From nobody Fri Mar 29 09:22:06 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+74649+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74649+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one); dmarc=fail(p=none dis=none) header.from=amd.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1619783558061829.1705758575351; Fri, 30 Apr 2021 04:52:38 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id vy5DYY1788612xlygRcK5LrL; Fri, 30 Apr 2021 04:52:37 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com []) by mx.groups.io with SMTP id smtpd.web12.10214.1619783548337545009 for ; Fri, 30 Apr 2021 04:52:34 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BnBC6k6gVjuAw+SQeibjZmHzXR/ysjzLlLL44qlaYol35ykuBeSBvwwjO7Lq0OuF+woN4RWJv1+aglSJrnrnpz3jj2Ew3ZgMeW8rexBZ8fY4zX8TFyCAhetmgae2xWH87bcnv2ViurlLzKcveUAIB5TjtApgo/WMI6Dr+5jsLol5zPmxjZJ6SwGohfn3kbu7qnlojVPsBFaBidox6IOXgefvvOodxADLyVLOwzscLVSsWxMum6Xb2X3f6y2Pgm8DgLd9Jz+XjtLxMkc0rSbDSg1G7eXKqKmSLweN3WacJfQe66wY6+bA3qznXMXIuXKmyDQNuPFEw9B6lJHlEzIdKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZfUBbUUPnLeX5tHcCLnMUtoz3rJa4rgDDInBo9nO/Mw=; b=lAfLtBTQbC6/JtGiNaJtBDOxFFWq1QvafwQGkuiABeofLfXiITntEblBlXJSASskCFBFti2iecz99vFahJNp5lJk6275SnFydMpuaDoHkHV378re3C5mKDq1T1f3zm7iy2tyEjqHl3V1RieEX8JSNhG1AFBFP9EdBw8K9l1riofnqm7J9hBC/QVgddheqk2sx/2l77vC5ab1DwlUbmQryHMqfdg0rHAU6owDHz15Ig2mEVoFLZiVbp7aLwajXA7YIaX2h6BAaWf8AdPfk56cQE2kVt/q8BjbO8s0U/vDe59wPl1UM8Yh1I+NZQLLxLUDJD+jLZp2j6Qr2iN4dukTVQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2783.namprd12.prod.outlook.com (2603:10b6:805:78::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.25; Fri, 30 Apr 2021 11:52:31 +0000 X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4065.027; Fri, 30 Apr 2021 11:52:31 +0000 From: "Brijesh Singh" To: devel@edk2.groups.io Cc: Brijesh Singh , James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas Subject: [edk2-devel] [PATCH RFC v2 22/28] OvmfPkg/BaseMemEncryptSevLib: Skip the pre-validated system RAM Date: Fri, 30 Apr 2021 06:51:42 -0500 Message-Id: <20210430115148.22267-23-brijesh.singh@amd.com> In-Reply-To: <20210430115148.22267-1-brijesh.singh@amd.com> References: <20210430115148.22267-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR12CA0006.namprd12.prod.outlook.com (2603:10b6:806:6f::11) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR12CA0006.namprd12.prod.outlook.com (2603:10b6:806:6f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.27 via Frontend Transport; Fri, 30 Apr 2021 11:52:29 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 59ac87a4-a91c-4db1-9db4-08d90bce6e94 X-MS-TrafficTypeDiagnostic: SN6PR12MB2783: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: 4sEPwLSaigBzOQxIuap8i/Ic1hTkaM8vGs+Opga20cO/4uiOQhDrAshjmqn1n4offqykHWrXRtWrg7z8fGDoYNbDst4y4kjXKXcOtizKYAk6YhTUKDWbngt7LP4G8yrlhT2g7kYyk7kK0i1TpIqZE2aTaVTZo5rFqBD2IJCWk9mFS+EFxgXCm++q/hoG+4Km3u2N5Q27OvXB/fpbr+JfJSi4DHAzgCDV4kjfvmVIEmGxWk+R+J3yklpmna4pYLfwqr0yKGMKpHb4cofzq6F8zuMyEPKoiTqoctZpivahUVKKFmF4wZteaounfmiejUZ/q5FaQgQN0LkuEdPc6WPmlKmUwohmbx5WNXUMcG19s23Jf6/lfQVG/DcWpRTerLEHgCaZUnJUrea/G42lVS8VqAeLMISV17qA+MRdWk3OXuKN08aWeZQiJN1WpaE06BH8MVPz967rgSq5nahNaXJF25GvLwroJYouEO6OKTIdBVnwc4rk2Mj00sJSn3a0ZMj765T8YU2228V6NoCCd5O1IMLL8GVYwFC9+AM0mEFSyWPKEwEP94FACtS8jT6TJ1zFYsYgaK9hiVhmpnHdFsD1qkJZSsKMiBoY3cOaEml+4+ZoGCkzqZPqpAUlzu2Sw095OUEXowX/R2fwztZ7KEFwXgjzI5YK8qcg6mSC8joZIguIObhi9NnLf/o0CM19rTq3UP7vi771JpgDzZMkl/azhzrc0+Fsdl5t2i0eM/823uI75uk3fhtq/QOsoLouzmXi X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?61xpXHREM+f0J2LSAbXfw9gjAp4kl4kKRFJyMT2+DEHXmOZJcdMLbFp8EVvz?= =?us-ascii?Q?zNkrWDAh68yHW+PDV7Y1RwGN1jlLrn3tMbOnPglWOpEOMZcnIKlOptfo2/AD?= =?us-ascii?Q?TtODlROpiDNFBu4jwS9H07OjTWyehC3uH22wQMomhDSI6S++lCM0qfoU62EJ?= =?us-ascii?Q?tKFC1gM4a6hoku1j6HtQftF75wT2C07ntgIPLe7X0ImAXJ1Ygw5/a2fy3cxF?= =?us-ascii?Q?QSwZiUtg/tIazsvsdcpIbSjfm8hYu0ytguOl+hkzTCKkyEW7MWk5lxChU8u7?= =?us-ascii?Q?/wgbRgMFRBdv6Qcgr82b9SlzBv3vTgyVHfz5ybT5iIiIEp9a1A2LPGEADRpE?= =?us-ascii?Q?xyqJYus5Sz/bsB5TYpB9P9Lk/oVWGWua/jg/YR9UUowDCpbQsjXKPXNPNS0q?= =?us-ascii?Q?dkvcVmdbciYBhEUWP8ao2gqdjGEDkpOWUUNwCPkzbdTz+RoGkzI8hJFU1T2u?= =?us-ascii?Q?Z33GsyNOPz/HKdrMaXuqcwMEeA2WMVa6STaUdEJ8NMVCvtQUK2PQXLGQ/VEt?= =?us-ascii?Q?hUY0NNaiXJk15gJ/GLmkyGuj/DNaSTtrrDiaIkpPMiWtTvJwwSVIqu78IIU1?= =?us-ascii?Q?JOA5Qassa0DLW7Ihvb+g70qUZJa3kwDGm1lMNhNtd20Z6G+PYdPXwJfAkzmK?= =?us-ascii?Q?ufR/qYjgv+50lx/u8DvWWowjmuxKR9SWndACcX9EVl+8o8YjVBRFy62U2skj?= =?us-ascii?Q?mRTUaqqU0o9MEPAGzjrWdYenuMGEP4Ea7uN3TsqoStpvIleb30WBENTw9B02?= =?us-ascii?Q?/qNBi8W4KR+G3E7NKVC0chRFiQpwn6JbT+VcSr9rph6aPv4G3Bqbiwp9Lx75?= =?us-ascii?Q?+a8vbVATG6VEwqv2t2qedaGCFWZgRplYrdt0Prto0uP69OASGxa8KfWCUMIt?= =?us-ascii?Q?7zEFgOgFr+Hkor0/MgTP3a1W0IBIFxKcK9C1STqtAEnqYxoBe0WbMRYUXygj?= =?us-ascii?Q?/LSsXn6XpsS3POUTLToOY5FRKC+NoN0vf6voY3WCORH78j00/dhnnPFKI/Zx?= =?us-ascii?Q?vzYdI6SYbbYz7MmhPpQ9pJHB9M2q9EkvVa8XC7Vj3sIRLiYHk06cUViDBM01?= =?us-ascii?Q?gbK6qwZCBIEebTa2Y+ikgkKH7Tsuyf3ekjye0teRDkfk8mlTHfhtc7wHpuwL?= =?us-ascii?Q?Z/MA6MxKwBc8XllnrxF9odm5YcmFjcSqR4HrVL3EQHX5t+/NdtL48rixyQwa?= =?us-ascii?Q?cg0L9swAWAfGivxZdga3PHiIKGbsOaqRrbyJUONl6qD9Vd28VF8zBwEny6Wo?= =?us-ascii?Q?xCOHXHBY6KVQaS/YdP+0L37+1vUzBT1CIax43CxZ2UNBX8VdtkiSvczMxsWW?= =?us-ascii?Q?5GlSJvxxht/jO8owfWHJDcIK?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 59ac87a4-a91c-4db1-9db4-08d90bce6e94 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Apr 2021 11:52:29.7447 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: xJAhQqTdP64+ehNUvz2x/9B6yRO+6Mi+PywtqnU3OTF24My33EbC/foEqcdiLbPXsIM+qAZ6q674DP1meW//Hg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2783 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com X-Gm-Message-State: 9fLtw5g2f8Cbpcf1CuEHz5Cqx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1619783557; bh=4oVSw3N/pdkIxxdoY71NEsqGa+RPRcdjqVZDLc7Yr2g=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=Cjus5lxBV5nSdwIUnYYvHWFT+gqWboe3ROd39/CarCwSccnsblU0fVwvY9KAN+DumeA diAt8sU6L7q8ioR4zXhYHonQtWzC8Ji3a8fcsP2Esoc8kA3VS4EPoJnjntJdRcp34QOvz pPp/MqIszWbuUUCPhcwMap6lU+9NRhs63Fc= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 The MemEncryptSevSnpPreValidateSystemRam() is used for pre-validating the system RAM. As the boot progress, each phase validates a fixed region of the RAM. In the PEI phase, the PlatformPei detects all the available RAM and calls to pre-validate the detected system RAM. While validating the system RAM in PEI phase, we must skip previously validated system RAM to avoid the double validation. Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Laszlo Ersek Cc: Erdem Aktas Signed-off-by: Brijesh Singh --- OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf | 2 + OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c | 65 ++= +++++++++++++++++- 2 files changed, 66 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf index 0402e49a10..f4058911e7 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf @@ -58,3 +58,5 @@ =20 [FixedPcd] gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpHypervisorPreValidatedEnd + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpHypervisorPreValidatedStart diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c index ba673d193b..1fc3337f7c 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c @@ -14,6 +14,44 @@ =20 #include "SnpPageStateChange.h" =20 +typedef struct { + UINT64 StartAddress; + UINT64 EndAddress; +} SNP_PRE_VALIDATED_RANGE; + +STATIC SNP_PRE_VALIDATED_RANGE mPreValidatedRange[] =3D { + // This range is pre-validated by the Hypervisor. + { + FixedPcdGet32 (PcdOvmfSnpHypervisorPreValidatedStart), + FixedPcdGet32 (PcdOvmfSnpHypervisorPreValidatedEnd) + } +}; + +STATIC +BOOLEAN +DetectPreValidatedOverLap ( + IN PHYSICAL_ADDRESS StartAddress, + IN PHYSICAL_ADDRESS EndAddress, + OUT SNP_PRE_VALIDATED_RANGE *OverlapRange + ) +{ + UINTN i; + + // + // Check if the specified address range exist in pre-validated array. + // + for (i =3D 0; i < ARRAY_SIZE (mPreValidatedRange); i++) { + if ((mPreValidatedRange[i].StartAddress < EndAddress) && + (StartAddress < mPreValidatedRange[i].EndAddress)) { + OverlapRange->StartAddress =3D mPreValidatedRange[i].StartAddress; + OverlapRange->EndAddress =3D mPreValidatedRange[i].EndAddress; + return TRUE; + } + } + + return FALSE; +} + /** Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. =20 @@ -28,9 +66,34 @@ MemEncryptSevSnpPreValidateSystemRam ( IN UINTN NumPages ) { + PHYSICAL_ADDRESS EndAddress; + SNP_PRE_VALIDATED_RANGE OverlapRange; + if (!MemEncryptSevSnpIsEnabled ()) { return; } =20 - InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); + EndAddress =3D BaseAddress + EFI_PAGES_TO_SIZE (NumPages); + + while (BaseAddress < EndAddress) { + // + // Check if the range overlaps with the pre-validated ranges. + // + if (DetectPreValidatedOverLap (BaseAddress, EndAddress, &OverlapRange)= ) { + // Validate the non-overlap regions. + if (BaseAddress < OverlapRange.StartAddress) { + NumPages =3D EFI_SIZE_TO_PAGES (OverlapRange.StartAddress - BaseAd= dress); + + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TR= UE); + } + + BaseAddress =3D OverlapRange.EndAddress; + continue; + } + + // Validate the remaining pages. + NumPages =3D EFI_SIZE_TO_PAGES (EndAddress - BaseAddress); + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); + BaseAddress =3D EndAddress; + } } --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74649): https://edk2.groups.io/g/devel/message/74649 Mute This Topic: https://groups.io/mt/82479073/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-