From patchwork Mon Jan 29 17:41:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10190305 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id C46C060388 for ; Mon, 29 Jan 2018 17:56:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id B672425EA6 for ; Mon, 29 Jan 2018 17:56:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id AB12528497; Mon, 29 Jan 2018 17:56:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 190A725EA6 for ; Mon, 29 Jan 2018 17:56:35 +0000 (UTC) Received: from localhost ([::1]:53741 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egDfW-0000x6-9q for patchwork-qemu-devel@patchwork.kernel.org; Mon, 29 Jan 2018 12:56:34 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49235) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1egDRp-0005tg-Jw for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1egDRl-0003in-Kh for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:25 -0500 Received: from mail-dm3nam03on0087.outbound.protection.outlook.com ([104.47.41.87]:58496 helo=NAM03-DM3-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1egDRl-0003hu-Cq for qemu-devel@nongnu.org; Mon, 29 Jan 2018 12:42:21 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=uQRDL3zZYqRL7evxO2GCfuupfWgURU30Ius5SsKULdA=; b=1YE+mifiFwUF2IcS8vGwcog/GcWrxCQ9Rn+QEhFMDzOK61Df8rOSx9k9TBqQlB5JknVQixUWAt2mk7WaMsxCBvEWlHKnMrSe/pvIvOl2RzFeZKcp+lFQ/eZ9HvHot9nJE9Q6V0U5QXF49dcL+97c4mzodiMzEFandUJcoPJKpPU= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by DM2PR12MB0154.namprd12.prod.outlook.com (2a01:111:e400:50ce::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.444.14; Mon, 29 Jan 2018 17:42:17 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Mon, 29 Jan 2018 11:41:29 -0600 Message-Id: <20180129174132.108925-21-brijesh.singh@amd.com> X-Mailer: git-send-email 2.9.5 In-Reply-To: <20180129174132.108925-1-brijesh.singh@amd.com> References: <20180129174132.108925-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: BN6PR17CA0018.namprd17.prod.outlook.com (2603:10b6:404:65::28) To DM2PR12MB0154.namprd12.prod.outlook.com (2a01:111:e400:50ce::17) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 58d82afe-a845-4b26-5135-08d5673fa4f9 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:DM2PR12MB0154; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 3:nAmx1G9UPbxJn1SDgubq3T64pWPhaAsWcFR0/wyr7EOQ8FA0ptfuD0J9J5E9jMTnPJXC1a6bfFToF2nEgIT7eWm+MQS2inV8o1h/0OSt07g9X4n/mDnr+Z44P3/xhdY4jqrG27ZhDAzQfdXptT4tEH7mKrSdfIaOiwXMiwPqp+hjtCgcy+AR8SPt3jAo2XE6HPkl+JpbnqjHIeX89L1AZChF0G6dpnsjpkkx23fXcAwyonvyCZXOcOWnnytFqRjy; 25:r0bs+FLcqQuCv1y8PQjPBGQyF9N696MXFyAeVjOaDPE4omVTLYOHFpRmQr0f75Ta+tOsTUjgfUZ1/i4IYw/xmJt7YbRe+513+RcATde0NkyKEeaI3uqTc2I5N9h6ofLVcx7xONtZcSW7NpHxciVS06iQ3wknAvxZ614BXZfY6kuD1YMZFFmabRb+UYADPreC3EZZyCyrC38JYvgeokBYCMdEKs6/YaC/MPQA29okB8jlIeNiahFtIU5e3SMNQ8BlevtwH86RsJqBZlwSAwJihA+BR5SzH3PtNupSWArJ77+ze6MjOE4ocOVf0wX5mAP73cup6drbwwqEA8SfayfBCQ==; 31:iPvi6s0tuO2oPKwI/Bz+VkvMLVobIX4+b/+w5WfxEDxSeLoDqM44BHQmA/BIVYyTTvZK0XTMHPoRvKuE8zu8jEzomgWRvvLEG2D90PaK6pnlfuHYU1cxrPz9oc1/MsqUkk2jK5i5gnsYacvurra+G4yCDqzNawxBQ9YZiF8Mhl5RYTslTOV3pl0fpBr5J8gLkdq9pSUYjuI1jpGoG1mxp4u6JON0CShnhQaXPA5toAw= X-MS-TrafficTypeDiagnostic: DM2PR12MB0154: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 20:hteIVV2+aUfRqB4j5LUTWQ4n/WmZNAHSwfy3LAETsy6BgdHiJIqbVDzxRZcj7Apyiwd6UD2yFYC9llZyyhP4zNNeQLLlKjJBsGbwLJvyWdGse18l3Uz8D1b2ZUG0XCBqomWsjYgT8740bA3LEu1KAizWWpqHek6voHRc+jANgAeiV1edCiFs8H+nmiiFaxuMu9NvPJckW0TgxEg7LWJ80mFYFCgaWH1ZPWLhQyOnMCyNAqvnZg25Zew5rGAGDCIyyfWoUpxzKKRKawbwCPzjGhb2Th9YndF7n8WKN6AapWVBCyui/srp8pNL5bQHRJ0EyKQkHY0RV6v+k2OH8BmO5KK6eSiuF4LvVPb5S7zjpaTM9wrz/mSRAJ7QcC0+PgmMPflQSebKemTcOFtsRC11OVCOOiyVrtKWyxVolRgxG+eClsql69wCrNu48ooTNsUSIKaR/9odfS0NA0U3o6RHVml6Qfc2XOYLT2zN5ehe345WYJotZrERp5Vw2PdYYyW3; 4:WgTsx8WB1yCbqwsT/zD9SLOnn/XPVBGmm/SBFMqazviXzgOX1/xQwKa/sQJJnAmrTe2Zkjp5umbyp5PR198HoHC/Fr4tYwWRpEO+awAC9EKi2MARbF02QrNWWdTh/7NMrAf0KuKyMThPQL+wd7UdgtpcoOTO3mk5UceRIZ7cn9ex8gqakqTQoW5aQQV7H0lIjEW3ThAtBbYHPjeQ2I+2/25kgk46gFKFZZVgcpVW9RfV05d2BxklQUYrYRiWnI10ApGDKzdA9HDBDKBc3Tr5Ph82rTw5uH5LLZEqFnL7oqldo8Qidbo9HreZgKKhX9yu X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(10201501046)(3231101)(944501161)(93006095)(93001095)(3002001)(6055026)(6041288)(20161123560045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123564045)(6072148)(201708071742011); SRVR:DM2PR12MB0154; BCL:0; PCL:0; RULEID:; SRVR:DM2PR12MB0154; X-Forefront-PRVS: 0567A15835 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39860400002)(376002)(39380400002)(396003)(366004)(346002)(199004)(189003)(48376002)(8656006)(39060400002)(4326008)(6486002)(68736007)(36756003)(478600001)(26005)(97736004)(16526019)(53936002)(386003)(50466002)(86362001)(575784001)(25786009)(8666007)(16586007)(54906003)(186003)(47776003)(59450400001)(316002)(7416002)(305945005)(7696005)(105586002)(106356001)(76176011)(51416003)(2906002)(81156014)(66066001)(81166006)(8676002)(2361001)(53416004)(3846002)(50226002)(52116002)(6116002)(2351001)(1076002)(8936002)(7736002)(6666003)(6916009)(5660300001)(2950100002); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0154; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0154; 23:ynW6Ht7i9MRytFSw1jppQYYg4I4TO6rebIC4CLq5G?= =?us-ascii?Q?WEYyLl0pSOj55PRObdaTe+HCNct3jTZbxu17M9/wOUCZm1Iq5bw39h99BpAP?= =?us-ascii?Q?dIvi5I8DQ/dJPVwyv/KdoG83ZMWOYHHi/RsM7IB0BfoTfLgFA+00oSdfv0W8?= =?us-ascii?Q?WKJt78TDbQZkqtcfMfR38ahUyCnqx+gOG4KQ2pm2quBTUbCLiqkpFpRJBxrI?= =?us-ascii?Q?OmUHQ1x/QgYMlGoMPFli85w4ICnxKkd/5ov+5LEAVAwUzF055IWKcRb8aDWa?= =?us-ascii?Q?RSxN590IDTVu0Vg8ghKp+5ikCnnQX9zZGvkRNTKKCUPB520T4cj14suCSEd+?= =?us-ascii?Q?RB2LbifWttooh00EgoVabIxpdIV3fjO4m/P2fx+TbFN02tBcHoEDgTQ0vSGx?= =?us-ascii?Q?W6qJyOvwL9EAa9VcfzKTf5twnHwFjHDuTs44qZPSIvcWsvt/pVxFSoG6LI/V?= =?us-ascii?Q?doOmp+YzwygP+Tk+aLXEPJPl4ieTOe8mB4xNGapSPLyY0TqTO0JdTxmJev2S?= =?us-ascii?Q?aubyZll50u5IG6UCO9H25PgKBBx9Z2df7ba4nQyH0HkcPkccTzqZARe3m0dN?= =?us-ascii?Q?lZJvDQLuaDxGUNtpBml//Pr8GCzEhg4cEjK6N/to5npHcR+7Xa8XV3mqX9rp?= =?us-ascii?Q?NVX1/4VJsPBCsROxmf0f0rJDzCXSMw6XI+h9VBs/bTC+IlOElXKoWXj21QUh?= =?us-ascii?Q?sm9uQwoGdeqsRGyy8Hqdzf2KxBXG6iwS0mPbzhljtfPRbb49f1KJRLGzJbdy?= =?us-ascii?Q?tdih53fKzHbF0nmbzorLS+GS9K6ZxlcqJPj6xTt6HIDHHQmXGhqz2AI+YjU9?= =?us-ascii?Q?K3lU/AeH89YbQz684J+zAA1NlEx4jg1VfQaO8TlZ2w5aVMX7Se1zjMEodNJu?= =?us-ascii?Q?XSMI2EuN2BL7SdpNvfi85E2hoArSiVV98bkYQvjyPZUGfeqRydU0zjCraEoY?= =?us-ascii?Q?P+79Im8eFvoYyKkFBhIoZJcEoZscD9KRu9ByAfzuB8vHZ19kb9H8VU8XWUil?= =?us-ascii?Q?aW1HZ7ISrPQ+wFzlcNflHnMoMqL20kjcKS5ZgD53rcHdVIhDLky2LONfQ9jm?= =?us-ascii?Q?Py/PnZSbTjPJCWiUSStH/LNI4oNU6H5L6R05V2uHSVFxiXQMeZX0RkkZE6TI?= =?us-ascii?Q?RongVwg8IgexvD4zlrm3aZCTI3ZeAk7pTWva+V6lEli448TX2rCpwnfd4p0Q?= =?us-ascii?Q?PPYY0TTTdbXHBB25deUtnS0hcYLHU7xJj7eTS7GryksICYNCnEUVPh+PlTbt?= =?us-ascii?Q?FPJHWKPQlzPH7D1wKYBLy5YAglz5sC9wMzKTrR7onHg+0uwYjsHo8DoAAHM3?= =?us-ascii?Q?y2M99M3GXDVQadKdR5xxte1HYi1zxmgkyZU1/PuLAYK?= X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 6:AtNbqeIWV6u9I0QM8OKZ7uu4mVyYqIrLcs+AcWzEfcExLjNCUmzVDHk6ATAW89tnKswQXcMNBTLt8A7LzwK5I09DpASN/+M56meMtKV+IZxkhiz8V54gFWIwGvV6N0DRTIsAdGu2mm6r/vBfaJj+OpGLyMh7O87i53xW3hB17TetxhBoNRPIKpRVuOlRXvIba28C608MCAfKu51T+L+/MTzV7lkBS0aLik8BFtB0ir+GpwF6mNpRxYagGzJXsEn6uD3uZJHNkytGKXjQp3YnpZ4GDqXk+ZRHztGFQTRWRkPZPegCz0SISKaFBksC/I2X0y/31OgvkZsZvH6j1RsyYqoEwzg30I07XnkbgTfTlkE=; 5:E8V8b4GZf6mx9nt/MiSrrph7ihw6RZZd7f6e1JixLFpCkb2koC/PrbeDuNiHneEkziH6ov0+uBYI05N826UYSqKsLUXi+rQSwaqzfDUwvMulM1Rz7JqifUsVKlvrEiQoxZKsGYHMIpI4hIT0E9/pSYK/euKT7uoBpPZBKemi8EU=; 24:2EucmHO0zIX6RjpMCU/Mpxim71svROEoJcVeu2EQxBA+RTzOGk5fAa9rmib5+d2HQJ98xW9tpnLBXiCiEFuL1Rg95CrdRWdLIEuYNm73UUw=; 7:D8L6OAMbl6J1iOI2YA5PIhIEoj/XiXecI5VwYzeN5c7iRY/OW3pH3aTo2FobgySBo3jYdisbrNaURUseCG+pMKzT3TF1wmUAHbRNteaz11ADyIMa54lVsbPUOJFSl3bces5l5NAYXUWOJr5iyFF1n0IX2CnQ6mRmxWE6ZNDR2F41rSdYYrqeRzuGZfmyRs5UQNWlb202mWp//L85/aUCbnYjCl8AMjau2B7jvlyMsVs2lxOLSdS5KtKwVzaFwZhm SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0154; 20:GGSnC2M38RMbB92jgHM+VXhh6HhiZAmDi3NO/hmetuRTl/VRSo4lc0O+i41Qtcou0CGT6p2NTFqLGwXjkgvUZoqeyYCr1eSPwkRdNLI+jqcyPE+h71HPKmNMBISPBWm2kSdsDaado0ZrBxnbtLGdbHRHfrcPRmXdkt7B1hQl4S4Fm2W42Q+tAEb5sjxCcHvkZk1SthvlP33F7raGv6KinOowFMyun9p6V4m2SmsS24eQ7Zf1N/115KfOiK+xBzEi X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Jan 2018 17:42:17.7602 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 58d82afe-a845-4b26-5135-08d5673fa4f9 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0154 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.41.87 Subject: [Qemu-devel] [PATCH v6 20/23] hw: i386: set ram_debug_ops when memory encryption is enabled X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Edgar E. Iglesias" , Peter Maydell , Eduardo Habkost , kvm@vger.kernel.org, Tom Lendacky , Stefan Hajnoczi , "Michael S. Tsirkin" , Richard Henderson , "Dr. David Alan Gilbert" , Brijesh Singh , Paolo Bonzini , Richard Henderson Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP When memory encryption is enabled, the guest RAM and boot flash ROM will contain the encrypted data. By setting the debug ops allow us to invoke encryption APIs when accessing the memory for the debug purposes. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Cc: "Michael S. Tsirkin" Signed-off-by: Brijesh Singh --- hw/i386/pc.c | 9 +++++++++ hw/i386/pc_sysfw.c | 6 ++++++ 2 files changed, 15 insertions(+) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index ccc50baa85e0..ba451c0dc520 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -1357,6 +1357,15 @@ void pc_memory_init(PCMachineState *pcms, e820_add_entry(0x100000000ULL, pcms->above_4g_mem_size, E820_RAM); } + /* + * When memory encryption is enabled, the guest RAM will be encrypted with + * a guest unique key. Set the debug ops so that any debug access to the + * guest RAM will go through the memory encryption APIs. + */ + if (kvm_memcrypt_enabled()) { + kvm_memcrypt_set_debug_ops(ram); + } + if (!pcmc->has_reserved_memory && (machine->ram_slots || (machine->maxram_size > machine->ram_size))) { diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 8ddbbf74d330..3d149b1c9f3c 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -180,6 +180,12 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) error_report("failed to encrypt pflash rom"); exit(1); } + + /* + * The pflash ROM is encrypted, set the debug ops so that any + * debug accesses will use memory encryption APIs. + */ + kvm_memcrypt_set_debug_ops(flash_mem); } } }