From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (NAM02-SN1-obe.outbound.protection.outlook.com [40.107.96.69]) by mx.groups.io with SMTP id smtpd.web10.19230.1681499125390571078 for ; Fri, 14 Apr 2023 12:05:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=4L7GCkvU; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.96.69, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Jb2pTZPhMJO4E7HmLKdht92TL0D2U75YH9jI5kY8p/OewP6slZGReVVQU5FDdNqfYKLVEd0lMmA4S2f+wDSNgfQEbL2K0w23ktkrhAWmdpdQx1u4V7LayziDOvC1wyDwvdn+9latvg8gRkn7rR0Rish8n8lXQolgfXCHSYMT02Jsg5Pij8GTXbKk3MSuYYYhBOItVWdnujBnjIKHw6uW6x6ezEb+PcGHeYm5ZtJYI/LqNXhGJ/7c4LK7hOsY1UlOPowVkHG0AhSXtgTUA1BjjX524tIpblVFDjN6EhGtJ1jmktlZm8yMuugnjZcGIaYSW77JgTLiJ9vvaVZFJznzGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jQVHywTW53xh1rNisY/m7/9gs/QrK4pcdn967ljDy+k=; b=MsdpfPdJ9qKRAnmLmRneKz2mRKdSTplopZTk67xLPHHkTv671XVUedXCsPwWUTqhZcYlAlg+qx5HgjpcstyekQ9bM7hnQz2SbogIa474BUnLmGI5ExuuDGRy06KB/6XOLT7lNXLAC2V5DK13xMbJgi33asND1stskbRMtyV4N7KfsxTouXhEmBTOHiTiPVhFuT0+MIF4HoK5/klVhtLNE7gtYPsW6Xf0C71rs96qN592bsPNEVwOPEwFXJ3vCU/nHpGTZep3p5+tyjQY4DzOOj8+7kDwOtcmuvcwd1i6Ehzg0e4Nta749BIWQFaDSug1UQE5aHJP3GBXenuFrOa7MA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jQVHywTW53xh1rNisY/m7/9gs/QrK4pcdn967ljDy+k=; b=4L7GCkvU9eXmeyCvDP+ueuIKmVoq1aVE8dW/myYuhRa6bQrjw0zZBzP/918G4vPTbHXpM+Ir5ax+uY07wZvVlZTpPoVpp0tq0LX0dJGC6nIbtlfBmy+/BxYQQa4kMwRVNVuIP5chCkUCjJlGLF8BtiYlZG5Lc40iCkmraOkNlrg= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by DM4PR12MB6061.namprd12.prod.outlook.com (2603:10b6:8:b3::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6298.30; Fri, 14 Apr 2023 19:05:23 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ea32:baf8:cc85:9648]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ea32:baf8:cc85:9648%6]) with mapi id 15.20.6298.030; Fri, 14 Apr 2023 19:05:22 +0000 Message-ID: <4c5afff9-39b6-6f3a-ce05-0aadb8b004b9@amd.com> Date: Fri, 14 Apr 2023 14:05:20 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0 Subject: Re: [edk2-devel] [Patch V2 0/8] Use CpuPageTableLib to create and update smm page table To: devel@edk2.groups.io, ray.ni@intel.com, "Tan, Dun" References: <1755241E6695EAE7.1885@groups.io> <2301e275-1f69-e5c0-997d-d967264aa590@amd.com> From: "Lendacky, Thomas" In-Reply-To: X-ClientProxiedBy: SA0PR11CA0094.namprd11.prod.outlook.com (2603:10b6:806:d1::9) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM4PR12MB5229:EE_|DM4PR12MB6061:EE_ X-MS-Office365-Filtering-Correlation-Id: d0a5d30a-f452-40dd-9e9f-08db3d1b32ba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: bjGh0efZu99uhEb1enWIRLAEPOU5sjM6Fp5zEwAU0ynSljJluDsh5BF+9KnpFfcO5OLSue23KsXSArPgtlslUQG4fQsDC9GzIL6ByypGyE8oFG/XihDxJyNjtnx/BUWAiA/ZsZXQ1vlggaA7GQ9JWDDZoLwqKGijG5xlAiiqQc0c6ysfwqNjJK0f51/+J1gDbQ6yjip6Pu61Bb9cdU96WQJUg+rJvOBMapgDWNK/rKp2Tnglrn+/Sd94d6oqk2Wsf+ViwzQeSThNqmOAOySNdRvxyXt7VhFhsTCydEibwpALuA4PlFGUvowfrF//LeQP0PpDD9p+XDCErLa9foDLDiKerdLmoryqxNc9tgGQsEyVSDCRGWRCmi7xZcXeSEu2tj9IZTpm6sjfrBXuJ+0tE+ScpQ04iURZMtwouj5hkMKO2cdJ8hR2fkf8j793cFc3Vr7wiGpyM/ke7/6mrSCEQFheEgenNc70QWzozXZY0yUYTX4UYlwe9y/GaLYVsR74hVpjVNXwxFEcE64b4fYE/HZABAv3bw88xuInl+mM3l/87v8Gl7U4HaH7M5NLkxjrRwtqwFlkYJDLZB0+ylW0vMi/sl6S2RmHzjuMt2HDsJrhZ3L/UmzZ80k8Y7UEbHuA4NRpXbXoVHxnrmbd6ov6HwEMz3bt3rhSXiQI7DNsWzD+MKOQGX9B4njuG8FgDM71 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(396003)(346002)(136003)(376002)(366004)(39860400002)(451199021)(5660300002)(6486002)(966005)(66556008)(6916009)(2906002)(66476007)(36756003)(66946007)(19627235002)(30864003)(15650500001)(86362001)(38100700002)(41300700001)(8676002)(316002)(8936002)(31696002)(478600001)(53546011)(26005)(6512007)(6506007)(31686004)(2616005)(186003)(66899021)(83380400001)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?NGROWkxKbi9QQk1Bbld1eEhYLzhZRi9XQVFGQlhzbWJYeXYrQlE3SjZZQ0N1?= =?utf-8?B?TTcvN05tOEJ1bzRRMjMrUlNqL1d2WEs5a3NZRGVjK0VwRlFZSTVHVi9paDls?= =?utf-8?B?b2ZDMU9mUUVqYnVuNGdPaW8yRTk2azB4dSsrenh1RDFBM0RGa1cxdjhQMFZO?= =?utf-8?B?V0JxR1BCa2lIMGoxOUdKbGREU2RUZ3o5RTNNY0pIeWZRZTkxa3FuUUZ6ZE4y?= =?utf-8?B?L2xqRFZ3OTg2NXY1WjcwaGZJY2IrTGRlRG9FeGdrNElyRHlrem1TajFZWXVs?= =?utf-8?B?c0xzd1JXSmlVNHkybDdiL0UwN1BrUXkwR1h2Q2RqU1YvVUpsZ25VSktWZkwv?= =?utf-8?B?S25oZ1kzTU1MbVFzdGtMNloybkJvK3cvRWI3Y0RIYVFlZldOeGUyRXBocElC?= =?utf-8?B?M1JnSWpJUkErVXdvaEh0bkpySHBQSmxVOERlWWsveVorUldoZEljUmowRlI0?= =?utf-8?B?U2p0Ums1SFdaRWVSRG9xSmMrQnZxNXVmUlZYNG1INkc1UVgxVytzNUVSbDg5?= =?utf-8?B?RmJQUnk5YnVDaGxZUHNvSVMzVDl3TjBDaVBPTWFwMGN5dDNpbThwUmZ0WS9I?= =?utf-8?B?YkNaWWhVMk9vczZ6NWZHNlZ3ZjB2cU9VaGswR0RTZGZ5UWpsd204c1JoMDM1?= =?utf-8?B?K1RtRHFtU1pLZWovTm9FZ1o2SjJ2NlBKSjhnOHpXT2RiTFlaUElKYTVIS21j?= =?utf-8?B?cmZOei9SK1o5bVUwOWdaVkFpT09XdkdyMHQ0TlBpRDExVlVQeWM5YmhVam5o?= =?utf-8?B?ZXcyQUZndnV2eUM2K1YzSjdvdHhYWDlWUHlnajV6dEVyaFM4SUtTWHlObENQ?= =?utf-8?B?R3djWE92MnZ0YkR1S2Q0QXhtclVQTzlYZTQyZTZnUWZGd2dwbnRkVlZFaHRk?= =?utf-8?B?Ym85SExXSFp6dmFSWGtFK0F2dWVXRk5YVXRaNEFOTHI5eTRlSHVWNDVzYURZ?= =?utf-8?B?Q2xUS0hhVlZGMXVxSGg3QjlzenFxdEFMbmtXSnE2SjNVVkRkOVhQMWpNei9C?= =?utf-8?B?U2tseDdlRWtPSlBpR3RKTjRqazR6NjRQUEs2MjduYnhOTm5zZHVUMjZ6MzBu?= =?utf-8?B?NGV3bDUyZXVHOFRORkkra2NpWUFvalluWUdwNU5sbDAzeVNFeE13YkN3YmlY?= =?utf-8?B?dkhPM04raE5NVzZsa2NnUWpzMkh2T0tobGNWNHVaNjI3ek9wWDR1SFZwSVow?= =?utf-8?B?cE9laUNEWjRSQ2V3aThrcjB3Uyt4STJqVFlkSUhTdm9QaThUYVlSQkJjdGZB?= =?utf-8?B?dW5lYzVXeWlhNUtpcmN5YjVYeTRmeFBuQk5CREdrU1BTMHpISFZ4anRnb0Jl?= =?utf-8?B?blBEL25jelV5MXNYZlVxV1p0WUxJK2doZlpLMnVwRUoxd1pmMkZWNWVBWVdk?= =?utf-8?B?Um13Z3M3MlNiYXpRWmd6UThIWXlLRHl4SUNNdVd6WFdGODgyUDhCTzVYZW9q?= =?utf-8?B?RUpNdm53Rno5N0NOdW00TWtLTHZ4UlU5WTNjWWYxbVE0blV0anNRZy9QNCs3?= =?utf-8?B?SEhuM3dzVEMrd3A1OGRUNGNjV2NkeVk4WUlsUk9vcDhNWldvSVlJckduYU5P?= =?utf-8?B?MHFrbFhhc0N6N2llTGcvN2pod3NhNUg2VjZJUHFaaC90dy9LN01VSnBVUzFL?= =?utf-8?B?U1o5bzd0N1JCcEUzUFFsNjQ0ZHkvWlEyUGM5NVVjY3lUSlF2VzVuNFdsT2hq?= =?utf-8?B?dWt2WEdMQ0F0MlJWNDNTMHg1VUdVWWU1SWhiYmFtdkQvSnNncHVsd21rc01Y?= =?utf-8?B?TWhYUDNHK2lNR1MrazVMUTMvUDVRN2pmVDgrZElRV3MvZTdqb09LeGpldkpH?= =?utf-8?B?bTF3SVc1UHprbnJEc0Z2LzA5TWlBTndqd3NiS3BjOGdnSFdxbTFhQkVSZUlo?= =?utf-8?B?TzRPb3FrZkRJME40aTdJbmZJeTVZT050VkJyUlJCeEUzbm94bmN5MCtlNjZK?= =?utf-8?B?OXVicVZrWGV4WERJdjA4dGQwTkhVV015RWdIRHQ1dUl1azljcWVsMDRIWlN0?= =?utf-8?B?TUVIcC9DVGJOSVFaMjRPd2RsbFNqVWxsTGtQUWJCR2RSeVFWNkpsQ016emdS?= =?utf-8?B?dXBLN3RiU3RVMXRRZkJnUExDVWhIRVlab21BNFhtdVZWaS9Gc1Z2TU50NWhr?= =?utf-8?Q?708cYOG+KOBmfL0IIBuipcfqJ?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d0a5d30a-f452-40dd-9e9f-08db3d1b32ba X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Apr 2023 19:05:22.9152 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: G+50SWQJKm+DtcoO9paIny3lY+Z/uYCn+WZyCkyOZ1AbubBwuw81S8RQX6sA5iBiJY9jYJMMFcJFJnzJs50QGw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6061 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 4/14/23 12:19, Ni, Ray via groups.io wrote: > tom, > if the c bit is not required for non leaf page table entries, why the trunk code sets the c bit for all entities including nonleaf ones? Because it's effectively the correct thing to do, even though it doesn't matter. > > i went back to read again the smm issue you met. you said the c bit is set for non leaf entries that caused a deference issue. But the pagetablelib code doesn't set c bit to non leaf entries. then who sets the c bit? I guess that's the main question, how did that get set? I haven't had the time to fully examine and follow the codepath in the pagetable library to figure out why it was set. Maybe as part of a page split? Thanks, Tom > > thanks, > ray > > thanks, > ray > ________________________________ > From: devel@edk2.groups.io on behalf of Lendacky, Thomas via groups.io > Sent: Friday, April 14, 2023 9:43:52 PM > To: Ni, Ray ; Tan, Dun ; devel@edk2.groups.io > Subject: Re: [edk2-devel] [Patch V2 0/8] Use CpuPageTableLib to create and update smm page table > > On 4/14/23 00:07, Ni, Ray wrote: >> >> >>> -----Original Message----- >>> From: Tom Lendacky >>> Sent: Friday, April 14, 2023 12:19 AM >>> To: Tan, Dun ; devel@edk2.groups.io >>> Cc: Ni, Ray >>> Subject: Re: [edk2-devel] [Patch V2 0/8] Use CpuPageTableLib to create and >>> update smm page table >>> >>> On 4/13/23 04:14, Tan, Dun wrote: >>>> Hi Tom, >>>> >>>> Thank you for your help with testing. >>>> For the build failure, it's because that the CpuPageTableLib instance is >>> added into OvmfPkg DSC in the last pacth ' OvmfPkg: Add CpuPageTableLib >>> required by PiSmmCpuDxe'. I have moved this patch to the head of the patch >>> set. >>>> >>>> For the boot failure, I think it's because that the encrypt mask was not >>> applied to the memory used by page table in page table non-leaf entry. >>> Initially I thought the encrypt mask would only be applied to the leaf entry in >>> AMD SEV feature. So I treated the encryption process as non 1:1 mapping, >>> which only applies the encrypt mask to leaf entry. I'm also curious why the >>> DxeIpl patch set works good. All the page table non-leaf entries are also not >>> encrypted in the DxeIpl page table related patch set. >>> >>> Right, and that works for SEV. All non-leaf pagetable entries are treated >>> as encrypted regardless of the encryption bit. Since the tables were built >>> being mapped encrypted, the pagetable walk works when the non-leaf >>> entries don't have the encryption bit set. In this case, though, the encryption >>> bit is present in the non-leaf entry and that is the reason why there are >>> issues. >> >> Can you point us which doc here (https://www.amd.com/en/developer/sev.html) >> says the page table is encrypted regardless the KEY_ID bits value? >> How can the encryption engine know if a chunk of memory belongs to page table? > > It doesn't. For an SEV guest, when the hardware walks the pagetables, it > will always treat the memory accesses as encrypted (see section 15.34.5 of > the AMD APM Vol 2 at https://www.amd.com/system/files/TechDocs/24593.pdf). > > But, because the initial pagetables that are built to map everything as > encrypted/private to start with (see > OvmfPkg/ResetVector/Ia32/PageTables64.asm), only changing to shared when > specifically requested, any memory allocated and used will be encrypted. > Thus, when new pagetables are allocated/created in the CpuPageTableLib > library, they will be encrypted and so everything works. And those new > pagetables will map everything encrypted by default, except for the GHCB > pages. If they were mapped shared when they were created, then the > pagetable walk would fail. > >> >> My understanding to SEV is any physical address field in guest page table should have >> the KEY_ID bits set if the physical pages are private to guest. Only some pages for GMCB >> don't have KEY_ID bits set as those are shared between guest and host. > > Right, the encryption bit in the leaf entry of the pagetables will > determine the encryption mode. > >> >> I thought Dun's patch works because all guest memory is marked as shared because >> the KEY_ID bits in all entries are not set. Only some pages that're used by GMCB >> have the KEY_ID bits set. > > Just the opposite, the CpuPageTableLib library marks everything encrypted > and only clears the encryption bit for the GHCB pages. > > In MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c, the > CreateIdentityMappingPageTables() function retrieves the encryption bit > and saves it in AddressEncMask. AddressEncMask is then applied to the > mapping attribute used when calling CreateOrUpdatePageTable() to build the > initial pagetables. > >> >> >>> >>> Here is some debug after setting PagingEntry at line 436 of >>> UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c: >>> >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF81000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF80000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF83000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF81000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF80000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF83000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF81000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 3FF80000 >>> *** DEBUG: PageTableLibMapInLevel:437 - PagingEntry = 800003FC01000 >> >> Are you testing the SME or SEV? >> My understanding is with SME, only the highest C bit should be set indicating >> the physical page is encrypted. > > I am testing SEV. There is only a single bit to indicate whether a page is > encrypted. The guest ASID is used to determine what key is used to decrypt > the page. From a pagetable leaf entry, SME and SEV are equivalent, the > encryption bit determines how the memory will be accessed. > > SME and SEV differ in how they deal with instruction fetches and pagetable > walks, with SME obeying the encryption bit and SEV always performing the > accesses as encrypted accesses for security. > > Thanks, > Tom > >> >> >> >>> !!!! X64 Exception Type - 0D(#GP - General Protection) CPU Apic ID - >>> 00000000 !!!! >>> >>> 0x800003FC01000 isn't mapped and so it fails - I'm not exactly sure how >>> the #PF turns into a #GP, though, maybe because the virtual address isn't >>> canonical that point. >>> >>> Thanks, >>> Tom >>> >>>> >>>> I'll added another patch in my code branch to fix this issue later. In the new >>> commit, from the perspective of CpuPageTableLib, the whole memory can >>> be divided into 3 categories: memory used by page table, guest private >>> memory and guest shared memory. CpuPageTableLib will always apply the >>> encrypt mask to memory used by page table, which means all the non-leaf >>> page table entries are encrypted. For guest private memory, this case can be >>> treated as non-1:1 mapping. We can apply the encrypt mask by setting the >>> input parameter of PageTableMap() API like " Attribute.Uint64 = >>> LinearAddress | AddressEncMask". For guest shared memory, this case can >>> be treated as normal 1:1 mapping. I'll let you know once the new patch is >>> ready. >>>> >>>> Thanks, >>>> Dun >>>> -----Original Message----- >>>> From: devel@edk2.groups.io On Behalf Of >>> Lendacky, Thomas via groups.io >>>> Sent: Thursday, April 13, 2023 3:26 AM >>>> To: devel@edk2.groups.io; Tan, Dun >>>> Subject: Re: [edk2-devel] [Patch V2 0/8] Use CpuPageTableLib to create >>> and update smm page table >>>> >>>> On 4/12/23 05:17, duntan via groups.io wrote: >>>>> Hi Tom, >>>>> >>>>> This patch set is to change PiSmmCpuDxeSmm code to use >>> CpuPageTableLib to create and update SMM page table. The Pcd >>> PcdPteMemoryEncryptionAddressOrMask is also used in PiSmmCpuDxeSmm >>> code and the whole range covered by page table is mapped encrypted, >>> which is different from the situation in DxeIpl module. >>>>> So could you also help do a test to make sure the AMD SEV feature still >>> works good in SMM with this patch set? >>>>> Here is the code branch in my fork repo: >>>>> https://github.com/td36/edk2/commits/SmmPageTable_V2 >>>> >>>> Hi Dun, >>>> >>>> I tested at the final commit of the branch and encountered a #GP with an >>> SEV guest. It looks like the CpuPageTableLibrary doesn't take the encryption >>> bit into account. For example: >>>> >>>> Line 436 of UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableMap.c >>>> PagingEntry = (IA32_PAGING_ENTRY >>> *)(UINTN)IA32_PNLE_PAGE_TABLE_BASE_ADDRESS (&ParentPagingEntry- >>>> Pnle); >>>> >>>> This will get an address with the encryption bit set and then try to >>> reference it. When I clear the encryption bit, the code proceeds a bit further, >>> but then encounters a #GP in a different location. >>>> >>>> So it appears that the CpuPageTableLibrary doesn't deal with the >>> encryption bit properly. >>>> >>>> Also, going through a build/test of each individual patch had mixed results. >>>> >>>> - With the second patch in the series applied, I get a build error: >>>> >>>> /root/kernels/ovmf-dun-build-X64/OvmfPkg/OvmfPkgX64.dsc(...): >>> error 4000: Instance of library class [CpuPageTableLib] is not found >>>> in [/root/kernels/ovmf-dun-build- >>> X64/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf] [X64] >>>> consumed by module [/root/kernels/ovmf-dun-build- >>> X64/UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf] >>>> >>>> that isn't resolved until the final patch. >>>> >>>> Thanks, >>>> Tom >>>> >>>>> >>>>> Thanks, >>>>> Dun >>>>> >>>>> -----Original Message----- >>>>> From: devel@edk2.groups.io On Behalf Of >>> duntan >>>>> Sent: Wednesday, April 12, 2023 4:54 PM >>>>> To: devel@edk2.groups.io >>>>> Subject: [edk2-devel] [Patch V2 0/8] Use CpuPageTableLib to create and >>>>> update smm page table >>>>> >>>>> In V2 patch set: >>>>> 1.In 'Refinement to code about updating smm page table', use QuickSort() >>> in BaseLib instead or PerformQuickSort() in BaseSortLib. >>>>> 2.Remove the patch to add BaseSortLib in DSC file. >>>>> 3.Add a new patch to add CpuPageTableLib in UefiCpuPkg.dsc. >>>>> 4.Add a temp patch to add CpuPageTableLib in OvmfPkg dsc files for >>>>> test(A previous patch I sent before '[Patch V2 4/8] OvmfPkg: Add >>>>> CpuPageTableLib required by DxeIpl in DSC file' contains all the >>>>> changes in this patch) >>>>> >>>>> Dun Tan (8): >>>>> OvmfPkg: Add CpuPageTableLib required by PiSmmCpuDxe >>>>> UefiPayloadPkg: Add CpuPageTableLib required by PiSmmCpuDxe >>>>> UefiCpuPkg: Use CpuPageTableLib to convert SMM paging attribute. >>>>> UefiCpuPkg/PiSmmCpuDxeSmm: Avoid setting non-present range to >>> RO/NX >>>>> UefiCpuPkg: Extern mSmmShadowStackSize in PiSmmCpuDxeSmm.h >>>>> UefiCpuPkg: Refinement to current smm page table generation code >>>>> UefiCpuPkg: Refinement to code about updating smm page table >>>>> UefiCpuPkg/PiSmmCpuDxeSmm: Remove unnecessary function >>>>> >>>>> OvmfPkg/CloudHv/CloudHvX64.dsc | 2 +- >>>>> OvmfPkg/OvmfPkgIa32.dsc | 3 ++- >>>>> OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- >>>>> OvmfPkg/OvmfPkgX64.dsc | 2 +- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/PageTbl.c | 5 +++-- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmFuncsArch.c | 3 +-- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/Ia32/SmmProfileArch.c | 2 +- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 132 ----------------- >>> ---------------------------------------------------------------------------------------------- >>> --------------------- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.c | 8 ++++++- >>> - >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.h | 97 >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> ++------------------------------------- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/PiSmmCpuDxeSmm.inf | 1 + >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/SmmCpuMemoryManagement.c | 629 >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> ++++++++++++++++++++++++++++++++++++++++++-------------------------- >>> ---------------------------------------------------------------------------------------------- >>> ---------------------------------------------------------------------------------------------- >>> ---------------------------------------------------------------------------------------------- >>> ----------------------------------------------- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/SmmProfile.c | 348 >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >>> +++++++++------------------------------------------------------------------------------- >>> ---------------------------------------------------------------------------------------------- >>> -------------------------------------------------- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/X64/PageTbl.c | 229 >>> ++++++++++++++++++++++++++++++---------------------------------------------- >>> ---------------------------------------------------------------------------------------------- >>> ----------------------------------------------------------- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c | 3 +-- >>>>> UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmProfileArch.c | 19 ++------- >>> ---------- >>>>> UefiPayloadPkg/UefiPayloadPkg.dsc | 2 +- >>>>> 17 files changed, 510 insertions(+), 977 deletions(-) >>>>> >>>> >>>> >>>> >>>> >>>> > > > > > > > > > > > >