From nobody Fri May 10 13:35:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97702+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 167165779175840.72018175412552; Wed, 21 Dec 2022 13:23:11 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ZbODYY1788612xpgz9Qc8IaK; Wed, 21 Dec 2022 13:23:11 -0800 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.75]) by mx.groups.io with SMTP id smtpd.web10.22539.1671638864871917866 for ; Wed, 21 Dec 2022 08:07:45 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kJo1norBbJaTEIgCDY+bly01Q4UCXBHYbAZRKHbdfWb0vdmwmFpYj5+uY2JcALNt26rHSmKOU8tPv6h6ZuzIvD8RYtcKtmdrCevGMJZYWh3f+LU/QZakNGzJEyyp9TrJHAj9z/qS52L2z9czMSgGLtrFJ7c291GYwTsR85jUc0QW/aXWZNErFdZCxb+YzqLvozIvxmuTY1nlA7tL6FwxstF285hStBBYb5/GGjVgLX3MvN5DDLnBEAlVQQZwp/b5SFOrWM5ydGhjQZf0c3v/zZf/TcXs1V3522z9h+1MTSdriEJcgJhRkaO69xCslfTUdEpdzSzkyJCRFwMAVaJy4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=f59gmXconZyZ9v923Eu9Ly+ke1bCER+fRmCbUMqoSj8=; b=UmahguErSSKnQIlbR7jciNZew5zP0WrMrx9o7PY33T597Egmt8KHlvmEj8XhuYAvHYgTamGdLxuhUs6zOezvWhW1yM7sw/pL1gTRHBqJ/6eIvw9GcJ7EZ510DP1C6wgUtF4sJCC5dHcwRV8GIL2sUzQV2uQ5P4mzlmeQxMk7U5REpPeZ+0mtco5ohduxKUYrAv98asXfpwN5cVJVo3kOts7+wNU+oTTCkiNYp9BRn+WIqEkHGc773VohXpbGAyTjEWcwUAKQf4CJNHTHVOV6GoXrL3oN+TzVAx0S83YfmRNBUiyb78OpMR8IUfrjkPHthL5tZ7/LE9/8dySwmprhUA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN9P220CA0024.NAMP220.PROD.OUTLOOK.COM (2603:10b6:408:13e::29) by SJ0PR12MB6853.namprd12.prod.outlook.com (2603:10b6:a03:47b::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 16:07:43 +0000 X-Received: from BN8NAM11FT078.eop-nam11.prod.protection.outlook.com (2603:10b6:408:13e:cafe::76) by BN9P220CA0024.outlook.office365.com (2603:10b6:408:13e::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 16:07:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97702+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT078.mail.protection.outlook.com (10.13.176.251) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 16:07:42 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 10:07:39 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , , Dov Murik Subject: [edk2-devel] [PATCH 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory Date: Wed, 21 Dec 2022 10:06:48 -0600 Message-ID: <20221221160651.182143-2-michael.roth@amd.com> In-Reply-To: <20221221160651.182143-1-michael.roth@amd.com> References: <20221221160651.182143-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT078:EE_|SJ0PR12MB6853:EE_ X-MS-Office365-Filtering-Correlation-Id: adfa5bb6-a608-4ebd-d40b-08dae36d7df1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: 2gwdE2dmSleW10nDkdvz/S7hOo7Vg2y1PuUOGtZ5SXPxMGO/gsMqthGx+GOKRdBDKOWxywmi+sPlEzF4tuiA/nWu9eiWOoXqofEz4yb4JpxD6Gr9+wwWorWzLMpT0JTHzp1TN4mGkThJb5Eo3IMd77BPtx8g3xqfh3lnUcu+jf32JKOTxQLmK8Q7B69ZfL9hxeimShJU3CafQG8l7M5KO4jebsW/WQKmE2/t+DiPolzyaKkJ2dvcLYjir/WkDo8nWxdeLR1fCWZ19FI2Ud+AH6YA4LsbWy2+Ts/0PyeXsRDhsGe5AF4PazayBCSQPkdRHgVZvD6TeX6ZaDsThKFAzzjorB5Bi6RqAWtPOUWzyeQlTlZ5zZzC6OWKEvoTenTsuyEFGq+NyTO0SivarSh4md9jOaaOctGFpix4fx/E7lx2vhAkVDl0SwGYS5HzwXKrVgStBtOEaAFkDwgf8snh8PqKUbKnKprBsjc02gDPLE9JjjuS3bnWBS/hO9rBZAuIJ6JJ470wqwQUzeJp3oSI2kFyfNIIyCEuCH9v2UiDYDj3zNkSgRfDc9DYTFlGsLVOHr4pQ1rGQXnHFbTfiXzOoT4C8vWJefXocpCHSFKQ7ygODqre75zfVBKCZdwXe6pPaMBfg6/tvOlCJR4hWi3nSOsekWm8shaebFFMwnAWJHhzjf0OarZT2x+lAzsg9qb0vqbmNqtJqcfgJya8lRw0c5FhtdIixHvRnRqn1xiBVkxMqgd8VW+KeYpvOmqBAk3bW7+YWVDEkrsnLq1STlF15g== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 16:07:42.9818 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: adfa5bb6-a608-4ebd-d40b-08dae36d7df1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT078.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6853 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: eyHUOZsWaqkvsb6eLvMWol1ax1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657791; bh=aF0dIhGO9ku4m964PADr/PZIGD6Fgx2m+VTsY46julQ=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=vBuzP8aUOEhplejC7w+GRppMCzjUuxttrHeFjSZHO9KvcvlS6/Ry766vmd08BiEt8Tn Yq42Tl4aL1towQ3ZQfL1Q9ITVahPPPWxgvovTbaDG4M0CMrYKoJwbplhUkY/R5kFw660e A0IuCoAJuD3lVqn6YSCPmUvoJHYkmFA8yxM= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657793645100040 Content-Type: text/plain; charset="utf-8" The SEV-SNP Confidential Computing blob contains metadata that should remain accessible for the life of the guest. Allocate it as EfiACPIReclaimMemory to ensure the memory isn't overwritten by the guest operating system later. Reported-by: Dov Murik Suggested-by: Dov Murik Signed-off-by: Michael Roth Reviewed-by: Dov Murik Reviewed-by: Tom Lendacky --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 62 +++++++++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 14 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 662d3c4ccb..8dfda961d7 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -21,15 +21,36 @@ #include #include =20 -STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable =3D { - SIGNATURE_32 ('A', 'M', 'D', 'E'), - 1, - 0, - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase), - FixedPcdGet32 (PcdOvmfSnpSecretsSize), - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase), - FixedPcdGet32 (PcdOvmfCpuidSize), -}; +STATIC +EFI_STATUS +AllocateConfidentialComputingBlob ( + OUT CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION **CcBlobPtr + ) +{ + EFI_STATUS Status; + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *CcBlob; + + Status =3D gBS->AllocatePool ( + EfiACPIReclaimMemory, + sizeof (CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION), + (VOID **)&CcBlob + ); + if (EFI_ERROR (Status)) { + return Status; + } + + CcBlob->Header =3D SIGNATURE_32 ('A', 'M', 'D', 'E'); + CcBlob->Version =3D 1; + CcBlob->Reserved1 =3D 0; + CcBlob->SecretsPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= SnpSecretsBase); + CcBlob->SecretsSize =3D FixedPcdGet32 (PcdOvmfSnpSecretsSize); + CcBlob->CpuidPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= CpuidBase); + CcBlob->CpuidLSize =3D FixedPcdGet32 (PcdOvmfCpuidSize); + + *CcBlobPtr =3D CcBlob; + + return EFI_SUCCESS; +} =20 EFI_STATUS EFIAPI @@ -38,10 +59,11 @@ AmdSevDxeEntryPoint ( IN EFI_SYSTEM_TABLE *SystemTable ) { - EFI_STATUS Status; - EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; - UINTN NumEntries; - UINTN Index; + EFI_STATUS Status; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; + UINTN NumEntries; + UINTN Index; + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable; =20 // // Do nothing when SEV is not enabled @@ -147,6 +169,18 @@ AmdSevDxeEntryPoint ( } } =20 + Status =3D AllocateConfidentialComputingBlob (&SnpBootDxeTable); + if (EFI_ERROR (Status)) { + DEBUG (( + DEBUG_ERROR, + "%a: AllocateConfidentialComputingBlob(): %r\n", + __FUNCTION__, + Status + )); + ASSERT (FALSE); + CpuDeadLoop (); + } + // // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_S= EV_SNP_BLOB. // It contains the location for both the Secrets and CPUID page. @@ -154,7 +188,7 @@ AmdSevDxeEntryPoint ( if (MemEncryptSevSnpIsEnabled ()) { return gBS->InstallConfigurationTable ( &gConfidentialComputingSevSnpBlobGuid, - &mSnpBootDxeTable + SnpBootDxeTable ); } =20 --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97702): https://edk2.groups.io/g/devel/message/97702 Mute This Topic: https://groups.io/mt/95815540/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 10 13:35:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97703+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657791374553.3287166630679; Wed, 21 Dec 2022 13:23:11 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id mUodYY1788612xLdYbCbaC0T; Wed, 21 Dec 2022 13:23:11 -0800 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.66]) by mx.groups.io with SMTP id smtpd.web10.22549.1671638885468248573 for ; Wed, 21 Dec 2022 08:08:05 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a3fYvf+Werwp+YiZr1kHvkbvS1ySdL/wRxypRMJ/nMLImk4M0yUc1yc7aiQVpv31NOxL4qd/8Y0Rrj6EoGCrzBGQN5qiOv34YmtlG8noSZI5Mluh3R279pLtOMd+rgL5tD8CPnhtDXCQ8w2e/cyZ6qDSRxKZvuSM/0T7s5T+knPojpBtMK/slx6J2N4+4DY+PmnUyo060paDq4HSQdg0Z73xUDQEvNdRqGAXzJWKmeMV7hE/APxyR0+uo1p2N2iSEmaDjhvQ7uR5jSYWwWE/W0uOOtSE1CDdDz8gECRaHT5Iy2pFYSUwCq7dR0Nxz2/Gtn1ve17rBbdSM/UR7mcw1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U63SGPSImLMJDtkC0CbJ65JA2Vnn2FLvIgfYeXK+br4=; b=L0TDfrZkByPBj80a/8w0Fn4NP2RIfgNrsbOgawBrCCIh5UtIrNgNv2aXo7p38BUcQY1N0lsO1vhutsuATqtxymk2A9qrHzrhPs0FJg2KbtXBDGeCzLYgRJG2n8vdKZBS5GrIDRR/P/3AFQZtUFaLy4D+2SzxLzla8GXBRoqCXaWAxUkaNtYIAYCUmpoFssW9/uC/NCLKbodD1pEYYpCgFIaCKwQRKN2X/Ag6xwHCqCaCpD1+qdvRFa3jPOI97bNOlxYMx/kQA+WWjCgFgfznOOHzDiQ1nAfZjCLmysUMESEfsmUpwTwuyN0jnFo82Vu/T09hMVpY6bfx0BHb2jy3Ug== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN9PR03CA0860.namprd03.prod.outlook.com (2603:10b6:408:13d::25) by SA1PR12MB7293.namprd12.prod.outlook.com (2603:10b6:806:2b9::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 16:08:01 +0000 X-Received: from BN8NAM11FT049.eop-nam11.prod.protection.outlook.com (2603:10b6:408:13d:cafe::ac) by BN9PR03CA0860.outlook.office365.com (2603:10b6:408:13d::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 16:08:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97703+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT049.mail.protection.outlook.com (10.13.177.157) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 16:08:01 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 10:08:00 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , Subject: [edk2-devel] [PATCH 2/4] OvmfPkg/AmdSevDxe: Update ConfidentialComputing blob struct definition Date: Wed, 21 Dec 2022 10:06:49 -0600 Message-ID: <20221221160651.182143-3-michael.roth@amd.com> In-Reply-To: <20221221160651.182143-1-michael.roth@amd.com> References: <20221221160651.182143-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT049:EE_|SA1PR12MB7293:EE_ X-MS-Office365-Filtering-Correlation-Id: d5285c85-7242-464d-ddd0-08dae36d88dd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: xW/Gm0/23RR7NtbGKCBKMBYgQ9cczDakEwebPHjQTpXVBfLcRnrEK1Za/4z6Kn16wIRqPXooz/1yxZNDrClab4d9U74NYUOD9Jlqeloj1YJEdaTvmgT+JLAzJO/WEGGzeeILqwQjv0r4ibxGQvyVJSJFPAFsTEJ9stU04rgStP2W/LsP1zBHLT8fAYvEBfq41ULJvwqQn/Q0KAs8TsMNacLgKyfv7CwoHLj6HU6lgMCsD187GKe087uVYi20XCaBa6jcN6ecNs9QkC/rif/2upqoQlaWtDdRzvxn9+kk43sRpQlcYWnEUeRmza9vy3GwJYy5WHUljW0rMe6oWq+rXgBPqkAuVASCob5TNnCIWEoOR6l2Gzk9aERqZPAe9Y4AAmQdNJcdyADO6aMFqQFpBQtNWylIiYg2J3Upf33ybuTmtwDvEru4do83QuDz6eN6hkrKXKGXkXrMpjM8NEwwc2vFC5qfS+8lMX0/1H80wNtWMz9p45K/9Av40O3xs+DT6GwRP+DjGPnIubsjzhQPOBUs9PFfkasNaxQIK/kY1k2pcGnPyUuvlQn0C7mgWoRAqPb7WwKvmxeN1n7RLmyUvVo8njWOt8QpW13WsTc/vnTm20Y5l9MhFWn0bIMbtQ18hQ3Pu4izdWTJJObNKY/yFW23l0jcgeXwxBX0iihSv5OoHRzMoLxgASK9TivXj998nMWNvIBWo0Ds/YQi8wn+GoQdylCPMyb0Fjm/40ogP+0= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 16:08:01.3216 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d5285c85-7242-464d-ddd0-08dae36d88dd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT049.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7293 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: QX8bksunW64wIB3UIQlWdZDPx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657791; bh=bvn1ajHlFiXYc8AtZI0aVJPyzYZTPwOup1vX/a6Zpsw=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=QmH5zhHGUtoYW5axD4l/3iNa+q3PvE9HRF2MWrRIjmnNOucMCsDn99QCx5JFvG3XzQM MwgFzGzqElXiW0eTuk/k9DTbw60shFEP4Pt1REWtpBPJr+8HcWAowpA9SDpZ24Kp9Gl0b c/u54IdCY2vWCNhJd/2/A/f5C1EMPM0zPhw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657791595100017 Content-Type: text/plain; charset="utf-8" The Confidential Computing blob defined here is intended to match the definition defined by linux guest kernel. Previously, both definitions relied on natural alignment, but that relies on both OVMF and kernel being compiled as 64-bit. While there aren't currently any plans to enable SNP support for 32-bit compilations, the kernel definition has since been updated to use explicit padding/reserved fields to avoid this dependency. Update OVMF to match that definition. While at it, also fix up the Reserved fields to match the numbering used in the kernel. No functional changes (for currently-supported environments, at least). Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth Acked-by: Jiewen Yao --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 4 +++- OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 8dfda961d7..00bb6e5d96 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -41,11 +41,13 @@ AllocateConfidentialComputingBlob ( =20 CcBlob->Header =3D SIGNATURE_32 ('A', 'M', 'D', 'E'); CcBlob->Version =3D 1; - CcBlob->Reserved1 =3D 0; + CcBlob->Reserved =3D 0; CcBlob->SecretsPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= SnpSecretsBase); CcBlob->SecretsSize =3D FixedPcdGet32 (PcdOvmfSnpSecretsSize); + CcBlob->Reserved1 =3D 0; CcBlob->CpuidPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= CpuidBase); CcBlob->CpuidLSize =3D FixedPcdGet32 (PcdOvmfCpuidSize); + CcBlob->Reserved2 =3D 0; =20 *CcBlobPtr =3D CcBlob; =20 diff --git a/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h b/OvmfP= kg/Include/Guid/ConfidentialComputingSevSnpBlob.h index b328310fd0..83620e31b8 100644 --- a/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h +++ b/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h @@ -18,14 +18,16 @@ { 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42 }, \ } =20 -typedef struct { +typedef PACKED struct { UINT32 Header; UINT16 Version; - UINT16 Reserved1; + UINT16 Reserved; UINT64 SecretsPhysicalAddress; UINT32 SecretsSize; + UINT32 Reserved1; UINT64 CpuidPhysicalAddress; UINT32 CpuidLSize; + UINT32 Reserved2; } CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION; =20 extern EFI_GUID gConfidentialComputingSevSnpBlobGuid; --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97703): https://edk2.groups.io/g/devel/message/97703 Mute This Topic: https://groups.io/mt/95815541/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 10 13:35:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97704+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657792496735.0847459249859; Wed, 21 Dec 2022 13:23:12 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id EBUwYY1788612xKe6950dPZJ; Wed, 21 Dec 2022 13:23:12 -0800 X-Received: from NAM04-BN8-obe.outbound.protection.outlook.com (NAM04-BN8-obe.outbound.protection.outlook.com [40.107.100.43]) by mx.groups.io with SMTP id smtpd.web11.22408.1671638904699381407 for ; Wed, 21 Dec 2022 08:08:25 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CYctNDyb+5LTScQo2eEG8b+pWP51Nw9dZSWKjwGye+gfM7YaZ659kM9YsA+v8Fg7Dp0RqZJ81jnQBDL8gQtLawMYPydpEyK38U6RTYrrrdVnuIb49dlq+TnWlAGQjdoKnmb2tIilsfZkdAu8xfxSrx7VzcuiYNX4lUUWwDR8avLTktgZqFGYZ+V75mZlNUHgIxnCWKn18jj10/cAw21yfQG5cXp+JfFwmFiiKTy39dmZgFvas7UNLxSRnSAl2uLg71bSNtdYJUKBIxaY8Uzjs4B+EABZoaqLqElfk7Tr2Q3Pc4r8RK1H5sHKen4plO/4X4HHg4gl3sNPGKBlVT3BHg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H6JWd5zEIETIlw8VR7qHAb4xjeLaZ+e2M1yHtU9t1iA=; b=njFc96opZMI+8QEhKJJJkNNYL5NniHwlMVPGwDC81A0v6jNqPyvaYvGv5JWomq5jZowy3Uk80bZRi7Til52s6iiErT80vrG7a8HsdcnpVAH/XTgKzgoXLLR810MpOAZYGIvUy2nrz+lveuUOkIVAKxlggAOirhNfJqdZOwY2JTPW9NityBA+OSrdpHAoTnTFQAOO+VSBPWkWXFPDzravZqkytSCaVq6ZxHz8Fde2lfkpJdD1McXip3pHZO8HYs5e2JugBtZa1722UAr+vXvRSDtwxQfBgz3YiU/0dlmB/odIONE4veCocZiWYdcxurqvK7cSvb5IUA3IkEaX7rTLpA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN8PR12CA0011.namprd12.prod.outlook.com (2603:10b6:408:60::24) by PH7PR12MB6737.namprd12.prod.outlook.com (2603:10b6:510:1a8::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 16:08:22 +0000 X-Received: from BN8NAM11FT089.eop-nam11.prod.protection.outlook.com (2603:10b6:408:60:cafe::e5) by BN8PR12CA0011.outlook.office365.com (2603:10b6:408:60::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 16:08:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97704+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT089.mail.protection.outlook.com (10.13.176.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 16:08:22 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 10:08:21 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , , "Pavan Kumar Paluri" Subject: [edk2-devel] [PATCH 3/4] OvmfPkg/CcExitLib: Fix SEV-SNP XSave area size calculation Date: Wed, 21 Dec 2022 10:06:50 -0600 Message-ID: <20221221160651.182143-4-michael.roth@amd.com> In-Reply-To: <20221221160651.182143-1-michael.roth@amd.com> References: <20221221160651.182143-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT089:EE_|PH7PR12MB6737:EE_ X-MS-Office365-Filtering-Correlation-Id: 629136bb-18a0-4dbb-e98e-08dae36d9578 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: bZlx2aEpZIB1Gb/5+He9/o4YpIlbA/41EvmWAqTZ80TorGJbyCHD9EjVoiVy7zpcI5KC+cjTDykl/GWgAnsuMYURKAl+Ap2if0iOAPn4MXGlESVa5sjRNPLGecbcETFmGmht7bT4pGcWZIQ0RTpFT1y+HTkVfj7U3qoUcUiegVHrQIevos5Uncp36GGgYOdFbVVFXN3tCcbOqABdCKwC+0t4BzqOx8e6bCcPeF493T/JA23G0AJSYixsUg0wUaz/bemjkReq01m+X7jbMWsqvQPzZz3Tqs6vPlqtngeBxz1wKPkssjIeYgYBPgoWckZhGY7AEPVWZ/L0+OsTMZTakg8HQZGiFniL/4L+VLABCChv6UgnZ2DD73LEq04kte7gsIsOpKlmINl24tFT56bmJywqL7Gl5GDsbXD4AsBo1EwsH8YK/n79aX+AfbwH+f6tBkGrTnNDHbPVvCYcfJtloIZGB5nhJaIJmTGF8JT77yl79jJKWficWfFV77lakrsbWmBuh6mFD7eVHVoVbJLI4aeUsY6OXGAnEtvonwsq+qCTivNVT2ZGJ+FBdwyDeWU5hCX/OaVa9pYfRhy0v4KPyTo8wXEfSkX9/hew+P5zdS2N0QF0N6bnTKa8j4ixuHNQGcYZitCGHtlpxQvgv+th4WULUB7hYYD4gXnQiNaTdBhUFVIXXqmGVcAfsEXiV5dxwGXyL9KzCji7gEiQz/yCRsoGJR9h5sn7QTgkiKr/cdU= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 16:08:22.4547 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 629136bb-18a0-4dbb-e98e-08dae36d9578 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT089.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6737 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: hKrYglIS0a1Wp1kiFyr5PUzmx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657792; bh=V2RpRn0DAdXT8X1WskD0WmjrRr9L9yevA3iGhjKp+2c=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=l3sL5BqGYHikmjFE9kTUGAZ1qE1KC3E1vvEpsHENA9nMP7mB4zBhkq8cUsq4qAhz39U Ug0+hDcvzVRiDnsFjTEQrd0G8+4P2tyxpqTFGrHWJTzxVNyaJwy0kTxw5mL809UssWdRa EJvKZ65l07sHjc3PWapTrjY+2QpFPC4+MgU= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657793636100034 Content-Type: text/plain; charset="utf-8" CPUID leaf 0xD sub-leafs 0x0 and 0x1 contain cumulative sizes for the enabled XSave areas. Those sizes are calculated by tallying up all the other sub-leafs that contain per-area size information for XSave areas that are currently enabled in XCr0/XSS. The current check has the logic inverted. Fix that. This doesn't seem to cause problems currently, but could in the future if OVMF made more extensive use of XSave areas. It was noticed while implementing SNP-related tests for KVM Unit Tests, which re-uses the OVMF #VC handler in some cases. Reported-by: Pavan Kumar Paluri Cc: Pavan Kumar Paluri Signed-off-by: Michael Roth Acked-by: Jiewen Yao Reviewed-by: Tom Lendacky --- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/= CcExitLib/CcExitVcHandler.c index 985e547977..cd117d5a31 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -1678,9 +1678,7 @@ GetCpuidXSaveSize ( for (Idx =3D 0; Idx < CpuidInfo->Count; Idx++) { SEV_SNP_CPUID_FUNCTION *CpuidFn =3D &CpuidInfo->function[Idx]; =20 - if (!((CpuidFn->EaxIn =3D=3D 0xD) && - ((CpuidFn->EcxIn =3D=3D 0) || (CpuidFn->EcxIn =3D=3D 1)))) - { + if (!((CpuidFn->EaxIn =3D=3D 0xD) && (CpuidFn->EcxIn > 1))) { continue; } =20 --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97704): https://edk2.groups.io/g/devel/message/97704 Mute This Topic: https://groups.io/mt/95815542/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 10 13:35:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97705+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657793230467.1770004572239; Wed, 21 Dec 2022 13:23:13 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id co4eYY1788612xKZOsANosCi; Wed, 21 Dec 2022 13:23:12 -0800 X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.56]) by mx.groups.io with SMTP id smtpd.web11.22419.1671638927163955884 for ; Wed, 21 Dec 2022 08:08:47 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ipApf3uZstrnFxSjCycGlbFCrD26D9lVEtrIcKbU603uU7yzivLNVdzqu9hCVUwqITuVKq45axHB8ufN0i3Q8a+kNUtcLaPK/+eJ3jah/C1Fq0U45n2R/iAbc4sgOSSVFzp/irz/PjUOKmbFScZwY5oHzrNYoS3tSqFGm0PuupeHrbsXuZsXI+SuB47nyNJ+xS3PnFqTysOcGcJw5C7hr7jECHMU6sA95RZaaXbI5qWbe7dZ8ypIKP8i7wpiqg4Cmmn0gm86oW2TzFQOxtn+fwQZg8IJMHErvnNM8RZz1F5aj6wBI3PJjSxHPZm2AA7c4O07np/CVEf19INsQ7vFTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zfLZ1JJvwUGX30osJb4HaE3fh7416kByisWk4zm1Tos=; b=fTW8UR2Wq5B7VdQrVp4PiMq7s27b/VeoFUzoa3OSXnqBP3zqQDA7fAWXZYv3pUBhuT1EBb2zEJJZuJY0LqWk/vgzZ/baDE8Rj8y060ExsI+bQkfqN1o2m5ltrXcIBifvpEghd1lkIY0bx1BTqvDrajHMtFWPuxZYqBNHBmrOVbl+nvwBLU9T2cr2wPd406NZ2h3sgfhY5zjfG3yZAM3KsvuhFrgw4EeE9MdRFoMGmOMr1latG7LNI8g25Tf5LWJatfWW66HkZvvkULTLwvqtOoLY80AAebIU9Yl72/y2sgTRXOvYbi2CC0ZFbf4GxcdnbDtu1LglgvAWvYEyuf2M/g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN9PR03CA0233.namprd03.prod.outlook.com (2603:10b6:408:f8::28) by CY5PR12MB6550.namprd12.prod.outlook.com (2603:10b6:930:42::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 16:08:44 +0000 X-Received: from BN8NAM11FT007.eop-nam11.prod.protection.outlook.com (2603:10b6:408:f8:cafe::2b) by BN9PR03CA0233.outlook.office365.com (2603:10b6:408:f8::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 16:08:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97705+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT007.mail.protection.outlook.com (10.13.177.109) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.6 via Frontend Transport; Wed, 21 Dec 2022 16:08:44 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 10:08:42 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , Subject: [edk2-devel] [PATCH 4/4] OvmfPkg/CcExitLib: Use documented XSave area base size for SEV-SNP Date: Wed, 21 Dec 2022 10:06:51 -0600 Message-ID: <20221221160651.182143-5-michael.roth@amd.com> In-Reply-To: <20221221160651.182143-1-michael.roth@amd.com> References: <20221221160651.182143-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT007:EE_|CY5PR12MB6550:EE_ X-MS-Office365-Filtering-Correlation-Id: f4f3475e-75f5-4baf-a5b5-08dae36da2b8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: qed7C4ndM4aTEgp+NdFgjohyMqmod/iNMN3WLLc20eR9Xii7++MFxvH49yblBzBTvyOYVNjdaNCdoj+GPEOtfLzVdkozDdUdLvQNRLUgAPSL8tfmdNm63u2KcOj+IzDJ2Xuzg2T8UTi1adZ6YWLFD70bfMJMSaubYCnaWrC8K/BHmdUJkvX3uPUfTxEzsDq34/8fU51sNLf9BUtp6GqggcPsV+7IUog6PC+8Pw7vYSNqIGy0B5mHUBKhHHJB2y39vcMM0PQGngHHBNTb3NvcAz6GzH1Zad3eTdnOPZB7aDYnDYKJ6h+96ilhFHG87O9fqo0CytpS9KJGN0DKJ5NqTk/c/Q4fSrXAYkCIC6M8E5eYgoxPgPo2NeiSGIid9CZAzsWrR9yFzTbtGGbYPd7SpLpeGbiDadtrSLq2HkC2ZT9Tz+Gx3uerr2fhUJhPFQhDNSigu9fg9OskFb6v+tkLkrilmsjgvdWWkV4g5ao6v3hb3Wc1sBsG/rqid4tVrzCczqJUQ9KK4j+pSXrRWFqc8RF9j8DmAzMd87Hu417XPew/i2CcGqsz3nC29qJwTqmz1bKpeKKzK76qWaEHFArVSBqnUyKaHVgtJ9TMVsaMp4IPFw+PE1rD/LctI1jO+TsovavqT2VA9zG4PJ76+YII5OvbdVAAsj2rDXImwGA1RdpxNSZiI0BM6wulevJRH7fAyzYz9wanRSG8Yr8U+bGQDOuEvM8k5TmCT+93AULPZoE= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 16:08:44.6828 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f4f3475e-75f5-4baf-a5b5-08dae36da2b8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT007.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6550 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: N2vz86jIgOgvKDysRfnEtJUCx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657792; bh=Y6MIdqBoMVk9n4sSeurXL03yUrnKdPCvXGb3pI/HSYA=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=T6JoahDoB+U2EkVP17Ug+ka6sgjGrluqhq8h6x1voJn3TkKPBgXsYn8EecOkWoV3EXR 6Lh1jZRbtMIRBbUV7ZArOtgME77bSsK6tKU61J5+TrK7jHOpE72luTTm8MZ2jeORiLRan GWFnzhnJp74gknGE3rW8sAAzht2x8QmAK/s= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657793636100035 Content-Type: text/plain; charset="utf-8" Currently OVMF tries to rely on the base size advertised via the CPUID table entries corresponding to leaf 0xD, sub-leafs 0x0/0x1. This will generally work for KVM guests, but might not for other SEV-SNP hypervisor implementations. Make the handling more robust by simply using the base area size documented by the APM. Signed-off-by: Michael Roth Acked-by: Jiewen Yao Reviewed-by: Tom Lendacky --- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/= CcExitLib/CcExitVcHandler.c index cd117d5a31..f985dcff8d 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -1647,8 +1647,6 @@ SnpEnabled ( =20 @param[in] XFeaturesEnabled Bit-mask of enabled XSAVE features/are= as as indicated by XCR0/MSR_IA32_XSS bits - @param[in] XSaveBaseSize Base/legacy XSAVE area size (e.g. when - XCR0 is 1) @param[in, out] XSaveSize Pointer to storage for calculated XSAV= E area size @param[in] Compacted Whether or not the calculation is for = the @@ -1663,7 +1661,6 @@ STATIC BOOLEAN GetCpuidXSaveSize ( IN UINT64 XFeaturesEnabled, - IN UINT32 XSaveBaseSize, IN OUT UINT32 *XSaveSize, IN BOOLEAN Compacted ) @@ -1672,7 +1669,10 @@ GetCpuidXSaveSize ( UINT64 XFeaturesFound =3D 0; UINT32 Idx; =20 - *XSaveSize =3D XSaveBaseSize; + // + // The base/legacy XSave size is documented to be 0x240 in the APM. + // + *XSaveSize =3D 0x240; CpuidInfo =3D (SEV_SNP_CPUID_INFO *)(UINT64)PcdGet32 (PcdOvmfCpuidBase); =20 for (Idx =3D 0; Idx < CpuidInfo->Count; Idx++) { @@ -1888,7 +1888,6 @@ GetCpuidFw ( =20 if (!GetCpuidXSaveSize ( XCr0 | XssMsr.Uint64, - *Ebx, &XSaveSize, Compacted )) --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97705): https://edk2.groups.io/g/devel/message/97705 Mute This Topic: https://groups.io/mt/95815543/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-