From patchwork Thu Aug 26 22:26:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 12460841 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,SPF_HELO_NONE, SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50E26C432BE for ; Thu, 26 Aug 2021 22:30:37 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id D5A3760E93 for ; Thu, 26 Aug 2021 22:30:36 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org D5A3760E93 Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amd.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=nongnu.org Received: from localhost ([::1]:43202 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mJNtM-0006No-1k for qemu-devel@archiver.kernel.org; Thu, 26 Aug 2021 18:30:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59366) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mJNqS-0000lv-33 for qemu-devel@nongnu.org; Thu, 26 Aug 2021 18:27:36 -0400 Received: from mail-dm6nam11hn2244.outbound.protection.outlook.com ([52.100.172.244]:22689 helo=NAM11-DM6-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mJNqQ-0005L3-1X for qemu-devel@nongnu.org; Thu, 26 Aug 2021 18:27:35 -0400 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=beoRXoISE9z2LBU1N9jQ3FAjglJheapKaW8/gNrCCGBoAyCjwFxeKvdrezfPF71e17REJFxRGJ2/rdnPpDy0HfCkMMXVl3l4wmEvC1PBd5drWLtWCVMUVe8g2Wu0FC46ypKgZvBv7lFkIRhkuZ5Zd2jCS6GPPhnNPnozswqMKdyNUvkDK6BKG71BRkz21eb2xI7Hb4CCt1x7X6aeSMKXRFJ50qojPQhzp94TViZoVZbudI/c0rW7XKdzSRsnrZV5+bBi27LmoPtFSMiNJXcVavW6QVQvlebkrrIKTmM9Dtm8O28UQNldDIBXVO5x0DK0alnqX6sM0jNbSkLeegXKrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8Y0U6T3TrceInT8zsv9jg8p9uixc2V5XYlE9SNVdYnU=; b=lf13FypuL4aUerOCXCqo3dTUFWUg3fLXh7CautEz6zWKbQSvkFrL6q0J4OQqBiZiLHblLoTk8YTlu/KTLrv6pGiS7dgwA4NE0XMorfFNd7WHAjjbS95tjdP6OgTTKmeeWgJ6Peyf1Gb5aCLA4HSWSD29QcnaCvfCpkM/GbLpdsBUbGR38AoBkJIKbtUX+r+FBsWbOhcAMBNcbbgDNR881K3kMbMT4YHU7nHNPQeS7QNrqFSiRP4DlLtWdKiDJBMbuO+uCl9rYdnk0jCla3UrGsJ0lrzcEKKrAMqxHBicptbXOV6IUNStT8knwTGHOFdxC1dvnofEtJD7MlL+u0r5Sw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8Y0U6T3TrceInT8zsv9jg8p9uixc2V5XYlE9SNVdYnU=; b=rwWHUHt4zpNNlcXpqb2JYZtV1GDBaxTIUoW2esSAJv70QIAWxKF5umaPQWCdeDd8hEWILAzYRssjv5MdA2C4h1BsOFTfVqD06Tvbe8WQFGXkn4yt3pgN1qswX/dlaFMbFnhrbq2Rn405T+FyWsZoGu3WcPrOObuw9sxM/6seqZU= Authentication-Results: nongnu.org; dkim=none (message not signed) header.d=none;nongnu.org; dmarc=none action=none header.from=amd.com; Received: from CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) by CH2PR12MB3925.namprd12.prod.outlook.com (2603:10b6:610:21::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.22; Thu, 26 Aug 2021 22:27:25 +0000 Received: from CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::d19e:b657:5259:24d0]) by CH2PR12MB4133.namprd12.prod.outlook.com ([fe80::d19e:b657:5259:24d0%8]) with mapi id 15.20.4436.019; Thu, 26 Aug 2021 22:27:25 +0000 From: Michael Roth To: qemu-devel@nongnu.org Cc: Connor Kuehl , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , "Michael S . Tsirkin" , James Bottomley , "Dr . David Alan Gilbert" , Tom Lendacky , Paolo Bonzini , Dov Murik , David Gibson , =?utf-8?q?Daniel_P_=2E_Berrang?= =?utf-8?q?=C3=A9?= , kvm@vger.kernel.org, Eduardo Habkost , Brijesh Singh , Markus Armbruster , Eric Blake Subject: [RFC PATCH v2 06/12] i386/sev: add support to encrypt BIOS when SEV-SNP is enabled Date: Thu, 26 Aug 2021 17:26:21 -0500 Message-Id: <20210826222627.3556-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210826222627.3556-1-michael.roth@amd.com> References: <20210826222627.3556-1-michael.roth@amd.com> X-ClientProxiedBy: SA9P221CA0024.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::29) To CH2PR12MB4133.namprd12.prod.outlook.com (2603:10b6:610:7a::13) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost (165.204.77.1) by SA9P221CA0024.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4457.18 via Frontend Transport; Thu, 26 Aug 2021 22:27:24 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c83bb0ef-0250-4bf4-6d62-08d968e0ae02 X-MS-TrafficTypeDiagnostic: CH2PR12MB3925: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:262; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: iuFs9INAzndsl4LFujevoznRAI/3MFO0FuyS3rg2d9oyL2Qy5sTmjk9s+pPXYmRJIC6Do+yjqO1dnPQ9THh2S/zn9+B2vH/IGtwMh4g6qTGbDcwaX8fK43y0eRPd6HutwC0n7uAf/T/H61IiWxwYw5uoTuNWfoqQEwTGvL0m4PQT6ZOUK58YmYrzNS41D9j4BceOf38HGA2y6mtHJ6z4SB7otFFWTUTd2+5sH4PFJP9WIwhoRnJzaf538g8kLm/DJd7oFVR+K35JrSQ2j/YbYJZU2S9zEjVAl+qzE86D684srbvrH79YPZy4jzQ+DPOFwOBydHJFHptUgmXsBOfkh4O0sj9mRb2l8Wjy+mxnJyUTAD/IIqa5TTl+nMUOxeP+cYmdsaMYqN1TwX5vOsvpwVIldVllgGcUK4Owd1ZvcoRo6GKt25R4Lwhdjo5fIjdP+0MLS+Zwv+XAnlOd3q4BSkUedkixolOVEjOBwSFhBu2LF8CIL8kDQJ5GRpmwQOo6BVX7xBbZhnB3Ll291bVkwx5pZCtP5rT8rIAh8g0wR/koQynCPIoZZLQNMAhBNiJ9divffYPezzK57O1HI9cdNuxows8Iruw6xBiQ2DPLerya7RDFKpf+eKxMr/JmYXaGWHNI7Gj36znfnYu3zOgNJ5uyUeI66siAj+oQ2u2U62ZKUJQ5n6Qhzi5xOdypghhBqZKhMoreOBayqxZRYA6bsb7xlpkhERqXm6F95SmynFhOzcrNj2c6Von2Fi9ysbDxf7gXOuzx+gvOEY5l25jj0xCrdIPYwsGM4qxHeKjBAYJUBZR1+D6l+GZEHHPYDGt5cr4oZM8dH/BYlnoZV7n1D+yCCfwVo412MhahksLVqjmieWbDrrSI5iDWuxLaudissZnkUuZTzrypL7g0tVBQs7o6NUmDzMkxJW/Np+kfk0iECWSazC7x4HBXtEmonHr2XTCox13o4NPh/hP/WNSTp9sNuVCcbBOT9EOzjuBpaivBxAtxdPRdG0Ul6RCaukWWqDUlghc+dYewShw37SrhdG1ry3t1usU5Js6CsbILVXI= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:5; SRV:; IPV:NLI; SFV:SPM; H:CH2PR12MB4133.namprd12.prod.outlook.com; PTR:; CAT:OSPM; SFS:(4636009)(376002)(396003)(346002)(136003)(39860400002)(366004)(8676002)(38350700002)(66476007)(38100700002)(956004)(2616005)(6666004)(66556008)(83380400001)(186003)(6916009)(478600001)(36756003)(316002)(4326008)(44832011)(54906003)(66946007)(52116002)(6496006)(2906002)(86362001)(1076003)(6486002)(5660300002)(7416002)(8936002)(26005)(23200700001); DIR:OUT; SFP:1501; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: AAzUXDvXqH0ST0/i70b+8UE7ob6KOpI5CvDG867qTHuAvTRZynHGXHWf2WCktLl73cn34mCoWr/kA5E6s+Oh3MTGswvmhU6d/kEmdMdESXXLGf5QVBe5j99suEpwWzE5fIl0exn6czEA1LyXEFvGvhB3FrVG+mJXcM8/lsfciqUVyn7kBxZ1Mt5IUt3LXBZXc0QQLkfkmBlak+8pFcOyN0nfN2pz6ajUjyWmK1/y76qF8VK8DwpmxFmbL2B0PPPRU5D7RXaftC7ZqvuAw4nu0Dvc59vpYgP2EdqgZisPFh8yMShCXwfWooy/i1y80d487yOvur2O4KUS1cOzT8Zyc7DQmSzbm7DVO+Sfgg8YraDohLCWyMMFjgE5Bl9jzLp44y77OKvXo5JZ0wq32v1ey+vWxzS/eQYyqYx0Altk4qu1CCzrvdC5I5Z3jKf77BR9Q+2dbvfrT0wxzNw8C4Amg5236lMo2zEykz1rHh1rHeotYMsreoCtHgURuMdaQfoMp27N6LoHP8fjiAr1fPrYOD4rJCRe1eQUgZe5OmEjuDEh9ZT/KSsoYKxH1bzzFsRTTeABElXrS7cscc/vplRSJkwZ6gyYLmIiu81Ny6i40WlNm2ct3l9Vx6mf1uSgVQWpdeUsvEEH3RD7x4REiPQHhv8zWd5U2gcnC1dKpJNgBGRuPcOrHkEqrRuV/zXaKMTfTvvGFHQFQ6HMoPMX63NDsOARedtaHUW7kvz7LwB5YTpARpHFS7c9AqBYXaFz+kLw3p7AO0Yw5zJ8hGYiduP1yxUiE7257TEdhnfQAJ15CI4D0xMnH8r56ILedEnZ1v5H3R2N9iFPpkqwYE+8a6D/Dn09slVLtgCH2KhalqjZSmf19XEXepAx4eJcc/sGrcFKDqKPm+gPnTJ9jKcJgMaea2cfGshfFRwa877g0R3jrS+cF/4tpJCcFOS1J3GEc8wJlFOrTGDAb4DtTQw64vSvCw6rUJDMuOHfTbdLNI+qZAs8NX0jnTPnrPqDCQeDQ8xd/jHIGUepgBA9kjPYx0ziW6Z6xH7rpXUrV5R8suSP9hKMby8NWO6iQHVkjY9UciBOQHEPMYTKbAP8m9ZmqM34IFZac3EoaqKQ06W+lCw28C7jl4HNOsuYKp1lSiPEPB2/YFrunDSF2wdSfEtWnPA2HOuiKPOq/zjbX4KFyTSEmiInfX52EV4p10lO4Ok0U7rweGHdlEWta6n2u8C66w8laaulun5/LFXsWlQSixWVRmqQvNNFrOMLYtfnW8EuyY6c0VbjpFBhFzKLWdsjIlvVhWSIo0GYZfrwFw/ASzJdWr7Y7EPTMNySXm3N+tSdNy5k X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c83bb0ef-0250-4bf4-6d62-08d968e0ae02 X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB4133.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Aug 2021 22:27:25.2526 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: eQ1FcZe+kg6owZGglcQ+OZpNXKzlGjMJq4mke9LFqYfOoeoKHiyxAQeja++0dokCpnf+rKih7DqqALaUaJe9NA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB3925 Received-SPF: softfail client-ip=52.100.172.244; envelope-from=Michael.Roth@amd.com; helo=NAM11-DM6-obe.outbound.protection.outlook.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_UPDATE command is used for encrypting the bios image used for booting the SEV-SNP guest. Signed-off-by: Brijesh Singh Signed-off-by: Michael Roth --- hw/i386/pc_sysfw.c | 7 ++++--- include/sysemu/sev.h | 2 +- target/i386/sev-stub.c | 2 +- target/i386/sev.c | 40 ++++++++++++++++++++++++++++++++++++++-- target/i386/trace-events | 1 + 5 files changed, 45 insertions(+), 7 deletions(-) diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c index 68d6b1f783..54ccf13c0e 100644 --- a/hw/i386/pc_sysfw.c +++ b/hw/i386/pc_sysfw.c @@ -149,6 +149,7 @@ static void pc_system_flash_map(PCMachineState *pcms, void *flash_ptr; int flash_size; int ret; + hwaddr gpa; assert(PC_MACHINE_GET_CLASS(pcms)->pci_enabled); @@ -182,11 +183,11 @@ static void pc_system_flash_map(PCMachineState *pcms, } total_size += size; + gpa = 0x100000000ULL - total_size; /* where the flash is mapped */ qdev_prop_set_uint32(DEVICE(system_flash), "num-blocks", size / FLASH_SECTOR_SIZE); sysbus_realize_and_unref(SYS_BUS_DEVICE(system_flash), &error_fatal); - sysbus_mmio_map(SYS_BUS_DEVICE(system_flash), 0, - 0x100000000ULL - total_size); + sysbus_mmio_map(SYS_BUS_DEVICE(system_flash), 0, gpa); if (i == 0) { flash_mem = pflash_cfi01_get_memory(system_flash); @@ -208,7 +209,7 @@ static void pc_system_flash_map(PCMachineState *pcms, exit(1); } - sev_encrypt_flash(flash_ptr, flash_size, &error_fatal); + sev_encrypt_flash(gpa, flash_ptr, flash_size, &error_fatal); } } } diff --git a/include/sysemu/sev.h b/include/sysemu/sev.h index 94d821d737..78e3bf97e8 100644 --- a/include/sysemu/sev.h +++ b/include/sysemu/sev.h @@ -18,7 +18,7 @@ bool sev_enabled(void); int sev_kvm_init(ConfidentialGuestSupport *cgs, Error **errp); -int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp); +int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp); int sev_inject_launch_secret(const char *hdr, const char *secret, uint64_t gpa, Error **errp); diff --git a/target/i386/sev-stub.c b/target/i386/sev-stub.c index e4fb8e882e..8b35704937 100644 --- a/target/i386/sev-stub.c +++ b/target/i386/sev-stub.c @@ -56,7 +56,7 @@ int sev_inject_launch_secret(const char *hdr, const char *secret, return 1; } -int sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp) +int sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp) { return 0; } diff --git a/target/i386/sev.c b/target/i386/sev.c index 51689d4fa4..867c0cb457 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -946,6 +946,35 @@ out: return ret; } +static int +sev_snp_launch_update(SevSnpGuestState *sev_snp_guest, hwaddr gpa, uint8_t *addr, + uint64_t len, int type) +{ + int ret, fw_error; + struct kvm_sev_snp_launch_update update = {0}; + + if (!addr || !len) { + error_report("%s: SNP_LAUNCH_UPDATE called with invalid address / length: %lx / %lx", + __func__, gpa, len); + return 1; + } + + update.uaddr = (__u64)(unsigned long)addr; + update.start_gfn = gpa >> TARGET_PAGE_BITS; + update.len = len; + update.page_type = type; + trace_kvm_sev_snp_launch_update(addr, len, type); + ret = sev_ioctl(SEV_COMMON(sev_snp_guest)->sev_fd, + KVM_SEV_SNP_LAUNCH_UPDATE, + &update, &fw_error); + if (ret) { + error_report("%s: SNP_LAUNCH_UPDATE ret=%d fw_error=%d '%s'", + __func__, ret, fw_error, fw_error_to_str(fw_error)); + } + + return ret; +} + static int sev_launch_update_data(SevGuestState *sev_guest, uint8_t *addr, uint64_t len) { @@ -1219,7 +1248,7 @@ err: } int -sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp) +sev_encrypt_flash(hwaddr gpa, uint8_t *ptr, uint64_t len, Error **errp) { SevCommonState *sev_common = SEV_COMMON(MACHINE(qdev_get_machine())->cgs); @@ -1229,7 +1258,14 @@ sev_encrypt_flash(uint8_t *ptr, uint64_t len, Error **errp) /* if SEV is in update state then encrypt the data else do nothing */ if (sev_check_state(sev_common, SEV_STATE_LAUNCH_UPDATE)) { - int ret = sev_launch_update_data(SEV_GUEST(sev_common), ptr, len); + int ret; + + if (sev_snp_enabled()) { + ret = sev_snp_launch_update(SEV_SNP_GUEST(sev_common), gpa, ptr, + len, KVM_SEV_SNP_PAGE_TYPE_NORMAL); + } else { + ret = sev_launch_update_data(SEV_GUEST(sev_common), ptr, len); + } if (ret < 0) { error_setg(errp, "failed to encrypt pflash rom"); return ret; diff --git a/target/i386/trace-events b/target/i386/trace-events index 18cc14b956..0c2d250206 100644 --- a/target/i386/trace-events +++ b/target/i386/trace-events @@ -12,3 +12,4 @@ kvm_sev_launch_finish(void) "" kvm_sev_launch_secret(uint64_t hpa, uint64_t hva, uint64_t secret, int len) "hpa 0x%" PRIx64 " hva 0x%" PRIx64 " data 0x%" PRIx64 " len %d" kvm_sev_attestation_report(const char *mnonce, const char *data) "mnonce %s data %s" kvm_sev_snp_launch_start(uint64_t policy) "policy 0x%" PRIx64 +kvm_sev_snp_launch_update(void *addr, uint64_t len, int type) "addr %p len 0x%" PRIx64 " type %d"