From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-CY1-obe.outbound.protection.outlook.com (NAM02-CY1-obe.outbound.protection.outlook.com [40.107.76.51]) by mx.groups.io with SMTP id smtpd.web10.9894.1589302172141792182 for ; Tue, 12 May 2020 09:49:32 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=T76lxzLF; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.76.51, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AlCPQ33/B+MfSBR4nlijtKTVemNirUydUxujjFQF0MclucMkWMNmFBQlsxuKNh0sG9OcfvhG3c+7aKV63RJadoz4gfRjr7lhBHKUhs9nRvCbujTqT2bxeD08nLi9Ao5BYHDV68PN3r2xNckc+6JGdeaQ7e2KB8jAn/GrA2dkTGdNQgvOKl1ZWMHGzrinEguL6HcSjCdygYJWrppeBgiq+zb/mRbaXV8ruswdy2YKZ4AkgVYMTsSX/3GaDicA7/aJHEq3h02Z+dhMvzYy667jUicz4zeB8mOUCQoItzJxn+g7sFzkRhMFlE/7hTXKgEIas5P3Per6/HoaCRs+9mnepA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5bZhiV3wCIzwpxgJyXtv+Fb/rIu0oJRvNCCzK2uHvrw=; b=BNXi8PY71bmnEuypWlN/sgo2AsCksw35eFW4yrqYecXPsk6uTHaXUPFjMJ5rqeWCOICHQqbduP2lyN0V4od1YIUez8LYuML6ge+E/R6TPcdikRz1Tb+/PML+33/fBBi4D7MyPjnQq8hmM1DPbSeo7/dDBiskjvTeQ/CKVxRr9paeDo34lE1mhCoPCIru5x39e6JbiaFmukc8oFVNc0pHBOffqwdNq3tN6ElOy7cuOaWZJxUVsIGtUw+zR1jtAVuFBrULA7p75ZfqVGBi/TPb2jeAiaoA5BbgeP+d4K4+kw8+hVouak+u4yveQKK5YC7ufHCNxv0Tus9EAvomPPud3Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5bZhiV3wCIzwpxgJyXtv+Fb/rIu0oJRvNCCzK2uHvrw=; b=T76lxzLFmFQf4K4ok0he7vqctK8ydcx6WC2fiSrVKuyp1jYFM2ZhQe9tfOOVQr4XRrse1D+04qwWM+81AhqAo7JPUjJT5z+uL2OmczOTaSIigTXRj9DbFcyZAeVw5sG/PYBkB44axmAoSz++9sJJbgFqN1dhF44cdRAINZe5hJw= Authentication-Results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR12MB1755.namprd12.prod.outlook.com (2603:10b6:3:107::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.34; Tue, 12 May 2020 16:49:29 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::4ce1:9947:9681:c8b1]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::4ce1:9947:9681:c8b1%10]) with mapi id 15.20.2979.033; Tue, 12 May 2020 16:49:29 +0000 Subject: Re: [edk2-devel] [PATCH v7 00/43] SEV-ES guest support To: Andrew Fish , devel@edk2.groups.io CC: "Ni, Ray" , Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Mike Kinney , "Gao, Liming" , "Dong, Eric" , Brijesh Singh , "You, Benjamin" , "Bi, Dandan" , "Dong, Guo" , "Wu, Hao A" , "Wang, Jian J" , "Ma, Maurice" References: <4da69262-e6a8-1374-2853-dab2a8f193d3@amd.com> <734D49CCEBEEF84792F5B80ED585239D5C530D55@SHSMSX104.ccr.corp.intel.com> From: "Lendacky, Thomas" Message-ID: <0392c73c-dc2f-0117-1952-532e33c9948c@amd.com> Date: Tue, 12 May 2020 11:49:26 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.7.0 In-Reply-To: X-ClientProxiedBy: SN1PR12CA0052.namprd12.prod.outlook.com (2603:10b6:802:20::23) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SN1PR12CA0052.namprd12.prod.outlook.com (2603:10b6:802:20::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.27 via Frontend Transport; Tue, 12 May 2020 16:49:27 +0000 X-Originating-IP: [67.79.209.213] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: f9b57db0-d090-422c-4f93-08d7f6946ff8 X-MS-TrafficTypeDiagnostic: DM5PR12MB1755:|DM5PR12MB1755: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-Forefront-PRVS: 0401647B7F X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: e/5uaGxgc9sSGu9EsM3Ju1khJ8L1EX0zSroFHQm9K4yOtdHGfVf3LPnb4GFuoPNnETzTNqeC+BFNiQsXuom9yFjzsvF2v2dDRU6o1PhOwjBbgH0aMa0TGQz23I3cMW24bp4IxkIjiI7hktMjNfKRIfo/Bycla8YybTmjhgi+GAuv/VPIf4suVPTdxbOpv6ytuHDN7umvZGutX2mLPenT4pXjw0Cm13po6aFOy0Z/rkII8YSIgztKKZQ0KDavf216VSzlms2EhcuBiJNRBQ7CwCAHr0/mJOvKhBIkZUKAuPAH5I2jHbTFeu2mFFiCo/CxnsIF9ogPIPz83cd2TkdeBjph20OYsMt/nCWFtA0OFwzqPJ1IY9YVo/iZmI/GAe72BRS1QPbNmQLZ7W4Q4rdipPk5ZTnfn31Dh5gYADSr1Q36PYRrJA00csItErv3ZZi8kpZfICoM4FFDIinge2O+Gt2hcjgQzAFT8xekA1l6wPDiKFRizCrOztTRlUnBKPWjDIeE/osNeFd+dtmZOuQgGGUibo/9+u1dhVyLADad0kv4Y0AL6icV9OseiTBb01tDCnnrB8eWO57VDE4c+JZxdXD3fKtq0f9XQz/7BoQf1lYal40qPj7dwzhi1B3HwMXM/hCvYhQ89C8b1PWRq+hm6w== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(39860400002)(136003)(376002)(346002)(396003)(366004)(33430700001)(52116002)(31686004)(6512007)(2906002)(86362001)(66476007)(186003)(33440700001)(26005)(16526019)(6486002)(66946007)(36756003)(19627235002)(8676002)(54906003)(5660300002)(8936002)(316002)(966005)(66556008)(53546011)(6506007)(4326008)(45080400002)(956004)(2616005)(478600001)(31696002)(7416002)(30864003)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: wQ0Sm8EPiAiDb83hrAyRrYCaqzshHzPpI9VbnZWe6M/r/QAZxKFZix9kiUXlWOd3pWexpdD4WZYH/2HSGJnOEnYuWU8xhQnmetJXH9QOMwKE1xnMnVTlgZfdnGIC7XtE0R2sOQUncMa4EkbrvrQlLBBmOP8vz2UpxnvhLaLFLzCzWwnFePUxInKECuihssisbEt+qckq/p6YJKrLUBn5uJ91wl+Q57IepukDaz5b0/zRLw1Yw0lO9nKmGQpxsYtFpplsXQC2aK6mlMelcnE/exNS0tl14iXOWFr4tk31DLQg6RLP9RIxjPK45AoySOIkjPTc/Wbqi31R9+JauecPaWZEgKr6+TOprm4xDVyOw3VPYyJRJxZpmP4d5Z1Kf2qOwNBPo+rlMfn3EEutGG1JKJVybm+tvNfniJFtbO4+X9G5/cvsUuEUzZEkOQ24n++QDUnl+1yQeymM8uykDFP0pTzX1nEfic3BHw9Rmhr1hHw= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: f9b57db0-d090-422c-4f93-08d7f6946ff8 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 May 2020 16:49:29.3570 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 62z336b+5sk+zrKBGH8s7rMwzBWR35EeYbTngm7PDOGk7cmWfR0YiZPnBXlCMXy551zngpNVbA7g30Wslf5coA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1755 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 5/9/20 2:09 PM, Andrew Fish wrote: >=20 >=20 >> On May 9, 2020, at 7:34 AM, Lendacky, Thomas > > wrote: >> >> On 5/9/20 1:44 AM, Ni, Ray wrote: >>> Tom, >> >> Hi Ray, >> >>> I have a bit concern on your change that directly modifies=20 >>> CpuExceptionHandlerLib to handle >>> exception #29. Today's CpuExceptionHandlerLib simplify dumps the=20 >>> exception context for >>> every exception. Any component which wants to do specific handling of= =20 >>> certain exceptions >>> should call RegisterCpuInterruptHandler(). Such as code in CpuDxe driv= er: >>> =A0=A0if (HEAP_GUARD_NONSTOP_MODE || NULL_DETECTION_NONSTOP_MODE) { >>> =A0=A0=A0=A0RegisterCpuInterruptHandler (EXCEPT_IA32_DEBUG, DebugExcep= tionHandler); >>> =A0=A0=A0=A0RegisterCpuInterruptHandler (EXCEPT_IA32_PAGE_FAULT,=20 >>> PageFaultExceptionHandler); >>> =A0=A0} >>> Is it possible for your feature to follow the same pattern? >> >> There are two problems: >> >> The first is that RegisterCpuInterruptHandler() is not implemented for= =20 >> both the SEC and PEI phases, so it is not currently possible to registe= r=20 >> a handler that early. >> >> The second is that I need to be able to propagate an exception request= =20 >> from the hypervisor. With the current implementation there doesn't=20 >> appear to be an easy way to perform this propagation. >> >> If there's a way to accomplish both of the above I wouldn't be opposed= =20 >> to using RegisterCpuInterruptHandler() as long as there are no #VCs tha= t=20 >> can occur between initializing exception handling and and registering= =20 >> the #VC handler. >> >=20 > Thomas, >=20 > As you point out it is tricky dealing with XIP code. You can't have=20 > globals that you can write and generally you use a PEI service to look= =20 > tings up, the most common thing being using a HOB. But SEC has no servic= es=20 > and I'm not sure you really want to be calling into the PEI Core on a=20 > random =A0exception. >=20 > Here are the best options that popped into my head after reading your em= ail > 1) IDT in RAM > If your code populates the IDT the IDTR gives you access to the address = of=20 > the IDTR via an instruction. The PI Spec reserves IDT - sizeof (UNITN) f= or=20 > a cached copy of the PEI Services Table, but otther than that you are go= od=20 > to go. It should be possible to have a global so you can have the table= =20 > required to implement RegisterCpuInterruptHandler(). There might be some= = =20 > usage =A0of IDT - ( 2* sizeof(UINTN)), I know I'm guilty, so storing dat= a=20 > after the IDT would be a good option. In general if your code allocates= =20 > the memory for the IDT then you can treat the IDT as part of your privat= e=20 > context data structure and that gives you access >=20 > 2) IDT in ROM. > For this it seems like you need a library to link in to=20 > the=A0CpuExceptionHandlerLib that allows you to override the handler. If= = =20 > CpuInterruptHandlerOverride() returns NULL you do the current behavior i= f=20 > not NULL then you call the returned handler. >=20 > EFI_CPU_INTERRUPT_HANDLER > EFIAPI > OverrideCpuInterruptHandler ( > =A0=A0IN EFI_EXCEPTION_TYPE =A0 =A0 =A0 =A0 =A0 =A0InterruptType > =A0 ); I like the override idea in general, if that works for everyone. There=20 could be a NULL instance that never overrides the exception. Then it can= =20 be implemented by those packages that need it. In this case a library can= =20 be created in OvmfPkg that provides an override for #VC and the override= =20 return code can determine if further processing is performed. Thanks, Tom >=20 > Thanks, >=20 > Andrew Fish >=20 > PS Off topic, but it would also be useful to have a library that overrid= es=20 > the state dump display. For example using Xcode you can always display a= = =20 > stack frame from the exception handler. >=20 >=20 >> Thanks, >> Tom >> >>> Thanks, >>> Ray >>>> -----Original Message----- >>>> From: Tom Lendacky >>> > >>>> Sent: Saturday, May 9, 2020 3:16 AM >>>> To: devel@edk2.groups.io >>>> Cc: Justen, Jordan L >>> >; Laszlo Ersek >>> >; Ard Biesheuvel >>>> >;=20 >>>> Kinney, Michael D >>> >; Gao, Liming=20 >>>> >; Dong, >>>> Eric >; Ni, Ray=20 >>>> >; Brijesh Singh=20 >>>> >; You, Benjamin >>>> >; Bi, Dandan= =20 >>>> >; Dong, Guo=20 >>>> >; Wu, Hao A >>>> >; Wang, Jian J=20 >>>> >; Ma, Maurice= =20 >>>> > >>>> Subject: Re: [PATCH v7 00/43] SEV-ES guest support >>>> >>>> I was able to use the pull request method that Laszlo documented and = fixed >>>> up all of the issues identified by the VS compiler. >>>> >>>> An additional change I'm planning to make for the next version (v8) o= f the >>>> patches is to create a NULL library instance of the VmgExitLib that w= ill >>>> also include the #VC handler function. This will reduce the amount of= code >>>> associated with this feature for platforms that don't use/support SEV= -ES. >>>> >>>> Laszlo, this will mean that I will introduce a version of the VmgExit= Lib >>>> under OvmfPkg that will provide the majority of the functionality tha= t is >>>> present today in UefiCpuPkg. In essence, the functionality in v7 patc= hes 8 >>>> and 11 - 25 will now live under OvmfPkg instead of UefiCpuPkg. I thin= k >>>> this is the better way to do this. Let me know if you have any concer= ns. >>>> >>>> Thanks, >>>> Tom >>>> >>>> On 4/22/20 12:41 PM, Tom Lendacky wrote: >>>>> This patch series provides support for running EDK2/OVMF under SEV-E= S. >>>>> >>>>> Secure Encrypted Virtualization - Encrypted State (SEV-ES) expands o= n the >>>>> SEV support to protect the guest register state from the hypervisor.= See >>>>> "AMD64 Architecture Programmer's Manual Volume 2: System Programming= ", >>>>> section "15.35 Encrypted State (SEV-ES)" [1]. >>>>> >>>>> In order to allow a hypervisor to perform functions on behalf of a g= uest, >>>>> there is architectural support for notifying a guest's operating sys= tem >>>>> when certain types of VMEXITs are about to occur. This allows the=20 >>>>> guest to >>>>> selectively share information with the hypervisor to satisfy the=20 >>>>> requested >>>>> function. The notification is performed using a new exception, the V= MM >>>>> Communication exception (#VC). The information is shared through the >>>>> Guest-Hypervisor Communication Block (GHCB) using the VMGEXIT=20 >>>>> instruction. >>>>> The GHCB format and the protocol for using it is documented in "SEV-= ES >>>>> Guest-Hypervisor Communication Block Standardization" [2]. >>>>> >>>>> The main areas of the EDK2 code that are updated to support SEV-ES a= re >>>>> around the exception handling support and the AP boot support. >>>>> >>>>> Exception support is required starting in Sec, continuing through Pe= i >>>>> and into Dxe in order to handle #VC exceptions that are generated. = =A0Each >>>>> AP requires it's own GHCB page as well as a page to hold values spec= ific >>>>> to that AP. >>>>> >>>>> AP booting poses some interesting challenges. The INIT-SIPI-SIPI seq= uence >>>>> is typically used to boot the APs. However, the hypervisor is not al= lowed >>>>> to update the guest registers. The GHCB document [2] talks about how= SMP >>>>> booting under SEV-ES is performed. >>>>> >>>>> Since the GHCB page must be a shared (unencrypted) page, the process= or >>>>> must be running in long mode in order for the guest and hypervisor t= o >>>>> communicate with each other. As a result, SEV-ES is only supported u= nder >>>>> the X64 architecture. >>>>> >>>>> [1]https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F= %2Fwww.amd.com%2Fsystem%2Ffiles%2FTechDocs%2F24593.pdf&data=3D02%7C01%7= Cthomas.lendacky%40amd.com%7Cf5d7875dfcf54e45c42208d7f3e4676b%7C3dd8961fe48= 84e608e11a82d994e183d%7C0%7C0%7C637246036118033165&sdata=3DH74fQl1n2sXz= CMSoGm1tGOKc5epMtVkGJFCidwLMl5c%3D&reserved=3D0=20 >>>>> >>>>> [2]https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F= %2Fdeveloper.amd.com%2Fwp-content%2Fresources%2F56421.pdf&data=3D02%7C0= 1%7Cthomas.lendacky%40amd.com%7Cf5d7875dfcf54e45c42208d7f3e4676b%7C3dd8961f= e4884e608e11a82d994e183d%7C0%7C0%7C637246036118033165&sdata=3DEwW9575nJ= MaWxizo2XrLHjrbUMJIB0WFTDLjwy%2BM%2F4k%3D&reserved=3D0=20 >>>>> >>>>> >>>>> --- >>>>> >>>>> These patches are based on commit: >>>>> be7295b36405 (".python/SpellCheck: Increase SpellCheck plugin max=20 >>>>> failures") >>>>> >>>>> Proper execution of SEV-ES relies on Bugzilla 2340 being fixed. >>>>> >>>>> A version of the tree (with an extra patch to workaround Bugzilla=20 >>>>> 2340) can >>>>> be found at: >>>>> https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2F= github.com%2FAMDESE%2Fovmf%2Ftree%2Fsev-es-v14&data=3D02%7C01%7Cthomas.= lendacky%40amd.com%7Cf5d7875dfcf54e45c42208d7f3e4676b%7C3dd8961fe4884e608e1= 1a82d994e183d%7C0%7C0%7C637246036118033165&sdata=3DU8fIzb%2F4A8WBaiVbSc= xUuGDw22kyxxnRP5olSyTedvE%3D&reserved=3D0=20 >>>>> >>>>> >>>>> Cc: Ard Biesheuvel >>>> > >>>>> Cc: Benjamin You > >>>>> Cc: Dandan Bi > >>>>> Cc: Eric Dong > >>>>> Cc: Guo Dong > >>>>> Cc: Hao A Wu > >>>>> Cc: Jian J Wang > >>>>> Cc: Jordan Justen >>>> > >>>>> Cc: Laszlo Ersek > >>>>> Cc: Liming Gao > >>>>> Cc: Maurice Ma > >>>>> Cc: Michael D Kinney >>>> > >>>>> Cc: Ray Ni > >>>>> >>>>> Changes since v6: >>>>> - Add function comments to all functions, including local functions >>>>> - Add function parameter direction to all functions (in/out) >>>>> - Add support for MMIO MOVZX/MOVSX instructions >>>>> - Ensure the per-CPU variable page remains encrypted >>>>> - Coding-style fixes as identified by Ecc >>>>> >>>>> Changes since v5: >>>>> - Remove extraneous VmgExitLib usage >>>>> - Miscellaneous changes to address feedback (coding style, etc.) >>>>> >>>>> Changes since v4: >>>>> - Move the SEV-ES protocol negotiation out of the SEC exception hand= ler >>>>> =A0=A0=A0and into the SecMain.c file. As a result: >>>>> =A0=A0=A0- Move the SecGhcb related PCDs out of UefiCpuPkg and into = OvmfPkg >>>>> =A0=A0=A0- Combine SecAMDSevVcHandler.c and PeiDxeAMDSevVcHandler.c = into a >>>>> =A0=A0=A0=A0=A0single AMDSevVcHandler.c >>>>> - Consolidate VmgExitLib usage into common LibraryClasses sections >>>>> - Add documentation comments to the VmgExitLib functions >>>>> >>>>> Changes since v3: >>>>> - Remove the need for the MP library finalization routine. The AP >>>>> =A0=A0=A0jump table address will be held by the hypervisor rather th= an >>>>> =A0=A0=A0communicated via the GHCB MSR. This removes some fragility = around >>>>> =A0=A0=A0the UEFI to OS transition. >>>>> - Rename the SEV-ES RIP reset area to SEV-ES workarea and use it to >>>>> =A0=A0=A0communicate the SEV-ES status, so that SEC CPU exception ha= ndling is >>>>> =A0=A0=A0only established for an SEV-ES guest. >>>>> - Fix SMM build breakageAdd around QemuFlashPtrWrite(). >>>>> - Fix SMM build breakage by adding VC exception support the SMM CPU >>>>> =A0=A0=A0exception handling. >>>>> - Add memory fencing around the invocation of AsmVmgExit(). >>>>> - Clarify comments around the SEV-ES AP reset RIP values and usage. >>>>> - Move some PCD definitions from MdeModulePkg to UefiCpuPkg. >>>>> - Remove the 16-bit code selector definition from MdeModulePkg >>>>> >>>>> Changes since v2: >>>>> - Added a way to locate the SEV-ES fixed AP RIP address for starting >>>>> =A0=A0=A0AP's to avoid updating the actual flash image (build time l= ocation >>>>> =A0=A0=A0that is identified with a GUID value). >>>>> - Create a VmgExit library to replace static inline functions. >>>>> - Move some PCDs to the appropriate packages >>>>> - Add support for writing to QEMU flash under SEV-ES >>>>> - Add additional MMIO opcode support >>>>> - Cleaned up the GHCB MSR CPUID protocol support >>>>> >>>>> Changes since v1: >>>>> - Patches reworked to be more specific to the component/area being= =20 >>>>> updated >>>>> =A0=A0=A0and order of definition/usage >>>>> - Created a library for VMGEXIT-related functions to replace use of= =20 >>>>> inline >>>>> =A0=A0=A0functions >>>>> - Allocation method for GDT changed from AllocatePool to AllocatePag= es >>>>> - Early caching only enabled for SEV-ES guests >>>>> - Ensure AP loop mode set to halt loop mode for SEV-ES guests >>>>> - Reserved SEC GHCB-related memory areas when S3 is enabled >>>>> >>>>> Tom Lendacky (43): >>>>> =A0=A0=A0MdeModulePkg: Create PCDs to be used in support of SEV-ES >>>>> =A0=A0=A0UefiCpuPkg: Create PCD to be used in support of SEV-ES >>>>> =A0=A0=A0MdePkg: Add the MSR definition for the GHCB register >>>>> =A0=A0=A0MdePkg: Add a structure definition for the GHCB >>>>> =A0=A0=A0MdeModulePkg/DxeIplPeim: Support GHCB pages when creating p= age tables >>>>> =A0=A0=A0MdePkg/BaseLib: Add support for the XGETBV instruction >>>>> =A0=A0=A0MdePkg/BaseLib: Add support for the VMGEXIT instruction >>>>> =A0=A0=A0UefiCpuPkg: Implement library support for VMGEXIT >>>>> =A0=A0=A0OvmfPkg: Prepare OvmfPkg to use the VmgExitLib library >>>>> =A0=A0=A0UefiPayloadPkg: Prepare UefiPayloadPkg to use the VmgExitLi= b library >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add base support for the #V= C exception >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for IOIO_PROT N= AE events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Support string IO for IOIO_= PROT NAE >>>>> =A0=A0=A0=A0=A0events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for CPUID NAE e= vents >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for MSR_PROT NA= E events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for NPF NAE eve= nts (MMIO) >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for WBINVD NAE = events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for RDTSC NAE e= vents >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for RDPMC NAE e= vents >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for INVD NAE ev= ents >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for VMMCALL NAE= events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for RDTSCP NAE = events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for MONITOR/MON= ITORX NAE >>>>> =A0=A0=A0=A0=A0events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for MWAIT/MWAIT= X NAE >>>>> =A0=A0=A0=A0=A0events >>>>> =A0=A0=A0UefiCpuPkg/CpuExceptionHandler: Add support for DR7 Read/Wr= ite NAE >>>>> =A0=A0=A0=A0=A0events >>>>> =A0=A0=A0OvmfPkg/MemEncryptSevLib: Add an SEV-ES guest indicator fun= ction >>>>> =A0=A0=A0OvmfPkg: Add support to perform SEV-ES initialization >>>>> =A0=A0=A0OvmfPkg: Create a GHCB page for use during Sec phase >>>>> =A0=A0=A0OvmfPkg/PlatformPei: Reserve GHCB-related areas if S3 is su= pported >>>>> =A0=A0=A0OvmfPkg: Create GHCB pages for use during Pei and Dxe phase >>>>> =A0=A0=A0OvmfPkg/PlatformPei: Move early GDT into ram when SEV-ES is= enabled >>>>> =A0=A0=A0UefiCpuPkg: Create an SEV-ES workarea PCD >>>>> =A0=A0=A0OvmfPkg: Reserve a page in memory for the SEV-ES usage >>>>> =A0=A0=A0OvmfPkg/ResetVector: Add support for a 32-bit SEV check >>>>> =A0=A0=A0OvmfPkg/Sec: Add #VC exception handling for Sec phase >>>>> =A0=A0=A0OvmfPkg/Sec: Enable cache early to speed up booting >>>>> =A0=A0=A0OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Bypass flash detect= ion with >>>>> =A0=A0=A0=A0=A0SEV-ES is enabled >>>>> =A0=A0=A0UefiCpuPkg: Add a 16-bit protected mode code segment descri= ptor >>>>> =A0=A0=A0UefiCpuPkg/MpInitLib: Add CPU MP data flag to indicate if S= EV-ES is >>>>> =A0=A0=A0=A0=A0enabled >>>>> =A0=A0=A0UefiCpuPkg: Allow AP booting under SEV-ES >>>>> =A0=A0=A0OvmfPkg: Use the SEV-ES work area for the SEV-ES AP reset v= ector >>>>> =A0=A0=A0OvmfPkg: Move the GHCB allocations into reserved memory >>>>> =A0=A0=A0UefiCpuPkg/MpInitLib: Prepare SEV-ES guest APs for OS use >>>>> >>>>> =A0=A0MdeModulePkg/MdeModulePkg.dec =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0| =A0=A0=A09 + >>>>> =A0=A0OvmfPkg/OvmfPkg.dec =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A09 + >>>>> =A0=A0UefiCpuPkg/UefiCpuPkg.dec =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0| =A0=A017 + >>>>> =A0=A0OvmfPkg/OvmfPkgIa32.dsc =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A06 + >>>>> =A0=A0OvmfPkg/OvmfPkgIa32X64.dsc =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A06 + >>>>> =A0=A0OvmfPkg/OvmfPkgX64.dsc =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A06 + >>>>> =A0=A0OvmfPkg/OvmfXen.dsc =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A01 + >>>>> =A0=A0UefiCpuPkg/UefiCpuPkg.dsc =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A02 + >>>>> =A0=A0UefiPayloadPkg/UefiPayloadPkgIa32.dsc =A0=A0=A0=A0=A0=A0=A0=A0= | =A0=A0=A02 + >>>>> =A0=A0UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc =A0=A0=A0=A0=A0| =A0= =A0=A02 + >>>>> =A0=A0OvmfPkg/OvmfPkgX64.fdf =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A09 + >>>>> =A0=A0MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf =A0=A0=A0=A0=A0=A0| = =A0=A0=A02 + >>>>> =A0=A0MdePkg/Library/BaseLib/BaseLib.inf =A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0| =A0=A0=A04 + >>>>> =A0=A0OvmfPkg/PlatformPei/PlatformPei.inf =A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0| =A0=A0=A07 + >>>>> =A0=A0.../FvbServicesRuntimeDxe.inf =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0| =A0=A0=A02 + >>>>> =A0=A0OvmfPkg/ResetVector/ResetVector.inf =A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0| =A0=A0=A08 + >>>>> =A0=A0OvmfPkg/Sec/SecMain.inf =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A04 + >>>>> =A0=A0.../DxeCpuExceptionHandlerLib.inf =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0| =A0=A0=A05 + >>>>> =A0=A0.../PeiCpuExceptionHandlerLib.inf =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0| =A0=A0=A05 + >>>>> =A0=A0.../SecPeiCpuExceptionHandlerLib.inf =A0=A0=A0=A0=A0=A0=A0=A0= =A0| =A0=A0=A05 + >>>>> =A0=A0.../SmmCpuExceptionHandlerLib.inf =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0| =A0=A0=A05 + >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | =A0=A0=A04 + >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | =A0=A0=A04 + >>>>> =A0=A0UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf =A0| =A0=A033 + >>>>> =A0=A0.../Core/DxeIplPeim/X64/VirtualMemory.h =A0=A0=A0=A0=A0=A0| = =A0=A012 +- >>>>> =A0=A0MdePkg/Include/Library/BaseLib.h =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0| =A0=A031 + >>>>> =A0=A0MdePkg/Include/Register/Amd/Fam17Msr.h =A0=A0=A0=A0=A0=A0=A0| = = =A0=A042 + >>>>> =A0=A0MdePkg/Include/Register/Amd/Ghcb.h =A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0| =A0136 ++ >>>>> =A0=A0OvmfPkg/Include/Library/MemEncryptSevLib.h =A0=A0=A0| =A0=A012= + >>>>> =A0=A0.../QemuFlash.h =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A013 + >>>>> =A0=A0UefiCpuPkg/CpuDxe/CpuGdt.h =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A04 +- >>>>> =A0=A0UefiCpuPkg/Include/Library/VmgExitLib.h =A0=A0=A0=A0=A0=A0| = =A0117 ++ >>>>> =A0=A0.../CpuExceptionHandlerLib/AMDSevVcCommon.h =A0=A0| =A0=A049 + >>>>> =A0=A0.../CpuExceptionCommon.h =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A02 + >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/MpLib.h =A0=A0=A0=A0=A0=A0=A0=A0= =A0| =A0=A068 +- >>>>> =A0=A0.../Core/DxeIplPeim/Ia32/DxeLoadFunc.c =A0=A0=A0=A0=A0=A0=A0| = = =A0=A0=A04 +- >>>>> =A0=A0.../Core/DxeIplPeim/X64/DxeLoadFunc.c =A0=A0=A0=A0=A0=A0=A0=A0= | =A0=A011 +- >>>>> =A0=A0.../Core/DxeIplPeim/X64/VirtualMemory.c =A0=A0=A0=A0=A0=A0| = =A0=A057 +- >>>>> =A0=A0MdePkg/Library/BaseLib/Ia32/GccInline.c =A0=A0=A0=A0=A0=A0| = =A0=A045 + >>>>> =A0=A0MdePkg/Library/BaseLib/X64/GccInline.c =A0=A0=A0=A0=A0=A0=A0| = = =A0=A047 + >>>>> =A0=A0.../MemEncryptSevLibInternal.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0| =A0=A075 +- >>>>> =A0=A0OvmfPkg/PlatformPei/AmdSev.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0| =A0=A089 + >>>>> =A0=A0OvmfPkg/PlatformPei/MemDetect.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0| =A0=A023 + >>>>> =A0=A0.../QemuFlash.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A023 +- >>>>> =A0=A0.../QemuFlashDxe.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A022 + >>>>> =A0=A0.../QemuFlashSmm.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A016 + >>>>> =A0=A0OvmfPkg/Sec/SecMain.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0188 +- >>>>> =A0=A0UefiCpuPkg/CpuDxe/CpuGdt.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A08 +- >>>>> =A0=A0.../CpuExceptionHandlerLib/AMDSevVcHandler.c =A0| =A0=A040 + >>>>> =A0=A0.../CpuExceptionCommon.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A0=A02 +- >>>>> =A0=A0.../Ia32/ArchAMDSevVcHandler.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0| =A0=A038 + >>>>> =A0=A0.../PeiDxeSmmCpuException.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0| =A0=A016 + >>>>> =A0=A0.../SecPeiCpuException.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0| =A0=A016 + >>>>> =A0=A0.../X64/ArchAMDSevVcHandler.c =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0| 1699 +++++++++++++++++ >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/DxeMpLib.c =A0=A0=A0=A0=A0=A0| = =A0113 +- >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/MpLib.c =A0=A0=A0=A0=A0=A0=A0=A0= =A0| =A0265 ++- >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/PeiMpLib.c =A0=A0=A0=A0=A0=A0| = =A0=A019 + >>>>> =A0=A0UefiCpuPkg/Library/VmgExitLib/VmgExitLib.c =A0=A0=A0| =A0293 += ++ >>>>> =A0=A0UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c =A0| =A0=A0=A02 += - >>>>> =A0=A0MdeModulePkg/MdeModulePkg.uni =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0| =A0=A0=A08 + >>>>> =A0=A0MdePkg/Library/BaseLib/Ia32/VmgExit.nasm =A0=A0=A0=A0=A0| =A0= =A037 + >>>>> =A0=A0MdePkg/Library/BaseLib/Ia32/XGetBv.nasm =A0=A0=A0=A0=A0=A0| = =A0=A031 + >>>>> =A0=A0MdePkg/Library/BaseLib/X64/VmgExit.nasm =A0=A0=A0=A0=A0=A0| = =A0=A032 + >>>>> =A0=A0MdePkg/Library/BaseLib/X64/XGetBv.nasm =A0=A0=A0=A0=A0=A0=A0| = = =A0=A034 + >>>>> =A0=A0OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm =A0| =A0100 + >>>>> =A0=A0OvmfPkg/ResetVector/Ia32/PageTables64.asm =A0=A0=A0=A0| =A0350= +++- >>>>> =A0=A0OvmfPkg/ResetVector/ResetVector.nasmb =A0=A0=A0=A0=A0=A0=A0=A0= | =A0=A020 + >>>>> =A0=A0.../X64/ExceptionHandlerAsm.nasm =A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0| =A0=A017 + >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/Ia32/MpEqu.inc =A0=A0| =A0=A0=A02= +- >>>>> =A0=A0.../Library/MpInitLib/Ia32/MpFuncs.nasm =A0=A0=A0=A0=A0=A0| = =A0=A015 + >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/X64/MpEqu.inc =A0=A0=A0| =A0=A0= =A04 +- >>>>> =A0=A0UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm | =A0370 +++- >>>>> =A0=A0UefiCpuPkg/Library/VmgExitLib/VmgExitLib.uni =A0| =A0=A015 + >>>>> =A0=A0.../ResetVector/Vtf0/Ia16/Real16ToFlat32.asm =A0| =A0=A0=A09 + >>>>> =A0=A0UefiCpuPkg/UefiCpuPkg.uni =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= = =A0=A0=A0=A0=A0=A0=A0=A0| =A0=A011 + >>>>> =A0=A075 files changed, 4707 insertions(+), 102 deletions(-) >>>>> =A0=A0create mode 100644 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.in= f >>>>> =A0=A0create mode 100644 MdePkg/Include/Register/Amd/Ghcb.h >>>>> =A0=A0create mode 100644 UefiCpuPkg/Include/Library/VmgExitLib.h >>>>> =A0=A0create mode 100644=20 >>>>> UefiCpuPkg/Library/CpuExceptionHandlerLib/AMDSevVcCommon.h >>>>> =A0=A0create mode 100644=20 >>>>> UefiCpuPkg/Library/CpuExceptionHandlerLib/AMDSevVcHandler.c >>>>> =A0=A0create mode 100644=20 >>>>> UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/ArchAMDSevVcHandler.c >>>>> =A0=A0create mode 100644=20 >>>>> UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ArchAMDSevVcHandler.c >>>>> =A0=A0create mode 100644 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.c >>>>> =A0=A0create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExit.nasm >>>>> =A0=A0create mode 100644 MdePkg/Library/BaseLib/Ia32/XGetBv.nasm >>>>> =A0=A0create mode 100644 MdePkg/Library/BaseLib/X64/VmgExit.nasm >>>>> =A0=A0create mode 100644 MdePkg/Library/BaseLib/X64/XGetBv.nasm >>>>> =A0=A0create mode 100644 OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.as= m >>>>> =A0=A0create mode 100644 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.un= i >>>>> >> >>=20 >=20