public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
@ 2024-03-08 15:30 Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 01/24] OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust() Lendacky, Thomas via groups.io
                   ` (24 more replies)
  0 siblings, 25 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth, Anatol Belski, Anthony Perard,
	Corvin Köhne, Gua Guo, Guo Dong, James Lu, Jianyong Wu,
	Rebecca Cran, Sean Rhodes


BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

This series adds SEV-SNP support for running OVMF under an Secure VM
Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
By running at a less priviledged VMPL, the SVSM can be used to provide
services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
confidential VM (CVM) rather than trust such services from the hypervisor.

Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
certain SNP related operations that require that VMPL level. Specifically,
the PVALIDATE instruction and the RMPADJUST instruction when setting the
the VMSA attribute of a page (used when starting APs).

If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
use an SVSM (which is running at VMPL0) to perform the operations that
it is no longer able to perform.

When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
it will be starting. As a result, the GHCB APIC ID retrieval action must
be performed. Since this service can also work with SEV-SNP running at
VMPL0, the patches to make use of this feature are near the beginning of
the series.

How OVMF interacts with and uses the SVSM is documented in the SVSM
specification [1] and the GHCB specification [2].

This support creates a new AmdSvsmLib library that is used by MpInitLib.
The edk2-platforms repo requires updates/patches to add the new library
requirement. To accomodate that, this series could be split between:

patch number 12:
  UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM

and patch number 13:
  UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library

The updates to edk2-platforms can be applied at the split.

This series introduces support to run OVMF under an SVSM. It consists
of:
  - Retrieving the list of vCPU APIC IDs and starting up all APs without
    performing a broadcast SIPI
  - Reorganizing the page state change support to not directly use the
    GHCB buffer since an SVSM will use the calling area buffer, instead
  - Detecting the presence of an SVSM
  - When not running at VMPL0, invoking the SVSM for page validation and
    VMSA page creation/deletion
  - Detecting and allowing OVMF to run in a VMPL other than 0 when an
    SVSM is present

The series is based off of commit:

  e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs")

[1] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf
[2] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf

Cc: Anatol Belski <anbelski@linux.microsoft.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Corvin Köhne <corvink@freebsd.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Gua Guo <gua.guo@intel.com>
Cc: Guo Dong <guo.dong@intel.com>
Cc: James Lu <james.lu@intel.com>
Cc: Jianyong Wu <jianyong.wu@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>

---

Changes in v3:
- Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding
  function name changes
- Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg
  and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid
- Separated the OvmfPkg changes for the AmdSvsmLib into two patches:
  - First patch adds usage of the AmdSvsmLib NULL library
  - Second patch adds the OVMF AmdSvsmLib implementation
- Updated the commit message for the OVMF AmdSvsmLib implementation to
  indicate that the base functionality for PVALIDATE and RMPADJUST was
  copied from the original locations in prep for converting those sites
  to using the library API.

Changes in v2:
- Move the APIC IDs retrieval support to the beginning of the patch series
    - Use a GUIDed HOB to hold the APIC ID list instead of a PCD
- Split up Page State Change reorganization into multiple patches
- Created CcSvsmLib library instead of extending CcExitLib
    - This will require a corresponding update to edk2-platform DSC files
    - Removed Ray Ni's Acked-by since it is not a minor change
- Variable name changes and other misc changes

Tom Lendacky (24):
  OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
  MdePkg: GHCB APIC ID retrieval support definitions
  UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is
    present
  OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
  OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
  OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State
    Change
  MdePkg: Avoid hardcoded value for number of Page State Change entries
  OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
  OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
  MdePkg/Register/Amd: Define the SVSM related information
  MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
  UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
    SVSM
  UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
  Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
  Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
  UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
  OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate
    pages
  OvmfPkg: Create a calling area used to communicate with the SVSM
  OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
  OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
  OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
  UefiCpuPkg/MpInitLib: AP creation support under an SVSM
  Ovmfpkg/CcExitLib: Provide SVSM discovery support
  OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at
    VMPL0

 OvmfPkg/OvmfPkg.dec                                                   |   4 +
 UefiCpuPkg/UefiCpuPkg.dec                                             |   8 +-
 OvmfPkg/AmdSev/AmdSevX64.dsc                                          |   1 +
 OvmfPkg/Bhyve/BhyveX64.dsc                                            |   1 +
 OvmfPkg/CloudHv/CloudHvX64.dsc                                        |   1 +
 OvmfPkg/IntelTdx/IntelTdxX64.dsc                                      |   1 +
 OvmfPkg/Microvm/MicrovmX64.dsc                                        |   1 +
 OvmfPkg/OvmfPkgIa32.dsc                                               |   1 +
 OvmfPkg/OvmfPkgIa32X64.dsc                                            |   3 +-
 OvmfPkg/OvmfPkgX64.dsc                                                |   1 +
 OvmfPkg/OvmfXen.dsc                                                   |   1 +
 UefiCpuPkg/UefiCpuPkg.dsc                                             |   4 +-
 UefiPayloadPkg/UefiPayloadPkg.dsc                                     |   1 +
 OvmfPkg/AmdSev/AmdSevX64.fdf                                          |   9 +-
 OvmfPkg/OvmfPkgX64.fdf                                                |   3 +
 MdePkg/Library/BaseLib/BaseLib.inf                                    |   2 +
 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf                             |  38 ++
 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf          |   3 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf          |   3 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf          |   3 +-
 OvmfPkg/Library/CcExitLib/CcExitLib.inf                               |   3 +-
 OvmfPkg/Library/CcExitLib/SecCcExitLib.inf                            |   3 +-
 OvmfPkg/PlatformPei/PlatformPei.inf                                   |   3 +
 OvmfPkg/ResetVector/ResetVector.inf                                   |   2 +
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf                  |  27 ++
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf                         |   2 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf                         |   2 +
 MdePkg/Include/Library/BaseLib.h                                      |  39 ++
 MdePkg/Include/Register/Amd/Fam17Msr.h                                |  19 +-
 MdePkg/Include/Register/Amd/Ghcb.h                                    |  19 +-
 MdePkg/Include/Register/Amd/Msr.h                                     |   3 +-
 MdePkg/Include/Register/Amd/Svsm.h                                    | 101 ++++
 MdePkg/Include/Register/Amd/SvsmMsr.h                                 |  35 ++
 OvmfPkg/Include/WorkArea.h                                            |   9 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h         |   6 +-
 UefiCpuPkg/Include/Guid/GhcbApicIds.h                                 |  17 +
 UefiCpuPkg/Include/Library/AmdSvsmLib.h                               | 101 ++++
 UefiCpuPkg/Library/MpInitLib/MpLib.h                                  |  29 +-
 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c                               | 500 ++++++++++++++++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c    |  11 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c        |  27 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c    |  22 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c    |  31 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 206 ++++----
 OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                           |  29 +-
 OvmfPkg/PlatformPei/AmdSev.c                                          | 103 +++-
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c                    | 108 +++++
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c                            |  21 +-
 UefiCpuPkg/Library/MpInitLib/MpLib.c                                  |   9 +-
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c                             | 134 ++++--
 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm                          |  39 ++
 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm                           |  94 ++++
 OvmfPkg/ResetVector/ResetVector.nasmb                                 |   6 +-
 OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm                           |  11 +-
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni                  |  13 +
 55 files changed, 1641 insertions(+), 232 deletions(-)
 create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
 create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
 create mode 100644 MdePkg/Include/Register/Amd/Svsm.h
 create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h
 create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h
 create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h
 create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
 create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
 create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
 create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni

-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116525): https://edk2.groups.io/g/devel/message/116525
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 01/24] OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 02/24] MdePkg: GHCB APIC ID retrieval support definitions Lendacky, Thomas via groups.io
                   ` (23 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The AsmRmpAdjust() function returns a UINT32, however in SevSnpIsVmpl0()
the return value is checked with EFI_ERROR() when it should just be
compared to 0. Fix the error check.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
index 7797febb8ac6..be43a44e4e1d 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
@@ -2,7 +2,7 @@
 
   SEV-SNP Page Validation functions.
 
-  Copyright (c) 2021 AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -31,8 +31,8 @@ SevSnpIsVmpl0 (
   VOID
   )
 {
-  UINT64      Rdx;
-  EFI_STATUS  Status;
+  UINT64  Rdx;
+  UINT32  Status;
 
   //
   // There is no straightforward way to query the current VMPL level.
@@ -44,7 +44,7 @@ SevSnpIsVmpl0 (
   Rdx = 1;
 
   Status = AsmRmpAdjust ((UINT64)gVmpl0Data, 0, Rdx);
-  if (EFI_ERROR (Status)) {
+  if (Status != 0) {
     return FALSE;
   }
 
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116526): https://edk2.groups.io/g/devel/message/116526
Mute This Topic: https://groups.io/mt/104810674/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 02/24] MdePkg: GHCB APIC ID retrieval support definitions
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 01/24] OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust() Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present Lendacky, Thomas via groups.io
                   ` (22 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

When an SVSM is present, starting the APs requires knowledge of the APIC
IDs. Create the definitions required to retrieve and hold the APIC ID
information of all the vCPUs present in the guest.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Include/Register/Amd/Ghcb.h | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Register/Amd/Ghcb.h b/MdePkg/Include/Register/Amd/Ghcb.h
index dab396f3ede8..bd7bf986d03f 100644
--- a/MdePkg/Include/Register/Amd/Ghcb.h
+++ b/MdePkg/Include/Register/Amd/Ghcb.h
@@ -4,7 +4,7 @@
   Provides data types allowing an SEV-ES guest to interact with the hypervisor
   using the GHCB protocol.
 
-  Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
   @par Specification Reference:
@@ -56,6 +56,7 @@
 #define SVM_EXIT_AP_JUMP_TABLE          0x80000005ULL
 #define SVM_EXIT_SNP_PAGE_STATE_CHANGE  0x80000010ULL
 #define SVM_EXIT_SNP_AP_CREATION        0x80000013ULL
+#define SVM_EXIT_GET_APIC_IDS           0x80000017ULL
 #define SVM_EXIT_HYPERVISOR_FEATURES    0x8000FFFDULL
 #define SVM_EXIT_UNSUPPORTED            0x8000FFFFULL
 
@@ -170,6 +171,7 @@ typedef union {
 #define GHCB_HV_FEATURES_SNP_AP_CREATE                   (GHCB_HV_FEATURES_SNP | BIT1)
 #define GHCB_HV_FEATURES_SNP_RESTRICTED_INJECTION        (GHCB_HV_FEATURES_SNP_AP_CREATE | BIT2)
 #define GHCB_HV_FEATURES_SNP_RESTRICTED_INJECTION_TIMER  (GHCB_HV_FEATURES_SNP_RESTRICTED_INJECTION | BIT3)
+#define GHCB_HV_FEATURES_APIC_ID_LIST                    BIT4
 
 //
 // SNP Page State Change.
@@ -202,6 +204,14 @@ typedef struct {
   SNP_PAGE_STATE_ENTRY     Entry[SNP_PAGE_STATE_MAX_ENTRY];
 } SNP_PAGE_STATE_CHANGE_INFO;
 
+//
+// Get APIC IDs
+//
+typedef struct {
+  UINT32    NumEntries;
+  UINT32    ApicIds[];
+} GHCB_APIC_IDS;
+
 //
 // SEV-ES save area mapping structures used for SEV-SNP AP Creation.
 // Only the fields required to be set to a non-zero value are defined.
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116527): https://edk2.groups.io/g/devel/message/116527
Mute This Topic: https://groups.io/mt/104810677/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 01/24] OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust() Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 02/24] MdePkg: GHCB APIC ID retrieval support definitions Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-04-03  7:07   ` Ni, Ray
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 04/24] OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor Lendacky, Thomas via groups.io
                   ` (21 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

Currently, the first time an AP is started for an SEV-SNP guest, it relies
on the VMSA as set by the hypervisor. If the list of APIC IDs has been
retrieved, this is not necessary. The list of APIC IDs will be identified
by a GUIDed HOB. If the GUIDed HOB is present, use the SEV-SNP AP Create
protocol to start the AP for the first time and each time thereafter.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec                     |  5 +-
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  1 +
 UefiCpuPkg/Include/Guid/GhcbApicIds.h         | 17 +++++
 UefiCpuPkg/Library/MpInitLib/MpLib.h          | 15 +++-
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c    | 21 +++++-
 UefiCpuPkg/Library/MpInitLib/MpLib.c          |  9 ++-
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c     | 78 ++++++++++++++++++--
 8 files changed, 133 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 571b59b36f0a..c31d8b6736cf 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -2,7 +2,7 @@
 # This Package provides UEFI compatible CPU modules and libraries.
 #
 # Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.<BR>
-# Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<BR>
+# Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -91,6 +91,9 @@ [Guids]
   ## Include/Guid/MpInformation2.h
   gMpInformation2HobGuid         = { 0x417a7f64, 0xf4e9, 0x4b32, {0x84, 0x6a, 0x5c, 0xc4, 0xd8, 0x62, 0x18, 0x79 }}
 
+  ## Include/Guid/GhcbApicIds.h
+  gGhcbApicIdsGuid               = { 0xbc964338, 0xee39, 0x4fc8, { 0xa2, 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80, 0x1b }}
+
 [Protocols]
   ## Include/Protocol/SmmCpuService.h
   gEfiSmmCpuServiceProtocolGuid   = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
index 55e46d4a1fad..69950fcd1289 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -68,6 +68,7 @@ [Guids]
   gEfiEventExitBootServicesGuid                 ## CONSUMES  ## Event
   gEfiEventLegacyBootGuid                       ## SOMETIMES_CONSUMES  ## Event
   gEdkiiMicrocodePatchHobGuid                   ## SOMETIMES_CONSUMES  ## HOB
+  gGhcbApicIdsGuid                              ## SOMETIMES_CONSUMES  ## HOB
 
 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber            ## CONSUMES
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
index bc3d716aa951..22f74a814534 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -76,3 +76,4 @@ [Ppis]
 [Guids]
   gEdkiiS3SmmInitDoneGuid
   gEdkiiMicrocodePatchHobGuid
+  gGhcbApicIdsGuid                       ## SOMETIMES_CONSUMES
diff --git a/UefiCpuPkg/Include/Guid/GhcbApicIds.h b/UefiCpuPkg/Include/Guid/GhcbApicIds.h
new file mode 100644
index 000000000000..9d5bfcb0de22
--- /dev/null
+++ b/UefiCpuPkg/Include/Guid/GhcbApicIds.h
@@ -0,0 +1,17 @@
+/** @file
+  APIC ID list retrieved for an SEV-ES/SEV-SNP guest via the GHCB.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef GHCB_APIC_IDS_H_
+#define GHCB_APIC_IDS_H_
+
+#define GHCB_APIC_IDS_GUID \
+  { 0xbc964338, 0xee39, 0x4fc8, { 0xa2, 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80, 0x1b }}
+
+extern EFI_GUID  gGhcbApicIdsGuid;
+
+#endif
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index d26035559f22..65e05c4806f5 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -2,7 +2,7 @@
   Common header file for MP Initialize Library.
 
   Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.<BR>
-  Copyright (c) 2020, AMD Inc. All rights reserved.<BR>
+  Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -924,6 +924,19 @@ SevSnpCreateAP (
   IN INTN         ProcessorNumber
   );
 
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE       Use SEV-SNP AP Create protocol
+  @retval     FALSE      Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  );
+
 /**
   Get pointer to CPU MP Data structure from GUIDed HOB.
 
diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
index c83144285b68..0478e92317f1 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
@@ -2,7 +2,7 @@
 
   AMD SEV helper function.
 
-  Copyright (c) 2021, AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -68,3 +68,22 @@ SevSnpRmpAdjust (
   //
   return RETURN_UNSUPPORTED;
 }
+
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE       Use SEV-SNP AP Create protocol
+  @retval     FALSE      Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  )
+{
+  //
+  // SEV-SNP is not supported on 32-bit build.
+  //
+  return FALSE;
+}
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index 9bac62f289e0..d7244565029d 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -2,7 +2,7 @@
   CPU MP Initialize Library common functions.
 
   Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.<BR>
-  Copyright (c) 2020, AMD Inc. All rights reserved.<BR>
+  Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -1303,9 +1303,10 @@ WakeUpAP (
       //
       // Wakeup all APs
       //   Must use the INIT-SIPI-SIPI method for initial configuration in
-      //   order to obtain the APIC ID.
+      //   order to obtain the APIC ID if not an SEV-SNP guest and the
+      //   list of APIC IDs is not available.
       //
-      if (CpuMpData->SevSnpIsEnabled && (CpuMpData->InitFlag != ApInitConfig)) {
+      if (CanUseSevSnpCreateAP (CpuMpData)) {
         SevSnpCreateAP (CpuMpData, -1);
       } else {
         if ((CpuMpData->InitFlag == ApInitConfig) && FixedPcdGetBool (PcdFirstTimeWakeUpAPsBySipi)) {
@@ -1415,7 +1416,7 @@ WakeUpAP (
         SetSevEsJumpTable (ExchangeInfo->BufferStart);
       }
 
-      if (CpuMpData->SevSnpIsEnabled && (CpuMpData->InitFlag != ApInitConfig)) {
+      if (CanUseSevSnpCreateAP (CpuMpData)) {
         SevSnpCreateAP (CpuMpData, (INTN)ProcessorNumber);
       } else {
         SendInitSipiSipi (
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
index c9f0984f41a2..bd12a5ee2fcb 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -2,7 +2,7 @@
 
   AMD SEV helper function.
 
-  Copyright (c) 2021, AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -268,20 +268,55 @@ SevSnpCreateAP (
   IN INTN         ProcessorNumber
   )
 {
-  CPU_INFO_IN_HOB  *CpuInfoInHob;
-  CPU_AP_DATA      *CpuData;
-  UINTN            Index;
-  UINT32           ApicId;
+  CPU_INFO_IN_HOB    *CpuInfoInHob;
+  CPU_AP_DATA        *CpuData;
+  UINTN              Index;
+  UINTN              MaxIndex;
+  UINT32             ApicId;
+  EFI_HOB_GUID_TYPE  *GuidHob;
+  GHCB_APIC_IDS      *GhcbApicIds;
 
   ASSERT (CpuMpData->MpCpuExchangeInfo->BufferStart < 0x100000);
 
   CpuInfoInHob = (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob;
 
   if (ProcessorNumber < 0) {
-    for (Index = 0; Index < CpuMpData->CpuCount; Index++) {
+    if (CpuMpData->InitFlag == ApInitConfig) {
+      //
+      // APs have not been started, so CpuCount is not "known" yet. Use the
+      // retrieved APIC IDs to start the APs and fill out the MpLib CPU
+      // information properly. CanUseSevSnpCreateAP() guarantees we have a
+      // HOB when InitFlag is ApInitConfig.
+      //
+      GuidHob     = GetFirstGuidHob (&gGhcbApicIdsGuid);
+      GhcbApicIds = (GHCB_APIC_IDS *)(*(UINTN *)GET_GUID_HOB_DATA (GuidHob));
+      MaxIndex    = MIN (GhcbApicIds->NumEntries, PcdGet32 (PcdCpuMaxLogicalProcessorNumber));
+    } else {
+      //
+      // APs have been previously started.
+      //
+      MaxIndex = CpuMpData->CpuCount;
+    }
+
+    for (Index = 0; Index < MaxIndex; Index++) {
       if (Index != CpuMpData->BspNumber) {
         CpuData = &CpuMpData->CpuData[Index];
-        ApicId  = CpuInfoInHob[Index].ApicId,
+
+        if (CpuMpData->InitFlag == ApInitConfig) {
+          ApicId = GhcbApicIds->ApicIds[Index];
+
+          //
+          // For the first boot, use the BSP register information.
+          //
+          CopyMem (
+            &CpuData->VolatileRegisters,
+            &CpuMpData->CpuData[0].VolatileRegisters,
+            sizeof (CpuData->VolatileRegisters)
+            );
+        } else {
+          ApicId = CpuInfoInHob[Index].ApicId;
+        }
+
         SevSnpCreateSaveArea (CpuMpData, CpuData, ApicId);
       }
     }
@@ -325,3 +360,32 @@ SevSnpRmpAdjust (
 
   return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx);
 }
+
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE       Use SEV-SNP AP Create protocol
+  @retval     FALSE      Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  )
+{
+  //
+  // The AP Create protocol is used for an SEV-SNP guest if
+  //   - The initial configuration has been performed already or
+  //   - The APIC IDs GUIDed HOB is non-zero.
+  //
+  if (!CpuMpData->SevSnpIsEnabled) {
+    return FALSE;
+  }
+
+  if ((CpuMpData->InitFlag == ApInitConfig) && (GetFirstGuidHob (&gGhcbApicIdsGuid) == NULL)) {
+    return FALSE;
+  }
+
+  return TRUE;
+}
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116528): https://edk2.groups.io/g/devel/message/116528
Mute This Topic: https://groups.io/mt/104810684/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 04/24] OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (2 preceding siblings ...)
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 05/24] OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors Lendacky, Thomas via groups.io
                   ` (20 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

If the hypervisor supports retrieval of the vCPU APIC IDs, retrieve
them before any APs are actually started. The APIC IDs can be used
to start the APs for any SEV-SNP guest, but is a requirement for an
SEV-SNP guest that is running under an SVSM.

After retrieving the APIC IDs, save the address of the APIC ID data
structure in a GUIDed HOB.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/PlatformPei/PlatformPei.inf |  1 +
 OvmfPkg/PlatformPei/AmdSev.c        | 92 +++++++++++++++++++-
 2 files changed, 92 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index ad52be306560..2206316fec9e 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -45,6 +45,7 @@ [Guids]
   gEfiMemoryTypeInformationGuid
   gFdtHobGuid
   gUefiOvmfPkgPlatformInfoGuid
+  gGhcbApicIdsGuid
 
 [LibraryClasses]
   BaseLib
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e6b602d79a05..a9de33074a69 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -1,7 +1,7 @@
 /**@file
   Initialize Secure Encrypted Virtualization (SEV) support
 
-  Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
+  Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -9,6 +9,7 @@
 //
 // The package level header files this module uses
 //
+#include <Guid/GhcbApicIds.h>
 #include <IndustryStandard/Q35MchIch9.h>
 #include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
@@ -31,6 +32,87 @@ GetHypervisorFeature (
   VOID
   );
 
+/**
+  Retrieve APIC IDs from the hypervisor.
+
+**/
+STATIC
+VOID
+AmdSevSnpGetApicIds (
+  VOID
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+  GHCB                      *Ghcb;
+  BOOLEAN                   InterruptState;
+  UINT64                    VmgExitStatus;
+  UINT64                    PageCount;
+  BOOLEAN                   PageCountValid;
+  VOID                      *ApicIds;
+  RETURN_STATUS             Status;
+  UINT64                    GuidData;
+
+  Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB);
+  Ghcb                    = Msr.Ghcb;
+
+  PageCount      = 0;
+  PageCountValid = FALSE;
+
+  CcExitVmgInit (Ghcb, &InterruptState);
+  Ghcb->SaveArea.Rax = PageCount;
+  CcExitVmgSetOffsetValid (Ghcb, GhcbRax);
+  VmgExitStatus = CcExitVmgExit (Ghcb, SVM_EXIT_GET_APIC_IDS, 0, 0);
+  if (CcExitVmgIsOffsetValid (Ghcb, GhcbRax)) {
+    PageCount      = Ghcb->SaveArea.Rax;
+    PageCountValid = TRUE;
+  }
+
+  CcExitVmgDone (Ghcb, InterruptState);
+
+  ASSERT (VmgExitStatus == 0);
+  ASSERT (PageCountValid);
+  if ((VmgExitStatus != 0) || !PageCountValid) {
+    return;
+  }
+
+  //
+  // Allocate the memory for the APIC IDs
+  //
+  ApicIds = AllocateReservedPages ((UINTN)PageCount);
+  ASSERT (ApicIds != NULL);
+
+  Status = MemEncryptSevClearPageEncMask (
+             0,
+             (UINTN)ApicIds,
+             (UINTN)PageCount
+             );
+  ASSERT_RETURN_ERROR (Status);
+
+  ZeroMem (ApicIds, EFI_PAGES_TO_SIZE ((UINTN)PageCount));
+
+  PageCountValid = FALSE;
+
+  CcExitVmgInit (Ghcb, &InterruptState);
+  Ghcb->SaveArea.Rax = PageCount;
+  CcExitVmgSetOffsetValid (Ghcb, GhcbRax);
+  VmgExitStatus = CcExitVmgExit (Ghcb, SVM_EXIT_GET_APIC_IDS, (UINTN)ApicIds, 0);
+  if (CcExitVmgIsOffsetValid (Ghcb, GhcbRax) && (Ghcb->SaveArea.Rax == PageCount)) {
+    PageCountValid = TRUE;
+  }
+
+  CcExitVmgDone (Ghcb, InterruptState);
+
+  ASSERT (VmgExitStatus == 0);
+  ASSERT (PageCountValid);
+  if ((VmgExitStatus != 0) || !PageCountValid) {
+    FreePages (ApicIds, (UINTN)PageCount);
+    return;
+  }
+
+  GuidData = (UINT64)(UINTN)ApicIds;
+  BuildGuidDataHob (&gGhcbApicIdsGuid, &GuidData, sizeof (GuidData));
+}
+
 /**
   Initialize SEV-SNP support if running as an SEV-SNP guest.
 
@@ -78,6 +160,14 @@ AmdSevSnpInitialize (
       }
     }
   }
+
+  //
+  // Retrieve the APIC IDs if the hypervisor supports it. These will be used
+  // to always start APs using SNP AP Create.
+  //
+  if ((HvFeatures & GHCB_HV_FEATURES_APIC_ID_LIST) == GHCB_HV_FEATURES_APIC_ID_LIST) {
+    AmdSevSnpGetApicIds ();
+  }
 }
 
 /**
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116529): https://edk2.groups.io/g/devel/message/116529
Mute This Topic: https://groups.io/mt/104810685/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 05/24] OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (3 preceding siblings ...)
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 04/24] OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 06/24] OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State Change Lendacky, Thomas via groups.io
                   ` (19 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

In prep for follow-on patches, fix an area of the code that does not meet
the uncrustify coding standards.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 27 +++++++++++---------
 1 file changed, 15 insertions(+), 12 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
index 46c6682760d5..6a11adb06efb 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
@@ -2,7 +2,7 @@
 
   SEV-SNP Page Validation functions.
 
-  Copyright (c) 2021 AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -78,7 +78,9 @@ PvalidateRange (
   IN  BOOLEAN                     Validate
   )
 {
-  UINTN                 RmpPageSize, Ret, i;
+  UINTN                 RmpPageSize;
+  UINTN                 Index;
+  UINTN                 Ret;
   EFI_PHYSICAL_ADDRESS  Address;
 
   for ( ; StartIndex <= EndIndex; StartIndex++) {
@@ -96,7 +98,7 @@ PvalidateRange (
     // the RMP entry is 4K and we are validating it as a 2MB.
     //
     if ((Ret == PVALIDATE_RET_SIZE_MISMATCH) && (RmpPageSize == PvalidatePageSize2MB)) {
-      for (i = 0; i < PAGES_PER_LARGE_ENTRY; i++) {
+      for (Index = 0; Index < PAGES_PER_LARGE_ENTRY; Index++) {
         Ret = AsmPvalidate (PvalidatePageSize4K, Validate, Address);
         if (Ret) {
           break;
@@ -135,18 +137,19 @@ BuildPageStateBuffer (
   )
 {
   EFI_PHYSICAL_ADDRESS  NextAddress;
-  UINTN                 i, RmpPageSize;
+  UINTN                 RmpPageSize;
+  UINTN                 Index;
 
   // Clear the page state structure
   SetMem (Info, sizeof (*Info), 0);
 
-  i           = 0;
+  Index       = 0;
   NextAddress = EndAddress;
 
   //
   // Populate the page state entry structure
   //
-  while ((BaseAddress < EndAddress) && (i < SNP_PAGE_STATE_MAX_ENTRY)) {
+  while ((BaseAddress < EndAddress) && (Index < SNP_PAGE_STATE_MAX_ENTRY)) {
     //
     // Is this a 2MB aligned page? Check if we can use the Large RMP entry.
     //
@@ -160,14 +163,14 @@ BuildPageStateBuffer (
       NextAddress = BaseAddress + EFI_PAGE_SIZE;
     }
 
-    Info->Entry[i].GuestFrameNumber = BaseAddress >> EFI_PAGE_SHIFT;
-    Info->Entry[i].PageSize         = RmpPageSize;
-    Info->Entry[i].Operation        = MemoryStateToGhcbOp (State);
-    Info->Entry[i].CurrentPage      = 0;
-    Info->Header.EndEntry           = (UINT16)i;
+    Info->Entry[Index].GuestFrameNumber = BaseAddress >> EFI_PAGE_SHIFT;
+    Info->Entry[Index].PageSize         = RmpPageSize;
+    Info->Entry[Index].Operation        = MemoryStateToGhcbOp (State);
+    Info->Entry[Index].CurrentPage      = 0;
+    Info->Header.EndEntry               = (UINT16)Index;
 
     BaseAddress = NextAddress;
-    i++;
+    Index++;
   }
 
   return NextAddress;
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116530): https://edk2.groups.io/g/devel/message/116530
Mute This Topic: https://groups.io/mt/104810690/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 06/24] OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State Change
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (4 preceding siblings ...)
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 05/24] OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 07/24] MdePkg: Avoid hardcoded value for number of Page State Change entries Lendacky, Thomas via groups.io
                   ` (18 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

Calculate the amount of memory that can be use to build the Page State
Change data (SNP_PAGE_STATE_CHANGE_INFO) instead of using a hard-coded
size. This allows for changes to the GHCB shared buffer size without
having to make changes to the page state change code.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
index 6a11adb06efb..60b176ab14b8 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
@@ -133,23 +133,26 @@ BuildPageStateBuffer (
   IN EFI_PHYSICAL_ADDRESS        EndAddress,
   IN SEV_SNP_PAGE_STATE          State,
   IN BOOLEAN                     UseLargeEntry,
-  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info,
+  IN UINTN                       InfoSize
   )
 {
   EFI_PHYSICAL_ADDRESS  NextAddress;
   UINTN                 RmpPageSize;
   UINTN                 Index;
+  UINTN                 IndexMax;
 
   // Clear the page state structure
-  SetMem (Info, sizeof (*Info), 0);
+  SetMem (Info, InfoSize, 0);
 
   Index       = 0;
+  IndexMax    = (InfoSize - sizeof (Info->Header)) / sizeof (Info->Entry[0]);
   NextAddress = EndAddress;
 
   //
   // Populate the page state entry structure
   //
-  while ((BaseAddress < EndAddress) && (Index < SNP_PAGE_STATE_MAX_ENTRY)) {
+  while ((BaseAddress < EndAddress) && (Index < IndexMax)) {
     //
     // Is this a 2MB aligned page? Check if we can use the Large RMP entry.
     //
@@ -265,7 +268,8 @@ InternalSetPageState (
                     EndAddress,
                     State,
                     UseLargeEntry,
-                    Info
+                    Info,
+                    sizeof (Ghcb->SharedBuffer)
                     );
 
     //
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116531): https://edk2.groups.io/g/devel/message/116531
Mute This Topic: https://groups.io/mt/104810694/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 07/24] MdePkg: Avoid hardcoded value for number of Page State Change entries
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (5 preceding siblings ...)
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 06/24] OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State Change Lendacky, Thomas via groups.io
@ 2024-03-08 15:30 ` Lendacky, Thomas via groups.io
  2024-03-14 10:42   ` Gerd Hoffmann
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 09/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency Lendacky, Thomas via groups.io
                   ` (17 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:30 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The SNP_PAGE_STATE_MAX_ENTRY is based on the number of entries that can
fit in the GHCB shared buffer. As a result, the SNP_PAGE_STATE_CHANGE_INFO
structure maps the full GHCB shared buffer based on the shared buffer size
being 2032 bytes.

Instead of using a hardcoded value for SNP_PAGE_STATE_MAX_ENTRY, use a
build calculated value. Since the SNP_PAGE_STATE_CHANGE_INFO is used as a
mapping, eliminate the hardcoded array size so that the structure can be
used based on any size buffer.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Include/Register/Amd/Ghcb.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/MdePkg/Include/Register/Amd/Ghcb.h b/MdePkg/Include/Register/Amd/Ghcb.h
index bd7bf986d03f..ae1486b526a6 100644
--- a/MdePkg/Include/Register/Amd/Ghcb.h
+++ b/MdePkg/Include/Register/Amd/Ghcb.h
@@ -197,13 +197,14 @@ typedef struct {
   UINT32    Reserved;
 } SNP_PAGE_STATE_HEADER;
 
-#define SNP_PAGE_STATE_MAX_ENTRY  253
-
 typedef struct {
   SNP_PAGE_STATE_HEADER    Header;
-  SNP_PAGE_STATE_ENTRY     Entry[SNP_PAGE_STATE_MAX_ENTRY];
+  SNP_PAGE_STATE_ENTRY     Entry[];
 } SNP_PAGE_STATE_CHANGE_INFO;
 
+#define SNP_PAGE_STATE_MAX_ENTRY  \
+  ((sizeof (((GHCB *)0)->SharedBuffer) - sizeof (SNP_PAGE_STATE_HEADER)) / sizeof (SNP_PAGE_STATE_ENTRY))
+
 //
 // Get APIC IDs
 //
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116532): https://edk2.groups.io/g/devel/message/116532
Mute This Topic: https://groups.io/mt/104810697/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 09/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (6 preceding siblings ...)
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 07/24] MdePkg: Avoid hardcoded value for number of Page State Change entries Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 08/24] OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support Lendacky, Thomas via groups.io
                   ` (16 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

When building the Page State Change entries for a range of memory, it can
happen that multiple calls to BuildPageStateBuffer() need to be made. If
the size of the input work area passed to BuildPageStateBuffer() exceeds
the number of entries that can be passed to the hypervisor using the GHCB
shared buffer, the Page State Change VMGEXIT support will issue multiple
VMGEXITs to process all entries in the buffer.

However, it could be that the final VMGEXIT for each round of Page State
Changes is only for a small number of entries and subsequent VMGEXITs may
still be issued to handle the full range of memory requested. To maximize
the number of entries processed during the Page State Change VMGEXIT,
limit BuildPageStateBuffer() to not build entries that exceed the maximum
number of entries that can be handled in a single Page State Change
VMGEXIT.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
index bcc0798d6b02..f1883239a661 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
@@ -145,6 +145,7 @@ BuildPageStateBuffer (
   UINTN                 RmpPageSize;
   UINTN                 Index;
   UINTN                 IndexMax;
+  UINTN                 PscIndexMax;
 
   // Clear the page state structure
   SetMem (Info, InfoSize, 0);
@@ -153,6 +154,16 @@ BuildPageStateBuffer (
   IndexMax    = (InfoSize - sizeof (Info->Header)) / sizeof (Info->Entry[0]);
   NextAddress = EndAddress;
 
+  //
+  // Make the use of the work area as efficient as possible relative to
+  // exiting from the guest to the hypervisor. Maximize the number of entries
+  // that can be processed per exit.
+  //
+  PscIndexMax = (IndexMax / SNP_PAGE_STATE_MAX_ENTRY) * SNP_PAGE_STATE_MAX_ENTRY;
+  if (PscIndexMax > 0) {
+    IndexMax = MIN (IndexMax, PscIndexMax);
+  }
+
   //
   // Populate the page state entry structure
   //
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116534): https://edk2.groups.io/g/devel/message/116534
Mute This Topic: https://groups.io/mt/104810705/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 08/24] OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (7 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 09/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-14 10:43   ` Gerd Hoffmann
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 10/24] MdePkg/Register/Amd: Define the SVSM related information Lendacky, Thomas via groups.io
                   ` (15 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

In preparation for running under an SVSM at VMPL1 or higher (higher
numerically, lower privilege), re-organize the way a page state change
is performed in order to free up the GHCB for use by the SVSM support.

Currently, the page state change logic directly uses the GHCB shared
buffer to build the page state change structures. However, this will be
in conflict with the use of the GHCB should an SVSM call be required.

Instead, use a separate buffer (an area in the workarea during SEC and
an allocated page during PEI/DXE) to hold the page state change request
and only update the GHCB shared buffer as needed.

Since the information is copied to, and operated on, in the GHCB shared
buffer this has the added benefit of not requiring to save the start and
end entries for use when validating the memory during the page state
change sequence.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Include/WorkArea.h                                            |   9 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h         |   6 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c    |  11 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c        |  27 ++++-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c    |  22 +++-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c    |  14 ++-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 109 +++++++++++++-------
 7 files changed, 146 insertions(+), 52 deletions(-)

diff --git a/OvmfPkg/Include/WorkArea.h b/OvmfPkg/Include/WorkArea.h
index b1c7045ce18c..e3b415db2caa 100644
--- a/OvmfPkg/Include/WorkArea.h
+++ b/OvmfPkg/Include/WorkArea.h
@@ -2,7 +2,7 @@
 
   Work Area structure definition
 
-  Copyright (c) 2021, AMD Inc.
+  Copyright (c) 2021 - 2024, AMD Inc.
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
@@ -54,6 +54,13 @@ typedef struct _SEC_SEV_ES_WORK_AREA {
   // detection in OvmfPkg/ResetVector/Ia32/AmdSev.c
   //
   UINT8     ReceivedVc;
+  UINT8     Reserved[7];
+
+  // Used by SEC to generate Page State Change requests. This should be
+  // sized less than an equal to the GHCB shared buffer area to allow a
+  // single call to the hypervisor.
+  //
+  UINT8     WorkBuffer[1024];
 } SEC_SEV_ES_WORK_AREA;
 
 //
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h
index 43319cc9ed17..5d23d1828b25 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h
@@ -2,7 +2,7 @@
 
   SEV-SNP Page Validation functions.
 
-  Copyright (c) 2021 AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -24,7 +24,9 @@ InternalSetPageState (
   IN EFI_PHYSICAL_ADDRESS  BaseAddress,
   IN UINTN                 NumPages,
   IN SEV_SNP_PAGE_STATE    State,
-  IN BOOLEAN               UseLargeEntry
+  IN BOOLEAN               UseLargeEntry,
+  IN VOID                  *PscBuffer,
+  IN UINTN                 PscBufferSize
   );
 
 VOID
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
index cbcdd46f528f..2515425e467a 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
@@ -2,7 +2,7 @@
 
   SEV-SNP Page Validation functions.
 
-  Copyright (c) 2021 AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -16,6 +16,8 @@
 #include "SnpPageStateChange.h"
 #include "VirtualMemory.h"
 
+STATIC VOID  *mPscBuffer = NULL;
+
 /**
   Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
 
@@ -52,5 +54,10 @@ MemEncryptSevSnpPreValidateSystemRam (
     }
   }
 
-  InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
+  if (mPscBuffer == NULL) {
+    mPscBuffer = AllocateReservedPages (1);
+    ASSERT (mPscBuffer != NULL);
+  }
+
+  InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE, mPscBuffer, EFI_PAGE_SIZE);
 }
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
index dee3fb8914ca..337a7d926b15 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
@@ -3,7 +3,7 @@
   Virtual Memory Management Services to set or clear the memory encryption bit
 
   Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
-  Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2017 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -23,6 +23,8 @@ STATIC BOOLEAN          mAddressEncMaskChecked = FALSE;
 STATIC UINT64           mAddressEncMask;
 STATIC PAGE_TABLE_POOL  *mPageTablePool = NULL;
 
+STATIC VOID  *mPscBuffer = NULL;
+
 typedef enum {
   SetCBit,
   ClearCBit
@@ -786,7 +788,19 @@ SetMemoryEncDec (
   // The InternalSetPageState() is used for setting the page state in the RMP table.
   //
   if (!Mmio && (Mode == ClearCBit) && MemEncryptSevSnpIsEnabled ()) {
-    InternalSetPageState (PhysicalAddress, EFI_SIZE_TO_PAGES (Length), SevSnpPageShared, FALSE);
+    if (mPscBuffer == NULL) {
+      mPscBuffer = AllocateReservedPages (1);
+      ASSERT (mPscBuffer != NULL);
+    }
+
+    InternalSetPageState (
+      PhysicalAddress,
+      EFI_SIZE_TO_PAGES (Length),
+      SevSnpPageShared,
+      FALSE,
+      mPscBuffer,
+      EFI_PAGE_SIZE
+      );
   }
 
   //
@@ -975,11 +989,18 @@ SetMemoryEncDec (
   // The InternalSetPageState() is used for setting the page state in the RMP table.
   //
   if ((Mode == SetCBit) && MemEncryptSevSnpIsEnabled ()) {
+    if (mPscBuffer == NULL) {
+      mPscBuffer = AllocateReservedPages (1);
+      ASSERT (mPscBuffer != NULL);
+    }
+
     InternalSetPageState (
       OrigPhysicalAddress,
       EFI_SIZE_TO_PAGES (OrigLength),
       SevSnpPagePrivate,
-      FALSE
+      FALSE,
+      mPscBuffer,
+      EFI_PAGE_SIZE
       );
   }
 
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
index 497016544482..0040700f03f3 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
@@ -2,7 +2,7 @@
 
   SEV-SNP Page Validation functions.
 
-  Copyright (c) 2021 AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -17,6 +17,8 @@
 #include "SnpPageStateChange.h"
 #include "VirtualMemory.h"
 
+STATIC UINT8  mPscBufferPage[EFI_PAGE_SIZE];
+
 typedef struct {
   UINT64    StartAddress;
   UINT64    EndAddress;
@@ -113,7 +115,14 @@ MemEncryptSevSnpPreValidateSystemRam (
       if (BaseAddress < OverlapRange.StartAddress) {
         NumPages = EFI_SIZE_TO_PAGES (OverlapRange.StartAddress - BaseAddress);
 
-        InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
+        InternalSetPageState (
+          BaseAddress,
+          NumPages,
+          SevSnpPagePrivate,
+          TRUE,
+          mPscBufferPage,
+          sizeof (mPscBufferPage)
+          );
       }
 
       BaseAddress = OverlapRange.EndAddress;
@@ -122,7 +131,14 @@ MemEncryptSevSnpPreValidateSystemRam (
 
     // Validate the remaining pages.
     NumPages = EFI_SIZE_TO_PAGES (EndAddress - BaseAddress);
-    InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
+    InternalSetPageState (
+      BaseAddress,
+      NumPages,
+      SevSnpPagePrivate,
+      TRUE,
+      mPscBufferPage,
+      sizeof (mPscBufferPage)
+      );
     BaseAddress = EndAddress;
   }
 }
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
index be43a44e4e1d..ca279d77274b 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
@@ -10,6 +10,7 @@
 
 #include <Uefi/UefiBaseType.h>
 #include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
 #include <Library/MemEncryptSevLib.h>
 
 #include "SnpPageStateChange.h"
@@ -65,6 +66,8 @@ MemEncryptSevSnpPreValidateSystemRam (
   IN UINTN             NumPages
   )
 {
+  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;
+
   if (!MemEncryptSevSnpIsEnabled ()) {
     return;
   }
@@ -78,5 +81,14 @@ MemEncryptSevSnpPreValidateSystemRam (
     SnpPageStateFailureTerminate ();
   }
 
-  InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
+  SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);
+
+  InternalSetPageState (
+    BaseAddress,
+    NumPages,
+    SevSnpPagePrivate,
+    TRUE,
+    SevEsWorkArea->WorkBuffer,
+    sizeof (SevEsWorkArea->WorkBuffer)
+    );
 }
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
index 60b176ab14b8..bcc0798d6b02 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
@@ -72,16 +72,19 @@ SnpPageStateFailureTerminate (
 STATIC
 VOID
 PvalidateRange (
-  IN  SNP_PAGE_STATE_CHANGE_INFO  *Info,
-  IN  UINTN                       StartIndex,
-  IN  UINTN                       EndIndex,
-  IN  BOOLEAN                     Validate
+  IN  SNP_PAGE_STATE_CHANGE_INFO  *Info
   )
 {
   UINTN                 RmpPageSize;
+  UINTN                 StartIndex;
+  UINTN                 EndIndex;
   UINTN                 Index;
   UINTN                 Ret;
   EFI_PHYSICAL_ADDRESS  Address;
+  BOOLEAN               Validate;
+
+  StartIndex = Info->Header.CurrentEntry;
+  EndIndex   = Info->Header.EndEntry;
 
   for ( ; StartIndex <= EndIndex; StartIndex++) {
     //
@@ -89,6 +92,7 @@ PvalidateRange (
     //
     Address     = ((EFI_PHYSICAL_ADDRESS)Info->Entry[StartIndex].GuestFrameNumber) << EFI_PAGE_SHIFT;
     RmpPageSize = Info->Entry[StartIndex].PageSize;
+    Validate    = Info->Entry[StartIndex].Operation == SNP_PAGE_STATE_PRIVATE;
 
     Ret = AsmPvalidate (RmpPageSize, Validate, Address);
 
@@ -182,11 +186,29 @@ BuildPageStateBuffer (
 STATIC
 VOID
 PageStateChangeVmgExit (
-  IN GHCB                        *Ghcb,
-  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  IN GHCB                  *Ghcb,
+  IN SNP_PAGE_STATE_ENTRY  *Start,
+  IN UINT16                Count
   )
 {
-  EFI_STATUS  Status;
+  SNP_PAGE_STATE_CHANGE_INFO  *GhcbInfo;
+  EFI_STATUS                  Status;
+  BOOLEAN                     InterruptState;
+
+  ASSERT (Count <= SNP_PAGE_STATE_MAX_ENTRY);
+  if (Count > SNP_PAGE_STATE_MAX_ENTRY) {
+    SnpPageStateFailureTerminate ();
+  }
+
+  //
+  // Initialize the GHCB
+  //
+  CcExitVmgInit (Ghcb, &InterruptState);
+
+  GhcbInfo                      = (SNP_PAGE_STATE_CHANGE_INFO *)Ghcb->SharedBuffer;
+  GhcbInfo->Header.CurrentEntry = 0;
+  GhcbInfo->Header.EndEntry     = Count - 1;
+  CopyMem (GhcbInfo->Entry, Start, sizeof (*Start) * Count);
 
   //
   // As per the GHCB specification, the hypervisor can resume the guest before
@@ -197,7 +219,7 @@ PageStateChangeVmgExit (
   // page state was not successful, then later memory access will result
   // in the crash.
   //
-  while (Info->Header.CurrentEntry <= Info->Header.EndEntry) {
+  while (GhcbInfo->Header.CurrentEntry <= GhcbInfo->Header.EndEntry) {
     Ghcb->SaveArea.SwScratch = (UINT64)Ghcb->SharedBuffer;
     CcExitVmgSetOffsetValid (Ghcb, GhcbSwScratch);
 
@@ -211,6 +233,34 @@ PageStateChangeVmgExit (
       SnpPageStateFailureTerminate ();
     }
   }
+
+  CcExitVmgDone (Ghcb, InterruptState);
+}
+
+STATIC
+VOID
+PageStateChange (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  )
+{
+  GHCB                      *Ghcb;
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+  SNP_PAGE_STATE_HEADER     *Header;
+  UINT16                    Index;
+  UINT16                    Count;
+
+  Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB);
+  Ghcb                    = Msr.Ghcb;
+
+  Header = &Info->Header;
+
+  for (Index = Header->CurrentEntry; Index <= Header->EndEntry;) {
+    Count = MIN (Header->EndEntry - Index + 1, SNP_PAGE_STATE_MAX_ENTRY);
+
+    PageStateChangeVmgExit (Ghcb, &Info->Entry[Index], Count);
+
+    Index += Count;
+  }
 }
 
 /**
@@ -226,18 +276,14 @@ InternalSetPageState (
   IN EFI_PHYSICAL_ADDRESS  BaseAddress,
   IN UINTN                 NumPages,
   IN SEV_SNP_PAGE_STATE    State,
-  IN BOOLEAN               UseLargeEntry
+  IN BOOLEAN               UseLargeEntry,
+  IN VOID                  *PscBuffer,
+  IN UINTN                 PscBufferSize
   )
 {
-  GHCB                        *Ghcb;
   EFI_PHYSICAL_ADDRESS        NextAddress, EndAddress;
-  MSR_SEV_ES_GHCB_REGISTER    Msr;
-  BOOLEAN                     InterruptState;
   SNP_PAGE_STATE_CHANGE_INFO  *Info;
 
-  Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB);
-  Ghcb                    = Msr.Ghcb;
-
   EndAddress = BaseAddress + EFI_PAGES_TO_SIZE (NumPages);
 
   DEBUG ((
@@ -251,57 +297,40 @@ InternalSetPageState (
     UseLargeEntry
     ));
 
-  while (BaseAddress < EndAddress) {
-    UINTN  CurrentEntry, EndEntry;
-
-    //
-    // Initialize the GHCB
-    //
-    CcExitVmgInit (Ghcb, &InterruptState);
+  Info = (SNP_PAGE_STATE_CHANGE_INFO *)PscBuffer;
 
+  for (NextAddress = BaseAddress; NextAddress < EndAddress;) {
     //
     // Build the page state structure
     //
-    Info        = (SNP_PAGE_STATE_CHANGE_INFO *)Ghcb->SharedBuffer;
     NextAddress = BuildPageStateBuffer (
-                    BaseAddress,
+                    NextAddress,
                     EndAddress,
                     State,
                     UseLargeEntry,
-                    Info,
-                    sizeof (Ghcb->SharedBuffer)
+                    PscBuffer,
+                    PscBufferSize
                     );
 
-    //
-    // Save the current and end entry from the page state structure. We need
-    // it later.
-    //
-    CurrentEntry = Info->Header.CurrentEntry;
-    EndEntry     = Info->Header.EndEntry;
-
     //
     // If the caller requested to change the page state to shared then
     // invalidate the pages before making the page shared in the RMP table.
     //
     if (State == SevSnpPageShared) {
-      PvalidateRange (Info, CurrentEntry, EndEntry, FALSE);
+      PvalidateRange (Info);
     }
 
     //
     // Invoke the page state change VMGEXIT.
     //
-    PageStateChangeVmgExit (Ghcb, Info);
+    PageStateChange (Info);
 
     //
     // If the caller requested to change the page state to private then
     // validate the pages after it has been added in the RMP table.
     //
     if (State == SevSnpPagePrivate) {
-      PvalidateRange (Info, CurrentEntry, EndEntry, TRUE);
+      PvalidateRange (Info);
     }
-
-    CcExitVmgDone (Ghcb, InterruptState);
-
-    BaseAddress = NextAddress;
   }
 }
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116533): https://edk2.groups.io/g/devel/message/116533
Mute This Topic: https://groups.io/mt/104810704/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 10/24] MdePkg/Register/Amd: Define the SVSM related information
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (8 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 08/24] OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 11/24] MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM Lendacky, Thomas via groups.io
                   ` (14 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The Secure VM Service Module specification defines the interfaces needed
to allow multi-VMPL level execution of an SEV-SNP guest.

Define the SVSM related structures for the SVSM Calling Area as well as
the SVSM CAA MSR. The SVSM CAA MSR is an MSR register that is reserved for
software use and will not be implemented in hardware.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Include/Register/Amd/Fam17Msr.h |  19 +++-
 MdePkg/Include/Register/Amd/Msr.h      |   3 +-
 MdePkg/Include/Register/Amd/Svsm.h     | 101 ++++++++++++++++++++
 MdePkg/Include/Register/Amd/SvsmMsr.h  |  35 +++++++
 4 files changed, 156 insertions(+), 2 deletions(-)

diff --git a/MdePkg/Include/Register/Amd/Fam17Msr.h b/MdePkg/Include/Register/Amd/Fam17Msr.h
index bb4e143e2456..f2d5ccb39dc7 100644
--- a/MdePkg/Include/Register/Amd/Fam17Msr.h
+++ b/MdePkg/Include/Register/Amd/Fam17Msr.h
@@ -6,7 +6,7 @@
   returned is a single 32-bit or 64-bit value, then a data structure is not
   provided for that MSR.
 
-  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.<BR>
+  Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
   @par Specification Reference:
@@ -71,9 +71,24 @@ typedef union {
     UINT32    ErrorCode;
   } SnpPageStateChangeResponse;
 
+  struct {
+    UINT64    Function  : 12;
+    UINT64    Reserved1 : 20;
+    UINT64    Vmpl      : 8;
+    UINT64    Reserved2 : 56;
+  } SnpVmplRequest;
+
+  struct {
+    UINT32    Function : 12;
+    UINT32    Reserved : 20;
+    UINT32    ErrorCode;
+  } SnpVmplResponse;
+
   VOID      *Ghcb;
 
   UINT64    GhcbPhysicalAddress;
+
+  UINT64    Uint64;
 } MSR_SEV_ES_GHCB_REGISTER;
 
 #define GHCB_INFO_SEV_INFO                        1
@@ -84,6 +99,8 @@ typedef union {
 #define GHCB_INFO_GHCB_GPA_REGISTER_RESPONSE      19
 #define GHCB_INFO_SNP_PAGE_STATE_CHANGE_REQUEST   20
 #define GHCB_INFO_SNP_PAGE_STATE_CHANGE_RESPONSE  21
+#define GHCB_INFO_SNP_VMPL_REQUEST                22
+#define GHCB_INFO_SNP_VMPL_RESPONSE               23
 #define GHCB_HYPERVISOR_FEATURES_REQUEST          128
 #define GHCB_HYPERVISOR_FEATURES_RESPONSE         129
 #define GHCB_INFO_TERMINATE_REQUEST               256
diff --git a/MdePkg/Include/Register/Amd/Msr.h b/MdePkg/Include/Register/Amd/Msr.h
index 084eb892cdd9..04a3cbeb4315 100644
--- a/MdePkg/Include/Register/Amd/Msr.h
+++ b/MdePkg/Include/Register/Amd/Msr.h
@@ -6,7 +6,7 @@
   returned is a single 32-bit or 64-bit value, then a data structure is not
   provided for that MSR.
 
-  Copyright (c) 2017 - 2019, Advanced Micro Devices. All rights reserved.<BR>
+  Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
   @par Specification Reference:
@@ -19,5 +19,6 @@
 
 #include <Register/Intel/ArchitecturalMsr.h>
 #include <Register/Amd/Fam17Msr.h>
+#include <Register/Amd/SvsmMsr.h>
 
 #endif
diff --git a/MdePkg/Include/Register/Amd/Svsm.h b/MdePkg/Include/Register/Amd/Svsm.h
new file mode 100644
index 000000000000..9a989f803107
--- /dev/null
+++ b/MdePkg/Include/Register/Amd/Svsm.h
@@ -0,0 +1,101 @@
+/** @file
+  Secure VM Service Module (SVSM) Definition.
+
+  Provides data types allowing an SEV-SNP guest to interact with the SVSM.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+  @par Specification Reference:
+  Secure VM Service Module Specification
+
+**/
+
+#ifndef SVSM_H_
+#define SVSM_H_
+
+#include <Base.h>
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+
+//
+// The SVSM definitions are part of the SNP Secrets Page:
+//   An SVSM is considered present if the SvsmSize field is non-zero.
+//
+typedef PACKED struct {
+  UINT8     Reserved1[320];
+
+  UINT64    SvsmBase;
+  UINT64    SvsmSize;
+  UINT64    SvsmCaa;
+  UINT32    SvsmMaxVersion;
+  UINT8     SvsmGuestVmpl;
+  UINT8     Reserved2[3];
+} SVSM_INFORMATION;
+
+typedef PACKED struct {
+  UINT8    SvsmCallPending;
+  UINT8    SvsmMemAvailable;
+  UINT8    Reserved1[6];
+
+  //
+  // The remainder of the CAA 4KB area can be used for argument
+  // passing to the SVSM.
+  //
+  UINT8    SvsmBuffer[SIZE_4KB - 8];
+} SVSM_CAA;
+
+#define SVSM_SUCCESS                   0x00000000
+#define SVSM_ERR_INCOMPLETE            0x80000000
+#define SVSM_ERR_UNSUPPORTED_PROTOCOL  0x80000001
+#define SVSM_ERR_UNSUPPORTED_CALL      0x80000002
+#define SVSM_ERR_INVALID_ADDRESS       0x80000003
+#define SVSM_ERR_INVALID_FORMAT        0x80000004
+#define SVSM_ERR_INVALID_PARAMETER     0x80000005
+#define SVSM_ERR_INVALID_REQUEST       0x80000006
+#define SVSM_ERR_BUSY                  0x80000007
+
+#define SVSM_ERR_PVALIDATE_FAIL_INPUT          0x80001001
+#define SVSM_ERR_PVALIDATE_FAIL_SIZE_MISMATCH  0x80001006
+#define SVSM_ERR_PVALIDATE_FAIL_NO_CHANGE      0x80001010
+
+typedef PACKED struct {
+  UINT16    Entries;
+  UINT16    Next;
+
+  UINT8     Reserved[4];
+} SVSM_PVALIDATE_HEADER;
+
+typedef union {
+  struct {
+    UINT64    PageSize   : 2;
+    UINT64    Action     : 1;
+    UINT64    IgnoreCf   : 1;
+    UINT64    Reserved_2 : 8;
+    UINT64    Address    : 52;
+  } Bits;
+  UINT64    Uint64;
+} SVSM_PVALIDATE_ENTRY;
+
+typedef PACKED struct {
+  SVSM_PVALIDATE_HEADER    Header;
+  SVSM_PVALIDATE_ENTRY     Entry[];
+} SVSM_PVALIDATE_REQUEST;
+
+#define SVSM_PVALIDATE_MAX_ENTRY   \
+  ((sizeof (((SVSM_CAA *)0)->SvsmBuffer) - sizeof (SVSM_PVALIDATE_HEADER)) / sizeof (SVSM_PVALIDATE_ENTRY))
+
+typedef union {
+  SVSM_PVALIDATE_REQUEST    PvalidateRequest;
+} SVSM_REQUEST;
+
+typedef union {
+  struct {
+    UINT32    CallId;
+    UINT32    Protocol;
+  } Id;
+
+  UINT64    Uint64;
+} SVSM_FUNCTION;
+
+#endif
diff --git a/MdePkg/Include/Register/Amd/SvsmMsr.h b/MdePkg/Include/Register/Amd/SvsmMsr.h
new file mode 100644
index 000000000000..9e7fca880ba5
--- /dev/null
+++ b/MdePkg/Include/Register/Amd/SvsmMsr.h
@@ -0,0 +1,35 @@
+/** @file
+  MSR Definitions.
+
+  Provides defines for Machine Specific Registers(MSR) indexes. Data structures
+  are provided for MSRs that contain one or more bit fields.  If the MSR value
+  returned is a single 32-bit or 64-bit value, then a data structure is not
+  provided for that MSR.
+
+  Copyright (c) 2024, Advanced Micro Devices. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef SVSM_MSR_H_
+#define SVSM_MSR_H_
+
+/**
+  Secure VM Service Module CAA register
+
+**/
+#define MSR_SVSM_CAA  0xc001f000
+
+/**
+  MSR information returned for #MSR_SVSM_CAA
+**/
+typedef union {
+  struct {
+    UINT32    Lower32Bits;
+    UINT32    Upper32Bits;
+  } Bits;
+
+  UINT64    Uint64;
+} MSR_SVSM_CAA_REGISTER;
+
+#endif
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116535): https://edk2.groups.io/g/devel/message/116535
Mute This Topic: https://groups.io/mt/104810708/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 11/24] MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (9 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 10/24] MdePkg/Register/Amd: Define the SVSM related information Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM Lendacky, Thomas via groups.io
                   ` (13 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The SVSM specification relies on a specific register calling convention to
hold the parameters that are associated with the SVSM request. The SVSM is
invoked by requesting the hypervisor to run the VMPL0 VMSA of the guest
using the GHCB MSR Protocol or a GHCB NAE event.

Create a new version of the VMGEXIT instruction that will adhere to this
calling convention and load the SVSM function arguments into the proper
register before invoking the VMGEXIT instruction. On return, perform the
atomic exchange on the SVSM call pending value as specified in the SVSM
specification.

Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Library/BaseLib/BaseLib.inf           |  2 +
 MdePkg/Include/Library/BaseLib.h             | 39 ++++++++
 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm | 39 ++++++++
 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm  | 94 ++++++++++++++++++++
 4 files changed, 174 insertions(+)

diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/BaseLib.inf
index 4dbe94be71e1..26e66a8d67cf 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -187,6 +187,7 @@ [Sources.Ia32]
   Ia32/XGetBv.nasm
   Ia32/XSetBv.nasm
   Ia32/VmgExit.nasm
+  Ia32/VmgExitSvsm.nasm
 
   Ia32/DivS64x64Remainder.c
   Ia32/InternalSwitchStack.c | MSFT
@@ -328,6 +329,7 @@ [Sources.X64]
   X64/XGetBv.nasm
   X64/XSetBv.nasm
   X64/VmgExit.nasm
+  X64/VmgExitSvsm.nasm
   ChkStkGcc.c  | GCC
 
 [Sources.EBC]
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 1fff0fb224f1..95f805599d9d 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -7876,6 +7876,45 @@ AsmVmgExit (
   VOID
   );
 
+///
+/// The structure used to supply and return data to and from the SVSM.
+///
+typedef struct {
+  VOID      *Caa;
+  UINT64    RaxIn;
+  UINT64    RcxIn;
+  UINT64    RdxIn;
+  UINT64    R8In;
+  UINT64    R9In;
+  UINT64    RaxOut;
+  UINT64    RcxOut;
+  UINT64    RdxOut;
+  UINT64    R8Out;
+  UINT64    R9Out;
+  UINT8     *CallPending;
+} SVSM_CALL_DATA;
+
+/**
+  Executes a VMGEXIT instruction (VMMCALL with a REP prefix) with arguments
+  and return code
+
+  Executes a VMGEXIT instruction placing the specified arguments in the
+  corresponding registers before invocation. Upon return an XCHG is done to
+  atomically clear and retrieve the SVSM call pending value. The returned RAX
+  register value becomes the function return code. This function is intended
+  for use with an SVSM. This function is only available on IA-32 and x64.
+
+  @param[in,out]  SvsmCallPending  Pointer to the location of the SVSM call data
+
+  @return                          Value of the RAX register on return
+
+**/
+UINT32
+EFIAPI
+AsmVmgExitSvsm (
+  IN OUT SVSM_CALL_DATA  *SvsmCallData
+  );
+
 /**
   Patch the immediate operand of an IA32 or X64 instruction such that the byte,
   word, dword or qword operand is encoded at the end of the instruction's
diff --git a/MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm b/MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
new file mode 100644
index 000000000000..14717bd1af02
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
@@ -0,0 +1,39 @@
+;------------------------------------------------------------------------------
+;
+; Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   VmgExitSvsm.Asm
+;
+; Abstract:
+;
+;   AsmVmgExitSvsm function
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+    DEFAULT REL
+    SECTION .text
+
+;------------------------------------------------------------------------------
+; UINT32
+; EFIAPI
+; AsmVmgExitSvsm (
+;   SVSM_CALL_DATA *SvsmCallData
+;   );
+;------------------------------------------------------------------------------
+global ASM_PFX(AsmVmgExitSvsm)
+ASM_PFX(AsmVmgExitSvsm):
+;
+; NASM doesn't support the vmmcall instruction in 32-bit mode and NASM versions
+; before 2.12 cannot translate the 64-bit "rep vmmcall" instruction into elf32
+; format. Given that VMGEXIT does not make sense on IA32, provide a stub
+; implementation that is identical to CpuBreakpoint(). In practice,
+; AsmVmgExitSvsm() should never be called on IA32.
+;
+    int  3
+    ret
+
diff --git a/MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm b/MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
new file mode 100644
index 000000000000..b8af78890611
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
@@ -0,0 +1,94 @@
+;------------------------------------------------------------------------------
+;
+; Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   VmgExitSvsm.Asm
+;
+; Abstract:
+;
+;   AsmVmgExitSvsm function
+;
+; Notes:
+;
+;------------------------------------------------------------------------------
+
+    DEFAULT REL
+    SECTION .text
+
+;------------------------------------------------------------------------------
+; typedef struct {
+;   VOID      *Caa;
+;   UINT64    RaxIn;
+;   UINT64    RcxIn;
+;   UINT64    RdxIn;
+;   UINT64    R8In;
+;   UINT64    R9In;
+;   UINT64    RaxOut;
+;   UINT64    RcxOut;
+;   UINT64    RdxOut;
+;   UINT64    R8Out;
+;   UINT64    R9Out;
+;   UINT8     *CallPending;
+; } SVSM_CALL_DATA;
+;
+; UINT32
+; EFIAPI
+; AsmVmgExitSvsm (
+;   SVSM_CALL_DATA *SvsmCallData
+;   );
+;------------------------------------------------------------------------------
+global ASM_PFX(AsmVmgExitSvsm)
+ASM_PFX(AsmVmgExitSvsm):
+    push    r10
+    push    r11
+    push    r12
+
+;
+; Calling convention has SvsmCallData in RCX. Move RCX to R12 in order to
+; properly populate the SVSM register state.
+;
+    mov     r12, rcx
+
+    mov     rax, [r12 + 8]
+    mov     rcx, [r12 + 16]
+    mov     rdx, [r12 + 24]
+    mov     r8,  [r12 + 32]
+    mov     r9,  [r12 + 40]
+
+;
+; Set CA call pending
+;
+    mov     r10, [r12]
+    mov     byte [r10], 1
+
+    rep     vmmcall
+
+    mov     [r12 + 48], rax
+    mov     [r12 + 56], rcx
+    mov     [r12 + 64], rdx
+    mov     [r12 + 72], r8
+    mov     [r12 + 80], r9
+
+;
+; Perform the atomic exchange and return the CA call pending value.
+; The call pending value is a one-byte field at offset 0 into the CA,
+; which is currently the value in R10.
+;
+
+    mov     r11, [r12 + 88]     ; Get CallPending address
+    mov     cl, byte [r11]
+    xchg    byte [r10], cl
+    mov     byte [r11], cl      ; Return the exchanged value
+
+    pop     r12
+    pop     r11
+    pop     r10
+
+;
+; RAX has the value to be returned from the SVSM
+;
+    ret
+
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116536): https://edk2.groups.io/g/devel/message/116536
Mute This Topic: https://groups.io/mt/104810711/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (10 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 11/24] MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-04-03  7:06   ` Ni, Ray
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 13/24] UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
                   ` (12 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

In order to support an SEV-SNP guest running under an SVSM at VMPL1 or
lower, a new library must be created.

This library includes an interface to detect if running under an SVSM, an
interface to return the current VMPL, an interface to perform memory
validation and an interface to set or clear the attribute that allows a
page to be used as a VMSA.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec                            |   3 +
 UefiCpuPkg/UefiCpuPkg.dsc                            |   4 +-
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf |  27 +++++
 UefiCpuPkg/Include/Library/AmdSvsmLib.h              | 101 ++++++++++++++++++
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c   | 108 ++++++++++++++++++++
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni |  13 +++
 6 files changed, 255 insertions(+), 1 deletion(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index c31d8b6736cf..d1bff93ae2e0 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -52,6 +52,9 @@ [LibraryClasses.IA32, LibraryClasses.X64]
   ##  @libraryclass  Provides function to support CcExit processing.
   CcExitLib|Include/Library/CcExitLib.h
 
+  ##  @libraryclass  Provides function to support AmdSvsm processing.
+  AmdSvsmLib|Include/Library/AmdSvsmLib.h
+
   ##  @libraryclass  Provides function to get CPU cache information.
   CpuCacheInfoLib|Include/Library/CpuCacheInfoLib.h
 
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 10b33594e586..422e50c92b48 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -2,7 +2,7 @@
 #  UefiCpuPkg Package
 #
 #  Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.<BR>
-#  Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -61,6 +61,7 @@ [LibraryClasses]
   PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
   TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf
   SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
   CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
@@ -159,6 +160,7 @@ [Components.IA32, Components.X64]
   UefiCpuPkg/Library/SmmCpuFeaturesLib/StandaloneMmCpuFeaturesLib.inf
   UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.inf
   UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
+  UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf
   UefiCpuPkg/SecCore/SecCore.inf
diff --git a/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
new file mode 100644
index 000000000000..45a189540941
--- /dev/null
+++ b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
@@ -0,0 +1,27 @@
+## @file
+#  AmdSvsm Base Support Library.
+#
+#  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 1.29
+  BASE_NAME                      = AmdSvsmLibNull
+  MODULE_UNI_FILE                = AmdSvsmLibNull.uni
+  FILE_GUID                      = 62b45e0f-c9b4-45ce-a5b3-41762709b3d9
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = AmdSvsmLib
+
+[Sources.common]
+  AmdSvsmLibNull.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
+
+[LibraryClasses]
+  BaseLib
+
diff --git a/UefiCpuPkg/Include/Library/AmdSvsmLib.h b/UefiCpuPkg/Include/Library/AmdSvsmLib.h
new file mode 100644
index 000000000000..40e0e5bd4259
--- /dev/null
+++ b/UefiCpuPkg/Include/Library/AmdSvsmLib.h
@@ -0,0 +1,101 @@
+/** @file
+  Public header file for the AmdSvsmLib.
+
+  This library class defines some routines used for invoking an SVSM when the
+  guest is not running at VMPL0.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef AMD_SVSM_LIB_H_
+#define AMD_SVSM_LIB_H_
+
+#include <Protocol/DebugSupport.h>
+#include <Register/Amd/Ghcb.h>
+
+/**
+  Report the presence of an Secure Virtual Services Module (SVSM).
+
+  Determines the presence of an SVSM.
+
+  @retval  TRUE                   An SVSM is present
+  @retval  FALSE                  An SVSM is not present
+
+**/
+BOOLEAN
+EFIAPI
+AmdSvsmIsSvsmPresent (
+  VOID
+  );
+
+/**
+  Report the VMPL level at which the SEV-SNP guest is running.
+
+  Determines the VMPL level at which the guest is running. If an SVSM is
+  not present, then it must be VMPL0, otherwise return what is reported
+  by the SVSM.
+
+  @return                         The VMPL level
+
+**/
+UINT8
+EFIAPI
+AmdSvsmSnpGetVmpl (
+  VOID
+  );
+
+/**
+  Report the Calling Area address (CAA) for the BSP of the SEV-SNP guest.
+
+  If an SVSM is present, the CAA for the BSP is returned.
+
+  @return                         The CAA
+
+**/
+UINT64
+EFIAPI
+AmdSvsmSnpGetCaa (
+  VOID
+  );
+
+/**
+  Perform a PVALIDATE operation for the page ranges specified.
+
+  Validate or rescind the validation of the specified pages.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+VOID
+EFIAPI
+AmdSvsmSnpPvalidate (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  );
+
+/**
+  Perform an RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       ApicId         APIC ID associated with the VMSA
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_UNSUPPORTED        Operation is not supported
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+EFI_STATUS
+EFIAPI
+AmdSvsmSnpVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN UINT32            ApicId,
+  IN BOOLEAN           SetVmsa
+  );
+
+#endif
diff --git a/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
new file mode 100644
index 000000000000..a83fcbd6ce7b
--- /dev/null
+++ b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
@@ -0,0 +1,108 @@
+/** @file
+  AmdSvsm Base Support Library.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Uefi.h>
+#include <Library/AmdSvsmLib.h>
+
+/**
+  Report the presence of an Secure Virtual Services Module (SVSM).
+
+  Determines the presence of an SVSM.
+
+  @retval  TRUE                   An SVSM is present
+  @retval  FALSE                  An SVSM is not present
+
+**/
+BOOLEAN
+EFIAPI
+AmdSvsmIsSvsmPresent (
+  VOID
+  )
+{
+  return FALSE;
+}
+
+/**
+  Report the VMPL level at which the SEV-SNP guest is running.
+
+  Determines the VMPL level at which the guest is running. If an SVSM is
+  not present, then it must be VMPL0, otherwise return what is reported
+  by the SVSM.
+
+  @return                         The VMPL level
+
+**/
+UINT8
+EFIAPI
+AmdSvsmSnpGetVmpl (
+  VOID
+  )
+{
+  return 0;
+}
+
+/**
+  Report the Calling Area address (CAA) for the BSP of the SEV-SNP guest.
+
+  If an SVSM is present, the CAA for the BSP is returned.
+
+  @return                         The CAA
+
+**/
+UINT64
+EFIAPI
+AmdSvsmSnpGetCaa (
+  VOID
+  )
+{
+  return 0;
+}
+
+/**
+  Perform a PVALIDATE operation for the page ranges specified.
+
+  Validate or rescind the validation of the specified pages.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+VOID
+EFIAPI
+AmdSvsmSnpPvalidate (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  )
+{
+}
+
+/**
+  Perform an RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       ApicId         APIC ID associated with the VMSA
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_UNSUPPORTED        Operation is not supported
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+EFI_STATUS
+EFIAPI
+AmdSvsmSnpVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN UINT32            ApicId,
+  IN BOOLEAN           SetVmsa
+  )
+{
+  return EFI_UNSUPPORTED;
+}
diff --git a/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
new file mode 100644
index 000000000000..5e998030de5b
--- /dev/null
+++ b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
@@ -0,0 +1,13 @@
+// /** @file
+// AmdSvsmLib instance.
+//
+// Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "AmdSvsmLib NULL instance"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "AmdSvsmLib NULL instance."
+
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116537): https://edk2.groups.io/g/devel/message/116537
Mute This Topic: https://groups.io/mt/104810717/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 13/24] UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (11 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 15/24] Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services Lendacky, Thomas via groups.io
                   ` (11 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth, Gua Guo, Guo Dong, James Lu,
	Sean Rhodes

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The MpInitLib library will be updated to use the new AmdSvsmLib library.
To prevent any build breakage, update the UefiPayloadPkg DSC file to
include the AmdSvsmLib NULL library.

Cc: Gua Guo <gua.guo@intel.com>
Cc: Guo Dong <guo.dong@intel.com>
Cc: James Lu <james.lu@intel.com>
Cc: Sean Rhodes <sean@starlabs.systems>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiPayloadPkg/UefiPayloadPkg.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 433fb51a5695..e1b9d5ecf182 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -313,6 +313,7 @@ [LibraryClasses]
   VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   VariableFlashInfoLib|MdeModulePkg/Library/BaseVariableFlashInfoLib/BaseVariableFlashInfoLib.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
   FdtLib|MdePkg/Library/BaseFdtLib/BaseFdtLib.inf
 [LibraryClasses.common]
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116538): https://edk2.groups.io/g/devel/message/116538
Mute This Topic: https://groups.io/mt/104810720/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 15/24] Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (12 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 13/24] UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-14 10:39   ` Gerd Hoffmann
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 14/24] Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
                   ` (10 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth, Anatol Belski, Jianyong Wu

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

Add initial support for the new AmdSvsmLib library to OvmfPkg. The initial
implementation fully implements the library interfaces.

The SVSM presence check, AmdSvsmIsSvsmPresent(), determines the presence
of an SVSM by checking if an SVSM has been advertised in the SEV-SNP
Secrets Page.

The VMPL API, AmdSvsmSnpGetVmpl(), returns the VMPL level at which OVMF is
currently running.

The CAA API, AmdSvsmSnpGetCaa(), returns the Calling Area Address when an
SVSM is present, 0 otherwise.

The PVALIDATE API, AmdSvsmSnpPvalidate(), copies the PVALIDATE logic from
the BaseMemEncryptSevLib library for the initial implementation. The
BaseMemEncryptSevLib library will be changed to use this new API so that
the decision as to whether the SVSM is needed to perform the operation
can be isolated to this library.

The VMSA API, AmdSvsmSnpVmsaRmpAdjust(), copies the RMPUPDATE logic from
the MpInitLib library for the initial implementation. The MpInitLib
library will be changed to use this new API so that the decision as to
whether the SVSM is needed to perform the operation can be isolated to
this library.

Cc: Anatol Belski <anbelski@linux.microsoft.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jianyong Wu <jianyong.wu@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/AmdSev/AmdSevX64.dsc              |   2 +-
 OvmfPkg/CloudHv/CloudHvX64.dsc            |   2 +-
 OvmfPkg/Microvm/MicrovmX64.dsc            |   2 +-
 OvmfPkg/OvmfPkgX64.dsc                    |   2 +-
 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf |  38 +++
 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c   | 267 ++++++++++++++++++++
 6 files changed, 309 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 140c4208f5b7..a7540bb6367f 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -204,7 +204,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
-  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
+  AmdSvsmLib|OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index 4dad0a36e757..b1911d6ab4ac 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -242,7 +242,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc
 
 [LibraryClasses.common]
-  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
+  AmdSvsmLib|OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index cc84ee3c2956..1f2f8b5bb618 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -246,7 +246,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
-  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
+  AmdSvsmLib|OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   SerialPortLib|MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPortLib16550.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 87e210d4409c..540c1ed8da63 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -268,7 +268,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
-  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
+  AmdSvsmLib|OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
new file mode 100644
index 000000000000..cfd2663adc3a
--- /dev/null
+++ b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
@@ -0,0 +1,38 @@
+## @file
+#  CcExitLib Library.
+#
+#  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 1.29
+  BASE_NAME                      = AmdSvsmLib
+  FILE_GUID                      = 288e3588-87d8-4c2c-b568-bf900de0fb36
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = AmdSvsmLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = X64
+#
+
+[Sources.common]
+  AmdSvsmLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  OvmfPkg/OvmfPkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+
+[Pcd]
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
diff --git a/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
new file mode 100644
index 000000000000..861bf9591ae3
--- /dev/null
+++ b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
@@ -0,0 +1,267 @@
+/** @file
+  SVSM Support Library.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Uefi.h>
+#include <Library/AmdSvsmLib.h>
+#include <Register/Amd/Msr.h>
+#include <Register/Amd/Svsm.h>
+
+#define PAGES_PER_2MB_ENTRY  512
+
+/**
+  Issue a GHCB termination request for termination.
+
+  Request termination using the GHCB MSR protocol.
+
+**/
+STATIC
+VOID
+SnpTerminate (
+  VOID
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+
+  //
+  // Use the GHCB MSR Protocol to request termination by the hypervisor
+  //
+  Msr.Uint64                      = 0;
+  Msr.GhcbTerminate.Function      = GHCB_INFO_TERMINATE_REQUEST;
+  Msr.GhcbTerminate.ReasonCodeSet = GHCB_TERMINATE_GHCB;
+  Msr.GhcbTerminate.ReasonCode    = GHCB_TERMINATE_GHCB_GENERAL;
+  AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.Uint64);
+
+  AsmVmgExit ();
+
+  ASSERT (FALSE);
+  CpuDeadLoop ();
+}
+
+/**
+  Report the presence of an Secure Virtual Services Module (SVSM).
+
+  Determines the presence of an SVSM.
+
+  @retval  TRUE                   An SVSM is present
+  @retval  FALSE                  An SVSM is not present
+
+**/
+BOOLEAN
+EFIAPI
+AmdSvsmIsSvsmPresent (
+  VOID
+  )
+{
+  SVSM_INFORMATION  *SvsmInfo;
+
+  SvsmInfo = (SVSM_INFORMATION *)(UINTN)PcdGet32 (PcdOvmfSnpSecretsBase);
+
+  return (SvsmInfo != NULL && SvsmInfo->SvsmSize != 0);
+}
+
+/**
+  Report the VMPL level at which the SEV-SNP guest is running.
+
+  Determines the VMPL level at which the guest is running. If an SVSM is
+  not present, then it must be VMPL0, otherwise return what is reported
+  by the SVSM.
+
+  @return                         The VMPL level
+
+**/
+UINT8
+EFIAPI
+AmdSvsmSnpGetVmpl (
+  VOID
+  )
+{
+  SVSM_INFORMATION  *SvsmInfo;
+
+  SvsmInfo = (SVSM_INFORMATION *)(UINTN)PcdGet32 (PcdOvmfSnpSecretsBase);
+
+  return AmdSvsmIsSvsmPresent () ? SvsmInfo->SvsmGuestVmpl : 0;
+}
+
+/**
+  Report the Calling Area address (CAA) for the BSP of the SEV-SNP guest.
+
+  If an SVSM is present, the CAA for the BSP is returned.
+
+  @return                         The CAA
+
+**/
+UINT64
+EFIAPI
+AmdSvsmSnpGetCaa (
+  VOID
+  )
+{
+  SVSM_INFORMATION  *SvsmInfo;
+
+  SvsmInfo = (SVSM_INFORMATION *)(UINTN)PcdGet32 (PcdOvmfSnpSecretsBase);
+
+  return AmdSvsmIsSvsmPresent () ? SvsmInfo->SvsmCaa : 0;
+}
+
+/**
+  Perform a native PVALIDATE operation for the page ranges specified.
+
+  Validate or rescind the validation of the specified pages.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+STATIC
+VOID
+BasePvalidate (
+  IN  SNP_PAGE_STATE_CHANGE_INFO  *Info
+  )
+{
+  UINTN                 RmpPageSize;
+  UINTN                 StartIndex;
+  UINTN                 EndIndex;
+  UINTN                 Index;
+  UINTN                 Ret;
+  EFI_PHYSICAL_ADDRESS  Address;
+  BOOLEAN               Validate;
+
+  StartIndex = Info->Header.CurrentEntry;
+  EndIndex   = Info->Header.EndEntry;
+
+  for ( ; StartIndex <= EndIndex; StartIndex++) {
+    //
+    // Get the address and the page size from the Info.
+    //
+    Address     = ((EFI_PHYSICAL_ADDRESS)Info->Entry[StartIndex].GuestFrameNumber) << EFI_PAGE_SHIFT;
+    RmpPageSize = Info->Entry[StartIndex].PageSize;
+    Validate    = Info->Entry[StartIndex].Operation == SNP_PAGE_STATE_PRIVATE;
+
+    Ret = AsmPvalidate (RmpPageSize, Validate, Address);
+
+    //
+    // If we fail to validate due to size mismatch then try with the
+    // smaller page size. This senario will occur if the backing page in
+    // the RMP entry is 4K and we are validating it as a 2MB.
+    //
+    if ((Ret == PVALIDATE_RET_SIZE_MISMATCH) && (RmpPageSize == PvalidatePageSize2MB)) {
+      for (Index = 0; Index < PAGES_PER_2MB_ENTRY; Index++) {
+        Ret = AsmPvalidate (PvalidatePageSize4K, Validate, Address);
+        if (Ret) {
+          break;
+        }
+
+        Address = Address + EFI_PAGE_SIZE;
+      }
+    }
+
+    //
+    // If validation failed then do not continue.
+    //
+    if (Ret) {
+      DEBUG ((
+        DEBUG_ERROR,
+        "%a:%a: Failed to %a address 0x%Lx Error code %d\n",
+        gEfiCallerBaseName,
+        __func__,
+        Validate ? "Validate" : "Invalidate",
+        Address,
+        Ret
+        ));
+
+      SnpTerminate ();
+    }
+  }
+}
+
+/**
+  Perform a PVALIDATE operation for the page ranges specified.
+
+  Validate or rescind the validation of the specified pages.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+VOID
+EFIAPI
+AmdSvsmSnpPvalidate (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  )
+{
+  BasePvalidate (Info);
+}
+
+/**
+  Perform a native RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+STATIC
+EFI_STATUS
+BaseVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN BOOLEAN           SetVmsa
+  )
+{
+  UINT64  Rdx;
+  UINT32  Ret;
+
+  //
+  // The RMPADJUST instruction is used to set or clear the VMSA bit for a
+  // page. The VMSA change is only made when running at VMPL0 and is ignored
+  // otherwise. If too low a target VMPL is specified, the instruction can
+  // succeed without changing the VMSA bit when not running at VMPL0. Using a
+  // target VMPL level of 1, RMPADJUST will return a FAIL_PERMISSION error if
+  // not running at VMPL0, thus ensuring that the VMSA bit is set appropriately
+  // when no error is returned.
+  //
+  Rdx = 1;
+  if (SetVmsa) {
+    Rdx |= RMPADJUST_VMSA_PAGE_BIT;
+  }
+
+  Ret = AsmRmpAdjust ((UINT64)(UINTN)Vmsa, 0, Rdx);
+
+  return (Ret == 0) ? EFI_SUCCESS : EFI_INVALID_PARAMETER;
+}
+
+/**
+  Perform an RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       ApicId         APIC ID associated with the VMSA
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_UNSUPPORTED        Operation is not supported
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+EFI_STATUS
+EFIAPI
+AmdSvsmSnpVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN UINT32            ApicId,
+  IN BOOLEAN           SetVmsa
+  )
+{
+  return BaseVmsaRmpAdjust (Vmsa, SetVmsa);
+}
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116539): https://edk2.groups.io/g/devel/message/116539
Mute This Topic: https://groups.io/mt/104810723/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 14/24] Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (13 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 15/24] Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services Lendacky, Thomas via groups.io
@ 2024-03-08 15:31 ` Lendacky, Thomas via groups.io
  2024-03-14  9:34   ` Gerd Hoffmann
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA Lendacky, Thomas via groups.io
                   ` (9 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:31 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth, Anatol Belski, Anthony Perard,
	Corvin Köhne, Jianyong Wu, Rebecca Cran

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The MpInitLib library will be updated to use the new AmdSvsmLib library.
To prevent any build breakage, update the OvmfPkg DSCs file to include
the AmdSvsmLib NULL library.

Cc: Anatol Belski <anbelski@linux.microsoft.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Corvin Köhne <corvink@freebsd.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jianyong Wu <jianyong.wu@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/AmdSev/AmdSevX64.dsc     | 1 +
 OvmfPkg/Bhyve/BhyveX64.dsc       | 1 +
 OvmfPkg/CloudHv/CloudHvX64.dsc   | 1 +
 OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
 OvmfPkg/Microvm/MicrovmX64.dsc   | 1 +
 OvmfPkg/OvmfPkgIa32.dsc          | 1 +
 OvmfPkg/OvmfPkgIa32X64.dsc       | 3 ++-
 OvmfPkg/OvmfPkgX64.dsc           | 1 +
 OvmfPkg/OvmfXen.dsc              | 1 +
 9 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 60e916b4fd18..140c4208f5b7 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -204,6 +204,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index 9689a2f14efa..6f305d690dda 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -232,6 +232,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index b522fa10594d..4dad0a36e757 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -242,6 +242,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index 7a767324ffda..6a78d1133880 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -212,6 +212,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 2c6bb83beb85..cc84ee3c2956 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -246,6 +246,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   SerialPortLib|MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPortLib16550.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 713f08764b07..15fadc2fdc6e 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -247,6 +247,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
   TdxMailboxLib|OvmfPkg/Library/TdxMailboxLib/TdxMailboxLibNull.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 90b15dc27097..6e55b50a9641 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -4,7 +4,7 @@
 #  Copyright (c) 2006 - 2023, Intel Corporation. All rights reserved.<BR>
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
 #  Copyright (c) Microsoft Corporation.
-#  Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -252,6 +252,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 56c920168d25..87e210d4409c 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -268,6 +268,7 @@ [LibraryClasses]
 !include OvmfPkg/Include/Dsc/ShellLibs.dsc.inc
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
index 976b795d41c9..fa1a570e746a 100644
--- a/OvmfPkg/OvmfXen.dsc
+++ b/OvmfPkg/OvmfXen.dsc
@@ -233,6 +233,7 @@ [LibraryClasses]
 !endif
 
 [LibraryClasses.common]
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
   TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116540): https://edk2.groups.io/g/devel/message/116540
Mute This Topic: https://groups.io/mt/104810724/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (14 preceding siblings ...)
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 14/24] Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-04-03  7:05   ` Ni, Ray
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 17/24] OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages Lendacky, Thomas via groups.io
                   ` (8 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The RMPADJUST instruction is used to change the VMSA attribute of a page,
but the VMSA attribute can only be changed when running at VMPL0. To
prepare for running at a less priviledged VMPL, use the AmdSvsmLib library
API to perform the RMPADJUST. The AmdSvsmLib library will perform the
proper operation on behalf of the caller.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/MpLib.h          | 14 -----
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c    | 20 --------
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c     | 54 +++-----------------
 5 files changed, 9 insertions(+), 81 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
index 69950fcd1289..19745437f005 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -57,6 +57,7 @@ [LibraryClasses]
   SynchronizationLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
   MicrocodeLib
 [LibraryClasses.X64]
   CpuPageTableLib
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
index 22f74a814534..679e51a1acd5 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -53,6 +53,7 @@ [LibraryClasses]
   PeiServicesLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
   MicrocodeLib
 
 [Pcd]
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index 65e05c4806f5..179f8e585b5d 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -883,20 +883,6 @@ FillExchangeInfoDataSevEs (
   IN volatile MP_CPU_EXCHANGE_INFO  *ExchangeInfo
   );
 
-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page.
-
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN               VmsaPage
-  );
-
 /**
   Create an SEV-SNP AP save area (VMSA) for use in running the vCPU.
 
diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
index 0478e92317f1..963bd62494b9 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
@@ -49,26 +49,6 @@ SevSnpCreateAP (
   ASSERT (FALSE);
 }
 
-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page.
-
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN               VmsaPage
-  )
-{
-  //
-  // RMPADJUST is not supported in 32-bit mode
-  //
-  return RETURN_UNSUPPORTED;
-}
-
 /**
   Determine if the SEV-SNP AP Create protocol should be used.
 
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
index bd12a5ee2fcb..981135621384 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -10,6 +10,7 @@
 
 #include "MpLib.h"
 #include <Library/CcExitLib.h>
+#include <Library/AmdSvsmLib.h>
 #include <Register/Amd/Fam17Msr.h>
 #include <Register/Amd/Ghcb.h>
 
@@ -38,20 +39,15 @@ SevSnpPerformApAction (
   BOOLEAN                   InterruptState;
   UINT64                    ExitInfo1;
   UINT64                    ExitInfo2;
-  UINT32                    RmpAdjustStatus;
   UINT64                    VmgExitStatus;
+  EFI_STATUS                VmsaStatus;
 
   if (Action == SVM_VMGEXIT_SNP_AP_CREATE) {
     //
-    // To turn the page into a recognized VMSA page, issue RMPADJUST:
-    //   Target VMPL but numerically higher than current VMPL
-    //   Target PermissionMask is not used
+    // Turn the page into a recognized VMSA page.
     //
-    RmpAdjustStatus = SevSnpRmpAdjust (
-                        (EFI_PHYSICAL_ADDRESS)(UINTN)SaveArea,
-                        TRUE
-                        );
-    if (RmpAdjustStatus != 0) {
+    VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, TRUE);
+    if (EFI_ERROR (VmsaStatus)) {
       DEBUG ((DEBUG_INFO, "SEV-SNP: RMPADJUST failed for VMSA creation\n"));
       ASSERT (FALSE);
 
@@ -94,11 +90,8 @@ SevSnpPerformApAction (
     // Make the current VMSA not runnable and accessible to be
     // reprogrammed.
     //
-    RmpAdjustStatus = SevSnpRmpAdjust (
-                        (EFI_PHYSICAL_ADDRESS)(UINTN)SaveArea,
-                        FALSE
-                        );
-    if (RmpAdjustStatus != 0) {
+    VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, FALSE);
+    if (EFI_ERROR (VmsaStatus)) {
       DEBUG ((DEBUG_INFO, "SEV-SNP: RMPADJUST failed for VMSA reset\n"));
       ASSERT (FALSE);
 
@@ -328,39 +321,6 @@ SevSnpCreateAP (
   }
 }
 
-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page.
-
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN               VmsaPage
-  )
-{
-  UINT64  Rdx;
-
-  //
-  // The RMPADJUST instruction is used to set or clear the VMSA bit for a
-  // page. The VMSA change is only made when running at VMPL0 and is ignored
-  // otherwise. If too low a target VMPL is specified, the instruction can
-  // succeed without changing the VMSA bit when not running at VMPL0. Using a
-  // target VMPL level of 1, RMPADJUST will return a FAIL_PERMISSION error if
-  // not running at VMPL0, thus ensuring that the VMSA bit is set appropriately
-  // when no error is returned.
-  //
-  Rdx = 1;
-  if (VmsaPage) {
-    Rdx |= RMPADJUST_VMSA_PAGE_BIT;
-  }
-
-  return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx);
-}
-
 /**
   Determine if the SEV-SNP AP Create protocol should be used.
 
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116541): https://edk2.groups.io/g/devel/message/116541
Mute This Topic: https://groups.io/mt/104810728/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 17/24] OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (15 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-14 10:40   ` Gerd Hoffmann
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 18/24] OvmfPkg: Create a calling area used to communicate with the SVSM Lendacky, Thomas via groups.io
                   ` (7 subsequent siblings)
  24 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The PVALIDATE instruction is used to change the SNP validation of a page,
but that can only be done when running at VMPL0. To prepare for running at
a less priviledged VMPL, use the AmdSvsmLib library API to perform the
PVALIDATE. The AmdSvsmLib library will perform the proper operation on
behalf of the caller.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf          |  3 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf          |  3 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf          |  3 +-
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 74 +-------------------
 4 files changed, 9 insertions(+), 74 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
index cc24961c9265..312ee73e5474 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  Library provides the helper functions for SEV guest
 #
-# Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
+# Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -52,6 +52,7 @@ [LibraryClasses]
   MemoryAllocationLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
 
 [FeaturePcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
index 8f56783da55e..1e0b5600eb1d 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  Library provides the helper functions for SEV guest
 #
-# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.<BR>
+# Copyright (c) 2020 - 2024, Advanced Micro Devices. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -52,6 +52,7 @@ [LibraryClasses]
   MemoryAllocationLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
 
 [FeaturePcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
index b6d76e7e630f..a06ea6188eab 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  Library provides the helper functions for SEV guest
 #
-# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.<BR>
+# Copyright (c) 2020 - 2024, Advanced Micro Devices. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -49,6 +49,7 @@ [LibraryClasses]
   DebugLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
 
 [FixedPcd]
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
index f1883239a661..c8c0c4ef0e95 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
@@ -14,14 +14,13 @@
 #include <Library/MemEncryptSevLib.h>
 #include <Library/DebugLib.h>
 #include <Library/CcExitLib.h>
+#include <Library/AmdSvsmLib.h>
 
 #include <Register/Amd/Ghcb.h>
 #include <Register/Amd/Msr.h>
 
 #include "SnpPageStateChange.h"
 
-#define PAGES_PER_LARGE_ENTRY  512
-
 STATIC
 UINTN
 MemoryStateToGhcbOp (
@@ -63,73 +62,6 @@ SnpPageStateFailureTerminate (
   CpuDeadLoop ();
 }
 
-/**
- This function issues the PVALIDATE instruction to validate or invalidate the memory
- range specified. If PVALIDATE returns size mismatch then it retry validating with
- smaller page size.
-
- */
-STATIC
-VOID
-PvalidateRange (
-  IN  SNP_PAGE_STATE_CHANGE_INFO  *Info
-  )
-{
-  UINTN                 RmpPageSize;
-  UINTN                 StartIndex;
-  UINTN                 EndIndex;
-  UINTN                 Index;
-  UINTN                 Ret;
-  EFI_PHYSICAL_ADDRESS  Address;
-  BOOLEAN               Validate;
-
-  StartIndex = Info->Header.CurrentEntry;
-  EndIndex   = Info->Header.EndEntry;
-
-  for ( ; StartIndex <= EndIndex; StartIndex++) {
-    //
-    // Get the address and the page size from the Info.
-    //
-    Address     = ((EFI_PHYSICAL_ADDRESS)Info->Entry[StartIndex].GuestFrameNumber) << EFI_PAGE_SHIFT;
-    RmpPageSize = Info->Entry[StartIndex].PageSize;
-    Validate    = Info->Entry[StartIndex].Operation == SNP_PAGE_STATE_PRIVATE;
-
-    Ret = AsmPvalidate (RmpPageSize, Validate, Address);
-
-    //
-    // If we fail to validate due to size mismatch then try with the
-    // smaller page size. This senario will occur if the backing page in
-    // the RMP entry is 4K and we are validating it as a 2MB.
-    //
-    if ((Ret == PVALIDATE_RET_SIZE_MISMATCH) && (RmpPageSize == PvalidatePageSize2MB)) {
-      for (Index = 0; Index < PAGES_PER_LARGE_ENTRY; Index++) {
-        Ret = AsmPvalidate (PvalidatePageSize4K, Validate, Address);
-        if (Ret) {
-          break;
-        }
-
-        Address = Address + EFI_PAGE_SIZE;
-      }
-    }
-
-    //
-    // If validation failed then do not continue.
-    //
-    if (Ret) {
-      DEBUG ((
-        DEBUG_ERROR,
-        "%a:%a: Failed to %a address 0x%Lx Error code %d\n",
-        gEfiCallerBaseName,
-        __func__,
-        Validate ? "Validate" : "Invalidate",
-        Address,
-        Ret
-        ));
-      SnpPageStateFailureTerminate ();
-    }
-  }
-}
-
 STATIC
 EFI_PHYSICAL_ADDRESS
 BuildPageStateBuffer (
@@ -328,7 +260,7 @@ InternalSetPageState (
     // invalidate the pages before making the page shared in the RMP table.
     //
     if (State == SevSnpPageShared) {
-      PvalidateRange (Info);
+      AmdSvsmSnpPvalidate (Info);
     }
 
     //
@@ -341,7 +273,7 @@ InternalSetPageState (
     // validate the pages after it has been added in the RMP table.
     //
     if (State == SevSnpPagePrivate) {
-      PvalidateRange (Info);
+      AmdSvsmSnpPvalidate (Info);
     }
   }
 }
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116542): https://edk2.groups.io/g/devel/message/116542
Mute This Topic: https://groups.io/mt/104810729/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 18/24] OvmfPkg: Create a calling area used to communicate with the SVSM
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (16 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 17/24] OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 19/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call Lendacky, Thomas via groups.io
                   ` (6 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

An SVSM requires a calling area page whose address (CAA) is used by the
SVSM to communicate and process the SVSM request.

Add a pre-defined page area to the OvmfPkg and AmdSev packages and define
corresponding PCDs used to communicate the location and size of the area.
Keep the AmdSev package in sync with the OvmfPkg and adjust the AmdSev
launch and hash area memory locations.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/OvmfPkg.dec                         |  4 ++++
 OvmfPkg/AmdSev/AmdSevX64.fdf                |  9 ++++++---
 OvmfPkg/OvmfPkgX64.fdf                      |  3 +++
 OvmfPkg/PlatformPei/PlatformPei.inf         |  2 ++
 OvmfPkg/ResetVector/ResetVector.inf         |  2 ++
 OvmfPkg/PlatformPei/AmdSev.c                | 11 +++++++++++
 OvmfPkg/ResetVector/ResetVector.nasmb       |  6 ++++--
 OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm | 11 ++++++++++-
 8 files changed, 42 insertions(+), 6 deletions(-)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index fbc81e4c8070..2f7bded9260b 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -338,6 +338,10 @@ [PcdsFixedAtBuild]
   ## Restrict boot to EFI applications in firmware volumes.
   gUefiOvmfPkgTokenSpaceGuid.PcdBootRestrictToFirmware|FALSE|BOOLEAN|0x6c
 
+  ## The base address and size of the initial SVSM Calling Area.
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|0|UINT32|0x70
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize|0|UINT32|0x71
+
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index b84981e7ba04..d49555c6c873 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -68,13 +68,16 @@ [FD.MEMFD]
 0x00E000|0x001000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
 
-0x00F000|0x000C00
+0x00F000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
+
+0x010000|0x000C00
 gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
 
-0x00FC00|0x000400
+0x010C00|0x000400
 gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize
 
-0x010000|0x010000
+0x011000|0x00F000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
 
 0x020000|0x0E0000
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index eb3fb90cb8b6..d41d8ea7370d 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -94,6 +94,9 @@ [FD.MEMFD]
 0x00E000|0x001000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
 
+0x00F000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
+
 0x010000|0x010000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
 
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 2206316fec9e..20b1b9829225 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -128,6 +128,8 @@ [FixedPcd]
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf
index 65f71b05a02e..7bd517e63a0d 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -62,6 +62,8 @@ [FixedPcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
   gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase
   gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
   gEfiMdeModulePkgTokenSpaceGuid.PcdUse5LevelPageTable
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index a9de33074a69..e6724cf493a7 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -555,5 +555,16 @@ SevInitializeRam (
       (UINT64)(UINTN)PcdGet32 (PcdOvmfCpuidSize),
       EfiReservedMemoryType
       );
+
+    //
+    // The calling area memory needs to be protected until the OS can create
+    // its own calling area. Mark it as EfiReservedMemoryType so that the
+    // guest firmware and OS do not use it as a system memory.
+    //
+    BuildMemoryAllocationHob (
+      (EFI_PHYSICAL_ADDRESS)(UINTN)PcdGet32 (PcdOvmfSecSvsmCaaBase),
+      (UINT64)(UINTN)PcdGet32 (PcdOvmfSecSvsmCaaSize),
+      EfiReservedMemoryType
+      );
   }
 }
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 2bd80149e58b..7279ac64b17a 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -3,7 +3,7 @@
 ; This file includes all other code files to assemble the reset vector code
 ;
 ; Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.<BR>
-; Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; Copyright (c) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 ; SPDX-License-Identifier: BSD-2-Clause-Patent
 ;
 ;------------------------------------------------------------------------------
@@ -69,6 +69,8 @@
 %define SEV_SNP_SECRETS_SIZE          (FixedPcdGet32 (PcdOvmfSnpSecretsSize))
 %define CPUID_BASE                    (FixedPcdGet32 (PcdOvmfCpuidBase))
 %define CPUID_SIZE                    (FixedPcdGet32 (PcdOvmfCpuidSize))
+%define SVSM_CAA_BASE                 (FixedPcdGet32 (PcdOvmfSecSvsmCaaBase))
+%define SVSM_CAA_SIZE                 (FixedPcdGet32 (PcdOvmfSecSvsmCaaSize))
 %if (FixedPcdGet32 (PcdSevLaunchSecretBase) > 0)
   ; There's a reserved page for SEV secrets and hashes; the VMM will fill and
   ; validate the page, or mark it as a zero page.
@@ -89,7 +91,7 @@
 ;
 %define SNP_SEC_MEM_BASE_DESC_2       (GHCB_BASE + 0x1000)
 %define SNP_SEC_MEM_SIZE_DESC_2       (SEV_SNP_SECRETS_BASE - SNP_SEC_MEM_BASE_DESC_2)
-%define SNP_SEC_MEM_BASE_DESC_3       (CPUID_BASE + CPUID_SIZE + SEV_SNP_KERNEL_HASHES_SIZE)
+%define SNP_SEC_MEM_BASE_DESC_3       (SVSM_CAA_BASE + SVSM_CAA_SIZE + SEV_SNP_KERNEL_HASHES_SIZE)
 %define SNP_SEC_MEM_SIZE_DESC_3       (FixedPcdGet32 (PcdOvmfPeiMemFvBase) - SNP_SEC_MEM_BASE_DESC_3)
 
 %ifdef ARCH_X64
diff --git a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
index 8aa77d870123..2511073a466f 100644
--- a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
+++ b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
@@ -2,7 +2,7 @@
 ; @file
 ; OVMF metadata for the AMD SEV confidential computing guests
 ;
-; Copyright (c) 2021, AMD Inc. All rights reserved.<BR>
+; Copyright (c) 2021 - 2024, AMD Inc. All rights reserved.<BR>
 ;
 ; SPDX-License-Identifier: BSD-2-Clause-Patent
 ;-----------------------------------------------------------------------------
@@ -26,6 +26,9 @@ BITS  64
 ;
 %define OVMF_SECTION_TYPE_CPUID           0x3
 
+; The SVSM Calling Area Address (CAA)
+%define OVMF_SECTION_TYPE_SVSM_CAA        0x4
+
 ; Kernel hashes section for measured direct boot
 %define OVMF_SECTION_TYPE_KERNEL_HASHES   0x10
 
@@ -67,6 +70,12 @@ CpuidSec:
   DD  CPUID_SIZE
   DD  OVMF_SECTION_TYPE_CPUID
 
+; SVSM CAA page
+SvsmCaa:
+  DD  SVSM_CAA_BASE
+  DD  SVSM_CAA_SIZE
+  DD  OVMF_SECTION_TYPE_SVSM_CAA
+
 %if (SEV_SNP_KERNEL_HASHES_BASE > 0)
 ; Kernel hashes for measured direct boot, or zero page if
 ; there are no kernel hashes / SEV secrets
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116543): https://edk2.groups.io/g/devel/message/116543
Mute This Topic: https://groups.io/mt/104810730/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 19/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (17 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 18/24] OvmfPkg: Create a calling area used to communicate with the SVSM Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 20/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency Lendacky, Thomas via groups.io
                   ` (5 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The PVALIDATE instruction can only be performed at VMPL0. An SVSM will
be present when running at VMPL1 or higher.

When an SVSM is present, use the SVSM_CORE_PVALIDATE call to perform
memory validation instead of issuing the PVALIDATE instruction directly.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c | 183 +++++++++++++++++++-
 1 file changed, 182 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
index 861bf9591ae3..fb3fda70e948 100644
--- a/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
+++ b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
@@ -8,6 +8,7 @@
 
 #include <Base.h>
 #include <Uefi.h>
+#include <Library/BaseMemoryLib.h>
 #include <Library/AmdSvsmLib.h>
 #include <Register/Amd/Msr.h>
 #include <Register/Amd/Svsm.h>
@@ -43,6 +44,78 @@ SnpTerminate (
   CpuDeadLoop ();
 }
 
+/**
+  Issue an SVSM request.
+
+  Invokes the SVSM to process a request on behalf of the guest.
+
+  @param[in,out]  SvsmCallData  Pointer to the SVSM call data
+
+  @return                       Contents of RAX upon return from VMGEXIT
+**/
+STATIC
+UINTN
+SvsmMsrProtocol (
+  IN OUT SVSM_CALL_DATA  *SvsmCallData
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+  UINT64                    CurrentMsr;
+  UINT8                     Pending;
+  BOOLEAN                   InterruptState;
+  UINTN                     Ret;
+
+  do {
+    //
+    // Be sure that an interrupt can't cause a #VC while the GHCB MSR protocol
+    // is being used (#VC handler will ASSERT if lower 12-bits are not zero).
+    //
+    InterruptState = GetInterruptState ();
+    if (InterruptState) {
+      DisableInterrupts ();
+    }
+
+    Pending                   = 0;
+    SvsmCallData->CallPending = &Pending;
+
+    CurrentMsr = AsmReadMsr64 (MSR_SEV_ES_GHCB);
+
+    Msr.Uint64                  = 0;
+    Msr.SnpVmplRequest.Function = GHCB_INFO_SNP_VMPL_REQUEST;
+    Msr.SnpVmplRequest.Vmpl     = 0;
+    AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.Uint64);
+
+    //
+    // Guest memory is used for the guest-SVSM communication, so fence the
+    // invocation of the VMGEXIT instruction to ensure VMSA accesses are
+    // synchronized properly.
+    //
+    MemoryFence ();
+    Ret = AsmVmgExitSvsm (SvsmCallData);
+    MemoryFence ();
+
+    Msr.Uint64 = AsmReadMsr64 (MSR_SEV_ES_GHCB);
+
+    AsmWriteMsr64 (MSR_SEV_ES_GHCB, CurrentMsr);
+
+    if (InterruptState) {
+      EnableInterrupts ();
+    }
+
+    if (Pending != 0) {
+      SnpTerminate ();
+    }
+
+    if ((Msr.SnpVmplResponse.Function != GHCB_INFO_SNP_VMPL_RESPONSE) ||
+        (Msr.SnpVmplResponse.ErrorCode != 0))
+    {
+      SnpTerminate ();
+    }
+  } while (Ret == SVSM_ERR_INCOMPLETE || Ret == SVSM_ERR_BUSY);
+
+  return Ret;
+}
+
 /**
   Report the presence of an Secure Virtual Services Module (SVSM).
 
@@ -109,6 +182,114 @@ AmdSvsmSnpGetCaa (
   return AmdSvsmIsSvsmPresent () ? SvsmInfo->SvsmCaa : 0;
 }
 
+/**
+  Issue an SVSM request to perform the PVALIDATE instruction.
+
+  Invokes the SVSM to process the PVALIDATE instruction on behalf of the
+  guest to validate or invalidate the memory range specified.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+STATIC
+VOID
+SvsmPvalidate (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  )
+{
+  SVSM_CALL_DATA          SvsmCallData;
+  SVSM_CAA                *Caa;
+  SVSM_PVALIDATE_REQUEST  *Request;
+  SVSM_FUNCTION           Function;
+  BOOLEAN                 Validate;
+  UINTN                   Entry;
+  UINTN                   EntryLimit;
+  UINTN                   Index;
+  UINTN                   EndIndex;
+  UINT64                  Gfn;
+  UINT64                  GfnEnd;
+  UINTN                   Ret;
+
+  Caa = (SVSM_CAA *)AmdSvsmSnpGetCaa ();
+  ZeroMem (Caa->SvsmBuffer, sizeof (Caa->SvsmBuffer));
+
+  Function.Id.Protocol = 0;
+  Function.Id.CallId   = 1;
+
+  Request    = (SVSM_PVALIDATE_REQUEST *)Caa->SvsmBuffer;
+  EntryLimit = ((sizeof (Caa->SvsmBuffer) - sizeof (*Request)) /
+                sizeof (Request->Entry[0])) - 1;
+
+  SvsmCallData.Caa   = Caa;
+  SvsmCallData.RaxIn = Function.Uint64;
+  SvsmCallData.RcxIn = (UINT64)(UINTN)Request;
+
+  Entry    = 0;
+  Index    = Info->Header.CurrentEntry;
+  EndIndex = Info->Header.EndEntry;
+
+  while (Index <= EndIndex) {
+    Validate = Info->Entry[Index].Operation == SNP_PAGE_STATE_PRIVATE;
+
+    Request->Header.Entries++;
+    Request->Entry[Entry].Bits.PageSize = Info->Entry[Index].PageSize;
+    Request->Entry[Entry].Bits.Action   = (Validate == TRUE) ? 1 : 0;
+    Request->Entry[Entry].Bits.IgnoreCf = 0;
+    Request->Entry[Entry].Bits.Address  = Info->Entry[Index].GuestFrameNumber;
+
+    Entry++;
+    if ((Entry > EntryLimit) || (Index == EndIndex)) {
+      Ret = SvsmMsrProtocol (&SvsmCallData);
+      if ((Ret == SVSM_ERR_PVALIDATE_FAIL_SIZE_MISMATCH) &&
+          (Request->Entry[Request->Header.Next].Bits.PageSize != 0))
+      {
+        // Calculate the Index of the entry after the entry that failed
+        // before clearing the buffer so that processing can continue
+        // from that point
+        Index = Index - (Entry - Request->Header.Next) + 2;
+
+        // Obtain the failing GFN before clearing the buffer
+        Gfn = Request->Entry[Request->Header.Next].Bits.Address;
+
+        // Clear the buffer in prep for creating all new entries
+        ZeroMem (Caa->SvsmBuffer, sizeof (Caa->SvsmBuffer));
+        Entry = 0;
+
+        GfnEnd = Gfn + PAGES_PER_2MB_ENTRY - 1;
+        for ( ; Gfn <= GfnEnd; Gfn++) {
+          Request->Header.Entries++;
+          Request->Entry[Entry].Bits.PageSize = 0;
+          Request->Entry[Entry].Bits.Action   = (Validate == TRUE) ? 1 : 0;
+          Request->Entry[Entry].Bits.IgnoreCf = 0;
+          Request->Entry[Entry].Bits.Address  = Gfn;
+
+          Entry++;
+          if ((Entry > EntryLimit) || (Gfn == GfnEnd)) {
+            Ret = SvsmMsrProtocol (&SvsmCallData);
+            if (Ret != 0) {
+              SnpTerminate ();
+            }
+
+            ZeroMem (Caa->SvsmBuffer, sizeof (Caa->SvsmBuffer));
+            Entry = 0;
+          }
+        }
+
+        continue;
+      }
+
+      if (Ret != 0) {
+        SnpTerminate ();
+      }
+
+      ZeroMem (Caa->SvsmBuffer, sizeof (Caa->SvsmBuffer));
+      Entry = 0;
+    }
+
+    Index++;
+  }
+}
+
 /**
   Perform a native PVALIDATE operation for the page ranges specified.
 
@@ -193,7 +374,7 @@ AmdSvsmSnpPvalidate (
   IN SNP_PAGE_STATE_CHANGE_INFO  *Info
   )
 {
-  BasePvalidate (Info);
+  AmdSvsmIsSvsmPresent () ? SvsmPvalidate (Info) : BasePvalidate (Info);
 }
 
 /**
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116544): https://edk2.groups.io/g/devel/message/116544
Mute This Topic: https://groups.io/mt/104810732/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 20/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (18 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 19/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 21/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls Lendacky, Thomas via groups.io
                   ` (4 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

Similar to the Page State Change optimization added previously, also take
into account the possiblity of using the SVSM for PVALIDATE instructions.
Conditionally adjust the maximum number of entries based on how many
entries the SVSM calling area can support.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
index c8c0c4ef0e95..e073f3937c41 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
@@ -18,6 +18,7 @@
 
 #include <Register/Amd/Ghcb.h>
 #include <Register/Amd/Msr.h>
+#include <Register/Amd/Svsm.h>
 
 #include "SnpPageStateChange.h"
 
@@ -78,6 +79,7 @@ BuildPageStateBuffer (
   UINTN                 Index;
   UINTN                 IndexMax;
   UINTN                 PscIndexMax;
+  UINTN                 SvsmIndexMax;
 
   // Clear the page state structure
   SetMem (Info, InfoSize, 0);
@@ -96,6 +98,11 @@ BuildPageStateBuffer (
     IndexMax = MIN (IndexMax, PscIndexMax);
   }
 
+  SvsmIndexMax = (IndexMax / SVSM_PVALIDATE_MAX_ENTRY) * SVSM_PVALIDATE_MAX_ENTRY;
+  if (SvsmIndexMax > 0) {
+    IndexMax = MIN (IndexMax, SvsmIndexMax);
+  }
+
   //
   // Populate the page state entry structure
   //
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116545): https://edk2.groups.io/g/devel/message/116545
Mute This Topic: https://groups.io/mt/104810737/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 21/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (19 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 20/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 22/24] UefiCpuPkg/MpInitLib: AP creation support under an SVSM Lendacky, Thomas via groups.io
                   ` (3 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The RMPADJUST instruction is used to alter the VMSA attribute of a page,
but the VMSA attribute can only be changed when running at VMPL0. When
an SVSM is present, use the SVSM_CORE_CREATE_VCPU and SVSM_CORE_DELTE_VCPU
calls to add or remove the VMSA attribute on a page instead of issuing
the RMPADJUST instruction directly.

Implement the AmdSvsmSnpVmsaRmpAdjust() API to perform the proper operation
to update the VMSA attribute.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c | 54 +++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
index fb3fda70e948..6c79ee7d916b 100644
--- a/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
+++ b/OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
@@ -377,6 +377,57 @@ AmdSvsmSnpPvalidate (
   AmdSvsmIsSvsmPresent () ? SvsmPvalidate (Info) : BasePvalidate (Info);
 }
 
+/**
+  Perform an RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       ApicId         APIC ID associated with the VMSA
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_UNSUPPORTED        Operation is not supported
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+STATIC
+EFI_STATUS
+SvsmVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN UINT32            ApicId,
+  IN BOOLEAN           SetVmsa
+  )
+{
+  SVSM_CALL_DATA  SvsmCallData;
+  SVSM_FUNCTION   Function;
+  UINTN           Ret;
+
+  SvsmCallData.Caa = (SVSM_CAA *)AmdSvsmSnpGetCaa ();
+
+  Function.Id.Protocol = 0;
+
+  if (SetVmsa) {
+    Function.Id.CallId = 2;
+
+    SvsmCallData.RaxIn = Function.Uint64;
+    SvsmCallData.RcxIn = (UINT64)(UINTN)Vmsa;
+    SvsmCallData.RdxIn = (UINT64)(UINTN)Vmsa + SIZE_4KB;
+    SvsmCallData.R8In  = ApicId;
+  } else {
+    Function.Id.CallId = 3;
+
+    SvsmCallData.RaxIn = Function.Uint64;
+    SvsmCallData.RcxIn = (UINT64)(UINTN)Vmsa;
+  }
+
+  Ret = SvsmMsrProtocol (&SvsmCallData);
+
+  return (Ret == 0) ? EFI_SUCCESS : EFI_INVALID_PARAMETER;
+}
+
 /**
   Perform a native RMPADJUST operation to alter the VMSA setting of a page.
 
@@ -444,5 +495,6 @@ AmdSvsmSnpVmsaRmpAdjust (
   IN BOOLEAN           SetVmsa
   )
 {
-  return BaseVmsaRmpAdjust (Vmsa, SetVmsa);
+  return AmdSvsmIsSvsmPresent () ? SvsmVmsaRmpAdjust (Vmsa, ApicId, SetVmsa)
+                                : BaseVmsaRmpAdjust (Vmsa, SetVmsa);
 }
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116546): https://edk2.groups.io/g/devel/message/116546
Mute This Topic: https://groups.io/mt/104810739/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 22/24] UefiCpuPkg/MpInitLib: AP creation support under an SVSM
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (20 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 21/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 23/24] Ovmfpkg/CcExitLib: Provide SVSM discovery support Lendacky, Thomas via groups.io
                   ` (2 subsequent siblings)
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

When running under an SVSM, the VMPL level of the APs that are started
must match the VMPL level provided by the SVSM. Additionally, each AP
must have a Calling Area for use with the SVSM protocol. Update the AP
creation to properly support running under an SVSM.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c | 28 +++++++++++++-------
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
index 981135621384..bbdc47b5a314 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -44,7 +44,8 @@ SevSnpPerformApAction (
 
   if (Action == SVM_VMGEXIT_SNP_AP_CREATE) {
     //
-    // Turn the page into a recognized VMSA page.
+    // Turn the page into a recognized VMSA page. When an SVSM is present
+    // the page following the VMSA is the Calling Area page.
     //
     VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, TRUE);
     if (EFI_ERROR (VmsaStatus)) {
@@ -56,6 +57,7 @@ SevSnpPerformApAction (
   }
 
   ExitInfo1  = (UINT64)ApicId << 32;
+  ExitInfo1 |= (UINT64)SaveArea->Vmpl << 16;
   ExitInfo1 |= Action;
   ExitInfo2  = (UINT64)(UINTN)SaveArea;
 
@@ -87,8 +89,9 @@ SevSnpPerformApAction (
 
   if (Action == SVM_VMGEXIT_SNP_AP_DESTROY) {
     //
-    // Make the current VMSA not runnable and accessible to be
-    // reprogrammed.
+    // Make the current VMSA not runnable and accessible to be reprogrammed.
+    // When an SVSM is present the page following the VMSA is the Calling Area
+    // page.
     //
     VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, FALSE);
     if (EFI_ERROR (VmsaStatus)) {
@@ -116,6 +119,7 @@ SevSnpCreateSaveArea (
   UINT32          ApicId
   )
 {
+  UINTN             PageCount;
   UINT8             *Pages;
   SEV_ES_SAVE_AREA  *SaveArea;
   IA32_CR0          ApCr0;
@@ -125,13 +129,19 @@ SevSnpCreateSaveArea (
   UINTN             StartIp;
   UINT8             SipiVector;
 
+  //
+  // When running under an SVSM, a Calling Area page is also needed and is
+  // always the page following the VMSA.
+  //
+  PageCount = AmdSvsmIsSvsmPresent () ? 2 : 1;
+
   if (CpuData->SevEsSaveArea == NULL) {
     //
     // Allocate a page for the SEV-ES Save Area and initialize it. Due to AMD
     // erratum #1467 (VMSA cannot be on a 2MB boundary), allocate an extra page
     // to choose from to work around the issue.
     //
-    Pages = AllocateReservedPages (2);
+    Pages = AllocateReservedPages (PageCount + 1);
     if (!Pages) {
       return;
     }
@@ -140,12 +150,12 @@ SevSnpCreateSaveArea (
     // Since page allocation works by allocating downward in the address space,
     // try to always free the first (lower address) page to limit possible holes
     // in the memory map. So, if the address of the second page is 2MB aligned,
-    // then use the first page and free the second page. Otherwise, free the
+    // then use the first page and free the last page. Otherwise, free the
     // first page and use the second page.
     //
     if (_IS_ALIGNED (Pages + EFI_PAGE_SIZE, SIZE_2MB)) {
       SaveArea = (SEV_ES_SAVE_AREA *)Pages;
-      FreePages (Pages + EFI_PAGE_SIZE, 1);
+      FreePages (Pages + (EFI_PAGE_SIZE * PageCount), 1);
     } else {
       SaveArea = (SEV_ES_SAVE_AREA *)(Pages + EFI_PAGE_SIZE);
       FreePages (Pages, 1);
@@ -163,7 +173,7 @@ SevSnpCreateSaveArea (
     }
   }
 
-  ZeroMem (SaveArea, EFI_PAGE_SIZE);
+  ZeroMem (SaveArea, EFI_PAGE_SIZE * PageCount);
 
   //
   // Propogate the CR0.NW and CR0.CD setting to the AP
@@ -239,10 +249,10 @@ SevSnpCreateSaveArea (
 
   //
   // Set the SEV-SNP specific fields for the save area:
-  //   VMPL - always VMPL0
+  //   VMPL - based on current mode
   //   SEV_FEATURES - equivalent to the SEV_STATUS MSR right shifted 2 bits
   //
-  SaveArea->Vmpl        = 0;
+  SaveArea->Vmpl        = AmdSvsmSnpGetVmpl ();
   SaveArea->SevFeatures = AsmReadMsr64 (MSR_SEV_STATUS) >> 2;
 
   SevSnpPerformApAction (SaveArea, ApicId, SVM_VMGEXIT_SNP_AP_CREATE);
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116547): https://edk2.groups.io/g/devel/message/116547
Mute This Topic: https://groups.io/mt/104810744/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 23/24] Ovmfpkg/CcExitLib: Provide SVSM discovery support
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (21 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 22/24] UefiCpuPkg/MpInitLib: AP creation support under an SVSM Lendacky, Thomas via groups.io
@ 2024-03-08 15:32 ` Lendacky, Thomas via groups.io
  2024-03-08 15:33 ` [edk2-devel] [PATCH v3 24/24] OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at VMPL0 Lendacky, Thomas via groups.io
  2024-03-26 18:34 ` [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:32 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The SVSM specification documents an alternative method of discovery for
the SVSM using a reserved CPUID bit and a reserved MSR.

For the CPUID support, the #VC handler of an SEV-SNP guest should modify
the returned value in the EAX register for the 0x8000001f CPUID function
by setting bit 28 when an SVSM is present.

For the MSR support, new reserved MSR 0xc001f000 has been defined. A #VC
should be generated when accessing this MSR. The #VC handler is expected
to ignore writes to this MSR and return the physical calling area address
(CAA) on reads of this MSR.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/CcExitLib/CcExitLib.inf     |  3 +-
 OvmfPkg/Library/CcExitLib/SecCcExitLib.inf  |  3 +-
 OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 29 ++++++++++++++++++--
 3 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/Library/CcExitLib/CcExitLib.inf b/OvmfPkg/Library/CcExitLib/CcExitLib.inf
index bc75cd5f5a04..e09f18453ac9 100644
--- a/OvmfPkg/Library/CcExitLib/CcExitLib.inf
+++ b/OvmfPkg/Library/CcExitLib/CcExitLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  CcExitLib Library.
 #
-#  Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #  Copyright (C) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -41,6 +41,7 @@ [LibraryClasses]
   DebugLib
   LocalApicLib
   MemEncryptSevLib
+  AmdSvsmLib
 
 [Pcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
diff --git a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
index 811269dd2c06..dff6cd2761ca 100644
--- a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
+++ b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
@@ -1,7 +1,7 @@
 ## @file
 #  VMGEXIT Support Library.
 #
-#  Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -41,6 +41,7 @@ [LibraryClasses]
   LocalApicLib
   MemEncryptSevLib
   PcdLib
+  AmdSvsmLib
 
 [FixedPcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
index 0fc30f7bc4f6..0b61d28f8b94 100644
--- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
+++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
@@ -1,7 +1,7 @@
 /** @file
   X64 #VC Exception Handler functon.
 
-  Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -12,6 +12,7 @@
 #include <Library/LocalApicLib.h>
 #include <Library/MemEncryptSevLib.h>
 #include <Library/CcExitLib.h>
+#include <Library/AmdSvsmLib.h>
 #include <Register/Amd/Msr.h>
 #include <Register/Intel/Cpuid.h>
 #include <IndustryStandard/InstructionParsing.h>
@@ -713,10 +714,29 @@ MsrExit (
   IN     CC_INSTRUCTION_DATA     *InstructionData
   )
 {
-  UINT64  ExitInfo1, Status;
+  MSR_SVSM_CAA_REGISTER  Msr;
+  UINT64                 ExitInfo1;
+  UINT64                 Status;
 
   ExitInfo1 = 0;
 
+  //
+  // The SVSM CAA MSR is a software implemented MSR and not supported
+  // by the hardware, handle it directly.
+  //
+  if (Regs->Rax == MSR_SVSM_CAA) {
+    // Writes to the SVSM CAA MSR are ignored
+    if (*(InstructionData->OpCodes + 1) == 0x30) {
+      return 0;
+    }
+
+    Msr.Uint64 = AmdSvsmSnpGetCaa ();
+    Regs->Rax  = Msr.Bits.Lower32Bits;
+    Regs->Rdx  = Msr.Bits.Upper32Bits;
+
+    return 0;
+  }
+
   switch (*(InstructionData->OpCodes + 1)) {
     case 0x30: // WRMSR
       ExitInfo1          = 1;
@@ -1388,6 +1408,11 @@ GetCpuidFw (
     *Ebx = (*Ebx & 0xFFFFFF00) | (Ebx2 & 0x000000FF);
     /* node ID */
     *Ecx = (*Ecx & 0xFFFFFF00) | (Ecx2 & 0x000000FF);
+  } else if (EaxIn == 0x8000001F) {
+    /* Set the SVSM feature bit if running under an SVSM */
+    if (AmdSvsmIsSvsmPresent ()) {
+      *Eax |= BIT28;
+    }
   }
 
 Out:
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116548): https://edk2.groups.io/g/devel/message/116548
Mute This Topic: https://groups.io/mt/104810747/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* [edk2-devel] [PATCH v3 24/24] OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at VMPL0
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (22 preceding siblings ...)
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 23/24] Ovmfpkg/CcExitLib: Provide SVSM discovery support Lendacky, Thomas via groups.io
@ 2024-03-08 15:33 ` Lendacky, Thomas via groups.io
  2024-03-26 18:34 ` [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
  24 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 15:33 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

Currently, an SEV-SNP guest will terminate if it is not running at VMPL0.
The requirement for running at VMPL0 is removed if an SVSM is present.

Update the current VMPL0 check to additionally check for the presence of
an SVSM is the guest is not running at VMPL0.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
index ca279d77274b..227e33339910 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
@@ -12,6 +12,7 @@
 #include <Library/BaseLib.h>
 #include <Library/DebugLib.h>
 #include <Library/MemEncryptSevLib.h>
+#include <Library/AmdSvsmLib.h>
 
 #include "SnpPageStateChange.h"
 
@@ -74,10 +75,12 @@ MemEncryptSevSnpPreValidateSystemRam (
 
   //
   // The page state change uses the PVALIDATE instruction. The instruction
-  // can be run on VMPL-0 only. If its not VMPL-0 guest then terminate
-  // the boot.
+  // can be run at VMPL-0 only. If its not a VMPL-0 guest, then an SVSM must
+  // be present to perform the operation on behalf of the guest. If the guest
+  // is not running at VMPL-0 and an SVSM is not present, then terminate the
+  // boot.
   //
-  if (!SevSnpIsVmpl0 ()) {
+  if (!SevSnpIsVmpl0 () && !AmdSvsmIsSvsmPresent ()) {
     SnpPageStateFailureTerminate ();
   }
 
-- 
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116549): https://edk2.groups.io/g/devel/message/116549
Mute This Topic: https://groups.io/mt/104810750/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply related	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 14/24] Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 14/24] Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
@ 2024-03-14  9:34   ` Gerd Hoffmann
  0 siblings, 0 replies; 41+ messages in thread
From: Gerd Hoffmann @ 2024-03-14  9:34 UTC (permalink / raw)
  To: Tom Lendacky
  Cc: devel, Ard Biesheuvel, Erdem Aktas, Jiewen Yao, Laszlo Ersek,
	Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu, Rahul Kumar,
	Ray Ni, Michael Roth, Anatol Belski, Anthony Perard,
	Corvin Köhne, Jianyong Wu, Rebecca Cran

On Fri, Mar 08, 2024 at 09:29:42AM -0600, Tom Lendacky wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> The MpInitLib library will be updated to use the new AmdSvsmLib library.
> To prevent any build breakage, update the OvmfPkg DSCs file to include
> the AmdSvsmLib NULL library.
> 
> Cc: Anatol Belski <anbelski@linux.microsoft.com>
> Cc: Anthony Perard <anthony.perard@citrix.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Corvin Köhne <corvink@freebsd.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Jianyong Wu <jianyong.wu@arm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Rebecca Cran <rebecca@bsdio.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116735): https://edk2.groups.io/g/devel/message/116735
Mute This Topic: https://groups.io/mt/104810724/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 15/24] Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 15/24] Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services Lendacky, Thomas via groups.io
@ 2024-03-14 10:39   ` Gerd Hoffmann
  0 siblings, 0 replies; 41+ messages in thread
From: Gerd Hoffmann @ 2024-03-14 10:39 UTC (permalink / raw)
  To: Tom Lendacky
  Cc: devel, Ard Biesheuvel, Erdem Aktas, Jiewen Yao, Laszlo Ersek,
	Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu, Rahul Kumar,
	Ray Ni, Michael Roth, Anatol Belski, Jianyong Wu

On Fri, Mar 08, 2024 at 09:29:43AM -0600, Tom Lendacky wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> Add initial support for the new AmdSvsmLib library to OvmfPkg. The initial
> implementation fully implements the library interfaces.
> 
> The SVSM presence check, AmdSvsmIsSvsmPresent(), determines the presence
> of an SVSM by checking if an SVSM has been advertised in the SEV-SNP
> Secrets Page.
> 
> The VMPL API, AmdSvsmSnpGetVmpl(), returns the VMPL level at which OVMF is
> currently running.
> 
> The CAA API, AmdSvsmSnpGetCaa(), returns the Calling Area Address when an
> SVSM is present, 0 otherwise.
> 
> The PVALIDATE API, AmdSvsmSnpPvalidate(), copies the PVALIDATE logic from
> the BaseMemEncryptSevLib library for the initial implementation. The
> BaseMemEncryptSevLib library will be changed to use this new API so that
> the decision as to whether the SVSM is needed to perform the operation
> can be isolated to this library.
> 
> The VMSA API, AmdSvsmSnpVmsaRmpAdjust(), copies the RMPUPDATE logic from
> the MpInitLib library for the initial implementation. The MpInitLib
> library will be changed to use this new API so that the decision as to
> whether the SVSM is needed to perform the operation can be isolated to
> this library.
> 
> Cc: Anatol Belski <anbelski@linux.microsoft.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Jianyong Wu <jianyong.wu@arm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116738): https://edk2.groups.io/g/devel/message/116738
Mute This Topic: https://groups.io/mt/104810723/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 17/24] OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 17/24] OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages Lendacky, Thomas via groups.io
@ 2024-03-14 10:40   ` Gerd Hoffmann
  0 siblings, 0 replies; 41+ messages in thread
From: Gerd Hoffmann @ 2024-03-14 10:40 UTC (permalink / raw)
  To: Tom Lendacky
  Cc: devel, Ard Biesheuvel, Erdem Aktas, Jiewen Yao, Laszlo Ersek,
	Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu, Rahul Kumar,
	Ray Ni, Michael Roth

On Fri, Mar 08, 2024 at 09:29:45AM -0600, Tom Lendacky wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> The PVALIDATE instruction is used to change the SNP validation of a page,
> but that can only be done when running at VMPL0. To prepare for running at
> a less priviledged VMPL, use the AmdSvsmLib library API to perform the
> PVALIDATE. The AmdSvsmLib library will perform the proper operation on
> behalf of the caller.
> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116739): https://edk2.groups.io/g/devel/message/116739
Mute This Topic: https://groups.io/mt/104810729/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 07/24] MdePkg: Avoid hardcoded value for number of Page State Change entries
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 07/24] MdePkg: Avoid hardcoded value for number of Page State Change entries Lendacky, Thomas via groups.io
@ 2024-03-14 10:42   ` Gerd Hoffmann
  0 siblings, 0 replies; 41+ messages in thread
From: Gerd Hoffmann @ 2024-03-14 10:42 UTC (permalink / raw)
  To: devel, thomas.lendacky
  Cc: Ard Biesheuvel, Erdem Aktas, Jiewen Yao, Laszlo Ersek,
	Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu, Rahul Kumar,
	Ray Ni, Michael Roth

On Fri, Mar 08, 2024 at 07:30:56AM -0800, Lendacky, Thomas via groups.io wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> The SNP_PAGE_STATE_MAX_ENTRY is based on the number of entries that can
> fit in the GHCB shared buffer. As a result, the SNP_PAGE_STATE_CHANGE_INFO
> structure maps the full GHCB shared buffer based on the shared buffer size
> being 2032 bytes.
> 
> Instead of using a hardcoded value for SNP_PAGE_STATE_MAX_ENTRY, use a
> build calculated value. Since the SNP_PAGE_STATE_CHANGE_INFO is used as a
> mapping, eliminate the hardcoded array size so that the structure can be
> used based on any size buffer.
> 
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116740): https://edk2.groups.io/g/devel/message/116740
Mute This Topic: https://groups.io/mt/104810697/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 08/24] OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 08/24] OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support Lendacky, Thomas via groups.io
@ 2024-03-14 10:43   ` Gerd Hoffmann
  0 siblings, 0 replies; 41+ messages in thread
From: Gerd Hoffmann @ 2024-03-14 10:43 UTC (permalink / raw)
  To: devel, thomas.lendacky
  Cc: Ard Biesheuvel, Erdem Aktas, Jiewen Yao, Laszlo Ersek,
	Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu, Rahul Kumar,
	Ray Ni, Michael Roth

On Fri, Mar 08, 2024 at 07:31:11AM -0800, Lendacky, Thomas via groups.io wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> In preparation for running under an SVSM at VMPL1 or higher (higher
> numerically, lower privilege), re-organize the way a page state change
> is performed in order to free up the GHCB for use by the SVSM support.
> 
> Currently, the page state change logic directly uses the GHCB shared
> buffer to build the page state change structures. However, this will be
> in conflict with the use of the GHCB should an SVSM call be required.
> 
> Instead, use a separate buffer (an area in the workarea during SEC and
> an allocated page during PEI/DXE) to hold the page state change request
> and only update the GHCB shared buffer as needed.
> 
> Since the information is copied to, and operated on, in the GHCB shared
> buffer this has the added benefit of not requiring to save the start and
> end entries for use when validating the memory during the page state
> change sequence.
> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116741): https://edk2.groups.io/g/devel/message/116741
Mute This Topic: https://groups.io/mt/104810704/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
  2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
                   ` (23 preceding siblings ...)
  2024-03-08 15:33 ` [edk2-devel] [PATCH v3 24/24] OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at VMPL0 Lendacky, Thomas via groups.io
@ 2024-03-26 18:34 ` Lendacky, Thomas via groups.io
  2024-04-02 18:16   ` Lendacky, Thomas via groups.io
       [not found]   ` <17C28950368F582E.9676@groups.io>
  24 siblings, 2 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-26 18:34 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu, Rahul Kumar,
	Ray Ni, Michael Roth, Anatol Belski, Anthony Perard,
	Corvin Köhne, Gua Guo, Guo Dong, James Lu, Jianyong Wu,
	Rebecca Cran, Sean Rhodes

Any issues with this version of the series? Still looking for 
Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related patches.

Once I get those, I'll submit the edk2-platform patches to support the new 
library as a response to these patches for a quick review.

Thanks,
Tom

On 3/8/24 09:29, Tom Lendacky wrote:
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> This series adds SEV-SNP support for running OVMF under an Secure VM
> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
> By running at a less priviledged VMPL, the SVSM can be used to provide
> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
> confidential VM (CVM) rather than trust such services from the hypervisor.
> 
> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
> certain SNP related operations that require that VMPL level. Specifically,
> the PVALIDATE instruction and the RMPADJUST instruction when setting the
> the VMSA attribute of a page (used when starting APs).
> 
> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
> use an SVSM (which is running at VMPL0) to perform the operations that
> it is no longer able to perform.
> 
> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
> it will be starting. As a result, the GHCB APIC ID retrieval action must
> be performed. Since this service can also work with SEV-SNP running at
> VMPL0, the patches to make use of this feature are near the beginning of
> the series.
> 
> How OVMF interacts with and uses the SVSM is documented in the SVSM
> specification [1] and the GHCB specification [2].
> 
> This support creates a new AmdSvsmLib library that is used by MpInitLib.
> The edk2-platforms repo requires updates/patches to add the new library
> requirement. To accomodate that, this series could be split between:
> 
> patch number 12:
>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM
> 
> and patch number 13:
>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
> 
> The updates to edk2-platforms can be applied at the split.
> 
> This series introduces support to run OVMF under an SVSM. It consists
> of:
>    - Retrieving the list of vCPU APIC IDs and starting up all APs without
>      performing a broadcast SIPI
>    - Reorganizing the page state change support to not directly use the
>      GHCB buffer since an SVSM will use the calling area buffer, instead
>    - Detecting the presence of an SVSM
>    - When not running at VMPL0, invoking the SVSM for page validation and
>      VMSA page creation/deletion
>    - Detecting and allowing OVMF to run in a VMPL other than 0 when an
>      SVSM is present
> 
> The series is based off of commit:
> 
>    e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs")
> 
> [1] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf
> [2] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf
> 
> Cc: Anatol Belski <anbelski@linux.microsoft.com>
> Cc: Anthony Perard <anthony.perard@citrix.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Corvin Köhne <corvink@freebsd.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Gua Guo <gua.guo@intel.com>
> Cc: Guo Dong <guo.dong@intel.com>
> Cc: James Lu <james.lu@intel.com>
> Cc: Jianyong Wu <jianyong.wu@arm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Rahul Kumar <rahul1.kumar@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Rebecca Cran <rebecca@bsdio.com>
> Cc: Sean Rhodes <sean@starlabs.systems>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> 
> ---
> 
> Changes in v3:
> - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding
>    function name changes
> - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg
>    and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid
> - Separated the OvmfPkg changes for the AmdSvsmLib into two patches:
>    - First patch adds usage of the AmdSvsmLib NULL library
>    - Second patch adds the OVMF AmdSvsmLib implementation
> - Updated the commit message for the OVMF AmdSvsmLib implementation to
>    indicate that the base functionality for PVALIDATE and RMPADJUST was
>    copied from the original locations in prep for converting those sites
>    to using the library API.
> 
> Changes in v2:
> - Move the APIC IDs retrieval support to the beginning of the patch series
>      - Use a GUIDed HOB to hold the APIC ID list instead of a PCD
> - Split up Page State Change reorganization into multiple patches
> - Created CcSvsmLib library instead of extending CcExitLib
>      - This will require a corresponding update to edk2-platform DSC files
>      - Removed Ray Ni's Acked-by since it is not a minor change
> - Variable name changes and other misc changes
> 
> Tom Lendacky (24):
>    OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
>    MdePkg: GHCB APIC ID retrieval support definitions
>    UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is
>      present
>    OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
>    OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
>    OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State
>      Change
>    MdePkg: Avoid hardcoded value for number of Page State Change entries
>    OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>    MdePkg/Register/Amd: Define the SVSM related information
>    MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
>      SVSM
>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>    Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
>    Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
>    UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
>    OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate
>      pages
>    OvmfPkg: Create a calling area used to communicate with the SVSM
>    OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>    OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
>    UefiCpuPkg/MpInitLib: AP creation support under an SVSM
>    Ovmfpkg/CcExitLib: Provide SVSM discovery support
>    OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at
>      VMPL0
> 
>   OvmfPkg/OvmfPkg.dec                                                   |   4 +
>   UefiCpuPkg/UefiCpuPkg.dec                                             |   8 +-
>   OvmfPkg/AmdSev/AmdSevX64.dsc                                          |   1 +
>   OvmfPkg/Bhyve/BhyveX64.dsc                                            |   1 +
>   OvmfPkg/CloudHv/CloudHvX64.dsc                                        |   1 +
>   OvmfPkg/IntelTdx/IntelTdxX64.dsc                                      |   1 +
>   OvmfPkg/Microvm/MicrovmX64.dsc                                        |   1 +
>   OvmfPkg/OvmfPkgIa32.dsc                                               |   1 +
>   OvmfPkg/OvmfPkgIa32X64.dsc                                            |   3 +-
>   OvmfPkg/OvmfPkgX64.dsc                                                |   1 +
>   OvmfPkg/OvmfXen.dsc                                                   |   1 +
>   UefiCpuPkg/UefiCpuPkg.dsc                                             |   4 +-
>   UefiPayloadPkg/UefiPayloadPkg.dsc                                     |   1 +
>   OvmfPkg/AmdSev/AmdSevX64.fdf                                          |   9 +-
>   OvmfPkg/OvmfPkgX64.fdf                                                |   3 +
>   MdePkg/Library/BaseLib/BaseLib.inf                                    |   2 +
>   OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf                             |  38 ++
>   OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf          |   3 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf          |   3 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf          |   3 +-
>   OvmfPkg/Library/CcExitLib/CcExitLib.inf                               |   3 +-
>   OvmfPkg/Library/CcExitLib/SecCcExitLib.inf                            |   3 +-
>   OvmfPkg/PlatformPei/PlatformPei.inf                                   |   3 +
>   OvmfPkg/ResetVector/ResetVector.inf                                   |   2 +
>   UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf                  |  27 ++
>   UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf                         |   2 +
>   UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf                         |   2 +
>   MdePkg/Include/Library/BaseLib.h                                      |  39 ++
>   MdePkg/Include/Register/Amd/Fam17Msr.h                                |  19 +-
>   MdePkg/Include/Register/Amd/Ghcb.h                                    |  19 +-
>   MdePkg/Include/Register/Amd/Msr.h                                     |   3 +-
>   MdePkg/Include/Register/Amd/Svsm.h                                    | 101 ++++
>   MdePkg/Include/Register/Amd/SvsmMsr.h                                 |  35 ++
>   OvmfPkg/Include/WorkArea.h                                            |   9 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h         |   6 +-
>   UefiCpuPkg/Include/Guid/GhcbApicIds.h                                 |  17 +
>   UefiCpuPkg/Include/Library/AmdSvsmLib.h                               | 101 ++++
>   UefiCpuPkg/Library/MpInitLib/MpLib.h                                  |  29 +-
>   OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c                               | 500 ++++++++++++++++++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c    |  11 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c        |  27 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c    |  22 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c    |  31 +-
>   OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 206 ++++----
>   OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                           |  29 +-
>   OvmfPkg/PlatformPei/AmdSev.c                                          | 103 +++-
>   UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c                    | 108 +++++
>   UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c                            |  21 +-
>   UefiCpuPkg/Library/MpInitLib/MpLib.c                                  |   9 +-
>   UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c                             | 134 ++++--
>   MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm                          |  39 ++
>   MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm                           |  94 ++++
>   OvmfPkg/ResetVector/ResetVector.nasmb                                 |   6 +-
>   OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm                           |  11 +-
>   UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni                  |  13 +
>   55 files changed, 1641 insertions(+), 232 deletions(-)
>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
>   create mode 100644 MdePkg/Include/Register/Amd/Svsm.h
>   create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h
>   create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h
>   create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h
>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
>   create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
>   create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117137): https://edk2.groups.io/g/devel/message/117137
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
  2024-03-26 18:34 ` [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
@ 2024-04-02 18:16   ` Lendacky, Thomas via groups.io
  2024-04-03  7:09     ` Ni, Ray
       [not found]   ` <17C28950368F582E.9676@groups.io>
  1 sibling, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-04-02 18:16 UTC (permalink / raw)
  To: devel, Jiewen Yao, Liming Gao, Ray Ni, Zhiguang Liu,
	Michael D Kinney, Gua Guo, Guo Dong, James Lu, Sean Rhodes,
	Rahul Kumar
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Min Xu, Michael Roth,
	Anatol Belski, Anthony Perard, Corvin Köhne, Jianyong Wu,
	Rebecca Cran

Re-pinging the list/maintainers. Still awaiting feedback/reviews/acks on 
the changes.

Thanks,
Tom

On 3/26/24 13:34, Tom Lendacky wrote:
> Any issues with this version of the series? Still looking for 
> Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related 
> patches.
> 
> Once I get those, I'll submit the edk2-platform patches to support the 
> new library as a response to these patches for a quick review.
> 
> Thanks,
> Tom
> 
> On 3/8/24 09:29, Tom Lendacky wrote:
>>
>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
>>
>> This series adds SEV-SNP support for running OVMF under an Secure VM
>> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
>> By running at a less priviledged VMPL, the SVSM can be used to provide
>> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
>> confidential VM (CVM) rather than trust such services from the 
>> hypervisor.
>>
>> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
>> certain SNP related operations that require that VMPL level. 
>> Specifically,
>> the PVALIDATE instruction and the RMPADJUST instruction when setting the
>> the VMSA attribute of a page (used when starting APs).
>>
>> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
>> use an SVSM (which is running at VMPL0) to perform the operations that
>> it is no longer able to perform.
>>
>> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
>> it will be starting. As a result, the GHCB APIC ID retrieval action must
>> be performed. Since this service can also work with SEV-SNP running at
>> VMPL0, the patches to make use of this feature are near the beginning of
>> the series.
>>
>> How OVMF interacts with and uses the SVSM is documented in the SVSM
>> specification [1] and the GHCB specification [2].
>>
>> This support creates a new AmdSvsmLib library that is used by MpInitLib.
>> The edk2-platforms repo requires updates/patches to add the new library
>> requirement. To accomodate that, this series could be split between:
>>
>> patch number 12:
>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an 
>> SVSM
>>
>> and patch number 13:
>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>
>> The updates to edk2-platforms can be applied at the split.
>>
>> This series introduces support to run OVMF under an SVSM. It consists
>> of:
>>    - Retrieving the list of vCPU APIC IDs and starting up all APs without
>>      performing a broadcast SIPI
>>    - Reorganizing the page state change support to not directly use the
>>      GHCB buffer since an SVSM will use the calling area buffer, instead
>>    - Detecting the presence of an SVSM
>>    - When not running at VMPL0, invoking the SVSM for page validation and
>>      VMSA page creation/deletion
>>    - Detecting and allowing OVMF to run in a VMPL other than 0 when an
>>      SVSM is present
>>
>> The series is based off of commit:
>>
>>    e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs")
>>
>> [1] 
>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf
>> [2] 
>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf
>>
>> Cc: Anatol Belski <anbelski@linux.microsoft.com>
>> Cc: Anthony Perard <anthony.perard@citrix.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Corvin Köhne <corvink@freebsd.org>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Cc: Gua Guo <gua.guo@intel.com>
>> Cc: Guo Dong <guo.dong@intel.com>
>> Cc: James Lu <james.lu@intel.com>
>> Cc: Jianyong Wu <jianyong.wu@arm.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>> Cc: Michael Roth <michael.roth@amd.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Rahul Kumar <rahul1.kumar@intel.com>
>> Cc: Ray Ni <ray.ni@intel.com>
>> Cc: Rebecca Cran <rebecca@bsdio.com>
>> Cc: Sean Rhodes <sean@starlabs.systems>
>> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
>>
>> ---
>>
>> Changes in v3:
>> - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding
>>    function name changes
>> - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg
>>    and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid
>> - Separated the OvmfPkg changes for the AmdSvsmLib into two patches:
>>    - First patch adds usage of the AmdSvsmLib NULL library
>>    - Second patch adds the OVMF AmdSvsmLib implementation
>> - Updated the commit message for the OVMF AmdSvsmLib implementation to
>>    indicate that the base functionality for PVALIDATE and RMPADJUST was
>>    copied from the original locations in prep for converting those sites
>>    to using the library API.
>>
>> Changes in v2:
>> - Move the APIC IDs retrieval support to the beginning of the patch 
>> series
>>      - Use a GUIDed HOB to hold the APIC ID list instead of a PCD
>> - Split up Page State Change reorganization into multiple patches
>> - Created CcSvsmLib library instead of extending CcExitLib
>>      - This will require a corresponding update to edk2-platform DSC 
>> files
>>      - Removed Ray Ni's Acked-by since it is not a minor change
>> - Variable name changes and other misc changes
>>
>> Tom Lendacky (24):
>>    OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
>>    MdePkg: GHCB APIC ID retrieval support definitions
>>    UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is
>>      present
>>    OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
>>    OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
>>    OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State
>>      Change
>>    MdePkg: Avoid hardcoded value for number of Page State Change entries
>>    OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>    MdePkg/Register/Amd: Define the SVSM related information
>>    MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
>>      SVSM
>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>    Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
>>    Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
>>    UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
>>    OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate
>>      pages
>>    OvmfPkg: Create a calling area used to communicate with the SVSM
>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
>>    UefiCpuPkg/MpInitLib: AP creation support under an SVSM
>>    Ovmfpkg/CcExitLib: Provide SVSM discovery support
>>    OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at
>>      VMPL0
>>
>>   
>> OvmfPkg/OvmfPkg.dec                                                   
>> |   4 +
>>   
>> UefiCpuPkg/UefiCpuPkg.dec                                             
>> |   8 +-
>>   
>> OvmfPkg/AmdSev/AmdSevX64.dsc                                          
>> |   1 +
>>   
>> OvmfPkg/Bhyve/BhyveX64.dsc                                            
>> |   1 +
>>   
>> OvmfPkg/CloudHv/CloudHvX64.dsc                                        
>> |   1 +
>>   
>> OvmfPkg/IntelTdx/IntelTdxX64.dsc                                      
>> |   1 +
>>   
>> OvmfPkg/Microvm/MicrovmX64.dsc                                        
>> |   1 +
>>   
>> OvmfPkg/OvmfPkgIa32.dsc                                               
>> |   1 +
>>   
>> OvmfPkg/OvmfPkgIa32X64.dsc                                            
>> |   3 +-
>>   
>> OvmfPkg/OvmfPkgX64.dsc                                                
>> |   1 +
>>   
>> OvmfPkg/OvmfXen.dsc                                                   
>> |   1 +
>>   
>> UefiCpuPkg/UefiCpuPkg.dsc                                             
>> |   4 +-
>>   
>> UefiPayloadPkg/UefiPayloadPkg.dsc                                     
>> |   1 +
>>   
>> OvmfPkg/AmdSev/AmdSevX64.fdf                                          
>> |   9 +-
>>   
>> OvmfPkg/OvmfPkgX64.fdf                                                
>> |   3 +
>>   
>> MdePkg/Library/BaseLib/BaseLib.inf                                    
>> |   2 +
>>   
>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf                             
>> |  38 ++
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf          
>> |   3 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf          
>> |   3 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf          
>> |   3 +-
>>   
>> OvmfPkg/Library/CcExitLib/CcExitLib.inf                               
>> |   3 +-
>>   
>> OvmfPkg/Library/CcExitLib/SecCcExitLib.inf                            
>> |   3 +-
>>   
>> OvmfPkg/PlatformPei/PlatformPei.inf                                   
>> |   3 +
>>   
>> OvmfPkg/ResetVector/ResetVector.inf                                   
>> |   2 +
>>   
>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf                  
>> |  27 ++
>>   
>> UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf                         
>> |   2 +
>>   
>> UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf                         
>> |   2 +
>>   
>> MdePkg/Include/Library/BaseLib.h                                      
>> |  39 ++
>>   
>> MdePkg/Include/Register/Amd/Fam17Msr.h                                
>> |  19 +-
>>   
>> MdePkg/Include/Register/Amd/Ghcb.h                                    
>> |  19 +-
>>   
>> MdePkg/Include/Register/Amd/Msr.h                                     
>> |   3 +-
>>   
>> MdePkg/Include/Register/Amd/Svsm.h                                    
>> | 101 ++++
>>   
>> MdePkg/Include/Register/Amd/SvsmMsr.h                                 
>> |  35 ++
>>   
>> OvmfPkg/Include/WorkArea.h                                            
>> |   9 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h         
>> |   6 +-
>>   
>> UefiCpuPkg/Include/Guid/GhcbApicIds.h                                 
>> |  17 +
>>   
>> UefiCpuPkg/Include/Library/AmdSvsmLib.h                               
>> | 101 ++++
>>   
>> UefiCpuPkg/Library/MpInitLib/MpLib.h                                  
>> |  29 +-
>>   
>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c                               
>> | 500 ++++++++++++++++++++
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c    
>> |  11 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c        
>> |  27 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c    
>> |  22 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c    
>> |  31 +-
>>   
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c 
>> | 206 ++++----
>>   
>> OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                           
>> |  29 +-
>>   
>> OvmfPkg/PlatformPei/AmdSev.c                                          
>> | 103 +++-
>>   
>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c                    
>> | 108 +++++
>>   
>> UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c                            
>> |  21 +-
>>   
>> UefiCpuPkg/Library/MpInitLib/MpLib.c                                  
>> |   9 +-
>>   
>> UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c                             
>> | 134 ++++--
>>   
>> MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm                          
>> |  39 ++
>>   
>> MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm                           
>> |  94 ++++
>>   
>> OvmfPkg/ResetVector/ResetVector.nasmb                                 
>> |   6 +-
>>   
>> OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm                           
>> |  11 +-
>>   
>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni                  
>> |  13 +
>>   55 files changed, 1641 insertions(+), 232 deletions(-)
>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
>>   create mode 100644 MdePkg/Include/Register/Amd/Svsm.h
>>   create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h
>>   create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h
>>   create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h
>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
>>   create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
>>   create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
>>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117337): https://edk2.groups.io/g/devel/message/117337
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
  2024-03-08 15:32 ` [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA Lendacky, Thomas via groups.io
@ 2024-04-03  7:05   ` Ni, Ray
  0 siblings, 0 replies; 41+ messages in thread
From: Ni, Ray @ 2024-04-03  7:05 UTC (permalink / raw)
  To: Tom Lendacky, devel
  Cc: Ard Biesheuvel, Aktas, Erdem, Gerd Hoffmann, Yao, Jiewen,
	Laszlo Ersek, Liming Gao, Kinney, Michael D, Xu, Min M, Liu,
	Zhiguang, Kumar, Rahul R, Michael Roth

[-- Attachment #1: Type: text/plain, Size: 7529 bytes --]

Acked-by: Ray Ni <ray.ni@intel.com>

Thanks,
Ray
________________________________
From: Tom Lendacky <thomas.lendacky@amd.com>
Sent: Friday, March 8, 2024 23:29
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem <erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Yao, Jiewen <jiewen.yao@intel.com>; Laszlo Ersek <lersek@redhat.com>; Liming Gao <gaoliming@byosoft.com.cn>; Kinney, Michael D <michael.d.kinney@intel.com>; Xu, Min M <min.m.xu@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul R <rahul.r.kumar@intel.com>; Ni, Ray <ray.ni@intel.com>; Michael Roth <michael.roth@amd.com>
Subject: [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

The RMPADJUST instruction is used to change the VMSA attribute of a page,
but the VMSA attribute can only be changed when running at VMPL0. To
prepare for running at a less priviledged VMPL, use the AmdSvsmLib library
API to perform the RMPADJUST. The AmdSvsmLib library will perform the
proper operation on behalf of the caller.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/MpLib.h          | 14 -----
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c    | 20 --------
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c     | 54 +++-----------------
 5 files changed, 9 insertions(+), 81 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
index 69950fcd1289..19745437f005 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -57,6 +57,7 @@ [LibraryClasses]
   SynchronizationLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
   MicrocodeLib
 [LibraryClasses.X64]
   CpuPageTableLib
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
index 22f74a814534..679e51a1acd5 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -53,6 +53,7 @@ [LibraryClasses]
   PeiServicesLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
   MicrocodeLib

 [Pcd]
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index 65e05c4806f5..179f8e585b5d 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -883,20 +883,6 @@ FillExchangeInfoDataSevEs (
   IN volatile MP_CPU_EXCHANGE_INFO  *ExchangeInfo
   );

-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page.
-
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN               VmsaPage
-  );
-
 /**
   Create an SEV-SNP AP save area (VMSA) for use in running the vCPU.

diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
index 0478e92317f1..963bd62494b9 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
@@ -49,26 +49,6 @@ SevSnpCreateAP (
   ASSERT (FALSE);
 }

-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page.
-
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN               VmsaPage
-  )
-{
-  //
-  // RMPADJUST is not supported in 32-bit mode
-  //
-  return RETURN_UNSUPPORTED;
-}
-
 /**
   Determine if the SEV-SNP AP Create protocol should be used.

diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
index bd12a5ee2fcb..981135621384 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -10,6 +10,7 @@

 #include "MpLib.h"
 #include <Library/CcExitLib.h>
+#include <Library/AmdSvsmLib.h>
 #include <Register/Amd/Fam17Msr.h>
 #include <Register/Amd/Ghcb.h>

@@ -38,20 +39,15 @@ SevSnpPerformApAction (
   BOOLEAN                   InterruptState;
   UINT64                    ExitInfo1;
   UINT64                    ExitInfo2;
-  UINT32                    RmpAdjustStatus;
   UINT64                    VmgExitStatus;
+  EFI_STATUS                VmsaStatus;

   if (Action == SVM_VMGEXIT_SNP_AP_CREATE) {
     //
-    // To turn the page into a recognized VMSA page, issue RMPADJUST:
-    //   Target VMPL but numerically higher than current VMPL
-    //   Target PermissionMask is not used
+    // Turn the page into a recognized VMSA page.
     //
-    RmpAdjustStatus = SevSnpRmpAdjust (
-                        (EFI_PHYSICAL_ADDRESS)(UINTN)SaveArea,
-                        TRUE
-                        );
-    if (RmpAdjustStatus != 0) {
+    VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, TRUE);
+    if (EFI_ERROR (VmsaStatus)) {
       DEBUG ((DEBUG_INFO, "SEV-SNP: RMPADJUST failed for VMSA creation\n"));
       ASSERT (FALSE);

@@ -94,11 +90,8 @@ SevSnpPerformApAction (
     // Make the current VMSA not runnable and accessible to be
     // reprogrammed.
     //
-    RmpAdjustStatus = SevSnpRmpAdjust (
-                        (EFI_PHYSICAL_ADDRESS)(UINTN)SaveArea,
-                        FALSE
-                        );
-    if (RmpAdjustStatus != 0) {
+    VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, FALSE);
+    if (EFI_ERROR (VmsaStatus)) {
       DEBUG ((DEBUG_INFO, "SEV-SNP: RMPADJUST failed for VMSA reset\n"));
       ASSERT (FALSE);

@@ -328,39 +321,6 @@ SevSnpCreateAP (
   }
 }

-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page.
-
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN               VmsaPage
-  )
-{
-  UINT64  Rdx;
-
-  //
-  // The RMPADJUST instruction is used to set or clear the VMSA bit for a
-  // page. The VMSA change is only made when running at VMPL0 and is ignored
-  // otherwise. If too low a target VMPL is specified, the instruction can
-  // succeed without changing the VMSA bit when not running at VMPL0. Using a
-  // target VMPL level of 1, RMPADJUST will return a FAIL_PERMISSION error if
-  // not running at VMPL0, thus ensuring that the VMSA bit is set appropriately
-  // when no error is returned.
-  //
-  Rdx = 1;
-  if (VmsaPage) {
-    Rdx |= RMPADJUST_VMSA_PAGE_BIT;
-  }
-
-  return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx);
-}
-
 /**
   Determine if the SEV-SNP AP Create protocol should be used.

--
2.43.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117343): https://edk2.groups.io/g/devel/message/117343
Mute This Topic: https://groups.io/mt/104810728/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 12912 bytes --]

^ permalink raw reply related	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM
  2024-03-08 15:31 ` [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM Lendacky, Thomas via groups.io
@ 2024-04-03  7:06   ` Ni, Ray
  0 siblings, 0 replies; 41+ messages in thread
From: Ni, Ray @ 2024-04-03  7:06 UTC (permalink / raw)
  To: devel, thomas.lendacky
  Cc: Ard Biesheuvel, Aktas, Erdem, Gerd Hoffmann, Yao, Jiewen,
	Laszlo Ersek, Liming Gao, Kinney, Michael D, Xu, Min M, Liu,
	Zhiguang, Kumar, Rahul R, Michael Roth

[-- Attachment #1: Type: text/plain, Size: 11719 bytes --]

Acked-by: Ray Ni <ray.ni@intel.com>

Thanks,
Ray
________________________________
From: devel@edk2.groups.io <devel@edk2.groups.io> on behalf of Lendacky, Thomas via groups.io <thomas.lendacky=amd.com@groups.io>
Sent: Friday, March 8, 2024 23:31
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem <erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Yao, Jiewen <jiewen.yao@intel.com>; Laszlo Ersek <lersek@redhat.com>; Liming Gao <gaoliming@byosoft.com.cn>; Kinney, Michael D <michael.d.kinney@intel.com>; Xu, Min M <min.m.xu@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul R <rahul.r.kumar@intel.com>; Ni, Ray <ray.ni@intel.com>; Michael Roth <michael.roth@amd.com>
Subject: [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

In order to support an SEV-SNP guest running under an SVSM at VMPL1 or
lower, a new library must be created.

This library includes an interface to detect if running under an SVSM, an
interface to return the current VMPL, an interface to perform memory
validation and an interface to set or clear the attribute that allows a
page to be used as a VMSA.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec                            |   3 +
 UefiCpuPkg/UefiCpuPkg.dsc                            |   4 +-
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf |  27 +++++
 UefiCpuPkg/Include/Library/AmdSvsmLib.h              | 101 ++++++++++++++++++
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c   | 108 ++++++++++++++++++++
 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni |  13 +++
 6 files changed, 255 insertions(+), 1 deletion(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index c31d8b6736cf..d1bff93ae2e0 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -52,6 +52,9 @@ [LibraryClasses.IA32, LibraryClasses.X64]
   ##  @libraryclass  Provides function to support CcExit processing.
   CcExitLib|Include/Library/CcExitLib.h

+  ##  @libraryclass  Provides function to support AmdSvsm processing.
+  AmdSvsmLib|Include/Library/AmdSvsmLib.h
+
   ##  @libraryclass  Provides function to get CPU cache information.
   CpuCacheInfoLib|Include/Library/CpuCacheInfoLib.h

diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index 10b33594e586..422e50c92b48 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -2,7 +2,7 @@
 #  UefiCpuPkg Package
 #
 #  Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.<BR>
-#  Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -61,6 +61,7 @@ [LibraryClasses]
   PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
   TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
   CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
+  AmdSvsmLib|UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   MicrocodeLib|UefiCpuPkg/Library/MicrocodeLib/MicrocodeLib.inf
   SmmCpuRendezvousLib|UefiCpuPkg/Library/SmmCpuRendezvousLib/SmmCpuRendezvousLib.inf
   CpuPageTableLib|UefiCpuPkg/Library/CpuPageTableLib/CpuPageTableLib.inf
@@ -159,6 +160,7 @@ [Components.IA32, Components.X64]
   UefiCpuPkg/Library/SmmCpuFeaturesLib/StandaloneMmCpuFeaturesLib.inf
   UefiCpuPkg/Library/SmmCpuSyncLib/SmmCpuSyncLib.inf
   UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf
+  UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf
   UefiCpuPkg/SecCore/SecCore.inf
diff --git a/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
new file mode 100644
index 000000000000..45a189540941
--- /dev/null
+++ b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
@@ -0,0 +1,27 @@
+## @file
+#  AmdSvsm Base Support Library.
+#
+#  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 1.29
+  BASE_NAME                      = AmdSvsmLibNull
+  MODULE_UNI_FILE                = AmdSvsmLibNull.uni
+  FILE_GUID                      = 62b45e0f-c9b4-45ce-a5b3-41762709b3d9
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = AmdSvsmLib
+
+[Sources.common]
+  AmdSvsmLibNull.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
+
+[LibraryClasses]
+  BaseLib
+
diff --git a/UefiCpuPkg/Include/Library/AmdSvsmLib.h b/UefiCpuPkg/Include/Library/AmdSvsmLib.h
new file mode 100644
index 000000000000..40e0e5bd4259
--- /dev/null
+++ b/UefiCpuPkg/Include/Library/AmdSvsmLib.h
@@ -0,0 +1,101 @@
+/** @file
+  Public header file for the AmdSvsmLib.
+
+  This library class defines some routines used for invoking an SVSM when the
+  guest is not running at VMPL0.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef AMD_SVSM_LIB_H_
+#define AMD_SVSM_LIB_H_
+
+#include <Protocol/DebugSupport.h>
+#include <Register/Amd/Ghcb.h>
+
+/**
+  Report the presence of an Secure Virtual Services Module (SVSM).
+
+  Determines the presence of an SVSM.
+
+  @retval  TRUE                   An SVSM is present
+  @retval  FALSE                  An SVSM is not present
+
+**/
+BOOLEAN
+EFIAPI
+AmdSvsmIsSvsmPresent (
+  VOID
+  );
+
+/**
+  Report the VMPL level at which the SEV-SNP guest is running.
+
+  Determines the VMPL level at which the guest is running. If an SVSM is
+  not present, then it must be VMPL0, otherwise return what is reported
+  by the SVSM.
+
+  @return                         The VMPL level
+
+**/
+UINT8
+EFIAPI
+AmdSvsmSnpGetVmpl (
+  VOID
+  );
+
+/**
+  Report the Calling Area address (CAA) for the BSP of the SEV-SNP guest.
+
+  If an SVSM is present, the CAA for the BSP is returned.
+
+  @return                         The CAA
+
+**/
+UINT64
+EFIAPI
+AmdSvsmSnpGetCaa (
+  VOID
+  );
+
+/**
+  Perform a PVALIDATE operation for the page ranges specified.
+
+  Validate or rescind the validation of the specified pages.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+VOID
+EFIAPI
+AmdSvsmSnpPvalidate (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  );
+
+/**
+  Perform an RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       ApicId         APIC ID associated with the VMSA
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_UNSUPPORTED        Operation is not supported
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+EFI_STATUS
+EFIAPI
+AmdSvsmSnpVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN UINT32            ApicId,
+  IN BOOLEAN           SetVmsa
+  );
+
+#endif
diff --git a/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
new file mode 100644
index 000000000000..a83fcbd6ce7b
--- /dev/null
+++ b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
@@ -0,0 +1,108 @@
+/** @file
+  AmdSvsm Base Support Library.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Uefi.h>
+#include <Library/AmdSvsmLib.h>
+
+/**
+  Report the presence of an Secure Virtual Services Module (SVSM).
+
+  Determines the presence of an SVSM.
+
+  @retval  TRUE                   An SVSM is present
+  @retval  FALSE                  An SVSM is not present
+
+**/
+BOOLEAN
+EFIAPI
+AmdSvsmIsSvsmPresent (
+  VOID
+  )
+{
+  return FALSE;
+}
+
+/**
+  Report the VMPL level at which the SEV-SNP guest is running.
+
+  Determines the VMPL level at which the guest is running. If an SVSM is
+  not present, then it must be VMPL0, otherwise return what is reported
+  by the SVSM.
+
+  @return                         The VMPL level
+
+**/
+UINT8
+EFIAPI
+AmdSvsmSnpGetVmpl (
+  VOID
+  )
+{
+  return 0;
+}
+
+/**
+  Report the Calling Area address (CAA) for the BSP of the SEV-SNP guest.
+
+  If an SVSM is present, the CAA for the BSP is returned.
+
+  @return                         The CAA
+
+**/
+UINT64
+EFIAPI
+AmdSvsmSnpGetCaa (
+  VOID
+  )
+{
+  return 0;
+}
+
+/**
+  Perform a PVALIDATE operation for the page ranges specified.
+
+  Validate or rescind the validation of the specified pages.
+
+  @param[in]       Info           Pointer to a page state change structure
+
+**/
+VOID
+EFIAPI
+AmdSvsmSnpPvalidate (
+  IN SNP_PAGE_STATE_CHANGE_INFO  *Info
+  )
+{
+}
+
+/**
+  Perform an RMPADJUST operation to alter the VMSA setting of a page.
+
+  Add or remove the VMSA attribute for a page.
+
+  @param[in]       Vmsa           Pointer to an SEV-ES save area page
+  @param[in]       ApicId         APIC ID associated with the VMSA
+  @param[in]       SetVmsa        Boolean indicator as to whether to set or
+                                  or clear the VMSA setting for the page
+
+  @retval  EFI_SUCCESS            RMPADJUST operation successful
+  @retval  EFI_UNSUPPORTED        Operation is not supported
+  @retval  EFI_INVALID_PARAMETER  RMPADJUST operation failed, an invalid
+                                  parameter was supplied
+
+**/
+EFI_STATUS
+EFIAPI
+AmdSvsmSnpVmsaRmpAdjust (
+  IN SEV_ES_SAVE_AREA  *Vmsa,
+  IN UINT32            ApicId,
+  IN BOOLEAN           SetVmsa
+  )
+{
+  return EFI_UNSUPPORTED;
+}
diff --git a/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
new file mode 100644
index 000000000000..5e998030de5b
--- /dev/null
+++ b/UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
@@ -0,0 +1,13 @@
+// /** @file
+// AmdSvsmLib instance.
+//
+// Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "AmdSvsmLib NULL instance"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "AmdSvsmLib NULL instance."
+
--
2.43.2








-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117344): https://edk2.groups.io/g/devel/message/117344
Mute This Topic: https://groups.io/mt/104810717/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 19568 bytes --]

^ permalink raw reply related	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present
  2024-03-08 15:30 ` [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present Lendacky, Thomas via groups.io
@ 2024-04-03  7:07   ` Ni, Ray
  0 siblings, 0 replies; 41+ messages in thread
From: Ni, Ray @ 2024-04-03  7:07 UTC (permalink / raw)
  To: devel, thomas.lendacky
  Cc: Ard Biesheuvel, Aktas, Erdem, Gerd Hoffmann, Yao, Jiewen,
	Laszlo Ersek, Liming Gao, Kinney, Michael D, Xu, Min M, Liu,
	Zhiguang, Kumar, Rahul R, Michael Roth

[-- Attachment #1: Type: text/plain, Size: 12311 bytes --]

Acked-by: Ray Ni <ray.ni@intel.com>

Thanks,
Ray
________________________________
From: devel@edk2.groups.io <devel@edk2.groups.io> on behalf of Lendacky, Thomas via groups.io <thomas.lendacky=amd.com@groups.io>
Sent: Friday, March 8, 2024 23:30
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem <erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Yao, Jiewen <jiewen.yao@intel.com>; Laszlo Ersek <lersek@redhat.com>; Liming Gao <gaoliming@byosoft.com.cn>; Kinney, Michael D <michael.d.kinney@intel.com>; Xu, Min M <min.m.xu@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul R <rahul.r.kumar@intel.com>; Ni, Ray <ray.ni@intel.com>; Michael Roth <michael.roth@amd.com>
Subject: [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

Currently, the first time an AP is started for an SEV-SNP guest, it relies
on the VMSA as set by the hypervisor. If the list of APIC IDs has been
retrieved, this is not necessary. The list of APIC IDs will be identified
by a GUIDed HOB. If the GUIDed HOB is present, use the SEV-SNP AP Create
protocol to start the AP for the first time and each time thereafter.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec                     |  5 +-
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  1 +
 UefiCpuPkg/Include/Guid/GhcbApicIds.h         | 17 +++++
 UefiCpuPkg/Library/MpInitLib/MpLib.h          | 15 +++-
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c    | 21 +++++-
 UefiCpuPkg/Library/MpInitLib/MpLib.c          |  9 ++-
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c     | 78 ++++++++++++++++++--
 8 files changed, 133 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 571b59b36f0a..c31d8b6736cf 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -2,7 +2,7 @@
 # This Package provides UEFI compatible CPU modules and libraries.
 #
 # Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.<BR>
-# Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<BR>
+# Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
 #
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -91,6 +91,9 @@ [Guids]
   ## Include/Guid/MpInformation2.h
   gMpInformation2HobGuid         = { 0x417a7f64, 0xf4e9, 0x4b32, {0x84, 0x6a, 0x5c, 0xc4, 0xd8, 0x62, 0x18, 0x79 }}

+  ## Include/Guid/GhcbApicIds.h
+  gGhcbApicIdsGuid               = { 0xbc964338, 0xee39, 0x4fc8, { 0xa2, 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80, 0x1b }}
+
 [Protocols]
   ## Include/Protocol/SmmCpuService.h
   gEfiSmmCpuServiceProtocolGuid   = { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
index 55e46d4a1fad..69950fcd1289 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -68,6 +68,7 @@ [Guids]
   gEfiEventExitBootServicesGuid                 ## CONSUMES  ## Event
   gEfiEventLegacyBootGuid                       ## SOMETIMES_CONSUMES  ## Event
   gEdkiiMicrocodePatchHobGuid                   ## SOMETIMES_CONSUMES  ## HOB
+  gGhcbApicIdsGuid                              ## SOMETIMES_CONSUMES  ## HOB

 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber            ## CONSUMES
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
index bc3d716aa951..22f74a814534 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -76,3 +76,4 @@ [Ppis]
 [Guids]
   gEdkiiS3SmmInitDoneGuid
   gEdkiiMicrocodePatchHobGuid
+  gGhcbApicIdsGuid                       ## SOMETIMES_CONSUMES
diff --git a/UefiCpuPkg/Include/Guid/GhcbApicIds.h b/UefiCpuPkg/Include/Guid/GhcbApicIds.h
new file mode 100644
index 000000000000..9d5bfcb0de22
--- /dev/null
+++ b/UefiCpuPkg/Include/Guid/GhcbApicIds.h
@@ -0,0 +1,17 @@
+/** @file
+  APIC ID list retrieved for an SEV-ES/SEV-SNP guest via the GHCB.
+
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef GHCB_APIC_IDS_H_
+#define GHCB_APIC_IDS_H_
+
+#define GHCB_APIC_IDS_GUID \
+  { 0xbc964338, 0xee39, 0x4fc8, { 0xa2, 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80, 0x1b }}
+
+extern EFI_GUID  gGhcbApicIdsGuid;
+
+#endif
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index d26035559f22..65e05c4806f5 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -2,7 +2,7 @@
   Common header file for MP Initialize Library.

   Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.<BR>
-  Copyright (c) 2020, AMD Inc. All rights reserved.<BR>
+  Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.<BR>

   SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -924,6 +924,19 @@ SevSnpCreateAP (
   IN INTN         ProcessorNumber
   );

+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE       Use SEV-SNP AP Create protocol
+  @retval     FALSE      Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  );
+
 /**
   Get pointer to CPU MP Data structure from GUIDed HOB.

diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
index c83144285b68..0478e92317f1 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
@@ -2,7 +2,7 @@

   AMD SEV helper function.

-  Copyright (c) 2021, AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>

   SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -68,3 +68,22 @@ SevSnpRmpAdjust (
   //
   return RETURN_UNSUPPORTED;
 }
+
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE       Use SEV-SNP AP Create protocol
+  @retval     FALSE      Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  )
+{
+  //
+  // SEV-SNP is not supported on 32-bit build.
+  //
+  return FALSE;
+}
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index 9bac62f289e0..d7244565029d 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -2,7 +2,7 @@
   CPU MP Initialize Library common functions.

   Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.<BR>
-  Copyright (c) 2020, AMD Inc. All rights reserved.<BR>
+  Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.<BR>

   SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -1303,9 +1303,10 @@ WakeUpAP (
       //
       // Wakeup all APs
       //   Must use the INIT-SIPI-SIPI method for initial configuration in
-      //   order to obtain the APIC ID.
+      //   order to obtain the APIC ID if not an SEV-SNP guest and the
+      //   list of APIC IDs is not available.
       //
-      if (CpuMpData->SevSnpIsEnabled && (CpuMpData->InitFlag != ApInitConfig)) {
+      if (CanUseSevSnpCreateAP (CpuMpData)) {
         SevSnpCreateAP (CpuMpData, -1);
       } else {
         if ((CpuMpData->InitFlag == ApInitConfig) && FixedPcdGetBool (PcdFirstTimeWakeUpAPsBySipi)) {
@@ -1415,7 +1416,7 @@ WakeUpAP (
         SetSevEsJumpTable (ExchangeInfo->BufferStart);
       }

-      if (CpuMpData->SevSnpIsEnabled && (CpuMpData->InitFlag != ApInitConfig)) {
+      if (CanUseSevSnpCreateAP (CpuMpData)) {
         SevSnpCreateAP (CpuMpData, (INTN)ProcessorNumber);
       } else {
         SendInitSipiSipi (
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
index c9f0984f41a2..bd12a5ee2fcb 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -2,7 +2,7 @@

   AMD SEV helper function.

-  Copyright (c) 2021, AMD Incorporated. All rights reserved.<BR>
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.<BR>

   SPDX-License-Identifier: BSD-2-Clause-Patent

@@ -268,20 +268,55 @@ SevSnpCreateAP (
   IN INTN         ProcessorNumber
   )
 {
-  CPU_INFO_IN_HOB  *CpuInfoInHob;
-  CPU_AP_DATA      *CpuData;
-  UINTN            Index;
-  UINT32           ApicId;
+  CPU_INFO_IN_HOB    *CpuInfoInHob;
+  CPU_AP_DATA        *CpuData;
+  UINTN              Index;
+  UINTN              MaxIndex;
+  UINT32             ApicId;
+  EFI_HOB_GUID_TYPE  *GuidHob;
+  GHCB_APIC_IDS      *GhcbApicIds;

   ASSERT (CpuMpData->MpCpuExchangeInfo->BufferStart < 0x100000);

   CpuInfoInHob = (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob;

   if (ProcessorNumber < 0) {
-    for (Index = 0; Index < CpuMpData->CpuCount; Index++) {
+    if (CpuMpData->InitFlag == ApInitConfig) {
+      //
+      // APs have not been started, so CpuCount is not "known" yet. Use the
+      // retrieved APIC IDs to start the APs and fill out the MpLib CPU
+      // information properly. CanUseSevSnpCreateAP() guarantees we have a
+      // HOB when InitFlag is ApInitConfig.
+      //
+      GuidHob     = GetFirstGuidHob (&gGhcbApicIdsGuid);
+      GhcbApicIds = (GHCB_APIC_IDS *)(*(UINTN *)GET_GUID_HOB_DATA (GuidHob));
+      MaxIndex    = MIN (GhcbApicIds->NumEntries, PcdGet32 (PcdCpuMaxLogicalProcessorNumber));
+    } else {
+      //
+      // APs have been previously started.
+      //
+      MaxIndex = CpuMpData->CpuCount;
+    }
+
+    for (Index = 0; Index < MaxIndex; Index++) {
       if (Index != CpuMpData->BspNumber) {
         CpuData = &CpuMpData->CpuData[Index];
-        ApicId  = CpuInfoInHob[Index].ApicId,
+
+        if (CpuMpData->InitFlag == ApInitConfig) {
+          ApicId = GhcbApicIds->ApicIds[Index];
+
+          //
+          // For the first boot, use the BSP register information.
+          //
+          CopyMem (
+            &CpuData->VolatileRegisters,
+            &CpuMpData->CpuData[0].VolatileRegisters,
+            sizeof (CpuData->VolatileRegisters)
+            );
+        } else {
+          ApicId = CpuInfoInHob[Index].ApicId;
+        }
+
         SevSnpCreateSaveArea (CpuMpData, CpuData, ApicId);
       }
     }
@@ -325,3 +360,32 @@ SevSnpRmpAdjust (

   return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx);
 }
+
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE       Use SEV-SNP AP Create protocol
+  @retval     FALSE      Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  )
+{
+  //
+  // The AP Create protocol is used for an SEV-SNP guest if
+  //   - The initial configuration has been performed already or
+  //   - The APIC IDs GUIDed HOB is non-zero.
+  //
+  if (!CpuMpData->SevSnpIsEnabled) {
+    return FALSE;
+  }
+
+  if ((CpuMpData->InitFlag == ApInitConfig) && (GetFirstGuidHob (&gGhcbApicIdsGuid) == NULL)) {
+    return FALSE;
+  }
+
+  return TRUE;
+}
--
2.43.2








-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117345): https://edk2.groups.io/g/devel/message/117345
Mute This Topic: https://groups.io/mt/104810684/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 20290 bytes --]

^ permalink raw reply related	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
  2024-04-02 18:16   ` Lendacky, Thomas via groups.io
@ 2024-04-03  7:09     ` Ni, Ray
  2024-04-03 15:03       ` Lendacky, Thomas via groups.io
  0 siblings, 1 reply; 41+ messages in thread
From: Ni, Ray @ 2024-04-03  7:09 UTC (permalink / raw)
  To: devel, Yao, Jiewen, Liming Gao, Liu, Zhiguang, Kinney, Michael D,
	Guo, Gua, Dong, Guo, Lu, James, Rhodes, Sean, Kumar, Rahul R,
	thomas.lendacky
  Cc: Ard Biesheuvel, Aktas, Erdem, Gerd Hoffmann, Xu, Min M,
	Michael Roth, Anatol Belski, Anthony Perard, Corvin Köhne,
	Jianyong Wu, Rebecca Cran

[-- Attachment #1: Type: text/plain, Size: 13139 bytes --]

I think I've acked all patches in UefiCpuPkg.
Please let me know if any other patches need my review.

Thanks,
Ray
________________________________
From: devel@edk2.groups.io <devel@edk2.groups.io> on behalf of Lendacky, Thomas via groups.io <thomas.lendacky=amd.com@groups.io>
Sent: Wednesday, April 3, 2024 2:16
To: devel@edk2.groups.io <devel@edk2.groups.io>; Yao, Jiewen <jiewen.yao@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Ni, Ray <ray.ni@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Guo, Gua <gua.guo@intel.com>; Dong, Guo <guo.dong@intel.com>; Lu, James <james.lu@intel.com>; Rhodes, Sean <sean@starlabs.systems>; Kumar, Rahul R <rahul.r.kumar@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem <erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Xu, Min M <min.m.xu@intel.com>; Michael Roth <michael.roth@amd.com>; Anatol Belski <anbelski@linux.microsoft.com>; Anthony Perard <anthony.perard@citrix.com>; Corvin Köhne <corvink@freebsd.org>; Jianyong Wu <jianyong.wu@arm.com>; Rebecca Cran <rebecca@bsdio.com>
Subject: Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM

Re-pinging the list/maintainers. Still awaiting feedback/reviews/acks on
the changes.

Thanks,
Tom

On 3/26/24 13:34, Tom Lendacky wrote:
> Any issues with this version of the series? Still looking for
> Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related
> patches.
>
> Once I get those, I'll submit the edk2-platform patches to support the
> new library as a response to these patches for a quick review.
>
> Thanks,
> Tom
>
> On 3/8/24 09:29, Tom Lendacky wrote:
>>
>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
>>
>> This series adds SEV-SNP support for running OVMF under an Secure VM
>> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
>> By running at a less priviledged VMPL, the SVSM can be used to provide
>> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
>> confidential VM (CVM) rather than trust such services from the
>> hypervisor.
>>
>> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
>> certain SNP related operations that require that VMPL level.
>> Specifically,
>> the PVALIDATE instruction and the RMPADJUST instruction when setting the
>> the VMSA attribute of a page (used when starting APs).
>>
>> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
>> use an SVSM (which is running at VMPL0) to perform the operations that
>> it is no longer able to perform.
>>
>> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
>> it will be starting. As a result, the GHCB APIC ID retrieval action must
>> be performed. Since this service can also work with SEV-SNP running at
>> VMPL0, the patches to make use of this feature are near the beginning of
>> the series.
>>
>> How OVMF interacts with and uses the SVSM is documented in the SVSM
>> specification [1] and the GHCB specification [2].
>>
>> This support creates a new AmdSvsmLib library that is used by MpInitLib.
>> The edk2-platforms repo requires updates/patches to add the new library
>> requirement. To accomodate that, this series could be split between:
>>
>> patch number 12:
>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
>> SVSM
>>
>> and patch number 13:
>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>
>> The updates to edk2-platforms can be applied at the split.
>>
>> This series introduces support to run OVMF under an SVSM. It consists
>> of:
>>    - Retrieving the list of vCPU APIC IDs and starting up all APs without
>>      performing a broadcast SIPI
>>    - Reorganizing the page state change support to not directly use the
>>      GHCB buffer since an SVSM will use the calling area buffer, instead
>>    - Detecting the presence of an SVSM
>>    - When not running at VMPL0, invoking the SVSM for page validation and
>>      VMSA page creation/deletion
>>    - Detecting and allowing OVMF to run in a VMPL other than 0 when an
>>      SVSM is present
>>
>> The series is based off of commit:
>>
>>    e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs")
>>
>> [1]
>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf
>> [2]
>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf
>>
>> Cc: Anatol Belski <anbelski@linux.microsoft.com>
>> Cc: Anthony Perard <anthony.perard@citrix.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Corvin Köhne <corvink@freebsd.org>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Cc: Gua Guo <gua.guo@intel.com>
>> Cc: Guo Dong <guo.dong@intel.com>
>> Cc: James Lu <james.lu@intel.com>
>> Cc: Jianyong Wu <jianyong.wu@arm.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>> Cc: Michael Roth <michael.roth@amd.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Rahul Kumar <rahul1.kumar@intel.com>
>> Cc: Ray Ni <ray.ni@intel.com>
>> Cc: Rebecca Cran <rebecca@bsdio.com>
>> Cc: Sean Rhodes <sean@starlabs.systems>
>> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
>>
>> ---
>>
>> Changes in v3:
>> - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding
>>    function name changes
>> - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg
>>    and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid
>> - Separated the OvmfPkg changes for the AmdSvsmLib into two patches:
>>    - First patch adds usage of the AmdSvsmLib NULL library
>>    - Second patch adds the OVMF AmdSvsmLib implementation
>> - Updated the commit message for the OVMF AmdSvsmLib implementation to
>>    indicate that the base functionality for PVALIDATE and RMPADJUST was
>>    copied from the original locations in prep for converting those sites
>>    to using the library API.
>>
>> Changes in v2:
>> - Move the APIC IDs retrieval support to the beginning of the patch
>> series
>>      - Use a GUIDed HOB to hold the APIC ID list instead of a PCD
>> - Split up Page State Change reorganization into multiple patches
>> - Created CcSvsmLib library instead of extending CcExitLib
>>      - This will require a corresponding update to edk2-platform DSC
>> files
>>      - Removed Ray Ni's Acked-by since it is not a minor change
>> - Variable name changes and other misc changes
>>
>> Tom Lendacky (24):
>>    OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
>>    MdePkg: GHCB APIC ID retrieval support definitions
>>    UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is
>>      present
>>    OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
>>    OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
>>    OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State
>>      Change
>>    MdePkg: Avoid hardcoded value for number of Page State Change entries
>>    OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>    MdePkg/Register/Amd: Define the SVSM related information
>>    MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
>>      SVSM
>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>    Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
>>    Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
>>    UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
>>    OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate
>>      pages
>>    OvmfPkg: Create a calling area used to communicate with the SVSM
>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
>>    UefiCpuPkg/MpInitLib: AP creation support under an SVSM
>>    Ovmfpkg/CcExitLib: Provide SVSM discovery support
>>    OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at
>>      VMPL0
>>
>>
>> OvmfPkg/OvmfPkg.dec
>> |   4 +
>>
>> UefiCpuPkg/UefiCpuPkg.dec
>> |   8 +-
>>
>> OvmfPkg/AmdSev/AmdSevX64.dsc
>> |   1 +
>>
>> OvmfPkg/Bhyve/BhyveX64.dsc
>> |   1 +
>>
>> OvmfPkg/CloudHv/CloudHvX64.dsc
>> |   1 +
>>
>> OvmfPkg/IntelTdx/IntelTdxX64.dsc
>> |   1 +
>>
>> OvmfPkg/Microvm/MicrovmX64.dsc
>> |   1 +
>>
>> OvmfPkg/OvmfPkgIa32.dsc
>> |   1 +
>>
>> OvmfPkg/OvmfPkgIa32X64.dsc
>> |   3 +-
>>
>> OvmfPkg/OvmfPkgX64.dsc
>> |   1 +
>>
>> OvmfPkg/OvmfXen.dsc
>> |   1 +
>>
>> UefiCpuPkg/UefiCpuPkg.dsc
>> |   4 +-
>>
>> UefiPayloadPkg/UefiPayloadPkg.dsc
>> |   1 +
>>
>> OvmfPkg/AmdSev/AmdSevX64.fdf
>> |   9 +-
>>
>> OvmfPkg/OvmfPkgX64.fdf
>> |   3 +
>>
>> MdePkg/Library/BaseLib/BaseLib.inf
>> |   2 +
>>
>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
>> |  38 ++
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
>> |   3 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
>> |   3 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>> |   3 +-
>>
>> OvmfPkg/Library/CcExitLib/CcExitLib.inf
>> |   3 +-
>>
>> OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
>> |   3 +-
>>
>> OvmfPkg/PlatformPei/PlatformPei.inf
>> |   3 +
>>
>> OvmfPkg/ResetVector/ResetVector.inf
>> |   2 +
>>
>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
>> |  27 ++
>>
>> UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
>> |   2 +
>>
>> UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
>> |   2 +
>>
>> MdePkg/Include/Library/BaseLib.h
>> |  39 ++
>>
>> MdePkg/Include/Register/Amd/Fam17Msr.h
>> |  19 +-
>>
>> MdePkg/Include/Register/Amd/Ghcb.h
>> |  19 +-
>>
>> MdePkg/Include/Register/Amd/Msr.h
>> |   3 +-
>>
>> MdePkg/Include/Register/Amd/Svsm.h
>> | 101 ++++
>>
>> MdePkg/Include/Register/Amd/SvsmMsr.h
>> |  35 ++
>>
>> OvmfPkg/Include/WorkArea.h
>> |   9 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h
>> |   6 +-
>>
>> UefiCpuPkg/Include/Guid/GhcbApicIds.h
>> |  17 +
>>
>> UefiCpuPkg/Include/Library/AmdSvsmLib.h
>> | 101 ++++
>>
>> UefiCpuPkg/Library/MpInitLib/MpLib.h
>> |  29 +-
>>
>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
>> | 500 ++++++++++++++++++++
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c
>> |  11 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
>> |  27 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c
>> |  22 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
>> |  31 +-
>>
>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
>> | 206 ++++----
>>
>> OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
>> |  29 +-
>>
>> OvmfPkg/PlatformPei/AmdSev.c
>> | 103 +++-
>>
>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
>> | 108 +++++
>>
>> UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
>> |  21 +-
>>
>> UefiCpuPkg/Library/MpInitLib/MpLib.c
>> |   9 +-
>>
>> UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
>> | 134 ++++--
>>
>> MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
>> |  39 ++
>>
>> MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
>> |  94 ++++
>>
>> OvmfPkg/ResetVector/ResetVector.nasmb
>> |   6 +-
>>
>> OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
>> |  11 +-
>>
>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
>> |  13 +
>>   55 files changed, 1641 insertions(+), 232 deletions(-)
>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
>>   create mode 100644 MdePkg/Include/Register/Amd/Svsm.h
>>   create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h
>>   create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h
>>   create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h
>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
>>   create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
>>   create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
>>







-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117346): https://edk2.groups.io/g/devel/message/117346
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 30516 bytes --]

^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
  2024-04-03  7:09     ` Ni, Ray
@ 2024-04-03 15:03       ` Lendacky, Thomas via groups.io
  0 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-04-03 15:03 UTC (permalink / raw)
  To: Ni, Ray, devel, Yao, Jiewen, Liming Gao, Liu, Zhiguang, Kinney,
	Michael D, Guo, Gua, Dong, Guo, Lu, James, Rhodes, Sean, Kumar,
	Rahul R
  Cc: Ard Biesheuvel, Aktas, Erdem, Gerd Hoffmann, Xu, Min M,
	Michael Roth, Anatol Belski, Anthony Perard, Corvin Köhne,
	Jianyong Wu, Rebecca Cran

On 4/3/24 02:09, Ni, Ray wrote:
> I think I've acked all patches in UefiCpuPkg.
> Please let me know if any other patches need my review.

Thanks, Ray!

Tom

> 
> Thanks,
> Ray
> ------------------------------------------------------------------------
> *From:* devel@edk2.groups.io <devel@edk2.groups.io> on behalf of 
> Lendacky, Thomas via groups.io <thomas.lendacky=amd.com@groups.io>
> *Sent:* Wednesday, April 3, 2024 2:16
> *To:* devel@edk2.groups.io <devel@edk2.groups.io>; Yao, Jiewen 
> <jiewen.yao@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Ni, Ray 
> <ray.ni@intel.com>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kinney, 
> Michael D <michael.d.kinney@intel.com>; Guo, Gua <gua.guo@intel.com>; 
> Dong, Guo <guo.dong@intel.com>; Lu, James <james.lu@intel.com>; Rhodes, 
> Sean <sean@starlabs.systems>; Kumar, Rahul R <rahul.r.kumar@intel.com>
> *Cc:* Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem 
> <erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Xu, Min M 
> <min.m.xu@intel.com>; Michael Roth <michael.roth@amd.com>; Anatol Belski 
> <anbelski@linux.microsoft.com>; Anthony Perard 
> <anthony.perard@citrix.com>; Corvin Köhne <corvink@freebsd.org>; 
> Jianyong Wu <jianyong.wu@arm.com>; Rebecca Cran <rebecca@bsdio.com>
> *Subject:* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for 
> running under an SVSM
> Re-pinging the list/maintainers. Still awaiting feedback/reviews/acks on
> the changes.
> 
> Thanks,
> Tom
> 
> On 3/26/24 13:34, Tom Lendacky wrote:
>> Any issues with this version of the series? Still looking for 
>> Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related 
>> patches.
>> 
>> Once I get those, I'll submit the edk2-platform patches to support the 
>> new library as a response to these patches for a quick review.
>> 
>> Thanks,
>> Tom
>> 
>> On 3/8/24 09:29, Tom Lendacky wrote:
>>>
>>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654 
> <https://bugzilla.tianocore.org/show_bug.cgi?id=4654>
>>>
>>> This series adds SEV-SNP support for running OVMF under an Secure VM
>>> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
>>> By running at a less priviledged VMPL, the SVSM can be used to provide
>>> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
>>> confidential VM (CVM) rather than trust such services from the 
>>> hypervisor.
>>>
>>> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
>>> certain SNP related operations that require that VMPL level. 
>>> Specifically,
>>> the PVALIDATE instruction and the RMPADJUST instruction when setting the
>>> the VMSA attribute of a page (used when starting APs).
>>>
>>> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
>>> use an SVSM (which is running at VMPL0) to perform the operations that
>>> it is no longer able to perform.
>>>
>>> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
>>> it will be starting. As a result, the GHCB APIC ID retrieval action must
>>> be performed. Since this service can also work with SEV-SNP running at
>>> VMPL0, the patches to make use of this feature are near the beginning of
>>> the series.
>>>
>>> How OVMF interacts with and uses the SVSM is documented in the SVSM
>>> specification [1] and the GHCB specification [2].
>>>
>>> This support creates a new AmdSvsmLib library that is used by MpInitLib.
>>> The edk2-platforms repo requires updates/patches to add the new library
>>> requirement. To accomodate that, this series could be split between:
>>>
>>> patch number 12:
>>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an 
>>> SVSM
>>>
>>> and patch number 13:
>>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>>
>>> The updates to edk2-platforms can be applied at the split.
>>>
>>> This series introduces support to run OVMF under an SVSM. It consists
>>> of:
>>>    - Retrieving the list of vCPU APIC IDs and starting up all APs without
>>>      performing a broadcast SIPI
>>>    - Reorganizing the page state change support to not directly use the
>>>      GHCB buffer since an SVSM will use the calling area buffer, instead
>>>    - Detecting the presence of an SVSM
>>>    - When not running at VMPL0, invoking the SVSM for page validation and
>>>      VMSA page creation/deletion
>>>    - Detecting and allowing OVMF to run in a VMPL other than 0 when an
>>>      SVSM is present
>>>
>>> The series is based off of commit:
>>>
>>>    e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs")
>>>
>>> [1] 
>>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf>
>>> [2] 
>>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf <https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf>
>>>
>>> Cc: Anatol Belski <anbelski@linux.microsoft.com>
>>> Cc: Anthony Perard <anthony.perard@citrix.com>
>>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>>> Cc: Corvin Köhne <corvink@freebsd.org>
>>> Cc: Erdem Aktas <erdemaktas@google.com>
>>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>>> Cc: Gua Guo <gua.guo@intel.com>
>>> Cc: Guo Dong <guo.dong@intel.com>
>>> Cc: James Lu <james.lu@intel.com>
>>> Cc: Jianyong Wu <jianyong.wu@arm.com>
>>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>>> Cc: Laszlo Ersek <lersek@redhat.com>
>>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>>> Cc: Michael Roth <michael.roth@amd.com>
>>> Cc: Min Xu <min.m.xu@intel.com>
>>> Cc: Rahul Kumar <rahul1.kumar@intel.com>
>>> Cc: Ray Ni <ray.ni@intel.com>
>>> Cc: Rebecca Cran <rebecca@bsdio.com>
>>> Cc: Sean Rhodes <sean@starlabs.systems>
>>> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
>>>
>>> ---
>>>
>>> Changes in v3:
>>> - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding
>>>    function name changes
>>> - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg
>>>    and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid
>>> - Separated the OvmfPkg changes for the AmdSvsmLib into two patches:
>>>    - First patch adds usage of the AmdSvsmLib NULL library
>>>    - Second patch adds the OVMF AmdSvsmLib implementation
>>> - Updated the commit message for the OVMF AmdSvsmLib implementation to
>>>    indicate that the base functionality for PVALIDATE and RMPADJUST was
>>>    copied from the original locations in prep for converting those sites
>>>    to using the library API.
>>>
>>> Changes in v2:
>>> - Move the APIC IDs retrieval support to the beginning of the patch 
>>> series
>>>      - Use a GUIDed HOB to hold the APIC ID list instead of a PCD
>>> - Split up Page State Change reorganization into multiple patches
>>> - Created CcSvsmLib library instead of extending CcExitLib
>>>      - This will require a corresponding update to edk2-platform DSC 
>>> files
>>>      - Removed Ray Ni's Acked-by since it is not a minor change
>>> - Variable name changes and other misc changes
>>>
>>> Tom Lendacky (24):
>>>    OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
>>>    MdePkg: GHCB APIC ID retrieval support definitions
>>>    UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is
>>>      present
>>>    OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
>>>    OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
>>>    OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State
>>>      Change
>>>    MdePkg: Avoid hardcoded value for number of Page State Change entries
>>>    OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
>>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>>    MdePkg/Register/Amd: Define the SVSM related information
>>>    MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
>>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
>>>      SVSM
>>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>>    Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
>>>    Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
>>>    UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
>>>    OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate
>>>      pages
>>>    OvmfPkg: Create a calling area used to communicate with the SVSM
>>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
>>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
>>>    UefiCpuPkg/MpInitLib: AP creation support under an SVSM
>>>    Ovmfpkg/CcExitLib: Provide SVSM discovery support
>>>    OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at
>>>      VMPL0
>>>
>>>   
>>> OvmfPkg/OvmfPkg.dec                                                   
>>> |   4 +
>>>   
>>> UefiCpuPkg/UefiCpuPkg.dec                                             
>>> |   8 +-
>>>   
>>> OvmfPkg/AmdSev/AmdSevX64.dsc                                          
>>> |   1 +
>>>   
>>> OvmfPkg/Bhyve/BhyveX64.dsc                                            
>>> |   1 +
>>>   
>>> OvmfPkg/CloudHv/CloudHvX64.dsc                                        
>>> |   1 +
>>>   
>>> OvmfPkg/IntelTdx/IntelTdxX64.dsc                                      
>>> |   1 +
>>>   
>>> OvmfPkg/Microvm/MicrovmX64.dsc                                        
>>> |   1 +
>>>   
>>> OvmfPkg/OvmfPkgIa32.dsc                                               
>>> |   1 +
>>>   
>>> OvmfPkg/OvmfPkgIa32X64.dsc                                            
>>> |   3 +-
>>>   
>>> OvmfPkg/OvmfPkgX64.dsc                                                
>>> |   1 +
>>>   
>>> OvmfPkg/OvmfXen.dsc                                                   
>>> |   1 +
>>>   
>>> UefiCpuPkg/UefiCpuPkg.dsc                                             
>>> |   4 +-
>>>   
>>> UefiPayloadPkg/UefiPayloadPkg.dsc                                     
>>> |   1 +
>>>   
>>> OvmfPkg/AmdSev/AmdSevX64.fdf                                          
>>> |   9 +-
>>>   
>>> OvmfPkg/OvmfPkgX64.fdf                                                
>>> |   3 +
>>>   
>>> MdePkg/Library/BaseLib/BaseLib.inf                                    
>>> |   2 +
>>>   
>>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf                             
>>> |  38 ++
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf          
>>> |   3 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf          
>>> |   3 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf          
>>> |   3 +-
>>>   
>>> OvmfPkg/Library/CcExitLib/CcExitLib.inf                               
>>> |   3 +-
>>>   
>>> OvmfPkg/Library/CcExitLib/SecCcExitLib.inf                            
>>> |   3 +-
>>>   
>>> OvmfPkg/PlatformPei/PlatformPei.inf                                   
>>> |   3 +
>>>   
>>> OvmfPkg/ResetVector/ResetVector.inf                                   
>>> |   2 +
>>>   
>>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf                  
>>> |  27 ++
>>>   
>>> UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf                         
>>> |   2 +
>>>   
>>> UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf                         
>>> |   2 +
>>>   
>>> MdePkg/Include/Library/BaseLib.h                                      
>>> |  39 ++
>>>   
>>> MdePkg/Include/Register/Amd/Fam17Msr.h                                
>>> |  19 +-
>>>   
>>> MdePkg/Include/Register/Amd/Ghcb.h                                    
>>> |  19 +-
>>>   
>>> MdePkg/Include/Register/Amd/Msr.h                                     
>>> |   3 +-
>>>   
>>> MdePkg/Include/Register/Amd/Svsm.h                                    
>>> | 101 ++++
>>>   
>>> MdePkg/Include/Register/Amd/SvsmMsr.h                                 
>>> |  35 ++
>>>   
>>> OvmfPkg/Include/WorkArea.h                                            
>>> |   9 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h         
>>> |   6 +-
>>>   
>>> UefiCpuPkg/Include/Guid/GhcbApicIds.h                                 
>>> |  17 +
>>>   
>>> UefiCpuPkg/Include/Library/AmdSvsmLib.h                               
>>> | 101 ++++
>>>   
>>> UefiCpuPkg/Library/MpInitLib/MpLib.h                                  
>>> |  29 +-
>>>   
>>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c                               
>>> | 500 ++++++++++++++++++++
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c    
>>> |  11 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c        
>>> |  27 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c    
>>> |  22 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c    
>>> |  31 +-
>>>   
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c 
>>> | 206 ++++----
>>>   
>>> OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                           
>>> |  29 +-
>>>   
>>> OvmfPkg/PlatformPei/AmdSev.c                                          
>>> | 103 +++-
>>>   
>>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c                    
>>> | 108 +++++
>>>   
>>> UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c                            
>>> |  21 +-
>>>   
>>> UefiCpuPkg/Library/MpInitLib/MpLib.c                                  
>>> |   9 +-
>>>   
>>> UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c                             
>>> | 134 ++++--
>>>   
>>> MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm                          
>>> |  39 ++
>>>   
>>> MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm                           
>>> |  94 ++++
>>>   
>>> OvmfPkg/ResetVector/ResetVector.nasmb                                 
>>> |   6 +-
>>>   
>>> OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm                           
>>> |  11 +-
>>>   
>>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni                  
>>> |  13 +
>>>   55 files changed, 1641 insertions(+), 232 deletions(-)
>>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
>>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
>>>   create mode 100644 MdePkg/Include/Register/Amd/Svsm.h
>>>   create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h
>>>   create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h
>>>   create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h
>>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
>>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
>>>   create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
>>>   create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
>>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
>>>
> 
> 
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117372): https://edk2.groups.io/g/devel/message/117372
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
       [not found]   ` <17C28950368F582E.9676@groups.io>
@ 2024-04-12 14:02     ` Lendacky, Thomas via groups.io
  2024-04-12 15:05       ` Ard Biesheuvel
  0 siblings, 1 reply; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-04-12 14:02 UTC (permalink / raw)
  To: devel, Jiewen Yao, Liming Gao, Zhiguang Liu, Michael D Kinney,
	Gua Guo, Guo Dong, James Lu, Sean Rhodes, Rahul Kumar
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Min Xu, Michael Roth,
	Anatol Belski, Anthony Perard, Corvin Köhne, Jianyong Wu,
	Rebecca Cran, Ray Ni

Re-pinging the list/maintainers, again. I need reviews from the 
maintainers on patches #2, #7, #10, #11 and #13.

Once I get final approval, I'll submit the change to edk2-platforms for 
the new library as a reply to this series for a quick review.

Thanks,
Tom

On 4/2/24 13:16, Lendacky, Thomas via groups.io wrote:
> Re-pinging the list/maintainers. Still awaiting feedback/reviews/acks on 
> the changes.
> 
> Thanks,
> Tom
> 
> On 3/26/24 13:34, Tom Lendacky wrote:
>> Any issues with this version of the series? Still looking for 
>> Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related 
>> patches.
>>
>> Once I get those, I'll submit the edk2-platform patches to support the 
>> new library as a response to these patches for a quick review.
>>
>> Thanks,
>> Tom
>>
>> On 3/8/24 09:29, Tom Lendacky wrote:
>>>
>>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
>>>
>>> This series adds SEV-SNP support for running OVMF under an Secure VM
>>> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
>>> By running at a less priviledged VMPL, the SVSM can be used to provide
>>> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
>>> confidential VM (CVM) rather than trust such services from the hypervisor.
>>>
>>> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
>>> certain SNP related operations that require that VMPL level. Specifically,
>>> the PVALIDATE instruction and the RMPADJUST instruction when setting the
>>> the VMSA attribute of a page (used when starting APs).
>>>
>>> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
>>> use an SVSM (which is running at VMPL0) to perform the operations that
>>> it is no longer able to perform.
>>>
>>> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
>>> it will be starting. As a result, the GHCB APIC ID retrieval action must
>>> be performed. Since this service can also work with SEV-SNP running at
>>> VMPL0, the patches to make use of this feature are near the beginning of
>>> the series.
>>>
>>> How OVMF interacts with and uses the SVSM is documented in the SVSM
>>> specification [1] and the GHCB specification [2].
>>>
>>> This support creates a new AmdSvsmLib library that is used by MpInitLib.
>>> The edk2-platforms repo requires updates/patches to add the new library
>>> requirement. To accomodate that, this series could be split between:
>>>
>>> patch number 12:
>>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM
>>>
>>> and patch number 13:
>>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>>
>>> The updates to edk2-platforms can be applied at the split.
>>>
>>> This series introduces support to run OVMF under an SVSM. It consists
>>> of:
>>>    - Retrieving the list of vCPU APIC IDs and starting up all APs without
>>>      performing a broadcast SIPI
>>>    - Reorganizing the page state change support to not directly use the
>>>      GHCB buffer since an SVSM will use the calling area buffer, instead
>>>    - Detecting the presence of an SVSM
>>>    - When not running at VMPL0, invoking the SVSM for page validation and
>>>      VMSA page creation/deletion
>>>    - Detecting and allowing OVMF to run in a VMPL other than 0 when an
>>>      SVSM is present
>>>
>>> The series is based off of commit:
>>>
>>>    e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs")
>>>
>>> [1] 
>>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf
>>> [2] 
>>> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf
>>>
>>> Cc: Anatol Belski <anbelski@linux.microsoft.com>
>>> Cc: Anthony Perard <anthony.perard@citrix.com>
>>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>>> Cc: Corvin Köhne <corvink@freebsd.org>
>>> Cc: Erdem Aktas <erdemaktas@google.com>
>>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>>> Cc: Gua Guo <gua.guo@intel.com>
>>> Cc: Guo Dong <guo.dong@intel.com>
>>> Cc: James Lu <james.lu@intel.com>
>>> Cc: Jianyong Wu <jianyong.wu@arm.com>
>>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>>> Cc: Laszlo Ersek <lersek@redhat.com>
>>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>>> Cc: Michael Roth <michael.roth@amd.com>
>>> Cc: Min Xu <min.m.xu@intel.com>
>>> Cc: Rahul Kumar <rahul1.kumar@intel.com>
>>> Cc: Ray Ni <ray.ni@intel.com>
>>> Cc: Rebecca Cran <rebecca@bsdio.com>
>>> Cc: Sean Rhodes <sean@starlabs.systems>
>>> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
>>>
>>> ---
>>>
>>> Changes in v3:
>>> - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding
>>>    function name changes
>>> - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg
>>>    and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid
>>> - Separated the OvmfPkg changes for the AmdSvsmLib into two patches:
>>>    - First patch adds usage of the AmdSvsmLib NULL library
>>>    - Second patch adds the OVMF AmdSvsmLib implementation
>>> - Updated the commit message for the OVMF AmdSvsmLib implementation to
>>>    indicate that the base functionality for PVALIDATE and RMPADJUST was
>>>    copied from the original locations in prep for converting those sites
>>>    to using the library API.
>>>
>>> Changes in v2:
>>> - Move the APIC IDs retrieval support to the beginning of the patch series
>>>      - Use a GUIDed HOB to hold the APIC ID list instead of a PCD
>>> - Split up Page State Change reorganization into multiple patches
>>> - Created CcSvsmLib library instead of extending CcExitLib
>>>      - This will require a corresponding update to edk2-platform DSC files
>>>      - Removed Ray Ni's Acked-by since it is not a minor change
>>> - Variable name changes and other misc changes
>>>
>>> Tom Lendacky (24):
>>>    OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust()
>>>    MdePkg: GHCB APIC ID retrieval support definitions
>>>    UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is
>>>      present
>>>    OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor
>>>    OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors
>>>    OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State
>>>      Change
>>>    MdePkg: Avoid hardcoded value for number of Page State Change entries
>>>    OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
>>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>>    MdePkg/Register/Amd: Define the SVSM related information
>>>    MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM
>>>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an
>>>      SVSM
>>>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
>>>    Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library
>>>    Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services
>>>    UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
>>>    OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate
>>>      pages
>>>    OvmfPkg: Create a calling area used to communicate with the SVSM
>>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
>>>    OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
>>>    OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
>>>    UefiCpuPkg/MpInitLib: AP creation support under an SVSM
>>>    Ovmfpkg/CcExitLib: Provide SVSM discovery support
>>>    OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at
>>>      VMPL0
>>>
>>> OvmfPkg/OvmfPkg.dec |   4 +
>>> UefiCpuPkg/UefiCpuPkg.dec |   8 +-
>>> OvmfPkg/AmdSev/AmdSevX64.dsc |   1 +
>>> OvmfPkg/Bhyve/BhyveX64.dsc |   1 +
>>> OvmfPkg/CloudHv/CloudHvX64.dsc |   1 +
>>> OvmfPkg/IntelTdx/IntelTdxX64.dsc |   1 +
>>> OvmfPkg/Microvm/MicrovmX64.dsc |   1 +
>>> OvmfPkg/OvmfPkgIa32.dsc |   1 +
>>> OvmfPkg/OvmfPkgIa32X64.dsc |   3 +-
>>> OvmfPkg/OvmfPkgX64.dsc |   1 +
>>> OvmfPkg/OvmfXen.dsc |   1 +
>>> UefiCpuPkg/UefiCpuPkg.dsc |   4 +-
>>> UefiPayloadPkg/UefiPayloadPkg.dsc |   1 +
>>> OvmfPkg/AmdSev/AmdSevX64.fdf |   9 +-
>>> OvmfPkg/OvmfPkgX64.fdf |   3 +
>>> MdePkg/Library/BaseLib/BaseLib.inf |   2 +
>>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf |  38 ++
>>> OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf |   3 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf |   3 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf |   3 +-
>>> OvmfPkg/Library/CcExitLib/CcExitLib.inf |   3 +-
>>> OvmfPkg/Library/CcExitLib/SecCcExitLib.inf |   3 +-
>>> OvmfPkg/PlatformPei/PlatformPei.inf |   3 +
>>> OvmfPkg/ResetVector/ResetVector.inf |   2 +
>>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf |  27 ++
>>> UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |   2 +
>>> UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |   2 +
>>> MdePkg/Include/Library/BaseLib.h |  39 ++
>>> MdePkg/Include/Register/Amd/Fam17Msr.h |  19 +-
>>> MdePkg/Include/Register/Amd/Ghcb.h |  19 +-
>>> MdePkg/Include/Register/Amd/Msr.h |   3 +-
>>> MdePkg/Include/Register/Amd/Svsm.h | 101 ++++
>>> MdePkg/Include/Register/Amd/SvsmMsr.h |  35 ++
>>> OvmfPkg/Include/WorkArea.h |   9 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h |   6 +-
>>> UefiCpuPkg/Include/Guid/GhcbApicIds.h |  17 +
>>> UefiCpuPkg/Include/Library/AmdSvsmLib.h | 101 ++++
>>> UefiCpuPkg/Library/MpInitLib/MpLib.h |  29 +-
>>> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c | 500 ++++++++++++++++++++
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c |  
>>> 11 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c |  27 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c |  
>>> 22 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c |  
>>> 31 +-
>>> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 
>>> 206 ++++----
>>> OvmfPkg/Library/CcExitLib/CcExitVcHandler.c |  29 +-
>>> OvmfPkg/PlatformPei/AmdSev.c | 103 +++-
>>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c | 108 +++++
>>> UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c |  21 +-
>>> UefiCpuPkg/Library/MpInitLib/MpLib.c |   9 +-
>>> UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c | 134 ++++--
>>> MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm |  39 ++
>>> MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm |  94 ++++
>>> OvmfPkg/ResetVector/ResetVector.nasmb |   6 +-
>>> OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm |  11 +-
>>> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni |  13 +
>>>   55 files changed, 1641 insertions(+), 232 deletions(-)
>>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf
>>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf
>>>   create mode 100644 MdePkg/Include/Register/Amd/Svsm.h
>>>   create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h
>>>   create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h
>>>   create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h
>>>   create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
>>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c
>>>   create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm
>>>   create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm
>>>   create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni
>>>
> 
> 
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117667): https://edk2.groups.io/g/devel/message/117667
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
  2024-04-12 14:02     ` Lendacky, Thomas via groups.io
@ 2024-04-12 15:05       ` Ard Biesheuvel
  2024-04-12 15:14         ` Lendacky, Thomas via groups.io
  0 siblings, 1 reply; 41+ messages in thread
From: Ard Biesheuvel @ 2024-04-12 15:05 UTC (permalink / raw)
  To: Tom Lendacky, Liming Gao, Michael D Kinney, Ray Ni
  Cc: devel, Jiewen Yao, Zhiguang Liu, Gua Guo, Guo Dong, James Lu,
	Sean Rhodes, Rahul Kumar, Erdem Aktas, Gerd Hoffmann, Min Xu,
	Michael Roth, Anatol Belski, Anthony Perard, Corvin Köhne,
	Jianyong Wu, Rebecca Cran

On Fri, 12 Apr 2024 at 16:02, Tom Lendacky <thomas.lendacky@amd.com> wrote:
>
> Re-pinging the list/maintainers, again. I need reviews from the
> maintainers on patches #2, #7, #10, #11 and #13.
>
> Once I get final approval, I'll submit the change to edk2-platforms for
> the new library as a reply to this series for a quick review.
>

So this is MdePkg and UefiCpuPkg, right?

@Liming, Mike, Ray: please let me know if you are ok with these
changes, or whether there are any objections.

I intend to merge this somewhere next week unless there are issues raised.

Thanks,
Ard.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117709): https://edk2.groups.io/g/devel/message/117709
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
  2024-04-12 15:05       ` Ard Biesheuvel
@ 2024-04-12 15:14         ` Lendacky, Thomas via groups.io
  0 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-04-12 15:14 UTC (permalink / raw)
  To: Ard Biesheuvel, Liming Gao, Michael D Kinney, Ray Ni, Gua Guo,
	Guo Dong, Zhiguang Liu, James Lu, Sean Rhodes
  Cc: devel, Jiewen Yao, Rahul Kumar, Erdem Aktas, Gerd Hoffmann,
	Min Xu, Michael Roth, Anatol Belski, Anthony Perard,
	Corvin Köhne, Jianyong Wu, Rebecca Cran

On 4/12/24 10:05, Ard Biesheuvel wrote:
> On Fri, 12 Apr 2024 at 16:02, Tom Lendacky <thomas.lendacky@amd.com> wrote:
>>
>> Re-pinging the list/maintainers, again. I need reviews from the
>> maintainers on patches #2, #7, #10, #11 and #13.
>>
>> Once I get final approval, I'll submit the change to edk2-platforms for
>> the new library as a reply to this series for a quick review.
>>
> 
> So this is MdePkg and UefiCpuPkg, right?

MdePkg and UefiPayloadPkg.

> 
> @Liming, Mike, Ray: please let me know if you are ok with these

Ray already reviewed/acked the UefiCpuPkg patches.

Looking for
MdePkg: Liming, Mike or Zhiguang
UefiPayloadPkg: Gua, Guo, James or Sean

> changes, or whether there are any objections.
> 
> I intend to merge this somewhere next week unless there are issues raised.

I'll submit the edk2-platforms series (2 patches, one for Platform/AMD and 
one for Platform/Intel) on Monday, just to have out there.

Thanks,
Tom

> 
> Thanks,
> Ard.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#117717): https://edk2.groups.io/g/devel/message/117717
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

* Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM
       [not found] <17BAD3BB1C3BF368.2608@groups.io>
@ 2024-03-08 16:10 ` Lendacky, Thomas via groups.io
  0 siblings, 0 replies; 41+ messages in thread
From: Lendacky, Thomas via groups.io @ 2024-03-08 16:10 UTC (permalink / raw)
  To: devel
  Cc: Ard Biesheuvel, Erdem Aktas, Gerd Hoffmann, Jiewen Yao,
	Laszlo Ersek, Liming Gao, Michael D Kinney, Min Xu, Zhiguang Liu,
	Rahul Kumar, Ray Ni, Michael Roth, Anatol Belski, Anthony Perard,
	Corvin Köhne, Gua Guo, Guo Dong, James Lu, Jianyong Wu,
	Rebecca Cran, Sean Rhodes

On 3/8/24 09:30, Lendacky, Thomas via groups.io wrote:
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
> 
> This series adds SEV-SNP support for running OVMF under an Secure VM
> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL).
> By running at a less priviledged VMPL, the SVSM can be used to provide
> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP
> confidential VM (CVM) rather than trust such services from the hypervisor.
> 
> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are
> certain SNP related operations that require that VMPL level. Specifically,
> the PVALIDATE instruction and the RMPADJUST instruction when setting the
> the VMSA attribute of a page (used when starting APs).
> 
> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must
> use an SVSM (which is running at VMPL0) to perform the operations that
> it is no longer able to perform.
> 
> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that
> it will be starting. As a result, the GHCB APIC ID retrieval action must
> be performed. Since this service can also work with SEV-SNP running at
> VMPL0, the patches to make use of this feature are near the beginning of
> the series.
> 
> How OVMF interacts with and uses the SVSM is documented in the SVSM
> specification [1] and the GHCB specification [2].
> 
> This support creates a new AmdSvsmLib library that is used by MpInitLib.
> The edk2-platforms repo requires updates/patches to add the new library
> requirement. To accomodate that, this series could be split between:
> 
> patch number 12:
>    UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM
> 
> and patch number 13:
>    UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library
> 
> The updates to edk2-platforms can be applied at the split.

I have the edk2-platforms patch series prepared but will hold off on 
sending until this series settles and is ready to merge.

Thanks,
Tom

> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116551): https://edk2.groups.io/g/devel/message/116551
Mute This Topic: https://groups.io/mt/104810672/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 41+ messages in thread

end of thread, other threads:[~2024-04-12 15:14 UTC | newest]

Thread overview: 41+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-03-08 15:30 [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 01/24] OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust() Lendacky, Thomas via groups.io
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 02/24] MdePkg: GHCB APIC ID retrieval support definitions Lendacky, Thomas via groups.io
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present Lendacky, Thomas via groups.io
2024-04-03  7:07   ` Ni, Ray
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 04/24] OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor Lendacky, Thomas via groups.io
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 05/24] OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors Lendacky, Thomas via groups.io
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 06/24] OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State Change Lendacky, Thomas via groups.io
2024-03-08 15:30 ` [edk2-devel] [PATCH v3 07/24] MdePkg: Avoid hardcoded value for number of Page State Change entries Lendacky, Thomas via groups.io
2024-03-14 10:42   ` Gerd Hoffmann
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 09/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency Lendacky, Thomas via groups.io
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 08/24] OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support Lendacky, Thomas via groups.io
2024-03-14 10:43   ` Gerd Hoffmann
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 10/24] MdePkg/Register/Amd: Define the SVSM related information Lendacky, Thomas via groups.io
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 11/24] MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM Lendacky, Thomas via groups.io
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 12/24] UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVSM Lendacky, Thomas via groups.io
2024-04-03  7:06   ` Ni, Ray
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 13/24] UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 15/24] Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services Lendacky, Thomas via groups.io
2024-03-14 10:39   ` Gerd Hoffmann
2024-03-08 15:31 ` [edk2-devel] [PATCH v3 14/24] Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library Lendacky, Thomas via groups.io
2024-03-14  9:34   ` Gerd Hoffmann
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA Lendacky, Thomas via groups.io
2024-04-03  7:05   ` Ni, Ray
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 17/24] OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages Lendacky, Thomas via groups.io
2024-03-14 10:40   ` Gerd Hoffmann
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 18/24] OvmfPkg: Create a calling area used to communicate with the SVSM Lendacky, Thomas via groups.io
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 19/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call Lendacky, Thomas via groups.io
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 20/24] OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency Lendacky, Thomas via groups.io
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 21/24] OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls Lendacky, Thomas via groups.io
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 22/24] UefiCpuPkg/MpInitLib: AP creation support under an SVSM Lendacky, Thomas via groups.io
2024-03-08 15:32 ` [edk2-devel] [PATCH v3 23/24] Ovmfpkg/CcExitLib: Provide SVSM discovery support Lendacky, Thomas via groups.io
2024-03-08 15:33 ` [edk2-devel] [PATCH v3 24/24] OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at VMPL0 Lendacky, Thomas via groups.io
2024-03-26 18:34 ` [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Lendacky, Thomas via groups.io
2024-04-02 18:16   ` Lendacky, Thomas via groups.io
2024-04-03  7:09     ` Ni, Ray
2024-04-03 15:03       ` Lendacky, Thomas via groups.io
     [not found]   ` <17C28950368F582E.9676@groups.io>
2024-04-12 14:02     ` Lendacky, Thomas via groups.io
2024-04-12 15:05       ` Ard Biesheuvel
2024-04-12 15:14         ` Lendacky, Thomas via groups.io
     [not found] <17BAD3BB1C3BF368.2608@groups.io>
2024-03-08 16:10 ` Lendacky, Thomas via groups.io

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox