From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web11.127786.1671086026484579382 for ; Wed, 14 Dec 2022 22:33:46 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=n8bnroIG; spf=pass (domain: linux.ibm.com, ip: 148.163.158.5, mailfrom: dovmurik@linux.ibm.com) Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2BF6Uxl0028769; Thu, 15 Dec 2022 06:33:44 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : date : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pp1; bh=6spmRYw0m+SYvQ9AWIHyd63ADr1RHN9WgRkFxqGCx7Q=; b=n8bnroIGicldJ5xK4JRFyD/gmfNiYERJfbX+a3RN5q0IRtMzAfHxIKg4pyr2DcVptNtY Ti7p2sDuErUO2z/M/2Gn9mLMZzg+X1BZbPT8sqjGuEfrTfbaU9NpYUSrQMaR2kvLb0FF 8lnvmOdi4+xSh6C2xCNS0U33bDfDiNyKDPZ8xnaT5rzw6yXCCy0txOlkhcr5T4Rz/tm1 U3RDutiRaLxJLHLW8QueVAF8Nju58eSCR/t5MnA6G/Gie6hCAQ5nH3QEVKnm33wlezP8 nkh8ldIXcgQptRNH+0BMCUvWaQRjNCr2ouQWcfTkBpgMpzdWQnqf21msObL6nagTnNfn 2g== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3mfxcp81fn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 15 Dec 2022 06:33:44 +0000 Received: from m0098416.ppops.net (m0098416.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 2BF6Xh9p005246; Thu, 15 Dec 2022 06:33:43 GMT Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0b-001b2d01.pphosted.com (PPS) with ESMTPS id 3mfxcp81f8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 15 Dec 2022 06:33:43 +0000 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 2BF5SsGt011783; Thu, 15 Dec 2022 06:33:42 GMT Received: from smtprelay01.wdc07v.mail.ibm.com ([9.208.129.119]) by ppma01dal.us.ibm.com (PPS) with ESMTPS id 3meyyhuqae-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 15 Dec 2022 06:33:42 +0000 Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay01.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 2BF6XeGK35783006 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 15 Dec 2022 06:33:41 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A06BC58052; Thu, 15 Dec 2022 06:33:40 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CFDA25804C; Thu, 15 Dec 2022 06:33:37 +0000 (GMT) Received: from [9.65.235.8] (unknown [9.65.235.8]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Thu, 15 Dec 2022 06:33:37 +0000 (GMT) Message-ID: <259ba4dc-d865-8ae0-9e27-3d64b297ad29@linux.ibm.com> Date: Thu, 15 Dec 2022 08:33:36 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.5.1 Subject: Re: [PATCH v2 1/1] OvmfPkg/AmdSev/SecretDxe: Allocate CC secret location as EfiACPIReclaimMemory To: "Yao, Jiewen" , Tom Lendacky , "devel@edk2.groups.io" Cc: Tobin Feldman-Fitzthum , Ard Biesheuvel , "Aktas, Erdem" , Gerd Hoffmann , James Bottomley , "Justen, Jordan L" , Michael Roth , "Xu, Min M" , Tobin Feldman-Fitzthum , Dov Murik References: <20221212080808.2253768-1-dovmurik@linux.ibm.com> <6e26dd9a-b3f1-5815-a743-0b8889ab6fe6@amd.com> From: "Dov Murik" In-Reply-To: X-TM-AS-GCONF: 00 X-Proofpoint-GUID: UdIaz8Crh9DrnTMesqdNsvz6lIvbYmiY X-Proofpoint-ORIG-GUID: uEtbvnSh4FYUGG0a_3XTs8Ms2MuAniDE X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-12-15_02,2022-12-14_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 impostorscore=0 mlxlogscore=999 priorityscore=1501 bulkscore=0 clxscore=1015 phishscore=0 lowpriorityscore=0 mlxscore=0 suspectscore=0 malwarescore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2212150049 Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Thank you Jiewen. On 15/12/2022 4:42, Yao, Jiewen wrote: > Hey > CI failed - https://github.com/tianocore/edk2/pull/3772 > Have you run CI before submit patch? Please take a look. I haven't -- last time I contributed to edk2 was a long time ago; I'll look for the instructions on triggering the CI myself. I see patch format errors (lines a bit too long) and uncrustify errors (missing space in variable declaration). I'll fix these and send another spin. -Dov > > Thank you > Yao, Jiewen > >> -----Original Message----- >> From: Tom Lendacky >> Sent: Monday, December 12, 2022 11:01 PM >> To: Dov Murik ; devel@edk2.groups.io >> Cc: Tobin Feldman-Fitzthum ; Ard Biesheuvel >> ; Aktas, Erdem ; >> Gerd Hoffmann ; James Bottomley >> ; Yao, Jiewen ; Justen, Jordan >> L ; Michael Roth ; Xu, >> Min M ; Tobin Feldman-Fitzthum >> >> Subject: Re: [PATCH v2 1/1] OvmfPkg/AmdSev/SecretDxe: Allocate CC secret >> location as EfiACPIReclaimMemory >> >> On 12/12/22 02:08, Dov Murik wrote: >>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4186 >>> >>> Commit 079a58276b98 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch >> secret >>> area as reserved") marked the launch secret area itself (1 page) as >>> reserved so the guest OS can use it during the lifetime of the OS. >>> However, the address and size of the secret area held in the >>> CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct are declared as >> STATIC in >>> OVMF (in AmdSev/SecretDxe); therefore there's no guarantee that it will >>> not be written over by OS data. >>> >>> Fix this by allocating the memory for the >>> CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct with the >>> EfiACPIReclaimMemory memory type to ensure the guest OS will not reuse >>> this memory. >>> >>> Fixes: 079a58276b98 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch >> secret area as reserved") >>> Cc: Ard Biesheuvel >>> Cc: Erdem Aktas >>> Cc: Gerd Hoffmann >>> Cc: James Bottomley >>> Cc: Jiewen Yao >>> Cc: Jordan Justen >>> Cc: Michael Roth >>> Cc: Min Xu >>> Cc: Tobin Feldman-Fitzthum >>> Cc: Tom Lendacky >>> Signed-off-by: Dov Murik >> >> Reviewed-by: Tom Lendacky >> >>> >>> --- >>> >>> v2 changes: >>> * Allocate with EfiACPIReclaimMemory memory type (thanks Ard) >>> --- >>> OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 22 ++++++++++++++------ >>> 1 file changed, 16 insertions(+), 6 deletions(-) >>> >>> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c >> b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c >>> index 3d84b2545052..4f65b1ce5ba5 100644 >>> --- a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c >>> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c >>> @@ -8,11 +8,6 @@ >>> #include >>> #include >>> >>> -STATIC CONFIDENTIAL_COMPUTING_SECRET_LOCATION >> mSecretDxeTable = { >>> - FixedPcdGet32 (PcdSevLaunchSecretBase), >>> - FixedPcdGet32 (PcdSevLaunchSecretSize), >>> -}; >>> - >>> EFI_STATUS >>> EFIAPI >>> InitializeSecretDxe ( >>> @@ -20,8 +15,23 @@ InitializeSecretDxe ( >>> IN EFI_SYSTEM_TABLE *SystemTable >>> ) >>> { >>> + EFI_STATUS Status; >>> + CONFIDENTIAL_COMPUTING_SECRET_LOCATION *SecretDxeTable; >>> + >>> + Status = gBS->AllocatePool ( >>> + EfiACPIReclaimMemory, >>> + sizeof (CONFIDENTIAL_COMPUTING_SECRET_LOCATION), >>> + (VOID **)&SecretDxeTable >>> + ); >>> + if (EFI_ERROR (Status)) { >>> + return Status; >>> + } >>> + >>> + SecretDxeTable->Base = FixedPcdGet32 (PcdSevLaunchSecretBase); >>> + SecretDxeTable->Size = FixedPcdGet32 (PcdSevLaunchSecretSize); >>> + >>> return gBS->InstallConfigurationTable ( >>> &gConfidentialComputingSecretGuid, >>> - &mSecretDxeTable >>> + SecretDxeTable >>> ); >>> }