From nobody Mon Feb 9 11:33:45 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80897+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80897+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one); dmarc=pass(p=none dis=none) header.from=groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1632163594964350.47935551656485; Mon, 20 Sep 2021 11:46:34 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id OF3FYY1788612xNgtpoEC1qB; Mon, 20 Sep 2021 11:46:34 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.42]) by mx.groups.io with SMTP id smtpd.web10.1354.1632163593290461097 for ; Mon, 20 Sep 2021 11:46:33 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q3qpo/ArIRFXxK9DJ5yVrV133WOljyjhaMJYQX4sDm8QOLqwz5F7x8bT03jOSg0tKwnS+wVtlseZGeyEajQoRST5Hmd2hMoNyLUaGwXLQwefrf49Lv4paXVgC6WLYAV6mvmTTwh2M0cLXOX3+gqXqtkGjBDP1Ehy1IJDjpgEyU+ezV0G9qT6A5bkIUkD7v271xCXF86kemSckurCDaaBx7n2+cnzhulnhNJNsoi1Ps02F9M0urnkIlfgYYLZUtPCL2awPDY9oQo7l1yd6TxDH7xaVqPscCqqlln5jXzrQAdqmBpfCcwklqQ6yKs9ZVSCyAct+Vng+UpWWQ0m0d7p8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=K+RAaUEZPM3Oj8CKnpLf/nq1jec9JbPs9dxE2pXN2WM=; b=hxNCTP2j3IJcRbvI8O9b0ggEhbrlMiPfZqEUbfUUK/o3YxVqOLeFyio1k6aLBhaTz4PoZdTu79d4f+KNBGi/ed/plHq9P+uuNym19olzRgeFjzWYc5tVN3fIrzL7xAJoio3ezytdkZoXL0fyF1ZXR95Y9R+Cra5u7ekRcTwd7hcPh4eRsJn7fjDPA8pIRSk6MAdPoUOJaua0WAqFsYhaSg4bt4OM7qVSklZjGR/Q7veaQH8cOR4dIqdhiC+3gBw07/41ytZWH5kJMw4je3MV9MnG+X7oSPrcn1JLNEj7TvNohKlgEbEeStwuizH4aEEgCJijNJWYgRiWx1k25pKd9g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4575.namprd12.prod.outlook.com (2603:10b6:806:73::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14; Mon, 20 Sep 2021 18:46:31 +0000 X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4523.018; Mon, 20 Sep 2021 18:46:31 +0000 From: "Brijesh Singh via groups.io" To: devel@edk2.groups.io CC: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Michael Roth , Gerd Hoffmann , Brijesh Singh , Michael Roth Subject: [edk2-devel] [PATCH v8 15/32] OvmfPkg/MemEncryptSevLib: add function to check the VMPL0 Date: Mon, 20 Sep 2021 13:45:47 -0500 Message-ID: <20210920184604.31590-16-brijesh.singh@amd.com> In-Reply-To: <20210920184604.31590-1-brijesh.singh@amd.com> References: <20210920184604.31590-1-brijesh.singh@amd.com> X-ClientProxiedBy: SN4PR0201CA0034.namprd02.prod.outlook.com (2603:10b6:803:2e::20) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0201CA0034.namprd02.prod.outlook.com (2603:10b6:803:2e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14 via Frontend Transport; Mon, 20 Sep 2021 18:46:30 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b8b18474-4792-4265-a93f-08d97c66f61f X-MS-TrafficTypeDiagnostic: SA0PR12MB4575: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: 5yiS9pqp6E4XPkTspsbdU93J/FOIuEFzg8oWLWiRuE0GbfYBOREVhuUb+vG1usiCSZtGSrNNFe2zBCuLaZd7PWY3058Zx+mijufNa/9f13OoVF+azQKVwQGo8sTdHAKZZyqCWtT0yzivSNmv9+dap152S4DCEsT11Lq91PH9x3IP2Tv6yZcESU2ARHwyeOE1OdhHO67EMo+WjMhFxZJsbjSWc8EHiXpKjLxbdsse1LYVxSm2A2ih1c5UyQKztimjfHlqowuVzBTU/iskrFbRyf2OI9LoKjgGQ4Ab3YkPXbB072iE/hlYlimIsGm48WLC3vAh8INkH8ywpITU5ZQtxPjAMJsNGxsGRsD5U0rGfdlWX6KHbcR0wgexa9DFk/BfVW3CELlvjOPyouFcwpIdnRt1xRYEsWo9DgPgnkPiqUryGkEPqIKNexAHC3y9WrA3/Nlnf8cgdEqNvAQ0uxRSzO6tUtFlml3lx4ezbg9NcOf4a1wK++ofXtg7WRvq+gbdveHDEPynr7zkp30FgEP2oqDOkJP0yZ7ZGLUbrYoYMdmJ2pcTLIchXIQyou1RNG2E0zwzGNtw9lH8SGjvw/NPUX2U2pVn0wchtoIYlMje5hbClyYQ8G56dwgk9cFETTLdAo455jrG21EPLKeKtsWDHvCBaeSlbTj0Mn9xYCRgdc1pJOtJW6bHSMBitLLhqM31jbHgYaBISCFVTM/dsP/BCgDjGhnq4YKa+2sIzHJSeLWmZe4jI+g/CWOd1i/zp3Xn5ZAdc6QLKaLzAAEiDQdTKOTAEojvD2CT8y3nWrCXExA= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?N7oMic/YHFsbYyFsYE5y1wy2xJjhu1VklAFDKDpUnAYYZPy7Uf82eQgALAwR?= =?us-ascii?Q?E0M0BCpdAP8YknT4fJL4jT9oEV85tWiuN0gsnEInVkZf431xIK7uc0NLn+qQ?= =?us-ascii?Q?NpUMtZd3RoBywNn4m5AMW26LwM4NsaTYNB7l1JJ4aNuFzgv75HnlJkTCvLSy?= =?us-ascii?Q?JDzfYjL7ywZjc5FuOABxJCRkMVUsDqlkW7IWOyQyP3lefHntDGRLOlIVwd2p?= =?us-ascii?Q?eIzDyt4Cdmi4s9wMjxgJfWRgFs35b0Y56x3k2ZsXUCrpS5XgplFjPwKDawF3?= =?us-ascii?Q?dgI722eNcxvnM5qLSMk4/Fgp/w/mrlIu2psoWKa8OE39HjaElT8byuSixC8s?= =?us-ascii?Q?Ivi6cCdLMwSinKFm9h0zK17isw+HEVxZUmVAKMR/L5VCRYAKMUNRrh1MKLNd?= =?us-ascii?Q?MSHp+n8S2Uqh8RqpDl8Rrj3wxLMSWRWfzwPWzjJz838L+fAFjBo/BmZLaReE?= =?us-ascii?Q?8w0Qfw19xQ3ty+kee5ycj48SisWGJJQacRydePg70brheA4zYXewxX5uXIeG?= =?us-ascii?Q?Ok8tw+m4dYMqZHc2uAdv/NwerIw9pgdZ4WrVL6fGXKlFb9imGxZbc4HOPTbg?= =?us-ascii?Q?0+0pUtHXFxpCwf1sJHlatdwlOpJ7aiLR54mZtSgdFtIhfB+9TRRrXChqt+uo?= =?us-ascii?Q?i9Bv9REhlpGFH8t4AjzYl3OptRbpX1WboKU8Or9EeVH/TylKe6Wt7K80HOkW?= =?us-ascii?Q?q8usPaFAN9pfHmxGcKQFxM5hZ9v7vzpD3uXx5mkvdx32USBiVzK/IsYyuq2M?= =?us-ascii?Q?a8HM+5GflQokAzCWuIYfASq0N/ncwHiTNEC5DzQlOF5h5XMCJf8JdtBnZOI9?= =?us-ascii?Q?5+CypZEPx8oDxFwFO7rTj2Bovvz1RoI3lVRct9+qEO3R+UK3QyN+N5CnV/fF?= =?us-ascii?Q?UaBBX7aK+JKUEKz9fddPwKDnLJbYSq2d3Z5E/hEhVn0ax5AaMsMX05MdSLkN?= =?us-ascii?Q?kxBsV26+2pgkz+hvkB2E2pQ6aPoENFFRfsie+1iu42bSA/ipJTdJksLuiPAD?= =?us-ascii?Q?5WgEiEHYByy8SOqFrNgxpRODyeguw/heAOEVPvQPvUdKRcMbhTrla5+F3dds?= =?us-ascii?Q?YYQICxW+zR+ks9kVoSFWYgedBt29QmI05/QyrgpP6Gini1VGF4sz0SXQ2I/k?= =?us-ascii?Q?KcFRIYQYY/N53I7FXlDa0dOFQ9Rc75prwmbtPPUm5M054zysvWt/EB416q9Y?= =?us-ascii?Q?lPWEjcVhk51ePCaOgXhoV/iOGcL1HR80BiMydEhrHHfDM1XlzOK23HOwLelU?= =?us-ascii?Q?XI9LXLZSo8H3kjWzwz6ywxz6oFg8j9IQapZGmXLH+5ZORIqgXiYaL1HpSfb0?= =?us-ascii?Q?4VgPpowt645XQ05IUTAJqNKC?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: b8b18474-4792-4265-a93f-08d97c66f61f X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Sep 2021 18:46:30.8793 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: j1V3ZwxCLE6wluEprAasAzQA/pp5HtUADkZRSKcvyBcg+Vf8JdI9bVGqCqGY5meZ4QmzbTUuQFevwRAymDjNQQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4575 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com X-Gm-Message-State: LxGYfWXCG9HUyPVozJxSo7bex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1632163594; bh=xAFue+bkmfFNNYW3PdX8hBNlFxPzBdngyi+DOWuef6o=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=xMETABb6MhvEH1xhoBiu+dLsGhYhWhxYHQcasaKgeRtpGkq8zSQ+WpvfrwX7pYfMwwq /Kwe0yvauOkfLLTzZQtA7KQcZQyoCA6UlopENHxDyuOehe5+x4Rozkda/Cvrvxa4mPim6 +cOnfRFryB4gnSSnGAG/0nuc1n4Fu0/AWpk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1632163596930100010 Content-Type: text/plain; charset="utf-8" BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 Virtual Machine Privilege Level (VMPL) feature in the SEV-SNP architecture allows a guest VM to divide its address space into four levels. The level can be used to provide the hardware isolated abstraction layers with a VM. The VMPL0 is the highest privilege, and VMPL3 is the least privilege. Certain operations must be done by the VMPL0 software, such as: * Validate or invalidate memory range (PVALIDATE instruction) * Allocate VMSA page (RMPADJUST instruction when VMSA=3D1) The initial SEV-SNP support assumes that the guest is running on VMPL0. Let's add function in the MemEncryptSevLib that can be used for checking whether guest is booted under the VMPL0. Cc: Michael Roth Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Signed-off-by: Brijesh Singh --- .../X64/SnpPageStateChange.h | 5 ++ .../X64/SecSnpSystemRamValidate.c | 46 +++++++++++++++++++ .../X64/SnpPageStateChangeInternal.c | 1 - 3 files changed, 51 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h = b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h index 8bbdf06468b9..cc1318075523 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h @@ -28,4 +28,9 @@ InternalSetPageState ( IN BOOLEAN UseLargeEntry ); =20 +VOID +SnpPageStateFailureTerminate ( + VOID + ); + #endif diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValida= te.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c index 64aab7f45b6d..3394094a65e5 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c @@ -14,6 +14,43 @@ =20 #include "SnpPageStateChange.h" =20 +// +// The variable used for the VMPL check. +// +STATIC UINT8 gVmpl0Data[4096]; + +/** + The function checks whether SEV-SNP guest is booted under VMPL0. + + @retval TRUE The guest is booted under VMPL0 + @retval FALSE The guest is not booted under VMPL0 + **/ +STATIC +BOOLEAN +SevSnpIsVmpl0 ( + VOID + ) +{ + UINT64 Rdx; + EFI_STATUS Status; + + // + // There is no straightforward way to query the current VMPL level. + // The simplest method is to use the RMPADJUST instruction to change + // a page permission to a VMPL level-1, and if the guest kernel is + // launched at a level <=3D 1, then RMPADJUST instruction will return + // an error. + // + Rdx =3D 1; + + Status =3D AsmRmpAdjust ((UINT64) gVmpl0Data, 0, Rdx); + if (EFI_ERROR (Status)) { + return FALSE; + } + + return TRUE; +} + /** Pre-validate the system RAM when SEV-SNP is enabled in the guest VM. =20 @@ -32,5 +69,14 @@ MemEncryptSevSnpPreValidateSystemRam ( return; } =20 + // + // The page state change uses the PVALIDATE instruction. The instruction + // can be run on VMPL-0 only. If its not VMPL-0 guest then terminate + // the boot. + // + if (!SevSnpIsVmpl0 ()) { + SnpPageStateFailureTerminate (); + } + InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE); } diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInt= ernal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeIntern= al.c index 506df12d4e51..653151d4a422 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c @@ -40,7 +40,6 @@ MemoryStateToGhcbOp ( return Cmd; } =20 -STATIC VOID SnpPageStateFailureTerminate ( VOID --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80897): https://edk2.groups.io/g/devel/message/80897 Mute This Topic: https://groups.io/mt/85749029/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-