From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1])
 by mx.groups.io with SMTP id smtpd.web10.7010.1670568140576512123
 for <devel@edk2.groups.io>;
 Thu, 08 Dec 2022 22:42:20 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@ibm.com header.s=pp1 header.b=qmlDKgOp;
 spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com)
Received: from pps.filterd (m0098396.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2B92u7tX007314;
	Fri, 9 Dec 2022 06:42:18 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : date :
 subject : to : cc : references : from : in-reply-to : content-type :
 content-transfer-encoding : mime-version; s=pp1;
 bh=qK/x2kTI3bS9OsnBNutp9XEYYiEyBU1qSj8o2MZXOTE=;
 b=qmlDKgOphvAkOqi1o+qaUh0VOt0xPPTZGC2hLcF6qXt9fxDCfdx2r9v6pXSKYg2CDTuQ
 GqQm9Bh/yv14n9SUuLIuKKs+Z6xiwQS5/qKFaRjrPwyjU1JR6ZR/Ukz423Eqj9g+QRf0
 4Wb34AXwn7dxqWAi5KWejZ32FVNNuSbPrc9+FlNnQp8RgTO4AU0epEQbbH1b+oBVY4b6
 qS7LU7NQ4QI9vO5tEzp3u0d4/VIyhJfjJlHbhzxL+w0JCT/s4jzL0Vu/wVvrwvVGxK/h
 8Es/KunMycH6E8MpLjxuD7an+lYGe1SVZoguVRoUmg6uJoW6OjW56sbVlEn2Cg8dNodK uw== 
Received: from pps.reinject (localhost [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3mbhwtm08q-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Fri, 09 Dec 2022 06:42:14 +0000
Received: from m0098396.ppops.net (m0098396.ppops.net [127.0.0.1])
	by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 2B96Xne7025809;
	Fri, 9 Dec 2022 06:42:14 GMT
Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27])
	by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3mbhwtm087-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Fri, 09 Dec 2022 06:42:14 +0000
Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1])
	by ppma05wdc.us.ibm.com (8.17.1.19/8.16.1.2) with ESMTP id 2B93hmQu007227;
	Fri, 9 Dec 2022 06:42:12 GMT
Received: from smtprelay06.wdc07v.mail.ibm.com ([9.208.129.118])
	by ppma05wdc.us.ibm.com (PPS) with ESMTPS id 3m9nyh6ccy-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Fri, 09 Dec 2022 06:42:12 +0000
Received: from smtpav03.wdc07v.mail.ibm.com (smtpav03.wdc07v.mail.ibm.com [10.39.53.230])
	by smtprelay06.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 2B96gBF662914852
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Fri, 9 Dec 2022 06:42:11 GMT
Received: from smtpav03.wdc07v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 652615805C;
	Fri,  9 Dec 2022 06:42:11 +0000 (GMT)
Received: from smtpav03.wdc07v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 0E6E65806F;
	Fri,  9 Dec 2022 06:42:08 +0000 (GMT)
Received: from [9.160.189.175] (unknown [9.160.189.175])
	by smtpav03.wdc07v.mail.ibm.com (Postfix) with ESMTP;
	Fri,  9 Dec 2022 06:42:07 +0000 (GMT)
Message-ID: <ad86adbf-1df0-93f1-97f1-2d56d914b507@linux.ibm.com>
Date: Fri, 9 Dec 2022 08:42:06 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.5.1
Subject: Re: [PATCH 1/1] OvmfPkg/AmdSev/SecretDxe: Allocate CC secret location as runtime memory
To: Ard Biesheuvel <ardb@kernel.org>
Cc: devel@edk2.groups.io, Tobin Feldman-Fitzthum <tobin@ibm.com>,
        Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Erdem Aktas <erdemaktas@google.com>, Gerd Hoffmann <kraxel@redhat.com>,
        James Bottomley <jejb@linux.ibm.com>,
        Jiewen Yao <Jiewen.Yao@intel.com>,
        Jordan Justen <jordan.l.justen@intel.com>, Min Xu <min.m.xu@intel.com>,
        Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Dov Murik <dovmurik@linux.ibm.com>
References: <20221208080311.2025737-1-dovmurik@linux.ibm.com>
 <CAMj1kXEx=md9P9dMQNfb4yt+p0wNfz2ZEoW93HzpExeAgQFLTA@mail.gmail.com>
From: "Dov Murik" <dovmurik@linux.ibm.com>
In-Reply-To: <CAMj1kXEx=md9P9dMQNfb4yt+p0wNfz2ZEoW93HzpExeAgQFLTA@mail.gmail.com>
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: TukzoJHngNkB0mbJyW5VRFC1jOykVSJs
X-Proofpoint-ORIG-GUID: rDT_YkefYKo51oHnLdP5WxHPDpLaSCpt
X-Proofpoint-UnRewURL: 182 URL's were un-rewritten
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1
 definitions=2022-12-09_03,2022-12-08_01,2022-06-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0
 malwarescore=0 suspectscore=0 mlxlogscore=999 bulkscore=0 spamscore=0
 adultscore=0 priorityscore=1501 mlxscore=0 impostorscore=0 clxscore=1015
 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2210170000 definitions=main-2212090055
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Thanks Ard for reviewing this patch.

On 09/12/2022 1:02, Ard Biesheuvel wrote:
> On Thu, 8 Dec 2022 at 09:08, Dov Murik <dovmurik@linux.ibm.com> wrote:
>>
>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4186
>>
>> Commit 079a58276b98 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret
>> area as reserved") marked the launch secret area itself (1 page) as
>> reserved so it the guest OS can use it during the lifetime of the OS.
>> However, the address and size of the secret area held in the
>> CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct are declared as STATIC in
>> OVMF (in AmdSev/SecretDxe); therefore there's no guarantee that it will
>> not be written over by OS data.
>>
>> Fix this by allocating the memory for the
>> CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct with AllocateRuntimePool
>> to ensure the guest OS will not reuse this memory.
>>
> 
> This memory type is mapped into the EFI page tables, and omitted from
> the linear map in Linux on arm64, so it is generally not the right
> type for data that only has significance to the OS. In spite of the
> name, EfiAcpiReclaimMemory is more suitable here - the OS is free to
> preserve it or treat it as ordinary memory.

Just making sure -- this data might be useful in grub (if we embed grub
into OVMF to boot encrypted disk from an SEV injected launch secret)
and/or in Linux (module efi_secret will try to access this same area).

Both need access to this small table and to the secret page itself.


> 
> I realise that this is not of great importance here given that the
> table is only 8 bytes in size, but if we can, I'd prefer it if we use
> ACPI reclaim memory here.
> 

I assume I need to use gBS->AllocatePool() in order to specify this
special memory type.

I'll try it and see if it solves the issue I'm experiencing.


Thanks,
-Dov

>> Fixes: 079a58276b98 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved")
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Jiewen Yao <Jiewen.Yao@intel.com>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
>> ---
>>  OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf |  2 ++
>>  OvmfPkg/AmdSev/SecretDxe/SecretDxe.c   | 17 +++++++++++------
>>  2 files changed, 13 insertions(+), 6 deletions(-)
>>
>> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
>> index 40bda7ff846c..67d35f19b063 100644
>> --- a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
>> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
>> @@ -23,6 +23,8 @@ [Packages]
>>    MdePkg/MdePkg.dec
>>
>>  [LibraryClasses]
>> +  DebugLib
>> +  MemoryAllocationLib
>>    UefiBootServicesTableLib
>>    UefiDriverEntryPoint
>>
>> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
>> index 3d84b2545052..615dff6cbf59 100644
>> --- a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
>> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
>> @@ -5,14 +5,11 @@
>>    SPDX-License-Identifier: BSD-2-Clause-Patent
>>  **/
>>  #include <PiDxe.h>
>> +#include <Library/DebugLib.h>
>>  #include <Library/UefiBootServicesTableLib.h>
>> +#include <Library/MemoryAllocationLib.h> // AllocateRuntimePool()
>>  #include <Guid/ConfidentialComputingSecret.h>
>>
>> -STATIC CONFIDENTIAL_COMPUTING_SECRET_LOCATION  mSecretDxeTable = {
>> -  FixedPcdGet32 (PcdSevLaunchSecretBase),
>> -  FixedPcdGet32 (PcdSevLaunchSecretSize),
>> -};
>> -
>>  EFI_STATUS
>>  EFIAPI
>>  InitializeSecretDxe (
>> @@ -20,8 +17,16 @@ InitializeSecretDxe (
>>    IN EFI_SYSTEM_TABLE  *SystemTable
>>    )
>>  {
>> +  CONFIDENTIAL_COMPUTING_SECRET_LOCATION *SecretDxeTable;
>> +
>> +  SecretDxeTable = AllocateRuntimePool (sizeof (CONFIDENTIAL_COMPUTING_SECRET_LOCATION));
>> +  ASSERT (SecretDxeTable != NULL);
>> +
>> +  SecretDxeTable->Base = FixedPcdGet32 (PcdSevLaunchSecretBase);
>> +  SecretDxeTable->Size = FixedPcdGet32 (PcdSevLaunchSecretSize);
>> +
>>    return gBS->InstallConfigurationTable (
>>                  &gConfidentialComputingSecretGuid,
>> -                &mSecretDxeTable
>> +                SecretDxeTable
>>                  );
>>  }
>> --
>> 2.25.1
>>