Re: [PATCH V2 1/1] OvmfPkg/BaseMemEncryptTdxLib: Refactor error handle of SetOrClearSharedBit

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Xu, Min M" <min.m.xu@intel.com>,
	"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Aktas, Erdem" <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Michael Roth <michael.roth@amd.com>
Subject: Re: [PATCH V2 1/1] OvmfPkg/BaseMemEncryptTdxLib: Refactor error handle of SetOrClearSharedBit
Date: Wed, 18 Jan 2023 00:15:44 +0000	[thread overview]
Message-ID: <MW4PR11MB58725BB5E21D3844777E198D8CC79@MW4PR11MB5872.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20230117235232.242-1-min.m.xu@intel.com>

Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>

> -----Original Message-----
> From: Xu, Min M <min.m.xu@intel.com>
> Sent: Wednesday, January 18, 2023 7:53 AM
> To: devel@edk2.groups.io
> Cc: Xu, Min M <min.m.xu@intel.com>; Aktas, Erdem
> <erdemaktas@google.com>; James Bottomley <jejb@linux.ibm.com>; Yao,
> Jiewen <jiewen.yao@intel.com>; Gerd Hoffmann <kraxel@redhat.com>;
> Tom Lendacky <thomas.lendacky@amd.com>; Michael Roth
> <michael.roth@amd.com>
> Subject: [PATCH V2 1/1] OvmfPkg/BaseMemEncryptTdxLib: Refactor error
> handle of SetOrClearSharedBit
> 
> From: Min M Xu <min.m.xu@intel.com>
> 
> The previous implementation of SetOrClearSharedBit doesn't handle the
> error correctly. In this patch SetOrClearSharedBit is changed to return
> error code so that the caller can handle it.
> 
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
> Signed-off-by: Min Xu <min.m.xu@intel.com>
> ---
>  .../BaseMemEncryptTdxLib/MemoryEncryption.c   | 48 +++++++++++++++----
>  1 file changed, 40 insertions(+), 8 deletions(-)
> 
> diff --git a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
> b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
> index 503f626d75c6..5b13042512ad 100644
> --- a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
> +++ b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
> @@ -510,8 +510,11 @@ Split1GPageTo2M (
>    @param[in]      PagetablePoint        Page table entry pointer (PTE).
>    @param[in]      Mode                  Set or Clear shared bit
> 
> +  @retval         EFI_SUCCESS           Successfully set or clear the memory
> shared bit
> +  @retval         Others                Other error as indicated
>  **/
> -STATIC VOID
> +STATIC
> +EFI_STATUS
>  SetOrClearSharedBit (
>    IN   OUT     UINT64              *PageTablePointer,
>    IN           TDX_PAGETABLE_MODE  Mode,
> @@ -520,7 +523,8 @@ SetOrClearSharedBit (
>    )
>  {
>    UINT64                        AddressEncMask;
> -  UINT64                        Status;
> +  UINT64                        TdStatus;
> +  EFI_STATUS                    Status;
>    EDKII_MEMORY_ACCEPT_PROTOCOL  *MemoryAcceptProtocol;
> 
>    AddressEncMask = GetMemEncryptionAddressMask ();
> @@ -536,16 +540,30 @@ SetOrClearSharedBit (
>      PhysicalAddress   &= ~AddressEncMask;
>    }
> 
> -  Status = TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0,
> NULL);
> +  TdStatus = TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0,
> NULL);
> +  if (TdStatus != 0) {
> +    DEBUG ((DEBUG_ERROR, "%a: TdVmcall(MAPGPA) failed with %llx\n",
> __FUNCTION__, TdStatus));
> +    ASSERT (FALSE);
> +    return EFI_DEVICE_ERROR;
> +  }
> 
>    //
>    // If changing shared to private, must accept-page again
>    //
>    if (Mode == ClearSharedBit) {
>      Status = gBS->LocateProtocol (&gEdkiiMemoryAcceptProtocolGuid, NULL,
> (VOID **)&MemoryAcceptProtocol);
> -    ASSERT (!EFI_ERROR (Status));
> +    if (EFI_ERROR (Status)) {
> +      DEBUG ((DEBUG_ERROR, "%a: Failed to locate MemoryAcceptProtocol
> with %r\n", __FUNCTION__, Status));
> +      ASSERT (FALSE);
> +      return Status;
> +    }
> +
>      Status = MemoryAcceptProtocol->AcceptMemory (MemoryAcceptProtocol,
> PhysicalAddress, Length);
> -    ASSERT (!EFI_ERROR (Status));
> +    if (EFI_ERROR (Status)) {
> +      DEBUG ((DEBUG_ERROR, "%a: Failed to AcceptMemory with %r\n",
> __FUNCTION__, Status));
> +      ASSERT (FALSE);
> +      return Status;
> +    }
>    }
> 
>    DEBUG ((
> @@ -558,6 +576,8 @@ SetOrClearSharedBit (
>      Mode,
>      Status
>      ));
> +
> +  return EFI_SUCCESS;
>  }
> 
>  /**
> @@ -747,7 +767,11 @@ SetMemorySharedOrPrivate (
>        // If we have at least 1GB to go, we can just update this entry
>        //
>        if (!(PhysicalAddress & (BIT30 - 1)) && (Length >= BIT30)) {
> -        SetOrClearSharedBit (&PageDirectory1GEntry->Uint64, Mode,
> PhysicalAddress, BIT30);
> +        Status = SetOrClearSharedBit (&PageDirectory1GEntry->Uint64, Mode,
> PhysicalAddress, BIT30);
> +        if (EFI_ERROR (Status)) {
> +          goto Done;
> +        }
> +
>          DEBUG ((
>            DEBUG_VERBOSE,
>            "%a:%a: updated 1GB entry for Physical=0x%Lx\n",
> @@ -809,7 +833,11 @@ SetMemorySharedOrPrivate (
>          // If we have at least 2MB left to go, we can just update this entry
>          //
>          if (!(PhysicalAddress & (BIT21-1)) && (Length >= BIT21)) {
> -          SetOrClearSharedBit (&PageDirectory2MEntry->Uint64, Mode,
> PhysicalAddress, BIT21);
> +          Status = SetOrClearSharedBit (&PageDirectory2MEntry->Uint64, Mode,
> PhysicalAddress, BIT21);
> +          if (EFI_ERROR (Status)) {
> +            goto Done;
> +          }
> +
>            PhysicalAddress += BIT21;
>            Length          -= BIT21;
>          } else {
> @@ -856,7 +884,11 @@ SetMemorySharedOrPrivate (
>            goto Done;
>          }
> 
> -        SetOrClearSharedBit (&PageTableEntry->Uint64, Mode, PhysicalAddress,
> EFI_PAGE_SIZE);
> +        Status = SetOrClearSharedBit (&PageTableEntry->Uint64, Mode,
> PhysicalAddress, EFI_PAGE_SIZE);
> +        if (EFI_ERROR (Status)) {
> +          goto Done;
> +        }
> +
>          PhysicalAddress += EFI_PAGE_SIZE;
>          Length          -= EFI_PAGE_SIZE;
>        }
> --
> 2.29.2.windows.2

next prev parent reply	other threads:[~2023-01-18  0:16 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-17 23:52 [PATCH V2 1/1] OvmfPkg/BaseMemEncryptTdxLib: Refactor error handle of SetOrClearSharedBit Min Xu
2023-01-18  0:15 ` Yao, Jiewen [this message]
     [not found] ` <173B3F0145D7A22F.14781@groups.io>
2023-01-18  5:13   ` [edk2-devel] " Yao, Jiewen
2023-01-18  9:00 ` Gerd Hoffmann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=MW4PR11MB58725BB5E21D3844777E198D8CC79@MW4PR11MB5872.namprd11.prod.outlook.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox