From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=NWVU674x; spf=none, err=SPF record not found (domain: amd.com, ip: , mailfrom: thomas.lendacky@amd.com) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (NAM02-SN1-obe.outbound.protection.outlook.com []) by groups.io with SMTP; Mon, 19 Aug 2019 14:35:58 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Vu9lX+9as30uEEQ+GvYsugnclsrgxxu7+Yddn8kywwjBiT8SB5Qt7lP80cLmVYz40wppJAL9b2JA4zEVq4FnlSbruStp3FV2Ivr/oy6Y0giB2icQCozaDU4TNTUy+pnWUP9XlO5rSjwizaTu/ONE4HFpLIu4LvOIXU73NT8Q9bMVW2YwYl0c0x+fj4ldWyn7XRNBlMbwa2rMAF6yYUv6g//oHV4V4ozV4ES/DuMeUzXow2oFkYgv7NUGKg2xJx53ibPoODluVp8PHh2AafXPRRX0Al+VIen7GORPAYuzHFCzwzFKL1Yi/V7nLj//a6iedluevLq/a0IfnQkReC53Og== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OYXDCEodd2KhEPtNMYXDAvBiFCHk1HcbMDev7ekw9a0=; b=Uvd5Ck6qlgid2fuJ4pEKCTIy4qVa1iMfFBj+FcsYPc4WLpapOe1iAT1JM1N9FtGRsphGwV8ESPcwuVB2j78019DouNgzltMVtXyglYdT3oYJe7VHoS949b9Ry1seLna9OW5Ng4HyU0nPFUni8LBwPQRQ466/3m3alEONpdIhqlgjtcMTG1xVFszXilpESOg2QVxx2H5ykQc34xKyMcBJHcpXUZ0SNtuVJB9IGxqvqLkCOskZM02zxmupE7/Qp6xRF5ChpnAA2ZNpIEtypb4qBYcQYAp7biDC7PKLqnNohOtvue96pgih4297Dt3SWk66pnUkO/vKgvgcSAeZyeK65w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OYXDCEodd2KhEPtNMYXDAvBiFCHk1HcbMDev7ekw9a0=; b=NWVU674x1udWU3XmDovZRX/KLseAh1p30iHxW0eOWwci4bmKVP1AljuqKfSJjhzqaCeOQovsUQPi87jXWgQGWfdEn6C6H/zahjgN+c+7NfHvPHFj8pCQb4MLKM4tXDeE5qTjye7GRKJny6o2DEK2H9GShxUeBJlUUIZduUcK0cI= Received: from BYAPR12MB3158.namprd12.prod.outlook.com (20.179.92.19) by BYAPR12MB2965.namprd12.prod.outlook.com (20.178.52.214) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2178.18; Mon, 19 Aug 2019 21:35:57 +0000 Received: from BYAPR12MB3158.namprd12.prod.outlook.com ([fe80::39b9:76bd:a491:1f27]) by BYAPR12MB3158.namprd12.prod.outlook.com ([fe80::39b9:76bd:a491:1f27%6]) with mapi id 15.20.2157.022; Mon, 19 Aug 2019 21:35:57 +0000 From: "Lendacky, Thomas" To: "devel@edk2.groups.io" CC: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , "Singh, Brijesh" Subject: [RFC PATCH 08/28] MdePkg/BaseLib: Implement the VMGEXIT support Thread-Topic: [RFC PATCH 08/28] MdePkg/BaseLib: Implement the VMGEXIT support Thread-Index: AQHVVtYV6ovIQ0EYA0mbP9JSyXPRug== Date: Mon, 19 Aug 2019 21:35:56 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.17.1 x-clientproxiedby: SN2PR01CA0031.prod.exchangelabs.com (2603:10b6:804:2::41) To BYAPR12MB3158.namprd12.prod.outlook.com (2603:10b6:a03:132::19) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [165.204.77.1] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 446b6dac-e718-477b-2488-08d724ed384a x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020);SRVR:BYAPR12MB2965; x-ms-traffictypediagnostic: BYAPR12MB2965: x-ms-exchange-purlcount: 1 x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 0134AD334F x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(4636009)(346002)(366004)(376002)(396003)(136003)(39860400002)(189003)(199004)(50226002)(53936002)(316002)(5660300002)(2351001)(52116002)(76176011)(36756003)(6436002)(71200400001)(19627235002)(6512007)(7736002)(256004)(966005)(86362001)(14454004)(478600001)(305945005)(2906002)(71190400001)(2501003)(64756008)(186003)(118296001)(4326008)(26005)(6486002)(99286004)(6306002)(1730700003)(386003)(6506007)(66066001)(66476007)(66556008)(8676002)(102836004)(81166006)(25786009)(66446008)(6916009)(54906003)(3846002)(6116002)(486006)(5640700003)(53376002)(476003)(2616005)(11346002)(446003)(81156014)(66946007)(8936002);DIR:OUT;SFP:1101;SCL:1;SRVR:BYAPR12MB2965;H:BYAPR12MB3158.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; received-spf: None (protection.outlook.com: amd.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: p0SOorQ0thc1i4auviz6ArddVVy/Fv9BRLxRZu3oS43dwa0e1uZkuhml7ZMv3JWkVTVb+AdOrWvEkxj135JAaOQIInhhIF1hLmJs9QHlIm8qQAT3arjTcBnC2F4s0/shbLLHdNaimT46wj1io8ZbNs3yZQKRw3vYOYZbfM4naCPrNxb4eqrL8OmCJd5wc+yHVS5VyKnicAVLeQX5jH+Bh+dX9CGTgAB4A7VhlZUzg3Y2imcR/oahHtWPfx8clrggMoyOr5TIzSWtOp+rw4asgWfX2J8VRuvO2UYE37AFSK7mYtd0j/d3uMtuhqrGtorRW2DFoWHd0dZR4Cv29Obgv8vOFdhaDDnT/Mw2Dtoj6WBDcP5yC2x/BXAOUKe+dm77sQL4ev+0C1VPPqIFW0ux1QDIEQEK5fbE8LcxoiiEjWg= MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 446b6dac-e718-477b-2488-08d724ed384a X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Aug 2019 21:35:56.8875 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Hbk0UCwxnnzZgccpMJ/IL+HsYX8TMzCsQD7hdaGMt2ApUt0l4OzfKqdtGIovoMD0fXruxmvFqw4tklwMQH66QQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB2965 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-ID: Content-Transfer-Encoding: quoted-printable From: Tom Lendacky VMGEXIT is a new instruction used for Hypervisor/Guest communication when running as an SEV-ES guest. A VMGEXIT will cause an automatic exit (AE) to occur, resulting in a #VMEXIT with an exit code value of 0x403. To support VMGEXIT, define the VMGEXIT assember routine to issue the instruction (rep; vmmcall), the GHCB structure and some helper functions for communicating register information to and from the hypervisor and the guest. Signed-off-by: Tom Lendacky --- MdePkg/Library/BaseLib/BaseLib.inf | 1 + MdePkg/Include/Library/BaseLib.h | 14 ++ UefiCpuPkg/Include/Register/Amd/Ghcb.h | 197 ++++++++++++++++++++++++ MdePkg/Library/BaseLib/X64/GccInline.c | 17 ++ MdePkg/Library/BaseLib/X64/VmgExit.nasm | 38 +++++ 5 files changed, 267 insertions(+) create mode 100644 UefiCpuPkg/Include/Register/Amd/Ghcb.h create mode 100644 MdePkg/Library/BaseLib/X64/VmgExit.nasm diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/Ba= seLib.inf index 3586beb0ab5c..a41401340f95 100644 --- a/MdePkg/Library/BaseLib/BaseLib.inf +++ b/MdePkg/Library/BaseLib/BaseLib.inf @@ -286,6 +286,7 @@ [Sources.X64] X64/ReadCr2.nasm| MSFT X64/ReadCr0.nasm| MSFT X64/ReadEflags.nasm| MSFT + X64/VmgExit.nasm | MSFT =20 =20 X64/Non-existing.c diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/Base= Lib.h index 2a75bc023f56..80bd5cf57a72 100644 --- a/MdePkg/Include/Library/BaseLib.h +++ b/MdePkg/Include/Library/BaseLib.h @@ -7880,6 +7880,20 @@ AsmLfence ( VOID ); =20 +/** + Executes a VMGEXIT instruction (VMMCALL with a REP prefix) + + Executes a VMGEXIT instruction. This function is only available on IA-32= and + x64. + +**/ +VOID +EFIAPI +AsmVmgExit ( + VOID + ); + + /** Patch the immediate operand of an IA32 or X64 instruction such that the = byte, word, dword or qword operand is encoded at the end of the instruction's diff --git a/UefiCpuPkg/Include/Register/Amd/Ghcb.h b/UefiCpuPkg/Include/Re= gister/Amd/Ghcb.h new file mode 100644 index 000000000000..e9fd116fac25 --- /dev/null +++ b/UefiCpuPkg/Include/Register/Amd/Ghcb.h @@ -0,0 +1,197 @@ + +#ifndef __GHCB_H__ +#define __GHCB_H__ + +#include +#include +#include + +#define UD_EXCEPTION 6 +#define GP_EXCEPTION 13 + +#define GHCB_VERSION_MIN 1 +#define GHCB_VERSION_MAX 1 + +#define GHCB_STANDARD_USAGE 0 + +typedef enum { + SvmExitDr7Read =3D 0x27, + SvmExitDr7Write =3D 0x37, + SvmExitRdtsc =3D 0x6E, + SvmExitRdpmc, + SvmExitCpuid =3D 0x72, + SvmExitInvd =3D 0x76, + SvmExitIoioProt =3D 0x7B, + SvmExitMsr, + SvmExitVmmCall =3D 0x81, + SvmExitRdtscp =3D 0x87, + SvmExitWbinvd =3D 0x89, + SvmExitMonitor, + SvmExitMwait, + SvmExitNpf =3D 0x400, + + // VMG special exits + SvmExitMmioRead =3D 0x80000001, + SvmExitMmioWrite, + SvmExitNmiComplete, + SvmExitApResetHold, + + SvmExitUnsupported =3D 0x8000FFFF, +} SVM_EXITCODE; + +typedef enum { + GhcbCpl =3D 25, + GhcbRflags =3D 46, + GhcbRip, + GhcbRsp =3D 59, + GhcbRax =3D 63, + GhcbRcx =3D 97, + GhcbRdx, + GhcbRbx, + GhcbRbp =3D 101, + GhcbRsi, + GhcbRdi, + GhcbR8, + GhcbR9, + GhcbR10, + GhcbR11, + GhcbR12, + GhcbR13, + GhcbR14, + GhcbR15, + GhcbXCr0 =3D 125, +} GHCB_REGISTER; + +typedef struct { + UINT8 Reserved1[203]; + UINT8 Cpl; + UINT8 Reserved2[148]; + UINT64 Dr7; + UINT8 Reserved3[144]; + UINT64 Rax; + UINT8 Reserved4[264]; + UINT64 Rcx; + UINT64 Rdx; + UINT64 Rbx; + UINT8 Reserved5[112]; + UINT64 SwExitCode; + UINT64 SwExitInfo1; + UINT64 SwExitInfo2; + UINT64 SwScratch; + UINT8 Reserved6[56]; + UINT64 XCr0; + UINT8 ValidBitmap[16]; + UINT64 X87StateGpa; + UINT8 Reserved7[1016]; +} __attribute__ ((__packed__)) GHCB_SAVE_AREA; + +typedef struct { + GHCB_SAVE_AREA SaveArea; + UINT8 SharedBuffer[2032]; + UINT8 Reserved1[10]; + UINT16 ProtocolVersion; + UINT32 GhcbUsage; +} __attribute__ ((__packed__)) __attribute__ ((aligned(SIZE_4KB))) GHCB; + +typedef union { + struct { + UINT32 Lower32Bits; + UINT32 Upper32Bits; + } Elements; + + UINT64 Uint64; +} GHCB_EXIT_INFO; + +static inline +BOOLEAN +GhcbIsRegValid( + GHCB *Ghcb, + GHCB_REGISTER Reg + ) +{ + UINT32 RegIndex =3D Reg / 8; + UINT32 RegBit =3D Reg & 0x07; + + return (Ghcb->SaveArea.ValidBitmap[RegIndex] & (1 << RegBit)); +} + +static inline +VOID +GhcbSetRegValid( + GHCB *Ghcb, + GHCB_REGISTER Reg + ) +{ + UINT32 RegIndex =3D Reg / 8; + UINT32 RegBit =3D Reg & 0x07; + + Ghcb->SaveArea.ValidBitmap[RegIndex] |=3D (1 << RegBit); +} + +static inline +VOID +VmgException( + UINTN Exception + ) +{ + switch (Exception) { + case UD_EXCEPTION: + case GP_EXCEPTION: + break; + default: + ASSERT (0); + } +} + +static inline +UINTN +VmgExit( + GHCB *Ghcb, + UINT64 ExitCode, + UINT64 ExitInfo1, + UINT64 ExitInfo2 + ) +{ + GHCB_EXIT_INFO ExitInfo; + UINTN Reason, Action; + + Ghcb->SaveArea.SwExitCode =3D ExitCode; + Ghcb->SaveArea.SwExitInfo1 =3D ExitInfo1; + Ghcb->SaveArea.SwExitInfo2 =3D ExitInfo2; + AsmVmgExit (); + + if (!Ghcb->SaveArea.SwExitInfo1) { + return 0; + } + + ExitInfo.Uint64 =3D Ghcb->SaveArea.SwExitInfo1; + Reason =3D ExitInfo.Elements.Upper32Bits; + Action =3D ExitInfo.Elements.Lower32Bits; + switch (Action) { + case 1: + VmgException (Reason); + break; + default: + ASSERT (0); + } + + return Reason; +} + +static inline +VOID +VmgInit( + GHCB *Ghcb + ) +{ + SetMem (&Ghcb->SaveArea, sizeof (Ghcb->SaveArea), 0); +} + +static inline +VOID +VmgDone( + GHCB *Ghcb + ) +{ +} +#endif diff --git a/MdePkg/Library/BaseLib/X64/GccInline.c b/MdePkg/Library/BaseLi= b/X64/GccInline.c index 154ce1f57e92..17539caa0798 100644 --- a/MdePkg/Library/BaseLib/X64/GccInline.c +++ b/MdePkg/Library/BaseLib/X64/GccInline.c @@ -1798,3 +1798,20 @@ AsmFlushCacheLine ( } =20 =20 +/** + Executes a VMGEXIT instruction. + + Executes a VMGEXIT instruction. This function is only available on IA-32= and + X64. + +**/ +VOID +EFIAPI +AsmVmgExit ( + VOID + ) +{ + __asm__ __volatile__ ("rep; vmmcall":::"memory"); +} + + diff --git a/MdePkg/Library/BaseLib/X64/VmgExit.nasm b/MdePkg/Library/BaseL= ib/X64/VmgExit.nasm new file mode 100644 index 000000000000..b673bb94b60d --- /dev/null +++ b/MdePkg/Library/BaseLib/X64/VmgExit.nasm @@ -0,0 +1,38 @@ +;-------------------------------------------------------------------------= ----- +; +; Copyright (c) 2019, Advanced Micro Device, Inc. All rights reserved.
+; This program and the accompanying materials +; are licensed and made available under the terms and conditions of the BS= D License +; which accompanies this distribution. The full text of the license may b= e found at +; http://opensource.org/licenses/bsd-license.php. +; +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +; +; Module Name: +; +; VmgExit.Asm +; +; Abstract: +; +; AsmVmgExit function +; +; Notes: +; +;-------------------------------------------------------------------------= ----- + + DEFAULT REL + SECTION .text + +;-------------------------------------------------------------------------= ----- +; VOID +; EFIAPI +; AsmVmgExit ( +; VOID +; ); +;-------------------------------------------------------------------------= ----- +global ASM_PFX(AsmVmgExit) +ASM_PFX(AsmVmgExit): + rep; vmmcall + ret + --=20 2.17.1