From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-CY1-obe.outbound.protection.outlook.com (NAM02-CY1-obe.outbound.protection.outlook.com [40.107.76.43]) by mx.groups.io with SMTP id smtpd.web11.30.1583213384315758351 for ; Mon, 02 Mar 2020 21:29:44 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=h60MwMcf; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.76.43, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YzpCbgzLT5aoXNIjOEcQoarYV5NeC0mTjXN0duigeL3zTnHmZQsxKXjyWeyaHHVNeTsERsV9zGMEcB0y1d1a3k3yS0uEx7VFA9zhSnV8Ug8WwSQydgvUKZB1JWqnTEx0kuadHOg4OXv+ag20G/ZrVnS+R9Wf/pI+r/5HL4PvV2OW2RPR+qlgXq1ZMdlRXKOkao9Cn0zBukp7sMpkFH+c6yjmSUU2b3Wg4bXgbUpITr0P8d2nnz5s64FB/MU9pg83ifLLSRV2Y/xgjKenGei5VOM+46BGXD78gWFHvw3BUTVELfjk4qNYL2V3IkpCESWcKttnc0xvTWKdf+/lAF0VQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VOrO5195YjsRyJr0HiCl/hbN5SfyMPxFzKCXdvDGn8k=; b=BcjJUzueiQyvFULvybeTfIuYteCkx2NddO0N8OIImN6T23AaxBkdLq+1jwJcITNme6VYIexUqWVVQTjMM0tgeULQUPLhqmxe7gsH9kkdBh8tUKYeFtappoLexHBulXpQv/pkl2kJgXv9zOmC8glaFf4mn0MRG0Puokuf3aHacqk/0A6d5TSvPxIO/7xKYBBjR6dRm9rb9j9tw4Pd9qeRWU83cwMb9eb1HtUKkfcUzFPsCy1SfxBLj+3qVU1q83x1BqReXBXwTOn8KekatAOnG3GIc6Xkb73cC5+PC3AnD8oRmsBZPQ9t9SdR7hmAjR8pdT/s3veGQJZ8TPn3f96pAw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VOrO5195YjsRyJr0HiCl/hbN5SfyMPxFzKCXdvDGn8k=; b=h60MwMcfo9X93NsvV6MCd+wdneci0QuAzT7+SjB15sBxvQaUB5SWipZf7wC+ag4IQonJuNmX5F0BkuYH4rTPrLZK0AC/TIAJY3qax1oSLIk8XDUOfNM5IR8jITdEhBSD2ihWLSxtwRqcwYEriN99wznOGON2Cmg1oI2EN2YZuNA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) by DM6PR12MB3898.namprd12.prod.outlook.com (2603:10b6:5:1c6::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.18; Tue, 3 Mar 2020 05:29:42 +0000 Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::f0f9:a88f:f840:2733]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::f0f9:a88f:f840:2733%7]) with mapi id 15.20.2772.019; Tue, 3 Mar 2020 05:29:42 +0000 Subject: Re: [PATCH v5 27/42] OvmfPkg: Create a GHCB page for use during Sec phase From: "Lendacky, Thomas" To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , Brijesh Singh References: <5cc1d9c322d98de1c10215819fba569ed3832737.1583190432.git.thomas.lendacky@amd.com> Message-ID: <2dd5f1cb-047d-2ca1-5a49-52650a44d8c1@amd.com> Date: Mon, 2 Mar 2020 23:29:40 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 In-Reply-To: <5cc1d9c322d98de1c10215819fba569ed3832737.1583190432.git.thomas.lendacky@amd.com> X-ClientProxiedBy: DM6PR18CA0002.namprd18.prod.outlook.com (2603:10b6:5:15b::15) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [10.236.30.74] (165.204.77.1) by DM6PR18CA0002.namprd18.prod.outlook.com (2603:10b6:5:15b::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2772.14 via Frontend Transport; Tue, 3 Mar 2020 05:29:41 +0000 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 0c7fae5a-6173-4add-ccfd-08d7bf33e04a X-MS-TrafficTypeDiagnostic: DM6PR12MB3898:|DM6PR12MB3898: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-Forefront-PRVS: 03319F6FEF X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4636009)(366004)(396003)(346002)(136003)(376002)(39860400002)(189003)(199004)(2616005)(54906003)(5660300002)(16576012)(52116002)(8676002)(81166006)(4326008)(81156014)(6486002)(16526019)(8936002)(186003)(966005)(478600001)(956004)(31686004)(53546011)(31696002)(66946007)(36756003)(19627235002)(6916009)(26005)(66476007)(2906002)(316002)(66556008)(86362001);DIR:OUT;SFP:1101;SCL:1;SRVR:DM6PR12MB3898;H:DM6PR12MB3163.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: EU8qRwhr99b8M4lQrxV6cK6ZPfhhbUMJ4yDFTnSyfS5FEW/Rkogtm37v8UwyPqnDxavzx+4zUBuWkJO94dwKXHEBQnG3AReUbDpEd3W2ix4WtbkwQegRB3Fl92gBoeeHyTo6SdYHd3ygMxkhpwHHcQedTE6tbjFz855UZc/jtbqUcQQKMI0q1b8I0bCEw3hUo1zOmr9HwPFtVLkXSokgffSfzf6QgO20i1idtxOE2tUgO6o622IUyOejoe0kUWTp3vjY05FwNdghDPQvh5vUYlUU9xzzrNjG5n6Y4xTOkwtvhjiSV6GtdGaDfzU+E6QK2pEj7C9DvFy9Q4qRTVUsysx9EzH7Eattp3fSrxdEdGPcSr5YOIeDD1V+0gBucpwsCunBnbeeA+jxHTZOhE3QpuDGvYw/WlJb7NgwQzT/alw+BT1PhaUxI/F0qbldPPGCo17XyAN1UKj6EQCAU8F8Bdkw2MnuzHAZCpI33qJqaCas+FML2L+CGuo08oAhKWpksz3tVuk5Z/ttJru+75cf2g== X-MS-Exchange-AntiSpam-MessageData: xakZfQWvYFgdtUqqNcrmcQQzjW48kwNpyX9oL8NVGFGP3HhDF4aOP3UEvyJWZq1eGuIS2L3HiI5iwkitxt3o1voGawWfgVggtqkbaNNbzHTLOA8qsufixuuOruTIJdIQ5tuv1eour70RSUBfvMrCKg== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0c7fae5a-6173-4add-ccfd-08d7bf33e04a X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Mar 2020 05:29:42.5209 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: q+fOt2Zd8dwNpEqF860RWZyqKrnYfMAZM/tsdrILSbMIZrp8zowrxeKbDJT+azQJG6smyJnjNoWyrCEr9ty50g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3898 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 3/2/20 5:06 PM, Tom Lendacky wrote: > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 > > A GHCB page is needed during the Sec phase, so this new page must be > created. Since the #VC exception handler routines assume that a per-CPU > variable area is immediately after the GHCB, this per-CPU variable area > must also be created. Since the GHCB must be marked as an un-encrypted, > or shared, page, an additional pagetable page is required to break down > the 2MB region where the GHCB page lives into 4K pagetable entries. > > Create a new entry in the OVMF memory layout for the new page table > page and for the SEC GHCB and per-CPU variable pages. After breaking down > the 2MB page, update the GHCB page table entry to remove the encryption > mask. > > The GHCB page will be used by the SEC #VC exception handler. The #VC > exception handler will fill in the necessary fields of the GHCB and exit > to the hypervisor using the VMGEXIT instruction. The hypervisor then > accesses the GHCB in order to perform the requested function. > > Two new fixed PCDs are needed to support the SEC GHCB page: > - PcdOvmfSecGhcbBase UINT64 value that is the base address of the > GHCB used during the SEC phase. > - PcdOvmfSecGhcbSize UINT64 value that is the size, in bytes, of the > GHCB area used during the SEC phase. > > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Reviewed-by: Laszlo Ersek > Signed-off-by: Tom Lendacky > --- > OvmfPkg/OvmfPkg.dec | 9 +++ > OvmfPkg/OvmfPkgX64.fdf | 6 ++ > OvmfPkg/ResetVector/ResetVector.inf | 5 ++ > OvmfPkg/ResetVector/Ia32/PageTables64.asm | 76 +++++++++++++++++++++++ > OvmfPkg/ResetVector/ResetVector.nasmb | 17 +++++ > 5 files changed, 113 insertions(+) > > diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec > index 4c5b6511cb97..0e11913ee2e4 100644 > --- a/OvmfPkg/OvmfPkg.dec > +++ b/OvmfPkg/OvmfPkg.dec > @@ -228,6 +228,15 @@ [PcdsFixedAtBuild] > ## Number of page frames to use for storing grant table entries. > gUefiOvmfPkgTokenSpaceGuid.PcdXenGrantFrames|4|UINT32|0x33 > > + ## Specify the extra page table needed to mark the GHCB as unencrypted. > + # The value should be a multiple of 4KB for each. > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|0x0|UINT32|0x34 > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize|0x0|UINT32|0x35 > + > + ## The base address of the SEC GHCB page used by SEV-ES. > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|0|UINT32|0x36 > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize|0|UINT32|0x37 > + My bad, I could have sworn I rebuilt after the rebase, but these IDs are in conflict. Follow-on 5.1 patch to follow. Thanks, Tom > [PcdsDynamic, PcdsDynamicEx] > gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2 > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10 > diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf > index 0488e5d95ffe..39291f413f6d 100644 > --- a/OvmfPkg/OvmfPkgX64.fdf > +++ b/OvmfPkg/OvmfPkgX64.fdf > @@ -76,6 +76,12 @@ [FD.MEMFD] > 0x007000|0x001000 > gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress|gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize > > +0x008000|0x001000 > +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize > + > +0x009000|0x002000 > +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize > + > 0x010000|0x010000 > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize > > diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf > index b0ddfa5832a2..483fd90fe785 100644 > --- a/OvmfPkg/ResetVector/ResetVector.inf > +++ b/OvmfPkg/ResetVector/ResetVector.inf > @@ -26,6 +26,7 @@ [Sources] > [Packages] > OvmfPkg/OvmfPkg.dec > MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > UefiCpuPkg/UefiCpuPkg.dec > > [BuildOptions] > @@ -33,5 +34,9 @@ [BuildOptions] > *_*_X64_NASMB_FLAGS = -I$(WORKSPACE)/UefiCpuPkg/ResetVector/Vtf0/ > > [Pcd] > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase > + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize > diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > index abad009f20f5..9f86ddf6f08f 100644 > --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm > +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > @@ -21,6 +21,11 @@ BITS 32 > %define PAGE_2M_MBO 0x080 > %define PAGE_2M_PAT 0x01000 > > +%define PAGE_4K_PDE_ATTR (PAGE_ACCESSED + \ > + PAGE_DIRTY + \ > + PAGE_READ_WRITE + \ > + PAGE_PRESENT) > + > %define PAGE_2M_PDE_ATTR (PAGE_2M_MBO + \ > PAGE_ACCESSED + \ > PAGE_DIRTY + \ > @@ -75,6 +80,37 @@ NoSev: > SevExit: > OneTimeCallRet CheckSevFeature > > +; Check if Secure Encrypted Virtualization - Encrypted State (SEV-ES) feature > +; is enabled. > +; > +; Modified: EAX, EBX, ECX > +; > +; If SEV-ES is enabled then EAX will be non-zero. > +; If SEV-ES is disabled then EAX will be zero. > +; > +CheckSevEsFeature: > + xor eax, eax > + > + ; SEV-ES can't be enabled if SEV isn't, so first check the encryption > + ; mask. > + test edx, edx > + jz NoSevEs > + > + ; Save current value of encryption mask > + mov ebx, edx > + > + ; Check if SEV-ES is enabled > + ; MSR_0xC0010131 - Bit 1 (SEV-ES enabled) > + mov ecx, 0xc0010131 > + rdmsr > + and eax, 2 > + > + ; Restore encryption mask > + mov edx, ebx > + > +NoSevEs: > + OneTimeCallRet CheckSevEsFeature > + > ; > ; Modified: EAX, EBX, ECX, EDX > ; > @@ -139,6 +175,46 @@ pageTableEntriesLoop: > mov [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx > loop pageTableEntriesLoop > > + OneTimeCall CheckSevEsFeature > + test eax, eax > + jz SetCr3 > + > + ; > + ; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted. > + ; This requires the 2MB page for this range be broken down into 512 4KB > + ; pages. All will be marked encrypted, except for the GHCB. > + ; > + mov ecx, (GHCB_BASE >> 21) > + mov eax, GHCB_PT_ADDR + PAGE_PDP_ATTR > + mov [ecx * 8 + PT_ADDR (0x2000)], eax > + > + ; > + ; Page Table Entries (512 * 4KB entries => 2MB) > + ; > + mov ecx, 512 > +pageTableEntries4kLoop: > + mov eax, ecx > + dec eax > + shl eax, 12 > + add eax, GHCB_BASE & 0xFFE0_0000 > + add eax, PAGE_4K_PDE_ATTR > + mov [ecx * 8 + GHCB_PT_ADDR - 8], eax > + mov [(ecx * 8 + GHCB_PT_ADDR - 8) + 4], edx > + loop pageTableEntries4kLoop > + > + ; > + ; Clear the encryption bit from the GHCB entry > + ; > + mov ecx, (GHCB_BASE & 0x1F_FFFF) >> 12 > + mov [ecx * 8 + GHCB_PT_ADDR + 4], strict dword 0 > + > + mov ecx, GHCB_SIZE / 4 > + xor eax, eax > +clearGhcbMemoryLoop: > + mov dword[ecx * 4 + GHCB_BASE - 4], eax > + loop clearGhcbMemoryLoop > + > +SetCr3: > ; > ; Set CR3 now that the paging structures are available > ; > diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb > index 75cfe16654b1..bfb77e439105 100644 > --- a/OvmfPkg/ResetVector/ResetVector.nasmb > +++ b/OvmfPkg/ResetVector/ResetVector.nasmb > @@ -53,8 +53,25 @@ > %error "This implementation inherently depends on PcdOvmfSecPageTablesSize" > %endif > > + %if (FixedPcdGet32 (PcdOvmfSecGhcbPageTableSize) != 0x1000) > + %error "This implementation inherently depends on PcdOvmfSecGhcbPageTableSize" > + %endif > + > + %if (FixedPcdGet32 (PcdOvmfSecGhcbSize) != 0x2000) > + %error "This implementation inherently depends on PcdOvmfSecGhcbSize" > + %endif > + > + %if ((FixedPcdGet32 (PcdOvmfSecGhcbBase) >> 21) != \ > + ((FixedPcdGet32 (PcdOvmfSecGhcbBase) + FixedPcdGet32 (PcdOvmfSecGhcbSize) - 1) >> 21)) > + %error "This implementation inherently depends on PcdOvmfSecGhcbBase not straddling a 2MB boundary" > + %endif > + > %define PT_ADDR(Offset) (FixedPcdGet32 (PcdOvmfSecPageTablesBase) + (Offset)) > %include "Ia32/Flat32ToFlat64.asm" > + > + %define GHCB_PT_ADDR (FixedPcdGet32 (PcdOvmfSecGhcbPageTableBase)) > + %define GHCB_BASE (FixedPcdGet32 (PcdOvmfSecGhcbBase)) > + %define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize)) > %include "Ia32/PageTables64.asm" > %endif > >