From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web12.7667.1620298253251944366 for ; Thu, 06 May 2021 03:50:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=O2TF9qAC; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1620298251; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1U5RogB7Sx+u/sSwPhNtRK8z+PG0cMMwtMMMWhzngp8=; b=O2TF9qACTHHIA2fGzdQEbnGlqUAvSJoEv4knEDw1dy1Y+0/l99N1ba/O5/4+gYVTsdwGuC 1PoLQumfZAZUFSbfiMw4hlzn+2GqMesYwkprL06SaD9pDsI4pP1GITAEgXuGh304iET1Ka NFaWqZSWWljT/JsylgMdB0l8Cs+RQcg= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-197-yVk-TtG7P7GwJYvDg7TUXg-1; Thu, 06 May 2021 06:50:47 -0400 X-MC-Unique: yVk-TtG7P7GwJYvDg7TUXg-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 0CA6E107ACCA; Thu, 6 May 2021 10:50:46 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-172.ams2.redhat.com [10.36.113.172]) by smtp.corp.redhat.com (Postfix) with ESMTP id 032DF5D71D; Thu, 6 May 2021 10:50:43 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH RFC v2 07/28] OvmfPkg: Use MemEncryptSevClearMmioPageEncMask() to clear EncMask from Mmio To: devel@edk2.groups.io, brijesh.singh@amd.com Cc: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas References: <20210430115148.22267-1-brijesh.singh@amd.com> <20210430115148.22267-8-brijesh.singh@amd.com> From: "Laszlo Ersek" Message-ID: <73fccea5-c198-0931-acb8-40a957fb895d@redhat.com> Date: Thu, 6 May 2021 12:50:43 +0200 MIME-Version: 1.0 In-Reply-To: <20210430115148.22267-8-brijesh.singh@amd.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 04/30/21 13:51, Brijesh Singh wrote: > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 > > Use the MemEncryptSevClearMmioPageEncMask() to clear memory encryption mask > for the Mmio address range from the current page table context. > > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Erdem Aktas > Signed-off-by: Brijesh Singh > --- > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 10 ++++------ > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c | 5 ++--- > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c | 5 ++--- > 3 files changed, 8 insertions(+), 12 deletions(-) > > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > index 689bfb376d..80831b81fa 100644 > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > @@ -53,11 +53,10 @@ AmdSevDxeEntryPoint ( > Desc = &AllDescMap[Index]; > if (Desc->GcdMemoryType == EfiGcdMemoryTypeMemoryMappedIo || > Desc->GcdMemoryType == EfiGcdMemoryTypeNonExistent) { > - Status = MemEncryptSevClearPageEncMask ( > + Status = MemEncryptSevClearMmioPageEncMask ( > 0, > Desc->BaseAddress, > - EFI_SIZE_TO_PAGES (Desc->Length), > - FALSE > + EFI_SIZE_TO_PAGES (Desc->Length) > ); > ASSERT_EFI_ERROR (Status); > } > @@ -73,11 +72,10 @@ AmdSevDxeEntryPoint ( > // the range. > // > if (PcdGet16 (PcdOvmfHostBridgePciDevId) == INTEL_Q35_MCH_DEVICE_ID) { > - Status = MemEncryptSevClearPageEncMask ( > + Status = MemEncryptSevClearMmioPageEncMask ( > 0, > FixedPcdGet64 (PcdPciExpressBaseAddress), > - EFI_SIZE_TO_PAGES (SIZE_256MB), > - FALSE > + EFI_SIZE_TO_PAGES (SIZE_256MB) > ); > > ASSERT_EFI_ERROR (Status); > diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c > index 1f285e0083..ab40087a84 100644 > --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c > +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c > @@ -205,11 +205,10 @@ MarkIoMemoryRangeForRuntimeAccess ( > // memory range. > // > if (MemEncryptSevIsEnabled ()) { > - Status = MemEncryptSevClearPageEncMask ( > + Status = MemEncryptSevClearMmioPageEncMask ( > 0, > BaseAddress, > - EFI_SIZE_TO_PAGES (Length), > - FALSE > + EFI_SIZE_TO_PAGES (Length) > ); > ASSERT_EFI_ERROR (Status); > } > diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c > index 7eb80bfeff..ea75b489c7 100644 > --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c > +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c > @@ -38,11 +38,10 @@ QemuFlashBeforeProbe ( > // C-bit on flash ranges from SMM page table. > // > > - Status = MemEncryptSevClearPageEncMask ( > + Status = MemEncryptSevClearMmioPageEncMask ( > 0, > BaseAddress, > - EFI_SIZE_TO_PAGES (FdBlockSize * FdBlockCount), > - FALSE > + EFI_SIZE_TO_PAGES (FdBlockSize * FdBlockCount) > ); > ASSERT_EFI_ERROR (Status); > } > The contents of this patch are sound, but they are incomplete, and incorrectly structured too. (1) Please provide a separate patch for each modified module. (2) You missed the MemEncryptSevClearPageEncMask() call in TpmMmioSevDecryptPeimEntryPoint() [OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPeim.c] -- probably because you worked on this series in parallel with Tom working on the SEV-ES TPM fixes. In the end, this patch should be split into three patches (because the change is needed for three modules). Thanks Laszlo