From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.58]) by mx.groups.io with SMTP id smtpd.web11.716.1588281128511718993 for ; Thu, 30 Apr 2020 14:12:08 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=oGf3UzF2; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.93.58, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EMOxM1tQ6ccrTLBxX0B/Q/i54jHK2fPvLOLWFbiovO276HsoLg/xld73CKGgnw31XbOZc4BCh354WEcxtagchxnB7F3InB5dojPlIFtarowh2PaNtcwZd5EpD2kpnKb6bS+AA+DglJThlA6nHEhzIOnc6W6uhK88U1xozUZmqWJxmILUjKQTGivWAzerhIXxH00iBH2KEWIFNUJ+l6iSaWAvdrdGl2NXWovkkME15Ki8tAted44hfh/NMCXJRJ3ZNHUmgrhyUVz0ZojSCAT6qxE1BF14X54QUx79lHEX+f2PWpjPNa/4mwpXZG0VvuuIBYpdzzE1OvlNS6YoPmcfPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KdpBUwz7+lOv0eGqvMRAqJIS+EkquaCtxpW3Wyv2zWo=; b=eZ67WbOlVaV4W73Tsc3zwJzzuv68v7dbWh22uD5ID1zfUBhwJmPbB1XH73fAgEYa7H2XPbZv+iZ4+fDFp1rV+aXndJk1qPU6fzbshIW2y5Y9negWKYrboIY30T+9N+smRxcMwXsFFgBZMKeWL3NFfn6Ci9onumFqscgZwURtVtHVklJuZkoUR7UyJBcL5TRwFw3NUku/ZOYj6pkqzWI2y5jTgNuJuEiBYmmdynM/fRUlQsUfZIMsOwesp1+qaEyPNI0/F6D6+hFhkPFtUJl2edO90ZIIIOkBvCYLqXxCCEc+bBgprmDMusQHvj+teDl6F6Dcv6sOiQwMp4l7lN/5fA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KdpBUwz7+lOv0eGqvMRAqJIS+EkquaCtxpW3Wyv2zWo=; b=oGf3UzF2OTpebRekRp0EMjLXQTWpBTmp/FxgN9G4CyTB8ejEirg21Buvb6Fol2Xe0qUc95LsMk0R7AeG55Hh0oz9FtuEdyQwUket/x+7ALdhcJPwWhXob3Nh82ed65rscIWtTjuzQJVlZPa3HvAKtA7SjdBcu2KNcE+86bl3ISg= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR12MB1820.namprd12.prod.outlook.com (2603:10b6:3:10d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.22; Thu, 30 Apr 2020 21:12:06 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::4ce1:9947:9681:c8b1]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::4ce1:9947:9681:c8b1%10]) with mapi id 15.20.2937.028; Thu, 30 Apr 2020 21:12:06 +0000 Subject: Re: [edk2-devel] [PATCH v7 33/43] OvmfPkg: Reserve a page in memory for the SEV-ES usage To: Laszlo Ersek , devel@edk2.groups.io Cc: Jordan Justen , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , Brijesh Singh References: <458aea8874eaecec248c69a3ef809392226ad4e4.1587577317.git.thomas.lendacky@amd.com> <93f7386f-6e9e-52e1-4a81-d8b599687677@redhat.com> From: "Lendacky, Thomas" Message-ID: <4a86e0f1-48d2-31bb-7e5a-faf41f3c4a3a@amd.com> Date: Thu, 30 Apr 2020 16:12:04 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 In-Reply-To: <93f7386f-6e9e-52e1-4a81-d8b599687677@redhat.com> X-ClientProxiedBy: SN6PR04CA0089.namprd04.prod.outlook.com (2603:10b6:805:f2::30) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SN6PR04CA0089.namprd04.prod.outlook.com (2603:10b6:805:f2::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2958.20 via Frontend Transport; Thu, 30 Apr 2020 21:12:05 +0000 X-Originating-IP: [67.79.209.213] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 59217a29-8551-4996-6f56-08d7ed4b2303 X-MS-TrafficTypeDiagnostic: DM5PR12MB1820:|DM5PR12MB1820: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4502; X-Forefront-PRVS: 0389EDA07F X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(396003)(136003)(39860400002)(366004)(346002)(376002)(52116002)(66946007)(36756003)(8676002)(186003)(86362001)(19627235002)(66476007)(53546011)(16526019)(26005)(5660300002)(54906003)(6506007)(66556008)(6512007)(31696002)(31686004)(45080400002)(478600001)(316002)(2616005)(2906002)(8936002)(956004)(966005)(6486002)(4326008);DIR:OUT;SFP:1101; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FgTETWe72BZFgMKcbSckFR0yySmSsFfzTBXxBcb5HSc1bzRSSGhsURso6lDuqmOE7bFs7t/l9YM1gR7sXPrK6rrz5rT/sdFXU7VeWr9y46OFfXyd4ASYI15etqVHNm2QQgR9X+ZILtX5T86Hxypj5CDXfYOFR6w216R/9gR0ZBNfIcxZLyM2kLIUQ+Yf5KgjfI42ZIVsZL5ZbQUCZK3O3gMLM+T1a05/5/P7140OgT1G0FWi0+Ua/afTjrkp0z/rflhsFxwx4d3qxZcgUeFO9UFzNJ/YodxGEj7786+kmfnZmNjGswLuaQm7RWVsd/0s6q1LkWu7Isv82ZN3PL9pGEOSgxkds3I2dtCxJeuiWrH9bED4ydmI3qCNrfrVvhyU77E6uh/S4aKreE8AHPWsic6nO8HOqw1+mv8vMNo881zv9GHyv80RaeStQ7AhtbnxL150WL2mv924F/rTBL2IAeWZjp0kv6KEdXemlJxqqXZjKk4QHoA9d4ljoiG12EJmuVzWILo4fmQ2xIZBVcNcMg== X-MS-Exchange-AntiSpam-MessageData: uVSSghijg1S/0RvoI8cPqZDnWmQxz6Wp0dMsZ8J4SholAQPCvHCZv8VOUgLhI/3FEUpcJhi71gpZ9i+9fXXkPJTVHMOdUGUv/fuOSro3FRj24VXFhLrUEoJ8YEN8pcwPWqfJP5neSlVqGHz/chF4JDK2tBtXCiZmDrcYh+SUOUInXj/gY0mn1f+u1OiGrRJw/HB+BEBm6bMb5qNvLlHxNqGY+nGYFyHTC6csYXsc0860lmkAiqeKzdOxa3USC1id0oOEbNtXJJJtX5GEsv+DcQA2GaWWboghgX8vIY2a91XgA3UwoE5ZR6AqLk7K3ZxjLOh0XUh3ipe+cP/s/BCGDH1OnC3hu9UMXVFor1kBE5K/jn9W3xFV76Rdzs/Jcv3gg0H2Y2Yk6UDGfYe6iMcAxta0tEmeG85h6VM+3Pn+k4s9GW1De3SZv+1S6eyn6ADiibfymPXMpyQFvJdcJs/egPFXIOd/WwAW1be9fhQPwoiDt5bi+wQHOjoBdNCOgvyWVmSmLLMJMGFh22ywvMF1oFuM8iF2zvhzmd+mPbDCPws0FZJJVR/a3HtFzcmE+m57sprc0xqw/Z768mILeT7j8YNr51/JL2o7kklDXXhhdlrpQSibnyL+TumFQAyHg8O70Jt783jZgDGeFNhYQZe/0HYOfG+fwrXXO0MRcuGKncFaH9UXh4r0I4cOUmHVEhUuDF82/qy1ZecINirnYOHkNb+ZM0/4EE5je5VV54z9FypR8YHXJyjkQ8SZvFJqj5WHa/KtJSfNAu7IktSbRJ4yw5yRaTsxRkAcBU3zF23rtYk= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 59217a29-8551-4996-6f56-08d7ed4b2303 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Apr 2020 21:12:06.4901 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: SHqG5NAnzB3SXGSPDa51xf8W8GChPquWArCn9UslPn+ysQsRSr3kymWHfgMAn8S8wqAzDtmKkVEC49u9nq4iLg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1820 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 4/30/20 1:58 PM, Laszlo Ersek wrote: > Hi Tom, Hi Laszlo, > > On 04/22/20 19:41, Lendacky, Thomas wrote: >> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2198&data=02%7C01%7Cthomas.lendacky%40amd.com%7Cce256f35aa2e4748e8e008d7ed3874ae%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637238699042461059&sdata=tXX8nkBo3fB4OVTs2avevW8pwL6AcqJHvFhvlshKySI%3D&reserved=0 >> >> Reserve a fixed area of memory for SEV-ES use and set a fixed PCD, >> PcdSevEsWorkAreaBase, to this value. >> >> This area will be used by SEV-ES support for two purposes: >> 1. Communicating the SEV-ES status during BSP boot to SEC: >> Using a byte of memory from the page, the BSP reset vector code can >> communicate the SEV-ES status to SEC for use before exception >> handling can be enabled in SEC. After SEC, this field is no longer >> valid and the standard way of determine if SEV-ES is active should >> be used. >> >> 2. Establishing an area of memory for AP boot support: >> A hypervisor is not allowed to update an SEV-ES guest's register >> state, so when booting an SEV-ES guest AP, the hypervisor is not >> allowed to set the RIP to the guest requested value. Instead an >> SEV-ES AP must be re-directed from within the guest to the actual >> requested staring location as specified in the INIT-SIPI-SIPI >> sequence. >> >> Use this memory for reset vector code that can be programmed to have >> the AP jump to the desired RIP location after starting the AP. This >> is required for only the very first AP reset. >> >> Cc: Jordan Justen >> Cc: Laszlo Ersek >> Cc: Ard Biesheuvel >> Reviewed-by: Laszlo Ersek >> Signed-off-by: Tom Lendacky >> --- >> OvmfPkg/OvmfPkgX64.fdf | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf >> index 36414c1f8b49..a0bea86f9875 100644 >> --- a/OvmfPkg/OvmfPkgX64.fdf >> +++ b/OvmfPkg/OvmfPkgX64.fdf >> @@ -82,6 +82,9 @@ [FD.MEMFD] >> 0x009000|0x002000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize >> >> +0x00B000|0x001000 >> +gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize >> + >> 0x010000|0x010000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize >> >> > > in patch #28 ("OvmfPkg: Create a GHCB page for use during Sec phase"), > we carve out two ranges in FD.MEMFD, and introduce a matching set of 4 PCDs. > > Then in patch #29 ("OvmfPkg/PlatformPei: Reserve GHCB-related areas if > S3 is supported"), we reserve those ranges from the OS, as AcpiNVS, if > S3 is supported. The reason we only reserve those ranges if S3 is > enabled because the ranges are only needed in SEC. (See the details in > the commit mesage of patch #29.) > > In this patch (patch #33), we carve out a third region in FD.MEMFD. We > don't seem to ever reserve it. I think that's minimally a problem for > S3; the same argument should apply as to the other two areas. Do you agree? Nice catch! Yes, I missed this one. > > > Furthermore, I wonder if we should reserve this "work area" from the OS, > and even from the DXE phase (!), *regardless* of S3. I can't immediately > tell when it's the last time (with S3 disabled) when this area is used. > > As I understand it, it is only used the first time the APs are booted > up. And that should happen still in the PEI phase, because CpuMpPei > boots up all the APs and counts them. Afterwards (still in the PEI > phase), the APs should be sleeping in ApWakeupFunction(), namely in the > code added by patch #40 ("UefiCpuPkg: Allow AP booting under SEV-ES"). > If the AP is woken again, it is actually only "released" by the > hypervisor, and it goes through the special 64bit->16bit transition, > again implemented in patch#40. > > So ultimately it shouldn't be necessary to reserve this third region (at > PcdSevEsWorkAreaBase), if S3 is disabled, because it is never used past > the very first AP boot (which happens when CpuMpPei counts the APs). > > Do I understand right? Yes, that is correct. So I just need to do the same thing for this area that I did in patch #29. I can probably shift patch #29 after #33 and have one patch for the S3 reservation instead of having two separate patches doing S3 reservation. Thanks, Tom > > Thanks! > Laszlo >