From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.62]) by mx.groups.io with SMTP id smtpd.web10.4426.1618959312842373885 for ; Tue, 20 Apr 2021 15:55:13 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=lLV3Mip6; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.92.62, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oeyOD/VKYJm29lWNcM6fE3IZ3rTweVWfIv37qo8MAqi+AleGrmO1tgIxhdgGY4HiU4wx49wM2hsECLXgQ3X8ENUuFXb7XXjLuQp2sc12YUkvXXPE5QqytGorKxgLPmdZdcLHD5PJgeMHw0jd6C6d39i0pLJQab7aYHnf46C007YA2XgjqfiEIChontxV3YdNLadjXfdHbovaC5HsvYXFwZD/NIjX477CG/fWyYBUCfVyq8Z9s3YYxQv7qYKVG09PP1wW3JP30SVAOqmJ60sDR5zVfyZopOL6QHUGNOzKjh8c+xkj89esK/MNkMMxeYqLtg+JnlJmMf4r8vTCSyVtew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Us7TWZhk8u/sRp+FAuyv+A84mzi/aEzd04M2XoqbXaE=; b=IktAFokCxfE74Fv3mOAZE+5iRRdsNW2T3ref9fN4zs7Q6pUK2Dgh+RIvwdcL4nwIljFk9+hW1sgWSnOtfVLHOCbM2umC0Av220QOGtl3jvAPHGe8amQfz8o4BQw7yrqJXRk1glCVt9WnHzpyckx/hC2dujTIR7NnVg3QpERxU8dz9w6eCR41C7hmGsp4jrKnso8gDuZ6kr42yC51gcndhcr3rsm8drrP2e74pwBGyu0dX+aS0uQOEMv8cw7SJHG5Da5Q2clNNkWpUpkvU5TQ9M13lxnNJ3BqzilF9L8rzf4kd4tcqDnKH3H6i4sMQyoL3nkLnMenU4FX2Xqz6+tl6w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Us7TWZhk8u/sRp+FAuyv+A84mzi/aEzd04M2XoqbXaE=; b=lLV3Mip6XuqrMMxHmRCMLRh0dU0JMdGlkV4rLwVggsjhIay1SPxbeEFunNTgzak0zDM+3gCtX/ZyLPrzUGQtvhkwbs9hcMpnx5ypx0ujoVGsSFXvcGd7bMjxxBVKeHCAs++wkVynZdDeKJS9sURjJAETg99bG/UdNLiTBaUYcRo= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4337.namprd12.prod.outlook.com (2603:10b6:5:2a9::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.16; Tue, 20 Apr 2021 22:55:10 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4042.024; Tue, 20 Apr 2021 22:55:10 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Joerg Roedel , Borislav Petkov , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Brijesh Singh , James Bottomley , Jiewen Yao , Min Xu Subject: [PATCH 2/3] OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes Date: Tue, 20 Apr 2021 17:54:41 -0500 Message-ID: <79ed645c089ffab10716cdb8813f191f6e0afcfb.1618959281.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.31.0 In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN7PR04CA0190.namprd04.prod.outlook.com (2603:10b6:806:126::15) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by SN7PR04CA0190.namprd04.prod.outlook.com (2603:10b6:806:126::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4042.18 via Frontend Transport; Tue, 20 Apr 2021 22:55:09 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9f6a8ee8-fc3c-48a3-370c-08d9044f59c4 X-MS-TrafficTypeDiagnostic: DM6PR12MB4337: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CXH43fZVpfNgsQ9gUGLXaSInrwiRjcnfK7hdTLT9JvC/m4B+VBZ/1G7V1tkBQHxTVqxtabOtOl+6n7a4S3lFzIzgsuoxfpWXvbw+qbGEGAcnSM2/N/mjTl5qPds/l6JMXSEscn0SvQl/8ISWlyYtQ54KqlR6O4p4+q7qfDxPHwzCEALd/IA0u0rXNzcNZ3RF/QcoDhqrDTJHbCWl35oANPds/rqntWZPU8mBrPXnXnFuUaOPDssYL+BUJNcpMxJsWUg2w0yxt4qzXjSG9aWhJRwE1iGowLG5SmukVPQdHrSWFVNiru/la4F5XEoOBgreBQfKwfc5Jc7u/vCD/euSDgUe3+X3bL2hNzxb+ZVM9B911QMYA5j4KD8XOvYhNbusF2O8IBzG8uxR5J/tHaFTK7vY9xZiNwDUnPHlNYptHqKRhes4HQZVupvrwcX16sBc/1UpszvFhD93L+FT0uJKJSEgNThq1dICQNToQYo+DNmqCUNsLlJk8bTXYQO3ZCGrTgiS6o+QL7eZ6p/xLDjQBGZdXcbRInsfPpjGTqZtAnOUEON2VMrqEI9bsOSjpWr3cySX8H4U51qC1LnKOBMhwIjRD9QYNbFE4kFrycddk494q+RQrD4OPDsPVdc/LFdofSvjt1CPWBfq6Bg90+aMVuMcZn8tiufmerCfUAJPj7u44c7QJ3ARLe4jILLoSmrrXprz0/EroNY3/2nqpRRqv+7yy3fkGVU1FYtYhiftaww= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(346002)(136003)(376002)(396003)(39860400002)(366004)(316002)(52116002)(83380400001)(186003)(966005)(36756003)(16526019)(4326008)(2616005)(478600001)(7696005)(66556008)(86362001)(54906003)(6666004)(38350700002)(8676002)(956004)(38100700002)(6486002)(2906002)(6916009)(8936002)(26005)(66946007)(66476007)(5660300002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?XGx1+5UELKMKIIzWNatli2xVQgbQ2XwEOKRPNtygyIDmRwsQuFUQsJ7ZmPtm?= =?us-ascii?Q?14DxO450Rez8O0GRp8USpg5iOREQI6dT+UBHD5cAkb6a0CTnPoe8QGWXI6ru?= =?us-ascii?Q?Jdqediq/RCUwHhXo9YYz39aDo5ZyrPGfjEp4PJ20czgFQRfnFuxtSosrQ5Lp?= =?us-ascii?Q?Y4+R5Co0R1DqeGkOl3EJL8wZ/7QGsO2qSnt+PfDlJiHhoW3CPnoaC6QZYHAe?= =?us-ascii?Q?NPA3VT0/jLdIWDMCROGUGh44dh2UPWXXQIUFdHKoe3RGHDG6MIIgaJ/lttwg?= =?us-ascii?Q?cVu4a96Coiajw4K1Lip5FF1XC9DYum29oemAdiHf6P5i1ETq0cE0336yTgL+?= =?us-ascii?Q?TyFTEkSI1Rtd5Q3oCkC99KsCD09UmLyQ/lR1m+hhwZkZjZcu7nZXRaRNSpIq?= =?us-ascii?Q?M80Z3MqKzxhPbuUNAVUoLA0XFS6b6nu6YbPjS7Gdy6Wh0rfIVmlg84QIkKTa?= =?us-ascii?Q?hUY7bG+UYw28akDKnpFRw2idtPuJggMkGGTP5rD5TOOiE8QpTmFAlYFHaz+O?= =?us-ascii?Q?Jfc2d/HYUGxBlfCN1XhyYjzwx8CtqIt2b76NyrWNoidGDuH+7eO6olrsCfBQ?= =?us-ascii?Q?DFNbnklpic8J7iSk7XvaFMZ2cDOugZ7IU3/L1zOFfdGTKyeTAKJB+0VwW9oN?= =?us-ascii?Q?mSElbG9Om2wdxpzrD8yiSG++37jld/B/5WjM2bvCvZitwf/a9C7sKuXETgg0?= =?us-ascii?Q?wtm0D3LCH6woDFUR8uT00AV13dDj40Fz3n7Jogl+maPi4l6AVvKBhFpWBBUm?= =?us-ascii?Q?qRdDoiUh4Mwu73xiWJajTAP8YC+IElef7rwpicWGqRWRsKvTIZcDcrUfjNUI?= =?us-ascii?Q?Fc2Ecd6enTd7BL9ivdvXtpPEzc/mpU1jNKzqzWWykGV4ADwfu3LmvR/8xxZN?= =?us-ascii?Q?zokTmZoTklPAY9jOKtg4PxW1P4JC0LRMeDKZH18R82mwZEhiWb9ZWnshDYkO?= =?us-ascii?Q?ztiD8YsHxcyEvzZ3rPlpUJWlSP+k5HxtuQ1eAVJq1qnSJqSzamqsZ5t/bxmk?= =?us-ascii?Q?GlPnPqyQslIZ24fTvQa1Qd4GIy6kjqIGPNzUgInw1xMRWEw1eYmOTKQbHZUF?= =?us-ascii?Q?VasFuAA99zZMYJdXxWZNWtEr9k4wF3Xi+YyEgTzmXCXcWtQIozbWqKxjXEKJ?= =?us-ascii?Q?pH9X08wyyovY6EL7bt1rRo8xfRYWWawU/81/Po43i4Wh6kxEofpgLn3J0eXn?= =?us-ascii?Q?FsdZSuxT/mqSIJ0LJwG2eqOiWxLAr9FNcL0sR1f9p1QWYVIrTr+nDWKA/6GK?= =?us-ascii?Q?IWt2N3FmUKtiv0e9r5wCY4kfYafY+F+1gRNCe75tzFbK8FCDzyG591TMRDTp?= =?us-ascii?Q?/Rq/4s7gvpJnYeRq1d/QR8gJ?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9f6a8ee8-fc3c-48a3-370c-08d9044f59c4 X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Apr 2021 22:55:10.6054 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: LtezZwvoyfFzYzeDNtjpBuIK5RR7VWB3WOtu+Pttrt7twYnHNhi4nhThphKWvPeaC5hU0WQCf/a842gRTPARjQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4337 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3345 Enabling TPM support results in guest termination of an SEV-ES guest because it uses MMIO opcodes that are not currently supported. Add support for the new MMIO opcodes (0xA0 - 0xA3), MOV instructions which use a memory offset directly encoded in the instruction. Also, add a DEBUG statement to identify an unsupported MMIO opcode being used. Fixes: c45f678a1ea2080344e125dc55b14e4b9f98483d Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Brijesh Singh Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Signed-off-by: Tom Lendacky --- OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 99 +++++++++++++++++++ 1 file changed, 99 insertions(+) diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Librar= y/VmgExitLib/VmgExitVcHandler.c index 273f36499988..f9660b757d8e 100644 --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c @@ -678,6 +678,7 @@ MmioExit ( UINTN Bytes; UINT64 *Register; UINT8 OpCode, SignByte; + UINTN Address; =20 Bytes =3D 0; =20 @@ -727,6 +728,51 @@ MmioExit ( } break; =20 + // + // MMIO write (MOV moffsetX, aX) + // + case 0xA2: + Bytes =3D 1; + // + // fall through + // + case 0xA3: + Bytes =3D ((Bytes !=3D 0) ? Bytes : + (InstructionData->DataSize =3D=3D Size16Bits) ? 2 : + (InstructionData->DataSize =3D=3D Size32Bits) ? 4 : + (InstructionData->DataSize =3D=3D Size64Bits) ? 8 : + 0); + + InstructionData->ImmediateSize =3D (UINTN) (1 << InstructionData->Addr= Size); + InstructionData->End +=3D (UINTN) (1 << InstructionData->AddrSize); + + if (InstructionData->AddrSize =3D=3D Size8Bits) { + Address =3D *(UINT8 *) InstructionData->Immediate; + } else if (InstructionData->AddrSize =3D=3D Size16Bits) { + Address =3D *(UINT16 *) InstructionData->Immediate; + } else if (InstructionData->AddrSize =3D=3D Size32Bits) { + Address =3D *(UINT32 *) InstructionData->Immediate; + } else { + Address =3D *(UINTN *) InstructionData->Immediate; + } + + Status =3D ValidateMmioMemory (Ghcb, Address, Bytes); + if (Status !=3D 0) { + return Status; + } + + ExitInfo1 =3D Address; + ExitInfo2 =3D Bytes; + CopyMem (Ghcb->SharedBuffer, &Regs->Rax, Bytes); + + Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer; + VmgSetOffsetValid (Ghcb, GhcbSwScratch); + Status =3D VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, ExitInfo1, ExitInfo2); + if (Status !=3D 0) { + return Status; + } + break; + // // MMIO write (MOV reg/memX, immX) // @@ -809,6 +855,58 @@ MmioExit ( CopyMem (Register, Ghcb->SharedBuffer, Bytes); break; =20 + // + // MMIO read (MOV aX, moffsetX) + // + case 0xA0: + Bytes =3D 1; + // + // fall through + // + case 0xA1: + Bytes =3D ((Bytes !=3D 0) ? Bytes : + (InstructionData->DataSize =3D=3D Size16Bits) ? 2 : + (InstructionData->DataSize =3D=3D Size32Bits) ? 4 : + (InstructionData->DataSize =3D=3D Size64Bits) ? 8 : + 0); + + InstructionData->ImmediateSize =3D (UINTN) (1 << InstructionData->Addr= Size); + InstructionData->End +=3D (UINTN) (1 << InstructionData->AddrSize); + + if (InstructionData->AddrSize =3D=3D Size8Bits) { + Address =3D *(UINT8 *) InstructionData->Immediate; + } else if (InstructionData->AddrSize =3D=3D Size16Bits) { + Address =3D *(UINT16 *) InstructionData->Immediate; + } else if (InstructionData->AddrSize =3D=3D Size32Bits) { + Address =3D *(UINT32 *) InstructionData->Immediate; + } else { + Address =3D *(UINTN *) InstructionData->Immediate; + } + + Status =3D ValidateMmioMemory (Ghcb, Address, Bytes); + if (Status !=3D 0) { + return Status; + } + + ExitInfo1 =3D Address; + ExitInfo2 =3D Bytes; + + Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer; + VmgSetOffsetValid (Ghcb, GhcbSwScratch); + Status =3D VmgExit (Ghcb, SVM_EXIT_MMIO_READ, ExitInfo1, ExitInfo2); + if (Status !=3D 0) { + return Status; + } + + if (Bytes =3D=3D 4) { + // + // Zero-extend for 32-bit operation + // + Regs->Rax =3D 0; + } + CopyMem (&Regs->Rax, Ghcb->SharedBuffer, Bytes); + break; + // // MMIO read w/ zero-extension ((MOVZX regX, reg/memX) // @@ -886,6 +984,7 @@ MmioExit ( break; =20 default: + DEBUG ((DEBUG_INFO, "Invalid MMIO opcode (%x)\n", OpCode)); Status =3D GP_EXCEPTION; ASSERT (FALSE); } --=20 2.31.0