From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.120])
 by mx.groups.io with SMTP id smtpd.web12.8977.1580977284802092726
 for <devel@edk2.groups.io>;
 Thu, 06 Feb 2020 00:21:25 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=QL0sUayG;
 spf=pass (domain: redhat.com, ip: 205.139.110.120, mailfrom: lersek@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1580977283;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=qsunnG6EpCQC6Oyo7p3ZvgJNu/XDUh7oaemy2APhpu8=;
	b=QL0sUayGbQ2A337p0WW34KWqEItufGVJnziTrhmna8NvV/P35a4D88o7pw9jjSWSdF+bfz
	9RvtHctV4990r9e4UmWiVZWAPrNqq5ky+Ziu+59jdIhJW+BYttLPRGrCJ9VNduvq3sQI3G
	S/NPr6FM7XTItaImaWrTgU5PIvLA3D8=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-148-vQFEN3lnNT6zrVP8D7cp3A-1; Thu, 06 Feb 2020 03:21:20 -0500
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 078AF8010F6;
	Thu,  6 Feb 2020 08:21:19 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-117-20.ams2.redhat.com [10.36.117.20])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 75F9E790CF;
	Thu,  6 Feb 2020 08:21:16 +0000 (UTC)
Subject: Re: [edk2-devel] [PATCH v4 23/40] OvmfPkg/MemEncryptSevLib: Add an SEV-ES guest indicator function
To: devel@edk2.groups.io, thomas.lendacky@amd.com
Cc: Jordan Justen <jordan.l.justen@intel.com>,
 Ard Biesheuvel <ard.biesheuvel@linaro.org>,
 Michael D Kinney <michael.d.kinney@intel.com>,
 Liming Gao <liming.gao@intel.com>, Eric Dong <eric.dong@intel.com>,
 Ray Ni <ray.ni@intel.com>, Brijesh Singh <brijesh.singh@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
 <72fe7b157cad7782b81be256f7396aeb32fb04c5.1580857303.git.thomas.lendacky@amd.com>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <c23ac76c-c82c-9984-a327-d41d45aff6ea@redhat.com>
Date: Thu, 6 Feb 2020 09:21:15 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <72fe7b157cad7782b81be256f7396aeb32fb04c5.1580857303.git.thomas.lendacky@amd.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-MC-Unique: vQFEN3lnNT6zrVP8D7cp3A-1
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit

Hi Tom,

On 02/05/20 00:01, Lendacky, Thomas wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198
> 
> Create a function that can be used to determine if the VM is running
> as an SEV-ES guest.
> 
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
> ---
>  OvmfPkg/Include/Library/MemEncryptSevLib.h    | 12 +++
>  .../MemEncryptSevLibInternal.c                | 75 ++++++++++++-------
>  2 files changed, 60 insertions(+), 27 deletions(-)
> 
> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> index 64dd6977b0f8..a50a0de9c870 100644
> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
> @@ -13,6 +13,18 @@
>  
>  #include <Base.h>
>  
> +/**
> +  Returns a boolean to indicate whether SEV-ES is enabled
> +
> +  @retval TRUE           SEV-ES is enabled
> +  @retval FALSE          SEV-ES is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevEsIsEnabled (
> +  VOID
> +  );
> +
>  /**
>    Returns a boolean to indicate whether SEV is enabled
>  
> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
> index 96a66e373f11..c859bb141963 100644
> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
> @@ -20,19 +20,17 @@
>  #include <Uefi/UefiBaseType.h>
>  
>  STATIC BOOLEAN mSevStatus = FALSE;
> +STATIC BOOLEAN mSevEsStatus = FALSE;
>  STATIC BOOLEAN mSevStatusChecked = FALSE;
>  
>  /**
>  
> -  Returns a boolean to indicate whether SEV is enabled
> -
> -  @retval TRUE           SEV is enabled
> -  @retval FALSE          SEV is not enabled
> +  Reads and sets the status of SEV features
>    **/
>  STATIC
> -BOOLEAN
> +VOID
>  EFIAPI
> -InternalMemEncryptSevIsEnabled (
> +InternalMemEncryptSevStatus (
>    VOID
>    )
>  {
> @@ -56,32 +54,55 @@ InternalMemEncryptSevIsEnabled (
>        //
>        Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
>        if (Msr.Bits.SevBit) {
> -        return TRUE;
> +        mSevStatus = TRUE;
> +      }
> +
> +      //
> +      // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
> +      //
> +      if (Msr.Bits.SevEsBit) {

In the previous version this was also gated by a check on
"Eax.Bits.SevEsBit". What's the reason for removing that check?

Is it simply superfluous to rely on that output of the CPUID because the
MSR tells us anyway? IOW,

- if "Eax.Bits.SevEsBit" is clear, then "Msr.Bits.SevEsBit" will always
be clear (i.e. "no support" implies "not enabled"),

- if "Msr.Bits.SevEsBit" is set, then "Eax.Bits.SevEsBit" is always set
(i.e. "enabled" implies "supported")?

Thanks
Laszlo

> +        mSevEsStatus = TRUE;
>        }
>      }
>    }
>  
> -  return FALSE;
> -}
> -
> -/**
> -  Returns a boolean to indicate whether SEV is enabled
> -
> -  @retval TRUE           SEV is enabled
> -  @retval FALSE          SEV is not enabled
> -**/
> -BOOLEAN
> -EFIAPI
> -MemEncryptSevIsEnabled (
> -  VOID
> -  )
> -{
> -  if (mSevStatusChecked) {
> -    return mSevStatus;
> -  }
> -
> -  mSevStatus = InternalMemEncryptSevIsEnabled();
>    mSevStatusChecked = TRUE;
> +}
> +
> +/**
> +  Returns a boolean to indicate whether SEV-ES is enabled
> +
> +  @retval TRUE           SEV-ES is enabled
> +  @retval FALSE          SEV-ES is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevEsIsEnabled (
> +  VOID
> +  )
> +{
> +  if (!mSevStatusChecked) {
> +    InternalMemEncryptSevStatus();
> +  }
> +
> +  return mSevEsStatus;
> +}
> +
> +/**
> +  Returns a boolean to indicate whether SEV is enabled
> +
> +  @retval TRUE           SEV is enabled
> +  @retval FALSE          SEV is not enabled
> +**/
> +BOOLEAN
> +EFIAPI
> +MemEncryptSevIsEnabled (
> +  VOID
> +  )
> +{
> +  if (!mSevStatusChecked) {
> +    InternalMemEncryptSevStatus();
> +  }
>  
>    return mSevStatus;
>  }
>