From nobody Sun Feb  8 11:59:31 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+60800+1787277+3901457@groups.io;
 helo=web01.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+60800+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1591363731967798.0056042168565;
 Fri, 5 Jun 2020 06:28:51 -0700 (PDT)
Return-Path: <bounce+27952+60800+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id K9HMYY1788612xdpAXjYXo14;
 Fri, 05 Jun 2020 06:28:51 -0700
X-Received: from NAM12-DM6-obe.outbound.protection.outlook.com
 (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.61])
 by mx.groups.io with SMTP id smtpd.web12.10872.1591363730710345513
 for <devel@edk2.groups.io>;
 Fri, 05 Jun 2020 06:28:50 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=iMr37TSKkZXVoXOCCojldFAJp1Suxfb+7wkkr3nKoWzWIXTgWE0DFO8/XIJ/MmdA7/hu2PspkUMk1JNtgtFJSUjdWHOBDq/CDfaAI7yieIYMqUVp/NN3fjW9MO0bmx9acKqyZTG4H3nLsnJ2lyxaePspfl0OfkSaiwlaG4Og5YpCNNOTllceko9fOFzO8x3fSjOv/sSbYsc5aglP7GKj+QNtZZpQOIJDJFxwDjLrvWRprAawYnM8x/rQtmavB1ibDiyl7do7m0XxYeym4xVmNIf2g1jtWiVzm5nmrWQDNcpTOjxgfh8L5Owfl/VSfzs+p1ZztHIY65o2J46ypGpXsQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=p/jo/AsHz+76fi2nYh51H+kzMjWAWnsfRhQieb415dQ=;
 b=MahqtWvR+E+O2C44unpc0sSjOIghz5TauhSy3aA8gVnQLJey0a5mqK8NIg8FqncYXgMwEYzxs40cl64BVasJGnRVGtwnoxbdyIkNGPJ8QOiaxhanJhHUgItzImTGTok2V7mJKn/hgg8MzAJRhvH01mcZzM/RRJNECVLum4/2YakCTMrxcSvTIPB2BagyjgdKxXNGzlIGNlbddF7Bmyc5/WfLIv3XYqizsJlQyGaVd0y8YihFN+EsFownGIJU+IAtui4jAHysuhn/5sclbJ6woc0htWKj00DWOEPXaR+KMF2/2er+be4CcngiLeux3q9dmZAe5wTDkPZwb+LCIJJmLg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7)
 by
 DM5PR12MB1354.namprd12.prod.outlook.com (2603:10b6:3:7a::17) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3066.20; Fri, 5 Jun 2020 13:28:49 +0000
X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::4ce1:9947:9681:c8b1]) by DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::4ce1:9947:9681:c8b1%10]) with mapi id 15.20.3066.019; Fri, 5 Jun 2020
 13:28:49 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.singh@amd.com>,
	Ard Biesheuvel <ard.biesheuvel@arm.com>,
	Eric Dong <eric.dong@intel.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Liming Gao <liming.gao@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Anthony Perard <anthony.perard@citrix.com>,
	Julien Grall <julien@xen.org>
Subject: [edk2-devel] [PATCH v9 30/46] OvmfPkg/PlatformPei: Reserve
 GHCB-related areas if S3 is supported
Date: Fri,  5 Jun 2020 08:27:21 -0500
Message-Id: 
 <4ee8c3d8077cd3ef90514d944110614f47f1bfbd.1591363657.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1591363657.git.thomas.lendacky@amd.com>
References: <cover.1591363657.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: DM5PR19CA0060.namprd19.prod.outlook.com
 (2603:10b6:3:116::22) To DM5PR12MB1355.namprd12.prod.outlook.com
 (2603:10b6:3:6e::7)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 DM5PR19CA0060.namprd19.prod.outlook.com (2603:10b6:3:116::22) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.18 via Frontend
 Transport; Fri, 5 Jun 2020 13:28:18 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: e30b50e6-a600-4f49-cb1c-08d809544f80
X-MS-TrafficTypeDiagnostic: DM5PR12MB1354:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM5PR12MB135436DB6C46A89712A71776EC860@DM5PR12MB1354.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 VViyzX9k0KLmkzjTyQF2qyC6iaUwtJo0PC2nsnv7GJjg2I2xs++krQtLEvSIrN9riC+/IbomJbA/YjQoX+YzDi+2zt7QDpvK+pLtWpA+kL1qr+skuD4PisHQ/WuT3IVNfLBjnFwQqT9YZX9QNz0sbkGkRO6mdB60FJZpjHwbc+ZwHdJ8XLza5UUqNLsKCCOEcSACDYC2+d0h+PKh9Q55edMoU0s5mQ75Oz/aYH0yuGjXM2atE5R2FCCdlOM1sRpcVUa4yT9ueuepUw3TIKYLtK9lAKo2yEhl3nqE1FHeVI6P7BUmaecl5gc+WEQvU8KGbpoSBaZcPx/wdA4mWG5Teeym54JPWMcA5y/+bmqwVLMxfHkXR4JPdu+IB47judamP3tCTG9T9POoxgktSwPcAN5EQN5k8SiqftWKn3uZG4EKt+1VqYeV7d1thEGxGb0IVRpK9lQSzFldG/BEjEouPw==
X-MS-Exchange-AntiSpam-MessageData: 
 H4U3QtDi3A0DWD9eDfJs63JnkldymW21qogjkFD8a2p7vBqkHGKJUecq5xqEto5Sb7KJbEJSwzMgsDtOfCTUO1a2pSxpN5q50DAR16n6FYKsOh1JpmsKwHyONYi5ZRGK/UhEF25ssV0jPJ9Fwn/D0BgybVR7BtoisHBSlotMchHI7cXHZcVyL2SDVMCYyFpbY6RhoBpSAkzWDmYRBbMEhPwHo3HqL+YsVAYJ3e5EvfQNqAqAqKAJ87Gfa1lzgHoCTujrk1dTsOAurHEm5NgrRfRSz71lGlP7k/KRDuMyVd+XyXANhrvhopVXs2FteXq8uc6EIoHx4HlfRR2LzwkLqNWpFlNrcJIoZHhov2bN/hu/FNxc8qim8HSqsyDo0wjAFTJRMBn02JKcOu/5ziaZk24y6RitMbD3IPKLAx+R4atg79mB5PV3WYKN9ibi+iJXR2vU2uLerAGCOclP0EYdIsmRPTkhcDdMm9mhnnsNOk8=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 e30b50e6-a600-4f49-cb1c-08d809544f80
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jun 2020 13:28:19.1317
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 H/n/Fb6qH9I3V2sQNbuEoCqJCIvjkafScLkSMbuyEDoqAnpALelEch/2fmw9aAGmOw8JHnOCk78+3DmOXmW5kg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1354
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: fpCIDjA5gZ6qVue8ShWHpyBsx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1591363731;
 bh=jzv9Xf9YQ7KywJOdG82OE9X9AA/SDi0GqGndCsxz9Fw=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=aqm2v7PIQ+Oo/MQmcCeBHFed8Kz97y0Jh1pxEJvk+2B+MlFBpaio7mxvkI1vIqwJoys
 MGnAB0tefkrxX1uq2S0J2263i0b+bFHJYSlba854dU5abBQnRnY3xcrBO9Hq75WH5nwBk
 tBgZM60NpiKqEzUGw9mtKTB1QJ3AJtpfNoU=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Protect the memory used by an SEV-ES guest when S3 is supported. This
includes the page table used to break down the 2MB page that contains
the GHCB so that it can be marked un-encrypted, as well as the GHCB
area.

Regarding the lifecycle of the GHCB-related memory areas:
  PcdOvmfSecGhcbPageTableBase
  PcdOvmfSecGhcbBase

(a) when and how it is initialized after first boot of the VM

  If SEV-ES is enabled, the GHCB-related areas are initialized during
  the SEC phase [OvmfPkg/ResetVector/Ia32/PageTables64.asm].

(b) how it is protected from memory allocations during DXE

  If S3 and SEV-ES are enabled, then InitializeRamRegions()
  [OvmfPkg/PlatformPei/MemDetect.c] protects the ranges with an AcpiNVS
  memory allocation HOB, in PEI.

  If S3 is disabled, then these ranges are not protected. DXE's own page
  tables are first built while still in PEI (see HandOffToDxeCore()
  [MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c]). Those tables are
  located in permanent PEI memory. After CR3 is switched over to them
  (which occurs before jumping to the DXE core entry point), we don't have
  to preserve PcdOvmfSecGhcbPageTableBase. PEI switches to GHCB pages in
  permanent PEI memory and DXE will use these PEI GHCB pages, so we don't
  have to preserve PcdOvmfSecGhcbBase.

(c) how it is protected from the OS

  If S3 is enabled, then (b) reserves it from the OS too.

  If S3 is disabled, then the range needs no protection.

(d) how it is accessed on the S3 resume path

  It is rewritten same as in (a), which is fine because (b) reserved it.

(e) how it is accessed on the warm reset path

  It is rewritten same as in (a).

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/PlatformPei/PlatformPei.inf |  4 ++++
 OvmfPkg/PlatformPei/MemDetect.c     | 23 ++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index 00feb96c9308..a54d10ba90d5 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -75,6 +75,10 @@ [Pcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageSize
   gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize
diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetec=
t.c
index 3b46ea431ade..6b5fee166b5d 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -27,6 +27,7 @@ Module Name:
 #include <Library/DebugLib.h>
 #include <Library/HobLib.h>
 #include <Library/IoLib.h>
+#include <Library/MemEncryptSevLib.h>
 #include <Library/PcdLib.h>
 #include <Library/PciLib.h>
 #include <Library/PeimEntryPoint.h>
@@ -866,6 +867,28 @@ InitializeRamRegions (
       (UINT64)(UINTN) PcdGet32 (PcdOvmfSecPageTablesSize),
       EfiACPIMemoryNVS
       );
+
+    if (MemEncryptSevEsIsEnabled ()) {
+      //
+      // If SEV-ES is enabled, reserve the GHCB-related memory area. This
+      // includes the extra page table used to break down the 2MB page
+      // mapping into 4KB page entries where the GHCB resides and the
+      // GHCB area itself.
+      //
+      // Since this memory range will be used by the Reset Vector on S3
+      // resume, it must be reserved as ACPI NVS.
+      //
+      BuildMemoryAllocationHob (
+        (EFI_PHYSICAL_ADDRESS)(UINTN) PcdGet32 (PcdOvmfSecGhcbPageTableBas=
e),
+        (UINT64)(UINTN) PcdGet32 (PcdOvmfSecGhcbPageTableSize),
+        EfiACPIMemoryNVS
+        );
+      BuildMemoryAllocationHob (
+        (EFI_PHYSICAL_ADDRESS)(UINTN) PcdGet32 (PcdOvmfSecGhcbBase),
+        (UINT64)(UINTN) PcdGet32 (PcdOvmfSecGhcbSize),
+        EfiACPIMemoryNVS
+        );
+    }
 #endif
   }
=20
--=20
2.27.0


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#60800): https://edk2.groups.io/g/devel/message/60800
Mute This Topic: https://groups.io/mt/74692450/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-