From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1])
 by mx.groups.io with SMTP id smtpd.web12.171.1648493143090242479
 for <devel@edk2.groups.io>;
 Mon, 28 Mar 2022 11:45:43 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@ibm.com header.s=pp1 header.b=pbOf4k5g;
 spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com)
Received: from pps.filterd (m0098394.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 22SHiRkj010118;
	Mon, 28 Mar 2022 18:45:41 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject
 : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding; s=pp1;
 bh=GD0hLtVZjKKpYubQhlnE1Nar6q6u4AbdGpreZ/vRJeA=;
 b=pbOf4k5glc+ideGAWcTNGxvvTkMHjbQl6gUZ2xuS44nH4CIP19ELrJgGETTM82wawL5n
 0J4n89hAj2Bf5wu56qPz68DmwZz5TXBmNxYHhNsaR5jA93+dShuwQYN50cc3DlGJ52np
 WxwyhHUyZmTT4xs2SvHl89Q5z3CxeSN3CmNoRpfq1AHtS4E8yDqpamoPZASxxf5+Qech
 I/s/seKqDz6KiLXtqAnI7KEcQndV0xx1De/A4U5unetzm9eXQ7hWLlhc8GCLHJiUTdSh
 7Le3Ha6TZTM3xpFL8gAX8raSifdRRiBEruQmDzbi9z+PyI2G7p7oWfQMEuaMNDEFIFct mQ== 
Received: from pps.reinject (localhost [127.0.0.1])
	by mx0a-001b2d01.pphosted.com with ESMTP id 3f3g63baen-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 28 Mar 2022 18:45:41 +0000
Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1])
	by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 22SIfSwR012975;
	Mon, 28 Mar 2022 18:45:40 GMT
Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170])
	by mx0a-001b2d01.pphosted.com with ESMTP id 3f3g63bae8-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 28 Mar 2022 18:45:40 +0000
Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1])
	by ppma02wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 22SIhP7J002260;
	Mon, 28 Mar 2022 18:45:39 GMT
Received: from b03cxnp07028.gho.boulder.ibm.com (b03cxnp07028.gho.boulder.ibm.com [9.17.130.15])
	by ppma02wdc.us.ibm.com with ESMTP id 3f1tf9769c-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Mon, 28 Mar 2022 18:45:39 +0000
Received: from b03ledav003.gho.boulder.ibm.com (b03ledav003.gho.boulder.ibm.com [9.17.130.234])
	by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 22SIjcbh30212420
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Mon, 28 Mar 2022 18:45:38 GMT
Received: from b03ledav003.gho.boulder.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 284936A04F;
	Mon, 28 Mar 2022 18:45:38 +0000 (GMT)
Received: from b03ledav003.gho.boulder.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 48F4C6A058;
	Mon, 28 Mar 2022 18:45:37 +0000 (GMT)
Received: from amdmilan1.watson.ibm.com (unknown [9.2.130.16])
	by b03ledav003.gho.boulder.ibm.com (Postfix) with ESMTP;
	Mon, 28 Mar 2022 18:45:37 +0000 (GMT)
From: "Dov Murik" <dovmurik@linux.ibm.com>
To: devel@edk2.groups.io
Cc: Dov Murik <dovmurik@linux.ibm.com>,
        Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Jiewen Yao <jiewen.yao@intel.com>,
        Jordan Justen <jordan.l.justen@intel.com>,
        Gerd Hoffmann <kraxel@redhat.com>,
        Brijesh Singh <brijesh.singh@amd.com>,
        Erdem Aktas <erdemaktas@google.com>,
        James Bottomley <jejb@linux.ibm.com>, Min Xu <min.m.xu@intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Subject: [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation
Date: Mon, 28 Mar 2022 18:45:30 +0000
Message-Id: <20220328184530.86797-3-dovmurik@linux.ibm.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20220328184530.86797-1-dovmurik@linux.ibm.com>
References: <20220328184530.86797-1-dovmurik@linux.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-ORIG-GUID: RGco7SYEswTCHn6g_ZQwn6MSqc7-DFTN
X-Proofpoint-GUID: LRRBfIUJvXVdc6jUIli8dFxmLousYIom
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.850,Hydra:6.0.425,FMLib:17.11.64.514
 definitions=2022-03-28_08,2022-03-28_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 suspectscore=0
 malwarescore=0 bulkscore=0 priorityscore=1501 phishscore=0 mlxlogscore=893
 adultscore=0 impostorscore=0 spamscore=0 lowpriorityscore=0 mlxscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000
 definitions=main-2203280100
Content-Transfer-Encoding: 8bit

In order to allow the VMM (such as QEMU) to add a page with hashes of
kernel/initrd/cmdline for measured direct boot on SNP, this page must
not be part of the SNP metadata list reported to the VMM.

Check if that page is defined; if it is, skip it in the metadata list.
In such case, VMM should fill the page with the hashes content, or
explicitly update it as a zero page (if kernel hashes are not used).

Note that for SNP, the launch secret part of the page (lower 3KB) are
not relevant and will stay zero.  The last 1KB is used for the hashes.

This should have no effect on OvmfPkgX64 targets (which don't define
PcdSevLaunchSecretBase).

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
---
 OvmfPkg/ResetVector/ResetVector.nasmb | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 9421f4818907..ac4c7e763b82 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -121,7 +121,20 @@
   ;
   %define SNP_SEC_MEM_BASE_DESC_2 (GHCB_BASE + 0x1000)
   %define SNP_SEC_MEM_SIZE_DESC_2 (SEV_SNP_SECRETS_BASE - SNP_SEC_MEM_BASE_DESC_2)
-  %define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE + CPUID_SIZE)
+
+  %if (FixedPcdGet32 (PcdSevLaunchSecretBase) > 0)
+    ; There's a reserved page for SEV secrets and hashes; the VMM will fill and
+    ; validate the page, or mark it as a zero page.
+    %define EXPECTED_END_OF_LAUNCH_SECRET_PAGE (FixedPcdGet32 (PcdSevLaunchSecretBase) + \
+                                                FixedPcdGet32 (PcdSevLaunchSecretSize) + \
+                                                FixedPcdGet32 (PcdQemuHashTableSize))
+    %if (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) != EXPECTED_END_OF_LAUNCH_SECRET_PAGE)
+      %error "PcdOvmfSecPeiTempRamBase must start directly after the SEV Launch Secret page"
+    %endif
+    %define SNP_SEC_MEM_BASE_DESC_3 (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase))
+  %else
+    %define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE + CPUID_SIZE)
+  %endif
   %define SNP_SEC_MEM_SIZE_DESC_3 (FixedPcdGet32 (PcdOvmfPeiMemFvBase) - SNP_SEC_MEM_BASE_DESC_3)
 
 %include "X64/IntelTdxMetadata.asm"
-- 
2.20.1