From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM02-BN1-obe.outbound.protection.outlook.com (NAM02-BN1-obe.outbound.protection.outlook.com [40.107.212.85])
 by mx.groups.io with SMTP id smtpd.web11.24920.1678467860345273361
 for <devel@edk2.groups.io>;
 Fri, 10 Mar 2023 09:04:20 -0800
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=Su45QdOH;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.212.85, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=TYkngC7GGOag79kg0Mzf1Ueu4J6WFipQq3iJSLaFjeKaoaZb62scg7H2KvilmC4p8E3M7ogruP12C3hUlnTKPXZksWGKdXkhC45CQi6djN9EM5L732ycKxIWu9Bwl1+DGZcO4J9sQHRpQce0+zUqgix3sS0lTKnEasBxiNTSpH6ucX4vsaqcm3hFEcG5PdC3G6xxfypd9RnXfcA2Yi13i2FvSCu4vqAyrw+zgl2WSggZs4QHK/gd/sYLNXseEpvG8h/ynJah8mx2pGlWR7hrg/2y85bnZHnizVUg/8UjTSWyN3yCpxRwXjHNirNspMSZgab3dNnJeGw+bPWd6FtW0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=NCH552rlhj9TO0YgZrI64uI6BiljV00WPlBClggZ3s0=;
 b=TerEWtQf+CMScti0rdmtnAdoEy3dC6fx8E4i8oeTVnrdH0zYYRGlvwW5IzKDLNSAulOYdOvoif8TVDA2UbpcNF5CcJbuU1w65sbyPeLu5T5sSHGMCN1axg52+7VwUnSr0sBYcpMTc3Lrd9msyIX9bwD7e9n5U87sOs7eFGnib67QNwuzKdxf9ZNSnO7ITcgrchoOyU7hjLv03DkOBPlw0dHp1t3nQkgY2zsKq49gkCghGI4sBEf/qp7kkl16VQk0/3MtsOZE2Y5i8Jc/9Cy3YJa36Ku2k4Ja45VT7d7in+NndRdePvdj2qRSAXiBNxe51gsOhYjKBV766VSeMwp8FA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NCH552rlhj9TO0YgZrI64uI6BiljV00WPlBClggZ3s0=;
 b=Su45QdOH3EZJ869KxE1n2t4u+6yJLCQRLxHncwu4pnCW8l6pMEOQlbPGN6V6D4mvG7USKLlppbBkGjagynF+yzLG56A/6rlgYfEQh/0YBE1HrdIiO8z/JR3JZf77uExWgh+eQYIzvo6Kgr+WcQIaNAa4Ttj504Jeb+R43BKuOb8=
Received: from BN1PR13CA0024.namprd13.prod.outlook.com (2603:10b6:408:e2::29)
 by MN2PR12MB4159.namprd12.prod.outlook.com (2603:10b6:208:1da::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.19; Fri, 10 Mar
 2023 17:04:18 +0000
Received: from BL02EPF00010208.namprd05.prod.outlook.com
 (2603:10b6:408:e2:cafe::f6) by BN1PR13CA0024.outlook.office365.com
 (2603:10b6:408:e2::29) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.20 via Frontend
 Transport; Fri, 10 Mar 2023 17:04:17 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
Received: from SATLEXMB04.amd.com (165.204.84.17) by
 BL02EPF00010208.mail.protection.outlook.com (10.167.241.199) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.6178.12 via Frontend Transport; Fri, 10 Mar 2023 17:04:17 +0000
Received: from tlendack-t1.amdoffice.net (10.180.168.240) by
 SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.34; Fri, 10 Mar 2023 11:04:16 -0600
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: <devel@edk2.groups.io>
CC: Eric Dong <eric.dong@intel.com>, Ray Ni <ray.ni@intel.com>, Rahul Kumar
	<rahul1.kumar@intel.com>, Gerd Hoffmann <kraxel@redhat.com>, Michael Roth
	<michael.roth@amd.com>, Ashish Kalra <Ashish.Kalra@amd.com>
Subject: [PATCH 1/2] UefiCpuPkg/MpInitLib: Ensure SEV-SNP VMSA allocations are not 2MB aligned
Date: Fri, 10 Mar 2023 11:03:59 -0600
Message-ID: <0ae6206c682709f09214222bd597d4aa6578c56a.1678467840.git.thomas.lendacky@amd.com>
X-Mailer: git-send-email 2.39.1
In-Reply-To: <cover.1678467840.git.thomas.lendacky@amd.com>
References: <cover.1678467840.git.thomas.lendacky@amd.com>
MIME-Version: 1.0
Return-Path: Thomas.Lendacky@amd.com
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BL02EPF00010208:EE_|MN2PR12MB4159:EE_
X-MS-Office365-Filtering-Correlation-Id: 22c1b929-9823-4932-c06f-08db21897c0c
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	YOP13sq5Nlmg+z9OHcGS/PjwOVwhvlISNKphv1u7AaoPJ9EWzmC6NZsPBNoejaAFeKOb1AfB3o7DTXxYTdVqClddqoPjNMYHRz1nRMy/Fyt1RmFlupcyAYfRPeg8M9dbClr2LQ0EbyUFiBibcTNjZcWCJXbNNeK+JmtjD8z4fTvfaUbITPNm0njK08gcxiaEqwJCNL0/9RENADrC8CjS6cB4pWN26o5QMn7KKqz2FYD1D8sBGsNqPYIuiVlpz6CAVagykYO+FpB/Qu2BDQ0wdT9e0vvIJ1FTi+DszsSnBMGwJ8yhk04LHEKXgh7lN+obd3YqvD08EU77omuMMU024Zo26FSML8cI/4g4B7ThU1aAtyq3hMdfITseP4bDzIbp+bMSGTAN3VDXHbuD6QqUuS1gmHfS1X/X3WOvhfvyK7zTwktcfto2ni1AuTkHMpgm0967vivYi2GWgOUEhVwQmN0gWG13lo2KrrG709DyG+GmI9wL5/SYK+tBpVKE05N1Ds5ZK7i93ZFmREE5yb1yeFu6ob0U8Z/Fq9fYAKWALAjK3+wEf8SGr9ytyBtpyt55TEF2t5Tfa69i09t4Ab7vz9ZAHFhVKh5oXI7hKAOxNuI4F51O57bWau39+McsQWySUH6VS5yB+yhE3D4PbqB3fpdZh930AgMzOMivAPM19m3rqk27J4VJHko+UnCUN61dz/QHNIni/oUQoCcA+J69C91lvII3QvRDfcqGpBbiu7Q=
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(6029001)(4636009)(39860400002)(346002)(136003)(396003)(376002)(451199018)(36840700001)(46966006)(40470700004)(47076005)(426003)(336012)(54906003)(40460700003)(36756003)(356005)(86362001)(83380400001)(81166007)(36860700001)(26005)(82310400005)(82740400003)(186003)(16526019)(6666004)(2616005)(316002)(5660300002)(6916009)(478600001)(966005)(40480700001)(4326008)(19627235002)(2906002)(8936002)(70206006)(8676002)(41300700001)(70586007)(36900700001);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Mar 2023 17:04:17.8034
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 22c1b929-9823-4932-c06f-08db21897c0c
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	BL02EPF00010208.namprd05.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4159
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4353

Due to an erratum, an SEV-SNP VMSA cannot be 2MB aligned. To work around
this issue, allocate two pages instead of one. Because of the way that
page allocation is implemented, always try to use the second page. If the
second page is not 2MB aligned, free the first page and use the second
page. If the second page is 2MB aligned, free the second page and use the
first page. Freeing in this way reduces holes in the memory map.

Fixes: 06544455d0d4 ("UefiCpuPkg/MpInitLib: Use SEV-SNP AP Creation ...")
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c | 24 +++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library=
/MpInitLib/X64/AmdSev.c
index bfda1e19030d..7abdda3e1c7e 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -13,6 +13,8 @@
 #include <Register/Amd/Fam17Msr.h>
 #include <Register/Amd/Ghcb.h>
=20
+#define IS_ALIGNED(x, y)  ((((UINTN)(x) & (y - 1)) =3D=3D 0))
+
 /**
   Create an SEV-SNP AP save area (VMSA) for use in running the vCPU.
=20
@@ -27,6 +29,7 @@ SevSnpCreateSaveArea (
   UINT32          ApicId
   )
 {
+  UINT8                     *Pages;
   SEV_ES_SAVE_AREA          *SaveArea;
   IA32_CR0                  ApCr0;
   IA32_CR0                  ResetCr0;
@@ -44,12 +47,29 @@ SevSnpCreateSaveArea (
=20
   //
   // Allocate a single page for the SEV-ES Save Area and initialize it.
+  // Due to an erratum that prevents a VMSA being on a 2MB boundary,
+  // allocate an extra page to work around the issue.
   //
-  SaveArea =3D AllocateReservedPages (1);
-  if (!SaveArea) {
+  Pages =3D AllocateReservedPages (2);
+  if (!Pages) {
     return;
   }
=20
+  //
+  // Since page allocation works by allocating downward in the address spa=
ce,
+  // try to always free the first (lower address) page to limit possible h=
oles
+  // in the memory map. So, if the address of the second page is 2MB align=
ed,
+  // then use the first page and free the second page. Otherwise, free the
+  // first page and use the second page.
+  //
+  if (IS_ALIGNED (Pages + EFI_PAGE_SIZE, SIZE_2MB)) {
+    SaveArea =3D (SEV_ES_SAVE_AREA *)Pages;
+    FreePages (Pages + EFI_PAGE_SIZE, 1);
+  } else {
+    SaveArea =3D (SEV_ES_SAVE_AREA *)(Pages + EFI_PAGE_SIZE);
+    FreePages (Pages, 1);
+  }
+
   ZeroMem (SaveArea, EFI_PAGE_SIZE);
=20
   //
--=20
2.39.1