From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-CY1-obe.outbound.protection.outlook.com (NAM02-CY1-obe.outbound.protection.outlook.com [40.107.76.42]) by mx.groups.io with SMTP id smtpd.web11.13455.1574280447980323941 for ; Wed, 20 Nov 2019 12:07:28 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=SRu+6dEP; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.76.42, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mcfeXUhyQZ931k8FvFMMNfb8aexYI5tUn4ctNh3KIPAWSfYeyxZ7Z80KIcZlTcaACIsVkVVrK7FkcO8+vFj2eN0B5JsKNgnYAqqbjjtnU4KBGCTaE8AzsWUoOCoH653wxyLuEqHas0eBdBQ3XMTewjwtaKFqQ9b9RHtZoGHe40XzerUmhWnKW81fBLsPzVXEK7FmzD2JRYee8r7xUULjEyax+PUoBpLy5aWdswMIGl7GeK9s5KMOHeMLee/k+GRlP+i7taL998MzxwNSxJhCWlDbH1ucbQRN5lDRmO2jSc9xzKUlMBT8FZ9adfHME6BrKTS6xLYFGZFLNXKqIzGqrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XJsI54Ows1PIiunA3pebGqIqPfN5VVrFyBBEtekaTkM=; b=Zky71nuxQAD6VlYUKM+09SVRortZlZPb8sUorpDXJNQ45o0mEvrt3ybUO2Ml21TNdA/KDq/noboJNypPVNDLJF6TFq0yde0dVBb5yMqMZ5kNNIEJqZ2PSrieRUsAxENfcKXUXrO3dVcv1/31cJB3YCYs3bwx1W++vTnaMBY4VyTskLx7aCBHOUzFMm/U/0oQN4xr/QZzFeXt+MizKcr7AEZcibNOlh8U1s1PespqyZEj2L/3JR7vpP4Nj0cIBLzUAsYrvXu8Akg+xEVBWENhipXlEE1nO3kSco3n+ezIXJA9s25slYIdZTJuyGFxqVhzciFQU41wZ3dp2BIGBhZdQQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XJsI54Ows1PIiunA3pebGqIqPfN5VVrFyBBEtekaTkM=; b=SRu+6dEPZRsSN3AMBgeB/cT8v6x21bZ8Uk5pMh21cVsGZK27U9B2e0CUgmoIm5Ksx/88d8Vr9sjo2H0hjuAstwzXoxc8u59NQ449J8Q/glKAB9fThPNJRKfE34wpSs0JNrDNMsOxdpA+hxvRtddKaMORmVeVYiQWu8DB4f/hR5o= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by DM6PR12MB3675.namprd12.prod.outlook.com (10.255.76.80) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2451.28; Wed, 20 Nov 2019 20:07:26 +0000 Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::dd0c:8e53:4913:8ef4]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::dd0c:8e53:4913:8ef4%5]) with mapi id 15.20.2451.031; Wed, 20 Nov 2019 20:07:26 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , Brijesh Singh Subject: [RFC PATCH v3 09/43] UefiCpuPkg/CpuExceptionHandler: Add support for IOIO_PROT NAE events Date: Wed, 20 Nov 2019 14:06:31 -0600 Message-Id: <99d02226aef6ef39b067d6b40951ce0f2ab1ae25.1574280425.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: References: X-ClientProxiedBy: DM3PR12CA0087.namprd12.prod.outlook.com (2603:10b6:0:57::31) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-Mailer: git-send-email 2.17.1 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 3425fd52-f600-4c53-f139-08d76df54364 X-MS-TrafficTypeDiagnostic: DM6PR12MB3675: X-MS-Exchange-PUrlCount: 1 X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-Forefront-PRVS: 02272225C5 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(979002)(4636009)(376002)(346002)(396003)(39860400002)(366004)(136003)(189003)(199004)(2361001)(50226002)(81156014)(81166006)(8676002)(2906002)(6486002)(99286004)(66476007)(486006)(47776003)(66556008)(25786009)(2616005)(476003)(54906003)(11346002)(118296001)(8936002)(316002)(2351001)(7736002)(305945005)(66066001)(6916009)(86362001)(16586007)(3846002)(6116002)(48376002)(14454004)(478600001)(966005)(5660300002)(66946007)(446003)(76176011)(36756003)(51416003)(6506007)(386003)(50466002)(52116002)(4326008)(6436002)(14444005)(6666004)(6306002)(6512007)(19627235002)(26005)(186003)(969003)(989001)(999001)(1009001)(1019001);DIR:OUT;SFP:1101;SCL:1;SRVR:DM6PR12MB3675;H:DM6PR12MB3163.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wwl+hsi66nMNR0Bm2tyfz7p2RRw5Pdeu5+V7Om1GZhb0H4/1ppFrsHa1T+b5dDyrVVLPCg/DXeGfxqePRx4xvIiXh1nOnRV2nqmrug9lqqD3xZfE+0dOmFs2JSOAkrNN6fzCu59VEUIw4dwHLJ3UrPUFpGhKso0QpHgMYhDLHniELgDDwI++DfFeTlTkLStuLQyX2WkdFP4qlses8+6h65NxbYjgUQVLpWfYs64AD3x0aIP/jcMYthf5JvE2tiY4hENTEB+vi6tCkmrLKl6bFlGYvsqF4ul7jiWB251V+bOjg24yinykeC7b3228Y2sTLLibN1dOeRjmjU6IN7/U3NgrD1KO9MOnxFr9wNR1Zyo8gdjuX+tAVgNtPvYeXg/eIRfU8kXNFLxlyLNgK5GSMJR50XQJ54uan5G82HowHF9BDrabkTEWaTJf+Fwqlf5sTVDUi5fvMuggR6wD9FRkIyCbi/kYAZnKVsQcmEfdQGU= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3425fd52-f600-4c53-f139-08d76df54364 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Nov 2019 20:07:26.3157 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FVQ9Pn9/kxxDxeiS9sDHNOv7mH0kNThbYgm0SvizpaXuYriFP6DonhhNYMOwiChOrqA3ro231FrOKKVFlJX8Ew== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3675 Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 Under SEV-ES, a IOIO_PROT intercept generates a #VC exception. VMGEXIT must be used to allow the hypervisor to handle this intercept. Add support to construct the required GHCB values to support a IOIO_PROT NAE event. Parse the instruction that generated the #VC exception, setting the required register values in the GHCB and creating the proper SW_EXITINFO1 value in the GHCB. Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Signed-off-by: Tom Lendacky --- .../X64/AMDSevVcCommon.c | 434 +++++++++++++++++- 1 file changed, 433 insertions(+), 1 deletion(-) diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c index 4b56767f9374..c42fe632f255 100644 --- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c +++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c @@ -11,6 +11,425 @@ #include #include "AMDSevVcCommon.h" +typedef enum { + LongMode64Bit = 0, + LongModeCompat32Bit, + LongModeCompat16Bit, +} SEV_ES_INSTRUCTION_MODE; + +typedef enum { + Size8Bits = 0, + Size16Bits, + Size32Bits, + Size64Bits, +} SEV_ES_INSTRUCTION_SIZE; + +typedef enum { + SegmentEs = 0, + SegmentCs, + SegmentSs, + SegmentDs, + SegmentFs, + SegmentGs, +} SEV_ES_INSTRUCTION_SEGMENT; + +typedef enum { + RepNone = 0, + RepZ, + RepNZ, +} SEV_ES_INSTRUCTION_REP; + +typedef union { + struct { + UINT8 B:1; + UINT8 X:1; + UINT8 R:1; + UINT8 W:1; + UINT8 REX:4; + } Bits; + + UINT8 Uint8; +} SEV_ES_INSTRUCTION_REX_PREFIX; + +typedef union { + struct { + UINT8 Rm:3; + UINT8 Reg:3; + UINT8 Mod:2; + } Bits; + + UINT8 Uint8; +} SEV_ES_INSTRUCTION_MODRM; + +typedef union { + struct { + UINT8 Base:3; + UINT8 Index:3; + UINT8 Scale:2; + } Bits; + + UINT8 Uint8; +} SEV_ES_INSTRUCTION_SIB; + +typedef struct { + struct { + UINT8 Rm; + UINT8 Reg; + UINT8 Mod; + } ModRm; + + struct { + UINT8 Base; + UINT8 Index; + UINT8 Scale; + } Sib; + + UINTN RegData; + UINTN RmData; +} SEV_ES_INSTRUCTION_OPCODE_EXT; + +typedef struct { + GHCB *Ghcb; + + SEV_ES_INSTRUCTION_MODE Mode; + SEV_ES_INSTRUCTION_SIZE DataSize; + SEV_ES_INSTRUCTION_SIZE AddrSize; + BOOLEAN SegmentSpecified; + SEV_ES_INSTRUCTION_SEGMENT Segment; + SEV_ES_INSTRUCTION_REP RepMode; + + UINT8 *Begin; + UINT8 *End; + + UINT8 *Prefixes; + UINT8 *OpCodes; + UINT8 *Displacement; + UINT8 *Immediate; + + SEV_ES_INSTRUCTION_REX_PREFIX RexPrefix; + + BOOLEAN ModRmPresent; + SEV_ES_INSTRUCTION_MODRM ModRm; + + BOOLEAN SibPresent; + SEV_ES_INSTRUCTION_SIB Sib; + + UINT8 PrefixSize; + UINT8 OpCodeSize; + UINT8 DisplacementSize; + UINT8 ImmediateSize; + + SEV_ES_INSTRUCTION_OPCODE_EXT Ext; +} SEV_ES_INSTRUCTION_DATA; + +typedef +UINTN +(*NAE_EXIT) ( + GHCB *Ghcb, + EFI_SYSTEM_CONTEXT_X64 *Regs, + SEV_ES_INSTRUCTION_DATA *InstructionData + ); + + +STATIC +BOOLEAN +GhcbIsRegValid ( + GHCB *Ghcb, + GHCB_REGISTER Reg + ) +{ + UINT32 RegIndex = Reg / 8; + UINT32 RegBit = Reg & 0x07; + + return (Ghcb->SaveArea.ValidBitmap[RegIndex] & (1 << RegBit)); +} + +STATIC +VOID +GhcbSetRegValid ( + GHCB *Ghcb, + GHCB_REGISTER Reg + ) +{ + UINT32 RegIndex = Reg / 8; + UINT32 RegBit = Reg & 0x07; + + Ghcb->SaveArea.ValidBitmap[RegIndex] |= (1 << RegBit); +} + +STATIC +VOID +DecodePrefixes ( + EFI_SYSTEM_CONTEXT_X64 *Regs, + SEV_ES_INSTRUCTION_DATA *InstructionData + ) +{ + SEV_ES_INSTRUCTION_MODE Mode; + SEV_ES_INSTRUCTION_SIZE ModeDataSize; + SEV_ES_INSTRUCTION_SIZE ModeAddrSize; + UINT8 *Byte; + + /*TODO: Determine current mode - 64-bit for now */ + Mode = LongMode64Bit; + ModeDataSize = Size32Bits; + ModeAddrSize = Size64Bits; + + InstructionData->Mode = Mode; + InstructionData->DataSize = ModeDataSize; + InstructionData->AddrSize = ModeAddrSize; + + InstructionData->Prefixes = InstructionData->Begin; + + Byte = InstructionData->Prefixes; + for ( ; ; Byte++, InstructionData->PrefixSize++) { + switch (*Byte) { + case 0x26: + case 0x2E: + case 0x36: + case 0x3E: + if (Mode != LongMode64Bit) { + InstructionData->SegmentSpecified = TRUE; + InstructionData->Segment = (*Byte >> 3) & 3; + } + break; + + case 0x40 ... 0x4F: + InstructionData->RexPrefix.Uint8 = *Byte; + if (*Byte & 0x08) + InstructionData->DataSize = Size64Bits; + break; + + case 0x64: + InstructionData->SegmentSpecified = TRUE; + InstructionData->Segment = *Byte & 7; + break; + + case 0x66: + if (!InstructionData->RexPrefix.Uint8) { + InstructionData->DataSize = + (Mode == LongMode64Bit) ? Size16Bits : + (Mode == LongModeCompat32Bit) ? Size16Bits : + (Mode == LongModeCompat16Bit) ? Size32Bits : 0; + } + break; + + case 0x67: + InstructionData->AddrSize = + (Mode == LongMode64Bit) ? Size32Bits : + (Mode == LongModeCompat32Bit) ? Size16Bits : + (Mode == LongModeCompat16Bit) ? Size32Bits : 0; + break; + + case 0xF0: + break; + + case 0xF2: + InstructionData->RepMode = RepZ; + break; + + case 0xF3: + InstructionData->RepMode = RepNZ; + break; + + default: + InstructionData->OpCodes = Byte; + InstructionData->OpCodeSize = (*Byte == 0x0F) ? 2 : 1; + + InstructionData->End = Byte + InstructionData->OpCodeSize; + InstructionData->Displacement = InstructionData->End; + InstructionData->Immediate = InstructionData->End; + return; + } + } +} + +UINT64 +InstructionLength ( + SEV_ES_INSTRUCTION_DATA *InstructionData + ) +{ + return (UINT64) (InstructionData->End - InstructionData->Begin); +} + +STATIC +VOID +InitInstructionData ( + SEV_ES_INSTRUCTION_DATA *InstructionData, + GHCB *Ghcb, + EFI_SYSTEM_CONTEXT_X64 *Regs + ) +{ + SetMem (InstructionData, sizeof (*InstructionData), 0); + InstructionData->Ghcb = Ghcb; + InstructionData->Begin = (UINT8 *) Regs->Rip; + InstructionData->End = (UINT8 *) Regs->Rip; + + DecodePrefixes (Regs, InstructionData); +} + +STATIC +UINTN +UnsupportedExit ( + GHCB *Ghcb, + EFI_SYSTEM_CONTEXT_X64 *Regs, + SEV_ES_INSTRUCTION_DATA *InstructionData + ) +{ + UINTN Status; + + Status = VmgExit (Ghcb, SvmExitUnsupported, Regs->ExceptionData, 0); + ASSERT (0); + + return Status; +} + +#define IOIO_TYPE_STR (1 << 2) +#define IOIO_TYPE_IN 1 +#define IOIO_TYPE_INS (IOIO_TYPE_IN | IOIO_TYPE_STR) +#define IOIO_TYPE_OUT 0 +#define IOIO_TYPE_OUTS (IOIO_TYPE_OUT | IOIO_TYPE_STR) + +#define IOIO_REP (1 << 3) + +#define IOIO_ADDR_64 (1 << 9) +#define IOIO_ADDR_32 (1 << 8) +#define IOIO_ADDR_16 (1 << 7) + +#define IOIO_DATA_32 (1 << 6) +#define IOIO_DATA_16 (1 << 5) +#define IOIO_DATA_8 (1 << 4) + +#define IOIO_SEG_ES (0 << 10) +#define IOIO_SEG_DS (3 << 10) + +STATIC +UINT64 +IoioExitInfo ( + EFI_SYSTEM_CONTEXT_X64 *Regs, + SEV_ES_INSTRUCTION_DATA *InstructionData + ) +{ + UINT64 ExitInfo = 0; + + switch (*(InstructionData->OpCodes)) { + // IN immediate opcodes + case 0xE4: + case 0xE5: + InstructionData->ImmediateSize = 1; + InstructionData->End++; + ExitInfo |= IOIO_TYPE_IN; + ExitInfo |= ((*(InstructionData->OpCodes + 1)) << 16); + break; + + // OUT immediate opcodes + case 0xE6: + case 0xE7: + InstructionData->ImmediateSize = 1; + InstructionData->End++; + ExitInfo |= IOIO_TYPE_OUT; + ExitInfo |= ((*(InstructionData->OpCodes + 1)) << 16) | IOIO_TYPE_OUT; + break; + + // IN register opcodes + case 0xEC: + case 0xED: + ExitInfo |= IOIO_TYPE_IN; + ExitInfo |= ((Regs->Rdx & 0xffff) << 16); + break; + + // OUT register opcodes + case 0xEE: + case 0xEF: + ExitInfo |= IOIO_TYPE_OUT; + ExitInfo |= ((Regs->Rdx & 0xffff) << 16); + break; + + default: + return 0; + } + + switch (*(InstructionData->OpCodes)) { + case 0xE4: + case 0xE6: + case 0xEC: + case 0xEE: + // Single-byte opcodes + ExitInfo |= IOIO_DATA_8; + break; + + default: + // Length determined by instruction parsing + ExitInfo |= (InstructionData->DataSize == Size16Bits) ? IOIO_DATA_16 + : IOIO_DATA_32; + } + + switch (InstructionData->AddrSize) { + case Size16Bits: + ExitInfo |= IOIO_ADDR_16; + break; + + case Size32Bits: + ExitInfo |= IOIO_ADDR_32; + break; + + case Size64Bits: + ExitInfo |= IOIO_ADDR_64; + break; + + default: + break; + } + + if (InstructionData->RepMode) { + ExitInfo |= IOIO_REP; + } + + return ExitInfo; +} + +STATIC +UINTN +IoioExit ( + GHCB *Ghcb, + EFI_SYSTEM_CONTEXT_X64 *Regs, + SEV_ES_INSTRUCTION_DATA *InstructionData + ) +{ + UINT64 ExitInfo1; + UINTN Status; + + ExitInfo1 = IoioExitInfo (Regs, InstructionData); + if (!ExitInfo1) { + VmgExit (Ghcb, SvmExitUnsupported, SvmExitIoioProt, 0); + ASSERT (0); + } + + if (!(ExitInfo1 & IOIO_TYPE_IN)) { + Ghcb->SaveArea.Rax = Regs->Rax; + GhcbSetRegValid (Ghcb, GhcbRax); + } + + //FIXME: This is likely needed for the merging cases (size<32 bits) + // Pass in zero and perform merge here (only for non-string) + Ghcb->SaveArea.Rax = Regs->Rax; + GhcbSetRegValid (Ghcb, GhcbRax); + + Status = VmgExit (Ghcb, SvmExitIoioProt, ExitInfo1, 0); + if (Status) { + return Status; + } + + if (ExitInfo1 & IOIO_TYPE_IN) { + if (!GhcbIsRegValid (Ghcb, GhcbRax)) { + VmgExit (Ghcb, SvmExitUnsupported, SvmExitIoioProt, 0); + ASSERT (0); + } + Regs->Rax = Ghcb->SaveArea.Rax; + } + + return 0; +} + UINTN DoVcCommon ( GHCB *Ghcb, @@ -18,6 +437,8 @@ DoVcCommon ( ) { EFI_SYSTEM_CONTEXT_X64 *Regs = Context.SystemContextX64; + SEV_ES_INSTRUCTION_DATA InstructionData; + NAE_EXIT NaeExit; UINTN ExitCode; UINTN Status; @@ -25,8 +446,19 @@ DoVcCommon ( ExitCode = Regs->ExceptionData; switch (ExitCode) { + case SvmExitIoioProt: + NaeExit = IoioExit; + break; + default: - Status = VmgExit (Ghcb, SvmExitUnsupported, ExitCode, 0); + NaeExit = UnsupportedExit; + } + + InitInstructionData (&InstructionData, Ghcb, Regs); + + Status = NaeExit (Ghcb, Regs, &InstructionData); + if (!Status) { + Regs->Rip += InstructionLength(&InstructionData); } VmgDone (Ghcb); -- 2.17.1