Re: [PATCH v4 1/4] OvmfPkg/MemEncryptHypercallLib: add library to support SEV hypercalls.

["Ashish Kalra" <ashish.kalra@amd.com>]

Hello Tom,

On Tue, Jun 22, 2021 at 05:47:48PM -0500, Tom Lendacky wrote:
...
> > +VOID
> > +EFIAPI
> > +SetMemoryEncDecHypercall3 (
> > +  IN PHYSICAL_ADDRESS PhysicalAddress,
> > +  IN UINTN            Pages,
> > +  IN UINTN            Mode
> > +  )
> > +{
> > +  if (MemEncryptSevEsIsEnabled ()) {
> > +    MSR_SEV_ES_GHCB_REGISTER  Msr;
> > +    GHCB                      *Ghcb;
> > +    BOOLEAN                   InterruptState;
> > +    UINT64                    Status;
> > +
> > +    Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB);
> > +    Ghcb = Msr.Ghcb;
> > +
> > +    VmgInit (Ghcb, &InterruptState);
> > +
> > +    Ghcb->SaveArea.Rax = KVM_HC_MAP_GPA_RANGE;
> > +    GhcbSetRegValid (Ghcb, GhcbRax);
> > +    Ghcb->SaveArea.Rbx = PhysicalAddress;
> > +    GhcbSetRegValid (Ghcb, GhcbRbx);
> > +    Ghcb->SaveArea.Rcx = Pages;
> > +    GhcbSetRegValid (Ghcb, GhcbRcx);
> > +    Ghcb->SaveArea.Rdx = Mode;
> > +    GhcbSetRegValid (Ghcb, GhcbRdx);
> > +    Ghcb->SaveArea.Cpl = AsmReadCs() & 0x3;
> > +    GhcbSetRegValid (Ghcb, GhcbCpl);
> > +
> > +    Status = VmgExit (Ghcb, SVM_EXIT_VMMCALL, 0, 0);
> > +    if (Status) {
> > +      DEBUG ((DEBUG_ERROR, "SVM_EXIT_VMMCALL failed %lx\n", Status));
> > +    }
> > +    VmgDone (Ghcb, InterruptState);
> > +  } else {
> > +    SetMemoryEncDecHypercall3AsmStub (
> > +      KVM_HC_MAP_GPA_RANGE,
> > +      PhysicalAddress,
> > +      Pages,
> > +      Mode
> > +      );
> > +  }
> > +}
> 
> You could just issue the VMMCALL and, for SEV-ES, let the VC handler take
> care of this. You would just have to add some smarts to the VC handler to
> compare the hypercall number and add the additional register values. You
> could probably get rid of a level of function calls that way. Thoughts?
> 

IIRC, we have already discussed this internally. 

Letting the VC handler do it was making it too complicated to add hooks 
inside the VmgExitLib, and corresponding updation of MdePkg and UefiCpuPkg
(as described in the email thread below), and at that time
Brijesh had suggested the use of this alternative VmgExit() approach.

Email thread copied below :

...
Well, I does not mean that you should literally use VMMCALL instruction instead you use its corresponding VMGEXIT number.
Something like this:

Status = VmgExit (Ghcb, SVM_EXIT_VMMCALL, 0, 0);

This way, a #VC will not be kicked in and there is no need to hook anything inside the VmgExitLib. Maybe Tom can correct me if that is not acceptable.

-Brijesh

>> I am not able to follow your OVMF patches, could you provide a very high level overview of what exactly you are trying to achieve?  Its possible that I am missing something fundamental but  why do we care of Hypercall inside the bare metal pkg (e.g MdePkg, UefiCpuPkg)? Why we are needing a  Hob etc ? IMO, a Hypercall implementation should be straight forward like what I did the SEV live migration. In case of ES, all you need to use the Ghcb instance to save the register values (rax, rbx, rcx etc) then invoke vmmcall instruction.
>
I need to do this hypercall validation and setup as part of VC# exception's VMMCALL handling,
i.e, in the VmgExitLib code. I need to use a HOB to store/cache hypercalls invoked during SEC
and PEI phase and flush them later at DXE IPL phase. As VmgExitLib code is invoked in SEC and
PEI phases and references MdePkg and UefiCpuPkg, i need to add HypercallLib references in UefiCpuPkg.

Also, i need to verify if Hypercall library interfaces are being invoked during SEC and/or PEI phase,
currently i do it by checking PcdOvmfSecGhcbBase and for accessing that i had to add reference to
it in MdePkg/MdePkg.dec and UefiCpuPkg/UefiCpuPkg.dec, if i can check that the Hypercall library
interfaces are being invoked in SEC/PEI phase using some other mechanism then i can drop this
reference to PcdOvmfSecGhcbBase.
...


Thanks,
Ashish