From patchwork Mon Aug 22 23:29:24 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9294827 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4EDE6607FF for ; Tue, 23 Aug 2016 00:04:36 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3AC2728AE3 for ; Tue, 23 Aug 2016 00:04:36 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2975F28AF6; Tue, 23 Aug 2016 00:04:36 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id EB8C528AE3 for ; Tue, 23 Aug 2016 00:04:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755175AbcHWAEd (ORCPT ); Mon, 22 Aug 2016 20:04:33 -0400 Received: from mail-by2nam03on0083.outbound.protection.outlook.com ([104.47.42.83]:6464 "EHLO NAM03-BY2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751980AbcHWAEb (ORCPT ); Mon, 22 Aug 2016 20:04:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=IJOelout27ytDOLmiXhaH4mHwR23mhof0nx9fPlpONg=; b=QO4WvIZrK2TMqz/d2hotr6441PM96koCiKXs7Lvt+plJ3b5tWMVXG6vCRAOGk91UIyIgFapTqQH6Rhe52uJqI1QAMMoc0aOseuMED3VgK3tfAndm19K04dGyAbiZrCvItNWvxg+6HtabYG4AaqOmWcrppycHgVg/52QDMVFmraY= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from [127.0.1.1] (165.204.77.1) by CY1PR12MB0668.namprd12.prod.outlook.com (10.163.238.153) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.557.21; Mon, 22 Aug 2016 23:29:27 +0000 Subject: [RFC PATCH v1 26/28] KVM: SVM: add KVM_SEV_DEBUG_DECRYPT command From: Brijesh Singh To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Date: Mon, 22 Aug 2016 19:29:24 -0400 Message-ID: <147190856410.9523.15450446725026208803.stgit@brijesh-build-machine> In-Reply-To: <147190820782.9523.4967724730957229273.stgit@brijesh-build-machine> References: <147190820782.9523.4967724730957229273.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR12CA0027.namprd12.prod.outlook.com (10.162.96.165) To CY1PR12MB0668.namprd12.prod.outlook.com (10.163.238.153) X-MS-Office365-Filtering-Correlation-Id: 93334f68-14a9-40e2-0977-08d3cae429df X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0668; 2:jKluOEXKfVzGvBXIKFg4cdlImrng2BMGv70QdH56WC0eg/yejJ0sQI0vvutof1rya9Z2wwhDwYqcN3R0G5I7R/tKelPvhcxnZqmuIlQCeiHSnAGqryG14qvxzxGQBpOAyNlt6gVxGI1ZjBMlfkgTC/+GdzPFmJzCFpBl0F1X75krKffiIxyy1xMkp46B5M0O; 3:U1QakUj7SuoTKuhoZQRKNnNH++A78sGo+tesUjRh9YTHUo8ln0PYzRLgK0p1+zO98WYyhAnzyFxdZUOHBWGtGS/nMG+n9FnRKbklhgt4nYq4C95H0obPWWBB4LA4MQHe X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR12MB0668; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0668; 25:zmelEtD0OaqRIuBh59Mt6BjKkSG4ozyD8SxESNabGC8KpZVvKxjg3VDWKepb/VJmLhddXVB/jVomfTfUOLH/GWzoj0ZAmrXdah21E6HAnGa1us4wuaRNQM52hDrjCkyuGYDa0/Lee+fOrLZXwk2L8/C3/A8yvoHxNYuxIGTjcb2gm60tVAjrRPqlkDZh4FeDSFcrWA1GFF/jlzJ4A/GQnKs4HwO7RB13cpxb9Q4DBGJSZ015mE+Wl1/elRBO/RjSgkFN6tTGAfG9UW1cF9XVey5PIrDBvwRezNsRG/CD/UWsrdya4+kg5tpOnJsjUphDpXmYSYgY148a/mO5dYFAAt7dcJzCmxUzq+ViWAUYSl28RG5f0ZuK5xkwS1muV5ovmwDNIqtHnYA8QH66BxofEOLTqxr8sossaCrMukIRPlGqtYRdFcRb6emqWZiH93MxAjtQEIEekKAyTIXIKFhpjxt0T9oA4WX3oDccXlL3RRfkoiVzd8OM/uFOL5F5cmvvZfpSb2x7MhFKVbqynvz/gl5TsCDUQuUsgqt5JL9VpUQosTNeexB7r8VLVIYIvuaCLEgZGkWYlOee9RdxdBhAM/m9afa/tWkkVBE3C28QzpEInKIfWwtYHePuKRnU9qrjALz987D1UbW3CFkDQbNBpc/81l/AKSbJx2hz7jAFdMkPf622xC0MUWIqDk/eje9B2AspEXjxXlDzf9rH0raJpTkbOKVGINSmFo4+xJkzJQMQtXaHBWWxlcYc+mxpKCdqmeArEk4ShHiTi1rwBt/7/srLkwbYurxh/D+mmJrxcls= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0668; 31:+uQ9ce1BpG86axVaFqBFTSU+W7KFLcO4enI2/EjDHQgSJ4uQbv1YVTaBluwyYDC2YQnS0nZxHLA6H/gfQuUS71G9xWvgueBvzgeHVpouPISneHprhamFuM4oaQINwGGqnFWpP5GxJeaJ6wim1oLECa1lkLi3dQ1A1nMzBIflC/23Eva6uKmNlvNp4TC53m8Iy2vuVV1CXuqjxR53tBT29ZARYU5n9sVmet4YsI9MC9s=; 20:YrK/ba8TTaIeFdDPKeTL3sRGk76MLrm9ESojHE4Oxlg3oI5RQYrYucxn+hgQ87OLNUx/xsTcw9bmULc1t4qiVWYdBDKZ5Jwb/e3vG4fM45eMwml+v5RjTvCdjHeyeWoV8Km5X5Dv6plvpfw4YclRr9LqWDk2AGmA4Fs73igvRpFyugagYWjR5K/yL4maYPKW7TYvCUdBc5LHUZBrAHhX67sdL/wLTb5xpcEl8Yu8CKuvRSq8dyGWsHse4xcJU24H80n/cWJ9R7bdXSTMYgfmmWVI/rRcmvnU8EDK/zlsCMfnaMkr69NX9ZuB0Ji4xtwRRLcdRL6iQpLgSIi0mERM8DsziLfVmJGOESXSpUosbgDuiTYto6t7TLb6umTN7a8S2cwgnu/rSeQFQ7Eu1JqjAO2kJZAtgXiaY+SG5BNQUQhh19kbTdzVh5RkyXWXLNQR4LTnesK1Zl1DQtwQdIXd63YvQ7Z2rYo36/13NRoBGcHRoxYA8dE9Mxddkm/LF6Hw X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026); SRVR:CY1PR12MB0668; BCL:0; PCL:0; RULEID:; SRVR:CY1PR12MB0668; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0668; 4:uhdTAP77g3V5Pc0q3bKTiTbe0zayUwONVTFqN8xb3T7QzBRawRnItJMAn/ne06zPC3TWxsAKYscNwZeLoFT7wpb2RKwjmFGMmL+ilUCJWY5D/xJ2fArb7yT9lniywJ/7sZFuwZoyPtxsSOt8nrbMfuNWuu9c6QZHp3cYVZoDQgIb9RhtmyDXtcLhymZxLKZWOWyHXcAfrwdZhXaFS7KCmNicdXj5ET+tVy3s00XL0Zs5eiUtDgxAil9pg8cVHPtPvVUwhkCCnT5HaSFvXyNmFPrqm089j3kUlcVX9jw9NW0/XXhWw4Qj/1oekLKjytWtzjIlIypgKQQ3217t3DGKc8ovd9wnh6lrYOa/arbMHxPFiWFvxQCY+zRhhHzZoUsRioOHoRr//0s+IayeMuUWFwjFjad9OWgdw+R+97EJ3fYoWQjDPz7m05/Tqv1HX4f+ X-Forefront-PRVS: 00429279BA X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(189002)(199003)(103116003)(4001350100001)(97736004)(230700001)(42186005)(2950100001)(107886002)(5001770100001)(83506001)(33716001)(2906002)(2201001)(81156014)(81166006)(92566002)(86362001)(8676002)(15975445007)(77096005)(50466002)(189998001)(5660300001)(7406005)(7416002)(105586002)(7736002)(9686002)(6116002)(3846002)(66066001)(76176999)(19580405001)(19580395003)(50986999)(586003)(7846002)(47776003)(33646002)(23676002)(106356001)(305945005)(229853001)(101416001)(54356999)(68736007)(921003)(217873001)(1121003)(2101003)(83996005); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0668; H:[127.0.1.1]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtDWTFQUjEyTUIwNjY4OzIzOlRXa1BLWmJoWUhaVVBIQk9FbjVzV2o4alkz?= =?utf-8?B?Lyt1ODB5NWNTMFZqSHNiSStNQTc0aU5Ua3NHLzZlcU5rQTIrNTQweGR3Uk55?= =?utf-8?B?S21oVlZGNGt4KzdNT1ZEc0Y2WTEzNXlKRWlSZmg4Q3NtTGdEbU1aZUY5ZjRD?= =?utf-8?B?REZ4azJNWkt3REVHYUNPUWZJbXBlNUo1SDllOUpYVGh1cXAwb092TkpxbUdF?= =?utf-8?B?KzI3bGZyZmNLMTFXVEJmempnSnQ2b1d5eitDZVZScE5yb3JySVUydGM4SUw4?= =?utf-8?B?V3hBYVJaU2R1bzZ6K3h2cU1qdWJTR0ZHS1NGZkprK3l1WVNsUHJNSWpOVWxW?= =?utf-8?B?M052OTh6bWR0RlBGVFZVcVhNVytXcXc4Wk5LUEJvUVY4WEtXVXl2RFdkU1pk?= =?utf-8?B?Njd5eERpbjZNUkpUTjVJclRLL3NQRWdvMjVmT25jRUU0K0N0OW1lMUVBV0xG?= =?utf-8?B?Mm15YXlCTnJBSG9QYlcrYVR0K2FHM1BUclhIWmgydE9Ndjl4VVVubGxmWFZk?= =?utf-8?B?MWtmd1Jtc1V6OW5ad2hsWE1zemdwZUIvejN6enFKQmFLN0VQR2doS1JsTGhp?= =?utf-8?B?TFFQWUlUeHZIakhzNnhyc0dxUkhhSDIxb1BVbER2L1RWMVprTFlVYmFEOWZn?= =?utf-8?B?bFdjU3FLbG9hMXRaeTEvZE5FVEg1ZERZWUkrK0FON2UrTUNHMjE4NittcDF6?= =?utf-8?B?ZkpINzdRU3daaEJZL3g2KzVRTWwwRE9HV1kwOHJ2Wkx6eEp2b05STTRWdW4x?= =?utf-8?B?UWljSXVMUTBaSTVMQW1BN1NudnBPaDZ1MWhvTE9zQW00K2VuREV0VEsxMStz?= =?utf-8?B?Z1huOVJ0a1VqOTAyV1lqMUtuQUxxbnAxZVpRc0hGY003VExiVkttMFQ0MTcz?= =?utf-8?B?T1RDTlo2a0JiV0tyVjBub2pxUzJnNEFtSmRtMzBSOWMvMW5Xd0xiZGlXWWJR?= =?utf-8?B?TTdnWFF2Tk5GNVplRlYybHFUL1ZnblBOeHg0a1ozb3NUZzVFQVI0b0RtR2F4?= =?utf-8?B?QmtPa0FrdFRET3lxZVVNQTlFYjNiZEUvUStJZC9VZ016SDd1aDBHRnR3c3N5?= =?utf-8?B?MzVDbzZaRzZDNkZ6Q0tOaE9HTnFyV1QvZUt4YTlld0c5MUU1OW5NZGdGV0dh?= =?utf-8?B?STFING56aTVOVTNvbkdIaEVrWVhlTUNaZitwUzcyMmJjL1hjaFlac1hNdkdY?= =?utf-8?B?S05xcXMwcDZwMGgyWmluaUJrZXhjaERZWGVDSk52U2VvcENZLzJwaHh6ck9I?= =?utf-8?B?UGExbDFBeVFLampQcm4rTTdBOHMyNGtjNHgwb1JERFowcDFpQ1FLNkdQQ3B4?= =?utf-8?B?dGVSRG9MekFLbHpsWWxCQUcyUEtZSUxicUJCSDI0OU1SM0lGU2JnRnF5SWNZ?= =?utf-8?B?bSs4S0hBNkF1Qm82Z2RWNDJIRGpCMldXUjBwZEJNVjkwa0VuQXZYVWJhS1F6?= =?utf-8?B?YUw4aVp3WlVaOFdPTURLR1FPajlPV1BpOFc2V1hYaldWU0dFQ01hZW93bE5w?= =?utf-8?B?UzI0TURBYVEva0orUlZuUTFQOHpIQmFiMk5NOFlXWDRxWnZnaFVZZUFVZGc2?= =?utf-8?B?cEdEdDZiYXArdURkNk52dTBXYURCK0wxaHNIRXNWcEZBd1dDV25IUGFZaTE0?= =?utf-8?B?SXFyZkc5THVweEo1UGdrNjRlOE9LbE9hYUZxNHNBN3pEancvTEhmRFZTWUJC?= =?utf-8?B?NzZnN3pmN2VMVkxZTXFKdmFCVXppUUxQMSs2VHVHSUwySVc5VGtQQ2UwMytR?= =?utf-8?B?ZXVkWW5iOWw3ZGtuSCswbm5VeEd3RXNKSWJ2NnRRR3FMN3FZYTVKS3VLRFVr?= =?utf-8?B?VXRneTdYMGRYMkFXQ1VZT2ZuamZYcXdVdmJEUjdQU3Z3QUZxcXhDYnBEUkk1?= =?utf-8?Q?H06aGsUGOWs=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0668; 6:ElYzdzTWsner762EtxyqgiKIlxiJq+qn5gz6TtMSLE1rutvWs3o26rF06wmylzv4Svb0qHz5NTVY0SGk9HA9WJKe2F0PVjT8HaMK4eHBtcI3OTR3n3LM2AZGajQpy/K0GCkyTRiMAPdetlLCE0MME1aeCL9JXfctS48rQAJnGhfjUz8/k7Ph0485PD7ye1heZgJrsiPb0kW1sJRTMA4ixgpN9WPR16WchBEAbWGoVXWyq5i0l6iSIxxVk6haFBYP9z+3NA7ppV+vq4oXhwJaUXrTyMWKwjklVFkujpey6mT6VXiUBkXAwqeGfg8denieGya0IV17/6dkPj3Mnr9y5w==; 5:QK3TE1HGee7+5nEMHdAWcWLDW3vBzg4I11aeUZnHdlHH1o386r90YFNWLPjsOYE9HzL90RBrkwX5UwrRYtgNhpFywHJJ6jDh1KRuMw3MDxmQ8qDRV2llXvOa4yO0pnY7TENmOkE5Mi9kytlN54GFRw==; 24:RcbKMBYozpRx/oDSoWYu/XvQKYQ9hrBGUt/2EMAc42h/jUSi5ikW6pvWhmDEAZ8yQdzE8rApDH/Wvk+yBRkmshSAgkhw2V+/tOoKw9mk60o=; 7:bXsVZ4reWLQ6ROx4zRNBAhbvDPjB6c6A/0o5zcfMWVK0IFyr05GdX1Ugr7r/yBljc6ycIgKkNFaz+IOHb8Hw8haCCKyjwn9aKRGC6zum+9QvrbFijxGGTV/fjaZ5LLd4t61PQ9kObPvb7ruuagQZxIg+UtpuhUyHBO6sQWGZlbXOPJvCVAdHyAFFjCX54eiQ+PRj5t570xn6tb2x7sTxFChMqqRX98uuY8/1/4HM689CTY3gwb7uVuupc6bBOpag SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0668; 20:4XjXSQEQ5f79JJkmAZgOhcQjfnI4/6KIqe9h5ya3PLzMZOMFycE7gk+yMGeECI3hQv1uiWhgRbfpTUjNYpPLqZbonh5rJ4ycxPfm/hY4HbkYN1+aY9XT1qod3exCuaikLlq/lS9KPsIDeZoXXLO8kHXF5CT+ZJfU+zJkTdTCa3GAhok75680Efm3uLZOOR44xeD4SwCMbie7XD0O6Rw7gTqRl2XAGwWifU4csT13zoFKOr+ixFyG1X6zcdDAGCsn X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Aug 2016 23:29:27.4794 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0668 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The command decrypts a page of guest memory for debugging purposes. For more information see [1], section 7.1 [1] http://support.amd.com/TechDocs/55766_SEV-KM%20API_Spec.pdf Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index 63e7d15..b383bc7 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -5606,6 +5606,84 @@ err_1: return ret; } +static int __sev_dbg_decrypt_page(struct kvm *kvm, unsigned long src, + void *dst, int *psp_ret) +{ + int ret, pinned; + struct page **inpages; + struct psp_data_dbg *decrypt; + + decrypt = kzalloc(sizeof(*decrypt), GFP_KERNEL); + if (!decrypt) + return -ENOMEM; + + ret = -ENOMEM; + inpages = kzalloc(1 * sizeof(struct page *), GFP_KERNEL); + if (!inpages) + goto err_1; + + /* pin the user virtual address */ + ret = -EFAULT; + down_read(¤t->mm->mmap_sem); + pinned = get_user_pages(src, 1, 1, 0, inpages, NULL); + up_read(¤t->mm->mmap_sem); + if (pinned < 0) + goto err_2; + + decrypt->hdr.buffer_len = sizeof(*decrypt); + decrypt->handle = kvm_sev_handle(); + decrypt->dst_addr = __pa(dst) | sme_me_mask; + decrypt->src_addr = __sev_page_pa(inpages[0]); + decrypt->length = PAGE_SIZE; + + ret = psp_dbg_decrypt(decrypt, psp_ret); + if (ret) + printk(KERN_ERR "SEV: DEBUG_DECRYPT %d (%#010x)\n", + ret, *psp_ret); + release_pages(inpages, 1, 0); +err_2: + kfree(inpages); +err_1: + kfree(decrypt); + return ret; +} + +static int sev_dbg_decrypt(struct kvm *kvm, + struct kvm_sev_dbg_decrypt __user *argp, + int *psp_ret) +{ + void *data; + int ret, offset, len; + struct kvm_sev_dbg_decrypt debug; + + if (!kvm_sev_guest()) + return -ENOTTY; + + if (copy_from_user(&debug, argp, sizeof(*argp))) + return -EFAULT; + + if (debug.length > PAGE_SIZE) + return -EINVAL; + + data = (void *) get_zeroed_page(GFP_KERNEL); + if (!data) + return -ENOMEM; + + /* decrypt one page */ + ret = __sev_dbg_decrypt_page(kvm, debug.src_addr, data, psp_ret); + if (ret) + goto err_1; + + /* we have decrypted full page but copy request length */ + offset = debug.src_addr & (PAGE_SIZE - 1); + len = min_t(size_t, (PAGE_SIZE - offset), debug.length); + if (copy_to_user((uint8_t *)debug.dst_addr, data + offset, len)) + ret = -EFAULT; +err_1: + free_page((unsigned long)data); + return ret; +} + static int amd_sev_issue_cmd(struct kvm *kvm, struct kvm_sev_issue_cmd __user *user_data) { @@ -5636,6 +5714,11 @@ static int amd_sev_issue_cmd(struct kvm *kvm, &arg.ret_code); break; } + case KVM_SEV_DBG_DECRYPT: { + r = sev_dbg_decrypt(kvm, (void *)arg.opaque, + &arg.ret_code); + break; + } default: break; }