From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 6379CAC0D64 for ; Thu, 2 Nov 2023 09:10:57 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=9OSvWBFXL0NFf1IDtJmerPx2Pi1lOHC9nfZXRAKtfxk=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1698916256; v=1; b=Ebee/zbmZl99cmUrWyAGYhvAbfBN9iM8yTRvtlmhMwTWgNd7qrrR803s36E2d+eJ3kNQ5hrB JfuVuvGEKb8MGpmj2+VbdZrABxqPpDV5Yjs9/R+xiqtrySal5Rx8vuYRET4+zUq9xtFsGCVWVlN a14tOFPgYNpehDR4npOpbCew= X-Received: by 127.0.0.2 with SMTP id 9OYQYY7687511x2QHkwagGJT; Thu, 02 Nov 2023 02:10:56 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.10]) by mx.groups.io with SMTP id smtpd.web11.26484.1698916255628248759 for ; Thu, 02 Nov 2023 02:10:55 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10881"; a="1583257" X-IronPort-AV: E=Sophos;i="6.03,271,1694761200"; d="scan'208";a="1583257" X-Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orvoesa102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2023 02:10:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10881"; a="737695193" X-IronPort-AV: E=Sophos;i="6.03,271,1694761200"; d="scan'208";a="737695193" X-Received: from cepingsx-mobl1.ccr.corp.intel.com ([10.239.49.140]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2023 02:10:52 -0700 From: "sunceping" To: devel@edk2.groups.io Cc: Ceping Sun , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , Tom Lendacky , Michael Roth , Gerd Hoffmann Subject: [edk2-devel] [PATCH V2 2/2] OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA Date: Thu, 2 Nov 2023 17:09:57 +0800 Message-Id: <20231102090957.2076-3-cepingx.sun@intel.com> In-Reply-To: <20231102090957.2076-1-cepingx.sun@intel.com> References: <20231102090957.2076-1-cepingx.sun@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,cepingx.sun@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: DESiqAph9Qt88FKet19KfOKSx7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b="Ebee/zbm"; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io From: Ceping Sun REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572 According to section 3.2 of the [GHCI] document, if the return status of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the pages in the region starting at the GPA specified in R11. In this patch, when a retry state is detected, TDVF needs to retry the mapping with the specified address from the output results of TdVmCall. Reference: [GHCI]: TDX Guest-Host-Communication Interface v1.0 https://cdrdv2.intel.com/v1/dl/getContent/726790 Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Michael Roth Cc: Gerd Hoffmann Signed-off-by: Ceping Sun --- .../BaseMemEncryptTdxLib/MemoryEncryption.c | 43 ++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c index a01dc98852b8..b9de699a6489 100644 --- a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c +++ b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c @@ -38,6 +38,10 @@ typedef enum { STATIC PAGE_TABLE_POOL *mPageTablePool = NULL; +#define TDVMCALL_STATUS_RETRY 0x1 + +#define MAX_RETRIES_PER_PAGE 3 + /** Returns boolean to indicate whether to indicate which, if any, memory encryption is enabled @@ -527,6 +531,13 @@ SetOrClearSharedBit ( EFI_STATUS Status; EDKII_MEMORY_ACCEPT_PROTOCOL *MemoryAcceptProtocol; + UINT64 MapGpaRetryAddr; + UINT32 RetryCount; + UINT64 EndAddress; + + MapGpaRetryAddr = 0; + RetryCount = 0; + AddressEncMask = GetMemEncryptionAddressMask (); // @@ -540,7 +551,37 @@ SetOrClearSharedBit ( PhysicalAddress &= ~AddressEncMask; } - TdStatus = TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0, NULL); + EndAddress = PhysicalAddress + Length; + while (RetryCount < MAX_RETRIES_PER_PAGE) { + TdStatus = TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0, &MapGpaRetryAddr); + if (TdStatus != TDVMCALL_STATUS_RETRY) { + break; + } + + DEBUG ((DEBUG_VERBOSE, "%a: TdVmcall(MAPGPA) Retry PhysicalAddress is %llx, MapGpaRetryAddr is %llx\n", __func__, PhysicalAddress, MapGpaRetryAddr)); + + if ((MapGpaRetryAddr < PhysicalAddress) || (MapGpaRetryAddr >= EndAddress)) { + DEBUG (( + DEBUG_ERROR, + "%a: TdVmcall(MAPGPA) failed with MapGpaRetryAddr(%llx) less than PhysicalAddress(%llx) or more than or equal to EndAddress(%llx) \n", + __func__, + MapGpaRetryAddr, + PhysicalAddress, + EndAddress + )); + break; + } + + if (MapGpaRetryAddr == PhysicalAddress) { + RetryCount++; + continue; + } + + PhysicalAddress = MapGpaRetryAddr; + Length = EndAddress - PhysicalAddress; + RetryCount = 0; + } + if (TdStatus != 0) { DEBUG ((DEBUG_ERROR, "%a: TdVmcall(MAPGPA) failed with %llx\n", __func__, TdStatus)); ASSERT (FALSE); -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110507): https://edk2.groups.io/g/devel/message/110507 Mute This Topic: https://groups.io/mt/102337977/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-