From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web08.14459.1621222383801475022 for ; Sun, 16 May 2021 20:33:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=fadfMhQN; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1621222383; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6BaT2bgQB5Sk2nTr5lwK0MWgu8Rq50Y2XCcB1/q5wto=; b=fadfMhQNfH9o09PPFvI9kwsgVNc/1AefHnc0LTYDX8tAcEPT50nEiOAHuUASajSzVZvYPm CXjziF6JKBoWoxhzy06BKiZiL5LZpsJtxON6m2cP8PXjflO7rAmjnlLpISYZS/PLAxVdaw WkHwES2ndjb5zU+kUqZAO5ZLKqIwNhg= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-3-4svIvbqPMfun_TB0ehkKpA-1; Sun, 16 May 2021 23:32:59 -0400 X-MC-Unique: 4svIvbqPMfun_TB0ehkKpA-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4E856FCB0; Mon, 17 May 2021 03:32:57 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-22.ams2.redhat.com [10.36.112.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3C6CA5B683; Mon, 17 May 2021 03:32:54 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v2 09/13] OvmfPkg/BaseMemEncryptSevLib: introduce MemEncryptSevClearMmioPageEncMask() To: devel@edk2.groups.io, brijesh.singh@amd.com Cc: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas References: <20210512234615.1726-1-brijesh.singh@amd.com> <20210512234615.1726-10-brijesh.singh@amd.com> From: "Laszlo Ersek" Message-ID: <5d9484ef-7e79-f96c-a3cd-2473c5395ac5@redhat.com> Date: Mon, 17 May 2021 05:32:52 +0200 MIME-Version: 1.0 In-Reply-To: <20210512234615.1726-10-brijesh.singh@amd.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 05/13/21 01:46, Brijesh Singh wrote: > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 > > The MemEncryptSevClearMmioPageEncMask() helper can be used for clearing > the memory encryption mask for the Mmio region. > > The MemEncryptSevClearMmioPageEncMask() is a simplified version of > MemEncryptSevClearPageEncMask() -- it does not flush the caches after > clearing the page encryption mask. > > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Erdem Aktas > Reviewed-by: Laszlo Ersek > Signed-off-by: Brijesh Singh > --- > OvmfPkg/Include/Library/MemEncryptSevLib.h | 25 ++++++++++++++ > .../BaseMemEncryptSevLib/X64/VirtualMemory.h | 23 +++++++++++++ > .../Ia32/MemEncryptSevLib.c | 31 +++++++++++++++++ > .../X64/MemEncryptSevLib.c | 33 +++++++++++++++++++ > .../X64/PeiDxeVirtualMemory.c | 33 +++++++++++++++++++ > .../X64/SecVirtualMemory.c | 30 +++++++++++++++++ > 6 files changed, 175 insertions(+) Sorry that I missed last time that the "SecMemEncryptSevLib.inf" instance was not extended with a definition for the new function. This update looks OK; my R-b stands. Thanks Laszlo > > diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h > index 99f15a7d1271..b91490d5d44d 100644 > --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h > +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h > @@ -203,4 +203,29 @@ MemEncryptSevGetAddressRangeState ( > IN UINTN Length > ); > > +/** > + This function clears memory encryption bit for the MMIO region specified by > + BaseAddress and NumPages. > + > + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use > + current CR3) > + @param[in] BaseAddress The physical address that is the start > + address of a MMIO region. > + @param[in] NumPages The number of pages from start memory > + region. > + > + @retval RETURN_SUCCESS The attributes were cleared for the > + memory region. > + @retval RETURN_INVALID_PARAMETER Number of pages is zero. > + @retval RETURN_UNSUPPORTED Clearing the memory encryption attribute > + is not supported > +**/ > +RETURN_STATUS > +EFIAPI > +MemEncryptSevClearMmioPageEncMask ( > + IN PHYSICAL_ADDRESS Cr3BaseAddress, > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ); > + > #endif // _MEM_ENCRYPT_SEV_LIB_H_ > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h > index fe2a0b2826cd..8dc39e647b90 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.h > @@ -126,4 +126,27 @@ InternalMemEncryptSevGetAddressRangeState ( > IN UINTN Length > ); > > +/** > + This function clears memory encryption bit for the MMIO region specified by > + PhysicalAddress and Length. > + > + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use > + current CR3) > + @param[in] PhysicalAddress The physical address that is the start > + address of a MMIO region. > + @param[in] Length The length of memory region > + > + @retval RETURN_SUCCESS The attributes were cleared for the > + memory region. > + @retval RETURN_INVALID_PARAMETER Length is zero. > + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute > + is not supported > +**/ > +RETURN_STATUS > +EFIAPI > +InternalMemEncryptSevClearMmioPageEncMask ( > + IN PHYSICAL_ADDRESS Cr3BaseAddress, > + IN PHYSICAL_ADDRESS PhysicalAddress, > + IN UINTN Length > + ); > #endif > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c > index 12a5bf495bd7..169d3118e44f 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c > @@ -111,3 +111,34 @@ MemEncryptSevGetAddressRangeState ( > // > return MemEncryptSevAddressRangeEncrypted; > } > + > +/** > + This function clears memory encryption bit for the MMIO region specified by > + BaseAddress and NumPages. > + > + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use > + current CR3) > + @param[in] BaseAddress The physical address that is the start > + address of a MMIO region. > + @param[in] NumPages The number of pages from start memory > + region. > + > + @retval RETURN_SUCCESS The attributes were cleared for the > + memory region. > + @retval RETURN_INVALID_PARAMETER Number of pages is zero. > + @retval RETURN_UNSUPPORTED Clearing the memory encryption attribute > + is not supported > +**/ > +RETURN_STATUS > +EFIAPI > +MemEncryptSevClearMmioPageEncMask ( > + IN PHYSICAL_ADDRESS Cr3BaseAddress, > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ) > +{ > + // > + // Memory encryption bit is not accessible in 32-bit mode > + // > + return RETURN_UNSUPPORTED; > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c > index 4fea6a6be0ac..a2bf698bcde7 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/MemEncryptSevLib.c > @@ -118,3 +118,36 @@ MemEncryptSevGetAddressRangeState ( > Length > ); > } > + > +/** > + This function clears memory encryption bit for the mmio region specified by > + BaseAddress and NumPages. > + > + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use > + current CR3) > + @param[in] BaseAddress The physical address that is the start > + address of a mmio region. > + @param[in] NumPages The number of pages from start memory > + region. > + > + @retval RETURN_SUCCESS The attributes were cleared for the > + memory region. > + @retval RETURN_INVALID_PARAMETER Number of pages is zero. > + @retval RETURN_UNSUPPORTED Clearing the memory encryption attribute > + is not supported > +**/ > +RETURN_STATUS > +EFIAPI > +MemEncryptSevClearMmioPageEncMask ( > + IN PHYSICAL_ADDRESS Cr3BaseAddress, > + IN PHYSICAL_ADDRESS BaseAddress, > + IN UINTN NumPages > + ) > +{ > + return InternalMemEncryptSevClearMmioPageEncMask ( > + Cr3BaseAddress, > + BaseAddress, > + EFI_PAGES_TO_SIZE (NumPages) > + ); > + > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c > index d3455e812bd1..a18d336a8789 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c > @@ -891,3 +891,36 @@ InternalMemEncryptSevSetMemoryEncrypted ( > Flush > ); > } > + > +/** > + This function clears memory encryption bit for the MMIO region specified by > + PhysicalAddress and Length. > + > + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use > + current CR3) > + @param[in] PhysicalAddress The physical address that is the start > + address of a MMIO region. > + @param[in] Length The length of memory region > + > + @retval RETURN_SUCCESS The attributes were cleared for the > + memory region. > + @retval RETURN_INVALID_PARAMETER Length is zero. > + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute > + is not supported > +**/ > +RETURN_STATUS > +EFIAPI > +InternalMemEncryptSevClearMmioPageEncMask ( > + IN PHYSICAL_ADDRESS Cr3BaseAddress, > + IN PHYSICAL_ADDRESS PhysicalAddress, > + IN UINTN Length > + ) > +{ > + return SetMemoryEncDec ( > + Cr3BaseAddress, > + PhysicalAddress, > + Length, > + ClearCBit, > + FALSE > + ); > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c > index bca5e3febb1b..e0d3a15e8503 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c > @@ -98,3 +98,33 @@ InternalMemEncryptSevSetMemoryEncrypted ( > // > return RETURN_UNSUPPORTED; > } > + > +/** > + This function clears memory encryption bit for the MMIO region specified by > + PhysicalAddress and Length. > + > + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use > + current CR3) > + @param[in] PhysicalAddress The physical address that is the start > + address of a MMIO region. > + @param[in] Length The length of memory region > + > + @retval RETURN_SUCCESS The attributes were cleared for the > + memory region. > + @retval RETURN_INVALID_PARAMETER Length is zero. > + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attribute > + is not supported > +**/ > +RETURN_STATUS > +EFIAPI > +InternalMemEncryptSevClearMmioPageEncMask ( > + IN PHYSICAL_ADDRESS Cr3BaseAddress, > + IN PHYSICAL_ADDRESS PhysicalAddress, > + IN UINTN Length > + ) > +{ > + // > + // This function is not available during SEC. > + // > + return RETURN_UNSUPPORTED; > +} >