^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) ======================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) Secure Encrypted Virtualization (SEV)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) ======================================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) Overview
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) ========
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) SEV is an extension to the AMD-V architecture which supports running
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) virtual machines (VMs) under the control of a hypervisor. When enabled,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) the memory contents of a VM will be transparently encrypted with a key
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) unique to that VM.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) The hypervisor can determine the SEV support through the CPUID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) instruction. The CPUID function 0x8000001f reports information related
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) to SEV::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) 0x8000001f[eax]:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20) Bit[1] indicates support for SEV
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) ...
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) [ecx]:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) Bits[31:0] Number of encrypted guests supported simultaneously
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) If support for SEV is present, MSR 0xc001_0010 (MSR_K8_SYSCFG) and MSR 0xc001_0015
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) (MSR_K7_HWCR) can be used to determine if it can be enabled::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) 0xc001_0010:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) Bit[23] 1 = memory encryption can be enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) 0 = memory encryption can not be enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) 0xc001_0015:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) Bit[0] 1 = memory encryption can be enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) 0 = memory encryption can not be enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) When SEV support is available, it can be enabled in a specific VM by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) setting the SEV bit before executing VMRUN.::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) VMCB[0x90]:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) Bit[1] 1 = SEV is enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) 0 = SEV is disabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) SEV hardware uses ASIDs to associate a memory encryption key with a VM.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) Hence, the ASID for the SEV-enabled guests must be from 1 to a maximum value
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) defined in the CPUID 0x8000001f[ecx] field.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) SEV Key Management
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) ==================
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) The SEV guest key management is handled by a separate processor called the AMD
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) Secure Processor (AMD-SP). Firmware running inside the AMD-SP provides a secure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) key management interface to perform common hypervisor activities such as
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) encrypting bootstrap code, snapshot, migrating and debugging the guest. For more
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) information, see the SEV Key Management spec [api-spec]_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) The main ioctl to access SEV is KVM_MEMORY_ENCRYPT_OP. If the argument
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) to KVM_MEMORY_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) and ``ENOTTY` if it is disabled (on some older versions of Linux,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) the ioctl runs normally even with a NULL argument, and therefore will
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) likely return ``EFAULT``). If non-NULL, the argument to KVM_MEMORY_ENCRYPT_OP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) must be a struct kvm_sev_cmd::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) struct kvm_sev_cmd {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) __u32 id;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) __u64 data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) __u32 error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) __u32 sev_fd;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) The ``id`` field contains the subcommand, and the ``data`` field points to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) another struct containing arguments specific to command. The ``sev_fd``
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) should point to a file descriptor that is opened on the ``/dev/sev``
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) device, if needed (see individual commands).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) On output, ``error`` is zero on success, or an error code. Error codes
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) are defined in ``<linux/psp-dev.h>``.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) KVM implements the following commands to support common lifecycle events of SEV
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) guests, such as launching, running, snapshotting, migrating and decommissioning.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) 1. KVM_SEV_INIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) ---------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) The KVM_SEV_INIT command is used by the hypervisor to initialize the SEV platform
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) context. In a typical workflow, this command should be the first command issued.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) 2. KVM_SEV_LAUNCH_START
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) -----------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) The KVM_SEV_LAUNCH_START command is used for creating the memory encryption
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) context. To create the encryption context, user must provide a guest policy,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) the owner's public Diffie-Hellman (PDH) key and session information.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97) Parameters: struct kvm_sev_launch_start (in/out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) struct kvm_sev_launch_start {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) __u32 handle; /* if zero then firmware creates a new handle */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) __u32 policy; /* guest's policy */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) __u64 dh_uaddr; /* userspace address pointing to the guest owner's PDH key */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) __u32 dh_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) __u64 session_addr; /* userspace address which points to the guest session information */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) __u32 session_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) On success, the 'handle' field contains a new handle and on error, a negative value.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) KVM_SEV_LAUNCH_START requires the ``sev_fd`` field to be valid.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) For more details, see SEV spec Section 6.2.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 3. KVM_SEV_LAUNCH_UPDATE_DATA
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) -----------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) The KVM_SEV_LAUNCH_UPDATE_DATA is used for encrypting a memory region. It also
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) calculates a measurement of the memory contents. The measurement is a signature
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) of the memory contents that can be sent to the guest owner as an attestation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) that the memory was encrypted correctly by the firmware.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) Parameters (in): struct kvm_sev_launch_update_data
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) struct kvm_sev_launch_update {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) __u64 uaddr; /* userspace address to be encrypted (must be 16-byte aligned) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) __u32 len; /* length of the data to be encrypted (must be 16-byte aligned) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) For more details, see SEV spec Section 6.3.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 4. KVM_SEV_LAUNCH_MEASURE
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) -------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) The KVM_SEV_LAUNCH_MEASURE command is used to retrieve the measurement of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) data encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) wait to provide the guest with confidential information until it can verify the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) measurement. Since the guest owner knows the initial contents of the guest at
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) boot, the measurement can be verified by comparing it to what the guest owner
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) expects.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) Parameters (in): struct kvm_sev_launch_measure
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) struct kvm_sev_launch_measure {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) __u64 uaddr; /* where to copy the measurement */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) __u32 len; /* length of measurement blob */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) For more details on the measurement verification flow, see SEV spec Section 6.4.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 5. KVM_SEV_LAUNCH_FINISH
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) ------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) After completion of the launch flow, the KVM_SEV_LAUNCH_FINISH command can be
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) issued to make the guest ready for the execution.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 6. KVM_SEV_GUEST_STATUS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) -----------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) The KVM_SEV_GUEST_STATUS command is used to retrieve status information about a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) SEV-enabled guest.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) Parameters (out): struct kvm_sev_guest_status
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) struct kvm_sev_guest_status {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) __u32 handle; /* guest handle */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) __u32 policy; /* guest policy */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) __u8 state; /* guest state (see enum below) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) SEV guest state:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) enum {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) SEV_STATE_INVALID = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) SEV_STATE_LAUNCHING, /* guest is currently being launched */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) SEV_STATE_SECRET, /* guest is being launched and ready to accept the ciphertext data */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) SEV_STATE_RUNNING, /* guest is fully launched and running */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) SEV_STATE_RECEIVING, /* guest is being migrated in from another SEV machine */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) SEV_STATE_SENDING /* guest is getting migrated out to another SEV machine */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) 7. KVM_SEV_DBG_DECRYPT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) ----------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) The KVM_SEV_DEBUG_DECRYPT command can be used by the hypervisor to request the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) firmware to decrypt the data at the given memory region.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) Parameters (in): struct kvm_sev_dbg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) struct kvm_sev_dbg {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) __u64 src_uaddr; /* userspace address of data to decrypt */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) __u64 dst_uaddr; /* userspace address of destination */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) __u32 len; /* length of memory region to decrypt */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) The command returns an error if the guest policy does not allow debugging.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 8. KVM_SEV_DBG_ENCRYPT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) ----------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) The KVM_SEV_DEBUG_ENCRYPT command can be used by the hypervisor to request the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) firmware to encrypt the data at the given memory region.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) Parameters (in): struct kvm_sev_dbg
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) struct kvm_sev_dbg {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) __u64 src_uaddr; /* userspace address of data to encrypt */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) __u64 dst_uaddr; /* userspace address of destination */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) __u32 len; /* length of memory region to encrypt */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) The command returns an error if the guest policy does not allow debugging.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 9. KVM_SEV_LAUNCH_SECRET
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) ------------------------
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) The KVM_SEV_LAUNCH_SECRET command can be used by the hypervisor to inject secret
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) data after the measurement has been validated by the guest owner.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) Parameters (in): struct kvm_sev_launch_secret
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) Returns: 0 on success, -negative on error
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) ::
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) struct kvm_sev_launch_secret {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) __u64 hdr_uaddr; /* userspace address containing the packet header */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) __u32 hdr_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) __u64 guest_uaddr; /* the guest memory region where the secret should be injected */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) __u32 guest_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) __u64 trans_uaddr; /* the hypervisor memory region which contains the secret */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) __u32 trans_len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) References
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) ==========
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) See [white-paper]_, [api-spec]_, [amd-apm]_ and [kvm-forum]_ for more info.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) .. [white-paper] http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) .. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) .. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) .. [kvm-forum] https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags