From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 71390AC1C0C for ; Fri, 26 Jan 2024 22:14:20 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=v2NzK6oDW0E/DB440MvqH2Tnnv+82qtpFr3xeOx1AiE=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20140610; t=1706307258; v=1; b=cEPFlTyFdPIC2Jtq8ZksdeiZ2El8rUKBG+ejL14Bs/xWWgOkfzdPQ8DTb2cXC1TdpOmX01fm UFp2E591cuEk0REcAvDQjRc+BPVFklaf74uPlYWvaBq0S+PrilFyra9FRzQrXLE9zQZYud6GsA8 1S8MhseLWKtplHdOMpR0dKc8= X-Received: by 127.0.0.2 with SMTP id LrdOYY7687511x5MeW7i0kMy; Fri, 26 Jan 2024 14:14:18 -0800 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.72]) by mx.groups.io with SMTP id smtpd.web10.2870.1706307258317594380 for ; Fri, 26 Jan 2024 14:14:18 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=neFL+PXx8jrbFYSj3EtVqgYysNOysFsqpC0r+I8S1SQKBtuA+i0laWcsskMhXx5PamT3V0ofAZ2EyEOo/D7kWIqIm1I/jIRGZEhEJqpAhdtxjacZTkuQYB7L9Ubz2QYN1SHIb0ObjpdDbh73Oz+X6SSiOFjuFz/zpRpMwmdAurndj96qenvATuN4j8cMHZ1zpgFSg04vCLUPrrsabpoih7vu7WdbLhDvDlLQ0qKKD70XSJm/MnA6jtzOvMojVRMm4j5/gGwhPoQrQeJYIzAFSah6F44SEVfPPQPfg3qZW/K4u2Mj+VM5tHS7m6OCpb8/6MbOlLbB0/ZIZ8kTKq+xHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fyQQl2uha62nXRRf46wJWgDW1qksZYYJYSpMocc9KjU=; b=Geu7Ck1jf3sIDEzxSQf7qzl851M9FkPPTbWSMIulSxOXwjWtEEijaGwjSShWkvi7AzAWBclw0Ey4sVbNCsIUyvYpMajCGnssmfTCt92li04Zb545m1dVy6V6qvP6ehCUm+6XKkjhaq+XYN3aVn+9lxakV3kgAyiFp6EKDzV3TabgL6rrub46qufBy0ex+Ih2N8jeT9G8EcFdch4QV5Qrj8EFf84KR/jHqfFu0scFs/1uBvDEkrwdbRuwYy/h6L8nvVGsUGCp2YQH65Mly0dHiRslIwJTq+8fWm7sAeEGc43bULv1Xn3J4B9e1uAngSomeQBqwc4CyfwdkLv8hlTyqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) X-Received: from DM6PR02CA0074.namprd02.prod.outlook.com (2603:10b6:5:1f4::15) by SN7PR12MB6689.namprd12.prod.outlook.com (2603:10b6:806:273::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7202.37; Fri, 26 Jan 2024 22:14:13 +0000 X-Received: from DS2PEPF0000343A.namprd02.prod.outlook.com (2603:10b6:5:1f4:cafe::d) by DM6PR02CA0074.outlook.office365.com (2603:10b6:5:1f4::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.26 via Frontend Transport; Fri, 26 Jan 2024 22:14:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DS2PEPF0000343A.mail.protection.outlook.com (10.167.18.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:14:13 +0000 X-Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:14:12 -0600 From: "Lendacky, Thomas via groups.io" To: CC: Ard Biesheuvel , Erdem Aktas , Gerd Hoffmann , Jiewen Yao , Laszlo Ersek , Liming Gao , Michael D Kinney , Min Xu , Zhiguang Liu , "Rahul Kumar" , Ray Ni , Michael Roth Subject: [edk2-devel] [PATCH 06/16] OvmfPkg: Create a calling area used to communicate with the SVSM Date: Fri, 26 Jan 2024 16:13:05 -0600 Message-ID: <71953b1d2099718aef44c5ad6ff2d616540a1d25.1706307195.git.thomas.lendacky@amd.com> In-Reply-To: References: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PEPF0000343A:EE_|SN7PR12MB6689:EE_ X-MS-Office365-Filtering-Correlation-Id: e5136090-8b45-4d13-b197-08dc1ebc2113 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: i4LVP6n2K6L8uo0LViFuMqrgiUhTLyQHGk2xb0NHMbqmO1q1VPxz2B9pBwGGBITaNl6IVZM9eg2fZj5zyTqhtWpMU4IlS9pQ5sQFy10sMqxUJIlWJ8fVGeWSXxk0nwoZjoBt53Zp3DDu261A9Sfjnxv9IIyie4fi2K6wyJtCLo3eSs2VXS6yHjBlFrkgkuP0XXMkxfjA9D4U72lMZCd9tjUU03+A+MMQ/L9EnW7lz07EcJX/RugX0tDr961sQ68aarBXcBFIOoS6qEeRRmbmu6yz1K/GZQHs4gDaEmrGjSLxYfc4MFtFQP+IW9XwJQQtODPPScqq16dAp6G18mccr2lfcab0RDcDSZpXGLJf/RqI3uc58mVTAEdwnganar2qqyHaLZDloCTmdyvTE7OXCpgzH4nyGRQN5nRaB/A+CyGnaImZVuNnYpR9Aq7eGDM2lJoJGnGzO2RzxoyK8K6L1cd/ZSaGXEwQPqaNFNnAdqPY/5iXkQRHfJQjemUodZSIjwIGurTNdoWtkPQ5jQBeBhQQ0hXMhvF4K9Mad12IaOSlLEfHnRELBV1yeLqyFhB2GAlXGJthFviV6wKpFhs9BwzjLWYuFy3YnL3q4mH6KjXrZ4C6l7rcpvBui/qcLZzIrEjEDFlibvJnygptemwVnegbnMhIsRz9UXKkV6/x8ekP9SCJPArqE18z1Af9I/B2xvF123DnNeYAdKPQJVJHxnkw48BuBtB8DMwt0Pu/fB19OZUveysa1fAjNGWj1gjzfxrpquajdjjo2vM87UXzZg== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:14:13.6454 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e5136090-8b45-4d13-b197-08dc1ebc2113 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS2PEPF0000343A.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6689 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: xTWBEKmrnTor0qoCKQw8IRQOx7686176AA= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=cEPFlTyF; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}"); dmarc=none; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654 An SVSM requires a calling area page whose address (CAA) is used by the SVSM to communicate and process the SVSM request. Add a pre-defined page area to the OvmfPkg and AmdSev packages and define corresponding PCDs used to communicate the location and size of the area. Keep the AmdSev package in sync with the OvmfPkg and adjust the AmdSev launch and hash area memory locations. Signed-off-by: Tom Lendacky --- OvmfPkg/OvmfPkg.dec | 4 ++++ OvmfPkg/AmdSev/AmdSevX64.fdf | 9 ++++++--- OvmfPkg/OvmfPkgX64.fdf | 3 +++ OvmfPkg/PlatformPei/PlatformPei.inf | 2 ++ OvmfPkg/ResetVector/ResetVector.inf | 2 ++ OvmfPkg/PlatformPei/AmdSev.c | 13 ++++++++++++- OvmfPkg/ResetVector/ResetVector.nasmb | 6 ++++-- OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm | 9 +++++++++ 8 files changed, 42 insertions(+), 6 deletions(-) diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index b44fa039f76c..f208d048ca12 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -334,6 +334,10 @@ [PcdsFixedAtBuild] ## Restrict boot to EFI applications in firmware volumes. gUefiOvmfPkgTokenSpaceGuid.PcdBootRestrictToFirmware|FALSE|BOOLEAN|0x6c =20 + ## The base address and size of the initial SVSM Calling Area. + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|0|UINT32|0x6e + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize|0|UINT32|0x6f + [PcdsDynamic, PcdsDynamicEx] gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x1= 0 diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 9dd409596780..dafa5ebacbaf 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -68,13 +68,16 @@ [FD.MEMFD] 0x00E000|0x001000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.Pcd= OvmfCpuidSize =20 -0x00F000|0x000C00 +0x00F000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|gUefiOvmfPkgTokenSpaceGui= d.PcdOvmfSecSvsmCaaSize + +0x010000|0x000C00 gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGu= id.PcdSevLaunchSecretSize =20 -0x00FC00|0x000400 +0x010C00|0x000400 gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|gUefiOvmfPkgTokenSpaceGuid= .PcdQemuHashTableSize =20 -0x010000|0x010000 +0x011000|0x00F000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace= Guid.PcdOvmfSecPeiTempRamSize =20 0x020000|0x0E0000 diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index f47ab1727e4c..f12844f674e7 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -94,6 +94,9 @@ [FD.MEMFD] 0x00E000|0x001000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.Pcd= OvmfCpuidSize =20 +0x00F000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|gUefiOvmfPkgTokenSpaceGui= d.PcdOvmfSecSvsmCaaSize + 0x010000|0x010000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace= Guid.PcdOvmfSecPeiTempRamSize =20 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index ad52be306560..6907cc72669e 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -127,6 +127,8 @@ [FixedPcd] gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese= tVector.inf index a4154ca90c28..0f5f8fec0b77 100644 --- a/OvmfPkg/ResetVector/ResetVector.inf +++ b/OvmfPkg/ResetVector/ResetVector.inf @@ -62,5 +62,7 @@ [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index e6b602d79a05..af832d3e535e 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -1,7 +1,7 @@ /**@file Initialize Secure Encrypted Virtualization (SEV) support =20 - Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<= BR> + Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<= BR> =20 SPDX-License-Identifier: BSD-2-Clause-Patent =20 @@ -465,5 +465,16 @@ SevInitializeRam ( (UINT64)(UINTN)PcdGet32 (PcdOvmfCpuidSize), EfiReservedMemoryType ); + + // + // The calling area memory needs to be protected until the OS can crea= te + // its own calling area. Mark it as EfiReservedMemoryType so that the + // guest firmware and OS do not use it as a system memory. + // + BuildMemoryAllocationHob ( + (EFI_PHYSICAL_ADDRESS)(UINTN)PcdGet32 (PcdOvmfSecSvsmCaaBase), + (UINT64)(UINTN)PcdGet32 (PcdOvmfSecSvsmCaaSize), + EfiReservedMemoryType + ); } } diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re= setVector.nasmb index 5832aaa8abf7..503f81eb7025 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -3,7 +3,7 @@ ; This file includes all other code files to assemble the reset vector cod= e ; ; Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.
-; Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved. +; Copyright (c) 2020 - 2024, Advanced Micro Devices, Inc. All rights reser= ved.
; SPDX-License-Identifier: BSD-2-Clause-Patent ; ;-------------------------------------------------------------------------= ----- @@ -64,6 +64,8 @@ %define SEV_SNP_SECRETS_SIZE (FixedPcdGet32 (PcdOvmfSnpSecretsSiz= e)) %define CPUID_BASE (FixedPcdGet32 (PcdOvmfCpuidBase)) %define CPUID_SIZE (FixedPcdGet32 (PcdOvmfCpuidSize)) +%define SVSM_CAA_BASE (FixedPcdGet32 (PcdOvmfSecSvsmCaaBas= e)) +%define SVSM_CAA_SIZE (FixedPcdGet32 (PcdOvmfSecSvsmCaaSiz= e)) %if (FixedPcdGet32 (PcdSevLaunchSecretBase) > 0) ; There's a reserved page for SEV secrets and hashes; the VMM will fill = and ; validate the page, or mark it as a zero page. @@ -84,7 +86,7 @@ ; %define SNP_SEC_MEM_BASE_DESC_2 (GHCB_BASE + 0x1000) %define SNP_SEC_MEM_SIZE_DESC_2 (SEV_SNP_SECRETS_BASE - SNP_SEC_MEM_= BASE_DESC_2) -%define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE + CPUID_SIZE + SEV_SNP_K= ERNEL_HASHES_SIZE) +%define SNP_SEC_MEM_BASE_DESC_3 (SVSM_CAA_BASE + SVSM_CAA_SIZE + SEV= _SNP_KERNEL_HASHES_SIZE) %define SNP_SEC_MEM_SIZE_DESC_3 (FixedPcdGet32 (PcdOvmfPeiMemFvBase)= - SNP_SEC_MEM_BASE_DESC_3) =20 %ifdef ARCH_X64 diff --git a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm b/OvmfPkg/ResetVec= tor/X64/OvmfSevMetadata.asm index 8aa77d870123..cb813bdbc5a2 100644 --- a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm +++ b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm @@ -26,6 +26,9 @@ BITS 64 ; %define OVMF_SECTION_TYPE_CPUID 0x3 =20 +; The SVSM Calling Area Address (CAA) +%define OVMF_SECTION_TYPE_SVSM_CAA 0x4 + ; Kernel hashes section for measured direct boot %define OVMF_SECTION_TYPE_KERNEL_HASHES 0x10 =20 @@ -67,6 +70,12 @@ CpuidSec: DD CPUID_SIZE DD OVMF_SECTION_TYPE_CPUID =20 +; SVSM CAA page +SvsmCaa: + DD SVSM_CAA_BASE + DD SVSM_CAA_SIZE + DD OVMF_SECTION_TYPE_SVSM_CAA + %if (SEV_SNP_KERNEL_HASHES_BASE > 0) ; Kernel hashes for measured direct boot, or zero page if ; there are no kernel hashes / SEV secrets --=20 2.42.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#114632): https://edk2.groups.io/g/devel/message/114632 Mute This Topic: https://groups.io/mt/103986449/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-