From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+110908+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 4BBA8D8027D
	for <rebecca@openfw.io>; Wed,  8 Nov 2023 11:39:27 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=Q1ZwrNX/qNgx2qR02EoNdF3wxre6LAl8Mn6Kcbdxkbw=;
 c=relaxed/simple; d=groups.io;
 h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding;
 s=20140610; t=1699443566; v=1;
 b=n6+YqexifPG4LvwDQohbnFVp49X6rcgtp06DSG0LxCUfF3Y543onzqWENFpRpWstrxUIeHlp
 cWAE/yECy8a093nhHB9UoUVcK3WQ3StraTiWmCwBZtEFWUaW6rij33MKz++dtts8mbqiAe6T9uQ
 f4vQi4P5n2cLoc7Io6ce6Sp4=
X-Received: by 127.0.0.2 with SMTP id ViIkYY7687511xiIj0Qcao6b; Wed, 08 Nov 2023 03:39:26 -0800
X-Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.120])
 by mx.groups.io with SMTP id smtpd.web11.11621.1699443564766744130
 for <devel@edk2.groups.io>;
 Wed, 08 Nov 2023 03:39:25 -0800
X-IronPort-AV: E=McAfee;i="6600,9927,10887"; a="388603253"
X-IronPort-AV: E=Sophos;i="6.03,286,1694761200"; 
   d="scan'208";a="388603253"
X-Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 03:39:23 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10887"; a="797979581"
X-IronPort-AV: E=Sophos;i="6.03,286,1694761200"; 
   d="scan'208";a="797979581"
X-Received: from cepingsx-mobl1.ccr.corp.intel.com ([10.239.49.140])
  by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Nov 2023 03:39:20 -0800
From: "sunceping" <cepingx.sun@intel.com>
To: devel@edk2.groups.io
Cc: sunceping <cepingx.sun@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Michael Roth <michael.roth@amd.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH V4 0/3] OvmfPkg: Update TdVmCall to handle the retry for MapGPA
Date: Wed,  8 Nov 2023 19:38:24 +0800
Message-Id: <20231108113827.3917-1-cepingx.sun@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,cepingx.sun@intel.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: JY374JXNGhE2Mod8AkdEJqTXx7686176AA=
Content-Transfer-Encoding: 8bit
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=n6+Yqexi;
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none)

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572

According to section 3.2 of the [GHCI] spec, if the result is 
"TDG.VP.VMCALL_RETRY" for TDG.VP.VMCALL.MapGPA, TD must retry the
mapping for the pages in the region starting at the GPA specified in r11.

Currently, TDVF does not properly handle the retry results of MapGPA.
For this, TDVF should update the TdVmCall to return the value in R11
and must retry the mapping for the pages by the value.

How to verify the retry for MapGPA in TDVF:
Note: Since the range size of MapGPA in QEMU is limited to 64MB and
TDVF always maps 1.5GB( 2GB~3.5GB) MMIO to shared-memory for TD guest, 
the retry action is triggered always.
Pre-Config:
QEMU:
https://github.com/intel/qemu-tdx/tree/tdx-qemu-upstream | tag: tdx-qemu-upstream-2023.10.20-v8.1.0
KERNEL:
https://github.com/intel/tdx/tree/kvm-upstream-2023.10.16-v6.6-rc2

Step:
Boot with TD guest and check the log with TdVmcall(MAPGPA), as below:
TdxDxe:SetMemorySharedOrPrivate: Cr3Base=0x0 Physical=0x80000000 Length=0x60000000 Mode=Shared
SetOrClearSharedBit: TdVmcall(MAPGPA) Retry PhysicalAddress is 8000080000000, MapGpaRetryaddr is 8000084000000

Reference:
[GHCI]: TDX Guest-Host-Communication Interface v1.0
https://cdrdv2.intel.com/v1/dl/getContent/726790

v2 changes:
  - Update the code based on the comments of v1 reviewer
  - Update TdVmcall to instead of the extra API file

v3 changes:
  - Move the definition of TDVMCALL_STATUS_RETRY to Tdx.h

v4 changes:
  - Split the patch to MdePkg update and OvmfPkg update.

code: https://github.com/sunceping/edk2/tree/handleRetryMapGPA.v4

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>

Ceping Sun (3):
  MdePkg/BaseLib: Update TdVmcall to always output the value in R11
  MdePkg/Tdx.h: Add TDVMCALL_STATUS_RETRY
  OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA

 MdePkg/Include/IndustryStandard/Tdx.h         |  2 +
 MdePkg/Library/BaseLib/X64/TdVmcall.nasm      |  4 +-
 .../BaseMemEncryptTdxLib/MemoryEncryption.c   | 41 ++++++++++++++++++-
 3 files changed, 43 insertions(+), 4 deletions(-)

-- 
2.34.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110908): https://edk2.groups.io/g/devel/message/110908
Mute This Topic: https://groups.io/mt/102461779/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-