From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga09.intel.com (mga09.intel.com [134.134.136.24])
 by mx.groups.io with SMTP id smtpd.web10.6507.1687843456505164051
 for <devel@edk2.groups.io>;
 Mon, 26 Jun 2023 22:24:20 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=TDgRDpCh;
 spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: dun.tan@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1687843460; x=1719379460;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=q4MyWUGGkRoiH6Ln1J+SYRzq5Ntqn7czSOLHm3hVYsg=;
  b=TDgRDpCh74qKYaIOV+b8fCne3d9te1vlwcTGn6EXz6plDDkhHpwI8P65
   LRtWEWxjyPbNKkiX/ynwwvX2q7KSyQ7jH319b0rBrh0u+GzD/IQqgspb3
   TFHCacm/1fUJ19iahTxKn/8RHE/55CuToCJcAqlmOJ7YAyZYp5UDOJniY
   EoAv6YGdJeDbWjJeC3f832Q2dLRGaO9SfTsT1lNwkBtrRgrMRgwZ4jDX8
   bAsjXIbnuIWj6jmRORGy3riWwJisXz0pIb0G/dx3rk1xVSVWyH0gzw+gX
   ujeIi+AJq6CZgDZ0BuVJ9yswOrDhYbiwKLVdV0ODpujwGWeQIv3RcT7+X
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10753"; a="364023949"
X-IronPort-AV: E=Sophos;i="6.01,161,1684825200"; 
   d="scan'208";a="364023949"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jun 2023 22:24:19 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10753"; a="963033415"
X-IronPort-AV: E=Sophos;i="6.01,161,1684825200"; 
   d="scan'208";a="963033415"
Received: from shwdeopenlab702.ccr.corp.intel.com ([10.239.55.158])
  by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jun 2023 22:24:17 -0700
From: "duntan" <dun.tan@intel.com>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Ray Ni <ray.ni@intel.com>
Subject: [Patch V7 01/14] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry
Date: Tue, 27 Jun 2023 13:23:40 +0800
Message-Id: <20230627052340.1663-2-dun.tan@intel.com>
X-Mailer: git-send-email 2.31.1.windows.1
In-Reply-To: <20230627052340.1663-1-dun.tan@intel.com>
References: <20230627052340.1663-1-dun.tan@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Remove code that apply AddressEncMask to non-leaf entry when split
smm page table by MemEncryptSevLib. In FvbServicesSmm driver, it
calls MemEncryptSevClearMmioPageEncMask to clear AddressEncMask
bit in page table for a specific range. In AMD SEV feature, this
AddressEncMask bit in page table is used to indicate if the memory
is guest private memory or shared memory. But all memory used by
page table are treated as encrypted regardless of encryption bit.
So remove the EncMask bit for smm non-leaf page table entry
doesn't impact AMD SEV feature.
If page split happens in the AddressEncMask bit clear process,
there will be some new non-leaf entries with AddressEncMask
applied in smm page table. When ReadyToLock, code in PiSmmCpuDxe
module will use CpuPageTableLib to modify smm page table. So
remove code to apply AddressEncMask for new non-leaf entries
since CpuPageTableLib doesn't consume the EncMask PCD.

Signed-off-by: Dun Tan <dun.tan@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
index cf2441b551..372fc03fde 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
@@ -233,7 +233,7 @@ Split2MPageTo4K (
   // Fill in 2M page entry.
   //
   *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 |
-                  IA32_PG_P | IA32_PG_RW | AddressEncMask);
+                  IA32_PG_P | IA32_PG_RW);
 }
 
 /**
@@ -352,7 +352,7 @@ SetPageTablePoolReadOnly (
         PhysicalAddress += LevelSize[Level - 1];
       }
 
-      PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |
+      PageTable[Index] = (UINT64)(UINTN)NewPageTable |
                          IA32_PG_P | IA32_PG_RW;
       PageTable = NewPageTable;
     }
@@ -440,7 +440,7 @@ Split1GPageTo2M (
   // Fill in 1G page entry.
   //
   *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry |
-                  IA32_PG_P | IA32_PG_RW | AddressEncMask);
+                  IA32_PG_P | IA32_PG_RW);
 
   PhysicalAddress2M = PhysicalAddress;
   for (IndexOfPageDirectoryEntries = 0;
@@ -616,7 +616,7 @@ InternalMemEncryptSevCreateIdentityMap1G (
       }
 
       SetMem (NewPageTable, EFI_PAGE_SIZE, 0);
-      PageMapLevel4Entry->Uint64          = (UINT64)(UINTN)NewPageTable | AddressEncMask;
+      PageMapLevel4Entry->Uint64          = (UINT64)(UINTN)NewPageTable;
       PageMapLevel4Entry->Bits.MustBeZero = 0;
       PageMapLevel4Entry->Bits.ReadWrite  = 1;
       PageMapLevel4Entry->Bits.Present    = 1;
-- 
2.31.1.windows.1