From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.31186.1671657994463903594 for ; Wed, 21 Dec 2022 13:26:34 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=GF0/AkPR; spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com) Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2BLLBsXQ024582; Wed, 21 Dec 2022 21:26:32 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : date : mime-version : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding; s=pp1; bh=fkwq0Hnj2VFok1wf2Qal3wDjosktWHRazAw+6MqsM8s=; b=GF0/AkPRg8PbUnPwvOuAXUp4HBmwFDa2meZuZWQkZvu8mIDyp18HGHgHRpwzEGsr7EWa 2BfoWiXrE67mFlbhWU1M5SEQLIGjtp76KaNJ599PJnEd87pndVvtFEiwRhme33bLyFuk VvyQ70XBTqBJluXJ971Lc57dGvmZvhetn9QwezaIMhNvaXtze7mmCihUOKZ5gY9GLvgO fw0qlgo6L0NVodCgfmy8ZZ5UwfHB+zg3pQwgcrFbHTpN3ZhhTN05aiec/MZmE9vY4o2p W+Q7fdKFEXZyRIpU98dlt/b+PzIkd3lEa1EEL7kjkeh1RnWpNpsp2KjhGD7gqAV1Y3LT uA== Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3mm9uhgah4-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Dec 2022 21:26:32 +0000 Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 2BLIj6Fj016873; Wed, 21 Dec 2022 21:26:31 GMT Received: from smtprelay04.dal12v.mail.ibm.com ([9.208.130.102]) by ppma01wdc.us.ibm.com (PPS) with ESMTPS id 3mh6yxwp8d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Dec 2022 21:26:31 +0000 Received: from smtpav03.dal12v.mail.ibm.com (smtpav03.dal12v.mail.ibm.com [10.241.53.102]) by smtprelay04.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 2BLLQUQW8585798 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 21 Dec 2022 21:26:30 GMT Received: from smtpav03.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 51C6C5803F; Wed, 21 Dec 2022 21:26:30 +0000 (GMT) Received: from smtpav03.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 252EB5805A; Wed, 21 Dec 2022 21:26:29 +0000 (GMT) Received: from [9.160.79.63] (unknown [9.160.79.63]) by smtpav03.dal12v.mail.ibm.com (Postfix) with ESMTP; Wed, 21 Dec 2022 21:26:28 +0000 (GMT) Message-ID: <82745d92-3785-4729-579c-91887f582cdf@linux.ibm.com> Date: Wed, 21 Dec 2022 23:26:26 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.6.0 Subject: Re: [PATCH 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory To: Michael Roth , devel@edk2.groups.io Cc: Tom Lendacky , ray.ni@intel.com, Dov Murik References: <20221221160651.182143-1-michael.roth@amd.com> <20221221160651.182143-2-michael.roth@amd.com> From: "Dov Murik" In-Reply-To: <20221221160651.182143-2-michael.roth@amd.com> X-TM-AS-GCONF: 00 X-Proofpoint-GUID: Gkl5SfM0pBTvZJhUjUJ8R9wnG1VlZ-2- X-Proofpoint-ORIG-GUID: Gkl5SfM0pBTvZJhUjUJ8R9wnG1VlZ-2- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-12-21_11,2022-12-21_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 mlxlogscore=999 suspectscore=0 adultscore=0 bulkscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 spamscore=0 impostorscore=0 priorityscore=1501 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2212210177 Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Thanks Mike for fixing this. On 21/12/2022 18:06, Michael Roth wrote: > The SEV-SNP Confidential Computing blob contains metadata that should > remain accessible for the life of the guest. Allocate it as > EfiACPIReclaimMemory to ensure the memory isn't overwritten by the guest > operating system later. > > Reported-by: Dov Murik > Suggested-by: Dov Murik > Signed-off-by: Michael Roth Reviewed-by: Dov Murik > --- > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 62 +++++++++++++++++++++++++++-------- > 1 file changed, 48 insertions(+), 14 deletions(-) > > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > index 662d3c4ccb..8dfda961d7 100644 > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > @@ -21,15 +21,36 @@ > #include > > #include > > > > -STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { > > - SIGNATURE_32 ('A', 'M', 'D', 'E'), > > - 1, > > - 0, > > - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase), > > - FixedPcdGet32 (PcdOvmfSnpSecretsSize), > > - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase), > > - FixedPcdGet32 (PcdOvmfCpuidSize), > > -}; > > +STATIC > > +EFI_STATUS > > +AllocateConfidentialComputingBlob ( > > + OUT CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION **CcBlobPtr > > + ) > > +{ > > + EFI_STATUS Status; > > + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *CcBlob; > > + > > + Status = gBS->AllocatePool ( > > + EfiACPIReclaimMemory, > > + sizeof (CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION), > > + (VOID **)&CcBlob > > + ); > > + if (EFI_ERROR (Status)) { > > + return Status; > > + } > > + > > + CcBlob->Header = SIGNATURE_32 ('A', 'M', 'D', 'E'); > > + CcBlob->Version = 1; > > + CcBlob->Reserved1 = 0; > > + CcBlob->SecretsPhysicalAddress = (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase); > > + CcBlob->SecretsSize = FixedPcdGet32 (PcdOvmfSnpSecretsSize); > > + CcBlob->CpuidPhysicalAddress = (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase); > > + CcBlob->CpuidLSize = FixedPcdGet32 (PcdOvmfCpuidSize); > > + > > + *CcBlobPtr = CcBlob; > > + > > + return EFI_SUCCESS; > > +} > > > > EFI_STATUS > > EFIAPI > > @@ -38,10 +59,11 @@ AmdSevDxeEntryPoint ( > IN EFI_SYSTEM_TABLE *SystemTable > > ) > > { > > - EFI_STATUS Status; > > - EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; > > - UINTN NumEntries; > > - UINTN Index; > > + EFI_STATUS Status; > > + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; > > + UINTN NumEntries; > > + UINTN Index; > > + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable; > > > > // > > // Do nothing when SEV is not enabled > > @@ -147,6 +169,18 @@ AmdSevDxeEntryPoint ( > } > > } > > > > + Status = AllocateConfidentialComputingBlob (&SnpBootDxeTable); > > + if (EFI_ERROR (Status)) { > > + DEBUG (( > > + DEBUG_ERROR, > > + "%a: AllocateConfidentialComputingBlob(): %r\n", > > + __FUNCTION__, > > + Status > > + )); > > + ASSERT (FALSE); > > + CpuDeadLoop (); > > + } > > + > > // > > // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB. > > // It contains the location for both the Secrets and CPUID page. > > @@ -154,7 +188,7 @@ AmdSevDxeEntryPoint ( > if (MemEncryptSevSnpIsEnabled ()) { > > return gBS->InstallConfigurationTable ( > > &gConfidentialComputingSevSnpBlobGuid, > > - &mSnpBootDxeTable > > + SnpBootDxeTable > > ); > > } > > >