08RG4LMyvYgMK6HI4u5nq6KO2ot/bVH/naGAD0y+HIvKag1rO1gbUoWmCiDWDYBik6MaGLS4GuOeO9kbHWdXRWifYPzfZdOwGlFibqLVx0GK6tZlRN6NhjSfP5JmcUNLNnLpAsXe+vExDqWewg8fcxXzN99ScyxgQ6reU+VfRyJzTN3BpsIo8LsJ8AslQTSSMb2yZFurULPhvwPVxIGNT/nkgRuGWMDcJSknXsWoOH/zfXkh2rDamTtIQWmhbn6AR0A8PWq4QWq9QrhX1b/tgr2Xl+THaI2bPD0oYcpkDBoVi+XT2XysQrrHqbSR6UfC5JA== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(3231022)(6055026)(6041248)(20161123558100)(20161123555025)(20161123562025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011); SRVR:CY1PR12MB0149; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:CY1PR12MB0149; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(366004)(39860400002)(346002)(376002)(189002)(199003)(16526018)(189998001)(106356001)(478600001)(7416002)(2870700001)(101416001)(23676004)(52116002)(97736004)(86362001)(7696005)(33646002)(54906003)(25786009)(105586002)(76176011)(316002)(2950100002)(7736002)(2906002)(6486002)(50226002)(81166006)(81156014)(8936002)(53936002)(8676002)(4326008)(1076002)(305945005)(66066001)(6116002)(53416004)(5660300001)(47776003)(68736007)(3846002)(50466002)(36756003); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0149; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwMTQ5OzIzOm45YWdMcXFXV25NT3lvYXg4dVhpWUNBVklQ?= =?utf-8?B?dGdRd2dQZ3hUY3hTVmE3T1FWcmxORGZjR0VkMWpLOHg3RytxQzNSZVRLdFZ1?= =?utf-8?B?dTliVE03NDZQWEZnR3dTYVQvNFMzNDVUMG42QjlESmJFUzcvdmQ3NVJycWhG?= =?utf-8?B?UERVRHBUbXNPZVd0Vmk2WTVhV0dDRllaeFN5eFBSR0Z0Wm5LZFVBcktYM3ZG?= =?utf-8?B?RlZvOWJZMzNMQTBLMmgzYTNGaGRVN1EvRHllWUw0NGUrSzEvU2JTL015aEFJ?= =?utf-8?B?VDVVSWltbXZCcHY5d05uaDZqdkE5V0NKRlk2eXZUY1FISVc5cjU1a1ltQWtv?= =?utf-8?B?dENnMVRhdUl4MlZVUzYrMk5FakMwd2YzOHlIRzVDdHNwR0w3QXdJTkMzSFgz?= =?utf-8?B?ck5MVWNmTXoyMEgwL1p4c3FkVERUQ1NNK0JXYUNlZDFjdXdObnlFQ1JqREJz?= =?utf-8?B?U3dNMjVnRktkR0pFdE1SeEdJa1o0dTI0aUdFZHI3eDZPb2FUeStQSG4wVE5x?= =?utf-8?B?VG9kSkRGYlRaMU50WjVZL2FPNDE3K0xuRXhpVzA1VGkyZDBycEZ3Qjd5eU5v?= =?utf-8?B?eVRiZXU2d2Nob1Fpb0RhM2NHbWlRWjJlSHNzUHJ4WlRQV3E4QlVXMW4wd2Z2?= =?utf-8?B?em9WOU9IS1QwYTRDRWhPT2ZKZU11SWFnWXRFR2FjMy91MWJ2SUdrTU54MEsv?= =?utf-8?B?eWEvWXhZVVhOMjZ1Ky9XOU4vbllIZHhvZUhZSDkwOFJXanpiVEFSR0NkZzNJ?= =?utf-8?B?VjRtUVNpR1VGdEFIR21DVFBEcDNUMmJzOUxqUlpYa25xdGVFVkhkVFJQa09k?= =?utf-8?B?eUk0UzNkdVdVYXdZSTh0RWc5S1BYMUZtenN4Q0QzT1hVak5OcHlHOUljOEY3?= =?utf-8?B?blkxd1FXZmNHZ3lDK1NRSmpwc1JKOGJZZUdJNG5BS05TZ3lyY2NyM0p4Y1RB?= =?utf-8?B?NGZvWWprRjNObThaVlJTYVM4aUNiUmhpU1p4OXViN09XbjBuMHB1ODNqZGdS?= =?utf-8?B?eWhBclBpWWpsclNYdEF5cUF1STMzSGtENk1yRERoTXgvRC9Ic0JiTktXREY0?= =?utf-8?B?Szlnemt1ejJ0NjFLNlRIRWZvRzZoUXJOSDNLV05BeEFnTjlPaXBBWGx4ZjZY?= =?utf-8?B?RGRxNlFFb2hmVk5xcWFxWVhKZURZdWNYMEsyNTdrNEpvK1NCOTd3Q1plYlEr?= =?utf-8?B?YkxFU2R4Zng3M2RsY1gwVFRQUGt0T0NLYVVsSXRpemI3RGlRVFEwUnhZRjVJ?= =?utf-8?B?UE1sVDVNSDVFMUx4RlplbzN1bXZBNUlXRVlxc2QyMWpUNnNrWjFIaFdyalhs?= =?utf-8?B?YW9JbWxhRU1HUFd0bGg3bWZsMWlNbmpSdmg2M3ljTTVlVVNYR0krdStGb29Z?= =?utf-8?B?ZFNQZkVJdFdPR29jVG10aVhZc3RtQUFxQUFOSTlDQUkxYnkyb2lWTUo1QmI4?= =?utf-8?B?KzgvWFBwcTQrcC9FSjNUeGdBa3ZjRmFtS0UxYVNhMGcyRnBadGFuRGdGVHBB?= =?utf-8?B?Z1dBQT09?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 6:evWXIa5dvOTSXOB1XO5E7kaNe+PkzHO+aGA0kDSoETYlawGzzFmdfWpleoiF3amHGdQ+PFANtoTk6PRBxvjNtaVUrmxj3VLiqczyvvCjx/KTVyNQoP/dZmTLQqGJNjq+G6YK+bnSqn8jqB8Vf6huF9VzOpP0x04vziKKWVIPjppOvnIP9OqIMBUuo08+MB7iQqgoRLEbKUXlMMNUOyF+7+Pnevfc+MxJeM4lNTjgf/ysFzd7MJKR0/MobckOuNKOQytczJvppuhdl+L0zQKm5LuK9cgd1EDok4lcYjjtG/QuH7q7uyGy/pO5NjIUybz5uf5bPtJZ+9JBuVdJ99aM+HiwuTzjSNk+qEcFOY0WWe0=; 5:5KugN20pwPN6rYo9TdU9qCoOxM+hOZoncMKThinRhG1q6mkkmPtcaskBIZCPxofz9jkJJJMcxbrTLcI1OjdbwQqf1maNoEPCiVc087sTmdGGigzWNcCMgfEvqwGM0YTqGjRxbmsJ5Xio80Y0Il92lHbft3oSTVyYFOVK73Hb+s0=; 24:VrUu9UeD1I8tM6IGKY/uOcc1Vv8qKUJGE6hJphSSkSC2NPlap7j1wioGgAVdXxa1hHmX9wXw9WEMg8WKDSUj7SUOLCrommVKy1xoPXPy+7A=; 7:JxRQ5jgDGzPrhgufhjHH7RTROEtSGhZWL3YB9SBM7nW5DSqyNJ4WGz2tjgqjL66qmbr74TVPivcIAHzuAkHjYTjXlLMwUbG586A2bam+1bLeZYXylXOgHMnnUmeLawoOHvBHjCH/7yFl4txJJgQ6b4+VjxHHnNRinmRlmWDs8ohhtvLcjR9RToT0JnPXao8A4r5J8CEbh/Qi8LVTjszwciD8m3pSEE0ZOPSfoJHYfz8xOof6Se9fG+SukiA4/do1 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 20:s6cbKYS/hTQm5O/d/UibVtm9X9EUf6OZxNYgqdYTl9OphxvCHDjxDcp8567RSbeNJwap20mc4DIWO24ra+95TUjJ+gJ67m7PYNbEW7VVU67Wt696mF8w0tryO29XhH1ic8EMH9ATcshA0hpsCrt+jq6ODeIDTxUpza+BqSoW2tPYNjMUjgNbzo9DknUsA79biKY56WYSJ40lQjfELUlwHmONjIuptl/5sb6+bm+c3AyhHFAjJReCOTXyfuwrDMTs X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:05:20.9199 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3d71ca92-b45f-4f2d-848a-08d53b7c4233 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The command is used to retrieve the measurement of contents encrypted through the KVM_SEV_LAUNCH_UPDATE_DATA command. Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh Reviewed-by: Borislav Petkov --- arch/x86/kvm/svm.c | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 88951cbef3ec..74e010e6b5b9 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -6042,6 +6042,77 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_launch_measure(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &kvm->arch.sev_info; + struct sev_data_launch_measure *data; + struct kvm_sev_launch_measure params; + void *blob = NULL; + int ret; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + data = kzalloc(sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + /* User wants to query the blob length */ + if (!params.len) + goto cmd; + + if (params.uaddr) { + if (params.len > SEV_FW_BLOB_MAX_SIZE) { + ret = -EINVAL; + goto e_free; + } + + if (!access_ok(VERIFY_WRITE, params.uaddr, params.len)) { + ret = -EFAULT; + goto e_free; + } + + ret = -ENOMEM; + blob = kmalloc(params.len, GFP_KERNEL); + if (!blob) + goto e_free; + + data->address = __psp_pa(blob); + data->len = params.len; + } + +cmd: + data->handle = sev->handle; + ret = sev_issue_cmd(kvm, SEV_CMD_LAUNCH_MEASURE, data, &argp->error); + + /* + * If we query the session length, FW responded with expected data. + */ + if (!params.len) + goto done; + + if (ret) + goto e_free_blob; + + if (blob) { + if (copy_to_user((void __user *)(uintptr_t)params.uaddr, blob, params.len)) + ret = -EFAULT; + } + +done: + params.len = data->len; + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, sizeof(params))) + ret = -EFAULT; +e_free_blob: + kfree(blob); +e_free: + kfree(data); + return ret; +} + static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -6065,6 +6136,9 @@ static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) case KVM_SEV_LAUNCH_UPDATE_DATA: r = sev_launch_update_data(kvm, &sev_cmd); break; + case KVM_SEV_LAUNCH_MEASURE: + r = sev_launch_measure(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out;