From: "sunceping" <cepingx.sun@intel.com>
To: devel@edk2.groups.io
Cc: Ceping Sun <cepingx.sun@intel.com>,
Erdem Aktas <erdemaktas@google.com>,
James Bottomley <jejb@linux.ibm.com>,
Jiewen Yao <jiewen.yao@intel.com>, Min Xu <min.m.xu@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Michael Roth <michael.roth@amd.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH V3 2/2] OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA
Date: Wed, 8 Nov 2023 16:32:03 +0800 [thread overview]
Message-ID: <20231108083203.1417-3-cepingx.sun@intel.com> (raw)
In-Reply-To: <20231108083203.1417-1-cepingx.sun@intel.com>
From: Ceping Sun <cepingx.sun@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] document, if the return status
of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the
pages in the region starting at the GPA specified in R11.
In this patch, when a retry state is detected, TDVF needs to retry the
mapping with the specified address from the output results of TdVmCall.
Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.0
https://cdrdv2.intel.com/v1/dl/getContent/726790
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
---
MdePkg/Include/IndustryStandard/Tdx.h | 2 +
.../BaseMemEncryptTdxLib/MemoryEncryption.c | 41 ++++++++++++++++++-
2 files changed, 42 insertions(+), 1 deletion(-)
diff --git a/MdePkg/Include/IndustryStandard/Tdx.h b/MdePkg/Include/IndustryStandard/Tdx.h
index 81df1361842b..2662761883e5 100644
--- a/MdePkg/Include/IndustryStandard/Tdx.h
+++ b/MdePkg/Include/IndustryStandard/Tdx.h
@@ -103,6 +103,8 @@
#define TDVMCALL_REPORT_FATAL_ERR 0x10003
#define TDVMCALL_SETUP_EVENT_NOTIFY 0x10004
+#define TDVMCALL_STATUS_RETRY 0x1
+
#pragma pack(1)
typedef struct {
UINT64 Data[6];
diff --git a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
index a01dc98852b8..a71b1efbca7a 100644
--- a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
+++ b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
@@ -38,6 +38,8 @@ typedef enum {
STATIC PAGE_TABLE_POOL *mPageTablePool = NULL;
+#define MAX_RETRIES_PER_PAGE 3
+
/**
Returns boolean to indicate whether to indicate which, if any, memory encryption is enabled
@@ -527,6 +529,13 @@ SetOrClearSharedBit (
EFI_STATUS Status;
EDKII_MEMORY_ACCEPT_PROTOCOL *MemoryAcceptProtocol;
+ UINT64 MapGpaRetryAddr;
+ UINT32 RetryCount;
+ UINT64 EndAddress;
+
+ MapGpaRetryAddr = 0;
+ RetryCount = 0;
+
AddressEncMask = GetMemEncryptionAddressMask ();
//
@@ -540,7 +549,37 @@ SetOrClearSharedBit (
PhysicalAddress &= ~AddressEncMask;
}
- TdStatus = TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0, NULL);
+ EndAddress = PhysicalAddress + Length;
+ while (RetryCount < MAX_RETRIES_PER_PAGE) {
+ TdStatus = TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0, &MapGpaRetryAddr);
+ if (TdStatus != TDVMCALL_STATUS_RETRY) {
+ break;
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "%a: TdVmcall(MAPGPA) Retry PhysicalAddress is %llx, MapGpaRetryAddr is %llx\n", __func__, PhysicalAddress, MapGpaRetryAddr));
+
+ if ((MapGpaRetryAddr < PhysicalAddress) || (MapGpaRetryAddr >= EndAddress)) {
+ DEBUG ((
+ DEBUG_ERROR,
+ "%a: TdVmcall(MAPGPA) failed with MapGpaRetryAddr(%llx) less than PhysicalAddress(%llx) or more than or equal to EndAddress(%llx) \n",
+ __func__,
+ MapGpaRetryAddr,
+ PhysicalAddress,
+ EndAddress
+ ));
+ break;
+ }
+
+ if (MapGpaRetryAddr == PhysicalAddress) {
+ RetryCount++;
+ continue;
+ }
+
+ PhysicalAddress = MapGpaRetryAddr;
+ Length = EndAddress - PhysicalAddress;
+ RetryCount = 0;
+ }
+
if (TdStatus != 0) {
DEBUG ((DEBUG_ERROR, "%a: TdVmcall(MAPGPA) failed with %llx\n", __func__, TdStatus));
ASSERT (FALSE);
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110905): https://edk2.groups.io/g/devel/message/110905
Mute This Topic: https://groups.io/mt/102460273/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-11-08 8:36 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-08 8:32 [edk2-devel] [PATCH V3 0/2] OvmfPkg: Update TdVmCall to handle the retry for MapGPA sunceping
2023-11-08 8:32 ` [edk2-devel] [PATCH V3 1/2] MdePkg/BaseLib: Update TdVmcall to always output the value in R11 sunceping
2023-11-08 8:40 ` Min Xu
2023-11-09 13:51 ` [edk2-devel] 回复: " gaoliming via groups.io
2023-11-08 8:32 ` sunceping [this message]
2023-11-08 8:45 ` [edk2-devel] [PATCH V3 2/2] OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231108083203.1417-3-cepingx.sun@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox