From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web11.5688.1621500958800808530 for ; Thu, 20 May 2021 01:55:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=OGQITFil; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1621500958; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=t2EBJDYKzBlftMZ1TKyfp6dkzgROiu8oKDlYDuk8ENY=; b=OGQITFilC4QwHWWyBrrJ6oXQcSll0dmUb7ne6xowB+t6jOfAPwrgsPWOfWucGlX9UhDNyB qi2RnrsMHVj4jkccAxs1eKFTtiYrUA50qKdA0EifKt0/5sRvHCaxndRjXoQJR+raoF1YKU auHrdFUdXs2S3vtL6InWkOweN7WcLvs= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-485-8PHW8Q3hOAOBbWJBd3b6eQ-1; Thu, 20 May 2021 04:55:52 -0400 X-MC-Unique: 8PHW8Q3hOAOBbWJBd3b6eQ-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 49B49101371D; Thu, 20 May 2021 08:55:50 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-217.ams2.redhat.com [10.36.112.217]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 41BD0617E; Thu, 20 May 2021 08:55:47 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v3 06/13] MdePkg/Register/Amd: define GHCB macros for SNP AP creation To: devel@edk2.groups.io, brijesh.singh@amd.com Cc: Tom Lendacky , James Bottomley , Min Xu , Jiewen Yao , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Michael D Kinney , Liming Gao , Zhiguang Liu References: <20210519181949.6574-1-brijesh.singh@amd.com> <20210519181949.6574-7-brijesh.singh@amd.com> From: "Laszlo Ersek" Message-ID: Date: Thu, 20 May 2021 10:55:45 +0200 MIME-Version: 1.0 In-Reply-To: <20210519181949.6574-7-brijesh.singh@amd.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 05/19/21 20:19, Brijesh Singh wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=33275 (1) The bugzilla number is still wrong (just differently wrong from how it was in v2). But I'll fix it up when I merge this, after the stable tag. > > Version 2 of GHCB introduces NAE for creating AP when SEV-SNP is enabled > in the guest VM. See the GHCB specification, Table 5 "List of Supported > Non-Automatic Events" and sections 4.1.9 and 4.3.2, for further details. > > While at it, define the VMSA state save area that is required for creating > the AP. The save area format is defined in AMD APM volume 2, Table B-4 > (there is a mistake in the table that defines the size of the reserved > area at offset 0xc8 as a dword, when it is actually a word). The format of > the save area segment registers is further defined in AMD APM volume 2, > sections 10 and 15.5. > > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Erdem Aktas > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu > Reviewed-by: Liming Gao > Reviewed-by: Laszlo Ersek > Signed-off-by: Tom Lendacky > Signed-off-by: Brijesh Singh > --- > MdePkg/Include/Register/Amd/Ghcb.h | 84 ++++++++++++++++++++++++++++++ > 1 file changed, 84 insertions(+) > > diff --git a/MdePkg/Include/Register/Amd/Ghcb.h b/MdePkg/Include/Register/Amd/Ghcb.h > index 029904b1c63a..8c5f46e4bb53 100644 > --- a/MdePkg/Include/Register/Amd/Ghcb.h > +++ b/MdePkg/Include/Register/Amd/Ghcb.h > @@ -55,6 +55,7 @@ > #define SVM_EXIT_AP_RESET_HOLD 0x80000004ULL > #define SVM_EXIT_AP_JUMP_TABLE 0x80000005ULL > #define SVM_EXIT_SNP_PAGE_STATE_CHANGE 0x80000010ULL > +#define SVM_EXIT_SNP_AP_CREATION 0x80000013ULL > #define SVM_EXIT_HYPERVISOR_FEATURES 0x8000FFFDULL > #define SVM_EXIT_UNSUPPORTED 0x8000FFFFULL > > @@ -83,6 +84,12 @@ > #define IOIO_SEG_ES 0 > #define IOIO_SEG_DS (BIT11 | BIT10) > > +// > +// AP Creation Information > +// > +#define SVM_VMGEXIT_SNP_AP_CREATE_ON_INIT 0 > +#define SVM_VMGEXIT_SNP_AP_CREATE 1 > +#define SVM_VMGEXIT_SNP_AP_DESTROY 2 > > typedef PACKED struct { > UINT8 Reserved1[203]; > @@ -195,4 +202,81 @@ typedef struct { > SNP_PAGE_STATE_ENTRY Entry[SNP_PAGE_STATE_MAX_ENTRY]; > } SNP_PAGE_STATE_CHANGE_INFO; > > +// > +// SEV-ES save area mapping structures used for SEV-SNP AP Creation. > +// Only the fields required to be set to a non-zero value are defined. > +// > +// The segment register definition is defined for processor reset/real mode > +// (as when an INIT of the vCPU is requested). Should other modes (long mode, > +// etc.) be required, then the definitions can be enhanced. > +// > + > +// > +// Segment types at processor reset, See AMD APM Volume 2, Table 14-2. > +// Thank you for these comment updates! Laszlo > +#define SEV_ES_RESET_CODE_SEGMENT_TYPE 0xA > +#define SEV_ES_RESET_DATA_SEGMENT_TYPE 0x2 > + > +#define SEV_ES_RESET_LDT_TYPE 0x2 > +#define SEV_ES_RESET_TSS_TYPE 0x3 > + > +#pragma pack (1) > +typedef union { > + struct { > + UINT16 Type:4; > + UINT16 Sbit:1; > + UINT16 Dpl:2; > + UINT16 Present:1; > + UINT16 Avl:1; > + UINT16 Reserved1:1; > + UINT16 Db:1; > + UINT16 Granularity:1; > + } Bits; > + UINT16 Uint16; > +} SEV_ES_SEGMENT_REGISTER_ATTRIBUTES; > + > +typedef struct { > + UINT16 Selector; > + SEV_ES_SEGMENT_REGISTER_ATTRIBUTES Attributes; > + UINT32 Limit; > + UINT64 Base; > +} SEV_ES_SEGMENT_REGISTER; > + > +typedef struct { > + SEV_ES_SEGMENT_REGISTER Es; > + SEV_ES_SEGMENT_REGISTER Cs; > + SEV_ES_SEGMENT_REGISTER Ss; > + SEV_ES_SEGMENT_REGISTER Ds; > + SEV_ES_SEGMENT_REGISTER Fs; > + SEV_ES_SEGMENT_REGISTER Gs; > + SEV_ES_SEGMENT_REGISTER Gdtr; > + SEV_ES_SEGMENT_REGISTER Ldtr; > + SEV_ES_SEGMENT_REGISTER Idtr; > + SEV_ES_SEGMENT_REGISTER Tr; > + UINT8 Reserved1[42]; > + UINT8 Vmpl; > + UINT8 Reserved2[5]; > + UINT64 Efer; > + UINT8 Reserved3[112]; > + UINT64 Cr4; > + UINT8 Reserved4[8]; > + UINT64 Cr0; > + UINT64 Dr7; > + UINT64 Dr6; > + UINT64 Rflags; > + UINT64 Rip; > + UINT8 Reserved5[232]; > + UINT64 GPat; > + UINT8 Reserved6[320]; > + UINT64 SevFeatures; > + UINT8 Reserved7[48]; > + UINT64 XCr0; > + UINT8 Reserved8[24]; > + UINT32 Mxcsr; > + UINT16 X87Ftw; > + UINT8 Reserved9[2]; > + UINT16 X87Fcw; > +} SEV_ES_SAVE_AREA; > +#pragma pack () > + > #endif >