From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-CO1-obe.outbound.protection.outlook.com (mail-co1nam03on0085.outbound.protection.outlook.com [104.47.40.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2286121E49BA6 for ; Wed, 23 Aug 2017 05:20:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=HLFMKmf89s/SpGaTuABk4HPrnnoX5td1vOHd5QYXM6k=; b=eEUu40mCSVm0tjyqBE+8exWMRBmr+BoYrZd8vXNjTzjvjums2pKsSZAjRk7duOYYLLJRHnCZ00rgT/RAGGiGw11EHuBo5SS+wZBGmEe1rgh0r1OEuX8PWj2/vR+QAxOVaoVq5nBtAvCS7LuF0c/UK7zs2VG6NUqz44Do7As0xj8= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from brijesh-build-machine.amd.com (165.204.77.1) by DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.1.1362.18; Wed, 23 Aug 2017 12:23:03 +0000 From: Brijesh Singh To: edk2-devel@lists.01.org Cc: Brijesh Singh , Ard Biesheuvel , Jordan Justen , Tom Lendacky , Laszlo Ersek Date: Wed, 23 Aug 2017 08:22:36 -0400 Message-Id: <1503490967-5559-13-git-send-email-brijesh.singh@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1503490967-5559-1-git-send-email-brijesh.singh@amd.com> References: <1503490967-5559-1-git-send-email-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: DM5PR12CA0069.namprd12.prod.outlook.com (2603:10b6:3:103::31) To DM2PR12MB0155.namprd12.prod.outlook.com (2a01:111:e400:50ce::18) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 74cdf765-5002-47e3-fdd1-08d4ea21b39f X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(48565401081)(300000503095)(300135400095)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:DM2PR12MB0155; X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 3:DCM1qbeiw0HHiUxYEpTsQaCqqMeff9e6/Q6G127QfowtF1iXmtjE6CqKBQFSWfMDBXk17s6GM/ryTLpNflr1DVZ9EhefCsXTeUU5Eomgbg6GVp1nrGU8C+8sPDCQJb2vuOEbKd2nYsh0yXvuw4ul1TLuUmdQ+9OvijUrNPUPcBilW1ChOwk5xJ1ew6G6bYAKUXu6yIXCFN5WOyZ/ZcNHqoAYdyOicfB83bOe8xhq+4HYSUF2vthgXvusjbHFifn6; 25:2y7Be/7pmp1uVL82E4FqSOpNH2EbxZAdQikq5/XN2y2MSfLn9QFHykZ0Nzumif2oalYQxUQqOT9/KIksG971QaOOJGzMneOgC0XIaKM3EJCQ2I+MNYqXPauvp65eO0+4HfLGrE0bUw1RdarMwrzW3BfMk6hhOgVtrp4pPmgO3IKEcsafR/fM87/z8LbeSUvr8yjIO2Wie4mdITGivpYecCUL7uuGbYhhOEtUOy4agyEaZHIu25nw4cIzwAnfhpBlSzZRC6JJJpMdxF0FMTANEQbpRTNw9b+PxPL/JYJDEYbWsuLs7ey5XoRtQNuHGRlhZjyPMsCGpLnfBH69QPa6AA==; 31:E9OR2AkIAyxFPUPciKbPMQNqRMVeT3ZLNUy2wXq09wyBcy7bZ4B/0AdfIjahE8i56YsULqkgehVye5eWWW5SdT7GRTqBjk2yXZqQiV8f+BWeV73TEEZLIBzy+ZQ/m/Tbdqq/37lNau6mOKn+IGLc5z7DaqO3rKyBvfXnepbiPsLWnzNaXG8jaCDnRjz/3cqFURo4um9IPn+tpRlsaphdDlt+MQSYSHY0JaF/vN1jNFQ= X-MS-TrafficTypeDiagnostic: DM2PR12MB0155: X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 20:br/srmjfyXGsVwi/1z1ctp2OrHpJadBHOAxdHK5y0I5P9LBVzj4l99kv6kwAPo02OLQENAXq+FmIfIYFEeTuxlO1Vv7ynXFMvH0WAARscecgJ2dQllNOhQFGsM+UJHhfUZkMIxCFC1Yn0TtA45XGRTsOJp/3TPNeF+Q9FILaNrOcyN3NNLIqqJ9W4bTgj1bK7les82ONbM6UPdr4dSbAFyvufDUQ3S8b1zILqbh2X0/tr62BokOFC+6Onz5cGwj0lCNFNDgAGJ2VdbH0+uId2v20JB8A1PJdYpEdoHASDQTsYxmmkxx74ZeJ6xujc+h4tPwpzOAq/DrCYtrWbxE1ZAUfm80VS5HEKrehEcNQ2NxW0rPz08Dk4pegItwqYHzU+Gcm/7NNFiBSX6M+4eqgK+BNu7KO+AZucKPEgIOMo29cW6C4C9Duio7cZXTp3+2Lg5ryyWegKxjsEABi3NPH10pPFh7ma7KjP0buiDAZjCK7l8OuwSuWjxof2P2p7Ngx; 4:bu0/xfghBk4F5Pjd/m0FAghKIJ7ZEoxp8u17X6z8yFYClc55SB0eafv21BjUDHE7Le0YQnirKQw7QaKNUzFezdYOl0B+hSChN2eMlPxm7YnFXwmv3WhbDbzR0oSDMzzmCGJb4owcKZAt+4CQeJU6Wb2GfDdIVasEoEp+GHLWUs3POZXC3ADCrv4l6Zp7xfA3pqW4GiCXWX7pDu/hmU4/IdW4HL3XhS3iPU35ROWP2qMEcICTrZ/B1Nprf4PkfvpfH1pAS6rAdqNfj8SulXno7ksWdg7lv3JLljysjJ9exTzqZuMUDrA8Lv5niCmHEfD48/Dz5HJKXPaBg+nWi7YCJQ== X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(228905959029699); X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(601004)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(100000703101)(100105400095)(3002001)(6055026)(6041248)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123560025)(20161123564025)(20161123558100)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:DM2PR12MB0155; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:DM2PR12MB0155; X-Forefront-PRVS: 040866B734 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(7370300001)(4630300001)(6009001)(39860400002)(189002)(199003)(51234002)(305945005)(47776003)(97736004)(101416001)(110136004)(6666003)(189998001)(478600001)(7736002)(3846002)(66066001)(5003940100001)(6116002)(6486002)(48376002)(86362001)(105586002)(2950100002)(4326008)(106356001)(36756003)(6916009)(50466002)(2906002)(50226002)(42186005)(2351001)(33646002)(53416004)(25786009)(7350300001)(81156014)(76176999)(5660300001)(68736007)(54906002)(8676002)(53936002)(50986999)(81166006)(2361001); DIR:OUT; SFP:1101; SCL:1; SRVR:DM2PR12MB0155; H:brijesh-build-machine.amd.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR12MB0155; 23:SklKJEHCmjrLrk/J0j8zeyCdpguH/ytMMVlUCr2fN?= =?us-ascii?Q?Z5HzBDHzmGhPHQFRMOJ6fAFabIMn2UkGogGXunldHMBCLsSWKxP8duSxtAY5?= =?us-ascii?Q?hx2Zuj6J0EVEjlZiHkqLOqOdDyZUCxkIdz/O1MGJvY+YZ1dgRgoTOzNKQAUT?= =?us-ascii?Q?1FSstUp8PByyV4DV6UgAnePf+N2nxTzYUI00qAUUWNsPznyViEUi3DpU4N1J?= =?us-ascii?Q?GKX7Ykna46FD/PaUW2CNI6rMU8v7jIMWf9cNPe7iCeTCLGkXN9qee9f5y40S?= =?us-ascii?Q?zjqqBPio+Bh9KL5gwJhAl/wS3F5Qh3IduujGi7LscMj/a/ls8i0nepfl65m8?= =?us-ascii?Q?fbEpngjy+nmr7H8+dTDyJydrVlRfKS5Wq1T3FQfWoezBOFDqPVT534DY5xMu?= =?us-ascii?Q?loYMLXhOuVFladEE7QxjWlxarf87qJnE4BN88kRVEQWd2mo+bEIKJKEfsVNQ?= =?us-ascii?Q?+VFlr1TocoXSTC21wGPU3M6ZJ/C1iJPatGmxCh61OoaaPSSx8Y5JtT85SYPX?= =?us-ascii?Q?nMRXwlkeV7wzFO7KZZnrgyOYSGIo5lQjbW0Pl6kxWj+M7LltL/Y15ctETj9F?= =?us-ascii?Q?6HoLebDRWnInyyhVzfExl2DdB46z4uOQDlLK7HpOaw6rdkItF+IfEBnRWZAV?= =?us-ascii?Q?EYIHk8DYiTy7D8oNn4/4k9Lrn+uOHMTbJKyq+8v3+4FJNhRg5Ta/TD0i3qdq?= =?us-ascii?Q?s9yGiGJTSzTN0qZrBvQvThvbnrvIQ5qm07WV38j9R/gF/f6YoaRVtBL2P5t6?= =?us-ascii?Q?aoVcaLiaK+y4KJxMw5dNbOWg4gXVKNHPbKEJpw/v8hBBecS2h/xk+WT3WoW7?= =?us-ascii?Q?r8tsRuchAkF5QFQNp15tsYvjqNtYKioGVWb5XTeOMGQHMCvugGzwPG1O1imx?= =?us-ascii?Q?ApJGi43b1GhBCcdjY4jltgIuMj4OF5iKcxuTXCgiZwuHkZh85RFYqqu2VwcW?= =?us-ascii?Q?n63C97sLv2pEOUwJZIUatzy3cmGgp23ae2U23iHMr6RLBuAtMBum/AzrnDoR?= =?us-ascii?Q?uzMgb/sYps1VreTbhKkNr9NewlIE2EyiB0Ez+lv/H0ty6a0lQmat3K0h38M3?= =?us-ascii?Q?R+jE3YwDj4UwsHiWHvqujTA3HHkMqNc1sHJ/fa9P5qaJxfR40WNfwoW14krI?= =?us-ascii?Q?Tj1MErK6rdxSfo4Flzy9VxWjiASMCBK3eFRXf3lBEv8QCgrfWSKnshFjCBSy?= =?us-ascii?Q?gch4bWBfDHWPjI=3D?= X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 6:bMmxXsuo7V8PPxJIbrDMZ4Y8q6vqIsqlmQFbd+K6ZUhqQJ7yridJ+fRq0OOu2s8Mi9amJlVmUrm1zkqMHf5cytdb8E/5yHLx4azM0ox71Rgfz59yi9QJftMO9PoRqMsvKlCJ0+I2sA/wOsBvgO4haIFFTkA66mKClM5XaUDVyZzMjU+A5NtpxqAbldZB6G7IANk6K9CHRlVjMUL61EodqxiIT2D0bQJfFXya2ATnFRq3D7BMURUrr6xf/AjvTbaFSuM08oMe+UEtueNlBdDK81q7ylHmDrwlj5lP61fWk6sdRRotVrdagZQDICQrC+G5bdeuZkGWze9jdSOaIPa3EQ==; 5:8xKZAZfOd5kxjxXRDqSlrh2PPmKgE1fAIs0bOGdKRb8ArrRMH9aOxYgKkLrUF81LRPTytJLY6WskGta8CrEcHt8QutYbPnoTMkLz9gCv8P77Cvk224mBwiFXx6peQgGNIsXbIStpTB0CCkHxVjZw5g==; 24:ZJ1TPN21hBiEFLohCTDnT1ZIffLu97h6APLurqhEoVTdP8UInL2NEfANGjKTIFZBR3cNgsOlNRvhQ+ag22EZ4tZl6jTXfmoAXO9WBCxazbw=; 7:nER3DNerwjyTIVeWjDV+SxFqZ6rc+IJNqaDYyuC82XBPYLmOlUtd7yr81LGuHr7YULHA2R7sID4ZCKOwUu9gebPE7CdbnqzTys9KzSMBVWnkLxoLX/3P1h4H1dBQSJb/J44dQsSV9MiVM3YLllgUNw1zJ/5xeiU7jJpH81SjdqVWhIsW94pfJwtZ5np6ZlEgL4mCFpy955MP6Bkuwc5gGNfYk/5n6I2JuGGWNnROqmc= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR12MB0155; 20:Eny1Vsz33PEj5hDLcdMkF2q+TtNG7sod0M4inYi3ttvUniV76N7va1Lh9eICXr7CHXRrZSP/4wda4nv+27oxIJCFhNL1saC6CWeDLHrmcxP1HlWxWZz9noaJHGavSE4veIgg21ECQYoFGkXmgw1pGlN58NiyIjad1QsS+Lk+5xwS2c9ehESMy0jSkuCtNm69d4doJ76dpFNuTqL7SNvHN/XoBpiQN56MAf7ETGZfbEOu6wv5a8m/YvMsLoggLWvW X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Aug 2017 12:23:03.2634 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0155 Subject: [PATCH v3 12/23] OvmfPkg/VirtioRngDxe: map host address to device address X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Aug 2017 12:20:31 -0000 Content-Type: text/plain patch maps the host address to a device address for buffers (including rings, device specifc request and response pointed by vring descriptor, and any further memory reference by those request and response). Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Tom Lendacky Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh --- OvmfPkg/VirtioRngDxe/VirtioRng.h | 1 + OvmfPkg/VirtioRngDxe/VirtioRng.c | 82 +++++++++++++++++--- 2 files changed, 74 insertions(+), 9 deletions(-) diff --git a/OvmfPkg/VirtioRngDxe/VirtioRng.h b/OvmfPkg/VirtioRngDxe/VirtioRng.h index 998f9fae48c2..389c8ddc8d31 100644 --- a/OvmfPkg/VirtioRngDxe/VirtioRng.h +++ b/OvmfPkg/VirtioRngDxe/VirtioRng.h @@ -38,6 +38,7 @@ typedef struct { EFI_EVENT ExitBoot; // DriverBindingStart 0 VRING Ring; // VirtioRingInit 2 EFI_RNG_PROTOCOL Rng; // VirtioRngInit 1 + VOID *RingMap; // VirtioRingMap 2 } VIRTIO_RNG_DEV; #define VIRTIO_ENTROPY_SOURCE_FROM_RNG(RngPointer) \ diff --git a/OvmfPkg/VirtioRngDxe/VirtioRng.c b/OvmfPkg/VirtioRngDxe/VirtioRng.c index 0abca488e6cd..59f32d343179 100644 --- a/OvmfPkg/VirtioRngDxe/VirtioRng.c +++ b/OvmfPkg/VirtioRngDxe/VirtioRng.c @@ -140,6 +140,8 @@ VirtioRngGetRNG ( UINT32 Len; UINT32 BufferSize; EFI_STATUS Status; + EFI_PHYSICAL_ADDRESS DeviceAddress; + VOID *Mapping; if (This == NULL || RNGValueLength == 0 || RNGValue == NULL) { return EFI_INVALID_PARAMETER; @@ -159,6 +161,20 @@ VirtioRngGetRNG ( } Dev = VIRTIO_ENTROPY_SOURCE_FROM_RNG (This); + // + // Map Buffer's system phyiscal address to device address + // + Status = VirtioMapAllBytesInSharedBuffer ( + Dev->VirtIo, + VirtioOperationBusMasterWrite, + (VOID *)Buffer, + RNGValueLength, + &DeviceAddress, + &Mapping + ); + if (EFI_ERROR (Status)) { + goto FreeBuffer; + } // // The Virtio RNG device may return less data than we asked it to, and can @@ -170,7 +186,7 @@ VirtioRngGetRNG ( VirtioPrepare (&Dev->Ring, &Indices); VirtioAppendDesc (&Dev->Ring, - (UINTN)Buffer + Index, + DeviceAddress + Index, BufferSize, VRING_DESC_F_WRITE, &Indices); @@ -178,17 +194,35 @@ VirtioRngGetRNG ( if (VirtioFlush (Dev->VirtIo, 0, &Dev->Ring, &Indices, &Len) != EFI_SUCCESS) { Status = EFI_DEVICE_ERROR; - goto FreeBuffer; + goto UnmapBuffer; } ASSERT (Len > 0); ASSERT (Len <= BufferSize); } + // + // Unmap the device buffer before accessing it. + // + Status = Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Mapping); + if (EFI_ERROR (Status)) { + Status = EFI_DEVICE_ERROR; + goto FreeBuffer; + } + for (Index = 0; Index < RNGValueLength; Index++) { RNGValue[Index] = Buffer[Index]; } Status = EFI_SUCCESS; +UnmapBuffer: + // + // If we are reached here due to the error then unmap the buffer otherwise + // the buffer is already unmapped after VirtioFlush(). + // + if (EFI_ERROR (Status)) { + Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Mapping); + } + FreeBuffer: FreePool ((VOID *)Buffer); return Status; @@ -205,6 +239,7 @@ VirtioRngInit ( EFI_STATUS Status; UINT16 QueueSize; UINT64 Features; + UINT64 RingBaseShift; // // Execute virtio-0.9.5, 2.2.1 Device Initialization Sequence. @@ -282,25 +317,42 @@ VirtioRngInit ( } // + // If anything fails from here on, we must release the ring resources. + // + Status = VirtioRingMap ( + Dev->VirtIo, + &Dev->Ring, + &RingBaseShift, + &Dev->RingMap + ); + if (EFI_ERROR (Status)) { + goto ReleaseQueue; + } + + // // Additional steps for MMIO: align the queue appropriately, and set the - // size. If anything fails from here on, we must release the ring resources. + // size. If anything fails from here on, we must unmap the ring resources. // Status = Dev->VirtIo->SetQueueNum (Dev->VirtIo, QueueSize); if (EFI_ERROR (Status)) { - goto ReleaseQueue; + goto UnmapQueue; } Status = Dev->VirtIo->SetQueueAlign (Dev->VirtIo, EFI_PAGE_SIZE); if (EFI_ERROR (Status)) { - goto ReleaseQueue; + goto UnmapQueue; } // // step 4c -- Report GPFN (guest-physical frame number) of queue. // - Status = Dev->VirtIo->SetQueueAddress (Dev->VirtIo, &Dev->Ring, 0); + Status = Dev->VirtIo->SetQueueAddress ( + Dev->VirtIo, + &Dev->Ring, + RingBaseShift + ); if (EFI_ERROR (Status)) { - goto ReleaseQueue; + goto UnmapQueue; } // @@ -310,7 +362,7 @@ VirtioRngInit ( Features &= ~(UINT64)VIRTIO_F_VERSION_1; Status = Dev->VirtIo->SetGuestFeatures (Dev->VirtIo, Features); if (EFI_ERROR (Status)) { - goto ReleaseQueue; + goto UnmapQueue; } } @@ -320,7 +372,7 @@ VirtioRngInit ( NextDevStat |= VSTAT_DRIVER_OK; Status = Dev->VirtIo->SetDeviceStatus (Dev->VirtIo, NextDevStat); if (EFI_ERROR (Status)) { - goto ReleaseQueue; + goto UnmapQueue; } // @@ -331,6 +383,9 @@ VirtioRngInit ( return EFI_SUCCESS; +UnmapQueue: + Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Dev->RingMap); + ReleaseQueue: VirtioRingUninit (Dev->VirtIo, &Dev->Ring); @@ -359,6 +414,9 @@ VirtioRngUninit ( // the old comms area. // Dev->VirtIo->SetDeviceStatus (Dev->VirtIo, 0); + + Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Dev->RingMap); + VirtioRingUninit (Dev->VirtIo, &Dev->Ring); } @@ -385,6 +443,12 @@ VirtioRngExitBoot ( // Dev = Context; Dev->VirtIo->SetDeviceStatus (Dev->VirtIo, 0); + + // + // Unmap the ring buffer so that hypervisor will not be able to get readable + // data after device reset. + // + Dev->VirtIo->UnmapSharedBuffer (Dev->VirtIo, Dev->RingMap); } -- 2.7.4