From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (NAM04-MW2-obe.outbound.protection.outlook.com [40.107.101.59]) by mx.groups.io with SMTP id smtpd.web12.13754.1634044976552615958 for ; Tue, 12 Oct 2021 06:22:56 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=XLxGhqJF; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.101.59, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Qhf8R373wspYNQ05nnnXRBkIFRYidSIEX77OrsmB93d2J9cd5ssm+x7DBp4JhY2gJBSHsZGtpk6tBGUjIgGpgRqrzwCGKwD3Wlcsss9EGRxPUxw9FXsxuZybUas5IsK5fi/dRn5Jyct18RSKX1jrvSyFt/zA7dDQ9VCuJGjCWksybVXOIlJqZsr8BjjP9bwtwk6u4dk246AP4T8ZSgsu2nb3dWiRfYc3mX1LLsbVKyTc82mQDFrKOHiOWtEFJ8DqZJmJb0QzSirnp4qdIvoCpEfclAwVo6J7GDR032MbL+yXnX7w6rTi8LPuB7RbQK5AXtgxDxALF9h2G9/nQr+ykg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KUSzOApjb7DKfoeJ1bfoLdq1c7sA4Yd+ShbCqoBUxDI=; b=YcY9qEdirYBabxSAZm+TmLRsiQmBhU0pz9xIHQif6/Abdp0Qc23frBVFaS8YtI9m+IsZzfHJ3SlpeBbumr2734DxFWiYZWTjj0i3nz7dd7+n6IN0k4eO3/Q+WrvvrN5ndn5mTW016EU4HUm5Wn4vR50UKToPvffJ8QZmRrSuYGEZuG4RwJZMidhu1H8nEuiX8k5jEfTVQchg+bFEyCPfqLzxVV1uACSGMjLU4fzsYTP5p+1jyprnRJBoW62LDfUTjtDe5bgLDOma1apRLlQaFbiBZIsDxegimGZCQimxzqnceagJH8ySNfKcR2WBPtJ/yP4g8mhbd5NfyyU+hLTL1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KUSzOApjb7DKfoeJ1bfoLdq1c7sA4Yd+ShbCqoBUxDI=; b=XLxGhqJFIWis7pyHJMSJJ6AgaJMlwp5nLKeW6hDgIy2wpTjw8e+Kp4AusoVLcQjfy0uEM+lpCIMF8Lr6DnTTyLfeRBVkY4dtmiEMuSBNrAoot2AGk82Jz0NILiP7q7IiE1dQ36EcgJfauMqNmngU2wQYOOMLA5/Dos6umIWlFYw= Authentication-Results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by DM4PR12MB5247.namprd12.prod.outlook.com (2603:10b6:5:39b::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.20; Tue, 12 Oct 2021 13:22:54 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::d560:d21:cd59:9418]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::d560:d21:cd59:9418%6]) with mapi id 15.20.4587.026; Tue, 12 Oct 2021 13:22:54 +0000 Subject: Re: [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm To: Min Xu , devel@edk2.groups.io CC: Ard Biesheuvel , Jordan Justen , Gerd Hoffmann , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao References: From: "Lendacky, Thomas" Message-ID: <8f9762e7-bcc2-16b1-8cb3-159cd5d78979@amd.com> Date: Tue, 12 Oct 2021 08:22:52 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 In-Reply-To: X-ClientProxiedBy: SA9PR13CA0140.namprd13.prod.outlook.com (2603:10b6:806:27::25) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 Received: from [10.236.30.241] (165.204.77.1) by SA9PR13CA0140.namprd13.prod.outlook.com (2603:10b6:806:27::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.4 via Frontend Transport; Tue, 12 Oct 2021 13:22:53 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 26b97045-71a7-481b-3a41-08d98d836616 X-MS-TrafficTypeDiagnostic: DM4PR12MB5247: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:3044; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zlwxNIGM/3u3t2qGCjxVQjrKKAkEzLKP8pF3Z4oSLA30lQkdWLcomKe23AcR6vj88sBmVahQKMWHlhX9yZplKuTwjHCrsobbDEX1Pqj1wLUDkbbfD+TeOduNFCRTTY5Qh87ChT5aZmkDFh7DUoHdgzHyHR3l96nngekP5Mi40Fc/odHAVmShabvMRDvM6skpH/dydfjGEHtP9fneiknJEdjrFq2kf9S0MMjtdVrLly9XTX6E2CCANhP+MJtcRL50oxTaHm7mnKzWbvvsqK5H2Nx96yFHOKvb5GRAGSngwEn2NwIYcS1qXHeTDYxrKrE6u4yAK82Lat1IXaqMuxV+ZmJlONsIF6cQQr6xx9hGd4eDOpWn7s/T7FHe95oECnmEKDUKwAY1+FGEI67qid1nKeYehKYES0CnDwmY+EY8lQcx9kzOu42tVHsMWjG6MJmS2OUOM4g4hkltSQxKk2ZLmyBeInGHC1T8q/9QNHEzQWtviWCwfBmsOH5W8zFovmqBCnDBCJQGh6iyG27r9c8R7v53agphkby0OcYMJtZ+8WJx1b86asIs9M6jVPnpj77UvACUxHvuzPYzxd/eDH8eFcRruTG3wcsycdIrMkh1nBRPBHPBpTbMia7D6r1S9kikvQXut1Zaq1QLMdALMXHnLKKsHh77Ndr4dux/Rde1sC0dxxHl/h1nxVn5I4n35ovTsa/uTLcECco2PDMVTh65KdSB4M6rNyk4QYEhGHSwToys/LLNb/qJ7x3IY2gowoYXTBTaw8R4lsxxyNk96hplX34xS1nx5HXrJX5qmHxXxx+7MLJTzlIoFgfBMhfADmXL X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(86362001)(31686004)(66556008)(26005)(508600001)(31696002)(83380400001)(45080400002)(2616005)(66476007)(66946007)(53546011)(956004)(8676002)(4326008)(186003)(966005)(8936002)(5660300002)(36756003)(16576012)(316002)(2906002)(19627235002)(54906003)(38100700002)(6486002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?WvFio5rKC1PvJUlW0uRC1rDJX9O9fMiCz/rv6PKSqY+6IwVQSj0kshrjZ03D?= =?us-ascii?Q?ku3XQt435J2epJBRyIUzaHq2Qa9UBH/PfbyymiOd7I1wfM31eCth/FL2TWak?= =?us-ascii?Q?67iDsDc1D9oS+8D3+1SF6evBIFxzerBiNXetkCzWyauZ/3dx9nYFGnxbKDDj?= =?us-ascii?Q?e4lAw2kyf03SEgES2FYRUWrkSi0F9MTYfiE0huyl9CpJ9PpICUU+bLYpJmoc?= =?us-ascii?Q?aCCUnQNoM4jDMBPQVeZARHr3bHruUxsHEEcwSP1/QCHvI5C4a9n6Ch0aSLqv?= =?us-ascii?Q?+lHTK+TZgFTc/YF6qj7jSHJdz0MBuhEp8Kl6XWbC74MXw1N0T5t2MqFqopro?= =?us-ascii?Q?bbprcqUyg850BJSB6Yv3n/FoxEvfPWj78iZkp2y8ATYPWNeOq+8wsH5FpDny?= =?us-ascii?Q?5jf2rx+Zy46yb4h3L3JEGcCkRwP+B9yWSXYPecwNDTIoTBNaTnOYmuvH6X0Y?= =?us-ascii?Q?Hwt6kj3UpL5Auvx2hCPi0kkuwla/d+wr1s0eMBLn4BlW0NX3YT7QXV3sj2GW?= =?us-ascii?Q?RSuaTvk8Rrw1w8KcU1Zsp3zBZi3rIS8J0BgVuVTdKpzngFw/YfH4KgRL1uRT?= =?us-ascii?Q?yWh739MtlEj2uBZ0T7fJ5GZwXUjDlEAoguTL8oMjd3DqnhBjmvARNQo/hlAi?= =?us-ascii?Q?skqR1K+CZcnLRlebYcamN6Fk5Ro92B2PanAu5FEpGKxWVt/pfXzQoIiF2Bv4?= =?us-ascii?Q?5Gjix1pMjQjEH4csEd1eMYBahWEcGPAqly2UUv6EiUIYYSR4rbLknix+xFPa?= =?us-ascii?Q?Qgzwz/O0obxeNNCmTRoynrPpb05aonbU2nUalOL0BsidmqpgVvwgXv9Sdb9i?= =?us-ascii?Q?lefIV+qZWVLbrDVdLyxQfpUXBFTvflP2C731DFfXPCA/CrN0n8bXe8i2AJb8?= =?us-ascii?Q?TyUHe/s1DtTjEYueKqtvgVMmLRrbAb8HIQNxAtbHAuQDB01Xst5zwGmO3s5H?= =?us-ascii?Q?QYijrZ+1fCtuxFV5Kdl9bEAahlXVnbwMPGIo57G/vefxVa5eAt45TerqrK0A?= =?us-ascii?Q?NptU1uEA3zTop0yA6zlzr4vgR3N9835S1ejwomXNrcIDYFfeGQ+uniBRAYnQ?= =?us-ascii?Q?mYUmB0U+CPa11AZt4gtk4pnP0kdgt4rYFpxaLKpN9X8ibQode+sgl9j3rMG4?= =?us-ascii?Q?NkwHqNKc7ZHPgXxt6SNGN97BEcWVmOJ4iEhQZmoyK2r74zJVcf8gxzS10tWH?= =?us-ascii?Q?8+ehBYRmsMwcPLlR/vmqc72gHyPBkPjt1bdvT8uWp06oVuIJeQkc+qUJGJVZ?= =?us-ascii?Q?uTo9gg0JyypAuBixwH3fG4/M39qs00sBsFC7meeeyqOWJR2vcq0ng5Mg6dnX?= =?us-ascii?Q?Krt0esdJnpaqszSoGs7rDxYW?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 26b97045-71a7-481b-3a41-08d98d836616 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Oct 2021 13:22:54.4233 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: LXHLeBUHBRAl3O+gR+Pz+a0AvVos95oOi0FYURd2KGH3YLtjHAATYkjk86qHvGqluNezdG7QgNjxnc0j8DBypg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5247 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 10/11/21 9:37 PM, Min Xu wrote: > RFC=EF=BC=9A https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%= 3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3429&data=3D04%7C0= 1%7Cthomas.lendacky%40amd.com%7Cc4c4ac9654a940ada92308d98d2994d0%7C3dd8961f= e4884e608e11a82d994e183d%7C0%7C0%7C637696032012206979%7CUnknown%7CTWFpbGZsb= 3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C100= 0&sdata=3D1SVRKXztfFcaVVer1AYOhLIhs6sVW%2BwtYQNxuuHHbTE%3D&reserved= =3D0 >=20 > Previously WORK_AREA_GUEST_TYPE was cleared in SetCr3ForPageTables64. > This is workable for Legacy guest and SEV guest. But it doesn't work > after Intel TDX is introduced. It is because all TDX CPUs (BSP and APs) > start to run from 0xfffffff0, thus WORK_AREA_GUEST_TYPE will be cleared > multi-times if it is TDX guest. So the clearance of WORK_AREA_GUEST_TYPE > is moved to Main16 entry point in Main.asm. > Note: WORK_AREA_GUEST_TYPE is only defined for ARCH_X64. >=20 > For Intel TDX, its corresponding entry point is Main32 (which will be > introduced in next commit in this patch-set). WORK_AREA_GUEST_TYPE will > be cleared there. >=20 > Cc: Ard Biesheuvel > Cc: Jordan Justen > Cc: Gerd Hoffmann > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Tom Lendacky > Signed-off-by: Min Xu > --- > OvmfPkg/ResetVector/Ia32/PageTables64.asm | 4 ---- > OvmfPkg/ResetVector/Main.asm | 8 ++++++++ > 2 files changed, 8 insertions(+), 4 deletions(-) >=20 > diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVec= tor/Ia32/PageTables64.asm > index 07b6ca070909..02528221e560 100644 > --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm > +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > @@ -42,10 +42,6 @@ BITS 32 > ; > SetCr3ForPageTables64: > =20 > - ; Clear the WorkArea header. The SEV probe routines will populate th= e > - ; work area when detected. > - mov byte[WORK_AREA_GUEST_TYPE], 0 > - > ; Check whether the SEV is active and populate the SevEsWorkArea > OneTimeCall CheckSevFeatures > =20 > diff --git a/OvmfPkg/ResetVector/Main.asm b/OvmfPkg/ResetVector/Main.asm > index ae90a148fce7..a501fbe880f2 100644 > --- a/OvmfPkg/ResetVector/Main.asm > +++ b/OvmfPkg/ResetVector/Main.asm > @@ -36,6 +36,14 @@ Main16: > =20 > BITS 32 > =20 > +%ifdef ARCH_X64 A regular SEV guest can be built in the hybrid IA32 and X64 configuration,= =20 so this will break existing SEV firmwares built in that manner. Only=20 SEV-ES and SEV-SNP require the full X64 confguration. Thanks, Tom > + > + ; Clear the WorkArea header. The SEV probe routines will populate th= e > + ; work area when detected. > + mov byte[WORK_AREA_GUEST_TYPE], 0 > + > +%endif > + > ; > ; Search for the Boot Firmware Volume (BFV) > ; >=20