From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.73]) by mx.groups.io with SMTP id smtpd.web11.91240.1682454846056783578 for ; Tue, 25 Apr 2023 13:34:06 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=hrQQyssi; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.73, mailfrom: michael.roth@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aui5WvcCUdKKfCnbMq/eMrJDa2Sw90i6tZ16XhPSCDsfyq77WIDiNXeWP806DgETr7lucnLvDYQBCo+ikVnck+UQvcsbdYQ1mDfbnWZMMTkCC1uhCmrJV/w4s9VhlWH82Jm7B6ktXPRK6mDQYKxy+CrdtAHxgM5cSqjsPwkoIf99SxWEiB+uPbQY2NMMMWElyzJPdh8/jQAmHt+V4j3HTFjQ5De9gGp7kpkXa94EX1JGIdDFmxP0W1v5ciBNeAMg/CPPuvv7Dfa0WvU0dvTfgPkozg4xEcEpAV40rSNlNkhSR5ovGkzlkB3Z5Wej6Nz7i7wdwOC+7VOybN23f6bhRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IeAx2Sp5KSXcSZYMb57SbqjHMQoX4Z7BgdD0bohHQKM=; b=CuFlNLlvycSexBnS6aiEkTmvqXhHYXlMxU0FN3fbFErdTQ0PBS7WK/n/QPSzHl6lHDpQXk26ZChELzw3ECxELgIHHItq5qzjuEI3u2Pe8r4U+qVLnaWnimS6aKMcwDdtNTLxLl8znLayF2ZifmeGgErltc0S1LUmTdLqadtstaq7JhGS1A6l01gRg/i28ep0z6+oisIvLJz9Baoy41Wu+72T4LIwr2T64Aee2hXMe58IzrZeuD89lxeCGojzjYlBOudcQ2rdKg7kZ32d8AZhwT8MXgzvKq12K1wp4Adi1CvZdGtfTIA16/gBjHoLQWYnQmGYhYIy1L/usYvSwu7CRQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IeAx2Sp5KSXcSZYMb57SbqjHMQoX4Z7BgdD0bohHQKM=; b=hrQQyssi/ICCQJl9g7mcFeI2/RlbRbuSJRm8ihYg91w19uImfwWycF6XaWVoJc40VjZtPDG/FlLeeiW+zjlO/NpzmNJ4mlleVJgXCTEiAYA6fe0KIlSg+Y7KEx6XxX9CHdqoUi0nObyKiwkLLE7uEMBz6BhwRUJyTVPYkZmzH9c= Received: from BN7PR06CA0060.namprd06.prod.outlook.com (2603:10b6:408:34::37) by MN2PR12MB4253.namprd12.prod.outlook.com (2603:10b6:208:1de::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 20:34:03 +0000 Received: from BN8NAM11FT063.eop-nam11.prod.protection.outlook.com (2603:10b6:408:34:cafe::f7) by BN7PR06CA0060.outlook.office365.com (2603:10b6:408:34::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 20:34:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT063.mail.protection.outlook.com (10.13.177.110) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 20:34:03 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Tue, 25 Apr 2023 15:34:02 -0500 From: "Roth, Michael" To: CC: Ard Biesheuvel , Tom Lendacky , Jiewen Yao , , Gerd Hoffmann , Erdem Aktas , James Bottomley , Min Xu , Dov Murik Subject: [PATCH v2 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory Date: Tue, 25 Apr 2023 15:32:55 -0500 Message-ID: <20230425203258.255583-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230425203258.255583-1-michael.roth@amd.com> References: <20230425203258.255583-1-michael.roth@amd.com> MIME-Version: 1.0 Return-Path: Michael.Roth@amd.com X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT063:EE_|MN2PR12MB4253:EE_ X-MS-Office365-Filtering-Correlation-Id: eae2fcd0-da69-429d-b925-08db45cc68cd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LbQl77d3m2DmFuAKpnT9pwpFIAb3Q1QuXkZNkxWgOWwd0DLYCdj9AyYMUEtaJezGHvgoIJkzLhNwr57mktKUjwNKIXOUZG/T3JP0td6QY3lpWV8fCEj3cON+a62b1ws63ApzDSPN4yJSwe7JNU2l3lGedJ/QuQ2cl4wUKNsVUWGM4DO2gk055RHpmd4UGs1Zq4/LdCZfl3XWhr26l9ZuxZCQDjZX5/CiacUBf0qQrmeNGvXZvyGN6UivkqXAcV5cJjJ147hZVpK6xKgsAQG19kbr4/bWa5Nz0uDIpaoOJNyXYaKQg3wfbxAwesW50MYO09bCYqEWCr24dk1Gt+Wg4cCpu9maQYxYCBKD3a03mX6gMP/n+VpnOFinWZuHVb7Zur28dPfkpClaMq0BG56bZmtvTcKin+CfLGy95YEGs0C7dUnvYigIV45OkzdERnT+FbW8aYoRg+BRvqkTsKbEN3CsJolTY+La8a1SvyQ2rQZrYF8BkAgV9h4gw4R1HnQy66/cQ7ziWHAgz5ifa1s2slVYeFHltW0Wbkssvar89tdcrJdFol+90QKb2/WGd1Zkb0Mx7MBIOJV0kg6lvkplVJBBMOwydlOr4TiYPCRinsY4pFLWYKCvsfmAUkY2HQebDZImQOK2GJ41ijo46CML57IXykv4/Byvyy4zS7u4bv8TD2OYe3OeS18IPjYWfAJNj//L1WGNhXJ3fXFDgPxzUWORfA18tOO9qy6O/K00lwL+DYLn9nn/ztv8V3gC90HkVdkL6ZvTZiOmWe7UYTiWRQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230028)(4636009)(346002)(376002)(39860400002)(396003)(136003)(451199021)(46966006)(36840700001)(40470700004)(8676002)(54906003)(44832011)(8936002)(70206006)(81166007)(6916009)(478600001)(86362001)(70586007)(82310400005)(41300700001)(2906002)(316002)(4326008)(6666004)(5660300002)(26005)(1076003)(186003)(47076005)(82740400003)(356005)(40460700003)(16526019)(2616005)(336012)(40480700001)(426003)(83380400001)(36756003)(36860700001)(145603002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 20:34:03.6546 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: eae2fcd0-da69-429d-b925-08db45cc68cd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT063.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4253 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain The SEV-SNP Confidential Computing blob contains metadata that should remain accessible for the life of the guest. Allocate it as EfiACPIReclaimMemory to ensure the memory isn't overwritten by the guest operating system later. Reported-by: Dov Murik Suggested-by: Dov Murik Reviewed-by: Dov Murik Reviewed-by: Tom Lendacky Acked-by: Gerd Hoffmann Signed-off-by: Michael Roth --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 62 +++++++++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 14 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 05b728d32a..df807066fa 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -28,15 +28,36 @@ // Present, initialized, tested bits defined in MdeModulePkg/Core/Dxe/DxeM= ain.h=0D #define EFI_MEMORY_INTERNAL_MASK 0x0700000000000000ULL=0D =0D -STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable =3D {=0D - SIGNATURE_32 ('A', 'M', 'D', 'E'),=0D - 1,=0D - 0,=0D - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase),=0D - FixedPcdGet32 (PcdOvmfSnpSecretsSize),=0D - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase),=0D - FixedPcdGet32 (PcdOvmfCpuidSize),=0D -};=0D +STATIC=0D +EFI_STATUS=0D +AllocateConfidentialComputingBlob (=0D + OUT CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION **CcBlobPtr=0D + )=0D +{=0D + EFI_STATUS Status;=0D + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *CcBlob;=0D +=0D + Status =3D gBS->AllocatePool (=0D + EfiACPIReclaimMemory,=0D + sizeof (CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION),=0D + (VOID **)&CcBlob=0D + );=0D + if (EFI_ERROR (Status)) {=0D + return Status;=0D + }=0D +=0D + CcBlob->Header =3D SIGNATURE_32 ('A', 'M', 'D', 'E');=0D + CcBlob->Version =3D 1;=0D + CcBlob->Reserved1 =3D 0;=0D + CcBlob->SecretsPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= SnpSecretsBase);=0D + CcBlob->SecretsSize =3D FixedPcdGet32 (PcdOvmfSnpSecretsSize)= ;=0D + CcBlob->CpuidPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= CpuidBase);=0D + CcBlob->CpuidLSize =3D FixedPcdGet32 (PcdOvmfCpuidSize);=0D +=0D + *CcBlobPtr =3D CcBlob;=0D +=0D + return EFI_SUCCESS;=0D +}=0D =0D STATIC EFI_HANDLE mAmdSevDxeHandle =3D NULL;=0D =0D @@ -175,10 +196,11 @@ AmdSevDxeEntryPoint ( IN EFI_SYSTEM_TABLE *SystemTable=0D )=0D {=0D - EFI_STATUS Status;=0D - EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;=0D - UINTN NumEntries;=0D - UINTN Index;=0D + EFI_STATUS Status;=0D + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;=0D + UINTN NumEntries;=0D + UINTN Index;=0D + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable;=0D =0D //=0D // Do nothing when SEV is not enabled=0D @@ -284,6 +306,18 @@ AmdSevDxeEntryPoint ( }=0D }=0D =0D + Status =3D AllocateConfidentialComputingBlob (&SnpBootDxeTable);=0D + if (EFI_ERROR (Status)) {=0D + DEBUG ((=0D + DEBUG_ERROR,=0D + "%a: AllocateConfidentialComputingBlob(): %r\n",=0D + __func__,=0D + Status=0D + ));=0D + ASSERT (FALSE);=0D + CpuDeadLoop ();=0D + }=0D +=0D if (MemEncryptSevSnpIsEnabled ()) {=0D //=0D // Memory acceptance began being required in SEV-SNP, so install the=0D @@ -321,7 +355,7 @@ AmdSevDxeEntryPoint ( //=0D return gBS->InstallConfigurationTable (=0D &gConfidentialComputingSevSnpBlobGuid,=0D - &mSnpBootDxeTable=0D + SnpBootDxeTable=0D );=0D }=0D =0D --=20 2.25.1