From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web11.7665.1686735684026011315 for ; Wed, 14 Jun 2023 02:41:24 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=KnBq19kz; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: dun.tan@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1686735684; x=1718271684; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=FDmr9yNKGdHa1bYJ/dsVhmOuT4NiuZrwrNqbTZsO33M=; b=KnBq19kzVXM3LLy0l5Ce3VNvLY2LdoGXR2UdEDJ8SF0kePTkn8g+IfdU 9qDVJPMUzvsxkj4krTXf+4aXhxTqnhUWmT7wEaWNylojyk+H80nYlVupo +GjP7iN+3OUGLEBz2aUnLZW9An5L5Sjdp+ud8es1hYOeLG0GkpuzL0dil +Tpx8tH9SaastcO4onfFeaQAoS0xJV0EppIHUVFBg8yLnrAPXwY+PCGHK d7zoS5+LV03zlEAvtZsUi+ran9yYe7jbrPDLc1RyogZ6tuLVnnlZBeeok ZABKW7aP3S6rXvEshhotORqM2lboalQjHfCyi96VVNCdVLVavAmnHjF0D A==; X-IronPort-AV: E=McAfee;i="6600,9927,10740"; a="357448544" X-IronPort-AV: E=Sophos;i="6.00,242,1681196400"; d="scan'208";a="357448544" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Jun 2023 02:40:58 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10740"; a="715125959" X-IronPort-AV: E=Sophos;i="6.00,242,1681196400"; d="scan'208";a="715125959" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by fmsmga007.fm.intel.com with ESMTP; 14 Jun 2023 02:40:56 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Wed, 14 Jun 2023 02:40:56 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23 via Frontend Transport; Wed, 14 Jun 2023 02:40:56 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.173) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.23; Wed, 14 Jun 2023 02:40:54 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QXQ1xHRsKgweBzy8ALE8NUNUP1v3Z8Mrz2rTQLoA9BAg/+VHqTxxcem0ahszEg+3AIn/ALPCA5KX2/hbH95A2+0XcCL9sU/xnjCjrXhxsXHmej09TNafmxTAMXSlHchzuR1b6fTJBva5WcTCJCm1yqXqPunEkL2xyIE+h/ZKB+405ocnNAv+UTHGvNmW8MbTa+2DRN6t4ODDYpvSyMX0mpEfbKUcFul2EvHVtRx6IAOT0N5RS4kkujfzUa4ecoe/rqfw28vUKPklgKB4FArYCx2vg/x+CLBcDt8ejYs/H/OXQ9M2rpdlF6O3LJ9ccMK8i5md2ZJrs1OhohFlMkUlLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/e3ye3J1U3/i6ouZzKPF5Jn5ym7sL0B2YSXrmaQP/8Y=; b=eHmhdTR9Vu2A12h2vYJNdDSQcFNd4UBxXSA2OLM0GxJDscvWmQY4/HMr79Q92WPPWaNzAYQxxqqxMiMETW6dVfMNluwQzRBbMK+gDAOk8ffLF/XUbyOl4ofPk7ZTzqXYKPjBbz5UjveMFPoR1+Ft4PCfI6IBkOCs8RGMD9G555wX/L9xzZ8XeXHsFURaiUzWE91OJ4FI/gG95onokQKSoDwHarF+mg74/yyTgbgfjjJpAOgWGlUPVgrU9vosrCTa+uFq78XIUp0VESx61T19AruGqWaceMm3epE6VYa3L5XNC3pzaeafBBV78T7qj6YA1cL+iVywPFb6DGcGmxKYkQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from BN9PR11MB5483.namprd11.prod.outlook.com (2603:10b6:408:104::10) by SA1PR11MB8426.namprd11.prod.outlook.com (2603:10b6:806:38d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6455.38; Wed, 14 Jun 2023 09:40:44 +0000 Received: from BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::3023:34d3:bd4e:7901]) by BN9PR11MB5483.namprd11.prod.outlook.com ([fe80::3023:34d3:bd4e:7901%3]) with mapi id 15.20.6477.037; Wed, 14 Jun 2023 09:40:44 +0000 From: "duntan" To: "devel@edk2.groups.io" , "Tan, Dun" CC: Ard Biesheuvel , "Yao, Jiewen" , "Justen, Jordan L" , "Gerd Hoffmann" , Tom Lendacky , "Ni, Ray" Subject: Re: [edk2-devel] [Patch V6 01/14] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry Thread-Topic: [edk2-devel] [Patch V6 01/14] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry Thread-Index: AQHZmrM4z2slFH3or0yMSNoiDRPJsa+J674Q Date: Wed, 14 Jun 2023 09:40:44 +0000 Message-ID: References: <20230609091629.798-1-dun.tan@intel.com> <1766F2F0DD510904.28667@groups.io> In-Reply-To: <1766F2F0DD510904.28667@groups.io> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN9PR11MB5483:EE_|SA1PR11MB8426:EE_ x-ms-office365-filtering-correlation-id: 7b03ba13-961a-4a6c-a0b4-08db6cbb6d22 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: lZPYMb6QuzVMJuWRF5O9dV3oyZTK8dSFx/1U0rZo4RlxD/Ht6ug9mos0AoiR4+dB0izQGYyt3yrl/dq3mrCb122duVRts5tY33C++fmMG+TzgBHZYfDQ1JSfTNX1emVRzbE41i0Z3zZlhvSeZkSSrdRdmLmge6AHsAmgYhtNHU0SeZfsUYaXjWioSUcShMAuyc0m2bKYd6Ur1nxyCj7/lg43FDkaf8BRr6qYcSn+SD4CtQIIvipcZbURBhKLWHBBiStR1SIxIYFQQjkdvvZRfyKIhqEfD/lWbx1fsSO8wPuqkAdmpYXjtKL9V3YPJPME8LUBAUzY+NtJADhYmKkRXduWNwoyXbfd7RnRyfOhGEDuGyAtBjzEvlBvqJF6Mol5oFCK0e/jXFpRH60y0cyq2QUdJXWuRKT6265ccEIIVKsa/dMPcUVb+LgP45z1BrIS7X3T3l9ReSmw0R7j1cf3jY0/56LOuRcdJpxyckogGndfbn/FOQIhhZYrBHIHcDgYsDzshVA4iKD4RNX8y92jDUuCNt606Wwi2jHV/tVIKSnny80V4f2N2kDY7ZPbVMq6KvVZvv538g//YfJtptrsjPgf2c0kqk2nUfP+DuwlB50vRmgXIf9pBGIMHO5S4mDy56Oi07uQNmK3WzHRvZDwvg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN9PR11MB5483.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(136003)(366004)(376002)(396003)(346002)(39860400002)(451199021)(86362001)(2906002)(33656002)(38070700005)(66899021)(64756008)(55016003)(76116006)(7696005)(83380400001)(71200400001)(966005)(9686003)(107886003)(26005)(6506007)(53546011)(186003)(122000001)(82960400001)(110136005)(54906003)(66446008)(38100700002)(66556008)(66946007)(8676002)(41300700001)(478600001)(316002)(52536014)(8936002)(66476007)(5660300002)(4326008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?OUTFvZEylE5mY2AP53WXsniHBPk2cBD0E1KKMhqmdiCByXqqJ28QwfOqdn7z?= =?us-ascii?Q?G1fem8S4pI3z+xVSN5/GHmie92dW/ZWAuPL/fHUfpdloOeioLBrQbKFEOuvL?= =?us-ascii?Q?3ueRtTm1mkbWYEh99clr108LwXknrNwyZICzUV9NFzsdwoZ65VzwmRruIO8v?= =?us-ascii?Q?mnSao77rQ37KQteBPSP+YFfKrILcml3O2MelHorRkBWQmaG29fEoC5AboJAb?= =?us-ascii?Q?8BJjD5r/jiFiOeEbrKB2Yi1dwGgFXiHCn+1s+tzw0BJLvg9+1DoEdLK6KClt?= =?us-ascii?Q?taeRWs6RXdnQah4YvnoT/rNtqj8qNh4ieYKRqIhirch+aTNapjEsGTpXEqfw?= =?us-ascii?Q?/3B2hpoacy6biS8+Fd5DkRerPvQsMe5/E+PI286AWhWAEsbTAIQn4BtAo1Wg?= =?us-ascii?Q?r21NnytO8siqRMNxCPHTBM6qb7ankWnNK4URtp0+98uVyhxF5xf3PoNuhrNF?= =?us-ascii?Q?vqrjzl4uZankKpI7ixGA+0WxUjd/icJNJ+SnZ9l4jMLQQgvZ3mu9BPNpCBNd?= =?us-ascii?Q?mRcsfim1f5zltmESYno8X3lBzeLEW3kuzuFM0WGv7ST7MxWjcPYJx+RPPiBI?= =?us-ascii?Q?/RuijpP37xD3Q8R7vHeKfpqLOV3r+lxmX1cvdvhtxiqFeBekOuW50/x6mUNr?= =?us-ascii?Q?oGtYBimlBUpuwERnVXAaKjQzr3QonLNPxIMVNTcMWrXBtfy9kNwcbU3CRNRv?= =?us-ascii?Q?FYGxEKj5yHwaTbbEqR/we0npZD122O7bVSb6lUgsHvBd+44dzJMSszimObZl?= =?us-ascii?Q?RA4ZvchqKCb8ptoS3W2W1IoxW6UgQUJjd2xNO7FS67KOgjyGR5rs6PIb9czG?= =?us-ascii?Q?+ZdoJkeLpN1swxMlAIG7rDjU1TV/mfhuW0qro+LRtEu1nqMG9ANsqYb2aJMI?= =?us-ascii?Q?o4RdnOiaFzG6Y9Twefum7ERaiLU98TaNyn17daVmyJ9tijMJdZVdWjpNhAx7?= =?us-ascii?Q?zhBpBIhDLecqSJ6ogDEmmQtmGohO4J0gA/aA8hynNLfRv0QoYYh+ygRRDlM3?= =?us-ascii?Q?9FpVUaGUMg731rYeHDrPkIElK+wg0Js4yBb3LZFxMPF5rgSd5e5rVbLNkUUa?= =?us-ascii?Q?YPKk7Ovhn7WIvDHA7S1VyZWubM0E5h0ZI+3OAAOVeevkxuOY5g4DYl2kbr8k?= =?us-ascii?Q?Zoy0FhFGxn88ubZY345LBVFYJWyhgW3ZCo/EBPNbQLV2IinCiEvkHCzVjOym?= =?us-ascii?Q?K1DrZnzrJL12V77Gzj5MHArnhC7S52VKQqINCidrK/j+He88ZXPwSZgQvrgX?= =?us-ascii?Q?10re0h44zd4P07HCfT6ZPQgL/FZpj0frxJfZS8C5QZjDI1A7cwXiRSWMm77H?= =?us-ascii?Q?hq6IbRvx44RD3sDwDuZzvWxzAQiQLE4jpe+npsilvYxdr0qX9q/VoEdCGMdX?= =?us-ascii?Q?FM6UXlwOFmGFxi1yhkEcAz2armdOVaegsePEufBsCqG4774rj3hfhFLM36CO?= =?us-ascii?Q?lNgJkuyyNrjY5rJWeEXe26lUb8RVmzwPMHmUHzK1oiV/Nh+J9iAgAGSsukFe?= =?us-ascii?Q?VY0KGJ4unwOTAHKKlj3gc7odY8Yjz49Zgo3jGPQPGciciKIuhzXmPVv2Rh9U?= =?us-ascii?Q?Mtx0OAp6pLXIDH99HRM=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5483.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7b03ba13-961a-4a6c-a0b4-08db6cbb6d22 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jun 2023 09:40:44.8225 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: hwjnHz0NHg+5MZY+gcGt+Cx0Gy6XiOVRlXdZcpizWSLxvcmSS70LVOyRzHYxNmSXueXN9JAaqa+TlyT1mllHhQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR11MB8426 Return-Path: dun.tan@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi all, Could you please help to review this patch? Thanks, Dun -----Original Message----- From: devel@edk2.groups.io On Behalf Of duntan Sent: Friday, June 9, 2023 5:16 PM To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Yao, Jiewen ; Justen, Jordan L ; Gerd Hoffmann ; Tom Lendacky ; Ni, Ray Subject: [edk2-devel] [Patch V6 01/14] OvmfPkg:Remove code that apply Addre= ssEncMask to non-leaf entry Remove code that apply AddressEncMask to non-leaf entry when split smm page= table by MemEncryptSevLib. In FvbServicesSmm driver, it calls MemEncryptSe= vClearMmioPageEncMask to clear AddressEncMask bit in page table for a speci= fic range. In AMD SEV feature, this AddressEncMask bit in page table is use= d to indicate if the memory is guest private memory or shared memory. But a= ll memory used by page table are treated as encrypted regardless of encrypt= ion bit. So remove the EncMask bit for smm non-leaf page table entry doesn't impact = AMD SEV feature. If page split happens in the AddressEncMask bit clear process, there will b= e some new non-leaf entries with AddressEncMask applied in smm page table. = When ReadyToLock, code in PiSmmCpuDxe module will use CpuPageTableLib to mo= dify smm page table. So remove code to apply AddressEncMask for new non-lea= f entries since CpuPageTableLib doesn't consume the EncMask PCD. Signed-off-by: Dun Tan Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Tom Lendacky Reviewed-by: Ray Ni --- OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c= b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c index cf2441b551..aba2e8c081 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c @@ -233,7 +233,7 @@ Split2MPageTo4K ( // Fill in 2M page entry. // *PageEntry2M =3D ((UINT64)(UINTN)PageTableEntry1 | - IA32_PG_P | IA32_PG_RW | AddressEncMask); + IA32_PG_P | IA32_PG_RW); } =20 /** @@ -352,7 +352,7 @@ SetPageTablePoolReadOnly ( PhysicalAddress +=3D LevelSize[Level - 1]; } =20 - PageTable[Index] =3D (UINT64)(UINTN)NewPageTable | AddressEncMask | + PageTable[Index] =3D (UINT64)(UINTN)NewPageTable | IA32_PG_P | IA32_PG_RW; PageTable =3D NewPageTable; } @@ -440,7 +440,7 @@ Split1GPageTo2M ( // Fill in 1G page entry. // *PageEntry1G =3D ((UINT64)(UINTN)PageDirectoryEntry | - IA32_PG_P | IA32_PG_RW | AddressEncMask); + IA32_PG_P | IA32_PG_RW); =20 PhysicalAddress2M =3D PhysicalAddress; for (IndexOfPageDirectoryEntries =3D 0; -- 2.31.1.windows.1