From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=helo; client-ip=104.47.38.62; helo=nam02-bl2-obe.outbound.protection.outlook.com; envelope-from=brijesh.singh@amd.com; receiver=edk2-devel@lists.01.org Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on0062.outbound.protection.outlook.com [104.47.38.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7ACE420337371 for ; Thu, 5 Jul 2018 07:05:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IPTq4Z38HSqyncfheP0RrtIxKdbUp+c8BdIgHVFhKhs=; b=OaDVb3I15TUpNKosvZqIWdyWRmiBpGhLl4XShOmBRzj3GnSWIAzA3dhfY4bGkCyFgITtPt8HmtI0zpgw+bJ/pLSsB9TAove7kPvFsmEynOadcsUcZ6Z7TvdgHmqB8FWlLOP8+r3tOtz2bxXt9mwcD1BRXptb4kLNCoiozWr4QA8= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR12MB2685.namprd12.prod.outlook.com (2603:10b6:805:6f::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.930.20; Thu, 5 Jul 2018 14:05:17 +0000 From: Brijesh Singh To: edk2-devel@lists.01.org Cc: Tom Lendacky , Brijesh Singh , Justen Jordan L , Laszlo Ersek Date: Thu, 5 Jul 2018 09:05:05 -0500 Message-Id: <1530799505-28256-3-git-send-email-brijesh.singh@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1530799505-28256-1-git-send-email-brijesh.singh@amd.com> References: <1530799505-28256-1-git-send-email-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: DM5PR07CA0074.namprd07.prod.outlook.com (2603:10b6:4:ad::39) To SN6PR12MB2685.namprd12.prod.outlook.com (2603:10b6:805:6f::26) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 83491611-a632-4925-4103-08d5e28056f1 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600053)(711020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(2017052603328)(7153060)(7193020); SRVR:SN6PR12MB2685; X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 3:3C/QNIoqf00SJyKRCRY/f7bXDR/KGIJsHDpPP002PqelhClpLvXgPO+xuOBAm+SwioG/vwg/PdHZfBs6PJFNI+SQ2JLcmn/+TxJl90qUjxUKsh64zPAjVGueTFL7hhHBNi0ZGWWqsKn2N8zIJx0/gaeLHOoyOZoqkVbruZQA3UKKP/dGWPBSSI8KemHDGmnn0cJW3ViQDnZr/nP9nSl9ChPvYGmmufVBZlmIN2kV7y1W3F0KSP4c1XCLosCdTdm9; 25:juSt9A+4Q5mhQxKLbSMgywYnrlFy1zul35tE/sJsHcKPAmscXW4Uhx5MJTWXDAZgTzfdWUeh6o9vGkU/GPl5kZze/+3ASzIKIlPmqeovyNHqwxH91OPm2H4kZ2iktMUQ3tCOemZl8MtTDX4XCcJUP8ZRQxweP67HfrHVGn3ug6cG8oMu/vWCtY5uGBKrE8guJ0LsG58XLV5spH+qpYr96CZFBj6dWA2V3eGC8/zFfoL18djQ6QnPgSnpGNnka5uUzLm77BK2ij7PE2K3+Im/Iz2Zop+k7BMJKybLqY0cxV3aMOMCEvZ6jFRbVtpwmd6Pyjj+6zAf6wxZGQ/ARxDQDQ==; 31:dDNJxWrZsyEbtrmXbbBXR4Vo2IiMtc3pEJ/7Sot5TQqa7DejwurfJV/jkBhvnWgdUtsO49HQbJsqdrB5c5dxrNwGRyYvunXyiOjI0VjjcelERPBrYM4IoJlMlo0bv8Q8NvMouC+J2DMuh67GrDsclov+VGlUcICrV8p2jQ3k1fS5br9FvSp1n9hQ8y+d0rbVAgIcDoyJ+i1n4MU8xGxi17WGEIDOWU2q38cacJRzNYA= X-MS-TrafficTypeDiagnostic: SN6PR12MB2685: X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 20:qVAPZtKBFQ/J0IRzV35zdQAbfzfoypsRMXf6yQDM9lrpaWoL0sd7dsWik9Wp/0e7tQ8EPrXlMq4RZMgb/OW4Xlmnl/dkeITCcTxUeNV9oekN1O9uU8iym2Lp9x9OB4d7FuFFIUooq6VRXSqs/0lfLmbWoiXoxf8mmEfDCO3GS1Ucarl6u4LxUP/1rdUk2Y/KIXpyBGDXO7rXMegAl8v6j4JqHg5bJAX+UCfFFtbJJbApPViPY95Uhdy9jeqw/lXJgoVLMAOoEKszK7my0FQRv3PRfBhiLbrCdVamSoFW2DVnvrBIciSN32Qeye4ZncTR9zw/Tx52U/H2dg7tXH6DrhBrka3scYrnNf/xr9nj+8Y9Vy7Ua9gcVYFDoeMVaOCzfi3GrMUgEIzCxWDkrR02d4kbIKnGiinFq0KACgbGB+4iLdMdpIhiA9h0t21Fb//+BDFU5CiKfszNpHgPLD3mhYN0k/hCq8BjNA3LYMghNdVrwfIJ3b0NvbiRCf+rn5+5; 4:+5vwk2i00WB4dxFhAotqmmpQzJQ1ahiTnXwIec4FIwcjXywNzic4kl8nht1hDzMi2eo4VlaJWnaRx3yPndtuyH0jNs62aiVe+xw0Jru8f+2TnloSn954V8zIMmqVZ/dOVXJXofrx3AJ0NVKDcW+cQNlWtSeG5DBaJLvxFgGt1+V+oMAX+8de359mZwIRvp9bx6euDCE+Rro4Ut+W3vbsvwsBZP0rCdYpSeMvAoTD/f82qsMY/a5SkGu3tA08i09E8kyHR0N9jNHR+c0MDFmAMTkLAjmveojMGVDtCGtGaLpI5fx+pBPfesHY1dhUno1oTG3c7gM5Zu4ZtHkk+m+zYA== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(228905959029699); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:SN6PR12MB2685; BCL:0; PCL:0; RULEID:; SRVR:SN6PR12MB2685; X-Forefront-PRVS: 0724FCD4CD X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(376002)(366004)(346002)(136003)(396003)(39860400002)(189003)(199004)(105586002)(4326008)(2351001)(106356001)(54906003)(50226002)(25786009)(53936002)(51416003)(7696005)(36756003)(52116002)(16526019)(186003)(47776003)(2361001)(66066001)(5660300001)(6916009)(14444005)(68736007)(316002)(16586007)(6666003)(478600001)(53416004)(446003)(8676002)(86362001)(6486002)(2906002)(81156014)(44832011)(50466002)(3846002)(386003)(81166006)(2616005)(476003)(11346002)(956004)(8936002)(48376002)(486006)(97736004)(305945005)(6116002)(76176011)(26005)(7736002)(213903007); DIR:OUT; SFP:1101; SCL:1; SRVR:SN6PR12MB2685; H:sbrijesh-desktop.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN6PR12MB2685; 23:tmY42IYZKGRKG4hQijnZsFfEO4stju+fZhUvsD5UW?= =?us-ascii?Q?mDbOuZXl8CD2h6VqD282u/+aPq1LbW1WA3wp9fkFGRINZl6fxhcGcpZ/9Yu8?= =?us-ascii?Q?kF6PnDXyuEYArBWy7pg3t2DvZOGfF5dtLz0hclxONFt76GGL+RgUYtUjwXgF?= =?us-ascii?Q?o2zZnDXWEoVLdcbeF8G8q8g+Dalm/LWbgmxzLix+tWOZ36DbIxmFpRRItD+t?= =?us-ascii?Q?dVDsG+5LemuZae/2qmMx0WJ78vHc5zLMOB+WTo6SRxsZTG65eSGN3TL/F3xr?= =?us-ascii?Q?Cd5MLIKEDV9QebJjz3NHok7rWLfcEQ2rWcw7wwm119iYVNJS6p2bf0ZeXHUh?= =?us-ascii?Q?yyJfZeiqEgUUsqdO8+TVm+lHSwrleTUAETXuA1mmzEwju9aMhNSnCWbnvWWk?= =?us-ascii?Q?1hemGIYJ0d/vDisZ73OnQQZnPPbUpxx7TMEpsgUYls8N99j5fIYuPwlWJAEs?= =?us-ascii?Q?SbFO5rpiEsV3pxBL68QVy6NGoF10xA3DUPRNzTZGIY3izGXTmrnm310/j7/1?= =?us-ascii?Q?miKZUyII61L8p0bb10iebK3Xs4id5mf/uZN9HFLqaqzRPJDT6uG4OeKqrLDf?= =?us-ascii?Q?tBe5TVWaMkl9Y5lHYVxANjHJnS0rRsgleIp9vo9rUlAmiwuJzBSaN0Zo+10S?= =?us-ascii?Q?urwL35ed326n5jiu4uuPjnL0UMy+dxIdTmdY1b/YF3iSekMllzrLK8cpo/AN?= =?us-ascii?Q?I1NZ+rK4U09XFrEfK+K4INCOSIY0wZK5190AOWFwRB8uJFFSn2D1vfjs69TG?= =?us-ascii?Q?j86Xz/Qu1MN3pflkxL63cmOrCoGwEky8rp7txJr1wLi24p3CF0hzrpOnLuH5?= =?us-ascii?Q?vQj/9GepQcyefOU/fdhZprL+lbrG7C6jOFCxqgRPunSZGtEqLBZ6sqchcsMP?= =?us-ascii?Q?fIYv4h60Gzgqaqr1dgBWhsp14GNk6c87xMMcrvrXyJh/EWz+mkrTKpkZC05u?= =?us-ascii?Q?Go00j0FGIh3GvrJcZbE6CWXN1CfHaUpTddmHO3YjRZS5+KbBVPamhEWMJp/4?= =?us-ascii?Q?1JeDz6NDxpQr9c30YIDACWdelhfN/UgiwTtoHjQUDlzkYbSRlSclWYf303cx?= =?us-ascii?Q?JQ49wSdPzeRty68WmM6duV23JliiL38jZoGUz77jAkMQSYL2ntT43t7TWIXT?= =?us-ascii?Q?S9M7kon0377hKkev4/X8esLBao31r4BiaMeKXwEODdOLpqz/qboV3On2pWuC?= =?us-ascii?Q?S/D/NA1ej0kJcN0BQ/0eSXZPk7Ott8X/Q+rCFuqoo4izOuiUmDWunKe8mPM/?= =?us-ascii?Q?awFEIyTbv0eyiEfydLy5ulYWvSqhbeksZ4pD+1d6JFA5qtNS3UzZlNP+Oe7G?= =?us-ascii?B?dz09?= X-Microsoft-Antispam-Message-Info: mejemw1GPwQ7w9mZzDpt6z88h9alOe5zppudKXxIcawCLFlCeoFbd9jnsgNULtIGfJOobfGDYXd/Z1e5kz8gABxU/UFQGGQT3CZupz7xzFBGPx7wp2Dd+Xn8z7nEcqEGIjA8hg5rzdsu+uQGinouVGTI6T7j6Tiadi+y8MfLBmExKANlYZ7sGh955FQV54tmBNWFcTGvocUNKJuyrDphESt1LWj97iEBFapGlaBwsq4P/Wbx/2khNxc4ePCo1d1AuSp2VwADLNclOeWz3mjlbPinwMQ9aabhp9gYBmaKrbt1IQlxHPyG9rcOZD/iVcyF9b5q7rgUCrl4FG9p3YOyb2H7MYjyHnWj/mVyApbLmik= X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 6:1YYkQVJ0DSrKGoy9uITLlMi60ogmHKVvwq/2ll1UrujcMgll6R/wJwAOZlCoq59e4Ky5wJqln/I6NJI/1wHawk5S0+hRgHw8KK7rISW6v6EfsE0mDdJxZI8qrVJv+l2u3biesLdrVQ63VOzNBDjNn1I+s9jryLGMENuKQbQonuWiMiS64nOdX7ENYZ7c12eHOZdvH2QRMycMOz4L6W95lGQUqXb5V363gSfbC9HOkjMPKXejfM4KSunIIWfvJAIyF5jsfVntH2cbkzz+C6V5V/xS58S+z10cMAy30L1/txas6frbDm0mHXF/vIpdeAMOGOvwp39KmXDyt+DoGxeu3KErOUJAG2nPNpI27UyHjj7Cr1ZQqprd9Gwf0yFIcYou01HMRUv4IF3hLU77g4CDfYXhVkFY7DCySi+JdXimXlFq4lSLlAGaXDHU1ok09+m8t4TQUMPeSXQQ8F/amre7Bw==; 5:BQfVv+6qeI2wjPzWzwCEzBJBAKDbWx0RDNOVmbhbuGAf69SGnuOuj/0TJPK4GuleXcYS6CddRt05Yis/gdpCCvGZ5jhVo1A7mY+TJxAnz7fy2+gRxex1cUNnRdcynVHgIL/Hw2oCHHcjoanytpFE5K+VZBuZK786ns7lIgTrCMo=; 24:YVR/fSHultJtCilqoKotq3lgMYWqtxjYkFa/rMMaTsxNTBwv7mGZWhgpS50YN027nHhioajDMaNFNrWkXCK8od0TfSi5SAE4veFZlooRFoQ= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 7:QthNDsUCWEK55+RLttQaa5A5UkBfFAcRwBkGg/WUA1UMGuSpGKVLNYmg6J4FW++2E6cRnlHZ0POTJ5kVrVnry76RJzZeQWz2Jdca6laGr9F2Y4PR3T9gt7xkUTQQSHVmZ2F1AmvagIWn9Ykd/pS8K0F6GdxEGgbt0mRZ7Jg+wpzZ+DBgQKZ95B4UWVRJHgY54+PPOX22aIl+UUcyZX1eIuohzvQ3cXfAl4wMHRI3Byfhx/32VMZXtAHnQEsIHdun; 20:vATxuqDFxmydsmVsqjoWzay0nJm63EZGSAzk8lRDt8mBGcmsaTOGDhLX1O8cmPdGX34dglNFLAnWXYyUAiHvFqGTthZ0eojXrcAuRmq+I7O0z/bdL8YyV4A3MwOf7Pt30FFWkmq9IfOGUkvQraMWXJIwKJGN6jJiUv2mNZFsUlbt4corwPR2Hs49ukVHwkCRhCfj56VtPaudMTCjS1h5qGrCarC1tIx7t2UyabeA5w3gwCHIfnA6FWWmhIH6V9ae X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2018 14:05:17.8511 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 83491611-a632-4925-4103-08d5e28056f1 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2685 Subject: [PATCH v2 3/3] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Restore C-bit when SEV is active X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jul 2018 14:05:21 -0000 Content-Type: text/plain AmdSevDxe maps the flash memory range with C=0, but SetMemorySpaceAttributes() unconditionally resets the C-bit to '1'. Lets restore the mapping back to C=0. Cc: Justen Jordan L Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh --- .../FvbServicesRuntimeDxe.inf | 1 + .../QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf index d7b4ec06c4e6..6bb5c2093790 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf @@ -54,6 +54,7 @@ [LibraryClasses] DevicePathLib DxeServicesTableLib MemoryAllocationLib + MemEncryptSevLib PcdLib UefiBootServicesTableLib UefiDriverEntryPoint diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c index 646427bf4e2c..3add4bbad74c 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "FwBlockService.h" #include "QemuFlash.h" @@ -204,5 +205,21 @@ MarkIoMemoryRangeForRuntimeAccess ( ); ASSERT_EFI_ERROR (Status); + // + // When SEV is active, AmdSevDxe should have mapped the BaseAddress with + // C=0 but SetMemorySpaceAttribute() remap the range with C=1. Lets restore + // the mapping so that both guest and hyervisor can access the flash + // memory range. + // + if (MemEncryptSevIsEnabled()) { + Status = MemEncryptSevClearPageEncMask ( + 0, + BaseAddress, + EFI_SIZE_TO_PAGES (Length), + FALSE + ); + ASSERT_EFI_ERROR (Status); + } + return Status; } -- 2.7.4