From patchwork Tue Dec 5 01:06:11 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10091845 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id C415260327 for ; Tue, 5 Dec 2017 01:08:30 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B89F1294DE for ; Tue, 5 Dec 2017 01:08:30 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AC621294EA; Tue, 5 Dec 2017 01:08:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3DA1F294DE for ; Tue, 5 Dec 2017 01:08:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752472AbdLEBIQ (ORCPT ); Mon, 4 Dec 2017 20:08:16 -0500 Received: from mail-by2nam01on0087.outbound.protection.outlook.com ([104.47.34.87]:63748 "EHLO NAM01-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752229AbdLEBGm (ORCPT ); Mon, 4 Dec 2017 20:06:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=NbNMfEt9oYTw2S2twaTSqrYo2OnCPFfesEMv4+cUvO4=; b=CZIgHrccNhbIGzCkYk0M6fsRTOGklxf9Tgl6THgs3yoBLh1kmX1Gkr616p8PbHQzwUUwqs4sx89tJ4xT7o7VTWtftfypTBJKRPx3SC64/CPcQ+4NiRVL78hpD9VU+vlvixYqSgNt0kPWevEn71DIy3oTyINE8lMnAk3joGUhPB8= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.282.5; Tue, 5 Dec 2017 01:06:37 +0000 From: Brijesh Singh To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org Cc: bp@alien8.de, Brijesh Singh , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?q?Radim=20Kr=C4=8Dm=C3=A1=C5=99?= , Joerg Roedel , Borislav Petkov , Tom Lendacky Subject: [Part2 PATCH v9 33/38] KVM: SVM: Add support for SEV DEBUG_ENCRYPT command Date: Mon, 4 Dec 2017 19:06:11 -0600 Message-Id: <20171205010616.5958-4-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20171205010616.5958-1-brijesh.singh@amd.com> References: <20171205010616.5958-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR04CA0055.namprd04.prod.outlook.com (2603:10b6:405:3b::44) To DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2a15909d-52f6-4b7f-47cb-08d53b7c7002 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(5600026)(4604075)(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(48565401081)(2017052603286); SRVR:DM2PR12MB0156; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 3:2AakLIrg4BFDm5SkLK8VOX26uMttS1fv9aRj/21Le0UsSbFiTDlBaDnWKKqlrSWKA9uUNpHC3Ao68l91oBSwBDMkuFLuaC9BuseGEdfeT8z+jr7Gso5HdXc/Jw2kDfkvPexnnCpTjznmgbFqv56EXOvl+2UVCn4A8ub1EBuk2KpwWsVqpC1pi+zlSV31ZRRVus48kTD/VvSKM5b41Vah84yPMLm9aylkofJRH9doS6GKkUhyq0ctWqIUA5j/SGrZ; 25:2H2TpqD7diGkilGVepjX0avhCbKthXoU3Wmb0Z6mMMakPxXzLWJXZ67muotwaD7Vy9yBnu3yeLYYKN4xQR8jmzPgOD/FQPj5xRGm680XEB6Q+o5TqN9jhLWzlrw2qqj7IYBgGAnVwDzypTCLVITUarySMbzikTv8Jh94B65feUpW+7+DSmjf3lZ7ZOYhiA2ILXiPcGWGC2TabufsYB51kvpfV/x1dqFo6YPEw0Y5JsKtgz+9jo2//a1Cwatduji/YEC7dUM+3Uh3qAf0Isw5byjhBHkRHAffPEdwG8kG3QiOwteXN507MEc3arLuTKfFtK4cmvwl93QQj1RtoeMgWA==; 31:vNRsOfxnplqdXQ9saV6DaX5aveJhDAQSKvx4tPLKTqXYIp9G2ID8Bp1Kv0qBdKHv1vKKHn3OJqop/GARjVzOfjRbO8xggiZrEeITTacaroIZPDEWag/QCGzJHIRSdmUUl5js/kKK+zpn8HwwNqwM7uJhDxKa3CoqQjLVq1oyEBCKdeSvCoksHyFo0GHRjuFGJl3vL+gUojpiioAvy9hmSew+HydAhvUIapQKzbKlb3E= X-MS-TrafficTypeDiagnostic: DM2PR12MB0156: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:ZFHsU1HQmpEfeK0Uvgc5LKaxt9C5oYI14pRyT2npwKe60nQUAG/Z3zShzTOGtd4T84/F16fDQYFIA9aKgt+E2g3uNq4cdwMEss0cia9+MG0J2d/rRvTjMQkNUBG55ROO07OH6KvYhWJatidv+HnOIhgOnxumfKx4sB4f8XJTpmfijWn7nygC3wJL6LqntEh5LToWX35ODyPzwH7zo9rMdJs+uSUPu6SH6klfw+wxqSn4b97H0G6Lpdsqf58/mM7ae/pEH9CbeUKtI1UW/rrM4BDfYpd2+1MQ3bKzpwWgjqbxBp4TpNlW7WyXyDr1ERSkwl2FOPx9Ag17+/T9zPtYOnTUkM7AJ8NnBVqTKfiIOAk/1Hwyxcr//B0SbmC/gXVVw2/92ogdafkC3HpaBL3h3pk555+2StL4rjvjPSSPgXc2ofY0tE11KIZ/AAt66y2abRkNHQTlxFSrnnNtVknTRnYlhkY0H5t1mJ+U71Y5JN9jvLiqDrHX/TOf+/aG8HFs; 4:2EKsbzcVbUubvpYgEkQUWhv0aw6Mv0vTKDpKT7qJXMKhArO0+qaaHs7ZMAOk44oGUVVbJAyUfyA+MQjwvYSjrbBASb7hcy7yMhJV3xxO+aj7AdQxztqGAkt7qeouquXgc6xCFDd7N4ONXQNcdlgsFaouBVoJxkelCSK9EY1IuyZw03+mExvZjvSfnsQGBZTBzxFP+btfBQwvZHe3KMCqJujpQAwqGqbMdeKX5x2UV26sE9FXQe7BESLDnE6DcCYQJwCNnnE/JVB+YLEinp14yja0XLKPBT22sya5uxm90qfJ8XYYyqat/k0Q0ELfJa0qIyW7Tcc7Dc5EkRppf951DA== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(9452136761055)(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231022)(6055026)(6041248)(20161123562025)(20161123560025)(20161123558100)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(201708071742011); SRVR:DM2PR12MB0156; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:DM2PR12MB0156; X-Forefront-PRVS: 0512CC5201 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(6009001)(376002)(346002)(39860400002)(366004)(189002)(199003)(316002)(66066001)(50466002)(23676004)(47776003)(25786009)(54906003)(86362001)(53416004)(7696005)(76176011)(16526018)(36756003)(8936002)(81166006)(6486002)(81156014)(305945005)(50226002)(7736002)(53936002)(5660300001)(52116002)(2950100002)(6666003)(33646002)(4326008)(101416001)(8676002)(478600001)(2906002)(7416002)(2870700001)(1076002)(189998001)(106356001)(6116002)(3846002)(68736007)(97736004)(105586002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0156; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU2OzIzOm0yNUNxcGg2bjl0bjcvWWhFMWZDVVBocXBR?= =?utf-8?B?anBwa2dsZHB2TGlUZGdLdGxkVnhwV0JyRXVuSjBaTWZVcXVRSkdPcXhnaEJ0?= =?utf-8?B?bzNmZVpZWjhHazNSRkpoNGp0QkZoVXNlY1dOeU5GTk01aDlPZFliYUZmcGUw?= =?utf-8?B?SHRFSUNjY1NzbUYrcThkOStPT1V0eWhGMmV0bWVmRHFWU3RsZldKRzZsV29P?= =?utf-8?B?UjFvdVFYTFd3RGNtbHJXL0tCSkNoY1RxWWl6SGkrQU1WcUw5Tld1VEU1Y1Zp?= =?utf-8?B?M09pQWV4M2ZKbktTOGlJL1JNV0JRSFVlK1JxdGV3WmVLSDBnbC9JQnpLckZt?= =?utf-8?B?NVlXY3ROUHc4bG5TSForcVlzd2NqeTFrWnAzOWttRWw1VjQ1ZTFaNDEzU3lz?= =?utf-8?B?YVc5SjVhQ29DQ1hycDdqc1BFaDFvWTh0VVRQMHNWUGY3NWp3YWVBU1NGOW9W?= =?utf-8?B?eTl6MXdRVk9BRCtUVkQ2VEV0TlpjRFhCakhCY0RCS05Hb3IrV0ttVGR2VERh?= =?utf-8?B?YmhmOVhnYVJKZVcwR3pHcUdSQTd2YlBkUDZBTU9VbjIvVDlMNDdFTlVLb0lE?= =?utf-8?B?SGdxcXhRVVRhNFNqWllhakpRejV4dnU3OFpiejJlczNTTzZHYWpzRk5pWTlP?= =?utf-8?B?bWdXOVNIcFRZNkwwK1Irdk9xTW95Q0hWZzZEbWZDWHhic09BTGoxSEhYUGtS?= =?utf-8?B?OUgrV2dtRFJxMTI5UGo5clNLV3QwMldYVit2UFdqaXdjTElZQnJpeTdqbWN3?= =?utf-8?B?b3JIRDI3WEpKalVjQllCUmRRSU5LemZoWjFMN3R3Z0JwOUtRb0E4MnVlSURz?= =?utf-8?B?YUJhQ3hvSHVzS2p3Y21MNllicXF3d0dRdmlnMFZQQWhCOGlGSld4UW1QMHVx?= =?utf-8?B?OXJtelh1dlhtWW9Hc3NHOTFxdC9VSTlyNnlleTBqcE94THBwSVRKNTBnUFpw?= =?utf-8?B?TWR2MmE4cUdTZlo3YWN1QithMThZamwvdFdRUlp4eHVtdllQMXZWcStURDFE?= =?utf-8?B?MnBJZkZ5Q2dCUG5HOUxyN2x1VXMrMU1KS2NXaW81amZ2MmR3d1kvRG9MRGh6?= =?utf-8?B?U2cralNwWWR2SllydlFVUG5zNlZPY1lqc3Rlby9uTG9JS2hVQlVDeVJUamY4?= =?utf-8?B?djZqdUNyU2NrcUkzazB0NWhGL3gzWVo3T0RTVDJUb2FNVlA3QlRtTTg5N0hY?= =?utf-8?B?d05uOEpmbmJzY01idHVtYmdlSTk2eWx6NkpiNmZiTnZEV3lFa2xSRk9JZDZB?= =?utf-8?B?RmFsMEk0UGJSVXREeEp3NVNUMWdDalZEYm9MeFBBQnU4NGFYMXNISWl6bG9Q?= =?utf-8?B?eDJueFR2ZFpjM2JjTFRUbzRON0JDa2xZOTF2WGlnSlRocWNkT3VSZThPUjZi?= =?utf-8?B?ZVYvdm11cWViL3hrRlQwT0YyN2JLeTVRU2s4bFU0bzBrRWxnelRtUFFsUXBq?= =?utf-8?B?WDIwYXJPQWdqdHlIM2YyTWkwU0M0Z1ZodVpuUlY4VXVSQkVzSi9VV3FMai9K?= =?utf-8?Q?3rJllgBg78PDRwXnx/ShQo9kQ=3D?= X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 6:tLSZJ0ukFkyrEy0ByFSO3FejeaXxHNwiiHMCJtdn6Kx82zwIOL+p/aHu5XFI29pRYIokzBhJnIvkGwCgGMPd0VdoF+pZNPbV8ErDN8wt8r2igs8qcbALuaUshr2NPQp8r54bMIh3USW0ffSBCFOnXPYxS0TZHaFG+u4FX6DMjBzko7A2ll9o+cEfvDtTPODgvET0xLOsUZvvgZRiWLwioESkdonuJj6PVOfSIP5oBgmY8WJRA8HEwRX65ZO+qVGCmP4ydPkj+ExCsUGWUV0TldXdvysiupP08IgOIGD8mQuP2vmkz4RPA3TUTTFyttLY9pMRU8ptwYGj0iR101dKawiou9yOxn2CkTK3+cF+WNE=; 5:I0Q9A63PBBXs5k1AlnWHRQ6m+4sNmm8G8p99tTkLdiGI4TDl2doBb/UaVvluN2nFtMUDgGuMXxsjmWH1LQUvSQyPlKpQyqQYw/F1ic6Jw4fGFgaEZPtMfztKoElDsg7TdnKK5DdcCuhDWu8gZe57IDxcn/nUCHpUGQfRBi7aQh0=; 24:J5vbRUsnOwf6jxsvGxNgVNf5eG/Tjhn7tYLuXSzd8gANdtPnkZrb5HoUL2ME0Ofeevc0SQIipYo0IUi+jUaWzYp99T9hvodh8NXc0XctNqM=; 7:yv8YHfl6TfkRSETJdzoJAAdbSa6Ck6Bu0+PWNqQc59AdEEdH5Y3Y/hfp+2cGjyGl51zaf7lDl81mqvEuc/XZ2JjT2aUxiH+WsBsWaeH99CXfavLZXk3t5gtLOejGgwObOn84L1JPzSKVvmzepyIxeUpDUGKryS1Zvx07cKhJYBh/ZDtoyqkWt3Eu2nBhf6oiFGQqVc2SQEuDYIGA5CZneP9rHHTbWDMU0JAXb2P9rNuAIWTadqZY16c43gqjMYmn SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:R9sE0LKfaDXUAUWLnZxKchci+7rOJssuqU1zFyEj4hd9JLuUS5JyYd3p3YN4br3gmUoqZGeUnhXonLt39XzlgAXyAGXGoJ9s3YvVnk8vaAx4V4g/2kuVKeWJXrqqr1LFkIcmStG0j14NyU8ny5Df/pbSpOpykdKI6swi0p9GQSjCoBFlQzXjQKZ1SX975+HveK1GEPVpke1TYIHXLoerekQIUhJgEInfH8ZnE8L+ufptst1UtIyC8AGFKO+KREId X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Dec 2017 01:06:37.2567 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2a15909d-52f6-4b7f-47cb-08d53b7c7002 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The command copies a plaintext into guest memory and encrypts it using the VM encryption key. The command will be used for debug purposes (e.g setting breakpoints through gdbserver) Cc: Thomas Gleixner Cc: Ingo Molnar Cc: "H. Peter Anvin" Cc: Paolo Bonzini Cc: "Radim Krčmář" Cc: Joerg Roedel Cc: Borislav Petkov Cc: Tom Lendacky Cc: x86@kernel.org Cc: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 98 +++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 93 insertions(+), 5 deletions(-) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index ec2b864faec2..11d4860997d9 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -6240,6 +6240,83 @@ static int __sev_dbg_decrypt_user(struct kvm *kvm, unsigned long paddr, return ret; } +static int __sev_dbg_encrypt_user(struct kvm *kvm, unsigned long paddr, + unsigned long __user vaddr, + unsigned long dst_paddr, + unsigned long __user dst_vaddr, + int size, int *error) +{ + struct page *src_tpage = NULL; + struct page *dst_tpage = NULL; + int ret, len = size; + + /* If source buffer is not aligned then use an intermediate buffer */ + if (!IS_ALIGNED(vaddr, 16)) { + src_tpage = alloc_page(GFP_KERNEL); + if (!src_tpage) + return -ENOMEM; + + if (copy_from_user(page_address(src_tpage), + (void __user *)(uintptr_t)vaddr, size)) { + __free_page(src_tpage); + return -EFAULT; + } + + paddr = __sme_page_pa(src_tpage); + } + + /* + * If destination buffer or length is not aligned then do read-modify-write: + * - decrypt destination in an intermediate buffer + * - copy the source buffer in an intermediate buffer + * - use the intermediate buffer as source buffer + */ + if (!IS_ALIGNED(dst_vaddr, 16) || !IS_ALIGNED(size, 16)) { + int dst_offset; + + dst_tpage = alloc_page(GFP_KERNEL); + if (!dst_tpage) { + ret = -ENOMEM; + goto e_free; + } + + ret = __sev_dbg_decrypt(kvm, dst_paddr, + __sme_page_pa(dst_tpage), size, error); + if (ret) + goto e_free; + + /* + * If source is kernel buffer then use memcpy() otherwise + * copy_from_user(). + */ + dst_offset = dst_paddr & 15; + + if (src_tpage) + memcpy(page_address(dst_tpage) + dst_offset, + page_address(src_tpage), size); + else { + if (copy_from_user(page_address(dst_tpage) + dst_offset, + (void __user *)(uintptr_t)vaddr, size)) { + ret = -EFAULT; + goto e_free; + } + } + + paddr = __sme_page_pa(dst_tpage); + dst_paddr = round_down(dst_paddr, 16); + len = round_up(size, 16); + } + + ret = __sev_issue_dbg_cmd(kvm, paddr, dst_paddr, len, error, true); + +e_free: + if (src_tpage) + __free_page(src_tpage); + if (dst_tpage) + __free_page(dst_tpage); + return ret; +} + static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec) { unsigned long vaddr, vaddr_end, next_vaddr; @@ -6292,11 +6369,19 @@ static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec) d_off = dst_vaddr & ~PAGE_MASK; len = min_t(size_t, (PAGE_SIZE - s_off), size); - ret = __sev_dbg_decrypt_user(kvm, - __sme_page_pa(src_p[0]) + s_off, - dst_vaddr, - __sme_page_pa(dst_p[0]) + d_off, - len, &argp->error); + if (dec) + ret = __sev_dbg_decrypt_user(kvm, + __sme_page_pa(src_p[0]) + s_off, + dst_vaddr, + __sme_page_pa(dst_p[0]) + d_off, + len, &argp->error); + else + ret = __sev_dbg_encrypt_user(kvm, + __sme_page_pa(src_p[0]) + s_off, + vaddr, + __sme_page_pa(dst_p[0]) + d_off, + dst_vaddr, + len, &argp->error); sev_unpin_memory(kvm, src_p, 1); sev_unpin_memory(kvm, dst_p, 1); @@ -6347,6 +6432,9 @@ static int svm_mem_enc_op(struct kvm *kvm, void __user *argp) case KVM_SEV_DBG_DECRYPT: r = sev_dbg_crypt(kvm, &sev_cmd, true); break; + case KVM_SEV_DBG_ENCRYPT: + r = sev_dbg_crypt(kvm, &sev_cmd, false); + break; default: r = -EINVAL; goto out;