From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 4BBE821AE3CD9 for ; Wed, 24 May 2017 06:55:32 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id AD43EC04B943; Wed, 24 May 2017 13:55:31 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com AD43EC04B943 Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=lersek@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com AD43EC04B943 Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-23.phx2.redhat.com [10.3.116.23]) by smtp.corp.redhat.com (Postfix) with ESMTP id 364437D6B3; Wed, 24 May 2017 13:55:29 +0000 (UTC) To: Brijesh Singh , edk2-devel@lists.01.org, jordan.l.justen@intel.com Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com References: <1495466592-21641-1-git-send-email-brijesh.singh@amd.com> <1495466592-21641-15-git-send-email-brijesh.singh@amd.com> From: Laszlo Ersek Message-ID: Date: Wed, 24 May 2017 15:55:29 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <1495466592-21641-15-git-send-email-brijesh.singh@amd.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 24 May 2017 13:55:31 +0000 (UTC) Subject: Re: [PATCH v5 14/14] OvmfPkg/QemuFwCfgLib: Add SEV support X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 May 2017 13:55:32 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit comments below: On 05/22/17 17:23, Brijesh Singh wrote: > When SEV is enabled, use a bounce buffer to perform the DMA operation. > > > Cc: Jordan Justen > Cc: Laszlo Ersek > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Brijesh Singh > --- > OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c | 54 +++++++++++++++++++- > 1 file changed, 52 insertions(+), 2 deletions(-) > > diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c > index 73a19772bee1..40b43ac78ff4 100644 > --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c > +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.c > @@ -72,6 +72,8 @@ InternalQemuFwCfgDmaBytes ( > volatile FW_CFG_DMA_ACCESS *Access; > UINT32 AccessHigh, AccessLow; > UINT32 Status; > + UINT32 NumPages; > + VOID *DmaBuffer, *BounceBuffer; > > ASSERT (Control == FW_CFG_DMA_CTL_WRITE || Control == FW_CFG_DMA_CTL_READ || > Control == FW_CFG_DMA_CTL_SKIP); > @@ -80,11 +82,44 @@ InternalQemuFwCfgDmaBytes ( > return; > } > > - Access = &LocalAccess; > + // > + // When SEV is enabled then allocate DMA bounce buffer > + // > + if (InternalQemuFwCfgSevIsEnabled ()) { > + UINTN TotalSize; > + > + TotalSize = sizeof (*Access); > + // > + // Control operation does not need buffer > + // (1) you missed my remark that this comment should say "skip operation", see point (2) in . > + if (Control != FW_CFG_DMA_CTL_SKIP) { > + TotalSize += Size; > + } > + > + // > + // Allocate SEV DMA buffer > + // > + NumPages = (UINT32)EFI_SIZE_TO_PAGES (TotalSize); > + InternalQemuFwCfgSevDmaAllocateBuffer (&BounceBuffer, NumPages); > + > + Access = BounceBuffer; > + DmaBuffer = (UINT8*)BounceBuffer + sizeof (*Access); > + > + // > + // Decrypt data from encrypted guest buffer into DMA buffer > + // > + if (Control == FW_CFG_DMA_CTL_WRITE) { > + CopyMem (DmaBuffer, Buffer, Size); > + } > + } else { > + Access = &LocalAccess; > + DmaBuffer = Buffer; > + BounceBuffer = NULL; > + } > > Access->Control = SwapBytes32 (Control); > Access->Length = SwapBytes32 (Size); > - Access->Address = SwapBytes64 ((UINTN)Buffer); > + Access->Address = SwapBytes64 ((UINTN)DmaBuffer); > > // > // Delimit the transfer from (a) modifications to Access, (b) in case of a > @@ -117,6 +152,21 @@ InternalQemuFwCfgDmaBytes ( > // After a read, the caller will want to use Buffer. > // > MemoryFence (); > + > + // > + // If Bounce buffer was allocated then copy the data into guest buffer and > + // free the bounce buffer > + // > + if (BounceBuffer) { (2) You missed my remark about the edk2 coding style, see point (6) in . > + // > + // Encrypt the data from DMA buffer into guest buffer > + // > + if (Control == FW_CFG_DMA_CTL_READ) { > + CopyMem (Buffer, DmaBuffer, Size); > + } > + > + InternalQemuFwCfgSevDmaFreeBuffer (BounceBuffer, NumPages); > + } > } > > > If a v6 is necessary, then please fix up the above. Otherwise, the patch is good to me as-is. Reviewed-by: Laszlo Ersek Thanks Laszlo