From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=helo; client-ip=104.47.32.48; helo=nam01-sn1-obe.outbound.protection.outlook.com; envelope-from=brijesh.singh@amd.com; receiver=edk2-devel@lists.01.org Received: from NAM01-SN1-obe.outbound.protection.outlook.com (mail-sn1nam01on0048.outbound.protection.outlook.com [104.47.32.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C073F21B02845 for ; Fri, 6 Jul 2018 08:00:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ze7CGTHFCwv28AjQ3/xjsfCLr3nESk2q9l9KIo+Kqps=; b=uaPjNqIBLmq1KDtKt9s2TdUqZqW9fyj/ojH64v+knO/CHUjrZI8E9hUIxdM+yZQ2IhQU8BHvyMjIEOTxIxe8jx0GNxftrgEejD/M2AL5rRu1J2ODKbMqNtxlbzNIwgsc3ON8/0GeiBh2UmkuZLxw80TVsASUgcNn2Pax2OToufQ= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=brijesh.singh@amd.com; Received: from sbrijesh-desktop.amd.com (165.204.77.1) by BN7PR12MB2675.namprd12.prod.outlook.com (2603:10b6:408:29::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.930.19; Fri, 6 Jul 2018 15:00:54 +0000 From: Brijesh Singh To: edk2-devel@lists.01.org Cc: Lendacky Thomas , Brijesh Singh , Ard Biesheuvel , Anthony Perard , Julien Grall , Justen Jordan L , Laszlo Ersek Date: Fri, 6 Jul 2018 10:00:42 -0500 Message-Id: <1530889242-21667-4-git-send-email-brijesh.singh@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1530889242-21667-1-git-send-email-brijesh.singh@amd.com> References: <1530889242-21667-1-git-send-email-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN4PR0201CA0017.namprd02.prod.outlook.com (2603:10b6:803:2b::27) To BN7PR12MB2675.namprd12.prod.outlook.com (2603:10b6:408:29::29) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b57161aa-ac9e-4d55-5b37-08d5e3514664 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600053)(711020)(48565401081)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(2017052603328)(7153060)(7193020); SRVR:BN7PR12MB2675; X-Microsoft-Exchange-Diagnostics: 1; BN7PR12MB2675; 3:aHpTpQDCn7ue+qv2ic+xrNaQNeyg4Uo7A2WChaG1zUuMs3EaD9AYKhMAnfvImAOHT+awVDxp10XzAzTyc5SR/3E4i/I9DgzgR5XF/lhjZWf+amHkY0nbtLUnHufjiSPBJM4kxqRT0hv1Y0qBzsgDsjwr7OpW91xDPJmMlx/+PrfCspJOdmTyFZ+M2hdG5Zt+nM/TWGl5LI0KmYUhcmlRGjma2nySbfCLhRoC6S05UcO8NxiKgvdeGhfpOrklldAD; 25:GC562DsLErUHc5NngNhG5w1Htb+LEe4E6Xyy54VVJc5/PwsY4VLpqqlimnnrlssqRUVOZzRLZz77+5wI+A58KSDJ+1suOrXqYKFEHhMTH3xAj3Jc+pbMSvcUtxrX7iBsNneQz+Eymh1fQaF8LmmZdraMZe1TqXFQPdaE8p72ze3lZ0w/WSp3IO8GMqQrpa/tt1CTmy+JjwNE0CdyFhfMgL/3PfL7sjQZZQgluSfSJe1P6gsmmvMVRN+Ou3sScR7FtjVtl0cpjY0DfS+aZo8iO5x5D/qWjzZ20HAVCuXwGDnee43xFJ1+gqfIgVi205VYmRSPMBuTDiW/iH/G3IBazg==; 31:SxUp0HwwFuaC1wI4QikggS0lEIyGyPpR4GNz649zhOO4PTXApmaqZvzNbvmJW6IdAOJIYZvVpWR+fkyG5bIDhgsxRx4taKga1uvWf/6ShFEkw3B7ezuNbv2+FWEBCwX/zda834Oe2rxXDqHKzmwvn986r88y2MnJezxAWBy068eVqhYUWRP64gNYsd3UAPQv1ACDylfHAozeJO38URe6eAhve6Q+wwbTWUQCEKL7LGU= X-MS-TrafficTypeDiagnostic: BN7PR12MB2675: X-Microsoft-Exchange-Diagnostics: 1; BN7PR12MB2675; 20:OwDX2BsHU3CIbNsSOIqPXN644tsmlXgRNx1evOL9V4APt4xw9haO8Bcd/bA96kE/Z8so9wt8t9XbGFT2lggx7T5b63CQtIv+9y9rwOwG+B0bMguI/eDAOoDK6At7972cAv4GpNMDpqC4EmvWQzomhw6jyICvr2yVK6p46Y7hnHYQF3IoD4ZrdqFW1miLy71ozAKmu3jlGmqtqfcDaowvDNOhV3ffg4yOp7rdds2wNe2RGJaMTE8EsKsLwBgQ2g5yjNJ970Cgd1OdKAPvb1ti4Vxaiw2kjStjyG/n2EW72sCe5YRsNs81OVGWbH1aTkwTuOYUQG8HOKCn0THzQf8CfElgNAwIluM7J4/M1MKeCntsqAEsl/39HxwELJTGakDVTII0vMgd9fUCnuvzBalIjzDrau2WKPx5EAm4czZMW3dWperSPUCUqOLKvTM8VDyPL7DAxwYw5EuWTxpv/TlZhBCSNZofbumzpghnPEt9KBvzm8dLuk6iwyuOEWOYYEYp; 4:tVWADVdGvqSKYAgBq9lQXLlqP7r81YxuY89ljKh486dTjE2sXuVmuTMHnkRapt0iecwWXCpvkYxJKMzoKK/gZpsQ/t1DVcj+8cKHaKN2vxirAmRK8qvRj5MwTZCSMiwzNkxB/tEz47AoB2c7+5R/UfLrQPylP1u2PxKfv1j9BPAySR/dOwmR0CB9uAwMMRU8wqsN89Bw/RUbJygHEMX97OeAVddcBYu9RO+owPD9IFWOsrRAqgROpkz0/RcX80bUQj6ZpKJDKbGqI15tBQTePhLPzAj+a+YG23AxPP4NvPkba5Oza6KRBYR9oxWa8zy4Va97eBDaKZLJN6TA3TJgNFzACcygM7bpbQsE/JOL5bxebDvRtARSorkSUdiR3hmi X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(70601490899591)(228905959029699); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(10201501046)(3231254)(944501410)(52105095)(3002001)(93006095)(93001095)(6055026)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(6072148)(201708071742011)(7699016); SRVR:BN7PR12MB2675; BCL:0; PCL:0; RULEID:; SRVR:BN7PR12MB2675; X-Forefront-PRVS: 0725D9E8D0 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(396003)(346002)(376002)(136003)(366004)(39860400002)(199004)(189003)(478600001)(52116002)(2351001)(25786009)(2906002)(6916009)(3846002)(305945005)(51416003)(50226002)(68736007)(7696005)(54906003)(81166006)(8676002)(6486002)(7736002)(6666003)(6116002)(81156014)(50466002)(48376002)(26005)(86362001)(8936002)(53936002)(5660300001)(386003)(47776003)(16526019)(76176011)(16586007)(316002)(4326008)(36756003)(105586002)(44832011)(97736004)(14444005)(486006)(53416004)(956004)(186003)(66066001)(2361001)(106356001)(476003)(11346002)(2616005)(446003)(213903007); DIR:OUT; SFP:1101; SCL:1; SRVR:BN7PR12MB2675; H:sbrijesh-desktop.amd.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN7PR12MB2675; 23:fQtTCqtBY3mOwUVrYvYD9Qb9kChqAXDySQLTwh+gU?= =?us-ascii?Q?tc3KiElk9gvZvzTUm++HstDnDK6ugiQ6PlMgvB4oBZO6JWwGkHfp+aGqn10t?= =?us-ascii?Q?38NaKmHrm1VC8e/3t2/mV08r4sQ4v2ng45ZrdCbRYa8BkqAUK6vAErQNHm5w?= =?us-ascii?Q?MC861dYZa7R6yWkYnviuAvxoyNv4imiUtX7M2/1AiyhkxDsYV7Huv3xbVgEe?= =?us-ascii?Q?eplmGnltt8RdxieNOh2xzxnxnk2kJbnshUtTWU30Uar1dghdRy2yDwi6wVIc?= =?us-ascii?Q?MJMSkGalS4/SjQ5z/eU95Tau9/w39w0RgLN1xtUpOWrBlYYelrOLmwYCk9gV?= =?us-ascii?Q?3Y6vfTjJBqOFLn81fLS83pMiGduGrvCxNPZsyHZS+qxVwHyBvkRRoPi51ZXU?= =?us-ascii?Q?i4oxNThf93SN7PoQevnQKPODoFMhoZp3BklZbe9D7keAaSXITqSkznfIwTva?= =?us-ascii?Q?Gd8bkmTDnu/GrTZTIe0uW9ume0WEnZscITZkHoFA5DcgeKmZfc8QPRKfBR1m?= =?us-ascii?Q?PDPYirzgvlC63A/rGRvcsyw6o9wRyvjr3rWnW0d7U7sX12bQd7KhBrpMYV7e?= =?us-ascii?Q?VEQyVpqU/Z0j1XspnaNr5AEULob1Wp93ikPLfuMugtmva8epGg+R+l5+r3Z/?= =?us-ascii?Q?gi8V+n0KRoijKajqbakNiVh2xwzxrl91TyObWlW70g6kwt6hF9DCCfK0SK7O?= =?us-ascii?Q?If7NowgeYVcQCZXFKSNcV1l1jAlJMRNNVmisV7/xbBy/23VOqUvN61UXB2rR?= =?us-ascii?Q?wauBllqrRBudyqZ3ETcJqIFh7HwtFqMqdhG9rLL/Dz3CT/MmAoxJblh+vfTx?= =?us-ascii?Q?ky8/1c1fjKdJm3rRTMd0C3zphvtC2b0iUzkS4tYdrOT++VTSoiEp3Sss3Lxc?= =?us-ascii?Q?g2DZafLntgYLr+HoqpvYjtuc/VlMGek+DFoSvropyhDhfV4BzUNaqODFjRJY?= =?us-ascii?Q?MTKpHhcPMlyNvZkYdOBm4vmUprJ2SqabBblFyYvyDDrHtLfKR4z2lMUHi4FG?= =?us-ascii?Q?HdsbhoudngF9R4XfBQrlbY6Kr0hlZ5D76vq4uYqb9eYtbefDf75PYcpajVIp?= =?us-ascii?Q?AQSkS6DSxpna/LCB9KZ5EdaQYzED8J6RwJoYT3HDc1DYFCArR507Y3K0Ot0D?= =?us-ascii?Q?YVtpoye5yftamDiLIBnkh2r5/QDH2CI1CyN0papoGb/ViXkHbv3imFUDJ4ca?= =?us-ascii?Q?nsfyi1vwu2jnjRb5+9h7hy5QJ8rT1HpZt9Gu+MjZXT7hWb8oCn57+rmiES93?= =?us-ascii?Q?ySjCm9sm5IZ3cOTr42nL1H65Y6RsxQNMTi+lz4bCfgqt2KiuOfWmz93T74uH?= =?us-ascii?B?dz09?= X-Microsoft-Antispam-Message-Info: JDXEuh7tnIKZV1Ih7bIxdlP1tZxGD58SuqPS3sFC8oSusy32kX4qhDNjGinrTOfJ2J2P96ORXR9suvFIpaWpfxsG6iS282pjMIikFd1IglbY654nKZiyRkxsKHtZWAOx/ujgiw9tyI3dsRlxGDj7gppcmb2qF2htADfaCN6MKnotcV0u3hsKLEjbmoqmovfEE/4Zw0UEVASjSmTkhLTw/0/31MMhwxXJ9ay1ZpRRnYtwUkSgPYzaKwpfxFKHrd1g+SQxX+97+zlt9Qr29uwjKG2nk2JKaDm3UhDv56AakWX2BIPu8zgVVVxKDMKI+ZAcECvVTSFHwQWnzbSuqbbuce40eTsy0OvT+Efdu/iNAF0= X-Microsoft-Exchange-Diagnostics: 1; BN7PR12MB2675; 6:GKm0NVk4zVOJ60ccEu6ugZWtAlqdTMP4ySJipcdKpY8aG2R7L421ieMeD5lVJ2xWkKMBSKkmwtN3JxtK4OXid0yeBWAHnO9PNyz1uky1JovoxERlSYywTZBctgvCjIcHLpLhsBqvsXBJCI8vrwxAJO/1kEX7kyFG9cCf5vZ6v9bOnChRkNPn6sF6aF9kXwwsBe9XZHXEWMXAliFA9qlYc0w9mU5OXN0o9/yAzvmoIDFPWlX5XfFIguWqqz/UcpersX+ErSGgsM6R+vTaMrlsx3neB0SMpkUaad8gM3T7qErQnJhidI/+1Tn+uxo+/RlcC/mp3EIZ2Jz7YmExgsRCEACTyIqK4gc1h3m0FX4yKD8ttCJmEKd+1RXznGcoDBlyOQ/ChGqeLtQIsEAxfGRuTWxo2UtTqC7u0M4gmmRWe5koHosAUph+bNaQRvULBKAYDtwUInWtmT3Q0LzkicKs/A==; 5:SMpQ0UQ3Vztni2qEnNCfQTHNGX+3XgkGiNWZfVExUsLlEigh9ez9WtLJ2+lKsw74cr1V6/QTJGknnM8ZDysy26zWp9hrM6GZ+iQQI/694i7wikqhXdQOsgyAQlxIcUSiyxyMZZpUVLITUm38OHgMth7nDcRnyV1RespXpCjg0gY=; 24:JPgoxhN1sKkxwqL/umX5tUNvE51Ned1UQxEMmlrWtbQ97wwnCWPeeJrKogX6fbN8/Q/+ZO6MpfIEKhlFyaxNwarqIuCvZi1aMJEgI/vn2zQ= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN7PR12MB2675; 7:qumAU7gp7NqX9TQ6yyt4+pDCq6B2SiDImUiilSIu0a0QY3DuVKJ4vcHvd/ItiBpN8jIapfYQgvAbZW8Li5NoA4QfVA1pXklABrVk5P11YKFV9Bm1keUqQpak8JAsYAdcSntfUICMlZWERzkcL6Sh+ihIt4/2/vJt7J8RtU8R0QU9BA3tdatNGLrvPVZGUsELT7ZLDCudUbAeKaWH8IjOU8dZ2EMvHX7o5AbHp1P4i8qOkDE8KM9gwIjgxIz/Uk/w; 20:Hb32e6ZLHT1qYr4WpeboAoPIJRNX2QwydkfD9//SBbE+BarfOr1Kf2Rnm3/M5fEuqCSMLHD+8xxqqwCB6D4BFQuInQVm3pITfV8X0BBQI5WH5lxyYbryjuO6D7HAAoPDaAv/cQZiIixKpjdB1crYiUwXrNuDDfHYJdGx9vQJE9LZTUNB9HLek9HMjalzce30XVjlMNeIX47ujSlHB9SFwTkMPCjaftR3FfbMrn0T8GvYgeiU4CH0pxlv4SpVwrge X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jul 2018 15:00:54.7055 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b57161aa-ac9e-4d55-5b37-08d5e3514664 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR12MB2675 Subject: [PATCH v4 3/3] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Restore C-bit when SEV is active X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jul 2018 15:00:58 -0000 Content-Type: text/plain AmdSevDxe maps the flash memory range with C=0, but SetMemorySpaceAttributes() unconditionally resets the C-bit to '1'. Lets restore the mapping back to C=0. Cc: Ard Biesheuvel Cc: Anthony Perard Cc: Julien Grall Cc: Justen Jordan L Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Brijesh Singh --- .../FvbServicesRuntimeDxe.inf | 1 + .../QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf index d7b4ec06c4e6..86b244a0095b 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf @@ -53,6 +53,7 @@ [LibraryClasses] DebugLib DevicePathLib DxeServicesTableLib + MemEncryptSevLib MemoryAllocationLib PcdLib UefiBootServicesTableLib diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c index 37deece363e6..1fbe1342a57c 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -203,5 +204,21 @@ MarkIoMemoryRangeForRuntimeAccess ( ); ASSERT_EFI_ERROR (Status); + // + // When SEV is active, AmdSevDxe mapped the BaseAddress with C=0 but + // SetMemorySpaceAttributes() remaps the range with C=1. Let's restore + // the mapping so that both guest and hyervisor can access the flash + // memory range. + // + if (MemEncryptSevIsEnabled ()) { + Status = MemEncryptSevClearPageEncMask ( + 0, + BaseAddress, + EFI_SIZE_TO_PAGES (Length), + FALSE + ); + ASSERT_EFI_ERROR (Status); + } + return Status; } -- 2.7.4