From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 531CFAC180E for ; Fri, 8 Mar 2024 15:32:52 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=SoTaVxQJs5ApEFEJyvuMZDA/6XP5MNsShqSJjcFnYL4=; c=relaxed/simple; d=groups.io; h=Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20240206; t=1709911971; v=1; b=Fv4Z6JkItQTQWFjjQupRcvqK0QbGgXz0cSHsJBfMyj12nJujArYapKJQd/XvNvADaopxgDsJ cLUtL3AUNtnjqV+c8DcDfi6DZuVCnXmyIRHQ1fWCHzHOqSu84ndjOAoSYZz/9BJW+xDooUonKN5 Nrma4LnXGchPGlyA5svyLdhJzsC5W9vd3CqCcRXtb5bcGQBT+A7SPotVeFex8H991Sujk5HXoAv LkUHdI3+j4HVYhO5Fb8WXXxCw2/ISCnbsU86rGBRGZgDs+dRbVbCBiyVUWq9NLEBzGh53gE5229 ZrCHZE0dKR9hpgoKgz9sJeKVS8GNWlel8xV/nB41upU3Q== X-Received: by 127.0.0.2 with SMTP id DnGXYY7687511xtJf7vPxh6P; Fri, 08 Mar 2024 07:32:51 -0800 X-Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.52]) by mx.groups.io with SMTP id smtpd.web10.24846.1709911970444468287 for ; Fri, 08 Mar 2024 07:32:50 -0800 X-Received: from CYZPR20CA0002.namprd20.prod.outlook.com (2603:10b6:930:a2::10) by PH7PR12MB6836.namprd12.prod.outlook.com (2603:10b6:510:1b6::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7362.27; Fri, 8 Mar 2024 15:32:48 +0000 X-Received: from CY4PEPF0000E9DA.namprd05.prod.outlook.com (2603:10b6:930:a2:cafe::16) by CYZPR20CA0002.outlook.office365.com (2603:10b6:930:a2::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7362.29 via Frontend Transport; Fri, 8 Mar 2024 15:32:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9DA.mail.protection.outlook.com (10.167.241.79) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7362.11 via Frontend Transport; Fri, 8 Mar 2024 15:32:47 +0000 X-Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 8 Mar 2024 09:32:46 -0600 From: "Lendacky, Thomas via groups.io" To: CC: Ard Biesheuvel , Erdem Aktas , Gerd Hoffmann , Jiewen Yao , Laszlo Ersek , Liming Gao , Michael D Kinney , Min Xu , Zhiguang Liu , "Rahul Kumar" , Ray Ni , Michael Roth Subject: [edk2-devel] [PATCH v3 23/24] Ovmfpkg/CcExitLib: Provide SVSM discovery support Date: Fri, 08 Mar 2024 07:32:50 -0800 Message-ID: <64338e104fbc50dcd8f06004371d6f7862b593fd.1709911792.git.thomas.lendacky@amd.com> In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9DA:EE_|PH7PR12MB6836:EE_ X-MS-Office365-Filtering-Correlation-Id: fbd3b3bc-683e-4e40-45c8-08dc3f850235 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: tm4udmFsSuwOh82bGwiQgwAdqB8Rf13IeJFez6WKpSxr3Vd291BrkgXihNsGHs/RSlB0sf3ojNOBvY3xD7uIAj3L+EVgelAhEkV2OCqsHOiBqY+wqKHIy47MvwHWdQSQf7b/QasAf6HGM1uTBL8aLU+kqBD2JjGJ9KE1fOZafSxqtaaS6EWGcfjJsKNfNVOiDROfzr4JnU1XT+wMk9e681dj3hOX6JblOVSCKbwuzQlRUULxrx01ofvPAaZ+uhPzelUw7F3Bw73/z41/v4oBoMSNKDQqS/9ALoU3JNhIholeW+LeGzI8te1yPn4R3n4SNPeibeBzeguZih5uqCmrKA/W6ErmfuYSBDoMCNYXWntEtTVZ4HjDq2DqE/OLaPcxCv0kcRkhqgQNasdzw69E3e0HDOjkEBqrrBqvTvM48EwftwJzk1JfEeR98pKdILM6Qy831Orkvd0K9CyDeuqpYc0m5zpLN4SlgdWvc0qiYvirhFAbOfs9LZyp1ze/XKlh6uXi1SmRPAcyXUY8y2yaau8kUiimDAqLkkxqpNF9XWw5ko50ria+wohOLQQFPG9WCrhDR0HU7ZjRFpxrs7NW18mvL/ErnXPnQfKEVIEgEiJaOFtgqEYsHzMkkrKwdSSQDVwbrM20sQnT9rpMBFau395jDX8Io+yvvwPSDAdF8K9GOkmisa3+2RoBBBMBPFzFUNyISOQYqkFq6bllaXKyfQ== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Mar 2024 15:32:47.8920 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fbd3b3bc-683e-4e40-45c8-08dc3f850235 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9DA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6836 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 3LK8B6ZrcRgFMqolE31pPqgKx7686176AA= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=Fv4Z6JkI; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654 The SVSM specification documents an alternative method of discovery for the SVSM using a reserved CPUID bit and a reserved MSR. For the CPUID support, the #VC handler of an SEV-SNP guest should modify the returned value in the EAX register for the 0x8000001f CPUID function by setting bit 28 when an SVSM is present. For the MSR support, new reserved MSR 0xc001f000 has been defined. A #VC should be generated when accessing this MSR. The #VC handler is expected to ignore writes to this MSR and return the physical calling area address (CAA) on reads of this MSR. Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Cc: Jiewen Yao Cc: Laszlo Ersek Cc: Michael Roth Cc: Min Xu Acked-by: Gerd Hoffmann Signed-off-by: Tom Lendacky --- OvmfPkg/Library/CcExitLib/CcExitLib.inf | 3 +- OvmfPkg/Library/CcExitLib/SecCcExitLib.inf | 3 +- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 29 ++++++++++++++++++-- 3 files changed, 31 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitLib.inf b/OvmfPkg/Library/CcEx= itLib/CcExitLib.inf index bc75cd5f5a04..e09f18453ac9 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitLib.inf +++ b/OvmfPkg/Library/CcExitLib/CcExitLib.inf @@ -1,7 +1,7 @@ ## @file # CcExitLib Library. # -# Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved. +# Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights rese= rved.
# Copyright (C) 2020 - 2022, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -41,6 +41,7 @@ [LibraryClasses] DebugLib LocalApicLib MemEncryptSevLib + AmdSvsmLib =20 [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase diff --git a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf b/OvmfPkg/Library/C= cExitLib/SecCcExitLib.inf index 811269dd2c06..dff6cd2761ca 100644 --- a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf +++ b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf @@ -1,7 +1,7 @@ ## @file # VMGEXIT Support Library. # -# Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved. +# Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights rese= rved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -41,6 +41,7 @@ [LibraryClasses] LocalApicLib MemEncryptSevLib PcdLib + AmdSvsmLib =20 [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/= CcExitLib/CcExitVcHandler.c index 0fc30f7bc4f6..0b61d28f8b94 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -1,7 +1,7 @@ /** @file X64 #VC Exception Handler functon. =20 - Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved. + Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reser= ved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -12,6 +12,7 @@ #include #include #include +#include #include #include #include @@ -713,10 +714,29 @@ MsrExit ( IN CC_INSTRUCTION_DATA *InstructionData ) { - UINT64 ExitInfo1, Status; + MSR_SVSM_CAA_REGISTER Msr; + UINT64 ExitInfo1; + UINT64 Status; =20 ExitInfo1 =3D 0; =20 + // + // The SVSM CAA MSR is a software implemented MSR and not supported + // by the hardware, handle it directly. + // + if (Regs->Rax =3D=3D MSR_SVSM_CAA) { + // Writes to the SVSM CAA MSR are ignored + if (*(InstructionData->OpCodes + 1) =3D=3D 0x30) { + return 0; + } + + Msr.Uint64 =3D AmdSvsmSnpGetCaa (); + Regs->Rax =3D Msr.Bits.Lower32Bits; + Regs->Rdx =3D Msr.Bits.Upper32Bits; + + return 0; + } + switch (*(InstructionData->OpCodes + 1)) { case 0x30: // WRMSR ExitInfo1 =3D 1; @@ -1388,6 +1408,11 @@ GetCpuidFw ( *Ebx =3D (*Ebx & 0xFFFFFF00) | (Ebx2 & 0x000000FF); /* node ID */ *Ecx =3D (*Ecx & 0xFFFFFF00) | (Ecx2 & 0x000000FF); + } else if (EaxIn =3D=3D 0x8000001F) { + /* Set the SVSM feature bit if running under an SVSM */ + if (AmdSvsmIsSvsmPresent ()) { + *Eax |=3D BIT28; + } } =20 Out: --=20 2.43.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116548): https://edk2.groups.io/g/devel/message/116548 Mute This Topic: https://groups.io/mt/104810747/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-