From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <bounce+27952+115838+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
by spool.mail.gandi.net (Postfix) with ESMTPS id 4BADEAC1831
for <rebecca@openfw.io>; Thu, 22 Feb 2024 17:30:40 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=fK0iQO2bAmzpc1TI7nI4xyUw1wNgCwGYxY/9uA8mF9c=;
c=relaxed/simple; d=groups.io;
h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type;
s=20140610; t=1708623039; v=1;
b=Se+Dz9dwWk1Ssb2UcBj9KwICca0n1/qGk2exN+twoDy+M+OtbB/2aaOWE61ySrwZY7mgBMEz
NO6o6DqbAyPuUPZAdWsRB76aM6LKOGle7vKCt3Jn40FU9ZrhpVFZ3pGCK/ERuja/Cal40JukkIM
hei99Grp+7BkO70HQhDElaeM=
X-Received: by 127.0.0.2 with SMTP id 5OysYY7687511x9PQDrSKZvb; Thu, 22 Feb 2024 09:30:39 -0800
X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.62])
by mx.groups.io with SMTP id smtpd.web11.18779.1708623038238762350
for <devel@edk2.groups.io>;
Thu, 22 Feb 2024 09:30:38 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=X95lFNxw12NR2FXWWqSrAMiZb469Ch9CJu5ZUMoERKyhUZTIFOeT27D+AF2z5IRfctTIDm5eOaU9l+g2J7T9pN1WHVtuarAAUycGg7KpHy3R/8MD4bti1ugSfSKKs4nQET08UlY934LoWIw+ew7/lbGngEUmD5qb1xWs38sJNow/5T2YRWwGrptx8P0YQPqoev3OTdS3mWPV4tEKdg+8t1i1Eoc3Ch88S0AiWKf1OgG88S1M4fkFBzuGVYE7nrMXNyk8zbqGq/1PVR/UgrgBux8Pp8pcSZh+YQ/KZBEz9YuX/Gp1W/AqMRSyhgsufWOJArFIIfBawFBSodHIF0Ov8Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=wkBFBow8wK92ozumzzfSIdYgwjubrrd4SMKe5ZSoUCw=;
b=WqYWhpBUMl95ClaJLZkiH5rtqQKtYxiuUCzMHHuIfHCdUavpIXOkBxHogdDUn0upx6TQSUkuzbEPef8t4mc9ICuJzWXp8LIvW/RRENEJh4cgn86k6n5sZsh0N0fog6Xbdewdv5oOR4+5OebubeKTUMJaiRhpsS/gB+cgCrcsH3G/Qw82Vkg2WfHamPSP61krKG4O23FHMPm6/8Zf2Ty5zET/+1B7axkTdEm4/eJjovYyvQQwDN1l/I34GbAsm635POrCCEXPsYjR7U6+lrhHEJKXjluRe6N2If9tEZ+1l740d0CSHZC8pOmeNVNxV/26MB2M2pUVegBl6Jpucz3AWQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com;
dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
header.from=amd.com; dkim=none (message not signed); arc=none (0)
X-Received: from BN0PR04CA0082.namprd04.prod.outlook.com (2603:10b6:408:ea::27)
by DM4PR12MB5722.namprd12.prod.outlook.com (2603:10b6:8:5d::11) with
Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.21; Thu, 22 Feb
2024 17:30:34 +0000
X-Received: from BN2PEPF000044A5.namprd04.prod.outlook.com
(2603:10b6:408:ea:cafe::86) by BN0PR04CA0082.outlook.office365.com
(2603:10b6:408:ea::27) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.43 via Frontend
Transport; Thu, 22 Feb 2024 17:30:34 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
smtp.mailfrom=amd.com; dkim=none (message not signed)
header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
165.204.84.17 as permitted sender) receiver=protection.outlook.com;
client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
X-Received: from SATLEXMB04.amd.com (165.204.84.17) by
BN2PEPF000044A5.mail.protection.outlook.com (10.167.243.104) with Microsoft
SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.20.7292.25 via Frontend Transport; Thu, 22 Feb 2024 17:30:34 +0000
X-Received: from tlendack-t1.amdoffice.net (10.180.168.240) by
SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2507.35; Thu, 22 Feb 2024 11:30:33 -0600
From: "Lendacky, Thomas via groups.io" <thomas.lendacky=amd.com@groups.io>
To: <devel@edk2.groups.io>
CC: Ard Biesheuvel <ardb+tianocore@kernel.org>, Erdem Aktas
<erdemaktas@google.com>, Gerd Hoffmann <kraxel@redhat.com>, Jiewen Yao
<jiewen.yao@intel.com>, Laszlo Ersek <lersek@redhat.com>, Liming Gao
<gaoliming@byosoft.com.cn>, Michael D Kinney <michael.d.kinney@intel.com>,
Min Xu <min.m.xu@intel.com>, Zhiguang Liu <zhiguang.liu@intel.com>, "Rahul
Kumar" <rahul1.kumar@intel.com>, Ray Ni <ray.ni@intel.com>, Michael Roth
<michael.roth@amd.com>
Subject: [edk2-devel] [PATCH v2 03/23] OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
Date: Thu, 22 Feb 2024 11:29:42 -0600
Message-ID: <31b79c15d800767f6b175b80106eb710729c016e.1708623001.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1708623001.git.thomas.lendacky@amd.com>
References: <cover.1708623001.git.thomas.lendacky@amd.com>
MIME-Version: 1.0
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com
(10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: BN2PEPF000044A5:EE_|DM4PR12MB5722:EE_
X-MS-Office365-Filtering-Correlation-Id: ef1c73ef-f063-4828-6762-08dc33cbfa22
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Message-Info:
nAquTLwbaokMVz+R0O15d38SKVmibgycdo8tlt8OmOiuX2faw6FSg2pM9w7rc1urnD5vs77VNipBkh7oAs13n3VtePeOjaxpo580a6MLDAQhWE/S1KwgYUGYxqixD+uF4k+lIevIXFe/3IsaSImswt3MVUgiiB1TbT5pnGmYuiWJuLceu1RFGIOBuJy4HbgdwIO7mHhztDezOPx7Ssvd76ESboabNABfhlJFJgL9c0Mjxib8kYt/21/EYsTkiHIzQENV/YwtSWvOdr0rDXhVgOq9T+LiONA5z2kTs/ULdRLNLo73HZscuH4cTwEh5G7TbXPoSOwjLrmt7Ektr1oWavRh/K+2d6cT592QP7dehbXEUuXrRChX+lLIJi11jCsXj8Y1cgDM6gjm4L9leVZn8/hjkmMPZ6JEPLgjaW25u3ABqy6UZxE2ZesgPyWxejtRexFyXVh+mReV8fYCP6k5+vj0tr1HuiJRPAh9MWhzfkoCEEVhUqsviqvogCjM6W4oGYjPCD+/gnk2WugIRcA4CVJYiAeRBPyM2bbkEBJu6JPCUNEUEtCJ964cVcFncwqwboH5vgilBzHJ5E5hTxET75lA+ThfQwV8es2ZQ1QCWPhUkPwrpqOG81lcnwyCOlriZ73eV9jgv2UdW/E1wz65kQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Feb 2024 17:30:34.6454
(UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ef1c73ef-f063-4828-6762-08dc33cbfa22
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource:
BN2PEPF000044A5.namprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5722
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: NjLcWawDrdowKFeTGqkM5yUxx7686176AA=
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
dkim=pass header.d=groups.io header.s=20140610 header.b=Se+Dz9dw;
arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}");
dmarc=pass (policy=none) header.from=groups.io;
spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654
If the hypervisor supports retrieval of the vCPU APIC IDs, retrieve
them before any APs are actually started. The APIC IDs can be used
to start the APs for any SEV-SNP guest, but is a requirement for an
SEV-SNP guest that is running under an SVSM.
After retrieving the APIC IDs, save the address of the APIC ID data
structure in a GUIDed HOB.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
OvmfPkg/PlatformPei/AmdSev.c | 91 +++++++++++++++++++-
2 files changed, 91 insertions(+), 1 deletion(-)
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index ad52be306560..7de3b4341c2c 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -45,6 +45,7 @@ [Guids]
gEfiMemoryTypeInformationGuid
gFdtHobGuid
gUefiOvmfPkgPlatformInfoGuid
+ gEfiApicIdsGuid
=20
[LibraryClasses]
BaseLib
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e6b602d79a05..472cf13f0faa 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -1,7 +1,7 @@
/**@file
Initialize Secure Encrypted Virtualization (SEV) support
=20
- Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<=
BR>
+ Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<=
BR>
=20
SPDX-License-Identifier: BSD-2-Clause-Patent
=20
@@ -31,6 +31,87 @@ GetHypervisorFeature (
VOID
);
=20
+/**
+ Retrieve APIC IDs from the hypervisor.
+
+**/
+STATIC
+VOID
+AmdSevSnpGetApicIds (
+ VOID
+ )
+{
+ MSR_SEV_ES_GHCB_REGISTER Msr;
+ GHCB *Ghcb;
+ BOOLEAN InterruptState;
+ UINT64 VmgExitStatus;
+ UINT64 PageCount;
+ BOOLEAN PageCountValid;
+ VOID *ApicIds;
+ RETURN_STATUS Status;
+ UINT64 GuidData;
+
+ Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+ Ghcb =3D Msr.Ghcb;
+
+ PageCount =3D 0;
+ PageCountValid =3D FALSE;
+
+ CcExitVmgInit (Ghcb, &InterruptState);
+ Ghcb->SaveArea.Rax =3D PageCount;
+ CcExitVmgSetOffsetValid (Ghcb, GhcbRax);
+ VmgExitStatus =3D CcExitVmgExit (Ghcb, SVM_EXIT_GET_APIC_IDS, 0, 0);
+ if (CcExitVmgIsOffsetValid (Ghcb, GhcbRax)) {
+ PageCount =3D Ghcb->SaveArea.Rax;
+ PageCountValid =3D TRUE;
+ }
+
+ CcExitVmgDone (Ghcb, InterruptState);
+
+ ASSERT (VmgExitStatus =3D=3D 0);
+ ASSERT (PageCountValid);
+ if ((VmgExitStatus !=3D 0) || !PageCountValid) {
+ return;
+ }
+
+ //
+ // Allocate the memory for the APIC IDs
+ //
+ ApicIds =3D AllocateReservedPages ((UINTN)PageCount);
+ ASSERT (ApicIds !=3D NULL);
+
+ Status =3D MemEncryptSevClearPageEncMask (
+ 0,
+ (UINTN)ApicIds,
+ (UINTN)PageCount
+ );
+ ASSERT_RETURN_ERROR (Status);
+
+ ZeroMem (ApicIds, EFI_PAGES_TO_SIZE ((UINTN)PageCount));
+
+ PageCountValid =3D FALSE;
+
+ CcExitVmgInit (Ghcb, &InterruptState);
+ Ghcb->SaveArea.Rax =3D PageCount;
+ CcExitVmgSetOffsetValid (Ghcb, GhcbRax);
+ VmgExitStatus =3D CcExitVmgExit (Ghcb, SVM_EXIT_GET_APIC_IDS, (UINTN)Api=
cIds, 0);
+ if (CcExitVmgIsOffsetValid (Ghcb, GhcbRax) && (Ghcb->SaveArea.Rax =3D=3D=
PageCount)) {
+ PageCountValid =3D TRUE;
+ }
+
+ CcExitVmgDone (Ghcb, InterruptState);
+
+ ASSERT (VmgExitStatus =3D=3D 0);
+ ASSERT (PageCountValid);
+ if ((VmgExitStatus !=3D 0) || !PageCountValid) {
+ FreePages (ApicIds, (UINTN)PageCount);
+ return;
+ }
+
+ GuidData =3D (UINT64)(UINTN)ApicIds;
+ BuildGuidDataHob (&gEfiApicIdsGuid, &GuidData, sizeof (GuidData));
+}
+
/**
Initialize SEV-SNP support if running as an SEV-SNP guest.
=20
@@ -78,6 +159,14 @@ AmdSevSnpInitialize (
}
}
}
+
+ //
+ // Retrieve the APIC IDs if the hypervisor supports it. These will be us=
ed
+ // to always start APs using SNP AP Create.
+ //
+ if ((HvFeatures & GHCB_HV_FEATURES_APIC_ID_LIST) =3D=3D GHCB_HV_FEATURES=
_APIC_ID_LIST) {
+ AmdSevSnpGetApicIds ();
+ }
}
=20
/**
--=20
2.42.0
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#115838): https://edk2.groups.io/g/devel/message/115838
Mute This Topic: https://groups.io/mt/104512934/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-