From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.61]) by mx.groups.io with SMTP id smtpd.web10.9827.1621523350014184024 for ; Thu, 20 May 2021 08:09:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=eTGs59E1; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.61, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KlPpFxhWNhVgdkdqNp/qUntjwuNx7NivKTu3QFPAjWOpVwWa/EIWMUfbNaXSA+CTSqyG1fpUPlfC/H0KF6I/jAIzpgHP42iOaRR3y2jmI/+umKwpXiM2u/dQ9HLojJqA5/lrFNEIk+YGNIcye+MAM48rEnhAVUkCJW98DAer35+CzoAoyECJB2gJ+yX8KNsNIPHKX+1lxDuqZIE80gkTgFL/O+fKQNCfFFMhURfho/hTklp7AavV9FAGlrPda+RgB98lnVWY4wovnh+WQneroMz1BCcBIIWQhVvzZsxTkhR+n0x4BC/Y2g86+vb9iirEIwvGk1IzcXkfbin5yrwsvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hCMSLpCmjoNPkh+m/0CPrDHQsbz3mtfpmPQlIR/sKt0=; b=ZpEb9CoB91OnI8+LlhFZQbnU21mT6tLQuoGCgqnL5Xur4eJFx4oGbU8BfNMwftYjiKxEZfUai4zQhyP09hElb+bYa8kLwQtPVQ4M83vBjh/kli4Vt5NCoDIbr+IJwpZmreLl91pc3MB0gmqpIHuRu7IALJ2MYe0xKxxSVJydZQE0cJ78XIgJV1ie6uELj4JD2tkClAxyy2trK61LL6Pos2Wpt6I/Ilx6CQgSLi0qw9keQV0Q7CtXdSV3elhGRX4FCrzZ7+akBY2w0LuuKtFYfBBWSsSVUPy7eweLaOlnJz3AdRUJXja7M2Jt92qwfx24DR+LjAsJaJH1DDyxoz1h3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hCMSLpCmjoNPkh+m/0CPrDHQsbz3mtfpmPQlIR/sKt0=; b=eTGs59E1EjWfQeGSBRvKdUhckd/tlfENk3qDdMFjuEw1utofhI8DThEGD8ztB3+ENpiHIlnGcHoSBdXRNcorL55bkqR+d0iCglLQAhJta1pkHIv21A7X1mKd+V7jdneeNDw8t/kFAguD/rHY9JAlC4/qv3DIwWlQYPSISizGyg0= Authentication-Results: posteo.de; dkim=none (message not signed) header.d=none;posteo.de; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4337.namprd12.prod.outlook.com (2603:10b6:5:2a9::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.25; Thu, 20 May 2021 15:09:08 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4129.033; Thu, 20 May 2021 15:09:08 +0000 Subject: Re: [edk2-devel] [PATCH v2] UefiCpuPkg/MpInitLib: Allocate a separate SEV-ES AP reset stack area To: Laszlo Ersek , devel@edk2.groups.io Cc: Brijesh Singh , Eric Dong , Ray Ni , Rahul Kumar , =?UTF-8?Q?Marvin_H=c3=a4user?= References: <3cae2ac836884b131725866264e0a0e1897052de.1621024125.git.thomas.lendacky@amd.com> <5394e010-6088-18e8-9a90-65eb55bbfac2@redhat.com> <7d3d835a-4354-108d-17b7-8679eb8c67d1@amd.com> <991462a7-042c-3186-0459-84c75de245b9@redhat.com> From: "Lendacky, Thomas" Message-ID: <98f17eb3-4e21-d11c-e2a6-f1eb02c9fa3b@amd.com> Date: Thu, 20 May 2021 10:09:06 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 In-Reply-To: <991462a7-042c-3186-0459-84c75de245b9@redhat.com> X-Originating-IP: [67.79.209.213] X-ClientProxiedBy: SN6PR01CA0030.prod.exchangelabs.com (2603:10b6:805:b6::43) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SN6PR01CA0030.prod.exchangelabs.com (2603:10b6:805:b6::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.24 via Frontend Transport; Thu, 20 May 2021 15:09:07 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 934c762f-2426-47be-352e-08d91ba1377d X-MS-TrafficTypeDiagnostic: DM6PR12MB4337: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: IB/dcyQpStAfgT6cub6PhTUUvErfsGExYH80iYoi92HkO+eecR0/K/8ROETWbEAWqNDuWd1cN2sK9OuFOVhofw3D+4VTCn5TWAiLZG3dhFXWd87gF3xdrz7SIhEE4uKipTX17C0M11g68CujXm2l1gLkdkkUvXCva/EpesOCuxHoFxtYrxWuEXH5nTdIl2xV+FS6Vq+nH7MYxt0DQlCOo8aA+pyThv/s4Fj0M79Ee3YYInSM8iweuwvNYA8EQ8DVN66i673zhi4wAOIZcUNEkgaRGy6I4kNk2m77P6duRsURRhh5PM3/DBuuHm1iSxMDXyhWNk1zpj9sFpK+dzMtY0h/8c3ZGLGGLc2BRjjs0Jm6fVVYtip51w63DXhWXg4PEtd7Lub17JUuv9ZzNu80otPI5dd3Eqm4u9dez5JBlwMk6QicYMKt2RNFNkb+N8r7ZKvNBEelmSX6CzN23iaFFGxvcpZEif0DFV6WWtQyymtgoft8JSuTmQwpsnl31fU5IuPMr9JziY49aG/YTVF/Oc6g+OmDm/uDWPKLDulvDY7xripv+Lz82ni17xoDQ0puS0r/cOM54+pcBgKzWK4hjLJwh9cwUE2IWQ3h76PVsICE43LzOAOCUkRr+0osKqCX4Xq9YVTx/IrBgStHlqYSMW3Bo8FmnsLfOcgzsfaYcw8= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(346002)(376002)(396003)(39860400002)(136003)(366004)(66556008)(186003)(66946007)(16526019)(956004)(4326008)(2616005)(31686004)(54906003)(36756003)(66476007)(316002)(83380400001)(8936002)(38100700002)(86362001)(5660300002)(8676002)(53546011)(26005)(6486002)(2906002)(31696002)(6512007)(478600001)(6506007)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?cmpXYWRxaDg5Mm5neCtkdHBNOTBFRlVIckZzT3ZicXRILzN4cjRMRU5Eb0Ro?= =?utf-8?B?ZUZLLzQ3TEh2K3p4NWpNZktBdzVIaVlGRW1VSUhieklUU3hUNXlod29KNkRF?= =?utf-8?B?Wk95L1ZXcjZydTdzelB3VVlwM1c4bDUxWDk1a3J6ODJNVkZSeUxQTjJkVVpU?= =?utf-8?B?Nit3MFZTRGQzM1hnZ01WWTRoMzcxK3BJYU90Z2t1bk1RK0lkckpNRGtWMTYz?= =?utf-8?B?QkF0QkxmZUwxUG8rZUR1WkhlOENBZVpEYzQ1SUMvcFdCMDNKaW9TeVRzU2Ey?= =?utf-8?B?U09IRVhhYy9XUml6Yldpa3RRQWVlZ0V0dnRUZVRUWVphZHJwV015dUdKTWdZ?= =?utf-8?B?Y1hmcU9sSlhPK0ZCWXdrSmgzTjlZWEowQzJJc2lUVEx4VDVxanJkWC9YNTJB?= =?utf-8?B?QnVuZXlqYmx6T2o1M3NraXN1OTZKb1BIK0FzZWRFRElJdjE2UkJvNDlsdTdm?= =?utf-8?B?SGg3S0ZUQjUrYzU0SHBVTDZYTWd0TWIvNG1DVnF2MVFRRWZuWVYrSXJpTGxI?= =?utf-8?B?SDN3U2dkeUFJR1F4dW9TQ0QwOXF3QUV6bG0xc1VXUVgyQU5tMU5jUTBNdi9o?= =?utf-8?B?VVM0VVlGYU5wMEZleDhBcy9BZStndFR3ajdaUFNmZE5IaGxPRHJaVXU4Tmtq?= =?utf-8?B?NlVYK0JUYkR6cWNqSlg3Wlk0Z1p4SnMwY0hMZ1lYK2pZbytxdkhvNnVSd1JH?= =?utf-8?B?TjhkeExMUXRuNVFtUVJUUThORTNSalNoSlJmUS8xTmYxbk1weG1JZmY2YUVJ?= =?utf-8?B?bmZVUm5abTNKOGhmNUNmSFJTMENDbEJiWWpqeWdZVUVjdytFYzhHOHZ3UnpE?= =?utf-8?B?M01zVVl6aDYrNXp3eFB3cWFGOVk3R0dRS00vMmF1cWZDVVBjN0JpM2ExeGRG?= =?utf-8?B?aG9WWVZ3cjJScEFuSGRaV2kvWVExV0tEOGxUNlR5cnlrN01IV2FUS3V3eHVN?= =?utf-8?B?TTZka0ozSVB0cG5teW1xYzVzQmhScmR5TU9aZ2VyY05BYnRPMXpDWDBIRDZE?= =?utf-8?B?ZXAraEJzaS9SRTV5SHkrZkpJSHlXWTkwd2NWKy9MS042UXlTUFZGQ1lxOGx3?= =?utf-8?B?V25paFphVFVxSkxHbTFkSENna2tCYVpVMDV6U3o2VktSUEdJcmlPNG9vUEpo?= =?utf-8?B?N2ZQM05Db2FZYjhETzQybXA3T0g3M1NhcU5yb3FaVGN0R01lT3dScFBrdFdO?= =?utf-8?B?NEFGajRyc0ZkaUhTcUEzc3YzeUhTOGhBVjFLc3ovSUFHaVlVN29lQXgyOGZK?= =?utf-8?B?ZmJ4TWthR2k4djU1NlA5OE9nenc0L2h1L0xMWklZMDFuK2R4NlJmYnRleU9n?= =?utf-8?B?cEFFYXNmd29ZU256ZHdMS1ZRZlQ3NVRTWnpBV1B3d0h1U0l6MUI2YkJLYzd1?= =?utf-8?B?L3RtOTlYUTZCMzd2enU5N2N4MkRrLzh5SENiQjZVbTFacGZrWmpMaWpJK2pC?= =?utf-8?B?Tm0wUFB4UVVrYjBNYUUrVzBhZkJyQXZRN1NKV2lRVlRzMWdJR2NwNkJzQzRJ?= =?utf-8?B?aVlyUjhaVU5uSnI4cTcxemlKQTFweUZNK0lXTXNCamFwMmdST3dMbXc3djdH?= =?utf-8?B?cnZFT29EVHhwRWRCVW8xaXc3NjN2M1NJaEpER2s5WTN6UkIwWkdOMjJiMGc2?= =?utf-8?B?aEoxSkFHSUpYWUQ2YmVYaVZ5UFRnQ0hoa2hISWtITGJvTTVIaHhOemNlSnp3?= =?utf-8?B?UWdTdXNqMHdFcTZkeWJHc01leWZ3QnNjT1VNQnNnajZVME15K0hyWUhvb2JV?= =?utf-8?Q?xlzdNE16LwSm3dbza3O7QHLXoZP8DBdbpcQqgeE?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 934c762f-2426-47be-352e-08d91ba1377d X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 May 2021 15:09:08.5902 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DyGKcreV/IYOekydEMgZE+r6S76Eg4nxywyfEy0qVBELIleNNb2yyFvBBakdUaCj4e+tESIIjExBcSHdC1f2Fw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4337 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 5/19/21 2:27 AM, Laszlo Ersek wrote: > On 05/17/21 17:03, Lendacky, Thomas wrote: >> On 5/16/21 11:22 PM, Laszlo Ersek wrote: > >>> But now, with SEV-ES enabled, we'll have a separate, discontiguous area >>> -- and neither BackupAndPrepareWakeupBuffer(), nor its counterpart >>> RestoreWakeupBuffer() take that into account. >>> >>> Therefore I think, while this patch is regression-free for the SEV-ES >>> *disabled* case, it may corrupt memory (through not restoring the AP >>> stack area's original contents) with SEV-ES enabled. >> >> This is the current behavior for SEV-ES. The wakeup buffer memory is >> marked as reserved, at least in the DXE phase. > > Another question that occurred to me later: where does this reservation > happen? If we have a separate allocation for the AP stacks now, do we > need to reserve that too, separately? The GetWakeupBuffer() in DxeMpLib.c will perform AllocatePages() with a memory type of "EfiReservedMemoryType" for SEV-ES. Since, with this patch, it is called twice (once for the reset vector area and once for the stack area) and both allocations will be EfiReservedMemoryType. > > What about PEI in general? Why is there no risk of corruption there? That's a good question. The PEI GetWakeupBuffer() looks for memory that hasn't been allocated below 1MB and just uses it - no reservation or allocation. For OVMF, I imagine that nothing is really populated there and so it is truly just "free" memory that doesn't need to be restored. Thanks, Tom > > (Sorry if these are lame questions!) > > Thanks, > Laszlo >