From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.groups.io with SMTP id smtpd.web11.1034.1609786725405449245 for ; Mon, 04 Jan 2021 10:58:45 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=aUPb12Qh; spf=pass (domain: redhat.com, ip: 63.128.21.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1609786724; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XUIXTzIU7q6FuKMH8rbdV8G6VNaLrNrIJoQbpuVa9eU=; b=aUPb12Qh5lfR/t6MsALGneEYGxYhBfWiMnE1JskEHwV56hoEjryC26NdnR9blUzcp5LEF9 Y/SZYWWHaRF6rnA3yUf8d6bAEQKzRlIRNPbmfv4KcgvUPk9Cb8pn8EtzOBVeJQGjhmFMDL NxJ0VAZSGGbrRN6jYY0xJfQktGJ6rjc= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-306-YIio5jS6M6qt5i_I21Wvyw-1; Mon, 04 Jan 2021 13:58:40 -0500 X-MC-Unique: YIio5jS6M6qt5i_I21Wvyw-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 38D9D801817; Mon, 4 Jan 2021 18:58:39 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-80.ams2.redhat.com [10.36.113.80]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8903C1001281; Mon, 4 Jan 2021 18:58:37 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH 01/12] Ovmf/ResetVector: Simplify and consolidate the SEV features checks To: devel@edk2.groups.io, thomas.lendacky@amd.com Cc: Brijesh Singh , James Bottomley , Jordan Justen , Ard Biesheuvel References: From: "Laszlo Ersek" Message-ID: Date: Mon, 4 Jan 2021 19:58:36 +0100 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 12/15/20 21:51, Lendacky, Thomas wrote: > From: Tom Lendacky > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108 > > Simplify and consolidate the SEV and SEV-ES checks into a single routine. > This new routine will use CPUID to check for the appropriate CPUID leaves > and the required values, as well as read the non-interceptable SEV status > MSR (0xc0010131) to check SEV and SEV-ES enablement. > > Cc: Jordan Justen > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Cc: Brijesh Singh > Signed-off-by: Tom Lendacky > --- > OvmfPkg/ResetVector/Ia32/PageTables64.asm | 75 ++++++++++++++--------- > 1 file changed, 45 insertions(+), 30 deletions(-) Reviewed-by: Laszlo Ersek Thanks Laszlo > > diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > index 7c72128a84d6..4032719c3075 100644 > --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm > +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm > @@ -3,6 +3,7 @@ > ; Sets the CR3 register for 64-bit paging > ; > ; Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.
> +; Copyright (c) 2017 - 2020, Advanced Micro Devices, Inc. All rights reserved.
> ; SPDX-License-Identifier: BSD-2-Clause-Patent > ; > ;------------------------------------------------------------------------------ > @@ -62,18 +63,22 @@ BITS 32 > %define CPUID_INSN_LEN 2 > > > -; Check if Secure Encrypted Virtualization (SEV) feature is enabled > +; Check if Secure Encrypted Virtualization (SEV) features are enabled. > +; > +; Register usage is tight in this routine, so multiple calls for the > +; same CPUID and MSR data are performed to keep things simple. > ; > ; Modified: EAX, EBX, ECX, EDX, ESP > ; > ; If SEV is enabled then EAX will be at least 32. > ; If SEV is disabled then EAX will be zero. > ; > -CheckSevFeature: > +CheckSevFeatures: > ; Set the first byte of the workarea to zero to communicate to the SEC > ; phase that SEV-ES is not enabled. If SEV-ES is enabled, the CPUID > ; instruction will trigger a #VC exception where the first byte of the > - ; workarea will be set to one. > + ; workarea will be set to one or, if CPUID is not being intercepted, > + ; the MSR check below will set the first byte of the workarea to one. > mov byte[SEV_ES_WORK_AREA], 0 > > ; > @@ -97,21 +102,41 @@ CheckSevFeature: > cmp eax, 0x8000001f > jl NoSev > > - ; Check for memory encryption feature: > + ; Check for SEV memory encryption feature: > ; CPUID Fn8000_001F[EAX] - Bit 1 > ; CPUID raises a #VC exception if running as an SEV-ES guest > - mov eax, 0x8000001f > + mov eax, 0x8000001f > cpuid > bt eax, 1 > jnc NoSev > > - ; Check if memory encryption is enabled > + ; Check if SEV memory encryption is enabled > ; MSR_0xC0010131 - Bit 0 (SEV enabled) > mov ecx, 0xc0010131 > rdmsr > bt eax, 0 > jnc NoSev > > + ; Check for SEV-ES memory encryption feature: > + ; CPUID Fn8000_001F[EAX] - Bit 3 > + ; CPUID raises a #VC exception if running as an SEV-ES guest > + mov eax, 0x8000001f > + cpuid > + bt eax, 3 > + jnc GetSevEncBit > + > + ; Check if SEV-ES is enabled > + ; MSR_0xC0010131 - Bit 1 (SEV-ES enabled) > + mov ecx, 0xc0010131 > + rdmsr > + bt eax, 1 > + jnc GetSevEncBit > + > + ; Set the first byte of the workarea to one to communicate to the SEC > + ; phase that SEV-ES is enabled. > + mov byte[SEV_ES_WORK_AREA], 1 > + > +GetSevEncBit: > ; Get pte bit position to enable memory encryption > ; CPUID Fn8000_001F[EBX] - Bits 5:0 > ; > @@ -132,45 +157,35 @@ SevExit: > pop eax > mov esp, 0 > > - OneTimeCallRet CheckSevFeature > + OneTimeCallRet CheckSevFeatures > > ; Check if Secure Encrypted Virtualization - Encrypted State (SEV-ES) feature > ; is enabled. > ; > -; Modified: EAX, EBX, ECX > +; Modified: EAX > ; > ; If SEV-ES is enabled then EAX will be non-zero. > ; If SEV-ES is disabled then EAX will be zero. > ; > -CheckSevEsFeature: > +IsSevEsEnabled: > xor eax, eax > > - ; SEV-ES can't be enabled if SEV isn't, so first check the encryption > - ; mask. > - test edx, edx > - jz NoSevEs > + ; During CheckSevFeatures, the SEV_ES_WORK_AREA was set to 1 if > + ; SEV-ES is enabled. > + cmp byte[SEV_ES_WORK_AREA], 1 > + jne SevEsDisabled > > - ; Save current value of encryption mask > - mov ebx, edx > + mov eax, 1 > > - ; Check if SEV-ES is enabled > - ; MSR_0xC0010131 - Bit 1 (SEV-ES enabled) > - mov ecx, 0xc0010131 > - rdmsr > - and eax, 2 > - > - ; Restore encryption mask > - mov edx, ebx > - > -NoSevEs: > - OneTimeCallRet CheckSevEsFeature > +SevEsDisabled: > + OneTimeCallRet IsSevEsEnabled > > ; > ; Modified: EAX, EBX, ECX, EDX > ; > SetCr3ForPageTables64: > > - OneTimeCall CheckSevFeature > + OneTimeCall CheckSevFeatures > xor edx, edx > test eax, eax > jz SevNotActive > @@ -229,7 +244,7 @@ pageTableEntriesLoop: > mov [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx > loop pageTableEntriesLoop > > - OneTimeCall CheckSevEsFeature > + OneTimeCall IsSevEsEnabled > test eax, eax > jz SetCr3 > > @@ -336,8 +351,8 @@ SevEsIdtVmmComm: > ; If we're here, then we are an SEV-ES guest and this > ; was triggered by a CPUID instruction > ; > - ; Set the first byte of the workarea to one to communicate to the SEC > - ; phase that SEV-ES is enabled. > + ; Set the first byte of the workarea to one to communicate that > + ; a #VC was taken. > mov byte[SEV_ES_WORK_AREA], 1 > > pop ecx ; Error code >