From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124])
 by mx.groups.io with SMTP id smtpd.web11.51.1610040358777625287
 for <devel@edk2.groups.io>;
 Thu, 07 Jan 2021 09:25:59 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=T3WZWiuv;
 spf=pass (domain: redhat.com, ip: 63.128.21.124, mailfrom: lersek@redhat.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1610040358;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=mPxBIvxLRbwrvO6L+hOjebIhb8fmrzkI4M5YJ2i2dMo=;
	b=T3WZWiuv+NwX4g8GHFeKy2SW3WXz3HtaW0BJN3ZKf736BWjWtJ11nyil521LX3thkDR+1w
	mVt6Xxafb1yi1LAXKfN+hyczTBvV7i7It0+zen5+Bk4zDfc8h+EPrNAJnqS9rhkQB+lv7n
	Wh1oWCfN+3JhlmAJvPu5FLzVQS4AXok=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-360-nh-1iv44O9KJ98xDDirCgw-1; Thu, 07 Jan 2021 12:25:54 -0500
X-MC-Unique: nh-1iv44O9KJ98xDDirCgw-1
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 38711C73A1;
	Thu,  7 Jan 2021 17:25:52 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-164.ams2.redhat.com [10.36.112.164])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 610686062F;
	Thu,  7 Jan 2021 17:25:50 +0000 (UTC)
Subject: Re: [edk2-devel] [PATCH v2 14/15] OvmfPkg/PlatformPei: Reserve GHCB backup pages if S3 is supported
To: devel@edk2.groups.io, thomas.lendacky@amd.com
Cc: Brijesh Singh <brijesh.singh@amd.com>,
 James Bottomley <jejb@linux.ibm.com>,
 Jordan Justen <jordan.l.justen@intel.com>,
 Ard Biesheuvel <ard.biesheuvel@arm.com>,
 Anthony Perard <anthony.perard@citrix.com>, Julien Grall <julien@xen.org>
References: <cover.1609968101.git.thomas.lendacky@amd.com>
 <b0876ea5dc5e33328782728c3208a7460bf0400d.1609968101.git.thomas.lendacky@amd.com>
From: "Laszlo Ersek" <lersek@redhat.com>
Message-ID: <ef0a26c8-c22a-a505-8c40-293c6131ccc5@redhat.com>
Date: Thu, 7 Jan 2021 18:25:49 +0100
MIME-Version: 1.0
In-Reply-To: <b0876ea5dc5e33328782728c3208a7460bf0400d.1609968101.git.thomas.lendacky@amd.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 01/06/21 22:21, Lendacky, Thomas wrote:
> From: Tom Lendacky <thomas.lendacky@amd.com>
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108
> 
> Protect the GHCB backup pages used by an SEV-ES guest when S3 is
> supported.
> 
> Regarding the lifecycle of the GHCB backup pages:
>   PcdOvmfSecGhcbBackupBase
> 
> (a) when and how it is initialized after first boot of the VM
> 
>   If SEV-ES is enabled, the GHCB backup pages are initialized when a
>   nested #VC is received during the SEC phase
>   [OvmfPkg/Library/VmgExitLib/SecVmgExitVcHandler.c].
> 
> (b) how it is protected from memory allocations during DXE
> 
>   If S3 and SEV-ES are enabled, then InitializeRamRegions()
>   [OvmfPkg/PlatformPei/MemDetect.c] protects the ranges with an AcpiNVS
>   memory allocation HOB, in PEI.
> 
>   If S3 is disabled, then these ranges are not protected. PEI switches to
>   the GHCB backup pages in permanent PEI memory and DXE will use these
>   PEI GHCB backup pages, so we don't have to preserve
>   PcdOvmfSecGhcbBackupBase.
> 
> (c) how it is protected from the OS
> 
>   If S3 is enabled, then (b) reserves it from the OS too.
> 
>   If S3 is disabled, then the range needs no protection.
> 
> (d) how it is accessed on the S3 resume path
> 
>   It is rewritten same as in (a), which is fine because (b) reserved it.
> 
> (e) how it is accessed on the warm reset path
> 
>   It is rewritten same as in (a).
> 
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> Cc: Anthony Perard <anthony.perard@citrix.com>
> Cc: Julien Grall <julien@xen.org>
> Cc: Brijesh Singh <brijesh.singh@amd.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
> ---
>  OvmfPkg/PlatformPei/PlatformPei.inf | 2 ++
>  OvmfPkg/PlatformPei/MemDetect.c     | 5 +++++
>  2 files changed, 7 insertions(+)
> 

Thanks for the update,
Laszlo

> diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
> index c53be2f4925c..6ef77ba7bb21 100644
> --- a/OvmfPkg/PlatformPei/PlatformPei.inf
> +++ b/OvmfPkg/PlatformPei/PlatformPei.inf
> @@ -118,6 +118,8 @@ [FixedPcd]
>    gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType
>    gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode
>    gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
> +  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
>    gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
>    gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
>  
> diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
> index ffbbef891a11..c08aa2e45a53 100644
> --- a/OvmfPkg/PlatformPei/MemDetect.c
> +++ b/OvmfPkg/PlatformPei/MemDetect.c
> @@ -888,6 +888,11 @@ InitializeRamRegions (
>          (UINT64)(UINTN) PcdGet32 (PcdOvmfSecGhcbSize),
>          EfiACPIMemoryNVS
>          );
> +      BuildMemoryAllocationHob (
> +        (EFI_PHYSICAL_ADDRESS)(UINTN) PcdGet32 (PcdOvmfSecGhcbBackupBase),
> +        (UINT64)(UINTN) PcdGet32 (PcdOvmfSecGhcbBackupSize),
> +        EfiACPIMemoryNVS
> +        );
>      }
>  #endif
>    }
>