From nobody Sun Feb  8 18:32:51 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53779+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857388027991.7059884935894;
 Tue, 4 Feb 2020 15:03:08 -0800 (PST)
Return-Path: <bounce+27952+53779+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id vBNRYY1788612xkd2JVePLMg;
 Tue, 04 Feb 2020 15:03:07 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:07 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=cyM8LlysJy32+seUojcG2h0okkhvTgThB7tlsyXCvssAoDQ3fjRUERNnI2VtocS47m5y1skOZlHJKrJVxA0VEahf7GyRI33jAiLSSYX1REnBKzE+xCvdb6DDYw9ROnGPigJrqol4LYYbvVwsChTqEkB1J5Ij7usK2u8KR4JNZo7mT+4QJAG1D+JQkNOrJLpMx+S+D8gLRm1NwZaVU2rVNEJlwL4gEZcLsjSxW1+TFUO8dXH5sz1kSZFqFitESymDM5c/RxsVHfy1ohQc9c/u47lv+yyV875JaJ0I+fxQI18xHIMXmZW6Hp/BXyXUOnJ12ZkLIZy9ow/P5BPIgDLAkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=FPJ+maiqB+MGO+G/y6fU6OXTtJFjducuKZXQ/HBbtTc=;
 b=n+U3Oa84GZHqbKUvuRSfBffkVijx2vSzZIhk3pv4fDWJgUAM0RJ+DTsZCZfR7BO2LUQHgZuxlYeCKl/oJCZeIsaXjZmMoATge2RNj/UmlQa8QcGzbNWHtkyhzZA8+lTmH4ueVbrXVCYxEVg6237ifdlwwxbP4TONtTjPRT1PnfeZnXoFWLRHeBpkuMhhh5rsmW/O3zBNFG+SeTyOATSrU5rxnix5xaRQMRFwodXoD90LAQlmOmq/eSWf0HwIGzuwNjDnQc0V/+Czvqs5bBTPdsOj8hcKWnbgbNBV5jwM/bBj8ADSvh6RipY0/TzqsI+7U7Gh3dU1fv/Cj3t4GrjbAw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:05 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:05 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 32/40] OvmfPkg/Sec: Add #VC exception handling
 for Sec phase
Date: Tue,  4 Feb 2020 17:01:36 -0600
Message-Id: 
 <2af37abfa288fb07caf3bdbfe694278caad203ac.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:35 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: cef2e05f-f7dc-4b70-80d7-08d7a9c65362
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930C0EAA9236750B75827A1EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53779+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 DdjiXqxAu2IIk7Hs8Dwq69NZwnOLZpqDlIJBI9o4g1zIcYqCYSTHIaeGRBv02XWbZKvj3xMfEXEGYoUGXfR+ELCQ4XneE+QqQ6e3mfK3kpvt9RMZ51LDgeUQintJwC+cz4swkDfsppik2andUW64h21WrmlYtORrlSFP04/O0UqNoIBDNYaHDNkqC3bAnwfu3zvLgaN6xPe3G86ZlNy9SQcNvGUPBHOnodWamrmh5TWLQuub1CyNvj6dtV5MqklHGpQnQFEGgTZQ4aXNNv1npYOqJIQC0ItLiBwSa31H6KMSdOSzuc7PrT/nJSj72CPV81udpmKCL0ltKW2jP0fmQaZ8CSJ0ienxgh3fbkTtnFQ0wnCb1OUakSJ71LMrnrq7O/q1ijc/ocNqyK8vN46G37q2msaRVCxS9MJ97LyMOp7/MoTn2jPyz13ZE+7n3iynuUCahYK1iqbSzios4hahZkqM+Wohh7K3rDsVCn87Sz8VBmXguTSxjNH6nMeapwwCqPFGIVlNabqTCv5cEq2GZg==
X-MS-Exchange-AntiSpam-MessageData: 
 6tXWzl1AHnufQ5yc6MYivG0ffGH41GLeu8IWLyQ9IIetAcW9fPnkh28kHQgr0r8GKIF09+9xEF4X2aze2unHMnehJCrNe7t0aQXW+1gE79l50f0WUXfNk1rMm1PS8A4wQXjdPN11tLT6xIL7CszzLQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 cef2e05f-f7dc-4b70-80d7-08d7a9c65362
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:36.6456
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 O4oqfwlzWBG8XIOuPc+lpB7nzAAsd1DM9To9TPFLpyJHw95AejMFAmO3OEB2f4w3JF3sINZogsUKKXZkHdMbtw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: c7bA3aBKgWpIu83FSK0AlMUQx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857387;
 bh=m5i87ZWoQHVpRUS6a6zQcniYX8Q+p063pMSw+dkEGlM=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=vVLk9SqThZ+4NyoElFV/zn4rKpjIy2Ub4dRa2fCKbFoM3qu1Uk5i5S5/mgmlSq7Wk76
 eP6WhWmGnE8FV1LFSifHf9GzJ+o0/W3MjT5RBkwk9+SHTqLAeE9cnjyJ8kVdBAreYNRk7
 aWV7JiDOPZs+9INpgS2FhqD3sNC2BvorkQU=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

An SEV-ES guest will generate a #VC exception when it encounters a
non-automatic exit (NAE) event. It is expected that the #VC exception
handler will communicate with the hypervisor using the GHCB to handle
the NAE event.

NAE events can occur during the Sec phase, so initialize exception
handling early in the OVMF Sec support.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/Sec/SecMain.inf |  2 ++
 OvmfPkg/Sec/SecMain.c   | 76 ++++++++++++++++++++++++++++++++++-------
 2 files changed, 65 insertions(+), 13 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
index 63ba4cb555fb..401d06039dd3 100644
--- a/OvmfPkg/Sec/SecMain.inf
+++ b/OvmfPkg/Sec/SecMain.inf
@@ -50,11 +50,13 @@ [LibraryClasses]
   PeCoffExtraActionLib
   ExtractGuidedSectionLib
   LocalApicLib
+  CpuExceptionHandlerLib
=20
 [Ppis]
   gEfiTemporaryRamSupportPpiGuid                # PPI ALWAYS_PRODUCED
=20
 [Pcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index bae9764577f0..2bab7128ade2 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -24,6 +24,7 @@
 #include <Library/PeCoffExtraActionLib.h>
 #include <Library/ExtractGuidedSectionLib.h>
 #include <Library/LocalApicLib.h>
+#include <Library/CpuExceptionHandlerLib.h>
=20
 #include <Ppi/TemporaryRamSupport.h>
=20
@@ -34,6 +35,10 @@ typedef struct _SEC_IDT_TABLE {
   IA32_IDT_GATE_DESCRIPTOR  IdtTable[SEC_IDT_ENTRY_COUNT];
 } SEC_IDT_TABLE;
=20
+typedef struct _SEC_SEV_ES_WORK_AREA {
+  UINT8  SevEsEnabled;
+} SEC_SEV_ES_WORK_AREA;
+
 VOID
 EFIAPI
 SecStartupPhase2 (
@@ -712,6 +717,19 @@ FindAndReportEntryPoints (
   return;
 }
=20
+STATIC
+BOOLEAN
+SevEsIsEnabled (
+  VOID
+  )
+{
+  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;
+
+  SevEsWorkArea =3D (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAr=
eaBase);
+
+  return ((SevEsWorkArea !=3D NULL) && (SevEsWorkArea->SevEsEnabled !=3D 0=
));
+}
+
 VOID
 EFIAPI
 SecCoreStartupWithStack (
@@ -737,8 +755,53 @@ SecCoreStartupWithStack (
     Table[Index] =3D 0;
   }
=20
+  //
+  // Initialize IDT - Since this is before library constructors are called,
+  // we use a loop rather than CopyMem.
+  //
+  IdtTableInStack.PeiService =3D NULL;
+  for (Index =3D 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) {
+    UINT8  *Src, *Dst;
+    UINTN  Byte;
+
+    Src =3D (UINT8 *) &mIdtEntryTemplate;
+    Dst =3D (UINT8 *) &IdtTableInStack.IdtTable[Index];
+    for (Byte =3D 0; Byte < sizeof (mIdtEntryTemplate); Byte++) {
+      Dst[Byte] =3D Src[Byte];
+    }
+  }
+
+  IdtDescriptor.Base  =3D (UINTN)&IdtTableInStack.IdtTable;
+  IdtDescriptor.Limit =3D (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1);
+
+  if (SevEsIsEnabled()) {
+    //
+    // For SEV-ES guests, the exception handler is needed before calling
+    // ProcessLibraryConstructorList() because some of the library constru=
ctors
+    // perform some functions that result in #VC exceptions being generate=
d.
+    //
+    // Due to this code executing before library constructors, *all* libra=
ry
+    // API calls are theoretically interface contract violations. However,
+    // because this is SEC (executing in flash), those constructors cannot
+    // write variables with static storage duration anyway. Furthermore, o=
nly
+    // a small, restricted set of APIs, such as AsmWriteIdtr() and
+    // InitializeCpuExceptionHandlers(), are called, where we require that=
 the
+    // underlying library not require constructors to have been invoked and
+    // that the library instance not trigger any #VC exceptions.
+    //
+    AsmWriteIdtr (&IdtDescriptor);
+    InitializeCpuExceptionHandlers (NULL);
+  }
+
   ProcessLibraryConstructorList (NULL, NULL);
=20
+  if (!SevEsIsEnabled()) {
+    //
+    // For non SEV-ES guests, just load the IDTR.
+    //
+    AsmWriteIdtr (&IdtDescriptor);
+  }
+
   DEBUG ((EFI_D_INFO,
     "SecCoreStartupWithStack(0x%x, 0x%x)\n",
     (UINT32)(UINTN)BootFv,
@@ -751,19 +814,6 @@ SecCoreStartupWithStack (
   //
   InitializeFloatingPointUnits ();
=20
-  //
-  // Initialize IDT
-  //
-  IdtTableInStack.PeiService =3D NULL;
-  for (Index =3D 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) {
-    CopyMem (&IdtTableInStack.IdtTable[Index], &mIdtEntryTemplate, sizeof =
(mIdtEntryTemplate));
-  }
-
-  IdtDescriptor.Base  =3D (UINTN)&IdtTableInStack.IdtTable;
-  IdtDescriptor.Limit =3D (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1);
-
-  AsmWriteIdtr (&IdtDescriptor);
-
 #if defined (MDE_CPU_X64)
   //
   // ASSERT that the Page Tables were set by the reset vector code to
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53779): https://edk2.groups.io/g/devel/message/53779
Mute This Topic: https://groups.io/mt/70985002/1787277
Mute #vc: https://groups.io/mk?hashtag=3Dvc&subid=3D3901457
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-