From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.52]) by mx.groups.io with SMTP id smtpd.web11.915.1626726362884574877 for ; Mon, 19 Jul 2021 13:26:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=oI2yxQCF; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.94.52, mailfrom: ashish.kalra@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X4yYaglAPKxiwgtR9rmrXSo1AEUT2wTpoaPm3G7EHNoT93iCfQkdNHP2mUdkOh79ekhwX44DoXiZTnN4W4OUcpEz7elEwyo7BgpjpnI2sMuzofo/JAtV8ln3or8t+CMkedCajY4G6O6Ywk23H1vwMMmpRGEq9TBdbMvZne9zcpF+80gPYJdPfroPLzULkLr43NnA94rzoIuNIkALJ+R+EClkprMiTGR1uoleldGFSeuKRn4YL8PnoTB34LzKPy6v/EJdTVpAA8HLMgQy2mUwHVrGo+2Ewm1vieyAkQkp4iEMPOCFA6NCp2hZYshiwmhEyA/OlPvgM2v2HIVG+MnhaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GXMQk8e4nbq8C0yO+KmfQiVYRI2Zon3DQhKHqUpiw88=; b=T74vEDFTbjO+KLFvJSM3efwXT6We59RSlwZFnpWs87EkWr7/5ZSz5NTr/G9t/1D7WVtvrifBpLL8AGYRK+MGBWZm/k/JihYuEatYhAcs2N31sVnVm4jK7nEbyX7jthCxNbpVphrb2UoIq7UvVKc3NHmHCqutKMuuC9M4wrwPP46fdrsG45dUXrGGnES8o4tjnZCWkG1XmrlR3GLjBfLjKhaICvJTuuIfV7jXB72QVWmdPVdDMULVOigAA+J8l1PU3F/lGe1HkcE2QfCd9nwh/1qJlQgT8ZAyoNXyQ+8malAw99MCDEa1aX++l49JHaGDZY8ZZ6JDuPDtsTXlbQhNnA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GXMQk8e4nbq8C0yO+KmfQiVYRI2Zon3DQhKHqUpiw88=; b=oI2yxQCF2rFp+IlUh5urc9exjz5PD7AuAjoHuDMhWWxBHvrOEDkzl7GHksBY/f8Ej46rGT3tZ2d80STcqdJgEO+Sb/nh1ktqwpiEYHlvwXoXx56WjqhgmYAIelfSC2dW1DdDmO6zKKTld3uZWWrZUqF7qg2QFYrQXDbY4JxTk5c= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) by SN6PR12MB2832.namprd12.prod.outlook.com (2603:10b6:805:eb::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.29; Mon, 19 Jul 2021 20:26:00 +0000 Received: from SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::e8b2:38db:240f:b3ec]) by SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::e8b2:38db:240f:b3ec%7]) with mapi id 15.20.4331.033; Mon, 19 Jul 2021 20:26:00 +0000 Date: Mon, 19 Jul 2021 20:25:58 +0000 From: "Ashish Kalra" To: Tom Lendacky Cc: devel@edk2.groups.io, dovmurik@linux.vnet.ibm.com, brijesh.singh@amd.com, tobin@ibm.com, jejb@linux.ibm.com, lersek@redhat.com, jordan.l.justen@intel.com, ard.biesheuvel@arm.com, erdemaktas@google.com, jiewen.yao@intel.com, min.m.xu@intel.com Subject: Re: [PATCH v5 2/4] OvmfPkg/VmgExitLib: Add support for hypercalls with SEV-ES. Message-ID: <20210719202558.GB24481@ashkalra_ubuntu_server> References: <5cf6633e2510dd399aba0d8dbb7b979577e77c13.1625687246.git.ashish.kalra@amd.com> In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) X-ClientProxiedBy: SA0PR11CA0155.namprd11.prod.outlook.com (2603:10b6:806:1bb::10) To SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) Return-Path: ashish.kalra@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from ashkalra_ubuntu_server (165.204.77.1) by SA0PR11CA0155.namprd11.prod.outlook.com (2603:10b6:806:1bb::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.28 via Frontend Transport; Mon, 19 Jul 2021 20:25:59 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d9b22107-1bf4-481c-b116-08d94af36c41 X-MS-TrafficTypeDiagnostic: SN6PR12MB2832: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:651; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oFsuuinpSuJ1p9hh/Eq/tgdTPDMMH3vWwmMcIuTOGb+dqbT/xqaP2kpcsG3E7aR+Lb2OmU8prFVqTnA0vvXVUwf2hmPE2xWZltZYRS3YedXsMiSbwLEQn742/MJJF8wH67IS1eypKG+1MEKqlVZ4A65A9vLXbPA05tqxEQtUIrayPDsodhWXSm23kt3GppUWkMFBpZ2GH3nQ/SwzqE5zUJKCX74Z8WpL4YSRek5l2pXNx+BLn6cDyvIcJMqjF6wTz5g3jcKs0Dyy7Rgz1FHi5SiyePYSnihPz3dRic4Q1P4faEg5PbfoJ62MwNt0Rsg9iysufNxiyd5ANqy3zqKIvFJcmQqJ/jY80esnkVDjKscov0E2UuO8Xs/4n2tgEZsgxTVUzOHMRha50mEMgaSsO2OgjP+bRYYwwPNTCuLtpGN5BgCixiuklCZWSbneR9dGT3cQmska9Wz3cRsqFWt6Bfsw6mkwXVlq1B244GqMklEozONuolh8lRXcMEvDxJCmJuel1Zmq+ahU6met1qpSec47SqIbc3THDxBArYKt9qZCRg0B6XtT94ddwPESlqFhHgf37BZjA3uMgvcvGddquvbobBqsMsSGF0YLI5Av7MAQ4TwU0jkxMnYxkqX0a/eUiSOl6nZfqU8/xzng8U1ncRdpKaG8ieBKx3Cdft0aK1W7n2wCTF23Av0biCsnalgNQifhZNrp+h/5/lpfYyQkHA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2767.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(346002)(376002)(396003)(136003)(39860400002)(366004)(4326008)(316002)(6636002)(5660300002)(33656002)(55016002)(8676002)(8936002)(38100700002)(9686003)(38350700002)(478600001)(7416002)(44832011)(956004)(6862004)(33716001)(52116002)(6496006)(1076003)(186003)(2906002)(53546011)(83380400001)(86362001)(66946007)(66476007)(26005)(66556008);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?yp0N4J03613Kqj1MGVyRXNBhXcLCCetBlzdlY9H8cJlDeGKjaS9YHvq4DJ9G?= =?us-ascii?Q?IQYfJadvfBRAY6g0SDxdWSjFRmRAAb2/vMxXLyW0sak+4EEJTfhmEKQCyAMj?= =?us-ascii?Q?zcHk7V1DcOQJLPTRbeIz4psc9SYcxnmrgK2zE6OCjjd3KZp2ePlOQl303v0q?= =?us-ascii?Q?t2tLMpg0aD6zvhY7IUuvAAG6BAr9LnwMHaadhDf17WxU4f17dOmUNuqX+cyA?= =?us-ascii?Q?O3LtVpoiyg39EVTlPF6WYWbhHHLlKaJ4LMpNUsVXACsaN07u7vhvDwp0okC2?= =?us-ascii?Q?xCfA9jPn5Twy9Ah+rSAmGLbAvwx0oCXKwZ5Ym2ADIPZ/90T5sqyOYJ7/Ygob?= =?us-ascii?Q?9U4BtbLCjUzIE8e6NlM+NkuI7AEvJyoivLmqBB/pcMVChhvd521Nk3qlnHmW?= =?us-ascii?Q?CfZLgcwq3w2KXyPIBIHGZvag+Dwa9I0Y+Z2j7rmTqMNofk/4ht/hhUWQjcN9?= =?us-ascii?Q?LgcXkCb0c4AsyKPApjd/ME3ICc2kthMuDBhcAS/7BIj183urTCuQ8OaWBEXQ?= =?us-ascii?Q?VXHIKsaxnHenvfF5xliqhbKaUPhClUl/0+zCO2Hl1b5w4x3p9eXAxjMPKs5n?= =?us-ascii?Q?7Q8nce1CvAhAqTHXkV4xu1hwks/aLcrCtmX/u/KNqH3tiaqGnZa7cyia2D/o?= =?us-ascii?Q?T9OPyI5sSQXnkEAmHpFatL8g2zbMk8aKy3iTM4cPn9OfT7IorLy72pysrp0Y?= =?us-ascii?Q?d3jtZnBEJe0g29yAmGIPWpmEFTb5Bm8LtKKSCAryiBVwg/RjDOE4AXOQgn5D?= =?us-ascii?Q?L7nIpqr+kmHF4wPRFEWPQ4s/+TDlrMCm52Tapvfw8KSbQx0NyP18M6mSyNTd?= =?us-ascii?Q?+8DkT2QAwTgPlEkF+/yA/Y2G39cwyr0ksomQDxzTvxnskAvNn5+sr3H9IOX6?= =?us-ascii?Q?0OKLmrlsbB8cQeVtLBmlvgsDW0Gez9B+Smr3DuZOM8XHzATz5Q3a/BF2D+DN?= =?us-ascii?Q?Dd/gple1koBNCBuFja0f8yIItybxvOZDHdXMi5OaqVdTYcP2/wH8ey7Qcsiw?= =?us-ascii?Q?pgtEZxljSVimiboqZQ/nEY8m9Kw0gDzSmt0G0migrGuZsqHpLbiZvhIVoRjk?= =?us-ascii?Q?z3wGDvmRzUswWBIJwo7pzJPfpgPdElth40IV8ti/1rey5yX+2Y1t+8fc4hCI?= =?us-ascii?Q?+LGyixtMdqDJaCw1gQSU5R1YGFBmc9HAptkZIIlsgm3fxI6m9AoaEu4VSeLr?= =?us-ascii?Q?2d234LvVmo2RTvrABqgBXRmJ646ZwMNFY0G/Fu0hEZ43KPQiubPEhYOVDciK?= =?us-ascii?Q?lGC8QFzWcXn4dILI2WxvHQ/wD3oZIVFCnU9Ba4wUKq6JeI1MEOQauNFZ3bml?= =?us-ascii?Q?sSfLELLhsUt4GlLbK43Wt+q0?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d9b22107-1bf4-481c-b116-08d94af36c41 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2767.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jul 2021 20:26:00.4677 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: sAkSpL2Q25Qz1tN3L0cIYbc91fcWPuFnYznIGe05Rx5EHvT8CI4OOscmOSyTktiAaUdmNkKJ1xuFaHq+qKSG+A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2832 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello Tom, On Fri, Jul 16, 2021 at 09:16:00AM -0500, Tom Lendacky wrote: > On 7/8/21 9:08 AM, Ashish Kalra wrote: > > From: Ashish Kalra > > > > The subject isn't correct since the #VC handler already supports > hypercalls. It should say something like "Make the #VC handler aware of > the encryption state change hypercall" or "Update the #VC handler to > support the encryption state change hypercall" or something like that. > Ok. > > Make the VC handler hypercall aware by adding support > > to compare the hypercall number and add the additional > > register values used by hypercall in the GHCB. > > > > Also mark the SEC GHCB page (that is mapped as > > unencrypted in ResetVector code) in the hypervisor > > guest page status tracking. > > This part of the commit message shoudn't be here any more. > Yes. > > > > Cc: Jordan Justen > > Cc: Laszlo Ersek > > Cc: Ard Biesheuvel > > Signed-off-by: Ashish Kalra > > --- > > OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 9 +++++++++ > > 1 file changed, 9 insertions(+) > > > > diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c > > index 41b0c8cc53..7f69bfab5f 100644 > > --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c > > +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c > > @@ -1171,6 +1171,15 @@ VmmCallExit ( > > Ghcb->SaveArea.Cpl = (UINT8) (Regs->Cs & 0x3); > > VmgSetOffsetValid (Ghcb, GhcbCpl); > > > > Add a comment that this hypercall requires these extra registers so you > are explicitly adding them. > Ok. Thanks, Ashish > > + if (Regs->Rax == KVM_HC_MAP_GPA_RANGE) { > > + Ghcb->SaveArea.Rbx = Regs->Rbx; > > + VmgSetOffsetValid (Ghcb, GhcbRbx); > > + Ghcb->SaveArea.Rcx = Regs->Rcx; > > + VmgSetOffsetValid (Ghcb, GhcbRcx); > > + Ghcb->SaveArea.Rdx = Regs->Rdx; > > + VmgSetOffsetValid (Ghcb, GhcbRdx); > > + } > > + > > Status = VmgExit (Ghcb, SVM_EXIT_VMMCALL, 0, 0); > > if (Status != 0) { > > return Status; > >