From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-BY2-obe.outbound.protection.outlook.com (mail-by2nam03on060c.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe4a::60c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C276C21A16E38 for ; Wed, 10 May 2017 15:09:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=uMj8hIjsiy8s8UFhGVbFdpQhUKiZiJxdgTVQWw8PfPU=; b=Mc655gRRjhvtjDLbDVGKVEhJ7qUHSa8smL6hFNrXwLZ0ugoa+sGSduQRCmtIJkwJ1wuE9t8WB9PNvK5LQ9/jOf3Ig2QqsOLjoiLXY3U/NmsTdez/HlR7rxnqSMoN/4v0vkd8avKwlfrCUCtKi2DVNiBA/m9QGXukyv+CK3IGtSs= Authentication-Results: lists.01.org; dkim=none (message not signed) header.d=none;lists.01.org; dmarc=none action=none header.from=amd.com; Received: from brijesh-build-machine.amd.com (165.204.77.1) by CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1075.11; Wed, 10 May 2017 22:09:51 +0000 From: Brijesh Singh To: CC: , , Brijesh Singh , Jordan Justen , Laszlo Ersek Date: Wed, 10 May 2017 18:09:20 -0400 Message-ID: <1494454162-9940-12-git-send-email-brijesh.singh@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1494454162-9940-1-git-send-email-brijesh.singh@amd.com> References: <1494454162-9940-1-git-send-email-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: MWHPR21CA0051.namprd21.prod.outlook.com (10.172.93.141) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9f500ff4-ac73-4a1d-0deb-08d497f14827 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(201703131423075)(201703031133081); SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 3:i7EmTvbPtA9GC2UePQXGzxss3gMlF3YD0I/4rJreJFmi2SVu3sE9Sk6imav2OgBctCKq/c4iOVkaoTLs52iBc2XXs8yGR8wZwPJK9Yq4NqbNy5w8K/HdB6XONBU/Fk9M0wNPoSAM4W7uy7RPbCDbdRalEoke45f9P5pHrj0QDdZhdwaYb3CMU+3hkGK0VBiyzmTdzCE//M88u/HFhJ0xGJx1K4iCyhIYp+jMfb5kt8UpGuSF9NcxGjNxhTCSD8giYz6j9+jufSY40GK04BCfqWMCbdc3IERiCoStpEM7Xhqol61mHjpoVkoEiNhrIXVQqC/u/sQdVRFF4TUkLH5sfLjPesfTDEq+pvcuecjB3Yo=; 25:le3893w/hz/vaNeqGUWLfmwAHzu6SCIXvIObbSTm7TO6dr8Oq3cD0pENsy2cbqxGBP8LW4QOl6bCkKomOveB5X9fUVuTMy9FWgVwHEBAMfL6cds4LP+8J/0qE5eRBzxTUh4arpACjdwVjn/bLMFQB7ibo+3XcP9k0S2S9nN0hI0EQxjFil8wMCeCywkyACjLNpVQXSRJX4ouJWmzBPle2YFaKnGtzAuUT/hz9FxZTYJfThNMaMldumOde2asS6ZwDAPhdvA7QiN7e3rbqQAGd9HPj+wYMfmCktPV/G4MIYMfTR91SOodIbgH6s1BhgXnYsboJuY/AFrz0XMhhVD2KqHMDCTnGAJXDswrL5loQ2GwuW3rgojZy7YN+iPAVjDTd/r6wOdX3E3TbwWvEm4j4PJ7rigXAF8pS/rRk8neJ1RImvfMYac03s8p6PUAGvW38Ck6puigaQOZsZT9kDQdSPJgWvAW5q11Ve80Ov8kRkA= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 31:V4r1CpdlgUGxXanqDOi6PtvwSwXgUA2t77ptJEua1R3nJgarGa8vGIDesVi7pEU5ZL5KUb3tTnUPrA7SBzTBfJgJEGGp0cnf6ziWHAr4AbEWLi3z8zOtFGHZVqPDMUQaBgABYwKoFxQWI3FVN2Xdi5rCNHkhhl5n9zchm2LpyJYHVZ3yYiT2j6KUW4HUayzx15Ra2r6eWJRmrc92RRfCXAwOFj6j0IhrazC9lA0vI/E=; 20:G+gOO7tMuYE2YkQ71mtjqDXqZJqjoe02cJKCSHto7cSdo8pNHKLV9Sjfeaz/+zb0rFtqWZ02bTVx2glI8iDmakxEHLyu05jPXHmrI9lJtsmWCnEtVgwOABo7Euhdli6jvuYIFAEH7zomk2e4hVvsGXBrThhGgyb3/sVYRBpU6e9EJBvHbweq4Haq9zHUUtP65Za5VoTgBRyA00gSmmIp0PEsVe7X5QYMmmfef2WdAMzzX1xEnPxM7GGnbYiY0+JbKyh567y05HKOQFVFfbaPlRi7g4HYtB2L91A4BgRkNshSS+h1fuMuG0Le7WNTdxb8juf1Tqc7QwY1RuZatYwW+XZ9FJBxkkOEty64LiwbKwtGlXzlWr3qmeBmxImGluDEAxOnPFj20e5kCbhNylnhH7k6RRzL6jvgCznLdyE8GgNvy/6ZYTJB9xvP84WxFvEhtvZbCcy1npj691qWcKYQ8mMuFfRiScrsfBFNNCJ3SfpBf8/lR38HW0oCUEXnaVjO X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(228905959029699); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(20161123560025)(20161123555025)(20161123564025)(6072148); SRVR:CY1PR12MB0149; BCL:0; PCL:0; RULEID:; SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 4:EKri9a0Ei0I0Hvh2tr05KHk/SvhB9F+4s8KVamisc37ckGnX0ZOoLqK2VhISI8m30piPfFKC2Lj3oHLwoJC6aDcG5i6zaPY7HFVgUCcXhrzyC70SKn7sP5FSv8z0yjP9Z7vwXjwgfTzW6+xV7mSqUdMHm4z6q/nQbK+AlFa4McV1GaUF//PrIwDOsQ/OwyngF+eknsBK6R23c3Ey91e+met+CRdO3Eh825l10KyByOF7MR/3QU0xI4ekklvXWZpX6FDZnuoXpQkgTHpdA+/yM73mXidaTrQDlEF3LGBuInenIGtNMEogMBjeywGurXyJhrycPAxYNIATe954vHa9vcpuHPhqHSbS+rBvkLhd2bw3N7+hEVxKKfL/ojs+N+NhQ5Uw/mfQAEBYEPalen+EJxkLk3i/M0MBmneEZa37iir2XoHKikJAHnGgYkSdPAS+DJhPYHIJovZKqOTx8+gWlYqtuzjNrbIMoVSorQbxUhmRjUChj3Dv1PkQDmEU60X7wNgWTN2XWymFTtFXGbAisKiXnOK7JAdaT5rV0DiTkgNbLEYOUltkmUUwhvSiGMmkA/wtUkO8yS+gdqa3c0A3QO2GlWMDb5Y09ThaLu4kowCAGR2bxITVCc6eqNByTiW+dj9QqSFgtV95BKubYUV2CBFCzBEkYpbhfSbEh/IrIswYg48yA/y8dRvSDDg99SA5H2EuYPI2ugYxQhxeu1/1jKDLfolwzehNB7noUvubEhBK8Y7EMG6M/CO93MHI9y0yiUyCWmKMYVAt5bwJsrUZ5jjzJ6Wlemq8ingZWXBceNxJC0gzjoaspCqzGxQqv0X93JAbbILZ/oHMks6xj+v4OjbK6OYfHVS2PIBXvhjQCBwN2+Wyhl9SR4J6KkyD8JF5 X-Forefront-PRVS: 03030B9493 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6029001)(6009001)(39840400002)(39400400002)(39410400002)(39850400002)(50986999)(2950100002)(6666003)(6916009)(6486002)(76176999)(50466002)(33646002)(478600001)(86362001)(189998001)(48376002)(110136004)(8676002)(4326008)(2906002)(54906002)(38730400002)(53936002)(3846002)(6116002)(50226002)(25786009)(81166006)(5003940100001)(5660300001)(53416004)(36756003)(42186005)(66066001)(7736002)(305945005)(2351001); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0149; H:brijesh-build-machine.amd.com; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR12MB0149; 23:MtC0M7tmqDH0n9wlFu4V1evVGxflLfJZZF9S2DSTk?= =?us-ascii?Q?nt5QgICZa5inwtLKyu5feYpsFUDaTuMQpAWGn/RgEbR3MVozwCrlmBQsHUBm?= =?us-ascii?Q?+JqSP+Hspf7K6LitkAjPo1iQD9yn2qwR0ro9uXZfBs47ptCAhKnU3DzIdqAL?= =?us-ascii?Q?+xL+8Tw17BgyQwRrX++yfY+6NcFl37y38Zy0aEiA5BnaW8hblzhcWHWW4AvL?= =?us-ascii?Q?7Nf+9BnC3BMhU8SPZ6rUC3T0ZtMrywgudhvYi2s3SYJNSC123FTNUksd7nLS?= =?us-ascii?Q?tDr/1QQLtsEluQWhbAuYuxTPfHc32WvPf8X3OzL7qZLqb8RLMHsB9PCj2jYV?= =?us-ascii?Q?FvK6ghpQz9pdSdnJEHGKxENtZOeQ6W9NsqRso2jDpzm51RQXA36FhgWlVegm?= =?us-ascii?Q?w4vjv0tNvQePTohNBXV+I6bmqjc4gdqNJQvAtJf7WRsSHmHmt0tswXOQMzRQ?= =?us-ascii?Q?jag/6bTJoM8nKScayOKtHBnNuAS1S5IQlhzNbacDsFUkweph3xa3N9YjdxR+?= =?us-ascii?Q?c+9DR9FizfBMs1V3FJ6KE05/9ngZh4uaGTChPpq5SpJXPmovgYiOimMm/U9D?= =?us-ascii?Q?8NqJadtJPMOL8XljAux4P7qxCR63tqIE3+x02a5e2cbbESz+EeLr3B1lADqa?= =?us-ascii?Q?4bsUx45O1CKbLdoT5Bb8t/PW2tXAEf75F26jW7x5sEPSbLItev1NV8q9BqNi?= =?us-ascii?Q?pmUJc33TD7JoQrpu+R2rKnnIF3c9Ye0oQyHAX0PoixOvzMjVvdyZN1W+Kckv?= =?us-ascii?Q?era19B2wlfkRxuKakOH5AltMODPVe3yQ06kXp6bCgLtHHsEiKYv/lqpBjMZg?= =?us-ascii?Q?DIfeqJdNTMdbWasksAtVr/8k1vmE9Qh3jcc0Rudmc5178Xe2RJ+9la6iyJMh?= =?us-ascii?Q?jgscl82mGYte4L0rs41qRzRVvZKV14WHbLe9kWIYuXAsAJKRESxTv5eD9hYe?= =?us-ascii?Q?sS/XPeqx8zT/MphtfduH7LRIvrnIMHllcgMLyNZz6zgpWXZ0xCtJqsRy+ZIF?= =?us-ascii?Q?6h6pZQGYqfgeyvM0C2NXC1t?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 6:9YwgEoI2mrxjQ1guGwjUDoGKsJM6CwJ5x703fWcXd8JS0iJtBiDLX9/eXcmfB12bZ2mGCW0jVjrb3G60fuH4E2DX+VBUq+r/AOEJBBrFC6OH2MqaHkyUf6VVGXrBSWuJMgFpKXc6C6R/6EEk7HaMPg2jRtgO0k/C5KXD6ZC9Y+lqU5SmsjAwC4ECD0tVbWkNXhuvX9Q9NEo1dznqKenAvlF0ndtfUQ2f+2ci8mB6ODVgYaUGTb82wPYIbL1mFMOojzprwN6oLsje2dpOphV6gYxL77JVJxFDgXF9Z375lcBUuyZ8pjluP9Ls7bhdnNRR/YheipYJVCPG185n9kH3vL+xSRy3Y0aIMvLtH+4bLEsZI2sXbGn99jBNi/sJT46lKyMUFov97+iK+OFYBKpYdZwTIzWV5AZYll7J/Kq7KC05w1zPymDt/BJM8ds991iPqyUYelnobVGiVp+2sDjhkcGC0RuHI1eOqmeCLvjzE//tpC3E937e9XHO4MdZtlMxsPFLKqAlPEIFt2MZr3f/MQl8x+btPi6tHonFeWTE4g0=; 5:xyo9te4aZph5NveDq2y/FVvsmMT+YLvyYplh8Vj+X9J3E1xlY7NTERzRRM7vBeAp0RxhPp4LhK2R0+EGTzPcUlANHc7PBygvopZPTL2/sjKfgQ8ytZlQ75ZYTngWJUzXfVisnLH+wn+v7okxlB422Q==; 24:NT0gGClsU26CmuUCDMKAHfjOmAuyJDM8p6ky4REaIDPvF/tWHCIaRL8hZNnkoKIjyYOjnbSr/N0rzEk0inpuySmS5W74KeY1xAOGyJKkL94= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 7:frv2eLCmnBX0XAO/5f4rgmBKpwenWHLEte7kIPLHzNiBWOM+xx5ZLmtRK23SP2Lno3TnnUVH2izyZdKDetu2hY/0ZjgX4/iMyFIwCOay4VRbl3OmK1SZbQLCwoCV9MXHMOG6iIPHJNo7IY+hLeGilQagv5zm2MtlwG+kv5S/4oL3M1VUuCPuWeYZWZYj3JYEfohIgjj7SP1KXB2jj7BZWjg0oPHn+vSMIOcgogT3GbAe8V89FBSRMXC7CK0v/ZSF1liot+AKIqaV95Fo+nqctZenDaFdJrQUNG9IzlVOs3oRNSdaoqsAOMzhCC4+1zQ0b60+lSzcfX9SKh9c3d/XeA==; 20:L11R06RvqWmdLX3TyMJHodEato/78Zy1lpLE1/SRIwx2OKscujr7Guf3FocMuRek9E/aq5Bn5lpAVxiwpaHAmlVrVnJqGc+JEtJ1+DG9NXjo3m3XUyfhjRN+pL8mZiRVTPCbjREouk3l1k5asWWAG7w1LFjQ+kaz1jkgsMuqXnaqrLFYXUyYik+Sj9P1PE25ATRe2IorUh/urGgclzMHAaC2+fDA1rCDaWHUqayTcC9LB83nbolbZvlU+EpSVbUC X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 May 2017 22:09:51.2779 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Subject: [RFC v4 11/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for Dxe phase X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 May 2017 22:09:53 -0000 Content-Type: text/plain When SEV is enabled, the DMA must be performed on unencrypted pages. So when get asked to perfom FWCFG DMA read or write, we allocate a intermediate (bounce buffer) unencrypted buffer and use this buffer for DMA read or write. Cc: Jordan Justen Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh --- OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf | 4 + OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c | 107 ++++++++++++++++++++ 2 files changed, 111 insertions(+) diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf index 346bb881ffc1..f8df77f788b7 100644 --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf @@ -39,6 +39,7 @@ [Sources] [Packages] MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec OvmfPkg/OvmfPkg.dec [LibraryClasses] @@ -47,4 +48,7 @@ [LibraryClasses] DebugLib IoLib MemoryAllocationLib + MemEncryptSevLib +[Protocols] + gEdkiiIoMmuProtocolGuid ## SOMETIMES_CONSUMES diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c index ac05f4c347f3..059666ffa99b 100644 --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c @@ -4,6 +4,7 @@ Copyright (C) 2013, Red Hat, Inc. Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+ Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this @@ -14,14 +15,36 @@ WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. **/ +#include "Uefi.h" + +#include + +#include #include #include +#include +#include #include "QemuFwCfgLibInternal.h" STATIC BOOLEAN mQemuFwCfgSupported = FALSE; STATIC BOOLEAN mQemuFwCfgDmaSupported; +STATIC EDKII_IOMMU_PROTOCOL *mIoMmuProtocol; +/** + + Returns a boolean indicating whether SEV is enabled + + @retval TRUE SEV is enabled + @retval FALSE SEV is disabled +**/ +BOOLEAN +InternalQemuFwCfgSevIsEnabled ( + VOID + ) +{ + return MemEncryptSevIsEnabled (); +} /** Returns a boolean indicating if the firmware configuration interface @@ -79,6 +102,21 @@ QemuFwCfgInitialize ( mQemuFwCfgDmaSupported = TRUE; DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n")); } + + // + // When SEV is enabled, the AmdSevDxe driver should have installed the IoMMU + // protocol which must be used for mapping host buffer to DMA buffer + // + if (mQemuFwCfgDmaSupported && MemEncryptSevIsEnabled ()) { + EFI_STATUS Status; + + Status = gBS->LocateProtocol (&gEdkiiIoMmuProtocolGuid, NULL, (VOID **)&mIoMmuProtocol); + if (EFI_ERROR(Status)) { + DEBUG ((DEBUG_WARN, "QemuwCfgSevDma: failed to locate IoMmu protocol, disabling DMA support\n")); + mQemuFwCfgDmaSupported = FALSE; + } + } + return RETURN_SUCCESS; } @@ -114,3 +152,72 @@ InternalQemuFwCfgDmaIsAvailable ( { return mQemuFwCfgDmaSupported; } + +/** + Allocate a bounce buffer for SEV DMA. + + @param[in] NumPage Number of pages. + @param[out] Buffer Allocated DMA Buffer pointer + +**/ +VOID +InternalQemuFwCfgSevDmaAllocateBuffer ( + IN UINT32 NumPages, + OUT VOID **Buffer + ) +{ + EFI_STATUS Status; + + if (!mIoMmuProtocol) { + // + // We should never reach here + // + ASSERT (FALSE); + CpuDeadLoop (); + } + + Status = mIoMmuProtocol->AllocateBuffer ( + mIoMmuProtocol, + 0, + EfiBootServicesData, + NumPages, + Buffer, + EDKII_IOMMU_ATTRIBUTE_MEMORY_CACHED + ); + ASSERT_EFI_ERROR (Status); + + DEBUG ((DEBUG_VERBOSE, "QemuFwCfgSevDma allocate buffer 0x%Lx Pages %d\n", (UINTN)Buffer, NumPages)); + +} + +/** + Free the DMA buffer allocated using InternalQemuFwCfgSevDmaAllocateBuffer + + @param[in] NumPage Number of pages. + @param[in] Buffer DMA Buffer pointer + +**/ +VOID +InternalQemuFwCfgSevDmaFreeBuffer ( + IN VOID *Buffer, + IN UINT32 NumPages + ) +{ + EFI_STATUS Status; + + if (!mIoMmuProtocol) { + // + // We should never reach here + // + ASSERT (FALSE); + CpuDeadLoop (); + } + + Status = mIoMmuProtocol->FreeBuffer ( + mIoMmuProtocol, + NumPages, + Buffer + ); + ASSERT_EFI_ERROR (Status); + DEBUG ((DEBUG_VERBOSE, "QemuFwCfgSevDma free buffer 0x%Lx Pages %d\n", (UINTN)Buffer, NumPages)); +} -- 2.7.4