From nobody Sat May 18 08:35:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+110506+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110506+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1698916246; cv=none; d=zohomail.com; s=zohoarc; b=FlcgYqbeiqDvKXDEaje5hPUfzabT9eX6igsnnKgeL2H8WthFbtglhBa9jip6M8WpZvJppA6U0Z1FKfNqrdshumea+qlLrMX2Zh8vZhYS5Nzic+hquVLNZJIBobksKhB239SafqiYvmzIWfcUg+AvUJJxmECaOKg0+RybjSyj6jo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1698916246; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=Ov5Ln1Aj7S49FUYHitesM4T0zwvk+WOrUTcC0foz2P8=; b=NsH3UB5TuuX+25J50HKhdlVQU05Ja2BYtrYYlk6l7msYawK0zWOXnJBeyo/DzX7FSEoVKBIxkGFeDJ1uUnIGFMPD3cU9f+7UrYjAcvGCIz8epyRPFtsITrbMncVft5NQCBevPheSHFMTjy4M5zYQDdVV+cc+0V/6ALS8D24iaYs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110506+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1698916246133689.8824894987201; Thu, 2 Nov 2023 02:10:46 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=HSdzBT94/OCRpds73ml2tytNt943cJqV9BwRUYL5ANQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1698916245; v=1; b=XMNn6/z7wILIGQYvF8EqNXMPvuNm/iOht3f/TbHHmceVGadQVchlLsJOK3JzuJCwLA68wQci b6hFgXB+TzhJfDiVMnbKm8qMRIOcMTEFSzBN13dOElBXaMrC4wVyAcSosC6/OBRJgt6qMQjKSiw cAI0BSfSeYIPIMUGd9tP30dY= X-Received: by 127.0.0.2 with SMTP id TVPmYY1788612xpnF0uCPykd; Thu, 02 Nov 2023 02:10:45 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.10]) by mx.groups.io with SMTP id smtpd.web11.26478.1698916244463932286 for ; Thu, 02 Nov 2023 02:10:45 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10881"; a="1583229" X-IronPort-AV: E=Sophos;i="6.03,271,1694761200"; d="scan'208";a="1583229" X-Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orvoesa102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2023 02:10:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10881"; a="737695164" X-IronPort-AV: E=Sophos;i="6.03,271,1694761200"; d="scan'208";a="737695164" X-Received: from cepingsx-mobl1.ccr.corp.intel.com ([10.239.49.140]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2023 02:10:41 -0700 From: "sunceping" To: devel@edk2.groups.io Cc: Ceping Sun , Liming Gao , Michael D Kinney , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , Tom Lendacky , Michael Roth , Gerd Hoffmann Subject: [edk2-devel] [PATCH V2 1/2] MdePkg/BaseLib: Update TdVmcall to always output the value in R11 Date: Thu, 2 Nov 2023 17:09:56 +0800 Message-Id: <20231102090957.2076-2-cepingx.sun@intel.com> In-Reply-To: <20231102090957.2076-1-cepingx.sun@intel.com> References: <20231102090957.2076-1-cepingx.sun@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,cepingx.sun@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 0iUZpCEwxrtUmQTYOZnBOusGx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1698916248378100003 Content-Type: text/plain; charset="utf-8" From: Ceping Sun REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4572 According to section 3.2 of the [GHCI] spec, if the return status of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the pages in the region starting at the GPA specified in R11. Currently, TDVF has not handled the retry results and always clears the R11 on unsuccessful return status. For this, the TdVmcall needs to output the value of R11 on unsuccessful return status to handle the retry results of MapGPA. Reference: [GHCI]: TDX Guest-Host-Communication Interface v1.0 https://cdrdv2.intel.com/v1/dl/getContent/726790 Cc: Liming Gao Cc: Michael D Kinney Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Michael Roth Cc: Gerd Hoffmann Signed-off-by: Ceping Sun Acked-by: Gerd Hoffmann Reviewed-by: Jiewen Yao --- MdePkg/Library/BaseLib/X64/TdVmcall.nasm | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/MdePkg/Library/BaseLib/X64/TdVmcall.nasm b/MdePkg/Library/Base= Lib/X64/TdVmcall.nasm index 5ecc10b17193..8dd9bfcbfa14 100644 --- a/MdePkg/Library/BaseLib/X64/TdVmcall.nasm +++ b/MdePkg/Library/BaseLib/X64/TdVmcall.nasm @@ -133,9 +133,7 @@ ASM_PFX(TdVmCall): test r9, r9 jz .no_return_data =20 - ; On success, propagate TDVMCALL output value to output param - test rax, rax - jnz .no_return_data + ; Propagate TDVMCALL output value to output param mov [r9], r11 .no_return_data: tdcall_regs_postamble --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110506): https://edk2.groups.io/g/devel/message/110506 Mute This Topic: https://groups.io/mt/102337975/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 08:35:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+110507+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110507+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1698916256; cv=none; d=zohomail.com; s=zohoarc; b=cdJ2wB0i71Yp+mO2ynGvhkz/Nj2yNSoObxbATIheTIzotmWohI66r4LPyMbx8vd7+/c+h9/6c4RMMB988bdcFxbUj4QfgkB9qWJOpQQkMqgXO8fKYAAbLwyWjYMatcMQHmgEbJPVdngB6rsnPLaboY7KFK07XFF4w1F5OLVZR1o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1698916256; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=POo1xpqGxFotuzSiVgjLyXDw3Gnejqs2mXGjeb5tHW0=; b=ApOXWD4tLtQbIvIOq7VPSiV2VaLKCoGTflrbandUSEjXymQmvM/ZG3yzbUZoYdaBYN5XQU6UCJ3nWxY9hxktNXjCNh2xaCXD9BKV5u+kaq4zeQo5Y2NH2mXfyurF0Yt6NOYblG4gVA2nEs48CQJJo4iN2wZH1ea40yTaIjD1fig= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+110507+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1698916256460139.7508429056229; Thu, 2 Nov 2023 02:10:56 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=sgvOI6ZBkoEYbjMq3w8rlXwBo38hSjuMdCKAEHjzKa4=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1698916256; v=1; b=a3j//9Vncc478yTvH88k8wDFQH5LCdR3gOW69K+73VOtmPvz8OtNHZDBj3QQ056qITRiefDV /H+Js6u3GXqPnnBRPi5ryK65eZAXMgvxZXYhiDmrpQciOFqNsR/1e2nJuIgUkwoge/oUtp6Dme8 63QguGKWemk31ZYPXt/hQ4Es= X-Received: by 127.0.0.2 with SMTP id X6hmYY1788612xmW9hy80PyP; Thu, 02 Nov 2023 02:10:56 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.10]) by mx.groups.io with SMTP id smtpd.web11.26484.1698916255628248759 for ; Thu, 02 Nov 2023 02:10:55 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10881"; a="1583257" X-IronPort-AV: E=Sophos;i="6.03,271,1694761200"; d="scan'208";a="1583257" X-Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orvoesa102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2023 02:10:55 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10881"; a="737695193" X-IronPort-AV: E=Sophos;i="6.03,271,1694761200"; d="scan'208";a="737695193" X-Received: from cepingsx-mobl1.ccr.corp.intel.com ([10.239.49.140]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Nov 2023 02:10:52 -0700 From: "sunceping" To: devel@edk2.groups.io Cc: Ceping Sun , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , Tom Lendacky , Michael Roth , Gerd Hoffmann Subject: [edk2-devel] [PATCH V2 2/2] OvmfPkg/BaseMemEncryptTdxLib: Handle retry result of MapGPA Date: Thu, 2 Nov 2023 17:09:57 +0800 Message-Id: <20231102090957.2076-3-cepingx.sun@intel.com> In-Reply-To: <20231102090957.2076-1-cepingx.sun@intel.com> References: <20231102090957.2076-1-cepingx.sun@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,cepingx.sun@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Pe832Cm8NHjaGHpXx0Jdalthx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1698916258525100003 Content-Type: text/plain; charset="utf-8" From: Ceping Sun REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4572 According to section 3.2 of the [GHCI] document, if the return status of MapGPA is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the pages in the region starting at the GPA specified in R11. In this patch, when a retry state is detected, TDVF needs to retry the mapping with the specified address from the output results of TdVmCall. Reference: [GHCI]: TDX Guest-Host-Communication Interface v1.0 https://cdrdv2.intel.com/v1/dl/getContent/726790 Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Michael Roth Cc: Gerd Hoffmann Signed-off-by: Ceping Sun Acked-by: Gerd Hoffmann --- .../BaseMemEncryptTdxLib/MemoryEncryption.c | 43 ++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c b/Ovmf= Pkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c index a01dc98852b8..b9de699a6489 100644 --- a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c +++ b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c @@ -38,6 +38,10 @@ typedef enum { =20 STATIC PAGE_TABLE_POOL *mPageTablePool =3D NULL; =20 +#define TDVMCALL_STATUS_RETRY 0x1 + +#define MAX_RETRIES_PER_PAGE 3 + /** Returns boolean to indicate whether to indicate which, if any, memory en= cryption is enabled =20 @@ -527,6 +531,13 @@ SetOrClearSharedBit ( EFI_STATUS Status; EDKII_MEMORY_ACCEPT_PROTOCOL *MemoryAcceptProtocol; =20 + UINT64 MapGpaRetryAddr; + UINT32 RetryCount; + UINT64 EndAddress; + + MapGpaRetryAddr =3D 0; + RetryCount =3D 0; + AddressEncMask =3D GetMemEncryptionAddressMask (); =20 // @@ -540,7 +551,37 @@ SetOrClearSharedBit ( PhysicalAddress &=3D ~AddressEncMask; } =20 - TdStatus =3D TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0, N= ULL); + EndAddress =3D PhysicalAddress + Length; + while (RetryCount < MAX_RETRIES_PER_PAGE) { + TdStatus =3D TdVmCall (TDVMCALL_MAPGPA, PhysicalAddress, Length, 0, 0,= &MapGpaRetryAddr); + if (TdStatus !=3D TDVMCALL_STATUS_RETRY) { + break; + } + + DEBUG ((DEBUG_VERBOSE, "%a: TdVmcall(MAPGPA) Retry PhysicalAddress is = %llx, MapGpaRetryAddr is %llx\n", __func__, PhysicalAddress, MapGpaRetryAdd= r)); + + if ((MapGpaRetryAddr < PhysicalAddress) || (MapGpaRetryAddr >=3D EndAd= dress)) { + DEBUG (( + DEBUG_ERROR, + "%a: TdVmcall(MAPGPA) failed with MapGpaRetryAddr(%llx) less than = PhysicalAddress(%llx) or more than or equal to EndAddress(%llx) \n", + __func__, + MapGpaRetryAddr, + PhysicalAddress, + EndAddress + )); + break; + } + + if (MapGpaRetryAddr =3D=3D PhysicalAddress) { + RetryCount++; + continue; + } + + PhysicalAddress =3D MapGpaRetryAddr; + Length =3D EndAddress - PhysicalAddress; + RetryCount =3D 0; + } + if (TdStatus !=3D 0) { DEBUG ((DEBUG_ERROR, "%a: TdVmcall(MAPGPA) failed with %llx\n", __func= __, TdStatus)); ASSERT (FALSE); --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110507): https://edk2.groups.io/g/devel/message/110507 Mute This Topic: https://groups.io/mt/102337977/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-