From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.40])
 by mx.groups.io with SMTP id smtpd.web11.10044.1620394174175381434
 for <devel@edk2.groups.io>;
 Fri, 07 May 2021 06:29:34 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amd.com header.s=selector1 header.b=o1R4yGa3;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.40, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=SyRLC8+AX64eK7EYPezR5MMMGCi+qbajEl2h98Q/mX5aBxL/41oGh89+YQaxGO1wbNZuBSC06a2wChISY0ayG3YvG9bftBSFi5MGRnqzThzW4bzuo1wfpw3B8YVr4ieNZ8Ex2W0ffaRkJzgLpyge+64g5FPwKvqJyeCpWYH6sWfFEPY9SvIWpsMcc1AB4Pz5sSOvht/FWwBHwEkK8LFfHf0kKxumAb4isy2GFLhN7vsL/K3phxrv04lUn4ZWL0nasHmj/sWgDVMM+Lx9aZlvBFr6yx9Pq2T1tHTn4mruaNyArVkE2uiHYc/A/T+Osp3MN6MC63+GEutWZpV0cDGZLA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=wCFXCUKfe2cWwlmerZoRxI4prIFkfBksP+JWJ/nmPmw=;
 b=nxJrvAPeOI+so1O5V0mB5UEK6+dRKNJ4A5Ti8xJ1C8Rw9lC27tnwbnK1XzmG/pOInocS6ekN6INC0fhP8aH0vzT4O5Ua6uygr04gbvW4C8dE3ROkB+DJbciZRWYLmHscZiuS5zGW/f7W+0mD/VInM7aDhcvKtL9YyUCl2ohEgy+Kd2IAgCKVHiRbtM/wIzNOc4zE6x3SxsGtlG0gF+a1yHUI6hkOZxSBL0K7qh3HKGgMWKaKw+UIIHyFq+ksMAQk5Mz8cg+IUU6rPPd2PfIYA26Lopzmi1EMOYnr+JeNLHtmKUcfg0Y+azEiHMvounJRAIlUHPHDcG1A4bXMal8msg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=wCFXCUKfe2cWwlmerZoRxI4prIFkfBksP+JWJ/nmPmw=;
 b=o1R4yGa3jkf1Qn93pxoVHu9qtNkoNF9xXwwUJCmPLNDoqOdriJw8aeRQ5WMFAte+sDshyxw3x9nYfpu9frL5wYFfLqqVOPqTlU9YyIcSbdsl4UfVp3WiN8ziBnSEHdIW4+PsUO1GYILgPqLJkB1rNkJ6dUjXe039AVS2PBluC+4=
Authentication-Results: google.com; dkim=none (message not signed)
 header.d=none;google.com; dmarc=none action=none header.from=amd.com;
Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22)
 by SN1PR12MB2365.namprd12.prod.outlook.com (2603:10b6:802:2e::20) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.27; Fri, 7 May
 2021 13:29:31 +0000
Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4108.029; Fri, 7 May 2021
 13:29:30 +0000
Cc: brijesh.singh@amd.com, devel@edk2.groups.io,
 James Bottomley <jejb@linux.ibm.com>, Min Xu <min.m.xu@intel.com>,
 Jiewen Yao <jiewen.yao@intel.com>, Jordan Justen
 <jordan.l.justen@intel.com>, Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Erdem Aktas <erdemaktas@google.com>
Subject: Re: [edk2-devel] [PATCH RFC v2 09/28] OvmfPkg/VmgExitLib: Allow PMBASE register access in Dxe phase
To: Laszlo Ersek <lersek@redhat.com>, Tom Lendacky <thomas.lendacky@amd.com>
References: <20210430115148.22267-1-brijesh.singh@amd.com>
 <20210430115148.22267-10-brijesh.singh@amd.com>
 <39e81516-ae93-e737-4203-af10cb07a9f9@redhat.com>
From: "Brijesh Singh" <brijesh.singh@amd.com>
Message-ID: <cacffbb6-38ea-732d-9970-f3ff15af04f0@amd.com>
Date: Fri, 7 May 2021 08:29:27 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0)
 Gecko/20100101 Thunderbird/78.10.0
In-Reply-To: <39e81516-ae93-e737-4203-af10cb07a9f9@redhat.com>
X-Originating-IP: [70.112.153.56]
X-ClientProxiedBy: SN6PR2101CA0026.namprd21.prod.outlook.com
 (2603:10b6:805:106::36) To SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from Brijeshs-MacBook-Pro.local (70.112.153.56) by SN6PR2101CA0026.namprd21.prod.outlook.com (2603:10b6:805:106::36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4129.1 via Frontend Transport; Fri, 7 May 2021 13:29:29 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b4392c6a-2752-4e37-25d8-08d9115c24bc
X-MS-TrafficTypeDiagnostic: SN1PR12MB2365:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<SN1PR12MB2365FCC8F5487C80AF366EBDE5579@SN1PR12MB2365.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	7kL7jkI5pY6rhbjOeae/eavDP6fG/b17vIxQhPL/3tjjf8L3mpBQ36t1dxURtAd0sdLgTcFXV9KswNWDmtkytGFhnmVH+/8e7LQp8MiW2TmgP8GJmWmtXtPWv5hIZhR6oVVuZURi6npLd9msRY3WBZZBJk85q3zMODt0C3UxEAXKZlt4MjhOMGQAAkiXrzXEl1z9rjxjXRdMhXy6X56vXU44TcE27he+XQn5/UWF2f0k67yj5wAx/iLvLGZE0buyzByHzSGoZtCpYrj7EoUKyZPXG6vhRVFNpcvAcZzz4/Ffl8Ytq7vMbl1iDBKGuK6ofGI0ws0ckDlr2WvTHhC0oZI9Bh0LOlOmAFQwM4PVJcEDakFVF90cg5xbe31ebilGdT1aCF7s5amJJSvCNX6bl6Dx+QwshyKxcmFF5I3n2ecOOGVruxIHVbmPevsMZadIUBukfPtHvfPdH18PXy61JR8IE5ws3NQYNohnczx3Blk0xOZvdbmwb4OzuojDRRjL+dr7G7IoNA59MvAyRwwAtMnFRJ9XPuTTL3V9Mk6B8BnEyET5b8iTANdqy6xZsOkhXmezAx12OoNwdJaX5bOQUhzVm59ulG2rrpuv8W9zfZ78LnsPoPAVkLJy2CT/SFsdY1z9gz6/SFRJQOaMKBh92IDeISIFFMojJORC83KugbPI3HsM9xQpVSHCmlHM9Yg2Co89Fmx5mwV/FQg0pV3sa1ruqrMucAu1nLDxJUhByqrsStWEatKON5lwDq11Wj6cpZc7MpkekymKfflBRCgXBM6b80d+4CSshNF+VQNFMWMsJZZGzyNjP9WooE4XkTWq
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(396003)(346002)(39860400002)(366004)(376002)(31686004)(6636002)(316002)(31696002)(6486002)(6512007)(83380400001)(86362001)(30864003)(44832011)(956004)(36756003)(53546011)(54906003)(478600001)(2906002)(19627235002)(66946007)(52116002)(6506007)(186003)(16526019)(26005)(8676002)(66556008)(4326008)(8936002)(5660300002)(66476007)(38100700002)(966005)(2616005)(38350700002)(45080400002)(110136005)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
	=?utf-8?B?UkkrdUR4RFBIZmZRUTdibkFwZ3ZCWFZ0SGdma3FRdGppeE9OQ0lhYTRXNkRQ?=
 =?utf-8?B?RUJKcEpBSTZaTWtoSUlqQ2R3MjRjNHlqQkpXeHlYOXk0R0MzRHZwekxFT3Bi?=
 =?utf-8?B?eUJob3U1QThjdHlzYmFjTmRCQUpOMmVBUXhOalRiTzBPUnhPZUU4MERPeWli?=
 =?utf-8?B?eG9MdlREdGgwUU50cVJObGVFMWkwQlZOaXZyOHhDWnYvRk4zcVhnblZDVFNB?=
 =?utf-8?B?a3RrK3pZb2N2OUhmSzRlQTZrQWtaZVhOQzU3ajdJV2kyeFZxai9WUXQ4TzBp?=
 =?utf-8?B?ODRqekdDRWs1V0VZbC9qZE01NmRuYjhYaGVzNnUxNy9mV0R4U1ZWVFFJcnBS?=
 =?utf-8?B?OEpsc214M2VJdUpDZXVvWmd0OW8xNG1NMXlkM01ORUtUZjZDaWovV3F5Smlq?=
 =?utf-8?B?b3grcFlUWmU3Q0cvQXdzK1NmcUlJdW5RRTh6YjNLVFJ0dXZubjZYek8rT0Fj?=
 =?utf-8?B?ckVwZmYwMnRPTG9iaEpiQjlLNTZteEVPYk1RYU50WUordms0ZWxtbjJPcFFv?=
 =?utf-8?B?RkNWNko3M0dpYkNwTXcwMXZ1OEx0TmZ0NlFyNWhIL2U1SmdXbDRveWo5MWdO?=
 =?utf-8?B?OTRYNVBBdXFTcVRPU0xydWV3S2tHQ2NYZ1JhQkRnendDUWphTjVTZHoxeWs0?=
 =?utf-8?B?QlZaSUFndHdNSkVvN1BMU3ZvSnBtVTVIL3NPR0VRcU1pcjFlcVF3bTdoRHkr?=
 =?utf-8?B?QUZBY2h2SFdVTms3dFk3emZra0tUSHh0akRycjMrSTJhUnFOVllZWCtTSi9W?=
 =?utf-8?B?MzJDaE10RUN0TDlpNDQxSnZlaEdHZmpTSE1lU2ZHcXJVZzkrYmpoV2NFSVNL?=
 =?utf-8?B?M0V5UmpuM3NMblppMUVodElZdi9iM3Jtbmk1WDM4UkpZZ0h2TitzNG1jZXZF?=
 =?utf-8?B?SlI0ZjhaRzM3WHJPcjhLOU14bWhEbS9jRXlHSGVGU1JLQkt1ZTQzZkNFNnpl?=
 =?utf-8?B?Z1UvekJWTk5EOU9iMXNLbzY5MXhYdzZPbFJOQ250eGh6U2NDK1BMS3hmeDZX?=
 =?utf-8?B?THN2OVpldmhaQ3pYRFdnNWp0K3libG5TaDk0c2hvbE5TNkNWNUxpVHZCTDk0?=
 =?utf-8?B?VFFPOHlpNnVWZTRHNU1vaVlOR3FqbnlXNm82blgvZCtITWM0VndSRUF6bld4?=
 =?utf-8?B?ZXdqUHV4YVMwQ2o4Q1pJY3M2QmtRYTlWOURyZ3JUMFBOeVJnNUhmdWxiQkVY?=
 =?utf-8?B?cVhqVm5scSt4anhwM05aOFNwcjFjWG5LbEd0d3ArR0JIUU1pdkRPc3YwSnNr?=
 =?utf-8?B?QXNYTUlmdW8xV0R6MC9JdVFvR3ZkdDZieGQwZTlIS2tOdTFWVkNFaG5GdFB5?=
 =?utf-8?B?RWZueTQxNWVCTUJrLzQ0a1IxeU9EY1pjTG51SG8rMEdzTnhvMVJONGloRDcx?=
 =?utf-8?B?S3RYamFaOGV5SDhQaDBkM29VeWZPbE83MmRwUmhWeHdFUEZTWkdFMUVxSERW?=
 =?utf-8?B?U3dPV1BIYWpMei9MNG9Da3gyWFhQYThOdzltSUxZY1hacEVjMEE4bUN5WUZV?=
 =?utf-8?B?WTBZZVBrOUVPdGJpdHF4WWEwRnEzQ2IyM3g3VGliQk9OeDVjc0EwUS84aU43?=
 =?utf-8?B?aVFNdVNEVGtmWkt2OGNVbXhSTG93Unk0anNPL0tnU2pNVHZhV1BWWVZ3T01q?=
 =?utf-8?B?TkJjRHFmbUlQQ1BtWjZZTy9OMUpoSDVwRlBaUXVqZWhWaGRaeGhqbEM5M1Fl?=
 =?utf-8?B?RHFTNVhGcUoyT0pnRTVFYnRrR21PRDJHcXp1VXg1N05rM01zaVQwb3ZBbW43?=
 =?utf-8?Q?I1fwHDvpeezSaIspPwBAAx6ZzKekR/SirEwyOHr?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b4392c6a-2752-4e37-25d8-08d9115c24bc
X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 May 2021 13:29:30.2668
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: eDf6HrYWJDQIMi5f9jA/hUMhhpW8qzZNUiAQ0u+C+D7KssG4slBB+IWAueqKLND5/8hhrfROjgmmh3G/EfuxgA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2365
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US


On 5/6/21 9:08 AM, Laszlo Ersek wrote:
> On 04/30/21 13:51, Brijesh Singh wrote:
>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&amp;data=04%7C01%7Cbrijesh.singh%40amd.com%7C01d3e5c5268043c18bdf08d910987251%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637559069206222390%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=CN2hZrjsKzfSqMAxcQLtoHTUqBOlZmdDEO9vY9XT%2FTQ%3D&amp;reserved=0
>>
>> Commit 85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803 added support to ensure
>> that MMIO is only performed against the un-encrypted memory. If MMIO
>> is performed against encrypted memory, a #GP is raised.
>>
>> The VmgExitLib library depends on ApicTimerLib to get the APIC base
>> address so that it can exclude the APIC range from the un-encrypted
>> check. The OvmfPkg provides ApicTimerLib for the DXE phase. The
>> constructor AcpiTimerLibConstructor() used in the ApicTimerLib uses
>> the PciRead to get the PMBASE register. The PciRead() will cause an
>> MMIO access.
>>
>> The AmdSevDxe driver clears the memory encryption attribute from the
>> MMIO ranges. However, if VmgExitLib is linked to AmdSevDxe driver then the
>> AcpiTimerLibConstructor() will be called before AmdSevDxe driver can
>> clear the encryption attributes for the MMIO regions.
>>
>> Exclude the PMBASE register from the encrypted check so that we
>> can link VmgExitLib to the MemEncryptSevLib; which gets linked to
>> AmdSevDxe driver.
> The above explanation is inexact. There are several typos ("APIC" is
> incorrect, "ACPI" would be correct, for the TimerLib instance in
> question), but that's really just a side observation.
>
> The precise explanation is the following library instance dependency
> chain:
>
>   OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>   -----> MemEncryptSevLib                                               class
>   -----> "OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance
>   -[*]-> VmgExitLib                                                     class
>   -----> "OvmfPkg/Library/VmgExitLib/VmgExitLib.inf"                    instance
>   -----> LocalApicLib                                                   class
>   -----> "UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf" instance
>   -----> TimerLib                                                       class
>   -----> "OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf"             instance
>   -----> PciLib                                                         class
>   -----> "OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf"    instance
>   -----> PciExpressLib                                                  class
>   -----> "MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf"       instance
>
> The link (or dependency) marked with [*] is introduced in patch #26
> ("OvmfPkg/MemEncryptSevLib: Change the page state in the RMP table").
> That's the change that triggers the symptom. (In combination with you
> testing on Q35, because on i440fx, the DxePciLibI440FxQ35 lib instance
> accesses PCI config space via the 0xCF8, 0xCFC IO Ports, and those are
> unaffected by SEV-ES.)
>
> The symptom is somewhat "unjustified", because at the end of the series,
> the AmdSevDxe driver makes no calls to actual TimerLib APIs (I checked
> -- I disassembled the "AmdSevDxe.debug" file with "objdump -S", and
> there is no call to any API declared in the "TimerLib.h" class header).
> However, the ECAM (MMCONFIG) access is still triggered, because the
> AcpiTimerLibConstructor() function, in
> "OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.c", is the constructor for
> the "OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf" instance, and
> AcpiTimerLibConstructor() calls PciRead32().
>
> If you check the "OvmfPkg/OvmfPkgX64.dsc" file, you'll find that the
> PciLib class is resolved to
> "MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf" by default, and to
> "OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf" for the
> following module types:
>
> - DXE_DRIVER,
> - DXE_RUNTIME_DRIVER,
> - SMM_CORE,
> - DXE_SMM_DRIVER,
> - UEFI_DRIVER,
> - UEFI_APPLICATION.
>
> The consequence is that modules strictly after the DXE_CORE get
> dynamically enabled extended config space access (ECAM) on Q35 via the
> PciLib class, whereas all modules strictly before the DXE_CORE, and the
> DXE_CORE itself, are restricted to normal config space (IO Ports 0xCF8 /
> 0xCFC) via the PciLib class.
>
> AmdSevDxe is a DXE_DRIVER, so it used to get DxePciLibI440FxQ35 as well.
>
> The solution should be simple. In the AmdSevDxe driver specifically, we
> need no access to extended PCI config space. Accessing normal PCI config
> space, via IO Ports 0xCF8 / 0xCFC, should suffice. That can be achieved
> with the following module-scope override:

Thanks Laszlo, I was not aware of the module-scope override. I will go
with this approach and make sure it works after the inclusion of the
VmgExitLib.


>
>> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
>> index 8d9a0a077601..45a02b236633 100644
>> --- a/OvmfPkg/OvmfPkgX64.dsc
>> +++ b/OvmfPkg/OvmfPkgX64.dsc
>> @@ -966,7 +966,10 @@ [Components]
>>  !endif
>>
>>    OvmfPkg/PlatformDxe/Platform.inf
>> -  OvmfPkg/AmdSevDxe/AmdSevDxe.inf
>> +  OvmfPkg/AmdSevDxe/AmdSevDxe.inf {
>> +    <LibraryClasses>
>> +      PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
>> +  }
>>    OvmfPkg/IoMmuDxe/IoMmuDxe.inf
>>    OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
>>
> (
>
> For consistency, all DSC files that include
> "OvmfPkg/AmdSevDxe/AmdSevDxe.inf" should be modified similarly:
>
> - OvmfPkg/AmdSev/AmdSevX64.dsc
> - OvmfPkg/Bhyve/BhyveX64.dsc
> - OvmfPkg/OvmfPkgIa32X64.dsc
> - OvmfPkg/OvmfPkgX64.dsc
> - OvmfPkg/OvmfXen.dsc
>
> )
>
> Therefore, please try dropping this patch, and modifying patch#26
> instead -- the above module-scope override (for 5 DSC files) should be
> squashed into patch#26, *and* the explanation I provided above should be
> included in the commit message of patch#26.
>
> ... Correction: you have an independent bug in the series that affects
> my above analysis. Namely, you *seem* to add the VmgExitLib dependency
> to the "OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf"
> library instance, in patch#26. That's where you modify the INF file. But
> that's wrong: in patch#21 ("OvmfPkg/MemEncryptSevLib: Add support to
> validate system RAM"), you add a VmgInit() call to the same library
> instance, via the new file
> "OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c".
>
> The bug in that patch is clear from the fact that you introduce an
> #include <Library/VmgExitLib.h> directive, but that's not mirrored by an
> appropriate [LibraryClasses] change in the "DxeMemEncryptSevLib.inf"
> file. (The other two lib instance INF files, "SecMemEncryptSevLib.inf"
> and "PeiMemEncryptSevLib.inf" *are* modified as needed.)
>
> So you even need to move some stuff from patch#26 to patch#21, and
> *then* squash the above module-scope override (and explanation) into
> patch#21.
>
> A significant amount of work is needed on this series. I'll stop
> reviewing RFC v2 here, because I don't want to look at the remaining
> patches deeply as long as code movements etc are going to affect them.
> Please post the next version -- assuming no other reviewer would like to
> finish reviewing this version first!


Sounds good. What's your thought if I take out patch 1 - 9 from this RFC
series and submit them as non-RFC for the further review and acceptance
? The patch# 1-9 are basically prepatch before we get into SNP specific
bits.


> Thanks
> Laszlo
>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>> ---
>>  OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf  |  4 ++
>>  OvmfPkg/Library/VmgExitLib/VmgExitLib.inf     |  7 +++
>>  OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 45 ++++++++++++++++++++
>>  3 files changed, 56 insertions(+)
>>
>> diff --git a/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf b/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
>> index e6f6ea7972..22435a0590 100644
>> --- a/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
>> +++ b/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
>> @@ -27,6 +27,7 @@
>>    SecVmgExitVcHandler.c
>>
>>  [Packages]
>> +  MdeModulePkg/MdeModulePkg.dec
>>    MdePkg/MdePkg.dec
>>    OvmfPkg/OvmfPkg.dec
>>    UefiCpuPkg/UefiCpuPkg.dec
>> @@ -42,4 +43,7 @@
>>  [FixedPcd]
>>    gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
>>    gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
>> +  gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
>>
>> +[Pcd]
>> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
>> diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf b/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
>> index c66c68726c..d3175c260e 100644
>> --- a/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
>> +++ b/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
>> @@ -27,6 +27,7 @@
>>    PeiDxeVmgExitVcHandler.c
>>
>>  [Packages]
>> +  MdeModulePkg/MdeModulePkg.dec
>>    MdePkg/MdePkg.dec
>>    OvmfPkg/OvmfPkg.dec
>>    UefiCpuPkg/UefiCpuPkg.dec
>> @@ -37,4 +38,10 @@
>>    DebugLib
>>    LocalApicLib
>>    MemEncryptSevLib
>> +  PcdLib
>>
>> +[FixedPcd]
>> +  gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
>> +
>> +[Pcd]
>> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
>> diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
>> index 24259060fd..01ac5d8c19 100644
>> --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
>> +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
>> @@ -14,7 +14,10 @@
>>  #include <Library/VmgExitLib.h>
>>  #include <Register/Amd/Msr.h>
>>  #include <Register/Intel/Cpuid.h>
>> +#include <IndustryStandard/Q35MchIch9.h>
>> +#include <IndustryStandard/I440FxPiix4.h>
>>  #include <IndustryStandard/InstructionParsing.h>
>> +#include <Library/PcdLib.h>
>>
>>  #include "VmgExitVcHandler.h"
>>
>> @@ -596,6 +599,40 @@ UnsupportedExit (
>>    return Status;
>>  }
>>
>> +STATIC
>> +BOOLEAN
>> +IsPmbaBaseAddress (
>> +  IN  UINTN     Address
>> +  )
>> +{
>> +  UINT16 HostBridgeDevId;
>> +  UINTN Pmba;
>> +
>> +  //
>> +  // Query Host Bridge DID to determine platform type
>> +  //
>> +  HostBridgeDevId = PcdGet16 (PcdOvmfHostBridgePciDevId);
>> +  switch (HostBridgeDevId) {
>> +    case INTEL_82441_DEVICE_ID:
>> +      Pmba = POWER_MGMT_REGISTER_PIIX4 (PIIX4_PMBA);
>> +      break;
>> +    case INTEL_Q35_MCH_DEVICE_ID:
>> +      Pmba = POWER_MGMT_REGISTER_Q35 (ICH9_PMBASE);
>> +      //
>> +      // Add the MMCONFIG base address to get the Pmba base access address
>> +      //
>> +      Pmba += FixedPcdGet64 (PcdPciExpressBaseAddress);
>> +      break;
>> +    default:
>> +      return FALSE;
>> +  }
>> +
>> +  // Round up the offset to page size
>> +  Pmba = Pmba & ~(SIZE_4KB - 1);
>> +
>> +  return (Address == Pmba);
>> +}
>> +
>>  /**
>>    Validate that the MMIO memory access is not to encrypted memory.
>>
>> @@ -640,6 +677,14 @@ ValidateMmioMemory (
>>      return 0;
>>    }
>>
>> +  //
>> +  // Allow PMBASE accesses (which will have the encryption bit set before
>> +  // AmdSevDxe runs in the DXE phase)
>> +  //
>> +  if (IsPmbaBaseAddress (Address)) {
>> +    return 0;
>> +  }
>> +
>>    //
>>    // Any state other than unencrypted is an error, issue a #GP.
>>    //
>>