Message ID | 20180308124901.83533-21-brijesh.singh@amd.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show
Return-Path: <kvm-owner@kernel.org> Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8202660211 for <patchwork-kvm@patchwork.kernel.org>; Thu, 8 Mar 2018 12:50:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 72241298FE for <patchwork-kvm@patchwork.kernel.org>; Thu, 8 Mar 2018 12:50:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 66B9329902; Thu, 8 Mar 2018 12:50:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EDE42298FE for <patchwork-kvm@patchwork.kernel.org>; Thu, 8 Mar 2018 12:50:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S965613AbeCHMuX (ORCPT <rfc822;patchwork-kvm@patchwork.kernel.org>); Thu, 8 Mar 2018 07:50:23 -0500 Received: from mail-cys01nam02on0080.outbound.protection.outlook.com ([104.47.37.80]:41120 "EHLO NAM02-CY1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S935761AbeCHMuR (ORCPT <rfc822;kvm@vger.kernel.org>); Thu, 8 Mar 2018 07:50:17 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ra6TVBAsE4wXKqwHwKVuBWhQVebjqTlAfcFmIJelUSI=; b=RO6C01ut6wiUfa+I/4sHwH5JVged2NTeiHqN8sA0WKWNYaxVWmc/pegAfaRx2dnSeZI8I8XwjUi2Rh+uL+VOIkjyvXQ0W8oWbJ/zdV7/qmUbIAP0q4j71RsjKTJjGLQNflT4rjL1FxleO4h92ZkQPTJZvleIvHFxr7R//H4rxmA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Thu, 8 Mar 2018 12:50:12 +0000 From: Brijesh Singh <brijesh.singh@amd.com> To: qemu-devel@nongnu.org Cc: Alistair Francis <alistair.francis@xilinx.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Cornelia Huck <cornelia.huck@de.ibm.com>, "Daniel P . Berrange" <berrange@redhat.com>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>, "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>, Eduardo Habkost <ehabkost@redhat.com>, Eric Blake <eblake@redhat.com>, kvm@vger.kernel.org, Marcel Apfelbaum <marcel@redhat.com>, Markus Armbruster <armbru@redhat.com>, Paolo Bonzini <pbonzini@redhat.com>, Peter Crosthwaite <crosthwaite.peter@gmail.com>, Peter Maydell <peter.maydell@linaro.org>, Richard Henderson <richard.henderson@linaro.org>, Stefan Hajnoczi <stefanha@gmail.com>, Thomas Lendacky <Thomas.Lendacky@amd.com>, Borislav Petkov <bp@suse.de>, Alexander Graf <agraf@suse.de>, Bruce Rogers <brogers@suse.com>, Brijesh Singh <brijesh.singh@amd.com>, Richard Henderson <rth@twiddle.net> Subject: [PATCH v12 20/28] hw/i386: set ram_debug_ops when memory encryption is enabled Date: Thu, 8 Mar 2018 06:48:53 -0600 Message-Id: <20180308124901.83533-21-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180308124901.83533-1-brijesh.singh@amd.com> References: <20180308124901.83533-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR14CA0031.namprd14.prod.outlook.com (2603:10b6:404:13f::17) To DM2PR12MB0156.namprd12.prod.outlook.com (2a01:111:e400:50ce::19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 5acd4685-2a31-4072-ed3f-08d584f3236f X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:DM2PR12MB0156; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 3:hLjj1L0C7IkU4M5DWy5tdrlIRGh1deV0CIsJlFXo6qSMXhN5XxBSkDzmOP043oCQ8RoDPqjVqA1y8HsvGFoAWXhEUjrdsxkC0ohvrh1jBUxyw3X0pOIzCV/5MD5oM9Ats6B71bUkXSECTRSB8YOX04lTJAA8abrTV/F7ygjEZAuyc+2R1BYR2ImGr3GavvhUmqLwxHsUKcdh9FS2EJGr+9LqRB19m2SoJoV4DiGu1Z/NSa3EI1AgWERQaZJW47JA; 25:E56QznTzTSwzI68Uj4nc9IFox0cP2jLi37MBQTmjgdR+vwvXR9WsAllVK2jj34MxYdbj/X1umXqInO1uMZNJax0SFc8KSdwRCh5Au2O8fSO9RqFFWY4k7NLfd6H0VOz+BpInnSRPCgFjvv6vTiMovwagpNuFoR5/R5UXT/CDgC0kF/j1LWVS2Sf921K5t1oXlccMVSiEAQE4a21XQn4nY81jiS3a4Mw3Lq2AoMzRkjkAbs4bjKBgDuqQ6frlY6BQLgpkjRjPHvuvqvWQIBDfzsNV+0Fof4y1wKh4wkUoAWdz4ItWwoh302+0Bb/o1dFXRJUj5ek8gj2on/rELVYl8A==; 31:qJa1Z80AXDdrpBYLI24tchser9Z3Z32DEJnUnfzW2aMKMf020IqVNIdnnkmn/QgNYWR/sFpNcAId7XoF1l3hZBye9kH2W3c9dRl+uNa58QLXzKNxbDe8UDpoYbsVS3KfQozq2jK5xdkc13rCW9m1tTQ2LRqlqcsHkEHNrxv+pfM3tz7VbLmo8virjXxIdov9/2oYlMZKWk5i1iVx1MqK9FGooq+ucq4iUrTo6S/5hLY= X-MS-TrafficTypeDiagnostic: DM2PR12MB0156: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:Zlh4myGfm65/ZMiDDZZxCYqA/46s260/5/AtWnxgNiBWuHQ8Z9p4R1TOu2WF/fc2RE2ORE4fw09MAhjWuq2B2iGaaoo/927ggpj6zIN3vpJWua5Maj6jsgR3vGOr3cvBIrI1B9YUW5oQFKAeuaQ98BuCoUft2jA5E6rbMOfDhBYQuKCxjefU1SXbdYnAsv2CbgJCwwNgSk1O+tk05z6k8fz7eVl7Oj46jytdUjAbXzmNPf4Qm4n3OzD1ojfPbwQ/hClgSE2c15zL9kSniZeaAIzALIxIsUPb4V5k9aNx+WRgBFe8KHPiaLiAvO6fg+6lq/Mxw22PhnmHOztC3IEnDQmrxE+6avQUC63Ps8y7qDjrygLUAex9d1O+mwR1+TmuaLEH+wg30daPt7u2iZaa1Y3+XU86hUHlJHcQuTzS8vW8oGDmvbO1BYvCdXCP40ZEMeGLmHs8A2enWyZZfeFb/2kiIg5uZgMZN+i/drDm0rL+F9aPtK64Ja4UrCDbyClv; 4:ZJmNamMk+0llzn277elQS13MUE5J2/R+jQeA+VUVKkqCzflu0ub9ICsVLlMVe2SKNNqxT2ys+Ge97/AXiC5TBZ8bl14BwBg49rmKphZb7MUYJLSZSw6R2sko8rlwMWvJE/m1dy0BGRNrDu15/mBsywpD/vDAQ2atmNo/MZLRFTbopsZrCt+F4UKaipeBZCwYJG2J7dWhZ1rM4WN9mmiG5dceHnSleK6NbF058LcxpWoBpO28MBe5gt9osHfTEZ/Ix4wnalDitSjDhcK6EPd+024XIibOegDKee2Gz80/J7TnRfI6DJXMG7xp0Hb+c4f7 X-Microsoft-Antispam-PRVS: <DM2PR12MB0156DAABEC9543B35F24359BE5DF0@DM2PR12MB0156.namprd12.prod.outlook.com> X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3231220)(944501244)(52105095)(3002001)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123558120)(20161123562045)(6072148)(201708071742011); SRVR:DM2PR12MB0156; BCL:0; PCL:0; RULEID:; SRVR:DM2PR12MB0156; X-Forefront-PRVS: 060503E79B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39380400002)(39860400002)(376002)(396003)(346002)(366004)(199004)(189003)(50226002)(53936002)(2950100002)(6916009)(2906002)(2361001)(6666003)(2351001)(106356001)(81156014)(53416004)(8676002)(81166006)(7736002)(36756003)(305945005)(8936002)(105586002)(48376002)(50466002)(68736007)(97736004)(47776003)(66066001)(25786009)(4326008)(39060400002)(6486002)(7416002)(5660300001)(3846002)(478600001)(76176011)(51416003)(7696005)(52116002)(6116002)(16586007)(16526019)(186003)(26005)(1076002)(8656006)(386003)(54906003)(86362001)(316002)(59450400001)(8666007); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0156; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0156; 23:ZfmQHrRER+K6AMX/BWQ0JHFqyrnRcsBxvNuqHRELv?= =?us-ascii?Q?btSA2jam7O3G2OofMQOBFEDIim6DlqwEyqCW01N9i1n8AR1H7gi/uz7+UMF8?= =?us-ascii?Q?k2aMmzfLl6Z0z+2LpwCZjzHxEouzuEAHaigqANcRGj9t992Ugxac8xonIEHB?= =?us-ascii?Q?F6hSnsozYwRppj3iIG5OqSc8EHRJg8bNzOJDMytsXdd8Ui8EFYuPrf3MV6Bz?= =?us-ascii?Q?p/C8H6iWyWquiP7nTiUAsxl6z64qVlTybmULQGgoAxZ3zJWS5GfcLB/qQF98?= =?us-ascii?Q?JuLo5DNl9kyH1gHhzxVwELb0kRqbeA1doJ6ZtI/xso5UOxTk6RL02Bru0lv7?= =?us-ascii?Q?dWz8nL7iYhFipPr/vm8iv2llmF8OSV5tguplld2uygyy2tqOZKPYdusA/TZ3?= =?us-ascii?Q?BilL/M3QQqBW/SD3bTJAJ3NxuT63xomKxTrSmXLZ4QZsF6kktaNVk00NkZFT?= =?us-ascii?Q?mxjTTEaDLKNyHQtG8lhZvvrMqKccBIq8rz5ReRGxMZVXRkNi6U8MoZY8wz6y?= =?us-ascii?Q?/jqZXn9/sUKL+rCI7lst560nfZCDEGWoUiz5DXmcWoJOMWfGtqTGkZ6E/USL?= =?us-ascii?Q?jNctyCxtTxh+lewzz97hlFAizSIzWc340Nh+6cnuzpzKGXwOsjxAsTPuu4+a?= =?us-ascii?Q?z7QH39dty2OdkF7QrtULh9TU9Mye5v+KlZqV8B5OsfcVjEVKhmAJXFBE44Ua?= =?us-ascii?Q?HkOHnWnLgaDvJuCGVZWm9KrNSkcEC2iPQw3fsnpQ4BQmb6yD82oFmTNIUT7o?= =?us-ascii?Q?wfVsraO6qByCDziNXVrSLuUI6EyxU70+tWpVTFSgZjNHOFR6gIcJ6N9ynoOM?= =?us-ascii?Q?DFlaE3u7r70ld+0krYozg5zU5l9YAf40VC0uqLji1eAQjfCrmWO1+uWJzl+P?= =?us-ascii?Q?c2BxcYNqY2qQSkiZWLn0P0AYjZzHIxv+AxGJ8/mZy1y2QQ8UiNkUH8OmtRjG?= =?us-ascii?Q?VQccArJ79RR6VY7p9YIdJwLk5okSnwd2gUvD6rqiW/eS03Di4B/vqgSA5cFA?= =?us-ascii?Q?01AUD6K67B2dOQqtlebYpbh4phqW7RTdufci1Q7mcQB4DC6RMwmze2gvXY16?= =?us-ascii?Q?Z6u1AtI6J19dE9y7W+Eg9vqPqL9lbbtxnOQpnuUdTpXIxOXmJmle/zjVlwjO?= =?us-ascii?Q?hLknDtXLzwDPGkhQ5FMBimqyNYmKnJIwRrDEfzM4kki6MMhWrmyHnbNikryc?= =?us-ascii?Q?29sbmGeghoMuN9tEv08iQ+tChNxXBVKcIm+3wCLSPeKZ23W2i8s0yCJKL2DA?= =?us-ascii?Q?RLJ5U1zTCCJrjyq40YlnGTNUgx5KPWzhZDvg4AxO8eWL7aw6rob310G/ktyo?= =?us-ascii?Q?ad2PiRENyXFlLFSSe6Lyh8=3D?= X-Microsoft-Antispam-Message-Info: LBvHqXUVg1KRXcZa6JY/smutE6mAhecFBV95stA7+cQVk23qAvMnfsGrzofzy0O7Q0Q8pERQg/N+9KHG1CNFQQllOeODZXMaThXG8bQ1IZo4ShOZZSrmP3rntEh8OjO4Y3Rw5GPpPw8vyDkGiSG12B18I8UonR8EvWqxoUVldl4s7pXeCm8vIM/GggQlq5rS X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 6:QYbENyTovOd7bUaggtUSPAD5aUWFzW7PBVe97GattqsEFpSv0od9qBRFtTbU7NVsYZrqjTrCftHSzb7MkIOIdzT5P9NhNZbx3i/2eEDYzfpVXppwcb0cSyEGQURGkRX+GBTZI6r0FEvUCXVFCaCw9E/H1khb+2Lak9X++qOOxZbeVTtN9gNp1/PRVS/YxDU8Bscl1C+nQwh87nwaa2wGlohHZ4zWqXw5ebyv5/BRM9VpQdBhVJYLGvzmdl9MygpzeZ6QdSUwuKcgKUnwiGzx7y8DYbb0u1qRM2MIdaRHysywYJ22miumN6csS5KGP9j/E9cFRqWUSMWhXWTbnQWBwLK+5ejSdEsYrNmNBnVF+PU=; 5:z83GMS4ngEkmgd0d/875DtQqnhxeoWeffG7AZI7AMoKTA+FSdNC3qpGyoM05XeSGuH+8FuX58lg7MsPIdw3cqf0GFd8O1vf+zVqL+d7fJMZaztmex/d26ukts7pa9Gg/hfK3/TUSB8p0nHqFsPuECH+cEDmXAJ8Xp8c96WzROuc=; 24:WItoSQuIfqalVUzqg2XZwEdkc6xFMnG2NXlh1tGqHlerC8ChjZsDcJ6o65AJmti0kXAuH9AJZMmiOiJvyzU9Drpm1xU6TC14m77KzW8Q+OY=; 7:0h50U3JaiVwNBms4evyVzJvBPRUMR/Iup2IlvLuheXiLetJqPV8MBDup0yE1z90FHnvB8Rrr9cDRZmTulXmHd+XIYrfQ9PHxIYoNKhz0/sSfMQfA2Z91jUvMPKX99RDaz5QM+NeJ/eNKkSzERyiO6P0THhVVvQr2MrZceBJ97HW0tgLPXynHbssGJvBkfNdvwtWNwYjlDhuGpJd/zuQJ/AA2oRZYGQeP7EslnDUFH77aQMUF4E1iusFxBfT5OLjI SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0156; 20:zgnka5ZhgJdift9nFWPtboOosO7ks2hi+fULdD6KsvXyDBjPpfQxgkBuEpXr+kK67LE8QR5EeMFyiTKFnaey4o9yk6OVNKCofUzr5BnvQW2DRR24bnXq/afp0TPFXDuattRLA+vGbWrVhpCUMit5PvbYRTOGSZSux3EDtKM0CIWYlDRH0I3DVz/IwNEkK52N2n9Muew1OwanVU59Aa7NpMtpOdm9iGVGBMhH7z/xHELzSSHqNKLU8mNdw6vmIv9C X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2018 12:50:12.8468 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5acd4685-2a31-4072-ed3f-08d584f3236f X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: <kvm.vger.kernel.org> X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 35fcb6efdfb9..69364b6856b5 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -1360,6 +1360,15 @@ void pc_memory_init(PCMachineState *pcms, e820_add_entry(0x100000000ULL, pcms->above_4g_mem_size, E820_RAM); } + /* + * When memory encryption is enabled, the guest RAM will be encrypted with + * a guest unique key. Set the debug ops so that any debug access to the + * guest RAM will go through the memory encryption APIs. + */ + if (kvm_memcrypt_enabled()) { + kvm_memcrypt_set_debug_ops(ram); + } + if (!pcmc->has_reserved_memory && (machine->ram_slots || (machine->maxram_size > machine->ram_size))) { diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 73ac783f2055..845240f97293 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -181,6 +181,12 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) error_report("failed to encrypt pflash rom"); exit(1); } + + /* + * The pflash ROM is encrypted, set the debug ops so that any + * debug accesses will use memory encryption APIs. + */ + kvm_memcrypt_set_debug_ops(flash_mem); } } }
When memory encryption is enabled, the guest RAM and boot flash ROM will contain the encrypted data. By setting the debug ops allow us to invoke encryption APIs when accessing the memory for the debug purposes. Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Richard Henderson <rth@twiddle.net> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: "Michael S. Tsirkin" <mst@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- hw/i386/pc.c | 9 +++++++++ hw/i386/pc_sysfw.c | 6 ++++++ 2 files changed, 15 insertions(+)