From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.79]) by mx.groups.io with SMTP id smtpd.web10.36847.1611582958042815692 for ; Mon, 25 Jan 2021 05:55:58 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=KMYzgbJM; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.79, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=APZZ+sl+pX/QMqI5eFX6q6K6aKR9jgeI35v+fBxJW1znlsjLRKeIi9vKvxWjkPwncDnmonPJrd8hffv8ICRKIqLiosdxnDLK1hZ5ACUY+5Kzd2ar6UWI6vrlhBSkfWJPwGQFXQNmL8qeICYm68KCJ8qfet4dagTd9Bg2uJZgnLnzrwjKil9nthgzPhcmNDlo4vIS+G9XO8HBU4LejD3C/JPLxjUmy8XLVyp7vJ1ovL+225WM9HNSW8KR3YaD4oY9gOyXVMR5G4CM8MPR6g/w9/989ijNUydQQViFMmFsWJw2RpqNDJdL5jSR0xMduubLIqCjfJ3S8476rOgEmTKkGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=upnW03Fgs6kIs9sEINYBxVrD4j25wkgczA1i8yC5w6k=; b=HbWAFDW5tetJ07rmxW40pR7cgXUhI+9xVGpwC8QNzJK4NB649bpbFK/HDTaiEASOIR0cZHECjgcye50ZgI58WSSPSTBUvZpj8eoxj7BWCQtyn1pZX8CU653wQWltOB4T/bBuGGJkv4pyMv7mJIhXgM9aOz+FM09OFBvBZFwSMQfxGsIwQeIsymE2IGVrUcY7JFtcY2y3RegHfo+2uhkIbPNHuHaJlTNc4fdW2QelvcU5OhCWL9ien3Xt6UstgL4QzCQh0E3MXLFoML+pyPJtv9Ul6UotO/z6/rzb6DVLn0/2umA48heog2Ca9Sob1o/ZNu/H4u7ZVrKCZ0qAl8Ak9w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=upnW03Fgs6kIs9sEINYBxVrD4j25wkgczA1i8yC5w6k=; b=KMYzgbJMgeEHUpONycCbL18KDuxuqGD/ttpB8QRfnD2RHnnPcnPSpdqbSLOJcO5T7ZE1PuTkEFWxbwC7+91V5QUn+4QHkrBmyxneJe4O5FSi+POZKXQA8sGCMhBKeo75o1ksSW4KaIvV4MUUSkrE6u4PONTDh8CPa0l/4jKYBWE= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR12MB1644.namprd12.prod.outlook.com (2603:10b6:4:f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.14; Mon, 25 Jan 2021 13:55:56 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::cc15:4b1f:9f84:6914]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::cc15:4b1f:9f84:6914%4]) with mapi id 15.20.3784.017; Mon, 25 Jan 2021 13:55:56 +0000 Subject: Re: [PATCH v2] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Use physical address with SEV-ES From: "Lendacky, Thomas" To: devel@edk2.groups.io Cc: Brijesh Singh , Jordan Justen , Laszlo Ersek , Ard Biesheuvel References: <84a5f9161541db5aa3b57c96b737afbcb4b6189d.1611410263.git.thomas.lendacky@amd.com> Message-ID: <02e1643a-397f-b24d-fb86-f80e868fbb77@amd.com> Date: Mon, 25 Jan 2021 07:55:54 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 In-Reply-To: <84a5f9161541db5aa3b57c96b737afbcb4b6189d.1611410263.git.thomas.lendacky@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN4PR0701CA0038.namprd07.prod.outlook.com (2603:10b6:803:2d::31) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.236.30.118] (165.204.77.1) by SN4PR0701CA0038.namprd07.prod.outlook.com (2603:10b6:803:2d::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.12 via Frontend Transport; Mon, 25 Jan 2021 13:55:55 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 3643987a-d00e-4f75-d3dc-08d8c138efdb X-MS-TrafficTypeDiagnostic: DM5PR12MB1644: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1247; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: W748Yk61pJNoCuxcEnhzRwsVY27fuDLp3unKJ7Pp4TAmn+GwdWaJCeE/+qcsymrccXVFcBh52frc9NamGjp7zaSPKdeDoQAzl0OWhzaRhdM0fTFuVmxkSugYqnOhyqCZYUM/bZksE8UBQEhBkwlJqoqJG7VSi4T1kC/AOTuvv/Hi7UNY648A1LnQCgzUSDF0gTJqyQ4ZEcLV8YQy7XsuGRiEmWfDapPb1o8vcguS92wMzWOj7+HZjuBtCtJT7dFLablAGWv45W8rkQ92NmLpjA0SQK7nkonZtM/fiHsMBdk52wKVjVdk/CXIFl2Qup29cIRKwBE12QcrzWRYAyKH6TgCz3fBPkq8RI+VKojVlXsw7QaerxnsRmHzbl6jmrdSwN7e60nkj4g1FmW0W08lUivFvgduAjCkNVprA6nZPDJP+fckDKsAWmrM/dRoGfciVNCDnlPmZUVWjxA3qxEsqMcaY0yEK+TFxxpetcv7btuNr3LR10J/YNLD1kl3NOVsm9mh6EHwgF4dMAMXY6RoNpxzu5FdfVo62LP9bNZ1nyJ0HtIjsFpx72/gYLvsHJ0YNVtRfYjcdKr18MfE0UVk8w== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(396003)(39860400002)(366004)(346002)(478600001)(52116002)(966005)(8936002)(31696002)(6486002)(4326008)(86362001)(66946007)(186003)(66476007)(83380400001)(16526019)(66556008)(54906003)(53546011)(16576012)(5660300002)(2906002)(26005)(8676002)(2616005)(316002)(36756003)(6916009)(31686004)(956004)(213903007)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?VDVDWTM0bkxRVm1JZThtRDMzOVNsdE5MdFRjVGw0b1JrSDl5MEh3YUJuOVUr?= =?utf-8?B?WjZsSTlTYjZhY20rYmFzaDBzdWMrMmZFR1NTczJoV1lBOXVZclV6azVLaW9T?= =?utf-8?B?RThhREJ3cXFXWldFTlMydmlpY08yYUg2L3FFbVF1R2JHUHV5VlNoQVBpSDdG?= =?utf-8?B?SDNkME8yM1prUVV5amtydG9VcmJkSDA2U2l0eEN0ZjBOSHZoZTd1U0NBZFRz?= =?utf-8?B?S3VLZjBPSmU3akVSamNzNkdsYjBRREJzUTM5Vkd4TWg5TE16OGJKVGpRUkJx?= =?utf-8?B?MzB2NjNPZ0x2QXFzckZFT3NPVENyWUFHZmZ5OVhhS3BCZWtMSmRtNzIrY3p6?= =?utf-8?B?MHFGZ1FmNzFWMGNUZnY1UjRTLzkxd3VsMlVyZGdFOW1Ob3FFK0xldDhmck9j?= =?utf-8?B?K3J4cFBLSUYwUkQxaml2WkNDYzRzeDJMOURBNXdzOEhXQ3BaRVc5ZCtQcUFU?= =?utf-8?B?WnY0UnB6WDV4L3BpUEd1SlhtL2Zja3FqOFI5WDdvTDV6TnZkbEM0eVJ3MklK?= =?utf-8?B?TlVMNHl5SmxTdGlDZkZ4ZnUzZmkybXVKenpZYkpCREZvbTZndWNsUW8rcmlv?= =?utf-8?B?SW1pYjhFSkQvck50RUtRUFd2cjdxcnRCVUdsd1FqRHFDbGhUYXVvME5yUmpS?= =?utf-8?B?N1hlc2ljWnpuL0ZvR0tyTW8rbW14M1FxK2NuOFJJbVVWVzhiZ2pYZTJjejBZ?= =?utf-8?B?d1lKUTZ1NEJlaFdsdmtMZXNqM1lQM1ROYThvc29GQ2xJWU05cmdvVk1sdVJ2?= =?utf-8?B?UnhMKytCbDlBby91bWdWRzc5WTVpU1VwdWlpWXZobXBTdWM4YkQzM1RjRlBy?= =?utf-8?B?b1ZPbTNaU1o0RHdjWlprM3h2MC85REsrYUExcWNJdXloNHFjVWdLbnFwbk1B?= =?utf-8?B?UERLbzgvQm9UQy9BTDFON1VYR2N0cXhyempaTkpWS1MwRkczWlp2ekU4WHVY?= =?utf-8?B?QUFnc2Q1bjd1NnhZYll1L1hkNXZnTEJ2M2s2YzIwdXptUk03UHJSVWsrdGZC?= =?utf-8?B?ZkREdU9jY2QyWldRQ21xeXB1ZitYUUVVaHk4akJQV2dPR01jTE91NzIrcnpU?= =?utf-8?B?WXVsVGhMVjI2SnlQdkxBQmQzdmc3UGZNNVRtZW9UUmhucTZLbDNsaHBaVlVs?= =?utf-8?B?Y3hscHdONVFwZVhOV2hxcWUvUEdIS2tuLzVHMkVrQ3QrOUVBSFE4djRuQlJV?= =?utf-8?B?d0pvaGFVZmd4dW1kOFhCY3JMS3FWNzdDdlBKbnV3OUticEtWd1IzRzd4MStt?= =?utf-8?B?ZUJ3b2xkODVnU3ZtL3owWjNXZ1pRNHh4cFQ4RU8rQkpyaHZxU0xmWDdvZk5D?= =?utf-8?Q?Q7KVcfJGvZLNNYWsrDRPdOET8d33NGqgJK?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3643987a-d00e-4f75-d3dc-08d8c138efdb X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jan 2021 13:55:56.1954 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: tjW6e5MIMBJ+PjVOihzPKx/T9RcbPWbwp+J7all3pBKG7TV5sYtbb9N9Bq0bwYxabUIsJypfQWjtIFxnt7jX4w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1644 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 1/23/21 7:57 AM, Tom Lendacky wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3183 > > Under SEV-ES, a write to the flash device is done using a direct VMGEXIT > to perform an MMIO write. The address provided to the MMIO write must be > the physical address of the MMIO write destitnation. During boot, OVMF > runs with an identity mapped pagetable structure so that VA == PA and the > VMGEXIT MMIO write destination is just the virtual address of the flash > area address being written. > > However, when the UEFI SetVitualAddressMap() API is invoked, an identity s/SetVitualAddressMap/SetVirtualAddressMap/ I can fix that if another version is required, otherwise, can it be fixed on commit? Thanks, Tom > mapped pagetable structure may not be in place and using the virtual > address for the flash area address is no longer valid. This results in > writes to the flash not being performed successfully. This can be seen > by attempting to change the boot order under Linux. The update will > appear to be performed, based on the output of the command. But rebooting > the guest will show that the new boot order has not been set. > > To remedy this, save the value of the flash base physical address before > converting the address as part of SetVirtualAddressMap(). The physical > address can then be calculated by obtaining the offset of the MMIO target > virtual address relative to the flash base virtual address and adding that > to the original flash base physical address. The resulting value produces > a successful MMIO write during runtime services. > > Fixes: 437eb3f7a8db7681afe0e6064d3a8edb12abb766 > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Signed-off-by: Tom Lendacky > --- > .../QemuFlashDxe.c | 20 ++++++++++++++++++- > 1 file changed, 19 insertions(+), 1 deletion(-) > > diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c > index 1b0742967f71..d303b0078b08 100644 > --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c > +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c > @@ -16,11 +16,17 @@ > > #include "QemuFlash.h" > > +STATIC EFI_PHYSICAL_ADDRESS mSevEsFlashPhysBase; > + > VOID > QemuFlashConvertPointers ( > VOID > ) > { > + if (MemEncryptSevEsIsEnabled ()) { > + mSevEsFlashPhysBase = (UINTN) mFlashBase; > + } > + > EfiConvertPointer (0x0, (VOID **) &mFlashBase); > } > > @@ -52,11 +58,23 @@ QemuFlashPtrWrite ( > if (MemEncryptSevEsIsEnabled ()) { > MSR_SEV_ES_GHCB_REGISTER Msr; > GHCB *Ghcb; > + EFI_PHYSICAL_ADDRESS PhysAddr; > BOOLEAN InterruptState; > > Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB); > Ghcb = Msr.Ghcb; > > + // > + // The MMIO write needs to be to the physical address of the flash pointer. > + // Since this service is available as part of the EFI runtime services, > + // account for a non-identity mapped VA after SetVitualAddressMap(). > + // > + if (mSevEsFlashPhysBase == 0) { > + PhysAddr = (UINTN) Ptr; > + } else { > + PhysAddr = mSevEsFlashPhysBase + (Ptr - mFlashBase); > + } > + > // > // Writing to flash is emulated by the hypervisor through the use of write > // protection. This won't work for an SEV-ES guest because the write won't > @@ -68,7 +86,7 @@ QemuFlashPtrWrite ( > Ghcb->SharedBuffer[0] = Value; > Ghcb->SaveArea.SwScratch = (UINT64) (UINTN) Ghcb->SharedBuffer; > VmgSetOffsetValid (Ghcb, GhcbSwScratch); > - VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, (UINT64) (UINTN) Ptr, 1); > + VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, PhysAddr, 1); > VmgDone (Ghcb, InterruptState); > } else { > *Ptr = Value; >