[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Design session "AMD SEV"

Notes from the session:

Andrei: is there ongoing work?
Jürgen: similar to Intel TDX
Andrei: guest memory encrypted, unavailable to the hypervisor; useful in cloud 
market; some similar feature on ARM too
        there was a session in April(?); possibly some funds will be available;
        several related features, can be done in stages;
Andrew: first step: run XTF as minimal guest, PoC; then PVH guest
Andrei: implemented by AMD PSP (pltform security processor), visible as 
separate PCI device;
        run the driver inside Xen hypervisor;
        QEMU already supports it, but cannot be reused in Xen
        there will be impact for Xen ABI, like passing hypercall parameters
        maybe possible to share effort with other architectures (ARM, Intel TDX)
George: using physical addresses in hypercalls might be a good idea anyway, but 
the change is painful
        start with policy for new hypercalls only
Jan:    flag at hypercall entry if physical or virtual addresses (bit in 
hypercall number?)
        alternatively, mark buffer addresses in some high bit
Jürgen: when adding SEV on Xen to Linux, it automatically will be supported for 
non-SEV too
Jan:    may be easier for hypercall callers to switch not all at once; for 
example /dev/xen/privcmd may be harder
Jürgen: can dom0 run as SEV?
Andrei: in principle yes, at some point; can also encrypt hypervisor memory
Jan:    dmop is a way to avoid privcmd with virtual addresses
Jürgen: PVH dom0 wants physical addresses anyway
        grant tables needs to set unencrypted bit; alternatively bounce buffers 
(KVM way?)
        virtio may be easier, as KVM already supports SEV (with qemu-based 
backends)
Marek:  how to share PSP between Xen and dom0?
Jan:    interface coordinated by Xen
Andrei: we ask community to help the efforts
George: create epic, with specific tasks, some are shared with other goals
        some may be delegated to GSoc or similar efforts
Roger:  minimal PSP driver in Xen can be tested without rest of SEV support
Jan:    ^ especially when dom0 needs to access the interface anyway
Jürgen: coordinate Linux work with me
        incremental work, starting with design review
George: does anybody work on physical addresses in hypercalls?
Jürgen: there was a design session about that before
Jan:    design in some people's heads
Jürgen: will look how hard it would be to switch all at once per domain; uuuh, 
it could be hard, because domain may boot via grub
George: lets write down those concerns


-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.