This RFC series provides support for AMD's new Secure Encrypted Virtualization (SEV) feature. This RFC is based KVM RFC [1].
SEV is an extension to the AMD-V architecture which supports running multiple VMs under the control of a hypervisor. The SEV feature allows the memory contents of a virtual machine (VM) to be transparently encrypted with a key unique to the guest VM. The memory controller contains a high performance encryption engine which can be programmed with multiple keys for use by a different VMs in the system. The programming and management of these keys is handled by the AMD Secure Processor firmware which exposes a commands for these tasks. SEV is designed to protect guest VMs from a benign but vulnerable (i.e. not fully malicious) hypervisor. In particular, it reduces the attack surface of guest VMs and can prevent certain types of VM-escape bugs (e.g. hypervisor read-anywhere) from being used to steal guest data. The KVM RFC introduced a new ioctl (KVM_SEV_ISSUE_CMD) which can be used by qemu to enable SEV for secure guest and assist performing common hypervisor activities such as a launching, running, snapshooting, migration and debugging a guests data. The following links provide additional details: AMD Memory Encryption whitepaper: http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf AMD64 Architecture Programmer's Manual: http://support.amd.com/TechDocs/24593.pdf SME is section 7.10 SEV is section 15.34 Secure Encrypted Virutualization Key Management: http://support.amd.com/TechDocs/55766_SEV-KM API_Spec.pdf KVM Forum slides: http://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf KVM RFC link: [1] http://marc.info/?l=kvm&m=147191038624432&w=2 --- TODO: - send seabios RFC's on seabios mailing list - implement SEV guest migration command support - implement SEV snapshotting command support - virtio support in SEV guest Brijesh Singh (22): exec: add guest RAM read/write ops cpu-common: add debug version of physical memory read/write monitor: use debug version of physical memory read api memattrs: add SEV debug attrs i386: add new option to enable SEV guest sev: add initial SEV support sev: add SEV launch start command sev: add SEV launch update command sev: add SEV launch finish command sev: add SEV debug decrypt command sev: add SEV debug encrypt command sev: add SEV guest status command hmp: update 'info kvm' to display SEV status sev: provide SEV-enabled guest RAM read/write ops i386: sev: register RAM read/write ops for BIOS and PC.RAM region i386: pc: load OS images at fixed location in SEV-enabled guest target-i386: add cpuid Fn8000_001f i386: clear C-bit in SEV guest page table walk exec: set debug attribute in SEV-enabled guest fw_cfg: sev: disable dma in real mode hw: add pre and post system reset callback loader: reload bios image on ROM reset in SEV-enabled guest Makefile.target | 2 disas.c | 2 exec.c | 323 ++++++++++++++++++++----- hmp.c | 14 + hw/core/loader.c | 7 - hw/i386/pc.c | 99 ++++++++ hw/i386/pc_sysfw.c | 6 hw/nvram/fw_cfg.c | 6 include/exec/cpu-common.h | 12 + include/exec/memattrs.h | 4 include/exec/memory.h | 25 ++ include/hw/hw.h | 2 include/sysemu/kvm.h | 10 + include/sysemu/sev.h | 104 ++++++++ kvm-all.c | 6 monitor.c | 2 qapi-schema.json | 4 qemu-options.hx | 6 qmp.c | 1 sev.c | 574 +++++++++++++++++++++++++++++++++++++++++++++ target-i386/cpu.c | 3 target-i386/helper.c | 36 ++- target-i386/monitor.c | 50 +++- vl.c | 74 ++++++ 24 files changed, 1288 insertions(+), 84 deletions(-) create mode 100644 include/sysemu/sev.h create mode 100644 sev.c -- Brijesh Singh
