From nobody Fri Dec 19 17:40:32 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+57859+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 158757736810866.28403762388325; Wed, 22 Apr 2020 10:42:48 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id VMXBYY1788612xAIthLZ4Rd7; Wed, 22 Apr 2020 10:42:47 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.88]) by mx.groups.io with SMTP id smtpd.web11.483.1587577366746588780 for ; Wed, 22 Apr 2020 10:42:46 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=meGLr+dcLu8y7xFfzY3GovH6ZNgX3NKltDAifrKAVfG/It8Zvne0Xdtm7RtL3AZG5tCvXMHs2pG5o7BHePjhI/LyJdLg96IV2zXIHhd6+sdILchV7E9ciYSA3k7ayJMKyD6tKBslgHgKrchOC2eeaUzFf86hKzuGswp4EB58d3IZXEHUr4Xap+POgCngz50rBCwKRkeqZ9o+1O/USw1/JJvWI3aQEdkOwXf/FXv5aeM2LV5OIFnFZrLCRJClGb1qsP7EaYkgnApxtk71jC5GPftcm6FkTWPyGYcJB4QHtTZNm6grd+bqn7V1Ww4eGrm6XGVQSi8emNsbNi6td699RQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6QY98zHgVB6zRt2eoCnNI8ULoVZ4DWrrF4Q/kuqYDMA=; b=UVDPcwIiO54CbiMfJWUXXWXF2iW4HfoaksXlwa3MgA70cgPlFMhmQpGURI99ZvxNYSS3we7RtoOMSQH52rvSWMsDD9g71s+DbtJFLA6gy+/xsYC91Ug5VsS3fwmRr/kYanffHwJI4cXDlhfUzVJoTpIwqYR/fxcKDKObe3rKploN0hGMNnz2SIxmM96CQo2WBMCxa9d2H5SGVqT6F5p9dhhvRe6US8GgbTYqx+83W80bUWPBNecRF9ZmB0rpMQVzhjzQjGecc789N8uT/Am2uaw4A04/A/KtZlkw1xbf3rS3NYPke+p/iS3fwDd8/k0QIKdq8fADF08JLEkMj5SRDA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) by DM6PR12MB3673.namprd12.prod.outlook.com (2603:10b6:5:1c5::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2921.29; Wed, 22 Apr 2020 17:42:44 +0000 X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::9ae:cb95:c925:d5bf]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::9ae:cb95:c925:d5bf%4]) with mapi id 15.20.2921.030; Wed, 22 Apr 2020 17:42:44 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , Brijesh Singh Subject: [edk2-devel] [PATCH v7 28/43] OvmfPkg: Create a GHCB page for use during Sec phase Date: Wed, 22 Apr 2020 12:41:43 -0500 Message-Id: <72781aa98141d7358d2d6b340f943e63fab2cfb8.1587577317.git.thomas.lendacky@amd.com> In-Reply-To: References: X-ClientProxiedBy: DM5PR04CA0060.namprd04.prod.outlook.com (2603:10b6:3:ef::22) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from tlendack-t1.amd.com (165.204.77.1) by DM5PR04CA0060.namprd04.prod.outlook.com (2603:10b6:3:ef::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13 via Frontend Transport; Wed, 22 Apr 2020 17:42:43 +0000 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 0bb341de-ec9c-472b-60a5-08d7e6e49043 X-MS-TrafficTypeDiagnostic: DM6PR12MB3673:|DM6PR12MB3673: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5516; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+57859+1787277+3901457@groups.io; helo=web01.groups.io; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: ewjQy/AX6Lp67m/xi68F0bgR3YcYgZvwdl+0kUxXGANVJU/Y7z13lWMvn14VOAKrwZTHedzB0Eycy0Ys6YH4yQlF/+2J4PnQIs2ycVHLyl/tmFk1m+D8EBM+3LAxBjfH5mKhHc9nxIMQSldMYd9fhXH8+XK+QOUdnPLENgm5/ZRrB/8YnLAGo+kc7APEZ1WjPBW7H/skv/jnt+uKbesotBYfSqkeFAJYnwjj9LyhnbL4pxqyS0a/unaYmLc/I957TKo2dHrrs5k/nzFhoUnKUeacIOGSHUQVINKvdKN+B3AXzjxVY/tjFpNdnMvDVxWQK9oH5jRUaRLfa9mCTGtR6Pt7SluwcoS6KdWTYUfV0xocqu5NC5oYguRQ3KhJqksLLozMTWfTIqaOqPzEPtUjqTTmbIZElJJu7jT/ATzTFGvN8ip/kpCiMntvVMZ/K5iiJJAKAOgISpHUMYBmz+KDzALyLahIWi2mRLDRNNgg1L9esf26obLiw3lIpIA9h280E2vjrFjEc5aKWp9IlQlAH83YqTonQVjibAI7OMa2sABbAg8R+7lEDFy+BPzL0yx2P9QcMIDkp6+EGFxKRpi23g== X-MS-Exchange-AntiSpam-MessageData: eIAeES56jC24hMq/wXwOAnLu5BVxsm0LpAfyrP5y6zMNhcEyRf7gF9p+ashQKByMaVeNGL9HlkQZRysr8+jfLgrY1mnlOV+LpjSo5tpTybrzEjuSxaYqi9CtQHuMLj8W2I+S0MPoAHiygRK2Z2ZlNw== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0bb341de-ec9c-472b-60a5-08d7e6e49043 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2020 17:42:44.4760 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: F4XX+NBZSLJ4zyFvf00zGxIVBXhtYITcwCN7Ch5MK3c3JXMRjMdcfkJtAjGuXf9eiHtUBcA86CMhQ1b/YwxZuA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3673 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com X-Gm-Message-State: ibDXZXf3zG9eflDiUSWwVjrIx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1587577367; bh=LM6RWfeg+MySGYe1t5hYXILTeREdlYwxu0PLyU6dDug=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=C3lQY39rlw2spLUEmUaumYFjXli5Q4MUDewXR3bm2Eb9K399sJg65kvdzOX7/lrC6Mx XSdS9fwl1+WhmR9NbnNLUleXicHKEzc/e1+369BOK2ZeT1dniryGI/U9VLrOZW2JzQkZC 8/Fho7vnjFAW3o1F7yYzXE+Yj7+h1Z8lwU4= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198 A GHCB page is needed during the Sec phase, so this new page must be created. Since the #VC exception handler routines assume that a per-CPU variable area is immediately after the GHCB, this per-CPU variable area must also be created. Since the GHCB must be marked as an un-encrypted, or shared, page, an additional pagetable page is required to break down the 2MB region where the GHCB page lives into 4K pagetable entries. Create a new entry in the OVMF memory layout for the new page table page and for the SEC GHCB and per-CPU variable pages. After breaking down the 2MB page, update the GHCB page table entry to remove the encryption mask. The GHCB page will be used by the SEC #VC exception handler. The #VC exception handler will fill in the necessary fields of the GHCB and exit to the hypervisor using the VMGEXIT instruction. The hypervisor then accesses the GHCB in order to perform the requested function. Two new fixed PCDs are needed to support the SEC GHCB page: - PcdOvmfSecGhcbBase UINT64 value that is the base address of the GHCB used during the SEC phase. - PcdOvmfSecGhcbSize UINT64 value that is the size, in bytes, of the GHCB area used during the SEC phase. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Reviewed-by: Laszlo Ersek Signed-off-by: Tom Lendacky --- OvmfPkg/OvmfPkg.dec | 9 +++ OvmfPkg/OvmfPkgX64.fdf | 6 ++ OvmfPkg/ResetVector/ResetVector.inf | 5 ++ OvmfPkg/ResetVector/Ia32/PageTables64.asm | 70 +++++++++++++++++++++++ OvmfPkg/ResetVector/ResetVector.nasmb | 17 ++++++ 5 files changed, 107 insertions(+) diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec index 28030391cff2..4b450b878e44 100644 --- a/OvmfPkg/OvmfPkg.dec +++ b/OvmfPkg/OvmfPkg.dec @@ -270,6 +270,15 @@ [PcdsFixedAtBuild] ## Number of page frames to use for storing grant table entries. gUefiOvmfPkgTokenSpaceGuid.PcdXenGrantFrames|4|UINT32|0x33 =20 + ## Specify the extra page table needed to mark the GHCB as unencrypted. + # The value should be a multiple of 4KB for each. + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|0x0|UINT32|0x39 + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize|0x0|UINT32|0x3a + + ## The base address of the SEC GHCB page used by SEV-ES. + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|0|UINT32|0x3b + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize|0|UINT32|0x3c + [PcdsDynamic, PcdsDynamicEx] gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10 diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 25af9fbed48a..36414c1f8b49 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -76,6 +76,12 @@ [FD.MEMFD] 0x007000|0x001000 gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress|gUefiOvmfPkgT= okenSpaceGuid.PcdGuidedExtractHandlerTableSize =20 +0x008000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|gUefiOvmfPkgTokenSp= aceGuid.PcdOvmfSecGhcbPageTableSize + +0x009000|0x002000 +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.P= cdOvmfSecGhcbSize + 0x010000|0x010000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace= Guid.PcdOvmfSecPeiTempRamSize =20 diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese= tVector.inf index b0ddfa5832a2..483fd90fe785 100644 --- a/OvmfPkg/ResetVector/ResetVector.inf +++ b/OvmfPkg/ResetVector/ResetVector.inf @@ -26,6 +26,7 @@ [Sources] [Packages] OvmfPkg/OvmfPkg.dec MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec UefiCpuPkg/UefiCpuPkg.dec =20 [BuildOptions] @@ -33,5 +34,9 @@ [BuildOptions] *_*_X64_NASMB_FLAGS =3D -I$(WORKSPACE)/UefiCpuPkg/ResetVector/Vtf0/ =20 [Pcd] + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto= r/Ia32/PageTables64.asm index abad009f20f5..c3587a1b7814 100644 --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm @@ -21,6 +21,11 @@ BITS 32 %define PAGE_2M_MBO 0x080 %define PAGE_2M_PAT 0x01000 =20 +%define PAGE_4K_PDE_ATTR (PAGE_ACCESSED + \ + PAGE_DIRTY + \ + PAGE_READ_WRITE + \ + PAGE_PRESENT) + %define PAGE_2M_PDE_ATTR (PAGE_2M_MBO + \ PAGE_ACCESSED + \ PAGE_DIRTY + \ @@ -75,6 +80,37 @@ NoSev: SevExit: OneTimeCallRet CheckSevFeature =20 +; Check if Secure Encrypted Virtualization - Encrypted State (SEV-ES) feat= ure +; is enabled. +; +; Modified: EAX, EBX, ECX +; +; If SEV-ES is enabled then EAX will be non-zero. +; If SEV-ES is disabled then EAX will be zero. +; +CheckSevEsFeature: + xor eax, eax + + ; SEV-ES can't be enabled if SEV isn't, so first check the encryption + ; mask. + test edx, edx + jz NoSevEs + + ; Save current value of encryption mask + mov ebx, edx + + ; Check if SEV-ES is enabled + ; MSR_0xC0010131 - Bit 1 (SEV-ES enabled) + mov ecx, 0xc0010131 + rdmsr + and eax, 2 + + ; Restore encryption mask + mov edx, ebx + +NoSevEs: + OneTimeCallRet CheckSevEsFeature + ; ; Modified: EAX, EBX, ECX, EDX ; @@ -139,6 +175,40 @@ pageTableEntriesLoop: mov [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx loop pageTableEntriesLoop =20 + OneTimeCall CheckSevEsFeature + test eax, eax + jz SetCr3 + + ; + ; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted. + ; This requires the 2MB page for this range be broken down into 512 4KB + ; pages. All will be marked encrypted, except for the GHCB. + ; + mov ecx, (GHCB_BASE >> 21) + mov eax, GHCB_PT_ADDR + PAGE_PDP_ATTR + mov [ecx * 8 + PT_ADDR (0x2000)], eax + + ; + ; Page Table Entries (512 * 4KB entries =3D> 2MB) + ; + mov ecx, 512 +pageTableEntries4kLoop: + mov eax, ecx + dec eax + shl eax, 12 + add eax, GHCB_BASE & 0xFFE0_0000 + add eax, PAGE_4K_PDE_ATTR + mov [ecx * 8 + GHCB_PT_ADDR - 8], eax + mov [(ecx * 8 + GHCB_PT_ADDR - 8) + 4], edx + loop pageTableEntries4kLoop + + ; + ; Clear the encryption bit from the GHCB entry + ; + mov ecx, (GHCB_BASE & 0x1F_FFFF) >> 12 + mov [ecx * 8 + GHCB_PT_ADDR + 4], strict dword 0 + +SetCr3: ; ; Set CR3 now that the paging structures are available ; diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re= setVector.nasmb index 75cfe16654b1..bfb77e439105 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -53,8 +53,25 @@ %error "This implementation inherently depends on PcdOvmfSecPageTables= Size" %endif =20 + %if (FixedPcdGet32 (PcdOvmfSecGhcbPageTableSize) !=3D 0x1000) + %error "This implementation inherently depends on PcdOvmfSecGhcbPageTa= bleSize" + %endif + + %if (FixedPcdGet32 (PcdOvmfSecGhcbSize) !=3D 0x2000) + %error "This implementation inherently depends on PcdOvmfSecGhcbSize" + %endif + + %if ((FixedPcdGet32 (PcdOvmfSecGhcbBase) >> 21) !=3D \ + ((FixedPcdGet32 (PcdOvmfSecGhcbBase) + FixedPcdGet32 (PcdOvmfSecGhc= bSize) - 1) >> 21)) + %error "This implementation inherently depends on PcdOvmfSecGhcbBase n= ot straddling a 2MB boundary" + %endif + %define PT_ADDR(Offset) (FixedPcdGet32 (PcdOvmfSecPageTablesBase) + (Off= set)) %include "Ia32/Flat32ToFlat64.asm" + + %define GHCB_PT_ADDR (FixedPcdGet32 (PcdOvmfSecGhcbPageTableBase)) + %define GHCB_BASE (FixedPcdGet32 (PcdOvmfSecGhcbBase)) + %define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize)) %include "Ia32/PageTables64.asm" %endif =20 --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#57859): https://edk2.groups.io/g/devel/message/57859 Mute This Topic: https://groups.io/mt/73201929/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-