From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web12.7286.1644979902567032841 for ; Tue, 15 Feb 2022 18:51:43 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=bP1qyU7G; spf=pass (domain: intel.com, ip: 134.134.136.100, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1644979902; x=1676515902; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=tIMKutkB0NREaXcHdshZaLLzkD2psLEsu2hvo006498=; b=bP1qyU7GuYaiAbN1g2VYIwM7wZ7aJdH4LMrVN50frwizkH5G7nusRTKl 47lW3NWQaOB6+ORdWgU3i5S3jw6K7Y3nEyBXIDZx/vJOGCoiRkaY80r3s SqXVUXCL7WqwXmnzyngdlRobPUhwiWh+pYoUIyFDBcmCgq+uZB2DQEKF8 F6LF/0EuDYcgW3JvoBoIsKSdVwz7qXSrPanV7vM97gKgi+y5BeR3SmsV6 o5XkwflOH+NO/1WjE1MElQcA+DxKTqqYMJ4qdSswB7v1hsEvZwSVFiwJc F71+kiDwqpOTCEmDjCfv6vVwMo0SMweNVnnXeBP03k+IVK8wgHD2LdhaT w==; X-IronPort-AV: E=McAfee;i="6200,9189,10259"; a="313782526" X-IronPort-AV: E=Sophos;i="5.88,371,1635231600"; d="scan'208";a="313782526" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Feb 2022 18:51:41 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,371,1635231600"; d="scan'208";a="571096387" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by orsmga001.jf.intel.com with ESMTP; 15 Feb 2022 18:51:41 -0800 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Tue, 15 Feb 2022 18:51:40 -0800 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Tue, 15 Feb 2022 18:51:40 -0800 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.174) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Tue, 15 Feb 2022 18:51:40 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YZ9XSvjsecVsLOlZu41uUYHo7lWmt6FQBMaS59s10nA+TozmPtbIhCh7y3I8zErLeapbwgodqYLwXrmJORrnRYLbUK8xxJT62+sq24u+JOMhBV3806vBrzGstblKfmGI0JWjLqQIEGQgArkgfqfE5wabvl4pP2iroDT/Qsvt6af70CeUHDZeOQdSmQI7DXJ234PrvGD5h7wfjUVV7PFXSAKDmaGUmbW3NWGIE1AyBuMklMtAps/CZKiMHU0ww9rdqWwRspU+1riNG5ahvZEmz8DO0q5aYP90p+Kx+6o9pCyHQlXYUn8RKX+57LrTzs/vu9slZIjyG/hIrgwrlgDhhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WI3PQj6bHbiqG7H97oi4R1ja4byjXikIXpA9jQD5/KU=; b=Gn95m9ixddX3PtEMtIbDL1SVzClTi2ZH2/0LvkaWhK+W3jsQBTy5ln+eWuvnMau7ngi+++wyf7ubE9vOW+sqZon/wlhLRuk6G5FK95UBptVPpbL5hGobi4t3editBNRoKYRp/3oNY/SSzyoIygX3rj2faRRMy7aRuKlvI3nK22dYfEVHFyY/fKVUYSVok+Jf1K+Q2yTiXue/szAj6p4pZmNUZsEEI3Fs03EKTJrq2X26IHBp9RTY/z2c6A0XWHKfbHt5iDv+qTJW4iJdGOxYtOX3AjgQOZul0wz4xkqQK0lnGj7orXZ+bq0p51JQp7vV+zO59/pBMmWv1oCkZ2kt5w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by MN0PR11MB6009.namprd11.prod.outlook.com (2603:10b6:208:370::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.18; Wed, 16 Feb 2022 02:51:36 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::21db:e2fd:b9a3:9292]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::21db:e2fd:b9a3:9292%5]) with mapi id 15.20.4995.014; Wed, 16 Feb 2022 02:51:36 +0000 From: "Yao, Jiewen" To: Brijesh Singh , "devel@edk2.groups.io" CC: James Bottomley , "Xu, Min M" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel , "Aktas, Erdem" , Michael Roth , Gerd Hoffmann , Aaron Young , Dann Frazier , Michael Roth Subject: Re: [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the VmgExitLibNull Thread-Topic: [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the VmgExitLibNull Thread-Index: AQHYIn9YCfjrnYzlxUqFp85kkpBwq6yVexuA Date: Wed, 16 Feb 2022 02:51:35 +0000 Message-ID: References: <20220215151638.1671473-1-brijesh.singh@amd.com> In-Reply-To: <20220215151638.1671473-1-brijesh.singh@amd.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.200.16 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: e998fa2f-5a10-419e-6553-08d9f0f73f5f x-ms-traffictypediagnostic: MN0PR11MB6009:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1051; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: g6DH+rOYqMoOz806YuRxQhRHFhJ9Gq7L95u4FHyEOQrNWPI3dVUb6CZRetTvXUcGKpLiic8ae1rSX+wAqP30sy6ufpd1Vt2Rc2/ztCqtRCQYJEbyI1O6pjBd97px1cm7/+4t39el+DqZj4ErjR62qAhlIi/GyRbMZ3wgNctWvc16uUYQoMMMGdddQLyAcnho3fs+WZvIHESsRurYCtcYDh75GPllCpaoeNpPB9rYQ4R1URMi8YOjLdmLCDyRfbFWk5R2aKNybxkOEpKlGfGebOsGwbeRaT65Vj8jDXWr+8/lTedV0Fds88so13dpzusuLu76fMHYjPfNWksItROAKUQs5NFQG8pVY41kGT1iFqI7ZvBnpF81GnqONGUKJcKL6nXXkt6/lICEg95bVFKYcH/IyAUgj8npAhFKXzCZaI5/407i2Fj26lEjoHW6sNKEwK8UbrpkQSiI95B0uGHr+zW5xnna+SWc3a7f7VPm6zzcVLSbVubr+gJMXIHvb9r+Ffxl0j+NfwsPsc5fPwCeIwCDiWHxDmYINniDiKtEa36o6BpGhdKsMGsfN2GvaP2SAVgztvXGD72CYuON9OjMHR4p1yL8JXZrCE+itlNE06mFvFpwNc5IMCuwU+hVpOq2jQs0MoFbawnM4fgtSjyZUhxBk1a+SsCOsgHpc1juFjrkK8813GGhWpMFrj7VVpVIq9JTvi/9wD3KaDCUfuLHWAHCI7nx19O9FMQ16kFg3g4OlC3LCPCW3s5oeqixoVpWZvtFqEkwrcegcuJWh9bfmgDiNnXec2FQGX/boJwDVoA= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(86362001)(66556008)(82960400001)(8676002)(122000001)(110136005)(71200400001)(4326008)(52536014)(7416002)(66446008)(55016003)(76116006)(38100700002)(508600001)(54906003)(66476007)(38070700005)(7696005)(9686003)(64756008)(83380400001)(26005)(966005)(33656002)(316002)(19627235002)(66946007)(186003)(8936002)(5660300002)(53546011)(2906002)(6506007);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?LeMuMUbXegdwbCJh9farOZUQ2YKQiy4gxPSaWoeecHOGJHyMh7BKFz7mtZ1h?= =?us-ascii?Q?tw8b0UOOrcLLsbS1G4w3ip7zZoSKOc8Z72DTO3/0ymc5C20zDdRM/zWucjWu?= =?us-ascii?Q?F4SMMHdSECVYh7SCwlH76Yu8uisdCCRBp37BdoQUnya+kyzRYQuNDql3sQho?= =?us-ascii?Q?5PXWK5YqxOPyNts9EDW9fRyj8Wff/da1WAYee0Q9UNDv4ERCIomYEhMHeEZp?= =?us-ascii?Q?JNbkUR8Ik7ziQlR/hkdK5vgrvr2C/cGatqKuRnPQv71WLBdvu5MYISsyvAug?= =?us-ascii?Q?WRkkWPzIybkxwPFf1YeWsrHMe0E5vf9kLxPxMQsY3Ka513rrIgYV0g4amp1r?= =?us-ascii?Q?iKxeMaahiNQgz5KP2NFrfmtMvo0cy9It+eX8wk8ut/G0Z/RThoPMEPpXKCKR?= =?us-ascii?Q?7BBNSeku0+sL92NUvagMo08LJCUhnc6PqTxd3FhcLXCjhXJIICunYUnVcMQc?= =?us-ascii?Q?jiPMKtOBGks5UWFS3gleuTxWRtnHnA0kpRkYlqspHX72wT7SpalJrU8zsXPf?= =?us-ascii?Q?rQF0JPTbAFj43iMk2xIDo8LVbLxn0PEJWf6uTkvOWFSdiiF5vovRjWHpNyD/?= =?us-ascii?Q?DgHPRUn80Ac0bwGaqyJUj+bn+ijIUq4aDPOfpkdYpgrAC8Q9nx+vps941cyb?= =?us-ascii?Q?d9YMaODm1jGDih/xNh04WbDoP/gsU9ue92c7bkLyxzumR2fHzuDOk25Tdd6T?= =?us-ascii?Q?iPMYz/DjItPEcmO5hYfy9iLLZr90ujYI1gOCWM4VK4brlCRzNcnygZv9AXH3?= =?us-ascii?Q?K56M0QpGkbOA5J5jaBmcQgm3f/OdUCGRU/mT+pahHVFfw2WWURpiU8TwzUXw?= =?us-ascii?Q?+HapSaPDET6k3WL5OBAAz2aX+KxbTYngQ6tut9noLvZtn3ztvJf5VXJcQG25?= =?us-ascii?Q?NNpoNJqyy2wf5Ooa5fH+TZAvsSg+eC+dnPYMwq6tr+mdxEl5BouvGny7XoNx?= =?us-ascii?Q?tk4E4lkAU3LpjJcW6gILVrxY6TUF9WNMS5dRRvq/cpEPgiQYGG5o8nR6icBL?= =?us-ascii?Q?cGaWxwuwFMIZnkUKxL7z8E35XtCnzWTQpEK6xvwh0KutJKUsUv1jK4T0tFcr?= =?us-ascii?Q?lCXJEr9V9vfMWrRPDf++2q4Xs5o3j/W7VFl6MHVkMQsCjchiEsQoo+FU7+YZ?= =?us-ascii?Q?oig4F8pRPH8Y6qQ5S2bGiFg6q/b+HSKIypyXnuBjEc4wt8LxThg9gBCNk0Gu?= =?us-ascii?Q?BJkFYB6Ai8liiEs/hayJDn+59OeZjTzOEy7c84AJcfW7dS4QGXAqxn4GvKbG?= =?us-ascii?Q?mSOcPVf0CjAVO8hP+zS6Ave6dzVs/0+bVkQak9yzXPtE8xcV5PtSa+tM/4zB?= =?us-ascii?Q?Cfk9X/cNGlQmabkouHDDKFXm5ZBMlknl3a5JmR3xu53kEQpcJJBiRznszEzV?= =?us-ascii?Q?oUXhcMA4fUEf5LPL1pHG1tCWzY3hupynzztM2TdHcgES/Nbeq2k+msYALa6u?= =?us-ascii?Q?YL27mTU+QUibWm8bGrZKhNKZhNSMenG1L6ZPWWe90DQM+a0Alm7OMZm+T3Mx?= =?us-ascii?Q?CuZjmTw/SRWZ6jPJ6UWzxfzGiUwc3t3wVqMNy7dqrBEa8LcNRBOl0R5xd/rw?= =?us-ascii?Q?rUULRd0tdGUXOq8zi7R+ZSqYkPTjeZei7SQaeQm1M/WL78Zjk2eE/JVhLmME?= =?us-ascii?Q?RqGZHFVpHVBF7xJqxLkRqr0=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e998fa2f-5a10-419e-6553-08d9f0f73f5f X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Feb 2022 02:51:35.9347 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: aIeLIGvwnkFAWRCbW1p6Xo37xG3NMo9eVgg8QDjApj7UCk/aaqc0MruzJ31qqfn+XoaqMx9eAX18bY9T6Nlx2w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR11MB6009 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: Brijesh Singh > Sent: Tuesday, February 15, 2022 11:17 PM > To: devel@edk2.groups.io > Cc: James Bottomley ; Xu, Min M ; > Yao, Jiewen ; Tom Lendacky > ; Justen, Jordan L ; > Ard Biesheuvel ; Aktas, Erdem > ; Michael Roth ; Gerd > Hoffmann ; Brijesh Singh ; > Aaron Young ; Dann Frazier > ; Michael Roth > Subject: [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the VmgExitLibNull >=20 > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3835 >=20 > The commit ade62c18f4742301bbef474ac10518bde5972fba caused a boot > failure > when OVMF is build with SECURE_BOOT/SMM enabled. >=20 > This happen because the above commit extended the > BaseMemEncryptSevLib.inf > to include VmgExitLib. The FvbServicesSmm uses the functions provided > by the MemEncryptSevLib to clear the memory encryption mask from the > page table. It created a dependency, as shown below >=20 > OvmfPkg/FvbServicesSmm.inf > ---> MemEncryptSevLib class > ---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance > ---> VmgExitLib > ---> "OvmfPkg/VmgExitLib" instance > ---> LocalApicLib class > ---> UefiCpuPkg/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf instance > ---> TimerLib class > ---> "OvmfPkg/AcpiTimerLib/DxeAcpiTimerLib.inf" instance > ---> PciLib class > ---> "OvmfPkg/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf" instance >=20 > The LocalApicLib provides a constructor, execution of the constructor > causes an exception. The SEV-ES and SEV-SNP do not support the SMM, so > skip including the VmgExitLib chain. Use the module override to use the > VmgExitLibNull to avoid the inclusion of unneeded LocalApicLib dependency > chain in FvbServicesSmm. We ran similar issue for AmdSevDxe driver, > see commit 19914edc5a0202cc7830f819ffac7e7b2368166a >=20 > After the patch, the dependency look like this: >=20 > OvmfPkg/FvbServicesSmm.inf > ---> MemEncryptSevLib class > ---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance > ---> VmgExitLib > ---> "UefiCpuPkg/Library/VmgExitLibNull" instance >=20 > Fixes: ade62c18f4742301bbef474ac10518bde5972fba > Reported-by: Aaron Young > Cc: Dann Frazier > Cc: Michael Roth > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Erdem Aktas > Cc: Gerd Hoffmann > Signed-off-by: Brijesh Singh > --- > OvmfPkg/CloudHv/CloudHvX64.dsc | 5 ++++- > OvmfPkg/OvmfPkgIa32.dsc | 5 ++++- > OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++- > OvmfPkg/OvmfPkgX64.dsc | 5 ++++- > 4 files changed, 16 insertions(+), 4 deletions(-) >=20 > diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc > b/OvmfPkg/CloudHv/CloudHvX64.dsc > index 8ac9227c5f50..3172100310b1 100644 > --- a/OvmfPkg/CloudHv/CloudHvX64.dsc > +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc > @@ -906,7 +906,10 @@ [Components] > # > # Variable driver stack (SMM) > # > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf { > + > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf > + } > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index 29eea82571c5..85abed24c1a7 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -956,7 +956,10 @@ [Components] > # > # Variable driver stack (SMM) > # > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf { > + > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf > + } > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { > > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index 56d3c49ab21a..a9c1daecc1a8 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -974,7 +974,10 @@ [Components.X64] > # > # Variable driver stack (SMM) > # > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf { > + > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf > + } > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { > > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index f0924c0f9d0a..718399299f57 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -971,7 +971,10 @@ [Components] > # > # Variable driver stack (SMM) > # > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf { > + > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf > + } > MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { > > -- > 2.25.1