From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.64]) by mx.groups.io with SMTP id smtpd.web11.23729.1628519842450385816 for ; Mon, 09 Aug 2021 07:37:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=hz6juavL; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.64, mailfrom: ashish.kalra@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iaQMzK4GIkec4A3NQ8vLyi30CsocrC9RaS1VcMXzVzanF/O4PauJL6yV2E5O78HQJ9T0HUtw29mq5Z5AVfzrojg6d/maUdHNj6GD0TQ+ZbqM6UqjbvBxyZRXpOKBy0BKYmBACYU6yPdMw3HmMWQ2ongUqFjZF4WtMSObXfd+a70k0YB9uOP4r7+KBqRA/P1vHxr7NuKBFNUqPY3ZvNAu4kz0275bp+kXE05EOT0CAGo9zW9fZaCHTQO672ewp30vOCs5nh1zrBZkwdxea/8Abrapxx2/p8NenGvuIC0SFQOMcYSNEmTfabfMZc5Z6sHQLeczqymEc6Ne2UZG7hA0wg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z2uVysp5cTN0luLPq8wquoNsUwFT7mnrmjrI1wu8i/s=; b=DtXGaiy1MC+d1JMmax4oGPPiFfVb+N4OvvexXLmw0p7Np1S1B54jcM9LQ4N2kzwA9dVJW9kRXBR6rq4qXxAma4MSju9TeMEpgnGL+8uJ+w6FjxvwBxXd/KffwJB7++96BJs4y7/2NTSNK2KGfkg05ho+vhl6ESuZWg+F1PVsy18G8mi64wf3W490IkHrftytMEzFcfh4GS9g+88Bbs/R3e5Lb1y5S+K0y8rtL5odxCD+nWScFql+uXOqc2UH+En38CXEWzT6pEuVOSenAOq2zb1JHyVnwZ8mDkGEk15RITP9rArUEUTDCTfWyPW8OrgXmjko7g65ucLGc853K2bsrQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Z2uVysp5cTN0luLPq8wquoNsUwFT7mnrmjrI1wu8i/s=; b=hz6juavLSDHYeQ8rc9REW3ulqIkWMNXbDvyXgcH+zGAsWeutiNvi+AST5HTlPOcx7T9cBe6icYZnOi6Yf9VQBQ4sGEMyyqPjsdo/tcfr/K+6iOlySwzh7CX9n3IMFaINB7+v5Xb6D+sO5R/KZosq+r2olTmp0F/AVAfKlHHMg3I= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) by SA0PR12MB4365.namprd12.prod.outlook.com (2603:10b6:806:96::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.15; Mon, 9 Aug 2021 14:37:21 +0000 Received: from SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::491e:2642:bae2:8b73]) by SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::491e:2642:bae2:8b73%7]) with mapi id 15.20.4394.023; Mon, 9 Aug 2021 14:37:21 +0000 Date: Mon, 9 Aug 2021 14:37:14 +0000 From: "Ashish Kalra" To: Tom Lendacky Cc: devel@edk2.groups.io, dovmurik@linux.vnet.ibm.com, brijesh.singh@amd.com, tobin@ibm.com, jejb@linux.ibm.com, jordan.l.justen@intel.com, ard.biesheuvel@arm.com, erdemaktas@google.com, jiewen.yao@intel.com, min.m.xu@intel.com Subject: Re: [PATCH v6 1/6] OvmfPkg/BaseMemEncryptLib: Detect SEV live migration feature. Message-ID: <20210809143714.GA7990@ashkalra_ubuntu_server> References: <812023de6c20a9d8fc62a561cedefb93640effab.1627906232.git.ashish.kalra@amd.com> <172fa9d6-6edb-41b1-c827-03b04d964469@amd.com> In-Reply-To: <172fa9d6-6edb-41b1-c827-03b04d964469@amd.com> User-Agent: Mutt/1.9.4 (2018-02-28) X-ClientProxiedBy: SN4PR0601CA0017.namprd06.prod.outlook.com (2603:10b6:803:2f::27) To SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) Return-Path: ashish.kalra@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from ashkalra_ubuntu_server (165.204.77.1) by SN4PR0601CA0017.namprd06.prod.outlook.com (2603:10b6:803:2f::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.15 via Frontend Transport; Mon, 9 Aug 2021 14:37:20 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 81042e0b-4117-4039-6e65-08d95b4331d2 X-MS-TrafficTypeDiagnostic: SA0PR12MB4365: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: dyIEz7KH+EZDw09aySPH+r8eljmsPX7xbjR1HmY68F+ReOrrm/pnxTxCykRmXGVf253cpJ3ykcU+PKjKKHSAReYz0BnioViT+KyDu0jhVHWSxZD+4DrExCNoR/NHd8RfRheUArZ/Ad6By5/xzjwL5U8qvWV18bEkoqMbmuAjmNhWbdnxReGeYHh5ebQSvqMD7S+FR604FKrO0pAJtB3bbwJb++kH3+NBTWWdDSM3MGs0djQn7FfhBCidJGFMFBu8+XpWDZnIA/hlxLIlfwSWKw3BuaOme/0hD8sM6pDTdMEJD7jYVQZex2NiQnYK5+Yu0lv005lyTxSuHdciEgC+fd97uIr02drjNk3kGzlhtNNBk6r/U9frTlLRbp+Rvk/qxwdYNRORTxSlXpmcaScKE/bLLABtxp7FDdPO017Ta7mWCrGI4FRH5V659ydpQfeMo53BSUCz5dEe/uGeVG6WpTnBAsUAmOK5dzSae4MRaFVbS7kxyl0zWtiC0PAmi6CR7ZROUbkGWH/JO1NgzCkrBUczPvcWccoHZPpBbIGgmBY8aTpyWq9rYYmf2uqkUHXchETLcSvK0Pw9XKD9WeX8RXYar/ux55Fq2tdosQgzx42HRwDNmYxm3TCEXIQidm0RgU+gaqD8WHodumMP9OScKT07wuSNhLs55RM1vsdu8x/vkHioVLD+LnOLOw/HYljou318z4gaFr6abK88uTDu2KbASdOyewZXCbXyBJ2RndVSPval1I4xZEUz0THCA8t5bsN4NUq6sY0cA0qIKLXkqbfZtNlc8v0xhgT9cqj2q4c= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2767.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(376002)(136003)(346002)(366004)(39860400002)(966005)(38350700002)(9686003)(478600001)(86362001)(316002)(38100700002)(55016002)(4326008)(33716001)(52116002)(2906002)(6862004)(6496006)(6636002)(6666004)(8936002)(83380400001)(53546011)(186003)(8676002)(5660300002)(1076003)(26005)(66556008)(33656002)(44832011)(66476007)(956004)(66946007);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?ybBLOwqkTLha6YkuSiuJxsdX70GXvDeJAeciq47seXIYQHLQabXDyf3XU1KT?= =?us-ascii?Q?CAng2gvNTMLsqQndFX9959KslZghM6OY13gwdpWcbs+wf0G9J/5cTgQ2N62o?= =?us-ascii?Q?ilvlEDy1mmv9PM7UHVyZwkZhnEyAkh9f5ZERxKgpHHydPgvhKw3gp/DDBXVZ?= =?us-ascii?Q?iqomZUXqWVQY0OWUkrwYBh7L5zWEfmtbD/D621pCt7K1hR6IRdeAOR48Xrfb?= =?us-ascii?Q?I81BX+6GVAQoTgXjcZNuxbiRF5BAwL+2LAg3K25MLps4DWKv4XB1QdMhjQHY?= =?us-ascii?Q?QmCMSy9gX5iI0U1A+An2KU2T1YbAbyjgB+wRQHTXuxkuEGb22oRskuIRS/X7?= =?us-ascii?Q?/dEHcnto7wI2zR1yQ/AUCUx2cZAs+Sc0nnMRcpOmVVW4SFd888l+YYN1DGHK?= =?us-ascii?Q?Of4P8azgOw/ZCiMVu/OoVgS9D+c+KbSHWgAOklz83bhoWqz9R7U0NZYPbfVE?= =?us-ascii?Q?/XOhpio57MHA+B5NGNJO88YZS4yYQA48BbUP1fQFIF3ygvDROC0OmIDP7vKb?= =?us-ascii?Q?RKwG8Cr6urE5OSGnlEWUcgKp8WIksNv3eytflKqTMxOUEOVJwZwjmfSRWNOh?= =?us-ascii?Q?trB8jbMyFL7QV+8jPkgyW4w+et4f92O2wOwo/C5ogYEJP2tzjaJlm6CK+kSo?= =?us-ascii?Q?97+22tcYPXfUuAKi5li9cMjVSuLKB1isETm/qpvbrSvijcmGO3SqUDOLxGit?= =?us-ascii?Q?CGUivUQCd3iVEh5iCSKm7JppsUjRke0q/DLTh8Pzbpw4I1XMK+Mt8MVwOFc7?= =?us-ascii?Q?KwNGutwyUHoAULSLexGvNRsatdbBW1+v0TBWj7Acv0YTCu5py+E9TCFuJkde?= =?us-ascii?Q?TfuqpHF8ZGBmDFEo/mZLg8QomM0IJGGNStzR5fdoPQooqrX2rVqcXZBQtOex?= =?us-ascii?Q?HQ6vSS6G7DXsnOTkAqiiz8Zxf71le+rx/0K8WhJYRyJ8qH4WO/blT+bT9HVX?= =?us-ascii?Q?0jHOxXHecEmco+uMLshNxhxL0xqaxQDTyf910xW/t4DztbJIfKQAqEQVnsA8?= =?us-ascii?Q?Sgts6K7zpY+PjJ0IjHtjaFk9WZD6uWHeF+C15FHnjucY6IyYXTO+rfxqXLHK?= =?us-ascii?Q?JX3LGj6R8jEg7rZiKR50B/UGYU8o2B/1XwRsqiyE6MgZ/DLSUYgEBSTqt2sd?= =?us-ascii?Q?oSWk7N7cnBNDlQnCuB3CXBYy1t/+eyOJQQ/Tkp4d5IrUpABPBqmVJQJeRsf2?= =?us-ascii?Q?xhm5t9iCFu5ngZIJZlu//Bok6J7QHSMgfc8JJiftUkFTwNVa/Fu1UYElXmLT?= =?us-ascii?Q?4KIN9AVjiQAStnoZe/yZsuwM/WBuZbyAaEP0/jfSCrFP5Qk89VWEkAJu6KFO?= =?us-ascii?Q?bWs0VO/sruKheuynGTva7vTu?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 81042e0b-4117-4039-6e65-08d95b4331d2 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2767.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Aug 2021 14:37:20.8203 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FOKS9UK0O6+XM11ZjW7VB0PlcUzEj7Ni9hXEV7Hiw6cLvmk2j4P7NC8V+F01w6oIrXoHXQjET6APn5PGvL/67Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4365 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello Tom, On Mon, Aug 09, 2021 at 08:41:27AM -0500, Tom Lendacky wrote: > On 8/2/21 7:31 AM, Ashish Kalra wrote: > > + > > + Signature[12] = '\0'; > > + for (mKvmLeaf = 0x40000000; mKvmLeaf < 0x40010000; mKvmLeaf += 0x100) { > > I still really don't understand the need for the CPUID loop. KVM only ever > programs CPUID function 0x40000000, right? > Yes KVM only programs CPUID function 0x40000000, as do other hypervisors like Hyper-V. Also mentioned that leaf 0x40000000 is the Hypervisor CPUID leaf range and vendor ID signature in MSFT Hypervisor Interface document. But looking at linux kernel code for the same functionality : static inline uint32_t hypervisor_cpuid_base(const char *sig, uint32_t leaves) { uint32_t base, eax, signature[3]; for (base = 0x40000000; base < 0x40010000; base += 0x100) { cpuid(base, &eax, &signature[0], &signature[1], &signature[2]); if (!memcmp(sig, signature, 12) ... ... And the Xen detection code in OVMF: for (mXenLeaf = 0x40000000; mXenLeaf < 0x40010000; mXenLeaf += 0x100) { AsmCpuid (mXenLeaf, NULL, (UINT32 *) &Signature[0], (UINT32 *) &Signature[4], (UINT32 *) &Signature[8]); if (!AsciiStrCmp ((CHAR8 *) Signature, "XenVMMXenVMM")) { return TRUE; The above functions are doing a loop-test. The kernel patch also mentions about the loop-test : https://lore.kernel.org/kvm/51FF1E26.6010707@redhat.com/t/ This patch introduce hypervisor_cpuid_base() which loop test the hypervisor existence function until the signature match and check the number of leaves if required. This could be used by Xen/KVM guest to detect the existence of hypervisor. The above patches/functions don't have any additonal documentation for why are they doing the loop-test ? I don't want to miss any functionality, hence i am reusing the same loop-test code. Thanks, Ashish > > + AsmCpuid ( > > + mKvmLeaf, > > + NULL, > > + (UINT32 *) &Signature[0], > > + (UINT32 *) &Signature[4], > > + (UINT32 *) &Signature[8]); > > + > > + if (AsciiStrCmp (Signature, "KVMKVMKVM") == 0) { > > + DEBUG (( > > + DEBUG_INFO, > > + "%a: KVM Detected, signature = %a\n", > > + __FUNCTION__, > > + Signature > > + )); > > + > > + RegEax = mKvmLeaf + 1; > > + RegEcx = 0; > > + AsmCpuid (mKvmLeaf + 1, &RegEax, &RegEbx, &RegEcx, &RegEdx); > > + if ((RegEax & KVM_FEATURE_MIGRATION_CONTROL) != 0) { > > + DEBUG (( > > + DEBUG_INFO, > > + "%a: SEV Live Migration feature supported\n", > > + __FUNCTION__ > > + )); > > + > > + return TRUE; > > + } > > + } > > + } > > + > > + return FALSE; > > +}