From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.75]) by mx.groups.io with SMTP id smtpd.web10.5272.1607034473172569596 for ; Thu, 03 Dec 2020 14:27:53 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=AbGk2Zrq; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.92.75, mailfrom: ashish.kalra@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZI7HHmvHYUDbfsLdgeRPlcqnTyh5k7s32/uq+OjqquhOkXSQd7NUDCM5i83l6swbq4uWrzkdnYT2/d5Pdv6CeG74u0Od+M5JPxFfzixOKsyR9tgVdopb4+cmCdr/ax/MVfBrO41ozrqOgzNmnDRCbf5+lYDzM/w3DYYNcV8yN17j/SHJzEMmnNEp346pfrl6nrBdOYpkTKUG6HjDYxJdsRhqkbx1R3JXHdLovI/AlgIW21tjTg7PHlDmrDd70h5RxOOAVEJCbxQahkVmjjqjZHvVh+/KN647oPSE/L9Fklq1xVZo8BS/ks5rO9JXkZV9QP81aZ9de4AnKBLdLiwxqQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uql70QEMwu+QY9FYK9SG7yfzU5s34xpo0pFKnE31WYo=; b=dWmDpxGLleYkjTT0/1aQAoKWMN8BhCvzh9RMjJhJGqZThPCO0kY2XhOtG7D2+nXPQO3TuWZ2U4l+qF23CdxGQc5qhMGB8OGHbe80qpX+8lQqIefEkRpAh163R6bLmNYNWSTSn0dAvnTkUR7vs3BpKN8wUCqdy69NvmeJL8e5XpQj4N35IIRfyGkhO7KHUDvz/zA0xyZ6Rs5gZQgGGXgy3nKcc8adWa+WzjBQf9naLl8LnLSmCrSFieFxymRI3eQbmifZjL/bGzXn9VW8ooGVbPwXroaqvUX5T1w/dBdUggUYyoK77Kr3h6BYTbuSiBVYAQkz0C/x82Y5Aa21BF1Fog== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uql70QEMwu+QY9FYK9SG7yfzU5s34xpo0pFKnE31WYo=; b=AbGk2ZrqTERbrXqhlTokRLWifcv/JY7R56HC6JPr0oc0IFyisxe/CgLPA0V5FlJuul4hw/mxtk1MzVrivDVa9FqREaOMEGLARae7UdRwzfnCu8pJ/aKKIIsnpAD3ieqDAJaMojpwxVcwkmSAz5YxHZNOrY+NmnFswctDXMI+jiE= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) by SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3611.25; Thu, 3 Dec 2020 22:27:51 +0000 Received: from SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::d8f2:fde4:5e1d:afec]) by SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::d8f2:fde4:5e1d:afec%3]) with mapi id 15.20.3611.025; Thu, 3 Dec 2020 22:27:51 +0000 From: "Ashish Kalra" To: devel@edk2.groups.io Cc: dovmurik@linux.vnet.ibm.com, brijesh.singh@amd.com, tobin@ibm.com, Jon.Grimm@amd.com, Thomas.Lendacky@amd.com, jejb@linux.ibm.com, frankeh@us.ibm.com, dgilbert@redhat.com, lersek@redhat.com, jordan.l.justen@intel.com, ard.biesheuvel@arm.com Subject: [PATCH v2 3/3] OvmfPkg/PlatformPei: Mark SEC GHCB page in the page encryption bitmap. Date: Thu, 3 Dec 2020 22:27:39 +0000 Message-Id: X-Mailer: git-send-email 2.17.1 In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR11CA0018.namprd11.prod.outlook.com (2603:10b6:806:d3::23) To SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) Return-Path: Ashish.Kalra@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from ashkalra_ubuntu_server.amd.com (165.204.77.1) by SA0PR11CA0018.namprd11.prod.outlook.com (2603:10b6:806:d3::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3632.17 via Frontend Transport; Thu, 3 Dec 2020 22:27:50 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 451fb5dd-742c-4c47-93b9-08d897daab8d X-MS-TrafficTypeDiagnostic: SN6PR12MB2767: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: U8NtQa46Q6dJogk9pi3nMX77REzDODq0LRSpb06LOsYzCZiRtuja4sOLj/dVrPeBXrJRcYpfPDa/MkJDbSvd/zxJLPChq3uiWbXyiOYALJNVH3rtKul/etgl0brm6BsxowLHtbFuCsNk0143eNWzx8FAOmfwGJzRHznn8MdWHAZjws5At2oXaZRrWQY0HsdmsEPEusSczHB9Xp6WYJVbsd4/nOJIkb3CyNHeSIIwZM5HFy/d4DDNi71ipSDwh4iw2iVlcyBoRP3N3Zu7I6X9VY+l5xlpPgtoALXFLMAv9/qKJzT2iiJV2UoDn8SD2axDo/A9iTrOo++XtX+QyDg+Vg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2767.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(346002)(376002)(39860400002)(136003)(366004)(6666004)(186003)(36756003)(19627235002)(316002)(5660300002)(4326008)(2906002)(956004)(6916009)(2616005)(8936002)(8676002)(16526019)(52116002)(478600001)(66476007)(7696005)(86362001)(66556008)(26005)(66946007)(6486002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?5Pw+++oOf7iGNzjugJ0RMeNf8ymW7mfY4hWLCy+s+i3xtAsa/xTabry3n9Mz?= =?us-ascii?Q?uHlpShSgMtSSVPo5j9Z/aOrsayWRGH+4xCIqANjLY5CSFmON3dUcoj6BtXdK?= =?us-ascii?Q?D+hG69fKeQCBXnodv+5PiY9U13mE7CYH7OTfCEVO+VKI8C0u63uUfYE6eeFE?= =?us-ascii?Q?242712zXwmLtzWFEjb+WA0dHX8Y5ZhUoJBNO8qddY+MI4FeQJoWwhh9eJXgX?= =?us-ascii?Q?PvsIbIJ0GubxZ+s29Nt/EMr2obGpzPn62OFcMAMCpkMNp6TFL+XUaX4UdgZ4?= =?us-ascii?Q?p5wMctczFJLy4gaOpzu26PGOm6+wZcTMyr3RlxQ88nnbEJrwwnbuJz0miH2B?= =?us-ascii?Q?4tm5LNxvE2pPZLFCeiX7r20GgYNbBVcz6CDCJHhuhCuh+qcN5L3GMllDRKO7?= =?us-ascii?Q?8go00vh9cAp6C5h0ijkPP5ZH66wXGFvkRBF9YEOJTd0XAzbl7HJqpQ2gRNir?= =?us-ascii?Q?horHmYVrIRObCJnzuCatb7NfZv4Oxp3TrAIYYROPrnsy0XXh9gIKuMqwLq1L?= =?us-ascii?Q?AgigmQS3RhXaF2Co/luZZaJCMfD6cvf/0oSom5ANOiWCLK4qUhS4IaMBWXAN?= =?us-ascii?Q?NOeh8xypOjry0dDlFRPwzjixudKzuGfSkV55wg2M1ULai6ARa7cer8eD/XqK?= =?us-ascii?Q?CjECL97Xe3QAbOc5YiXjULSTrA/YO2cnZoffuqBqpDZ+wvMD+HfmMMb4dEki?= =?us-ascii?Q?sRdQYBpPDcviJXeLUkbx3YDW/gcJ+0Mufr19BDUbDVM41Gy/02BODDJdeewu?= =?us-ascii?Q?9uZ1rGrLv5qq/doSdV6UtJhDF29hBJyzHR/SmQrgfIofTNTamNWFTPEwEYnh?= =?us-ascii?Q?tyIkYIChjBlzqkLarZnadzXoeHz9H/goFPrJer0pFTf9fkvcN2uYye9ofpj3?= =?us-ascii?Q?/YBY36M9+Y8xQcJfoF2RZZRHDh13V1GqnKYwMzCgryl1E0WdybjtLPp8YQvZ?= =?us-ascii?Q?mV3a4pJVQ8q/lc9m+hQ2JUrrFys6BQEAURe0oyYwzaE=3D?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 451fb5dd-742c-4c47-93b9-08d897daab8d X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2767.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Dec 2020 22:27:51.1950 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: vWWV6ZT8KW9evUCA3TV7nA1gIU1pvAtgk6SxQzQgUV5WBla/tGhNFi9PNx1URPF+QXRIbqa54qDkS4ZsJWqDXA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2767 Content-Type: text/plain From: Ashish Kalra Mark the SEC GHCB page that is mapped as unencrypted in ResetVector code in the hypervisor page encryption bitmap. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Signed-off-by: Ashish Kalra --- OvmfPkg/PlatformPei/AmdSev.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 4a515a4847..456d32be84 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include #include @@ -77,6 +78,15 @@ AmdSevEsInitialize ( ZeroMem (GhcbBase, EFI_PAGES_TO_SIZE (GhcbPageCount)); + // + // GHCB_BASE setup during reset-vector needs to be marked as + // decrypted in the hypervisor page encryption bitmap. + // + SetMemoryEncDecHypercall3 (FixedPcdGet32 (PcdOvmfSecGhcbBase), + EFI_SIZE_TO_PAGES(FixedPcdGet32 (PcdOvmfSecGhcbSize)), + FALSE + ); + PcdStatus = PcdSet64S (PcdGhcbBase, GhcbBasePa); ASSERT_RETURN_ERROR (PcdStatus); PcdStatus = PcdSet64S (PcdGhcbSize, EFI_PAGES_TO_SIZE (GhcbPageCount)); -- 2.17.1