From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 553EA7803CD for ; Fri, 26 Jan 2024 22:13:37 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=9nRbsTFGiuZd3T9uiEWesTXZ1sWhMsGlz1aOc6ZB2YI=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:From:To:CC:Subject:Date:Message-ID:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20140610; t=1706307216; v=1; b=n5UEib8FQOx+Jy7Anuu64BdBP1STrEWBYMuocRTv/5Ok0f2W0Ce70bmiUgpaqHC5cNdSFMnn r78Zv7TIvPOXfE8bs/61HHMGvdLwp7Bu0e4gqFTTwhWvQ8UMHMas8MRYFrvepAAhEydy+uqBNXz mz+XDrgZyQiarTzam1RgJgl4= X-Received: by 127.0.0.2 with SMTP id w97nYY7687511xsQnaEVbCD3; Fri, 26 Jan 2024 14:13:36 -0800 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.70]) by mx.groups.io with SMTP id smtpd.web10.2852.1706307215058623309 for ; Fri, 26 Jan 2024 14:13:35 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N7f8z81LlrbJ9K+7iOW5wIXJPtHkxS5JUK70uIXAfr9LbCnaT8COeeP1CNAjj2RsdfXObXR4ZEWXIB7Y7hXVsDx0hApbLWLrWCa9gqi/CGhNe8rq5swC85hNqrJjtyJTRK9GZkWjd1JNrbTnFZbvzUcjwxrX24B5oE5l10S4RakbP1cJsk3ScrNtt08s3yYBQcVEmeXPstA2PqesMIvvMqwlCqZ8mNPSUI3KcwzyWn5I+HQIHrcb2ZshqrzKT3e0KPRxMN/RcQdhHg7IwvuOti9gbzh7JJHHpu3DjufXFdzHYOpO3OamxVI8gkczLgBVvQBJvg8H+sYmiNkwmdo0TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FyjFKVSFNA8343LtKLwtKRNeejKYsLNBIXyTQO27r6c=; b=nURHF+YZSOtSiVtoKUMv+CsCbcYrG2PJ83GEneFq8dcqf6qzfr+/1wqoF3IDNlONTpgsbmAhRbZT8luj7PNTkRtQ3tbZJS4hzn4Ul4IOVbsPDBk9bSCby5SocqWCEzI7bHgYeAX437z1pO0fTUguulFq7BvnQ7fWI4RgLtt5xfYYRbb0AMFoV2InlDmM+mZCi/DCUP7xJ5zHu33j2KCBug7cKk87aA1Tg1bwl0vPX04pAusofaXBgkRK6WRZohlweOoyktvS+xZdFLjglG75OIybZV9YlNcIn986mXtRYstR6mZX55h+u+9Cpc00fD6p7mAMUHUXbkWi2Pz91jGObA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) X-Received: from CY8PR10CA0009.namprd10.prod.outlook.com (2603:10b6:930:4f::20) by SJ2PR12MB8012.namprd12.prod.outlook.com (2603:10b6:a03:4c7::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.22; Fri, 26 Jan 2024 22:13:31 +0000 X-Received: from CY4PEPF0000E9CF.namprd03.prod.outlook.com (2603:10b6:930:4f:cafe::87) by CY8PR10CA0009.outlook.office365.com (2603:10b6:930:4f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.27 via Frontend Transport; Fri, 26 Jan 2024 22:13:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9CF.mail.protection.outlook.com (10.167.241.142) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7228.16 via Frontend Transport; Fri, 26 Jan 2024 22:13:30 +0000 X-Received: from tlendack-t1.amdoffice.net (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Fri, 26 Jan 2024 16:13:29 -0600 From: "Lendacky, Thomas via groups.io" To: CC: Ard Biesheuvel , Erdem Aktas , Gerd Hoffmann , Jiewen Yao , Laszlo Ersek , Liming Gao , Michael D Kinney , Min Xu , Zhiguang Liu , "Rahul Kumar" , Ray Ni , Michael Roth Subject: [edk2-devel] [PATCH 00/16] Provide SEV-SNP support for running under an SVSM Date: Fri, 26 Jan 2024 16:12:59 -0600 Message-ID: MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9CF:EE_|SJ2PR12MB8012:EE_ X-MS-Office365-Filtering-Correlation-Id: 0ba5fb57-3aee-4fe7-a1c3-08dc1ebc079c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: Z/k9sfc/hqvxpfLLxhZfc6JdgE97QWJvQ/6a6kUDUElv2IuBcJWYdPgR0lkwkGe/QKIO5n8byo6MuUZPaTs4YnkrGpwG9ATw4aiSXApJQ1lXxiIYieAOS15r+cT4AHkvqWEw5n5iW6jzn6wUBsIyvRooIrXrOFFLuAPAbFrIQa28ipQcHyWb/Us57sWxy6mG8kQUnUUOpSIBly0qyLuzcy/wVymlEcR2BHt2lXlBPuJqJgp0pbLsTMXT+wRd/avZQf/GqEN+85VVmmwGMvYiROsJNh+t5gHKS+X3dfjzf+2H+1tcbnJdpRU+pvk2HS4fj/4kVmWMcxQ2bNK+qZcQJgor5nMoMkXTJfLuG99xO1gBIJfKhY8QPCFbC11dNQBUVdIxiQdjGaO3MtkgTvU/Mnvv52nSWVzBeBZUo6UmI7nYjdcUedEOkaABfBUfVabpDdwF1aftMWzEcAHBu1aTX6+7Chf3ZMVW3DJr2dZdrF7escX5+TeCtIsCwBxepqlL8Et//wQ7plME72m4eGIEU4KnytINc9GhEnvZ3yG7WPMSYLvwWluDKzgAr0dfOcip49EHL7uhc3VmPnneo9yvZTVtLbxLUagSQw4cBapHiP+8Ht26JLZqEZxEbQI+qCxAuTol+XL95+8niPOhJ7S1OYBZh+VlGx7rP/aV2nuQCAdDqY7wvvjdQEtJdkFRHXoCcHH+uVaIG0yGVJ9bbGfsvPLBeGez01DKUeUQDxqs7EZDONZRP/fUt5DXHO8U/O7HkAdZ60NwKUYLtr0hdvouxtdU6eaj6F7ZGr5koLd4f3qjBrj4DEoqXpY3ob9kHU2B X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2024 22:13:30.9220 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0ba5fb57-3aee-4fe7-a1c3-08dc1ebc079c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9CF.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8012 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: ymsah7lbnWeiysFk2pzU3eryx7686176AA= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=n5UEib8F; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}"); dmarc=none; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654 This series adds SEV-SNP support for running OVMF under an Secure VM Service Module (SVSM) at a less privileged VM Privilege Level (VMPL). By running at a less priviledged VMPL, the SVSM can be used to provide services, e.g. a virtual TPM, for the guest OS within the SEV-SNP confidential VM (CVM) rather than trust such services from the hypervisor. Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are certain SNP related operations that require that VMPL level. Specifically, the PVALIDATE instruction and the RMPADJUST instruction when setting the the VMSA attribute of a page (used when starting APs). If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must use an SVSM (which is running at VMPL0) to perform the operations that it is no longer able to perform. How OVMF interacts with and uses the SVSM is documented in the SVSM specification [1] and the GHCB specification [2]. This series introduces support to run OVMF under an SVSM. It consists of: - Reorganize the page state change support to not directly use the GHCB buffer since an SVSM will use the calling area buffer, instead - Detecting the presence of an SVSM - When not running at VMPL0, invoking the SVSM for page validation and VMSA page creation/deletion - Retrieving the list of vCPU APIC IDs and starting up all APs without performing a broadcast SIPI - Detecting and allowing OVMF to run in a VMPL other than 0 when an SVSM is present The series is based off of commit: 7d7decfa3dc8 ("UefiPayloadPkg/Crypto: Support external Crypto drivers.") [1] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/sp= ecifications/58019.pdf [2] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/sp= ecifications/56421.pdf --- Tom Lendacky (16): OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support MdePkg/Register/Amd: Define the SVSM related information MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM UefiCpuPkg/CcExitLib: Extend the CcExitLib library to support an SVSM Ovmfpkg/CcExitLib: Extend CcExitLib to handle SVSM related services OvmfPkg: Create a calling area used to communicate with the SVSM OvmfPkg/CcExitLib: Add support for the SVSM_CORE_PVALIDATE call OvmfPkg/CcExitLib: Add support for the SVSM create/delete vCPU calls UefiCpuPkg/MpInitLib: Use CcExitSnpVmsaRmpAdjust() to set/clear VMSA MdePkg: GHCB APIC ID retrieval support definitions UefiCpuPkg: Create APIC ID list PCD OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor UefiCpuPkg/MpInitLib: Always use AP Create if PcdSevSnpApicIds is set UefiCpuPkg/MpInitLib: AP creation support under an SVSM Ovmfpkg/CcExitLib: Provide SVSM discovery support OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at VMPL0 OvmfPkg/OvmfPkg.dec | = 4 + UefiCpuPkg/UefiCpuPkg.dec | = 7 +- OvmfPkg/AmdSev/AmdSevX64.fdf | = 9 +- OvmfPkg/OvmfPkgX64.fdf | = 3 + MdePkg/Library/BaseLib/BaseLib.inf | = 2 + OvmfPkg/Library/CcExitLib/CcExitLib.inf | = 5 +- OvmfPkg/Library/CcExitLib/SecCcExitLib.inf | = 5 +- OvmfPkg/PlatformPei/PlatformPei.inf | = 3 + OvmfPkg/ResetVector/ResetVector.inf | = 2 + UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | = 1 + UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | = 3 +- MdePkg/Include/Library/BaseLib.h | 3= 9 ++ MdePkg/Include/Register/Amd/Fam17Msr.h | 1= 9 +- MdePkg/Include/Register/Amd/Ghcb.h | 1= 9 +- MdePkg/Include/Register/Amd/Msr.h | = 3 +- MdePkg/Include/Register/Amd/Svsm.h | 10= 1 ++++ MdePkg/Include/Register/Amd/SvsmMsr.h | 3= 5 ++ OvmfPkg/Include/WorkArea.h | = 7 + OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h | = 4 +- OvmfPkg/Library/CcExitLib/CcExitSvsm.h | 2= 9 ++ UefiCpuPkg/Include/Library/CcExitLib.h | 7= 1 ++- UefiCpuPkg/Library/MpInitLib/MpLib.h | 2= 7 +- OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 1= 6 +- OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 2= 5 +- OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c | 2= 0 +- OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c | 2= 5 +- OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 20= 3 ++++---- OvmfPkg/Library/CcExitLib/CcExitSvsm.c | 53= 2 ++++++++++++++++++++ OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 2= 9 +- OvmfPkg/PlatformPei/AmdSev.c | 10= 0 +++- UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.c | 8= 2 ++- UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c | 1= 9 +- UefiCpuPkg/Library/MpInitLib/MpLib.c | = 7 +- UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c | 12= 7 +++-- MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm | 3= 9 ++ MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm | 9= 4 ++++ OvmfPkg/ResetVector/ResetVector.nasmb | = 6 +- OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm | = 9 + UefiCpuPkg/UefiCpuPkg.uni | = 3 + 39 files changed, 1524 insertions(+), 210 deletions(-) create mode 100644 MdePkg/Include/Register/Amd/Svsm.h create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h create mode 100644 OvmfPkg/Library/CcExitLib/CcExitSvsm.h create mode 100644 OvmfPkg/Library/CcExitLib/CcExitSvsm.c create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm --=20 2.42.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#114626): https://edk2.groups.io/g/devel/message/114626 Mute This Topic: https://groups.io/mt/103986434/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-