From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-CY1-obe.outbound.protection.outlook.com (NAM02-CY1-obe.outbound.protection.outlook.com [40.107.76.58]) by mx.groups.io with SMTP id smtpd.web10.13526.1574280466187796757 for ; Wed, 20 Nov 2019 12:07:46 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=JQFVa/iE; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.76.58, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GOgVECS7nEzDiTiYXKNsOlCxh8UjqIlg1rhh+XiS8s0q0e6cLlKEhuWweBcfd5Dagq+5y4Nd6LAiiH47AhqIi5h+mVKhkIiv3zz24P3+tDs/74RUSXy/ydwSU6jPwfeo4tPoAR+O7R2++TXZGKb2hbLQl43tg3qoIKq44UKJxpexCP+2jm7Q4O6jijBHmFAZuJHj7OUUr1Wnn3lwRZHchHKktDO65IvXzFF/jiRt5p04hP4vC+yvODtFeExueEy8emYch51+BBxeOeWAcmp4EUjbK5iIV130XUx5HVa1ZZsDz5pQLMfiotFcfTSOXZO3TZewvjWilZpYyTsKVciAjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q0YGIxogwJO8HoB+OpRQfSzWh4+lyf2LVGO+kqWgvUA=; b=K3uinMB2kG4dxqWJHdOJVuj94eUmMbcP6ti0zQuQKKQMNg2fS4ft08xWVXgefr0LfFaIv9YEqtZE79OvTmJXDZT52MX4hE01gFwyvxLSTrVfC1nYSCY57KxgzGmvtIRQ8pYggAnHIqO/SxeOu9nUQCK0ZzlGEfmjJlMwY1L6IMSueSLZcPN8X+k1BjhZZDVwWbB897eGmybJwEDOU8HNXeDNUCzNb737QX+Iy+29AVItRrw6leQrK4hSaB7KjNZVCROQ12iCf0lg/X7FsqUB/6IpXLTUT/fCINussintW3dZyn4/wpOFN2qQ4huLJF4LuFVb6kxgjsZbuKkasxZSuQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Q0YGIxogwJO8HoB+OpRQfSzWh4+lyf2LVGO+kqWgvUA=; b=JQFVa/iEwSW+CJ5cxvb79Zv0yUzzsAIni1ZUSN5gc/hGcEiqHISk0ihFoZ8u2U65V8HNrkNFA2ORIYUs76NIhEgcv41+A6AZr8lFcNuXtqwahCePWPZu2hUlhweC4u43DlRlGPW8kmbcXaIy+nTYAC0M7fA5fBs+BTaUrl0eQAY= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by DM6PR12MB3675.namprd12.prod.outlook.com (10.255.76.80) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.28; Wed, 20 Nov 2019 20:07:45 +0000 Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::dd0c:8e53:4913:8ef4]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::dd0c:8e53:4913:8ef4%5]) with mapi id 15.20.2451.031; Wed, 20 Nov 2019 20:07:44 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , Brijesh Singh Subject: [RFC PATCH v3 28/43] OvmfPkg: Create GHCB pages for use during Pei and Dxe phase Date: Wed, 20 Nov 2019 14:06:50 -0600 Message-Id: <274fae2f1eb0e6036dd893c621f3c89b906db8d9.1574280425.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: References: X-ClientProxiedBy: DM3PR12CA0087.namprd12.prod.outlook.com (2603:10b6:0:57::31) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-Mailer: git-send-email 2.17.1 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: e5794c47-d634-42a8-8ce5-08d76df54e66 X-MS-TrafficTypeDiagnostic: DM6PR12MB3675: X-MS-Exchange-PUrlCount: 1 X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-Forefront-PRVS: 02272225C5 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(1496009)(4636009)(376002)(346002)(396003)(39860400002)(366004)(136003)(189003)(199004)(2361001)(50226002)(81156014)(81166006)(8676002)(2906002)(6486002)(99286004)(66476007)(486006)(47776003)(66556008)(25786009)(2616005)(476003)(54906003)(11346002)(118296001)(8936002)(316002)(2351001)(7736002)(305945005)(66066001)(6916009)(86362001)(16586007)(3846002)(6116002)(48376002)(14454004)(478600001)(966005)(5660300002)(66946007)(446003)(76176011)(36756003)(51416003)(6506007)(386003)(50466002)(52116002)(4326008)(6436002)(14444005)(6666004)(6306002)(6512007)(19627235002)(26005)(186003);DIR:OUT;SFP:1101;SCL:1;SRVR:DM6PR12MB3675;H:DM6PR12MB3163.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Ttel9BlyZw9KrBx2YgGdxYJzki8YVoTC79x+muO9mtXJMp5EBOF0YH4fmO2bAurWWdTwxFfYz+CdnHgNt08iMdLlvq735Wg/8i9b3tnCccLeIHam/x2TKvbijU7/dRqdeMBjixGMCFgHIUigwlEzrPZ1fZmCa6cQF2xEk/gl8qT+jEeWUhkYMotICULtoiPs4LxztlpTtYqei4SypVZkHT2eCyrx3nYE/S+BptB3FSBIbmgNZTQT3rNCk+opAIXW0ugP1CApthD/ONsgUmHzaNnLUpDveGJ0pTnmPWa4LcoyKVPv5cLiUKdDwnapS5A/5UquRabvTK9qUx9GIzi3pVTXStSxEQIg81BV/gdPYCDX1wruGCk0aEKQzfxLS+jmfZsnQ0cYskqVg9Cp7THDePMut9gVFPnWxh6dBToiGWFR8XbMF40BlMt7cEMwjk0lCSxmUIOqkKuX5K0RNcOUXI9f5GTqwqmYFiD56niLxiA= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: e5794c47-d634-42a8-8ce5-08d76df54e66 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Nov 2019 20:07:44.8861 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ktqdgd4AIlv69c8/8yJxn9+gKKhPVZXR7llK0MRSiR+KrB4pj+TAK4+UuX9d4/oQHzMB9BzDBcMXi9rgaK1S5A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3675 Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 Allocate memory for the GHCB pages and the per-CPU variable pages during SEV initialization for use during Pei and Dxe phases. The GHCB page(s) must be shared pages, so clear the encryption mask from the current page table entries. Upon successful allocation, set the GHCB PCDs (PcdGhcbBase and PcdGhcbSize). The per-CPU variable page needs to be unique per AP. Using the page after the GHCB ensures that it is unique per AP. But, it also ends up being marked shared/unencrypted when it doesn't need to be. It is possible during PEI to mark only the GHCB pages as shared (and that is done), but DXE is not as easy. There needs to be a way to change the pagetables created for DXE using CreateIdentityMappingPageTables() before switching to them. The GHCB pages (one per vCPU) will be used by the PEI and DXE #VC exception handlers. The #VC exception handler will fill in the necessary fields of the GHCB and exit to the hypervisor using the VMGEXIT instruction. The hypervisor then accesses the GHCB associated with the vCPU in order to perform the requested function. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Reviewed-by: Laszlo Ersek Signed-off-by: Tom Lendacky --- OvmfPkg/OvmfPkgIa32.dsc | 2 ++ OvmfPkg/OvmfPkgIa32X64.dsc | 2 ++ OvmfPkg/OvmfPkgX64.dsc | 2 ++ OvmfPkg/PlatformPei/PlatformPei.inf | 2 ++ OvmfPkg/PlatformPei/AmdSev.c | 38 ++++++++++++++++++++++++++++- 5 files changed, 45 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index d9dd2db52ea6..56670eefde6b 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -570,6 +570,8 @@ [PcdsDynamicDefault] # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsIsEnabled|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 !if $(SMM_REQUIRE) == TRUE gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 291cb6d1f603..9897e6889573 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -582,6 +582,8 @@ [PcdsDynamicDefault] # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsIsEnabled|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 !if $(SMM_REQUIRE) == TRUE gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 5990dab4f65e..59c4f9207fc3 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -581,6 +581,8 @@ [PcdsDynamicDefault] # Set SEV-ES defaults gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsIsEnabled|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 !if $(SMM_REQUIRE) == TRUE gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf index 920b619446f0..25bb59d161de 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -100,6 +100,8 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsIsEnabled gEfiMdeModulePkgTokenSpaceGuid.PcdSecGhcbBase gEfiMdeModulePkgTokenSpaceGuid.PcdSecGhcbSize + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index c12aea46d94e..900b0d977d61 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -9,12 +9,15 @@ // // The package level header files this module uses // +#include #include #include #include +#include #include #include #include +#include #include #include "Platform.h" @@ -30,7 +33,10 @@ AmdSevEsInitialize ( VOID ) { - RETURN_STATUS PcdStatus; + VOID *GhcbBase; + PHYSICAL_ADDRESS GhcbBasePa; + UINTN GhcbPageCount; + RETURN_STATUS PcdStatus, DecryptStatus; if (!MemEncryptSevEsIsEnabled ()) { return; @@ -38,6 +44,36 @@ AmdSevEsInitialize ( PcdStatus = PcdSetBoolS (PcdSevEsIsEnabled, TRUE); ASSERT_RETURN_ERROR (PcdStatus); + + // + // Allocate GHCB and per-CPU variable pages. + // + GhcbPageCount = mMaxCpuCount * 2; + GhcbBase = AllocatePages (GhcbPageCount); + ASSERT (GhcbBase != NULL); + + GhcbBasePa = (PHYSICAL_ADDRESS)(UINTN) GhcbBase; + + DecryptStatus = MemEncryptSevClearPageEncMask ( + 0, + GhcbBasePa, + GhcbPageCount, + TRUE + ); + ASSERT_RETURN_ERROR (DecryptStatus); + + ZeroMem (GhcbBase, EFI_PAGES_TO_SIZE (GhcbPageCount)); + + PcdStatus = PcdSet64S (PcdGhcbBase, GhcbBasePa); + ASSERT_RETURN_ERROR (PcdStatus); + PcdStatus = PcdSet64S (PcdGhcbSize, EFI_PAGES_TO_SIZE (GhcbPageCount)); + ASSERT_RETURN_ERROR (PcdStatus); + + DEBUG ((DEBUG_INFO, + "SEV-ES is enabled, %lu GHCB pages allocated starting at 0x%p\n", + (UINT64)GhcbPageCount, GhcbBase)); + + AsmWriteMsr64 (MSR_SEV_ES_GHCB, GhcbBasePa); } /** -- 2.17.1