From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124])
 by mx.groups.io with SMTP id smtpd.web08.1287.1619806469617597625
 for <devel@edk2.groups.io>;
 Fri, 30 Apr 2021 11:14:29 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=hsKtCLxY;
 spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: lersek@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1619806468;
	h=from:from:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=35NEyxbZSWISYYxZSOu1kcn3p3nf4Quo2eQFFWrZzl8=;
	b=hsKtCLxYoOtDukupVzRSxQ1N7C95kl1SdR5S/nbp3GKvzQHRlwfHZOXl3IKoc73+/NrKkk
	fGhUP7E/yput6eO2w/ZyeRFd6kVNU2FDkGm7/pf6cFManQ1M9kc1i/AYL3E4c0FiwvrHcm
	HLc/fsRAAgZWmWw7vMw3Z7G81EPx1BM=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-195-ijB3PfjGPkKENIZ1Gwfeag-1; Fri, 30 Apr 2021 14:14:25 -0400
X-MC-Unique: ijB3PfjGPkKENIZ1Gwfeag-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 70F7880EDAA;
	Fri, 30 Apr 2021 18:14:21 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-248.ams2.redhat.com [10.36.112.248])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 186EA5C232;
	Fri, 30 Apr 2021 18:14:10 +0000 (UTC)
Subject: Re: [edk2-devel] [PATCH v3 4/5] OvmfPkg/Tcg2ConfigPei: Mark TPM MMIO range as unencrypted for SEV-ES
From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, thomas.lendacky@amd.com
Cc: Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@alien8.de>,
 Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Jordan Justen <jordan.l.justen@intel.com>,
 Brijesh Singh <brijesh.singh@amd.com>, Erdem Aktas <erdemaktas@google.com>,
 James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Min Xu <min.m.xu@intel.com>, =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?=
 <marcandre.lureau@redhat.com>, Stefan Berger <stefanb@linux.ibm.com>
Reply-To: devel@edk2.groups.io, lersek@redhat.com
References: <cover.1619716333.git.thomas.lendacky@amd.com>
 <42794cec1f9d5bc24cbfb9dcdbe5e281ef259ef5.1619716333.git.thomas.lendacky@amd.com>
 <82d61943-eb51-f426-a3a8-43eaec7df6d5@redhat.com>
Message-ID: <e3b781ef-f096-8d0f-1c97-35abcd078cde@redhat.com>
Date: Fri, 30 Apr 2021 20:14:10 +0200
MIME-Version: 1.0
In-Reply-To: <82d61943-eb51-f426-a3a8-43eaec7df6d5@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit

Hi Tom,

On 04/30/21 19:01, Laszlo Ersek wrote:
> On 04/29/21 19:12, Lendacky, Thomas wrote:
>> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3345
>>
>> During PEI, the MMIO range for the TPM is marked as encrypted when running
>> as an SEV guest. While this isn't an issue for an SEV guest because of
>> the way the nested page fault is handled, it does result in an SEV-ES
>> guest terminating because of a mitigation check in the #VC handler to
>> prevent MMIO to an encrypted address. For an SEV-ES guest, this range
>> must be marked as unencrypted.
>>
>> Create a new x86 PEIM for TPM support that will map the TPM MMIO range as
>> unencrypted when SEV-ES is active. The gOvmfTpmMmioAccessiblePpiGuid PPI
>> will be unconditionally installed before exiting. The PEIM will exit with
>> the EFI_ABORTED status so that the PEIM does not stay resident. This new
>> PEIM will depend on the installation of the permanent PEI RAM, by
>> PlatformPei, so that in case page table splitting is required during the
>> clearing of the encryption bit, the new page table(s) will be allocated
>> from permanent PEI RAM.
>>
>> Update all OVMF Ia32 and X64 build packages to include this new PEIM.
>>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Brijesh Singh <brijesh.singh@amd.com>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Marc-André Lureau <marcandre.lureau@redhat.com>
>> Cc: Stefan Berger <stefanb@linux.ibm.com>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
>> ---
>>  OvmfPkg/AmdSev/AmdSevX64.dsc                              |  1 +
>>  OvmfPkg/OvmfPkgIa32.dsc                                   |  1 +
>>  OvmfPkg/OvmfPkgIa32X64.dsc                                |  1 +
>>  OvmfPkg/OvmfPkgX64.dsc                                    |  1 +
>>  OvmfPkg/AmdSev/AmdSevX64.fdf                              |  1 +
>>  OvmfPkg/OvmfPkgIa32.fdf                                   |  1 +
>>  OvmfPkg/OvmfPkgIa32X64.fdf                                |  1 +
>>  OvmfPkg/OvmfPkgX64.fdf                                    |  1 +
>>  OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPei.inf | 40 +++++++++
>>  OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPeim.c  | 87 ++++++++++++++++++++
>>  10 files changed, 135 insertions(+)

[...]

> Reviewed-by: Laszlo Ersek <lersek@redhat.com>

I'm going to update the subject of this patch:

OvmfPkg/TpmMmioSevDecryptPei: Mark TPM MMIO range as unencrypted for SEV-ES

(75 chars, which is the longest that PatchCheck.py accepts.)

Thanks!
Laszlo