Re: [edk2-devel] [PATCH 05/10] OvmfPkg/ResetVector: split SEV and non-CoCo workflows

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, kraxel@redhat.com
Cc: Tom Lendacky <thomas.lendacky@amd.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Oliver Steffen <osteffen@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>,
	Michael Roth <michael.roth@amd.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Min Xu <min.m.xu@intel.com>
Subject: Re: [edk2-devel] [PATCH 05/10] OvmfPkg/ResetVector: split SEV and non-CoCo workflows
Date: Wed, 28 Feb 2024 05:51:04 +0100	[thread overview]
Message-ID: <92bec1c1-08d6-73a9-a2e8-d458e12a51c7@redhat.com> (raw)
In-Reply-To: <20240222115435.85794-6-kraxel@redhat.com>

On 2/22/24 12:54, Gerd Hoffmann wrote:
> Use separate control flows for SEV and non-CoCo cases.
> 
> SevClearPageEncMaskForGhcbPage and GetSevCBitMaskAbove31 will now only
> be called when running in SEV mode, so the SEV check in these functions
> is not needed any more.
> 
> No functional change.
> 
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
> ---
>  OvmfPkg/ResetVector/Ia32/AmdSev.asm       | 16 ++--------------
>  OvmfPkg/ResetVector/Ia32/PageTables64.asm | 17 ++++++++++++++---
>  2 files changed, 16 insertions(+), 17 deletions(-)
> 
> diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> index 043c88a7abbe..ed94f1dc668f 100644
> --- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> +++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> @@ -152,12 +152,8 @@ SevEsUnexpectedRespTerminate:
>  
>  %ifdef ARCH_X64
>  
> -; If SEV-ES is enabled then initialize and make the GHCB page shared
> +; initialize and make the GHCB page shared

(1) This comment update is unjustified, I suggest reverting it.

(The SEV check is indeed superfluous below, but you -- correctly -- keep
the SEV-ES check, and the comment here is about SEV-ES, not SEV. Because
the check stays, the comment should stay too.)

>  SevClearPageEncMaskForGhcbPage:
> -    ; Check if SEV is enabled
> -    cmp       byte[WORK_AREA_GUEST_TYPE], 1
> -    jnz       SevClearPageEncMaskForGhcbPageExit
> -
>      ; Check if SEV-ES is enabled
>      mov       ecx, 1
>      bt        [SEV_ES_WORK_AREA_STATUS_MSR], ecx
> @@ -195,20 +191,12 @@ pageTableEntries4kLoop:
>  SevClearPageEncMaskForGhcbPageExit:
>      OneTimeCallRet SevClearPageEncMaskForGhcbPage
>  
> -; Check if SEV is enabled, and get the C-bit mask above 31.
> +; Get the C-bit mask above 31.
>  ; Modified: EDX
>  ;
>  ; The value is returned in the EDX
>  GetSevCBitMaskAbove31:
> -    xor       edx, edx
> -
> -    ; Check if SEV is enabled
> -    cmp       byte[WORK_AREA_GUEST_TYPE], 1
> -    jnz       GetSevCBitMaskAbove31Exit
> -
>      mov       edx, dword[SEV_ES_WORK_AREA_ENC_MASK + 4]
> -
> -GetSevCBitMaskAbove31Exit:
>      OneTimeCallRet GetSevCBitMaskAbove31
>  
>  %endif
> diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> index 166e80293c89..84a7b4efc019 100644
> --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> @@ -118,15 +118,26 @@ SetCr3ForPageTables64:
>  
>      ; Check whether the SEV is active and populate the SevEsWorkArea
>      OneTimeCall   CheckSevFeatures
> +    cmp       byte[WORK_AREA_GUEST_TYPE], 1
> +    jz        SevInit
>  
> +    ;
> +    ; normal (non-CoCo) workflow
> +    ;
> +    ClearOvmfPageTables
> +    CreatePageTables4Level 0
> +    jmp SetCr3
> +
> +SevInit:
> +    ;
> +    ; SEV workflow
> +    ;
> +    ClearOvmfPageTables
>      ; If SEV is enabled, the C-bit position is always above 31.
>      ; The mask will be saved in the EDX and applied during the
>      ; the page table build below.
>      OneTimeCall   GetSevCBitMaskAbove31
> -
> -    ClearOvmfPageTables
>      CreatePageTables4Level edx
> -
>      ; Clear the C-bit from the GHCB page if the SEV-ES is enabled.
>      OneTimeCall   SevClearPageEncMaskForGhcbPage
>      jmp SetCr3

Nice.

The patch also sneakily reorders ClearOvmfPageTables against
GetSevCBitMaskAbove31 -- but that's an improvement: this way we no
longer depend on ClearOvmfPageTables not modifying EDX; instead, EDX
directly passes from GetSevCBitMaskAbove31 to CreatePageTables4Level.

With (1) undone:

Reviewed-by: Laszlo Ersek <lersek@redhat.com>



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116084): https://edk2.groups.io/g/devel/message/116084
Mute This Topic: https://groups.io/mt/104506794/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

next prev parent reply	other threads:[~2024-02-28  4:51 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-22 11:54 [edk2-devel] [PATCH 00/10] OvmfPkg/ResetVector: cleanup and add 5-level paging support Gerd Hoffmann
2024-02-22 11:54 ` [edk2-devel] [PATCH 01/10] OvmfPkg/ResetVector: improve page table flag names Gerd Hoffmann
2024-02-22 11:54 ` [edk2-devel] [PATCH 02/10] OvmfPkg/ResetVector: add ClearOvmfPageTables macro Gerd Hoffmann
2024-02-28  4:09   ` Laszlo Ersek
2024-02-28  8:22     ` Gerd Hoffmann
2024-02-29  7:42       ` Laszlo Ersek
2024-02-22 11:54 ` [edk2-devel] [PATCH 03/10] OvmfPkg/ResetVector: add CreatePageTables4Level macro Gerd Hoffmann
2024-02-28  4:14   ` Laszlo Ersek
2024-02-22 11:54 ` [edk2-devel] [PATCH 04/10] OvmfPkg/ResetVector: split TDX BSP workflow Gerd Hoffmann
2024-02-28  4:34   ` Laszlo Ersek
2024-02-22 11:54 ` [edk2-devel] [PATCH 05/10] OvmfPkg/ResetVector: split SEV and non-CoCo workflows Gerd Hoffmann
2024-02-28  4:51   ` Laszlo Ersek [this message]
2024-02-22 11:54 ` [edk2-devel] [PATCH 06/10] OvmfPkg/ResetVector: add 5-level paging support Gerd Hoffmann
2024-02-28  5:33   ` Laszlo Ersek
2024-02-22 11:54 ` [edk2-devel] [PATCH 07/10] OvmfPkg/ResetVector: print post codes for 4/5 level paging Gerd Hoffmann
2024-02-28  5:35   ` Laszlo Ersek
2024-02-22 11:54 ` [edk2-devel] [PATCH 08/10] OvmfPkg/ResetVector: wire up 5-level paging for TDX Gerd Hoffmann
2024-02-28  5:44   ` Laszlo Ersek
2024-02-22 11:54 ` [edk2-devel] [PATCH 09/10] OvmfPkg/ResetVector: leave SEV VC handler installed longer Gerd Hoffmann
2024-02-28  5:52   ` Laszlo Ersek
2024-02-29 15:47   ` Lendacky, Thomas via groups.io
2024-02-22 11:54 ` [edk2-devel] [PATCH 10/10] OvmfPkg/ResetVector: wire up 5-level paging for SEV Gerd Hoffmann
2024-02-28  5:51   ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=92bec1c1-08d6-73a9-a2e8-d458e12a51c7@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox