1*daec8d40SPaolo Bonzini====================================== 2*daec8d40SPaolo BonziniSecure Encrypted Virtualization (SEV) 3*daec8d40SPaolo Bonzini====================================== 4*daec8d40SPaolo Bonzini 5*daec8d40SPaolo BonziniOverview 6*daec8d40SPaolo Bonzini======== 7*daec8d40SPaolo Bonzini 8*daec8d40SPaolo BonziniSecure Encrypted Virtualization (SEV) is a feature found on AMD processors. 9*daec8d40SPaolo Bonzini 10*daec8d40SPaolo BonziniSEV is an extension to the AMD-V architecture which supports running 11*daec8d40SPaolo Bonzinivirtual machines (VMs) under the control of a hypervisor. When enabled, 12*daec8d40SPaolo Bonzinithe memory contents of a VM will be transparently encrypted with a key 13*daec8d40SPaolo Bonziniunique to that VM. 14*daec8d40SPaolo Bonzini 15*daec8d40SPaolo BonziniThe hypervisor can determine the SEV support through the CPUID 16*daec8d40SPaolo Bonziniinstruction. The CPUID function 0x8000001f reports information related 17*daec8d40SPaolo Bonzinito SEV:: 18*daec8d40SPaolo Bonzini 19*daec8d40SPaolo Bonzini 0x8000001f[eax]: 20*daec8d40SPaolo Bonzini Bit[1] indicates support for SEV 21*daec8d40SPaolo Bonzini ... 22*daec8d40SPaolo Bonzini [ecx]: 23*daec8d40SPaolo Bonzini Bits[31:0] Number of encrypted guests supported simultaneously 24*daec8d40SPaolo Bonzini 25*daec8d40SPaolo BonziniIf support for SEV is present, MSR 0xc001_0010 (MSR_AMD64_SYSCFG) and MSR 0xc001_0015 26*daec8d40SPaolo Bonzini(MSR_K7_HWCR) can be used to determine if it can be enabled:: 27*daec8d40SPaolo Bonzini 28*daec8d40SPaolo Bonzini 0xc001_0010: 29*daec8d40SPaolo Bonzini Bit[23] 1 = memory encryption can be enabled 30*daec8d40SPaolo Bonzini 0 = memory encryption can not be enabled 31*daec8d40SPaolo Bonzini 32*daec8d40SPaolo Bonzini 0xc001_0015: 33*daec8d40SPaolo Bonzini Bit[0] 1 = memory encryption can be enabled 34*daec8d40SPaolo Bonzini 0 = memory encryption can not be enabled 35*daec8d40SPaolo Bonzini 36*daec8d40SPaolo BonziniWhen SEV support is available, it can be enabled in a specific VM by 37*daec8d40SPaolo Bonzinisetting the SEV bit before executing VMRUN.:: 38*daec8d40SPaolo Bonzini 39*daec8d40SPaolo Bonzini VMCB[0x90]: 40*daec8d40SPaolo Bonzini Bit[1] 1 = SEV is enabled 41*daec8d40SPaolo Bonzini 0 = SEV is disabled 42*daec8d40SPaolo Bonzini 43*daec8d40SPaolo BonziniSEV hardware uses ASIDs to associate a memory encryption key with a VM. 44*daec8d40SPaolo BonziniHence, the ASID for the SEV-enabled guests must be from 1 to a maximum value 45*daec8d40SPaolo Bonzinidefined in the CPUID 0x8000001f[ecx] field. 46*daec8d40SPaolo Bonzini 47*daec8d40SPaolo BonziniSEV Key Management 48*daec8d40SPaolo Bonzini================== 49*daec8d40SPaolo Bonzini 50*daec8d40SPaolo BonziniThe SEV guest key management is handled by a separate processor called the AMD 51*daec8d40SPaolo BonziniSecure Processor (AMD-SP). Firmware running inside the AMD-SP provides a secure 52*daec8d40SPaolo Bonzinikey management interface to perform common hypervisor activities such as 53*daec8d40SPaolo Bonziniencrypting bootstrap code, snapshot, migrating and debugging the guest. For more 54*daec8d40SPaolo Bonziniinformation, see the SEV Key Management spec [api-spec]_ 55*daec8d40SPaolo Bonzini 56*daec8d40SPaolo BonziniThe main ioctl to access SEV is KVM_MEMORY_ENCRYPT_OP. If the argument 57*daec8d40SPaolo Bonzinito KVM_MEMORY_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled 58*daec8d40SPaolo Bonziniand ``ENOTTY` if it is disabled (on some older versions of Linux, 59*daec8d40SPaolo Bonzinithe ioctl runs normally even with a NULL argument, and therefore will 60*daec8d40SPaolo Bonzinilikely return ``EFAULT``). If non-NULL, the argument to KVM_MEMORY_ENCRYPT_OP 61*daec8d40SPaolo Bonzinimust be a struct kvm_sev_cmd:: 62*daec8d40SPaolo Bonzini 63*daec8d40SPaolo Bonzini struct kvm_sev_cmd { 64*daec8d40SPaolo Bonzini __u32 id; 65*daec8d40SPaolo Bonzini __u64 data; 66*daec8d40SPaolo Bonzini __u32 error; 67*daec8d40SPaolo Bonzini __u32 sev_fd; 68*daec8d40SPaolo Bonzini }; 69*daec8d40SPaolo Bonzini 70*daec8d40SPaolo Bonzini 71*daec8d40SPaolo BonziniThe ``id`` field contains the subcommand, and the ``data`` field points to 72*daec8d40SPaolo Bonzinianother struct containing arguments specific to command. The ``sev_fd`` 73*daec8d40SPaolo Bonzinishould point to a file descriptor that is opened on the ``/dev/sev`` 74*daec8d40SPaolo Bonzinidevice, if needed (see individual commands). 75*daec8d40SPaolo Bonzini 76*daec8d40SPaolo BonziniOn output, ``error`` is zero on success, or an error code. Error codes 77*daec8d40SPaolo Bonziniare defined in ``<linux/psp-dev.h>``. 78*daec8d40SPaolo Bonzini 79*daec8d40SPaolo BonziniKVM implements the following commands to support common lifecycle events of SEV 80*daec8d40SPaolo Bonziniguests, such as launching, running, snapshotting, migrating and decommissioning. 81*daec8d40SPaolo Bonzini 82*daec8d40SPaolo Bonzini1. KVM_SEV_INIT 83*daec8d40SPaolo Bonzini--------------- 84*daec8d40SPaolo Bonzini 85*daec8d40SPaolo BonziniThe KVM_SEV_INIT command is used by the hypervisor to initialize the SEV platform 86*daec8d40SPaolo Bonzinicontext. In a typical workflow, this command should be the first command issued. 87*daec8d40SPaolo Bonzini 88*daec8d40SPaolo BonziniThe firmware can be initialized either by using its own non-volatile storage or 89*daec8d40SPaolo Bonzinithe OS can manage the NV storage for the firmware using the module parameter 90*daec8d40SPaolo Bonzini``init_ex_path``. The file specified by ``init_ex_path`` must exist. To create 91*daec8d40SPaolo Bonzinia new NV storage file allocate the file with 32KB bytes of 0xFF as required by 92*daec8d40SPaolo Bonzinithe SEV spec. 93*daec8d40SPaolo Bonzini 94*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 95*daec8d40SPaolo Bonzini 96*daec8d40SPaolo Bonzini2. KVM_SEV_LAUNCH_START 97*daec8d40SPaolo Bonzini----------------------- 98*daec8d40SPaolo Bonzini 99*daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_START command is used for creating the memory encryption 100*daec8d40SPaolo Bonzinicontext. To create the encryption context, user must provide a guest policy, 101*daec8d40SPaolo Bonzinithe owner's public Diffie-Hellman (PDH) key and session information. 102*daec8d40SPaolo Bonzini 103*daec8d40SPaolo BonziniParameters: struct kvm_sev_launch_start (in/out) 104*daec8d40SPaolo Bonzini 105*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 106*daec8d40SPaolo Bonzini 107*daec8d40SPaolo Bonzini:: 108*daec8d40SPaolo Bonzini 109*daec8d40SPaolo Bonzini struct kvm_sev_launch_start { 110*daec8d40SPaolo Bonzini __u32 handle; /* if zero then firmware creates a new handle */ 111*daec8d40SPaolo Bonzini __u32 policy; /* guest's policy */ 112*daec8d40SPaolo Bonzini 113*daec8d40SPaolo Bonzini __u64 dh_uaddr; /* userspace address pointing to the guest owner's PDH key */ 114*daec8d40SPaolo Bonzini __u32 dh_len; 115*daec8d40SPaolo Bonzini 116*daec8d40SPaolo Bonzini __u64 session_addr; /* userspace address which points to the guest session information */ 117*daec8d40SPaolo Bonzini __u32 session_len; 118*daec8d40SPaolo Bonzini }; 119*daec8d40SPaolo Bonzini 120*daec8d40SPaolo BonziniOn success, the 'handle' field contains a new handle and on error, a negative value. 121*daec8d40SPaolo Bonzini 122*daec8d40SPaolo BonziniKVM_SEV_LAUNCH_START requires the ``sev_fd`` field to be valid. 123*daec8d40SPaolo Bonzini 124*daec8d40SPaolo BonziniFor more details, see SEV spec Section 6.2. 125*daec8d40SPaolo Bonzini 126*daec8d40SPaolo Bonzini3. KVM_SEV_LAUNCH_UPDATE_DATA 127*daec8d40SPaolo Bonzini----------------------------- 128*daec8d40SPaolo Bonzini 129*daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_UPDATE_DATA is used for encrypting a memory region. It also 130*daec8d40SPaolo Bonzinicalculates a measurement of the memory contents. The measurement is a signature 131*daec8d40SPaolo Bonziniof the memory contents that can be sent to the guest owner as an attestation 132*daec8d40SPaolo Bonzinithat the memory was encrypted correctly by the firmware. 133*daec8d40SPaolo Bonzini 134*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_launch_update_data 135*daec8d40SPaolo Bonzini 136*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 137*daec8d40SPaolo Bonzini 138*daec8d40SPaolo Bonzini:: 139*daec8d40SPaolo Bonzini 140*daec8d40SPaolo Bonzini struct kvm_sev_launch_update { 141*daec8d40SPaolo Bonzini __u64 uaddr; /* userspace address to be encrypted (must be 16-byte aligned) */ 142*daec8d40SPaolo Bonzini __u32 len; /* length of the data to be encrypted (must be 16-byte aligned) */ 143*daec8d40SPaolo Bonzini }; 144*daec8d40SPaolo Bonzini 145*daec8d40SPaolo BonziniFor more details, see SEV spec Section 6.3. 146*daec8d40SPaolo Bonzini 147*daec8d40SPaolo Bonzini4. KVM_SEV_LAUNCH_MEASURE 148*daec8d40SPaolo Bonzini------------------------- 149*daec8d40SPaolo Bonzini 150*daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_MEASURE command is used to retrieve the measurement of the 151*daec8d40SPaolo Bonzinidata encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may 152*daec8d40SPaolo Bonziniwait to provide the guest with confidential information until it can verify the 153*daec8d40SPaolo Bonzinimeasurement. Since the guest owner knows the initial contents of the guest at 154*daec8d40SPaolo Bonziniboot, the measurement can be verified by comparing it to what the guest owner 155*daec8d40SPaolo Bonziniexpects. 156*daec8d40SPaolo Bonzini 157*daec8d40SPaolo BonziniIf len is zero on entry, the measurement blob length is written to len and 158*daec8d40SPaolo Bonziniuaddr is unused. 159*daec8d40SPaolo Bonzini 160*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_launch_measure 161*daec8d40SPaolo Bonzini 162*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 163*daec8d40SPaolo Bonzini 164*daec8d40SPaolo Bonzini:: 165*daec8d40SPaolo Bonzini 166*daec8d40SPaolo Bonzini struct kvm_sev_launch_measure { 167*daec8d40SPaolo Bonzini __u64 uaddr; /* where to copy the measurement */ 168*daec8d40SPaolo Bonzini __u32 len; /* length of measurement blob */ 169*daec8d40SPaolo Bonzini }; 170*daec8d40SPaolo Bonzini 171*daec8d40SPaolo BonziniFor more details on the measurement verification flow, see SEV spec Section 6.4. 172*daec8d40SPaolo Bonzini 173*daec8d40SPaolo Bonzini5. KVM_SEV_LAUNCH_FINISH 174*daec8d40SPaolo Bonzini------------------------ 175*daec8d40SPaolo Bonzini 176*daec8d40SPaolo BonziniAfter completion of the launch flow, the KVM_SEV_LAUNCH_FINISH command can be 177*daec8d40SPaolo Bonziniissued to make the guest ready for the execution. 178*daec8d40SPaolo Bonzini 179*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 180*daec8d40SPaolo Bonzini 181*daec8d40SPaolo Bonzini6. KVM_SEV_GUEST_STATUS 182*daec8d40SPaolo Bonzini----------------------- 183*daec8d40SPaolo Bonzini 184*daec8d40SPaolo BonziniThe KVM_SEV_GUEST_STATUS command is used to retrieve status information about a 185*daec8d40SPaolo BonziniSEV-enabled guest. 186*daec8d40SPaolo Bonzini 187*daec8d40SPaolo BonziniParameters (out): struct kvm_sev_guest_status 188*daec8d40SPaolo Bonzini 189*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 190*daec8d40SPaolo Bonzini 191*daec8d40SPaolo Bonzini:: 192*daec8d40SPaolo Bonzini 193*daec8d40SPaolo Bonzini struct kvm_sev_guest_status { 194*daec8d40SPaolo Bonzini __u32 handle; /* guest handle */ 195*daec8d40SPaolo Bonzini __u32 policy; /* guest policy */ 196*daec8d40SPaolo Bonzini __u8 state; /* guest state (see enum below) */ 197*daec8d40SPaolo Bonzini }; 198*daec8d40SPaolo Bonzini 199*daec8d40SPaolo BonziniSEV guest state: 200*daec8d40SPaolo Bonzini 201*daec8d40SPaolo Bonzini:: 202*daec8d40SPaolo Bonzini 203*daec8d40SPaolo Bonzini enum { 204*daec8d40SPaolo Bonzini SEV_STATE_INVALID = 0; 205*daec8d40SPaolo Bonzini SEV_STATE_LAUNCHING, /* guest is currently being launched */ 206*daec8d40SPaolo Bonzini SEV_STATE_SECRET, /* guest is being launched and ready to accept the ciphertext data */ 207*daec8d40SPaolo Bonzini SEV_STATE_RUNNING, /* guest is fully launched and running */ 208*daec8d40SPaolo Bonzini SEV_STATE_RECEIVING, /* guest is being migrated in from another SEV machine */ 209*daec8d40SPaolo Bonzini SEV_STATE_SENDING /* guest is getting migrated out to another SEV machine */ 210*daec8d40SPaolo Bonzini }; 211*daec8d40SPaolo Bonzini 212*daec8d40SPaolo Bonzini7. KVM_SEV_DBG_DECRYPT 213*daec8d40SPaolo Bonzini---------------------- 214*daec8d40SPaolo Bonzini 215*daec8d40SPaolo BonziniThe KVM_SEV_DEBUG_DECRYPT command can be used by the hypervisor to request the 216*daec8d40SPaolo Bonzinifirmware to decrypt the data at the given memory region. 217*daec8d40SPaolo Bonzini 218*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_dbg 219*daec8d40SPaolo Bonzini 220*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 221*daec8d40SPaolo Bonzini 222*daec8d40SPaolo Bonzini:: 223*daec8d40SPaolo Bonzini 224*daec8d40SPaolo Bonzini struct kvm_sev_dbg { 225*daec8d40SPaolo Bonzini __u64 src_uaddr; /* userspace address of data to decrypt */ 226*daec8d40SPaolo Bonzini __u64 dst_uaddr; /* userspace address of destination */ 227*daec8d40SPaolo Bonzini __u32 len; /* length of memory region to decrypt */ 228*daec8d40SPaolo Bonzini }; 229*daec8d40SPaolo Bonzini 230*daec8d40SPaolo BonziniThe command returns an error if the guest policy does not allow debugging. 231*daec8d40SPaolo Bonzini 232*daec8d40SPaolo Bonzini8. KVM_SEV_DBG_ENCRYPT 233*daec8d40SPaolo Bonzini---------------------- 234*daec8d40SPaolo Bonzini 235*daec8d40SPaolo BonziniThe KVM_SEV_DEBUG_ENCRYPT command can be used by the hypervisor to request the 236*daec8d40SPaolo Bonzinifirmware to encrypt the data at the given memory region. 237*daec8d40SPaolo Bonzini 238*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_dbg 239*daec8d40SPaolo Bonzini 240*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 241*daec8d40SPaolo Bonzini 242*daec8d40SPaolo Bonzini:: 243*daec8d40SPaolo Bonzini 244*daec8d40SPaolo Bonzini struct kvm_sev_dbg { 245*daec8d40SPaolo Bonzini __u64 src_uaddr; /* userspace address of data to encrypt */ 246*daec8d40SPaolo Bonzini __u64 dst_uaddr; /* userspace address of destination */ 247*daec8d40SPaolo Bonzini __u32 len; /* length of memory region to encrypt */ 248*daec8d40SPaolo Bonzini }; 249*daec8d40SPaolo Bonzini 250*daec8d40SPaolo BonziniThe command returns an error if the guest policy does not allow debugging. 251*daec8d40SPaolo Bonzini 252*daec8d40SPaolo Bonzini9. KVM_SEV_LAUNCH_SECRET 253*daec8d40SPaolo Bonzini------------------------ 254*daec8d40SPaolo Bonzini 255*daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_SECRET command can be used by the hypervisor to inject secret 256*daec8d40SPaolo Bonzinidata after the measurement has been validated by the guest owner. 257*daec8d40SPaolo Bonzini 258*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_launch_secret 259*daec8d40SPaolo Bonzini 260*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 261*daec8d40SPaolo Bonzini 262*daec8d40SPaolo Bonzini:: 263*daec8d40SPaolo Bonzini 264*daec8d40SPaolo Bonzini struct kvm_sev_launch_secret { 265*daec8d40SPaolo Bonzini __u64 hdr_uaddr; /* userspace address containing the packet header */ 266*daec8d40SPaolo Bonzini __u32 hdr_len; 267*daec8d40SPaolo Bonzini 268*daec8d40SPaolo Bonzini __u64 guest_uaddr; /* the guest memory region where the secret should be injected */ 269*daec8d40SPaolo Bonzini __u32 guest_len; 270*daec8d40SPaolo Bonzini 271*daec8d40SPaolo Bonzini __u64 trans_uaddr; /* the hypervisor memory region which contains the secret */ 272*daec8d40SPaolo Bonzini __u32 trans_len; 273*daec8d40SPaolo Bonzini }; 274*daec8d40SPaolo Bonzini 275*daec8d40SPaolo Bonzini10. KVM_SEV_GET_ATTESTATION_REPORT 276*daec8d40SPaolo Bonzini---------------------------------- 277*daec8d40SPaolo Bonzini 278*daec8d40SPaolo BonziniThe KVM_SEV_GET_ATTESTATION_REPORT command can be used by the hypervisor to query the attestation 279*daec8d40SPaolo Bonzinireport containing the SHA-256 digest of the guest memory and VMSA passed through the KVM_SEV_LAUNCH 280*daec8d40SPaolo Bonzinicommands and signed with the PEK. The digest returned by the command should match the digest 281*daec8d40SPaolo Bonziniused by the guest owner with the KVM_SEV_LAUNCH_MEASURE. 282*daec8d40SPaolo Bonzini 283*daec8d40SPaolo BonziniIf len is zero on entry, the measurement blob length is written to len and 284*daec8d40SPaolo Bonziniuaddr is unused. 285*daec8d40SPaolo Bonzini 286*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_attestation 287*daec8d40SPaolo Bonzini 288*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 289*daec8d40SPaolo Bonzini 290*daec8d40SPaolo Bonzini:: 291*daec8d40SPaolo Bonzini 292*daec8d40SPaolo Bonzini struct kvm_sev_attestation_report { 293*daec8d40SPaolo Bonzini __u8 mnonce[16]; /* A random mnonce that will be placed in the report */ 294*daec8d40SPaolo Bonzini 295*daec8d40SPaolo Bonzini __u64 uaddr; /* userspace address where the report should be copied */ 296*daec8d40SPaolo Bonzini __u32 len; 297*daec8d40SPaolo Bonzini }; 298*daec8d40SPaolo Bonzini 299*daec8d40SPaolo Bonzini11. KVM_SEV_SEND_START 300*daec8d40SPaolo Bonzini---------------------- 301*daec8d40SPaolo Bonzini 302*daec8d40SPaolo BonziniThe KVM_SEV_SEND_START command can be used by the hypervisor to create an 303*daec8d40SPaolo Bonzinioutgoing guest encryption context. 304*daec8d40SPaolo Bonzini 305*daec8d40SPaolo BonziniIf session_len is zero on entry, the length of the guest session information is 306*daec8d40SPaolo Bonziniwritten to session_len and all other fields are not used. 307*daec8d40SPaolo Bonzini 308*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_send_start 309*daec8d40SPaolo Bonzini 310*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 311*daec8d40SPaolo Bonzini 312*daec8d40SPaolo Bonzini:: 313*daec8d40SPaolo Bonzini 314*daec8d40SPaolo Bonzini struct kvm_sev_send_start { 315*daec8d40SPaolo Bonzini __u32 policy; /* guest policy */ 316*daec8d40SPaolo Bonzini 317*daec8d40SPaolo Bonzini __u64 pdh_cert_uaddr; /* platform Diffie-Hellman certificate */ 318*daec8d40SPaolo Bonzini __u32 pdh_cert_len; 319*daec8d40SPaolo Bonzini 320*daec8d40SPaolo Bonzini __u64 plat_certs_uaddr; /* platform certificate chain */ 321*daec8d40SPaolo Bonzini __u32 plat_certs_len; 322*daec8d40SPaolo Bonzini 323*daec8d40SPaolo Bonzini __u64 amd_certs_uaddr; /* AMD certificate */ 324*daec8d40SPaolo Bonzini __u32 amd_certs_len; 325*daec8d40SPaolo Bonzini 326*daec8d40SPaolo Bonzini __u64 session_uaddr; /* Guest session information */ 327*daec8d40SPaolo Bonzini __u32 session_len; 328*daec8d40SPaolo Bonzini }; 329*daec8d40SPaolo Bonzini 330*daec8d40SPaolo Bonzini12. KVM_SEV_SEND_UPDATE_DATA 331*daec8d40SPaolo Bonzini---------------------------- 332*daec8d40SPaolo Bonzini 333*daec8d40SPaolo BonziniThe KVM_SEV_SEND_UPDATE_DATA command can be used by the hypervisor to encrypt the 334*daec8d40SPaolo Bonzinioutgoing guest memory region with the encryption context creating using 335*daec8d40SPaolo BonziniKVM_SEV_SEND_START. 336*daec8d40SPaolo Bonzini 337*daec8d40SPaolo BonziniIf hdr_len or trans_len are zero on entry, the length of the packet header and 338*daec8d40SPaolo Bonzinitransport region are written to hdr_len and trans_len respectively, and all 339*daec8d40SPaolo Bonziniother fields are not used. 340*daec8d40SPaolo Bonzini 341*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_send_update_data 342*daec8d40SPaolo Bonzini 343*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 344*daec8d40SPaolo Bonzini 345*daec8d40SPaolo Bonzini:: 346*daec8d40SPaolo Bonzini 347*daec8d40SPaolo Bonzini struct kvm_sev_launch_send_update_data { 348*daec8d40SPaolo Bonzini __u64 hdr_uaddr; /* userspace address containing the packet header */ 349*daec8d40SPaolo Bonzini __u32 hdr_len; 350*daec8d40SPaolo Bonzini 351*daec8d40SPaolo Bonzini __u64 guest_uaddr; /* the source memory region to be encrypted */ 352*daec8d40SPaolo Bonzini __u32 guest_len; 353*daec8d40SPaolo Bonzini 354*daec8d40SPaolo Bonzini __u64 trans_uaddr; /* the destination memory region */ 355*daec8d40SPaolo Bonzini __u32 trans_len; 356*daec8d40SPaolo Bonzini }; 357*daec8d40SPaolo Bonzini 358*daec8d40SPaolo Bonzini13. KVM_SEV_SEND_FINISH 359*daec8d40SPaolo Bonzini------------------------ 360*daec8d40SPaolo Bonzini 361*daec8d40SPaolo BonziniAfter completion of the migration flow, the KVM_SEV_SEND_FINISH command can be 362*daec8d40SPaolo Bonziniissued by the hypervisor to delete the encryption context. 363*daec8d40SPaolo Bonzini 364*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 365*daec8d40SPaolo Bonzini 366*daec8d40SPaolo Bonzini14. KVM_SEV_SEND_CANCEL 367*daec8d40SPaolo Bonzini------------------------ 368*daec8d40SPaolo Bonzini 369*daec8d40SPaolo BonziniAfter completion of SEND_START, but before SEND_FINISH, the source VMM can issue the 370*daec8d40SPaolo BonziniSEND_CANCEL command to stop a migration. This is necessary so that a cancelled 371*daec8d40SPaolo Bonzinimigration can restart with a new target later. 372*daec8d40SPaolo Bonzini 373*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 374*daec8d40SPaolo Bonzini 375*daec8d40SPaolo Bonzini15. KVM_SEV_RECEIVE_START 376*daec8d40SPaolo Bonzini------------------------- 377*daec8d40SPaolo Bonzini 378*daec8d40SPaolo BonziniThe KVM_SEV_RECEIVE_START command is used for creating the memory encryption 379*daec8d40SPaolo Bonzinicontext for an incoming SEV guest. To create the encryption context, the user must 380*daec8d40SPaolo Bonziniprovide a guest policy, the platform public Diffie-Hellman (PDH) key and session 381*daec8d40SPaolo Bonziniinformation. 382*daec8d40SPaolo Bonzini 383*daec8d40SPaolo BonziniParameters: struct kvm_sev_receive_start (in/out) 384*daec8d40SPaolo Bonzini 385*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 386*daec8d40SPaolo Bonzini 387*daec8d40SPaolo Bonzini:: 388*daec8d40SPaolo Bonzini 389*daec8d40SPaolo Bonzini struct kvm_sev_receive_start { 390*daec8d40SPaolo Bonzini __u32 handle; /* if zero then firmware creates a new handle */ 391*daec8d40SPaolo Bonzini __u32 policy; /* guest's policy */ 392*daec8d40SPaolo Bonzini 393*daec8d40SPaolo Bonzini __u64 pdh_uaddr; /* userspace address pointing to the PDH key */ 394*daec8d40SPaolo Bonzini __u32 pdh_len; 395*daec8d40SPaolo Bonzini 396*daec8d40SPaolo Bonzini __u64 session_uaddr; /* userspace address which points to the guest session information */ 397*daec8d40SPaolo Bonzini __u32 session_len; 398*daec8d40SPaolo Bonzini }; 399*daec8d40SPaolo Bonzini 400*daec8d40SPaolo BonziniOn success, the 'handle' field contains a new handle and on error, a negative value. 401*daec8d40SPaolo Bonzini 402*daec8d40SPaolo BonziniFor more details, see SEV spec Section 6.12. 403*daec8d40SPaolo Bonzini 404*daec8d40SPaolo Bonzini16. KVM_SEV_RECEIVE_UPDATE_DATA 405*daec8d40SPaolo Bonzini------------------------------- 406*daec8d40SPaolo Bonzini 407*daec8d40SPaolo BonziniThe KVM_SEV_RECEIVE_UPDATE_DATA command can be used by the hypervisor to copy 408*daec8d40SPaolo Bonzinithe incoming buffers into the guest memory region with encryption context 409*daec8d40SPaolo Bonzinicreated during the KVM_SEV_RECEIVE_START. 410*daec8d40SPaolo Bonzini 411*daec8d40SPaolo BonziniParameters (in): struct kvm_sev_receive_update_data 412*daec8d40SPaolo Bonzini 413*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 414*daec8d40SPaolo Bonzini 415*daec8d40SPaolo Bonzini:: 416*daec8d40SPaolo Bonzini 417*daec8d40SPaolo Bonzini struct kvm_sev_launch_receive_update_data { 418*daec8d40SPaolo Bonzini __u64 hdr_uaddr; /* userspace address containing the packet header */ 419*daec8d40SPaolo Bonzini __u32 hdr_len; 420*daec8d40SPaolo Bonzini 421*daec8d40SPaolo Bonzini __u64 guest_uaddr; /* the destination guest memory region */ 422*daec8d40SPaolo Bonzini __u32 guest_len; 423*daec8d40SPaolo Bonzini 424*daec8d40SPaolo Bonzini __u64 trans_uaddr; /* the incoming buffer memory region */ 425*daec8d40SPaolo Bonzini __u32 trans_len; 426*daec8d40SPaolo Bonzini }; 427*daec8d40SPaolo Bonzini 428*daec8d40SPaolo Bonzini17. KVM_SEV_RECEIVE_FINISH 429*daec8d40SPaolo Bonzini-------------------------- 430*daec8d40SPaolo Bonzini 431*daec8d40SPaolo BonziniAfter completion of the migration flow, the KVM_SEV_RECEIVE_FINISH command can be 432*daec8d40SPaolo Bonziniissued by the hypervisor to make the guest ready for execution. 433*daec8d40SPaolo Bonzini 434*daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 435*daec8d40SPaolo Bonzini 436*daec8d40SPaolo BonziniReferences 437*daec8d40SPaolo Bonzini========== 438*daec8d40SPaolo Bonzini 439*daec8d40SPaolo Bonzini 440*daec8d40SPaolo BonziniSee [white-paper]_, [api-spec]_, [amd-apm]_ and [kvm-forum]_ for more info. 441*daec8d40SPaolo Bonzini 442*daec8d40SPaolo Bonzini.. [white-paper] http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf 443*daec8d40SPaolo Bonzini.. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf 444*daec8d40SPaolo Bonzini.. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34) 445*daec8d40SPaolo Bonzini.. [kvm-forum] https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf 446