From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.groups.io with SMTP id smtpd.web11.2560.1609792458817466525 for ; Mon, 04 Jan 2021 12:34:19 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=QZP7BFTf; spf=pass (domain: redhat.com, ip: 63.128.21.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1609792458; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YP4tpPmV3WR78OIJDm9/6pDBkOvsJgN+PXw8Aa29xiE=; b=QZP7BFTfaBLrQolJvFC82WxcsK+jsYaB+QJMpRo6SLSxTWvpjDYQ2NJQHb9qEpiZ7MPEjD 9x+z0S63ct+OXRVxlrUlcMRDIWdfM4EO69cH0br2bA2NKIx5ivPDtcYiFCGGe2LM9S4URC LjZokED27ByqnMT7mrwd6iqMPj5P7UU= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-236-a4ve1QjUMKCxBmb_fTWrQw-1; Mon, 04 Jan 2021 15:34:13 -0500 X-MC-Unique: a4ve1QjUMKCxBmb_fTWrQw-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B2556107ACE3; Mon, 4 Jan 2021 20:34:11 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-80.ams2.redhat.com [10.36.113.80]) by smtp.corp.redhat.com (Postfix) with ESMTP id C683661F55; Mon, 4 Jan 2021 20:34:08 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH 05/12] OvmfPkg/MemEncryptSevLib: Add an interface to retrieve the encryption mask To: devel@edk2.groups.io, thomas.lendacky@amd.com Cc: Brijesh Singh , James Bottomley , Jordan Justen , Ard Biesheuvel , Rebecca Cran , Peter Grehan , Anthony Perard , Julien Grall References: From: "Laszlo Ersek" Message-ID: <2bbd9ca2-5759-412a-0ad5-1ee062818b67@redhat.com> Date: Mon, 4 Jan 2021 21:34:07 +0100 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 12/15/20 21:51, Lendacky, Thomas wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108 > > The early assembler code performs validation for some of the SEV-related > information, specifically the encryption bit position. To avoid having to > re-validate the encryption bit position as the system proceeds through its > boot phases, use the saved information from the SEV-ES work area during > PEI and PcdPteMemoryEncryptionAddressOrMask (set during PEI) during DXE. (1) Please replace and on the last line, with , and Without the comma, it's too easy to misread the message as "use [blah] during PEI and PcdPteMemoryEncryptionAddressOrMask" -- i.e., as if "during" applied to "PEI" and "PcdPteMemoryEncryptionAddressOrMask" alike. Which of course makes no sense. > > To ensure that we always use a validated encryption mask for an SEV-ES > guest, create a new interface in the MemEncryptSevLib library to return > the encryption mask. This avoids the multiple locations where CPUID is > used to retrieve the value and allows the validated mask to be returned. > > Update all locations that use CPUID to calculate the encryption mask to > use the new interface. Also, clean up some call areas where extra masking > was being performed and where a function call was being used instead of > the local variable that was just set using the function. > > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Cc: Rebecca Cran > Cc: Peter Grehan > Cc: Anthony Perard > Cc: Julien Grall > Cc: Brijesh Singh > Signed-off-by: Tom Lendacky > --- > OvmfPkg/AmdSev/AmdSevX64.dsc | 4 +- > OvmfPkg/Bhyve/BhyveX64.dsc | 4 +- > OvmfPkg/OvmfPkgIa32.dsc | 4 +- > OvmfPkg/OvmfPkgIa32X64.dsc | 4 +- > OvmfPkg/OvmfPkgX64.dsc | 4 +- > OvmfPkg/OvmfXen.dsc | 3 +- > ...SevLib.inf => DxeBaseMemEncryptSevLib.inf} | 13 +- > .../PeiBaseMemEncryptSevLib.inf | 56 ++++++ > OvmfPkg/Include/Library/MemEncryptSevLib.h | 14 ++ > OvmfPkg/Bhyve/PlatformPei/AmdSev.c | 12 +- > .../DxeMemEncryptSevLibInternal.c | 145 ++++++++++++++++ > .../MemEncryptSevLibInternal.c | 91 +--------- > .../PeiMemEncryptSevLibInternal.c | 159 ++++++++++++++++++ > .../BaseMemEncryptSevLib/X64/VirtualMemory.c | 15 +- > OvmfPkg/PlatformPei/AmdSev.c | 12 +- > OvmfPkg/XenPlatformPei/AmdSev.c | 12 +- > OvmfPkg/ResetVector/Ia32/PageTables64.asm | 10 +- > OvmfPkg/ResetVector/ResetVector.nasmb | 1 + > 18 files changed, 422 insertions(+), 141 deletions(-) > rename OvmfPkg/Library/BaseMemEncryptSevLib/{BaseMemEncryptSevLib.inf => DxeBaseMemEncryptSevLib.inf} (67%) > create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c > create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c (2) "DxeBase" should be just "Dxe", and "PeiBase" should just be "Pei". The BASE_NAME defines in the INF files are correct already, but the names of those INF files, and the references to them in the DSC files, are not. > > diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc > index bb7697eb324b..c742ec54cb57 100644 > --- a/OvmfPkg/AmdSev/AmdSevX64.dsc > +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc > @@ -164,7 +164,7 @@ [LibraryClasses] > QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf > VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf > LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf > - MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf > CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf > FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf > @@ -285,6 +285,8 @@ [LibraryClasses.common.PEIM] > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > !endif > > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > + > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf > diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc > index b93fe30ae4e0..27973bc940d5 100644 > --- a/OvmfPkg/Bhyve/BhyveX64.dsc > +++ b/OvmfPkg/Bhyve/BhyveX64.dsc > @@ -163,7 +163,7 @@ [LibraryClasses] > QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/BaseQemuFwCfgS3LibNull.inf > BhyveFwCtlLib|OvmfPkg/Library/BhyveFwCtlLib/BhyveFwCtlLib.inf > VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf > - MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf > > CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf > @@ -292,6 +292,8 @@ [LibraryClasses.common.PEIM] > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > !endif > > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > + > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index 8eede796a8bd..e433e17dc807 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -169,7 +169,7 @@ [LibraryClasses] > QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf > VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf > LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf > - MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > !if $(SMM_REQUIRE) == FALSE > LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf > !endif > @@ -309,6 +309,8 @@ [LibraryClasses.common.PEIM] > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > !endif > > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > + > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index f9f82a48f4b9..2e2eefbe33f0 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -173,7 +173,7 @@ [LibraryClasses] > QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf > VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf > LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf > - MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > !if $(SMM_REQUIRE) == FALSE > LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf > !endif > @@ -313,6 +313,8 @@ [LibraryClasses.common.PEIM] > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > !endif > > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > + > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index e59ae05b73aa..3e008855fbc1 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -173,7 +173,7 @@ [LibraryClasses] > QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf > VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf > LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf > - MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > !if $(SMM_REQUIRE) == FALSE > LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf > !endif > @@ -313,6 +313,8 @@ [LibraryClasses.common.PEIM] > Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf > !endif > > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > + > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf > diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc > index 12b7a87ee877..44fae364b423 100644 > --- a/OvmfPkg/OvmfXen.dsc > +++ b/OvmfPkg/OvmfXen.dsc > @@ -161,7 +161,7 @@ [LibraryClasses] > SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf > QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf > - MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf > CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf > FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf > @@ -273,6 +273,7 @@ [LibraryClasses.common.PEIM] > QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf > PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf > QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf > + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > > [LibraryClasses.common.DXE_CORE] > HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > similarity index 67% > rename from OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > rename to OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > index 7c44d0952815..2be6ca1fa737 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf > @@ -1,7 +1,7 @@ > ## @file > # Library provides the helper functions for SEV guest > # > -# Copyright (c) 2017 Advanced Micro Devices. All rights reserved.
> +# Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.
> # > # SPDX-License-Identifier: BSD-2-Clause-Patent > # > @@ -10,11 +10,11 @@ > > [Defines] > INF_VERSION = 1.25 > - BASE_NAME = MemEncryptSevLib > + BASE_NAME = DxeMemEncryptSevLib > FILE_GUID = c1594631-3888-4be4-949f-9c630dbc842b > MODULE_TYPE = BASE > VERSION_STRING = 1.0 > - LIBRARY_CLASS = MemEncryptSevLib|PEIM DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER > + LIBRARY_CLASS = MemEncryptSevLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER > > # > # The following information is for reference only and not required by the build > @@ -30,14 +30,16 @@ [Packages] > UefiCpuPkg/UefiCpuPkg.dec > > [Sources.X64] > + DxeMemEncryptSevLibInternal.c > MemEncryptSevLibInternal.c > X64/MemEncryptSevLib.c > X64/VirtualMemory.c > X64/VirtualMemory.h > > [Sources.IA32] > + DxeMemEncryptSevLibInternal.c > + MemEncryptSevLibInternal.c > Ia32/MemEncryptSevLib.c > - MemEncryptSevLibInternal.c > > [LibraryClasses] > BaseLib > @@ -49,3 +51,6 @@ [LibraryClasses] > > [FeaturePcd] > gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire > + > +[Pcd] > + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > new file mode 100644 > index 000000000000..7bdf8cb5210d > --- /dev/null > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf > @@ -0,0 +1,56 @@ > +## @file > +# Library provides the helper functions for SEV guest > +# > +# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.
> +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +# > +## > + > +[Defines] > + INF_VERSION = 1.25 > + BASE_NAME = PeiMemEncryptSevLib > + FILE_GUID = 15d9a694-3d2a-4184-9672-ba55c3070e07 > + MODULE_TYPE = BASE > + VERSION_STRING = 1.0 > + LIBRARY_CLASS = MemEncryptSevLib|PEIM > + > +# > +# The following information is for reference only and not required by the build > +# tools. > +# > +# VALID_ARCHITECTURES = IA32 X64 > +# > + > +[Packages] > + MdeModulePkg/MdeModulePkg.dec > + MdePkg/MdePkg.dec > + OvmfPkg/OvmfPkg.dec > + UefiCpuPkg/UefiCpuPkg.dec > + > +[Sources.X64] > + PeiMemEncryptSevLibInternal.c > + MemEncryptSevLibInternal.c > + X64/MemEncryptSevLib.c > + X64/VirtualMemory.c > + X64/VirtualMemory.h > + > +[Sources.IA32] > + PeiMemEncryptSevLibInternal.c > + MemEncryptSevLibInternal.c > + Ia32/MemEncryptSevLib.c > + > +[LibraryClasses] > + BaseLib > + CacheMaintenanceLib > + CpuLib > + DebugLib > + MemoryAllocationLib > + PcdLib > + > +[FeaturePcd] > + gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire > + > +[FixedPcd] > + gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase (3) In each INF file: I suggest moving the files shared between X64 and IA32 to a plain [Sources] section (i.e., no architecture modifier). I do agree that the pre-patch status is already not ideal (as "MemEncryptSevLibInternal.c" is duplicated between the [Sources.IA32] and [Sources.X64] sections), but since you already move "MemEncryptSevLibInternal.c" a bit, we might as well move as much as possible under a new [Sources] section. Again this applies to both INF files. > diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h > index dc09c61e58bb..394065f15bc1 100644 > --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h > +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h > @@ -29,6 +29,8 @@ typedef struct _SEC_SEV_ES_WORK_AREA { > UINT8 Reserved1[7]; > > UINT64 RandomData; > + > + UINT64 EncryptionMask; > } SEC_SEV_ES_WORK_AREA; > > /** > @@ -133,4 +135,16 @@ MemEncryptSevLocateInitialSmramSaveStateMapPages ( > OUT UINTN *BaseAddress, > OUT UINTN *NumberOfPages > ); > + > +/** > + Returns the SEV encryption mask. > + > + @return The SEV pagtable encryption mask (4) Typo: "pagtable". > +**/ > +UINT64 > +EFIAPI > +MemEncryptSevGetEncryptionMask ( > + VOID > + ); > + > #endif // _MEM_ENCRYPT_SEV_LIB_H_ (5) The contents of this patch makes sense, but the patch is too large for my taste. Please split it to 3 patches: - Save the mask in the reset vector to a new field in the work area. - Introduce the new API to the lib class (and introduce both lib instances too). Reworking "VirtualMemory.c" in this same patch is fine. - Migrate the consumers of the mask to the new API (as far as I can tell, these are the three PlatformPei modules). (6) Please confirm that you've successfully built all six modified DSC files. For Bhyve, you need nothing extra (similarly to Xen). For test-building "OvmfPkg/AmdSev/AmdSevX64.dsc", you need to palce any random grub.efi binary at "OvmfPkg/AmdSev/Grub/grub.efi". Thanks, Laszlo > diff --git a/OvmfPkg/Bhyve/PlatformPei/AmdSev.c b/OvmfPkg/Bhyve/PlatformPei/AmdSev.c > index e484f4b311fe..e3ed78581c1b 100644 > --- a/OvmfPkg/Bhyve/PlatformPei/AmdSev.c > +++ b/OvmfPkg/Bhyve/PlatformPei/AmdSev.c > @@ -1,7 +1,7 @@ > /**@file > Initialize Secure Encrypted Virtualization (SEV) support > > - Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
> + Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.
> > SPDX-License-Identifier: BSD-2-Clause-Patent > > @@ -15,8 +15,6 @@ > #include > #include > #include > -#include > -#include > #include > > #include "Platform.h" > @@ -32,7 +30,6 @@ AmdSevInitialize ( > VOID > ) > { > - CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; > UINT64 EncryptionMask; > RETURN_STATUS PcdStatus; > > @@ -43,15 +40,10 @@ AmdSevInitialize ( > return; > } > > - // > - // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) > - // > - AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); > - EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits); > - > // > // Set Memory Encryption Mask PCD > // > + EncryptionMask = MemEncryptSevGetEncryptionMask (); > PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask); > ASSERT_RETURN_ERROR (PcdStatus); > > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c > new file mode 100644 > index 000000000000..2816f859a0c4 > --- /dev/null > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c > @@ -0,0 +1,145 @@ > +/** @file > + > + Secure Encrypted Virtualization (SEV) library helper function > + > + Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +STATIC BOOLEAN mSevStatus = FALSE; > +STATIC BOOLEAN mSevEsStatus = FALSE; > +STATIC BOOLEAN mSevStatusChecked = FALSE; > + > +STATIC UINT64 mSevEncryptionMask = 0; > +STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE; > + > +/** > + Reads and sets the status of SEV features. > + > + **/ > +STATIC > +VOID > +EFIAPI > +InternalMemEncryptSevStatus ( > + VOID > + ) > +{ > + UINT32 RegEax; > + MSR_SEV_STATUS_REGISTER Msr; > + CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax; > + BOOLEAN ReadSevMsr; > + UINT64 EncryptionMask; > + > + ReadSevMsr = FALSE; > + > + EncryptionMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask); > + if (EncryptionMask != 0) { > + // > + // The MSR has been read before, so it is safe to read it again and avoid > + // having to validate the CPUID information. > + // > + ReadSevMsr = TRUE; > + } else { > + // > + // Check if memory encryption leaf exist > + // > + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); > + if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) { > + // > + // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported) > + // > + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL); > + > + if (Eax.Bits.SevBit) { > + ReadSevMsr = TRUE; > + } > + } > + } > + > + if (ReadSevMsr) { > + // > + // Check MSR_0xC0010131 Bit 0 (Sev Enabled) > + // > + Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS); > + if (Msr.Bits.SevBit) { > + mSevStatus = TRUE; > + } > + > + // > + // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled) > + // > + if (Msr.Bits.SevEsBit) { > + mSevEsStatus = TRUE; > + } > + } > + > + mSevStatusChecked = TRUE; > +} > + > +/** > + Returns a boolean to indicate whether SEV-ES is enabled. > + > + @retval TRUE SEV-ES is enabled > + @retval FALSE SEV-ES is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevEsIsEnabled ( > + VOID > + ) > +{ > + if (!mSevStatusChecked) { > + InternalMemEncryptSevStatus (); > + } > + > + return mSevEsStatus; > +} > + > +/** > + Returns a boolean to indicate whether SEV is enabled. > + > + @retval TRUE SEV is enabled > + @retval FALSE SEV is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevIsEnabled ( > + VOID > + ) > +{ > + if (!mSevStatusChecked) { > + InternalMemEncryptSevStatus (); > + } > + > + return mSevStatus; > +} > + > +/** > + Returns the SEV encryption mask. > + > + @return The SEV pagtable encryption mask > +**/ > +UINT64 > +EFIAPI > +MemEncryptSevGetEncryptionMask ( > + VOID > + ) > +{ > + if (!mSevEncryptionMaskSaved) { > + mSevEncryptionMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask); > + mSevEncryptionMaskSaved = TRUE; > + } > + > + return mSevEncryptionMask; > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c > index 02b8eb225d81..ec6d02eaefd0 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c > @@ -2,7 +2,7 @@ > > Secure Encrypted Virtualization (SEV) library helper function > > - Copyright (c) 2017, AMD Incorporated. All rights reserved.
> + Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.
> > SPDX-License-Identifier: BSD-2-Clause-Patent > > @@ -19,95 +19,6 @@ > #include > #include > > -STATIC BOOLEAN mSevStatus = FALSE; > -STATIC BOOLEAN mSevEsStatus = FALSE; > -STATIC BOOLEAN mSevStatusChecked = FALSE; > - > -/** > - Reads and sets the status of SEV features. > - > - **/ > -STATIC > -VOID > -EFIAPI > -InternalMemEncryptSevStatus ( > - VOID > - ) > -{ > - UINT32 RegEax; > - MSR_SEV_STATUS_REGISTER Msr; > - CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax; > - > - // > - // Check if memory encryption leaf exist > - // > - AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); > - if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) { > - // > - // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported) > - // > - AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL); > - > - if (Eax.Bits.SevBit) { > - // > - // Check MSR_0xC0010131 Bit 0 (Sev Enabled) > - // > - Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS); > - if (Msr.Bits.SevBit) { > - mSevStatus = TRUE; > - } > - > - // > - // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled) > - // > - if (Msr.Bits.SevEsBit) { > - mSevEsStatus = TRUE; > - } > - } > - } > - > - mSevStatusChecked = TRUE; > -} > - > -/** > - Returns a boolean to indicate whether SEV-ES is enabled. > - > - @retval TRUE SEV-ES is enabled > - @retval FALSE SEV-ES is not enabled > -**/ > -BOOLEAN > -EFIAPI > -MemEncryptSevEsIsEnabled ( > - VOID > - ) > -{ > - if (!mSevStatusChecked) { > - InternalMemEncryptSevStatus (); > - } > - > - return mSevEsStatus; > -} > - > -/** > - Returns a boolean to indicate whether SEV is enabled. > - > - @retval TRUE SEV is enabled > - @retval FALSE SEV is not enabled > -**/ > -BOOLEAN > -EFIAPI > -MemEncryptSevIsEnabled ( > - VOID > - ) > -{ > - if (!mSevStatusChecked) { > - InternalMemEncryptSevStatus (); > - } > - > - return mSevStatus; > -} > - > - > /** > Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM > Save State Map. > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c > new file mode 100644 > index 000000000000..e2fd109d120f > --- /dev/null > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c > @@ -0,0 +1,159 @@ > +/** @file > + > + Secure Encrypted Virtualization (SEV) library helper function > + > + Copyright (c) 2020, AMD Incorporated. All rights reserved.
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +STATIC BOOLEAN mSevStatus = FALSE; > +STATIC BOOLEAN mSevEsStatus = FALSE; > +STATIC BOOLEAN mSevStatusChecked = FALSE; > + > +STATIC UINT64 mSevEncryptionMask = 0; > +STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE; > + > +/** > + Reads and sets the status of SEV features. > + > + **/ > +STATIC > +VOID > +EFIAPI > +InternalMemEncryptSevStatus ( > + VOID > + ) > +{ > + UINT32 RegEax; > + MSR_SEV_STATUS_REGISTER Msr; > + CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax; > + BOOLEAN ReadSevMsr; > + SEC_SEV_ES_WORK_AREA *SevEsWorkArea; > + > + ReadSevMsr = FALSE; > + > + SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase); > + if (SevEsWorkArea != NULL && SevEsWorkArea->EncryptionMask != 0) { > + // > + // The MSR has been read before, so it is safe to read it again and avoid > + // having to validate the CPUID information. > + // > + ReadSevMsr = TRUE; > + } else { > + // > + // Check if memory encryption leaf exist > + // > + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); > + if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) { > + // > + // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported) > + // > + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL); > + > + if (Eax.Bits.SevBit) { > + ReadSevMsr = TRUE; > + } > + } > + } > + > + if (ReadSevMsr) { > + // > + // Check MSR_0xC0010131 Bit 0 (Sev Enabled) > + // > + Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS); > + if (Msr.Bits.SevBit) { > + mSevStatus = TRUE; > + } > + > + // > + // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled) > + // > + if (Msr.Bits.SevEsBit) { > + mSevEsStatus = TRUE; > + } > + } > + > + mSevStatusChecked = TRUE; > +} > + > +/** > + Returns a boolean to indicate whether SEV-ES is enabled. > + > + @retval TRUE SEV-ES is enabled > + @retval FALSE SEV-ES is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevEsIsEnabled ( > + VOID > + ) > +{ > + if (!mSevStatusChecked) { > + InternalMemEncryptSevStatus (); > + } > + > + return mSevEsStatus; > +} > + > +/** > + Returns a boolean to indicate whether SEV is enabled. > + > + @retval TRUE SEV is enabled > + @retval FALSE SEV is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevIsEnabled ( > + VOID > + ) > +{ > + if (!mSevStatusChecked) { > + InternalMemEncryptSevStatus (); > + } > + > + return mSevStatus; > +} > + > +/** > + Returns the SEV encryption mask. > + > + @return The SEV pagtable encryption mask > +**/ > +UINT64 > +EFIAPI > +MemEncryptSevGetEncryptionMask ( > + VOID > + ) > +{ > + if (!mSevEncryptionMaskSaved) { > + SEC_SEV_ES_WORK_AREA *SevEsWorkArea; > + > + SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase); > + if (SevEsWorkArea != NULL) { > + mSevEncryptionMask = SevEsWorkArea->EncryptionMask; > + } else { > + CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; > + > + // > + // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) > + // > + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); > + mSevEncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits); > + } > + > + mSevEncryptionMaskSaved = TRUE; > + } > + > + return mSevEncryptionMask; > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c > index 5e110c84ff81..6422bc53bd5d 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c > @@ -3,7 +3,7 @@ > Virtual Memory Management Services to set or clear the memory encryption bit > > Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
> - Copyright (c) 2017, AMD Incorporated. All rights reserved.
> + Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.
> > SPDX-License-Identifier: BSD-2-Clause-Patent > > @@ -12,6 +12,7 @@ > **/ > > #include > +#include > #include > #include > > @@ -39,17 +40,12 @@ GetMemEncryptionAddressMask ( > ) > { > UINT64 EncryptionMask; > - CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; > > if (mAddressEncMaskChecked) { > return mAddressEncMask; > } > > - // > - // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) > - // > - AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); > - EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits); > + EncryptionMask = MemEncryptSevGetEncryptionMask (); > > mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64; > mAddressEncMaskChecked = TRUE; > @@ -289,8 +285,7 @@ SetPageTablePoolReadOnly ( > LevelSize[3] = SIZE_1GB; > LevelSize[4] = SIZE_512GB; > > - AddressEncMask = GetMemEncryptionAddressMask() & > - PAGING_1G_ADDRESS_MASK_64; > + AddressEncMask = GetMemEncryptionAddressMask(); > PageTable = (UINT64 *)(UINTN)PageTableBase; > PoolUnitSize = PAGE_TABLE_POOL_UNIT_SIZE; > > @@ -437,7 +432,7 @@ Split1GPageTo2M ( > > AddressEncMask = GetMemEncryptionAddressMask (); > ASSERT (PageDirectoryEntry != NULL); > - ASSERT (*PageEntry1G & GetMemEncryptionAddressMask ()); > + ASSERT (*PageEntry1G & AddressEncMask); > // > // Fill in 1G page entry. > // > diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c > index 4a515a484720..954d53eba4e8 100644 > --- a/OvmfPkg/PlatformPei/AmdSev.c > +++ b/OvmfPkg/PlatformPei/AmdSev.c > @@ -1,7 +1,7 @@ > /**@file > Initialize Secure Encrypted Virtualization (SEV) support > > - Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
> + Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.
> > SPDX-License-Identifier: BSD-2-Clause-Patent > > @@ -17,9 +17,7 @@ > #include > #include > #include > -#include > #include > -#include > #include > > #include "Platform.h" > @@ -116,7 +114,6 @@ AmdSevInitialize ( > VOID > ) > { > - CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; > UINT64 EncryptionMask; > RETURN_STATUS PcdStatus; > > @@ -127,15 +124,10 @@ AmdSevInitialize ( > return; > } > > - // > - // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) > - // > - AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); > - EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits); > - > // > // Set Memory Encryption Mask PCD > // > + EncryptionMask = MemEncryptSevGetEncryptionMask (); > PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask); > ASSERT_RETURN_ERROR (PcdStatus); > > diff --git a/OvmfPkg/XenPlatformPei/AmdSev.c b/OvmfPkg/XenPlatformPei/AmdSev.c > index 7ebbb5cc1fd2..4ed448632ae2 100644 > --- a/OvmfPkg/XenPlatformPei/AmdSev.c > +++ b/OvmfPkg/XenPlatformPei/AmdSev.c > @@ -1,7 +1,7 @@ > /**@file > Initialize Secure Encrypted Virtualization (SEV) support > > - Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
> + Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.
> Copyright (c) 2019, Citrix Systems, Inc. > > SPDX-License-Identifier: BSD-2-Clause-Patent > @@ -14,8 +14,6 @@ > #include > #include > #include > -#include > -#include > > #include "Platform.h" > > @@ -30,7 +28,6 @@ AmdSevInitialize ( > VOID > ) > { > - CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; > UINT64 EncryptionMask; > RETURN_STATUS PcdStatus; > > @@ -41,15 +38,10 @@ AmdSevInitialize ( > return; > } > > - // > - // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) > - // > - AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); > - EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits); > - > // > // Set Memory Encryption Mask PCD > // > + EncryptionMask = MemEncryptSevGetEncryptionMask (); > PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask); > ASSERT_RETURN_ERROR (PcdStatus); > > diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > index b08f31157cbf..8c0d432050df 100644 > --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm > +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > @@ -145,13 +145,21 @@ GetSevEncBit: > > ; The encryption bit position is always above 31 > sub ebx, 32 > - jns SevExit > + jns SevSaveMask > > ; Encryption bit was reported as 31 or below, enter a HLT loop > SevEncBitLowHlt: > hlt > jmp SevEncBitLowHlt > > +SevSaveMask: > + xor edx, edx > + bts edx, ebx > + > + mov dword[SEV_ES_WORK_AREA_ENC_MASK], 0 > + mov dword[SEV_ES_WORK_AREA_ENC_MASK + 4], edx > + jmp SevExit > + > NoSev: > ; > ; Perform an SEV-ES sanity check by seeing if a #VC exception occurred. > diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb > index d3aa87982959..5fbacaed5f9d 100644 > --- a/OvmfPkg/ResetVector/ResetVector.nasmb > +++ b/OvmfPkg/ResetVector/ResetVector.nasmb > @@ -74,6 +74,7 @@ > %define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize)) > %define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase)) > %define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 8) > + %define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 16) > %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize)) > %include "Ia32/Flat32ToFlat64.asm" > %include "Ia32/PageTables64.asm" >