From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM02-BN1-obe.outbound.protection.outlook.com (NAM02-BN1-obe.outbound.protection.outlook.com [40.107.212.56])
 by mx.groups.io with SMTP id smtpd.web11.97.1649179934774971270
 for <devel@edk2.groups.io>;
 Tue, 05 Apr 2022 10:32:15 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amd.com header.s=selector1 header.b=On5SiCNv;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.212.56, mailfrom: ashish.kalra@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=lnZUsk+U0A5KQIZnp7CFErDNQtofNCsbPBWl7FfIsIucohdFM2iOTqDNX1r2kiZT66wyIBJKeA8/ia9LYT5S0WnD3aVDD2akWMBqoyS/5DNh0JSnD0uNIxncj5+0sgu0Ogvp7qiYgf6EZafxU4KeYsNuGdHM58yzJAh8OBWp/E5IU1T5Q77eHiMJFVcrvlPHmdi33fxE4ts9NSIcp5Pr98DopbyMskYW22ScCvJ6DoCerfP+SjZHe76gJEBtwjeizY3yHsdJYdY/Bs1w7YFcZquKfrhd9tYc4G3qgq3Vx1Dm50X9XPkFl7St+kljjwVH1uwKu4RRu2UBXEiwJtNqhw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=GwhI5Eaz1v/k4EQCDbaOlrODxu1AaEBeodGdSTE0cRk=;
 b=S0yivmNsEptWL0MYI/uD10GBxtTc6waVRoIaIHxbVyZ6Ge5qyMU1pln+F8xAb704zmUbV2nUZ7aZEaU6jkrb9/9uvA0YbNaEj2Z82+WG/4aZE8lcCazuN3tWDkUwLIFX2D6qMG0fSPhxhxvqv1pv49K6zQfEX6wt0G5Xi3ytfH3gINqt69Pi5KRYZPEw34uPcd6UQiUhDlayDiHueoF+pvtfeG5nNVev+6DzFI4qBSV9dQ5RWbdPBXkIdig8LN/7e+M/eUkTDdj8s8qR2iLVPdEyeBW4Ez22FQfyBiTF+0a98mcz2wxs5qDkYMn0R4ftpnEcB0ZtfAsPZBrwHKRR0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=GwhI5Eaz1v/k4EQCDbaOlrODxu1AaEBeodGdSTE0cRk=;
 b=On5SiCNv9jemSosAAgWKnNLlGVG6nArWIAY7XDdpUtd/chQk1VNvJsNjeQh5aQARGrkNcGAiB6vYVKmOqDN1DagdXKfTAWnPxAWKQz8uk+NJh07QLCTGmZlkdvlcs9QvfkYkz5GBAQBgIUQGumN7Fid0yx+bPcZxHtrn0gTaKGI=
Received: from BN6PR16CA0014.namprd16.prod.outlook.com (2603:10b6:404:f5::24)
 by MN2PR12MB4141.namprd12.prod.outlook.com (2603:10b6:208:1d5::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.31; Tue, 5 Apr
 2022 17:32:12 +0000
Received: from BN8NAM11FT067.eop-nam11.prod.protection.outlook.com
 (2603:10b6:404:f5:cafe::80) by BN6PR16CA0014.outlook.office365.com
 (2603:10b6:404:f5::24) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.31 via Frontend
 Transport; Tue, 5 Apr 2022 17:32:12 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com;
Received: from SATLEXMB04.amd.com (165.204.84.17) by
 BN8NAM11FT067.mail.protection.outlook.com (10.13.177.159) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.5144.20 via Frontend Transport; Tue, 5 Apr 2022 17:32:12 +0000
Received: from ashkalraubuntuserver.amd.com (10.180.168.240) by
 SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2375.24; Tue, 5 Apr 2022 12:32:10 -0500
From: "Ashish Kalra" <ashish.kalra@amd.com>
To: <devel@edk2.groups.io>
CC: <dovmurik@linux.vnet.ibm.com>, <brijesh.singh@amd.com>, <tobin@ibm.com>,
	<Thomas.Lendacky@amd.com>, <jejb@linux.ibm.com>, <dgilbert@redhat.com>,
	<lersek@redhat.com>, <jordan.l.justen@intel.com>, <ard.biesheuvel@arm.com>
Subject: [PATCH v8 3/6] OvmfPkg/BaseMemEncryptLib: Invoke page encryption state change hypercall
Date: Tue, 5 Apr 2022 17:32:01 +0000
Message-ID: <ea5f6d1f46c412829af1169851727b9ab5c6dce4.1649178155.git.ashish.kalra@amd.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1649178155.git.ashish.kalra@amd.com>
References: <cover.1649178155.git.ashish.kalra@amd.com>
MIME-Version: 1.0
Return-Path: Ashish.Kalra@amd.com
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: af0b4b37-f79d-425c-5bc4-08da172a37f4
X-MS-TrafficTypeDiagnostic: MN2PR12MB4141:EE_
X-Microsoft-Antispam-PRVS: 
	<MN2PR12MB4141D48696C8A6E311B9ECA88EE49@MN2PR12MB4141.namprd12.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	Ikeu5s2IQWFFl+/er9zr05fTZrU8AxPivJO9lG/aZ6XsBKMUpFACUZW+TCOQ0ydqgz5imc3Z5GFXJ8hLLu1ds7mydaNWMNGKCJqJ5tAQ0rtck1O+0qLtUYVWZBVF60p3W8OKBnpWZ5vqc8zFbxStX8kvedde+R9NwzWaX+SBPlGXDPbKooUOlEzlzVRvM8UF4YvazY34FwStC8jMkUn3pe6zje8Vw5vj7ti9yj8WZIvPC8wiWejREKig6sB1sf3XUssKWLeM7Es2w6XRufyjpAN7b8SdqaYWBzD5LfzvWBSonUaVjboZhYlTI0tHqQwYo4B2MOMGun/wkbRvyuYeYylu1VKlE4PJLD8LefbZzaJhx8KyOo256i2kwG0kFRr2tavFPh7KSXZOzAxQq22USZyjvzVRoL50j1W89wtTXxNTAHFGCkzXCW97Vvtz8fXPogbGQvavNI9r027fi1PMcmzE+fpLB10vcKyaCkbe1AJcWGQR+TMfqmvz3SDrViVEDsw6KiT/OZPq+cjFhzjrsVfyoAye8S0LDMWIG4Xra7uCUKkd8oFxJXpqnYwEcl91E+oPn3bLC6TqMi79G8QBXtghkmhxFdZUazb8LlfwH6EsvjxjZQb4aqOrnXQN0JcnhNa3NaLPHBQXOoLrMtsJtSWNmWPVgD+DYL8oSbUzQYDB7zdmu/6tpgwywri5rsRf6Mus+1W2Vne17We8fBmLlg==
X-Forefront-Antispam-Report: 
	CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(40470700004)(46966006)(36840700001)(83380400001)(16526019)(54906003)(508600001)(36756003)(36860700001)(6916009)(356005)(7696005)(26005)(40460700003)(2616005)(19627235002)(426003)(336012)(316002)(186003)(5660300002)(2906002)(82310400005)(86362001)(4326008)(70206006)(70586007)(81166007)(47076005)(6666004)(8676002)(8936002)(36900700001);DIR:OUT;SFP:1101;
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Apr 2022 17:32:12.0391
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: af0b4b37-f79d-425c-5bc4-08da172a37f4
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	BN8NAM11FT067.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4141
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

From: Ashish Kalra <ashish.kalra@amd.com>

Invoke the hypercall API to notify hypervisor when the page's
encryption state changes.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Ashish Kalra <ashish.kalra@amd.com>
---
 .../X64/PeiDxeVirtualMemory.c                    | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c=
 b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
index b9c0a5b25a..b8478dd948 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
@@ -701,6 +701,7 @@ SetMemoryEncDec (
   UINT64                          PgTableMask;=0D
   UINT64                          AddressEncMask;=0D
   BOOLEAN                         IsWpEnabled;=0D
+  BOOLEAN                         CBitChanged;=0D
   UINTN                           OrigLength;=0D
   RETURN_STATUS                   Status;=0D
 =0D
@@ -769,6 +770,7 @@ SetMemoryEncDec (
   // Save the specified length and physical address (we need it later).=0D
   //=0D
   OrigLength          =3D Length;=0D
+  CBitChanged         =3D FALSE;=0D
   OrigPhysicalAddress =3D PhysicalAddress;=0D
 =0D
   while (Length !=3D 0) {=0D
@@ -829,6 +831,7 @@ SetMemoryEncDec (
           ));=0D
         PhysicalAddress +=3D BIT30;=0D
         Length          -=3D BIT30;=0D
+        CBitChanged      =3D TRUE;=0D
       } else {=0D
         //=0D
         // We must split the page=0D
@@ -884,6 +887,7 @@ SetMemoryEncDec (
           SetOrClearCBit (&PageDirectory2MEntry->Uint64, Mode);=0D
           PhysicalAddress +=3D BIT21;=0D
           Length          -=3D BIT21;=0D
+          CBitChanged      =3D TRUE;=0D
         } else {=0D
           //=0D
           // We must split up this page into 4K pages=0D
@@ -927,6 +931,7 @@ SetMemoryEncDec (
         SetOrClearCBit (&PageTableEntry->Uint64, Mode);=0D
         PhysicalAddress +=3D EFI_PAGE_SIZE;=0D
         Length          -=3D EFI_PAGE_SIZE;=0D
+        CBitChanged      =3D TRUE;=0D
       }=0D
     }=0D
   }=0D
@@ -959,6 +964,17 @@ SetMemoryEncDec (
       );=0D
   }=0D
 =0D
+  //=0D
+  // Notify Hypervisor on C-bit status=0D
+  //=0D
+  if (CBitChanged) {=0D
+    Status =3D SetMemoryEncDecHypercall3 (=0D
+               OrigPhysicalAddress,=0D
+               EFI_SIZE_TO_PAGES (OrigLength),=0D
+               (Mode =3D=3D SetCBit) ? TRUE : FALSE=0D
+               );=0D
+  }=0D
+=0D
 Done:=0D
   //=0D
   // Restore page table write protection, if any.=0D
--=20
2.25.1