From nobody Fri Nov 29 04:42:50 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1488842859850691.6896126623794; Mon, 6 Mar 2017 15:27:39 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 847B780338; Mon, 6 Mar 2017 15:27:38 -0800 (PST) Received: from mail-it0-x241.google.com (mail-it0-x241.google.com [IPv6:2607:f8b0:4001:c0b::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B3B0980333 for ; Mon, 6 Mar 2017 15:27:37 -0800 (PST) Received: by mail-it0-x241.google.com with SMTP id w185so11363317ita.3 for ; Mon, 06 Mar 2017 15:27:37 -0800 (PST) Received: from [127.0.1.1] ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id b15sm9337856ioj.34.2017.03.06.15.27.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 15:27:36 -0800 (PST) X-Original-To: edk2-devel@ml01.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=NhFE9VUwdBHZlRBOozeZMhxftUbqETgHBmjfPRfJVPw=; b=D1jWM3vlxZLRZPnJDbLZqu+m8a54QlSzQMzRlgp3VOMJKClmIJWUvBUvhpy0S6VzsE NeQQ8AWORk/0tucXzIpTkU7Ehp2EOkbB4OMo/Ms9cIWvXi0DjacxRKLL4Jn6NIUzWGZA zULe3woTxBSIz2fN311p5ZZErdqPVSgvqBKz2sq16MmR3y9QOJ9fFXYVHkoP4CDxtrF4 NTidn6bVAflOtxahi+hK5kp4Mc0/7B0r0APXWU8KPpg7Ca7nvtWNRR/RkgR+ZkZL3uvp 5PHlX0XR9hUgPLcUGPANE/i/IVBN//yejhF2KiP/OUagNPOgA0JtJlgoFSlDQWQwXy3y o7rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=NhFE9VUwdBHZlRBOozeZMhxftUbqETgHBmjfPRfJVPw=; b=BGsDvmmU3VVGbqcqqye0nFmbZOYJGdu8UIg/1Kdir2236oaGapKQHOvz3YB08DeOOM rUkNqVpLqwhgSRn5/T6a2ldyMrB0LYJsD7Dl24tVRAOJdAfGsFBd1t71bFghap16PJ6/ nB/+PIR3mMuNTaZQvVqxw5CmScwNMoQ1yDHDoBBYO7Cgt+DXDDPR2TvYrlvLCzjKvjWC QkRGfSmI276B7f5XLJdvne25pZmTrJg1+L5Mijr5wM60TeF8YFIodwAcZ/lJ4Z8wnpoH Vu8TPlNjRXC4Q2VJDBAmevHiSX7Lz0KGzLbiXEK/P1wj5HphiluDY41vhGKb8fGFszet A+sQ== X-Gm-Message-State: AMke39lHtoYJT3i4PmCLBKT0XhyOmFxJDoAMUj7thBVkt9QPzUg9Omg9EJQs7oFmvab1DQ== X-Received: by 10.36.91.67 with SMTP id g64mr15943269itb.20.1488842857086; Mon, 06 Mar 2017 15:27:37 -0800 (PST) From: Brijesh Singh X-Google-Original-From: Brijesh Singh To: jordan.l.justen@intel.com, edk2-devel@ml01.01.org, lersek@redhat.com Date: Mon, 06 Mar 2017 18:27:35 -0500 Message-ID: <148884285589.29188.3336162059588227554.stgit@brijesh-build-machine> In-Reply-To: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> References: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Subject: [edk2] [RFC PATCH v1 1/5] OvmfPkg/ResetVector: Set memory encryption when SEV is active X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, brijesh.sing@amd.com Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. The C-bit (encryption attribute) in PTE indicates whether the page is private or shared. If SEV is active, set the memory encryption attribute while building the page table. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh --- OvmfPkg/ResetVector/Ia32/PageTables64.asm | 52 +++++++++++++++++++++++++= ++++ 1 file changed, 52 insertions(+) diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto= r/Ia32/PageTables64.asm index 6201cad..eaf9732 100644 --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm @@ -26,6 +26,7 @@ BITS 32 %define PAGE_GLOBAL 0x0100 %define PAGE_2M_MBO 0x080 %define PAGE_2M_PAT 0x01000 +%define KVM_FEATURE_SEV 0x08 =20 %define PAGE_2M_PDE_ATTR (PAGE_2M_MBO + \ PAGE_ACCESSED + \ @@ -37,6 +38,33 @@ BITS 32 PAGE_READ_WRITE + \ PAGE_PRESENT) =20 +; Check if Secure Encrypted Virtualization (SEV) feature +; is enabled in KVM +; +; If SEV is enabled, then EAX will contain Memory encryption bit position +; +CheckKVMSEVFeature: + ; Check for SEV feature + ; CPUID KVM_FEATURE - Bit 8 + mov eax, 0x40000001 + cpuid + bt eax, KVM_FEATURE_SEV + jnc NoSev + + ; Get memory encryption information + ; CPUID Fn8000_001F[EBX] - Bits 5:0 + ; + mov eax, 0x8000001f + cpuid + mov eax, ebx + and eax, 0x3f + jmp SevExit + +NoSev: + xor eax, eax + +SevExit: + OneTimeCallRet CheckKVMSEVFeature =20 ; ; Modified: EAX, ECX @@ -60,18 +88,41 @@ clearPageTablesMemoryLoop: mov dword[ecx * 4 + PT_ADDR (0) - 4], eax loop clearPageTablesMemoryLoop =20 + ; Check if it SEV-enabled Guest + ; + OneTimeCall CheckKVMSEVFeature + xor edx, edx + test eax, eax + jz SevNotActive + + ; If SEV is enabled, Memory encryption bit is always above 31 + mov ebx, 32 + sub ebx, eax + bts edx, eax + +SevNotActive: + + ; ; ; Top level Page Directory Pointers (1 * 512GB entry) ; + ; edx contain the memory encryption bit mask, must be applied + ; to upper 31 bit on 64-bit address + ; mov dword[PT_ADDR (0)], PT_ADDR (0x1000) + PAGE_PDP_ATTR + mov dword[PT_ADDR (4)], edx =20 ; ; Next level Page Directory Pointers (4 * 1GB entries =3D> 4GB) ; mov dword[PT_ADDR (0x1000)], PT_ADDR (0x2000) + PAGE_PDP_ATTR + mov dword[PT_ADDR (0x1004)], edx mov dword[PT_ADDR (0x1008)], PT_ADDR (0x3000) + PAGE_PDP_ATTR + mov dword[PT_ADDR (0x100C)], edx mov dword[PT_ADDR (0x1010)], PT_ADDR (0x4000) + PAGE_PDP_ATTR + mov dword[PT_ADDR (0x1004)], edx mov dword[PT_ADDR (0x1018)], PT_ADDR (0x5000) + PAGE_PDP_ATTR + mov dword[PT_ADDR (0x100C)], edx =20 ; ; Page Table Entries (2048 * 2MB entries =3D> 4GB) @@ -83,6 +134,7 @@ pageTableEntriesLoop: shl eax, 21 add eax, PAGE_2M_PDE_ATTR mov [ecx * 8 + PT_ADDR (0x2000 - 8)], eax + mov [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx loop pageTableEntriesLoop =20 ; _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 29 04:42:50 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1488842866884433.04790793999507; Mon, 6 Mar 2017 15:27:46 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id B849B8033B; Mon, 6 Mar 2017 15:27:45 -0800 (PST) Received: from mail-io0-x243.google.com (mail-io0-x243.google.com [IPv6:2607:f8b0:4001:c06::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7B04B80333 for ; Mon, 6 Mar 2017 15:27:44 -0800 (PST) Received: by mail-io0-x243.google.com with SMTP id 68so16643991ioh.3 for ; Mon, 06 Mar 2017 15:27:44 -0800 (PST) Received: from [127.0.1.1] ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id 202sm5574641ity.8.2017.03.06.15.27.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 15:27:43 -0800 (PST) X-Original-To: edk2-devel@ml01.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=a4Wm86WAtg1QnSz9egSilCHicN4QAOAGtsWmEb9fCPo=; b=rQJWDtO91SElEVFfSXKtHbA598a4O2kfk8Tv/jOFTG8XLTPPmjQVnAVgjERnwB3GxN brvtf92LFqEGhYuId4TghZupmOX2IUL9xGCgfAa31VB65uRwvWH1166jncFDkt030vKv wHaLXmie/L1kTTkezjmuJpRFLHHVltROpjsWsufcC1p0w+91XM3S1B8kf51pvTczkzPx 4sNqqL3VzFDVAWaU8tGGAXSJLZoMMAN53QwvjhYob3FE/m1wT86vus3x475spv0UvsbQ 9yLmFqIfc7yrF9sKkW1TmtcO1AJ/hBmvI9GXvCMew3IwYDVEj1LQOT7zGG2s1fwYC3IL pwBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=a4Wm86WAtg1QnSz9egSilCHicN4QAOAGtsWmEb9fCPo=; b=mHoE3RJXEXD3o8+k+hVd+vab//jJdk94NiLX2qf9nH8u91FwkqRjW1qO2OuBZKkQ2N og7PiDEP0cRkF2T1Z0HF/VmlCUKSBe1aZUj0uvaOG7B/MYpNHAle5zfWsWz3VrUl7482 IJbaxG10zt77mtFmP5sF0zYp5ebs+lZL3OyWMj8UpxWk1LoPgxgYQ3KL5WO93qK/+mrr 2cKnpeoLIhqtVZOg1w6NS4swm8ZBZFfzEhEDG3WuQlvJLWBJa80I6s/xJ4C5tA3ngSCB ur13LErYzKGjHUtJ+ei39/Qfkf4GnvzUU85bJLkWwdYPJkr1Br3O/rzfNo8gFgN/Kc+o iHaQ== X-Gm-Message-State: AMke39lGJPlnJndCsonbjZiG9TCaGjcYib3GYI3UcoMt7+sGFa83wA/Mb6U5X8XW0Ew2YQ== X-Received: by 10.107.166.207 with SMTP id p198mr17263224ioe.15.1488842863778; Mon, 06 Mar 2017 15:27:43 -0800 (PST) From: Brijesh Singh X-Google-Original-From: Brijesh Singh To: jordan.l.justen@intel.com, edk2-devel@ml01.01.org, lersek@redhat.com Date: Mon, 06 Mar 2017 18:27:42 -0500 Message-ID: <148884286215.29188.1084675072356724555.stgit@brijesh-build-machine> In-Reply-To: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> References: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Subject: [edk2] [RFC PATCH v1 2/5] OvmfPkg/MemcryptSevLib: Add SEV helper library X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, brijesh.sing@amd.com Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" The library contain common helper routines for SEV feature. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh --- OvmfPkg/Include/Library/MemcryptSevLib.h | 42 +++++++++++++ OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.c | 66 +++++++++++++++++= ++++ OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf | 44 ++++++++++++++ OvmfPkg/OvmfPkgIa32X64.dsc | 4 + OvmfPkg/OvmfPkgX64.dsc | 4 + 5 files changed, 160 insertions(+) create mode 100644 OvmfPkg/Include/Library/MemcryptSevLib.h create mode 100644 OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.c create mode 100644 OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf diff --git a/OvmfPkg/Include/Library/MemcryptSevLib.h b/OvmfPkg/Include/Lib= rary/MemcryptSevLib.h new file mode 100644 index 0000000..89f9c86 --- /dev/null +++ b/OvmfPkg/Include/Library/MemcryptSevLib.h @@ -0,0 +1,42 @@ +/** @file + Copyright (C) 2017 Advanced Micro Devices. + + This program and the accompanying materials are licensed and made availa= ble + under the terms and conditions of the BSD License which accompanies this + distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WI= THOUT + WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +**/ + +#ifndef __MEMCRYPT_SEV_LIB_H__ +#define __MEMCRYPT_SEV_LIB_H__ + +#include +#include + +/** +=20 + Initialize SEV memory encryption + +**/ + +RETURN_STATUS +EFIAPI +MemcryptSevInitialize ( + VOID + ); + +/** +=20 + Return TRUE when SEV is active otherwise FALSE + + **/ +BOOLEAN +EFIAPI +SevActive ( + VOID + ); + +#endif diff --git a/OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.c b/OvmfPkg/Libr= ary/MemcryptSevLib/MemcryptSevLib.c new file mode 100644 index 0000000..2d60b75 --- /dev/null +++ b/OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.c @@ -0,0 +1,66 @@ +/** @file + + Copyright (c) 2017, AMD Incorporated. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BS= D License + which accompanies this distribution. The full text of the license may b= e found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ + +#include "Uefi.h" +#include +#include +#include +#include + +#define KVM_FEATURE_MEMORY_ENCRYPTION 0x100 + +RETURN_STATUS +EFIAPI +MemcryptSevInitialize ( + VOID + ) +{ + UINT32 EBX; + UINT64 MeMask =3D 0; + + if (SevActive ()) { + // CPUID Fn8000_001f[EBX] - Bit 5:0 (memory encryption bit position) + AsmCpuid(0x8000001f, NULL, &EBX, NULL, NULL); + MeMask =3D (1ULL << (EBX & 0x3f)); + DEBUG ((DEBUG_INFO, "KVM Secure Encrypted Virtualization (SEV) is ena= bled\n")); + DEBUG ((DEBUG_INFO, "MemEncryptionMask 0x%lx\n", MeMask)); + } + + PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, MeMask); + + return RETURN_SUCCESS; +} + +BOOLEAN +EFIAPI +SevActive ( + VOID + ) +{ + UINT32 KVMFeatures, EAX; + + // Check if KVM memory encyption feature is set + AsmCpuid(0x40000001, &KVMFeatures, NULL, NULL, NULL); + if (KVMFeatures & KVM_FEATURE_MEMORY_ENCRYPTION) { + + // Check whether SEV is enabled + // CPUID Fn8000_001f[EAX] - Bit 0 (SEV is enabled) + AsmCpuid(0x8000001f, &EAX, NULL, NULL, NULL); + + return TRUE; + } + + return FALSE; +} + diff --git a/OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf b/OvmfPkg/Li= brary/MemcryptSevLib/MemcryptSevLib.inf new file mode 100644 index 0000000..8e8d7e0 --- /dev/null +++ b/OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf @@ -0,0 +1,44 @@ +## @file +# +# Copyright (c) 2017 Advanced Micro Devices. All rights reserved.
+# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the B= SD License +# which accompanies this distribution. The full text of the license may b= e found at +# http://opensource.org/licenses/bsd-license.php +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +# +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D MemcryptSevLib + FILE_GUID =3D c1594631-3888-4be4-949f-9c630dbc842b + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D MemcryptSevLib + =20 +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + OvmfPkg/OvmfPkg.dec + UefiCpuPkg/UefiCpuPkg.dec + +[Sources] + MemcryptSevLib.c + +[LibraryClasses] + BaseLib + DebugLib + PcdLib + +[Pcd] + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 56f7ff9..a35e1d2 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -129,6 +129,7 @@ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf + MemcryptSevLib|OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf !if $(SMM_REQUIRE) =3D=3D FALSE LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf !endif @@ -509,6 +510,9 @@ gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000 =20 + # Set memory encryption mask + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index d0b0b0e..5d853d6 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -129,6 +129,7 @@ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLib.inf VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf + MemcryptSevLib|OvmfPkg/Library/MemcryptSevLib/MemcryptSevLib.inf !if $(SMM_REQUIRE) =3D=3D FALSE LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf !endif @@ -508,6 +509,9 @@ gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000 =20 + # Set memory encryption mask + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 29 04:42:50 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1488842873249811.0395094819582; Mon, 6 Mar 2017 15:27:53 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id ED5128033F; Mon, 6 Mar 2017 15:27:51 -0800 (PST) Received: from mail-io0-x244.google.com (mail-io0-x244.google.com [IPv6:2607:f8b0:4001:c06::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8E64A80333 for ; Mon, 6 Mar 2017 15:27:50 -0800 (PST) Received: by mail-io0-x244.google.com with SMTP id f103so15432289ioi.2 for ; Mon, 06 Mar 2017 15:27:50 -0800 (PST) Received: from [127.0.1.1] ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id e62sm9321051ioj.2.2017.03.06.15.27.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 15:27:49 -0800 (PST) X-Original-To: edk2-devel@ml01.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=tlS8fw5TquSyOeUZkRHB8PQ7cE3D8x7UcEpHVQBAe8Q=; b=J0jc1quDgEErkxLa3AsrXTqB5mjzhkZonJyW/8NVlb3Lrim+QJX/rIledu993QOHbL v24zwsxRdryiHOOHHtYGYSgFvYI5c84muPvTSDeZABpwe+USTi4eKDMOCMOzCBs+ZmXO UPHHkLE3AwzZbGvPwlQ2nVv9QYYI2BDM+w4lPKh5vQHnzUmRXzjEjfto+TVEvVTy5NS5 MXQDKdEQzPA1sf3b4HMHHeKIX3uu4eN8vtL5DP3qiJ0YOcKshzjomdzlbW0s1fjx4/CM fgdyc2tc9BYpz85kGVKg8NpFERW78d+kcMpBGF7Guhb56gnm8NMQhXDyLdcOIAtaMFgW U4DA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=tlS8fw5TquSyOeUZkRHB8PQ7cE3D8x7UcEpHVQBAe8Q=; b=DzIZM2yz1HOzyAa2cm7lbuslpNk8IV7F5ybOQM5YNnv9wWKghVSW/0wulJ4E7RUuJ8 Yn0kK2e2qcftWuP+ILABOJoEKKOsbWT2DK8Qp5syKoCcnyztiX/bMwDm8P23gGtwU1lb +as1LEtrCesrOLnMD1fL50hYtaCzISXFVICzyDvnAkZlJhUgl7bI2nh7XGoTpLO5XmCY O0KbvdfvsbnjHpBqUywezgfr+1AzFnbI7r3+jBbuhB01w3aucZtMl1GfwPBOvaMZiQQ/ OtSopNXBrQIfHa5l4D3fO3CUOSPJOiKYtnFgbkHHBmQTfMRjqd4lAm/v6in8ItDDoOZD ZWNg== X-Gm-Message-State: AMke39m2JOYX22OFtfu2mN4NL5BE8s/laQdjO0549DSYlkaUBrI3n2+ZbqaJzJR/87BhOQ== X-Received: by 10.107.2.201 with SMTP id 192mr4568194ioc.81.1488842869908; Mon, 06 Mar 2017 15:27:49 -0800 (PST) From: Brijesh Singh X-Google-Original-From: Brijesh Singh To: jordan.l.justen@intel.com, edk2-devel@ml01.01.org, lersek@redhat.com Date: Mon, 06 Mar 2017 18:27:48 -0500 Message-ID: <148884286883.29188.10103467162152106751.stgit@brijesh-build-machine> In-Reply-To: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> References: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Subject: [edk2] [RFC PATCH v1 3/5] OvmfPkg/PlatformPei: Initialize SEV support X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, brijesh.sing@amd.com Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Initialize Secure Encrypted Virtualization (SEV) support. Signed-off-by: Brijesh Singh --- OvmfPkg/PlatformPei/Platform.c | 6 ++++++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + 2 files changed, 7 insertions(+) diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c index 0be8672..a948037 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -669,5 +670,10 @@ InitializePlatform ( MiscInitialization (); InstallFeatureControlCallback (); =20 + // + // Initialize SEV support + // + MemcryptSevInitialize (); + return EFI_SUCCESS; } diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index fbaed31..f85b208 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -60,6 +60,7 @@ QemuFwCfgLib MtrrLib PcdLib + MemcryptSevLib =20 [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 29 04:42:50 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1488842880343194.68124839487996; Mon, 6 Mar 2017 15:28:00 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 2D4D78033D; Mon, 6 Mar 2017 15:27:59 -0800 (PST) Received: from mail-io0-x244.google.com (mail-io0-x244.google.com [IPv6:2607:f8b0:4001:c06::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 20A1280333 for ; Mon, 6 Mar 2017 15:27:57 -0800 (PST) Received: by mail-io0-x244.google.com with SMTP id n76so20043586ioe.1 for ; Mon, 06 Mar 2017 15:27:57 -0800 (PST) Received: from [127.0.1.1] ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id u206sm5562016itc.24.2017.03.06.15.27.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 15:27:56 -0800 (PST) X-Original-To: edk2-devel@ml01.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=gzcpR/Pe0rTnJkKPcU8knyV85S3fK3F8FXQQAWCYMYk=; b=L7tdukJnIckH2WcoNJkeCtyQfzt+ldTGq+SvaVvDIhrlIqoCCM3zEdwjN9QajZ6RRC 5iDf/fs6ePaHLkTxEM632YpWj5cJ0dOTIu/tzAhm8c/50DWVIu0J2hN6D+IoEh82Ajei rBWwDxvAhYTPrZ2c9AAimreO+dRuTCtML1DPmfh2PHQk/mfV00hFx83oY9poZspYczB9 eEGlmp3P3DNkZDdW4ts7K4o+RZ6QkT7iz1uFrEFQxCYb3cb2DNBU5Wutg/x76WsACb7m TCd4TQMuyRE7oXeNus4m9Vm2QA7xhYwlObCjGhO8oR77T7/BPBGcG8GmxjdhwcEqH3Hj Ttcw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=gzcpR/Pe0rTnJkKPcU8knyV85S3fK3F8FXQQAWCYMYk=; b=deE0sk6MD8o/mVz4CKNztWB8auVnAUY3zDZBfqgIRhJp0GH9KW4192LAcxyfu0j4qS vKcCGGfEBNYLQhBVctQsmj/wSaBpg7zgCnDj20Roa7q+8+j2/z8DYp29WXrQ7LGx1TXS BVbftXBWZ7MCuVPZNkBXHfHQ1Pkk8vv1kr+1U/cUnARlZ6IQBo23exOOcuwMcpw4re/R HuFlqoUJsA6QljHRQveZeT9F+pv8stNgxOSlff9k0rM6/7r8xgCsFq/yUofTrEJ/m9Jl aAgTsR78KNgJCqdn3Q2AxfSwmrbuBGQZTBHzWd3SYtu7QRo0q++aQBNLN1gT9AO4iy99 XMCg== X-Gm-Message-State: AMke39nKBZzCxsOSc8HQj7PRaKA1FgIN2et4eKxtVq1L3gbpy25afxbYytV8dlLfqgleow== X-Received: by 10.107.27.204 with SMTP id b195mr3699408iob.26.1488842876461; Mon, 06 Mar 2017 15:27:56 -0800 (PST) From: Brijesh Singh X-Google-Original-From: Brijesh Singh To: jordan.l.justen@intel.com, edk2-devel@ml01.01.org, lersek@redhat.com Date: Mon, 06 Mar 2017 18:27:55 -0500 Message-ID: <148884287496.29188.5155874233993236979.stgit@brijesh-build-machine> In-Reply-To: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> References: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Subject: [edk2] [RFC PATCH v1 4/5] OvmfPkg/BaseIoLibIntrinsic: import BaseIoLibIntrinsic package X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, brijesh.sing@amd.com Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Imports IoLib into OvmfPkg to make the changes to support SEV guest. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh --- .../BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf | 0=20 .../BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni | 0=20 .../BaseIoLibIntrinsicInternal.h | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm | 0=20 .../Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoHighLevel.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLib.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibArm.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibEbc.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibGcc.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIcc.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIpf.c | 0=20 .../Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/IoLibMsc.c | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm | 0=20 OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm | 0=20 OvmfPkg/OvmfPkgIa32X64.dsc | 2 +- OvmfPkg/OvmfPkgX64.dsc | 2 +- 18 files changed, 2 insertions(+), 2 deletions(-) copy MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf =3D> OvmfPkg= /Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf (100%) copy MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni =3D> OvmfPkg= /Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni (100%) copy MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h =3D> O= vmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h (100%) copy MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm =3D> OvmfPkg/Librar= y/BaseIoLibIntrinsic/Ia32/IoFifo.asm (100%) copy MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm =3D> OvmfPkg/Libra= ry/BaseIoLibIntrinsic/Ia32/IoFifo.nasm (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoHighLevel.c =3D> OvmfPkg/Library/= BaseIoLibIntrinsic/IoHighLevel.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLib.c =3D> OvmfPkg/Library/BaseIo= LibIntrinsic/IoLib.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibArm.c =3D> OvmfPkg/Library/Bas= eIoLibIntrinsic/IoLibArm.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibEbc.c =3D> OvmfPkg/Library/Bas= eIoLibIntrinsic/IoLibEbc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c =3D> OvmfPkg/Library/Bas= eIoLibIntrinsic/IoLibGcc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibIcc.c =3D> OvmfPkg/Library/Bas= eIoLibIntrinsic/IoLibIcc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibIpf.c =3D> OvmfPkg/Library/Bas= eIoLibIntrinsic/IoLibIpf.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c =3D> OvmfPkg/Libr= ary/BaseIoLibIntrinsic/IoLibMmioBuffer.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c =3D> OvmfPkg/Library/Bas= eIoLibIntrinsic/IoLibMsc.c (100%) copy MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm =3D> OvmfPkg/Library= /BaseIoLibIntrinsic/X64/IoFifo.asm (100%) copy MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm =3D> OvmfPkg/Librar= y/BaseIoLibIntrinsic/X64/IoFifo.nasm (100%) diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf b/Ovm= fPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf copy to OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni b/Ovm= fPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni copy to OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.uni diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h= b/OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h copy to OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicInternal.h diff --git a/MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm b/OvmfPkg/Li= brary/BaseIoLibIntrinsic/Ia32/IoFifo.asm similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm copy to OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.asm diff --git a/MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm b/OvmfPkg/L= ibrary/BaseIoLibIntrinsic/Ia32/IoFifo.nasm similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm copy to OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoHighLevel.c b/OvmfPkg/Libr= ary/BaseIoLibIntrinsic/IoHighLevel.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoHighLevel.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoHighLevel.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLib.c b/OvmfPkg/Library/Ba= seIoLibIntrinsic/IoLib.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLib.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLib.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibArm.c b/OvmfPkg/Library= /BaseIoLibIntrinsic/IoLibArm.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibArm.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibArm.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibEbc.c b/OvmfPkg/Library= /BaseIoLibIntrinsic/IoLibEbc.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibEbc.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibEbc.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c b/OvmfPkg/Library= /BaseIoLibIntrinsic/IoLibGcc.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibGcc.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibIcc.c b/OvmfPkg/Library= /BaseIoLibIntrinsic/IoLibIcc.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibIcc.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIcc.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibIpf.c b/OvmfPkg/Library= /BaseIoLibIntrinsic/IoLibIpf.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibIpf.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibIpf.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c b/OvmfPkg/= Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibMmioBuffer.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c b/OvmfPkg/Library= /BaseIoLibIntrinsic/IoLibMsc.c similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c copy to OvmfPkg/Library/BaseIoLibIntrinsic/IoLibMsc.c diff --git a/MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm b/OvmfPkg/Lib= rary/BaseIoLibIntrinsic/X64/IoFifo.asm similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm copy to OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.asm diff --git a/MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm b/OvmfPkg/Li= brary/BaseIoLibIntrinsic/X64/IoFifo.nasm similarity index 100% copy from MdePkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm copy to OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index a35e1d2..fd89518 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -106,7 +106,7 @@ PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.i= nf - IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf + IoLib|OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHo= okStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 5d853d6..ce77170 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -106,7 +106,7 @@ PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.i= nf - IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf + IoLib|OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHo= okStatusCodeLibNull.inf SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel From nobody Fri Nov 29 04:42:50 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1488842886561288.08793519577625; Mon, 6 Mar 2017 15:28:06 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 66C2E80345; Mon, 6 Mar 2017 15:28:05 -0800 (PST) Received: from mail-io0-x244.google.com (mail-io0-x244.google.com [IPv6:2607:f8b0:4001:c06::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C368A80333 for ; Mon, 6 Mar 2017 15:28:03 -0800 (PST) Received: by mail-io0-x244.google.com with SMTP id 68so16644648ioh.3 for ; Mon, 06 Mar 2017 15:28:03 -0800 (PST) Received: from [127.0.1.1] ([165.204.77.1]) by smtp.gmail.com with ESMTPSA id m100sm9312360iod.14.2017.03.06.15.28.02 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 06 Mar 2017 15:28:02 -0800 (PST) X-Original-To: edk2-devel@ml01.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:cc:date:message-id:in-reply-to:references :user-agent:mime-version:content-transfer-encoding; bh=SPQoecMTSpChdIsF5O08iquitMohyn8beY72Fk1INzQ=; b=FqEyAsjqL3a51sWTbfThYfzQVR8fNzL0WYaaNJNNzQQP2m4EGNViTwOqseq+NmW7Ij SIkmtYa0BAaYhxquSKOe93b6ZYeNEhzlycLjCaG9HsqfPZSlu8sRrS9UtjEYSfAphMIg ujmrHPNF0BxlkiIJoxzstBZ3xCFRa2MYztNC1lwN4WlopEcwTIFZq4YxWmVlhzdJO7iY wV4icgyu7yYjr8Q4UyQ0i8ZGyQ+u2kVl8f5gJOf+ygVSU+mL0DODDf709J3danys1dRA T9ag/Er4XHrK9Y5l8dex2uhjrtoaAFaFC0hLBHTFSRe0IarU1MhMxFYfFf/Nx7sIQxUj ohXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:cc:date:message-id:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=SPQoecMTSpChdIsF5O08iquitMohyn8beY72Fk1INzQ=; b=apEiTfuj99V0+O2/63+ZDlovPI23K4G4rFuQVhFJOQl0nfiw7PJFJUuwJD5gvm+us6 CwF4lfYs6QW0xL4/W19LFcyhSPqPGv39frUl5ujgEYMlZsIM+CQfhldsu3aXf0sjwVXW xalder4Mh9/aYFqnzCy/YZqkXOC0A+jC91KH2M2QzLK86jZO3shgwainojpAl+8e0eYw l2BNNQo4bR1J1kPxTlt00w5qHqSDHUlt4CPVAo9GMLBf+4Z0GAiDUt/S/UkQm3LSM25J aR5hdHo001uCL6sSvyFl8/TGSNFqsb+K4EO+KHqiy98qQZ6QpwZ/X2eYh1TRfb1Bnctx U3NQ== X-Gm-Message-State: AMke39nqLgqzNZqPlry6uu9A7v8tkxdU+nxzKYtG5M5M7+g3jSAEZaGuGIIZRdFbl4W5Ug== X-Received: by 10.107.166.207 with SMTP id p198mr17264404ioe.15.1488842883040; Mon, 06 Mar 2017 15:28:03 -0800 (PST) From: Brijesh Singh X-Google-Original-From: Brijesh Singh To: jordan.l.justen@intel.com, edk2-devel@ml01.01.org, lersek@redhat.com Date: Mon, 06 Mar 2017 18:28:01 -0500 Message-ID: <148884288152.29188.17347075963122121328.stgit@brijesh-build-machine> In-Reply-To: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> References: <148884284887.29188.7643544710695103939.stgit@brijesh-build-machine> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Subject: [edk2] [RFC PATCH v1 5/5] OvmfPkg/BaseIoLibIntrinsic: Unroll String I/O when SEV is active X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, brijesh.sing@amd.com Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Secure Encrypted Virtualization (SEV) does not support string I/O, so unroll the string I/O operation into a loop operating on one element at a time. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh --- .../BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf | 3=20 .../Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm | 19 +++ .../Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm | 141 ++++++++++++++++= ++++ OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm | 19 +++ .../Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm | 143 ++++++++++++++++= ++++ 5 files changed, 324 insertions(+), 1 deletion(-) create mode 100644 OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm create mode 100644 OvmfPkg/Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm diff --git a/OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf b/Ov= mfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf index 8844b1c..e7eeb59 100644 --- a/OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf +++ b/OvmfPkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf @@ -28,7 +28,6 @@ VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D IoLib=20 =20 - # # VALID_ARCHITECTURES =3D IA32 X64 EBC IPF ARM AARCH64 # @@ -45,6 +44,7 @@ IoLib.c Ia32/IoFifo.nasm Ia32/IoFifo.asm + Ia32/SevIoFifo.nasm =20 [Sources.X64] IoLibGcc.c | GCC @@ -53,6 +53,7 @@ IoLib.c X64/IoFifo.nasm X64/IoFifo.asm + X64/SevIoFifo.nasm =20 [Sources.EBC] IoLibEbc.c diff --git a/OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm b/OvmfPkg/= Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm index bcaa743..fb585e6 100644 --- a/OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm +++ b/OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/IoFifo.nasm @@ -13,6 +13,10 @@ ; ;-------------------------------------------------------------------------= ----- =20 + EXTERN ASM_PFX(SevIoReadFifo8) + EXTERN ASM_PFX(SevIoReadFifo16) + EXTERN ASM_PFX(SevIoReadFifo32) + SECTION .text =20 ;-------------------------------------------------------------------------= ----- @@ -31,7 +35,12 @@ ASM_PFX(IoReadFifo8): mov dx, [esp + 8] mov ecx, [esp + 12] mov edi, [esp + 16] + call SevIoReadFifo8 + cmp ecx, 0 + jz IoReadFifo8Exit rep insb + +IoReadFifo8Exit: pop edi ret =20 @@ -51,7 +60,12 @@ ASM_PFX(IoReadFifo16): mov dx, [esp + 8] mov ecx, [esp + 12] mov edi, [esp + 16] + call SevIoReadFifo16 + cmp ecx, 0 + jz IoReadFifo16Exit rep insw + +IoReadFifo16Exit: pop edi ret =20 @@ -71,7 +85,12 @@ ASM_PFX(IoReadFifo32): mov dx, [esp + 8] mov ecx, [esp + 12] mov edi, [esp + 16] + call SevIoReadFifo32 + cmp ecx, 0 + jz IoReadFifo32Exit rep insd + +IoReadFifo32Exit: pop edi ret =20 diff --git a/OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm b/OvmfP= kg/Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm new file mode 100644 index 0000000..ac6bee3 --- /dev/null +++ b/OvmfPkg/Library/BaseIoLibIntrinsic/Ia32/SevIoFifo.nasm @@ -0,0 +1,141 @@ +;-------------------------------------------------------------------------= ----- +; +; Copyright (c) 2017, AMD Incorporated. All rights reserved.
+; +; This program and the accompanying materials are licensed and made availa= ble +; under the terms and conditions of the BSD License which accompanies this +; distribution. The full text of the license may be found at +; http://opensource.org/licenses/bsd-license.php. +; +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +; +;-------------------------------------------------------------------------= ----- + +%define KVM_FEATURE_SEV 8 + + SECTION .data +SevCheckedOnce db 0 +SevStatus db 0 + + SECTION .text + +;-------------------------------------------------------------------------= ----- +; Check if Secure Encrypted Virtualization (SEV) feature +; is enabled in KVM +; +; Return // eax (1 - active, 0 - not active) +;-------------------------------------------------------------------------= ----- +global ASM_PFX(CheckSevFeature) +ASM_PFX(CheckSevFeature): + ; Check CPUID once, if its already checked then return SevStatus + mov eax, 1 + cmp [SevCheckedOnce], eax + jz SevFeatureCheckExit + + ; Start the SEV feature check + mov [SevCheckedOnce], eax + + ; CPUID clobbers ebx, ecx and edx + push ebx + push ecx + push edx + + mov eax, 0x40000001 + cpuid + + bt eax, KVM_FEATURE_SEV + jnc SevCheckExit + + ; Check for memory encryption feature: + ; CPUID Fn8000_001F[EAX] - Bit 0 + ; + mov eax, 0x8000001f + cpuid + bt eax, 0 + jnc SevCheckExit + mov eax, 1 + mov [SevStatus], eax + +SevCheckExit: + pop edx + pop ecx + pop ebx + +SevFeatureCheckExit: + mov eax, [SevStatus] + ret + +;-------------------------------------------------------------------------= ----- +; unroll 'rep ins' String I/O instructions when SEV is active +; nothing +; +; Port // dx +; Size // ecx +; Buffer // rdi +; +;-------------------------------------------------------------------------= ----- +global ASM_PFX(SevIoReadFifo8) +ASM_PFX(SevIoReadFifo8): + call CheckSevFeature + cmp eax, 1 + jnz ReadFifo8Exit +ReadFifo8Loop: + cmp ecx, 0 + jz ReadFifo8Exit + in al, dx + mov [edi], al + dec ecx + inc edi + jmp ReadFifo8Loop +ReadFifo8Exit: + ret + +;-------------------------------------------------------------------------= ----- +; unroll 'rep insw' String I/O instructions when SEV is active +; +; Port // dx +; Size // ecx +; Buffer // rdi +; +;-------------------------------------------------------------------------= ----- +global ASM_PFX(SevIoReadFifo16) +ASM_PFX(SevIoReadFifo16): + call CheckSevFeature + cmp eax, 1 + jnz ReadFifo16Exit +ReadFifo16Loop: + cmp ecx, 0 + jz ReadFifo16Exit + in ax, dx + mov [edi], ax + dec ecx + add edi, 2 + jmp ReadFifo16Loop +ReadFifo16Exit: + ret + +;-------------------------------------------------------------------------= ----- +; unroll 'rep insl' String I/O instructions when SEV is active +; +; Port // dx +; Size // ecx +; Buffer // rdi +; +;-------------------------------------------------------------------------= ----- +global ASM_PFX(SevIoReadFifo32) +ASM_PFX(SevIoReadFifo32): + call CheckSevFeature + cmp eax, 1 + jnz ReadFifo32Exit +ReadFifo32Loop: + cmp ecx, 0 + jz ReadFifo32Exit + in eax, dx + mov [edi], eax + dec ecx + add edi, 4 + jmp ReadFifo32Loop +ReadFifo32Exit: + ret + diff --git a/OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm b/OvmfPkg/L= ibrary/BaseIoLibIntrinsic/X64/IoFifo.nasm index 7bd72d0..71fbe62 100644 --- a/OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm +++ b/OvmfPkg/Library/BaseIoLibIntrinsic/X64/IoFifo.nasm @@ -13,6 +13,10 @@ ; ;-------------------------------------------------------------------------= ----- =20 + EXTERN ASM_PFX(SevIoReadFifo8) + EXTERN ASM_PFX(SevIoReadFifo16) + EXTERN ASM_PFX(SevIoReadFifo32) + DEFAULT REL SECTION .text =20 @@ -30,7 +34,12 @@ ASM_PFX(IoReadFifo8): cld xchg rcx, rdx xchg rdi, r8 ; rdi: buffer address; r8: save rdi + call SevIoReadFifo8 + cmp ecx, 0 + jz IoReadFifo8Exit rep insb + +IoReadFifo8Exit: mov rdi, r8 ; restore rdi ret =20 @@ -48,7 +57,12 @@ ASM_PFX(IoReadFifo16): cld xchg rcx, rdx xchg rdi, r8 ; rdi: buffer address; r8: save rdi + call SevIoReadFifo16 + cmp ecx, 0 + jz IoReadFifo16Exit rep insw + +IoReadFifo16Exit: mov rdi, r8 ; restore rdi ret =20 @@ -66,7 +80,12 @@ ASM_PFX(IoReadFifo32): cld xchg rcx, rdx xchg rdi, r8 ; rdi: buffer address; r8: save rdi + call SevIoReadFifo32 + cmp ecx, 0 + jz IoReadFifo32Exit rep insd + +IoReadFifo32Exit: mov rdi, r8 ; restore rdi ret =20 diff --git a/OvmfPkg/Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm b/OvmfPk= g/Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm new file mode 100644 index 0000000..5e70cb6 --- /dev/null +++ b/OvmfPkg/Library/BaseIoLibIntrinsic/X64/SevIoFifo.nasm @@ -0,0 +1,143 @@ +;-------------------------------------------------------------------------= ----- +; +; Copyright (c) 2017, AMD Incorporated. All rights reserved.
+; +; This program and the accompanying materials are licensed and made availa= ble +; under the terms and conditions of the BSD License which accompanies this +; distribution. The full text of the license may be found at +; http://opensource.org/licenses/bsd-license.php. +; +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +; +;-------------------------------------------------------------------------= ----- + +%define KVM_FEATURE_SEV 8 + + EXTERN ASM_PFX(SevEnabled) + + SECTION .data +SevCheckedOnce db 0 +SevStatus db 0 + + SECTION .text + +;-------------------------------------------------------------------------= ----- +; Check if Secure Encrypted Virtualization (SEV) feature +; is enabled in KVM +; +; Return // eax (1 - active, 0 - not active) +;-------------------------------------------------------------------------= ----- +global ASM_PFX(CheckSevFeature) +ASM_PFX(CheckSevFeature): + ; Check CPUID once, if its already checked then return SevStatus + mov eax, 1 + cmp [SevCheckedOnce], eax + jz SevFeatureCheckExit + + ; Start the SEV feature check + mov [SevCheckedOnce], eax + + ; CPUID clobbers ebx, ecx and edx + push rbx + push rcx + push rdx + + mov eax, 0x40000001 + cpuid + + bt eax, KVM_FEATURE_SEV + jnc SevCheckExit + + ; Check for memory encryption feature: + ; CPUID Fn8000_001F[EAX] - Bit 0 + ; + mov eax, 0x8000001f + cpuid + bt eax, 0 + jnc SevCheckExit + mov eax, 1 + mov [SevStatus], eax + +SevCheckExit: + pop rdx + pop rcx + pop rbx + +SevFeatureCheckExit: + mov eax, [SevStatus] + ret + +;-------------------------------------------------------------------------= ----- +; unroll 'rep ins' String I/O instructions when SEV is active +; nothing +; +; Port // dx +; Size // ecx +; Buffer // rdi +; +;-------------------------------------------------------------------------= ----- +global ASM_PFX(SevIoReadFifo8) +ASM_PFX(SevIoReadFifo8): + call CheckSevFeature + cmp eax, 1 + jnz ReadFifo8Exit +ReadFifo8Loop: + cmp ecx, 0 + jz ReadFifo8Exit + in al, dx + mov [edi], al + dec ecx + inc edi + jmp ReadFifo8Loop +ReadFifo8Exit: + ret + +;-------------------------------------------------------------------------= ----- +; unroll 'rep insw' String I/O instructions when SEV is active +; +; Port // dx +; Size // ecx +; Buffer // rdi +; +;-------------------------------------------------------------------------= ----- +global ASM_PFX(SevIoReadFifo16) +ASM_PFX(SevIoReadFifo16): + call CheckSevFeature + cmp eax, 1 + jnz ReadFifo16Exit +ReadFifo16Loop: + cmp ecx, 0 + jz ReadFifo16Exit + in ax, dx + mov [edi], ax + dec ecx + add edi, 2 + jmp ReadFifo16Loop +ReadFifo16Exit: + ret + +;-------------------------------------------------------------------------= ----- +; unroll 'rep insl' String I/O instructions when SEV is active +; +; Port // dx +; Size // ecx +; Buffer // rdi +; +;-------------------------------------------------------------------------= ----- +global ASM_PFX(SevIoReadFifo32) +ASM_PFX(SevIoReadFifo32): + call CheckSevFeature + cmp eax, 1 + jnz ReadFifo32Exit +ReadFifo32Loop: + cmp ecx, 0 + jz ReadFifo32Exit + in eax, dx + mov [edi], eax + dec ecx + add edi, 4 + jmp ReadFifo32Loop +ReadFifo32Exit: + ret + _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel