From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.45]) by mx.groups.io with SMTP id smtpd.web10.4180.1596141764010796347 for ; Thu, 30 Jul 2020 13:42:44 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=U43QYqiv; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.244.45, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O8iN5NXjGsmSy16GQG8AALlMjvoR9IhQ2jAkxiNyDEjsJU2DFSflbUb/rYsQs/0o6K4aaS021yXYDYOvdtICQGjMm05GpRc6TRyRJVX49dbEQMyFKLg7teku8U/NdbQT/awFtAPq0fDjNlrrn3I3JmhP+YMMus0KIv0uXVJt0LX+9PdOlv+8AVlsAbpT8vaE1jAQkv8gRtTEnUvcA4FA1MU7+9QE1prQ8GEgPZTmIe5QZGlpP8GgEp6AyO2hPJVYdDDk4sSvErXlJnPdcMdS4yn8SBCxL3cay5sT94aK0bmcrwWs5ZbmW7yMmw9t5Ij5s3ZTRQgpVNo66EKhQN6xrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NB9l/B18lE6yAUYEdm6Gf7eEH/WJWN/404HvIJKlhK4=; b=b+2u9/niYu8XTeyDLdi/7cd82W/o7khau9UbDzR/Ydv2HXvdQfyPsaNFZw2NYW5ZOyPfhxTYP0KjriwhyP68DkprLzzN6ovqjtIG8tQr8GJsOIsc/eE2bN6IAPEFTHAl96F8mAbmNqGkYaUicSfCJV4A1m2WtfRc1Gt8zHrDuX6mFiZQMfgwWOt2FAjgDetEdlQRxRLLIyLfNm+eRFW3FE6Ek2JFLxL6n8X/pGmZpbcZFjxIlAAw9xO2xz45OWj3mWFvleY1EkjzW8Mok01n97AtXif6s2mGYjug9x0rzE69Ja0+vSMJ3BBW/yDuBVhIUoKMnD3VuOug2wv2UbIk+A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NB9l/B18lE6yAUYEdm6Gf7eEH/WJWN/404HvIJKlhK4=; b=U43QYqivMDn0NKfWkWMr0GqZYp9HT9V4iBCx4iHaE3znAGX53zdTOcwtol9+Ow2/N+rVPvDnSKJmm+R2xoGrKa83dAHwStVcXQ3MDG8bIvsGKVD6P6mGa/AC+i5y5LfY9eAjhPgclsgLwLQ12O/MCEkNo3iHoRb13vwkDCZ1+2w= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR1201MB0027.namprd12.prod.outlook.com (2603:10b6:4:59::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.24; Thu, 30 Jul 2020 20:42:42 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::25ec:e6ba:197c:4eb0]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::25ec:e6ba:197c:4eb0%8]) with mapi id 15.20.3239.020; Thu, 30 Jul 2020 20:42:42 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io Subject: [PATCH v13 45/46] UefiCpuPkg/MpInitLib: Prepare SEV-ES guest APs for OS use Date: Thu, 30 Jul 2020 15:41:54 -0500 Message-ID: <9d41b17caa823ab3f39f08464785afd0fd03578f.1596134638.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: References: X-ClientProxiedBy: DM5PR07CA0028.namprd07.prod.outlook.com (2603:10b6:3:16::14) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by DM5PR07CA0028.namprd07.prod.outlook.com (2603:10b6:3:16::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.18 via Frontend Transport; Thu, 30 Jul 2020 20:42:42 +0000 X-Mailer: git-send-email 2.27.0 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 28b8e369-3ebe-4803-4113-08d834c91b5f X-MS-TrafficTypeDiagnostic: DM5PR1201MB0027: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: C0BqS3AhJnCUPXk3/yKxE1Bpozew4FxWsS5mC8z2mXmd2/1lcBb5TWPBXsQbYDr5OF7pGjuzYdKPJzflRHxxxzrFup5bQ2AxaY3dHk0VNIbjtNWU13hCI/umVpTgGOyF8UXVIdCrs0uLRobYpPl2U7sILHajf3i3xumNu41f48yYZ0ZZvftgfmpjGjDQSBW0n2bOqh9912ntm5WgoDVM4Ydzl93PpEPkf+4508CutI0c+smHYvXJadZxo+soa62MJzsYPx1umKxlCKvS6AV2laD/q4dzy4lWz2DdwMcpgEV3BGrpTeEObKQYV0CvPbMOsQ6DBVUIpfpcAPckWdem1/cdiIuOTBKUafrFo/94Vt0rovphP3DExvdyEWmCh2kwiy8GH4GbAq/+L/s5FKepbdooGvW/YetpFT+95wUK95NiyATKtVi7WVIVeohXJbT+Gwx3xYSuuSsmoYec2Lg/Wg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(6029001)(4636009)(366004)(396003)(376002)(346002)(136003)(39860400002)(6486002)(6666004)(66556008)(966005)(2906002)(19627235002)(66946007)(66476007)(5660300002)(83380400001)(36756003)(26005)(2616005)(86362001)(8936002)(186003)(16526019)(6916009)(7696005)(52116002)(478600001)(8676002)(316002)(956004)(136400200001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: jFUBqVe6MHOpVfQKWuTYggH4We4RWZ32fBlg26czOtIvQ9t83joKsQTPLEDIQ/1m8GJyszZ2vZkBqPSNweTiQSwY7r7d1tMREBkSR+uvM5W0UtAF/6CzPC0JyLL0D7XHIhFok49KTPiefNy/LsY5F9gLIFQUszn1aNV6zpmla+4pXJ8++6jEHtykqSdtOugiwTSj+kYx5aFFQsdem05eEU+NSEiAL5avDZPDRdwhW457ssGXJFbur18JHnBRukO3Qy7O3A3zv8ezRUjrIHLB1ATK8iR7lBmeM27aqsgFpKtn3w8PsiufgEU4Qs89GqmZof8gn2Wap4byuNwNb3N2gQjFrqC8pbu2JYxphTAZd8sSd3XOVwLQjF8fYeXb3MfJuP8DerLraU4G6/Hs9TXgUVoXd4hPTP/jhLXwql3l2kIVWn2AddODnaBCIqmSDDzH1SYojqninge8tLZhG5vznJ+bn4qlA2Hoxhv1Sjkp7mg= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 28b8e369-3ebe-4803-4113-08d834c91b5f X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jul 2020 20:42:42.7392 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: c4n0nKsmSPyO9MaaaX5cDhDrlnGWsr1WWxyMVJLXUSONdq/Z0TcZzDqnsrvg+pas1+JjpIsd19B1KMqzvH04BA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1201MB0027 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198 Before UEFI transfers control to the OS, it must park the AP. This is done using the AsmRelocateApLoop function to transition into 32-bit non-paging mode. For an SEV-ES guest, a few additional things must be done: - AsmRelocateApLoop must be updated to support SEV-ES. This means performing a VMGEXIT AP Reset Hold instead of an MWAIT or HLT loop. - Since the AP must transition to real mode, a small routine is copied to the WakeupBuffer area. Since the WakeupBuffer will be used by the AP during OS booting, it must be placed in reserved memory. Additionally, the AP stack must be located where it can be accessed in real mode. - Once the AP is in real mode it will transfer control to the destination specified by the OS in the SEV-ES AP Jump Table. The SEV-ES AP Jump Table address is saved by the hypervisor for the OS using the GHCB VMGEXIT AP Jump Table exit code. Cc: Eric Dong Cc: Ray Ni Cc: Laszlo Ersek Reviewed-by: Eric Dong Signed-off-by: Tom Lendacky --- UefiCpuPkg/Library/MpInitLib/MpLib.h | 8 +- UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 54 +++++++- UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm | 131 ++++++++++++++++-- 3 files changed, 175 insertions(+), 18 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h index b1a9d99cb3eb..267aa5201c50 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h @@ -293,7 +293,8 @@ struct _CPU_MP_DATA { UINT64 GhcbBase; }; =20 -#define AP_RESET_STACK_SIZE 64 +#define AP_SAFE_STACK_SIZE 128 +#define AP_RESET_STACK_SIZE AP_SAFE_STACK_SIZE =20 #pragma pack(1) =20 @@ -349,8 +350,11 @@ VOID IN BOOLEAN MwaitSupport, IN UINTN ApTargetCState, IN UINTN PmCodeSegment, + IN UINTN Pm16CodeSegment, IN UINTN TopOfApStack, - IN UINTN NumberToFinish + IN UINTN NumberToFinish, + IN UINTN SevEsAPJumpTable, + IN UINTN WakeupBuffer ); =20 /** diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M= pInitLib/DxeMpLib.c index 9115ff9e3e30..7165bcf3124a 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c @@ -12,6 +12,7 @@ #include #include #include +#include #include #include =20 @@ -85,6 +86,13 @@ GetWakeupBuffer ( { EFI_STATUS Status; EFI_PHYSICAL_ADDRESS StartAddress; + EFI_MEMORY_TYPE MemoryType; + + if (PcdGetBool (PcdSevEsIsEnabled)) { + MemoryType =3D EfiReservedMemoryType; + } else { + MemoryType =3D EfiBootServicesData; + } =20 // // Try to allocate buffer below 1M for waking vector. @@ -97,7 +105,7 @@ GetWakeupBuffer ( StartAddress =3D 0x88000; Status =3D gBS->AllocatePages ( AllocateMaxAddress, - EfiBootServicesData, + MemoryType, EFI_SIZE_TO_PAGES (WakeupBufferSize), &StartAddress ); @@ -159,8 +167,10 @@ GetSevEsAPMemory ( VOID ) { - EFI_STATUS Status; - EFI_PHYSICAL_ADDRESS StartAddress; + EFI_STATUS Status; + EFI_PHYSICAL_ADDRESS StartAddress; + MSR_SEV_ES_GHCB_REGISTER Msr; + GHCB *Ghcb; =20 // // Allocate 1 page for AP jump table page @@ -176,6 +186,16 @@ GetSevEsAPMemory ( =20 DEBUG ((DEBUG_INFO, "Dxe: SevEsAPMemory =3D %lx\n", (UINTN) StartAddress= )); =20 + // + // Save the SevEsAPMemory as the AP jump table. + // + Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB); + Ghcb =3D Msr.Ghcb; + + VmgInit (Ghcb); + VmgExit (Ghcb, SVM_EXIT_AP_JUMP_TABLE, 0, (UINT64) (UINTN) StartAddress)= ; + VmgDone (Ghcb); + return (UINTN) StartAddress; } =20 @@ -330,17 +350,26 @@ RelocateApLoop ( BOOLEAN MwaitSupport; ASM_RELOCATE_AP_LOOP AsmRelocateApLoopFunc; UINTN ProcessorNumber; + UINTN StackStart; =20 MpInitLibWhoAmI (&ProcessorNumber); CpuMpData =3D GetCpuMpData (); MwaitSupport =3D IsMwaitSupport (); + if (CpuMpData->SevEsIsEnabled) { + StackStart =3D CpuMpData->SevEsAPResetStackStart; + } else { + StackStart =3D mReservedTopOfApStack; + } AsmRelocateApLoopFunc =3D (ASM_RELOCATE_AP_LOOP) (UINTN) mReservedApLoop= Func; AsmRelocateApLoopFunc ( MwaitSupport, CpuMpData->ApTargetCState, CpuMpData->PmCodeSegment, - mReservedTopOfApStack - ProcessorNumber * AP_SAFE_STACK_SIZE, - (UINTN) &mNumberToFinish + CpuMpData->Pm16CodeSegment, + StackStart - ProcessorNumber * AP_SAFE_STACK_SIZE, + (UINTN) &mNumberToFinish, + CpuMpData->SevEsAPBuffer, + CpuMpData->WakeupBuffer ); // // It should never reach here @@ -374,6 +403,21 @@ MpInitChangeApLoopCallback ( while (mNumberToFinish > 0) { CpuPause (); } + + if (CpuMpData->SevEsIsEnabled && (CpuMpData->WakeupBuffer !=3D (UINTN) -= 1)) { + // + // There are APs present. Re-use reserved memory area below 1MB from + // WakeupBuffer as the area to be used for transitioning to 16-bit mod= e + // in support of booting of the AP by an OS. + // + CopyMem ( + (VOID *) CpuMpData->WakeupBuffer, + (VOID *) (CpuMpData->AddressMap.RendezvousFunnelAddress + + CpuMpData->AddressMap.SwitchToRealPM16ModeOffset), + CpuMpData->AddressMap.SwitchToRealPM16ModeSize + ); + } + DEBUG ((DEBUG_INFO, "%a() done!\n", __FUNCTION__)); } =20 diff --git a/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm b/UefiCpuPkg/Lib= rary/MpInitLib/X64/MpFuncs.nasm index 6956b408d004..3b8ec477b8b3 100644 --- a/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm +++ b/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm @@ -465,6 +465,10 @@ BITS 16 ; - IP for Real Mode (two bytes) ; - CS for Real Mode (two bytes) ; + ; This label is also used with AsmRelocateApLoop. During MP finalizati= on, + ; the code from PM16Mode to SwitchToRealProcEnd is copied to the start= of + ; the WakeupBuffer, allowing a parked AP to be booted by an OS. + ; PM16Mode: mov eax, cr0 ; Read CR0 btr eax, 0 ; Set PE=3D0 @@ -487,32 +491,95 @@ PM16Mode: SwitchToRealProcEnd: =20 ;-------------------------------------------------------------------------= ------------ -; AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfAp= Stack, CountTofinish); +; AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, Pm16Cod= eSegment, TopOfApStack, CountTofinish, SevEsAPJumpTable, WakeupBuffer); ;-------------------------------------------------------------------------= ------------ global ASM_PFX(AsmRelocateApLoop) ASM_PFX(AsmRelocateApLoop): AsmRelocateApLoopStart: BITS 64 + cmp qword [rsp + 56], 0 + je NoSevEs + + ; + ; Perform some SEV-ES related setup before leaving 64-bit mode + ; + push rcx + push rdx + + ; + ; Get the RDX reset value using CPUID + ; + mov rax, 1 + cpuid + mov rsi, rax ; Save off the reset value for RDX + + ; + ; Prepare the GHCB for the AP_HLT_LOOP VMGEXIT call + ; - Must be done while in 64-bit long mode so that writes to + ; the GHCB memory will be unencrypted. + ; - No NAE events can be generated once this is set otherwise + ; the AP_RESET_HOLD SW_EXITCODE will be overwritten. + ; + mov rcx, 0xc0010130 + rdmsr ; Retrieve current GHCB address + shl rdx, 32 + or rdx, rax + + mov rdi, rdx + xor rax, rax + mov rcx, 0x800 + shr rcx, 3 + rep stosq ; Clear the GHCB + + mov rax, 0x80000004 ; VMGEXIT AP_RESET_HOLD + mov [rdx + 0x390], rax + + pop rdx + pop rcx + +NoSevEs: cli ; Disable interrupt before switching to 3= 2-bit mode - mov rax, [rsp + 40] ; CountTofinish + mov rax, [rsp + 48] ; CountTofinish lock dec dword [rax] ; (*CountTofinish)-- - mov rsp, r9 - push rcx - push rdx =20 - lea rsi, [PmEntry] ; rsi <- The start address of transition = code + mov rax, [rsp + 56] ; SevEsAPJumpTable + mov rbx, [rsp + 64] ; WakeupBuffer + mov rsp, [rsp + 40] ; TopOfApStack + + push rax ; Save SevEsAPJumpTable + push rbx ; Save WakeupBuffer + push r9 ; Save Pm16CodeSegment + push rcx ; Save MwaitSupport + push rdx ; Save ApTargetCState + + lea rax, [PmEntry] ; rax <- The start address of transition = code =20 push r8 - push rsi - DB 0x48 - retf + push rax + + ; + ; Clear R8 - R15, for reset, before going into 32-bit mode + ; + xor r8, r8 + xor r9, r9 + xor r10, r10 + xor r11, r11 + xor r12, r12 + xor r13, r13 + xor r14, r14 + xor r15, r15 + + ; + ; Far return into 32-bit mode + ; +o64 retf + BITS 32 PmEntry: mov eax, cr0 btr eax, 31 ; Clear CR0.PG mov cr0, eax ; Disable paging and caches =20 - mov ebx, edx ; Save EntryPoint to rbx, for rdmsr will = overwrite rdx mov ecx, 0xc0000080 rdmsr and ah, ~ 1 ; Clear LME @@ -525,6 +592,8 @@ PmEntry: add esp, 4 pop ecx, add esp, 4 + +MwaitCheck: cmp cl, 1 ; Check mwait-monitor support jnz HltLoop mov ebx, edx ; Save C-State to ebx @@ -538,10 +607,50 @@ MwaitLoop: shl eax, 4 mwait jmp MwaitLoop + HltLoop: + pop edx ; PM16CodeSegment + add esp, 4 + pop ebx ; WakeupBuffer + add esp, 4 + pop eax ; SevEsAPJumpTable + add esp, 4 + cmp eax, 0 ; Check for SEV-ES + je DoHlt + + cli + ; + ; SEV-ES is enabled, use VMGEXIT (GHCB information already + ; set by caller) + ; +BITS 64 + rep vmmcall +BITS 32 + + ; + ; Back from VMGEXIT AP_HLT_LOOP + ; Push the FLAGS/CS/IP values to use + ; + push word 0x0002 ; EFLAGS + xor ecx, ecx + mov cx, [eax + 2] ; CS + push cx + mov cx, [eax] ; IP + push cx + push word 0x0000 ; For alignment, will be discarded + + push edx + push ebx + + mov edx, esi ; Restore RDX reset value + + retf + +DoHlt: cli hlt - jmp HltLoop + jmp DoHlt + BITS 64 AsmRelocateApLoopEnd: =20 --=20 2.27.0