From patchwork Thu Mar 2 15:18:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 9600499 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 2E63560522 for ; Thu, 2 Mar 2017 15:37:58 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 1F2C627F90 for ; Thu, 2 Mar 2017 15:37:58 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 130DE2859F; Thu, 2 Mar 2017 15:37:58 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E919328592 for ; Thu, 2 Mar 2017 15:37:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752671AbdCBPgN (ORCPT ); Thu, 2 Mar 2017 10:36:13 -0500 Received: from mail-co1nam03on0041.outbound.protection.outlook.com ([104.47.40.41]:15007 "EHLO NAM03-CO1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753178AbdCBPfA (ORCPT ); Thu, 2 Mar 2017 10:35:00 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=qIFtcM59sLx78UXdv52Pa9EQ1X+NIrMTPk9GUozeQHg=; b=oB2ZlaW01NsP5uOE+wcoDgahT0PNG/kbGt63/Nlbm4X8Vp88tEj1fQKfhYc+rqvOSxsYmG9DSBNYUM91WQF8yr0iwWfCyNIFYRdIjhv2oJb0dnFNEZHQCxQ8ZiRV44lcSLGFT9yW1X+GfJmlBk8JajMG9Hiyc++XG/PwRaso6GA= Authentication-Results: vger.kernel.org; dkim=none (message not signed) header.d=none; vger.kernel.org; dmarc=none action=none header.from=amd.com; Received: from [127.0.1.1] (165.204.77.1) by MWHPR12MB1615.namprd12.prod.outlook.com (10.172.56.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.933.12; Thu, 2 Mar 2017 15:18:31 +0000 Subject: [RFC PATCH v2 30/32] kvm: svm: Add support for SEV DEBUG_ENCRYPT command From: Brijesh Singh To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Date: Thu, 2 Mar 2017 10:18:27 -0500 Message-ID: <148846790758.2349.16768762953657853550.stgit@brijesh-build-machine> In-Reply-To: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> References: <148846752022.2349.13667498174822419498.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CY4PR2201CA0018.namprd22.prod.outlook.com (10.171.208.156) To MWHPR12MB1615.namprd12.prod.outlook.com (10.172.56.16) X-MS-Office365-Filtering-Correlation-Id: 37ff919d-bc0e-49d4-ea5a-08d4617f64c2 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:MWHPR12MB1615; X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1615; 3:GwQMAKAAoH2xqmP41jzZp0RtcL/ZCKXQympowDXJfMHHxiJMRa5l5UhveEMNrubim9+chGVneUhK5VJOUxS+j6nsGCE4p0xkPUiLa1rRClcN1RKZhMXwXiGZ0mY28HQOZ8oTj4XU1Tjo87JUszArNo6UrZCzeax6ALwaSXl9ubiaKU++n0ajgzOuegy+8V003/FJYjiSZ5eeHx0em1TTJSe70ZQgWckHGHBJnte/ML3aE+opf4okLxNHe8O4QwpTYn61HRnsg5mMnbQrRCyJ3SK0r94SCrcleof4SMVoUoc=; 25:VPsKOFzllApOJCY+0O3AYMo3TSPVgq+L5Nf5jqnjgflIR5+mNdepa9efqoacv4vnzusi5dzA0UVOSt4gAr6eEQmx8kxfjQ+HblRempyXdIE7y8yInFBWRBydRU3LosDW7Uh0qLwNZaEriOzVkb3fewWI1KKI2xn3IUz0N8BsUPO5FqYhc/vL7Plu7XI6GsvZq2OR02xQV5LAEUH+SoFoZjwcCJsBjAhl1iDra18VWQAfXjKI1CiEfUAKhk/qGt6VcaulTssgweAvJ+udTP9vj+A+hUMQrbOTevOmuHqYkQe8YUR2znlosiDXwKJCyoLAJSjsJ53peLa28ChdqWUes1LygstdjmqugSrR6oXVkB+wiN/we6nRZIcQLUQRF2XygrFtVXeGmjSDVNvhQDmHaGaI6qFiLzdX9tjHBm8/Zl3avxKVLqGCVEKRIewfiBnSj4EL68PH/d4D8jSDuy4bSA== X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1615; 31:/Eu8obSfG8SbMJY+xYijkO28Ht7GSl+BLbrijnaVs8pdcwHgK2CPagLS+DaZl8EVOwzclMofT2z9AWbXXokZ5xoyWzyw6rzq6sBUj+QR9WXZUJyyW61LTOw2SIgOx6Ubz5XNBBA0zydY/akBxk9pt013ZfIpwCCVHHVD/W5U/424zBzYenbpyCZAj6tZpu6wONfvemWHgEJRUzEJLIoRe6IqCnI5EU5OtvbvbMfgJGHr8QkhwOBijO0KYrHas5aS; 20:bJ1SD+Asg2xzhgzsSa1gIXa1j4A5kJrgUzb+T1BUeVuffMIy+P6dqF9BS+N5nGChN6jYDzn7xU2u0CKx87xpbJCWMbLg0fkVelmM6qNNkrYMQeGuBHoAj7E9my25clc/paAC6o8ZiCU8MGLXeAavoXhP0BYC/x6ocnRjXwiqawTZT2lpoLU2Sei/CxrTUG78ITqJ1sRoA88VaI1V9xD0Tnt95iqvnR7TAPbNYqg2oexoG6WvLf0pWhGg4UK1s+yVVpZtJN/iv2FLpfHT5EJs4mZ88mq5I++AY9NTVboAe2as1JIEc7gNLnH/VKLSrA7YJT3jyEHi5bKoWCUseBV6cDT94Y7u8kNoMmx2fqk6sWMylycARo0flpVmNzZ47HOrE3XpFLlUaCFAn3Xuy7daQeFhQxkrMxGJQKs5bgJaYWkOaqaWsjHkPywP43pdcsu8U7egb6X3EjK4oZqFp3bA2AJOaGC/t+3M4Z131ZyIbJPLOIjUiqqXLx5MAu1kbWAG X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026)(6041248)(20161123564025)(20161123555025)(20161123562025)(20161123560025)(20161123558025)(6072148); SRVR:MWHPR12MB1615; BCL:0; PCL:0; RULEID:; SRVR:MWHPR12MB1615; X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1615; 4:Z51fqw5MLSDt76MILaHJjdqsb9DLnT2cINn/E5DIUXfEfW81nvk+Ea+h5DPuKuOIsmsQq5WCkvTuNGTekda9crBNtvREhL7OgRt287/EL3UbLneotpHwqKMyvn8kMt56tVVggFLmVZF5XzJ9NlKdGTIrI1nKT1GNTkBsi+CJ84AcAeD5mlnKX0XRaorVL3RyMQDhXlFWZQOHbudA1J3OQD/6Dth/eaw+TAtYYmLMtUNQ92d05YhNddwB/L1QwtD9CXvC+4PiOk/Lq0AkLwiZTqWyX0pvT8w0U4SWfcG4sVBAEQ2w2+RspsEpsZ8AgEzThByjd8YWXeEfCerIbQAJqbI4UjXGPpMHOAeKYMARKueXC70wkPm5YrBdAMbJ/gctEcM9IYVmSFKTTUY9rwTUk84W3OvS4J+Hh0RgR2PjWyjSICOhLeXXVjWcrp1UYoRruxK8Y0KenVRL3gp7ZBhGRFJH+HMJXpQOZfJS0TmsP6p4QypTXXz1VaSd2gRxwDNG84OCqBslApzhD9DvPJFip12HCN7mc8TFkJrgveqVxnaZPkSz53F9GVhXkk2FqoqlRn5+ZgzBVCjeclTCq8wzy7Sp1YJ3ZZMzmcPwAJvseVXi0nDpYTJkO7oqfbgHYg6klC/wqBf5Kx0+gSO4ff6glCoqHSPIowC0YWAht/imZPs= X-Forefront-PRVS: 023495660C X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(6049001)(7916002)(39450400003)(39860400002)(39840400002)(39410400002)(39850400002)(90366009)(50986999)(76176999)(7736002)(103116003)(54356999)(77096006)(230700001)(6486002)(25786008)(9686003)(6116002)(5660300001)(305945005)(42186005)(1191002)(7406005)(7416002)(6666003)(2950100002)(66066001)(47776003)(8676002)(23676002)(2906002)(3846002)(50466002)(53936002)(33646002)(38730400002)(83506001)(86362001)(189998001)(2201001)(4001350100001)(81166006)(92566002)(33716001)(921003)(217873001)(1121003)(83996005)(84006005)(2101003); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR12MB1615; H:[127.0.1.1]; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtNV0hQUjEyTUIxNjE1OzIzOmU0UFBqeEcyU0hLNkxWcDZLekE4R1J0ZGdR?= =?utf-8?B?QTZiNEhpL0t4UnZEajhUSG5LbGF0c20xUDQ0bWQvbFEvWm1uZ3A5cDV1dC9P?= =?utf-8?B?ek0xeTlXc1FNck5sdFJ4RnRQZVJvYytqUUV6R3JrQnY1Mzd6dDZQYS9QSUdB?= =?utf-8?B?Z3hyZ2ZDNkM3aHBKVEI2SUtJcmVkM09Vb2pUd0dTVmI3MWtUb1dIdDM2dWVu?= =?utf-8?B?Q1EwMHBCNE9GRlhSLzc2U21mMHlhbWtZR1dLMlpZdXdCemZZTXQ3SEFadlVS?= =?utf-8?B?TlZ5QmMvZVh3bDN5V0t5R0JKcmRkS3lIcC9aYVYvaDRQeTZRWndtbk1xZUc5?= =?utf-8?B?c1R1OHVoU0RZS0VnVFlVMnNTSmlyNm5vMkpRbVB0eGJtSXJ6cmx2YmpTZXJO?= =?utf-8?B?ZE9SZjdPbDdCdjFqaXkxdTRReW1UOFUxbmwvQmdWcmVObkQ3UEg2eGJ5U0VK?= =?utf-8?B?ZEtCaG94ZGhLTXRJR3FrUzVZb2cwTFVyYUgxTmhKL096aWN4R0l6WnZ2a3pV?= =?utf-8?B?ZWhSZ2twKzBmZ0JEdVZOV1pjN1BWQi9uMDN6ZUFJbUUrSnBJY3M3S2IxSFdp?= =?utf-8?B?MXU5WDd3SjFYQVVjZXUvdmlOZW9jVWZMaHAvWkFBMyt3Y2VjMEVGUDU3ck1W?= =?utf-8?B?S3BOQW1PdGZpSnlkMnpnZE55dGEwRFZGU0E2aDIvMmlDeFNWdmJXeE9RWjFr?= =?utf-8?B?Y2pJSU9ETHkwSjBNZHZsWG5KeE9FZmRhK1RjTGdJTkZKb0FPZy90dkZqNDZF?= =?utf-8?B?UHQ5WDBvZzI5YlNvWUhMQi9aWGludGZBKzVONWdlcWFVYkIrM3RFYUNsM0s1?= =?utf-8?B?cW9OVHR3Tnl3NXlSNDU2VGczYk5rUUJiWC9jTktqSUhzMFJWM3hjeXhVVzF4?= =?utf-8?B?bUdRMDNjOTBENzRVYkNtOTV6MTNnaWt2MHBLaDRSL2FYNkhuNUNjdTJaMDRl?= =?utf-8?B?Yi9CQnBvbHlTK0dtWitIanAvMFhDTi9FTzBOMkwwNkhRTDN4YXY2VjlnYWlI?= =?utf-8?B?VjJid1RHTFZ3S0VoMzJDMkNEK2hvelRseG9RT0h3QnViTUdPRlV0eGFvTGZi?= =?utf-8?B?Z3J2WlRqaWVFSW9ML2tXRVpTU1JSa1VYNlFmcStRUERUUU10NUMxZWc1dHZs?= =?utf-8?B?UWk0bWJxaWhLYXR0a3Q4VjJJZmVLRzE5eFpGUnk5enFpK0tMN09aRUFGRldY?= =?utf-8?B?S1BpVkRCaXUzWmFBODlwaGFHTGRDdjd1eWFoNXZNSStwMXcvWDBYZlJtT2JL?= =?utf-8?B?bHBJbFEzZFZ0eEVyNFVCV0ZLbldWU1RZYndhUXI4WGw2aVIyM1NuWGxZUkhI?= =?utf-8?B?ZjA2WndUaHRCTjZsY0Zqd3dJK1J0bjhrOUhQNGlmemhKSW5PZVdkOWMzWjYw?= =?utf-8?B?aXFyYkoycGVyeHovR1ZGSWhUaW9pbC9DQ1VPU0ZXMlZMZHR0SHF2NnpkZnlm?= =?utf-8?B?Ym9kRmZZbFhNODUrM1NmdjhMdzhUSWptMVVZM2dOeHJPZmRodW02b3dvZ2pI?= =?utf-8?B?L2ZHWmExNUVsNlBzLyt1S3pMRWl5MDZPejY3TGhqWkRBQk9jbFBoRlZqSXhX?= =?utf-8?B?TGlHYUhTRUVXelAvK2tKUEpaQkVIQ0hvVFRuTUFWNWlBdkhPLzBYZXF2V3Az?= =?utf-8?B?ejdqYUNhUnB6VDJCdVlKc2t1ZGFqODBJODhFTDMvM2psbWhmazBNQTVZV0FR?= =?utf-8?B?b1pEVGxUbmZpNGh2SmRKVTgvcG9jOHpQQnV6bnNwRTh2MWl2RXl3ZENHdzEz?= =?utf-8?B?NEhya2FmZDFvRDdXMmdkdz09?= X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1615; 6:+XlQ305Nuxq9a/4V0MSYUH4JdphxPhUqOjGYwLUS1zcJsAJNt29HKGeOeo1w3aU+3EsTubpus6Jnm9im0TH1po0aB6pdin1wU8NAZWhfA1fc7qKb9+jxFiAWTesnwqj727Xf4vNmVtxC9S8tx3cwLY9Vr1/tn9mbQmYmewNTcEWRe17BqKl0+q+NizsMKbjogw2PJZOYFAc+GP9TQ8e2LjrO+Vx47uwLwX9gGKZh9MKUtzPthorO5bKM3piQypcP8j3UuhVvnJDavC+BIUmUcC9rQaUHpYZGpNS5dx+6N4Rn8sTcnBpVCFeXPyo6g+UJJfwt5ZxvdrDvL/8Hhgp3NdF+1UkFnBX/wO+RBw9y9gOwRr6lK6nN3sr1ibM09CaRK01KB/e1lztjJvphQP7o3/iHGDRvpQPLcqm0fOa5x+M=; 5:v4SWHQqm4Rzw0TeTiz0cBmmOn9nSnUw1gcNGhtfwbnT5YpWV1C8GoFvILxmQt9ft1JFIinDFrpPxck2nGWA6rDCIHUz6FyTjSdZDqPpAq79nVO1DP6/riatz8w7zVfxaoPUSLpYT/dNuGhUaWL5k6Q==; 24:elhz6Wgjq5MWlzfhC2Alpu7XjFi8a/3LqxlKDTLbFncVCbdsd2KY7BW44vns/XD0TFWlFnlDxcgYXzub7jSldtavtE9AB9aWINxC42HvMwE= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; MWHPR12MB1615; 7:ZH098NrSOcM+Lz333B9MWKcsT48Qf9V3ZzrLfbSW8TKpPMJpMHZSMMVYTZj54zjhCOXuK5iDMln7T6PYR+t8ZdHOrRa0f7V13WxinsZ/6OkwHVughS0y0yyJgoTieVUmloJ4eduoPmTJbgzGi/y+B+dyqK47VCK+wjqOR0ROPcMtbMgRYN3rZKUT+dfLaejzb1SPSQjyXVn5q2YCQ0ci57VI7AGCE2Xce0RFXh9S6jDN6b9FeLdsSC0aPcXfan5cqhhkkDViVDFfzaKtflAGNDonc7kEfnVh7NcDk5jzrYyeaZLhgooQvPCMSYXMjzNBPF8lMNjEqGzm8/5sjaw/gw==; 20:faW5KzdDXQHAe9QWO2PSuJNMBl9JotPIfQKev0kJ5+T10mbV5/Eq3Co47/CcBqIqaSnn/LyC6MJqVy5ASMmRwIre+I0MMO7sZYYSp/cPA5bSD7hrTxhHebVvXmMyIstGNk/3hclFOAg+/jwRTrL+oz/Wl9NDt8+XyJrnt/z6gJQjyJkHkW12P+U39py5/ryXbAzCZWnL/vBvrxJBu5GexBcbN6hS2Gtg8YUTprC19DcTGZJw+JJ1qXReGbY5tNQK X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Mar 2017 15:18:31.3909 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR12MB1615 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP The command copies a plain text into guest memory and encrypts it using the VM encryption key. The command will be used for debug purposes (e.g setting breakpoint through gdbserver) Signed-off-by: Brijesh Singh --- arch/x86/kvm/svm.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c index ce8819a..64899ed 100644 --- a/arch/x86/kvm/svm.c +++ b/arch/x86/kvm/svm.c @@ -6058,6 +6058,89 @@ static int sev_dbg_decrypt(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int sev_dbg_encrypt(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + void *data; + int len, ret, d_off; + struct page **inpages; + struct kvm_sev_dbg debug; + struct sev_data_dbg *encrypt; + unsigned long src_addr, dst_addr, npages; + + if (!sev_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(&debug, argp, sizeof(*argp))) + return -EFAULT; + + if (debug.length > PAGE_SIZE) + return -EINVAL; + + len = debug.length; + src_addr = debug.src_addr; + dst_addr = debug.dst_addr; + + inpages = sev_pin_memory(dst_addr, PAGE_SIZE, &npages); + if (!inpages) + return -EFAULT; + + encrypt = kzalloc(sizeof(*encrypt), GFP_KERNEL); + if (!encrypt) { + ret = -ENOMEM; + goto err_1; + } + + data = (void *) get_zeroed_page(GFP_KERNEL); + if (!data) { + ret = -ENOMEM; + goto err_2; + } + + if ((len & 15) || (dst_addr & 15)) { + /* if destination address and length are not 16-byte + * aligned then: + * a) decrypt destination page into temporary buffer + * b) copy source data into temporary buffer at correct offset + * c) encrypt temporary buffer + */ + ret = __sev_dbg_decrypt_page(kvm, dst_addr, data, &argp->error); + if (ret) + goto err_3; + d_off = dst_addr & (PAGE_SIZE - 1); + + if (copy_from_user(data + d_off, + (uint8_t *)debug.src_addr, len)) { + ret = -EFAULT; + goto err_3; + } + + encrypt->length = PAGE_SIZE; + encrypt->src_addr = __psp_pa(data); + encrypt->dst_addr = __sev_page_pa(inpages[0]); + } else { + if (copy_from_user(data, (uint8_t *)debug.src_addr, len)) { + ret = -EFAULT; + goto err_3; + } + + d_off = dst_addr & (PAGE_SIZE - 1); + encrypt->length = len; + encrypt->src_addr = __psp_pa(data); + encrypt->dst_addr = __sev_page_pa(inpages[0]); + encrypt->dst_addr += d_off; + } + + encrypt->handle = sev_get_handle(kvm); + ret = sev_issue_cmd(kvm, SEV_CMD_DBG_ENCRYPT, encrypt, &argp->error); +err_3: + free_page((unsigned long)data); +err_2: + kfree(encrypt); +err_1: + sev_unpin_memory(inpages, npages); + return ret; +} + static int amd_memory_encryption_cmd(struct kvm *kvm, void __user *argp) { int r = -ENOTTY; @@ -6089,6 +6172,10 @@ static int amd_memory_encryption_cmd(struct kvm *kvm, void __user *argp) r = sev_dbg_decrypt(kvm, &sev_cmd); break; } + case KVM_SEV_DBG_ENCRYPT: { + r = sev_dbg_encrypt(kvm, &sev_cmd); + break; + } default: break; }