I think I've acked all patches in UefiCpuPkg. Please let me know if any other patches need my review. Thanks, Ray ________________________________ From: devel@edk2.groups.io on behalf of Lendacky, Thomas via groups.io Sent: Wednesday, April 3, 2024 2:16 To: devel@edk2.groups.io ; Yao, Jiewen ; Liming Gao ; Ni, Ray ; Liu, Zhiguang ; Kinney, Michael D ; Guo, Gua ; Dong, Guo ; Lu, James ; Rhodes, Sean ; Kumar, Rahul R Cc: Ard Biesheuvel ; Aktas, Erdem ; Gerd Hoffmann ; Xu, Min M ; Michael Roth ; Anatol Belski ; Anthony Perard ; Corvin Köhne ; Jianyong Wu ; Rebecca Cran Subject: Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM Re-pinging the list/maintainers. Still awaiting feedback/reviews/acks on the changes. Thanks, Tom On 3/26/24 13:34, Tom Lendacky wrote: > Any issues with this version of the series? Still looking for > Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related > patches. > > Once I get those, I'll submit the edk2-platform patches to support the > new library as a response to these patches for a quick review. > > Thanks, > Tom > > On 3/8/24 09:29, Tom Lendacky wrote: >> >> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654 >> >> This series adds SEV-SNP support for running OVMF under an Secure VM >> Service Module (SVSM) at a less privileged VM Privilege Level (VMPL). >> By running at a less priviledged VMPL, the SVSM can be used to provide >> services, e.g. a virtual TPM, for the guest OS within the SEV-SNP >> confidential VM (CVM) rather than trust such services from the >> hypervisor. >> >> Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are >> certain SNP related operations that require that VMPL level. >> Specifically, >> the PVALIDATE instruction and the RMPADJUST instruction when setting the >> the VMSA attribute of a page (used when starting APs). >> >> If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must >> use an SVSM (which is running at VMPL0) to perform the operations that >> it is no longer able to perform. >> >> When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that >> it will be starting. As a result, the GHCB APIC ID retrieval action must >> be performed. Since this service can also work with SEV-SNP running at >> VMPL0, the patches to make use of this feature are near the beginning of >> the series. >> >> How OVMF interacts with and uses the SVSM is documented in the SVSM >> specification [1] and the GHCB specification [2]. >> >> This support creates a new AmdSvsmLib library that is used by MpInitLib. >> The edk2-platforms repo requires updates/patches to add the new library >> requirement. To accomodate that, this series could be split between: >> >> patch number 12: >> UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an >> SVSM >> >> and patch number 13: >> UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library >> >> The updates to edk2-platforms can be applied at the split. >> >> This series introduces support to run OVMF under an SVSM. It consists >> of: >> - Retrieving the list of vCPU APIC IDs and starting up all APs without >> performing a broadcast SIPI >> - Reorganizing the page state change support to not directly use the >> GHCB buffer since an SVSM will use the calling area buffer, instead >> - Detecting the presence of an SVSM >> - When not running at VMPL0, invoking the SVSM for page validation and >> VMSA page creation/deletion >> - Detecting and allowing OVMF to run in a VMPL other than 0 when an >> SVSM is present >> >> The series is based off of commit: >> >> e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs") >> >> [1] >> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/58019.pdf >> [2] >> https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/specifications/56421.pdf >> >> Cc: Anatol Belski >> Cc: Anthony Perard >> Cc: Ard Biesheuvel >> Cc: Corvin Köhne >> Cc: Erdem Aktas >> Cc: Gerd Hoffmann >> Cc: Gua Guo >> Cc: Guo Dong >> Cc: James Lu >> Cc: Jianyong Wu >> Cc: Jiewen Yao >> Cc: Laszlo Ersek >> Cc: Liming Gao >> Cc: Michael D Kinney >> Cc: Michael Roth >> Cc: Min Xu >> Cc: Rahul Kumar >> Cc: Ray Ni >> Cc: Rebecca Cran >> Cc: Sean Rhodes >> Cc: Zhiguang Liu >> >> --- >> >> Changes in v3: >> - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding >> function name changes >> - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg >> and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid >> - Separated the OvmfPkg changes for the AmdSvsmLib into two patches: >> - First patch adds usage of the AmdSvsmLib NULL library >> - Second patch adds the OVMF AmdSvsmLib implementation >> - Updated the commit message for the OVMF AmdSvsmLib implementation to >> indicate that the base functionality for PVALIDATE and RMPADJUST was >> copied from the original locations in prep for converting those sites >> to using the library API. >> >> Changes in v2: >> - Move the APIC IDs retrieval support to the beginning of the patch >> series >> - Use a GUIDed HOB to hold the APIC ID list instead of a PCD >> - Split up Page State Change reorganization into multiple patches >> - Created CcSvsmLib library instead of extending CcExitLib >> - This will require a corresponding update to edk2-platform DSC >> files >> - Removed Ray Ni's Acked-by since it is not a minor change >> - Variable name changes and other misc changes >> >> Tom Lendacky (24): >> OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust() >> MdePkg: GHCB APIC ID retrieval support definitions >> UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is >> present >> OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor >> OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors >> OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State >> Change >> MdePkg: Avoid hardcoded value for number of Page State Change entries >> OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support >> OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency >> MdePkg/Register/Amd: Define the SVSM related information >> MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM >> UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an >> SVSM >> UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library >> Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library >> Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services >> UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA >> OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate >> pages >> OvmfPkg: Create a calling area used to communicate with the SVSM >> OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call >> OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency >> OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls >> UefiCpuPkg/MpInitLib: AP creation support under an SVSM >> Ovmfpkg/CcExitLib: Provide SVSM discovery support >> OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at >> VMPL0 >> >> >> OvmfPkg/OvmfPkg.dec >> | 4 + >> >> UefiCpuPkg/UefiCpuPkg.dec >> | 8 +- >> >> OvmfPkg/AmdSev/AmdSevX64.dsc >> | 1 + >> >> OvmfPkg/Bhyve/BhyveX64.dsc >> | 1 + >> >> OvmfPkg/CloudHv/CloudHvX64.dsc >> | 1 + >> >> OvmfPkg/IntelTdx/IntelTdxX64.dsc >> | 1 + >> >> OvmfPkg/Microvm/MicrovmX64.dsc >> | 1 + >> >> OvmfPkg/OvmfPkgIa32.dsc >> | 1 + >> >> OvmfPkg/OvmfPkgIa32X64.dsc >> | 3 +- >> >> OvmfPkg/OvmfPkgX64.dsc >> | 1 + >> >> OvmfPkg/OvmfXen.dsc >> | 1 + >> >> UefiCpuPkg/UefiCpuPkg.dsc >> | 4 +- >> >> UefiPayloadPkg/UefiPayloadPkg.dsc >> | 1 + >> >> OvmfPkg/AmdSev/AmdSevX64.fdf >> | 9 +- >> >> OvmfPkg/OvmfPkgX64.fdf >> | 3 + >> >> MdePkg/Library/BaseLib/BaseLib.inf >> | 2 + >> >> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf >> | 38 ++ >> >> OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf >> | 3 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf >> | 3 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf >> | 3 +- >> >> OvmfPkg/Library/CcExitLib/CcExitLib.inf >> | 3 +- >> >> OvmfPkg/Library/CcExitLib/SecCcExitLib.inf >> | 3 +- >> >> OvmfPkg/PlatformPei/PlatformPei.inf >> | 3 + >> >> OvmfPkg/ResetVector/ResetVector.inf >> | 2 + >> >> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf >> | 27 ++ >> >> UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf >> | 2 + >> >> UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf >> | 2 + >> >> MdePkg/Include/Library/BaseLib.h >> | 39 ++ >> >> MdePkg/Include/Register/Amd/Fam17Msr.h >> | 19 +- >> >> MdePkg/Include/Register/Amd/Ghcb.h >> | 19 +- >> >> MdePkg/Include/Register/Amd/Msr.h >> | 3 +- >> >> MdePkg/Include/Register/Amd/Svsm.h >> | 101 ++++ >> >> MdePkg/Include/Register/Amd/SvsmMsr.h >> | 35 ++ >> >> OvmfPkg/Include/WorkArea.h >> | 9 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h >> | 6 +- >> >> UefiCpuPkg/Include/Guid/GhcbApicIds.h >> | 17 + >> >> UefiCpuPkg/Include/Library/AmdSvsmLib.h >> | 101 ++++ >> >> UefiCpuPkg/Library/MpInitLib/MpLib.h >> | 29 +- >> >> OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c >> | 500 ++++++++++++++++++++ >> >> OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c >> | 11 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c >> | 27 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c >> | 22 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c >> | 31 +- >> >> OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c >> | 206 ++++---- >> >> OvmfPkg/Library/CcExitLib/CcExitVcHandler.c >> | 29 +- >> >> OvmfPkg/PlatformPei/AmdSev.c >> | 103 +++- >> >> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c >> | 108 +++++ >> >> UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c >> | 21 +- >> >> UefiCpuPkg/Library/MpInitLib/MpLib.c >> | 9 +- >> >> UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c >> | 134 ++++-- >> >> MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm >> | 39 ++ >> >> MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm >> | 94 ++++ >> >> OvmfPkg/ResetVector/ResetVector.nasmb >> | 6 +- >> >> OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm >> | 11 +- >> >> UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni >> | 13 + >> 55 files changed, 1641 insertions(+), 232 deletions(-) >> create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf >> create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf >> create mode 100644 MdePkg/Include/Register/Amd/Svsm.h >> create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h >> create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h >> create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h >> create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c >> create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c >> create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm >> create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm >> create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni >> -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117346): https://edk2.groups.io/g/devel/message/117346 Mute This Topic: https://groups.io/mt/104810672/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-