From nobody Mon Feb 9 15:10:28 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1520441760853786.6148821363386; Wed, 7 Mar 2018 08:56:00 -0800 (PST) Received: from localhost ([::1]:34362 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1etcMB-0000CY-Tc for importer@patchew.org; Wed, 07 Mar 2018 11:55:59 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50228) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1etcHb-0004di-AC for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:16 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1etcHX-0008ED-Cf for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:15 -0500 Received: from mail-bl2nam02on0050.outbound.protection.outlook.com ([104.47.38.50]:40768 helo=NAM02-BL2-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1etcHX-0008Cd-77 for qemu-devel@nongnu.org; Wed, 07 Mar 2018 11:51:11 -0500 Received: from wsp141597wss.amd.com (165.204.78.1) by SN1PR12MB0158.namprd12.prod.outlook.com (2a01:111:e400:5144::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Wed, 7 Mar 2018 16:51:07 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=K0rG+9OhEX2pAYXJhYpkvMIzreLnbL1Kngbvv5Wp/bM=; b=ron7A6EA+ujETSMjbJyX7l72tmIqwYVxzZiORKuiTFU8xLcLOQPCIjqrV2/0NuzueOV4AKBFQyLYO3TQ5QbrP7QWLUxPWmZOAg5JExqnwv7/HFARrfdQi9s7zly5V1TzC1oeTKU/y0mE2sF+K2vjQuJwiCFFfnPYZ9ZvdIXyvP8= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; From: Brijesh Singh To: qemu-devel@nongnu.org Date: Wed, 7 Mar 2018 10:50:17 -0600 Message-Id: <20180307165038.88640-8-brijesh.singh@amd.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180307165038.88640-1-brijesh.singh@amd.com> References: <20180307165038.88640-1-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.78.1] X-ClientProxiedBy: SN4PR0501CA0095.namprd05.prod.outlook.com (2603:10b6:803:22::33) To SN1PR12MB0158.namprd12.prod.outlook.com (2a01:111:e400:5144::17) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 74747014-e8a2-4bf8-9f4a-08d5844b9fb9 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(48565401081)(5600026)(4604075)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:SN1PR12MB0158; X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 3:l0QKRExFBRRlRhskn8EeB4v5WGp+bZn6JyPzi9VvWMUsMrkayajm7EJsVIbv0EVeb8vSqXTXyzgQxOBLksLIFqHs4Uim2Ln8CvCNWZB/XKe7Rxn7c3EUPMIZ8ULhgpA8pn8AraYaZCl5b6g4ZNPrHfMkcG9MqTTZrNW5YYfQh+N5Ca0XEGuJfRYg8KJnVvM5m5dQwa/oy2OS2KGGJTxPvyvIhB3th2LMTwEH7tEpXhKfvLvaodKY5YRIry3GsI5G; 25:IfDQxveYnY/8PX5UvXetvcfOhI0Jv36R3MMk2SlxclDJmeg1DtXQ/fpPgPRmoSKqbHNDlb1iU5r29aE/TLoMJmpCjUeTnkdoMUJEUhhK6C6+/FcHquExCc6whaOnFylx6nSGgzVB7zcF1GIegaSR1PqHBXzjVjASMzyQZV3JDQh915rT20bKM/RxoXDJ/+k1R0St7cZ3nOmSHnVmIpX9Gye0IGvSM+AQY5uIRA8m+JrqOeW+K5g7eSRNS7eRkVuRDKJ9AoD4KMoB79EtmHY99uDlCzXLd/xwtNpuf0wAtd2fDaQf8dMu74biULiKZTPEB1Igk3oha9gCo/5eQFDCWw==; 31:xw5Q0P0pQw6gBzOZe3WOefBXvm95pCcrcOtL597C4a+pA5yIS59scMnQWOnyuxXbZHvmM1krCcMilXWMFPpm1QMvRR8hAHwKR5uP5zQSG1RhKzgwOe13pEMn7Q3/VuUMaF9easZuBi3pjrLyl5QtNMoq5YCrYCQvEqyZvniZuN0PFihRQISQR1fnJvcmMRznKOmFY5zzaxyBWfnVErQ8AFzKMNP9uvvwB1w0+aPd8Qo= X-MS-TrafficTypeDiagnostic: SN1PR12MB0158: X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:jI58qJ+iLF2M8ZuhiFbQ5iW7JucvsdQfo6xp/hOdFO68LeVBHOt08jsGV0QQBeNVeUpPCQcGd/rhVxz8sHq1jZroBVESmeSzidKXIGip7SLIZP1okfeYAvy9eRED5/xTdvtuq0SsyWDMoQTsErPYoIpAaAolQlWI74Awze5eDGe1owfLsU6OcwT63FcXcCOX3G4OAwNNhN6WZHNrtsbn92IZ8oewAae8dUWz9HRGssbfSDF6yC/y0+f56EvSNgCeyJ7JCdMeNUFLHJmIUSCowqEyPULPAf8+235TOtr+WzDcjfueNmZX64PABJKlPj3QashAFUZ7CiIWBoZ+cNi4x1HcUC3DJJPi7tJVt5AHqCsatHIUF8soGlilkJsCueRWDlTG6wo84qqNwCLHLTHhSjkF3x9jovC52thiHp2RTZE3E0ednYL9pBX7Ar0GdXz92pajWWG7nEZhGJKvJgb614RjkDQk31f648t91B7G/ItsOVHc14guStCliLWHLwff; 4:j1xqcF6Us8cFl5NA2cR1otYtiRZEKgTtRRkKEIJZsLBGyygS5tTNQoKrv3eRpqjb0NniyDh450gjtdpvM1FLNDoxIfv9LLrsmDsrZZzgul9GSpJhXa4xyD7tymlDgLKu0tVJmAzTwPboVGHueO5i7rU/t3Z/A/KCH73YqRAAzlRRJ4d1by5Z7FQC4s0B1z+FULyjjFDisWIafdKC8St1pP/rHNyW2UxTn51Q/1e53s4ZCwVIiEsnGVSzbMRLBJTCBpUPZClkBxSKH0VMA/5CSQqnUHcXBQ5UXsBny9tn1/sVAoW6/D2p2ovlIis5h9jY X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3231220)(944501244)(52105095)(3002001)(6055026)(6041288)(20161123562045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123560045)(6072148)(201708071742011); SRVR:SN1PR12MB0158; BCL:0; PCL:0; RULEID:; SRVR:SN1PR12MB0158; X-Forefront-PRVS: 0604AFA86B X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39380400002)(39860400002)(376002)(346002)(396003)(366004)(189003)(199004)(53936002)(6306002)(8666007)(2950100002)(6486002)(6666003)(6916009)(53416004)(3846002)(1076002)(6116002)(4326008)(54906003)(8656006)(2906002)(25786009)(59450400001)(386003)(1720100001)(68736007)(478600001)(966005)(48376002)(50466002)(105586002)(2361001)(2351001)(86362001)(66066001)(106356001)(47776003)(186003)(16526019)(51416003)(76176011)(52116002)(7696005)(26005)(16586007)(316002)(50226002)(8936002)(8676002)(81156014)(81166006)(36756003)(7416002)(97736004)(305945005)(7736002)(39060400002)(5660300001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR12MB0158; H:wsp141597wss.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR12MB0158; 23:v358c2cWQuCEqUELk4vvqxbmBNO0RtgFB8wWD4oCX?= =?us-ascii?Q?pZ7NzEz+HC6KRjH/ElRDs/tYNlZs5IJ8BeuQqa5nz5UeT5GSpQn0myqZEbFL?= =?us-ascii?Q?83qmWkzbdDCBp0zKvpT3YnKAz8IS+O+mQKRp9iCZIJtwlhbvE5UgTKjTjimP?= =?us-ascii?Q?XXwRa8oUsZ6+HDFp18VvE+WIWktsR9osd25JIpdtHEAqEWMl0BhozrXiHqPz?= =?us-ascii?Q?4Q53cogfiQ4f8XGfDsjD/9sMO16FOfjDR/U4XTWUZeoftscIQQKSd3R6Uz3l?= =?us-ascii?Q?YEcEvg3rYwtKvBdFwGjmqtRAoqwToLOpkEw/1ss551cPLGyZCSbvyFFHZLrl?= =?us-ascii?Q?5FX8tfGmlAdF81VPNnP4OfrC4StubPTkyquHc6w4JwAQYFTtoiXiYigdsln2?= =?us-ascii?Q?/qMLugD7aTHh37jzlSlNKOYv3Nfxtn6YTqMlwZQ5mUoDi8AGXnIkeR6+Bku9?= =?us-ascii?Q?iMAwXOgUA4OR18LG/K3PCPAkgmBeovVouOKjkNvUqCWrWfAf5BtFtSszKgCh?= =?us-ascii?Q?caSS2EJ7Vd2x3RTNZ36CHNSuh+McY4/SRCkSMrylyxkB7UfXbSnz9o8MyRzA?= =?us-ascii?Q?sakolqCB+qF6sb82gn3VVjaSkDfLAqrZIkxmODDuGSNOdwB03D/7Hf0oC1cM?= =?us-ascii?Q?4EW3mebTQZvgHl159nCoWZn2eFy7xN2V0inXMQyCQXfoc2ZF7M5mi0LJRF/h?= =?us-ascii?Q?yVk35red4226dv2SpUtNCBGqhyPbf+Y5YYzT8HQ3jgYq8scDE/AuUa5l57p1?= =?us-ascii?Q?lEVeBg6jQRGIcDLL2Lh2oXhOyPPtWzYzAjJIp6SO72iw8+OwxFZAoouI6ajf?= =?us-ascii?Q?r8gU8hMfyFlzU+0ZHmCFmYAoNbxYDD1zGFxrE89sReUSncpzpSjadZ7bQclJ?= =?us-ascii?Q?OTOuaMkXagCTse3d5DmvmXw7e6u3UHdwp0Za8owbADwKKwcKQFuUJyFbkiUt?= =?us-ascii?Q?oHtaP6f5/hzsznHXJrYbya7TfitCZ1kQexBK2jpW+Scno21O/Yv3gOCE9Xuw?= =?us-ascii?Q?MARarCzvBLAzU7fPuvrVjnkZHmMP1Rgadgy+mTFtJ2ZRmD9fqFSwschwZZ2s?= =?us-ascii?Q?HQKjp9YjHcdlMFV2x1NCd3Gs+GUChtMhjN9yPaMW3cVkCb8/4HSkd8PQ7fPD?= =?us-ascii?Q?iinbq70zq9WHaFZ7FWtuZHJoG2kPdQkqLfJ+mCJSMLC3y4f/OkMsh9lF9DOG?= =?us-ascii?Q?8EqQqNGACYxPIpszOHvIMvzFa+mw4+ZX2jRw6AgF1L5T2k0+f232cVcCftcT?= =?us-ascii?Q?3EzvmObXPP1GcBcnfXaGXvcQjpT4puwlt/zpvzRW80Xfw88JWsg6b7uGltg7?= =?us-ascii?Q?lFMQ9+eI+x+Uqm5d0ytHe2sY+F4194TyXLdn2L2Ij7ZoBMK4iBrPR/BR3KMf?= =?us-ascii?Q?WF65A=3D=3D?= X-Microsoft-Antispam-Message-Info: zh+Xb4PQCcyGAoJ7B0AFGTvBKIBkjMtlJQ6rirSeqvrrvQF9zEOhZLlLhg01Gtj5dqQiJcHSk+28dg0mqifp7x7FdhuaeHt6wAOhuj3ZUL6Xr/G6lFM5+deF7YD4AqhEXg0MzOWbFof0zHyw79UZigzBHnOqjpIwKX6+d3OAi/LQL8Pd3ODG+wIWCXS7B33I X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 6:5tA8E5ZeFY0kV2WKH7Na0wupqNLxdK+XrjLj78P+VqDTeF8QLnBbztciyvFvXqLAPsCz9GqlhD1Cn53A6bcvRp6yNuq8PNexccRfqk1ldRd8NRTAy0bZ6sp72wsw/U0gVw/ex+Dw5HjWurnoPUIH6s1z0pqooV8bbFzyAYo9Hg3eb8yiqGyv6d2XdkbfSDh/iRhAvuO7B1dssEzPRsTFUjv9u1jd7TlkHSNQ22ADuVu3/DuYfHOKZXcLaA3ScM6PHl+eWQmYphIj2Nh6LR53r7fBKx3QsfO92QG62ZsJUAcSe4XsQtS5G8CXS/5gzwEdgeqBwhg7ZNZlG2IOFMBqtauiVaAnKMunYWBDA3bSTbw=; 5:KFXbR74aJwJOa7kG9HJvL9zgnKkyj3z38EklLEZ/qTP1NnoFDq4MXY8ZB2K+1QWnFJ1y3mTQgwBzWZfOFR70ibcMZfXMOAgMVZycYNAGHnJ1YAR9qOU9xrLhQH6NSVKpgn/XrJOTbVkL8ZkXaZ2lB4l28cFq7yS+QCZ5681nAPw=; 24:K0b3uL5utlToM/mx4v6Au6o/A/WekfT57fhUWyn+3vXNzkqfNDDwTIusVRlBY+/GrrmjTFFsBAUYaxT5bgjykM4E8lZp4dGXHdCZiiR2OBA=; 7:j3PbYFeaFoD+aTvrEdCltt2WYfQaUqvdJvwJK2jERbfVr+PCgB5hxM7kauiBXveSJkR39ZHNaipZYk73ps7QT7FRx9CE55Tk8yNPgl4bxcfEOsP3mWr/jsTwxWDbKs/uOoBUnXOVakzEIOBzKKrQpCIAWqOD+ag/jhb10u4y7GrIfpQ9cCEMmFT0/gVKjSwKUh04E+IHEeApw3XQo7Zq3nSoVpOJqL/XNwrAT2tilp8W1vYobq1CeWdwXbw8b7vA SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN1PR12MB0158; 20:MLABT3eVPQz2SAife66cupphCDgFkPbEGik6chr1duK2rqaHFZpxOWPW99Ff73RO4Aofbgf1m4rpeGw1q0/wpGsPgx4Lxb7VDlF2MORsz1SOJozk/Lil/xXIQ6vhAWICRRw99Ft+QFvnAfjx04smRgN+MOiy1BtU7tL1R86ZSqrF2cxEqnm5Udg7rFHXC9q4eC7fyqwwOwCaGD63UWOarQAq3E/S+Kh3JUIY9xtRL/1bumNPTbVDufsHyu+OBEGE X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Mar 2018 16:51:07.3855 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 74747014-e8a2-4bf8-9f4a-08d5844b9fb9 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB0158 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 104.47.38.50 Subject: [Qemu-devel] [PATCH v11 07/28] docs: add AMD Secure Encrypted Virtualization (SEV) X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , Brijesh Singh , kvm@vger.kernel.org, "Michael S. Tsirkin" , Stefan Hajnoczi , Alexander Graf , "Edgar E. Iglesias" , Markus Armbruster , Bruce Rogers , Christian Borntraeger , Marcel Apfelbaum , Borislav Petkov , Thomas Lendacky , Eduardo Habkost , Richard Henderson , "Dr. David Alan Gilbert" , Alistair Francis , Cornelia Huck , Peter Crosthwaite , Paolo Bonzini Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Create a documentation entry to describe the AMD Secure Encrypted Virtualization (SEV) feature. Cc: Paolo Bonzini Signed-off-by: Brijesh Singh --- docs/amd-memory-encryption.txt | 92 ++++++++++++++++++++++++++++++++++++++= ++++ 1 file changed, 92 insertions(+) create mode 100644 docs/amd-memory-encryption.txt diff --git a/docs/amd-memory-encryption.txt b/docs/amd-memory-encryption.txt new file mode 100644 index 000000000000..72a92b6c6353 --- /dev/null +++ b/docs/amd-memory-encryption.txt @@ -0,0 +1,92 @@ +Secure Encrypted Virtualization (SEV) is a feature found on AMD processors. + +SEV is an extension to the AMD-V architecture which supports running encry= pted +virtual machine (VMs) under the control of KVM. Encrypted VMs have their p= ages +(code and data) secured such that only the guest itself has access to the +unencrypted version. Each encrypted VM is associated with a unique encrypt= ion +key; if its data is accessed to a different entity using a different key t= he +encrypted guests data will be incorrectly decrypted, leading to unintellig= ible +data. + +The key management of this feature is handled by separate processor known = as +AMD secure processor (AMD-SP) which is present in AMD SOCs. Firmware runni= ng +inside the AMD-SP provide commands to support common VM lifecycle. This +includes commands for launching, snapshotting, migrating and debugging the +encrypted guest. Those SEV command can be issued via KVM_MEMORY_ENCRYPT_OP +ioctls. + +Launching +--------- +Boot images (such as bios) must be encrypted before guest can be booted. +MEMORY_ENCRYPT_OP ioctl provides commands to encrypt the images :LAUNCH_ST= ART, +LAUNCH_UPDATE_DATA, LAUNCH_MEASURE and LAUNCH_FINISH. These four commands +together generate a fresh memory encryption key for the VM, encrypt the bo= ot +images and provide a measurement than can be used as an attestation of the +successful launch. + +LAUNCH_START is called first to create a cryptographic launch context with= in +the firmware. To create this context, guest owner must provides guest poli= cy, +its public Diffie-Hellman key (PDH) and session parameters. These inputs +should be treated as binary blob and must be passed as-is to the SEV firmw= are. + +The guest policy is passed as plaintext and hypervisor may able to read it +but should not modify it (any modification of the policy bits will result +in bad measurement). The guest policy is a 4-byte data structure containing +several flags that restricts what can be done on running SEV guest. +See KM Spec section 3 and 6.2 for more details. + +Guest owners provided DH certificate and session parameters will be used to +establish a cryptographic session with the guest owner to negotiate keys u= sed +for the attestation. + +LAUNCH_UPDATE_DATA encrypts the memory region using the cryptographic cont= ext +created via LAUNCH_START command. If required, this command can be called +multiple times to encrypt different memory regions. The command also calcu= lates +the measurement of the memory contents as it encrypts. + +LAUNCH_MEASURE command can be used to retrieve the measurement of encrypted +memory. This measurement is a signature of the memory contents that can be +sent to the guest owner as an attestation that the memory was encrypted +correctly by the firmware. The guest owner may wait to provide the guest +confidential information until it can verify the attestation measurement. +Since the guest owner knows the initial contents of the guest at boot, the +attestation measurement can be verified by comparing it to what the guest = owner +expects. + +LAUNCH_FINISH command finalizes the guest launch and destroy's the cryptog= raphic +context. + +See SEV KM API Spec [1] 'Launching a guest' usage flow (Appendix A) for the +complete flow chart. + +Debugging +----------- +Since memory contents of SEV guest is encrypted hence hypervisor access to= the +guest memory will get a cipher text. If guest policy allows debugging, then +hypervisor can use DEBUG_DECRYPT and DEBUG_ENCRYPT commands access the gue= st +memory region for debug purposes. + +Snapshot/Restore +----------------- +TODO + +Live Migration +---------------- +TODO + +References +----------------- + +AMD Memory Encryption whitepaper: +http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_= Encryption_Whitepaper_v7-Public.pdf + +Secure Encrypted Virutualization Key Management: +[1] http://support.amd.com/TechDocs/55766_SEV-KM API_Specification.pdf + +KVM Forum slides: +http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualiz= atoin_Memory_Encryption_Technology.pdf + +AMD64 Architecture Programmer's Manual: + http://support.amd.com/TechDocs/24593.pdf + SME is section 7.10 + SEV is section 15.34 --=20 2.14.3