From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id A3EBFD811DD for ; Wed, 3 Apr 2024 07:05:57 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=Cb0HHV/2/E8v3rd2uSloifIBwvFishfhSc+6kYTOyww=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:msip_labels:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type; s=20240206; t=1712127956; v=1; b=Y3N1jcoTVM9MCvXCraV48yCv/dGqlzZQ/vq1lxzeg8qAi9gEev9G3JSmW+R5YG6t/bofbtbH xkGwLKkCC7oZUxkfBwRJ8v9cZLJVcHWqr5MkEU5T4RD9eQXD9W3ZvHs1eZA+LNAXeFIGsv4JmgR YLiy+F6XCO6JOSnj82zM4PwcThsnOPCVZ7HB89vB3rJjWxZATcF0NA7grh3NIUVyWbjjOv2HeFc sqgLB5T3/NAxObfTUzKkY1uTX+M2yJzlsIIi/SF6dsZ7jhM/M76Sz5WThErgSWfTBWCffY1R2kO 0OTwLJbb6D2lGklx+2DjJg1KtzTAEk9OqwGBCuGaZwTQg== X-Received: by 127.0.0.2 with SMTP id V87VYY7687511xO0RXdX5mB7; Wed, 03 Apr 2024 00:05:56 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) by mx.groups.io with SMTP id smtpd.web10.5512.1712127954760220437 for ; Wed, 03 Apr 2024 00:05:55 -0700 X-CSE-ConnectionGUID: dFAXB0fZSzCoG4NjWxF2KA== X-CSE-MsgGUID: 4yNgyU24Q1CT2328q0atSQ== X-IronPort-AV: E=McAfee;i="6600,9927,11032"; a="7562491" X-IronPort-AV: E=Sophos;i="6.07,176,1708416000"; d="scan'208,217";a="7562491" X-Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Apr 2024 00:05:54 -0700 X-CSE-ConnectionGUID: kAb6Q1uMQPaOSeOBUU91oA== X-CSE-MsgGUID: /MEh7oMESj6IB/oxdtzCxg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,176,1708416000"; d="scan'208,217";a="22970387" X-Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmviesa004.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 03 Apr 2024 00:05:54 -0700 X-Received: from orsmsx603.amr.corp.intel.com (10.22.229.16) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 3 Apr 2024 00:05:53 -0700 X-Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 3 Apr 2024 00:05:53 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 3 Apr 2024 00:05:52 -0700 X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14) by PH7PR11MB6401.namprd11.prod.outlook.com (2603:10b6:510:1fb::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.23; Wed, 3 Apr 2024 07:05:49 +0000 X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::2c31:82b7:9f26:5817]) by MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::2c31:82b7:9f26:5817%5]) with mapi id 15.20.7409.031; Wed, 3 Apr 2024 07:05:49 +0000 From: "Ni, Ray" To: Tom Lendacky , "devel@edk2.groups.io" CC: Ard Biesheuvel , "Aktas, Erdem" , Gerd Hoffmann , "Yao, Jiewen" , Laszlo Ersek , Liming Gao , "Kinney, Michael D" , "Xu, Min M" , "Liu, Zhiguang" , "Kumar, Rahul R" , Michael Roth Subject: Re: [edk2-devel] [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA Thread-Topic: [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA Thread-Index: AQHacW3MOrDVnpn5PkGdcYU9GfpQTLFWR8WK Date: Wed, 3 Apr 2024 07:05:49 +0000 Message-ID: References: <9816692834b839587077b74022b66f2f85fea76e.1709911792.git.thomas.lendacky@amd.com> In-Reply-To: <9816692834b839587077b74022b66f2f85fea76e.1709911792.git.thomas.lendacky@amd.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|PH7PR11MB6401:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: F5rn6x5X3t1C9WDiZjk4rO6Vbghc7/VUYjHe8f2tNE2o8qoQG7JrWGrExtQRgSAwkQXEYqCfvpObcc6+m+1QengZhH1+6Gtx3zV457jN/kraCgbhB5yE73AfF65aMUMoL6p9D/pbjvVlkh5xnHOh4F2yZ+GDxFNHjnIYRsRk+mbbfzelcB2yM+v/2RRWyqBwHABsXaF4NT6DxYUGqbZuNfbl3G1oldhoP/ZfiAgi+wpD9e/OQfd+UPv8r0Ay4gV6abQXFqvd8DrTTR6kjmzlTh3LVsh6HCVq7J7rmbQUTRkPz+St/0WvZQIsybeHDQLBw+ySHW0JoZI9TeNN0ZkL1E+f8vUnDI/pERvRZYB5jP72/ajJas8ez+GozoiRYVaN3goVk0dJkCAgMu+8/lIOe8WkntwzsfOByt8G3mLdpAGt3O3cdzlYyHGdsrk+WX2hltud3Zq671JiQMh8w0OadpbT5/dD5o+BNsPbOcb0+/oJ82lCy7RmNePHUoIUWg2orzbbqrsVA/Zp3orMH9CtGn3RAOrbMVqwC27TNUqm+pWc/0+GFTpHBHOlYSMOnVC0QbdP41ijA6mWd9NTylTrjzJl2YXeB4JWSJ/B0E+BPwM= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?bdH0vdmKUH+Ct6+VanxBw9UuT5MntirFqiLYgr4KgawsAI/Tg9unzWyxGta8?= =?us-ascii?Q?Gsr6FgJrdGfIBuK7gKNE9kammBQ/1Z2H6KZ/AogsUrCaS/YlnUGO1tPrcTKg?= =?us-ascii?Q?61vu085FOi6exJbx/tKZGJ+XuCQM369XGch5uxXRMYaqNaypMmBDBQmn+Q2q?= =?us-ascii?Q?svoCbzk4C1ZwmWlFh1x3aQzntsxRXfKK1Fg8EWdc4SceAzqeN7rm8QXQy7JN?= =?us-ascii?Q?vfGD3uVkE21HyH6Y24THq2OEWZMnaBV56w7wprC1jd0+1KkftJ35neMyvieV?= =?us-ascii?Q?UwUfYZYXBtnxi2UOS5ulWL/bzdQ9Stgx7qIEaIaoVpTFnoL34uzcwoMPYLHf?= =?us-ascii?Q?d5opoblk/+dR67hA/2pURLoYDtd/Rx2AlZhBJSJ+IIraSjtLwIG5ZgHmdXsG?= =?us-ascii?Q?9Xgudh5kVpeywrwizUB6bsZbiRWA1cLax9v2VlUBGKxCzK+DETQLoVvDVan8?= =?us-ascii?Q?hQ7bARnlGnNTWcbCgDi0uMxGd/grd3nS8InyvZvDQsAajCklLhaAfsLu+5IE?= =?us-ascii?Q?aSJvm4h+x8wqZewXR/HZVeZ1jOc0PWqvXimffjOP2wmsJ8VsRgzWwh9TglDb?= =?us-ascii?Q?HHtLcp01NX5rwyj7TmPBXkwi6NmV2rWqXCt/L2zczsvMcTAL1QNXArqPXwgx?= =?us-ascii?Q?aYw+sL84hbKOxjXVbzoSkQGPJuqoCoohnBtYfXMglUgoweZMibyzxcqZaGgw?= =?us-ascii?Q?bUOZng3iXU93WGe0YvtkLXW1wCDybmo8ders68RT+Zv1LJ4PhEY1kjFMPZV5?= =?us-ascii?Q?9PaxEUm8M9C1l+o+iU6qSt5uLq7/pM0OPmXQSsYjifhyyQKelhqzAmmvBDjr?= =?us-ascii?Q?ciEsIBk1CQvG6dr4TPlPZuzWw8xBytlx3OdhBsKILi4U6gXDg8hf6Qn1yLgD?= =?us-ascii?Q?JwZH7vj+U9Ivrwwy9lA/6hmNpjDKAl4psIfH6QT9Rm01Q43P5IKAXnn+Tlxw?= =?us-ascii?Q?XzWB+JJl4JlBbnjEoMemn3AvBtyoQGWs5YEqwtMiD1LFw6W5u+skhDV/RUha?= =?us-ascii?Q?tXfUvZC6+i1/LAea81oMXXb9UXvI6DsE4Q+kudPx5rjlUuZdAPr5Ngj0ByIa?= =?us-ascii?Q?XU0kf+01ikQhX4glyqjX0VnmbG1lasx51Vua67iTsHjTkW2CkMm5oOwHs7PC?= =?us-ascii?Q?ADybumNsEfgW0VY3mzF7xc38GhHR0qZUvH7+mPwkJrRLKhC1l9VvSQDtkG37?= =?us-ascii?Q?MFI0kDEL8K0m5Cp2Mj1Gy6rcwJRbJJjCW4pc4/bxldkd5gseD3scqiOS4lZs?= =?us-ascii?Q?kIPcs5KgJ6fHon5gLe3/4u49ydMUIn8mi5+6EgYteRSoa6uz0eRHOvBJffqT?= =?us-ascii?Q?59Qoy6Hh9PaWXPgPo0Z5f6tzeqS+Do+hj//9PDudOdespymk3kpPSPHYV4+q?= =?us-ascii?Q?fmR8D/B10mZjDAATKhcrQbaxerWYnJGl6vxKZ66elK+1tTiuxy3twUAaxVUP?= =?us-ascii?Q?94c7O2xHsFiiAQo+K37Ruz2/wDQ53t9hDFyyvQSUQdA5dP6a1Zqdi4fRpjyw?= =?us-ascii?Q?rTDHmwY/X1QbfKbRCPYA3bcmveAbEBYo/U3lrP/BLPXUUIf1CkBeYtg+0uQR?= =?us-ascii?Q?lpGa57RjXDlxIUP4G8w=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f1e133d0-5793-4829-296f-08dc53ac7e34 X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Apr 2024 07:05:49.6341 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: JUp6OF8yO1irudH6K7BLMJqNcU+meBKhDkFSTDlfG+lKiB/xpHLlIaGWlVEf9HWrfzHzRlkksLCSkkoP3cvmlw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB6401 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 03 Apr 2024 00:05:55 -0700 Resent-From: ray.ni@intel.com Reply-To: devel@edk2.groups.io,ray.ni@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: jIc7A7imi2uegiHLSQg2NUUkx7686176AA= Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MN6PR11MB82446E646E86916B1A2947698C3D2MN6PR11MB8244namp_" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=Y3N1jcoT; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) --_000_MN6PR11MB82446E646E86916B1A2947698C3D2MN6PR11MB8244namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Acked-by: Ray Ni Thanks, Ray ________________________________ From: Tom Lendacky Sent: Friday, March 8, 2024 23:29 To: devel@edk2.groups.io Cc: Ard Biesheuvel ; Aktas, Erdem ; Gerd Hoffmann ; Yao, Jiewen ; Laszlo Ersek ; Liming Gao ; Kinney, Michael D ; Xu, Min M ; Liu, Zhiguang ; Kumar, Rahul R ; Ni, Ray ; Michael Roth Subject: [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust= () to set/clear VMSA BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654 The RMPADJUST instruction is used to change the VMSA attribute of a page, but the VMSA attribute can only be changed when running at VMPL0. To prepare for running at a less priviledged VMPL, use the AmdSvsmLib library API to perform the RMPADJUST. The AmdSvsmLib library will perform the proper operation on behalf of the caller. Cc: Gerd Hoffmann Cc: Laszlo Ersek Cc: Rahul Kumar Cc: Ray Ni Acked-by: Gerd Hoffmann Signed-off-by: Tom Lendacky --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 1 + UefiCpuPkg/Library/MpInitLib/MpLib.h | 14 ----- UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c | 20 -------- UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c | 54 +++----------------- 5 files changed, 9 insertions(+), 81 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index 69950fcd1289..19745437f005 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -57,6 +57,7 @@ [LibraryClasses] SynchronizationLib PcdLib CcExitLib + AmdSvsmLib MicrocodeLib [LibraryClasses.X64] CpuPageTableLib diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/PeiMpInitLib.inf index 22f74a814534..679e51a1acd5 100644 --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf @@ -53,6 +53,7 @@ [LibraryClasses] PeiServicesLib PcdLib CcExitLib + AmdSvsmLib MicrocodeLib [Pcd] diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h index 65e05c4806f5..179f8e585b5d 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h @@ -883,20 +883,6 @@ FillExchangeInfoDataSevEs ( IN volatile MP_CPU_EXCHANGE_INFO *ExchangeInfo ); -/** - Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page. - - @param[in] PageAddress - @param[in] VmsaPage - - @return RMPADJUST return value -**/ -UINT32 -SevSnpRmpAdjust ( - IN EFI_PHYSICAL_ADDRESS PageAddress, - IN BOOLEAN VmsaPage - ); - /** Create an SEV-SNP AP save area (VMSA) for use in running the vCPU. diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Librar= y/MpInitLib/Ia32/AmdSev.c index 0478e92317f1..963bd62494b9 100644 --- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c +++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c @@ -49,26 +49,6 @@ SevSnpCreateAP ( ASSERT (FALSE); } -/** - Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page. - - @param[in] PageAddress - @param[in] VmsaPage - - @return RMPADJUST return value -**/ -UINT32 -SevSnpRmpAdjust ( - IN EFI_PHYSICAL_ADDRESS PageAddress, - IN BOOLEAN VmsaPage - ) -{ - // - // RMPADJUST is not supported in 32-bit mode - // - return RETURN_UNSUPPORTED; -} - /** Determine if the SEV-SNP AP Create protocol should be used. diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library= /MpInitLib/X64/AmdSev.c index bd12a5ee2fcb..981135621384 100644 --- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c +++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c @@ -10,6 +10,7 @@ #include "MpLib.h" #include +#include #include #include @@ -38,20 +39,15 @@ SevSnpPerformApAction ( BOOLEAN InterruptState; UINT64 ExitInfo1; UINT64 ExitInfo2; - UINT32 RmpAdjustStatus; UINT64 VmgExitStatus; + EFI_STATUS VmsaStatus; if (Action =3D=3D SVM_VMGEXIT_SNP_AP_CREATE) { // - // To turn the page into a recognized VMSA page, issue RMPADJUST: - // Target VMPL but numerically higher than current VMPL - // Target PermissionMask is not used + // Turn the page into a recognized VMSA page. // - RmpAdjustStatus =3D SevSnpRmpAdjust ( - (EFI_PHYSICAL_ADDRESS)(UINTN)SaveArea, - TRUE - ); - if (RmpAdjustStatus !=3D 0) { + VmsaStatus =3D AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, TRUE); + if (EFI_ERROR (VmsaStatus)) { DEBUG ((DEBUG_INFO, "SEV-SNP: RMPADJUST failed for VMSA creation\n")= ); ASSERT (FALSE); @@ -94,11 +90,8 @@ SevSnpPerformApAction ( // Make the current VMSA not runnable and accessible to be // reprogrammed. // - RmpAdjustStatus =3D SevSnpRmpAdjust ( - (EFI_PHYSICAL_ADDRESS)(UINTN)SaveArea, - FALSE - ); - if (RmpAdjustStatus !=3D 0) { + VmsaStatus =3D AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, FALSE); + if (EFI_ERROR (VmsaStatus)) { DEBUG ((DEBUG_INFO, "SEV-SNP: RMPADJUST failed for VMSA reset\n")); ASSERT (FALSE); @@ -328,39 +321,6 @@ SevSnpCreateAP ( } } -/** - Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page. - - @param[in] PageAddress - @param[in] VmsaPage - - @return RMPADJUST return value -**/ -UINT32 -SevSnpRmpAdjust ( - IN EFI_PHYSICAL_ADDRESS PageAddress, - IN BOOLEAN VmsaPage - ) -{ - UINT64 Rdx; - - // - // The RMPADJUST instruction is used to set or clear the VMSA bit for a - // page. The VMSA change is only made when running at VMPL0 and is ignor= ed - // otherwise. If too low a target VMPL is specified, the instruction can - // succeed without changing the VMSA bit when not running at VMPL0. Usin= g a - // target VMPL level of 1, RMPADJUST will return a FAIL_PERMISSION error= if - // not running at VMPL0, thus ensuring that the VMSA bit is set appropri= ately - // when no error is returned. - // - Rdx =3D 1; - if (VmsaPage) { - Rdx |=3D RMPADJUST_VMSA_PAGE_BIT; - } - - return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx); -} - /** Determine if the SEV-SNP AP Create protocol should be used. -- 2.43.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117343): https://edk2.groups.io/g/devel/message/117343 Mute This Topic: https://groups.io/mt/104810728/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_000_MN6PR11MB82446E646E86916B1A2947698C3D2MN6PR11MB8244namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Acked-by: Ray Ni <ray.ni@intel.com>

Thanks,
Ray
From: Tom Lendacky <thom= as.lendacky@amd.com>
Sent: Friday, March 8, 2024 23:29
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem &= lt;erdemaktas@google.com>; Gerd Hoffmann <kraxel@redhat.com>; Yao,= Jiewen <jiewen.yao@intel.com>; Laszlo Ersek <lersek@redhat.com>= ;; Liming Gao <gaoliming@byosoft.com.cn>; Kinney, Michael D <micha= el.d.kinney@intel.com>; Xu, Min M <min.m.xu@intel.com>; Liu, Zhiguang <zhiguang.liu@intel= .com>; Kumar, Rahul R <rahul.r.kumar@intel.com>; Ni, Ray <ray.n= i@intel.com>; Michael Roth <michael.roth@amd.com>
Subject: [PATCH v3 16/24] UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRm= pAdjust() to set/clear VMSA
 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654

The RMPADJUST instruction is used to change the VMSA attribute of a page, but the VMSA attribute can only be changed when running at VMPL0. To
prepare for running at a less priviledged VMPL, use the AmdSvsmLib library<= br> API to perform the RMPADJUST. The AmdSvsmLib library will perform the
proper operation on behalf of the caller.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  1 +
 UefiCpuPkg/Library/MpInitLib/MpLib.h     &nb= sp;    | 14 -----
 UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c    | 20 ---= -----
 UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c     | 5= 4 +++-----------------
 5 files changed, 9 insertions(+), 81 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf
index 69950fcd1289..19745437f005 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -57,6 +57,7 @@ [LibraryClasses]
   SynchronizationLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
   MicrocodeLib
 [LibraryClasses.X64]
   CpuPageTableLib
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/PeiMpInitLib.inf
index 22f74a814534..679e51a1acd5 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -53,6 +53,7 @@ [LibraryClasses]
   PeiServicesLib
   PcdLib
   CcExitLib
+  AmdSvsmLib
   MicrocodeLib
 
 [Pcd]
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h
index 65e05c4806f5..179f8e585b5d 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -883,20 +883,6 @@ FillExchangeInfoDataSevEs (
   IN volatile MP_CPU_EXCHANGE_INFO  *ExchangeInfo
   );
 
-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page. -
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN        &nb= sp;      VmsaPage
-  );
-
 /**
   Create an SEV-SNP AP save area (VMSA) for use in running the v= CPU.
 
diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c b/UefiCpuPkg/Librar= y/MpInitLib/Ia32/AmdSev.c
index 0478e92317f1..963bd62494b9 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
@@ -49,26 +49,6 @@ SevSnpCreateAP (
   ASSERT (FALSE);
 }
 
-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page. -
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN        &nb= sp;      VmsaPage
-  )
-{
-  //
-  // RMPADJUST is not supported in 32-bit mode
-  //
-  return RETURN_UNSUPPORTED;
-}
-
 /**
   Determine if the SEV-SNP AP Create protocol should be used.  
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c b/UefiCpuPkg/Library= /MpInitLib/X64/AmdSev.c
index bd12a5ee2fcb..981135621384 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
+++ b/UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
@@ -10,6 +10,7 @@
 
 #include "MpLib.h"
 #include <Library/CcExitLib.h>
+#include <Library/AmdSvsmLib.h>
 #include <Register/Amd/Fam17Msr.h>
 #include <Register/Amd/Ghcb.h>
 
@@ -38,20 +39,15 @@ SevSnpPerformApAction (
   BOOLEAN         &= nbsp;         InterruptState;
   UINT64         &n= bsp;          ExitInfo1;
   UINT64         &n= bsp;          ExitInfo2;
-  UINT32          &= nbsp;         RmpAdjustStatus;
   UINT64         &n= bsp;          VmgExitStatus; +  EFI_STATUS         &nb= sp;      VmsaStatus;
 
   if (Action =3D=3D SVM_VMGEXIT_SNP_AP_CREATE) {
     //
-    // To turn the page into a recognized VMSA page, issue = RMPADJUST:
-    //   Target VMPL but numerically higher than = current VMPL
-    //   Target PermissionMask is not used
+    // Turn the page into a recognized VMSA page.
     //
-    RmpAdjustStatus =3D SevSnpRmpAdjust (
-            &n= bsp;           (EFI_PHYSI= CAL_ADDRESS)(UINTN)SaveArea,
-            &n= bsp;           TRUE
-            &n= bsp;           );
-    if (RmpAdjustStatus !=3D 0) {
+    VmsaStatus =3D AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicI= d, TRUE);
+    if (EFI_ERROR (VmsaStatus)) {
       DEBUG ((DEBUG_INFO, "SEV-SNP: RMP= ADJUST failed for VMSA creation\n"));
       ASSERT (FALSE);
 
@@ -94,11 +90,8 @@ SevSnpPerformApAction (
     // Make the current VMSA not runnable and accessib= le to be
     // reprogrammed.
     //
-    RmpAdjustStatus =3D SevSnpRmpAdjust (
-            &n= bsp;           (EFI_PHYSI= CAL_ADDRESS)(UINTN)SaveArea,
-            &n= bsp;           FALSE
-            &n= bsp;           );
-    if (RmpAdjustStatus !=3D 0) {
+    VmsaStatus =3D AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicI= d, FALSE);
+    if (EFI_ERROR (VmsaStatus)) {
       DEBUG ((DEBUG_INFO, "SEV-SNP: RMP= ADJUST failed for VMSA reset\n"));
       ASSERT (FALSE);
 
@@ -328,39 +321,6 @@ SevSnpCreateAP (
   }
 }
 
-/**
-  Issue RMPADJUST to adjust the VMSA attribute of an SEV-SNP page. -
-  @param[in]  PageAddress
-  @param[in]  VmsaPage
-
-  @return  RMPADJUST return value
-**/
-UINT32
-SevSnpRmpAdjust (
-  IN  EFI_PHYSICAL_ADDRESS  PageAddress,
-  IN  BOOLEAN        &nb= sp;      VmsaPage
-  )
-{
-  UINT64  Rdx;
-
-  //
-  // The RMPADJUST instruction is used to set or clear the VMSA bit f= or a
-  // page. The VMSA change is only made when running at VMPL0 and is = ignored
-  // otherwise. If too low a target VMPL is specified, the instructio= n can
-  // succeed without changing the VMSA bit when not running at VMPL0.= Using a
-  // target VMPL level of 1, RMPADJUST will return a FAIL_PERMISSION = error if
-  // not running at VMPL0, thus ensuring that the VMSA bit is set app= ropriately
-  // when no error is returned.
-  //
-  Rdx =3D 1;
-  if (VmsaPage) {
-    Rdx |=3D RMPADJUST_VMSA_PAGE_BIT;
-  }
-
-  return AsmRmpAdjust ((UINT64)PageAddress, 0, Rdx);
-}
-
 /**
   Determine if the SEV-SNP AP Create protocol should be used.  
--
2.43.2

_._,_._,_
Groups.io Links:

=20 You receive all messages sent to this group. =20 =20

View/Reply Online (#117343) | =20 | Mute= This Topic | New Topic
Your Subscriptio= n | Contact Group Owner | Unsubscribe [rebecca@openfw.io]

_._,_._,_
--_000_MN6PR11MB82446E646E86916B1A2947698C3D2MN6PR11MB8244namp_--