Message ID | 20180207160638.98872-11-brijesh.singh@amd.com |
---|---|
State | New |
Headers | show
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=2001:4830:134:3::11; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=<UNKNOWN>) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=amdcloud.onmicrosoft.com header.i=@amdcloud.onmicrosoft.com header.b="mX809jSc"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zc5wN1hWQz9s71 for <incoming@patchwork.ozlabs.org>; Thu, 8 Feb 2018 03:13:24 +1100 (AEDT) Received: from localhost ([::1]:55601 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>) id 1ejSLa-0002CQ-8b for incoming@patchwork.ozlabs.org; Wed, 07 Feb 2018 11:13:22 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51640) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <brijesh.singh@amd.com>) id 1ejSFm-0005vx-Jk for qemu-devel@nongnu.org; Wed, 07 Feb 2018 11:07:23 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <brijesh.singh@amd.com>) id 1ejSFi-0006uq-KI for qemu-devel@nongnu.org; Wed, 07 Feb 2018 11:07:22 -0500 Received: from mail-bl2nam02on0071.outbound.protection.outlook.com ([104.47.38.71]:1538 helo=NAM02-BL2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from <brijesh.singh@amd.com>) id 1ejSFi-0006uY-E2 for qemu-devel@nongnu.org; Wed, 07 Feb 2018 11:07:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=eJCgdXUKAWBngBaeeaweFog/uXV8sC2135OIm32WAJ0=; b=mX809jScLUOAR7zHeDV8hc2ARMwGMTvk9voAqSX8A3kYlfZhMjKC4f6m4VQTS/skxdPAn9REXJlYzxgOLz3D81Vr9NfwRpUw4uyqBL4MSKyeRJJZ9/1+OU1p49Fv98kSbky6dxexwuzPC3g2TgRVIRVCMKOeZdCozL764qFPzs0= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from wsp141597wss.amd.com (165.204.78.1) by CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.464.11; Wed, 7 Feb 2018 16:07:14 +0000 From: Brijesh Singh <brijesh.singh@amd.com> To: qemu-devel@nongnu.org Date: Wed, 7 Feb 2018 10:06:23 -0600 Message-Id: <20180207160638.98872-11-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180207160638.98872-1-brijesh.singh@amd.com> References: <20180207160638.98872-1-brijesh.singh@amd.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: DM3PR12CA0071.namprd12.prod.outlook.com (10.161.151.143) To CY1PR12MB0152.namprd12.prod.outlook.com (10.161.173.22) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 1322c64e-7de5-41a8-8974-08d56e44dae3 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(48565401081)(5600026)(4604075)(2017052603307)(7153060)(7193020); SRVR:CY1PR12MB0152; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 3:0qPQdzND1tu6qfOZvm99K5t00FKx8mZAMFO58hPoyPt7qAx56KVUI9ZCFd/IalBIRqi06nvkwHvTNNWs5zthqwWr2xfzbpjAuabYRO0OtITZFR/5+xAfh+Cvk+uyhAD/bwy1KG4Rub+vFHIAilXCK678CHzT/pm8sEMSZs67K/m/elB2gjNkbWw9UUB7nCWKk0h7pyVXyDbvv5KDMHj9p5mNJ0eHo7EGY5zvS974BirWhaAek96N0HQ+2OCzxc1Y; 25:hvG6wTfFqk7QlJXUNHY1SHWHUmyh/MROCVJZEdgHUmoqL+A9qIrYZahRzlHHapZgiczbh/6chaimvBHrVj0fkkED4rP+X71NLYPSLrRboACPp/Gk/Vgec2XwXOXRt8Kr6P756ir3U4TbtxXqWIm7B9wqLFGCZrHNY0Ah2HMB5Ocjq2DVGEBY9teqHaLyNytzcV6uaKWAoLRdAKLf0TbYAUmJU5ClCARibOv/7tC1BzISqrIW14VLk0EPTaKE9aC/eST+q2X0/jogdiFEq/+jkYXdjnQdyubmrCHfuXTNPqkuuWOaTiC4W7wA/uxe47LglFQVqsja+Aq36jkCBSCJKw==; 31:S/Izk4ydyptMhO47mutoFN/gVxTf7K3LIXNzU143/vVJ/eBnZv1/PD/qKBw9WilEyxuXdBpQGYV/qKGoYUskT9apvrn49lH7NdVF4H0TRDeyqHY3X8BEmcw/81bhTKbRIAio69vTZL5+Hd6q95Z7OQt4Tg7ot6b/0FUMSGyFrvzpr4uh1XgSpn0H8PIcpWdF+bZThkMebO71ufC3P8tR4gcObb+QfbCMTxZ+rJt6VOU= X-MS-TrafficTypeDiagnostic: CY1PR12MB0152: X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 20:0qDY2Ja7u8kt58IsKAR7jJPj+i4hZOSfOhAc2h/OaRNbxFIFTHca5HC2IV3jFSlVkSakrltXIsNP2BbDGSTeY2vh3mdelQ8etk4xKeJYRkEgSA/ABww3HwcZrRehiKTkJmVQgGGUOomVT+yMyIc9bo+TK4RVKX344Pp1f3BTUUXx4GrIhRK7CpV+4TN4EQj6a5gdlXK4+1TgV6wt0TKKyXlrXn+3hiif1d4zcthUD5BVQplP0P6PxXd6Rh1vltrou4DiZ0Y7HCL3Y3SWPUGAJ55JCDKCS791TRvn0IfYOrqLiYDJimrxndGpZRIdLMMCoVt/v2AXdKvPK6pEv1CxOsoLP6hY/2aIl9EFNmHnB3pk0RgmYdJe//jwzlUWidg7GdKhKsbnitS4rsdmFkGQVO4uHZYjRZp0iSIMzniFV/kv0YYojRyz5G1SbdSut/kI+zSJ5pzfX2vfR2k/k47nsKG8u0IGtALeAYS/Kgk2XWhB8b7HGXbHB8SIto0dwsJT; 4:G5ZxqxuFDsK4wUdW5qlR7TP9oS0swJrQXbs2EKB9P8mIGcWa95QFYp7qeQyDBEZDCVS/FMFSa7ZuuAVqITaH35otNgGLij1hY/VP4kZJbSwhTn317Sj4dKwszP9Ma+jTcWPDexrVFUzkr/a8voJOcSdXEbSQ9S6+wl/cdWMlg5MAVj0RfC6MkvFo29mnexOdw7/VQFau8GWJzorsFPhohdc+atFsh98Xd48WOaiPDydmiYHVjuv6Z/yKj7CWyFMgWcc8OpZzyFmYQo9pMKePG9tBC8SGD+F1OubwgPKka9rQKvg6zsqae5OSypfNPm2M X-Microsoft-Antispam-PRVS: <CY1PR12MB01523B44A7334DCB5E9ABFA5E5FC0@CY1PR12MB0152.namprd12.prod.outlook.com> X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(5005006)(8121501046)(3002001)(93006095)(93001095)(10201501046)(3231101)(2400082)(944501161)(6055026)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(20161123564045)(20161123560045)(6072148)(201708071742011); SRVR:CY1PR12MB0152; BCL:0; PCL:0; RULEID:; SRVR:CY1PR12MB0152; X-Forefront-PRVS: 0576145E86 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39860400002)(366004)(39380400002)(346002)(396003)(376002)(199004)(189003)(50226002)(68736007)(8666007)(51416003)(6916009)(7696005)(16526019)(1076002)(50466002)(6486002)(53416004)(7736002)(305945005)(53936002)(8656006)(8936002)(8676002)(7416002)(86362001)(4326008)(81156014)(81166006)(52116002)(6666003)(2950100002)(478600001)(2351001)(66066001)(16586007)(2906002)(54906003)(5660300001)(106356001)(2361001)(47776003)(48376002)(105586002)(3846002)(6116002)(36756003)(386003)(316002)(39060400002)(26005)(97736004)(186003)(76176011)(25786009); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0152; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR12MB0152; 23:MiiKdfg1D6I6goKBC8OAuvSjW2SNv0sbSS3J8dM9j?= zRyODXj+xCdd7PwOhJU0epYRazidMxvSHrHzltm/geDe+OUZOyN0IhlXacJNgERdO/yty56pOWt3ca3meBDDiYUp6TLxKFTuwBOxyNvIPi17DdlbfNLGrtEEgccm0Otwq3HCjRBf7CI7qr0WiGfSjv5hIIbMNTV6EEDwiMr1smUT6D3CWYYHnJh5sDAoh112Nb7N8LEfC9LnN/letcaNFWLr3L8Jgo+/vY+VlsKNObboGIN7xJUyqJ8MVmJj21tKp47LsNVXg770Bu4PnxUn9Jc1E6x5j3FcZ6qtVR2QQ9la/Kh+wJOF5kpJtbBZYYTlCCh07hA1ALtKqauzhXcAWNi7IBgQCjQ7Vynyo3EtTbqRDKiKjou39iFzie7wLwzibq+Nm5360LIEkRmahK82GSmGUSpz6WPZFEFwmSV651Sjfl5QlVLzb6uaT5iMeqGM4k6OuJbkN2Yep1rjXACCn+e0qOn9Q94IBQGCH53VcWL7NF40f7l1QYhb0EUbs1Fh1NmaCNkz+qaXPHUhBZR4WyxYKGPzEjCgd9UViEKQbtElZWrL1NtzVJbmAfEKo1p+p4JPPW9UOn/AHGxX68sM4ZpHKTXTOWaA4FTMmteWspbAfu+sImMBPw9q58bnk1nWac9u4HRtOx61mgcnHGQ/8l+BZ1c72nVWeoRdXWs42SxQpUNk3ntSnvK5pwNRzi/T0+PLWtxKAY6/v7oYW6UuZS2YxipFgc+HK+ITVpl9kjdlWt+H+A5JJhK6dw3ufyE5ioU0cTLJcezlMtGzPqfK86zuurb1R9m9Z/4X37FrgHVMjLAYTwSt/lxjinehDhw5BuklZiBuSSo3hs6QuncZ+XplsWNGPb6YqE8RsjeW92/Ju8LtxYlZbdu8l2xqnU+uOc4nhNeVA94W+bMipuRZZ/YLLiMQn1cRC/sis92BeNlnG9h4/R2DD1/h41LlAqEAxJiSd+h5fgij/HGHTLmuAQ9m55BrTc67PF33Q4ifgbQm/NHVDqzTiKEcBYuk0QV21mSIv9MtD7VZRbq/HJLGaqalI2h+l/IG+l0/YhyTLIyoQd61mhNbvghQYVwvqjO0fGZGiGz8QVXltYCBgSj1bHC6nd15YkchX9NIvHAadmnra3Bjjti//TsSzdLvt6Rfzv8H3UhjHxYXdo33aXNSjQU8Jvoylr0EMqgMA+Xihjk9/oHzvWnlIUCuyj5+a4f+zRUh7otvIkxzOo+68rKUo5v X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 6:bMi6AtXT/qmHqAYz6PaFVy7e+fpCaMJbwA6K4npGIeOBLR0FUOuiH0b4L9woqGKz0iYEvUapH67JmGqKarDoNKok5t/yQAGxiK14C7BkaqwYrNpGdPCFkIWv7kvrVMq0fJbJTNgfPJmzyVKtcqbEBePrmYmmRL21R0nINHMtniRl0hLMvhMn3Ssay+7FfjQSpQj491zboNsgRy7phW2Y0h2KF/J6ZBT6pvuwamFx+qbngOmRSufDB8H2BF7lQX7tYAX4RodHRLZyZFmHofVjL7sa59t/nfLTthYRUqp3UOIzxC6m8zkRzOwF+7crQkgMWu8ujiWG75cohKalzAKCl4FyF1QGM8UL5q2Khv+h/C0=; 5:rti4b7Zv5WUHnniWePn5myli0ogOkCPz0uY/esxJK/Q2xMkPhtkkDUHi2E9lgawoYX7czOVNEWpOIYgfIoI3/7UhxD9Ms+xlsQiJCaN2rnJNW3Nrm65UWsEJ7KszBKmvV/QAz/wFGFB5AxBb/P8PLZP23rJrNHJIsmQfiFeX8ps=; 24:/TlnggnJyUPBtivGxESdVyYiELM1UAl4iCiZcpOi4RBiAnUC7em0Emkv1DB+ygy5jDtwCDzbsszrkTpunDCFgJPaToyTyeY90vUo5ao9nAA=; 7:15ie+CCs4jy+PElAzhvrB9F9ifazjlQIOTUOmQFOoxz7dxgHRZVy7WoAy+2YtD+qJBTSgdGDS/3Weo9jtYy2H87/Z0WI8H3KJ/DzDTkV3uMDmaaJNYyqaEtzDlFbQjdtXrWWJRNRklRnnrEvOwerKhu/EvmuaZCOqtXsqQfq1N8Ulmrie9eK8/Xt0R+Emwnjwvca8PLHvvahZMD2CpqKY5zA8uXCf8rl6uaJ2wMaxjd6UHR2QcNQ+dVZKmG9ajtJ SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0152; 20:w4xO3+ecERbQnXgDq9P96zh8wbcFEDROVdzAKzew2zFE3ezTTAni+YFTfMVzYpkiQFOetyMmxJZ9gyZZZsuIDEWjR5uNWD5EVeL7WOIXGiXnlWVG4jbbWGrSKQwbjm7I9UbY4gCDGqkWMXQI4d9YWu0lzTLdDA7iM5TYvaphWsznI2ggPWku/rPORmHfIh1WaIAEwmKGCD1raFfn6aA1vY607iy4OL+GR0CJ6IAFsy1iusiXUNl3FbKTkGO76mWc X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Feb 2018 16:07:14.0250 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1322c64e-7de5-41a8-8974-08d56e44dae3 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0152 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.38.71 Subject: [Qemu-devel] [PATCH v7 11/26] sev: register the guest memory range which may contain encrypted data X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: <qemu-devel.nongnu.org> List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>, <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe> List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/> List-Post: <mailto:qemu-devel@nongnu.org> List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help> List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>, <mailto:qemu-devel-request@nongnu.org?subject=subscribe> Cc: "Edgar E. Iglesias" <edgar.iglesias@xilinx.com>, Peter Maydell <peter.maydell@linaro.org>, Eduardo Habkost <ehabkost@redhat.com>, kvm@vger.kernel.org, "Michael S. Tsirkin" <mst@redhat.com>, Marcel Apfelbaum <marcel@redhat.com>, Markus Armbruster <armbru@redhat.com>, Peter Crosthwaite <crosthwaite.peter@gmail.com>, Richard Henderson <richard.henderson@linaro.org>, "Dr. David Alan Gilbert" <dgilbert@redhat.com>, Alistair Francis <alistair.francis@xilinx.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Brijesh Singh <brijesh.singh@amd.com>, Stefan Hajnoczi <stefanha@gmail.com>, Cornelia Huck <cornelia.huck@de.ibm.com>, Paolo Bonzini <pbonzini@redhat.com>, Thomas Lendacky <Thomas.Lendacky@amd.com>, Borislav Petkov <bp@suse.de> Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> |
Series |
[v7,01/26] memattrs: add debug attribute
|
expand
|
diff --git a/accel/kvm/sev.c b/accel/kvm/sev.c index d5fd975792b8..2c4bbba3c367 100644 --- a/accel/kvm/sev.c +++ b/accel/kvm/sev.c @@ -86,6 +86,45 @@ fw_error_to_str(int code) return sev_fw_errlist[code]; } +static void +sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size) +{ + int r; + struct kvm_enc_region range; + + range.addr = (__u64)host; + range.size = size; + + trace_kvm_memcrypt_register_region(host, size); + r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_REG_REGION, &range); + if (r) { + error_report("%s: failed to register region (%p+%#lx)", + __func__, host, size); + } +} + +static void +sev_ram_block_removed(RAMBlockNotifier *n, void *host, size_t size) +{ + int r; + struct kvm_enc_region range; + + range.addr = (__u64)host; + range.size = size; + + trace_kvm_memcrypt_unregister_region(host, size); + r = kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_UNREG_REGION, &range); + if (r) { + error_report("%s: failed to unregister region (%p+%#lx)", + __func__, host, size); + } +} + +static struct RAMBlockNotifier sev_ram_notifier = { + .ram_block_added = sev_ram_block_added, + .ram_block_removed = sev_ram_block_removed, +}; + static void qsev_guest_finalize(Object *obj) { @@ -360,6 +399,8 @@ sev_guest_init(const char *id) } sev_active = true; + ram_block_notifier_add(&sev_ram_notifier); + return s; err: g_free(s); diff --git a/accel/kvm/trace-events b/accel/kvm/trace-events index ea487e5a5913..364c84bd7a73 100644 --- a/accel/kvm/trace-events +++ b/accel/kvm/trace-events @@ -15,3 +15,5 @@ kvm_irqchip_release_virq(int virq) "virq %d" # sev.c kvm_sev_init(void) "" +kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu" +kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu"
When SEV is enabled, the hardware encryption engine uses a tweak such that the two identical plaintext at different location will have a different ciphertexts. So swapping or moving a ciphertexts of two guest pages will not result in plaintexts being swapped. Hence relocating a physical backing pages of the SEV guest will require some additional steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be used to register/unregister the guest memory region which may contain the encrypted data. KVM driver will internally handle the relocating physical backing pages of registered memory regions. Cc: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- accel/kvm/sev.c | 41 +++++++++++++++++++++++++++++++++++++++++ accel/kvm/trace-events | 2 ++ 2 files changed, 43 insertions(+)