From nobody Mon Nov 25 13:21:56 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+69862+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+69862+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one); dmarc=fail(p=none dis=none) header.from=amd.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1609968170383112.95510244637114; Wed, 6 Jan 2021 13:22:50 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id PpW2YY1788612xr6r9aqgXgB; Wed, 06 Jan 2021 13:22:50 -0800 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.49]) by mx.groups.io with SMTP id smtpd.web09.451.1609968169509812234 for ; Wed, 06 Jan 2021 13:22:49 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QR8jqMO3YDiwIc1vaDHHQC3ZReetAZNv7nZZ1ftEgNqIYMKGbBB8bTCdFkh6ZWQJTpAAxcZ8GXCFdb7t53rIRMCryoJGhdYqvBaAJoQICwy/925Ce3g1S6eWNDVNh1UzpQof90L4HL/v+YfsSnOrQlO03ClpCWJ2VWHwt27nnbkBzRWfQ4rJzE5S0iPA3u1/I1edfmjbWUKKDYftG/52bjxKoXIsRNDoO7Af1ViSUQcqGlS/sgl8MTuYpgd3n0KLhE2PW9yx9mddk5WALS6GS3OzGNYPd2tU2/ck3qpG8GTVR/OIvlz/zfkCvebZLfkvQpx4EAdyKdO1Gy3HL4/X4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Fl5c+WUyti+6Z3EUPP8krTRnKF8JE7UIwuZUxS7tsxY=; b=M0i56wh0iZC1+1UcWEEFZrxlZ3J2vSR0WxkR0X1D9neJZKWFMtgU7JYst1HNB+uDgbQCKG+1FCfnvGasQLh6M4QHTM37eF4M3QmEm1xQE6E5gtF8ok6G7EQkLICfOeNyBaP/fQL/ZAchcVkohCpnO/JCmhIlMCfB3ocmLMjcF80e178Y4LY3jL2IR9nk9X5LVLIjly7KhflyX1XzY6ckIWbz8QdCVxAlfESQIJRePHgycGiZZMZqDAPk6AY1Iu6QFZM8sPVeJvFp4cizoqG6uZFUCp/UJDmnHE/b766k/uDTV3Zee0KPmPJl7zTF0o0tSG3LoCSU6OE/a/eQWDziWQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB3578.namprd12.prod.outlook.com (2603:10b6:5:3c::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3721.24; Wed, 6 Jan 2021 21:22:47 +0000 X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3721.024; Wed, 6 Jan 2021 21:22:47 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , James Bottomley , Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [edk2-devel] [PATCH v2 04/15] OvmfPkg/ResetVector: Perform a simple SEV-ES sanity check Date: Wed, 6 Jan 2021 15:21:30 -0600 Message-ID: <1c6e5ce7612f64fb1e4aea5f642d01572c063850.1609968101.git.thomas.lendacky@amd.com> In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR11CA0059.namprd11.prod.outlook.com (2603:10b6:806:d0::34) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from tlendack-t1.amd.com (165.204.77.1) by SA0PR11CA0059.namprd11.prod.outlook.com (2603:10b6:806:d0::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.6 via Frontend Transport; Wed, 6 Jan 2021 21:22:46 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: b193ce88-47cb-4b2e-cabe-08d8b28936ad X-MS-TrafficTypeDiagnostic: DM6PR12MB3578: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1247; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: 0WmjLRlyAlePsGgwScnz6oAI904X4m5WRnqc4nOYI84gHguFV8NcoU1VqUHy/gbGxKA7FYw4wufo4ZQsw2KBqbBa9grNuCJOsG6Wq1/E/nXH8kdIde4ff0iRETDpjvasxFM5CmHlXFbFOsmd7PUX9RqoO5sLTIUODmWRO+Tyh7oubY1pmLy/q9GF8Ovr/Ue9gPDJxv4hLA7MexkO28WXIDuVbb7jEwAcoy8yu2fV9Je4wBx91yloAN/vnOpEhOnZOguv3jNVpLDLa47L3+md7umu/T/k4JOSafJynK2EeJUh9h0n7RdQ4fyVInoE8MsUEPIevFSG59tTymAK/xM7n32GkSiEi5Cbv2kJm/XdHw4TVW6Ir4UxGIduqPO0H+5Sz+khReJp9wzM+DZM/C4BRG42PKkHG3fFZ1bNUtd8UVUh5qDcUrk03o/B3SBK7WYndM21dJB6QoK1fXr+HNLctg== X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?xBVCivC0AxuTqNtu4FRHulCFTvkQ/+8XBImkH6rG7kWdFdcKePCJlh1ptf8I?= =?us-ascii?Q?hpOszjhHoQnKVPUSFCNNg+dtOqNLKXcbuyJJyB+cg28UsZU+RgVcH7Zp2I3Q?= =?us-ascii?Q?83By3e0OktDctpF5mT5FLaQtmbn1Y1tslK0vljofWlNEf07pnWEo/uvYUEyv?= =?us-ascii?Q?udxHV256oRRld8VYlBjwtOD7LUTUxtagdzRSInYbqjRikDT9BwveBYEmJ/bC?= =?us-ascii?Q?onE+TPcB0qgisVbrSTF30WO8OBlWf8vTedbArsQCJTEYLk4j8dJ6vh3Oa5zl?= =?us-ascii?Q?q3IqvYv8m+rZZuydSYmkxL+tzKDsH2mTCCK+WLxnpBuGtKlTBUFTW0p3ih44?= =?us-ascii?Q?li/vLIZbGnoBTtaP/XPMXa3akKpEHdvNOSktE77TddIQ52aDBhNk91zMKrLb?= =?us-ascii?Q?CC5S5r1/6CMhOJn3VRINnXJ0cX7A3D+PTqr0lXxvDLBWEqrw/qQlrmSY3Cxt?= =?us-ascii?Q?aQ8YNHfEWqeuKL+n8RKG1gcc6q000NFHW04KcLenKINtjroRY5hYggETGn5Q?= =?us-ascii?Q?DvSZ1BpsHCYez5FIJrx4TvHxeiHellpfvwnLLJYG+ZTj5VdfiTBroU7NFIIw?= =?us-ascii?Q?aIqrDcpj/uW4gghQnO6EFwKfiuzavzMTGI/0J9uh0VEODyZNmJWVVwbkV3u+?= =?us-ascii?Q?/2j+dWOcQa5Vl7O+RMkKsi4W0gcuO7UPS8szpViFd2xTNMP9H4up/MHbeFdV?= =?us-ascii?Q?/4EvSZlDqtZlmNTrBJlVsc7frmSg9jmYH4Q0k+x+1tI7T68k8/gDi14yeAin?= =?us-ascii?Q?D+h+6Ch4vAr2e9Gkvhdo7izdjScV4HGaqiwHp6m8Wnm+c18kIHeUCZWL0H4v?= =?us-ascii?Q?ji43KwrHbNTUjkxsgkK8ZVoPF/yWw6JuBOOlOjmITT6sikvGLlxBzpzpB8EG?= =?us-ascii?Q?4Sdb44kjB1NwRruJfEpL1294V2XTXpyVQfqTX7fjMUHTuSIRyZlNO8Lk6Io2?= =?us-ascii?Q?nWy96/BGGFC9bZsoCckMApj9po3B9rk5imn/XQ9YT2jLV7lk58GSm+pzYFov?= =?us-ascii?Q?Mxh+?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jan 2021 21:22:46.9398 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-Network-Message-Id: b193ce88-47cb-4b2e-cabe-08d8b28936ad X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: F6k5S/vhC3NMgS5Q1keoCGWERBw7MiuKuOI5FRjDqgqOsSMD1bL1rKY4UxCVQmT9RF9biFOVvnTYC4uH9+oi3Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3578 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com X-Gm-Message-State: lKic4TNxEez99wafu7cCi8bvx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1609968170; bh=/jEYs7SeNFdLkrNjK8xHr3RkIqEx+oFAyHGSCXRUaw0=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=LjtEUxXj35diL81f/l5Enxcq2++CxQ3IvRF9KoDwYAB3DOBjj70pWh4S7GecplWeXQC LFJmk7O5cDSSoo5YpjlodQ+PHDdDROqHaqIy3S0uthAUU0Q3mORplVam/nIqGRqGE9nWm t23afoAHb3yDn430Gq/0hLuJsQcLBI5X+6E= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3108 If a hypervisor incorrectly reports through CPUID that SEV-ES is not active, ensure that a #VC exception was not taken. If it is found that a #VC was taken, then the code enters a HLT loop. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Brijesh Singh Reviewed-by: Laszlo Ersek Signed-off-by: Tom Lendacky --- OvmfPkg/ResetVector/Ia32/PageTables64.asm | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto= r/Ia32/PageTables64.asm index ccc95ad4715d..a1771dfdec23 100644 --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm @@ -154,6 +154,22 @@ SevEncBitLowHlt: jmp SevEncBitLowHlt =20 NoSev: + ; + ; Perform an SEV-ES sanity check by seeing if a #VC exception occurred. + ; + cmp byte[SEV_ES_WORK_AREA], 0 + jz NoSevPass + + ; + ; A #VC was received, yet CPUID indicates no SEV-ES support, something + ; isn't right. + ; +NoSevEsVcHlt: + cli + hlt + jmp NoSevEsVcHlt + +NoSevPass: xor eax, eax =20 SevExit: --=20 2.30.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#69862): https://edk2.groups.io/g/devel/message/69862 Mute This Topic: https://groups.io/mt/79485050/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-