On 1/30/18 3:46 PM, Brijesh Singh wrote: > > On 1/30/18 11:49 AM, Dr. David Alan Gilbert wrote: >> * Brijesh Singh (brijesh.singh@xxxxxxx) wrote: >>> AMD EPYC processors support memory encryption feature. The feature >>> is reported through CPUID 8000_001F[EAX]. >>> >>> Fn8000_001F [EAX]: >>> Bit 0 Secure Memory Encryption (SME) supported >>> Bit 1 Secure Encrypted Virtualization (SEV) supported >>> Bit 2 Page flush MSR supported >>> Bit 3 Ecrypted State (SEV-ES) support >>> >>> when memory encryption feature is reported, CPUID 8000_001F[EBX] should >>> provide additional information regarding the feature (such as which page >>> table bit is used to mark pages as encrypted etc). The information in EBX >>> and ECX may vary from one family to another hence we use the host cpuid >>> to populate the EBX information. >> That's going to make it interesting for migration. If the guest needs >> to know that C-bit position then you presumably can't migrate between >> those two host types, but we wouldn't have anything that currently >> stops us. >> We already have similar problems with variations in physical address >> size but normally get away with that, especially on smaller VMs. > Dave, > > While building the page tables guest need to know the C-bit position. > The C-bit position in the guest is same as C-bit position on the host. > For migration case, we should be able to migrate SEV guest on same host > type (i.e all EPYC and Ryzen CPUs are based on family 17 and we should > be okay migrating the SEV guests among those host types). Since C-bit > position is not fixed hence migrating to different host family will be > an issue. One small correct, Ryzen CPUs do not support SEV feature hence we will not able migrate SEV guest from EPYC to Ryzen. > -Brijesh >> Dave >> >> >>> The details for memory encryption CPUID is available in AMD APM >>> (http://support.amd.com/TechDocs/24593.pdf) Section 15.34.1 >>> Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> >>> Cc: Richard Henderson <rth@xxxxxxxxxxx> >>> Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> >>> Signed-off-by: Brijesh Singh <brijesh.singh@xxxxxxx> >>> --- >>> target/i386/cpu.c | 36 ++++++++++++++++++++++++++++++++++++ >>> target/i386/cpu.h | 6 ++++++ >>> 2 files changed, 42 insertions(+) >>> >>> diff --git a/target/i386/cpu.c b/target/i386/cpu.c >>> index a49d2221adc9..4147eb6e18a9 100644 >>> --- a/target/i386/cpu.c >>> +++ b/target/i386/cpu.c >>> @@ -234,6 +234,7 @@ static void x86_cpu_vendor_words2str(char *dst, uint32_t vendor1, >>> #define TCG_EXT4_FEATURES 0 >>> #define TCG_SVM_FEATURES 0 >>> #define TCG_KVM_FEATURES 0 >>> +#define TCG_MEM_ENCRYPT_FEATURES 0 >>> #define TCG_7_0_EBX_FEATURES (CPUID_7_0_EBX_SMEP | CPUID_7_0_EBX_SMAP | \ >>> CPUID_7_0_EBX_BMI1 | CPUID_7_0_EBX_BMI2 | CPUID_7_0_EBX_ADX | \ >>> CPUID_7_0_EBX_PCOMMIT | CPUID_7_0_EBX_CLFLUSHOPT | \ >>> @@ -545,6 +546,20 @@ static FeatureWordInfo feature_word_info[FEATURE_WORDS] = { >>> .cpuid_reg = R_EDX, >>> .tcg_features = ~0U, >>> }, >>> + [FEAT_MEM_ENCRYPT] = { >>> + .feat_names = { >>> + "sme", "sev", "page-flush-msr", "sev-es", >>> + NULL, NULL, NULL, NULL, >>> + NULL, NULL, NULL, NULL, >>> + NULL, NULL, NULL, NULL, >>> + NULL, NULL, NULL, NULL, >>> + NULL, NULL, NULL, NULL, >>> + NULL, NULL, NULL, NULL, >>> + NULL, NULL, NULL, NULL, >>> + }, >>> + .cpuid_eax = 0x8000001F, .cpuid_reg = R_EAX, >>> + .tcg_features = TCG_MEM_ENCRYPT_FEATURES, >>> + } >>> }; >>> >>> typedef struct X86RegisterInfo32 { >>> @@ -1965,6 +1980,9 @@ static X86CPUDefinition builtin_x86_defs[] = { >>> CPUID_XSAVE_XGETBV1, >>> .features[FEAT_6_EAX] = >>> CPUID_6_EAX_ARAT, >>> + /* Missing: SEV_ES */ >>> + .features[FEAT_MEM_ENCRYPT] = >>> + CPUID_8000_001F_EAX_SME | CPUID_8000_001F_EAX_SEV, >>> .xlevel = 0x8000000A, >>> .model_id = "AMD EPYC Processor", >>> }, >>> @@ -3589,6 +3607,19 @@ void cpu_x86_cpuid(CPUX86State *env, uint32_t index, uint32_t count, >>> *edx = 0; >>> } >>> break; >>> + case 0x8000001F: >>> + if (env->features[FEAT_MEM_ENCRYPT] & CPUID_8000_001F_EAX_SEV) { >>> + *eax = env->features[FEAT_MEM_ENCRYPT]; >>> + host_cpuid(0x8000001F, 0, NULL, ebx, NULL, NULL); >>> + *ecx = 0; >>> + *edx = 0; >>> + } else { >>> + *eax = 0; >>> + *ebx = 0; >>> + *ecx = 0; >>> + *edx = 0; >>> + } >>> + break; >>> case 0xC0000000: >>> *eax = env->cpuid_xlevel2; >>> *ebx = 0; >>> @@ -4036,10 +4067,15 @@ static void x86_cpu_expand_features(X86CPU *cpu, Error **errp) >>> x86_cpu_adjust_feat_level(cpu, FEAT_C000_0001_EDX); >>> x86_cpu_adjust_feat_level(cpu, FEAT_SVM); >>> x86_cpu_adjust_feat_level(cpu, FEAT_XSAVE); >>> + x86_cpu_adjust_feat_level(cpu, FEAT_MEM_ENCRYPT); >>> /* SVM requires CPUID[0x8000000A] */ >>> if (env->features[FEAT_8000_0001_ECX] & CPUID_EXT3_SVM) { >>> x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000000A); >>> } >>> + /* SEV requires CPUID[0x8000001F] */ >>> + if ((env->features[FEAT_MEM_ENCRYPT] & CPUID_8000_001F_EAX_SEV)) { >>> + x86_cpu_adjust_level(cpu, &env->cpuid_min_xlevel, 0x8000001F); >>> + } >>> } >>> >>> /* Set cpuid_*level* based on cpuid_min_*level, if not explicitly set */ >>> diff --git a/target/i386/cpu.h b/target/i386/cpu.h >>> index f91e37d25dea..f7a0ab20fdd1 100644 >>> --- a/target/i386/cpu.h >>> +++ b/target/i386/cpu.h >>> @@ -483,6 +483,7 @@ typedef enum FeatureWord { >>> FEAT_6_EAX, /* CPUID[6].EAX */ >>> FEAT_XSAVE_COMP_LO, /* CPUID[EAX=0xd,ECX=0].EAX */ >>> FEAT_XSAVE_COMP_HI, /* CPUID[EAX=0xd,ECX=0].EDX */ >>> + FEAT_MEM_ENCRYPT, /* CPUID[8000_001F].EAX */ >>> FEATURE_WORDS, >>> } FeatureWord; >>> >>> @@ -679,6 +680,11 @@ typedef uint32_t FeatureWordArray[FEATURE_WORDS]; >>> >>> #define CPUID_6_EAX_ARAT (1U << 2) >>> >>> +#define CPUID_8000_001F_EAX_SME (1U << 0) /* SME */ >>> +#define CPUID_8000_001F_EAX_SEV (1U << 1) /* SEV */ >>> +#define CPUID_8000_001F_EAX_PAGE_FLUSH_MSR (1U << 2) /* Page flush MSR */ >>> +#define CPUID_8000_001F_EAX_SEV_ES (1U << 3) /* SEV-ES */ >>> + >>> /* CPUID[0x80000007].EDX flags: */ >>> #define CPUID_APM_INVTSC (1U << 8) >>> >>> -- >>> 2.9.5 >>> >> -- >> Dr. David Alan Gilbert / dgilbert@xxxxxxxxxx / Manchester, UK
