From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web12.8514.1617807788751426884 for ; Wed, 07 Apr 2021 08:03:08 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=N1eoj3fe; spf=pass (domain: redhat.com, ip: 170.10.133.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1617807787; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2uHT3dc+O86TZ1O+sslT491CKO2gaDJxynyQ5ogayV4=; b=N1eoj3fe31HCthyPD/V52ecoWoz1UY1I0zXAV33cuSiLGrQSXE9rsj162g1nt5t/vvn/wv BNOGx9OOcU7f/7pab8sci5tPL6bvxaASdrhWd7sVL8SO8epJ4avfGZCOvMr+PUZwqL1H6c ZyVxQXNtJvAnD7AW86ZQjW/DOCxo/D4= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-246-SGj9klvtOsqXgAGxEmiTLw-1; Wed, 07 Apr 2021 11:03:03 -0400 X-MC-Unique: SGj9klvtOsqXgAGxEmiTLw-1 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 8F5F6107ACC7; Wed, 7 Apr 2021 15:03:02 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-38.ams2.redhat.com [10.36.112.38]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8D4C75C5E1; Wed, 7 Apr 2021 15:03:00 +0000 (UTC) Subject: Re: [RFC PATCH 01/19] OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest To: jejb@linux.ibm.com, "Xu, Min M" , Brijesh Singh , "devel@edk2.groups.io" Cc: "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel References: <20210324153215.17971-1-brijesh.singh@amd.com> <20210324153215.17971-2-brijesh.singh@amd.com> <719a63e555376ca65a7bbe0c7e23c20b6b631cd3.camel@linux.ibm.com> From: "Laszlo Ersek" Message-ID: <9aa00ba0-def0-9a4e-1578-0b55b8047ebd@redhat.com> Date: Wed, 7 Apr 2021 17:02:59 +0200 MIME-Version: 1.0 In-Reply-To: <719a63e555376ca65a7bbe0c7e23c20b6b631cd3.camel@linux.ibm.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 04/07/21 02:44, James Bottomley wrote: > On Wed, 2021-04-07 at 00:21 +0000, Xu, Min M wrote: >> Hi, Laszlo >> >> For Intel TDX supported guest, all processors start in 32-bit >> protected >> mode, while for Non-Td guest, it starts in 16-bit real mode. To make >> the >> ResetVector work on both Td-guest and Non-Td guest, ResetVector are >> updated as below: >> ------------------------------------------------------------------ >> ALIGN 16 >> resetVector: >> ; >> ; Reset Vector >> ; >> ; This is where the processor will begin execution >> ; >> nop >> nop >> smsw ax >> test al, 1 >> jnz EarlyBspPmEntry >> jmp EarlyBspInitReal16 > > Well, then use the rel8 jump like the compiler would in this situation: > > smsw ax > test al, 1 > jz 1f > jmp EarlyBspPmEntry > 1: > jmp EarlyBspInitReal16 > > So now both entries can be 32k away. The problem is that we need NASM to generate such *shared* entry code that behaves correctly when executed in either 16-bit or 32-bit mode. The rel8 near jumps ("short jumps") are like that -- for example, the "74 cb" opcode decodes to the same "JZ rel8" in both modes. But the rel16 ("non-short") near jumps turn into rel32 near jumps when decoded in 32-bit mode. For example, "E9 cw" decodes to "JMP rel16" in 16-bit mode, but it gets parsed as "E9 cd" (= "JMP rel32") in 32-bit mode. So the idea is to add more BITS directives, for covering the non-short near jumps themselves: > ; instructions up to and including the rel8 JZ decode identically > ; between BITS 16 and BITS 32 > BITS 16 > smsw ax > test al, 1 > jz Real > > ; the unconditional near jumps are mode-specific > BITS 32 > jmp near EarlyBspPmEntry > BITS 16 > Real: > jmp near EarlyBspInitReal16 > > ; -------------------- > > BITS 16 > EarlyBspInitReal16: > nop > > BITS 32 > EarlyBspPmEntry: > nop $ nasm -f bin jz.nasmb Decoded (executed) in 16-bit mode: $ ndisasm -b 16 -k 7,5 -k 0x10,1 jz 00000000 0F01E0 smsw ax 00000003 A801 test al,0x1 00000005 7405 jz 0xc ; taken 00000007 skipping 0x5 bytes 0000000C E90000 jmp word 0xf 0000000F 90 nop 00000010 skipping 0x1 bytes Decoded (executed) in 32-bit mode: $ ndisasm -b 32 -k 0xc,4 jz 00000000 0F01E0 smsw eax 00000003 A801 test al,0x1 00000005 7405 jz 0xc ; not taken 00000007 E904000000 jmp dword 0x10 0000000C skipping 0x4 bytes 00000010 90 nop With the garbage *not* hidden: $ ndisasm -b 16 -s 0xc jz 00000000 0F01E0 smsw ax 00000003 A801 test al,0x1 00000005 7405 jz 0xc ; taken 00000007 E90400 jmp word 0xe ; garbage 0000000A 0000 add [bx+si],al ; garbage 0000000C E90000 jmp word 0xf 0000000F 90 nop 00000010 90 nop ; garbage $ ndisasm -b 32 -s 0x10 jz 00000000 0F01E0 smsw eax 00000003 A801 test al,0x1 00000005 7405 jz 0xc ; not taken 00000007 E904000000 jmp dword 0x10 0000000C E9 db 0xe9 ; garbage 0000000D 0000 add [eax],al ; garbage 0000000F 90 nop ; garbage 00000010 90 nop Thanks Laszlo