From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (NAM04-DM6-obe.outbound.protection.outlook.com []) by mx.groups.io with SMTP id smtpd.web10.6186.1620863210873702199 for ; Wed, 12 May 2021 16:46:51 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=4wL3vZj3; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: , mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Eg52vaFmKbItE+zq4JvNhhUD6x+YqDBTaEmqOAU/lcLM9QRjX7b5ZMdeOXySX9tX0ehceYTzulAxr3U5QPTWZMyEz1FIdl4cocJE1WV8/Ow60tU3m2nPZEOampF1IUd01pHcQRmqpItFlsfycJD/WvRsXbzxS3kMnG84J+/hS0nun903lIZLCthotA4+hHGbtNeRItasjl1FxUQiKri3ony+60AnsPVk5QAcYeaSpVEd3qVsyXtHhGDNeSkRtXCts4WOYMEcA+eyKPMrHy2WTYmevjBhsG/UBfYhcEI+cxSMSAzKVSltGn00bO7P/St+M+bmhv8cZb+jsGpqq4Z5vA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZEZGcqArN7aJZqgUxpRSdFkwW7N58e/ychUCW5J5HSY=; b=oRcMfXEH6viw9CUDDWokpN+fqoozq7DZxtACiH0LTFxDvA09IvzRbLtdO8cGJJq9KJdcXLynXRBza7DBYFFLCJp1xg6GatV9Iw13/ud3XZGt/zbZOiBP3+1btmQzVEXIt1zGJ+xres294IHAKEmceJIfKGnSkrNmsitzOz9yOpEZRSnUVdwKfGJkc06QEZ+TU57mjP9NktorsoNAt3qbJ2+Akcmgo6wunfH9aCuKifj6POzcmUev8s7ZDOdPSP+ZLjqBgMJP/zulYbzZku6SwFwZh6Yg1QdfXVIhlOdFI2bGg5kqfD+dqXB0k0mZIUIvBrgzcjvHUcPddd2FpXQ2uw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZEZGcqArN7aJZqgUxpRSdFkwW7N58e/ychUCW5J5HSY=; b=4wL3vZj3gubFJsKNBBYIk1r+WQ8VSWgSKvnogym3Tpepd8U6B2WvSgahhO7rz/HapLyZ7cflEjSIGvD4xVRlTzZ8A5BHyzHtAtX3J8Afy0MR3B9kz7QofXr73M7En9jYj3PbW9e0/snbH/YnfGiUIAWTPKanjeC+prVSSWkt7wM= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2781.namprd12.prod.outlook.com (2603:10b6:805:67::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.26; Wed, 12 May 2021 23:46:47 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4129.025; Wed, 12 May 2021 23:46:47 +0000 From: "Brijesh Singh" To: devel@edk2.groups.io CC: Brijesh Singh , James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas Subject: [PATCH v2 09/13] OvmfPkg/BaseMemEncryptSevLib: introduce MemEncryptSevClearMmioPageEncMask() Date: Wed, 12 May 2021 18:46:11 -0500 Message-ID: <20210512234615.1726-10-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210512234615.1726-1-brijesh.singh@amd.com> References: <20210512234615.1726-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR13CA0003.namprd13.prod.outlook.com (2603:10b6:806:130::8) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR13CA0003.namprd13.prod.outlook.com (2603:10b6:806:130::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.11 via Frontend Transport; Wed, 12 May 2021 23:46:44 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2a3717bc-c87c-469f-ca60-08d915a03359 X-MS-TrafficTypeDiagnostic: SN6PR12MB2781: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hogvpL5lFAXTavKYXa9Gdte8texi/J9KUD77bOdWvYEBtliSXso2naMcoZW/AFrAoniqCKDJbD85mu6zA8ruT30vtIjDfi7UKV/CCs3qjS+rXfS9+zH+XJwKMEETFu4Mk0pVVhaeXClTbhznpqZx4WpSlqtqTqi3weTa92mxeeTzsqi5iRpiYi4PwTyRK9vxBrCCd5qQCbpgv420mRWxiKhPXQU24nG3ncnq/c8GcOj1vHpAPGIfc3LmTUj0PCr1qk+N/vmvDUhBsIW/58Wf83QrX2w9S1O++USF3uYWsZzy955aK2NflUTrtDcukzKkbqUcW1oDYAJucxCD15Q92wyLE2Pfn1BNDvOWiNfDHO5ZYW+JloS9G6C5FGOV8JLxnmWlrvvGieuOOzXBtSrhLpcUToRjR2hakYjK/MqPhIUF7zGoDP2mJ8UT2seJvGO5KwLWe5OuSmouG0i0sFgFY/DzqP0ZDOf7oHmNPz6KwcYdf81pM8eLePS6mF2I2Tn86KPCZsdetAPcomwTzU25jTjmLpt+qToD7MpqbqOHD8dOO6m+cI5GNjQlDQViGyWhJrYRn2aP9uxOis4qPvym6y112u9XLWEdc3qmstnTqY44qeJ3NIoPIOjyRLgiEUlMqn/U/VoJWKmyyNdXFcZVBmxtZ8wHZEFu1zfDQUKV2V7GnUu0iWNm8n5AiGZVo4HQ/rPzcRIQ2I7CwFj4cAq1t3Q383W2KT1S8JGzONNPBFUrpVe0iC/U7Fa2D9gWcfThbAYOYxlmjTz3YN9kODIg6Q== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(39850400004)(366004)(376002)(396003)(346002)(66946007)(36756003)(19627235002)(66556008)(8676002)(956004)(8936002)(6486002)(6916009)(44832011)(7696005)(316002)(5660300002)(1076003)(45954011)(52116002)(66476007)(6666004)(38350700002)(38100700002)(4326008)(2906002)(186003)(16526019)(26005)(83380400001)(478600001)(966005)(2616005)(86362001)(54906003)(213903007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?KdFuvg6HrhkFD8NeSxEOI8Ecjq7tRpwdbZ/lU5en2av8j+mqGh9CM+eG30+u?= =?us-ascii?Q?ecDEWKe7dx3i1r7E6WY51b/38czoM8ZFelc9xYkXGXmFdCCVGXIStN+xglk8?= =?us-ascii?Q?WiT86pBL7qQOgX9iMDYxplkLIBH/d6Z7qY3DctyZ/WZDIEV75PlIdGy4Neab?= =?us-ascii?Q?4lffMWg1JGL5sKMrJj+zhjjLcFtdeWOTzGXHpYsC9T6Gu+AAm+ot80KvCz2F?= =?us-ascii?Q?sqXfj+enhvsbZgpaj5ptbb+RBE++5jpHATsErO1dR94WY43kquhsL8Uh2X9G?= =?us-ascii?Q?kCdqg6qSpy7tHHdwd/D/Hy161eY+tTJKhQQcTmydANlXslRhcm1W2Ph6m3eU?= =?us-ascii?Q?3W8+tz31q5AIGLQzjnHX3n/jYfy3be6u5FIo/m5qiPomdzbn7ojbAm7CdmSu?= =?us-ascii?Q?auib+oWGekttc42PaEc7dv84kuBP1ivMG4E4AjT5XB95orjDKgdLdq295WZ9?= =?us-ascii?Q?3/xFfQ5dX4Q/U6IxohexSCKftO1w2ynuGU7z68Ts0qvhb17WUnXEnWuNSnzQ?= =?us-ascii?Q?hjAai7T6+h/xu+8E0T8DJsKjpbPWmI4/e3z2oowkkhdobIw5GmW2xmc9FAxP?= =?us-ascii?Q?1taeKOKUmKmz/T6BAKdrasjiAJgMw48oELFUeq2deRj8qbqrBfSneY4+nwmR?= =?us-ascii?Q?nMgM5NmK0rSXFL29w6QmRHZJVQ7a8Q3m/R6DEH1VdZ22agZCYSqOUXEB/Q51?= =?us-ascii?Q?o8u0/LjTu+uI+2Y7xPs+hgsfdn9aAXHLZ8vb4hupucfM9LRqJyBZWroDiQ3M?= =?us-ascii?Q?rbcoGmnjpJCITGNtHMiFUxMl1QaOcK2PicA50/nS2irHe7ma41/7oPyrH5j6?= =?us-ascii?Q?NWr3VyISXm5/PoVs51Y2GER5Wgwq5yRYhzMigbgDfTWecAHZrjuypFRMxw9R?= =?us-ascii?Q?6Kw+wLX1qWX1qyu/s6iD9v6Ay8GDff11bHR5zxMAkxHaPu8mn6ey1c6C0FZV?= =?us-ascii?Q?PjdDYbDJaU9y1QGzFXHXz8MIyjZs6jKtslQQKKVMhiiWN7OxMNWK2CG0v6iH?= =?us-ascii?Q?jw5sRv4V4yYNTqP3KvtvXxdlcKF/IAmS45mlx39C/Jw4WrvXIUxnTTTBFYLQ?= =?us-ascii?Q?OBozFZauQNh1Z4dZgMwmSpaBxcuhL7AqesPtbJ0PstXVlJfXCAtlPeE0WlhO?= =?us-ascii?Q?n1W7rIMoInzETIx5RNMMlTfsSIIxHhuKCSwCk6OAgU6ZU+sMs1BTtjBMRLiP?= =?us-ascii?Q?lJDVbKbi1nWbmCJPzvLJXLSvJAttS92MFIiYbN+W++JLuU41Qn2K8vayr8JL?= =?us-ascii?Q?2WCITBxSJw8fLlwW98l7W+8dHftNGyWs+6MXiswxzlq+J0Tkl1QvvEt466K0?= =?us-ascii?Q?Hh/qmdiCDecc04RcRFwXmmLK?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2a3717bc-c87c-469f-ca60-08d915a03359 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 May 2021 23:46:45.1878 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: umoKb4W+hHcnQ6HG+RYF6bKiYlgyO8MXB7XvWUj3jKdSvBLRihUXRZwtvco8MGfflQqmMOoam4zJcTkwFwZMaA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2781 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 The MemEncryptSevClearMmioPageEncMask() helper can be used for clearing the memory encryption mask for the Mmio region. The MemEncryptSevClearMmioPageEncMask() is a simplified version of MemEncryptSevClearPageEncMask() -- it does not flush the caches after clearing the page encryption mask. Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Laszlo Ersek Cc: Erdem Aktas Reviewed-by: Laszlo Ersek Signed-off-by: Brijesh Singh --- OvmfPkg/Include/Library/MemEncryptSevLib.h | 25 ++++++++++++++ .../BaseMemEncryptSevLib/X64/VirtualMemory.h | 23 +++++++++++++ .../Ia32/MemEncryptSevLib.c | 31 +++++++++++++++++ .../X64/MemEncryptSevLib.c | 33 +++++++++++++++++++ .../X64/PeiDxeVirtualMemory.c | 33 +++++++++++++++++++ .../X64/SecVirtualMemory.c | 30 +++++++++++++++++ 6 files changed, 175 insertions(+) diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L= ibrary/MemEncryptSevLib.h index 99f15a7d1271..b91490d5d44d 100644 --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h @@ -203,4 +203,29 @@ MemEncryptSevGetAddressRangeState ( IN UINTN Length ); =20 +/** + This function clears memory encryption bit for the MMIO region specified= by + BaseAddress and NumPages. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] BaseAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] NumPages The number of pages from start memor= y + region. + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encryption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ); + #endif // _MEM_ENCRYPT_SEV_LIB_H_ diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h b/Ovm= fPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h index fe2a0b2826cd..8dc39e647b90 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h @@ -126,4 +126,27 @@ InternalMemEncryptSevGetAddressRangeState ( IN UINTN Length ); =20 +/** + This function clears memory encryption bit for the MMIO region specified= by + PhysicalAddress and Length. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] Length The length of memory region + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Length is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length + ); #endif diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b= /OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c index 12a5bf495bd7..169d3118e44f 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c @@ -111,3 +111,34 @@ MemEncryptSevGetAddressRangeState ( // return MemEncryptSevAddressRangeEncrypted; } + +/** + This function clears memory encryption bit for the MMIO region specified= by + BaseAddress and NumPages. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] BaseAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] NumPages The number of pages from start memor= y + region. + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encryption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + // + // Memory encryption bit is not accessible in 32-bit mode + // + return RETURN_UNSUPPORTED; +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c b/= OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c index 4fea6a6be0ac..a2bf698bcde7 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c @@ -118,3 +118,36 @@ MemEncryptSevGetAddressRangeState ( Length ); } + +/** + This function clears memory encryption bit for the mmio region specified= by + BaseAddress and NumPages. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] BaseAddress The physical address that is the sta= rt + address of a mmio region. + @param[in] NumPages The number of pages from start memor= y + region. + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encryption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + return InternalMemEncryptSevClearMmioPageEncMask ( + Cr3BaseAddress, + BaseAddress, + EFI_PAGES_TO_SIZE (NumPages) + ); + +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c= b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c index d3455e812bd1..a18d336a8789 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c @@ -891,3 +891,36 @@ InternalMemEncryptSevSetMemoryEncrypted ( Flush ); } + +/** + This function clears memory encryption bit for the MMIO region specified= by + PhysicalAddress and Length. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] Length The length of memory region + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Length is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length + ) +{ + return SetMemoryEncDec ( + Cr3BaseAddress, + PhysicalAddress, + Length, + ClearCBit, + FALSE + ); +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c b/= OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c index bca5e3febb1b..e0d3a15e8503 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c @@ -98,3 +98,33 @@ InternalMemEncryptSevSetMemoryEncrypted ( // return RETURN_UNSUPPORTED; } + +/** + This function clears memory encryption bit for the MMIO region specified= by + PhysicalAddress and Length. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] Length The length of memory region + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Length is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length + ) +{ + // + // This function is not available during SEC. + // + return RETURN_UNSUPPORTED; +} --=20 2.17.1