From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.87]) by mx.groups.io with SMTP id smtpd.web11.4287.1596829439227520675 for ; Fri, 07 Aug 2020 12:43:59 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=oGW2lcQw; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.94.87, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UazG/e4sDuEfWYIjbNgiOES5eqoowPwKfWtSC2kHBWtTutb4gz39Fssvm5XLFTtsSl5bYExPaso/xC9JlsFM7edWl6a7/vmkfcAayFBz/qIy/dPT5UDpJNub/qKLlf3/1HiAHLAktnPZ4DEGORn6sdzv2tDNfl5Ay0yG5V4HStXZDwTx5irepiGNtds01Y4lIiilfPqt5cDE2S0aUq9A6dGFcysATYGXA2l+E5f+KWBhEkgETfLX9bpE4cCkW6FjvT2wGlCdwjqgBDm8VJi8nLrcWq6SXdWF/qzyDoECL+eDJcdoLmpZhnlFAciv514+7uLpG/oTTGMyFnVEj368qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FTwQOqZtSgveKyDVyv5Xn+OjC06eT2L6v4s746V/714=; b=X5S26rE03gZo3s8C/6bwzXX3clFvtPzjPEcgmfrT6XkXgJOqN8DPCgKS8abiVH6fRoKl5xMDndV/y5KXjUMi2Qsb3NhgKWZOJvt79XbghReq36cWKo5uLanCyoew1CJ6zn1J7hRD2Gn2Mj67Uq+zvnRK0RaJ4e9Er34TtxfJNFyTDiiiTG7nYrdrqlcUkm5FYt5tMRIM7XLxBPSNAAVOemMsF8kRwChfBdXvS9yCD5sHM9I+oaxBGbvQRig3hnUJRclPLjH6jHU/8F5lJL0ZqaeFu2LAywhx3Ikh4Z7XokQ5AAJaue0dsNlGpuhcdi4uzI+tKHg2H737PhrbqwvMOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FTwQOqZtSgveKyDVyv5Xn+OjC06eT2L6v4s746V/714=; b=oGW2lcQwcUrlYK+OOJ6R0IwQ59lUJDLzVtuZwVqHWeB2gS2VjgcpglyJKogwwH72jS08E9/zB8dT8H7PZA0x6gMGKCEmdR0O2MVfzVdjeGTCsP4f0jmzp8DuZhMmjD5YRyhKcmHZWBx+TOqteMvp4o63XTxyBk7MHrlBi9vfesw= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) by CY4PR12MB1798.namprd12.prod.outlook.com (2603:10b6:903:11a::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.19; Fri, 7 Aug 2020 19:43:57 +0000 Received: from CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::9181:78bf:bf0:702b]) by CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::9181:78bf:bf0:702b%5]) with mapi id 15.20.3239.024; Fri, 7 Aug 2020 19:43:57 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , Ard Biesheuvel , Eric Dong , Jordan Justen , Laszlo Ersek , Liming Gao , Michael D Kinney , Ray Ni Subject: [PATCH v14 31/46] OvmfPkg: Create GHCB pages for use during Pei and Dxe phase Date: Fri, 7 Aug 2020 14:39:16 -0500 Message-ID: X-Mailer: git-send-email 2.27.0 In-Reply-To: References: X-ClientProxiedBy: SN4PR0701CA0007.namprd07.prod.outlook.com (2603:10b6:803:28::17) To CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by SN4PR0701CA0007.namprd07.prod.outlook.com (2603:10b6:803:28::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.15 via Frontend Transport; Fri, 7 Aug 2020 19:43:56 +0000 X-Mailer: git-send-email 2.27.0 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 0a3fd553-286c-4474-e401-08d83b0a3989 X-MS-TrafficTypeDiagnostic: CY4PR12MB1798: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Ej72lM8FhIKUlKawx1z306b1AIFIt/2gKonMSBDd6uI+ClL5FWOYGJ+DuI3UtwOE9puZzG8F+MyLEMKGi36CzxMBFloUeT8hLu7Pz049An2KfqzasqbFMq9tDPz6hjP4MPHgS+F2Sqm19Fp4/EQ1e80cb6uMLZc87veMIb7YpA2xh5r7kcM32m7w3cR9ZCCQml3Z/Y3aIA4lzo5eWUZZUIFibIHRBih4N5Uj3dUUw7kNsCSvf5N4zRRFBRQ/V4IluIntEwKPWKOXG7d1osiDELFz62E5YGSZSUPPdYjlLKsvWpJivqdVD52o72o7d5/OtcSHrslG6EV+81ZCiuCmdNTxrPy7SYoRvydH9+I/PO6RQB7WhgiOVD/EPxXPkoqd6/yX46T4eE6LV+YXRL4bvx2N2mBT43OTnmIUPaL9WfEJp+/GiaVp8bAN73O3ZK33j1/Gv0EKPlQSSiaMwLJqtg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR12MB1352.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(376002)(136003)(366004)(39860400002)(346002)(396003)(4326008)(19627235002)(66946007)(6486002)(2906002)(66556008)(66476007)(5660300002)(966005)(478600001)(8676002)(7696005)(26005)(8936002)(16526019)(186003)(86362001)(956004)(6916009)(36756003)(2616005)(6666004)(52116002)(316002)(54906003)(83380400001)(136400200001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: 1k7zilOrByYJVCqLla2Vv6ew+G+ynS8h6w4FD29S0TWmg/yKhBO5hpkU214WEwXh+PeyXpLSc9LL2a7ycxE+gsVSUu3H1PEO9ivLDhrkJH16DGLIFRL6iJk2JAGKYK+GvLpeJkqQwYs0DaOpp6F7lR3sZ2ExQA3NroJNnMW49kBcuYhNQj71wVeLGW6P7gY89ST13siHC1GRIsSyZxBudKYn2d+AzydGN7eZHvOXavVXZWosPcCEIodIQY/9kkceeVKB6kpuI5ulap98Kzj80itaKN1I3fDIFYWiOzfm6H3ngWldwwHAD8DEezUIRyLcGOoKKkwmCveOsoC5TTmEpcm67P82+VOoITYnxP8ucI4QRSCO9tQkpNkU6OSyhQSYonVONm5OGAb65b7fKHXusT8wmh5WINkSW883Vhs2+wOhBQefFlSny5WutWdid1/AMtsDyfTGpjQ4JwBjAL6pxNs+Ixo78aZqgJncTL3okE5UJgUzuM53M0FbNgjx159p4aCEuNaomU8hMwCdPA59k6CqnJZqT9kb7zYFbRREVkz36YvVm65dl/OkGQboiyXB6Xp5vX0xCFBTGsQ82SMAz5e9fZHUTT3vipIwCN47v2ckibUXrgSC3wy4QIQ1pKFX+rE9UxxUbVCyeVTae4fAdw== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0a3fd553-286c-4474-e401-08d83b0a3989 X-MS-Exchange-CrossTenant-AuthSource: CY4PR12MB1352.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Aug 2020 19:43:57.6213 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: GVt8XeO6rfnd/a+xixX/AJI2+oR0m6MEj8soQ9aH1IQ9OhVPqgE9RzLLuoixkANPTsU6t1j/3VZQMeLOlvu9Gg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1798 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198 Allocate memory for the GHCB pages and the per-CPU variable pages during SEV initialization for use during Pei and Dxe phases. The GHCB page(s) must be shared pages, so clear the encryption mask from the current page table entries. Upon successful allocation, set the GHCB PCDs (PcdGhcbBase and PcdGhcbSize). The per-CPU variable page needs to be unique per AP. Using the page after the GHCB ensures that it is unique per AP. Only the GHCB page is marked as shared, keeping the per-CPU variable page encyrpted. The same logic is used in DXE using CreateIdentityMappingPageTables() before switching to the DXE pagetables. The GHCB pages (one per vCPU) will be used by the PEI and DXE #VC exception handlers. The #VC exception handler will fill in the necessary fields of the GHCB and exit to the hypervisor using the VMGEXIT instruction. The hypervisor then accesses the GHCB associated with the vCPU in order to perform the requested function. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Reviewed-by: Laszlo Ersek Signed-off-by: Tom Lendacky --- OvmfPkg/OvmfPkgIa32.dsc | 2 ++ OvmfPkg/OvmfPkgIa32X64.dsc | 2 ++ OvmfPkg/OvmfPkgX64.dsc | 2 ++ OvmfPkg/PlatformPei/PlatformPei.inf | 2 ++ OvmfPkg/PlatformPei/AmdSev.c | 45 ++++++++++++++++++++++++++++- 5 files changed, 52 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index f84f23f250ef..133a9a93c071 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -608,6 +608,8 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 # Set SEV-ES defaults + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0 =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index a66abccf8266..338c38db29b5 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -620,6 +620,8 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 # Set SEV-ES defaults + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0 =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 2a8975fd3d29..b80710fbdca4 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -618,6 +618,8 @@ [PcdsDynamicDefault] gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 # Set SEV-ES defaults + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0 =20 !if $(SMM_REQUIRE) =3D=3D TRUE diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index a54d10ba90d5..4742e1bdf42b 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -102,6 +102,8 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 4dc5340caa7a..4fd4534cabea 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -10,12 +10,15 @@ // The package level header files this module uses // #include +#include #include #include #include +#include #include #include #include +#include #include #include =20 @@ -32,7 +35,10 @@ AmdSevEsInitialize ( VOID ) { - RETURN_STATUS PcdStatus; + VOID *GhcbBase; + PHYSICAL_ADDRESS GhcbBasePa; + UINTN GhcbPageCount, PageCount; + RETURN_STATUS PcdStatus, DecryptStatus; =20 if (!MemEncryptSevEsIsEnabled ()) { return; @@ -40,6 +46,43 @@ AmdSevEsInitialize ( =20 PcdStatus =3D PcdSetBoolS (PcdSevEsIsEnabled, TRUE); ASSERT_RETURN_ERROR (PcdStatus); + + // + // Allocate GHCB and per-CPU variable pages. + // + GhcbPageCount =3D mMaxCpuCount * 2; + GhcbBase =3D AllocatePages (GhcbPageCount); + ASSERT (GhcbBase !=3D NULL); + + GhcbBasePa =3D (PHYSICAL_ADDRESS)(UINTN) GhcbBase; + + // + // Each vCPU gets two consecutive pages, the first is the GHCB and the + // second is the per-CPU variable page. Loop through the allocation and + // only clear the encryption mask for the GHCB pages. + // + for (PageCount =3D 0; PageCount < GhcbPageCount; PageCount +=3D 2) { + DecryptStatus =3D MemEncryptSevClearPageEncMask ( + 0, + GhcbBasePa + EFI_PAGES_TO_SIZE (PageCount), + 1, + TRUE + ); + ASSERT_RETURN_ERROR (DecryptStatus); + } + + ZeroMem (GhcbBase, EFI_PAGES_TO_SIZE (GhcbPageCount)); + + PcdStatus =3D PcdSet64S (PcdGhcbBase, GhcbBasePa); + ASSERT_RETURN_ERROR (PcdStatus); + PcdStatus =3D PcdSet64S (PcdGhcbSize, EFI_PAGES_TO_SIZE (GhcbPageCount))= ; + ASSERT_RETURN_ERROR (PcdStatus); + + DEBUG ((DEBUG_INFO, + "SEV-ES is enabled, %lu GHCB pages allocated starting at 0x%p\n", + (UINT64)GhcbPageCount, GhcbBase)); + + AsmWriteMsr64 (MSR_SEV_ES_GHCB, GhcbBasePa); } =20 /** --=20 2.27.0