From nobody Thu Mar 28 23:18:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+74648+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74648+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one); dmarc=fail(p=none dis=none) header.from=amd.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1619783557547180.8214168757346; Fri, 30 Apr 2021 04:52:37 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id CpfKYY1788612xlBXSEQUtRb; Fri, 30 Apr 2021 04:52:37 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com []) by mx.groups.io with SMTP id smtpd.web12.10214.1619783548337545009 for ; Fri, 30 Apr 2021 04:52:33 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N+WJkkyJYkxz5+OGEgUh/X8OyeP6TX3lFbtuTD+zRYiNp1Kt0bpxwmprrxf89zFcvWG8eXfOuO4kOhE1S2jRZOnT6ut7Av+Ob8O6F6pgSyRYmDZwWYqHq7+eLRSYcrA5QfzxBrQofeboyCe4uYCf7nUmXvVFDvFbXG4SNOqLfO+iUhgSFfh5mHBtrxsbtzRIFeKfRyaYC0JFZ6FTlrHtiN12BXBCLfjElXkI1SalsINHIFqZCEA/A8Go3Mf5ZQE25LWtll6cmANHi/kZpFnVButLEIjoRkdEJA1Tpr1QPJihUYHmgZE2NA89Jf68S5UQt29X9sN39CEUpJEG8UPuMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gCPfA7cNsa81JV0p3tMyED8+VKUKPAqUgev8mZN4hmI=; b=SKCAtzU18dPw0zkUt4yEFa0hkKtsYrVHDg3h8HRVxqhDGjCSy81u1Aku1ccz9Dusv6p2KQfkNacKvQkF2dKInm+Hf46V0D5DwXG/R50LXIDskSzdGKvxidHYf8Fon3OmwvkXpBWdAk3/ItOe6bJBMfb42sjd/56/xgdBjXrufznDOkVvHU6zhSYUT2n6kO+/EAvs9jRR0jnBaTiVoqnxA8Co6PEBCJP0kaywlvj2yV1H7+MxeRctEuIzGkT/n2MS7eH/nYC+2TaxXMohDbqqDVSVRwFufE/VkWai4UC726Ws77eBbFcDDeMYCX1+3YheBvxsyLYbjZabr2FnvbW8yA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2783.namprd12.prod.outlook.com (2603:10b6:805:78::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.25; Fri, 30 Apr 2021 11:52:31 +0000 X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4065.027; Fri, 30 Apr 2021 11:52:31 +0000 From: "Brijesh Singh" To: devel@edk2.groups.io Cc: Brijesh Singh , James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas Subject: [edk2-devel] [PATCH RFC v2 21/28] OvmfPkg/MemEncryptSevLib: Add support to validate system RAM Date: Fri, 30 Apr 2021 06:51:41 -0500 Message-Id: <20210430115148.22267-22-brijesh.singh@amd.com> In-Reply-To: <20210430115148.22267-1-brijesh.singh@amd.com> References: <20210430115148.22267-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR12CA0006.namprd12.prod.outlook.com (2603:10b6:806:6f::11) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR12CA0006.namprd12.prod.outlook.com (2603:10b6:806:6f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.27 via Frontend Transport; Fri, 30 Apr 2021 11:52:28 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 11298d13-4676-4ee3-07ea-08d90bce6e3a X-MS-TrafficTypeDiagnostic: SN6PR12MB2783: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: ajL/IF8Rvn+b1f/mhn/7VKaHHOFxMXmiqupv0pJYEdoEvTykIQ5tOzFF054MZ/2guAD26Z8sW+rc9QsE5kQ16BvMVEH/F0cM8uTCkBLKdEuT9iTvTPqM+yRBNgHNpIlM6rvse1MhfOfaC6aZW07bCRK7CvrOIXihXdtMv2kkvK4q3JhoXI/JhVaxPO7o+dIlg686NUs8zWaaAONMLxjUefGJkUNyR5EZhY68qpUZfhVkPNgsybWw2JarMtvcWLXv+MHc7rzfAKkV20rOYOxqNLHzgOPkeIi5ljC8xdKXXTBIn+xZsvc9XrvavYuCrkFBtMce1spuVqJ8Q0IXOOJ/xhmS1tFlIPwQAKf02rmmwMQGe+73X7EloPc27rMSoiTOAt5yr1sAEs6zvZA/V0U3AGk1pAMlnezM4GABZxjnNFU9ndnKWOTdYnQx5aDhfFMoY3P5L7iOcYNg/69eDw9F+MIQxnVFgUDoZZPCE6RyUXvYbvq5In0OAbBnHUV67z/klsRrptblkypNCB7yXhXieEuM6Zotjglqm3X4PZpAHZp3i51J6psTdA4DgYMIV4lk2vSwOqBdlFgmeOqpajVVX9DnRyBvQD+JzNbLJMzZtYD82rnF56/G8CFYKVFXA2GhLmV0V8C6HikToYNH0jZKwNgMKnyczRt2xQ9cfeF8ygOX2LUQBeMENeAODIKFyXOudug1KXffWZ7BTEmaHdnev39G7UPH06K7GM2b6+ARdBw= X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?A2VmIl/PC+mlAFqIlkri6sEBgW18pCmEi9LVhiEar7odXoV6IiiHG2pFLZbI?= =?us-ascii?Q?GznV8A9wRhaKSxs9ZKFQ+8xjLv0ZhdAXxKaDPTG4ScCd7r8Ztl5pWTrMo+gT?= =?us-ascii?Q?RAYjnpil1GtbRHQFcPrnK4fr8brt5mCkW2CbioYEqnSgfaOLT8aydsnFjBLt?= =?us-ascii?Q?nJkOccHHhH4V6FYMrXgZF9JqA3eRhmZ8DnnY8XUPKn3Os+h0/Hh0Cxiz8MVZ?= =?us-ascii?Q?49hqS1pSTtDoHUhQxU0XsAsR+eOW/gl1VrWC/M6RcsDIYAu2k24pZaGzoyQC?= =?us-ascii?Q?nEiNN2FkqhG7yrissTWUThdeoeoPF4FprcyN6GydXZangpmHuPW9YPvk4obY?= =?us-ascii?Q?8u6qfAVk7+f8eDExYxIAMdaOAKeeC3WmXb8+bVnf8cVB43F3g5AojAGDhgG5?= =?us-ascii?Q?mTYvWftqz+o1KATgWUhMCkNsQMPcWwAwTHFpbOUCBD2ByYrnJYGqvoZO+Lr1?= =?us-ascii?Q?8JJc/0K3bIuQCVh/yftU20GUzW1LRChlKshZ7xgknOyX1KOd0zJMCiFmVtYb?= =?us-ascii?Q?1h0L/qoqVQOZym9R3QWDvgcaQb7CqA1Xck3IRvAsP2NlUHT6EBaQEkz9f5d3?= =?us-ascii?Q?D06oXZ8f6zknQ3e6rpd2I9Hs1cMdCqphjvlyvmi0Dq5SDm77urya6MVPAQy9?= =?us-ascii?Q?IWJVww/X4FuGVkWwlAUTcd/chhdza/lvVPXZ2Et8huQ3HiGlWga9/Tap1McZ?= =?us-ascii?Q?mlCLSSXMaUCG4haC4mofHj1831Z5Rs0DnWENSS8YNQ2LpEi+QBLTXVxcqBln?= =?us-ascii?Q?mSkhI4ED5/TbSrp8pDUDvBV1itFJw5hxYZ2/6J7gU29LByIKYSAGOJjureiM?= =?us-ascii?Q?u93Yqlx+Kl8g2H6Egk680m5/heSDL+Hiaz4pdhnLroR4Mp3S2wjg7It2V7YR?= =?us-ascii?Q?ZQebKxxLNy3gLfbZdLFxdUwmodDnfFv+N/acqATnup8fYTGSQGgFoUuP1ZZJ?= =?us-ascii?Q?vaMuZIdW+jV5QeWiLj4P4TjXJa0bw9RDpdsclFmqO9FLDkjZR8CFmp4q+SOz?= =?us-ascii?Q?BqgaB8uTSTq+mef3ONHbOr2tEg5nv+h72lMviKje+Js5g3VjAmlARoIf9XlD?= =?us-ascii?Q?LbGePOjvY8YUMdLTMoKceMBzSKYznvE8XUfG4OEog/IRf2hxdwoI7kbaMjqd?= =?us-ascii?Q?DSLLoqB3cFkqeFHqCif9hZn3PxsSdTC6Q/fnJm5m7uurFpDJcAiZTySTxvpW?= =?us-ascii?Q?mk3bF2XihJ/ojI+aLwBUQfiKOzAjiUUy0YjVDh646WrPxbrLbr+S309vVhR7?= =?us-ascii?Q?opygeuAEIZLN0K09EDNP9Blz4wLwfW/SDPQBooRH1iOTzi4XiNBmlt/wQWQG?= =?us-ascii?Q?gfOUbDagyOyu6MS05ySf2FGc?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 11298d13-4676-4ee3-07ea-08d90bce6e3a X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Apr 2021 11:52:29.1950 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Du8iggW7y27WRu3SaGIsByJvKzJaDhpn3CWJQQ7yaRwWT00HxNvBSEMWohd6uCl3RQs27aSyibYTj1iCqwt36A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2783 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com X-Gm-Message-State: rWV234PKGuvwVZY3jqN05IPgx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1619783557; bh=/NfCiSs8Zl2ztx8Hj4Zp0cOivzetcydRijV4hxCml2g=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=con4ZM+C8Ha6xQVTFzHpM7fJtgE0f1UwHc8Gh25Jg39G403nG4CuW5BjsERLK5bTY5c 21cpLJd/A/8goaraF01jevi/KR/lqP1+Nk0i+ZusJHDzPgP81fEOVeOB6DuoIzw8HNwHz TcaTt1iQqJT8RYJmZBzRodOaxcMXkjNNYyQ= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 Many of the integrity guarantees of SEV-SNP are enforced through the Reverse Map Table (RMP). Each RMP entry contains the GPA at which a particular page of DRAM should be mapped. The guest can request the hypervisor to add pages in the RMP table via the Page State Change VMGEXIT defined in the GHCB specification section 2.5.1 and 4.1.6. Inside each RMP entry is a Validated flag; this flag is automatically cleared to 0 by the CPU hardware when a new RMP entry is created for a guest. Each VM page can be either validated or invalidated, as indicated by the Validated flag in the RMP entry. Memory access to a private page that is not validated generates a #VC. A VM can use the PVALIDATE instruction to validate the private page before using it. During the guest creation, the boot ROM memory is pre-validated by the AMD-SEV firmware. The MemEncryptSevSnpValidateSystemRam() can be called during the SEC and PEI phase to validate the detected system RAM. One of the fields in the Page State Change NAE is the RMP page size. The page size input parameter indicates that either a 4KB or 2MB page should be used while adding the RMP entry. During the validation, when possible, the MemEncryptSevSnpValidateSystemRam() will use the 2MB entry. A hypervisor backing the memory may choose to use the different page size in the RMP entry. In those cases, the PVALIDATE instruction should return SIZEMISMATCH. If a SIZEMISMATCH is detected, then validate all 512-pages constituting a 2MB region. Upon completion, the PVALIDATE instruction sets the rFLAGS.CF to 0 if instruction changed the RMP entry and to 1 if the instruction did not change the RMP entry. The rFlags.CF will be 1 only when a memory region is already validated. We should not double validate a memory as it could lead to a security compromise. If double validation is detected, terminate the boot. Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Laszlo Ersek Cc: Erdem Aktas Signed-off-by: Brijesh Singh --- OvmfPkg/Include/Library/MemEncryptSevLib.h | 1= 4 ++ OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf | = 2 + OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c | 1= 7 ++ OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf | = 3 + OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf | = 3 + OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c | 4= 0 +++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c | 3= 6 +++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c | 3= 6 +++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h | 3= 1 +++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c | 26= 1 ++++++++++++++++++++ OvmfPkg/OvmfPkgIa32.dsc | = 1 + OvmfPkg/OvmfPkgIa32X64.dsc | = 1 + 12 files changed, 445 insertions(+) diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L= ibrary/MemEncryptSevLib.h index 42caa6497b..c4e89abe0d 100644 --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h @@ -237,4 +237,18 @@ MemEncryptSevClearMmioPageEncMask ( IN UINTN NumPages ); =20 +/** + Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. + + @param[in] BaseAddress Base address + @param[in] NumPages Number of pages starting from the ba= se address + +**/ +VOID +EFIAPI +MemEncryptSevSnpPreValidateSystemRam ( + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ); + #endif // _MEM_ENCRYPT_SEV_LIB_H_ diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf index f2e162d680..2158e1cba3 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf @@ -34,8 +34,10 @@ PeiDxeMemEncryptSevLibInternal.c =20 [Sources.X64] + X64/DxeSnpSystemRamValidate.c X64/MemEncryptSevLib.c X64/PeiDxeVirtualMemory.c + X64/SnpPageStateChangeInternal.c X64/VirtualMemory.c X64/VirtualMemory.h =20 diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c b= /OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c index 34e7c59e2c..2ca3a400bd 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/Ia32/MemEncryptSevLib.c @@ -136,3 +136,20 @@ MemEncryptSevClearMmioPageEncMask ( // return RETURN_UNSUPPORTED; } + +/** + Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. + + @param[in] BaseAddress Base address + @param[in] NumPages Number of pages starting from the ba= se address + +**/ +VOID +EFIAPI +MemEncryptSevSnpPreValidateSystemRam ( + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + ASSERT (FALSE); +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf index 03a78c32df..0402e49a10 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf @@ -36,6 +36,8 @@ [Sources.X64] X64/MemEncryptSevLib.c X64/PeiDxeVirtualMemory.c + X64/PeiSnpSystemRamValidate.c + X64/SnpPageStateChangeInternal.c X64/VirtualMemory.c X64/VirtualMemory.h =20 @@ -49,6 +51,7 @@ DebugLib MemoryAllocationLib PcdLib + VmgExitLib =20 [FeaturePcd] gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf index 279c38bfbc..939af0a91e 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf @@ -35,6 +35,8 @@ [Sources.X64] X64/MemEncryptSevLib.c X64/SecVirtualMemory.c + X64/SecSnpSystemRamValidate.c + X64/SnpPageStateChangeInternal.c X64/VirtualMemory.c X64/VirtualMemory.h =20 @@ -46,6 +48,7 @@ CpuLib DebugLib PcdLib + VmgExitLib =20 [FixedPcd] gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c new file mode 100644 index 0000000000..d46a8408f8 --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c @@ -0,0 +1,40 @@ +/** @file + + SEV-SNP Page Validation functions. + + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include + +#include "SnpPageStateChange.h" + +/** + Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. + + @param[in] BaseAddress Base address + @param[in] NumPages Number of pages starting from the ba= se address + +**/ +VOID +EFIAPI +MemEncryptSevSnpPreValidateSystemRam ( + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + if (!MemEncryptSevSnpIsEnabled ()) { + return; + } + + // + // All the pre-validation must be completed in the PEI phase. + // + ASSERT (FALSE); +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c new file mode 100644 index 0000000000..ba673d193b --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c @@ -0,0 +1,36 @@ +/** @file + + SEV-SNP Page Validation functions. + + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include + +#include "SnpPageStateChange.h" + +/** + Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. + + @param[in] BaseAddress Base address + @param[in] NumPages Number of pages starting from the ba= se address + +**/ +VOID +EFIAPI +MemEncryptSevSnpPreValidateSystemRam ( + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + if (!MemEncryptSevSnpIsEnabled ()) { + return; + } + + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c new file mode 100644 index 0000000000..ba673d193b --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c @@ -0,0 +1,36 @@ +/** @file + + SEV-SNP Page Validation functions. + + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include + +#include "SnpPageStateChange.h" + +/** + Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. + + @param[in] BaseAddress Base address + @param[in] NumPages Number of pages starting from the ba= se address + +**/ +VOID +EFIAPI +MemEncryptSevSnpPreValidateSystemRam ( + IN PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages + ) +{ + if (!MemEncryptSevSnpIsEnabled ()) { + return; + } + + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h = b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h new file mode 100644 index 0000000000..0dd90d4a16 --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h @@ -0,0 +1,31 @@ +/** @file + + SEV-SNP Page Validation functions. + + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef SNP_PAGE_STATE_INTERNAL_H_ +#define SNP_PAGE_STATE_INTERNAL_H_ + +// +// SEV-SNP Page states +// +typedef enum { + SevSnpPagePrivate, + SevSnpPageShared, + +} SEV_SNP_PAGE_STATE; + +VOID +InternalSetPageState ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages, + IN SEV_SNP_PAGE_STATE State, + IN BOOLEAN UseLargeEntry + ); + +#endif diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInt= ernal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeIntern= al.c new file mode 100644 index 0000000000..182f6040ec --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c @@ -0,0 +1,261 @@ +/** @file + + SEV-SNP Page Validation functions. + + Copyright (c) 2020 - 2021, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "SnpPageStateChange.h" + +#define IS_ALIGNED(x, y) ((((x) & (y - 1)) =3D=3D 0)) +#define PAGES_PER_LARGE_ENTRY 512 + +STATIC +UINTN +MemoryStateToGhcbOp ( + IN SEV_SNP_PAGE_STATE State + ) +{ + UINTN Cmd; + + switch (State) { + case SevSnpPageShared: Cmd =3D SNP_PAGE_STATE_SHARED; break; + case SevSnpPagePrivate: Cmd =3D SNP_PAGE_STATE_PRIVATE; break; + default: ASSERT(0); + } + + return Cmd; +} + +STATIC +VOID +SnpPageStateFailureTerminate ( + VOID + ) +{ + MSR_SEV_ES_GHCB_REGISTER Msr; + + // + // Use the GHCB MSR Protocol to request termination by the hypervisor + // + Msr.GhcbPhysicalAddress =3D 0; + Msr.GhcbTerminate.Function =3D GHCB_INFO_TERMINATE_REQUEST; + Msr.GhcbTerminate.ReasonCodeSet =3D GHCB_TERMINATE_GHCB; + Msr.GhcbTerminate.ReasonCode =3D GHCB_TERMINATE_GHCB_GENERAL; + AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress); + + AsmVmgExit (); + + ASSERT (FALSE); + CpuDeadLoop (); +} + +STATIC +UINTN +IssuePvalidate ( + IN UINTN Address, + IN UINTN RmpPageSize, + IN BOOLEAN Validate + ) +{ + IA32_EFLAGS32 EFlags; + UINTN Ret; + + Ret =3D AsmPvalidate (RmpPageSize, Validate, Address, &EFlags); + + // + // Check the rFlags.CF to verify that PVALIDATE updated the RMP entry. + // If there was a no change in the RMP entry then we are either double + // validating or invalidating the memory. This can lead to a security co= mpromise. + // + if (EFlags.Bits.CF) { + DEBUG (( + DEBUG_ERROR, "%a:%a: Double %a detected for address 0x%Lx\n", + gEfiCallerBaseName, + __FUNCTION__, + Validate ? "Validate" : "Invalidate", + Address + )); + SnpPageStateFailureTerminate (); + } + + return Ret; +} + +/** + This function issues the PVALIDATE instruction to validate or invalidate = the memory + range specified. If PVALIDATE returns size mismatch then it retry validat= ing with + smaller page size. + + */ +STATIC +VOID +PvalidateRange ( + IN SNP_PAGE_STATE_CHANGE_INFO *Info, + IN UINTN StartIndex, + IN UINTN EndIndex, + IN BOOLEAN Validate + ) +{ + UINTN Address, RmpPageSize, Ret, i; + + for (; StartIndex < EndIndex; StartIndex++) { + // + // Get the address and the page size from the Info. + // + Address =3D Info->Entry[StartIndex].GuestFrameNumber << EFI_PAGE_SHIFT; + RmpPageSize =3D Info->Entry[StartIndex].PageSize; + + Ret =3D IssuePvalidate (Address, RmpPageSize, Validate); + + // + // If we fail to validate due to size mismatch then try with the + // smaller page size. This senario will occur if the backing page in + // the RMP entry is 4K and we are validating it as a 2MB. + // + if ((Ret =3D=3D PvalidateRetFailSizemismatch) && (RmpPageSize =3D=3D P= validatePageSize2MB)) { + for (i =3D 0; i < PAGES_PER_LARGE_ENTRY; i++) { + Ret =3D IssuePvalidate (Address, PvalidatePageSize4K, Validate); + if (Ret) { + break; + } + + Address =3D Address + EFI_PAGE_SIZE; + } + } + + // + // If validation failed then do not continue. + // + if (Ret) { + DEBUG (( + DEBUG_ERROR, "%a:%a: Failed to %a address 0x%Lx Error code %d\n", + gEfiCallerBaseName, + __FUNCTION__, + Validate ? "Validate" : "Invalidate", + Address, + Ret + )); + SnpPageStateFailureTerminate (); + } + } +} + +/** + The function is used to set the page state when SEV-SNP is active. The pa= ge state + transition consist of changing the page ownership in the RMP table, and u= sing the + PVALIDATE instruction to update the Validated bit in RMP table. + + When the UseLargeEntry is set to TRUE, then function will try to use the = large RMP + entry (whevever possible). + */ +VOID +InternalSetPageState ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINTN NumPages, + IN SEV_SNP_PAGE_STATE State, + IN BOOLEAN UseLargeEntry + ) +{ + EFI_STATUS Status; + GHCB *Ghcb; + EFI_PHYSICAL_ADDRESS NextAddress, EndAddress; + MSR_SEV_ES_GHCB_REGISTER Msr; + BOOLEAN InterruptState; + SNP_PAGE_STATE_CHANGE_INFO *Info; + UINTN i, RmpPageSize; + + Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB); + Ghcb =3D Msr.Ghcb; + + EndAddress =3D BaseAddress + EFI_PAGES_TO_SIZE (NumPages); + + DEBUG (( + DEBUG_VERBOSE, "%a:%a Address 0x%Lx - 0x%Lx State =3D %a LargeEntry = =3D %d\n", + gEfiCallerBaseName, + __FUNCTION__, + BaseAddress, + EndAddress, + State =3D=3D SevSnpPageShared ? "Shared" : "Private", + UseLargeEntry + )); + + for (; BaseAddress < EndAddress; BaseAddress =3D NextAddress) { + // + // Initialize the GHCB and setup scratch sw to point to shared buffer. + // + VmgInit (Ghcb, &InterruptState); + Info =3D (SNP_PAGE_STATE_CHANGE_INFO *) Ghcb->SharedBuffer; + + SetMem (Info, sizeof (*Info), 0); + + // + // Build page state change buffer + // + for (i =3D 0; (EndAddress > BaseAddress) && i < SNP_PAGE_STATE_MAX_ENT= RY; + BaseAddress =3D NextAddress, i++) { + // + // Is this a 2MB aligned page? Check if we can use the Large RMP ent= ry. + // + if (UseLargeEntry && IS_ALIGNED (BaseAddress, SIZE_2MB) && + ((EndAddress - BaseAddress) >=3D SIZE_2MB)) { + RmpPageSize =3D PvalidatePageSize2MB; + NextAddress =3D BaseAddress + SIZE_2MB; + } else { + RmpPageSize =3D PvalidatePageSize4K; + NextAddress =3D BaseAddress + EFI_PAGE_SIZE; + } + + Info->Entry[i].GuestFrameNumber =3D BaseAddress >> EFI_PAGE_SHIFT; + Info->Entry[i].PageSize =3D RmpPageSize; + Info->Entry[i].Op =3D MemoryStateToGhcbOp (State); + Info->Entry[i].CurrentPage =3D 0; + } + + Info->Header.CurrentEntry =3D 0; + Info->Header.EndEntry =3D i - 1; + + // + // If the request page state change is shared then invalidate the page= s before + // adding the page in the RMP table. + // + if (State =3D=3D SevSnpPageShared) { + PvalidateRange (Info, 0, i, FALSE); + } + + // + // Issue the VMGEXIT and retry if hypervisor failed to process all the= entries. + // + Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer; + VmgSetOffsetValid (Ghcb, GhcbSwScratch); + while (Info->Header.CurrentEntry <=3D Info->Header.EndEntry) { + Status =3D VmgExit (Ghcb, SVM_EXIT_SNP_PAGE_STATE_CHANGE, 0, 0); + if (EFI_ERROR (Status)) { + SnpPageStateFailureTerminate (); + } + } + + // + // If the request page state change is shared then invalidate the page= s before + // adding the page in the RMP table. + // + if (State =3D=3D SevSnpPagePrivate) { + PvalidateRange (Info, 0, i, TRUE); + } + + VmgDone (Ghcb, InterruptState); + } +} diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index f9355172d6..1c1e911bd0 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -267,6 +267,7 @@ !else CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiC= puExceptionHandlerLib.inf !endif + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLi= b.inf =20 [LibraryClasses.common.PEI_CORE] HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 3f27d7b90d..804f5d62be 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -271,6 +271,7 @@ !else CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiC= puExceptionHandlerLib.inf !endif + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLi= b.inf =20 [LibraryClasses.common.PEI_CORE] HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74648): https://edk2.groups.io/g/devel/message/74648 Mute This Topic: https://groups.io/mt/82479072/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-