From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.40]) by mx.groups.io with SMTP id smtpd.web11.10044.1620394174175381434 for ; Fri, 07 May 2021 06:29:34 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=o1R4yGa3; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.40, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SyRLC8+AX64eK7EYPezR5MMMGCi+qbajEl2h98Q/mX5aBxL/41oGh89+YQaxGO1wbNZuBSC06a2wChISY0ayG3YvG9bftBSFi5MGRnqzThzW4bzuo1wfpw3B8YVr4ieNZ8Ex2W0ffaRkJzgLpyge+64g5FPwKvqJyeCpWYH6sWfFEPY9SvIWpsMcc1AB4Pz5sSOvht/FWwBHwEkK8LFfHf0kKxumAb4isy2GFLhN7vsL/K3phxrv04lUn4ZWL0nasHmj/sWgDVMM+Lx9aZlvBFr6yx9Pq2T1tHTn4mruaNyArVkE2uiHYc/A/T+Osp3MN6MC63+GEutWZpV0cDGZLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wCFXCUKfe2cWwlmerZoRxI4prIFkfBksP+JWJ/nmPmw=; b=nxJrvAPeOI+so1O5V0mB5UEK6+dRKNJ4A5Ti8xJ1C8Rw9lC27tnwbnK1XzmG/pOInocS6ekN6INC0fhP8aH0vzT4O5Ua6uygr04gbvW4C8dE3ROkB+DJbciZRWYLmHscZiuS5zGW/f7W+0mD/VInM7aDhcvKtL9YyUCl2ohEgy+Kd2IAgCKVHiRbtM/wIzNOc4zE6x3SxsGtlG0gF+a1yHUI6hkOZxSBL0K7qh3HKGgMWKaKw+UIIHyFq+ksMAQk5Mz8cg+IUU6rPPd2PfIYA26Lopzmi1EMOYnr+JeNLHtmKUcfg0Y+azEiHMvounJRAIlUHPHDcG1A4bXMal8msg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wCFXCUKfe2cWwlmerZoRxI4prIFkfBksP+JWJ/nmPmw=; b=o1R4yGa3jkf1Qn93pxoVHu9qtNkoNF9xXwwUJCmPLNDoqOdriJw8aeRQ5WMFAte+sDshyxw3x9nYfpu9frL5wYFfLqqVOPqTlU9YyIcSbdsl4UfVp3WiN8ziBnSEHdIW4+PsUO1GYILgPqLJkB1rNkJ6dUjXe039AVS2PBluC+4= Authentication-Results: google.com; dkim=none (message not signed) header.d=none;google.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2365.namprd12.prod.outlook.com (2603:10b6:802:2e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.27; Fri, 7 May 2021 13:29:31 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4108.029; Fri, 7 May 2021 13:29:30 +0000 Cc: brijesh.singh@amd.com, devel@edk2.groups.io, James Bottomley , Min Xu , Jiewen Yao , Jordan Justen , Ard Biesheuvel , Erdem Aktas Subject: Re: [edk2-devel] [PATCH RFC v2 09/28] OvmfPkg/VmgExitLib: Allow PMBASE register access in Dxe phase To: Laszlo Ersek , Tom Lendacky References: <20210430115148.22267-1-brijesh.singh@amd.com> <20210430115148.22267-10-brijesh.singh@amd.com> <39e81516-ae93-e737-4203-af10cb07a9f9@redhat.com> From: "Brijesh Singh" Message-ID: Date: Fri, 7 May 2021 08:29:27 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.10.0 In-Reply-To: <39e81516-ae93-e737-4203-af10cb07a9f9@redhat.com> X-Originating-IP: [70.112.153.56] X-ClientProxiedBy: SN6PR2101CA0026.namprd21.prod.outlook.com (2603:10b6:805:106::36) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from Brijeshs-MacBook-Pro.local (70.112.153.56) by SN6PR2101CA0026.namprd21.prod.outlook.com (2603:10b6:805:106::36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4129.1 via Frontend Transport; Fri, 7 May 2021 13:29:29 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b4392c6a-2752-4e37-25d8-08d9115c24bc X-MS-TrafficTypeDiagnostic: SN1PR12MB2365: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7kL7jkI5pY6rhbjOeae/eavDP6fG/b17vIxQhPL/3tjjf8L3mpBQ36t1dxURtAd0sdLgTcFXV9KswNWDmtkytGFhnmVH+/8e7LQp8MiW2TmgP8GJmWmtXtPWv5hIZhR6oVVuZURi6npLd9msRY3WBZZBJk85q3zMODt0C3UxEAXKZlt4MjhOMGQAAkiXrzXEl1z9rjxjXRdMhXy6X56vXU44TcE27he+XQn5/UWF2f0k67yj5wAx/iLvLGZE0buyzByHzSGoZtCpYrj7EoUKyZPXG6vhRVFNpcvAcZzz4/Ffl8Ytq7vMbl1iDBKGuK6ofGI0ws0ckDlr2WvTHhC0oZI9Bh0LOlOmAFQwM4PVJcEDakFVF90cg5xbe31ebilGdT1aCF7s5amJJSvCNX6bl6Dx+QwshyKxcmFF5I3n2ecOOGVruxIHVbmPevsMZadIUBukfPtHvfPdH18PXy61JR8IE5ws3NQYNohnczx3Blk0xOZvdbmwb4OzuojDRRjL+dr7G7IoNA59MvAyRwwAtMnFRJ9XPuTTL3V9Mk6B8BnEyET5b8iTANdqy6xZsOkhXmezAx12OoNwdJaX5bOQUhzVm59ulG2rrpuv8W9zfZ78LnsPoPAVkLJy2CT/SFsdY1z9gz6/SFRJQOaMKBh92IDeISIFFMojJORC83KugbPI3HsM9xQpVSHCmlHM9Yg2Co89Fmx5mwV/FQg0pV3sa1ruqrMucAu1nLDxJUhByqrsStWEatKON5lwDq11Wj6cpZc7MpkekymKfflBRCgXBM6b80d+4CSshNF+VQNFMWMsJZZGzyNjP9WooE4XkTWq X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(396003)(346002)(39860400002)(366004)(376002)(31686004)(6636002)(316002)(31696002)(6486002)(6512007)(83380400001)(86362001)(30864003)(44832011)(956004)(36756003)(53546011)(54906003)(478600001)(2906002)(19627235002)(66946007)(52116002)(6506007)(186003)(16526019)(26005)(8676002)(66556008)(4326008)(8936002)(5660300002)(66476007)(38100700002)(966005)(2616005)(38350700002)(45080400002)(110136005)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?UkkrdUR4RFBIZmZRUTdibkFwZ3ZCWFZ0SGdma3FRdGppeE9OQ0lhYTRXNkRQ?= =?utf-8?B?RUJKcEpBSTZaTWtoSUlqQ2R3MjRjNHlqQkpXeHlYOXk0R0MzRHZwekxFT3Bi?= =?utf-8?B?eUJob3U1QThjdHlzYmFjTmRCQUpOMmVBUXhOalRiTzBPUnhPZUU4MERPeWli?= =?utf-8?B?eG9MdlREdGgwUU50cVJObGVFMWkwQlZOaXZyOHhDWnYvRk4zcVhnblZDVFNB?= =?utf-8?B?a3RrK3pZb2N2OUhmSzRlQTZrQWtaZVhOQzU3ajdJV2kyeFZxai9WUXQ4TzBp?= =?utf-8?B?ODRqekdDRWs1V0VZbC9qZE01NmRuYjhYaGVzNnUxNy9mV0R4U1ZWVFFJcnBS?= =?utf-8?B?OEpsc214M2VJdUpDZXVvWmd0OW8xNG1NMXlkM01ORUtUZjZDaWovV3F5Smlq?= =?utf-8?B?b3grcFlUWmU3Q0cvQXdzK1NmcUlJdW5RRTh6YjNLVFJ0dXZubjZYek8rT0Fj?= =?utf-8?B?ckVwZmYwMnRPTG9iaEpiQjlLNTZteEVPYk1RYU50WUordms0ZWxtbjJPcFFv?= =?utf-8?B?RkNWNko3M0dpYkNwTXcwMXZ1OEx0TmZ0NlFyNWhIL2U1SmdXbDRveWo5MWdO?= =?utf-8?B?OTRYNVBBdXFTcVRPU0xydWV3S2tHQ2NYZ1JhQkRnendDUWphTjVTZHoxeWs0?= =?utf-8?B?QlZaSUFndHdNSkVvN1BMU3ZvSnBtVTVIL3NPR0VRcU1pcjFlcVF3bTdoRHkr?= =?utf-8?B?QUZBY2h2SFdVTms3dFk3emZra0tUSHh0akRycjMrSTJhUnFOVllZWCtTSi9W?= =?utf-8?B?MzJDaE10RUN0TDlpNDQxSnZlaEdHZmpTSE1lU2ZHcXJVZzkrYmpoV2NFSVNL?= =?utf-8?B?M0V5UmpuM3NMblppMUVodElZdi9iM3Jtbmk1WDM4UkpZZ0h2TitzNG1jZXZF?= =?utf-8?B?SlI0ZjhaRzM3WHJPcjhLOU14bWhEbS9jRXlHSGVGU1JLQkt1ZTQzZkNFNnpl?= =?utf-8?B?Z1UvekJWTk5EOU9iMXNLbzY5MXhYdzZPbFJOQ250eGh6U2NDK1BMS3hmeDZX?= =?utf-8?B?THN2OVpldmhaQ3pYRFdnNWp0K3libG5TaDk0c2hvbE5TNkNWNUxpVHZCTDk0?= =?utf-8?B?VFFPOHlpNnVWZTRHNU1vaVlOR3FqbnlXNm82blgvZCtITWM0VndSRUF6bld4?= =?utf-8?B?ZXdqUHV4YVMwQ2o4Q1pJY3M2QmtRYTlWOURyZ3JUMFBOeVJnNUhmdWxiQkVY?= =?utf-8?B?cVhqVm5scSt4anhwM05aOFNwcjFjWG5LbEd0d3ArR0JIUU1pdkRPc3YwSnNr?= =?utf-8?B?QXNYTUlmdW8xV0R6MC9JdVFvR3ZkdDZieGQwZTlIS2tOdTFWVkNFaG5GdFB5?= =?utf-8?B?RWZueTQxNWVCTUJrLzQ0a1IxeU9EY1pjTG51SG8rMEdzTnhvMVJONGloRDcx?= =?utf-8?B?S3RYamFaOGV5SDhQaDBkM29VeWZPbE83MmRwUmhWeHdFUEZTWkdFMUVxSERW?= =?utf-8?B?U3dPV1BIYWpMei9MNG9Da3gyWFhQYThOdzltSUxZY1hacEVjMEE4bUN5WUZV?= =?utf-8?B?WTBZZVBrOUVPdGJpdHF4WWEwRnEzQ2IyM3g3VGliQk9OeDVjc0EwUS84aU43?= =?utf-8?B?aVFNdVNEVGtmWkt2OGNVbXhSTG93Unk0anNPL0tnU2pNVHZhV1BWWVZ3T01q?= =?utf-8?B?TkJjRHFmbUlQQ1BtWjZZTy9OMUpoSDVwRlBaUXVqZWhWaGRaeGhqbEM5M1Fl?= =?utf-8?B?RHFTNVhGcUoyT0pnRTVFYnRrR21PRDJHcXp1VXg1N05rM01zaVQwb3ZBbW43?= =?utf-8?Q?I1fwHDvpeezSaIspPwBAAx6ZzKekR/SirEwyOHr?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: b4392c6a-2752-4e37-25d8-08d9115c24bc X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 May 2021 13:29:30.2668 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: eDf6HrYWJDQIMi5f9jA/hUMhhpW8qzZNUiAQ0u+C+D7KssG4slBB+IWAueqKLND5/8hhrfROjgmmh3G/EfuxgA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2365 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US On 5/6/21 9:08 AM, Laszlo Ersek wrote: > On 04/30/21 13:51, Brijesh Singh wrote: >> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C01d3e5c5268043c18bdf08d910987251%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637559069206222390%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=CN2hZrjsKzfSqMAxcQLtoHTUqBOlZmdDEO9vY9XT%2FTQ%3D&reserved=0 >> >> Commit 85b8eac59b8c5bd9c7eb9afdb64357ce1aa2e803 added support to ensure >> that MMIO is only performed against the un-encrypted memory. If MMIO >> is performed against encrypted memory, a #GP is raised. >> >> The VmgExitLib library depends on ApicTimerLib to get the APIC base >> address so that it can exclude the APIC range from the un-encrypted >> check. The OvmfPkg provides ApicTimerLib for the DXE phase. The >> constructor AcpiTimerLibConstructor() used in the ApicTimerLib uses >> the PciRead to get the PMBASE register. The PciRead() will cause an >> MMIO access. >> >> The AmdSevDxe driver clears the memory encryption attribute from the >> MMIO ranges. However, if VmgExitLib is linked to AmdSevDxe driver then the >> AcpiTimerLibConstructor() will be called before AmdSevDxe driver can >> clear the encryption attributes for the MMIO regions. >> >> Exclude the PMBASE register from the encrypted check so that we >> can link VmgExitLib to the MemEncryptSevLib; which gets linked to >> AmdSevDxe driver. > The above explanation is inexact. There are several typos ("APIC" is > incorrect, "ACPI" would be correct, for the TimerLib instance in > question), but that's really just a side observation. > > The precise explanation is the following library instance dependency > chain: > > OvmfPkg/AmdSevDxe/AmdSevDxe.inf > -----> MemEncryptSevLib class > -----> "OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance > -[*]-> VmgExitLib class > -----> "OvmfPkg/Library/VmgExitLib/VmgExitLib.inf" instance > -----> LocalApicLib class > -----> "UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf" instance > -----> TimerLib class > -----> "OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf" instance > -----> PciLib class > -----> "OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf" instance > -----> PciExpressLib class > -----> "MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf" instance > > The link (or dependency) marked with [*] is introduced in patch #26 > ("OvmfPkg/MemEncryptSevLib: Change the page state in the RMP table"). > That's the change that triggers the symptom. (In combination with you > testing on Q35, because on i440fx, the DxePciLibI440FxQ35 lib instance > accesses PCI config space via the 0xCF8, 0xCFC IO Ports, and those are > unaffected by SEV-ES.) > > The symptom is somewhat "unjustified", because at the end of the series, > the AmdSevDxe driver makes no calls to actual TimerLib APIs (I checked > -- I disassembled the "AmdSevDxe.debug" file with "objdump -S", and > there is no call to any API declared in the "TimerLib.h" class header). > However, the ECAM (MMCONFIG) access is still triggered, because the > AcpiTimerLibConstructor() function, in > "OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.c", is the constructor for > the "OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf" instance, and > AcpiTimerLibConstructor() calls PciRead32(). > > If you check the "OvmfPkg/OvmfPkgX64.dsc" file, you'll find that the > PciLib class is resolved to > "MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf" by default, and to > "OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf" for the > following module types: > > - DXE_DRIVER, > - DXE_RUNTIME_DRIVER, > - SMM_CORE, > - DXE_SMM_DRIVER, > - UEFI_DRIVER, > - UEFI_APPLICATION. > > The consequence is that modules strictly after the DXE_CORE get > dynamically enabled extended config space access (ECAM) on Q35 via the > PciLib class, whereas all modules strictly before the DXE_CORE, and the > DXE_CORE itself, are restricted to normal config space (IO Ports 0xCF8 / > 0xCFC) via the PciLib class. > > AmdSevDxe is a DXE_DRIVER, so it used to get DxePciLibI440FxQ35 as well. > > The solution should be simple. In the AmdSevDxe driver specifically, we > need no access to extended PCI config space. Accessing normal PCI config > space, via IO Ports 0xCF8 / 0xCFC, should suffice. That can be achieved > with the following module-scope override: Thanks Laszlo, I was not aware of the module-scope override. I will go with this approach and make sure it works after the inclusion of the VmgExitLib. > >> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc >> index 8d9a0a077601..45a02b236633 100644 >> --- a/OvmfPkg/OvmfPkgX64.dsc >> +++ b/OvmfPkg/OvmfPkgX64.dsc >> @@ -966,7 +966,10 @@ [Components] >> !endif >> >> OvmfPkg/PlatformDxe/Platform.inf >> - OvmfPkg/AmdSevDxe/AmdSevDxe.inf >> + OvmfPkg/AmdSevDxe/AmdSevDxe.inf { >> + >> + PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf >> + } >> OvmfPkg/IoMmuDxe/IoMmuDxe.inf >> OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf >> > ( > > For consistency, all DSC files that include > "OvmfPkg/AmdSevDxe/AmdSevDxe.inf" should be modified similarly: > > - OvmfPkg/AmdSev/AmdSevX64.dsc > - OvmfPkg/Bhyve/BhyveX64.dsc > - OvmfPkg/OvmfPkgIa32X64.dsc > - OvmfPkg/OvmfPkgX64.dsc > - OvmfPkg/OvmfXen.dsc > > ) > > Therefore, please try dropping this patch, and modifying patch#26 > instead -- the above module-scope override (for 5 DSC files) should be > squashed into patch#26, *and* the explanation I provided above should be > included in the commit message of patch#26. > > ... Correction: you have an independent bug in the series that affects > my above analysis. Namely, you *seem* to add the VmgExitLib dependency > to the "OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" > library instance, in patch#26. That's where you modify the INF file. But > that's wrong: in patch#21 ("OvmfPkg/MemEncryptSevLib: Add support to > validate system RAM"), you add a VmgInit() call to the same library > instance, via the new file > "OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c". > > The bug in that patch is clear from the fact that you introduce an > #include directive, but that's not mirrored by an > appropriate [LibraryClasses] change in the "DxeMemEncryptSevLib.inf" > file. (The other two lib instance INF files, "SecMemEncryptSevLib.inf" > and "PeiMemEncryptSevLib.inf" *are* modified as needed.) > > So you even need to move some stuff from patch#26 to patch#21, and > *then* squash the above module-scope override (and explanation) into > patch#21. > > A significant amount of work is needed on this series. I'll stop > reviewing RFC v2 here, because I don't want to look at the remaining > patches deeply as long as code movements etc are going to affect them. > Please post the next version -- assuming no other reviewer would like to > finish reviewing this version first! Sounds good. What's your thought if I take out patch 1 - 9 from this RFC series and submit them as non-RFC for the further review and acceptance ? The patch# 1-9 are basically prepatch before we get into SNP specific bits. > Thanks > Laszlo > >> Cc: James Bottomley >> Cc: Min Xu >> Cc: Jiewen Yao >> Cc: Tom Lendacky >> Cc: Jordan Justen >> Cc: Ard Biesheuvel >> Cc: Laszlo Ersek >> Cc: Erdem Aktas >> Signed-off-by: Brijesh Singh >> --- >> OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf | 4 ++ >> OvmfPkg/Library/VmgExitLib/VmgExitLib.inf | 7 +++ >> OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 45 ++++++++++++++++++++ >> 3 files changed, 56 insertions(+) >> >> diff --git a/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf b/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf >> index e6f6ea7972..22435a0590 100644 >> --- a/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf >> +++ b/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf >> @@ -27,6 +27,7 @@ >> SecVmgExitVcHandler.c >> >> [Packages] >> + MdeModulePkg/MdeModulePkg.dec >> MdePkg/MdePkg.dec >> OvmfPkg/OvmfPkg.dec >> UefiCpuPkg/UefiCpuPkg.dec >> @@ -42,4 +43,7 @@ >> [FixedPcd] >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize >> + gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress >> >> +[Pcd] >> + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId >> diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf b/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf >> index c66c68726c..d3175c260e 100644 >> --- a/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf >> +++ b/OvmfPkg/Library/VmgExitLib/VmgExitLib.inf >> @@ -27,6 +27,7 @@ >> PeiDxeVmgExitVcHandler.c >> >> [Packages] >> + MdeModulePkg/MdeModulePkg.dec >> MdePkg/MdePkg.dec >> OvmfPkg/OvmfPkg.dec >> UefiCpuPkg/UefiCpuPkg.dec >> @@ -37,4 +38,10 @@ >> DebugLib >> LocalApicLib >> MemEncryptSevLib >> + PcdLib >> >> +[FixedPcd] >> + gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress >> + >> +[Pcd] >> + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId >> diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c >> index 24259060fd..01ac5d8c19 100644 >> --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c >> +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c >> @@ -14,7 +14,10 @@ >> #include >> #include >> #include >> +#include >> +#include >> #include >> +#include >> >> #include "VmgExitVcHandler.h" >> >> @@ -596,6 +599,40 @@ UnsupportedExit ( >> return Status; >> } >> >> +STATIC >> +BOOLEAN >> +IsPmbaBaseAddress ( >> + IN UINTN Address >> + ) >> +{ >> + UINT16 HostBridgeDevId; >> + UINTN Pmba; >> + >> + // >> + // Query Host Bridge DID to determine platform type >> + // >> + HostBridgeDevId = PcdGet16 (PcdOvmfHostBridgePciDevId); >> + switch (HostBridgeDevId) { >> + case INTEL_82441_DEVICE_ID: >> + Pmba = POWER_MGMT_REGISTER_PIIX4 (PIIX4_PMBA); >> + break; >> + case INTEL_Q35_MCH_DEVICE_ID: >> + Pmba = POWER_MGMT_REGISTER_Q35 (ICH9_PMBASE); >> + // >> + // Add the MMCONFIG base address to get the Pmba base access address >> + // >> + Pmba += FixedPcdGet64 (PcdPciExpressBaseAddress); >> + break; >> + default: >> + return FALSE; >> + } >> + >> + // Round up the offset to page size >> + Pmba = Pmba & ~(SIZE_4KB - 1); >> + >> + return (Address == Pmba); >> +} >> + >> /** >> Validate that the MMIO memory access is not to encrypted memory. >> >> @@ -640,6 +677,14 @@ ValidateMmioMemory ( >> return 0; >> } >> >> + // >> + // Allow PMBASE accesses (which will have the encryption bit set before >> + // AmdSevDxe runs in the DXE phase) >> + // >> + if (IsPmbaBaseAddress (Address)) { >> + return 0; >> + } >> + >> // >> // Any state other than unencrypted is an error, issue a #GP. >> // >>