From patchwork Thu Feb 15 15:39:46 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brijesh Singh X-Patchwork-Id: 10222035 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 87936602CB for ; Thu, 15 Feb 2018 15:46:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 783602941D for ; Thu, 15 Feb 2018 15:46:28 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6C95F29426; Thu, 15 Feb 2018 15:46:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAD_ENC_HEADER,BAYES_00, DKIM_SIGNED,RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=unavailable version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id BF19C2941D for ; Thu, 15 Feb 2018 15:46:27 +0000 (UTC) Received: from localhost ([::1]:60750 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1emLju-0000nQ-SP for patchwork-qemu-devel@patchwork.kernel.org; Thu, 15 Feb 2018 10:46:26 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35830) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1emLel-0004aS-QL for qemu-devel@nongnu.org; Thu, 15 Feb 2018 10:41:09 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1emLeh-0003cU-Sk for qemu-devel@nongnu.org; Thu, 15 Feb 2018 10:41:07 -0500 Received: from mail-bn3nam01on0059.outbound.protection.outlook.com ([104.47.33.59]:63552 helo=NAM01-BN3-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1emLeh-0003c3-LS for qemu-devel@nongnu.org; Thu, 15 Feb 2018 10:41:03 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=2DFtgqwVUgcxVVo6D8Y4SyRXve2OmdSb12VfhrX6DHc=; b=ZrIg7tFO2Igej6L8ee8roEvMZNxVipDmVf4/Ed8Fo/6ocBlC9tNZnn/wED1/27ZWLSvB+gdZdClWWUR2tEnvJbfqc7+Ueb3AcABfE+7u6D7vLerFw7iCmY1OhghLSGQZDeCA8pXFDiD8+dX9iUQG7VWmoW74uNge9xt8UzVkn7A= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.506.18; Thu, 15 Feb 2018 15:40:58 +0000 From: Brijesh Singh To: qemu-devel@nongnu.org Date: Thu, 15 Feb 2018 09:39:46 -0600 Message-Id: <20180215153955.3253-21-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180215153955.3253-1-brijesh.singh@amd.com> References: <20180215153955.3253-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: CY4PR04CA0044.namprd04.prod.outlook.com (10.172.133.30) To SN1PR12MB0157.namprd12.prod.outlook.com (10.162.3.144) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 3ace3e1b-083f-4802-a765-08d5748a834c X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:SN1PR12MB0157; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 3:3ZmbniYacoqpVQY6Wj+l8hhIGxKfCfUtEvGb9laYr+j6XcoNLHAkoVhvzqtKYXVfKmgRNFcww0IcIJ0cZCnCxEqKPszuAh2vySnjqN1j4+5brP9q1QZ6XAtJvfn4cOv+iyNIgYgoCjLNq9BsD6MGHetLuzvhILdfnYgfots9zZ3MkYHnl3vpgndCGtoucmXC8glB5fnZUs6a+H7ULNd+7xsNpi7RfTaJAukm8+cT5NFxT5e7YHNWtumT0yipa/tj; 25:k14C6Gv9eFURR4+Cr7CrgBB2SUePVWCotMEWxRX6Q8r1Gc3Rv7x+UiWobX2FuS840d/DuySiHuOXJM6i5Pkw0lUxGTzVyBfXDbSPLXrE3E7+ind8Ifc7+1QLCfV7re5my4pfALbZK9sIybRXMIwuNS/sKIvH1FcUAmpF9RHId7oDtD8JUUWTdxkBjLAVEahopTRU2hTA1f2SuGhT+DP3fYkU6//2FUW8CoKIPmoryenIBVugAGkPkXC0+kiUBjbq1n2DAGMJOk6edf41k6QJ4nrl01BE6ETjWwUMWRBXr0G7gy3SryW+td3sGWEBMC6Yeo5prXWopPNs7aKDWMEQXg==; 31:IOY61lzADyzrXgvb0S/UTevULGeXR/5OeVd8LSPFUGY9Bs1rWvDOaX9MH77a08BLqSBJeSARBQSeat5g/yDIe0wN3yoKk9oKhTDckCqw0Y+ncD6MmuSwVC84PMc50dQFdZap59A9CUWB4fsLuKJrFAAC+0RNHT1OfVptZwusQ9KxRTfwiUBaqJbfpqUEAqPA4ZVflxC5PXKxFvoza7wTrb2iyA0ZfX4c8qzU7wvRUAQ= X-MS-TrafficTypeDiagnostic: SN1PR12MB0157: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:edMiTmIp9wHNkROmRRBguYq/4srAayfjFftbucDnQqdOyLDMv8joGb0CGzwX0akqOxB9xzqgqNbU70pHktLlfhALdfY56TLxYYa2/qcLDi0Bv+XZci5B0OteGI8SXSn7oQ0C9fnsw2VnIA60PNllyBEalawpz2LAdj6XofacE63lkfeklttfV4kjwh3/Kj7IgzhNY158DWlZ2X5P8xEM3MC2TrlOKOW8j0nxzUPImHybIGpow8GycjGB/Wqo064Qt+Lg5ip6LVvyWltb8rSrWdXyZXoK2GFgvk7mdu1MoizU20ywaXP02ihk14voNQNndkuesvkDK3x6V60HIdvyqikAouS7M0bvyz2ZmJRxx1YDyE5yefgXLPuG4zIFFINStZfKU0DpW+yxAftTRFSgjQoSIB5NDxtllwES8OAcvLfcPmlVCktsSN/RVlv6dVrQRisvW95Qw/XREtzC9tg7VzsKn/IeVT61FKwrug0aLA+4PRq/09a8spwgqzSHAQ9a; 4:7VqosTdnKhGQI8ss6f/EgTdBFm/87gn5ZYZZDGY1uwaVwEsmBLRszuLO44DXec2hfXG8Yh/7NfZbF6p24IxQkMiyfAQ8gsyzrqf+/fmxtyF4wCsno23kbyhIV89N3Zwj7vwmWj9S04JdHgT2RQT6/YEBL3IZvE+QLfBp+tKoMOKKlt4itjtoiU95PeoC2c1eRY35mUpoElV98VvIbXQenkKu8QolCYpOBpn18bhF3sCV3f8UhJlXuvdPoTf+/tLqmU6QtDoxhQ7Y778sBv9I1PCi8NXUFzlOYtHBwmPTucgRJq9SnXQvifXlYqrnlQQv X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(10201501046)(93006095)(93001095)(3231101)(944501161)(6055026)(6041288)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123558120)(6072148)(201708071742011); SRVR:SN1PR12MB0157; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB0157; X-Forefront-PRVS: 058441C12A X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(376002)(39380400002)(346002)(396003)(39860400002)(366004)(189003)(199004)(26005)(3846002)(386003)(8936002)(5660300001)(186003)(16526019)(316002)(6666003)(8666007)(1076002)(54906003)(6116002)(48376002)(50466002)(7416002)(478600001)(59450400001)(8676002)(68736007)(86362001)(16586007)(2906002)(50226002)(39060400002)(2351001)(6916009)(7736002)(106356001)(51416003)(8656006)(52116002)(25786009)(4326008)(97736004)(2950100002)(6486002)(2361001)(36756003)(76176011)(81166006)(53416004)(66066001)(53936002)(81156014)(47776003)(305945005)(105586002)(7696005); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0157; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB0157; 23:o/e60i4hoEWPxwqAR1ZU1gND0DOFPeMas7go+agRk?= =?us-ascii?Q?/5vaS1V+itqUaLhz1Bh/ozjJh+J4rSqZ0b9XVIl+85YO9T7QG+wB0+rNSGEf?= =?us-ascii?Q?u/P0YipR0wQbXyq8X/1PRAkwjjeeg2Hck8XhQdDZs3EHlhp3YLaFXSJCcU3/?= =?us-ascii?Q?5iZWRpsf8GIEj8CxEjoAWDBMB/PNId70kc8+a3mlBM2MDrZpqONA6aNefLGX?= =?us-ascii?Q?dsrjIH0l1vAXBexLvQEGJ/Gm0jDmboUThP8vQX0Tx1ijFJIEk2tclACrHheN?= =?us-ascii?Q?ZpHvKUWTiV0o+DxfhcpQSCjKEUJQmXRJUr55GdAV2JXNU1lW8/TzlcWQMnFk?= =?us-ascii?Q?DbxPTtA/SVCWGzhfoE160EtOqqFx7d1pxvgYZuzpBbVbgcxaoAWjfWGd7bci?= =?us-ascii?Q?1o8IMknsFnSU7UQAAaFeLrxHapTasR7RdvXgt1Qb6gbDmaXfDb6WW7eKW0In?= =?us-ascii?Q?lfBWDRXqxOpIBa7LLZ7/XOen7WjnkGoXnxxrdG0SZAqGrJAsCMrFV4UlNOef?= =?us-ascii?Q?JU8V31Wum4bdRvWIC/oh1YoPApyasUzC32Rr3Rr//AQg4/RWAekfgMWa+tRm?= =?us-ascii?Q?olw0dCc4vkr7UVRMxIAVcPoaWDF+jmbmKdgrkT8HXq18K/XQbjOULQpXVBxZ?= =?us-ascii?Q?97b6e8AQylSHVQSmXr8Av28Ru6UDjskMH/JsfN4O6HaMuMClEwy3xflcGn/f?= =?us-ascii?Q?fJJcDvwX3XIIRdbJo1XV1Jyq0Ko0Lb4EPhQ70hF+kosCbw5qBprEr0JRuP6w?= =?us-ascii?Q?h64rn/0Kbj3ZK9omTbL23nKDlJIqCrPJplZRmcV6seu2MIR/HzhJ1oeyU07f?= =?us-ascii?Q?NLrbC0wreuO4SRj/HlD0KAdNY3JVBnyyPiCwRUK2VDvVx66hyCaz009mleeY?= =?us-ascii?Q?Ixv4mYMZTnkChNpliMBz0300Jg640hefADxiGFJcuOXDbpmvUkUKaBoOYtYv?= =?us-ascii?Q?51NX8OW+QsBu09oBSVUTLiPgUc9qu5MZtIGNtMO+teZavvzSsv0h+HlFFKMX?= =?us-ascii?Q?x420IiyXY2L0drDL7x4p6RD00ulkkSjsyRBU8OCMHQjKXrzsOX8sGdfGLKFq?= =?us-ascii?Q?vEUeUy4xfNI3BkFsJzkoPMpo1ajkZdlUTzWMkCEO28eN5B7pLTa5Qg2xj9s6?= =?us-ascii?Q?ysJ/TjLeOL3i7xPM5TSmnmMIABBgxyrNiQv384ZgctIENZVCKLEf/9L/aYGT?= =?us-ascii?Q?MHaMr9rywcInJVni0RU1q0hSAGB7Tp7qmRbciFA32jAfhFf3FGxep2QVBJV3?= =?us-ascii?Q?gmG8XqG5XV6Wvcm8wy11xCN8fxFFLN3nVcZ2Hd8EScDCgDJ1SW5BgDmI9EJc?= =?us-ascii?Q?k/5gHgcv6fx1u5O3K4pRqY=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 6:Mj/yW/1kt9a18aTqyKY+RLOQ1KeZaUj2oK4lWTGPlyjatz3slNFggtPdDJm7R5ey/YawKmw39o1LZBwbTxEqkSzJoQ/XOa/isnvEiDBaAtliEphZRoY2VYPeiKTYHZP6HIYLyvWYE5rT8ES4XwX+F6yIhrSNCGpQngAK8gY6O+cadv4rlm+D0y5jyNyR9V22hAmhGPrsrQ3hGicoSjRpHe53e3PQIVU9kkv31coUaKT88hU7geB7LJIO3feIyKFozHobsnnY5FTA54zjYlwYkvpQH/+KSygvyR7oHm3QshqjhRkCsE2xtnt69wvgsP5/cFGHruiQBunfRNS+tA4PWDHioSuI/5wWgVhgxUsY4YY=; 5:+zLwe25odDae5nFTnTcQ94G4hisHbsf5fHYSZFiZckMm4t9oFs+QJz3zlloZmPBh5EpVjYSPnORItSEJcm97KuJ4jLlG3iML4xqFzfS0OMfjt9uMPVh/vcLCUnkSyFDiDE8hdelyEffa2T28agRPU6tNCzAa0e5EQ5w+yAIZArQ=; 24:la707ZCkBXGCBDhKXcdIrjortIiJLZKMyCPQAnHUnNdx+nCnGINeeGYOhz2DB/WN7PoGC0cfpbsJmKPFn/qefs7ceWOBbcnURWLBfMrz/KQ=; 7:qC/BqIkdn5MDygXRvTr1Y0ggVsUY0C1nla7+EORSmF26nG9mtj9n286nyRXUZsLVkbmru4kK7Uhg0iDQZsyHMxNvlAuoBNJgl9KXeFggisVNDJZZkFmSXR0o7QBU1/+VjJxtufHwHUCzUhzNoOBHV/Yo3eUN08jEy2tLxyHX+mX7a7Hu1P3ekkhYHbYdYbF/TuZQM8/yT67RbjD3dWY5p+xHduVmpWmAS8gtYeZET3dvgHX8hXlQ3CDXcsIEno54 SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0157; 20:jmA33l7oYqPb9SWOJDiAP+zEt511rbcHBrWEH53UI80PHAAyCw8CAeqxx5O/bUV6tJVk9NuSd2fWt3eha5a1HCNF/4mo/seaWxs3BEunI9HEKVYugM9kH0MfZahm1CZXDl9iiHdvnFB+eRgN3FXq895Bmdla28/Zn6BAKb9PhGiRZO5Zf7FA0ReOHWNogAMpPnGuf/9kdR4N3rB0pwrYii5TWYtq2FUp1wi7mZPibAOUnUFw8U42akEQ26ouhTi7 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Feb 2018 15:40:58.3065 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3ace3e1b-083f-4802-a765-08d5748a834c X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0157 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.33.59 Subject: [Qemu-devel] [PATCH v9 20/29] hw/i386: set ram_debug_ops when memory encryption is enabled X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Richard Henderson , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP When memory encryption is enabled, the guest RAM and boot flash ROM will contain the encrypted data. By setting the debug ops allow us to invoke encryption APIs when accessing the memory for the debug purposes. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Cc: "Michael S. Tsirkin" Signed-off-by: Brijesh Singh --- hw/i386/pc.c | 9 +++++++++ hw/i386/pc_sysfw.c | 6 ++++++ 2 files changed, 15 insertions(+) diff --git a/hw/i386/pc.c b/hw/i386/pc.c index 55e69d66fe6f..53ddecef369c 100644 --- a/hw/i386/pc.c +++ b/hw/i386/pc.c @@ -1360,6 +1360,15 @@ void pc_memory_init(PCMachineState *pcms, e820_add_entry(0x100000000ULL, pcms->above_4g_mem_size, E820_RAM); } + /* + * When memory encryption is enabled, the guest RAM will be encrypted with + * a guest unique key. Set the debug ops so that any debug access to the + * guest RAM will go through the memory encryption APIs. + */ + if (kvm_memcrypt_enabled()) { + kvm_memcrypt_set_debug_ops(ram); + } + if (!pcmc->has_reserved_memory && (machine->ram_slots || (machine->maxram_size > machine->ram_size))) { diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 73ac783f2055..845240f97293 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -181,6 +181,12 @@ static void pc_system_flash_init(MemoryRegion *rom_memory) error_report("failed to encrypt pflash rom"); exit(1); } + + /* + * The pflash ROM is encrypted, set the debug ops so that any + * debug accesses will use memory encryption APIs. + */ + kvm_memcrypt_set_debug_ops(flash_mem); } } }