From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 7A0AED80CA0 for ; Wed, 3 Apr 2024 07:08:11 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=wVtUgjA/V4KJgGu1YCdTb28njThaXV3agkc0UjzP/Og=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:msip_labels:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type; s=20240206; t=1712128090; v=1; b=B/z5yz++fYa5p56+hfWNG8hw0SgDz8qpgfGDSSjoUxWcF3qMVDu8Mi8QbNiNNPfJJIZR9soR tXIRf8CqwKPHakIBeD3LXzcPAVYDrHTIpt/NgOALfNO2XLXt202sW9KseAjRiQ35TOSfpmS62OJ o7yViFmKS4JzjUW8ebsv7Tm4zZHX1NqRsoshIEQ5N9KtkqCMkedHxbuvWlSmWaQEU13UaU0vuKj hKStVwxapElG0mr8PGihAwkQQ/TAbiL6s/IoyVd/oVIbU3g6ItJojSBKUD76l1ftTjbJllB5pe3 xS1bxRQQBRK/HEQV7IBmpXkqxmreWGG1aTrBjlESOW8rQ== X-Received: by 127.0.0.2 with SMTP id 5kxQYY7687511xxpzPLUNoiZ; Wed, 03 Apr 2024 00:08:10 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.19]) by mx.groups.io with SMTP id smtpd.web11.5402.1712128089405656065 for ; Wed, 03 Apr 2024 00:08:09 -0700 X-CSE-ConnectionGUID: BDfvbzkFRzq1iYWj1Wi4rg== X-CSE-MsgGUID: 0Dw+c9Z7RxW4kidP1PgRmg== X-IronPort-AV: E=McAfee;i="6600,9927,11032"; a="7194149" X-IronPort-AV: E=Sophos;i="6.07,176,1708416000"; d="scan'208,217";a="7194149" X-Received: from fmviesa003.fm.intel.com ([10.60.135.143]) by orvoesa111.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Apr 2024 00:08:06 -0700 X-CSE-ConnectionGUID: UaSB/ofsTe+FkxlyPRlaEA== X-CSE-MsgGUID: TFP6GtHGTtuR2OUWFzxO6w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,176,1708416000"; d="scan'208,217";a="22810107" X-Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by fmviesa003.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 03 Apr 2024 00:07:58 -0700 X-Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 3 Apr 2024 00:07:55 -0700 X-Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 3 Apr 2024 00:07:55 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.169) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 3 Apr 2024 00:07:55 -0700 X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14) by PH7PR11MB6401.namprd11.prod.outlook.com (2603:10b6:510:1fb::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.23; Wed, 3 Apr 2024 07:07:53 +0000 X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::2c31:82b7:9f26:5817]) by MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::2c31:82b7:9f26:5817%5]) with mapi id 15.20.7409.031; Wed, 3 Apr 2024 07:07:53 +0000 From: "Ni, Ray" To: "devel@edk2.groups.io" , "thomas.lendacky@amd.com" CC: Ard Biesheuvel , "Aktas, Erdem" , Gerd Hoffmann , "Yao, Jiewen" , Laszlo Ersek , Liming Gao , "Kinney, Michael D" , "Xu, Min M" , "Liu, Zhiguang" , "Kumar, Rahul R" , Michael Roth Subject: Re: [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present Thread-Topic: [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is present Thread-Index: AQHacW2pFV5RO3UROEqVvylyak0W6LFWznXY Date: Wed, 3 Apr 2024 07:07:52 +0000 Message-ID: References: <6523f9e8c6d12fca800eb0db4eba6d763c074c27.1709911792.git.thomas.lendacky@amd.com> In-Reply-To: <6523f9e8c6d12fca800eb0db4eba6d763c074c27.1709911792.git.thomas.lendacky@amd.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|PH7PR11MB6401:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: gq5UuWCqrrH7ep8h9tKuFsJsiqvIR1V7ZAvHo+EZe9WgxQhi2s3D2U/J8kCxcpPomN6FKt72l+Eyj9181wJk1DedFY59k/f3wo5h/2NMQZkHlGG5N6k7t8+oZqFdnnV1c53wZY9EiEOgkBLOPcZX/pupPNXjsYxpcV0eorhKwq/Qc885G5tgOF/hDibYaWpGw/RMWbSuPzKnw8pFVc5rtebRCtJvix26uQG6Q2nB50+jv/kNqz+6rSC/fp/IWekV1q1j2yEPb9fP8J6CZTBJveLp/MWv2NHNntMkHA63EyzzkZ5btB6mozvA/AEOFgK/0+cs8IYncqFAX4ULtksaPSWvmPcHm0+iigMDEnNMO1DKNHLM0/rfcho/cVzZe94drMdbQ/Fqiz4oUlbdXoaktiS1YEQk2CKBj61z+aLe85+YGCJ5FuQRbAMlufmiaCKiylhZyF3QgBKqVm8NjdlxLqQUSSy25ZjOE+NvbzCdvdPZU/3enBxUx2CCvwQhvRH7B0LMiuxoxWGTignH8qrUmQ9+5TNZT4rhPuIYlnqbxQxMsJM6nmxiuEIHafSESCqRdeyu/t2H673DS4vFEN03U0hjRxhbYd1aMA8dkoyR03sXTRdwibenbPZPwfGqfJix x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?rM8/+RozFb/fqi65cWW+StsSug1uYfvqjeq6uI9NkxEzxqPVih5YQXEHmuhs?= =?us-ascii?Q?+3bI2Hg+v4L2y0Z3676LRV1LPyLqXmSvAsxznjoOYSvuKJsWk9g+CtEIRKHr?= =?us-ascii?Q?Fp2zA8pYZI+37E2vjO0BMkI+HjjwudHOd0GvaONX2zB6jqAVw0P0GLXg+ssu?= =?us-ascii?Q?gxsVhdivWzkgF2OyBAg/QusrCh0eH7mBmBf5pGsqPGA4rwsDU3vhkFYI3K0r?= =?us-ascii?Q?867I9wN+cToX+Oe7+fijNNKfvQ88LCgC3YFW+HtIfMWHvrHFyFyavzBp7If5?= =?us-ascii?Q?mpbv+E/Gs0QLdILK5BEU5xS3tY36tSxZrULwsPaoFkHRbTwTMRfGQZzg2cX4?= =?us-ascii?Q?GseGhwcHdBkJD+ZzmsXrbWx/T3nfr/yYX0JRx8omCG+v8fnJ+bSADr4LjGBb?= =?us-ascii?Q?LdLgvmouungsHC+AK/S5QdK9cnfaLzqg9ZYROLq+4uGQsx3QJiqYHDVGop5o?= =?us-ascii?Q?O8gxYiaf6ANVCq9OQ85Y5fa0isf10bNEdUlJhkp5A98G2n7cGpOfBt2V61Pz?= =?us-ascii?Q?Cx0USuE2p9a2mr2s8XmXiRGLD5JjbUzdReXdZ70DCACW/FolAhhNQAoPqzVw?= =?us-ascii?Q?DNKWtQWKGQUY3bIRJ1gUQ3eSg7KTKXN4RmZFidN84rAyC9uetVkeKVmeFt7K?= =?us-ascii?Q?jq/NARdmhP1KwVs/wvRvuUStvbSMVP8LTPfRLz3yZeVzcAomkwonM1bvdX6s?= =?us-ascii?Q?Gt34TLl0+wRzwp4Q6RdPGgiKwTGtp7gDa/QgaDuCQmXbjJgjL8reFSeGPo2Q?= =?us-ascii?Q?IzyjbaRBECqNnXvr0bjHGhd4A2dbnwsxLdlFmKQml5zb5KbFHntlPkIzHex8?= =?us-ascii?Q?5QmGjRUlAYwREzlpcTnbsF6EPDYuW7HeKsi1PkKPcL7UKnc2xEw7rrcSGMVE?= =?us-ascii?Q?P2ankmvJdcGo8H8o0UAZOKtu0XGAP0Kf4JzHt7QDbPT7/B729GXN703/7SZb?= =?us-ascii?Q?SdwoW85LpTCkG/C8LycJ4tAuyB1l31/gOQlN4FaFLdYZ6SjIvsoM9YOVr3JP?= =?us-ascii?Q?vPWWCSX6hhjWa3F/Hq3XPbXFVnNYEY377S6p18p0YapjIaiZxZx70HO6+52J?= =?us-ascii?Q?zBCD6+3PAEXM8mAcdNNm1uyooBBVHa9RpYM9xKbH0kD7fILYn21m9TfzbD9T?= =?us-ascii?Q?8zgRQp2x5eS9tvyAqw8oMgDeKEFKxXnw6wsyBf+7rjoTE4oFINtAaf9vyjH8?= =?us-ascii?Q?UZTa4QFNdatHIcIYwzO6CQD7vd4+W6rv+rOnCtOMxlIuO8RRhnXE8bM2v/pP?= =?us-ascii?Q?963+T4mhlrJj8HfOdU4OFIQ/Wh5AIOs/Xp50lkSh0wRtZMbtDsE5PoIQuLvE?= =?us-ascii?Q?aArFvEmu5UQ3M1gNoh94cwJ9fOEtMPXBHa8LrAHYd2Ou2Gahv7tpF/9zlVEc?= =?us-ascii?Q?6k9JJ5wTUKzSe4fVEyTdXcAtDZ0zv0EZfrcnNJvix+9/Nx+7W6tLsCvQqTVR?= =?us-ascii?Q?enXkfKURmGilpraA3XKMGcs2uJzy1XJd5eF7H22dp1TQ78LvioZ7kYkcbeOH?= =?us-ascii?Q?V4b5k7d+LfdMDIgnZ7zWNTvW3OqFKEVQlr+7rKds8ropa0xPcRgCJ0rgCq8c?= =?us-ascii?Q?kihrqpgJ7YsAvvpACs0=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6f74dcf7-87d0-492a-59f0-08dc53acc7b7 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Apr 2024 07:07:52.9636 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Ny6BVcD5LVmN90UG37YaRkE+iVH0hpusXIsprNmoqC5HJz5uP6XYOSQPdpNxtN5Dtw3+l05TGuJWqtFmKxZ3tA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB6401 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 03 Apr 2024 00:08:09 -0700 Resent-From: ray.ni@intel.com Reply-To: devel@edk2.groups.io,ray.ni@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: jaW3J05PVnayUMZ10XUihVajx7686176AA= Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MN6PR11MB82441148A932C8721ED03EC48C3D2MN6PR11MB8244namp_" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="B/z5yz++"; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) --_000_MN6PR11MB82441148A932C8721ED03EC48C3D2MN6PR11MB8244namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Acked-by: Ray Ni Thanks, Ray ________________________________ From: devel@edk2.groups.io on behalf of Lendacky, Th= omas via groups.io Sent: Friday, March 8, 2024 23:30 To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Aktas, Erdem ; Gerd Hoffmann ; Yao, Jiewen ; Laszlo Ersek ; Liming Gao ; Kinney, Michael D ; Xu, Min M ; Liu, Zhiguang ; Kumar, Rahul R ; Ni, Ray ; Michael Roth Subject: [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always use AP = Create if GhcbApicIds HOB is present BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654 Currently, the first time an AP is started for an SEV-SNP guest, it relies on the VMSA as set by the hypervisor. If the list of APIC IDs has been retrieved, this is not necessary. The list of APIC IDs will be identified by a GUIDed HOB. If the GUIDed HOB is present, use the SEV-SNP AP Create protocol to start the AP for the first time and each time thereafter. Cc: Gerd Hoffmann Cc: Laszlo Ersek Cc: Rahul Kumar Cc: Ray Ni Reviewed-by: Gerd Hoffmann Signed-off-by: Tom Lendacky --- UefiCpuPkg/UefiCpuPkg.dec | 5 +- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 1 + UefiCpuPkg/Include/Guid/GhcbApicIds.h | 17 +++++ UefiCpuPkg/Library/MpInitLib/MpLib.h | 15 +++- UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c | 21 +++++- UefiCpuPkg/Library/MpInitLib/MpLib.c | 9 ++- UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c | 78 ++++++++++++++++++-- 8 files changed, 133 insertions(+), 14 deletions(-) diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 571b59b36f0a..c31d8b6736cf 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -2,7 +2,7 @@ # This Package provides UEFI compatible CPU modules and libraries. # # Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.
-# Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reser= ved.
# # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -91,6 +91,9 @@ [Guids] ## Include/Guid/MpInformation2.h gMpInformation2HobGuid =3D { 0x417a7f64, 0xf4e9, 0x4b32, {0x84, = 0x6a, 0x5c, 0xc4, 0xd8, 0x62, 0x18, 0x79 }} + ## Include/Guid/GhcbApicIds.h + gGhcbApicIdsGuid =3D { 0xbc964338, 0xee39, 0x4fc8, { 0xa2,= 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80, 0x1b }} + [Protocols] ## Include/Protocol/SmmCpuService.h gEfiSmmCpuServiceProtocolGuid =3D { 0x1d202cab, 0xc8ab, 0x4d5c, { 0x94= , 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }} diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index 55e46d4a1fad..69950fcd1289 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -68,6 +68,7 @@ [Guids] gEfiEventExitBootServicesGuid ## CONSUMES ## Event gEfiEventLegacyBootGuid ## SOMETIMES_CONSUMES ## = Event gEdkiiMicrocodePatchHobGuid ## SOMETIMES_CONSUMES ## = HOB + gGhcbApicIdsGuid ## SOMETIMES_CONSUMES ## = HOB [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber ## = CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/PeiMpInitLib.inf index bc3d716aa951..22f74a814534 100644 --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf @@ -76,3 +76,4 @@ [Ppis] [Guids] gEdkiiS3SmmInitDoneGuid gEdkiiMicrocodePatchHobGuid + gGhcbApicIdsGuid ## SOMETIMES_CONSUMES diff --git a/UefiCpuPkg/Include/Guid/GhcbApicIds.h b/UefiCpuPkg/Include/Gui= d/GhcbApicIds.h new file mode 100644 index 000000000000..9d5bfcb0de22 --- /dev/null +++ b/UefiCpuPkg/Include/Guid/GhcbApicIds.h @@ -0,0 +1,17 @@ +/** @file + APIC ID list retrieved for an SEV-ES/SEV-SNP guest via the GHCB. + + Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserved. + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef GHCB_APIC_IDS_H_ +#define GHCB_APIC_IDS_H_ + +#define GHCB_APIC_IDS_GUID \ + { 0xbc964338, 0xee39, 0x4fc8, { 0xa2, 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80= , 0x1b }} + +extern EFI_GUID gGhcbApicIdsGuid; + +#endif diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h index d26035559f22..65e05c4806f5 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h @@ -2,7 +2,7 @@ Common header file for MP Initialize Library. Copyright (c) 2016 - 2023, Intel Corporation. All rights reserved.
- Copyright (c) 2020, AMD Inc. All rights reserved.
+ Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -924,6 +924,19 @@ SevSnpCreateAP ( IN INTN ProcessorNumber ); +/** + Determine if the SEV-SNP AP Create protocol should be used. + + @param[in] CpuMpData Pointer to CPU MP Data + + @retval TRUE Use SEV-SNP AP Create protocol + @retval FALSE Do not use SEV-SNP AP Create protocol +**/ +BOOLEAN +CanUseSevSnpCreateAP ( + IN CPU_MP_DATA *CpuMpData + ); + /** Get pointer to CPU MP Data structure from GUIDed HOB. diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Librar= y/MpInitLib/Ia32/AmdSev.c index c83144285b68..0478e92317f1 100644 --- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c +++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c @@ -2,7 +2,7 @@ AMD SEV helper function. - Copyright (c) 2021, AMD Incorporated. All rights reserved.
+ Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -68,3 +68,22 @@ SevSnpRmpAdjust ( // return RETURN_UNSUPPORTED; } + +/** + Determine if the SEV-SNP AP Create protocol should be used. + + @param[in] CpuMpData Pointer to CPU MP Data + + @retval TRUE Use SEV-SNP AP Create protocol + @retval FALSE Do not use SEV-SNP AP Create protocol +**/ +BOOLEAN +CanUseSevSnpCreateAP ( + IN CPU_MP_DATA *CpuMpData + ) +{ + // + // SEV-SNP is not supported on 32-bit build. + // + return FALSE; +} diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpIn= itLib/MpLib.c index 9bac62f289e0..d7244565029d 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c @@ -2,7 +2,7 @@ CPU MP Initialize Library common functions. Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
- Copyright (c) 2020, AMD Inc. All rights reserved.
+ Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -1303,9 +1303,10 @@ WakeUpAP ( // // Wakeup all APs // Must use the INIT-SIPI-SIPI method for initial configuration in - // order to obtain the APIC ID. + // order to obtain the APIC ID if not an SEV-SNP guest and the + // list of APIC IDs is not available. // - if (CpuMpData->SevSnpIsEnabled && (CpuMpData->InitFlag !=3D ApInitCo= nfig)) { + if (CanUseSevSnpCreateAP (CpuMpData)) { SevSnpCreateAP (CpuMpData, -1); } else { if ((CpuMpData->InitFlag =3D=3D ApInitConfig) && FixedPcdGetBool (= PcdFirstTimeWakeUpAPsBySipi)) { @@ -1415,7 +1416,7 @@ WakeUpAP ( SetSevEsJumpTable (ExchangeInfo->BufferStart); } - if (CpuMpData->SevSnpIsEnabled && (CpuMpData->InitFlag !=3D ApInitCo= nfig)) { + if (CanUseSevSnpCreateAP (CpuMpData)) { SevSnpCreateAP (CpuMpData, (INTN)ProcessorNumber); } else { SendInitSipiSipi ( diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library= /MpInitLib/X64/AmdSev.c index c9f0984f41a2..bd12a5ee2fcb 100644 --- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c +++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c @@ -2,7 +2,7 @@ AMD SEV helper function. - Copyright (c) 2021, AMD Incorporated. All rights reserved.
+ Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -268,20 +268,55 @@ SevSnpCreateAP ( IN INTN ProcessorNumber ) { - CPU_INFO_IN_HOB *CpuInfoInHob; - CPU_AP_DATA *CpuData; - UINTN Index; - UINT32 ApicId; + CPU_INFO_IN_HOB *CpuInfoInHob; + CPU_AP_DATA *CpuData; + UINTN Index; + UINTN MaxIndex; + UINT32 ApicId; + EFI_HOB_GUID_TYPE *GuidHob; + GHCB_APIC_IDS *GhcbApicIds; ASSERT (CpuMpData->MpCpuExchangeInfo->BufferStart < 0x100000); CpuInfoInHob =3D (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuInfoInHob; if (ProcessorNumber < 0) { - for (Index =3D 0; Index < CpuMpData->CpuCount; Index++) { + if (CpuMpData->InitFlag =3D=3D ApInitConfig) { + // + // APs have not been started, so CpuCount is not "known" yet. Use th= e + // retrieved APIC IDs to start the APs and fill out the MpLib CPU + // information properly. CanUseSevSnpCreateAP() guarantees we have a + // HOB when InitFlag is ApInitConfig. + // + GuidHob =3D GetFirstGuidHob (&gGhcbApicIdsGuid); + GhcbApicIds =3D (GHCB_APIC_IDS *)(*(UINTN *)GET_GUID_HOB_DATA (GuidH= ob)); + MaxIndex =3D MIN (GhcbApicIds->NumEntries, PcdGet32 (PcdCpuMaxLog= icalProcessorNumber)); + } else { + // + // APs have been previously started. + // + MaxIndex =3D CpuMpData->CpuCount; + } + + for (Index =3D 0; Index < MaxIndex; Index++) { if (Index !=3D CpuMpData->BspNumber) { CpuData =3D &CpuMpData->CpuData[Index]; - ApicId =3D CpuInfoInHob[Index].ApicId, + + if (CpuMpData->InitFlag =3D=3D ApInitConfig) { + ApicId =3D GhcbApicIds->ApicIds[Index]; + + // + // For the first boot, use the BSP register information. + // + CopyMem ( + &CpuData->VolatileRegisters, + &CpuMpData->CpuData[0].VolatileRegisters, + sizeof (CpuData->VolatileRegisters) + ); + } else { + ApicId =3D CpuInfoInHob[Index].ApicId; + } + SevSnpCreateSaveArea (CpuMpData, CpuData, ApicId); } } @@ -325,3 +360,32 @@ SevSnpRmpAdjust ( return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx); } + +/** + Determine if the SEV-SNP AP Create protocol should be used. + + @param[in] CpuMpData Pointer to CPU MP Data + + @retval TRUE Use SEV-SNP AP Create protocol + @retval FALSE Do not use SEV-SNP AP Create protocol +**/ +BOOLEAN +CanUseSevSnpCreateAP ( + IN CPU_MP_DATA *CpuMpData + ) +{ + // + // The AP Create protocol is used for an SEV-SNP guest if + // - The initial configuration has been performed already or + // - The APIC IDs GUIDed HOB is non-zero. + // + if (!CpuMpData->SevSnpIsEnabled) { + return FALSE; + } + + if ((CpuMpData->InitFlag =3D=3D ApInitConfig) && (GetFirstGuidHob (&gGhc= bApicIdsGuid) =3D=3D NULL)) { + return FALSE; + } + + return TRUE; +} -- 2.43.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117345): https://edk2.groups.io/g/devel/message/117345 Mute This Topic: https://groups.io/mt/104810684/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_000_MN6PR11MB82441148A932C8721ED03EC48C3D2MN6PR11MB8244namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Acked-by: Ray Ni <ray.ni@intel.com>

Thanks,
Ray
From: devel@edk2.groups.io = <devel@edk2.groups.io> on behalf of Lendacky, Thomas via groups.io &l= t;thomas.lendacky=3Damd.com@groups.io>
Sent: Friday, March 8, 2024 23:30
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem &= lt;erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Yao,= Jiewen <jiewen.yao@intel.com>; Laszlo Ersek <lersek@redhat.com>= ;; Liming Gao <gaoliming@byosoft.com.cn>; Kinney, Michael D <micha= el.d.kinney@intel.com>; Xu, Min M <min.m.xu@intel.com>; Liu, Zhiguang <zhiguang.liu@intel= .com>; Kumar, Rahul R <rahul.r.kumar@intel.com>; Ni, Ray <ray.n= i@intel.com>; Michael Roth <michael.roth@amd.com>
Subject: [edk2-devel] [PATCH v3 03/24] UefiCpuPkg/MpInitLib: Always = use AP Create if GhcbApicIds HOB is present
 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654

Currently, the first time an AP is started for an SEV-SNP guest, it relies<= br> on the VMSA as set by the hypervisor. If the list of APIC IDs has been
retrieved, this is not necessary. The list of APIC IDs will be identified by a GUIDed HOB. If the GUIDed HOB is present, use the SEV-SNP AP Create protocol to start the AP for the first time and each time thereafter.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec       &n= bsp;            = ; |  5 +-
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  1 +
 UefiCpuPkg/Include/Guid/GhcbApicIds.h     &n= bsp;   | 17 +++++
 UefiCpuPkg/Library/MpInitLib/MpLib.h     &nb= sp;    | 15 +++-
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c    | 21 +++= ++-
 UefiCpuPkg/Library/MpInitLib/MpLib.c     &nb= sp;    |  9 ++-
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c     | 7= 8 ++++++++++++++++++--
 8 files changed, 133 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 571b59b36f0a..c31d8b6736cf 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -2,7 +2,7 @@
 # This Package provides UEFI compatible CPU modules and libraries.  #
 # Copyright (c) 2007 - 2023, Intel Corporation. All rights reserved.&= lt;BR>
-# Copyright (C) 2023 Advanced Micro Devices, Inc. All rights reserved.<= BR>
+# Copyright (C) 2023 - 2024, Advanced Micro Devices, Inc. All rights reser= ved.<BR>
 #
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -91,6 +91,9 @@ [Guids]
   ## Include/Guid/MpInformation2.h
   gMpInformation2HobGuid      &nbs= p;  =3D { 0x417a7f64, 0xf4e9, 0x4b32, {0x84, 0x6a, 0x5c, 0xc4, 0xd8, 0= x62, 0x18, 0x79 }}
 
+  ## Include/Guid/GhcbApicIds.h
+  gGhcbApicIdsGuid        &nb= sp;      =3D { 0xbc964338, 0xee39, 0x4fc8, { 0xa2,= 0x24, 0x10, 0x10, 0x8b, 0x17, 0x80, 0x1b }}
+
 [Protocols]
   ## Include/Protocol/SmmCpuService.h
   gEfiSmmCpuServiceProtocolGuid   =3D { 0x1d202cab, 0x= c8ab, 0x4d5c, { 0x94, 0xf7, 0x3c, 0xfc, 0xc0, 0xd3, 0xd3, 0x35 }}
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf
index 55e46d4a1fad..69950fcd1289 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -68,6 +68,7 @@ [Guids]
   gEfiEventExitBootServicesGuid     &nb= sp;           ## CONSUMES=   ## Event
   gEfiEventLegacyBootGuid      &nb= sp;            =     ## SOMETIMES_CONSUMES  ## Event
   gEdkiiMicrocodePatchHobGuid      = ;             #= # SOMETIMES_CONSUMES  ## HOB
+  gGhcbApicIdsGuid        &nb= sp;            =          ## SOMETIMES_CONSUMES = ; ## HOB
 
 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber = ;           ## CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/PeiMpInitLib.inf
index bc3d716aa951..22f74a814534 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -76,3 +76,4 @@ [Ppis]
 [Guids]
   gEdkiiS3SmmInitDoneGuid
   gEdkiiMicrocodePatchHobGuid
+  gGhcbApicIdsGuid        &nb= sp;            =   ## SOMETIMES_CONSUMES
diff --git a/UefiCpuPkg/Include/Guid/GhcbApicIds.h b/UefiCpuPkg/Include/Gui= d/GhcbApicIds.h
new file mode 100644
index 000000000000..9d5bfcb0de22
--- /dev/null
+++ b/UefiCpuPkg/Include/Guid/GhcbApicIds.h
@@ -0,0 +1,17 @@
+/** @file
+  APIC ID list retrieved for an SEV-ES/SEV-SNP guest via the GHCB. +
+  Copyright (C) 2024, Advanced Micro Devices, Inc. All rights reserve= d.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef GHCB_APIC_IDS_H_
+#define GHCB_APIC_IDS_H_
+
+#define GHCB_APIC_IDS_GUID \
+  { 0xbc964338, 0xee39, 0x4fc8, { 0xa2, 0x24, 0x10, 0x10, 0x8b, 0x17,= 0x80, 0x1b }}
+
+extern EFI_GUID  gGhcbApicIdsGuid;
+
+#endif
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h
index d26035559f22..65e05c4806f5 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -2,7 +2,7 @@
   Common header file for MP Initialize Library.
 
   Copyright (c) 2016 - 2023, Intel Corporation. All rights reser= ved.<BR>
-  Copyright (c) 2020, AMD Inc. All rights reserved.<BR>
+  Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.<BR><= br>  
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -924,6 +924,19 @@ SevSnpCreateAP (
   IN INTN         Proces= sorNumber
   );
 
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE     &= nbsp; Use SEV-SNP AP Create protocol
+  @retval     FALSE     = Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  );
+
 /**
   Get pointer to CPU MP Data structure from GUIDed HOB.
 
diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Librar= y/MpInitLib/Ia32/AmdSev.c
index c83144285b68..0478e92317f1 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
@@ -2,7 +2,7 @@
 
   AMD SEV helper function.
 
-  Copyright (c) 2021, AMD Incorporated. All rights reserved.<BR>= ;
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.&l= t;BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -68,3 +68,22 @@ SevSnpRmpAdjust (
   //
   return RETURN_UNSUPPORTED;
 }
+
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE     &= nbsp; Use SEV-SNP AP Create protocol
+  @retval     FALSE     = Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  )
+{
+  //
+  // SEV-SNP is not supported on 32-bit build.
+  //
+  return FALSE;
+}
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpIn= itLib/MpLib.c
index 9bac62f289e0..d7244565029d 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -2,7 +2,7 @@
   CPU MP Initialize Library common functions.
 
   Copyright (c) 2016 - 2022, Intel Corporation. All rights reser= ved.<BR>
-  Copyright (c) 2020, AMD Inc. All rights reserved.<BR>
+  Copyright (c) 2020 - 2024, AMD Inc. All rights reserved.<BR><= br>  
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -1303,9 +1303,10 @@ WakeUpAP (
       //
       // Wakeup all APs
       //   Must use the INIT-SIPI-= SIPI method for initial configuration in
-      //   order to obtain the APIC ID.=
+      //   order to obtain the APIC ID = if not an SEV-SNP guest and the
+      //   list of APIC IDs is not avai= lable.
       //
-      if (CpuMpData->SevSnpIsEnabled &&= ; (CpuMpData->InitFlag !=3D ApInitConfig)) {
+      if (CanUseSevSnpCreateAP (CpuMpData)) {
         SevSnpCreateAP (CpuMpData,= -1);
       } else {
         if ((CpuMpData->InitFla= g =3D=3D ApInitConfig) && FixedPcdGetBool (PcdFirstTimeWakeUpAPsByS= ipi)) {
@@ -1415,7 +1416,7 @@ WakeUpAP (
         SetSevEsJumpTable (Exchang= eInfo->BufferStart);
       }
 
-      if (CpuMpData->SevSnpIsEnabled &&= ; (CpuMpData->InitFlag !=3D ApInitConfig)) {
+      if (CanUseSevSnpCreateAP (CpuMpData)) {
         SevSnpCreateAP (CpuMpData,= (INTN)ProcessorNumber);
       } else {
         SendInitSipiSipi (
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library= /MpInitLib/X64/AmdSev.c
index c9f0984f41a2..bd12a5ee2fcb 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -2,7 +2,7 @@
 
   AMD SEV helper function.
 
-  Copyright (c) 2021, AMD Incorporated. All rights reserved.<BR>= ;
+  Copyright (c) 2021 - 2024, AMD Incorporated. All rights reserved.&l= t;BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -268,20 +268,55 @@ SevSnpCreateAP (
   IN INTN         Proces= sorNumber
   )
 {
-  CPU_INFO_IN_HOB  *CpuInfoInHob;
-  CPU_AP_DATA      *CpuData;
-  UINTN          &n= bsp; Index;
-  UINT32           = ApicId;
+  CPU_INFO_IN_HOB    *CpuInfoInHob;
+  CPU_AP_DATA        *CpuData;
+  UINTN          &n= bsp;   Index;
+  UINTN          &n= bsp;   MaxIndex;
+  UINT32          &= nbsp;  ApicId;
+  EFI_HOB_GUID_TYPE  *GuidHob;
+  GHCB_APIC_IDS      *GhcbApicIds;
 
   ASSERT (CpuMpData->MpCpuExchangeInfo->BufferStart < 0= x100000);
 
   CpuInfoInHob =3D (CPU_INFO_IN_HOB *)(UINTN)CpuMpData->CpuIn= foInHob;
 
   if (ProcessorNumber < 0) {
-    for (Index =3D 0; Index < CpuMpData->CpuCount; In= dex++) {
+    if (CpuMpData->InitFlag =3D=3D ApInitConfig) {
+      //
+      // APs have not been started, so CpuCount i= s not "known" yet. Use the
+      // retrieved APIC IDs to start the APs and = fill out the MpLib CPU
+      // information properly. CanUseSevSnpCreate= AP() guarantees we have a
+      // HOB when InitFlag is ApInitConfig.
+      //
+      GuidHob     =3D GetFirs= tGuidHob (&gGhcbApicIdsGuid);
+      GhcbApicIds =3D (GHCB_APIC_IDS *)(*(UINTN *= )GET_GUID_HOB_DATA (GuidHob));
+      MaxIndex    =3D MIN (GhcbApi= cIds->NumEntries, PcdGet32 (PcdCpuMaxLogicalProcessorNumber));
+    } else {
+      //
+      // APs have been previously started.
+      //
+      MaxIndex =3D CpuMpData->CpuCount;
+    }
+
+    for (Index =3D 0; Index < MaxIndex; Index++) {
       if (Index !=3D CpuMpData->BspNumber= ) {
         CpuData =3D &CpuMpData= ->CpuData[Index];
-        ApicId  =3D CpuInfoInHob[I= ndex].ApicId,
+
+        if (CpuMpData->InitFlag =3D= =3D ApInitConfig) {
+          ApicId =3D GhcbApic= Ids->ApicIds[Index];
+
+          //
+          // For the first bo= ot, use the BSP register information.
+          //
+          CopyMem (
+            &Cp= uData->VolatileRegisters,
+            &Cp= uMpData->CpuData[0].VolatileRegisters,
+            sizeof = (CpuData->VolatileRegisters)
+            );
+        } else {
+          ApicId =3D CpuInfoI= nHob[Index].ApicId;
+        }
+
         SevSnpCreateSaveArea (CpuM= pData, CpuData, ApicId);
       }
     }
@@ -325,3 +360,32 @@ SevSnpRmpAdjust (
 
   return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx);
 }
+
+/**
+  Determine if the SEV-SNP AP Create protocol should be used.
+
+  @param[in]  CpuMpData  Pointer to CPU MP Data
+
+  @retval     TRUE     &= nbsp; Use SEV-SNP AP Create protocol
+  @retval     FALSE     = Do not use SEV-SNP AP Create protocol
+**/
+BOOLEAN
+CanUseSevSnpCreateAP (
+  IN  CPU_MP_DATA  *CpuMpData
+  )
+{
+  //
+  // The AP Create protocol is used for an SEV-SNP guest if
+  //   - The initial configuration has been performed alrea= dy or
+  //   - The APIC IDs GUIDed HOB is non-zero.
+  //
+  if (!CpuMpData->SevSnpIsEnabled) {
+    return FALSE;
+  }
+
+  if ((CpuMpData->InitFlag =3D=3D ApInitConfig) && (GetFir= stGuidHob (&gGhcbApicIdsGuid) =3D=3D NULL)) {
+    return FALSE;
+  }
+
+  return TRUE;
+}
--
2.43.2






_._,_._,_
Groups.io Links:

=20 You receive all messages sent to this group. =20 =20

View/Reply Online (#117345) | =20 | Mute= This Topic | New Topic
Your Subscriptio= n | Contact Group Owner | Unsubscribe [rebecca@openfw.io]

_._,_._,_
--_000_MN6PR11MB82441148A932C8721ED03EC48C3D2MN6PR11MB8244namp_--