From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (NAM02-CY1-obe.outbound.protection.outlook.com [40.107.76.73])
 by mx.groups.io with SMTP id smtpd.web10.13536.1574280503752729482
 for <devel@edk2.groups.io>;
 Wed, 20 Nov 2019 12:08:23 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=J3nmaKhR;
 spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.76.73, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Pk9ZZslRDX83JlH76HoVQ/3Y46hm751udfMvjA6DUr+AyyQEJ34XN39ahdS9RskhcTDPuFcIpEbvHwyBtRlwxKulQTSLFbbSJ+u4k5cFlFJyG3m0VFAb5HulHAsELnq7HeQovz0hPAhhnr6GiElvGiGDM5RsKvFPUXr3B6r0UY/Rz+GJbB8a2XbcyfddGj8YIfKLJYuGsDOi1nUGjDxC/c6dfLzTCRPIyTTzBGTPdfGAcjchTTrGNFis4pcxBWPEVUf4ZgWFWh/vPR2anW7dKkh0VcCtaVVuic7t1osuoGtFxhHSqR0lBbGpIOKAKxNyAVa5mfaBu2W7s98INbFwag==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ocoGiTnb9S0lUMKlgYerC9dEAFdGQqpobvTdwjEJQKk=;
 b=kddGUEgOz/BEvnAZgPot7zyoRJDtSv8pjYtefbzec8ldOb+ryqeMi562qD0mZ98Q9jacHf87cyyAQxTK6QaU2CJUt88o2hUjjfglELgP5rI+bdAAsTakJ32AdIqCnZD3Sj2KVr2SRHwE+4TfLl+gLbKb55mOfQzTmEIHQk/TXpXqAxwhR7Jb+f7Fsek0XIMrGxQB9kc+66o2LAtzBiKlkgKU95PrTRoaK1r1L0cQHczaDIBKu7a/oTFdbnnT2UZQgZPNhCEiOajMKnII4l7IGRMtP3npVe0yMweMlale6eKsFzb7EYljILZNvYG1c0yvik+XAYVPjQzC8oSagWxz4A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ocoGiTnb9S0lUMKlgYerC9dEAFdGQqpobvTdwjEJQKk=;
 b=J3nmaKhRSssqp9ynKPp24oet+hZiJnbKyHQH9WH5Iw7o48m41Q72s0bf6eh9uaKafNzGA0wBMyq/c97ulLjyMHvCjJxqqhfMU73zR3MOweUFitCCnZjcKcm3iyeDeHa7ZmSE2vrBPA3AEYyuulyFaBPaNHK512BI7zXaEXQgiYU=
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=Thomas.Lendacky@amd.com; 
Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3675.namprd12.prod.outlook.com (10.255.76.80) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2451.28; Wed, 20 Nov 2019 20:08:22 +0000
Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::dd0c:8e53:4913:8ef4]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::dd0c:8e53:4913:8ef4%5]) with mapi id 15.20.2451.031; Wed, 20 Nov 2019
 20:08:22 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [RFC PATCH v3 38/43] OvmfPkg: Move the GHCB allocations into reserved memory
Date: Wed, 20 Nov 2019 14:07:00 -0600
Message-Id: <a6bd899b4476da8b6329eaa4c242dc05b28163ea.1574280425.git.thomas.lendacky@amd.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <cover.1574280425.git.thomas.lendacky@amd.com>
References: <cover.1574280425.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: DM3PR12CA0087.namprd12.prod.outlook.com
 (2603:10b6:0:57::31) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
Return-Path: thomas.lendacky@amd.com
MIME-Version: 1.0
X-Mailer: git-send-email 2.17.1
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: e84f01d0-e680-4c49-4ac3-08d76df55411
X-MS-TrafficTypeDiagnostic: DM6PR12MB3675:
X-MS-Exchange-PUrlCount: 1
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM6PR12MB3675C30C8A89865A0D212AD9EC4F0@DM6PR12MB3675.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:3044;
X-Forefront-PRVS: 02272225C5
X-Forefront-Antispam-Report: 
	SFV:NSPM;SFS:(10009020)(4636009)(136003)(396003)(366004)(39860400002)(346002)(376002)(199004)(189003)(36756003)(6506007)(51416003)(446003)(66946007)(76176011)(52116002)(50466002)(386003)(478600001)(6116002)(3846002)(14454004)(48376002)(5660300002)(966005)(6306002)(6666004)(14444005)(186003)(26005)(6512007)(4326008)(6436002)(2906002)(6486002)(99286004)(50226002)(2361001)(8676002)(81156014)(81166006)(8936002)(118296001)(2351001)(316002)(86362001)(6916009)(66066001)(16586007)(7736002)(305945005)(47776003)(25786009)(66556008)(66476007)(486006)(11346002)(54906003)(476003)(2616005);DIR:OUT;SFP:1101;SCL:1;SRVR:DM6PR12MB3675;H:DM6PR12MB3163.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	4laGh+0iZujOWLMLXIDQ9uZERDmcBUnB117mQWMSjtvqSDMdTTjs71+i5wh6thdo8HfXcQ7kBfQ6rWXZ89nFPYqqmSVEcyQX9C+M+Tw9TjDqJJpiWVd0lBQjHqNbt9m/3L8cpPyRiwc1SlWQc++TJtbJcH5H5QKD8CJRZyNYar9ajt9/AdIThtW3RETGSXJWShaQba5FVqI11T2UrXaLThislltPcHND69ZjrTmQMw2IVh/3mctmFMAa9YovC5QFzUD7yRyi00hmZ25xBnRaLqlchBkzg8nS7kLCfhbwjczjxkJ+uTgV5EzvHFGn3iU/NCkZky4gzfwEh1+ONVtcZLNZcP4SS74tJnlJSHSnfrRLuIFM9JoUWdK553tYteQfG80EVuPkrnvZY39LltfIIyLrc0Plc2qiPx6g/QzRTqTE4UTlh0f9hrRbs5AdsFipQdI4nWoZ/x8t2kZ5gfO8PYjG6ESQLwYlEycE4Cc23f4=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e84f01d0-e680-4c49-4ac3-08d76df55411
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Nov 2019 20:07:54.2598
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: xwAaTWaYMw6GHVzP9t8JmzpmqhhRi7A0hFXl7lKb7xVSOoYPOIQVsucWzegi2OK+ZxU1uRrkQGpOHXg7l8MvHg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3675
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198

After having transitioned from UEFI to the OS, the OS will need to boot
the APs. For an SEV-ES guest, the APs will have been parked by UEFI using
GHCB pages allocated by UEFI. The hypervisor will write to the GHCB
SW_EXITINFO2 field of the GHCB when the AP is booted. As a result, the
GHCB pages must be marked reserved so that the OS does not attempt to use
them and experience memory corruption because of the hypervisor write.

Change the GHCB allocation from the default boot services memory to
reserved memory.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/PlatformPei/AmdSev.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index b3fd2d86541a..84b337325d5c 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -49,9 +49,11 @@ AmdSevEsInitialize (
 
   //
   // Allocate GHCB and per-CPU variable pages.
+  //   Since the pages must survive across the UEFI to OS transition
+  //   make them reserved.
   //
   GhcbPageCount = mMaxCpuCount * 2;
-  GhcbBase = AllocatePages (GhcbPageCount);
+  GhcbBase = AllocateReservedPages (GhcbPageCount);
   ASSERT (GhcbBase != NULL);
 
   GhcbBasePa = (PHYSICAL_ADDRESS)(UINTN) GhcbBase;
-- 
2.17.1