From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM04-DM6-obe.outbound.protection.outlook.com (NAM04-DM6-obe.outbound.protection.outlook.com [40.107.102.42])
 by mx.groups.io with SMTP id smtpd.web08.10325.1619716761153793694
 for <devel@edk2.groups.io>;
 Thu, 29 Apr 2021 10:19:21 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amd.com header.s=selector1 header.b=rtLzj9Aa;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.102.42, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=UdPvepEoaNm939q3H9M/kPjIJYcZJyaK8iftuSbUjh0tYwPDHyBnkpoTdzfHC9+WZOOpLQwQvCL6huu8/BYfK3/j+bEUwpO59L62dW9BUqn/ekX3Gj1ufrwrc1IFwXwFy59eKvQA5kqj/gfMcKS2vMJcPznU/mf7FkbGWn5YoojMc+Ta+8gPc67qzm6bcK6IotGqQF5ZS60Wur8YxGWay5/M0oftNnCtq1eBCl9+dVJ2vSvJVPdyGmeupHBlF8D1FcUgWYJoNV7W2T7usIqYy424XF80+g5QzD0f9U8hHxlKnBc3gsLk2FVq6z9P1WV9aiKQmGrTPRzxDG2AbgFlsg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=x7EasOiiilpeeq+CqQ/BHWygO/693PfOlySFmKew0b0=;
 b=MfKM76eruUDDXwzSnh7ofqToqRBklaVemb2ZeHoQF/7XoV8620nwnMksY8AnTcSQOFujxDchkthkrSYbV4ano0ASURdVRL2PmcupssVYSapqtkGRgrzmwolYp9Q8HAqX7fGOH3Aza9Ie77oiUxjAspEShHRHYR/jYhahG/LuliR6nv5xrhkhu2p4qSTCA7nQ+Mc29rXjZcgdz0OEhsRTaa80Kz3WaHuls/Jibu07QVUCn6ZaKe1VQcDcpDmp26VF1Rl0LQ5GqSpcOIXnxdqnve75IHjPGvbRos9geO7oYHmrJlt0pNydC0/tusVpBgLryZvnGoeeFRPbDs3YSpGPBw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=x7EasOiiilpeeq+CqQ/BHWygO/693PfOlySFmKew0b0=;
 b=rtLzj9AaS74HgXBL42Td0Jha6FjKe8iTClVoLMp3ZRAgGvfJmllUqG8GPYVJOxB9ju3t87JFftfjmVh+2WoPH6nnnMX56kWpWusCQmCa7CNzruQri+Zf6kSHM6S86N+iC11Y6EB5cePoVIqXEVBvht7jAz9vozV1xJB/GYy8BBA=
Authentication-Results: intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=none action=none header.from=amd.com;
Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by
 DM6PR12MB4092.namprd12.prod.outlook.com (2603:10b6:5:214::14) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.4087.26; Thu, 29 Apr 2021 17:19:19 +0000
Received: from DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4065.026; Thu, 29 Apr
 2021 17:19:19 +0000
Subject: Re: [PATCH v3 2/5] OvmfPkg/VmgExitLib: Add support for new MMIO MOV opcodes
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@alien8.de>,
 Laszlo Ersek <lersek@redhat.com>, Ard Biesheuvel
 <ardb+tianocore@kernel.org>, Jordan Justen <jordan.l.justen@intel.com>,
 Brijesh Singh <brijesh.singh@amd.com>, Erdem Aktas <erdemaktas@google.com>,
 James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Min Xu <min.m.xu@intel.com>
References: <cover.1619716333.git.thomas.lendacky@amd.com>
 <2fdde57707b52ae39c49341c9d97053aaff56e4a.1619716333.git.thomas.lendacky@amd.com>
Message-ID: <e4e5993b-9ade-6418-f549-2eb8b57e3ec6@amd.com>
Date: Thu, 29 Apr 2021 12:19:16 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.7.1
In-Reply-To: <2fdde57707b52ae39c49341c9d97053aaff56e4a.1619716333.git.thomas.lendacky@amd.com>
X-Originating-IP: [67.79.209.213]
X-ClientProxiedBy: SA0PR13CA0015.namprd13.prod.outlook.com
 (2603:10b6:806:130::20) To DM5PR12MB1355.namprd12.prod.outlook.com
 (2603:10b6:3:6e::7)
Return-Path: thomas.lendacky@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from office-linux.texastahm.com (67.79.209.213) by SA0PR13CA0015.namprd13.prod.outlook.com (2603:10b6:806:130::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.8 via Frontend Transport; Thu, 29 Apr 2021 17:19:18 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 4b121b07-fc8d-42f5-9cdd-08d90b32ec5b
X-MS-TrafficTypeDiagnostic: DM6PR12MB4092:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM6PR12MB4092F3FC60A808EAAD71B268EC5F9@DM6PR12MB4092.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8273;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	mvjfke5uyRmP2AoakqD6UQMg988RZ3+npmS8m+5ZgyTS6LADRCTvvNmT4qYnhc8/fZ3YYuuqLXynKb2FWqz+91mr+GilFEagpLvWFGdX6SCpjPKxLNh5dgGIUOdXKk9wtrT02dg1JIFrGsxeSliv6u2SEarsU+dFC6meXbVQAfpPHIdEPLAp2cvk5OJ9tg1WVlT4b5cDMdcQZd3lGSBzxojo9b1CeiQ8i0Ti0z6ydmk+WvCGJBA9GI/+3n3aRvIi6K68PVvrJgmV/veeiWzpDHnTOdYkhdNrZCt47VUZfS99y74+R6vnyqJysQgKNUGfTCBOPuoGCG7xnPtsasMhsMLRgM+lwQqdL4cbbzkiQRIx8fH/PhTUS+E8Z7dMbOGn1hLCUr9S/KFklWhh1392JTiouSRl9QPJWCBGGwqg8tOzzDw66nJzouBniR1puOX9jwx55HbGPTYPte4ayDxhHQj/5Wx6qmm1gwmpUIg0h8L5kH1kW8Jg4JUelX6iVbvQjEyF5+ZGSQdU7OJYtJcqNgdAc1jDTxQQlZJRHvF9U19iQ7aSGbDj4rsB2/KFOSZz+y7qKpk0PmwTHBnlwMaAYXs9HchjCjk9gXzEBRmEzuTrVeLNbgQ4RfDSBCmEev6NyIutSN9v/ZjD2WEOxrHexr3+mQbMZML9rGzkh27ZMEopINVlBFm+TChvvHvBzoUuk3JsClcoHs2LoNaqjh5H/sVGRrMf/nJjp20u8zDaoIPafPMjAfei0h9CKi1niNMwMsWXRlg8OnSzl9+5qJpVGQ==
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(39860400002)(346002)(396003)(366004)(136003)(86362001)(6512007)(8676002)(478600001)(5660300002)(8936002)(966005)(31696002)(83380400001)(31686004)(6486002)(38100700002)(316002)(36756003)(7416002)(2906002)(4326008)(6916009)(2616005)(16526019)(956004)(66946007)(26005)(66476007)(54906003)(66556008)(6506007)(186003)(53546011)(45980500001)(43740500002);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
	=?utf-8?B?MlhnUDdMTXAyVU1LTERPRXVnMlQyMHl2bUZZZ282V0Z0Sjk2bjJYZGZ1WWFO?=
 =?utf-8?B?bUlXVzgwTXd2eDhOVUZhVUE1dW81K09NWXdFVnN5SGM2a3M3enZlVEpTQ0lS?=
 =?utf-8?B?TWpXRTlDcXh1eTE4Uk1OQ1NDY0IyWWVEZXh6dVovUUZ1STlST0VHZ3Vod3p0?=
 =?utf-8?B?OUxRalJhY2pxRTMvUmN3MVQzRlN5WGE4QWcrUDJRUTRRT3IrNDdLU2JOWE8z?=
 =?utf-8?B?azVZa211MlkrK2tMdFllWlEweXdLSEhOVWtxOE90Q2pHcEZ6bExrMXBkdXdl?=
 =?utf-8?B?UVJSa3ducUlEQkZDQ1hrTE5KUkQvcXRGWHBHcG04elFxb2FjVGpKbzNhZW9H?=
 =?utf-8?B?dGZaK1l2VDBqeUNuajdPcW8zWnI3VlVoSFQzeDljblhFV1NiNHlqci9vY09i?=
 =?utf-8?B?ZFNqMnpTS1Y3SkRWQmZkU0NXOWdzSERiQkdlQ0QySllsM2ZUY0dnaXZsTjc4?=
 =?utf-8?B?ZXdrL2QzQW9lUzd4MUFDZEZiZ3A0MUlSTTVsMTF3ZDh6MnNBUjVnZkJhTWxm?=
 =?utf-8?B?cWY1aTBnaXdHdDkvSUtLVVA0elNMNzlkcTh6YUFmNG9WMjA1cCtrVVlWM0Yw?=
 =?utf-8?B?NEdZK2poMWlIQkwzN0x5WWpoM2s2b2tIVzNRM0VwckEzTk10cE1jME5WbjVM?=
 =?utf-8?B?YnZuSWkrZkFFMmdMN0J2d2RlaUFLcnBlZ3ZYVjlQL01GTlErY1dHbWEyOU91?=
 =?utf-8?B?TkdKRTJEdzJHZnpZd2Z1Ump6eUsvWForeElhbDFZaXNCdkxrODdYRDJQbDlR?=
 =?utf-8?B?OURIQllHWlpUSmFObVI3dzdmWWpKdHl6Q3NUeVhXb0NnYWE5QU5GN0NLd3k2?=
 =?utf-8?B?R1pFU3FBdHpmdWMvTjRhd1ZhaTgxYzc3Mi82ZW5YSFczdlJUOFZzQlA0OXJI?=
 =?utf-8?B?Q3Foalp3MTEvK3ZteG82ZU9UT2hKOTl5Y2x1SXVrWHl5RGYybmx5aUhQR1Zv?=
 =?utf-8?B?VCtJUURtb2laZElYMzlWd1R4NTFzUnplNnYyYVFkRGF3d2JoSUJqQ1pXVjdU?=
 =?utf-8?B?dHVHQjE5bmFhYmI5TUtkd2hNdUlDNUxqVUN5Qzh0VVBLNzN5TzNZM3NBOHYw?=
 =?utf-8?B?aVFGTmhCbTd0Lzl3ZGJzTXhXR0ZUTUNSMEV4YVlWVXIwRHAwVFFnUTBzVmpn?=
 =?utf-8?B?c2tOQVBsUHpRcGRLUjNTQXhib0NaK0FDV2xmWDJBajVoZEV5OUxNTFlUdjlT?=
 =?utf-8?B?b2RNL0U3S3FscWFVb3hETUJsRXk5bU1zWDRjNnhSdmJHdnFVUTVMbGRnWXBX?=
 =?utf-8?B?UHVKNVFkWnpzYnRvV1ppNWUvaWNiR01oNUhRcmZpblVSVFZTWHEvR1o2a3Bi?=
 =?utf-8?B?Mk05eUdPSFNXUzVoa3dyek10ZmZKRitib2NVM2UwMVVCUFYydXpvOEw0R1FX?=
 =?utf-8?B?MUVzL2dkNFdvZ0RrbDhLZmJybzRRajBGbDlpSW91NFdOTmZCUEF0Y0xqdWZR?=
 =?utf-8?B?dTJMR1NuMUlFYXZLTW5vQ0lTOWlqS3FHOXpQampkRHp0OTRMaHVHZnY2WVRw?=
 =?utf-8?B?WXNQR1AzOUY1NlJiVzhRbFBQcHBORHJyUHVJeUVrOVVaTUExcjNDUW5yU1JD?=
 =?utf-8?B?QU5FbjN3SWw4bGhlejhyakdhck5mcjVkU29aN011WDRVRXdHeHJBTXY3SFlG?=
 =?utf-8?B?NmU0NlJQdkNvRFlpTEpRcHg5eEFhWTFyNWFSd2w2S2o0YjFFVmxxQlB3eWcx?=
 =?utf-8?B?bXVOK1RGV1IzLy9HWjR4Y3o5UXNJTnN6eGtlTUF2MFFBeXRiV3Z6SEtEUzdv?=
 =?utf-8?Q?ttNEIMcCfMcGTVEx/aRVPGnUA/o1aReBdVzvm5d?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 4b121b07-fc8d-42f5-9cdd-08d90b32ec5b
X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2021 17:19:19.2822
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 7inRSogZtZJj7h9jnjOZBL7HRsllTS7IsLBAPiAi8gdiEgx9hPFq/f+dDv3/pu0J0/X9pW8Uyge5yHGQte592Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4092
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 4/29/21 12:12 PM, Tom Lendacky wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3345
> 
> Enabling TPM support results in guest termination of an SEV-ES guest
> because it uses MMIO opcodes that are not currently supported.
> 
> Add support for the new MMIO opcodes (0xA0 - 0xA3), MOV instructions which
> use a memory offset directly encoded in the instruction. Also, add a DEBUG
> statement to identify an unsupported MMIO opcode being used.
> 
> Fixes: c45f678a1ea2080344e125dc55b14e4b9f98483d
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Brijesh Singh <brijesh.singh@amd.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>

Sorry, Laszlo, I forgot to include your Acked-by: on this patch.

Tom

> ---
>  OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c | 111 ++++++++++++++++++++
>  1 file changed, 111 insertions(+)
> 
> diff --git a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
> index b716541ad170..41b0c8cc5312 100644
> --- a/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
> +++ b/OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c
> @@ -680,6 +680,7 @@ MmioExit (
>    UINTN   Bytes;
>    UINT64  *Register;
>    UINT8   OpCode, SignByte;
> +  UINTN   Address;
>  
>    Bytes = 0;
>  
> @@ -729,6 +730,57 @@ MmioExit (
>      }
>      break;
>  
> +  //
> +  // MMIO write (MOV moffsetX, aX)
> +  //
> +  case 0xA2:
> +    Bytes = 1;
> +    //
> +    // fall through
> +    //
> +  case 0xA3:
> +    Bytes = ((Bytes != 0) ? Bytes :
> +             (InstructionData->DataSize == Size16Bits) ? 2 :
> +             (InstructionData->DataSize == Size32Bits) ? 4 :
> +             (InstructionData->DataSize == Size64Bits) ? 8 :
> +             0);
> +
> +    InstructionData->ImmediateSize = (UINTN) (1 << InstructionData->AddrSize);
> +    InstructionData->End += InstructionData->ImmediateSize;
> +
> +    //
> +    // This code is X64 only, so a possible 8-byte copy to a UINTN is ok.
> +    // Use a STATIC_ASSERT to be certain the code is being built as X64.
> +    //
> +    STATIC_ASSERT (
> +      sizeof (UINTN) == sizeof (UINT64),
> +      "sizeof (UINTN) != sizeof (UINT64), this file must be built as X64"
> +      );
> +
> +    Address = 0;
> +    CopyMem (
> +      &Address,
> +      InstructionData->Immediate,
> +      InstructionData->ImmediateSize
> +      );
> +
> +    Status = ValidateMmioMemory (Ghcb, Address, Bytes);
> +    if (Status != 0) {
> +      return Status;
> +    }
> +
> +    ExitInfo1 = Address;
> +    ExitInfo2 = Bytes;
> +    CopyMem (Ghcb->SharedBuffer, &Regs->Rax, Bytes);
> +
> +    Ghcb->SaveArea.SwScratch = (UINT64) Ghcb->SharedBuffer;
> +    VmgSetOffsetValid (Ghcb, GhcbSwScratch);
> +    Status = VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, ExitInfo1, ExitInfo2);
> +    if (Status != 0) {
> +      return Status;
> +    }
> +    break;
> +
>    //
>    // MMIO write (MOV reg/memX, immX)
>    //
> @@ -811,6 +863,64 @@ MmioExit (
>      CopyMem (Register, Ghcb->SharedBuffer, Bytes);
>      break;
>  
> +  //
> +  // MMIO read (MOV aX, moffsetX)
> +  //
> +  case 0xA0:
> +    Bytes = 1;
> +    //
> +    // fall through
> +    //
> +  case 0xA1:
> +    Bytes = ((Bytes != 0) ? Bytes :
> +             (InstructionData->DataSize == Size16Bits) ? 2 :
> +             (InstructionData->DataSize == Size32Bits) ? 4 :
> +             (InstructionData->DataSize == Size64Bits) ? 8 :
> +             0);
> +
> +    InstructionData->ImmediateSize = (UINTN) (1 << InstructionData->AddrSize);
> +    InstructionData->End += InstructionData->ImmediateSize;
> +
> +    //
> +    // This code is X64 only, so a possible 8-byte copy to a UINTN is ok.
> +    // Use a STATIC_ASSERT to be certain the code is being built as X64.
> +    //
> +    STATIC_ASSERT (
> +      sizeof (UINTN) == sizeof (UINT64),
> +      "sizeof (UINTN) != sizeof (UINT64), this file must be built as X64"
> +      );
> +
> +    Address = 0;
> +    CopyMem (
> +      &Address,
> +      InstructionData->Immediate,
> +      InstructionData->ImmediateSize
> +      );
> +
> +    Status = ValidateMmioMemory (Ghcb, Address, Bytes);
> +    if (Status != 0) {
> +      return Status;
> +    }
> +
> +    ExitInfo1 = Address;
> +    ExitInfo2 = Bytes;
> +
> +    Ghcb->SaveArea.SwScratch = (UINT64) Ghcb->SharedBuffer;
> +    VmgSetOffsetValid (Ghcb, GhcbSwScratch);
> +    Status = VmgExit (Ghcb, SVM_EXIT_MMIO_READ, ExitInfo1, ExitInfo2);
> +    if (Status != 0) {
> +      return Status;
> +    }
> +
> +    if (Bytes == 4) {
> +      //
> +      // Zero-extend for 32-bit operation
> +      //
> +      Regs->Rax = 0;
> +    }
> +    CopyMem (&Regs->Rax, Ghcb->SharedBuffer, Bytes);
> +    break;
> +
>    //
>    // MMIO read w/ zero-extension ((MOVZX regX, reg/memX)
>    //
> @@ -888,6 +998,7 @@ MmioExit (
>      break;
>  
>    default:
> +    DEBUG ((DEBUG_ERROR, "Invalid MMIO opcode (%x)\n", OpCode));
>      Status = GP_EXCEPTION;
>      ASSERT (FALSE);
>    }
>