From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.49]) by mx.groups.io with SMTP id smtpd.web11.13333.1682087212684591367 for ; Fri, 21 Apr 2023 07:26:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=2sHSGsG5; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.243.49, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RCGtDO/o1Ry4GwVS9l1iu0wCI6dYF1LvyWmLUCjWWVBg15OQ/+WhrXc72tpYo2lql7tpBKKyaI6Jlsxz+Hx1bOBY3ISa0aA+abBQnch37uewXW26eW6zUZIxnAvx2FTT3+XQfPCyMAVaKaLbkNV0lW/kPFcp/kS4jb/budIBH5HM0i//h/Ny7MjE6Op4KirLpQZxsIom6WwrOSpUw2tAVTCGfnzSgjN1VdkmKq3tEKn449VoL9femxx+fMuYeYO4rOAC7qdhdNptV5dxoOfIoxKAD9ga9VOBGAY+ggQi6pNRC33I0twqKfoSpJPBkXe0yZ2+Rs/AHEWscMg0FF9q6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NjQ9TOb2zc/X3rF+HR62KnDU9mgSwtMUcOa/Qg/1qWs=; b=i9Wlu5LR+zQLGXs/c/1Qx4oZhHJf8Dcg0fieZcbNvzhs3hv5c0B6MX1msZXZsxI1Eu4ZF0gEmlKHhU7Lbe8C8y1jKnrGhP6IK+CKI1GQVwDTWynV3qmMazZX74K/QN1nheNrCesI6eOAeZOnM7cEbPq5O8TTKaHyQDbgK+pYhz9LS2+ffhyh90gK4UHV6YOt4mGz5R8w0JdwaHFkMHGGwpLWfwVTjyjxtSFKAhXdbRUfuK+TFt3uGUJvYl8cieB/OD3Nx1IdjaVZ+bE9VyYz/G+a1O5ijfhTk4Q+m/Ib9eJD2GNYcVWcdhSRAq6V4yyM6GKAXP7rWzx1SMnlA3wwJw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NjQ9TOb2zc/X3rF+HR62KnDU9mgSwtMUcOa/Qg/1qWs=; b=2sHSGsG5UCfcmH1ctK5PDRVGvc6YB3AFI+yGkL/eERkrp1YPCqa+D+d8o28XXJmLtBAtFQVuw/JDEqDkyNYy2m+/F4uBpJZWEUGF9MreBMPFU+//KUqPneRv6njX1AZCxRYDwKolW+UJCMBxGDKLOO1MANJspTY9YsRNu6qEvDY= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by SJ0PR12MB6733.namprd12.prod.outlook.com (2603:10b6:a03:477::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.45; Fri, 21 Apr 2023 14:26:47 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ea32:baf8:cc85:9648]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ea32:baf8:cc85:9648%7]) with mapi id 15.20.6319.022; Fri, 21 Apr 2023 14:26:47 +0000 Message-ID: <123351a8-1f6b-07b1-6b73-6052bb84d704@amd.com> Date: Fri, 21 Apr 2023 09:26:44 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [Patch V3 03/11] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry To: Dun Tan , devel@edk2.groups.io Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Ray Ni References: <20230421083628.1408-1-dun.tan@intel.com> <20230421083628.1408-4-dun.tan@intel.com> From: "Lendacky, Thomas" In-Reply-To: <20230421083628.1408-4-dun.tan@intel.com> X-ClientProxiedBy: SA1P222CA0023.NAMP222.PROD.OUTLOOK.COM (2603:10b6:806:22c::15) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM4PR12MB5229:EE_|SJ0PR12MB6733:EE_ X-MS-Office365-Filtering-Correlation-Id: 1429e656-fa2e-4468-de66-08db42747078 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mRczXtdbdf+mX0ijndn4W4xZ4H1yzeSlzbw182XJ2ywsOID+ewRHNdCCxIjNz1Tz/HuVLqs0oWntOMxs9YaxjRA0GGGq7qKnBxiYmHNoMmR/NYbQyALK/QFiXWMZ1G8vVqONAHPTRDz1t1NxUKXlZfrSMxNmGghQtt9WBcJG0sB/04sIeTHjtCvU7cJX8Xh9isqoqVs9M6tC0iRz9KQQyuNnRkEN8dXR7oAoXI5IhEDiPArEVeOKSRNVkz2fH9s9z2HLj6RL+T4j989FZNiRxrau+TELxZFAgkvotnrPCha35yLFci+/XQ12ombKOklFx4E8etmekPMDihQfez6wWRgKajyth5t1iiLpnujietD/KjJrswdFVMa0HlY15J34JXQWp+L46NKfDC0pW/z8NGk6QDmc1J772gBS3nXDAI/U43bPvxhVb3R/U1zw14WzgKtBYh2R+0V7Bzp93w4dtdZKkIjXFCPZHmJXBes12yfIhtxKYeryBYck5eirOr0eQONuIgxgswMBmScOVSSXnM1h+KanUdHUSzb0QFuaS1SSjYiRsEDltnYfa51WaKtKsSREozJuhVdFt0RFDPwoJKvpsguRHkawt+C1wEyyGRKSL69WVbkXUcFtNAq3TlFYSyTFzSrW2SF50inxtR8E2g== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(136003)(346002)(376002)(366004)(39860400002)(396003)(451199021)(31686004)(66556008)(54906003)(316002)(66476007)(66946007)(4326008)(36756003)(186003)(53546011)(6512007)(6506007)(26005)(38100700002)(2616005)(83380400001)(31696002)(6486002)(6666004)(8676002)(41300700001)(5660300002)(8936002)(478600001)(2906002)(86362001)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?NlFyNEtBWmZybEZSOHB5aHlaQThMbE42cTBHaWRqajFuVFgvZE5PWFo1ek5H?= =?utf-8?B?aEFPU1QybnNOTDBUQjZMOVkvTWJ5WVpiU0dYNmpIQUxicVVRMVlQWjhISjdP?= =?utf-8?B?bU1Hem5lUTZZMk9IVjRtbW5HNXlSeSs2NmIvMVVrYVV0a0IralNzNFNqUEFt?= =?utf-8?B?MWhweXZzWTF1ZnREVXVya1Vic2NBTm1uR3B4YlkySjZJWW9rL0VBVHIzN1hP?= =?utf-8?B?dndUNjVKOFE1T3Zmb1FIZ05DM2ZFNHRvdUtVREVRbldlVzNObXVyb2NNTUQ2?= =?utf-8?B?cDMxWFJVQWFJUWpYRlBtVk1TUkUvelU1SzczWVRJQmdRNjVaOTlCWUxpWGUw?= =?utf-8?B?dFpaMkZtekNBL2paM1lpZGNXTUhVL3JaUHJCT1h2RjlWYW51Sm9VYklvY2hK?= =?utf-8?B?OUNVdDRqVktmb3h3ZGJabGRIV043c0U3OStJa3MzQ0treFYzdUkvcGI4cFgx?= =?utf-8?B?TE9Xa205MElPc3NRRVRLWnZmN2R5T2dtT1pJYm9DeWVPZVEwUUhwWXFiLzNp?= =?utf-8?B?VEVNNkFiNmZyK3pkcGpuQ2J0OUM1QzFTd3JnT05FT1A2ajN4a01sMTJHcit4?= =?utf-8?B?RmY4VFdabE94dFNxWTJGeTNja1JINmdQczM2KzZQTjgrb3UwZksxbmhubzFU?= =?utf-8?B?NDFqakVqTklEQ3dadGMxRTZDa2ZZbjUwSHBhL2dOUU5iUHFKN1ZqKzRZdmNo?= =?utf-8?B?Vm5Ga1N4UUl3YWs1d0RDV3NFTjd4UU1KMmxBaUtJdVA2ckNkRFo3NjBDbDdt?= =?utf-8?B?SkNZY2lFY2FkUk1WTVZUYnBuYms5S0l5T2VCSGxaUkxyRDZ5K3Zsam1HMzRo?= =?utf-8?B?bGNGdjdwdTI2MGdleVQ5cVY5SXhZOTZjZHBab3pQNTRwcng1S0RFSUVLZFNJ?= =?utf-8?B?VWFDODBkN0htckpjTWJnSmRIWFJVU1cvUCs2QnpRVUdFMGhHRFR4Q1BKN1h0?= =?utf-8?B?UjBGdEpSUTV3MFhSTkw2TVpxb2ZXUkJtUVhXM0lzbDVkZzlWbVZzTzNvY2hx?= =?utf-8?B?RGVYYWY1ckQyT2U2S1RERkJYaHRpcHRFU3lSNW1jdHl4SytZNDZUeU1Ld2h3?= =?utf-8?B?aUVWRXRiaGZJa3ZPTVNnZm41MlJhY1Z2Zy9IS2srZUhrUjE0YWFJc09NZ3g4?= =?utf-8?B?dU9HLzJ1SWM5NjN3dDRDNjkxdkp2K2VVbDVxQWRUb3h6ajJRckg5WVI2VUNK?= =?utf-8?B?T2owMlNzOUR6M2ZCdmhiRFdyOUw3RnVnZTJhemJBMVVUMC93UWxEU3c0L3oy?= =?utf-8?B?bDNjUVFmUG5MclVBaFVtcHBqR20xbG5BUEVLNnFSRXlpWTF0NTVJdVU4U2Uv?= =?utf-8?B?c0xST3Y4Q0FWZ1VEZUQ5d2JDbk1GOHFzUE5wRGgwbGw2czRkRWpTTkpaNlVa?= =?utf-8?B?QlJORXBXdnVWaldJajdzdXlhaUpPVkxIbUVIa2ZNb0Z3VFJJUmtsQUt1Zi9O?= =?utf-8?B?dUhCajh3Vmdpb2JpNmdXVDVaYlV3Q0V6emFSN0xNRUMxdmRqbDA2b3F2TEdE?= =?utf-8?B?c1dYN3IxVnh5aDFHNmNobFB1MEI5VmZiTHJyVFZac0xWc0w2cUErUFNXYmUw?= =?utf-8?B?a2xFaERsem5rbDYrL0dWK1ZsV3daZ3d2UERLbWtsa29MTElRclduSlJ4aXFl?= =?utf-8?B?VE12bFczNHZiM1o2VE9rL3F6OUtVWjEySUVDU2NVRW5raG52R3pVYmlJeS80?= =?utf-8?B?UWxmWWowcHd1RjlpSFFLaTFNOUxSRHdGMFB5b3hnSXcweHFuVzljMEFKTlhq?= =?utf-8?B?dDNhZnVqNUh6bjIvdGVtczNoSjcrb0ZOTlRHTjFscDMyL3Z4VTJlOU9QdHhK?= =?utf-8?B?c2lBN21MZjl3WFVXRko0bWswYWdVU242RVUxZDRLSnVjNk9Jb3d3M1ZxY0Ru?= =?utf-8?B?WnFUcGJYV05sMnVCUmllZk5QK2prbVMyeXVTNk1rbTB1RGNqNlVOQmtIMXNH?= =?utf-8?B?TVYrRUhFZ3ArSmRDbW1oeHVBUlQ0Ny92NTBXMTkwM3JScXpKYmV4cUs2MFNy?= =?utf-8?B?MEhVb2dralV4MzRLQ1dBa2hZdUJrWnRLMFFLNVJIR2lkZWV4NUF4djVQei93?= =?utf-8?B?S3E2akFRdFFOSDVqLzVJSitzTVdvOHV6TlJtTTQwc1dTdFVWbXBkdkpIYzFt?= =?utf-8?Q?/4j4wwhQqRXUvkBX6KrjRgwIH?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1429e656-fa2e-4468-de66-08db42747078 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2023 14:26:47.5797 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Kzkje5oriHVjwmUs6vAN3dzwoPofoflcMJ9ouYvE7vY3Tss+A8w0Nyy5vePwnBR577INaqhhFGAp1EQ6xWjxmg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6733 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 4/21/23 03:36, Dun Tan wrote: > Remove code that apply AddressEncMask to non-leaf entry when split > smm page table by MemEncryptSevLib. In FvbServicesSmm driver, it > calls MemEncryptSevClearMmioPageEncMask to clear AddressEncMask > bit in page table for a specific range. In AMD SEV feature, this > AddressEncMask bit in page table is used to indicate if the memory > is guest private memory or shared memory. But all memory used by > page table are treated as encrypted regardless of encryption bit. > So remove the EncMask bit for smm non-leaf page table entry > doesn't impact AMD SEV feature. > If page split happens in the AddressEncMask bit clear process, > there will be some new non-leaf entries with AddressEncMask > applied in smm page table. When ReadyToLock, code in PiSmmCpuDxe > module will use CpuPageTableLib to modify smm page table. So > remove code to apply AddressEncMask for new non-leaf entries > since CpuPageTableLib doesn't consume the EncMask PCD. I'm really not a fan of removing the encryption mask, because technically it is correct to have it present in non-leaf entries. I really think the pagetable library should be able to work correctly with or without the encryption mask. What would it take to make the pagetable library aware of the mask? Thanks, Tom > > Signed-off-by: Dun Tan > Cc: Ard Biesheuvel > Cc: Jiewen Yao > Cc: Jordan Justen > Cc: Gerd Hoffmann > Cc: Tom Lendacky > Cc: Ray Ni > --- > OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c > index a1f6e61c1e..f2b821f6d9 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c > @@ -233,7 +233,7 @@ Split2MPageTo4K ( > // Fill in 2M page entry. > // > *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 | > - IA32_PG_P | IA32_PG_RW | AddressEncMask); > + IA32_PG_P | IA32_PG_RW); > } > > /** > @@ -352,7 +352,7 @@ SetPageTablePoolReadOnly ( > PhysicalAddress += LevelSize[Level - 1]; > } > > - PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask | > + PageTable[Index] = (UINT64)(UINTN)NewPageTable | > IA32_PG_P | IA32_PG_RW; > PageTable = NewPageTable; > } > @@ -440,7 +440,7 @@ Split1GPageTo2M ( > // Fill in 1G page entry. > // > *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry | > - IA32_PG_P | IA32_PG_RW | AddressEncMask); > + IA32_PG_P | IA32_PG_RW); > > PhysicalAddress2M = PhysicalAddress; > for (IndexOfPageDirectoryEntries = 0;