From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.66])
 by mx.groups.io with SMTP id smtpd.web08.15124.1634672411495047034
 for <devel@edk2.groups.io>;
 Tue, 19 Oct 2021 12:40:11 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=IpLhDcLz;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.66, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=mnk0beA9wexQiLi1OSKyRFGaBL1pRDV3IghFHvsDnfIol8NzruaSNSc+A6dinYS1OGVClQ7A2Unbj7TmL3wYoAH9chMgtfWHpnPAAVvp6AlsWX93ZI2lMG2B9RoZQbuVgyrOQPsTlEFziLR+v+YAL7YnC2hHfR5MnbOt9VJGlBi5D4mtGLNMY7UajUNxENMEs+yJFedgZmN/wWo7Cfwqqgr2qfGGz2u9J4OHoyF2ciPxeMvoSWg/PACNQZKrrJMQivtzB6tVj4KHiJaHu0J0yPoHSh7yC/5P5BaWtHoUSfyIN4SfZMyQyCp18R0Dbqm/XeIzXi2gTgASF4kAFDksdQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=Q6HQ63H/k5ZI59rWdYxFdKGNSniqT6uV6ish/gKEeEo=;
 b=cqEK6tMkom/22uiZHZuAcSsb296fbCWUD3rBoY/jRq607pTIF6SS+G6+dXovnyaMM4hI6oc42E7iASogQh9DjKFF5K43w4SWrDF+qJy7AE/2EtCGbPgV3/RUgzyFYRxPDTQqt2lGnJXI06xGzon2Bf/kIbeMNtPX08WvwJayiEOckj0A2mRp0MKZxRijehy8DCfcj8oO8pnbk9st34QDp887kU5ymg0CsIs9W4Qc/igSFC3UQUmbg9icfYBx5by9CRnfS2YHI0MaS+He5rHqZeGBdqRHwOdkt7AM7GbhIF9vwBvNyOtL5EhOu0AQE6aoWxgdT6RIaGH8T12ciCrWMA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Q6HQ63H/k5ZI59rWdYxFdKGNSniqT6uV6ish/gKEeEo=;
 b=IpLhDcLzPkLBt2CbKXESBF8SICYeV/AhzUMyq80RPqSCvtdWa0lAH5SR6dgtVftLUmclYn3gC27hSM07PPU4fSuSMstZXPgnc2GnkdE7HJmcAadNijFWWcYv5KiRwTEDZqc1YsOIaCg0WFEKaupHdBKAc72d7AZR2oksSUIl4Ak=
Received: from MWHPR14CA0054.namprd14.prod.outlook.com (2603:10b6:300:81::16)
 by SN6PR12MB2735.namprd12.prod.outlook.com (2603:10b6:805:69::26) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.18; Tue, 19 Oct
 2021 19:40:06 +0000
Received: from CO1NAM11FT004.eop-nam11.prod.protection.outlook.com
 (2603:10b6:300:81:cafe::b6) by MWHPR14CA0054.outlook.office365.com
 (2603:10b6:300:81::16) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.15 via Frontend
 Transport; Tue, 19 Oct 2021 19:40:06 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com;
Received: from SATLEXMB04.amd.com (165.204.84.17) by
 CO1NAM11FT004.mail.protection.outlook.com (10.13.175.89) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.4608.15 via Frontend Transport; Tue, 19 Oct 2021 19:40:05 +0000
Received: from sbrijesh-desktop.amd.com (10.180.168.240) by SATLEXMB04.amd.com
 (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.15; Tue, 19 Oct
 2021 14:39:58 -0500
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: <devel@edk2.groups.io>
CC: James Bottomley <jejb@linux.ibm.com>, Min Xu <min.m.xu@intel.com>, "Jiewen
 Yao" <jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, "Jordan
 Justen" <jordan.l.justen@intel.com>, Ard Biesheuvel
	<ardb+tianocore@kernel.org>, Erdem Aktas <erdemaktas@google.com>, "Michael
 Roth" <Michael.Roth@amd.com>, Gerd Hoffmann <kraxel@redhat.com>, Brijesh
 Singh <brijesh.singh@amd.com>, Michael Roth <michael.roth@amd.com>, Jiewen
 Yao <Jiewen.yao@intel.com>
Subject: [PATCH v10 10/32] OvmfPkg/SecMain: register GHCB gpa for the SEV-SNP guest
Date: Tue, 19 Oct 2021 14:39:12 -0500
Message-ID: <20211019193934.1052465-11-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20211019193934.1052465-1-brijesh.singh@amd.com>
References: <20211019193934.1052465-1-brijesh.singh@amd.com>
MIME-Version: 1.0
Return-Path: brijesh.singh@amd.com
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 25be17f5-8da4-4d13-8cd4-08d993384080
X-MS-TrafficTypeDiagnostic: SN6PR12MB2735:
X-Microsoft-Antispam-PRVS: 
	<SN6PR12MB2735C8543BC5107624EEBC5BE5BD9@SN6PR12MB2735.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	XlQoRDSpJNBYcTn+Low13V9EGPnViUzgC81IBvrvF/AWFovDHZClNVF9r6Wntwb6knWhYrYBWTs3Rx+4dsZQiag90Pl/R6CwP2vpUzi2i7zfaHy9I59NVlnujNsIx+xOnfbxg7FZQzlKfxtTBALxlsnephqqYBleXDDrloXwEShyqrexs8Rr95nWOgM6hC3nNV+/48rOTogibgx+nms//nndXtC1nfQKkD+StfXh4xCJUpDkz2QeXtHY8hNdBaUJsAjsA0FauLhZIWmK2cmsKQ3yqPtdG36RgMjKaUAZcKSMe7XTyL5TqacZoTyqpTHxkQMXoo9iw7q6O5xPa9XURiK40kTMQA8oyZWulEzh/QgAPAYfi9SiyX/+ayK/L9kLxucce35dugRSCsK5jMgF8R/Kh/r8DwbP6s+pB+5Tm/TuZ8NcJenWmKaDGK3wbdjvmE4UHWj02GxBr3wnc2Pa+iQBeUv/Rduvq9L3fyfXDaUQb/neB8ISCkkBCKSyHp/QQiz6grxPuXWdNq7L47X8oyfMDGHyrKnbojQrf67tVxY3vy2dJkiFFkz/G60Pou8J2iUqzwTfXW6IAt/jc6fF/b5zsqxZDvQVR92KhCQPMhSSvymQv/ARsIQiMFNjfzjJji5p6Z5N8OEMUwTjreoiL9pb3aM+kQKIhfo7tdFUZsWcMzolLRwPjIx0ZsiMVDqgavSvOgw7BQoTu/K5Dem24AXi902AzjjYRmjWZzlIfp336DNpu5rO5k3df6EprQ4QhzLKwsYQCyaESMxgEMS8e0BnoBDymDeYuG5AfkKpFBfCb7fsuVU3lDeBWZ4Se09A
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(4636009)(36840700001)(46966006)(47076005)(336012)(5660300002)(83380400001)(186003)(2906002)(6666004)(86362001)(7696005)(2616005)(44832011)(26005)(8936002)(16526019)(81166007)(36860700001)(70206006)(1076003)(356005)(6916009)(508600001)(36756003)(8676002)(966005)(54906003)(82310400003)(426003)(316002)(4326008)(70586007)(36900700001);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Oct 2021 19:40:05.7734
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 25be17f5-8da4-4d13-8cd4-08d993384080
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CO1NAM11FT004.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2735
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

The SEV-SNP guest requires that GHCB GPA must be registered before using.
See the GHCB specification section 2.3.2 for more details.

Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/Sec/AmdSev.c | 118 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 118 insertions(+)

diff --git a/OvmfPkg/Sec/AmdSev.c b/OvmfPkg/Sec/AmdSev.c
index 7f74e8bfe88e..9dd42b195785 100644
--- a/OvmfPkg/Sec/AmdSev.c
+++ b/OvmfPkg/Sec/AmdSev.c
@@ -48,6 +48,103 @@ SevEsProtocolFailure (
   CpuDeadLoop ();
 }
=20
+/**
+  Determine if SEV-SNP is active.
+
+  @retval TRUE   SEV-SNP is enabled
+  @retval FALSE  SEV-SNP is not enabled
+
+**/
+STATIC
+BOOLEAN
+SevSnpIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER           Msr;
+
+  //
+  // Read the SEV_STATUS MSR to determine whether SEV-SNP is active.
+  //
+  Msr.Uint32 =3D AsmReadMsr32 (MSR_SEV_STATUS);
+
+  //
+  // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+  //
+  if (Msr.Bits.SevSnpBit) {
+    return TRUE;
+  }
+
+  return FALSE;
+}
+
+/**
+ Register the GHCB GPA
+
+*/
+STATIC
+VOID
+SevSnpGhcbRegister (
+  UINTN   Address
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+  EFI_PHYSICAL_ADDRESS      GuestFrameNumber;
+
+  GuestFrameNumber =3D Address >> EFI_PAGE_SHIFT;
+
+  //
+  // Use the GHCB MSR Protocol to request to register the GPA.
+  //
+  Msr.GhcbPhysicalAddress =3D 0;
+  Msr.GhcbGpaRegister.Function =3D GHCB_INFO_GHCB_GPA_REGISTER_REQUEST;
+  Msr.GhcbGpaRegister.GuestFrameNumber =3D GuestFrameNumber;
+  AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress);
+
+  AsmVmgExit ();
+
+  Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+
+  //
+  // If hypervisor responded with a different GPA than requested then fail=
.
+  //
+  if ((Msr.GhcbGpaRegister.Function !=3D GHCB_INFO_GHCB_GPA_REGISTER_RESPO=
NSE) ||
+      (Msr.GhcbGpaRegister.GuestFrameNumber !=3D GuestFrameNumber)) {
+    SevEsProtocolFailure (GHCB_TERMINATE_GHCB_GENERAL);
+  }
+}
+
+/**
+ Verify that Hypervisor supports the SNP feature.
+
+ */
+STATIC
+BOOLEAN
+HypervisorSnpFeatureCheck (
+  VOID
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+
+  //
+  // Use the GHCB MSR Protocol to query the hypervisor capabilities
+  //
+  Msr.GhcbPhysicalAddress =3D 0;
+  Msr.GhcbHypervisorFeatures.Function =3D GHCB_HYPERVISOR_FEATURES_REQUEST=
;
+  AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress);
+
+  AsmVmgExit ();
+
+  Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+
+  if ((Msr.GhcbHypervisorFeatures.Function !=3D GHCB_HYPERVISOR_FEATURES_R=
ESPONSE) ||
+      (!(Msr.GhcbHypervisorFeatures.Features & GHCB_HV_FEATURES_SNP))) {
+    return FALSE;
+  }
+
+  return TRUE;
+}
+
 /**
   Validate the SEV-ES/GHCB protocol level.
=20
@@ -88,6 +185,27 @@ SevEsProtocolCheck (
     SevEsProtocolFailure (GHCB_TERMINATE_GHCB_PROTOCOL);
   }
=20
+  //
+  // We cannot use the MemEncryptSevSnpIsEnabled () because the
+  // ProcessLibraryConstructorList () is not called yet.
+  //
+  if (SevSnpIsEnabled ()) {
+    //
+    // Check if hypervisor supports the SNP feature
+    //
+    if (!HypervisorSnpFeatureCheck ()) {
+      SevEsProtocolFailure (GHCB_TERMINATE_GHCB_PROTOCOL);
+    }
+
+    //
+    // Unlike the SEV-ES guest, the SNP requires that GHCB GPA must be
+    // registered with the Hypervisor before the use. This can be done
+    // using the new VMGEXIT defined in the GHCB v2. Register the GPA
+    // before it is used.
+    //
+    SevSnpGhcbRegister (FixedPcdGet32 (PcdOvmfSecGhcbBase));
+  }
+
   //
   // SEV-ES protocol checking succeeded, set the initial GHCB address
   //
--=20
2.25.1