From: "Brijesh Singh" <brijesh.singh@amd.com>
To: Laszlo Ersek <lersek@redhat.com>, devel@edk2.groups.io
Cc: brijesh.singh@amd.com, James Bottomley <jejb@linux.ibm.com>,
Min Xu <min.m.xu@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Jordan Justen <jordan.l.justen@intel.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Erdem Aktas <erdemaktas@google.com>
Subject: Re: [edk2-devel] [PATCH RFC v2 04/28] MdePkg: Define the Page State Change VMGEXIT structures
Date: Tue, 4 May 2021 13:53:04 -0500 [thread overview]
Message-ID: <1a6adb61-54d4-68bd-fca7-8e67a034e11f@amd.com> (raw)
In-Reply-To: <47d74104-dd86-8bb9-ba5e-6c0e7371d5e4@redhat.com>
On 5/4/21 7:33 AM, Laszlo Ersek wrote:
> On 04/30/21 13:51, Brijesh Singh wrote:
>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7Cbb2eaad10f574a464cb008d90ef8e5b4%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637557284470753463%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=fpm8afTb4UwW13njwD9WzHWIZZhjUCdmm3Vkt9GJ2SI%3D&reserved=0
>>
>> The Page State Change NAE exit will be used by the SEV-SNP guest to
>> request a page state change using the GHCB protocol. See the GHCB
>> spec section 4.1.6 and 2.3.1 for more detail on the structure
>> definitions.
>>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>> ---
>> MdePkg/Include/Register/Amd/Fam17Msr.h | 15 ++++++++++
>> MdePkg/Include/Register/Amd/Ghcb.h | 29 ++++++++++++++++++++
>> 2 files changed, 44 insertions(+)
>>
>> diff --git a/MdePkg/Include/Register/Amd/Fam17Msr.h b/MdePkg/Include/Register/Amd/Fam17Msr.h
>> index e19bd04b6c..432cee2feb 100644
>> --- a/MdePkg/Include/Register/Amd/Fam17Msr.h
>> +++ b/MdePkg/Include/Register/Amd/Fam17Msr.h
>> @@ -58,6 +58,19 @@ typedef union {
>> UINT64 GuestFrameNumber:52;
>> } GhcbGpaRegister;
>>
>> + struct {
>> + UINT64 Function:12;
>> + UINT64 GuestFrameNumber:40;
>> + UINT64 Operation:4;
>> + UINT64 Reserved:8;
>> + } SnpPageStateChangeRequest;
>> +
>> + struct {
>> + UINT32 Function:12;
>> + UINT32 Reserved:20;
>> + UINT32 ErrorCode;
>> + } SnpPageStateChangeResponse;
>> +
>> VOID *Ghcb;
>>
> This matches section 2.3.1 in rev 2.00.
>
>> UINT64 GhcbPhysicalAddress;
>> @@ -69,6 +82,8 @@ typedef union {
>> #define GHCB_INFO_CPUID_RESPONSE 5
>> #define GHCB_INFO_GHCB_GPA_REGISTER_REQUEST 18
>> #define GHCB_INFO_GHCB_GPA_REGISTER_RESPONSE 19
>> +#define GHCB_INFO_SNP_PAGE_STATE_CHANGE_REQUEST 20
>> +#define GHCB_INFO_SNP_PAGE_STATE_CHANGE_RESPONSE 21
>> #define GHCB_HYPERVISOR_FEATURES_REQUEST 128
>> #define GHCB_HYPERVISOR_FEATURES_RESPONSE 129
>> #define GHCB_INFO_TERMINATE_REQUEST 256
> Matches section 2.3.1.
>
>> diff --git a/MdePkg/Include/Register/Amd/Ghcb.h b/MdePkg/Include/Register/Amd/Ghcb.h
>> index 2d64a4c28f..1e7c0daed3 100644
>> --- a/MdePkg/Include/Register/Amd/Ghcb.h
>> +++ b/MdePkg/Include/Register/Amd/Ghcb.h
>> @@ -54,6 +54,7 @@
>> #define SVM_EXIT_NMI_COMPLETE 0x80000003ULL
>> #define SVM_EXIT_AP_RESET_HOLD 0x80000004ULL
>> #define SVM_EXIT_AP_JUMP_TABLE 0x80000005ULL
>> +#define SVM_EXIT_SNP_PAGE_STATE_CHANGE 0x80000010ULL
>> #define SVM_EXIT_HYPERVISOR_FEATURES 0x8000FFFDULL
>> #define SVM_EXIT_UNSUPPORTED 0x8000FFFFULL
>>
> Matches "Table 5. List of Supported Non-Automatic Events".
>
>> @@ -160,4 +161,32 @@ typedef union {
>> #define GHCB_HV_FEATURES_SNP_AP_CREATE (GHCB_HV_FEATURES_SNP | BIT1)
>> #define GHCB_HV_FEATURES_SNP_RESTRICTED_INJECTION (GHCB_HV_FEATURES_SNP_AP_CREATE | BIT2)
>> #define GHCB_HV_FEATURES_SNP_RESTRICTED_INJECTION_TIMER (GHCB_HV_FEATURES_SNP_RESTRICTED_INJECTION | BIT3)
>> +
>> +// SNP Page State Change
> (1) Comment style.
Noted.
>
>> +#define SNP_PAGE_STATE_MAX_NPAGES 4095
>> +#define SNP_PAGE_STATE_MAX_ENTRY 253
>> +#define SNP_PAGE_STATE_PRIVATE 1
>> +#define SNP_PAGE_STATE_SHARED 2
>> +#define SNP_PAGE_STATE_PSMASH 3
>> +#define SNP_PAGE_STATE_UNSMASH 4
> (2) The PSMASH and UNSMASH operations are not documented in the rev 2.00
> spec, in the GHCB MSR protocol. That's probably because PSMASH and
> UNSMASH can only be defined in terms of 2MB pages, and
> GHCB_INFO_SNP_PAGE_STATE_CHANGE_REQUEST is suitable only for individual,
> 4KB pages. I think it would be useful to point out somehow here that
> PSMASH and UNSMASH are restricted to the GHCB shared area protocol
> (perhaps extend the leading comment on this block of macros).
I will add something in comment to clarify that UNMASH and PSMASH are
not available in MSR protocol.
>
> (3) I don't understand what "MAX_NPAGES" stands for (4095). The rest of
> the series never uses the macro, and I can't associate it with anything
> from the spec. If the macro is supposed to relate to the 4KB / 2MB page
> smashing / splitting, then its replacement text should be 512. Unless
> the macro corresponds to a definition in the spec, I think we should
> drop it.
That macro is replaced is no longer used, I ended up creating a more
meaningful macro (SNP_PAGES_STATE_MAX_ENTRY). I will remove it MAX_NPAGES.
>> +
>> +typedef PACKED struct {
>> + UINT64 CurrentPage:12;
>> + UINT64 GuestFrameNumber:40;
>> + UINT64 Op:4;
>> + UINT64 PageSize:1;
>> + UINT64 Rsvd: 7;
>> +} SNP_PAGE_STATE_ENTRY;
>> +
>> +typedef PACKED struct {
>> + UINT16 CurrentEntry;
>> + UINT16 EndEntry;
>> + UINT32 Rsvd;
>> +} SNP_PAGE_STATE_HEADER;
> (4) We tend to write
>
> #pragma pack (1)
> ...
> #pragma pack ()
>
> rather than PACKED -- but anyway, is packing really necessary? "Natural
> alignment" is required in edk2. I'm OK with packing, but I think the
> pragma is the preferred form.
Noted.
> (5) Please spell out both "Rsvd" fields above as "Reserved".
Noted.
>
> (6) Stray space character in "Rsvd: 7".
Noted.
>
> (7) The field name "Op" is inconsistent with the other field name
> "Operation".
Noted.
>
> (8) I think there is a bug (typo) in the rev 2.00 spec, in 4.1.6 "SNP
> Page State Change": it says
>
> ... calculated from the supplied guest physical frame number (GFN) for
> the requested page size (GPA = GFN << 12).
>
> But, if you can choose 2MB page size in the request, then the (GPA = GFN
> << 12) formula is not g
I think Tom already clarified it on his latest response.
> (9) If my understanding of the spec is correct, "EndEntry" has
> *inclusive* meaning. That's unusual. Any particular reason for not
> making "EndEntry" exclusive (in the spec)?
Sometimes guest may need to fill only few entries. The "EndEntry" will
give hint to hypervisor that it should stop processing after it reached
to the EndEntry.
>> +
>> +typedef struct {
>> + SNP_PAGE_STATE_HEADER Header;
>> + SNP_PAGE_STATE_ENTRY Entry[SNP_PAGE_STATE_MAX_ENTRY];
>> +} SNP_PAGE_STATE_CHANGE_INFO;
>> +
>> #endif
>>
> Yes, this looks OK. Size is 2+2+4+253*8 = 2032 bytes, which matches the
> size of GHCB.SharedBuffer.
>
> (10) However, *if* you decide to declare SNP_PAGE_STATE_ENTRY and
> SNP_PAGE_STATE_HEADER explicitly as packed, then you should do the same
> for SNP_PAGE_STATE_CHANGE_INFO.
Noted.
>
> (11) Like I mentioned earlier, it's probably helpful if you start the
> subject line with
>
> MdePkg/Register/Amd: ...
>
> on all of these MdePkg patches. If that becomes too tight, for some of
> the MdePkg patches, then I suggest "MdePkg/Amd: ..." (i.e., drop
> "Register").
Noted.
Thanks
Brijesh
next prev parent reply other threads:[~2021-05-04 18:53 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-30 11:51 [PATCH RFC v2 00/28] Add AMD Secure Nested Paging (SEV-SNP) support Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 01/28] MdePkg: Expand the SEV MSR to include the SNP definition Brijesh Singh
2021-05-03 8:39 ` [edk2-devel] " Laszlo Ersek
2021-05-03 11:42 ` Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 02/28] MdePkg: Define the GHCB Hypervisor features Brijesh Singh
2021-05-03 10:10 ` [edk2-devel] " Laszlo Ersek
2021-05-03 12:20 ` Brijesh Singh
2021-05-03 13:40 ` Laszlo Ersek
2021-04-30 11:51 ` [PATCH RFC v2 03/28] MdePkg: Define the GHCB GPA structure Brijesh Singh
2021-05-03 10:24 ` [edk2-devel] " Laszlo Ersek
2021-05-03 12:19 ` Laszlo Ersek
2021-05-03 12:55 ` Brijesh Singh
2021-05-03 13:50 ` Laszlo Ersek
2021-05-03 13:55 ` Laszlo Ersek
2021-04-30 11:51 ` [PATCH RFC v2 04/28] MdePkg: Define the Page State Change VMGEXIT structures Brijesh Singh
2021-05-04 12:33 ` [edk2-devel] " Laszlo Ersek
2021-05-04 13:59 ` Laszlo Ersek
2021-05-04 14:48 ` Lendacky, Thomas
2021-05-04 18:07 ` Laszlo Ersek
2021-05-04 18:53 ` Brijesh Singh [this message]
2021-05-05 18:24 ` Laszlo Ersek
2021-05-05 19:27 ` Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 05/28] MdePkg: Add AsmPvalidate() support Brijesh Singh
2021-05-04 13:58 ` [edk2-devel] " Laszlo Ersek
2021-05-04 14:09 ` Laszlo Ersek
2021-05-04 19:07 ` Brijesh Singh
2021-05-05 18:56 ` Laszlo Ersek
[not found] ` <167BF2A01FA60569.6407@groups.io>
2021-05-04 19:55 ` Brijesh Singh
2021-05-05 19:10 ` Laszlo Ersek
[not found] ` <167BF53DA09B327E.22277@groups.io>
2021-05-04 20:28 ` Brijesh Singh
2021-05-04 23:03 ` Brijesh Singh
2021-05-05 19:19 ` Laszlo Ersek
2021-05-05 19:17 ` Laszlo Ersek
2021-04-30 11:51 ` [PATCH RFC v2 06/28] OvmfPkg/BaseMemEncryptSevLib: Introduce MemEncryptSevClearMmioPageEncMask() Brijesh Singh
2021-05-06 10:39 ` [edk2-devel] " Laszlo Ersek
2021-05-06 19:18 ` Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 07/28] OvmfPkg: Use MemEncryptSevClearMmioPageEncMask() to clear EncMask from Mmio Brijesh Singh
2021-05-06 10:50 ` [edk2-devel] " Laszlo Ersek
2021-05-06 19:20 ` Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 08/28] OvmfPkg/BaseMemEncryptSevLib: Remove CacheFlush parameter Brijesh Singh
2021-05-06 11:08 ` [edk2-devel] " Laszlo Ersek
2021-04-30 11:51 ` [PATCH RFC v2 09/28] OvmfPkg/VmgExitLib: Allow PMBASE register access in Dxe phase Brijesh Singh
2021-05-06 14:08 ` [edk2-devel] " Laszlo Ersek
2021-05-06 14:12 ` Laszlo Ersek
2021-05-07 13:29 ` Brijesh Singh
2021-05-07 15:10 ` Laszlo Ersek
2021-05-07 15:19 ` Brijesh Singh
2021-05-07 15:47 ` Laszlo Ersek
2021-04-30 11:51 ` [PATCH RFC v2 10/28] OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled() Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 11/28] OvmfPkg: Reserve Secrets page in MEMFD Brijesh Singh
2021-05-05 6:42 ` [edk2-devel] " Dov Murik
2021-05-05 13:11 ` Brijesh Singh
2021-05-05 19:33 ` Laszlo Ersek
2021-05-06 10:57 ` Dov Murik
2021-05-06 15:06 ` Laszlo Ersek
2021-05-06 16:12 ` James Bottomley
2021-05-06 16:02 ` James Bottomley
2021-04-30 11:51 ` [PATCH RFC v2 12/28] OvmfPkg: Reserve CPUID page for the SEV-SNP guest Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 13/28] OvmfPkg: Validate the data pages used in the Reset vector and SEC phase Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 14/28] UefiCpuPkg: Define the SEV-SNP specific dynamic PCDs Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 15/28] OvmfPkg/MemEncryptSevLib: extend the workarea to include SNP enabled field Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 16/28] OvmfPkg/MemEncryptSevLib: Extend Es Workarea to include hv features Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 17/28] OvmfPkg/ResetVector: Invalidate the GHCB page Brijesh Singh
2021-05-03 13:05 ` Erdem Aktas
2021-05-03 14:28 ` Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 18/28] OvmfPkg: Add a library to support registering GHCB GPA Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 19/28] OvmfPkg: register GHCB gpa for the SEV-SNP guest Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 20/28] UefiCpuPkg/MpLib: add support to register GHCB GPA when SEV-SNP is enabled Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 21/28] OvmfPkg/MemEncryptSevLib: Add support to validate system RAM Brijesh Singh
2021-05-03 14:04 ` Erdem Aktas
2021-05-03 18:56 ` Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 22/28] OvmfPkg/BaseMemEncryptSevLib: Skip the pre-validated " Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 23/28] OvmfPkg/MemEncryptSevLib: Add support to validate > 4GB memory in PEI phase Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 24/28] OvmfPkg/SecMain: Pre-validate the memory used for decompressing Fv Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 25/28] OvmfPkg/PlatformPei: Validate the system RAM when SNP is active Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 26/28] OvmfPkg/MemEncryptSevLib: Change the page state in the RMP table Brijesh Singh
2021-04-30 11:51 ` [PATCH RFC v2 27/28] OvmfPkg/AmdSev: Expose the SNP reserved pages through configuration table Brijesh Singh
2021-05-05 7:10 ` [edk2-devel] " Dov Murik
2021-05-05 19:37 ` Laszlo Ersek
2021-04-30 11:51 ` [PATCH RFC v2 28/28] MdePkg/GHCB: Increase the GHCB protocol max version Brijesh Singh
2021-04-30 16:49 ` [edk2-devel] [PATCH RFC v2 00/28] Add AMD Secure Nested Paging (SEV-SNP) support Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1a6adb61-54d4-68bd-fca7-8e67a034e11f@amd.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox