From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.67]) by mx.groups.io with SMTP id smtpd.web10.6689.1611410549712147008 for ; Sat, 23 Jan 2021 06:02:30 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=BlCibgO6; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.67, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zgyr8ZwQ0IiUu84rTDNUUA1Fg9ztUmJiN+tcs4mUrWXLKFYXCKEHMBBc1jMTbVGzNFUHR2bRXFABWAQU4VtURxvFYSIFaDSTxHEwiiuMsqomR+zpVlPExnyaWyDrAtt2+5J4z0+Aac/HQH/R3xy3e6dty7E0nx9Eh0mKv76zKNeYsDVUC+SvYT927l+zcsyvjQFGdzQ/7dQAvVNkxr/dQwbpi+/u96JW5eGa9srRTeJydKx0XqrUerRLueVg9P5PBznj5ILIyr7/Iae5wpwx5n3N/yOempy31DCjIsXPp7uNosOFaiXerxo9yBqq5TNBU49iwKgHcatlbuvLKS6TTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VUPv4JfQwS3nFLofizNA8NMUh6cNaUEXavebLVRgRPo=; b=QiL8loOje4H7KwJj9lEtxHwMdaVjQUW7ViRiyTPQG2HZgw+8IutJkQ9ThcpjaoP8kBVfMBMSwpW1CJ+Wrv7gGL0lMzpNQjAOgO+zry1wn1hDrlovpaJpclvE5QzrRpse03IZEMeJEiFGtf6xkJQFre7WugQmtmiEQMnRxvys8nOQxu4OU3YI0VmGV98TUTyeGSH+BFgYcEhrcgkmMBuB1MAQRooqyQnh4NMOz7ysR5G7BNQzzxRUSueH/R27Ffj/fZ73GZEg/ybXZWoLoxl2y0rNtmWegqXvHuMbnHxstgJAqdvxzyC0CCAo4lk9H3kh5zpp/nGPKi/IICf29DCnTA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VUPv4JfQwS3nFLofizNA8NMUh6cNaUEXavebLVRgRPo=; b=BlCibgO67ugjcOBfiPVQBDPa4C7H8tPauiXlZkUabZ9ji5va/oN5uwShDBn+qikQYBAH7CWnumxFcufRxOIzC14bjq6hovHTauE0/uzGqbtowSpUs00GF4pJ2RpGMfek9/Dcmzfwc6a3UduX6F+JbYTYsew8UmcaC0bXc7D9ct8= Authentication-Results: kernel.org; dkim=none (message not signed) header.d=none;kernel.org; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4941.namprd12.prod.outlook.com (2603:10b6:5:1b8::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.15; Sat, 23 Jan 2021 14:02:28 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3763.018; Sat, 23 Jan 2021 14:02:28 +0000 Subject: Re: [PATCH v2] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Use physical address with SEV-ES From: "Lendacky, Thomas" To: devel@edk2.groups.io Cc: Brijesh Singh , Jordan Justen , Laszlo Ersek , Ard Biesheuvel References: <84a5f9161541db5aa3b57c96b737afbcb4b6189d.1611410263.git.thomas.lendacky@amd.com> Message-ID: Date: Sat, 23 Jan 2021 08:02:26 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 In-Reply-To: <84a5f9161541db5aa3b57c96b737afbcb4b6189d.1611410263.git.thomas.lendacky@amd.com> X-Originating-IP: [67.79.209.213] X-ClientProxiedBy: SA0PR11CA0071.namprd11.prod.outlook.com (2603:10b6:806:d2::16) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SA0PR11CA0071.namprd11.prod.outlook.com (2603:10b6:806:d2::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.11 via Frontend Transport; Sat, 23 Jan 2021 14:02:28 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 067578ea-2088-483f-9941-08d8bfa784f6 X-MS-TrafficTypeDiagnostic: DM6PR12MB4941: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1060; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CdAxHuXCwZSUuDPATl0oOQ4+hel/bkEGIh2T0rXt20R7MDXApARGkRhEf9NOUAWsyTJ5smzg9D+tq7iBw4toci5+XHrYHF1y+yyYjzHX3fCuFsZjiZPxn5cCmyIMMwAnahiQCIx72XArRctFWn+wmHbVhH308m/GVq1wXCMqmkjpItXqkd0D/Ejwh1ZnDcQ0JqnzZRAl8DTdavXhQFTZYYrxi87s+p+xR4CqIW/GlC4wa9LalvcwhMmmFTZdYxUgdE1CdYEv7vBMuEo6YatPnhydgxDkwB9RjnCt1a8U1Z81yHMxkVCQ7Ps86BbbLPG/sFv91vmEnyTJ+mP9gBg2HC33DD23nJcuJbe1UNWxhxGRCoLlU6X8a3WytohUS/JgVdKc32eHSWjqmlYo7IsQDeQo8S5AsGuMWyyE62SBszug5fjfo1skfz7B/9qZe5Iw05uMtE0I1nSxZvxhopvPjn3GX25VjjjGD7XyV21e8Ga2np9jtVbN0nMy8eite/U6GLSSzYgC2p0gscECQghqi8JcusdAYKrOgdxGEeHyAQ3zMxn02I/OMQHGZjkn1dt/9By4Vt59GUHyidaqNFNiuA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(346002)(39860400002)(396003)(136003)(366004)(376002)(83380400001)(66476007)(5660300002)(6512007)(31696002)(86362001)(66946007)(966005)(52116002)(36756003)(66556008)(2906002)(31686004)(186003)(2616005)(8936002)(478600001)(26005)(6916009)(8676002)(54906003)(4326008)(6506007)(6486002)(16526019)(316002)(53546011)(956004)(213903007)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?T1VMcFh2U1RmL0NBdWdIdDI1a2JCUE10TEF0OVJZVndHWmp3c1ZoU2ttK2M5?= =?utf-8?B?SVdFZEU1ZHJlNHk5cWFCMTZZekJGL0NoMTcxL2pNMHhsOUpnUDY5Qk12MWQ4?= =?utf-8?B?WXFhSFlxNnVvN2dCYnZ6RnJaVXV1L0J5NnNpMEh0aXV2aHl4Mmd6OXMxZGdQ?= =?utf-8?B?RjRud0t1dm5tZVo4cldKVWpOcDUzWmErMjlIRFgxNVEreGNkZ2xYNHdkdkRY?= =?utf-8?B?bk1iV3lZa2JEVmVUUUIrMU5ub1IzMUNyOFZFS2Z5a25kajFLOThYdGprbmQz?= =?utf-8?B?azhrcUtmWnB0V21ESEZ2cHZZdGlxclhtMDdSNnNVcWFVamVMK252SE1abmUz?= =?utf-8?B?WjdNaGhUWklVSzZkZlJiQk1qVWF5T2svNTA1a3hmVzNrRGdZN3V2WUJtcU9o?= =?utf-8?B?dFZ6L3MrRUNvc3B6VWtYaENzOXlhdzNYemd5d3N4MmxRbFJVL1lGeXppb25B?= =?utf-8?B?bEpNYmplT2RNRFV0dGE1UitiSWc1S2FheEhncXBWVFlPYTdwbDF2QW9iWjZK?= =?utf-8?B?TE9CbTdwY0JEOHIxT2ViZk5hNW0wMGtOUnVucEw2ek5uZmxVS01uZWdpc2xt?= =?utf-8?B?VmV1QjZ4dC81TTRQeE9PMmNIMU1VTzlzenF4cGRMS2FXT2J5NnpENFZzWDFt?= =?utf-8?B?blR0amMvTEpKTFRza2JRVGVvVmpqSXVibHMwNTdSZi9SQzBVbnhXelFLSnBp?= =?utf-8?B?SHpIUGg5RUFTUS80TVdEUC9TWFlBeExOempEVS9YSTJYME1BM1pGNUJ5UTNV?= =?utf-8?B?WEhMMGpJM1JLTWVpdzZHcnRhQ1Zka2tsMlRXcHh5WmtqYW5nUWR2RHJWU1Zr?= =?utf-8?B?T1pPSk1rSnQxVDVRL0UxRTRVWktFVUllNzBiSUNiLzBzU3YvMGhMRUJvN1dz?= =?utf-8?B?N0xZand1MWE3dVFhOElGalNsemxoLzZlcGtObEU5ZVRPeWFvb0ZOdWE1YVBn?= =?utf-8?B?UUVzcThOelU3QUxuNzdsUGJzWk9OcjVqOGZmc1pkSWxxK1gxWWdhQUtObmd4?= =?utf-8?B?S3NCcncvenEwbGVDcEgwenFkclZhZnZMRDUzWWhyWlNvRTh3ZTFxamRpYjl3?= =?utf-8?B?a0lsZlZCSS9HSVNOQ0ZEWFE2c3RDMnY4ZVJwVlQyREJaLzgxaW5pQXA2Rmdr?= =?utf-8?B?NDR5dUdSajN1YTJ4MWp2QjIxNDU4KzlQbG9ORTNGTlNNOEcxV3RpV3JSNm1x?= =?utf-8?B?YnJEd2hCdzYzZmJoT2R4Vzd5UHhtNy9HalBKWkwyQm9tTThxODJucG45TjJP?= =?utf-8?B?eGFkQVVkRG5XNWJUNEIveUJ4bjBPd3AwMTlSYzNQRTlXaXo4TU9tdWlRempT?= =?utf-8?Q?r5NlPJAOByndm2YZqqeKkh4WFJCBBN9hw9?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 067578ea-2088-483f-9941-08d8bfa784f6 X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2021 14:02:28.5871 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: AXmSFUNSP7b7aZ4tKkgNO63cTbN8Vtf0CvRwrqrwpP6P3225lhaYO6mP3kWHamTyBKDuhXpSMlMtmzjo1oRH6g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4941 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 1/23/21 7:57 AM, Tom Lendacky wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3183 > > Under SEV-ES, a write to the flash device is done using a direct VMGEXIT > to perform an MMIO write. The address provided to the MMIO write must be > the physical address of the MMIO write destitnation. During boot, OVMF > runs with an identity mapped pagetable structure so that VA == PA and the > VMGEXIT MMIO write destination is just the virtual address of the flash > area address being written. > > However, when the UEFI SetVitualAddressMap() API is invoked, an identity > mapped pagetable structure may not be in place and using the virtual > address for the flash area address is no longer valid. This results in > writes to the flash not being performed successfully. This can be seen > by attempting to change the boot order under Linux. The update will > appear to be performed, based on the output of the command. But rebooting > the guest will show that the new boot order has not been set. > > To remedy this, save the value of the flash base physical address before > converting the address as part of SetVirtualAddressMap(). The physical > address can then be calculated by obtaining the offset of the MMIO target > virtual address relative to the flash base virtual address and adding that > to the original flash base physical address. The resulting value produces > a successful MMIO write during runtime services. > > Fixes: 437eb3f7a8db7681afe0e6064d3a8edb12abb766 > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Signed-off-by: Tom Lendacky > --- > .../QemuFlashDxe.c | 20 ++++++++++++++++++- > 1 file changed, 19 insertions(+), 1 deletion(-) Forgot to add the changelog and use the diffstat options. The changes address the comments from Laszlo on the v1 version of the patch: - Update the last paragraph of the commit message - Limit changes to only the QemuFlashDxe.c file - Update expression for calculating the physical address Thanks, Tom > > diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c > index 1b0742967f71..d303b0078b08 100644 > --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c > +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c > @@ -16,11 +16,17 @@ > > #include "QemuFlash.h" > > +STATIC EFI_PHYSICAL_ADDRESS mSevEsFlashPhysBase; > + > VOID > QemuFlashConvertPointers ( > VOID > ) > { > + if (MemEncryptSevEsIsEnabled ()) { > + mSevEsFlashPhysBase = (UINTN) mFlashBase; > + } > + > EfiConvertPointer (0x0, (VOID **) &mFlashBase); > } > > @@ -52,11 +58,23 @@ QemuFlashPtrWrite ( > if (MemEncryptSevEsIsEnabled ()) { > MSR_SEV_ES_GHCB_REGISTER Msr; > GHCB *Ghcb; > + EFI_PHYSICAL_ADDRESS PhysAddr; > BOOLEAN InterruptState; > > Msr.GhcbPhysicalAddress = AsmReadMsr64 (MSR_SEV_ES_GHCB); > Ghcb = Msr.Ghcb; > > + // > + // The MMIO write needs to be to the physical address of the flash pointer. > + // Since this service is available as part of the EFI runtime services, > + // account for a non-identity mapped VA after SetVitualAddressMap(). > + // > + if (mSevEsFlashPhysBase == 0) { > + PhysAddr = (UINTN) Ptr; > + } else { > + PhysAddr = mSevEsFlashPhysBase + (Ptr - mFlashBase); > + } > + > // > // Writing to flash is emulated by the hypervisor through the use of write > // protection. This won't work for an SEV-ES guest because the write won't > @@ -68,7 +86,7 @@ QemuFlashPtrWrite ( > Ghcb->SharedBuffer[0] = Value; > Ghcb->SaveArea.SwScratch = (UINT64) (UINTN) Ghcb->SharedBuffer; > VmgSetOffsetValid (Ghcb, GhcbSwScratch); > - VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, (UINT64) (UINTN) Ptr, 1); > + VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, PhysAddr, 1); > VmgDone (Ghcb, InterruptState); > } else { > *Ptr = Value; >