From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.59]) by mx.groups.io with SMTP id smtpd.web10.833.1619660007558542385 for ; Wed, 28 Apr 2021 18:33:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=vl0QJNR/; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.59, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WK3658C/TM4Fi28HTFcwAt+IJdZweao8Hiru5TS1c0+dDxX8MT4LNm44B+n3ZBYGBbySWppE/xgjDB9t4sIEr31qXboPY62GEMl0ilUeC6RZNa0mLoVfLuLZrgafGqFheA5mYzONvoqjhFiF2FloWSl90ZlBPpVz1VZsP+gWdlF/r07SPRpWaA8u260mJZLLfYG2VDTtTYZ2UZ+qvltWeKKtwiGHbCZGSMWkO5apCWciMLCaYjluQjG3FqQGSpv/esArvJ0geQ8RpKBrFZEWgPg0mHuqJbBwubxMgtI47Uhgt+taQ3xeBf4uv1GhLPkJv4gj2CW42S4MZw9xe6tAZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Tcu9v6MR0PepDzsACXGaSK8zNoKBno05y254C/RVfDI=; b=VPQaiILDpvSl6gwxdf20vRgvm9TU6zWfTiLOSFqQekyC/UjUIwTqu1ikBWSKM8VAOIg6eS9zcz83PmOb/MPzsr/WVfmKl0UZOLlYdffwd4hZHSFWDDLusFrONapv9RwlvxzGK0KwmIIByKcaZX5D2tlWCgAaSWnKyDYztVVWXliGhn9JbkWDjnOGjjF8bqc386roLDT4wosN12vdjVDMlG7sAmtwIjuXexnNSf6SIi3Efq91RTfiRGWq0uozjwvq+hgQ7gWoNyvVFaZ/ML1hln7GbkP9GjU2pQJ2sgC+kRx33ZRGg2D1dB+vYWPSxV2P74xgZ1HjG3TcdUKwgmTzuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Tcu9v6MR0PepDzsACXGaSK8zNoKBno05y254C/RVfDI=; b=vl0QJNR/sGCVN/YhvweHkPRGe3gIUMS1p8S7zWVlFDmtyl2xzQ8YOxEue6Lt8zazzw32DzAPEz4VD+ym/NheAMHaliJkMIHnonr6u4zPaV5FdFBH9ZavBc6ULOiW24xuT9eF1JPGo5w9pUR+O+Ikl8567q0Gj/RpJUHioRw1SBw= Authentication-Results: linux.ibm.com; dkim=none (message not signed) header.d=none;linux.ibm.com; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR12MB2503.namprd12.prod.outlook.com (2603:10b6:4:b2::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.23; Thu, 29 Apr 2021 01:33:24 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4065.026; Thu, 29 Apr 2021 01:33:24 +0000 Subject: Re: [edk2-devel] [PATCH v2 4/4] OvmfPkg/Tcg2ConfigPei: Mark TPM MMIO range as unencrypted for SEV-ES From: "Lendacky, Thomas" To: devel@edk2.groups.io, lersek@redhat.com Cc: Joerg Roedel , Borislav Petkov , Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= , Stefan Berger References: <00ff47c80f180b5b9054890de0ce5e1975fe2b1f.1619540470.git.thomas.lendacky@amd.com> <6807464e-823e-3a16-cf1c-24f612a43936@redhat.com> <096090a1-6fd4-6364-fc88-733a0b3ef422@amd.com> Message-ID: <19b4fa35-ad90-654e-a398-e955b778194a@amd.com> Date: Wed, 28 Apr 2021 20:33:21 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 In-Reply-To: <096090a1-6fd4-6364-fc88-733a0b3ef422@amd.com> X-Originating-IP: [67.79.209.213] X-ClientProxiedBy: SN1PR12CA0105.namprd12.prod.outlook.com (2603:10b6:802:21::40) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SN1PR12CA0105.namprd12.prod.outlook.com (2603:10b6:802:21::40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.27 via Frontend Transport; Thu, 29 Apr 2021 01:33:23 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 47f3f63f-75d4-447e-0883-08d90aaec7ab X-MS-TrafficTypeDiagnostic: DM5PR12MB2503: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: VJJ+ytIbcKAzT4xIB32zNyxHPyZd5lzqD3lc97q6wnAfhxYc0mdjZpOHGggbWS+++KhWh6HMKPbIsgpJy0y9LcGudR9uEkzWLA1iBUQ9Abbvoi2SGhjfP9bBymtkl3E2wfApejTVF7MPpJQUVP5NEteCQCY5kc4TSxFRayq0aTbddAWT6hRaQjBHc0pdGoH3C/MaEXDqKLzX+4n3Tc50zdZvEr8kfFkfrj4n8qgmE3tE/5gcQ3nDj4D89/yi1VxQxPQFtm1ozmca1afWIf1uYNny7Db+8cME2MtKNsvDJtH5J51qcD4el8bdcBhjgesGyqJuw0XRQPJ099BNO5xk54b+wvnTrYZV6VjswEon5rznEv8gan/F4c7Uf0PFRyTpT2qphEcwG8LPAGHZo+MeoWDvSaG806AkCzbYUAjKu36yv5xrgo6oz5Ub/nUp/j+fQtMyf4M+UdD4K35OVrPn1xLf8AUaM8xJZGjKhz/GKTfl8/mltxCkUoXPBKsmBC9fr5p7Aku+kq+FUPY134mtmiXHcHsiKdNutQZgX6khLaC/NF0egJh/u9vWUCGKT3k2TWyPNLHB8JDFyTHp8nM/5SHoq4cly/w+ukUEwF2nXTh03D8NjRguhF5HynLun6kSzCSy5CkTXKR4xyxgwOGVxEGGtq8HMZtGacu/5YUTxtziG8n+iI947rQAoHZbk3nr4+Zwyjr4iakDAItaCrL0Igd2I7uOUpnUFukPagM8D6b2oLr0SW9x8evEKsXW9fEnmrRIRJCl+PX1Z4vsbfv9tg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(346002)(39860400002)(366004)(376002)(136003)(396003)(2906002)(4326008)(6512007)(2616005)(36756003)(16526019)(45080400002)(956004)(83380400001)(38100700002)(8676002)(186003)(31696002)(53546011)(86362001)(5660300002)(6506007)(7416002)(54906003)(66476007)(6486002)(966005)(31686004)(26005)(478600001)(316002)(8936002)(66946007)(66556008)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?Yk1ORjdIVzVkRHR0SFUvNEdNSHMybWxXbVJ6VEJsV0dINWRIcmp0SlBzUk5U?= =?utf-8?B?NjQ5T2c1RWJqWVdRS3Jzc1JoWTA4K2xyaGFlRlh1YTc5ajJ1WUkvb2FPY1BO?= =?utf-8?B?VGlwbm04QjE4R0lGNnRaNk56dmZFRzVvc1cybW5rdnRHdE01TU1BUjM5d2ti?= =?utf-8?B?T1VlNWZ1c1VsK3pLQ3cwSXo3TDhyaUVscmhWemMvZ0llcXhselhkSnU0cFJB?= =?utf-8?B?aTJNSktucW1rQ0NNeXB2SmErWkx2ZDJXbUg0OFByZzNiYW5zMW5uWHM4WUsx?= =?utf-8?B?Q0dvWFpIVWZPYUhReVdLUnZmVkEzWElyOGdMSVd5eUltMEF1b0twTDFkL0Jp?= =?utf-8?B?WlNaVHFOWjUvTDhhUHhNY3RxRnZteFNTaitWd2ZWbjBYMUN2NjZzV3NkQlhX?= =?utf-8?B?eUh1LzhSdTFtVmsvK2poaDh4NE5oQlpTUjh3Z2tKL3VOQlRSaWRZUUljekNR?= =?utf-8?B?ekx4MElRMmkvdVl3aTk0RTRiL2RYVkVpa2pETXBLMVZYV3V5TElwUVVHZkdX?= =?utf-8?B?ODVYMUZ0QzU3TVM2QWE1VFNldmRFZzlHTUtGRXZOc09NOHVpY203U0tFTzNV?= =?utf-8?B?aW5pUlcwMjB1YlRhL2xqMFFWc3dRNW9RVXBkWS9nV0VFYXBYSlA5YnIwY0lB?= =?utf-8?B?UEZxc0dOeVBDRzBTRitOYndNbnpDV2dCbGlkQmc5aEkyaG9La3lYOWpiSTM2?= =?utf-8?B?SUx1Q0Z2YWhQcUpDT21CRyt2MVpDNHZJQldYUGcrZ2lQMkY4a0xRTWgySUIz?= =?utf-8?B?aWowWkxxNHlhSVF2VExGdFF3Z29ZVGhWWTFUVk52bWlaQklnbFI4dTE5N3ow?= =?utf-8?B?eFBMbGlBSlNUR21IMnliY2I0c3VEOFhLcGwwdEJ3R0xRZitpbStrM0tHMlRw?= =?utf-8?B?eEVhcFJ2dnNoeE9CVnZZeTRVMlNrTWlWVk5LVnhwRHdHU1E2VG9zUWlJeGt5?= =?utf-8?B?VHd5VGVKTjBLZG9TZWJXSlZoeFMwYVV1T2xLejhhb2F6THBZaTlNQjMyeGVN?= =?utf-8?B?ZE5TZ1l1UjdBMWcvRGVHS21tZ1lEQU5GSm96YlJDVVBWZUxSNUNEUXN5VG8x?= =?utf-8?B?d0NUL2V2cG9LVHFsNmZYTkszeUVFTXFOQjFyWUlTKzUydC82NlNxZTlnUURG?= =?utf-8?B?TWJQYjFLNUtBaVlJMEtqNDNhd2dnZml1NStnemJ0ckVRNmRpNFZxK1lWWk45?= =?utf-8?B?NERkajB4cFpkMG52SlJKblF6WU1NRXZHT3gzV3lnVHZJMGg2dCtiVFJLTzZl?= =?utf-8?B?bTJ3dGlGMG55bjRyMlRGemcxNVJIMVhsTUhyb2lVQnhlN2EvTlJjYWZBUFhR?= =?utf-8?B?aXlybVh6Vmx1a1d1UGp4MVZONkp5cFVlaTdvZGJXQU1aSkJKVnZSbHAvLzJi?= =?utf-8?B?elNKTCtidVZqb3I3aFBKemFicmFKbHN3U2lNOVdtTC9iSTdSS2xJU2lWVUNj?= =?utf-8?B?MURScDI1MlE0QmpHNVFSZXlOV0xVTlNMaHl1TFc3Wk8wZmE4bGRWRGZ3bEVv?= =?utf-8?B?K0V2ekh1aFdPQXAxVnBUTEw2T3hyRENTUzhJRWFmazJ6cTBOTkxnZzZpRXo1?= =?utf-8?B?MEsvYlk2YndGYmM3UC9pTURDNHA5a1ZndFpxcTF4MGFQeVQ1TkZvdWxNcmVP?= =?utf-8?B?T3hUdFZuN1lhVi81dHBMTWdZOGlRRmNqUGVxdTFacWJDZzVxY1YyVHNoWTQw?= =?utf-8?B?ZUhSK3pmZk5nSVhUTFo2Z05KR2R1VnlmYW5lOFhyN2dFTzZleERsVkdoSDhz?= =?utf-8?Q?VJghvaR9E0+RhJK+l67s0oNBUprqFnmlm1Xe9NV?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 47f3f63f-75d4-447e-0883-08d90aaec7ab X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2021 01:33:24.3006 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: TtGd/TAErMB//G8chA81nylqEXpuKjy1grauzGeQBBbdczyIJZabqoaRB7mO6JW9bjf41b0r8iTwWgZyzCwqxg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB2503 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 4/28/21 2:43 PM, Tom Lendacky wrote: > On 4/28/21 12:51 PM, Laszlo Ersek via groups.io wrote: >> I'm going to ask for v3 after all: >> >> On 04/27/21 18:21, Lendacky, Thomas wrote: >>> From: Tom Lendacky >>> >>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3345&data=04%7C01%7Cthomas.lendacky%40amd.com%7C3c65ebfe044e4f3eb5b808d90a6e5455%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637552291252644310%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=G1GwQc6sZqRuNHWC5vbdb78gCOl4YkAq%2BHi0F0ceucg%3D&reserved=0 >>> >>> During PEI, the MMIO range for the TPM is marked as encrypted when running >>> as an SEV guest. While this isn't an issue for an SEV guest because of >>> the way the nested page fault is handled, it does result in an SEV-ES >>> guest terminating because of a mitigation check in the #VC handler to >>> prevent MMIO to an encrypted address. For an SEV-ES guest, this range >>> must be marked as unencrypted. >>> >>> Create a new x86 PEIM for TPM support that will map the TPM MMIO range as >>> unencrypted when SEV-ES is active. The gOvmfTpmMmioAccessiblePpiGuid PPI >>> will be unconditionally installed before exiting. The PEIM will exit with >>> the EFI_ABORTED status so that the PEIM does not stay resident. >> ... >>> + >>> + // >>> + // If SEV or SEV-ES is active, MMIO succeeds against an encrypted physical >>> + // address because the nested page fault (NPF) that occurs on access does not >>> + // include the encryption bit in the guest physical address provided to the >>> + // hypervisor. >>> + // >>> + // However, if SEV-ES is active, before performing the actual MMIO, an >>> + // additional MMIO mitigation check is performed in the #VC handler to ensure >>> + // that MMIO is being done to an unencrypted address. To prevent guest >>> + // termination in this scenario, mark the range unencrypted ahead of access. >>> + // >> >> Lovely comment, thanks! I'm going to expand on this a bit more to really show the distinction between SEV and SEV-ES when it comes to MMIO. Look for a bit more info in v3. Thanks, Tom >> >>> + if (MemEncryptSevEsIsEnabled ()) { >>> + DEBUG ((DEBUG_INFO, "%a: mapping TPM MMIO address range unencrypted\n", __FUNCTION__)); >>> + >>> + DecryptStatus = MemEncryptSevClearPageEncMask ( >>> + 0, >>> + PcdGet64 (PcdTpmBaseAddress), >> >> (11) The INF file says [FixedPcd], so it would be cleanest to say >> FixedPcdGet64() here. > > Will do. > >> >> >> (12) PcdLib is missing from both the [LibraryClasses] section and the >> #include directives. > > Right, I'll update that. > >> >> >>> + EFI_SIZE_TO_PAGES ((UINTN) 0x5000), >>> + FALSE >>> + ); >>> + >>> + if (RETURN_ERROR (DecryptStatus)) { >>> + DEBUG ((DEBUG_INFO, "%a: failed to map TPM MMIO address range unencrypted\n", __FUNCTION__)); >> >> (13) Overlong line. > > Ok, I'll change that. I though that was ok now since PatchCheck.py didn't > complain. > >> >> >> (14) Please report errors with DEBUG_ERROR. > > Yup, will change. > > Thanks, > Tom > >> >> >>> + ASSERT_RETURN_ERROR (DecryptStatus); >>> + } >>> + } >>> + >>> + // >>> + // MMIO range available >>> + // >>> + Status = PeiServicesInstallPpi (&mTpmMmioRangeAccessible); >>> + ASSERT_EFI_ERROR (Status); >>> + >>> + return EFI_ABORTED; >>> +} >>> >> >> Thanks! >> Laszlo >> >> >> >> >> >>