From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+110157+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 73599740034
	for <rebecca@openfw.io>; Fri, 27 Oct 2023 00:58:01 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=t3qYXs3xMmOOzehgC97d2BLzH/esnSYFdCZqmVNYJUc=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1698368280; v=1;
 b=AJXLwi0xc+RDzmdIcVbcQk1E5EYrpql97hVxcsxkjvh/jh+mPsLIWmKiprRSASZl0EElwEvZ
 BYbLzJPQh+WOljladQW6dio9oKJWcUNwxqDPlx81WIhJ3cBI0VX4LdlG8/KsfyNxyzxrvAuzqTZ
 yQeXhNRQYbvhSOAhPXlhD94E=
X-Received: by 127.0.0.2 with SMTP id 3TveYY7687511xZE5n6rATn4; Thu, 26 Oct 2023 17:58:00 -0700
X-Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.93])
 by mx.groups.io with SMTP id smtpd.web10.216613.1698368278783575507
 for <devel@edk2.groups.io>;
 Thu, 26 Oct 2023 17:57:59 -0700
X-IronPort-AV: E=McAfee;i="6600,9927,10875"; a="384890072"
X-IronPort-AV: E=Sophos;i="6.03,255,1694761200"; 
   d="scan'208";a="384890072"
X-Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Oct 2023 17:57:58 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10875"; a="1006585834"
X-IronPort-AV: E=Sophos;i="6.03,255,1694761200"; 
   d="scan'208";a="1006585834"
X-Received: from cepingsx-mobl1.ccr.corp.intel.com ([10.239.49.140])
  by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Oct 2023 17:57:55 -0700
From: "sunceping" <cepingx.sun@intel.com>
To: devel@edk2.groups.io
Cc: sunceping <cepingx.sun@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Min Xu <min.m.xu@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Michael Roth <michael.roth@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH V1 0/2] OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA
Date: Fri, 27 Oct 2023 08:57:36 +0800
Message-Id: <20231027005738.371-1-cepingx.sun@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,cepingx.sun@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: TFZlCEj0n1SvIwf29Ho2HpNax7686176AA=
Content-Transfer-Encoding: 8bit
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=AJXLwi0x;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572

According to section 3.2 of the [GHCI] documentation, if the result is
"TDG.VP.VMCALL_RETRY" for TDG.VP.VMCALL, TD must retry the mapping for
the pages in the region starting at the GPA specified in r11.

Currently, TDVF does not properly handle the retry results of MapGPA.
For this, TDVF should add the API to return the value in R11 and must 
retry the mapping for the pages by the value.

How to verify the retry for MapGPA in TDVF:
Note: Since the range size of MapGPA in QEMU is limited to 64MB and 
TDVF always maps 1.5GB( 2GB~3.5GB) MMIO to shared-memory for TD guest, 
the retry action is triggered always.
Pre-Config:
QEMU:
https://github.com/intel/qemu-tdx/tree/tdx-qemu-upstream | tag: tdx-qemu-upstream-2023.10.20-v8.1.0
KERNEL:
https://github.com/intel/tdx/tree/kvm-upstream-2023.10.16-v6.6-rc2

Step:
Boot with TD guest and check the log with TdVmcall(MAPGPA). Would See the line as below:
TdxDxe:SetMemorySharedOrPrivate: Cr3Base=0x0 Physical=0x80000000 Length=0x60000000 Mode=Shared
SetOrClearSharedBit: TdVmcall(MAPGPA) Retry PhysicalAddress is 8000080000000, MapGpaRetryaddr is 8000084000000

Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.0
https://cdrdv2.intel.com/v1/dl/getContent/726790

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>

Ceping Sun (2):
  OvmfPkg/BaseMemEncryptTdxLib: Add TdVmCallMapGPA
  OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA

 .../BaseMemEncryptTdxLib.inf                  |   1 +
 .../BaseMemEncryptTdxLib/MemoryEncryption.c   |  55 +++++++-
 .../X64/TdVmCallMapGPA.nasm                   | 130 ++++++++++++++++++
 3 files changed, 185 insertions(+), 1 deletion(-)
 create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/X64/TdVmCallMapGPA.nasm

-- 
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110157): https://edk2.groups.io/g/devel/message/110157
Mute This Topic: https://groups.io/mt/102212634/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-