A simple attempt at MKTME page encryption, and it is still under debu…

…gging
bronzeMe · Nov 6, 2024 · 6d55fe8 · 6d55fe8
1 parent a474264
commit 6d55fe8
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 8 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -11,6 +11,7 @@ intel = ["libvmm/vmx"]
 amd = ["libvmm/svm"]
 stats = []
 sme = ["amd"]
+mktme =["intel"]
 enclave_interrupt = []
 epc48 = []
 epc96 = []

diff --git a/Makefile b/Makefile
@@ -43,7 +43,8 @@ ARCH ?= x86_64
 VENDOR ?= amd
 LOG ?=
 STATS ?= off
-SME ?= on
+SME ?= off
+MKTME ?= off
 INTR ?= on
 
 # do not support debug mode
@@ -55,6 +56,7 @@ export ARCH
 export VENDOR
 export STATS
 export SME
+export MKTME
 export INTR
 
 OBJDUMP ?= objdump
@@ -85,6 +87,14 @@ ifeq ($(SME), on)
   features += sme
 endif
 
+ifeq ($(MKTME), on)
+  ifneq ($(VENDOR), intel)
+    $(error `MKTME=on` is only available when `VENDOR=intel`)
+  endif
+  features += mktme
+endif
+
+
 ifeq ($(INTR), on)
   features += enclave_interrupt
 endif

diff --git a/src/arch/x86_64/vmm.rs b/src/arch/x86_64/vmm.rs
@@ -32,7 +32,7 @@ pub use vendor::{
 
 #[cfg(feature = "amd")]
 pub use vendor::{EncHW, HmacSWEncHW};
-
+//TODO: add intel mktme style EncHW
 pub trait VcpuAccessGuestState {
     // Architecture independent methods:
     fn regs(&self) -> &GuestRegisters;

diff --git a/src/cell.rs b/src/cell.rs
@@ -59,7 +59,7 @@ impl Cell {
         // preventing guest vm read out the encrypted view of EPC
         // from high addr with c-bit = 1
         // expected behavior: return plaintext view of the empty page
-        #[cfg(feature = "sme")]
+        #[cfg(any(feature = "sme", feature = "mktme"))]
         gpm.insert(MemoryRegion::new_with_empty_mapper(
             crate::memory::addr::phys_encrypted(hv_phys_start),
             hv_phys_size,
@@ -80,7 +80,7 @@ impl Cell {
                 epc_size,
                 MemFlags::READ | MemFlags::ENCRYPTED,
             ))?;
-            #[cfg(feature = "sme")]
+            #[cfg(any(feature = "sme", feature = "mktme"))]
             gpm.insert(MemoryRegion::new_with_empty_mapper(
                 crate::memory::addr::phys_encrypted(epc_start_hpa),
                 epc_size,
@@ -156,7 +156,7 @@ impl Cell {
                     MemFlags::READ | MemFlags::WRITE,
                 ))?;
                 // Support hardware encrypt when swap out EPC page to guest RAM
-                #[cfg(feature = "sme")]
+                #[cfg(any(feature = "sme", feature = "mktme"))]
                 hvm.insert(MemoryRegion::new_with_offset_mapper(
                     region.virt_start as HostVirtAddr,
                     region.phys_start as HostPhysAddr,

diff --git a/src/consts.rs b/src/consts.rs
@@ -26,4 +26,15 @@ pub const SME_C_BIT_OFFSET: usize = 1 << 47;
 #[cfg(not(feature = "sme"))]
 pub const SME_C_BIT_OFFSET: usize = 0;
 
+#[cfg(feature = "mktme")]
+pub const MKTME_KEYID_MASK: usize = 0xFC0000000000; // bit 51:46
+#[cfg(feature = "mktme")]
+pub const MKTME_KEYID_SHIFT: usize = 46;
+#[cfg(feature = "mktme")]
+pub const MKTME_KEYID_OFFSET: usize = 1 << 46;
+#[cfg(not(feature = "mktme"))]
+pub const MKTME_KEYID_MASK: usize = 0;
+#[cfg(not(feature = "mktme"))]
+pub const MKTME_KEYID_SHIFT: usize = 0;
+
 pub const HV_STACK_SIZE: usize = 512 * 1024; // 512 KB
diff --git a/src/memory/addr.rs b/src/memory/addr.rs
@@ -16,7 +16,7 @@
 
 #![allow(dead_code)]
 
-use crate::consts::{HV_BASE, PAGE_SIZE, SME_C_BIT_OFFSET};
+use crate::consts::{HV_BASE, PAGE_SIZE, SME_C_BIT_OFFSET, MKTME_KEYID_MASK, MKTME_KEYID_SHIFT, MKTME_KEYID_OFFSET };
 
 pub type VirtAddr = usize;
 pub type PhysAddr = usize;
@@ -35,15 +35,42 @@ lazy_static! {
 }
 
 pub fn phys_encrypted(paddr: PhysAddr) -> PhysAddr {
-    paddr | SME_C_BIT_OFFSET
+    #[cfg(feature = "mktme")]
+    {
+        // if enable mktme, enable page encryption with default keyid = 1
+        phys_encrypted_with_keyid(paddr, 1)
+    }
+    #[cfg(not(feature = "mktme"))]
+    {
+        paddr | SME_C_BIT_OFFSET
+    }
+}
+
+fn phys_encrypted_with_keyid(paddr: PhysAddr, keyid: usize) -> PhysAddr {
+    // clear 51:46 bit
+    let cleared_paddr = paddr & !MKTME_KEYID_MASK;
+
+    // extract keyid bit
+    let keyid_bits = keyid & 0x3F;
+
+    // add keyid into paddr
+    cleared_paddr | (keyid_bits << MKTME_KEYID_SHIFT)
 }
 
 pub fn virt_to_phys(vaddr: VirtAddr) -> PhysAddr {
     vaddr - *PHYS_VIRT_OFFSET
 }
 
 pub fn phys_to_virt(paddr: PhysAddr) -> VirtAddr {
-    (paddr & (SME_C_BIT_OFFSET.wrapping_sub(1))) + *PHYS_VIRT_OFFSET
+    #[cfg(feature = "mktme")]
+    {
+        // if turn on mktme, extract 45:0 of paddr
+        (paddr & (MKTME_KEYID_OFFSET.wrapping_sub(1))) + *PHYS_VIRT_OFFSET
+    }
+    #[cfg(not(feature = "mktme"))]
+    {
+        (paddr & (SME_C_BIT_OFFSET.wrapping_sub(1))) + *PHYS_VIRT_OFFSET
+    }
 }
 
 pub const fn align_down(addr: usize) -> usize {