From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=helo; client-ip=104.47.33.46; helo=nam01-bn3-obe.outbound.protection.outlook.com; envelope-from=brijesh.singh@amd.com; receiver=edk2-devel@lists.01.org Received: from NAM01-BN3-obe.outbound.protection.outlook.com (mail-bn3nam01on0046.outbound.protection.outlook.com [104.47.33.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id F18C4210DF778 for ; Thu, 5 Jul 2018 12:12:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=X56Ht2q/Pmbxtom1Ca1V7H3fQJD7wcxpiR67CtLZlJY=; b=Q5a153tesnaqhIUCuw3kWLK8yAvjCecibhbYbi3QwAKczgXv6zvGDEDB8V/ciFWrqnMER51TkpKpEg4bRFIjBMQULKq2UhJnul5Vfa/wyI1viuDaDulmiSZpydGt90w5a7dg8UUo4hae5TSWFeJzzgL81XRlHHOU3zAN7qQL35I= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN6PR12MB2685.namprd12.prod.outlook.com (2603:10b6:805:6f::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.930.20; Thu, 5 Jul 2018 19:12:37 +0000 From: Brijesh Singh To: edk2-devel@lists.01.org Cc: Lendacky Thomas , Brijesh Singh , Ard Biesheuvel , Anthony Perard , Julien Grall , Justen Jordan L , Laszlo Ersek Date: Thu, 5 Jul 2018 14:12:25 -0500 Message-Id: <1530817945-8030-4-git-send-email-brijesh.singh@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1530817945-8030-1-git-send-email-brijesh.singh@amd.com> References: <1530817945-8030-1-git-send-email-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: BN6PR1201CA0013.namprd12.prod.outlook.com (2603:10b6:405:4c::23) To SN6PR12MB2685.namprd12.prod.outlook.com (2603:10b6:805:6f::26) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: cf20d36f-429d-4046-b96c-08d5e2ab45ee X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600053)(711020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(2017052603328)(7153060)(7193020); SRVR:SN6PR12MB2685; X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 3:MbTnacL0iL3P3arkt1q4Yd9RjIYQN/CPSU1YaPAfbnSOtwr2EUB2ds9+HpEyWNizh93SCjRNBeHT4m3v46p8pdJh049Mt2w3Nt6IasU6N69zDQ2mV/ZOwETZqbq4FzzC8ecR4cQcVPtLxgbrTGB38LAg+Ri9x+bDD43xjynjRSMtb82h/WAkN3g4SkjBqUqAMFuA0dLh+KSNN3iRbh4F4cpVCky09/yIbXAEagNSXqZCqVy9EUxbA1/LxXu8ibNe; 25:JqyDomw0fzkh7tZVgGT0Ujdjsx4Obz4NNzDbPlfnW7GcyVSJPL+RNhIsUJ39t20RbYmsl9CW1QwEOeiXyrigTi6/7fbbwG7ik6rbyjbPPuqLEzRpV5V3G7lmokMztEM6QNiSQkCg8icDqm2JTEUaLl3UBew6nhkBmTpFKCQLkZJ/yRY+KrbfXYq1+zZWTC+8M1Qb4pHOXMbfYJPkhhqVRWfEHOjgHcqVrQMHizePzQhQXCPRgNiszRgqe8bzN3BaDqxqkWMqvuBIX3mn6vOuaEbEg28wCuGQ6ZA2QhA7TTEaF0uDRaUnn7jhnDGX2ohxUN4dTiO9OoigxXk6RX8V4Q==; 31:BU9SlGj1B2hGnwZLirs+WqHsw/YY9xqHzxl5L3O+26gDEOEKL+o5U0XhsLntO/hh5LqbrSryvIfNbFGk2h+1JmRmKAdv+qr6V2nYklsqg3STrPD2XOi+vCLAfY2bC9ZhXoTqXHLI0aQ1maOYAHQ5Uvj761mjMI/T07B+hGh0w3EOnTGX6q1VtWNCxn7HGBizRMkg/178Tg7oi0vFTQBcWZD50tb089Ugjd8kIDimx94= X-MS-TrafficTypeDiagnostic: SN6PR12MB2685: X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 20:vSzUNnRKnf8qFrAdRMY3yTaqw9KpLeHs1I1C70kXbB5zp3Ba1P0l9P40i2RhFkJKgnsz8pR70ZVgZHBb8D3BTb2+YwKgZ1edZZzG0b/OdPTgAUl3QfBCZIuXPfgjJ6QS7J5ACFU627V1i1XoTwC3BO88STZr36N+8xj3KforezmQYGZ83Ld34se8YQkUaZ4bpwp1gB3XwBf/gDWLqkv3qdegGDaq0QCTBmf8DezI/ODudhoP+KM9ZKTY1Mhkdi3d5q/aDUr5cUqZBrQYj501/LkQ/WVc0hBbMfPJjVEdgi32XgjLLIhsogm5Mv0FGsBBh58SkPVymAurzVSf6z4SB/i9BJgymz6cc0inNGvZHvmTIu3d4NiMabAlkV0YOgbEYZUDfRC+AdK4PfaYaZKbUcFcbr6Vq9KEzD/zVHoTJ/o8UQTQsDS5YC5GiDeTatE9CjKvpsx7V9h0KMIkHgZl6nGINqliPBKAr0c8ioQcPi/Hf+KSo7VU+IudH/gaTJci; 4:9BpxAr40NxNfUQSwpmCC/ub03HtDF+FUJzYgzcE7MH3xcENa+YbCqmyEKjdiB6tQ+SaLr9pXP4FgUlBgsPXe0sg8ChU9Gn7C0LIkABWtQXfInQ/32vu5ADF3Glz1LcknWCR/S7BrDMu+hONfDYSl73SdJ1hvQ/CcSuP+ZzozPiCUDRcJxT5LI5LdC8iDky8VpEgCwbv2UAEAnPBaAvBi2RW923R88a/qHbr/tH0UGolmVd7GnDQ6rhYXh5FpMgdny0dihvtJR/Jdoxsg7YbHC3MNH51ycTlbguUj5Tp7eIYiY2uZa8Y2mt0JPvqy0WmI8zYw+pVDfvtEl2XV0UDRKXLamuYHc6jOhauaLSEy4hiGIGvE8HfiuPKXvmEGNL+/ X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(70601490899591)(228905959029699); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(10201501046)(93006095)(93001095)(3002001)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123562045)(20161123558120)(6072148)(201708071742011)(7699016); SRVR:SN6PR12MB2685; BCL:0; PCL:0; RULEID:; SRVR:SN6PR12MB2685; X-Forefront-PRVS: 0724FCD4CD X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(39860400002)(376002)(396003)(136003)(346002)(366004)(189003)(199004)(106356001)(105586002)(4326008)(2351001)(54906003)(50226002)(25786009)(186003)(53936002)(51416003)(52116002)(36756003)(7696005)(16526019)(66066001)(47776003)(2361001)(5660300001)(6916009)(68736007)(316002)(16586007)(14444005)(6666003)(446003)(478600001)(53416004)(8676002)(86362001)(6486002)(50466002)(2906002)(44832011)(81156014)(3846002)(386003)(2616005)(476003)(11346002)(956004)(81166006)(8936002)(48376002)(97736004)(486006)(305945005)(6116002)(76176011)(26005)(7736002)(213903007); DIR:OUT; SFP:1101; SCL:1; SRVR:SN6PR12MB2685; H:sbrijesh-desktop.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN6PR12MB2685; 23:taxWiP5byZCSWvLtt9n9xlQ1/4WZ8xFflaku3J9eA?= =?us-ascii?Q?Fg1WugBSj+jHMvc64m0Ix+H80fr743bGq2KpKYIXq4Al40dq2Xh3wwjWRP4Q?= =?us-ascii?Q?L6Qjvva6sbpxxgge64dX8gVM1JvuvHhwDrYlPbm4OaZdcb2EuCozIQqhpHGo?= =?us-ascii?Q?aqk3TrRBT5uxhecnFXOaGQgWDdf2qBRUGbpLCzCbToHUuEt2OQrqq4tVTCT1?= =?us-ascii?Q?3ysbf5M1d7gW0WPsOA2lw8ezmJqRHDLWYO/0FXPQrepWhUnvTMtz7MU4QmgH?= =?us-ascii?Q?SqRoMRR38D9r+ijt52gYQ4f86WnPxXuGNNuaWCTq0gZ+Kb3bvdtVxdH94bja?= =?us-ascii?Q?z9K+5EKnE5fFEZZ11XbXW1NgztCM6iZmOd7s8fqvHLMT8jzhFO4vYDF8X6Gz?= =?us-ascii?Q?P9DzTrcfZNlX4t0a/hZcqFzHZ94PYpbp3Ckdhu6+PBQOMF1yHID1T8sg2SXj?= =?us-ascii?Q?CNkCsHKuxWyInKFSrY+YLiC+f2AcAyyB2nVeyFFA7TOonbGV5sTY70qnidrW?= =?us-ascii?Q?qBOqmSQZa8xgJdavXc9KRez4f5Trpfig3Hj4J34gxhXJrf9pBDIRvReQI6wD?= =?us-ascii?Q?byKXbPpk0tA9xAnIUAsg1lhB8e+F/4l6U1xZKti70ez7klT1bFrGbGw8u8R4?= =?us-ascii?Q?rFS311juTBIq9k1qDHr937rsMks0SRYyVWX64QrV+LCwFqpiIEVu6g1cErUg?= =?us-ascii?Q?NbJZnNfZJJU182xFv397Ef9gne8oZJ9LQN+I1deHi7vN4eA+XIjEqk/6UIXg?= =?us-ascii?Q?OJ8vyn0+Pu/ZPFwYcU/W9GfWJD9ppmwTK9v3mI1vrK1Ct173PHdPXNGWnLqc?= =?us-ascii?Q?x87kep+3MnMK0BRutzaDrLRvq/tIHyyUAgQkXaoVWWYG7GKBWgTVl4xA2so3?= =?us-ascii?Q?wPwjDWbgZ2YCzdw4+gjhdWixTATP5yk3YW0Epht7CzMrWC01hMGATje5KBxK?= =?us-ascii?Q?qvKY1i1OyfpVC70sLr0cV72HQNKBOIIiUzv2D10oBl0fPHceeZwdIlDf5zeX?= =?us-ascii?Q?0EnWJcKg3Wk2OY5F+LMzzia20IijKDUSKXF9gVJhDdp8MI++w6lJ0WfTI51Y?= =?us-ascii?Q?waiqk+k2mHs6irTjyp1M8fhz9jJIouU4nc/wTfa7ZW58a76f1ToQ1z/vxDDS?= =?us-ascii?Q?UQQH54x9XmtsMbQgEHRYSyLDq0+13GhI8Eej07jdrSqJZ2xgSKR3aq5pEQWb?= =?us-ascii?Q?zQjxN3pqGikI+JvVKV8bR9uA1hCOmtEaMFbYeBhuci2G5qsOqD0l3SCOYAxH?= =?us-ascii?Q?nF1nHKb3+Ld/HDEKTul+MGh/wW2WLggq/tmkvHxuvnR+JWY5LjTxeSQQkOC7?= =?us-ascii?B?Zz09?= X-Microsoft-Antispam-Message-Info: rk04NGGbtQqPFblr1HSLwPqDglGr0VErbs+v5b0niK3SOz0BTBDgbAlM3K+ThOwyiT0xgpnVg5ctygIR01I2i2Ely19ZpYPBH7mhpWyd/RCvE89+H1oHptI5mP+rC0lLeijFG0n6OOwS6/vY3zD+hTTWqwjLN2ktUTHQ6fGI4vQx2g2OmSlmhL+qwFCKHBztbGhon+Yz+QFV51hM5vo80Xd6j89HEcm/5ZU8fSn2w09GsYjwcLAT0OEeODb8WHTExRncJtWscON8qFyDwXr5PamMDtq3fLwhDjA6NYDKSYaLGMfFoUS8WQSNtWbr38VPW5xxyBZiByJSxhvPkxZ49sHU2ZXPkBCMH/cNR9UiB6g= X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 6:NbCUeSlirIXsdMln1GDHs16UzzJv9N06rWmCuT55ZVSUxlBvY/Fb1y6V3oO7s0Js4bXIblPXXDPbgNU44hRq7Lv00kyQj/JW9cTqP/DpFgexdvQoH9JU84pwsgYV5kLmhPBdiyKpw1WsmThIrSv2EJHDFXPeQ3VqlpkfqS0uJ+yhmQAVXxckd6q4lake2yl+TpM4fBrZJmqd7vJAeeIheiInfnIsvw/kxJnWVR+f56RC9sgOR8XkeVCKsHbj5f7bd+uwU6cQBgvXIwqbzSNTfRz6UB2Vgy1tLOovkpEKPJHolKHWCkW1V327FNbRwW2/sc/o3u8NPHIBYsMGiZ5+KJ6s0NAg1PkoVhHYynzXRmd9+JNDp8R82Y7JptZmuEPLdUOQLXRsU073prnP2wOUkogBGDXm5+mK2fR2BxTFQ2/gYfyvZgVHhjzEWGNZexh/BPBobxtW71+1fGXFfXuXzQ==; 5:hQ1rFXk1Uax/vpG1nI4t+zUU8972xJPZYt0gAUxD2ZKAPstv24DTWmzDlqTEtSUrY4wJTuLr9tLcHZvDZCI5ngxw5Q9ppuw04poia9zW+E+PBwJQywNzRb55oTNktupYyM2vsAl6qFHPXDYK0q7cxtIbz9NkFntOgxabvMuqCrg=; 24:NZKJkn0Kh/HTrM2e4D3Q/jJ+SnTL38m0xn20oz5/yh6xEQvHPAvf0nFaFALrgTv70uHwvhNsarL4F02ZwSf5xWeAXM4GWpaka2HArqgAyHo= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; SN6PR12MB2685; 7:fHwOdKqoi7+OjW9AJ+JWoB+IMQQ9lBa+gQZTe07QVQECJNROjUwVYaQSUhUVV1kdJa4aNYFpgzFsYTRDsOkpdxx1kQuZGHlVbO7n+70VpKb1qZzNlOwF6VprMdChQLaWkETTb6H9+vCkmk14Iu0H78kxeeQ/wbvi7m8cxiqGvlguu743n+gcmfmePxylHcFeqYVB7RTzbo9dgE2S2plUGr1QJN3NWeXhRmttauG3FN/oqYSVK9pj/NA5MlZanlvU; 20:B/lGc29PV0UCz0K35diCX2qpsKMsT++RGAn7wStTE3wDeDrvoLfUJy8deDjM6Dbgvdm4qt9c3Y28uMqUsPLEiHvGB42kIfMg3ypFHpH7c91raWtoQf0raGSuuizeNc2iAxW3NMA3lXZVunPCt0bdIvz6IsJKcRVCUuPjfaN1wqz+1AXRsIdX9285KOunDCd+ogOcb4iUdXBMqPXhlR3tEdTC2m9ImbsMAd2bqpd+pAdnVGQpFS9SOvyPgXVbrviH X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2018 19:12:37.6086 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cf20d36f-429d-4046-b96c-08d5e2ab45ee X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2685 Subject: [PATCH v3 3/3] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Restore C-bit when SEV is active X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jul 2018 19:12:40 -0000 Content-Type: text/plain AmdSevDxe maps the flash memory range with C=0, but SetMemorySpaceAttributes() unconditionally resets the C-bit to '1'. Lets restore the mapping back to C=0. Cc: Ard Biesheuvel Cc: Anthony Perard Cc: Julien Grall Cc: Justen Jordan L Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh --- .../FvbServicesRuntimeDxe.inf | 1 + .../QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf index d7b4ec06c4e6..6bb5c2093790 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf @@ -54,6 +54,7 @@ [LibraryClasses] DevicePathLib DxeServicesTableLib MemoryAllocationLib + MemEncryptSevLib PcdLib UefiBootServicesTableLib UefiDriverEntryPoint diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c index 646427bf4e2c..3add4bbad74c 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "FwBlockService.h" #include "QemuFlash.h" @@ -204,5 +205,21 @@ MarkIoMemoryRangeForRuntimeAccess ( ); ASSERT_EFI_ERROR (Status); + // + // When SEV is active, AmdSevDxe should have mapped the BaseAddress with + // C=0 but SetMemorySpaceAttribute() remap the range with C=1. Lets restore + // the mapping so that both guest and hyervisor can access the flash + // memory range. + // + if (MemEncryptSevIsEnabled()) { + Status = MemEncryptSevClearPageEncMask ( + 0, + BaseAddress, + EFI_SIZE_TO_PAGES (Length), + FALSE + ); + ASSERT_EFI_ERROR (Status); + } + return Status; } -- 2.7.4