CINXE.COM
LKML: Tom Lendacky: Re: [PATCH 1/5] KVM: SVM: Decrypt SEV VMSA in dump_vmcb() if debugging is enabled
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>LKML: Tom Lendacky: Re: [PATCH 1/5] KVM: SVM: Decrypt SEV VMSA in dump_vmcb() if debugging is enabled</title><link href="/css/message.css" rel="stylesheet" type="text/css" /><link href="/css/wrap.css" rel="alternate stylesheet" type="text/css" title="wrap" /><link href="/css/nowrap.css" rel="stylesheet" type="text/css" title="nowrap" /><link href="/favicon.ico" rel="shortcut icon" /><script src="/js/simple-calendar.js" type="text/javascript"></script><script src="/js/styleswitcher.js" type="text/javascript"></script><link rel="alternate" type="application/rss+xml" title="lkml.org : last 100 messages" href="/rss.php" /><link rel="alternate" type="application/rss+xml" title="lkml.org : last messages by Tom Lendacky" href="/groupie.php?aid=" /><!--Matomo--><script> var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ _paq.push(["setDoNotTrack", true]); _paq.push(["disableCookies"]); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//m.lkml.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '1']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script><!--End Matomo Code--></head><body onload="es.jasper.simpleCalendar.init();" itemscope="itemscope" itemtype="http://schema.org/BlogPosting"><table border="0" cellpadding="0" cellspacing="0"><tr><td width="180" align="center"><a href="/"><img style="border:0;width:135px;height:32px" src="/images/toprowlk.gif" alt="lkml.org" /></a></td><td width="32">聽</td><td class="nb"><div><a class="nb" href="/lkml"> [lkml]</a> 聽 <a class="nb" href="/lkml/2025"> [2025]</a> 聽 <a class="nb" href="/lkml/2025/3"> [Mar]</a> 聽 <a class="nb" href="/lkml/2025/3/21"> [21]</a> 聽 <a class="nb" href="/lkml/last100"> [last100]</a> 聽 <a href="/rss.php"><img src="/images/rss-or.gif" border="0" alt="RSS Feed" /></a></div><div>Views: <a href="#" class="nowrap" onclick="setActiveStyleSheet('wrap');return false;">[wrap]</a><a href="#" class="wrap" onclick="setActiveStyleSheet('nowrap');return false;">[no wrap]</a> 聽 <a class="nb" href="/lkml/mheaders/2025/3/21/877" onclick="this.href='/lkml/headers'+'/2025/3/21/877';">[headers]</a>聽 <a href="/lkml/bounce/2025/3/21/877">[forward]</a>聽 </div></td><td width="32">聽</td></tr><tr><td valign="top"><div class="es-jasper-simpleCalendar" baseurl="/lkml/"></div><div class="threadlist">Messages in this thread</div><ul class="threadlist"><li class="root"><a href="/lkml/2025/3/20/741">First message in thread</a></li><li><a href="/lkml/2025/3/20/741">Tom Lendacky</a><ul><li><a href="/lkml/2025/3/20/736">Tom Lendacky</a><ul><li class="origin"><a href="/lkml/2025/3/21/887">Tom Lendacky</a><ul><li><a href="/lkml/2025/3/21/887">Tom Lendacky</a></li></ul></li></ul></li><li><a href="/lkml/2025/3/20/737">Tom Lendacky</a></li><li><a href="/lkml/2025/3/20/738">Tom Lendacky</a></li><li><a href="/lkml/2025/3/20/739">Tom Lendacky</a></li><li><a href="/lkml/2025/3/20/744">Tom Lendacky</a></li><li><a href="/lkml/2025/3/20/827">Borislav Petkov</a><ul><li><a href="/lkml/2025/3/21/1243">Kim Phillips</a></li></ul></li></ul></li></ul></td><td width="32" rowspan="2" class="c" valign="top"><img src="/images/icornerl.gif" width="32" height="32" alt="/" /></td><td class="c" rowspan="2" valign="top" style="padding-top: 1em"><table><tr><td><table><tr><td class="lp">Date</td><td class="rp" itemprop="datePublished">Fri, 21 Mar 2025 09:36:59 -0500</td></tr><tr><td class="lp">Subject</td><td class="rp" itemprop="name">Re: [PATCH 1/5] KVM: SVM: Decrypt SEV VMSA in dump_vmcb() if debugging is enabled</td></tr><tr><td class="lp">From</td><td class="rp" itemprop="author">Tom Lendacky <></td></tr></table></td><td></td></tr></table><pre itemprop="articleBody">On 3/20/25 08:26, Tom Lendacky wrote:<br />> An SEV-ES/SEV-SNP VM save area (VMSA) can be decrypted if the guest<br />> policy allows debugging. Update the dump_vmcb() routine to output<br />> some of the SEV VMSA contents if possible. This can be useful for<br />> debug purposes.<br />> <br />> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com><br />> ---<br />> arch/x86/kvm/svm/sev.c | 98 ++++++++++++++++++++++++++++++++++++++++++<br />> arch/x86/kvm/svm/svm.c | 13 ++++++<br />> arch/x86/kvm/svm/svm.h | 11 +++++<br />> 3 files changed, 122 insertions(+)<br />> <br />> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c<br />> index 661108d65ee7..6e3f5042d9ce 100644<br />> --- a/arch/x86/kvm/svm/sev.c<br />> +++ b/arch/x86/kvm/svm/sev.c<br />> @@ -563,6 +563,8 @@ static int sev_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp)<br />> if (copy_from_user(&params, u64_to_user_ptr(argp->data), sizeof(params)))<br />> return -EFAULT;<br />> <br />> + sev->policy = params.policy;<br />> +<br />> memset(&start, 0, sizeof(start));<br />> <br />> dh_blob = NULL;<br />> @@ -2220,6 +2222,8 @@ static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp)<br />> if (params.policy & SNP_POLICY_MASK_SINGLE_SOCKET)<br />> return -EINVAL;<br />> <br />> + sev->policy = params.policy;<br />> +<br />> sev->snp_context = snp_context_create(kvm, argp);<br />> if (!sev->snp_context)<br />> return -ENOTTY;<br />> @@ -4975,3 +4979,97 @@ int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn)<br />> <br />> return level;<br />> }<br />> +<br />> +struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu)<br />> +{<br />> + struct vcpu_svm *svm = to_svm(vcpu);<br />> + struct vmcb_save_area *vmsa;<br />> + struct kvm_sev_info *sev;<br />> + int error = 0;<br />> + int ret;<br />> +<br />> + if (!sev_es_guest(vcpu->kvm))<br />> + return NULL;<br />> +<br />> + /*<br />> + * If the VMSA has not yet been encrypted, return a pointer to the<br />> + * current un-encrypted VMSA.<br />> + */<br />> + if (!vcpu->arch.guest_state_protected)<br />> + return (struct vmcb_save_area *)svm->sev_es.vmsa;<br />> +<br />> + sev = to_kvm_sev_info(vcpu->kvm);<br />> +<br />> + /* Check if the SEV policy allows debugging */<br />> + if (sev_snp_guest(vcpu->kvm)) {<br />> + if (!(sev->policy & SNP_POLICY_DEBUG))<br />> + return NULL;<br />> + } else {<br />> + if (sev->policy & SEV_POLICY_NODBG)<br />> + return NULL;<br />> + }<br />> +<br />> + if (sev_snp_guest(vcpu->kvm)) {<br />> + struct sev_data_snp_dbg dbg = {0};<br />> +<br />> + vmsa = snp_alloc_firmware_page(__GFP_ZERO);<br />> + if (!vmsa)<br />> + return NULL;<br />> +<br />> + dbg.gctx_paddr = __psp_pa(sev->snp_context);<br />> + dbg.src_addr = svm->vmcb->control.vmsa_pa;<br />> + dbg.dst_addr = __psp_pa(vmsa);<br />> +<br />> + ret = sev_issue_cmd(vcpu->kvm, SEV_CMD_SNP_DBG_DECRYPT, &dbg, &error);<br />> +<br />> + /*<br />> + * Return the target page to a hypervisor page no matter what.<br />> + * If this fails, the page can't be used, so leak it and don't<br />> + * try to use it.<br />> + */<br />> + if (snp_page_reclaim(vcpu->kvm, PHYS_PFN(__pa(vmsa))))<br />> + return NULL;<br /><br />And actually I should call snp_leak_pages() here to record that. I'll add<br />that to the next version.<br /><br />Thanks,<br />Tom<br /><br />> +<br />> + if (ret) {<br />> + pr_err("SEV: SNP_DBG_DECRYPT failed ret=%d, fw_error=%d (%#x)\n",<br />> + ret, error, error);<br />> + free_page((unsigned long)vmsa);<br />> +<br />> + return NULL;<br />> + }<br />> + } else {<br />> + struct sev_data_dbg dbg = {0};<br />> + struct page *vmsa_page;<br />> +<br />> + vmsa_page = alloc_page(GFP_KERNEL);<br />> + if (!vmsa_page)<br />> + return NULL;<br />> +<br />> + vmsa = page_address(vmsa_page);<br />> +<br />> + dbg.handle = sev->handle;<br />> + dbg.src_addr = svm->vmcb->control.vmsa_pa;<br />> + dbg.dst_addr = __psp_pa(vmsa);<br />> + dbg.len = PAGE_SIZE;<br />> +<br />> + ret = sev_issue_cmd(vcpu->kvm, SEV_CMD_DBG_DECRYPT, &dbg, &error);<br />> + if (ret) {<br />> + pr_err("SEV: SEV_CMD_DBG_DECRYPT failed ret=%d, fw_error=%d (0x%x)\n",<br />> + ret, error, error);<br />> + __free_page(vmsa_page);<br />> +<br />> + return NULL;<br />> + }<br />> + }<br />> +<br />> + return vmsa;<br />> +}<br />> +<br />> +void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct vmcb_save_area *vmsa)<br />> +{<br />> + /* If the VMSA has not yet been encrypted, nothing was allocated */<br />> + if (!vcpu->arch.guest_state_protected || !vmsa)<br />> + return;<br />> +<br />> + free_page((unsigned long)vmsa);<br />> +}<br />> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c<br />> index e67de787fc71..21477871073c 100644<br />> --- a/arch/x86/kvm/svm/svm.c<br />> +++ b/arch/x86/kvm/svm/svm.c<br />> @@ -3423,6 +3423,15 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)<br />> pr_err("%-20s%016llx\n", "avic_logical_id:", control->avic_logical_id);<br />> pr_err("%-20s%016llx\n", "avic_physical_id:", control->avic_physical_id);<br />> pr_err("%-20s%016llx\n", "vmsa_pa:", control->vmsa_pa);<br />> +<br />> + if (sev_es_guest(vcpu->kvm)) {<br />> + save = sev_decrypt_vmsa(vcpu);<br />> + if (!save)<br />> + goto no_vmsa;<br />> +<br />> + save01 = save;<br />> + }<br />> +<br />> pr_err("VMCB State Save Area:\n");<br />> pr_err("%-5s s: %04x a: %04x l: %08x b: %016llx\n",<br />> "es:",<br />> @@ -3493,6 +3502,10 @@ static void dump_vmcb(struct kvm_vcpu *vcpu)<br />> pr_err("%-15s %016llx %-13s %016llx\n",<br />> "excp_from:", save->last_excp_from,<br />> "excp_to:", save->last_excp_to);<br />> +<br />> +no_vmsa:<br />> + if (sev_es_guest(vcpu->kvm))<br />> + sev_free_decrypted_vmsa(vcpu, save);<br />> }<br />> <br />> static bool svm_check_exit_valid(u64 exit_code)<br />> diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h<br />> index ea44c1da5a7c..66979ddc3659 100644<br />> --- a/arch/x86/kvm/svm/svm.h<br />> +++ b/arch/x86/kvm/svm/svm.h<br />> @@ -98,6 +98,7 @@ struct kvm_sev_info {<br />> unsigned int asid; /* ASID used for this guest */<br />> unsigned int handle; /* SEV firmware handle */<br />> int fd; /* SEV device fd */<br />> + unsigned long policy;<br />> unsigned long pages_locked; /* Number of pages locked */<br />> struct list_head regions_list; /* List of registered regions */<br />> u64 ap_jump_table; /* SEV-ES AP Jump Table address */<br />> @@ -114,6 +115,9 @@ struct kvm_sev_info {<br />> struct mutex guest_req_mutex; /* Must acquire before using bounce buffers */<br />> };<br />> <br />> +#define SEV_POLICY_NODBG BIT_ULL(0)<br />> +#define SNP_POLICY_DEBUG BIT_ULL(19)<br />> +<br />> struct kvm_svm {<br />> struct kvm kvm;<br />> <br />> @@ -756,6 +760,8 @@ void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu);<br />> int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order);<br />> void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end);<br />> int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn);<br />> +struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu);<br />> +void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct vmcb_save_area *vmsa);<br />> #else<br />> static inline struct page *snp_safe_alloc_page_node(int node, gfp_t gfp)<br />> {<br />> @@ -787,6 +793,11 @@ static inline int sev_private_max_mapping_level(struct kvm *kvm, kvm_pfn_t pfn)<br />> return 0;<br />> }<br />> <br />> +static inline struct vmcb_save_area *sev_decrypt_vmsa(struct kvm_vcpu *vcpu)<br />> +{<br />> + return NULL;<br />> +}<br />> +static inline void sev_free_decrypted_vmsa(struct kvm_vcpu *vcpu, struct vmcb_save_area *vmsa) {}<br />> #endif<br />> <br />> /* vmenter.S */<br /><br /></pre></td><td width="32" rowspan="2" class="c" valign="top"><img src="/images/icornerr.gif" width="32" height="32" alt="\" /></td></tr><tr><td align="right" valign="bottom"> 聽 </td></tr><tr><td align="right" valign="bottom">聽</td><td class="c" valign="bottom" style="padding-bottom: 0px"><img src="/images/bcornerl.gif" width="32" height="32" alt="\" /></td><td class="c">聽</td><td class="c" valign="bottom" style="padding-bottom: 0px"><img src="/images/bcornerr.gif" width="32" height="32" alt="/" /></td></tr><tr><td align="right" valign="top" colspan="2"> 聽 </td><td class="lm">Last update: 2025-03-21 15:39 聽聽 [W:0.125 / U:0.309 seconds]<br />漏2003-2020 <a href="http://blog.jasper.es/"><span itemprop="editor">Jasper Spaans</span></a>|hosted at <a href="https://www.digitalocean.com/?refcode=9a8e99d24cf9">Digital Ocean</a> and my Meterkast|<a href="http://blog.jasper.es/categories.html#lkml-ref">Read the blog</a></td><td>聽</td></tr></table><script language="javascript" src="/js/styleswitcher.js" type="text/javascript"></script></body></html>