From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (NAM04-DM6-obe.outbound.protection.outlook.com [40.107.102.50]) by mx.groups.io with SMTP id smtpd.web12.10316.1619716366598364516 for ; Thu, 29 Apr 2021 10:12:46 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=CElDtUuN; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.102.50, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fr6ExNdaLlEx0yFxQ/yxFT/ihY9afuEeNaRz6kganAkMRw+/bCSG+kS+R6Bx6eCnmFuhkvdcBlxRBIEcI95Vkc/gkeIxz8CnuX66eUvxDxl7p9qHHj3Rl94YJgHaS6QUz4IPwOXMPg7wNEmBZinwUgLoZZ3utBzZZmU6ajckHUt/RC7Dc4iJJi6UBMbCXVLwbAYfntjRQi+AoU/IctXmKHysA8SqVvOMt7uO+9gvon+pA/gn8y+vgak5ZW7h41AEKPk7vi8B4j6hGYb1kwA8bfTpTLm8y/8eHSdzIgSEGi6wmX0FhaWqFAd1qrFHjUSKLTgKE4fwOR/XI64/jXdGpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HXZwAjBoY/j+7OTid5+AbQYwcQW+xuvbYKi4O2dFE2s=; b=ZO/hqE8gyXUYDC80soe00uzdFrHRqQ/tDglKLgmnhV0J7hiIwqrz6gVQfycCbYDLM5iJFr258VhNebOZjDg1FuhB7xoe5XW6ZGLtHJ6ZCGGBM/Su31FycS4yyQpIRKgrIijTGYigIp9Ei6dxQ5AGElmzu/pusdzzsNe1FVnSyUPbiytsdtNTO062SU5HMKHptEqwTKMSKG0b4ew3fj/Hi5mKQAPEuKwltN8GU8evEDr17QeXFg95TSjlGHZPR3rKZgn3wai1z6rEDQDjbidbQSQl3kdAqZrilWWj96pRaSISymoX7Ar8B3gb+YPE4+5IxY66Ogbl9uulNnR3Po6xGA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HXZwAjBoY/j+7OTid5+AbQYwcQW+xuvbYKi4O2dFE2s=; b=CElDtUuN1AVHZYHOYVxHPNk844IsDWUTd5f7mxJyoP80/8MeqiaoPdvHZf8snxXzV7BhCeGOywQoUDDkWC8pX52okjQnGYzCx1j49/+k1jTZSaYTfbrZ+HIKDRh5xlVPylzb+DjEyPpbyU8pwC8nKpPD181bKc+y5W6ST70p8ts= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4218.namprd12.prod.outlook.com (2603:10b6:5:21b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.21; Thu, 29 Apr 2021 17:12:45 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4065.026; Thu, 29 Apr 2021 17:12:45 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Joerg Roedel , Borislav Petkov , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu Subject: [PATCH v3 2/5] OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes Date: Thu, 29 Apr 2021 12:12:11 -0500 Message-ID: <2fdde57707b52ae39c49341c9d97053aaff56e4a.1619716333.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.31.0 In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0011.namprd05.prod.outlook.com (2603:10b6:805:de::24) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by SN6PR05CA0011.namprd05.prod.outlook.com (2603:10b6:805:de::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.8 via Frontend Transport; Thu, 29 Apr 2021 17:12:44 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c992b276-a886-42df-b514-08d90b320161 X-MS-TrafficTypeDiagnostic: DM6PR12MB4218: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: +jOLVKuso6YXfSZwQ2QAkEr+9Vmj9hTn9Ry5sDTgRr8Ok+c3Ml5OTvFy2QK0eXibyKup1GxkZ0wsy4kpNAoqsn6HS4WKAqzrpN7JRwztBSqJ/7r+k/xQdWqOLKHHhh1+LMF+/jZe7taTjLiUZdKghraOJx8C6Wz6RNuhDLUgups9CT8uiuwtKdwDAV3wR3oyppF/AOm5m+l7z06NJRrvu/D5ObwMxMJT9QZQgWsyHPnTin38x33fxC4mzYRbE0LZB/VhbMXqc+OBvLDtrWjHhPhV/62srK3cvuuh3/lSr+PSE4m9nnaI1ti4gCsXg6tc2HGi2ddSnsaEHvOtUUGafNh0etxxA+Gk/N4NsvNQs53QDtjgu9bhrYujnu/YBXeFofgsInZuLrJ085biCtK0hkkIZAogyLvOkahXCf70ZQAebUt7a+z4Pbus8e7XPhDhragKj95cd3jfkddsKRbrESg7Sl7XYhdNTN2ol948aAkxdt52EoeC/pYL6SHlhNfLUkoWDnaxc+I40SEc0YT3/XO+dea2JNGNevXJyXTIyvqZV7PT48f3ug9+nQP07Q8a0dyTyMjW+9Y1ZilnLY64WQanlc8Xunz2AQ/k1ksfRFq9Xafr3hi9gV+7FiR8ryAq/PjbI+PLOy1ifAMPUzZyhwoecZOhIrNyJPcRk2iNjHVMXQ9qXY0O/BN4xcz2x/kbkVKGTaLPukDxVuvnmF7J+VR0ktfIdyQkMyvHTc7nPzI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(136003)(376002)(366004)(346002)(39860400002)(5660300002)(52116002)(66556008)(478600001)(66476007)(16526019)(54906003)(66946007)(83380400001)(956004)(2906002)(8676002)(8936002)(186003)(6916009)(2616005)(38100700002)(6666004)(966005)(26005)(86362001)(7416002)(7696005)(4326008)(38350700002)(6486002)(36756003)(316002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?6PrRw8tNhzSpFn15FlainQ5EQgI/0p6euHkaFV7vkR1TTFXiciOsLXL0ynBM?= =?us-ascii?Q?7AYEMJSVQXeDkfGLgpzd5YcN7vXfR+1RQiAYUkPUlGNqNJ32Fb+tHlGoDGEa?= =?us-ascii?Q?Fyvd1Bk5g+kZk/F71hkeHhp1qaCoXSjP8KaF1U0qixKyDQlptO7ozHmIF7bX?= =?us-ascii?Q?oKGqDrVwyWIUOIta8IksgMfS3lngwHQjmwj0Zim4ABh0bELLjCQf3ia0ypO3?= =?us-ascii?Q?A8q6oyo6N5rzO24JqBurqJYXvBS5hFLmwUsscb7Gv+Gl1vywPUOk6bDNtFEt?= =?us-ascii?Q?cvBnEEj/pUBqXTHhPC4N0I93qBnOqdPIrpZj9GPDA5B2ygwOQaktwIJ9B812?= =?us-ascii?Q?mZAslgabEcmJud1bcvaNpvi6rDBUU5MGS1Rh+y4AEXz0772TS5ChcXeZ80nw?= =?us-ascii?Q?nlAmdfu1j9L+3knO97d6KrrZm3veLOl2TSgMd+XjrcxxW96m+agi81qGz4z9?= =?us-ascii?Q?IaQKMDl62kfNjNrUTt34l60Du21XQoTyUb4BgX37LNwGjU5QnzosJHmO5jNC?= =?us-ascii?Q?4qsPK6iBNHuE4KhgV8f7lwKreSpA/7eTPexRBoQCxPkTp9XH7WTrRU4amPei?= =?us-ascii?Q?J9wkjWHNgRDnhlr6E3KkQyMXG0kfba/ZdRO3X/1b+AVajBC44nuZoO+lk+1W?= =?us-ascii?Q?9BgodJcDt+GDnw8iIMGGIzR1+nTZLFi95LYTk87J2Wd71rH6FcwTZ4mEl6k/?= =?us-ascii?Q?uhz8J4HFLP3BQL3J5oao76JFQBcTGzSDnwEOpmPKPg2YlpKgBFwEgyZtnkcO?= =?us-ascii?Q?P5DGRGrq/nwFoiDaqi/fq4i1CBnlImuBP/SwryGkbeRzV26cxeoThKjGLPk3?= =?us-ascii?Q?1ri2h1g3bm7MEQyUTUA8Drk8uDsg+s+UCNuVWKu+7Mu2Ca0v+1xFEpnrRtp8?= =?us-ascii?Q?W70ZdrnFUskQmVSavZwSLQ5BZyGgsKxECue13MY9FPOVnQZut0s71Aa5KXDZ?= =?us-ascii?Q?JGHZy3RozsOP1lZWlD85/hsvSwxxUvkBedmYz36Woxm6XVvz0kFr67Zyb4Ld?= =?us-ascii?Q?oJ1mkVAbylO/YfZATMGx7x/5+uok1xW5Ynq/GGXuJaprujgcEG+gpIfCg9fj?= =?us-ascii?Q?qrOPSBXrxfhOqozXz2aLCFxcLKe5PATS96LZrY7UnsrE5cmajMtTJ/sDEChc?= =?us-ascii?Q?KtRMX1WfThJ2I/NHSyYC2F7XGbyPcuJF0VmPsU7Q7tkrr/eE6OHvCEXp1tZG?= =?us-ascii?Q?SGwtcTFd/iSIF2b56j0/mDJSZsfDKgyHIN+8zB/e0zrBRvwKxae3iCUNe9Dy?= =?us-ascii?Q?fY9zWqmvM+YQafKPQ4AtNM2x3aEv4jgNqb7cndFt210Jz/KGIWFYxbtJanHK?= =?us-ascii?Q?+kvnCKl+R4iLWzrecq/4vnsk?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c992b276-a886-42df-b514-08d90b320161 X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2021 17:12:45.1045 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 5rTGPIJOCRr3x7d87+UGhnvVdrzfcS9+5cKOPRwEprNWm25TudoY8vH4P+ftmAo1aldWIMWbyLEjKH0Z2Byvzg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4218 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3345 Enabling TPM support results in guest termination of an SEV-ES guest because it uses MMIO opcodes that are not currently supported. Add support for the new MMIO opcodes (0xA0 - 0xA3), MOV instructions which use a memory offset directly encoded in the instruction. Also, add a DEBUG statement to identify an unsupported MMIO opcode being used. Fixes: c45f678a1ea2080344e125dc55b14e4b9f98483d Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Signed-off-by: Tom Lendacky --- OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 111 ++++++++++++++++++++ 1 file changed, 111 insertions(+) diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Librar= y/VmgExitLib/VmgExitVcHandler.c index b716541ad170..41b0c8cc5312 100644 --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c @@ -680,6 +680,7 @@ MmioExit ( UINTN Bytes; UINT64 *Register; UINT8 OpCode, SignByte; + UINTN Address; =20 Bytes =3D 0; =20 @@ -729,6 +730,57 @@ MmioExit ( } break; =20 + // + // MMIO write (MOV moffsetX, aX) + // + case 0xA2: + Bytes =3D 1; + // + // fall through + // + case 0xA3: + Bytes =3D ((Bytes !=3D 0) ? Bytes : + (InstructionData->DataSize =3D=3D Size16Bits) ? 2 : + (InstructionData->DataSize =3D=3D Size32Bits) ? 4 : + (InstructionData->DataSize =3D=3D Size64Bits) ? 8 : + 0); + + InstructionData->ImmediateSize =3D (UINTN) (1 << InstructionData->Addr= Size); + InstructionData->End +=3D InstructionData->ImmediateSize; + + // + // This code is X64 only, so a possible 8-byte copy to a UINTN is ok. + // Use a STATIC_ASSERT to be certain the code is being built as X64. + // + STATIC_ASSERT ( + sizeof (UINTN) =3D=3D sizeof (UINT64), + "sizeof (UINTN) !=3D sizeof (UINT64), this file must be built as X64= " + ); + + Address =3D 0; + CopyMem ( + &Address, + InstructionData->Immediate, + InstructionData->ImmediateSize + ); + + Status =3D ValidateMmioMemory (Ghcb, Address, Bytes); + if (Status !=3D 0) { + return Status; + } + + ExitInfo1 =3D Address; + ExitInfo2 =3D Bytes; + CopyMem (Ghcb->SharedBuffer, &Regs->Rax, Bytes); + + Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer; + VmgSetOffsetValid (Ghcb, GhcbSwScratch); + Status =3D VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, ExitInfo1, ExitInfo2); + if (Status !=3D 0) { + return Status; + } + break; + // // MMIO write (MOV reg/memX, immX) // @@ -811,6 +863,64 @@ MmioExit ( CopyMem (Register, Ghcb->SharedBuffer, Bytes); break; =20 + // + // MMIO read (MOV aX, moffsetX) + // + case 0xA0: + Bytes =3D 1; + // + // fall through + // + case 0xA1: + Bytes =3D ((Bytes !=3D 0) ? Bytes : + (InstructionData->DataSize =3D=3D Size16Bits) ? 2 : + (InstructionData->DataSize =3D=3D Size32Bits) ? 4 : + (InstructionData->DataSize =3D=3D Size64Bits) ? 8 : + 0); + + InstructionData->ImmediateSize =3D (UINTN) (1 << InstructionData->Addr= Size); + InstructionData->End +=3D InstructionData->ImmediateSize; + + // + // This code is X64 only, so a possible 8-byte copy to a UINTN is ok. + // Use a STATIC_ASSERT to be certain the code is being built as X64. + // + STATIC_ASSERT ( + sizeof (UINTN) =3D=3D sizeof (UINT64), + "sizeof (UINTN) !=3D sizeof (UINT64), this file must be built as X64= " + ); + + Address =3D 0; + CopyMem ( + &Address, + InstructionData->Immediate, + InstructionData->ImmediateSize + ); + + Status =3D ValidateMmioMemory (Ghcb, Address, Bytes); + if (Status !=3D 0) { + return Status; + } + + ExitInfo1 =3D Address; + ExitInfo2 =3D Bytes; + + Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer; + VmgSetOffsetValid (Ghcb, GhcbSwScratch); + Status =3D VmgExit (Ghcb, SVM_EXIT_MMIO_READ, ExitInfo1, ExitInfo2); + if (Status !=3D 0) { + return Status; + } + + if (Bytes =3D=3D 4) { + // + // Zero-extend for 32-bit operation + // + Regs->Rax =3D 0; + } + CopyMem (&Regs->Rax, Ghcb->SharedBuffer, Bytes); + break; + // // MMIO read w/ zero-extension ((MOVZX regX, reg/memX) // @@ -888,6 +998,7 @@ MmioExit ( break; =20 default: + DEBUG ((DEBUG_ERROR, "Invalid MMIO opcode (%x)\n", OpCode)); Status =3D GP_EXCEPTION; ASSERT (FALSE); } --=20 2.31.0