From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com [209.85.214.202]) by mx.groups.io with SMTP id smtpd.web12.236.1667925984112895730 for ; Tue, 08 Nov 2022 08:46:24 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=LZtVijJi; spf=pass (domain: flex--dionnaglaze.bounces.google.com, ip: 209.85.214.202, mailfrom: 334dqywskbbointssflqf4jlttlqj.htrij0jqjip7.lwtzux.nt@flex--dionnaglaze.bounces.google.com) Received: by mail-pl1-f202.google.com with SMTP id c1-20020a170902d48100b0018723580343so11621937plg.15 for ; Tue, 08 Nov 2022 08:46:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=Yb0Id9tFbO9mT6dJFR88F1Z7x48wPJVaUrwt3S8WsD4=; b=LZtVijJiytZnuA0rwHxFU7wdzo7zlza611Lm8hfdgkZhw/2OHHg/IIH7SAVXjeuyJT Jf7ZDWugCw3+NWW6Sdx/8epvbCR9hylAF/yDwWlSrpWUk2QTnlkFHLBK2gVW+fkTg6k4 +kB9p1pVPUditJk6JdDec0hXz2zYCJ4ZlP+ldDkUssMPtYskP2irJJ6TGens4ckKbVBr JNa454jdhkINhN+v3kHI4+RLQuSPc6rB3jJeRp2LUzFI/Sh79xJOAyVhIgsraJkAqC2s tyFauVUAAzDS2CH8NesIyUtHp2S1SiDVnmryYxPqDWUbZ+3XYXlBpsCdTDmyIsv3qaHn Kg1w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=Yb0Id9tFbO9mT6dJFR88F1Z7x48wPJVaUrwt3S8WsD4=; b=f5K700tiWcgz5wtlVSlEBfmvTlBsN4BKDydz/veABmQl9b8vzcNGKT9vepOXDPHVYU jQdAu8q7ghPiIJLKyvheyvzTIKv0Pb4mKixT+mPB3WES6/azXnXek+HSg5zX+BXZgcVt bBicIL5n+Tsx1nO6EEUgQbciBdiTdyCpA79QFci4Rojccl37ppvZxBvvEVtguRefT8l8 S0V8CLCTO75gRX3GxkFO9F62SQYQKHqzBdx1R1oRlEBSgunBWfiU7Vf084JbDZ90P3Oq B4iSPMfNBhtV1MUPzTWdM9/Hb8rryw9+O/VB+kQ4ginkmYOQUFHfF3B9r2cYLUUQnwIe +ZUQ== X-Gm-Message-State: ACrzQf0ve9o8rz4apa4MbOpBmtSU3nIfyhTkhp++lsLgzVp/j9E62PV9 ee2wb59r3IFZZ3yfVFqyf7SatxhnfH33mKYq7gT7nRtPWINQ9MCIiEClqdoUU3hj0IJWTKFRawK LVY894x7ErEMmXPIB6tso4V5dbvw4lT7ucs89h5qM9yXeB7M/YiOX646GTj/A2O2vkEjDgt9f X-Google-Smtp-Source: AMsMyM74v0E+UmCvInXvCKYP6c0ZnBzAgd43F1PMaI3J7UMnfMndnWpmswFUT5kaC5+cm1emSl5hV8p3Yi8Cp0jkGg== X-Received: from dionnaglaze.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:2ee6]) (user=dionnaglaze job=sendgmr) by 2002:a05:6a00:248e:b0:56e:ad31:b976 with SMTP id c14-20020a056a00248e00b0056ead31b976mr21435182pfv.51.1667925983325; Tue, 08 Nov 2022 08:46:23 -0800 (PST) Date: Tue, 8 Nov 2022 16:46:14 +0000 In-Reply-To: <20221108164616.3251967-1-dionnaglaze@google.com> Mime-Version: 1.0 References: <20221108164616.3251967-1-dionnaglaze@google.com> X-Mailer: git-send-email 2.38.1.431.g37b22c650d-goog Message-ID: <20221108164616.3251967-2-dionnaglaze@google.com> Subject: [PATCH 1/3] OvmfPkg: Realize EfiMemoryAcceptProtocol in AmdSevDxe From: "Dionna Glaze" To: devel@edk2.groups.io Cc: Dionna Glaze , Gerd Hoffmann , James Bottomley , Jiewen Yao , Tom Lendacky Content-Type: text/plain; charset="UTF-8" From: Sophia Wolf When a guest OS does not support unaccepted memory, the unaccepted memory must be accepted before returning a memory map to the caller. EfiMemoryAcceptProtocol is defined in MdePkg and is implemented / Installed in AmdSevDxe for AMD SEV-SNP memory acceptance. Cc: Gerd Hoffmann Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Reviewed-by: Tom Lendacky Signed-off-by: Dionna Glaze --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 55 ++++++++++++++++++-- OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 3 ++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 24 +++++++-- 3 files changed, 74 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 662d3c4ccb..f7600c3c81 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -20,6 +20,7 @@ #include #include #include +#include STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { SIGNATURE_32 ('A', 'M', 'D', 'E'), @@ -31,6 +32,40 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { FixedPcdGet32 (PcdOvmfCpuidSize), }; +STATIC EFI_HANDLE mAmdSevDxeHandle = NULL; + +#define IS_ALIGNED(x, y) ((((x) & ((y) - 1)) == 0)) + +STATIC +EFI_STATUS +EFIAPI +AmdSevMemoryAccept ( + IN EDKII_MEMORY_ACCEPT_PROTOCOL *This, + IN EFI_PHYSICAL_ADDRESS StartAddress, + IN UINTN Size + ) +{ + // + // The StartAddress must be page-aligned, and the Size must be a positive + // multiple of SIZE_4KB. Use an assert instead of returning an erros since + // this is an EDK2-internal protocol. + // + ASSERT (IS_ALIGNED (StartAddress, SIZE_4KB)); + ASSERT (IS_ALIGNED (Size, SIZE_4KB)); + ASSERT (Size != 0); + + MemEncryptSevSnpPreValidateSystemRam ( + StartAddress, + EFI_SIZE_TO_PAGES (Size) + ); + + return EFI_SUCCESS; +} + +STATIC EDKII_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol = { + AmdSevMemoryAccept +}; + EFI_STATUS EFIAPI AmdSevDxeEntryPoint ( @@ -147,11 +182,23 @@ AmdSevDxeEntryPoint ( } } - // - // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB. - // It contains the location for both the Secrets and CPUID page. - // if (MemEncryptSevSnpIsEnabled ()) { + // + // Memory acceptance began being required in SEV-SNP, so install the + // memory accept protocol implementation for a SEV-SNP active guest. + // + Status = gBS->InstallProtocolInterface ( + &mAmdSevDxeHandle, + &gEdkiiMemoryAcceptProtocolGuid, + EFI_NATIVE_INTERFACE, + &mMemoryAcceptProtocol + ); + ASSERT_EFI_ERROR (Status); + + // + // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB. + // It contains the location for both the Secrets and CPUID page. + // return gBS->InstallConfigurationTable ( &gConfidentialComputingSevSnpBlobGuid, &mSnpBootDxeTable diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf index 9acf860cf2..cd1b686c53 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf @@ -47,6 +47,9 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize +[Protocols] + gEdkiiMemoryAcceptProtocolGuid + [Guids] gConfidentialComputingSevSnpBlobGuid diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c index d3a95e4913..cbcdd46f52 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c @@ -14,6 +14,7 @@ #include #include "SnpPageStateChange.h" +#include "VirtualMemory.h" /** Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. @@ -29,12 +30,27 @@ MemEncryptSevSnpPreValidateSystemRam ( IN UINTN NumPages ) { + EFI_STATUS Status; + if (!MemEncryptSevSnpIsEnabled ()) { return; } - // - // All the pre-validation must be completed in the PEI phase. - // - ASSERT (FALSE); + // DXE pre-validation may happen with the memory accept protocol. + // The protocol should only be called outside the prevalidated ranges + // that the PEI stage code explicitly skips. Specifically, only memory + // ranges that are classified as unaccepted. + if (BaseAddress >= SIZE_4GB) { + Status = InternalMemEncryptSevCreateIdentityMap1G ( + 0, + BaseAddress, + EFI_PAGES_TO_SIZE (NumPages) + ); + if (EFI_ERROR (Status)) { + ASSERT (FALSE); + CpuDeadLoop (); + } + } + + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); } -- 2.38.1.431.g37b22c650d-goog