From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+116251+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 51B0794174D
	for <rebecca@openfw.io>; Fri,  1 Mar 2024 13:04:47 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=M6qwEr2OphTjNENT6KRzQmKdoHulM3hPWOfAdsX8c1A=;
 c=relaxed/simple; d=groups.io;
 h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1709298286; v=1;
 b=LRRoCgbyI7fclOOIsBlgwkKMtwDKK8icBOT7khj0lqt20w1Gi3UI61brYGvZjiQYO3pqJHSg
 cQmB00KxFmmW8nStqU+uilhX1dmj6dzb0ucZDwlskEHzT1XJ4OvZRcb6k/DH4FVL4OB4AosEial
 pCmXmDMV7njxRsR5rCahaGpA=
X-Received: by 127.0.0.2 with SMTP id MyP5YY7687511xi5kQFx4wct; Fri, 01 Mar 2024 05:04:46 -0800
X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by mx.groups.io with SMTP id smtpd.web10.22061.1709298285409277330
 for <devel@edk2.groups.io>;
 Fri, 01 Mar 2024 05:04:45 -0800
X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-341-rhbNjsXEMD6bi794hxv_eg-1; Fri, 01 Mar 2024 08:04:41 -0500
X-MC-Unique: rhbNjsXEMD6bi794hxv_eg-1
X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 19A6D84F9D5;
	Fri,  1 Mar 2024 13:04:41 +0000 (UTC)
X-Received: from [10.39.194.215] (unknown [10.39.194.215])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 8A1171C060AF;
	Fri,  1 Mar 2024 13:04:39 +0000 (UTC)
Message-ID: <b06eb185-9445-d153-fd1c-354da89c0b2a@redhat.com>
Date: Fri, 1 Mar 2024 14:04:38 +0100
MIME-Version: 1.0
Subject: Re: [edk2-devel] [PATCH v2 10/10] OvmfPkg/ResetVector: wire up 5-level paging for SEV
To: devel@edk2.groups.io, kraxel@redhat.com
Cc: Jiewen Yao <jiewen.yao@intel.com>, Oliver Steffen <osteffen@redhat.com>,
 Michael Roth <michael.roth@amd.com>, Erdem Aktas <erdemaktas@google.com>,
 Min Xu <min.m.xu@intel.com>, Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Tom Lendacky <thomas.lendacky@amd.com>
References: <20240301074402.98625-1-kraxel@redhat.com>
 <20240301074402.98625-11-kraxel@redhat.com>
From: "Laszlo Ersek" <lersek@redhat.com>
In-Reply-To: <20240301074402.98625-11-kraxel@redhat.com>
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.7
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,lersek@redhat.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: BODxvQJDmk1HIHaeotHoYXD2x7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=LRRoCgby;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

On 3/1/24 08:44, Gerd Hoffmann wrote:
> Turn the GetSevCBitMaskAbove31 OneTimeCall into a macro because we
> need that twice (for 4-level and 5-level paging).  Change include
> order to allow AmdSev.asm macros being used in PageTables64.asm.

I *think* the include order change will not only make the macros
visible, but also rearrange how the code (the binary instructions) are
laid out in the reset vector -- however, that should not be a problem.

Reviewed-by: Laszlo Ersek <lersek@redhat.com>


>=20
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
> ---
>  OvmfPkg/ResetVector/Ia32/AmdSev.asm       | 16 ++++++++--------
>  OvmfPkg/ResetVector/Ia32/PageTables64.asm | 14 +++++++++++++-
>  OvmfPkg/ResetVector/ResetVector.nasmb     |  4 ++--
>  3 files changed, 23 insertions(+), 11 deletions(-)
>=20
> diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm b/OvmfPkg/ResetVector/Ia=
32/AmdSev.asm
> index cbb86871636f..c577f5572f04 100644
> --- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> +++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm
> @@ -146,6 +146,14 @@ BITS    32
>      jmp     %%TerminateHlt
>  %endmacro
> =20
> +; Get the C-bit mask above 31.
> +; Modified: EDX
> +;
> +; The value is returned in the EDX
> +%macro GetSevCBitMaskAbove31 0
> +    mov edx, dword[SEV_ES_WORK_AREA_ENC_MASK + 4]
> +%endmacro
> +
>  ; Terminate the guest due to unexpected response code.
>  SevEsUnexpectedRespTerminate:
>      TerminateVmgExit    TERM_UNEXPECTED_RESP_CODE
> @@ -191,14 +199,6 @@ pageTableEntries4kLoop:
>  SevClearPageEncMaskForGhcbPageExit:
>      OneTimeCallRet SevClearPageEncMaskForGhcbPage
> =20
> -; Get the C-bit mask above 31.
> -; Modified: EDX
> -;
> -; The value is returned in the EDX
> -GetSevCBitMaskAbove31:
> -    mov       edx, dword[SEV_ES_WORK_AREA_ENC_MASK + 4]
> -    OneTimeCallRet GetSevCBitMaskAbove31
> -
>  %endif
> =20
>  ; Check if Secure Encrypted Virtualization (SEV) features are enabled.
> diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVec=
tor/Ia32/PageTables64.asm
> index 29ce155eed8d..92d134441abe 100644
> --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> @@ -247,11 +247,23 @@ SevInit:
>      ; SEV workflow
>      ;
>      ClearOvmfPageTables
> +%if PG_5_LEVEL
> +    Check5LevelPaging Sev4Level
>      ; If SEV is enabled, the C-bit position is always above 31.
>      ; The mask will be saved in the EDX and applied during the
>      ; the page table build below.
> -    OneTimeCall   GetSevCBitMaskAbove31
> +    GetSevCBitMaskAbove31
> +    CreatePageTables5Level edx
> +    Enable5LevelPaging
> +    jmp SevCommon
> +Sev4Level:
> +%endif
> +    ; If SEV is enabled, the C-bit position is always above 31.
> +    ; The mask will be saved in the EDX and applied during the
> +    ; the page table build below.
> +    GetSevCBitMaskAbove31
>      CreatePageTables4Level edx
> +SevCommon:
>      ; Clear the C-bit from the GHCB page if the SEV-ES is enabled.
>      OneTimeCall   SevClearPageEncMaskForGhcbPage
>      OneTimeCall   SevClearVcHandlerAndStack
> diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/=
ResetVector.nasmb
> index 2bd80149e58b..ba83bc7b3124 100644
> --- a/OvmfPkg/ResetVector/ResetVector.nasmb
> +++ b/OvmfPkg/ResetVector/ResetVector.nasmb
> @@ -92,6 +92,8 @@
>  %define SNP_SEC_MEM_BASE_DESC_3       (CPUID_BASE + CPUID_SIZE + SEV_SNP=
_KERNEL_HASHES_SIZE)
>  %define SNP_SEC_MEM_SIZE_DESC_3       (FixedPcdGet32 (PcdOvmfPeiMemFvBas=
e) - SNP_SEC_MEM_BASE_DESC_3)
> =20
> +%include "Ia32/AmdSev.asm"
> +
>  %ifdef ARCH_X64
>    #include <AutoGen.h>
> =20
> @@ -144,8 +146,6 @@
>    %include "X64/OvmfSevMetadata.asm"
>  %endif
> =20
> -%include "Ia32/AmdSev.asm"
> -
>  %include "Ia16/Real16ToFlat32.asm"
>  %include "Ia16/Init16.asm"
> =20



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116251): https://edk2.groups.io/g/devel/message/116251
Mute This Topic: https://groups.io/mt/104660118/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-