From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.72]) by mx.groups.io with SMTP id smtpd.web11.10842.1619540484584674611 for ; Tue, 27 Apr 2021 09:21:24 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=ozd1fzKM; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.72, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TK5709eufOUzGzpbMyah6rBXby+h7eijA3ajsATejvvGtJeOv6IsBqqExrfACoOpaaOisn1iEiwIAGjAEQumlGrD/OvReKS5E3uuoIm3sOplLX5HAcHHnNTER15PX0xcwKAtmC6d1AkL7CUM5S0aYzgr5RVemA35fGsBDsJnveCySfYQ4UuMvO4PiHJUGDCs8DiRVNVGYO3GpEGiW5bumh3UPozeOAHjdd8oCvGjCR5eVRcOpiPYscnanPgoSZsEFGlmQZAeUgPWU7LE2gozMlTz01D7vmUgGoOzh62fGNNjDzjrFHqozNnbJTeV0e+iTnCwICOnzMm8yjOzO0smzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jnuonTGE+N2jNGHjLaoyYVKBTPi8phShrCq9LVvjXn8=; b=fNXSlotfjx14A0lYXVN4DfNRs1nhZdEvwPSWMiYOBhN7AnR/UKejO9dtKL91rK4mnqjLKctRC4npy6rc9SgJBm0d4HlYlAjtL7qx0xbeYAG1qe8IeaHNVH6KLkQB+1iFpiebZU7BbWZt+iLo0eJNe41LDJLO2sJFDNGy6JK30cVlybNoOVeCQ1GDe1+ZHEIJGLVKkAEh2cxP7M44OFUnNUaJTOVVVDWR//JLj4HTboYMUDsx3UeipmWh++311OFtL4hJXHZsC/9WL3zxuobtctbAYJFAEjvF3rkhNigaC/Vg7dDV3ODWyPnVWJizq9kUpBFdOOCGAUKh9+1nLiZUow== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jnuonTGE+N2jNGHjLaoyYVKBTPi8phShrCq9LVvjXn8=; b=ozd1fzKMbmRnVe6noIowaT6bpwXj64URIo4ypZumZrLLZHE9bNC882b29UcqpaPHRDcYnSHeyQ4vwejQB6H2HhQrUxWaTYW1OGJuxkT/hHZs040WASGKPfdAkJulDZByykLUHgTwPImPTY1Gb8GLr24E7/TgxSAMhXDPbbOaBZw= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4960.namprd12.prod.outlook.com (2603:10b6:5:1bc::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.25; Tue, 27 Apr 2021 16:21:23 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4065.026; Tue, 27 Apr 2021 16:21:22 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Joerg Roedel , Borislav Petkov , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stefan Berger Subject: [PATCH v2 0/4] SEV-ES TPM enablement fixes Date: Tue, 27 Apr 2021 11:21:06 -0500 Message-ID: X-Mailer: git-send-email 2.31.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR11CA0163.namprd11.prod.outlook.com (2603:10b6:806:1bb::18) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by SA0PR11CA0163.namprd11.prod.outlook.com (2603:10b6:806:1bb::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.21 via Frontend Transport; Tue, 27 Apr 2021 16:21:21 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 92d1959a-033e-43f6-e027-08d909987f5b X-MS-TrafficTypeDiagnostic: DM6PR12MB4960: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:580; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: OtirdDzXSWwqvxb8DL0c2XrhD8tYm+xGBUYrrRNkAzYBitq487TyktytaQ9pgHrn7rGgrz2GnKAjwUQhFA3zoXXr9hCl133jL0Ei8kpfxWh8hXF7fRymzzLMxhsm7f4LwuF4ssolhynfICVuWEgT5qNZ434E4UYBynh6VUKmLrLFsQ6VsnI5YSq7wMxX3/hdzB0+sWsiRGl4iCpRkx+ldkqOttInOjLRsn6Unuelzn+SQftI9J/48eUeTcx3xd5aTxlWcOmc2Y4bfXTwBQFZNkVv8r0x8WgZFbp8XgWkzsHkEhYCTFPUur8UwcmLC/uVE+6NHuZ6myJeufXYyHsC0JPcOxrmA7EIoJUnJ2dKNH97b2ks//g6yx31Inp/HYdhpZ1intVs5leseqfx7xpcRBUXVvayDi7la5lqqf16pgwFnwZFPLvLB6T1Ioe5iVRDcBF3SBFo6dblYgkmYqvNrDiisJzg8bvkdQAdUZbPzgt2bWzq1KeRbuMMj0MMdZLR5i+2YA9G4uwPsUbyXDgyo79ngrHQnRT4Tb6EDHhFIXwyyNfrhsOwOV/LlXYtVgFAyaVX8QGYHENeDQscY5EoXnHhSTybf39DUu0fa6+DBV2AtWHEaZWH50/qmu/JVjrHb7aVBsqwvm8ARqz2uePgjKr3b5uTxLNCDIlTeaMhXohPc3acin63xLMbxr9HCuatiBzWHkJx0bSPkQC2rBFzXkEogFje7LkumB8d8aktC0o= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(39860400002)(366004)(346002)(396003)(376002)(38100700002)(38350700002)(19627235002)(5660300002)(2906002)(6666004)(26005)(186003)(8676002)(16526019)(83380400001)(54906003)(6916009)(86362001)(966005)(6486002)(7696005)(36756003)(52116002)(4326008)(2616005)(66556008)(66476007)(66946007)(956004)(478600001)(7416002)(316002)(8936002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?PYqpf9h1M69c+RnUyH0TJXZP0FjHkW/EmPGjXOh78BRT2OSTHRK8nFHQWoc8?= =?us-ascii?Q?HqPSXbLQDr4Jhi9pTBZTDGJJjSXOjfmp3o5otBUnTGlQ1KaTBbjY+QPuMMFC?= =?us-ascii?Q?c0ZQ0vITT2AtN0uMSueIEevwu5kxXXt1Aie7/arD8xH6hkSptA04sby5mzhs?= =?us-ascii?Q?kkhWn9vomdeHwsdN4i39cUWB+9GB4H2anaK0OEDJtnB8NO6xmc4R6UUbQJuG?= =?us-ascii?Q?MJdkYWXltJ/wuhzqdYojR6f+NdeChPT7fpJ1X8xY1OEtDNdXRD6I8DRiM1pM?= =?us-ascii?Q?oaVCcUDTaQn0UdIDq0JdePq7Fu3Wk2Vzhfxka7y8cjltXaBPFhZp22/weUyY?= =?us-ascii?Q?FCLj1tMftB2kQdyKU98NA/iXYXqjNeqa7x+Culm2vxeS9vIaF0m+O+fObFct?= =?us-ascii?Q?1fXspjHXYNiG5JtqWehjeonmOkYMYSmQTThkCNZterveq+jYo+NrO4lM9241?= =?us-ascii?Q?45X0yRytQfCviUpktu3KQUOnX8D+K83xKhVOBtzLBvl+2UBaEZxwhNvn8+dy?= =?us-ascii?Q?CxETy1JFervTdkGAmVOGpNpSelygEZYdeh0CLCvbwErl5LWn8XKxiRPKKt99?= =?us-ascii?Q?AwYjmq6mcU0MHZ8Wa6Go9RFj2vrccSgNxpTaW4tTmWzSIhcAfx1/lEW/WY80?= =?us-ascii?Q?fQUvlh4v1JIxW7cknTQSZBdHJdXVdhCOeRpXMIibZpyhPwBTFt7fwJEmddaS?= =?us-ascii?Q?lmZtdNoIxho8sUwH68I6xCeptHuSLRZTt/ggFFdHJegqElAISSWojp9Mq54g?= =?us-ascii?Q?s9eBepdrzK00GCS1HJl0MA/qwfJSILRTRdPbC7rVEHZASiJW/Mi4bSprJHoy?= =?us-ascii?Q?WpIuMeoYt8BBOIAk9O1HP7l6ZyO1IFvkw594vL9t856w+GWCwgJMoKtLwGaN?= =?us-ascii?Q?YZWHIv/8CisjaHPlEAYbgskyiM+jWIcRsFJfZ8VmjKvCj4jTlna0HQvdXJWo?= =?us-ascii?Q?VSx9Sgfs+MXWlVaKcDdN5QYgG5bU4eaiQjcUo/3tTM7QFOPUhvr6tCfrwzrS?= =?us-ascii?Q?77wIYDx6si1dBI5P47hCg3FCNQkspT8mqapbQfTtwFDD/xSMu3BTBAf4TzTR?= =?us-ascii?Q?AgjoGrcpd0lbsJseZC4Ok4OcpjuSn9qF59IryN91foVBlDh6/Amp2Jix40uT?= =?us-ascii?Q?qCa+Pe/31ovmyo7E/76a7QkCvxwQYstbKAJ0COXbEnDweit5kyvX91xoMYyn?= =?us-ascii?Q?9idcJZ+BRFacAwn8rKV7ln1CAP8GZLNbnh6fTO1oaWcz4XAjB44IaErtN8up?= =?us-ascii?Q?HwpxmkOKbojzfw/GDpkI+Ctc+D6sH0ZGUMOg9YEIJCs+mmdh6ioYosvJSVTe?= =?us-ascii?Q?/hXaZlB74Ngns3wXZqDiUkE0?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 92d1959a-033e-43f6-e027-08d909987f5b X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2021 16:21:22.7511 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: R+5faus+Qv/0pqWyvbrmQ586BF2H2srm3BA7IdBk2ISJLZ6wTeiUawNsF0UMl68ZPpl7am9l1RkU5w0YkEtLxQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4960 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable From: Tom Lendacky This patch series provides fixes for using TPM support with an SEV-ES guest. The fixes include: - Decode ModRM byte for MOVZX and MOVSX opcodes. - Add MMIO support for MOV opcodes 0xA0-0xA3. - Create a new TPM MMIO ready PPI guid, gOvmfTpmMmioAccessiblePpiGuid - Mark TPM MMIO range as un-encrypted during PEI phase for an SEV-ES guest and install the TPM MMIO ready PPI guid. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3345 --- These patches are based on commit: 5b90b8abb404 ("ArmPkg: Fix typo of Manufacturer in comment in SmbiosMiscDxe= ") Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Marc-Andr?? Lureau Cc: Stefan Berger Tom Lendacky (4): OvfmPkg/VmgExitLib: Properly decode MMIO MOVZX and MOVSX opcodes OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes OvmfPkg: Define a new PPI GUID to signal TPM MMIO accessability OvmfPkg/Tcg2ConfigPei: Mark TPM MMIO range as unencrypted for SEV-ES OvmfPkg/OvmfPkg.dec | 4 + OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + OvmfPkg/OvmfPkgIa32.dsc | 1 + OvmfPkg/OvmfPkgIa32X64.dsc | 1 + OvmfPkg/OvmfPkgX64.dsc | 1 + OvmfPkg/AmdSev/AmdSevX64.fdf | 1 + OvmfPkg/OvmfPkgIa32.fdf | 1 + OvmfPkg/OvmfPkgIa32X64.fdf | 1 + OvmfPkg/OvmfPkgX64.fdf | 1 + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 2 +- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf | 40 +++++++ OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 118 ++++++++++= +++++++++- OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPeim.c | 76 ++++++++++= +++ 13 files changed, 245 insertions(+), 3 deletions(-) create mode 100644 OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.i= nf create mode 100644 OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPeim.= c --=20 2.31.0