From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.77]) by mx.groups.io with SMTP id smtpd.web12.7821.1620220301417393508 for ; Wed, 05 May 2021 06:11:41 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=YE7m7Z0l; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.243.77, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oKExTd9pvg4L1fZMwzuz7V53HXmsJCLZxLiy9FL2jC2XJfyhvk7o3Uh5cil2Dajl7ZajVgCE+97oUB4JulJzfmPVcm5mZ/rpC0PZt4p0+8FjMNYrd5AXlX5Q+PF+YiBDwz70le95UiZlRaJuo0GvipnYWlrTt1ty+YjpreMIf67LF9yew3BdgaF46M0joh52IwFcaJWIBv+EHrRaZ2hcfqNIV9puQUWWY+JDGIa5K9kPrFUjedxhW4ibSE/mMwxDJ1+Y9+/xBGsjxn94D1mBxedIbXXVuUlvtfPzuidW+r9GWRS1G+IZpfMP2dAlYDd9DVO8V5cVr5yKJGBilMhqFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZhnCjdOxSLLMDM+oQzMMpbsizpDvWDobEoMD5wmit+I=; b=fOjaD9UggxkZsON2+GWaRWw5r5XsgdVLheb6zcsNYwCP6EjfPSoID9xiFWUSId/wmGFQHqW2i0eCjP4JlmjxIka4Xq6CyRl31mUBqnuO7mxYnAf3RBHyTbVQMhEJm6dtYJQfITWj3K6m3aXQVCNrHQaA/Ss3OpbWdSuKoihHFIkH8re1r6A9nIIGWHa5chPO8edTqfPIS0F4HiUNGZRgB2hY58tgnpNAn1oG0Ilu2MHkrgOtBuLLoZislYVi/HGJlB2bepH76DtB9v2nvKoqt2LlcV4oGGQaSO3jzILzEHmu3wMt5nltpnKeCWvnNHZa5mFmSZhtO6wkDm6tx4paxA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZhnCjdOxSLLMDM+oQzMMpbsizpDvWDobEoMD5wmit+I=; b=YE7m7Z0l4xc6RkBIwA6lswaoKg1o03P+WUDsVQVcltmhXCoALsYyMUg5LUFpwnD26E1rGL7VIA1kQ5g73CisO1qcvSc9/FG/Ll1Xy6AnxMNBEN1dwmD9vUbll4ihxerJCZtS4FcdXnFssyxpdvvWjvOIO0GfvcXYzJcoMqWxV3Q= Authentication-Results: ibm.com; dkim=none (message not signed) header.d=none;ibm.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2784.namprd12.prod.outlook.com (2603:10b6:805:68::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.26; Wed, 5 May 2021 13:11:37 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4108.025; Wed, 5 May 2021 13:11:36 +0000 Cc: brijesh.singh@amd.com, James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas , "tobin@ibm.com" Subject: Re: [edk2-devel] [PATCH RFC v2 11/28] OvmfPkg: Reserve Secrets page in MEMFD To: Dov Murik , devel@edk2.groups.io References: <20210430115148.22267-1-brijesh.singh@amd.com> <20210430115148.22267-12-brijesh.singh@amd.com> <8b46fe32-beda-0195-8c67-c7ef19194f85@linux.vnet.ibm.com> From: "Brijesh Singh" Message-ID: Date: Wed, 5 May 2021 08:11:34 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 In-Reply-To: <8b46fe32-beda-0195-8c67-c7ef19194f85@linux.vnet.ibm.com> X-Originating-IP: [70.112.153.56] X-ClientProxiedBy: SN6PR16CA0051.namprd16.prod.outlook.com (2603:10b6:805:ca::28) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from Brijeshs-MacBook-Pro.local (70.112.153.56) by SN6PR16CA0051.namprd16.prod.outlook.com (2603:10b6:805:ca::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.25 via Frontend Transport; Wed, 5 May 2021 13:11:35 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 62e3ef00-0160-4e70-12fa-08d90fc7501d X-MS-TrafficTypeDiagnostic: SN6PR12MB2784: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wDLlZVktQUEazy0/bvoxj+g4Qp8hVKUWOQY7B3f82i5nNk4PAny5GpcXPzjUTxsMlMnbqUCYm8U3/q2LgUFeVoFs0RkZ+0odQuxj3lIM7HRhg/6/3u4QrD8pHh3xaT1o+Kubn0MpYsLTGsD7PdhT9srjHDsUBIxlgE/+tiSoCvhQHiP5hCXZKFUlDCgbnL3oZ/dKpyZKyBI7wR0yUolCPrP9WSAMWfsH+Os7mOPlYFfSWO7+sShonMNqw92LVRDwVF8fX9z4VaKvHL/+Psss4L1I1JQ2HAZ9+VYafMJmazHZ0WDFY3uMSpPmjtgmF6rBpWlBL0uGZnsEt+xYUjUI7R8kFL1eUcjN4wbduijG1rC/i427jjZqO8DGvMrcZtrb8pHViTLiVtqdrZqG3dv+1e+bUPSkgqdqZW+yaYWGScSXZ+NvbvaSa0bbwtnMy4h/N0taL0lyYJkrfBbXmP2YFX71Mlg1rnFYy38rkv5jajx+W7r6MFaoQXo+4Ft0EvLeelObcjV1yrv1aof0caLtl9RF/0d8NpfWQWn+W2rCG+ibcL0RPYGncRFNquODENh5mXnAK1kh99nraJezPq1TSK17+sFSVnetEc+qdc2a5U9UAhnOjUamnKDIP2uhIXzBf3GeJJq9ccQfcPW3Lm1fjezIlS8Kio4YgEw75ChFJSvu21U/g40CnafNJMuTU2KlllsaYHwll/HHVdkG3tQT3UOh8PY0P0hmtAjt9t8tKtHoqalEONJDJTMQEUIXUH/gOhM4V8nJQzZCMd/DDOFd6joWCbfJ0o1zXqzeae72FbU8FqVs9djO/UStv5dd4ClH X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(376002)(39860400002)(366004)(346002)(396003)(2616005)(956004)(478600001)(38100700002)(83380400001)(966005)(31696002)(38350700002)(53546011)(44832011)(26005)(6512007)(36756003)(45080400002)(2906002)(66946007)(6506007)(66556008)(66476007)(31686004)(52116002)(5660300002)(8676002)(54906003)(6486002)(316002)(186003)(86362001)(4326008)(8936002)(16526019)(19627235002)(7416002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?VjZWVnZjODRvTWJKRm54VStodDFPZmN6NTJ3SzF4YzlLdkYyTVF2TmN0T3dS?= =?utf-8?B?MGtzZjRvTXhVckxqV21nVVNSamdmYStMV0JzWERwaGY3U2VaYkJwcXBXOS9w?= =?utf-8?B?WDlDeTZPSTNlUEtGQzBWQWhWTVhtSnc2RnVTZFpSNy9DVFZzR0NLL0tYUHhQ?= =?utf-8?B?QmhURkw5UWpWQTY3Qk84TVhISms5WW05T2lvQ2s5ODRNaWdNR3g0SGFobkVB?= =?utf-8?B?K3lhQXNnbi8wQkExbm9UeXl4Q3JucGZ2OGRLZHk0WVFIS3RLbldoREVOUGhj?= =?utf-8?B?Mk50RjRYRFNYb0ZFNTZyWFUrRFh6bXhTbE85QkxZT09UVmJvM1UwTHJRSzI3?= =?utf-8?B?WnZKcERoZ2hJSkpSRzd6YXV6Nm5IakVxTU9qbnlUMDgwMDZ5TDR6UzRMWlFH?= =?utf-8?B?aFh2NEtocXQra0l2TmdpcElFbXJvckpMTXU5K3RGczBra0N6VkFDc3p6WmFY?= =?utf-8?B?K0ljM2tqWDFqNW9ZYXh1NkZKeWt0QlhpVXROQkJIclJUTVVZMmZkaS9ZbUFW?= =?utf-8?B?bVFNUjVBeGdkSXUyZVpDc0I3bTNEdnJ1L0tDRUJxQjlXUlVKT3F4cU1Gb1cy?= =?utf-8?B?Rlhack5zVVVoWmtQOXhuMmU0cm92UEdCM0VRRWUvd0RzSnpLYnEwWGlrRSsx?= =?utf-8?B?WklLN0JNZUFiOEtNQTIxQzVJbldqL3NWR0t1YkxORHZSTGhudmVzVmUyaTEr?= =?utf-8?B?V2FpV01BRzZNV01UL0ZFM1ZDMXNINE5aaU83eVMwN2g2anFDdkdZbmtkdmpO?= =?utf-8?B?RFNsSHpxZTFyUUwyMTVCWkRrcDRkM3pBVG9HbXhYNGhnOGlhbFo4OGNnWWhn?= =?utf-8?B?VGNUb1E4aFVGSEdEbTFtb09ZbE1ySGx0YWtQcmhpS3lDZkVzVzhnZ1RrUGJN?= =?utf-8?B?ZS9IeVRhMVR4QXpIZE03S2VpS3Q5S1luL2NjUDByc0JzQ1BRMTcyODV3U0Jr?= =?utf-8?B?K25oZDNndGpYNjlQSk5xTVo4YklpS3I0WmV5Q20xcmthUXozRFBzbXNNdmpX?= =?utf-8?B?M3Mvckw2UWlYcVgwMnNJR1NMWDNIZHJVdDRSRVA4V09yOEU2Q2Z2RGs5c3lh?= =?utf-8?B?WG9VbERzOGRnRDdGcGhPWHQ1UEZhV0lZeHErYUs2dnJvdmNhdTU1dGlwcDFy?= =?utf-8?B?c1phaVlNckRJUVBSdWlLN0MyUUZHY21MWVpPYlZLSkNxTEhWUGdWYndNRTNW?= =?utf-8?B?UnR1WW5KZUE5NHN4WkdGRmR1eDAwODRCbDBQV1o5M3FGMi9XTXlIR0Y3eSs2?= =?utf-8?B?RnJ4V3ZhTCs1R2R5MHNmV3duS1JSUko1T1dobmFMdzl1aVRoMkdoUUpkd3Q3?= =?utf-8?B?NVZBRDc1LzlNQVhwczlhQVpMYUpSbnZhWDl2aml4cFdJRk0yQ0N3TnVtL2xU?= =?utf-8?B?eHVkVlhTc3VMUWlCdmV5a3FNY0hSVzZ5OFZRY0EvL2lkKzhFQTN0N1BSL3RD?= =?utf-8?B?UUZ5TWZUK01hb3MvQUNzcUpPUFBDbDhHcU1WWlJaUWpmOEl0SlpzM0hpRDFI?= =?utf-8?B?TDN0dWw3SjcvTUc2TUZrL1hrckpUWWUzeXFHdTN5TXo2VzlIekhCYWhSRnFK?= =?utf-8?B?OERCRVpvdzZRSzUxa3pPWjVBYWplUXNEZ3JCRGhVTUNwSjB5MWxEQ2RUR3JF?= =?utf-8?B?WFhEZVVSVVY1TkJBeWw1VTJybWtGVllGSHExV1dSWUVyaWhqUlNMLzhLK0ha?= =?utf-8?B?WFZxcUtVZ25PMGwzWStyS1h3S1pNZHY3YjU4S1JCNWdkRkFyNmVCY1ZabUZX?= =?utf-8?Q?HjGbQHe9cNxzSZDqbdLZhkYJieWASIVHrkVBaH2?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 62e3ef00-0160-4e70-12fa-08d90fc7501d X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 May 2021 13:11:36.8396 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: VfFVFfnwEKrDGDWSAcpo4v8VlOIARFm701mtIo6Jub7ldtbeeh4w+KO1ZZ0wjo58yCPbJ+8npPkFrnABqkVRxA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2784 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US On 5/5/21 1:42 AM, Dov Murik wrote: > [+cc: Tobin] > > Hi Brijesh, > > On 30/04/2021 14:51, Brijesh Singh wrote: >> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C93168c94eb6d44ed08e608d90f910426%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637557937779907471%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=nLpmk3G%2BmXcZrzXxCmO3M9EDPiLRnP1IUmPqRQNbBuU%3D&reserved=0 >> >> When AMD SEV is enabled in the guest VM, a hypervisor need to insert a >> secrets page. >> >> When SEV-SNP is enabled, the secrets page contains the VM platform >> communication keys. The guest BIOS and OS can use this key to communicate >> with the SEV firmware to get attesation report. See the SEV-SNP firmware >> spec for more details for the content of the secrets page. >> >> When SEV and SEV-ES is enabled, the secrets page contains the information >> provided by the guest owner after the attestation. See the SEV >> LAUNCH_SECRET command for more details. >> >> Cc: James Bottomley >> Cc: Min Xu >> Cc: Jiewen Yao >> Cc: Tom Lendacky >> Cc: Jordan Justen >> Cc: Ard Biesheuvel >> Cc: Laszlo Ersek >> Cc: Erdem Aktas >> Signed-off-by: Brijesh Singh >> --- >> OvmfPkg/AmdSev/SecretPei/SecretPei.c | 16 +++++++++++++++- >> OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 1 + >> OvmfPkg/OvmfPkgX64.dsc | 2 ++ >> OvmfPkg/OvmfPkgX64.fdf | 5 +++++ >> 4 files changed, 23 insertions(+), 1 deletion(-) >> >> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> index ad491515dd..92836c562c 100644 >> --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c >> @@ -7,6 +7,7 @@ >> #include >> #include >> #include >> +#include >> >> EFI_STATUS >> EFIAPI >> @@ -15,10 +16,23 @@ InitializeSecretPei ( >> IN CONST EFI_PEI_SERVICES **PeiServices >> ) >> { >> + UINTN Type; >> + >> + // >> + // The secret page should be mapped encrypted by the guest OS and must not >> + // be treated as a system RAM. Mark it as ACPI NVS so that guest OS maps it >> + // encrypted. >> + // >> + if (MemEncryptSevSnpIsEnabled ()) { >> + Type = EfiACPIMemoryNVS; >> + } else { >> + Type = EfiBootServicesData; >> + } >> + > Would it make sense to always use EfiACPIMemoryNVS for the injected secret area, even for regular SEV (non-SNP)? Ideally yes. Maybe James had some reasons for choosing the EfiBootServicesData. If I had to guess, it was mainly because there no guest kernel support which consumes the SEV secrets page. Since the memory is not marked ACPI NVS, so it can be used as a system RAM after the ExitBootServices is called in the kernel. I am fine with using ACPI NVS for both SEV and SEV-SNP. I was not able to build and run AmdSev package in my setup, can you submit a prepatch to change the memory type and verify that it works ? > > -Dov > > > >> BuildMemoryAllocationHob ( >> PcdGet32 (PcdSevLaunchSecretBase), >> PcdGet32 (PcdSevLaunchSecretSize), >> - EfiBootServicesData >> + Type >> ); >> >> return EFI_SUCCESS; >> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf >> index 08be156c4b..9265f8adee 100644 >> --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf >> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf >> @@ -26,6 +26,7 @@ >> HobLib >> PeimEntryPoint >> PcdLib >> + MemEncryptSevLib >> >> [FixedPcd] >> gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase >> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc >> index a7d747f6b4..593c0e69f6 100644 >> --- a/OvmfPkg/OvmfPkgX64.dsc >> +++ b/OvmfPkg/OvmfPkgX64.dsc >> @@ -716,6 +716,7 @@ >> OvmfPkg/SmmAccess/SmmAccessPei.inf >> !endif >> UefiCpuPkg/CpuMpPei/CpuMpPei.inf >> + OvmfPkg/AmdSev/SecretPei/SecretPei.inf >> >> !if $(TPM_ENABLE) == TRUE >> OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf >> @@ -965,6 +966,7 @@ >> OvmfPkg/PlatformDxe/Platform.inf >> OvmfPkg/AmdSevDxe/AmdSevDxe.inf >> OvmfPkg/IoMmuDxe/IoMmuDxe.inf >> + OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf >> >> !if $(SMM_REQUIRE) == TRUE >> OvmfPkg/SmmAccess/SmmAccess2Dxe.inf >> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf >> index d519f85328..b04175f77c 100644 >> --- a/OvmfPkg/OvmfPkgX64.fdf >> +++ b/OvmfPkg/OvmfPkgX64.fdf >> @@ -88,6 +88,9 @@ gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevE >> 0x00C000|0x001000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize >> >> +0x00D000|0x001000 >> +gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize >> + >> 0x010000|0x010000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize >> >> @@ -178,6 +181,7 @@ INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf >> INF SecurityPkg/Tcg/TcgPei/TcgPei.inf >> INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf >> !endif >> +INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf >> >> ################################################################################ >> >> @@ -313,6 +317,7 @@ INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf >> INF ShellPkg/Application/Shell/Shell.inf >> >> INF MdeModulePkg/Logo/LogoDxe.inf >> +INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf >> >> # >> # Network modules >>