From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id ED8EA21E08286 for ; Fri, 9 Mar 2018 12:58:01 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 984BA4270953; Fri, 9 Mar 2018 21:04:18 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-125-183.rdu2.redhat.com [10.10.125.183]) by smtp.corp.redhat.com (Postfix) with ESMTP id 54FAA10AF9CF; Fri, 9 Mar 2018 21:04:17 +0000 (UTC) To: Brijesh Singh , edk2-devel@lists.01.org Cc: Tom Lendacky , Ard Biesheuvel , Jordan Justen References: <20180309160603.37482-1-brijesh.singh@amd.com> From: Laszlo Ersek Message-ID: Date: Fri, 9 Mar 2018 22:04:16 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <20180309160603.37482-1-brijesh.singh@amd.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Fri, 09 Mar 2018 21:04:18 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Fri, 09 Mar 2018 21:04:18 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:'' Subject: Re: [PATCH v3 1/1] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Clear C-bit when SEV is active X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Mar 2018 20:58:02 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 03/09/18 17:06, Brijesh Singh wrote: > Commit:24e4ad7 (OvmfPkg: Add AmdSevDxe driver) added a driver which runs > early in DXE phase and clears the C-bit from NonExistent entry -- which > is later split and accommodate the flash MMIO. When SMM is enabled, we > build two sets of page tables; first page table is used when executing > code in non SMM mode (SMM-less-pgtable) and second page table is used > when we are executing code in SMM mode (SMM-pgtable). > > During boot time, AmdSevDxe driver clears the C-bit from the > SMM-less-pgtable. But when SMM is enabled, Qemu Flash services are used > from SMM mode. > > In this patch we explicitly clear the C-bit from Qemu flash MMIO range > before we probe the flash. When OVMF is built with SMM_REQUIRE then > call to initialize the flash services happen after the SMM-pgtable is > created and processor has served the first SMI. At this time we will > have access to the SMM-pgtable. > > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Brijesh Singh > --- > > Changes since v2: > - rename BeforeFlashProbe() -> QemuFlashBeforeProbe() > - add new file to define Smm specific QemuFlashBeforeProbe() > - update commit message and comment in the code > > Patch is also available at > url: github.com/codomania/edk2.git > branch: smm-v3 > > > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf | 2 + > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h | 7 +++ > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c | 8 +++ > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c | 12 +++++ > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c | 54 ++++++++++++++++++++ > 5 files changed, 83 insertions(+) [lersek@redhat.com: trivial coding style improvements]: > diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c > index 3f057918298d..462d9c0322f4 100644 > --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c > +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c > @@ -249,7 +249,8 @@ QemuFlashInitialize ( > // > QemuFlashBeforeProbe ( > (EFI_PHYSICAL_ADDRESS)(UINTN) mFlashBase, > - mFdBlockSize, mFdBlockCount > + mFdBlockSize, > + mFdBlockCount > ); > > if (!QemuFlashDetected ()) { > diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c > index 193fcec3690e..8999ad8d0d2b 100644 > --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c > +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c > @@ -31,14 +31,14 @@ QemuFlashBeforeProbe ( > > ASSERT (FeaturePcdGet (PcdSmmSmramRequire)); > > - if (!MemEncryptSevIsEnabled()) { > + if (!MemEncryptSevIsEnabled ()) { > return; > } > > // > - // When SEV is enabled, AmdSevDxe runs early in DXE phase and clears the C-bit > - // from the NonExistent entry -- which is later split and accommodate the > - // flash MMIO but the driver runs in non SMM context hence it cleared the > + // When SEV is enabled, AmdSevDxe runs early in DXE phase and clears the > + // C-bit from the NonExistent entry -- which is later split and accommodate > + // the flash MMIO but the driver runs in non SMM context hence it cleared the > // flash ranges from non SMM page table. When SMM is enabled, the flash > // services are accessed from the SMM mode hence we explicitly clear the > // C-bit on flash ranges from SMM page table. Reviewed-by: Laszlo Ersek Commit e4a1d5a7c4e4. Thanks Brijesh! Laszlo