From nobody Sat May 11 23:38:20 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+103597+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1682454846919463.9361351998658; Tue, 25 Apr 2023 13:34:06 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id bPNrYY1788612x9zCLmSA54L; Tue, 25 Apr 2023 13:34:06 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.73]) by mx.groups.io with SMTP id smtpd.web11.91240.1682454846056783578 for ; Tue, 25 Apr 2023 13:34:06 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aui5WvcCUdKKfCnbMq/eMrJDa2Sw90i6tZ16XhPSCDsfyq77WIDiNXeWP806DgETr7lucnLvDYQBCo+ikVnck+UQvcsbdYQ1mDfbnWZMMTkCC1uhCmrJV/w4s9VhlWH82Jm7B6ktXPRK6mDQYKxy+CrdtAHxgM5cSqjsPwkoIf99SxWEiB+uPbQY2NMMMWElyzJPdh8/jQAmHt+V4j3HTFjQ5De9gGp7kpkXa94EX1JGIdDFmxP0W1v5ciBNeAMg/CPPuvv7Dfa0WvU0dvTfgPkozg4xEcEpAV40rSNlNkhSR5ovGkzlkB3Z5Wej6Nz7i7wdwOC+7VOybN23f6bhRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IeAx2Sp5KSXcSZYMb57SbqjHMQoX4Z7BgdD0bohHQKM=; b=CuFlNLlvycSexBnS6aiEkTmvqXhHYXlMxU0FN3fbFErdTQ0PBS7WK/n/QPSzHl6lHDpQXk26ZChELzw3ECxELgIHHItq5qzjuEI3u2Pe8r4U+qVLnaWnimS6aKMcwDdtNTLxLl8znLayF2ZifmeGgErltc0S1LUmTdLqadtstaq7JhGS1A6l01gRg/i28ep0z6+oisIvLJz9Baoy41Wu+72T4LIwr2T64Aee2hXMe58IzrZeuD89lxeCGojzjYlBOudcQ2rdKg7kZ32d8AZhwT8MXgzvKq12K1wp4Adi1CvZdGtfTIA16/gBjHoLQWYnQmGYhYIy1L/usYvSwu7CRQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN7PR06CA0060.namprd06.prod.outlook.com (2603:10b6:408:34::37) by MN2PR12MB4253.namprd12.prod.outlook.com (2603:10b6:208:1de::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 20:34:03 +0000 X-Received: from BN8NAM11FT063.eop-nam11.prod.protection.outlook.com (2603:10b6:408:34:cafe::f7) by BN7PR06CA0060.outlook.office365.com (2603:10b6:408:34::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 20:34:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+103597+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT063.mail.protection.outlook.com (10.13.177.110) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 20:34:03 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Tue, 25 Apr 2023 15:34:02 -0500 From: "Roth, Michael via groups.io" To: CC: Ard Biesheuvel , Tom Lendacky , Jiewen Yao , , Gerd Hoffmann , Erdem Aktas , James Bottomley , Min Xu , Dov Murik Subject: [edk2-devel] [PATCH v2 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory Date: Tue, 25 Apr 2023 15:32:55 -0500 Message-ID: <20230425203258.255583-2-michael.roth@amd.com> In-Reply-To: <20230425203258.255583-1-michael.roth@amd.com> References: <20230425203258.255583-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT063:EE_|MN2PR12MB4253:EE_ X-MS-Office365-Filtering-Correlation-Id: eae2fcd0-da69-429d-b925-08db45cc68cd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: LbQl77d3m2DmFuAKpnT9pwpFIAb3Q1QuXkZNkxWgOWwd0DLYCdj9AyYMUEtaJezGHvgoIJkzLhNwr57mktKUjwNKIXOUZG/T3JP0td6QY3lpWV8fCEj3cON+a62b1ws63ApzDSPN4yJSwe7JNU2l3lGedJ/QuQ2cl4wUKNsVUWGM4DO2gk055RHpmd4UGs1Zq4/LdCZfl3XWhr26l9ZuxZCQDjZX5/CiacUBf0qQrmeNGvXZvyGN6UivkqXAcV5cJjJ147hZVpK6xKgsAQG19kbr4/bWa5Nz0uDIpaoOJNyXYaKQg3wfbxAwesW50MYO09bCYqEWCr24dk1Gt+Wg4cCpu9maQYxYCBKD3a03mX6gMP/n+VpnOFinWZuHVb7Zur28dPfkpClaMq0BG56bZmtvTcKin+CfLGy95YEGs0C7dUnvYigIV45OkzdERnT+FbW8aYoRg+BRvqkTsKbEN3CsJolTY+La8a1SvyQ2rQZrYF8BkAgV9h4gw4R1HnQy66/cQ7ziWHAgz5ifa1s2slVYeFHltW0Wbkssvar89tdcrJdFol+90QKb2/WGd1Zkb0Mx7MBIOJV0kg6lvkplVJBBMOwydlOr4TiYPCRinsY4pFLWYKCvsfmAUkY2HQebDZImQOK2GJ41ijo46CML57IXykv4/Byvyy4zS7u4bv8TD2OYe3OeS18IPjYWfAJNj//L1WGNhXJ3fXFDgPxzUWORfA18tOO9qy6O/K00lwL+DYLn9nn/ztv8V3gC90HkVdkL6ZvTZiOmWe7UYTiWRQ== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 20:34:03.6546 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: eae2fcd0-da69-429d-b925-08db45cc68cd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT063.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4253 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: NrlDzJL90f7DiZbGcOS43SMSx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1682454846; bh=m/1C7s4bca4Jv6S/v/CXNzzSy5plci43bGHgcwWIBo4=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=b19Nwf07M9k2IWn1bWFXO69u7bp1zYFNPdEbEBHZucZU5Qzlg242jh9Yqvd21hWsXMS a9JGoEgLBK56iTaCL8/EWVWCipDbBWXFRcdYA1uKg0r2HXwNRGpsRz89MSXI7JDX7q1YK Wb2iAFuTCjysxTbff5RhA01gG/SMua3pdIo= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1682454847267100001 Content-Type: text/plain; charset="utf-8" The SEV-SNP Confidential Computing blob contains metadata that should remain accessible for the life of the guest. Allocate it as EfiACPIReclaimMemory to ensure the memory isn't overwritten by the guest operating system later. Reported-by: Dov Murik Suggested-by: Dov Murik Reviewed-by: Dov Murik Reviewed-by: Tom Lendacky Acked-by: Gerd Hoffmann Signed-off-by: Michael Roth --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 62 +++++++++++++++++++++++++++-------- 1 file changed, 48 insertions(+), 14 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index 05b728d32a..df807066fa 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -28,15 +28,36 @@ // Present, initialized, tested bits defined in MdeModulePkg/Core/Dxe/DxeM= ain.h #define EFI_MEMORY_INTERNAL_MASK 0x0700000000000000ULL =20 -STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable =3D { - SIGNATURE_32 ('A', 'M', 'D', 'E'), - 1, - 0, - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase), - FixedPcdGet32 (PcdOvmfSnpSecretsSize), - (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase), - FixedPcdGet32 (PcdOvmfCpuidSize), -}; +STATIC +EFI_STATUS +AllocateConfidentialComputingBlob ( + OUT CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION **CcBlobPtr + ) +{ + EFI_STATUS Status; + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *CcBlob; + + Status =3D gBS->AllocatePool ( + EfiACPIReclaimMemory, + sizeof (CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION), + (VOID **)&CcBlob + ); + if (EFI_ERROR (Status)) { + return Status; + } + + CcBlob->Header =3D SIGNATURE_32 ('A', 'M', 'D', 'E'); + CcBlob->Version =3D 1; + CcBlob->Reserved1 =3D 0; + CcBlob->SecretsPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= SnpSecretsBase); + CcBlob->SecretsSize =3D FixedPcdGet32 (PcdOvmfSnpSecretsSize); + CcBlob->CpuidPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= CpuidBase); + CcBlob->CpuidLSize =3D FixedPcdGet32 (PcdOvmfCpuidSize); + + *CcBlobPtr =3D CcBlob; + + return EFI_SUCCESS; +} =20 STATIC EFI_HANDLE mAmdSevDxeHandle =3D NULL; =20 @@ -175,10 +196,11 @@ AmdSevDxeEntryPoint ( IN EFI_SYSTEM_TABLE *SystemTable ) { - EFI_STATUS Status; - EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; - UINTN NumEntries; - UINTN Index; + EFI_STATUS Status; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap; + UINTN NumEntries; + UINTN Index; + CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION *SnpBootDxeTable; =20 // // Do nothing when SEV is not enabled @@ -284,6 +306,18 @@ AmdSevDxeEntryPoint ( } } =20 + Status =3D AllocateConfidentialComputingBlob (&SnpBootDxeTable); + if (EFI_ERROR (Status)) { + DEBUG (( + DEBUG_ERROR, + "%a: AllocateConfidentialComputingBlob(): %r\n", + __func__, + Status + )); + ASSERT (FALSE); + CpuDeadLoop (); + } + if (MemEncryptSevSnpIsEnabled ()) { // // Memory acceptance began being required in SEV-SNP, so install the @@ -321,7 +355,7 @@ AmdSevDxeEntryPoint ( // return gBS->InstallConfigurationTable ( &gConfidentialComputingSevSnpBlobGuid, - &mSnpBootDxeTable + SnpBootDxeTable ); } =20 --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#103597): https://edk2.groups.io/g/devel/message/103597 Mute This Topic: https://groups.io/mt/98501799/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 11 23:38:20 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+103598+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1682454868237259.3923795694275; Tue, 25 Apr 2023 13:34:28 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id TdFWYY1788612x0u1fMTQhc6; Tue, 25 Apr 2023 13:34:27 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.41]) by mx.groups.io with SMTP id smtpd.web11.91252.1682454867174175600 for ; Tue, 25 Apr 2023 13:34:27 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XOZgTi2kWxTqpNVoqOEZY3l4Bnr+/WE1Ooc4R4c66oh+XBaIGD0dydOYXzegXSEclwf5DZur0De5q+nc5SnbfFi/xZfJytI4umywpFBbPDgVBvtcQ1E92LASebMCltiMPoiIMYUXC0sZ5rzebwV70to1cR0rWBIiCnrBh7Cs+8O+nj6WQo18R7TsN22VTo9Rv6S83Y9s7dDSjvbGV3ny7+30PSDvelKh7I/xSIGwnW3qwqQV3OgafKM8Y1+iyyGyvgeYIw/6myUHMOmeUqbCDYKWblw8LRcCFrRvFzxrjyjuTcE3QUVOHWGCBsn6ETIOQ5bHqJ8ThTa8uN6pNWo+7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LU0TLOihRyLUfYJBRj8/PyOgZRWlffz2ftDO4jqqdxc=; b=RTtpLytljj3e8LgML1Yry8eS7tZnD6Kthv147v8pPBDmYuLN0dnV8XoaKrzno7xVMPcPG98ebuS4f0Ob4Oc/Cwmu+jPq9CNfbs6Gvic8SKDo5SJ4vJEbY6AavCXxiph3MmmON612wPuiRWEjHuOaSfkjeVkXE36Yq2p6Ce10NtnnVGm7ZcA0O+qRjmiP3ucHGubkXIWFYAm7DjtnrUQ60K+zHSjX1rUB0CzAFpg33w7ifiamiTQRwZl+ecywLJBPZkDQ52oe+iD8UVAkkAAza/h1F0naT3Ck26VYKiUJAzUR/ZSAMZ0znzpzU1v2E578yWgSrYbqDwWr8T0q6IQ1Tg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN1PR10CA0011.namprd10.prod.outlook.com (2603:10b6:408:e0::16) by DM4PR12MB5373.namprd12.prod.outlook.com (2603:10b6:5:39d::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 20:34:24 +0000 X-Received: from BN8NAM11FT067.eop-nam11.prod.protection.outlook.com (2603:10b6:408:e0:cafe::8c) by BN1PR10CA0011.outlook.office365.com (2603:10b6:408:e0::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 20:34:24 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+103598+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT067.mail.protection.outlook.com (10.13.177.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.21 via Frontend Transport; Tue, 25 Apr 2023 20:34:24 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Tue, 25 Apr 2023 15:34:23 -0500 From: "Roth, Michael via groups.io" To: CC: Ard Biesheuvel , Tom Lendacky , Jiewen Yao , , Gerd Hoffmann , Erdem Aktas , James Bottomley , Min Xu Subject: [edk2-devel] [PATCH v2 2/4] OvmfPkg/AmdSevDxe: Update ConfidentialComputing blob struct definition Date: Tue, 25 Apr 2023 15:32:56 -0500 Message-ID: <20230425203258.255583-3-michael.roth@amd.com> In-Reply-To: <20230425203258.255583-1-michael.roth@amd.com> References: <20230425203258.255583-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT067:EE_|DM4PR12MB5373:EE_ X-MS-Office365-Filtering-Correlation-Id: 4b42616e-9783-48be-7289-08db45cc7538 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: J/S2Esnr+meSrFeAEs7BqIn8ji8UGftg9wzPj+y/uIdKFNjDIGItwRliQfCdxHQ7v4r+IRrdwQAfkxQnqwCf2VmXGdQsh9BV9AwsTT/oOvsOwUcEYnJsK/vmz9sMA1Ihj7bff1/GvCyrk46wKR+Fk/lMpuuYhWLf9w5NqfSdHTWx5gjijj4yv5Hks0r3oDPfIcfdPpYj2R5XyZIm4yzIi4FR1uNWUHMJFGlVO6AK2zL17sGyDhGTEhnrquWQMaqI2OtuICl8IiduEpKjPkUcauhECnNdOXs3v58GDwv8en62UBTz9e1BjiyFCrYxhTaSzDQG3Gsdex2qOJbVx2N4OoZ/S3tsp0oi1KZVqMpGtsNHYAm0FdYvvoLF7Wgh7FXze068Wckq0TmD1H7OUtfXqjS5TY+IjVOB1KqTzoF/1o2sKBRMgBnE9DceyOddWaTy6IPQ+0E2W2G/j11YuCFag73I3yw1TIYWvC1YoV1MzkzbSYQivetUxyuaijccQfXi9OJHv4uWHHkTTuNtrj/IPGbm+XfG+4UXeo+H8R+mzfYHa+ACp2rCrajRfV/d5JRLTiiAeCgjnxCvMUpDdrIo/cxze5i5v8rLnjcJRbO2eFsIOln/yc5nrhXPjvuRSpbkaRrwRba8kIdGw75pQoRrpwTTfAFiH2+I6WjQReij/89DcJKCJsu9wzxQrg26Snx55K+QMS3zGvVasq9XcnT4VUew8wx+JxEjPzU5XxRmzDA= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 20:34:24.4866 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4b42616e-9783-48be-7289-08db45cc7538 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT067.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5373 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: yd2w1Uc8lawtBW9LXbVw2tOxx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1682454867; bh=I1YuKXxdEg2GulGvFxxFZ46l0EsxZzsnIDsOSzSJKFU=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=BLlSlVyrablFNmtgNA9eowvOIHV3nGQQAxAvtrn+S4usfdUsy+8fxjLi88d084oL+2p a4nfJuBDCnz0rUpRukPiCD7dhBWK5ySBXTd9ZizKM9b0IX6HcYqOd9mx3uLBfSpNHD8Qp kTWu1SiI1+WGD8ahr3HbXYkvUxfAvgMAvXo= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1682454869113100001 Content-Type: text/plain; charset="utf-8" The Confidential Computing blob defined here is intended to match the definition defined by linux guest kernel. Previously, both definitions relied on natural alignment, but that relies on both OVMF and kernel being compiled as 64-bit. While there aren't currently any plans to enable SNP support for 32-bit compilations, the kernel definition has since been updated to use explicit padding/reserved fields to avoid this dependency. Update OVMF to match that definition. While at it, also fix up the Reserved fields to match the numbering used in the kernel. No functional changes (for currently-supported environments, at least). Reviewed-by: Tom Lendacky Acked-by: Jiewen Yao Acked-by: Gerd Hoffmann Signed-off-by: Michael Roth --- OvmfPkg/AmdSevDxe/AmdSevDxe.c | 4 +++- OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h | 6 ++++-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c index df807066fa..db3675ae86 100644 --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c @@ -48,11 +48,13 @@ AllocateConfidentialComputingBlob ( =20 CcBlob->Header =3D SIGNATURE_32 ('A', 'M', 'D', 'E'); CcBlob->Version =3D 1; - CcBlob->Reserved1 =3D 0; + CcBlob->Reserved =3D 0; CcBlob->SecretsPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= SnpSecretsBase); CcBlob->SecretsSize =3D FixedPcdGet32 (PcdOvmfSnpSecretsSize); + CcBlob->Reserved1 =3D 0; CcBlob->CpuidPhysicalAddress =3D (UINT64)(UINTN)FixedPcdGet32 (PcdOvmf= CpuidBase); CcBlob->CpuidLSize =3D FixedPcdGet32 (PcdOvmfCpuidSize); + CcBlob->Reserved2 =3D 0; =20 *CcBlobPtr =3D CcBlob; =20 diff --git a/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h b/OvmfP= kg/Include/Guid/ConfidentialComputingSevSnpBlob.h index b328310fd0..83620e31b8 100644 --- a/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h +++ b/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h @@ -18,14 +18,16 @@ { 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42 }, \ } =20 -typedef struct { +typedef PACKED struct { UINT32 Header; UINT16 Version; - UINT16 Reserved1; + UINT16 Reserved; UINT64 SecretsPhysicalAddress; UINT32 SecretsSize; + UINT32 Reserved1; UINT64 CpuidPhysicalAddress; UINT32 CpuidLSize; + UINT32 Reserved2; } CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION; =20 extern EFI_GUID gConfidentialComputingSevSnpBlobGuid; --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#103598): https://edk2.groups.io/g/devel/message/103598 Mute This Topic: https://groups.io/mt/98501811/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 11 23:38:20 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+103599+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1682454890629882.2061515690647; Tue, 25 Apr 2023 13:34:50 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id EMZUYY1788612xnyzaNDaLpy; Tue, 25 Apr 2023 13:34:50 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.84]) by mx.groups.io with SMTP id smtpd.web11.91258.1682454889368785971 for ; Tue, 25 Apr 2023 13:34:49 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ggc2tazvpt3eovqmt6/vDvSxsM/0xQQdXLnTNTOEutyXRlxHSewaLa0nSQq648v1EY4MVoJ189etH7+0I3wICIE27i3rbw/jnCwkaJ3YfSVptIDhZQ6336id45PxF+nT3JiD1WyKpqgp7SsZajMfzFfq9c9Td8ZR9QmNCPw4ZvhrAp4iZTPMrXjHBI14HvTAaWQnmBlqzzfmYX+9N7EKVG6pc3e4EbMcqFdGziDN+bWWLKWlIOY5B4IE2uLEPCOMSOjXxaTjHDy9SZUMX9Cfvqlrq8mTEuq3CraYMBMoZ9czVle0lSyd1pAcHA4re6JPUmgZmCxRWAecx7I765rzIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2yozTvsHGqx9SmxUH09ZYuxrsPLx4syK+Zo+wQ80uQo=; b=lZJSd1XG/xVZkrF53jmHrmXjszne1W+A4FQt4aGhnS5BrLEj0123JEsP/abXoc3ldWtP9G8PjB8BV1HpcLU8sPKQMyuFdZFODx8WN8/l9h0+/JlpiYETlRbN8qE7NLq6MppMVyyJaF09yDNw2RnpZFwG0XaLpV1PqMzNL0VdTZRJYMX9HUrsvdLfZN7VUsnCEyaOQSNYOZSZ5hPu9CyNhyn5nf6x8UyfaCHJlvw0XJtAw6x7wd32X3u4jVQMJxnrE6LKXtDGSOpqsLhJbK+1+94QPNvPNQ1xSGRtsuRlpmBYgbf9DVpfHuAqENOLEGWv1jsI/YkK3AzVsT4C4k67QQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN0PR04CA0105.namprd04.prod.outlook.com (2603:10b6:408:ec::20) by DS0PR12MB6560.namprd12.prod.outlook.com (2603:10b6:8:d0::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 20:34:45 +0000 X-Received: from BN8NAM11FT048.eop-nam11.prod.protection.outlook.com (2603:10b6:408:ec:cafe::5b) by BN0PR04CA0105.outlook.office365.com (2603:10b6:408:ec::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 20:34:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+103599+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT048.mail.protection.outlook.com (10.13.177.117) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.21 via Frontend Transport; Tue, 25 Apr 2023 20:34:45 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Tue, 25 Apr 2023 15:34:44 -0500 From: "Roth, Michael via groups.io" To: CC: Ard Biesheuvel , Tom Lendacky , Jiewen Yao , , Gerd Hoffmann , Erdem Aktas , James Bottomley , Min Xu , Pavan Kumar Paluri Subject: [edk2-devel] [PATCH v2 3/4] OvmfPkg/CcExitLib: Fix SEV-SNP XSave area size calculation Date: Tue, 25 Apr 2023 15:32:57 -0500 Message-ID: <20230425203258.255583-4-michael.roth@amd.com> In-Reply-To: <20230425203258.255583-1-michael.roth@amd.com> References: <20230425203258.255583-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT048:EE_|DS0PR12MB6560:EE_ X-MS-Office365-Filtering-Correlation-Id: da08b905-f801-48da-f078-08db45cc81b9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: B99a6HURsR070KtB3GCnJuZ+v22gIqViFWNDFNFEntsAVlAEUJ+gZcGS1tJ1j5zkLuQoyc+ee0yIeUdfdTLU92E1ylo2Py8k37I8QFOCIsWoxn9OXSUU71sr+JmyYbR1hffxv7KxZ/rjuE3aULWkcu9xtS/C6u4qwgnK/tun1WPYMQzI9TACVDXiDi0JjFg806eDbkQLEj4nvtOQvoSyE3+PArpb1UJUY+d/Bx1gdWztWdXE+KC/HflzdbNqpVbFk2VEAENbTFssmJQ8A41PfMx0yxX47Kuy1AFoZm0eKIIgmyesNzUFpa2Z1U96ulra9e1y4eVc/tgaETI3CWs8bCvynLtc8ClVkTuxsx6SzzGMiw0Fh9V4vk8N4H7Y9Hy0cpU95JOIJVj7yuUEdkLfqdwiJgW7NEUOo7wdpkIfHIHcXQMs7GhFgrdcaMr/COqv+AkFnrgs9hYy6uLX5zqVYr5/GFePHFIg8GDtGhWzW3Ju75zAmZ3YJ8XVMvRXORDUnHWfLNgBROVZYYTLPE67M2WbZnfsKrKxZO2tFpIh9ifuubgY8Ghb2ZdRB+gmjKcqhACtRDr++e7a9X39yqLK+47oPxFGzsl32IYxf7GB9l6n4SHLS9nZOwKCMAXO7Mfu32Wdp9lr0j0dJSvZnvl6LbryQgk88Oew+Ziug4nC3y+rlcwtahGX3UIDzwFesXHiiED1PpdFQ8CkKjYaSZKyCp/MFvQ8ooFiutxZYJ/mvBw= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 20:34:45.4211 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: da08b905-f801-48da-f078-08db45cc81b9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT048.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6560 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: gfWdODb8LxPFLbcjAMJOe2ABx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1682454890; bh=SrvDxEkdaSex3b01qDehEuKg7WlT72we3QQd4ki+5iw=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=CcSZQsnKJVpPmrQl6FYpzMmSDkiuDNCr3S8Yj3neQUXt1a4hBbL1G3lNqy7ssTnkvo0 m7TNvkrsH3OxQNQ/ykTsUtazTZ3gvM2Mlip7yjZFf0VlFML036wCoM3drq0YfMoM4NxU9 UEFcZA4Kz349SknaWXsoASLazdU1ZW1aeeg= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1682454891359100002 Content-Type: text/plain; charset="utf-8" CPUID leaf 0xD sub-leafs 0x0 and 0x1 contain cumulative sizes for the enabled XSave areas. Those sizes are calculated by tallying up all the other sub-leafs that contain per-area size information for XSave areas that are currently enabled in XCr0/XSS. The current check has the logic inverted. Fix that. This doesn't seem to cause problems currently, but could in the future if OVMF made more extensive use of XSave areas. It was noticed while implementing SNP-related tests for KVM Unit Tests, which re-uses the OVMF #VC handler in some cases. Reported-by: Pavan Kumar Paluri Cc: Pavan Kumar Paluri Reviewed-by: Tom Lendacky Acked-by: Jiewen Yao Acked-by: Gerd Hoffmann Signed-off-by: Michael Roth --- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/= CcExitLib/CcExitVcHandler.c index 7fe11c5324..94f0c4872c 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -1145,9 +1145,7 @@ GetCpuidXSaveSize ( for (Idx =3D 0; Idx < CpuidInfo->Count; Idx++) { SEV_SNP_CPUID_FUNCTION *CpuidFn =3D &CpuidInfo->function[Idx]; =20 - if (!((CpuidFn->EaxIn =3D=3D 0xD) && - ((CpuidFn->EcxIn =3D=3D 0) || (CpuidFn->EcxIn =3D=3D 1)))) - { + if (!((CpuidFn->EaxIn =3D=3D 0xD) && (CpuidFn->EcxIn > 1))) { continue; } =20 --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#103599): https://edk2.groups.io/g/devel/message/103599 Mute This Topic: https://groups.io/mt/98501817/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 11 23:38:20 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+103600+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1682454911783485.1343300123724; Tue, 25 Apr 2023 13:35:11 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 2S6TYY1788612xYmayl623VP; Tue, 25 Apr 2023 13:35:11 -0700 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.40]) by mx.groups.io with SMTP id smtpd.web11.91276.1682454910837479504 for ; Tue, 25 Apr 2023 13:35:10 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VMnz3TFXNb/TkO1Ojr3hf9XG4bKpfEJAraoGXfr9NAlH0l7TkrhwS1avTDiNkLcelpT/CthSubY1x2v0sz1WV7ZTwbi9ZEyJ5wDC9OP9ME3rntLc7HYSCDyhS9oJonYImOZOJsfBq6M7wg73OWhU2kY8rewBa+7qrKgHWc6/jJZ3Rg0zJLGSplCaw8D7idHnktgnA7tV+3KictCY92nApabrRYcSkbT0exUSFP/CtvIb9ezqwGeuG86SEtU9Q4uCMYgh8XPJsrh2Il9YtOjnfU0mI4NmFOui6yAZgXNu8L/AqJGo+qOT7XPQ3tse7SOJccFAFKmIHb2nNMRn6eIOoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LIBZcU3BgcajhOWS8VCnGiUzuHjdHtGFvvROY/RzuMs=; b=md9PQLldYEr4Gv5NPFcGM8hCPl8xQwDPZH4sJOm6BxdKg+5wzbpidrcAiVwyOQd2eOGgn+IfNCIHeFj+J7GVU6S63NJFDwzKbpA9YZt4s7xFGi5ZUcgYHLdrW+Xnj8MAIV6Azyyzk4d1km8IEsQAm16O6BQt6JQtkMWLaadkARMQTf5SUlT3S0Kra6taJ/HSdiGi1nIWz3Hl4TkNYrCtJ5YUfDoH82dc5fUTf4wLEEmTk7E3O8spSkg3WDmcNm77B5YtVsV7Xmn++i0j9aNYXNwA1l8fh/pH9dmBWBM8mCxqtPDNI3dejLNa4qJvULl13dReccyoaJMTRqEs7KBHrw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN9PR03CA0123.namprd03.prod.outlook.com (2603:10b6:408:fe::8) by DM4PR12MB5087.namprd12.prod.outlook.com (2603:10b6:5:38a::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 20:35:07 +0000 X-Received: from BN8NAM11FT024.eop-nam11.prod.protection.outlook.com (2603:10b6:408:fe:cafe::c6) by BN9PR03CA0123.outlook.office365.com (2603:10b6:408:fe::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 20:35:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+103600+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT024.mail.protection.outlook.com (10.13.177.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 20:35:06 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Tue, 25 Apr 2023 15:35:05 -0500 From: "Roth, Michael via groups.io" To: CC: Ard Biesheuvel , Tom Lendacky , Jiewen Yao , , Gerd Hoffmann , Erdem Aktas , James Bottomley , Min Xu Subject: [edk2-devel] [PATCH v2 4/4] OvmfPkg/CcExitLib: Use documented XSave area base size for SEV-SNP Date: Tue, 25 Apr 2023 15:32:58 -0500 Message-ID: <20230425203258.255583-5-michael.roth@amd.com> In-Reply-To: <20230425203258.255583-1-michael.roth@amd.com> References: <20230425203258.255583-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT024:EE_|DM4PR12MB5087:EE_ X-MS-Office365-Filtering-Correlation-Id: 577382dc-ed3d-4828-2a64-08db45cc8e48 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: pUpvR+oG86eLT7lu/WwwjMLXqXKyG3xNgKLNdeRusUWwk6pO1raEHjTuMmkI6+cRp4llWHUX/VAm94EkqQfa4s3MCx/f19fpzLPfpjG0jKgeT36G3l3wNGJ2QX947f8DEw7xQy0d6PgXCwSYTKDP7jKPcM8ZDD7hvvE7IgeZB4ISO8fDw4IYHNlZcaIXMJXZZUe7T53N3Vye5nPyeHPJt/RTKORCQx9I4mVhMtiyKTdmg1TUjK3cS8Unli8U3vo/GIV1IqkaCkW6QnBlFiIszYx3ioQ7PGd7uzyOaywO4UUfzAAO8mlfvPYIGfhkiH0rGksVIZcUro7vj5mZNjyzvvLBvdJQ0y6yEAhJ/Ai7mQHGkSOLrKHvdaTf8Yjc/l5fxs+wq9qVUtcx5fm1YqbkxvrnfqTFV7RPUc0wT4La2pQ5fGULoT4rQz21w2LY6w2xJCsr0cONIAsiBDzLYwW906DyPF2e/IyBvage5GrMDqClzGXlWRIbPyo5iDaF/IRUKFqdiU8rWCnrCS6kuE0T4Wg8mGcNXWBluCwt4Ry0bV5BkhmpNLcgbx8Kx83alEQCBRXbD8gOw+juDmfHZhtDH1qa4t1CMbYeZRDmNSekTjrV3ssVfnmp/W4dAu86nD/3umW7zZsT8IRK5ks7LF/9/d0cJ3COb8kZvlX/S2z5EV7leEN9iRcNB6FGchv+HpbzF1L8K970hIs8lz4WSEdWCytzJs39LwIPEcfs069kW0g= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 20:35:06.5483 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 577382dc-ed3d-4828-2a64-08db45cc8e48 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT024.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5087 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: EKk4UNE1kCOBGSpRwaGDB8MBx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1682454911; bh=w75BI9/Q4/Od2MEUXtd8DLQt94rBs5+jNmh+cQW6vWo=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=RGEgwFuuAnd7I1yP2dALuqW/m0QPiQSrlW5GrCfsVwmhPwdzCiA5nXyX9p9AmRd1ybj voxCWekG7yE393zmBSkPC8nbP11ZGAlbUcNVoNAS0KL/KBP6zoXDYzhIB/mxmNfylVnY8 Lo8U8dmCuMK4zwAvzRS16Z/7s6oiCvTIrFQ= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1682454913467100001 Content-Type: text/plain; charset="utf-8" Currently OVMF tries to rely on the base size advertised via the CPUID table entries corresponding to leaf 0xD, sub-leafs 0x0/0x1. This will generally work for KVM guests, but might not for other SEV-SNP hypervisor implementations. Make the handling more robust by simply using the base area size documented by the APM. Reviewed-by: Tom Lendacky Acked-by: Jiewen Yao Acked-by: Gerd Hoffmann Signed-off-by: Michael Roth --- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/= CcExitLib/CcExitVcHandler.c index 94f0c4872c..0fc30f7bc4 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -1114,8 +1114,6 @@ SnpEnabled ( =20 @param[in] XFeaturesEnabled Bit-mask of enabled XSAVE features/are= as as indicated by XCR0/MSR_IA32_XSS bits - @param[in] XSaveBaseSize Base/legacy XSAVE area size (e.g. when - XCR0 is 1) @param[in, out] XSaveSize Pointer to storage for calculated XSAV= E area size @param[in] Compacted Whether or not the calculation is for = the @@ -1130,7 +1128,6 @@ STATIC BOOLEAN GetCpuidXSaveSize ( IN UINT64 XFeaturesEnabled, - IN UINT32 XSaveBaseSize, IN OUT UINT32 *XSaveSize, IN BOOLEAN Compacted ) @@ -1139,7 +1136,10 @@ GetCpuidXSaveSize ( UINT64 XFeaturesFound =3D 0; UINT32 Idx; =20 - *XSaveSize =3D XSaveBaseSize; + // + // The base/legacy XSave size is documented to be 0x240 in the APM. + // + *XSaveSize =3D 0x240; CpuidInfo =3D (SEV_SNP_CPUID_INFO *)(UINT64)PcdGet32 (PcdOvmfCpuidBase); =20 for (Idx =3D 0; Idx < CpuidInfo->Count; Idx++) { @@ -1355,7 +1355,6 @@ GetCpuidFw ( =20 if (!GetCpuidXSaveSize ( XCr0 | XssMsr.Uint64, - *Ebx, &XSaveSize, Compacted )) --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#103600): https://edk2.groups.io/g/devel/message/103600 Mute This Topic: https://groups.io/mt/98501826/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-