From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 98A597803CD for ; Wed, 1 May 2024 19:06:00 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=vi4Zjj/pKGBESKzt8Yn+Glmv00HzMD1MYAGeQpxGol0=; c=relaxed/simple; d=groups.io; h=Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20240206; t=1714590359; v=1; b=VsY9gJ7gcu/SJYtnMlNVZhcXDSLFIFsm6dw58RfeJ9rU6omxoMAnUTFyOvMlDG22qydjFLZZ KdPYCyqSaY6BvXblRMzmDpvWQF+kIGzAdaIzkfaEUki56S1uxVKrte9riXA+dYMWjqWYAYARWEi KFh7E0LFHshT0C9QsZ55+wwGhsi9a4PssXdYE/oPMQRhHdPL0fCPAt9GgwDz8MekUMWeVj3h5T/ t+aXnnRXl79+qe/5x68mai/POy57ZooXET6V/lET5WysqMPCcMJEK47ZPSpz7NHn81J1ikY4Sir jgpxlvPyPxq/PUTu0y1oHv/jAoiU5d0s2wPVChbNk6mKg== X-Received: by 127.0.0.2 with SMTP id jJVZYY7687511xTwoVFqi8Jt; Wed, 01 May 2024 12:05:59 -0700 X-Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.41]) by mx.groups.io with SMTP id smtpd.web11.5082.1714590358649195492 for ; Wed, 01 May 2024 12:05:58 -0700 X-Received: from SJ0PR05CA0110.namprd05.prod.outlook.com (2603:10b6:a03:334::25) by MW6PR12MB8957.namprd12.prod.outlook.com (2603:10b6:303:23a::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.29; Wed, 1 May 2024 19:05:54 +0000 X-Received: from SJ5PEPF000001CD.namprd05.prod.outlook.com (2603:10b6:a03:334:cafe::c6) by SJ0PR05CA0110.outlook.office365.com (2603:10b6:a03:334::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.27 via Frontend Transport; Wed, 1 May 2024 19:05:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF000001CD.mail.protection.outlook.com (10.167.242.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7544.18 via Frontend Transport; Wed, 1 May 2024 19:05:54 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 1 May 2024 14:05:51 -0500 From: "Roth, Michael via groups.io" To: CC: Gerd Hoffmann , Ard Biesheuvel , "Tom Lendacky" , Erdem Aktas , Jiewen Yao , Min Xu Subject: [edk2-devel] [PATCH v4 3/3] OvmfPkg/CcExitLib: Drop special handling for Encrypted MMIO to APIC Date: Wed, 1 May 2024 14:03:40 -0500 Message-ID: <20240501190340.2238565-4-michael.roth@amd.com> In-Reply-To: <20240501190340.2238565-1-michael.roth@amd.com> References: <20240501190340.2238565-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001CD:EE_|MW6PR12MB8957:EE_ X-MS-Office365-Filtering-Correlation-Id: fec53c4e-9a68-453d-f6d1-08dc6a11ba02 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?RjHg4YkbOXspXe4zC1cfyOcd+zgh36AfMhOUxI4+eANsI9qYCRecAdaLnKLR?= =?us-ascii?Q?u+LYKLDOSXTksAdRUutfVMQmOBRf5gFm20c+a3fr4ukeRUSVFrEGI7pr1meR?= =?us-ascii?Q?gKqpprT1qtNs9WmIyZwS9ZjGNzr16/DENGbr7ziv7Okys/hf3Saob8DVr1S+?= =?us-ascii?Q?ZLhPn8743UG2pps8GUcRu0npMqfjK62+PdMgFPRwQx41O9HrSyBNk6j5uaml?= =?us-ascii?Q?mRHuBkyA1yzbfz1GZ8/nTuP9dRg+o3mERJ1t1dZlT/2Egg9GrxPE0zRDi9U+?= =?us-ascii?Q?Bo0Eoiqm6uWnTEzVVWSfslMf93/0daRGmoqjSRUKfSHOqEsIdwMFfIN/h147?= =?us-ascii?Q?HtLk06Atqv8yTzOOGHqlmQSJ0x0BVfRPPgoWusZsTOQOx8RAD/ieaaeZBDsd?= =?us-ascii?Q?L0z/3gZWPVQdw/yDA/eN9zl8zNtcoTdxPJ2xhjaLOFVuUELlSddDZzc77GCu?= =?us-ascii?Q?t2+gz2ICAN875jdxsVoSN5lFqs8bdVKR+LlExyvh05wKT0bF8ZX+jgbxkqyy?= =?us-ascii?Q?igZfoE3Bxc2GGfr6FClvLb4I2DCS0MdRB6avz4+0F9267/Ni+afh6KvkhQoG?= =?us-ascii?Q?yDXMsa0w2RtJ3fwNUSiB9ctEtcqDz2jBsEaTfxva4cxO+U/4AdTPMqVirtdu?= =?us-ascii?Q?97LimasWH44Xw9gYKs17DwgNozsDgWGCFQSdwntZFyljm8K55wHZnekuo9vN?= =?us-ascii?Q?WjEMpiiXVsOTzXHyBFgu2NF8PLMPuow0ckPz5WUg7NYY/Si5fH6NrbACsli8?= =?us-ascii?Q?QeXO3HMznL15exVSKzRlL4lWSizcL1V9kXld3li0S0U9BrOYzx68KhQTFeDh?= =?us-ascii?Q?EZ2dG5l9ue40fmPYe57B5RNhFXS+NNLJ1FiuTdStXOjUv+QZp8S1WLeK6CFb?= =?us-ascii?Q?FWASfGrdLt6he6pZp/r/hT4ORflJLDuISsmK0ZRNQtEh8vq+9miq9n/CSRJo?= =?us-ascii?Q?iWCmG6QpkeFoSlGlIeEli29zoKxD7U1vX511AtcElNjtgMKjSgB5vQDKvTpD?= =?us-ascii?Q?D3DDNAs0ObM3SgCeyDP8z/fHPoqGxkccftbBTGL7RhuNFoYbURRDf10DwcL8?= =?us-ascii?Q?MiRd7d2H6O7wFAy3+UxpLMB0dXAHgQIryxzfjWMU4R6fWjkk/xxOio1AQzGe?= =?us-ascii?Q?O7k+q83WvzOm1bH9FWesiMBHEEqotN7LsiL9Ex9mXCxkgYXqEDkQpvgddpvW?= =?us-ascii?Q?wufnl7DJiRLI0NbMOmGel+pmgIwUPzMbr7I1L/HV3W4ajhIXuo+rTQh9m47w?= =?us-ascii?Q?ycrRKPZDmsFyUbHU55KVYirFxFh2zZLmha4tKtXyuYN1BVoxtfa6Q55+rs/+?= =?us-ascii?Q?KdVxWIYmIqxzDzXo/DaetkaolHnyfCJWvQnxWnr3jhuNw26YYShScIR6Q2/B?= =?us-ascii?Q?ZcCK56uX9Y58nAZw/82jNL/k5IlV?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 May 2024 19:05:54.6262 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fec53c4e-9a68-453d-f6d1-08dc6a11ba02 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001CD.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR12MB8957 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 01 May 2024 12:05:58 -0700 Resent-From: Michael.Roth@amd.com Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: t4YTpmot2U5v1YEptWq2gLRCx7686176AA= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=VsY9gJ7g; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io The current #VC handler guards against MMIO to addresses that are mapped with the encryption bit set, but has an special exception for MMIO accesses to the APIC base address so allow for early access during SEC. Now that the SEC page table has the encryption bit cleared for the APIC base address range, there is no longer any need for this special handling. Go ahead and remove it. Cc: Ard Biesheuvel Cc: Gerd Hoffmann Cc: Erdem Aktas Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Signed-off-by: Michael Roth --- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/= CcExitLib/CcExitVcHandler.c index 549375dfed..da8f1e5db9 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -98,7 +98,7 @@ UnsupportedExit ( Validate that the MMIO memory access is not to encrypted memory. =20 Examine the pagetable entry for the memory specified. MMIO should not be - performed against encrypted memory. MMIO to the APIC page is always allo= wed. + performed against encrypted memory. =20 @param[in] Ghcb Pointer to the Guest-Hypervisor Communication = Block @param[in] MemoryAddress Memory address to validate @@ -118,16 +118,6 @@ ValidateMmioMemory ( { MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE State; GHCB_EVENT_INJECTION GpEvent; - UINTN Address; - - // - // Allow APIC accesses (which will have the encryption bit set during - // SEC and PEI phases). - // - Address =3D MemoryAddress & ~(SIZE_4KB - 1); - if (Address =3D=3D GetLocalApicBaseAddress ()) { - return 0; - } =20 State =3D MemEncryptSevGetAddressRangeState ( 0, --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118480): https://edk2.groups.io/g/devel/message/118480 Mute This Topic: https://groups.io/mt/105849143/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-