From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.76]) by mx.groups.io with SMTP id smtpd.web08.3713.1611614115319760338 for ; Mon, 25 Jan 2021 14:35:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=fvZYu/xd; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.76, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=doedEHA9+DGgxG6xb7OaG8c8DpOI4Li/inoVeLh5smwLRdRxcOVjiD7AtD0Cl0mvA7k0Nh6nMqRvr614ega+QxQB6F6FcCSdedkjRjiyNqqK8fN+G0JNrpjXr2d97fcfX1TjBhsaU6dAWPzttzAczZ91MR7pS7PyHOJMkyGfYNWcjJai3hYogq31LVNFwZv0IKiS8Z7fJec44D3X082d4gJExM+9l6jBgAXjAw/ZC2aSb91lmWnchPgx33AYKk+OTpNTbrIVrI92n2OlMneYg0tXmUcTQFE2sbs0SOaTpQacjHS2PvtEn3nwMa+QsCVtyDzemULN/0U06Jz6MwXyrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kltFuTFrSaw1HckFRpdxgFkaOdATTffD2bTdf+9kFlA=; b=jXJx1ldTmsx6UJ1/AySPrk0qMuoEr1VHhiKs9mIZFa7VXOVaCtlCvA+14z1IZE8F1o5Wrf+EIA4OqFu58jqQ6cEjSzTifhFPJEbhZBBlmZAuJRkJs2hmorW6bt+pVQoJCgPcNRmgwQYnW9ZoVk3vHyJKk4OiJ2Uw/jJySSiNiLKcWZmQA4RKjekxGwSkIqklrmyR9yf/J9H9eTTI4pkd5IWEJDBiZifYKaA+iui6aXr2Nbe9lk6JtuYGlp1VIsTgZikZLbdX9wFNXNEYdARAPJcrG0g7ph1cvEmkJH9Mj5kuk1fUPoRiI60HGmK1ceH+2eVPpuy5QlInWrZY4VM1qw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kltFuTFrSaw1HckFRpdxgFkaOdATTffD2bTdf+9kFlA=; b=fvZYu/xdeLvCwdOQYS0ePG2UxszzT7ADUxMwtvjvS/u8Hyx3SUfl5mu8LAzlwmpkmsgHDFXCx1W1s7PD6km/DC4MPZP+0/eR2Ppk56CqPYPA2WA//GH7PDd5PdtruXbBOpYYO6+XRpvSzEypQVCYuUCAtkZ5fkuUxaMuIIgegkE= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4959.namprd12.prod.outlook.com (2603:10b6:5:208::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.12; Mon, 25 Jan 2021 22:35:12 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::cc15:4b1f:9f84:6914]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::cc15:4b1f:9f84:6914%4]) with mapi id 15.20.3784.017; Mon, 25 Jan 2021 22:35:12 +0000 Subject: Re: [PATCH v2] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Use physical address with SEV-ES To: Laszlo Ersek , devel@edk2.groups.io Cc: Brijesh Singh , Jordan Justen , Ard Biesheuvel References: <84a5f9161541db5aa3b57c96b737afbcb4b6189d.1611410263.git.thomas.lendacky@amd.com> <02e1643a-397f-b24d-fb86-f80e868fbb77@amd.com> From: "Lendacky, Thomas" Message-ID: <12b1fe3b-37d6-1ad6-8b83-7364ab2aed17@amd.com> Date: Mon, 25 Jan 2021 16:35:10 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 In-Reply-To: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN1PR12CA0065.namprd12.prod.outlook.com (2603:10b6:802:20::36) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.236.30.118] (165.204.77.1) by SN1PR12CA0065.namprd12.prod.outlook.com (2603:10b6:802:20::36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.11 via Frontend Transport; Mon, 25 Jan 2021 22:35:11 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: dba34755-a98c-49c4-882d-08d8c1817a69 X-MS-TrafficTypeDiagnostic: DM6PR12MB4959: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1332; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3w0mpxYFk0Zz/GruRIuF+ukjuu18s9aojPMycWAjsi86mXBqYycImM1nGhwlk/rb9NZBXpjqHVRE2ns/Hdw5YV6a5JmhGmXbP1lNJWHWsCcAPD4jBFoQDmKGTZKmBFRNpAKvRRTyPNn4Z9ErxgxWC/5iFLZ19f02ncltwPRbGYZK928nXMAyFt/SG+8j2oAiFPCZd5SHUSCllfZKlf4aiyH1+AzIBdE2EzzFdUJAi9T5V1SiXPicg9czOFl5gheZleOmBukKNysY8xin6939U2PQ0yMRrvo1KSm2C/twvayo9xUTy2rexGgiEE+qLOeVV8au/snUMzf/OSIRZRvMOJ8foCK8KS/s0hZEqbKDXks98UOlC6hK3HTST1oDGTj8VcPYKzyCmotB6O5w/ga7OcrChqEAprNTzVNn5/ffQ7K7PaaVN6ruX+/kaPEWjH1cpPW14MxlJcCeoz1ttku2SuRDPKkc2dUXyfQZeuDtIkKxU6VfT2/82h2mc1mysABlcRlBpI4GZgkxdRoMo4J8qyROjxLtE4vqBMr1K6vFmUa3+tZt6ep8O0uhjrAcyjJPIRb4DM4r3Ke6jgFbmI+8Ww== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(396003)(136003)(366004)(346002)(376002)(52116002)(26005)(16526019)(186003)(5660300002)(956004)(6486002)(2616005)(83380400001)(31686004)(66946007)(8676002)(8936002)(316002)(54906003)(2906002)(66556008)(16576012)(66476007)(36756003)(478600001)(966005)(31696002)(53546011)(86362001)(4326008)(45080400002)(213903007)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?RkRKbUVKdFhSSmxHTjVPZFgzbnoySlk3bXgxOTBJS2JPQ2hvVGlBWlVFTzFh?= =?utf-8?B?MlNjVitQS25CRjhMdFo0WjhxVzk2Z1FYK3hGZUxSZGR4UmNxZUtIMWxsZEhs?= =?utf-8?B?MHduZlJ4MXNLT050Y1JmenlGb2t4ZWY0K3hhY2dlOHFvYk9UaTVCU3pwNkJX?= =?utf-8?B?ZVpzc2o4UWgvaE12K1pwcGtMbUEvR1EvTTIzblNZZUIxb3dON3pEWWU3Y3po?= =?utf-8?B?dVNPRENlWlR2QW8zOXRibXRqUU9NeVo4ZFVTZ01ENm1kNDZPRHFFV2ZIdGV0?= =?utf-8?B?RElqTDBWaFJKUHZTRFIwalBVUGp1TCtDUVR5dmQ4YngzVk1vd1A2QVF3ek5o?= =?utf-8?B?VllMSnNHdGl0SEZ4RzFvSnU5MmREbWdOdFQ5ZTF1bUViTkI1YXYvck9NK3Ix?= =?utf-8?B?clVzS3ZCMUJMc2VxY3kzdVdyOC9tYWt0N1hkOG52SWV2bGgvUzFFK0I5NUpI?= =?utf-8?B?ODYrWTRDTmNNOUpMOGtEejFwYVlKaEdjK1JNa0ZoR25UUnBMc2RtVkxBQ0Rk?= =?utf-8?B?TFNwYzBLNnJodU5FSHI2d2U2Wk41TDRZOXpJakZMTTNjQ01nOGFEQmlOMmhG?= =?utf-8?B?UmZxNzZvRTdBUnZlcTcrT3JrTzNIbCtlZkJLRzNsTkg3dlYxS09lVnZ2NEgw?= =?utf-8?B?V2dzMVpyc20rUFczeHZRaStvVTY3OGR1ekcwbVgvbGJpbmd6QTdlQllncE9x?= =?utf-8?B?dzVVbWpBNDNSaVV5dXdPcU9QM2NNdkgvbDM1cGRkTnZ4M1V3a2ZiY2lhNFJV?= =?utf-8?B?ZFkzcVNTRG1paGZ4ODd6aWtUbndyY2NTTmdWZWFERitVYkVReGxSTHVwMHhE?= =?utf-8?B?M0wvUEM1S2F4eXNyc2ZSRi96Q2M3QXludzdxK0puMzZ4NmJrbTFFaVVBMFl2?= =?utf-8?B?VzVXb0tweEhJUVhZeFRad3FMVVVnZVgzWTd0YVpoS01uWUpiM0RUQ1JnN1E0?= =?utf-8?B?UnFIWkU1OXI4cEJLM3RrRGxKVWJEcTZiNFlhVlJyYjJoYkJRS3dnSDlGd2N5?= =?utf-8?B?dTRjSzhRd0FybVNhYkhNWnRsdmM0citrTEozdjFVeDR3bmVxWWRnRWhZd1lV?= =?utf-8?B?MWdKUWJ2eUJuRHdoTWsreitmc0NEMERsQlR5OXRPZmlwcktWZWVkU2NFc1Bk?= =?utf-8?B?MjhRS1krNmpGbUdQMHBhZGszc0Y3eTFBb2VRUElPWHUwSjVUdkZsaEFVVVBC?= =?utf-8?B?R1ZRUGZNdDVMZUp1YzdkeW9tYmhWYklkN2VJckZFa29GK1FoRkNKeVZzWGlO?= =?utf-8?B?VHdINTYrMHNzM20rVEUycWlhQ293c2hoU0dPSUNZYlJNZEI0T0ZOdEZNeUcx?= =?utf-8?B?eVQ4b0JiYW10ekhxZXl0OE14S3NoK09KaE0wckRZQ3JMZkpiZHdBMStyOENE?= =?utf-8?B?RktoQjlDS3hiSTJWWGJNeWc5QUJiUlp1QmVkMHdFbndDeDhpdEFYcERSS0VD?= =?utf-8?Q?yi7YF1YJ?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: dba34755-a98c-49c4-882d-08d8c1817a69 X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jan 2021 22:35:12.3102 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: j4m59Mjw+nkuFKwWKholHqpJ0kBZWNrylNPYOlqXpbuxkxJ9DVezXSR/y3KeJdaSrKogsKNnqnxXmUKruMeStw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4959 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 1/25/21 4:17 PM, Laszlo Ersek wrote: > On 01/25/21 14:55, Tom Lendacky wrote: >> On 1/23/21 7:57 AM, Tom Lendacky wrote: >>> From: Tom Lendacky >>> >>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3183&data=04%7C01%7Cthomas.lendacky%40amd.com%7Ce7ba4f968a0d4bc42ea108d8c17f0a9b%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637472098694077769%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=jGAzh8XsefGmSnQfjjz%2BQmLJoUu25o67pOxuUORzw7g%3D&reserved=0 >>> >>> Under SEV-ES, a write to the flash device is done using a direct VMGEXIT >>> to perform an MMIO write. The address provided to the MMIO write must be >>> the physical address of the MMIO write destitnation. During boot, OVMF >>> runs with an identity mapped pagetable structure so that VA == PA and the >>> VMGEXIT MMIO write destination is just the virtual address of the flash >>> area address being written. >>> >>> However, when the UEFI SetVitualAddressMap() API is invoked, an identity >> >> s/SetVitualAddressMap/SetVirtualAddressMap/ >> >> I can fix that if another version is required, otherwise, can it be fixed >> on commit? > > Yes, I'll fix it on merge. I made the exact same typo in my v1 comment > -- and that was because I copied the mistyped string from the BZ :) (See > c#0, c#1.) Well, looks like I was only able to get it right once... I just noticed down in the code comment it is wrong, too. Ugh, my fingers just couldn't type that 'r' I guess. Thanks, Tom > > Thanks! > Laszlo > >> >> Thanks, >> Tom >> >>> mapped pagetable structure may not be in place and using the virtual >>> address for the flash area address is no longer valid. This results in >>> writes to the flash not being performed successfully. This can be seen >>> by attempting to change the boot order under Linux. The update will >>> appear to be performed, based on the output of the command. But rebooting >>> the guest will show that the new boot order has not been set. >>> >>> To remedy this, save the value of the flash base physical address before >>> converting the address as part of SetVirtualAddressMap(). The physical >>> address can then be calculated by obtaining the offset of the MMIO target >>> virtual address relative to the flash base virtual address and adding that >>> to the original flash base physical address. The resulting value produces >>> a successful MMIO write during runtime services. >>> >>> Fixes: 437eb3f7a8db7681afe0e6064d3a8edb12abb766 >>> Cc: Jordan Justen >>> Cc: Laszlo Ersek >>> Cc: Ard Biesheuvel >>> Signed-off-by: Tom Lendacky >>> --- >>> .../QemuFlashDxe.c | 20 ++++++++++++++++++- >>> 1 file changed, 19 insertions(+), 1 deletion(-) >>> >>> diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c >>> index 1b0742967f71..d303b0078b08 100644 >>> --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c >>> +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c >>> @@ -16,11 +16,17 @@ >>> >>> #include "QemuFlash.h" >>> >>> +STATIC EFI_PHYSICAL_ADDRESS mSevEsFlashPhysBase; >>> + >>> VOID >>> QemuFlashConvertPointers ( >>> VOID >>> ) >>> { >>> + if (MemEncryptSevEsIsEnabled ()) { >>> + mSevEsFlashPhysBase = (UINTN) mFlashBase; >>> + } >>> + >>> EfiConvertPointer (0x0, (VOID **) &mFlashBase); >>> } >>> >>> @@ -52,11 +58,23 @@ QemuFlashPtrWrite ( >>> if (MemEncryptSevEsIsEnabled ()) { >>> MSR_SEV_ES_GHCB_REGISTER Msr; >>> GHCB *Ghcb; >>> + EFI_PHYSICAL_ADDRESS PhysAddr; >>> BOOLEAN InterruptState; >>> >>> Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB); >>> Ghcb = Msr.Ghcb; >>> >>> + // >>> + // The MMIO write needs to be to the physical address of the flash pointer. >>> + // Since this service is available as part of the EFI runtime services, >>> + // account for a non-identity mapped VA after SetVitualAddressMap(). >>> + // >>> + if (mSevEsFlashPhysBase == 0) { >>> + PhysAddr = (UINTN) Ptr; >>> + } else { >>> + PhysAddr = mSevEsFlashPhysBase + (Ptr - mFlashBase); >>> + } >>> + >>> // >>> // Writing to flash is emulated by the hypervisor through the use of write >>> // protection. This won't work for an SEV-ES guest because the write won't >>> @@ -68,7 +86,7 @@ QemuFlashPtrWrite ( >>> Ghcb->SharedBuffer[0] = Value; >>> Ghcb->SaveArea.SwScratch = (UINT64) (UINTN) Ghcb->SharedBuffer; >>> VmgSetOffsetValid (Ghcb, GhcbSwScratch); >>> - VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, (UINT64) (UINTN) Ptr, 1); >>> + VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, PhysAddr, 1); >>> VmgDone (Ghcb, InterruptState); >>> } else { >>> *Ptr = Value; >>> >> >