From nobody Thu Apr 25 19:18:52 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+74642+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+74642+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one);
	dmarc=fail(p=none dis=none)  header.from=amd.com
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1619783553112385.4492698275642;
 Fri, 30 Apr 2021 04:52:33 -0700 (PDT)
Return-Path: <bounce+27952+74642+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id oTTVYY1788612x4SofNha3FL;
 Fri, 30 Apr 2021 04:52:32 -0700
X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com
 (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.81])
 by mx.groups.io with SMTP id smtpd.web10.10087.1619783547085642226
 for <devel@edk2.groups.io>;
 Fri, 30 Apr 2021 04:52:27 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=I0q7Uto/nAIm/GrLv/BH63WrJhI3Xv0G8rTks4dFVENQk327QxFARXPmv3VjY03KYhA2B5H07uTRvuhVnp5a/bhrDtDQ3JWLgciF/cWy1nIUvUjg7vZRJVJmfsiFZr6b7h6gZjElXJFvF16izOXE3Q1/JrIaf/9LrTl5uyYombka+2BnlUaioQmR2slnrShwIJ1xmY629tdvdtU0ErtzZQ3vWvyK5uxSpwZxF78SH+68l8TsJFYOLE9E0rb9docIOXDgd5GZqef5O5fdURVBKWwYrZ8t4v7Dpx6E6q/yaOvKUF98Lt443E5M06aLtH8GeqYUKidgAeAUw3jgUle9/g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=HLUrMCcTgoQVqsHkyx7rlhImlziwHkbOdKVE0QYPO7k=;
 b=B+Wc1b1NQPnUckqeXWd1xKoBvlOsW0atEGr67QGUekfY08DYemYJoFu/01VDAFPIVarNaR+7a1thoULWAsBHuyQEdJlOpEVjbeJqRUfKl83LoUL3JOvW2ej7fCEchHQ0Vyc+bpMS3azmtPouMyODN8CK5f8e3mSFNge0A1+Hk8ABofI89wv/8y+RtxiKmcUjXfx7cfNSlzyZLpYUoaWKjtBKO/tBOR8XrBn5/zAWnAoKgRMRHTbMUHIi/5mIx1tZFxMBOBfoSX34JBQpilTK0uqtbnuTfIf9GZOR/9XEkFQIYB4tJX0niCbr2hA9AzGzMQsxs5oI7UCsFkaX3W2mew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
 by SN6PR12MB2783.namprd12.prod.outlook.com (2603:10b6:805:78::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.25; Fri, 30 Apr
 2021 11:52:25 +0000
X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4065.027; Fri, 30 Apr 2021
 11:52:25 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.singh@amd.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Laszlo Ersek <lersek@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>
Subject: [edk2-devel] [PATCH RFC v2 15/28] OvmfPkg/MemEncryptSevLib: extend
 the workarea to include SNP enabled field
Date: Fri, 30 Apr 2021 06:51:35 -0500
Message-Id: <20210430115148.22267-16-brijesh.singh@amd.com>
In-Reply-To: <20210430115148.22267-1-brijesh.singh@amd.com>
References: <20210430115148.22267-1-brijesh.singh@amd.com>
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: SA0PR12CA0006.namprd12.prod.outlook.com
 (2603:10b6:806:6f::11) To SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-Received: from sbrijesh-desktop.amd.com (165.204.77.1) by
 SA0PR12CA0006.namprd12.prod.outlook.com (2603:10b6:806:6f::11) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.27 via Frontend
 Transport; Fri, 30 Apr 2021 11:52:25 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3153a158-adb2-45d9-f709-08d90bce6c0a
X-MS-TrafficTypeDiagnostic: SN6PR12MB2783:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <SN6PR12MB2783C17CEEF7D749D90B695EE55E9@SN6PR12MB2783.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2043;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 uamJTPhISZ30iKRKgIgRuBR+3q/YvfGyM9JkdUOOlJX+VX8hYQPo36l2K63qJZYLAJ4f1KFTyn1xOdUby2gg5YaV3rlq4slJdtIv/Us8y/ZL1eGgV/on8povZIxxtDCkR4gfu3Y48oPH/YZPSrjw83tkXZhwl/QaTS6nNxeFeHTXQRcMGrkLsjBC1TbOWHu1YX2dZgmkGmza+EDq0X4PLwfMowS8A8a0VbKfUnMKzI9nsqvajsg3iTzzDQ9YBi0c737WGK2LsFzATL8eIr28A+bVbskWv8snhG7JhLJjhGGNLFQ/xe7Q22MR7euIJGUG87+2dzREd10+DurXxZrOEg0L+4O4uGXMUhvVk9umxLiHoWW8mSeLeJRelMmmOxDK1c4PdEWK1TOd3Pz1ivPkGWOpqhIXqRwyNBbAC/eC7xPWKWXoz8v5KvQov0UVsfEnv4c+sx1PLx7ovNFdyRxgX4SQNIwF10rbsXIafT9tfiN4dzxd2ssQMw+s5679RmBTKch/1q9NAuzA3BRRL3MIcNFFTTh1ozsd/93rXff4MEv7W49ULgoKsNSlxBjLaTrejvwmoWW6ouHU4ynFVhhIBETFd7dpkUhGfAa9O557tNv+PCO0RqhdBw39n8okZ5ilDDKaipWFx1VF96LrNfAnF28LNBqyfGghZtTsK3K7ROhwV+yA1ftjubTGpZyUxzFy3wlZImW4E7quyExLiG747mYMGgTveXAVwmy0iUIsKac=
X-MS-Exchange-AntiSpam-MessageData: 
 =?us-ascii?Q?pwoDF6NNoDGmhGo8wxYx/efk69bH16259dbotSNktr3EfEBs/qHaJydGBZFb?=
 =?us-ascii?Q?p1f72N5ZW5LuksuLzUYFpcVxWzmEs5s2huBfTdgv0GDQ3oPR6C0huvUa3QuA?=
 =?us-ascii?Q?XAkJ3cjtgPZo5F/XNW+/gF1SzlIZvMzlHVrEQ41/nWRK/0PeSmAT2p9FRdWf?=
 =?us-ascii?Q?7KZEu1ONkZn0u1KJE9YJ5ZA6ckJ3VQ0qiL6M17nvWB2XZ4rm+tqgZTbh3E54?=
 =?us-ascii?Q?kHnfuqcCbzYimJbUt2P787ZqGoUIahiqhJAP7Mr+DeX4iweKGNeAZGvRFuHX?=
 =?us-ascii?Q?7Qv4+xVkbr4sIj3Ip7VHzFVTeOAiympeYAclRLjX9aU8El1uTkEFeFkjEMp+?=
 =?us-ascii?Q?ec6VrCQaBmascFr4pOIjKYXqkeJxxDyygizUlAmXsRrvJm58W4Es6LVLh8E9?=
 =?us-ascii?Q?xJt4Uew1SBgXwQdD41bflmBn5S8SpbRwyCG48NLS+lgRT7D9Sn4NflQxBRGQ?=
 =?us-ascii?Q?DPotrjWxnnfy5SRjNOTc9iB+kRYe95fqL8BjM8/A9ZEJoq5Kkwv4Zei83+lf?=
 =?us-ascii?Q?lfJdMG8Wt/puhPWTQzPssjqC388jGWxb8McuP0o+vt8TWmtJVOgalCje+Kkp?=
 =?us-ascii?Q?zuM9YGYDAUdtguLyVpGJnKqV5JrAjMjJfltw8YkvPBtTkcniAZnRleFk39DW?=
 =?us-ascii?Q?uK42wNxdswM4BUQqHjC+RmfdWkzWF3B+2H17G0n1I21RCcL1xG3Krw0euS2x?=
 =?us-ascii?Q?hWeK/k+c2L4n7jSnTYLzH45J2IvIj8tSlKKqlDFPkDkxOw1CJ9h3pFtTFCek?=
 =?us-ascii?Q?WscYA5FhguWHw88Gbw/52NMezGnVrRXYHg5BKO8vY+cVQMCYmYNokgBeWMMv?=
 =?us-ascii?Q?27CXkY+vbrWSoERPcypu+QK/sMrGhgmUyZqmCbOn3b3XtTe3nLwdWoyYDgDe?=
 =?us-ascii?Q?Fp5VQ4DQo0WkYMlibZz/ZspHpSfquEQpRW1TV4yz7M9J3UH98OcWene1uR8H?=
 =?us-ascii?Q?Lo58RJpaGsKDBX8AsnwB1UfzNkVMByH722GqfqBw8v4ZwKCubda5AOFExDdm?=
 =?us-ascii?Q?X8/beXSiB3cauI/pPhzJTZP9xDcjwkH3D+h4P8Nj/54T7/5emHz/KAvOjseq?=
 =?us-ascii?Q?rxtDDMo7s/TSG5wh1O2BAgQkg6wB3ulXeVvvN7KpCmIU0IHfJBfv/Q41THC4?=
 =?us-ascii?Q?uOaxEim2nltwk9EyOZ6c2IytJsKeUgokg8ml925KS2ogZdSh4AEqU8COT8bu?=
 =?us-ascii?Q?i6SXUcB83WJOnMN2WcyStQGpnr6ZywIdaJOmM+V94VeScRZa1aqraqZ2oAoS?=
 =?us-ascii?Q?6ohkQvZ68TPQIu3TsVYRa0ZBZBpnG05Ylk8sWJySOeAE81uOfuCPEQc3JHfj?=
 =?us-ascii?Q?TAfUTlU6wR4X+2wpoOiF6Dym?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 3153a158-adb2-45d9-f709-08d90bce6c0a
X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Apr 2021 11:52:25.5461
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 JAtH/V2JJxEdIzD8A1YKS+f5uxPaJiAFN4sIF8KWxqQFRMlTegV1prKC2mzSvQuePPrMeH+MVwJuKopHnhBocQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2783
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com
X-Gm-Message-State: GhWljwdQgpJwTfRpFaLBPCyHx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1619783552;
 bh=iIfBgDH/p6IsjyjjnWMHUs1j4xKnj2lijtbmLL6rGLI=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=R93OMNFL8EnOUdEbFnbkZBuw6dyYFgcw/FduQavXSQMzKZHZBR1vfWkA2cKoc2U8K9q
 NNmFZ55TXH83o5Q/10XBQDs0ohgs74fysTb6Tp/UBXU971iN7YxosIppuz6ph+2DANpzo
 lgq5jQka+3futyAs6GILupI1csdc7JzvFcQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Extend the workarea to include the SEV-SNP enabled fields. This will be set
when SEV-SNP is active in the guest VM.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h |  3 ++-
 OvmfPkg/PlatformPei/AmdSev.c               | 26 ++++++++++++++++++++
 OvmfPkg/PlatformPei/PlatformPei.inf        |  1 +
 OvmfPkg/ResetVector/Ia32/PageTables64.asm  | 12 +++++++++
 OvmfPkg/ResetVector/ResetVector.nasmb      |  1 +
 5 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L=
ibrary/MemEncryptSevLib.h
index 3868376dbf..03e476ef2a 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -49,7 +49,8 @@ typedef struct {
 //
 typedef struct _SEC_SEV_ES_WORK_AREA {
   UINT8    SevEsEnabled;
-  UINT8    Reserved1[7];
+  UINT8    SevSnpEnabled;
+  UINT8    Reserved1[6];
=20
   UINT64   RandomData;
=20
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index a8bf610022..67b78fd5fa 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -22,6 +22,27 @@
=20
 #include "Platform.h"
=20
+/**
+
+  Initialize SEV-SNP support if running as an SEV-SNP guest.
+
+  **/
+STATIC
+VOID
+AmdSevSnpInitialize (
+  VOID
+  )
+{
+  RETURN_STATUS        PcdStatus;
+
+  if (!MemEncryptSevSnpIsEnabled ()) {
+    return;
+  }
+
+  PcdStatus =3D PcdSetBoolS (PcdSevSnpIsEnabled, TRUE);
+  ASSERT_RETURN_ERROR (PcdStatus);
+}
+
 /**
=20
   Initialize SEV-ES support if running as an SEV-ES guest.
@@ -209,4 +230,9 @@ AmdSevInitialize (
   // Check and perform SEV-ES initialization if required.
   //
   AmdSevEsInitialize ();
+
+  //
+  // Check and perform SEV-SNP initialization if required.
+  //
+  AmdSevSnpInitialize ();
 }
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index 6d18b0be9f..3aef0773b1 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -110,6 +110,7 @@
   gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
+  gUefiCpuPkgTokenSpaceGuid.PcdSevSnpIsEnabled
=20
 [FixedPcd]
   gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto=
r/Ia32/PageTables64.asm
index 5fae8986d9..6838cdeec9 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -81,6 +81,11 @@ CheckSevFeatures:
     ; the MSR check below will set the first byte of the workarea to one.
     mov     byte[SEV_ES_WORK_AREA], 0
=20
+    ; Set the SevSnpEnabled field in workarea to zero to communicate to th=
e SEC
+    ; phase that SEV-SNP is not enabled. If SEV-SNP is enabled, this funct=
ion
+    ; will set it to 1.
+    mov       byte[SEV_ES_WORK_AREA_SNP], 0
+
     ;
     ; Set up exception handlers to check for SEV-ES
     ;   Load temporary RAM stack based on PCDs (see SevEsIdtVmmComm for
@@ -136,6 +141,13 @@ CheckSevFeatures:
     ; phase that SEV-ES is enabled.
     mov       byte[SEV_ES_WORK_AREA], 1
=20
+    bt        eax, 2
+    jnc       GetSevEncBit
+
+    ; Set the second byte of the workarea to one to communicate to the SEC
+    ; phase that the SEV-SNP is enabled
+    mov       byte[SEV_ES_WORK_AREA_SNP], 1
+
 GetSevEncBit:
     ; Get pte bit position to enable memory encryption
     ; CPUID Fn8000_001F[EBX] - Bits 5:0
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re=
setVector.nasmb
index f936870b81..34b900127e 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -73,6 +73,7 @@
   %define GHCB_BASE (FixedPcdGet32 (PcdOvmfSecGhcbBase))
   %define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize))
   %define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase))
+  %define SEV_ES_WORK_AREA_SNP (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 1)
   %define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + =
8)
   %define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) =
+ 16)
   %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase)=
 + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))
--=20
2.17.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#74642): https://edk2.groups.io/g/devel/message/74642
Mute This Topic: https://groups.io/mt/82479064/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-