From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+118343+7686176+12367111@groups.io>
Received: from mail05.groups.io (mail05.groups.io [45.79.224.7])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 616EFAC1398
	for <rebecca@openfw.io>; Fri, 26 Apr 2024 15:25:32 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=WERMwVyKkBoirvpqW4rwF/WEWHvDKGPL1sweYV7OkNs=;
 c=relaxed/simple; d=groups.io;
 h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type;
 s=20240206; t=1714145130; v=1;
 b=Qyt/J1o3UFvF70XxRjpCXfBSNoxYu78+jqy8y4LrnaOg4uAHu1naBcrOAwnzDsKZqHNVdwOo
 a8aRgLtGsLSBS/1kg4nzvEYv5oUthE/SKL/8Z9P8xmHQOjYBBFupL41bqCLU/VE4nvVquMfjntU
 NV2BnBKc1guybVmztmCmq8vaag+zaKBx4P+jc9+cK5eUXDsTQx+0CQZeEDdx7QTBbrH8n4NPslu
 Mm6UtMWTLRxoR4hsXe9PER3gmcDc2TdIu/DnFBMOC2utHcGZZSahCiq/zYIuresgVY6yjznjdtl
 uRdFY4f5NPJfx39DhbqzZbOgfppxpdDtDL1xTVOorSRBA==
X-Received: by 127.0.0.2 with SMTP id pCBxYY7687511xrsnVK8MuKY; Fri, 26 Apr 2024 08:25:30 -0700
X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
 by mx.groups.io with SMTP id smtpd.web11.581.1714145130062781634
 for <devel@edk2.groups.io>;
 Fri, 26 Apr 2024 08:25:30 -0700
X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
	by dfw.source.kernel.org (Postfix) with ESMTP id 80D09620AE
	for <devel@edk2.groups.io>; Fri, 26 Apr 2024 15:25:29 +0000 (UTC)
X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id F2013C32783
	for <devel@edk2.groups.io>; Fri, 26 Apr 2024 15:25:28 +0000 (UTC)
X-Received: by mail-lj1-f170.google.com with SMTP id 38308e7fff4ca-2dd19c29c41so26970371fa.3
        for <devel@edk2.groups.io>; Fri, 26 Apr 2024 08:25:28 -0700 (PDT)
X-Gm-Message-State: EFB5R9367TGQtMrPgrEhy6omx7686176AA=
X-Google-Smtp-Source: AGHT+IENms3x+ur1ojbfBZL9hRIwj5V/oHMo/2zfLFr2i9TSBpcaekl2b3Y6x4kYYAq/OSj71CbPBWF4gW61oono6oc=
X-Received: by 2002:a05:651c:11d3:b0:2d8:f3b:d026 with SMTP id
 z19-20020a05651c11d300b002d80f3bd026mr1775827ljo.14.1714145127176; Fri, 26
 Apr 2024 08:25:27 -0700 (PDT)
MIME-Version: 1.0
References: <17C9D8CD7CA10EA1.16940@groups.io> <20240426141610.twbkphynyexgjad7@amd.com>
In-Reply-To: <20240426141610.twbkphynyexgjad7@amd.com>
From: "Ard Biesheuvel" <ardb@kernel.org>
Date: Fri, 26 Apr 2024 17:25:15 +0200
X-Gmail-Original-Message-ID: <CAMj1kXE_SyTPcTFhW-wZ6rgmm5MdcScW_86=pbPn4uNpb2=M7Q@mail.gmail.com>
Message-ID: <CAMj1kXE_SyTPcTFhW-wZ6rgmm5MdcScW_86=pbPn4uNpb2=M7Q@mail.gmail.com>
Subject: Re: [edk2-devel] [PATCH v2] OvmfPkg: Don't make APIC MMIO accesses with encryption bit set
To: devel@edk2.groups.io, Michael.Roth@amd.com
Cc: Tom Lendacky <thomas.lendacky@amd.com>, Erdem Aktas <erdemaktas@google.com>, 
	Jiewen Yao <jiewen.yao@intel.com>, Min Xu <min.m.xu@intel.com>, 
	Jianyong Wu <jianyong.wu@arm.com>, Anatol Belski <anbelski@linux.microsoft.com>
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Resent-Date: Fri, 26 Apr 2024 08:25:30 -0700
Resent-From: ardb@kernel.org
Reply-To: devel@edk2.groups.io,ardb@kernel.org
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
Content-Type: text/plain; charset="UTF-8"
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20240206 header.b="Qyt/J1o3";
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io

On Fri, 26 Apr 2024 at 16:16, Roth, Michael via groups.io
<Michael.Roth=amd.com@groups.io> wrote:
>
> On Fri, Apr 26, 2024 at 08:51:20AM -0500, Roth, Michael via groups.io wrote:
> > For the most part, OVMF will clear the encryption bit for MMIO regions,
> > but there is currently one known exception during SEC when the APIC
> > base address is accessed via MMIO with the encryption bit set for
> > SEV-ES/SEV-SNP guests. In the case of SEV-SNP, this requires special
> > handling on the hypervisor side which may not be available in the
> > future[1], so make the necessary changes in the SEC-configured page
> > table to clear the encryption bit for 4K region containing the APIC
> > base address.
> >
> > Since CpuPageTableLib is used to handle the splitting, some additional
> > care must be taken to clear the C-bit in all non-leaf PTEs since the
> > library expects that to be the case. Add handling for that when setting
> > up the SEC page table.
>
> Tom just noticed another spot where a non-leaf C-bit needs to be cleared
> (the one mapping the GHCB page). It doesn't affect patch functionality
> but should be included for completeness of this change, so will send a
> quick v3 with this addressed.
>
> -Mike
>

While at it, could you please fix your email setup and use 8bit
transfer encoding instead of quoted printable? Also, please put me on
cc so I don't have to apply the garbled groups.io copy.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118343): https://edk2.groups.io/g/devel/message/118343
Mute This Topic: https://groups.io/mt/105750506/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-