From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com []) by mx.groups.io with SMTP id smtpd.web09.15906.1621448415547919253 for ; Wed, 19 May 2021 11:20:16 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=ecUTT6rZ; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: , mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eoFmv1t71I3NbLb3Uu47jkiP4Pm0kXEXXF19xE6hDfTTsKsXU7GJ2R+1D/+Z83POg7YE2tKnMPb36OSwnd01u6bEtqKDDrN+geDuMHf6X976u+P6vN/lCIOucG9M1zsfiJ3spqrfBynSEbE70Wm1FpKz4FUDj2rxIpsQm9sGqvjYpZ+lxL78zSYkT+6AzqP1P76NKNmZwr0NlYhYUXJRXXnJ+NojQwE+0Hv87cXlPXto+j1kjI6ztdmKK4GTkx17Rpx08xINArskeJ/mkm3ajN5NlohiBmuhk08Hx75tCrksobjuuUr9EnPQEyfcwLhne85h4t0uI4PO1tbe/go4Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZEZGcqArN7aJZqgUxpRSdFkwW7N58e/ychUCW5J5HSY=; b=aCiLaXBIS+UJ14Sdxqbb7volzr+VW4eT5ZFFHmLsyH4cB4ANgLa51s6kixena2poTIHpdRmFWeV5p0XpH1fguoh2/FFemj0rJ057YYqBwbMcSvF15nSDL2YtRUIKCM85OgVjqG6csbxlUHIopMyHWzuepqOx0eTinTiq4eClUSepSpJsV4p2izzm5qHMFO2w0kZqUt51IfolgKLFKIaJdVYDcsW4qCAGKgNUG4z1HCjPGsdaYbvKOhgozAmvRRjNX5by+tQ0IhsJicl5IqxB4PxW87PZ+aqz53MLMyyFz9GDNZMjNyfGrhytWrhFQAWk4ZJgtJqSXnLXmWAaffb0aw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZEZGcqArN7aJZqgUxpRSdFkwW7N58e/ychUCW5J5HSY=; b=ecUTT6rZkxPM7xAWoNqO8BD3x7ZeAHWlap4bGmFSAG3pe8BgdVMJtAW/Nhzt1oncShvl8MTXlFrSOcipL1k3WuFXrUdhlB+UpE1fMPGBBa+23WeJHyXbjJW5Ys2QfMtTRoDiL1ZYL+LmleHxkmbGYQJ+DP2obnB0iX9hUF85EZo= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2413.namprd12.prod.outlook.com (2603:10b6:802:2b::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4129.25; Wed, 19 May 2021 18:20:12 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4129.032; Wed, 19 May 2021 18:20:12 +0000 From: "Brijesh Singh" To: devel@edk2.groups.io CC: Brijesh Singh , James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas Subject: [PATCH v3 09/13] OvmfPkg/BaseMemEncryptSevLib: introduce MemEncryptSevClearMmioPageEncMask() Date: Wed, 19 May 2021 13:19:45 -0500 Message-ID: <20210519181949.6574-10-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210519181949.6574-1-brijesh.singh@amd.com> References: <20210519181949.6574-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN7PR04CA0212.namprd04.prod.outlook.com (2603:10b6:806:127::7) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN7PR04CA0212.namprd04.prod.outlook.com (2603:10b6:806:127::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4129.25 via Frontend Transport; Wed, 19 May 2021 18:20:11 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 8a2cffa4-5548-4c94-8164-08d91af2bded X-MS-TrafficTypeDiagnostic: SN1PR12MB2413: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Fff4u62DJ/ilGSiTXhBorfYE8bvOZtoLxNUQ6Q2O8by1lylddj4XhoJzhXHt/osLEiiPwJPJhHp2u/sfRkcLH2qgW082ssf0waFFIUwLtv03leU1JCg93jUFZfKKrBshF1gOeWHD0dH50YbwwbDzwOOUIVfIQsshw9T95vkfOFHV/YBlvlW0p8OnH5HfkAXHP/krrCX3Zppxw0f60ySk3N4UevxDVk9HAqnfGn6KK9oJhYQQq0eFH/1Dmp6W/7eTFBVFAM4V+ej3rtFkGAPEvnpmsff7rfGUAxAL4NMDHJD84hE9pu2BusK6mBi1OtcDohgmHuqdpysuOqlUKuUo+9yme0j7uUKBiFyy6F673gPSz4yaOS2gj0nsknF7pf6/FXPty3QSmbhZKAmXeqF0PI1xggQf0I9KlywBuZy4GGRsj0FBOj9Ql47NJbNqbR+8aHtI5aAJdru86yqhGO+Am5PZzvKWmhXmGlad9oXEdb4Trpogb2PWr49E/kkI9GvbP1kRkXluVPafwKxUpHhl2/h0fabi3K1vL2ydRxP+Xp+tzt6oVr7MfFnqEMGg045WpSE0ydT90Kp40dTfbTMnIhvU523qUNlQxTirux2TtDemBrHGljZBeBaZNzex1mGRVSd7OTfaSpEIN/Y/lM/ht04Y/PEmiusvYTVxOqDGF8dER7j0ixowW2Xj1U/GJ6bP1U8agcn+HCvTt3+vABU6Qr9elXKBdq+Ko7mZ/3q7d9Yii5S11kbKNin1i8/v77swa2cnJSISWZawE7d68zIg3A== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(376002)(366004)(346002)(39860400002)(136003)(44832011)(45954011)(1076003)(54906003)(8936002)(19627235002)(8676002)(26005)(186003)(316002)(6916009)(5660300002)(38100700002)(16526019)(38350700002)(2906002)(83380400001)(956004)(2616005)(7696005)(52116002)(6486002)(66556008)(86362001)(36756003)(6666004)(4326008)(966005)(66946007)(66476007)(478600001)(213903007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?CBIzZG0najUjUHWeK0fyF1GWtSz6xnx1OWbP4bj77Ajt+H4VNWP8no24Uxc3?= =?us-ascii?Q?4pIWSM5bUkbgwOszPZrsn9UtmCogOjnMlU0tXD/Ust/FgExnj5ua4hcnTTNB?= =?us-ascii?Q?WNVMLyGg+xfvaBgC621EUlLnGNMKrsMKE+ZqT9ueT/0HxaQG5Q9SkQLzGDXr?= =?us-ascii?Q?4q+Y+cGv7tJq3ex9h4BKhkvCxmtRsam58ucErHEOB4UbYIaePKiH5Sy3MlSU?= =?us-ascii?Q?ainU2J3UVPdEcWz2MApVAwfKo16iF2jPWTGbTxeweFypphT1KWtP9U8Oos9/?= =?us-ascii?Q?95GQIxSCbATni3FW7SbOTrwA4B6xuIxWapowSi97FAKydONe7cJ55a14IFw5?= =?us-ascii?Q?0gwK4EUSBwDGwbZred7HXiTgHjmmuSwR6j0XXbwVuCSmY3x2e44vJCMs0Gle?= =?us-ascii?Q?7u6+Lpv13ivS/nK4dxbvPYhds/yRUVS95eVVOKZT8OI7O0wm12xX6ut8kTTm?= =?us-ascii?Q?gJT/cTINBxaUa6QeRcPKZ9np6ytpIPfbWUq+5hG35KmQUG1r6FzeQO9gIn7T?= =?us-ascii?Q?pt7S9qkOdExmmZpuBU2HE/JxSfkjjhsvzHKiV0YbwPM95oen4E5OpckyMA2B?= =?us-ascii?Q?G1OCEost9xYKcp+JW2vxyvocNRNwL8HOAT4TngBXqYGb4t9dr/tzYWC7dpCB?= =?us-ascii?Q?loNT0pI9WtP5SAJGqiqLrd09emzrOuY/VlxuucpDdMg8pKjhTf3dmiwYMSoV?= =?us-ascii?Q?PzYmM74jKv/iQF2vHIipZksVj6aFsMIsgiqFXSA3ozOMKtvgsev/OxavMhuU?= =?us-ascii?Q?owYtJU7y1M4hmMyZClHSHaoI3bUUno/dUsWzV3wq5pNlfuwit3qTs49jnh80?= =?us-ascii?Q?gtVQdyqcPtfhEp/xlcF2xhNNK0FHG/aHXDMhBDTMl1/EkDSIJcSLq/sK9ubu?= =?us-ascii?Q?W5OY+d7Dt787oBTkpRkrOQkATyv0ge2pMXKQ+7nBpuvxKUgfnyLzB9pJ8z8c?= =?us-ascii?Q?VEysranUCwkwjkhUwLmATPMwMzGITisQYCux14ddkOpQIba+ja1bL+SUgejx?= =?us-ascii?Q?CFewwGpjIpe1khJQ/zv890N/xyE43DAPj7yk20Wsr1vBj5te69oe1cHgSpKb?= =?us-ascii?Q?vIlbOA3Pi19aMjFtAYNPJjiW8KbgysGKDGB8kM2aDXV2nPWqG4fv8ldLZPWF?= =?us-ascii?Q?CBR8C/zXRfRMCW0pMP6GwIkcBl8YyxSZ3VViSnbHYzX2VtWG48/P5CMQiXnH?= =?us-ascii?Q?xtl5eM4nuAm7F5b31+QxnLian3sYJ+tQC9QoPmhrg3EA6qX/Df4tXIv0raiG?= =?us-ascii?Q?GEIyYKVMOFPQsYsejV8p9cmQq+hy6fT49GjO/QJ3+3oZ3wYpOz94Uu1oq4qh?= =?us-ascii?Q?PFZoshJyUNAEiUGeboreH/4d?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8a2cffa4-5548-4c94-8164-08d91af2bded X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 May 2021 18:20:12.2031 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Ahex9TnsuAc2xA1YCOHoFW1P5BiqThLjfNa2iVB3zmbGWNGWp2BwuRyRJh/W5yd0t29OfW0UIue+FvPwxqCD9g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2413 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 The MemEncryptSevClearMmioPageEncMask() helper can be used for clearing the memory encryption mask for the Mmio region. The MemEncryptSevClearMmioPageEncMask() is a simplified version of MemEncryptSevClearPageEncMask() -- it does not flush the caches after clearing the page encryption mask. Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Laszlo Ersek Cc: Erdem Aktas Reviewed-by: Laszlo Ersek Signed-off-by: Brijesh Singh --- OvmfPkg/Include/Library/MemEncryptSevLib.h | 25 ++++++++++++++ .../BaseMemEncryptSevLib/X64/VirtualMemory.h | 23 +++++++++++++ .../Ia32/MemEncryptSevLib.c | 31 +++++++++++++++++ .../X64/MemEncryptSevLib.c | 33 +++++++++++++++++++ .../X64/PeiDxeVirtualMemory.c | 33 +++++++++++++++++++ .../X64/SecVirtualMemory.c | 30 +++++++++++++++++ 6 files changed, 175 insertions(+) diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L= ibrary/MemEncryptSevLib.h index 99f15a7d1271..b91490d5d44d 100644 --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h @@ -203,4 +203,29 @@ MemEncryptSevGetAddressRangeState ( IN UINTN Length ); =20 +/** + This function clears memory encryption bit for the MMIO region specified= by + BaseAddress and NumPages. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] BaseAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] NumPages The number of pages from start memor= y + region. + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encryption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ); + #endif // _MEM_ENCRYPT_SEV_LIB_H_ diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h b/Ovm= fPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h index fe2a0b2826cd..8dc39e647b90 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h @@ -126,4 +126,27 @@ InternalMemEncryptSevGetAddressRangeState ( IN UINTN Length ); =20 +/** + This function clears memory encryption bit for the MMIO region specified= by + PhysicalAddress and Length. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] Length The length of memory region + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Length is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length + ); #endif diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b= /OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c index 12a5bf495bd7..169d3118e44f 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c @@ -111,3 +111,34 @@ MemEncryptSevGetAddressRangeState ( // return MemEncryptSevAddressRangeEncrypted; } + +/** + This function clears memory encryption bit for the MMIO region specified= by + BaseAddress and NumPages. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] BaseAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] NumPages The number of pages from start memor= y + region. + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encryption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + // + // Memory encryption bit is not accessible in 32-bit mode + // + return RETURN_UNSUPPORTED; +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c b/= OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c index 4fea6a6be0ac..a2bf698bcde7 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c @@ -118,3 +118,36 @@ MemEncryptSevGetAddressRangeState ( Length ); } + +/** + This function clears memory encryption bit for the mmio region specified= by + BaseAddress and NumPages. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] BaseAddress The physical address that is the sta= rt + address of a mmio region. + @param[in] NumPages The number of pages from start memor= y + region. + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encryption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + return InternalMemEncryptSevClearMmioPageEncMask ( + Cr3BaseAddress, + BaseAddress, + EFI_PAGES_TO_SIZE (NumPages) + ); + +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c= b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c index d3455e812bd1..a18d336a8789 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c @@ -891,3 +891,36 @@ InternalMemEncryptSevSetMemoryEncrypted ( Flush ); } + +/** + This function clears memory encryption bit for the MMIO region specified= by + PhysicalAddress and Length. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] Length The length of memory region + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Length is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length + ) +{ + return SetMemoryEncDec ( + Cr3BaseAddress, + PhysicalAddress, + Length, + ClearCBit, + FALSE + ); +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c b/= OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c index bca5e3febb1b..e0d3a15e8503 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c @@ -98,3 +98,33 @@ InternalMemEncryptSevSetMemoryEncrypted ( // return RETURN_UNSUPPORTED; } + +/** + This function clears memory encryption bit for the MMIO region specified= by + PhysicalAddress and Length. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a MMIO region. + @param[in] Length The length of memory region + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Length is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevClearMmioPageEncMask ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length + ) +{ + // + // This function is not available during SEC. + // + return RETURN_UNSUPPORTED; +} --=20 2.17.1