From: Brijesh Singh <brijesh.singh@amd.com>
To: Laszlo Ersek <lersek@redhat.com>, <edk2-devel@lists.01.org>
Cc: <brijesh.singh@amd.com>, <Thomas.Lendacky@amd.com>,
<leo.duran@amd.com>, Jordan Justen <jordan.l.justen@intel.com>
Subject: Re: [RFC v4 09/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for SEC phase
Date: Thu, 11 May 2017 13:21:29 -0500 [thread overview]
Message-ID: <7340c3d3-a998-0c98-0b6d-fad8e972cc6c@amd.com> (raw)
In-Reply-To: <08fc7dad-dc56-7b2e-ed71-9764986491a0@redhat.com>
On 05/11/2017 11:24 AM, Laszlo Ersek wrote:
> On 05/11/17 00:09, Brijesh Singh wrote:
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>> ---
>> OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf | 1 +
>> OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c | 57 ++++++++++++++++++++
>> 2 files changed, 58 insertions(+)
>>
>> diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
>> index 7a96575d1851..b782ac6c0aa2 100644
>> --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
>> +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
>> @@ -45,4 +45,5 @@ [LibraryClasses]
>> DebugLib
>> IoLib
>> MemoryAllocationLib
>> + MemEncryptSevLib
>
> This will not compile. More below.
>
>>
>> diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c
>> index 465ccbe90dad..cd04cc814063 100644
>> --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c
>> +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSec.c
>> @@ -6,6 +6,7 @@
>>
>> Copyright (C) 2013, Red Hat, Inc.
>> Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
>> + Copyright (c) 2017, Advanced Micro Devices. All rights reserved.<BR>
>>
>> This program and the accompanying materials are licensed and made available
>> under the terms and conditions of the BSD License which accompanies this
>> @@ -18,6 +19,7 @@
>>
>> #include <Library/DebugLib.h>
>> #include <Library/QemuFwCfgLib.h>
>> +#include <Library/MemEncryptSevLib.h>
>>
>> #include "QemuFwCfgLibInternal.h"
>>
>> @@ -94,3 +96,58 @@ InternalQemuFwCfgDmaIsAvailable (
>> {
>> return FALSE;
>> }
>> +
>> +/**
>> +
>> + Returns a boolean indicating whether SEV is enabled
>> +
>> + @retval TRUE SEV is enabled
>> + @retval FALSE SEV is disabled
>> +**/
>> +BOOLEAN
>> +InternalQemuFwCfgSevIsEnabled (
>> + VOID
>> + )
>> +{
>> + return MemEncryptSevIsEnabled ();
>> +}
>
> So, this is not right. We have one instance of MemEncryptSevLib, namely
> BaseMemEncryptSevLib. It uses / needs writeable static variables,
> therefore it is not usable in SEC phase modules. QemuFwCfgSecLib.inf is
> restricted to SEC type client modules, so the above function call would
> not work.
>
> Thankfully, this patch won't even compile (showcasing that the edk2
> build system works fine). Namely, corresponding to the writeable static
> variable requirement in BaseMemEncryptSevLib, we restricted that library
> instance to the following client module types:
>
> PEIM DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER
>
> Whereas, QemuFwCfgSecLib.inf itself is restricted to SEC.
>
> The result is, if you try to build QemuFwCfgSecLib.inf into a SEC
> module, the client module type restrictions inherited from
> BaseMemEncryptSevLib will cause a build conflict. Otherwise, if you try
> to build QemuFwCfgSecLib.inf into, say, a PEIM, then
> QemuFwCfgSecLib.inf's own SEC restriction will cause a build conflict.
>
> So this patch cannot compile.
>
> You didn't find this in your testing because OVMF currently has no SEC
> phase module that uses fw_cfg -- QemuFwCfgSecLib.inf is never built. You
> can manually build it like this, for example (note the "-m" option):
>
> build -a X64 -p OvmfPkg/OvmfPkgX64.dsc -t GCC48 -b DEBUG \
> -m OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
>
> (a) One solution is what I wrote in
> <http://mid.mail-archive.com/a07a25d1-0aec-4176-312f-198bf10e29d1@redhat.com>:
>
>> (2) Implement InternalQemuFwCfgSevIsEnabled() in "QemuFwCfgSec.c"
>> without using global variables (i.e., with a CPUID on each call, on
>> AMD processors, and return constant FALSE on Intel processors).
>
> So basically you should open-code MemEncryptSevIsEnabled() here, without
> using any global variables.
>
> (b) Now, a "by the book" solution would be to introduce a SEC instance
> of MemEncryptSevLib as well, which would execute CPUID on every
> MemEncryptSevIsEnabled() call, and return RETURN_UNSUPPORTED from both
> MemEncryptSevClearPageEncMask() and MemEncryptSevSetPageEncMask(),
> regardless of architecture (IA32 vs X64). Then this patch would compile
> as-is.
>
> (c) But, I don't want to contribute to the proliferation, or growth, of
> library instances that are never used in reality. So I dislike both (a)
> and (b) above. The only reason we care about QemuFwCfgLib, with regard
> to SEV, is because QemuFwCfgLib *sometimes* uses DMA, and SEV has
> consequences for DMA.
>
> Notice though that the SEC instance of InternalQemuFwCfgDmaIsAvailable()
> returns constant FALSE. This is why it is fine to put ASSERT(FALSE) /
> CpuDeadLoop() in the bounce buffer alloc / dealloc routines: they will
> never be called.
>
> With the same argument (i.e., we'll never use DMA fw_cfg in SEC), it is
> entirely irrelevant for this lib instance whether SEV is present or not.
> So I suggest to simply return FALSE from InternalQemuFwCfgSevIsEnabled()
> above, and to remark there, in a comment, that
> InternalQemuFwCfgDmaIsAvailable() returns constant FALSE, hence SEV
> availability is irrelevant.
>
Agreed, lets not add a code which is never used in reality. I will update the
InternalQemuFwCfgSevIsEnabled() to return FALSE.
-Briejsh
next prev parent reply other threads:[~2017-05-11 18:21 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-10 22:09 [RFC v4 00/13] x86: Secure Encrypted Virtualization (AMD) Brijesh Singh
2017-05-10 22:09 ` [RFC v4 01/13] UefiCpuPkg: Define AMD Memory Encryption specific CPUID and MSR Brijesh Singh
2017-05-11 0:30 ` Fan, Jeff
2017-05-10 22:09 ` [RFC v4 02/13] OvmfPkg/ResetVector: Set C-bit when building initial page table Brijesh Singh
2017-05-11 11:40 ` Laszlo Ersek
2017-05-10 22:09 ` [RFC v4 03/13] OvmfPkg: Update dsc to use IoLib from BaseIoLibIntrinsicSev.inf Brijesh Singh
2017-05-11 11:46 ` Laszlo Ersek
2017-05-10 22:09 ` [RFC v4 04/13] OvmfPkg/BaseMemcryptSevLib: Add SEV helper library Brijesh Singh
2017-05-11 14:04 ` Laszlo Ersek
2017-05-11 18:03 ` Brijesh Singh
2017-05-10 22:09 ` [RFC v4 05/13] OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is enabled Brijesh Singh
2017-05-11 14:37 ` Laszlo Ersek
2017-05-11 18:04 ` Brijesh Singh
2017-05-10 22:09 ` [RFC v4 06/13] OvmfPkg:AmdSevDxe: add AmdSevDxe driver Brijesh Singh
2017-05-11 0:56 ` Yao, Jiewen
2017-05-11 15:19 ` Laszlo Ersek
2017-05-11 15:53 ` Laszlo Ersek
2017-05-11 17:43 ` Jordan Justen
2017-05-11 18:01 ` Brijesh Singh
2017-05-15 17:47 ` Jordan Justen
2017-05-16 12:04 ` Brijesh Singh
2017-05-16 17:56 ` Jordan Justen
2017-05-16 20:25 ` Brijesh Singh
2017-05-18 8:50 ` Laszlo Ersek
2017-05-11 20:14 ` Laszlo Ersek
2017-05-11 18:12 ` Brijesh Singh
2017-05-10 22:09 ` [RFC v4 07/13] OvmfPkg/QemuFwCfgLib: Provide Pei and Dxe specific library Brijesh Singh
2017-05-11 15:40 ` Laszlo Ersek
2017-05-11 18:16 ` Brijesh Singh
2017-05-10 22:09 ` [RFC v4 08/13] OvmfPkg/QemuFwCfgLib: Prepare for SEV support Brijesh Singh
2017-05-11 15:57 ` Laszlo Ersek
2017-05-10 22:09 ` [RFC v4 09/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for SEC phase Brijesh Singh
2017-05-11 16:24 ` Laszlo Ersek
2017-05-11 18:21 ` Brijesh Singh [this message]
2017-05-10 22:09 ` [RFC v4 10/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal functions for PEI phase Brijesh Singh
2017-05-11 16:38 ` Laszlo Ersek
2017-05-10 22:09 ` [RFC v4 11/13] OvmfPkg/QemuFwCfgLib: Implement SEV internal function for Dxe phase Brijesh Singh
2017-05-11 17:07 ` Laszlo Ersek
2017-05-10 22:09 ` [RFC v4 12/13] OvmfPkg/QemuFwCfgLib: Add option to dynamic alloc FW_CFG_DMA Access Brijesh Singh
2017-05-11 17:10 ` Laszlo Ersek
2017-05-10 22:09 ` [RFC v4 13/13] OvmfPkg/QemuFwCfgLib: Add SEV support Brijesh Singh
2017-05-11 17:44 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7340c3d3-a998-0c98-0b6d-fad8e972cc6c@amd.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox