From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.77])
 by mx.groups.io with SMTP id smtpd.web10.10760.1591363685572495677
 for <devel@edk2.groups.io>;
 Fri, 05 Jun 2020 06:28:05 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=Q05RFlvu;
 spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.243.77, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ezaaE7LlPWEbr1MrD5cLGzmiLAdwOC8eH29JVSkqxwmtpH+HGoulsrlvk7dF+b1qr3RMOlBBiMiVT62HEqPIRF6nvPJ3NUIqCIo8Oms0aA4dTyeIeYYwUizISmZ7QdoZg1Lug/ybhxJchJcz74CvyclSxPeGR5rVFKyK+TI4iumlYdarwb5UAWR3g5WBn8yzGfyFFl315ximotLHEhsD1z2hwv1ITm8htEIeB63tnwGPN/5DjLEQrBySS0RCtdoFjDaRdCWMsTXQR404+yJsTQTsTyGrp9viC+yrTumuDnVOcdeWS45Ws4ITKcEhDPx0d40k5Rli4XTynhjhUgniLw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=5N0pQC22O2zQeuJ8+4hpT8Vka8IP8hPOHDSMLDyCDoo=;
 b=Z2XgPYLKYMeddDfDn4xI4G29LmkXrzY6ph3ulQp7CkYUuOdra6rQnQ6eE2Ly4GHVWgWQoOpzk7ptqBMDmfmCYcQ5xCOBF3xHPX2idnshbCwJpAgZB9u8m9cdwFNhImuIEbyrSAL7li64aOxDO75CWPs5a/2XOClrFcWaUCvh22RMYnpelYV4/f+4UXxn4ZS8jkhh8hjEWx05mY0ZL+IHyrktjns21TZkUYRJhkOE+o3UG5fI9vJZv/DjLQii5ZKSWxXV+A4TmeX6rs0i8VEv0vClmOl+057zQps1e83buSPjIvtQnb8+g4zS50v4QDymM6kcSWySLKjQPNkAhCAj1A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=5N0pQC22O2zQeuJ8+4hpT8Vka8IP8hPOHDSMLDyCDoo=;
 b=Q05RFlvubzIPU5PzjrajZZAI9QUdGkIZeZRsITCZuHXPlB5tJOjuewXo+oU+YW32RQybMpTYBwJOuzCAp7a/XTcXe0ylFQ+qM0XG/frot2fwyBzwmufmvggNHSQ62g50nsvyoWFBlDTTJ2RQLTaSH5fH7kgl4+TFfddEUSTTmUc=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by
 DM5PR12MB1354.namprd12.prod.outlook.com (2603:10b6:3:7a::17) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3066.20; Fri, 5 Jun 2020 13:28:04 +0000
Received: from DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::4ce1:9947:9681:c8b1]) by DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::4ce1:9947:9681:c8b1%10]) with mapi id 15.20.3066.019; Fri, 5 Jun 2020
 13:28:04 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.singh@amd.com>,
	Ard Biesheuvel <ard.biesheuvel@arm.com>,
	Eric Dong <eric.dong@intel.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Liming Gao <liming.gao@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Ray Ni <ray.ni@intel.com>
Subject: [PATCH v9 15/46] OvmfPkg/VmgExitLib: Add support for CPUID NAE events
Date: Fri,  5 Jun 2020 08:27:06 -0500
Message-Id: <2b2b229690e2a2422e35c9a4df0431085c76b1ca.1591363657.git.thomas.lendacky@amd.com>
X-Mailer: git-send-email 2.27.0
In-Reply-To: <cover.1591363657.git.thomas.lendacky@amd.com>
References: <cover.1591363657.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: DM5PR19CA0060.namprd19.prod.outlook.com
 (2603:10b6:3:116::22) To DM5PR12MB1355.namprd12.prod.outlook.com
 (2603:10b6:3:6e::7)
Return-Path: thomas.lendacky@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from tlendack-t1.amd.com (165.204.77.1) by DM5PR19CA0060.namprd19.prod.outlook.com (2603:10b6:3:116::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.18 via Frontend Transport; Fri, 5 Jun 2020 13:28:03 +0000
X-Mailer: git-send-email 2.27.0
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 575dcb21-ecd4-4587-e09b-08d80954469c
X-MS-TrafficTypeDiagnostic: DM5PR12MB1354:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM5PR12MB135408CFEA4446B6F6E0E4EFEC860@DM5PR12MB1354.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:6430;
X-Forefront-PRVS: 0425A67DEF
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	mqt9npnNkWHI0/BJynbz0RSKSs8BawHPJFKSzjpVCnZtAfi9Aq8x7y01pCcD1juQhidlZ0cTstiiydIlSX7+UUz/8j6GYZlAFB3iS67/B8ateHs+TlCu0fHt6B71Ojle+/Uu8ePY+N1w5cNICiyXj2HWO7dY0ZN+gdur14uN6rTg0MqWCwM/bCV2JSh3+NgP9uOj7JM4B5fV6qnNDTIrlzdFQJBwZCcwaTdKn2Zc6wcZfaXpHPS3fvp2UAYEjSAdhZN3bSzLglQnw6ZWLSc6+/0lAAX1MMb/9STl3a0R/OGZ3/yZ5eSsPVvgNhHyY/lK8YDaP81Par/rst34FVDy0Rsg3iYWqGPK9sm+X2aBSxStkBY+jn9nfCPbsW7speMl5z4OghuwEAdLPGE8Uu+wrPndLoIhl4EqGLBvfLfMHVxPWdnQ/SgMJqLReotdpcZRdvIHbUie5VGlomiQxwOg9A==
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(346002)(39860400002)(376002)(366004)(396003)(136003)(52116002)(83380400001)(26005)(316002)(7696005)(54906003)(6486002)(478600001)(956004)(16526019)(86362001)(4326008)(36756003)(2616005)(966005)(6916009)(2906002)(8936002)(5660300002)(8676002)(66476007)(66946007)(66556008)(186003)(136400200001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
	WApqi0rE+ZLZneBqp7vAljkYJ+zlLfYSjRa2EslY571fFXj2mB773rZMC2YQJDWXhO3Q9J0PFWrodJfUJz9T1qPgz8XVOsVQoblcIv2uQfYM+cYwne1xNcAQFChGbF7B5V0SBUV98l0e0WVrZrs4XZidsvHdCvWon9W25iNoFiRErDmxdCjmiOHSJxvt70ZmCDzp99UWOO0zLLDMZLUpqrP95gZcTGmdbguqe/HWMPZ08G4XCoDA6FAz1PNCCxAiqnJw8Hvbmo2XrHwSiCqWrTViNBRXtPkXYHARgln4geQKWcaAIW7LaEvgP6hsL4LEufR4PlKq8SZiRjpvrl+ouvi8cK8FGywEbg1Rg0sqO5KwHv7EuKN4H6mLwriC0S4d46R4QmwlI4QsgY8GVXSxnJhMQFHVznXwyHrvYyIZUZnihNaF9wOOWQ+i5KeIGPGubZ7eqThd7/7yRu4XNoXCYZjIq5D5Hynt9z6nEnvzTN4=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 575dcb21-ecd4-4587-e09b-08d80954469c
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jun 2020 13:28:04.1623
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 445c6EjNnNK8h8K4RxlxWkMkxFv6ZRbTYoLDJY6TklyUcV683KsnCJNgYRfBHgjLzjWcUuMiM+4OIPz1tbGBfA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1354
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a CPUID intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Add support to construct the required GHCB values to support a CPUID NAE
event. Additionally, CPUID 0x0000_000d (CPUID_EXTENDED_STATE) requires
XCR0 to be supplied in the GHCB, so add support to issue the XGETBV
instruction.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 60 ++++++++++++++++++++
 1 file changed, 60 insertions(+)

diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Librar=
y/VmgExitLib/VmgExitVcHandler.c
index b74b13045cfd..1e0b2bf399da 100644
--- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
+++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
@@ -11,6 +11,7 @@
 #include <Library/BaseMemoryLib.h>=0D
 #include <Library/VmgExitLib.h>=0D
 #include <Register/Amd/Msr.h>=0D
+#include <Register/Intel/Cpuid.h>=0D
 #include <IndustryStandard/InstructionParsing.h>=0D
 =0D
 //=0D
@@ -597,6 +598,61 @@ IoioExit (
   return 0;=0D
 }=0D
 =0D
+/**=0D
+  Handle a CPUID event.=0D
+=0D
+  Use the VMGEXIT instruction to handle a CPUID event.=0D
+=0D
+  @param[in, out] Ghcb             Pointer to the Guest-Hypervisor Communi=
cation=0D
+                                   Block=0D
+  @param[in, out] Regs             x64 processor context=0D
+  @param[in]      InstructionData  Instruction parsing context=0D
+=0D
+  @return 0                        Event handled successfully=0D
+  @return Others                   New exception value to propagate=0D
+=0D
+**/=0D
+STATIC=0D
+UINT64=0D
+CpuidExit (=0D
+  IN OUT GHCB                     *Ghcb,=0D
+  IN OUT EFI_SYSTEM_CONTEXT_X64   *Regs,=0D
+  IN     SEV_ES_INSTRUCTION_DATA  *InstructionData=0D
+  )=0D
+{=0D
+  UINT64  Status;=0D
+=0D
+  Ghcb->SaveArea.Rax =3D Regs->Rax;=0D
+  GhcbSetRegValid (Ghcb, GhcbRax);=0D
+  Ghcb->SaveArea.Rcx =3D Regs->Rcx;=0D
+  GhcbSetRegValid (Ghcb, GhcbRcx);=0D
+  if (Regs->Rax =3D=3D CPUID_EXTENDED_STATE) {=0D
+    IA32_CR4  Cr4;=0D
+=0D
+    Cr4.UintN =3D AsmReadCr4 ();=0D
+    Ghcb->SaveArea.XCr0 =3D (Cr4.Bits.OSXSAVE =3D=3D 1) ? AsmXGetBv (0) : =
1;=0D
+    GhcbSetRegValid (Ghcb, GhcbXCr0);=0D
+  }=0D
+=0D
+  Status =3D VmgExit (Ghcb, SVM_EXIT_CPUID, 0, 0);=0D
+  if (Status !=3D 0) {=0D
+    return Status;=0D
+  }=0D
+=0D
+  if (!GhcbIsRegValid (Ghcb, GhcbRax) ||=0D
+      !GhcbIsRegValid (Ghcb, GhcbRbx) ||=0D
+      !GhcbIsRegValid (Ghcb, GhcbRcx) ||=0D
+      !GhcbIsRegValid (Ghcb, GhcbRdx)) {=0D
+    return UnsupportedExit (Ghcb, Regs, InstructionData);=0D
+  }=0D
+  Regs->Rax =3D Ghcb->SaveArea.Rax;=0D
+  Regs->Rbx =3D Ghcb->SaveArea.Rbx;=0D
+  Regs->Rcx =3D Ghcb->SaveArea.Rcx;=0D
+  Regs->Rdx =3D Ghcb->SaveArea.Rdx;=0D
+=0D
+  return 0;=0D
+}=0D
+=0D
 /**=0D
   Handle a #VC exception.=0D
 =0D
@@ -641,6 +697,10 @@ VmgExitHandleVc (
 =0D
   ExitCode =3D Regs->ExceptionData;=0D
   switch (ExitCode) {=0D
+  case SVM_EXIT_CPUID:=0D
+    NaeExit =3D CpuidExit;=0D
+    break;=0D
+=0D
   case SVM_EXIT_IOIO_PROT:=0D
     NaeExit =3D IoioExit;=0D
     break;=0D
--=20
2.27.0