1af105c9cSLike Xu.. SPDX-License-Identifier: GPL-2.0 2af105c9cSLike Xu 3daec8d40SPaolo Bonzini====================================== 4daec8d40SPaolo BonziniSecure Encrypted Virtualization (SEV) 5daec8d40SPaolo Bonzini====================================== 6daec8d40SPaolo Bonzini 7daec8d40SPaolo BonziniOverview 8daec8d40SPaolo Bonzini======== 9daec8d40SPaolo Bonzini 10daec8d40SPaolo BonziniSecure Encrypted Virtualization (SEV) is a feature found on AMD processors. 11daec8d40SPaolo Bonzini 12daec8d40SPaolo BonziniSEV is an extension to the AMD-V architecture which supports running 13daec8d40SPaolo Bonzinivirtual machines (VMs) under the control of a hypervisor. When enabled, 14daec8d40SPaolo Bonzinithe memory contents of a VM will be transparently encrypted with a key 15daec8d40SPaolo Bonziniunique to that VM. 16daec8d40SPaolo Bonzini 17daec8d40SPaolo BonziniThe hypervisor can determine the SEV support through the CPUID 18daec8d40SPaolo Bonziniinstruction. The CPUID function 0x8000001f reports information related 19daec8d40SPaolo Bonzinito SEV:: 20daec8d40SPaolo Bonzini 21daec8d40SPaolo Bonzini 0x8000001f[eax]: 22daec8d40SPaolo Bonzini Bit[1] indicates support for SEV 23daec8d40SPaolo Bonzini ... 24daec8d40SPaolo Bonzini [ecx]: 25daec8d40SPaolo Bonzini Bits[31:0] Number of encrypted guests supported simultaneously 26daec8d40SPaolo Bonzini 27daec8d40SPaolo BonziniIf support for SEV is present, MSR 0xc001_0010 (MSR_AMD64_SYSCFG) and MSR 0xc001_0015 28daec8d40SPaolo Bonzini(MSR_K7_HWCR) can be used to determine if it can be enabled:: 29daec8d40SPaolo Bonzini 30daec8d40SPaolo Bonzini 0xc001_0010: 31daec8d40SPaolo Bonzini Bit[23] 1 = memory encryption can be enabled 32daec8d40SPaolo Bonzini 0 = memory encryption can not be enabled 33daec8d40SPaolo Bonzini 34daec8d40SPaolo Bonzini 0xc001_0015: 35daec8d40SPaolo Bonzini Bit[0] 1 = memory encryption can be enabled 36daec8d40SPaolo Bonzini 0 = memory encryption can not be enabled 37daec8d40SPaolo Bonzini 38daec8d40SPaolo BonziniWhen SEV support is available, it can be enabled in a specific VM by 39daec8d40SPaolo Bonzinisetting the SEV bit before executing VMRUN.:: 40daec8d40SPaolo Bonzini 41daec8d40SPaolo Bonzini VMCB[0x90]: 42daec8d40SPaolo Bonzini Bit[1] 1 = SEV is enabled 43daec8d40SPaolo Bonzini 0 = SEV is disabled 44daec8d40SPaolo Bonzini 45daec8d40SPaolo BonziniSEV hardware uses ASIDs to associate a memory encryption key with a VM. 46daec8d40SPaolo BonziniHence, the ASID for the SEV-enabled guests must be from 1 to a maximum value 47daec8d40SPaolo Bonzinidefined in the CPUID 0x8000001f[ecx] field. 48daec8d40SPaolo Bonzini 49daec8d40SPaolo BonziniSEV Key Management 50daec8d40SPaolo Bonzini================== 51daec8d40SPaolo Bonzini 52daec8d40SPaolo BonziniThe SEV guest key management is handled by a separate processor called the AMD 53daec8d40SPaolo BonziniSecure Processor (AMD-SP). Firmware running inside the AMD-SP provides a secure 54daec8d40SPaolo Bonzinikey management interface to perform common hypervisor activities such as 55daec8d40SPaolo Bonziniencrypting bootstrap code, snapshot, migrating and debugging the guest. For more 56daec8d40SPaolo Bonziniinformation, see the SEV Key Management spec [api-spec]_ 57daec8d40SPaolo Bonzini 58daec8d40SPaolo BonziniThe main ioctl to access SEV is KVM_MEMORY_ENCRYPT_OP. If the argument 59daec8d40SPaolo Bonzinito KVM_MEMORY_ENCRYPT_OP is NULL, the ioctl returns 0 if SEV is enabled 60daec8d40SPaolo Bonziniand ``ENOTTY` if it is disabled (on some older versions of Linux, 61daec8d40SPaolo Bonzinithe ioctl runs normally even with a NULL argument, and therefore will 62daec8d40SPaolo Bonzinilikely return ``EFAULT``). If non-NULL, the argument to KVM_MEMORY_ENCRYPT_OP 63daec8d40SPaolo Bonzinimust be a struct kvm_sev_cmd:: 64daec8d40SPaolo Bonzini 65daec8d40SPaolo Bonzini struct kvm_sev_cmd { 66daec8d40SPaolo Bonzini __u32 id; 67daec8d40SPaolo Bonzini __u64 data; 68daec8d40SPaolo Bonzini __u32 error; 69daec8d40SPaolo Bonzini __u32 sev_fd; 70daec8d40SPaolo Bonzini }; 71daec8d40SPaolo Bonzini 72daec8d40SPaolo Bonzini 73daec8d40SPaolo BonziniThe ``id`` field contains the subcommand, and the ``data`` field points to 74daec8d40SPaolo Bonzinianother struct containing arguments specific to command. The ``sev_fd`` 75daec8d40SPaolo Bonzinishould point to a file descriptor that is opened on the ``/dev/sev`` 76daec8d40SPaolo Bonzinidevice, if needed (see individual commands). 77daec8d40SPaolo Bonzini 78daec8d40SPaolo BonziniOn output, ``error`` is zero on success, or an error code. Error codes 79daec8d40SPaolo Bonziniare defined in ``<linux/psp-dev.h>``. 80daec8d40SPaolo Bonzini 81daec8d40SPaolo BonziniKVM implements the following commands to support common lifecycle events of SEV 82daec8d40SPaolo Bonziniguests, such as launching, running, snapshotting, migrating and decommissioning. 83daec8d40SPaolo Bonzini 84daec8d40SPaolo Bonzini1. KVM_SEV_INIT 85daec8d40SPaolo Bonzini--------------- 86daec8d40SPaolo Bonzini 87daec8d40SPaolo BonziniThe KVM_SEV_INIT command is used by the hypervisor to initialize the SEV platform 88daec8d40SPaolo Bonzinicontext. In a typical workflow, this command should be the first command issued. 89daec8d40SPaolo Bonzini 90daec8d40SPaolo BonziniThe firmware can be initialized either by using its own non-volatile storage or 91daec8d40SPaolo Bonzinithe OS can manage the NV storage for the firmware using the module parameter 92d8da2da2SJacky Li``init_ex_path``. If the file specified by ``init_ex_path`` does not exist or 93d8da2da2SJacky Liis invalid, the OS will create or override the file with output from PSP. 94daec8d40SPaolo Bonzini 95daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 96daec8d40SPaolo Bonzini 97daec8d40SPaolo Bonzini2. KVM_SEV_LAUNCH_START 98daec8d40SPaolo Bonzini----------------------- 99daec8d40SPaolo Bonzini 100daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_START command is used for creating the memory encryption 101daec8d40SPaolo Bonzinicontext. To create the encryption context, user must provide a guest policy, 102daec8d40SPaolo Bonzinithe owner's public Diffie-Hellman (PDH) key and session information. 103daec8d40SPaolo Bonzini 104daec8d40SPaolo BonziniParameters: struct kvm_sev_launch_start (in/out) 105daec8d40SPaolo Bonzini 106daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 107daec8d40SPaolo Bonzini 108daec8d40SPaolo Bonzini:: 109daec8d40SPaolo Bonzini 110daec8d40SPaolo Bonzini struct kvm_sev_launch_start { 111daec8d40SPaolo Bonzini __u32 handle; /* if zero then firmware creates a new handle */ 112daec8d40SPaolo Bonzini __u32 policy; /* guest's policy */ 113daec8d40SPaolo Bonzini 114daec8d40SPaolo Bonzini __u64 dh_uaddr; /* userspace address pointing to the guest owner's PDH key */ 115daec8d40SPaolo Bonzini __u32 dh_len; 116daec8d40SPaolo Bonzini 117daec8d40SPaolo Bonzini __u64 session_addr; /* userspace address which points to the guest session information */ 118daec8d40SPaolo Bonzini __u32 session_len; 119daec8d40SPaolo Bonzini }; 120daec8d40SPaolo Bonzini 121daec8d40SPaolo BonziniOn success, the 'handle' field contains a new handle and on error, a negative value. 122daec8d40SPaolo Bonzini 123daec8d40SPaolo BonziniKVM_SEV_LAUNCH_START requires the ``sev_fd`` field to be valid. 124daec8d40SPaolo Bonzini 125daec8d40SPaolo BonziniFor more details, see SEV spec Section 6.2. 126daec8d40SPaolo Bonzini 127daec8d40SPaolo Bonzini3. KVM_SEV_LAUNCH_UPDATE_DATA 128daec8d40SPaolo Bonzini----------------------------- 129daec8d40SPaolo Bonzini 130daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_UPDATE_DATA is used for encrypting a memory region. It also 131daec8d40SPaolo Bonzinicalculates a measurement of the memory contents. The measurement is a signature 132daec8d40SPaolo Bonziniof the memory contents that can be sent to the guest owner as an attestation 133daec8d40SPaolo Bonzinithat the memory was encrypted correctly by the firmware. 134daec8d40SPaolo Bonzini 135daec8d40SPaolo BonziniParameters (in): struct kvm_sev_launch_update_data 136daec8d40SPaolo Bonzini 137daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 138daec8d40SPaolo Bonzini 139daec8d40SPaolo Bonzini:: 140daec8d40SPaolo Bonzini 141daec8d40SPaolo Bonzini struct kvm_sev_launch_update { 142daec8d40SPaolo Bonzini __u64 uaddr; /* userspace address to be encrypted (must be 16-byte aligned) */ 143daec8d40SPaolo Bonzini __u32 len; /* length of the data to be encrypted (must be 16-byte aligned) */ 144daec8d40SPaolo Bonzini }; 145daec8d40SPaolo Bonzini 146daec8d40SPaolo BonziniFor more details, see SEV spec Section 6.3. 147daec8d40SPaolo Bonzini 148daec8d40SPaolo Bonzini4. KVM_SEV_LAUNCH_MEASURE 149daec8d40SPaolo Bonzini------------------------- 150daec8d40SPaolo Bonzini 151daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_MEASURE command is used to retrieve the measurement of the 152daec8d40SPaolo Bonzinidata encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may 153daec8d40SPaolo Bonziniwait to provide the guest with confidential information until it can verify the 154daec8d40SPaolo Bonzinimeasurement. Since the guest owner knows the initial contents of the guest at 155daec8d40SPaolo Bonziniboot, the measurement can be verified by comparing it to what the guest owner 156daec8d40SPaolo Bonziniexpects. 157daec8d40SPaolo Bonzini 158daec8d40SPaolo BonziniIf len is zero on entry, the measurement blob length is written to len and 159daec8d40SPaolo Bonziniuaddr is unused. 160daec8d40SPaolo Bonzini 161daec8d40SPaolo BonziniParameters (in): struct kvm_sev_launch_measure 162daec8d40SPaolo Bonzini 163daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 164daec8d40SPaolo Bonzini 165daec8d40SPaolo Bonzini:: 166daec8d40SPaolo Bonzini 167daec8d40SPaolo Bonzini struct kvm_sev_launch_measure { 168daec8d40SPaolo Bonzini __u64 uaddr; /* where to copy the measurement */ 169daec8d40SPaolo Bonzini __u32 len; /* length of measurement blob */ 170daec8d40SPaolo Bonzini }; 171daec8d40SPaolo Bonzini 172daec8d40SPaolo BonziniFor more details on the measurement verification flow, see SEV spec Section 6.4. 173daec8d40SPaolo Bonzini 174daec8d40SPaolo Bonzini5. KVM_SEV_LAUNCH_FINISH 175daec8d40SPaolo Bonzini------------------------ 176daec8d40SPaolo Bonzini 177daec8d40SPaolo BonziniAfter completion of the launch flow, the KVM_SEV_LAUNCH_FINISH command can be 178daec8d40SPaolo Bonziniissued to make the guest ready for the execution. 179daec8d40SPaolo Bonzini 180daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 181daec8d40SPaolo Bonzini 182daec8d40SPaolo Bonzini6. KVM_SEV_GUEST_STATUS 183daec8d40SPaolo Bonzini----------------------- 184daec8d40SPaolo Bonzini 185daec8d40SPaolo BonziniThe KVM_SEV_GUEST_STATUS command is used to retrieve status information about a 186daec8d40SPaolo BonziniSEV-enabled guest. 187daec8d40SPaolo Bonzini 188daec8d40SPaolo BonziniParameters (out): struct kvm_sev_guest_status 189daec8d40SPaolo Bonzini 190daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 191daec8d40SPaolo Bonzini 192daec8d40SPaolo Bonzini:: 193daec8d40SPaolo Bonzini 194daec8d40SPaolo Bonzini struct kvm_sev_guest_status { 195daec8d40SPaolo Bonzini __u32 handle; /* guest handle */ 196daec8d40SPaolo Bonzini __u32 policy; /* guest policy */ 197daec8d40SPaolo Bonzini __u8 state; /* guest state (see enum below) */ 198daec8d40SPaolo Bonzini }; 199daec8d40SPaolo Bonzini 200daec8d40SPaolo BonziniSEV guest state: 201daec8d40SPaolo Bonzini 202daec8d40SPaolo Bonzini:: 203daec8d40SPaolo Bonzini 204daec8d40SPaolo Bonzini enum { 205daec8d40SPaolo Bonzini SEV_STATE_INVALID = 0; 206daec8d40SPaolo Bonzini SEV_STATE_LAUNCHING, /* guest is currently being launched */ 207daec8d40SPaolo Bonzini SEV_STATE_SECRET, /* guest is being launched and ready to accept the ciphertext data */ 208daec8d40SPaolo Bonzini SEV_STATE_RUNNING, /* guest is fully launched and running */ 209daec8d40SPaolo Bonzini SEV_STATE_RECEIVING, /* guest is being migrated in from another SEV machine */ 210daec8d40SPaolo Bonzini SEV_STATE_SENDING /* guest is getting migrated out to another SEV machine */ 211daec8d40SPaolo Bonzini }; 212daec8d40SPaolo Bonzini 213daec8d40SPaolo Bonzini7. KVM_SEV_DBG_DECRYPT 214daec8d40SPaolo Bonzini---------------------- 215daec8d40SPaolo Bonzini 216daec8d40SPaolo BonziniThe KVM_SEV_DEBUG_DECRYPT command can be used by the hypervisor to request the 217daec8d40SPaolo Bonzinifirmware to decrypt the data at the given memory region. 218daec8d40SPaolo Bonzini 219daec8d40SPaolo BonziniParameters (in): struct kvm_sev_dbg 220daec8d40SPaolo Bonzini 221daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 222daec8d40SPaolo Bonzini 223daec8d40SPaolo Bonzini:: 224daec8d40SPaolo Bonzini 225daec8d40SPaolo Bonzini struct kvm_sev_dbg { 226daec8d40SPaolo Bonzini __u64 src_uaddr; /* userspace address of data to decrypt */ 227daec8d40SPaolo Bonzini __u64 dst_uaddr; /* userspace address of destination */ 228daec8d40SPaolo Bonzini __u32 len; /* length of memory region to decrypt */ 229daec8d40SPaolo Bonzini }; 230daec8d40SPaolo Bonzini 231daec8d40SPaolo BonziniThe command returns an error if the guest policy does not allow debugging. 232daec8d40SPaolo Bonzini 233daec8d40SPaolo Bonzini8. KVM_SEV_DBG_ENCRYPT 234daec8d40SPaolo Bonzini---------------------- 235daec8d40SPaolo Bonzini 236daec8d40SPaolo BonziniThe KVM_SEV_DEBUG_ENCRYPT command can be used by the hypervisor to request the 237daec8d40SPaolo Bonzinifirmware to encrypt the data at the given memory region. 238daec8d40SPaolo Bonzini 239daec8d40SPaolo BonziniParameters (in): struct kvm_sev_dbg 240daec8d40SPaolo Bonzini 241daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 242daec8d40SPaolo Bonzini 243daec8d40SPaolo Bonzini:: 244daec8d40SPaolo Bonzini 245daec8d40SPaolo Bonzini struct kvm_sev_dbg { 246daec8d40SPaolo Bonzini __u64 src_uaddr; /* userspace address of data to encrypt */ 247daec8d40SPaolo Bonzini __u64 dst_uaddr; /* userspace address of destination */ 248daec8d40SPaolo Bonzini __u32 len; /* length of memory region to encrypt */ 249daec8d40SPaolo Bonzini }; 250daec8d40SPaolo Bonzini 251daec8d40SPaolo BonziniThe command returns an error if the guest policy does not allow debugging. 252daec8d40SPaolo Bonzini 253daec8d40SPaolo Bonzini9. KVM_SEV_LAUNCH_SECRET 254daec8d40SPaolo Bonzini------------------------ 255daec8d40SPaolo Bonzini 256daec8d40SPaolo BonziniThe KVM_SEV_LAUNCH_SECRET command can be used by the hypervisor to inject secret 257daec8d40SPaolo Bonzinidata after the measurement has been validated by the guest owner. 258daec8d40SPaolo Bonzini 259daec8d40SPaolo BonziniParameters (in): struct kvm_sev_launch_secret 260daec8d40SPaolo Bonzini 261daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 262daec8d40SPaolo Bonzini 263daec8d40SPaolo Bonzini:: 264daec8d40SPaolo Bonzini 265daec8d40SPaolo Bonzini struct kvm_sev_launch_secret { 266daec8d40SPaolo Bonzini __u64 hdr_uaddr; /* userspace address containing the packet header */ 267daec8d40SPaolo Bonzini __u32 hdr_len; 268daec8d40SPaolo Bonzini 269daec8d40SPaolo Bonzini __u64 guest_uaddr; /* the guest memory region where the secret should be injected */ 270daec8d40SPaolo Bonzini __u32 guest_len; 271daec8d40SPaolo Bonzini 272daec8d40SPaolo Bonzini __u64 trans_uaddr; /* the hypervisor memory region which contains the secret */ 273daec8d40SPaolo Bonzini __u32 trans_len; 274daec8d40SPaolo Bonzini }; 275daec8d40SPaolo Bonzini 276daec8d40SPaolo Bonzini10. KVM_SEV_GET_ATTESTATION_REPORT 277daec8d40SPaolo Bonzini---------------------------------- 278daec8d40SPaolo Bonzini 279daec8d40SPaolo BonziniThe KVM_SEV_GET_ATTESTATION_REPORT command can be used by the hypervisor to query the attestation 280daec8d40SPaolo Bonzinireport containing the SHA-256 digest of the guest memory and VMSA passed through the KVM_SEV_LAUNCH 281daec8d40SPaolo Bonzinicommands and signed with the PEK. The digest returned by the command should match the digest 282daec8d40SPaolo Bonziniused by the guest owner with the KVM_SEV_LAUNCH_MEASURE. 283daec8d40SPaolo Bonzini 284daec8d40SPaolo BonziniIf len is zero on entry, the measurement blob length is written to len and 285daec8d40SPaolo Bonziniuaddr is unused. 286daec8d40SPaolo Bonzini 287daec8d40SPaolo BonziniParameters (in): struct kvm_sev_attestation 288daec8d40SPaolo Bonzini 289daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 290daec8d40SPaolo Bonzini 291daec8d40SPaolo Bonzini:: 292daec8d40SPaolo Bonzini 293daec8d40SPaolo Bonzini struct kvm_sev_attestation_report { 294daec8d40SPaolo Bonzini __u8 mnonce[16]; /* A random mnonce that will be placed in the report */ 295daec8d40SPaolo Bonzini 296daec8d40SPaolo Bonzini __u64 uaddr; /* userspace address where the report should be copied */ 297daec8d40SPaolo Bonzini __u32 len; 298daec8d40SPaolo Bonzini }; 299daec8d40SPaolo Bonzini 300daec8d40SPaolo Bonzini11. KVM_SEV_SEND_START 301daec8d40SPaolo Bonzini---------------------- 302daec8d40SPaolo Bonzini 303daec8d40SPaolo BonziniThe KVM_SEV_SEND_START command can be used by the hypervisor to create an 304daec8d40SPaolo Bonzinioutgoing guest encryption context. 305daec8d40SPaolo Bonzini 306daec8d40SPaolo BonziniIf session_len is zero on entry, the length of the guest session information is 307daec8d40SPaolo Bonziniwritten to session_len and all other fields are not used. 308daec8d40SPaolo Bonzini 309daec8d40SPaolo BonziniParameters (in): struct kvm_sev_send_start 310daec8d40SPaolo Bonzini 311daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 312daec8d40SPaolo Bonzini 313daec8d40SPaolo Bonzini:: 314daec8d40SPaolo Bonzini 315daec8d40SPaolo Bonzini struct kvm_sev_send_start { 316daec8d40SPaolo Bonzini __u32 policy; /* guest policy */ 317daec8d40SPaolo Bonzini 318daec8d40SPaolo Bonzini __u64 pdh_cert_uaddr; /* platform Diffie-Hellman certificate */ 319daec8d40SPaolo Bonzini __u32 pdh_cert_len; 320daec8d40SPaolo Bonzini 321daec8d40SPaolo Bonzini __u64 plat_certs_uaddr; /* platform certificate chain */ 322daec8d40SPaolo Bonzini __u32 plat_certs_len; 323daec8d40SPaolo Bonzini 324daec8d40SPaolo Bonzini __u64 amd_certs_uaddr; /* AMD certificate */ 325daec8d40SPaolo Bonzini __u32 amd_certs_len; 326daec8d40SPaolo Bonzini 327daec8d40SPaolo Bonzini __u64 session_uaddr; /* Guest session information */ 328daec8d40SPaolo Bonzini __u32 session_len; 329daec8d40SPaolo Bonzini }; 330daec8d40SPaolo Bonzini 331daec8d40SPaolo Bonzini12. KVM_SEV_SEND_UPDATE_DATA 332daec8d40SPaolo Bonzini---------------------------- 333daec8d40SPaolo Bonzini 334daec8d40SPaolo BonziniThe KVM_SEV_SEND_UPDATE_DATA command can be used by the hypervisor to encrypt the 335daec8d40SPaolo Bonzinioutgoing guest memory region with the encryption context creating using 336daec8d40SPaolo BonziniKVM_SEV_SEND_START. 337daec8d40SPaolo Bonzini 338daec8d40SPaolo BonziniIf hdr_len or trans_len are zero on entry, the length of the packet header and 339daec8d40SPaolo Bonzinitransport region are written to hdr_len and trans_len respectively, and all 340daec8d40SPaolo Bonziniother fields are not used. 341daec8d40SPaolo Bonzini 342daec8d40SPaolo BonziniParameters (in): struct kvm_sev_send_update_data 343daec8d40SPaolo Bonzini 344daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 345daec8d40SPaolo Bonzini 346daec8d40SPaolo Bonzini:: 347daec8d40SPaolo Bonzini 348daec8d40SPaolo Bonzini struct kvm_sev_launch_send_update_data { 349daec8d40SPaolo Bonzini __u64 hdr_uaddr; /* userspace address containing the packet header */ 350daec8d40SPaolo Bonzini __u32 hdr_len; 351daec8d40SPaolo Bonzini 352daec8d40SPaolo Bonzini __u64 guest_uaddr; /* the source memory region to be encrypted */ 353daec8d40SPaolo Bonzini __u32 guest_len; 354daec8d40SPaolo Bonzini 355daec8d40SPaolo Bonzini __u64 trans_uaddr; /* the destination memory region */ 356daec8d40SPaolo Bonzini __u32 trans_len; 357daec8d40SPaolo Bonzini }; 358daec8d40SPaolo Bonzini 359daec8d40SPaolo Bonzini13. KVM_SEV_SEND_FINISH 360daec8d40SPaolo Bonzini------------------------ 361daec8d40SPaolo Bonzini 362daec8d40SPaolo BonziniAfter completion of the migration flow, the KVM_SEV_SEND_FINISH command can be 363daec8d40SPaolo Bonziniissued by the hypervisor to delete the encryption context. 364daec8d40SPaolo Bonzini 365daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 366daec8d40SPaolo Bonzini 367daec8d40SPaolo Bonzini14. KVM_SEV_SEND_CANCEL 368daec8d40SPaolo Bonzini------------------------ 369daec8d40SPaolo Bonzini 370daec8d40SPaolo BonziniAfter completion of SEND_START, but before SEND_FINISH, the source VMM can issue the 371daec8d40SPaolo BonziniSEND_CANCEL command to stop a migration. This is necessary so that a cancelled 372daec8d40SPaolo Bonzinimigration can restart with a new target later. 373daec8d40SPaolo Bonzini 374daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 375daec8d40SPaolo Bonzini 376daec8d40SPaolo Bonzini15. KVM_SEV_RECEIVE_START 377daec8d40SPaolo Bonzini------------------------- 378daec8d40SPaolo Bonzini 379daec8d40SPaolo BonziniThe KVM_SEV_RECEIVE_START command is used for creating the memory encryption 380daec8d40SPaolo Bonzinicontext for an incoming SEV guest. To create the encryption context, the user must 381daec8d40SPaolo Bonziniprovide a guest policy, the platform public Diffie-Hellman (PDH) key and session 382daec8d40SPaolo Bonziniinformation. 383daec8d40SPaolo Bonzini 384daec8d40SPaolo BonziniParameters: struct kvm_sev_receive_start (in/out) 385daec8d40SPaolo Bonzini 386daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 387daec8d40SPaolo Bonzini 388daec8d40SPaolo Bonzini:: 389daec8d40SPaolo Bonzini 390daec8d40SPaolo Bonzini struct kvm_sev_receive_start { 391daec8d40SPaolo Bonzini __u32 handle; /* if zero then firmware creates a new handle */ 392daec8d40SPaolo Bonzini __u32 policy; /* guest's policy */ 393daec8d40SPaolo Bonzini 394daec8d40SPaolo Bonzini __u64 pdh_uaddr; /* userspace address pointing to the PDH key */ 395daec8d40SPaolo Bonzini __u32 pdh_len; 396daec8d40SPaolo Bonzini 397daec8d40SPaolo Bonzini __u64 session_uaddr; /* userspace address which points to the guest session information */ 398daec8d40SPaolo Bonzini __u32 session_len; 399daec8d40SPaolo Bonzini }; 400daec8d40SPaolo Bonzini 401daec8d40SPaolo BonziniOn success, the 'handle' field contains a new handle and on error, a negative value. 402daec8d40SPaolo Bonzini 403daec8d40SPaolo BonziniFor more details, see SEV spec Section 6.12. 404daec8d40SPaolo Bonzini 405daec8d40SPaolo Bonzini16. KVM_SEV_RECEIVE_UPDATE_DATA 406daec8d40SPaolo Bonzini------------------------------- 407daec8d40SPaolo Bonzini 408daec8d40SPaolo BonziniThe KVM_SEV_RECEIVE_UPDATE_DATA command can be used by the hypervisor to copy 409daec8d40SPaolo Bonzinithe incoming buffers into the guest memory region with encryption context 410daec8d40SPaolo Bonzinicreated during the KVM_SEV_RECEIVE_START. 411daec8d40SPaolo Bonzini 412daec8d40SPaolo BonziniParameters (in): struct kvm_sev_receive_update_data 413daec8d40SPaolo Bonzini 414daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 415daec8d40SPaolo Bonzini 416daec8d40SPaolo Bonzini:: 417daec8d40SPaolo Bonzini 418daec8d40SPaolo Bonzini struct kvm_sev_launch_receive_update_data { 419daec8d40SPaolo Bonzini __u64 hdr_uaddr; /* userspace address containing the packet header */ 420daec8d40SPaolo Bonzini __u32 hdr_len; 421daec8d40SPaolo Bonzini 422daec8d40SPaolo Bonzini __u64 guest_uaddr; /* the destination guest memory region */ 423daec8d40SPaolo Bonzini __u32 guest_len; 424daec8d40SPaolo Bonzini 425daec8d40SPaolo Bonzini __u64 trans_uaddr; /* the incoming buffer memory region */ 426daec8d40SPaolo Bonzini __u32 trans_len; 427daec8d40SPaolo Bonzini }; 428daec8d40SPaolo Bonzini 429daec8d40SPaolo Bonzini17. KVM_SEV_RECEIVE_FINISH 430daec8d40SPaolo Bonzini-------------------------- 431daec8d40SPaolo Bonzini 432daec8d40SPaolo BonziniAfter completion of the migration flow, the KVM_SEV_RECEIVE_FINISH command can be 433daec8d40SPaolo Bonziniissued by the hypervisor to make the guest ready for execution. 434daec8d40SPaolo Bonzini 435daec8d40SPaolo BonziniReturns: 0 on success, -negative on error 436daec8d40SPaolo Bonzini 437daec8d40SPaolo BonziniReferences 438daec8d40SPaolo Bonzini========== 439daec8d40SPaolo Bonzini 440daec8d40SPaolo Bonzini 441daec8d40SPaolo BonziniSee [white-paper]_, [api-spec]_, [amd-apm]_ and [kvm-forum]_ for more info. 442daec8d40SPaolo Bonzini 443*fbabc2eaSWyes Karny.. [white-paper] https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf 444daec8d40SPaolo Bonzini.. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf 445daec8d40SPaolo Bonzini.. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34) 446daec8d40SPaolo Bonzini.. [kvm-forum] https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf 447