From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.79]) by mx.groups.io with SMTP id smtpd.web08.257.1653060500468120964 for ; Fri, 20 May 2022 08:28:20 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=4NYqO7ZP; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.79, mailfrom: michael.roth@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jO/zlfGlnTtFphxy6fzweOfYlr/93B7YLxp3fHfkdAEc15kxtSkM0Ke4vwt9W5MU6xgMarYc6nfTpGLA6cRQY1BW2IN2Owo4qP6QQt9IO2g/5ylYEFFiRxzGE9ARtnzPemqEKVQXi6vGTRcJQIH+OKYI74tXYLnH3cYM9ELLfH97H8MOIDikWBmMONdswaGXWRS/KhjCaUCumkuM/TObfVKAOqHfRgnP9kxe257O9BYkqCN0kW82UMqE17URmBCcOjIcbiSscShKPkkYTZQVlxQ1ogtvJy9n49sh8jb1mKtePHr5tp/eF/pC/7KnIYPyCfaFo/Ga2+2KRriYZfDiWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FqBV1e3tq+VyHge0kE/hwHAafbzZWf39KT4XD9KYky8=; b=fRY7JxNG45izNxuU9GLLZimcHInLlQBcY3E7w1c4jDBgYsdzoWNWr3CfsUvkTMBiQMLWDMIw2c7j+BG747cX5Ue8aFqpjxYe7E7uhjz+2+ReKO+CBwTwWdBts+kGSAaIuTLd9VKf3IUEgg5Lc2+8RUW2fpWp9fW6rANOU/P0oPOkDL5MjWZMRAcRMW2B5Yl5bQ+kGIcOkqltn0/xvPfeYh2kz+MfLfqBZP/mJS4SNLKeFX78E8rqkwgwCpR7Rx7l6Zv4+blt1Zf1oCk5z34F2tWbw8MeLkePLb0W7dKBpNxjcJYw69+opRUn1+qpuuqEgDAzWaj+q01QbUS1Zj5LCQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FqBV1e3tq+VyHge0kE/hwHAafbzZWf39KT4XD9KYky8=; b=4NYqO7ZP2W4B20PtcIG+1ovKV5Z0uVhr68OQGhQ8c33qeyD+RZEVgQPvBI01dEggfmRVo/7MwRAMmppP5a1Jy+bOqSFU1K2W7gsHr9j3u5wgX86ovZ4QsrVfDLLC8Rkoutns+GuvjI1WUsW+kOUFr76BDYNymPysNU17WBx/RKg= Received: from DM5PR18CA0083.namprd18.prod.outlook.com (2603:10b6:3:3::21) by MN0PR12MB5906.namprd12.prod.outlook.com (2603:10b6:208:37a::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.15; Fri, 20 May 2022 15:28:18 +0000 Received: from DM6NAM11FT045.eop-nam11.prod.protection.outlook.com (2603:10b6:3:3:cafe::88) by DM5PR18CA0083.outlook.office365.com (2603:10b6:3:3::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.17 via Frontend Transport; Fri, 20 May 2022 15:28:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT045.mail.protection.outlook.com (10.13.173.123) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5273.14 via Frontend Transport; Fri, 20 May 2022 15:28:18 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 20 May 2022 10:28:17 -0500 From: Michael Roth To: CC: Tom Lendacky , "Ni, Ray" Subject: [PATCH v3 0/4] Fix AP Jump Table Handling for SEV-SNP Date: Fri, 20 May 2022 10:27:26 -0500 Message-ID: <20220520152730.7924-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Return-Path: Michael.Roth@amd.com X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 65c251a5-aaca-4cfa-3096-08da3a755d91 X-MS-TrafficTypeDiagnostic: MN0PR12MB5906:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Mjvbbv1D5EzIDojrU9JtftKmTse6PIKqYnQkS0A0DUW65U0qxLMi69983lXqeKBnX8oOKcYAvKBUsUDyik7IQqGYGfBrScwyspP6O6tEGBVHXJOckn7XfOLdwJcFVF7m+wR2mhYgfRtw3QCTeuueJzYJZ/EA3sJf+wgjX/zNjDFeUlgQjyGdsr/zd+VB5cXRmJKMNThdzBcMwAF8QAQZhq4aGh9R5roOUK/EmbXvlAM1P6VD8XnMAgCJ6y9E9tPe2SDR5CJQD46aUudOD/6GmY2q1QISCsawo9ohTFT16P1Vhb0xHYUAlifTQscpMUerV2K+5vPWNnfzYMnV3unYqzaSmMHyzuA8HKQRIq9Pd/ydaze0l7qPXDj8L2YabmyDob87K7FBnYAu8i2V9mESjGfnlZTssIk1FPw8epSApfvcShoiiqiGWSBMQigMkbdF+zZ116oL+WAvCCY+A7gM3DEZJS1y2Q6NOK1q4zwPyfec+kF2rlZFOwesv8/WQ80k1cA+rm/gTTmfdDinyB2DyyYYAo9x672JCxToWwdGTE/AHIkDB5ZFMLpEW11xvLBnCOcD4QTqS16wiRJfZ+8N8Fw8cG6DCD1zzstcdLzYt1Ru70HVY2ymyo8/ln0VJG6v/amSaTuaCDbCa7+s8IpgXAmIrck9sL1HwmG2IEWU2zPBBb+IIYjqrR9JC00LPqJwXsxm39bEiYL1G0zHMKEQxQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(36840700001)(46966006)(40470700004)(6666004)(70586007)(4326008)(70206006)(8676002)(40460700003)(5660300002)(81166007)(54906003)(6916009)(19627235002)(82310400005)(316002)(44832011)(2906002)(26005)(356005)(508600001)(36860700001)(86362001)(16526019)(186003)(36756003)(336012)(8936002)(47076005)(426003)(83380400001)(1076003)(2616005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 May 2022 15:28:18.0789 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 65c251a5-aaca-4cfa-3096-08da3a755d91 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT045.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB5906 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain A full-featured SEV-SNP guest will not rely on the AP jump table, and will instead use the AP Creation interface defined by the GHCB. However, a guest is still allowed to use the AP jump table if desired. However, unlike with SEV-ES guests, SEV-SNP guests should not store/retrieve the jump table address via GHCB requests to the hypervisor, they should instead store/retrieve it via the SEV-SNP secrets page. This series implements the store side of this for OVMF by introducing a PCD that can be used to pass the SEV-SNP secrets page address to UefiCpuPkg, where the jump table address is allocated. It also introduces a struct that defines the SEV-SNP secrets page format according to the GHCB v2.01 and SEV-SNP FW ABI specifications. v3: - Break up single patch into a set of patches containing the specific changes for each package. (Ray) v2: - Update Secrets OS area to match latest GHCB 2.01 spec (Tom) - Move Secrets header file into ./Register/AMD subdirectory (Tom) - Fix CI EccCheck due to assignment in variable declaration MdePkg/Include/Register/Amd/SnpSecretsPage.h | 56 +++++++++++++++++++++++= +++++++++++++++++++++++++++++++++ MdePkg/MdePkg.dec | 4 ++++ OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++ OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +++ OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++ OvmfPkg/OvmfPkgIa32.dsc | 3 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ OvmfPkg/OvmfPkgX64.dsc | 3 +++ OvmfPkg/PlatformPei/AmdSev.c | 5 +++++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 10 ++++++++++ 13 files changed, 98 insertions(+)