From nobody Mon Feb 9 16:35:17 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 152044192187526.03450433209298; Wed, 7 Mar 2018 08:58:41 -0800 (PST) Received: from localhost ([::1]:34376 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1etcOm-0002kX-V9 for importer@patchew.org; Wed, 07 Mar 2018 11:58:41 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50321) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1etcHg-0004jt-Vs for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:22 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1etcHd-0008IU-J9 for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:21 -0500 Received: from mail-by2nam03on0062.outbound.protection.outlook.com ([104.47.42.62]:59840 helo=NAM03-BY2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1etcHd-0008Fi-97 for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:17 -0500 Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0158.namprd12.prod.outlook.com (2a01:111:e400:5144::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Wed, 7 Mar 2018 16:51:12 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=2vvaOrA/vkkJcnBdTB5CDVewAIdJ75n1h/0vEM6pdoI=; b=TQ0iSfF2tCZMU8175NJ5mM1Aza45UDlYX+4JeytmBgaleGefhTxb+QtosNl20CnLhoT9wWJHmpfUapY6QxGm+Z+CqNRq9r/6OOoW1ZNwMdJKDd/Ve2hPgt3liEMn9Es+F6LbuK6Q0ckZpGJqodnAMwpXGWHzSJd0I0rz+r2985k= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: qemu-devel@nongnu.org Date: Wed, 7 Mar 2018 10:50:22 -0600 Message-Id: <20180307165038.88640-13-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180307165038.88640-1-brijesh.singh@amd.com> References: <20180307165038.88640-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0095.namprd05.prod.outlook.com (2603:10b6:803:22::33) To SN1PR12MB0158.namprd12.prod.outlook.com (2a01:111:e400:5144::17) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: b07c5a6b-ecfe-4dfd-db66-08d5844ba2e1 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:SN1PR12MB0158; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 3:VnSjrYHTgPkzCIK62PAaQpTp8+lAJ0IblB8IyGFX03Xr7mqJsKRFi/GB7h54KfBHbtk9NWNgct3NBkZ8U4BLt2SfgebWUvfRp2dQdtaOJ+CgDEfAxfuUPHxHT+M510AlYZBSBTFax1FjdULFxB7O6oYCGq63xFErTqqKHFFsSMCxcwRTYpD/NKDAoiGcUf/XWy8BMaZ+XvJinO389uQt4CQ9om5WBfPTJm73Cf8Sr+9ChjADc0V7huyqbxXIqkey; 25:/tS3GgnqeRMVWfMvQMyVDSXLc/BvssE51no+weDTeD0/uQ2fvE8g1FkujkYnYg1Jx2wEDpjeMP2YeH7SbWeR/M38hUz6b16mOMRGCoUH/5v10+F+Sz1Vn1InKHmWIfarGXlCvdlvX4nkfRbtQAqxBoBODnpC2NewJvWCiORUPNkNV058ZqkeAsgz34Pz+6oA7uTkC+LGyUw4B4yXNCxGWFwaL7dT20HSv9Kaf+NOPkABcdFukhnTSvX2qSHaQnrG825yVNh/CC7UixdcI1rieTs64a98+jHOBaoUedG+wHsrQKL4J87cckmGIhTcpIG4k2veCTH2MsKxd1RPxDdxPg==; 31:h6vy/nSsvelhKBeGPY82a++FinXQLJMsvt2RMYBeTZ2nACwK8X8hJ4FyLJ0aWatvGrjz+dTUNqa9DQaGS6qSu4iom1+F20thYpx+9e7go8VyvI/dgRkDteX4eJB8+pJUNzS5H2vkIYooC4/BOBpU7WQsrJNxSDWq7DSIjdxPFctXbhxo1mP4Lkd8zfLtyh4bqACjsCh2zMdZXSnMM/1jXzR9BaeKU+ZvYyexjNYPHss= X-MS-TrafficTypeDiagnostic: SN1PR12MB0158: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:G+310te/stpJNviGZsjYfqufIFzR+OBf1MeGRaFbA+Jf0JnqG4qwgseHlCEbuQ5MK6qUYHLUN8GgQuJE6zxB9yNdPADvQMnUtRr7aqnTcZVwmwlQltSfxZGvDzvX+DoYtRp8bgxKn3dUQTEkcll4Bwrh1Li0NqWTTOurgJ6hwncSVfm22ipzgK6w14+likulPBZ0FYwAMEBQL9PS1I3RV9OnRv0LVldzcvaRuhdaeEWDLbEyHj8bp+RCgvoiOdeUN79xz8fvfgSqiNaJ9rOFwaFA3qVRNRdYj4mkpPSO089WTkL7VF7tgUvDcuC7hFtJsfBOB14Y8KFWIEWwuT5E6ApZdeD2vYK+/vgRnuw3iFjHHp0U9sJKrp6v2p/GQmwHI5hJOJMz1VlNrSfc9GrUbFLq3eqrvjCHaWlzECLFvnV8fgJ1gjBw5i4L8+osiyG084pup4SCc9jSeOro+nh9AVnmlMwEK3i3G8NTX3p7d49GriYXxwtymczVs9p1B5Z2; 4:83pX3NnIA+2cYA8BSH/A0vgopqDKMHKG1AgEJFPC31ZJfeHBKR18XVE991j/Qkn93gnJMcnp+cax0hejLMwnCuTXXoHTjC8MJpTr6Ap+fNS1p7wcoY8VuOpvt10yIUWJt1n0lsvSxu3kCAqLZg/GyoY31HZ2Vf80awb0CAs0z0NsX0uf9q/+u1HaW9u9y+7hInpW2K1yMFkCD07dwLsq9eeOxSTa0cMQyGlHzdCCexV+WHVCD/o1mYNQ2C3d7dEpEwi7QR61jiK1OZi/y0y+6VZ7ofXF0bINt2L+0x09Rj8nAPnUSpYbClepECDzgRtf X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3231220)(944501244)(52105095)(3002001)(6055026)(6041288)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011); SRVR:SN1PR12MB0158; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB0158; X-Forefront-PRVS: 0604AFA86B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(1496009)(39380400002)(39860400002)(376002)(346002)(396003)(366004)(189003)(199004)(53936002)(8666007)(2950100002)(6486002)(6666003)(6916009)(53416004)(3846002)(1076002)(6116002)(4326008)(54906003)(8656006)(2906002)(25786009)(59450400001)(386003)(68736007)(478600001)(48376002)(50466002)(105586002)(2361001)(2351001)(575784001)(86362001)(66066001)(106356001)(47776003)(186003)(16526019)(51416003)(76176011)(52116002)(7696005)(26005)(16586007)(316002)(50226002)(8936002)(8676002)(81156014)(81166006)(36756003)(7416002)(97736004)(305945005)(7736002)(39060400002)(5660300001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0158; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB0158; 23:RAE83q+PahJd+CHBxWvOL/4TxLj8S3yOO0pUdEYA8?= =?us-ascii?Q?6o9XSur1NOA361rhEGL+xFFYeqDLwtHvlwnq9NCc46Z61lWR0HlaPrqFsvzX?= =?us-ascii?Q?9ZS4RTwhrE3pL5c36FaU3oycIhETFv0aXb2pHySNPZLsMsR9LKas31DGFAMp?= =?us-ascii?Q?9AEKyamDco1BL2LrI3bAcBAF94loEzMA+WN79GK/fJXet1hHLittFVfejhVt?= =?us-ascii?Q?W+w+Cc6H017l3wLczksZHhgqOw2HXnKFLb7irXOQYYg8nOkFmSOns1gjfTyF?= =?us-ascii?Q?lAuyupmrvbpLRDTQX7NMbLCpk62+c0KhXiVvwp2b3iRsiMO/qfUM44bZM6lt?= =?us-ascii?Q?+pxgOVCJkc5sQB6KM1O40Q+qsSQO1lDUBv9N7yvzrtJDO18gMcStBbhZxyB9?= =?us-ascii?Q?lZ9LJbcWi0A0zy4X4d5gS9NmML2mHygg15X6XI+YaZDQSDQbWiaL7s3qWNQ6?= =?us-ascii?Q?0XA6HTlUuvS7+ina6TRvyYnPlQzRX6uGtYUvB6x9ysBHZc1JsKJol1XL2I5n?= =?us-ascii?Q?j7tcoQSuU3b/7p6akO0wYnl1TJyX93UctTR1c4VhEAzrAiidR2qHU+4WdD0N?= =?us-ascii?Q?6YNgvaFl+MaMLZJI3TnuL8Bi2vH5EPhWHmYiOtLb32WmL16CC/pzQSCre1HY?= =?us-ascii?Q?RHpV6RjHaDRd9ekofUrQzyzmH/gxgF8jRRZENzaFDySZYyPC5KGhsBZx55Uz?= =?us-ascii?Q?izFb2szoH3YWeqM+4H2rW1uUFaThj5TqOjTPzioTJrT+74KEAE7nO9QF4hw1?= =?us-ascii?Q?F62UFL53B2LLmuRc3OOgKjjdJxEzVh2/vcunVLsh7qWI2HUux4YkyjJmr3vC?= =?us-ascii?Q?eWTgVVh7f81cfQCclDG+FlAVxHyiSQ5tbnGDyl0HOKlJEXKYbM0E8BGrPi6T?= =?us-ascii?Q?T/tO9fBLaWlSB45Fx+eCdC+4Y3Fhb7Codu9/xTjOCzhzg5QOrLaNS1ntf4BN?= =?us-ascii?Q?KKpzDzWy/Jl8IE5/0YsPnt9alKsTCcYvalAqI/WTYYmht5jnxEixpJZ+LCxD?= =?us-ascii?Q?85CoCv8q6wyLNQq1IsmpnlrdcE0i5aocQV+VHNblC81qngI9wfW/MOTEMBcr?= =?us-ascii?Q?ncJD+siEkOR7bhJJfoj8XdE0tib30bw+mtd/s5aGsNbWHfBqZwtw6TMw8rd2?= =?us-ascii?Q?Qeoqq6GvfV7mqMEukGEFGjHGQF4STuXO54mq2mPPW1B1MfLlwS5iN+CETRfh?= =?us-ascii?Q?jPB9fBJkRLp5CY+x58tHlDiUJRzz2znNhl69PQZxnl0/Zl9USn5luuo1G5we?= =?us-ascii?Q?ZorHrcOwuHXN5KM5BTvkuwtsNA9YK8DyDy4RaRdPUcOOJ0PudyihyAmMXGfr?= =?us-ascii?Q?Kph+9/JW11enKSmejS8EiUFckHhUBtm6xGKq58C7p7S?= X-Microsoft-Antispam-Message-Info: aeKEInY+G4qLK8wtV6G6lw6SQSpG+eY+4uZ3BVyPjTcSCt1V++L6zfJnV4ZLMhvINaCq8LefNDSZktk0pRJWt021w89VfaPcLBb/rJHi53GBkoWtBuxhss9Z7fxYiY37tihzcdmB9u7P279ZTN2xkFJNAE9YJmX4NH+4j7GivlqEYsUeFx6WAU2KWYkS0Jzm X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 6:JuQzuBNeG0CN15Nte8+Sn+Peg/ZUprCFOY9zGUA2I4750hOg3L84mheN6aeqzSOP+2mBWNkuQlS3MN3QD83somxvV9UsNmEH6WWHd5h0Phoov/8urb1mTGYNOWFJMQxNcmeUgvfZ0yqxirInYpdkEIv5axZHg+f9MwQ87f4B9A0Hc0lFp4JiD8SkJNka1hPxN7V8FwOQC+5L7y4zD9ZTSHZsXXkpYPPgymMSATrMnbwXsJtpRISDLM3NOpseetw10+x6lBpnlGz/VUGyMsOus4t+1VRTgYSh85bAL4IVYMq9nnvApxbKfNlk03ScaHKJ5Vm7TUHk7OLDFN37RMdzYW09LMBmRCKlZK4sPsIQb/Q=; 5:RTYE6x/+Km4CMdC8o+5nI/XjQUpsb9o7XtsOpAuthWIGW9kC72A90i9gvpsD88joXDGvm2uUsWCTi2k604M0j/HpuWUZrmlb8Wuo3CpbAGNf/SK5RAFpLkzuGhAfJnM8Qs8ygG2PC/fHDKkLIA8eceJO77p1LexOg0L/0a1pegI=; 24:bdbmMRSzARXBY3EeT1liUeG02Ek8lR9F6E1DATaK7ZJ9ovtATUzXypcj1jlQPgxQTNwXaf0GY9QAQ8X56YZ6FT0KBy6d748beHi4uzwr4V8=; 7:NjYpPV1k2tXQSQRpu1VXLLTc3U708MeSUo+ARhBbWSV1lMrIpAA0WjmaE7PC6dIxJftzjiS8DGT9RaC2ebmpe0oIAP6ajEISzZInhBXHu8afdwZ9DW80roQT3CNYh+SCZBjRPGY1YXF4Lroos6egJxYgk0JVcPYnxU+j6ji9le4LcM4br2Wz0euDK71xRt94qWG8q2CQFVDMpZqsS7HWMVbFYqDUYYuKt0K41Z2jlbsS6T9WvJGQPBd0LI0Ggmet SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:e06l8hqDp5iiN8M/odRQOxlbGayWeCmxKw+bTj7mu641CaIXAwPM5I/5rfECsfHrkClfcVCyDgPGCy8NaW6tnECOJ/Of7Rp2lRmS22TKWl1mCbcwNhhOR14Nuh3ZKvod2qYvnJNW9IB8tFIlKpKb9wq+3/R9O3O+N9ZN0zcJEDaYpe2zy1IVDDaiCZjMrMsjVk8Em2Ho2vzKzilzcSVrwxinF6Tc4e5rWYB1KFVbJGSeUUVMCb3jKzkx9bpqRgXd X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Mar 2018 16:51:12.6511 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b07c5a6b-ecfe-4dfd-db66-08d5844ba2e1 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0158 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.42.62 Subject: [Qemu-devel] [PATCH v11 12/28] sev/i386: register the guest memory range which may contain encrypted data X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Richard Henderson , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When SEV is enabled, the hardware encryption engine uses a tweak such that the two identical plaintext at different location will have a different ciphertexts. So swapping or moving a ciphertexts of two guest pages will not result in plaintexts being swapped. Hence relocating a physical backing pages of the SEV guest will require some additional steps in KVM driver. The KVM_MEMORY_ENCRYPT_{UN,}REG_REGION ioctl can be used to register/unregister the guest memory region which may contain the encrypted data. KVM driver will internally handle the relocating physical backing pages of registered memory regions. Cc: Paolo Bonzini Cc: Richard Henderson Cc: Eduardo Habkost Signed-off-by: Brijesh Singh --- target/i386/sev.c | 42 ++++++++++++++++++++++++++++++++++++++++++ target/i386/trace-events | 2 ++ 2 files changed, 44 insertions(+) diff --git a/target/i386/sev.c b/target/i386/sev.c index 2c9fd67eaaec..a17b0c525f9b 100644 --- a/target/i386/sev.c +++ b/target/i386/sev.c @@ -100,6 +100,46 @@ fw_error_to_str(int code) return sev_fw_errlist[code]; } =20 +static void +sev_ram_block_added(RAMBlockNotifier *n, void *host, size_t size) +{ + int r; + struct kvm_enc_region range; + + range.addr =3D (__u64)host; + range.size =3D size; + + trace_kvm_memcrypt_register_region(host, size); + r =3D kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_REG_REGION, &range); + if (r) { + error_report("%s: failed to register region (%p+%#lx) error '%s'", + __func__, host, size, strerror(errno)); + exit(1); + } +} + +static void +sev_ram_block_removed(RAMBlockNotifier *n, void *host, size_t size) +{ + int r; + struct kvm_enc_region range; + + range.addr =3D (__u64)host; + range.size =3D size; + + trace_kvm_memcrypt_unregister_region(host, size); + r =3D kvm_vm_ioctl(kvm_state, KVM_MEMORY_ENCRYPT_UNREG_REGION, &range); + if (r) { + error_report("%s: failed to unregister region (%p+%#lx)", + __func__, host, size); + } +} + +static struct RAMBlockNotifier sev_ram_notifier =3D { + .ram_block_added =3D sev_ram_block_added, + .ram_block_removed =3D sev_ram_block_removed, +}; + static void qsev_guest_finalize(Object *obj) { @@ -431,6 +471,8 @@ sev_guest_init(const char *id) goto err; } =20 + ram_block_notifier_add(&sev_ram_notifier); + return s; err: g_free(sev_state); diff --git a/target/i386/trace-events b/target/i386/trace-events index 797b716751b7..ffa3d2250425 100644 --- a/target/i386/trace-events +++ b/target/i386/trace-events @@ -8,3 +8,5 @@ kvm_x86_update_msi_routes(int num) "Updated %d MSI routes" =20 # target/i386/sev.c kvm_sev_init(void) "" +kvm_memcrypt_register_region(void *addr, size_t len) "addr %p len 0x%lu" +kvm_memcrypt_unregister_region(void *addr, size_t len) "addr %p len 0x%lu" --=20 2.14.3