From: "Brijesh Singh" <brijesh.singh@amd.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: brijesh.singh@amd.com, James Bottomley <jejb@linux.ibm.com>,
"Xu, Min M" <min.m.xu@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
"Justen, Jordan L" <jordan.l.justen@intel.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Laszlo Ersek <lersek@redhat.com>
Subject: Re: [RFC PATCH 12/19] OvmfPkg/MemEncryptSevLib: Add support to validate system RAM
Date: Thu, 1 Apr 2021 08:07:23 -0500 [thread overview]
Message-ID: <3ff216eb-9e21-0b16-2e5c-bfc54f132b53@amd.com> (raw)
In-Reply-To: <BY5PR11MB4166022E5DB1F7A424AB5EBE8C7B9@BY5PR11MB4166.namprd11.prod.outlook.com>
Hi Yao,
On 4/1/21 1:37 AM, Yao, Jiewen wrote:
> Hi
> Would you please clarify why the IA32 version implementation is empty?
>
> Does it mean IA32 does not need validate?
> Or IA32 should never call this function?
>
> Anyway, I recommend to add some comment to describe it clearly.
> If it should never be called, I recommend to add ASSERT(FALSE).
AMD SEV, SEV-ES and SEV-SNP support is not available for the IA32
architecture. Nobody should be calling it. I will add an ASSERT().
Thanks
>
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/SnpPageStateChange.c
> @@ -0,0 +1,17 @@
> +#include <Uefi/UefiBaseType.h>
> +
> +#include "../SnpPageStateChange.h"
> +
> +/**
> + The function is used to set the page state when SEV-SNP is active. The page state
> + transition consist of changing the page ownership in the RMP table, and using the
> + PVALIDATE instruction to update the Validated bit in RMP table.
> +
> + */
> +VOID
> +SevSnpValidateSystemRamInternal (
> + IN EFI_PHYSICAL_ADDRESS BaseAddress,
> + IN UINTN NumPages
> + )
> +{
> +}
>
>> -----Original Message-----
>> From: Brijesh Singh <brijesh.singh@amd.com>
>> Sent: Wednesday, March 24, 2021 11:32 PM
>> To: devel@edk2.groups.io
>> Cc: Brijesh Singh <brijesh.singh@amd.com>; James Bottomley
>> <jejb@linux.ibm.com>; Xu, Min M <min.m.xu@intel.com>; Yao, Jiewen
>> <jiewen.yao@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Justen,
>> Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel
>> <ardb+tianocore@kernel.org>; Laszlo Ersek <lersek@redhat.com>
>> Subject: [RFC PATCH 12/19] OvmfPkg/MemEncryptSevLib: Add support to
>> validate system RAM
>>
>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C599bf9c821c94c0241ed08d8f4d8b2a5%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637528558846316719%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4Lq97rE69lPFAsGjYb44e3u2mA9QlrJdayxTP9FG7w8%3D&reserved=0
>>
>> Many of the integrity guarantees of SEV-SNP are enforced through the
>> Reverse Map Table (RMP). Each RMP entry contains the GPA at which a
>> particular page of DRAM should be mapped. The guest can request the
>> hypervisor to add pages in the RMP table via the Page State Change VMGEXIT
>> defined in the GHCB specification section 2.5.1 and 4.1.6. Inside each RMP
>> entry is a Validated flag; this flag is automatically cleared to 0 by the
>> CPU hardware when a new RMP entry is created for a guest. Each VM page
>> can be either validated or invalidated, as indicated by the Validated
>> flag in the RMP entry. Memory access to a private page that is not
>> validated generates a #VC. A VM can use the PVALIDATE instruction to
>> validate the private page before using it.
>>
>> During the guest creation, the boot ROM memory is pre-validated by the
>> AMD-SEV firmware. The MemEncryptSevSnpValidateSystemRam() can be called
>> during the SEC and PEI phase to validate the detected system RAM.
>>
>> One of the fields in the Page State Change NAE is the RMP page size. The
>> page size input parameter indicates that either a 4KB or 2MB page should
>> be used while adding the RMP entry. During the validation, when possible,
>> the MemEncryptSevSnpValidateSystemRam() will use the 2MB entry. A
>> hypervisor backing the memory may choose to use the different page size
>> in the RMP entry. In those cases, the PVALIDATE instruction should return
>> SIZEMISMATCH. If a SIZEMISMATCH is detected, then validate all 512-pages
>> constituting a 2MB region.
>>
>> Upon completion, the PVALIDATE instruction sets the rFLAGS.CF to 0 if
>> instruction changed the RMP entry and to 1 if the instruction did not
>> change the RMP entry. The rFlags.CF will be 1 only when a memory region
>> is already validated. We should not double validate a memory
>> as it could lead to a security compromise. If double validation is
>> detected, terminate the boot.
>>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>> ---
>> OvmfPkg/Include/Library/MemEncryptSevLib.h | 15 ++
>> OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/SnpPageStateChange.c | 17
>> ++
>> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf | 4 +
>> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c |
>> 20 ++
>> OvmfPkg/Library/BaseMemEncryptSevLib/SnpPageStateChange.h | 37
>> +++
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c |
>> 23 ++
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c |
>> 254 ++++++++++++++++++++
>> 7 files changed, 370 insertions(+)
>>
>> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> b/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> index 03d9eda392..47d6802b61 100644
>> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> @@ -215,4 +215,19 @@ MemEncryptSevGetAddressRangeState (
>> IN UINTN Length
>> );
>>
>> +/**
>> + If SEV-SNP is active then set the page state of the specified virtual
>> + address range. This should be called in SEC and PEI phases only.
>> +
>> + @param[in] BaseAddress Base address
>> + @param[in] NumPages Number of pages starting from the base
>> address
>> +
>> +**/
>> +VOID
>> +EFIAPI
>> +MemEncryptSevSnpValidateSystemRam (
>> + IN PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages
>> + );
>> +
>> #endif // _MEM_ENCRYPT_SEV_LIB_H_
>> diff --git
>> a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/SnpPageStateChange.c
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/SnpPageStateChange.c
>> new file mode 100644
>> index 0000000000..dace5c0bcf
>> --- /dev/null
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/SnpPageStateChange.c
>> @@ -0,0 +1,17 @@
>> +#include <Uefi/UefiBaseType.h>
>> +
>> +#include "../SnpPageStateChange.h"
>> +
>> +/**
>> + The function is used to set the page state when SEV-SNP is active. The page
>> state
>> + transition consist of changing the page ownership in the RMP table, and using
>> the
>> + PVALIDATE instruction to update the Validated bit in RMP table.
>> +
>> + */
>> +VOID
>> +SevSnpValidateSystemRamInternal (
>> + IN EFI_PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages
>> + )
>> +{
>> +}
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>> index 279c38bfbc..8595e244c2 100644
>> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>> @@ -31,15 +31,19 @@
>>
>> [Sources]
>> SecMemEncryptSevLibInternal.c
>> + SnpPageStateChange.h
>>
>> [Sources.X64]
>> X64/MemEncryptSevLib.c
>> X64/SecVirtualMemory.c
>> + X64/SecSnpSystemRamValidate.c
>> + X64/SnpPageStateChangeInternal.c
>> X64/VirtualMemory.c
>> X64/VirtualMemory.h
>>
>> [Sources.IA32]
>> Ia32/MemEncryptSevLib.c
>> + Ia32/SnpPageStateChange.c
>>
>> [LibraryClasses]
>> BaseLib
>> diff --git
>> a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
>> index 69852779e2..35a222e75e 100644
>> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
>> +++
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
>> @@ -17,6 +17,8 @@
>> #include <Register/Cpuid.h>
>> #include <Uefi/UefiBaseType.h>
>>
>> +#include "SnpPageStateChange.h"
>> +
>> /**
>> Reads and sets the status of SEV features.
>>
>> @@ -172,3 +174,21 @@
>> MemEncryptSevLocateInitialSmramSaveStateMapPages (
>> {
>> return RETURN_UNSUPPORTED;
>> }
>> +
>> +/**
>> + If SEV-SNP is active then set the page state of the specified virtual
>> + address range. This should be called in SEC and PEI phases only.
>> +
>> + @param[in] BaseAddress Base address
>> + @param[in] NumPages Number of pages starting from the base
>> address
>> +
>> +**/
>> +VOID
>> +EFIAPI
>> +MemEncryptSevSnpValidateSystemRam (
>> + IN PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages
>> + )
>> +{
>> + SevSnpValidateSystemRam (BaseAddress, NumPages);
>> +}
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SnpPageStateChange.h
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/SnpPageStateChange.h
>> new file mode 100644
>> index 0000000000..3040930999
>> --- /dev/null
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SnpPageStateChange.h
>> @@ -0,0 +1,37 @@
>> +/** @file
>> +
>> + SEV-SNP Page Validation functions.
>> +
>> + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.<BR>
>> +
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#ifndef SNP_PAGE_STATE_INTERNAL_H_
>> +#define SNP_PAGE_STATE_INTERNAL_H_
>> +
>> +//
>> +// SEV-SNP Page states
>> +//
>> +typedef enum {
>> + SevSnpPagePrivate,
>> + SevSnpPageShared,
>> +
>> +} SEV_SNP_PAGE_STATE;
>> +
>> +VOID
>> +SevSnpValidateSystemRam (
>> + IN EFI_PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages
>> + );
>> +
>> +VOID
>> +SetPageStateInternal (
>> + IN EFI_PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages,
>> + IN SEV_SNP_PAGE_STATE State,
>> + IN BOOLEAN UseLargeEntry
>> + );
>> +
>> +#endif
>> diff --git
>> a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> new file mode 100644
>> index 0000000000..915706aad0
>> --- /dev/null
>> +++
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> @@ -0,0 +1,23 @@
>> +/** @file
>> +
>> + SEV-SNP Page Validation functions.
>> +
>> + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.<BR>
>> +
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Uefi/UefiBaseType.h>
>> +#include <Library/BaseLib.h>
>> +
>> +#include "../SnpPageStateChange.h"
>> +
>> +VOID
>> +SevSnpValidateSystemRam (
>> + IN EFI_PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages
>> + )
>> +{
>> + SetPageStateInternal (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
>> +}
>> diff --git
>> a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
>> new file mode 100644
>> index 0000000000..5a34db33fe
>> --- /dev/null
>> +++
>> b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
>> @@ -0,0 +1,254 @@
>> +/** @file
>> +
>> + SEV-SNP Page Validation functions.
>> +
>> + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.<BR>
>> +
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Uefi/UefiBaseType.h>
>> +#include <Library/BaseLib.h>
>> +#include <Library/BaseMemoryLib.h>
>> +#include <Library/MemEncryptSevLib.h>
>> +#include <Library/DebugLib.h>
>> +#include <Library/VmgExitLib.h>
>> +
>> +#include <Register/Amd/Ghcb.h>
>> +#include <Register/Amd/Msr.h>
>> +
>> +#include "../SnpPageStateChange.h"
>> +
>> +#define IS_ALIGNED(x, y) ((((x) & (y - 1)) == 0))
>> +#define PAGES_PER_LARGE_ENTRY 512
>> +#define EFI_LARGE_PAGE (EFI_PAGE_SIZE * PAGES_PER_LARGE_ENTRY)
>> +
>> +STATIC
>> +UINTN
>> +MemoryStateToGhcbOp (
>> + IN SEV_SNP_PAGE_STATE State
>> + )
>> +{
>> + UINTN Cmd;
>> +
>> + switch (State) {
>> + case SevSnpPageShared: Cmd = SNP_PAGE_STATE_SHARED; break;
>> + case SevSnpPagePrivate: Cmd = SNP_PAGE_STATE_PRIVATE; break;
>> + default: ASSERT(0);
>> + }
>> +
>> + return Cmd;
>> +}
>> +
>> +STATIC
>> +VOID
>> +SnpPageStateFailureTerminate (
>> + VOID
>> + )
>> +{
>> + MSR_SEV_ES_GHCB_REGISTER Msr;
>> +
>> + //
>> + // Use the GHCB MSR Protocol to request termination by the hypervisor
>> + //
>> + Msr.GhcbPhysicalAddress = 0;
>> + Msr.GhcbTerminate.Function = GHCB_INFO_TERMINATE_REQUEST;
>> + Msr.GhcbTerminate.ReasonCodeSet = GHCB_TERMINATE_GHCB;
>> + Msr.GhcbTerminate.ReasonCode = GHCB_TERMINATE_GHCB_GENERAL;
>> + AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress);
>> +
>> + AsmVmgExit ();
>> +
>> + ASSERT (FALSE);
>> + CpuDeadLoop ();
>> +}
>> +
>> +STATIC
>> +UINTN
>> +IssuePvalidate (
>> + IN UINTN Address,
>> + IN UINTN RmpPageSize,
>> + IN BOOLEAN Validate
>> + )
>> +{
>> + IA32_EFLAGS32 EFlags;
>> + UINTN Ret;
>> +
>> + Ret = AsmPvalidate (RmpPageSize, Validate, Address, &EFlags);
>> +
>> + //
>> + // Check the rFlags.CF to verify that PVALIDATE updated the RMP
>> + // entry. If there was a no change in the RMP entry then we are
>> + // either double validating or invalidating the memory. This can
>> + // lead to a security compromise.
>> + //
>> + if (EFlags.Bits.CF) {
>> + DEBUG ((DEBUG_ERROR, "%a:%a: Double %a detected for address 0x%Lx\n",
>> + gEfiCallerBaseName,
>> + __FUNCTION__,
>> + Validate ? "Validate" : "Invalidate",
>> + Address));
>> + SnpPageStateFailureTerminate ();
>> + }
>> +
>> + return Ret;
>> +}
>> +
>> +/**
>> + This function issues the PVALIDATE instruction to validate or invalidate the
>> memory
>> + range specified. If PVALIDATE returns size mismatch then it tries validating
>> with
>> + smaller page size.
>> +
>> + */
>> +STATIC
>> +VOID
>> +PvalidateRange (
>> + IN SNP_PAGE_STATE_CHANGE_INFO *Info,
>> + IN UINTN StartIndex,
>> + IN UINTN EndIndex,
>> + IN BOOLEAN Validate
>> + )
>> +{
>> + UINTN Address, RmpPageSize, Ret, i;
>> +
>> + for (; StartIndex < EndIndex; StartIndex++) {
>> + Address = Info->Entry[StartIndex].GuestFrameNumber << EFI_PAGE_SHIFT;
>> + RmpPageSize = Info->Entry[StartIndex].PageSize;
>> +
>> + Ret = IssuePvalidate (Address, RmpPageSize, Validate);
>> +
>> + //
>> + // If we fail to validate due to size mismatch then try with the
>> + // smaller page size. This senario will occur if the backing page in
>> + // the RMP entry is 4K and we are validating it as a 2MB.
>> + //
>> + if ((Ret == PVALIDATE_RET_FAIL_SIZEMISMATCH) &&
>> + (RmpPageSize == PVALIDATE_PAGE_SIZE_2M)) {
>> + for (i = 0; i < PAGES_PER_LARGE_ENTRY; i++) {
>> +
>> + Ret = IssuePvalidate (Address, PVALIDATE_PAGE_SIZE_4K, Validate);
>> + if (Ret) {
>> + break;
>> + }
>> +
>> + Address = Address + EFI_PAGE_SIZE;
>> + }
>> + }
>> +
>> + if (Ret) {
>> + DEBUG ((DEBUG_ERROR, "%a:%a: Failed to %a address 0x%Lx Error
>> code %d\n",
>> + gEfiCallerBaseName,
>> + __FUNCTION__,
>> + Validate ? "Validate" : "Invalidate",
>> + Address,
>> + Ret));
>> + SnpPageStateFailureTerminate ();
>> + }
>> + }
>> +}
>> +
>> +/**
>> + The function is used to set the page state when SEV-SNP is active. The page
>> state
>> + transition consist of changing the page ownership in the RMP table, and using
>> the
>> + PVALIDATE instruction to update the Validated bit in RMP table.
>> +
>> + When the UseLargeEntry is set to TRUE, then use the large RMP entry.
>> + */
>> +VOID
>> +SetPageStateInternal (
>> + IN EFI_PHYSICAL_ADDRESS BaseAddress,
>> + IN UINTN NumPages,
>> + IN SEV_SNP_PAGE_STATE State,
>> + IN BOOLEAN UseLargeEntry
>> + )
>> +{
>> + EFI_STATUS Status;
>> + GHCB *Ghcb;
>> + EFI_PHYSICAL_ADDRESS NextAddress, EndAddress;
>> + MSR_SEV_ES_GHCB_REGISTER Msr;
>> + BOOLEAN InterruptState;
>> + SNP_PAGE_STATE_CHANGE_INFO *Info;
>> + UINTN i, RmpPageSize;
>> +
>> + Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB);
>> + Ghcb = Msr.Ghcb;
>> +
>> + EndAddress = BaseAddress + EFI_PAGES_TO_SIZE (NumPages);
>> +
>> + DEBUG ((DEBUG_VERBOSE, "%a:%a Address 0x%Lx - 0x%Lx State = %a
>> LargeEntry = %d\n",
>> + gEfiCallerBaseName,
>> + __FUNCTION__,
>> + BaseAddress,
>> + EndAddress,
>> + State == SevSnpPageShared ? "Shared" : "Private",
>> + UseLargeEntry));
>> +
>> + for (; BaseAddress < EndAddress; BaseAddress = NextAddress) {
>> +
>> + //
>> + // Initialize the GHCB and setup scratch sw to point to shared buffer.
>> + //
>> + VmgInit (Ghcb, &InterruptState);
>> + Info = (SNP_PAGE_STATE_CHANGE_INFO *) Ghcb->SharedBuffer;
>> +
>> + SetMem (Info, sizeof (*Info), 0);
>> +
>> + //
>> + // Build page state change buffer
>> + //
>> + for (i = 0; (EndAddress > BaseAddress) && i < SNP_PAGE_STATE_MAX_ENTRY;
>> + BaseAddress = NextAddress, i++) {
>> + //
>> + // Is this a 2MB aligned page? Check if we can use the Large RMP entry.
>> + //
>> + if (UseLargeEntry &&
>> + IS_ALIGNED (BaseAddress, EFI_LARGE_PAGE) &&
>> + ((EndAddress - BaseAddress) >> EFI_PAGE_SHIFT) >=
>> PAGES_PER_LARGE_ENTRY) {
>> + RmpPageSize = PVALIDATE_PAGE_SIZE_2M;
>> + NextAddress = BaseAddress + EFI_LARGE_PAGE;
>> + } else {
>> + RmpPageSize = PVALIDATE_PAGE_SIZE_4K;
>> + NextAddress = BaseAddress + EFI_PAGE_SIZE;
>> + }
>> +
>> + Info->Entry[i].GuestFrameNumber = BaseAddress >> EFI_PAGE_SHIFT;
>> + Info->Entry[i].PageSize = RmpPageSize;
>> + Info->Entry[i].Op = MemoryStateToGhcbOp (State);
>> + Info->Entry[i].CurrentPage = 0;
>> + }
>> +
>> + Info->Header.CurrentEntry = 0;
>> + Info->Header.EndEntry = i - 1;
>> +
>> + //
>> + // If the request page state change is shared then invalidate the pages before
>> + // adding the page in the RMP table.
>> + //
>> + if (State == SevSnpPageShared) {
>> + PvalidateRange (Info, 0, i, FALSE);
>> + }
>> +
>> + //
>> + // Issue the VMGEXIT and retry if hypervisor failed to process all the entries.
>> + //
>> + Ghcb->SaveArea.SwScratch = (UINT64) Ghcb->SharedBuffer;
>> + VmgSetOffsetValid (Ghcb, GhcbSwScratch);
>> + while (Info->Header.CurrentEntry <= Info->Header.EndEntry) {
>> + Status = VmgExit (Ghcb, SVM_EXIT_SNP_PAGE_STATE_CHANGE, 0, 0);
>> + if (EFI_ERROR (Status)) {
>> + SnpPageStateFailureTerminate ();
>> + }
>> + }
>> +
>> + //
>> + // If the request page state change is shared then invalidate the pages before
>> + // adding the page in the RMP table.
>> + //
>> + if (State == SevSnpPagePrivate) {
>> + PvalidateRange (Info, 0, i, TRUE);
>> + }
>> +
>> + VmgDone (Ghcb, InterruptState);
>> + }
>> +}
>> --
>> 2.17.1
next prev parent reply other threads:[~2021-04-01 13:07 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-24 15:31 [RFC PATCH 00/19] Add AMD Secure Nested Paging (SEV-SNP) support brijesh.singh
2021-03-24 15:31 ` [RFC PATCH 01/19] OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest Brijesh Singh
2021-04-06 8:11 ` Min Xu
2021-04-06 12:16 ` Laszlo Ersek
2021-04-07 0:21 ` Min Xu
2021-04-07 0:44 ` James Bottomley
2021-04-07 15:02 ` Laszlo Ersek
2021-04-07 15:12 ` James Bottomley
2021-04-08 6:24 ` [edk2-devel] " Min Xu
2021-04-08 13:31 ` Lendacky, Thomas
2021-04-09 12:29 ` Laszlo Ersek
2021-04-09 13:32 ` Laszlo Ersek
2021-04-09 13:44 ` Yao, Jiewen
2021-04-09 14:11 ` separate OVMF binary for TDX? [was: OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest] Laszlo Ersek
2021-04-12 8:35 ` Dr. David Alan Gilbert
2021-04-12 11:54 ` [edk2-devel] " Yao, Jiewen
2021-04-12 14:33 ` James Bottomley
2021-04-14 23:34 ` erdemaktas
2021-04-15 7:59 ` Paolo Bonzini
2021-04-15 19:42 ` Erdem Aktas
2021-04-21 0:38 ` Yao, Jiewen
2021-04-21 10:44 ` Laszlo Ersek
2021-04-21 17:07 ` Erdem Aktas
2021-04-22 14:20 ` Laszlo Ersek
2021-04-07 13:22 ` [RFC PATCH 01/19] OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest Laszlo Ersek
2021-04-07 13:24 ` Laszlo Ersek
2021-04-08 0:45 ` Min Xu
2021-04-07 0:31 ` James Bottomley
2021-04-12 14:52 ` Brijesh Singh
2021-04-13 9:49 ` Laszlo Ersek
2021-04-13 11:29 ` Brijesh Singh
2021-04-13 13:13 ` Laszlo Ersek
2021-04-19 21:42 ` Brijesh Singh
2021-04-20 8:14 ` Laszlo Ersek
2021-03-24 15:31 ` [RFC PATCH 02/19] OvmfPkg: validate the data pages used in the SEC phase Brijesh Singh
2021-03-24 15:31 ` [RFC PATCH 03/19] MdePkg: Expand the SEV MSR to include the SNP definition Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 04/19] OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled() Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 05/19] MdePkg: Define the GHCB GPA structure Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 06/19] UefiCpuPkg/MpLib: add support to register GHCB GPA when SEV-SNP is enabled Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 07/19] OvmfPkg: Add a library to support registering GHCB GPA Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 08/19] OvmfPkg: register GHCB gpa for the SEV-SNP guest Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 09/19] MdePkg: Add AsmPvalidate() support Brijesh Singh
2021-03-25 2:49 ` 回复: [edk2-devel] " gaoliming
2021-03-25 10:54 ` Brijesh Singh
2021-03-26 20:02 ` Andrew Fish
2021-03-24 15:32 ` [RFC PATCH 10/19] OvmfPkg: Define the Page State Change VMGEXIT structures Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 11/19] OvmfPkg/ResetVector: Invalidate the GHCB page Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 12/19] OvmfPkg/MemEncryptSevLib: Add support to validate system RAM Brijesh Singh
2021-04-01 6:37 ` Yao, Jiewen
2021-04-01 13:07 ` Brijesh Singh [this message]
2021-03-24 15:32 ` [RFC PATCH 13/19] OvmfPkg/SecMain: Validate the data/code pages used for the PEI phase Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 14/19] OvmfPkg/MemEncryptSevLib: Add support to validate RAM in " Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 15/19] OvmfPkg/PlatformPei: Validate the system RAM when SNP is active Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 16/19] OvmfPkg/MemEncryptSevLib: Add support to validate > 4GB memory in PEI phase Brijesh Singh
2021-04-01 6:43 ` Yao, Jiewen
2021-03-24 15:32 ` [RFC PATCH 17/19] OvmfPkg/VmgExitLib: Allow PMBASE register access in Dxe phase Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 18/19] OvmfPkg/MemEncryptSevLib: Validate the memory during set or clear enc attribute Brijesh Singh
2021-03-24 20:07 ` Brijesh Singh
2021-03-24 15:32 ` [RFC PATCH 19/19] OvmfPkg/MemEncryptSevLib: Skip page state change for non RAM region Brijesh Singh
2021-03-24 19:14 ` [edk2-devel] [RFC PATCH 00/19] Add AMD Secure Nested Paging (SEV-SNP) support Laszlo Ersek
2021-04-08 9:58 ` Laszlo Ersek
2021-04-08 11:59 ` Brijesh Singh
2021-04-09 12:24 ` Laszlo Ersek
2021-04-09 22:43 ` Brijesh Singh
2021-04-12 16:23 ` Laszlo Ersek
2021-04-12 20:14 ` Brijesh Singh
2021-04-13 13:00 ` Laszlo Ersek
2021-04-14 11:18 ` Brijesh Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3ff216eb-9e21-0b16-2e5c-bfc54f132b53@amd.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox