From nobody Tue Nov 26 01:54:54 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+63879+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+63879+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1596829489912175.8110004036481; Fri, 7 Aug 2020 12:44:49 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id FTcBYY1788612xBM4fH0zz35; Fri, 07 Aug 2020 12:44:49 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.87]) by mx.groups.io with SMTP id smtpd.web12.4286.1596829488144217767 for ; Fri, 07 Aug 2020 12:44:48 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YWp9k1xRSvZ2B1OfNltEZosId1sDmZ75m53CF+8wwigd8Lr6vBdUt90qULVwqjHh9/80DO5blnhwcPEfmOQMvZtdmdwVY097AVOarQgSn5fUvU+T4HBb7JCkJPdm87XwyQPuaIK0MN52C0Beif/hOxPs7nuggSBdX6MMLhaGHql1kT/FjR++tRfMewcCQF+aCHVNlGyPMHadDwpK9LLObEMg/OMbRyWbYHGBElT9RfAriqz8se68x7g8GTyCK6gbMORD55VsGCF5ypx9FeHQqAmx6epLo+0jp7UC0I+G5C1WwjL+tPgeXbKVJ33dHxN89QGxp7eFHoKO6b3HkPuxWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=S26Dux0cwurzGpks92C9p7rCgsyx41XUiYYP5lYQTJU=; b=CaXYRNu33N5RE9bEXdN5pVEIFwkCPoOjb6Ks+t7qOpOrCK/RNQmkWDs45/KCU6/g32ne0vwsXoQPzRN/gFTPaCg49rOuaEULpPvAFWkGw1oyGmN8wicnDf4sb/Lm1rMnUpXzTIhVrOP2pHMICBzDBg3JlrylTnHIe1bYsEBFN9eU4U5yxcTuUb/XOmBusR3yEIj4GhBUCPFH0rKexxoc5q8wv2pKgCq6ymNKNufBZ3E0qLA3qdO1AkDm5QmLxJ3KiiSDsGnYx+mYLSj7sW1BYkApSWWJSM5xxC17cjm2auGuOT41cMds7DpHoPDB7R1A/9semgYR5gx39m10ZCUnqg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) by CY4PR12MB1541.namprd12.prod.outlook.com (2603:10b6:910:7::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.18; Fri, 7 Aug 2020 19:44:46 +0000 X-Received: from CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::9181:78bf:bf0:702b]) by CY4PR12MB1352.namprd12.prod.outlook.com ([fe80::9181:78bf:bf0:702b%5]) with mapi id 15.20.3239.024; Fri, 7 Aug 2020 19:44:46 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , Ard Biesheuvel , Eric Dong , Jordan Justen , Laszlo Ersek , Liming Gao , Michael D Kinney , Ray Ni Subject: [edk2-devel] [PATCH v14 37/46] OvmfPkg/Sec: Add #VC exception handling for Sec phase Date: Fri, 7 Aug 2020 14:39:22 -0500 Message-ID: <728f78274d19f4fc3fda7133d41cb410f24f22eb.1596829170.git.thomas.lendacky@amd.com> In-Reply-To: References: X-ClientProxiedBy: DM5PR07CA0166.namprd07.prod.outlook.com (2603:10b6:3:ee::32) To CY4PR12MB1352.namprd12.prod.outlook.com (2603:10b6:903:3a::13) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from tlendack-t1.amd.com (165.204.77.1) by DM5PR07CA0166.namprd07.prod.outlook.com (2603:10b6:3:ee::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.18 via Frontend Transport; Fri, 7 Aug 2020 19:44:45 +0000 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 524434d0-8418-4881-e0ab-08d83b0a5673 X-MS-TrafficTypeDiagnostic: CY4PR12MB1541: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: oaaSzUz+wd4cM9KxwDt0bG2yjo03d+Wt+rvReu+U+yhjmVBBZ2LBj/1HjKJdLmcRESpOzQg0KuCXAwe31gjxsgHXD8wVVdOsnCu8HzS4mgB+BtlS24oLIuof7M+CFtSxUZ/18rCHf5qvtIfF/x6IRjknfBrb3I36aeHj1UI8CkM7+hGEKhs9YNJ+yKT83CXeXN5U52cpeyVAMuaABnlCTc6Wr06IvOQkBmqBbzWDo5WOWzg9HHR8TNqZABZyIAABTDUDrsaeymxw0z3GdZENF9VlkJ9UE8HzAsEsA8iatttsk5bOPhXzelyvjMMsVP/LccEApc7wVSexaVIAG/fvYrAHmOZ3ENJKshqF6rzdBfhy6/liZeFKhU0qhgs1UYRKs3phHLI/1BD+Sa5eFWkga/JS/Bsy3PlLjy2IXUVAWesOUsxjxFG2BISx+lpDiEtk5BFN+UrBrg+n7cAIp3/5vg== X-MS-Exchange-AntiSpam-MessageData: Y0l/hz0024yiKj2Mw4jp4wFeTXRQvJriDmm9zYyopTuOrPtZ//0VWZu6A/A/F/WdJ39Qvs8HBlRkRNnrJgJ0x50ShUAM68BmHRXykY0OKHgQtY2CIEEU828FWQuuYxRLC+HAcJn9NR0JOD072ZuTunDxSRYqRRv5M4kf5n43L9cXaWBnM3ys9SLkBmomV5rxSwh/XYKZSUEVbupzL0Yw7cUCcl3hsjsfF78xo/4H2bDE+FxzWqllYqAaY2OEinFhtJrjR7xqAaSLrfU21FvhPa3cCTO2pky0saueIQOAFn4tBa/YQPUK74nelCenS7kVUCAKR3MgNcLllSrcwuo/1fhnIBq+D9B0JJJIhvq7WigANjO84EEnnHc4I+92wB0ThgMJWeXkzC3/R/iGuNjVj/QhIHc2mDVdUUhT29gF7j+tIX4/XTbi5B7n7LHQtg6RJSwvQLavVhcI5yNZlc/Gecoa5ULtmoMuY5oeiaP8guskKiIqnxyUPBAUJ6Z200J/waFr9V9nuLwXj4AulKs6gmf03MapXW1z0runkyKOrZOJegG98MJCgrYMySvBGB5xq23L6oeGyNAV/p+d6hoN5mpzHNU+5hSZaqGfaF6V5AWSGWzTFvvxB7/WuSYr3BW5lMjYJ10O+5NGe/hM8KzkOQ== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 524434d0-8418-4881-e0ab-08d83b0a5673 X-MS-Exchange-CrossTenant-AuthSource: CY4PR12MB1352.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Aug 2020 19:44:46.1650 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: KWFj7FN1cBohsxI+O5CGPXfE+YedYp801a2iVFEfQal82KXKCpUFs+0FaFYjmjTn4zQH5/XViwC/7I7KR6mbqQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1541 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com X-Gm-Message-State: mpBO7X3qMUlW8oYPoCKR4Yzxx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1596829489; bh=shMe0bbMl+DsPnRN57Yirlr6e8P7eut3sq4maJXImLE=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=VSCT8SXqYSOOKvfp3jxx6f+w+hiSXAI9gprutVgxkx7qoTFFdy1yr26mXTV99/JyHQP vhjzGVZlgZdiGCU09R3pg4MyxX+q51iwrIQ6zqmKGpYw6Fk360/NcXlyFgd61AKo1uZqU lZ+XzyKO0TacNy8KFVy8w4rPWg2g1NAB6pk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198 An SEV-ES guest will generate a #VC exception when it encounters a non-automatic exit (NAE) event. It is expected that the #VC exception handler will communicate with the hypervisor using the GHCB to handle the NAE event. NAE events can occur during the Sec phase, so initialize exception handling early in the OVMF Sec support. Before establishing the exception handling, validate that the supported version of the SEV-ES protocol in OVMF is supported by the hypervisor. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Reviewed-by: Laszlo Ersek Signed-off-by: Tom Lendacky --- OvmfPkg/Sec/SecMain.inf | 4 + OvmfPkg/Sec/SecMain.c | 181 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 172 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf index 63ba4cb555fb..7f78dcee2772 100644 --- a/OvmfPkg/Sec/SecMain.inf +++ b/OvmfPkg/Sec/SecMain.inf @@ -50,15 +50,19 @@ [LibraryClasses] PeCoffExtraActionLib ExtractGuidedSectionLib LocalApicLib + CpuExceptionHandlerLib =20 [Ppis] gEfiTemporaryRamSupportPpiGuid # PPI ALWAYS_PRODUCED =20 [Pcd] + gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c index 6dea6e771a29..c2a35463dce4 100644 --- a/OvmfPkg/Sec/SecMain.c +++ b/OvmfPkg/Sec/SecMain.c @@ -24,6 +24,9 @@ #include #include #include +#include +#include +#include =20 #include =20 @@ -34,6 +37,10 @@ typedef struct _SEC_IDT_TABLE { IA32_IDT_GATE_DESCRIPTOR IdtTable[SEC_IDT_ENTRY_COUNT]; } SEC_IDT_TABLE; =20 +typedef struct _SEC_SEV_ES_WORK_AREA { + UINT8 SevEsEnabled; +} SEC_SEV_ES_WORK_AREA; + VOID EFIAPI SecStartupPhase2 ( @@ -712,6 +719,120 @@ FindAndReportEntryPoints ( return; } =20 +/** + Handle an SEV-ES/GHCB protocol check failure. + + Notify the hypervisor using the VMGEXIT instruction that the SEV-ES guest + wishes to be terminated. + + @param[in] ReasonCode Reason code to provide to the hypervisor for the + termination request. + +**/ +STATIC +VOID +SevEsProtocolFailure ( + IN UINT8 ReasonCode + ) +{ + MSR_SEV_ES_GHCB_REGISTER Msr; + + // + // Use the GHCB MSR Protocol to request termination by the hypervisor + // + Msr.GhcbPhysicalAddress =3D 0; + Msr.GhcbTerminate.Function =3D GHCB_INFO_TERMINATE_REQUEST; + Msr.GhcbTerminate.ReasonCodeSet =3D GHCB_TERMINATE_GHCB; + Msr.GhcbTerminate.ReasonCode =3D ReasonCode; + AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress); + + AsmVmgExit (); + + ASSERT (FALSE); + CpuDeadLoop (); +} + +/** + Validate the SEV-ES/GHCB protocol level. + + Verify that the level of SEV-ES/GHCB protocol supported by the hypervisor + and the guest intersect. If they don't intersect, request termination. + +**/ +STATIC +VOID +SevEsProtocolCheck ( + VOID + ) +{ + MSR_SEV_ES_GHCB_REGISTER Msr; + GHCB *Ghcb; + + // + // Use the GHCB MSR Protocol to obtain the GHCB SEV-ES Information for + // protocol checking + // + Msr.GhcbPhysicalAddress =3D 0; + Msr.GhcbInfo.Function =3D GHCB_INFO_SEV_INFO_GET; + AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress); + + AsmVmgExit (); + + Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB); + + if (Msr.GhcbInfo.Function !=3D GHCB_INFO_SEV_INFO) { + SevEsProtocolFailure (GHCB_TERMINATE_GHCB_GENERAL); + } + + if (Msr.GhcbProtocol.SevEsProtocolMin > Msr.GhcbProtocol.SevEsProtocolMa= x) { + SevEsProtocolFailure (GHCB_TERMINATE_GHCB_PROTOCOL); + } + + if ((Msr.GhcbProtocol.SevEsProtocolMin > GHCB_VERSION_MAX) || + (Msr.GhcbProtocol.SevEsProtocolMax < GHCB_VERSION_MIN)) { + SevEsProtocolFailure (GHCB_TERMINATE_GHCB_PROTOCOL); + } + + // + // SEV-ES protocol checking succeeded, set the initial GHCB address + // + Msr.GhcbPhysicalAddress =3D FixedPcdGet32 (PcdOvmfSecGhcbBase); + AsmWriteMsr64 (MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress); + + Ghcb =3D Msr.Ghcb; + SetMem (Ghcb, sizeof (*Ghcb), 0); + + // + // Set the version to the maximum that can be supported + // + Ghcb->ProtocolVersion =3D MIN (Msr.GhcbProtocol.SevEsProtocolMax, GHCB_V= ERSION_MAX); + Ghcb->GhcbUsage =3D GHCB_STANDARD_USAGE; +} + +/** + Determine if SEV-ES is active. + + During early booting, SEV-ES support code will set a flag to indicate th= at + SEV-ES is enabled. Return the value of this flag as an indicator that SE= V-ES + is enabled. + + @retval TRUE SEV-ES is enabled + @retval FALSE SEV-ES is not enabled + +**/ +STATIC +BOOLEAN +SevEsIsEnabled ( + VOID + ) +{ + SEC_SEV_ES_WORK_AREA *SevEsWorkArea; + + SevEsWorkArea =3D (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAr= eaBase); + + return ((SevEsWorkArea !=3D NULL) && (SevEsWorkArea->SevEsEnabled !=3D 0= )); +} + VOID EFIAPI SecCoreStartupWithStack ( @@ -737,8 +858,55 @@ SecCoreStartupWithStack ( Table[Index] =3D 0; } =20 + // + // Initialize IDT - Since this is before library constructors are called, + // we use a loop rather than CopyMem. + // + IdtTableInStack.PeiService =3D NULL; + for (Index =3D 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) { + UINT8 *Src, *Dst; + UINTN Byte; + + Src =3D (UINT8 *) &mIdtEntryTemplate; + Dst =3D (UINT8 *) &IdtTableInStack.IdtTable[Index]; + for (Byte =3D 0; Byte < sizeof (mIdtEntryTemplate); Byte++) { + Dst[Byte] =3D Src[Byte]; + } + } + + IdtDescriptor.Base =3D (UINTN)&IdtTableInStack.IdtTable; + IdtDescriptor.Limit =3D (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1); + + if (SevEsIsEnabled ()) { + SevEsProtocolCheck (); + + // + // For SEV-ES guests, the exception handler is needed before calling + // ProcessLibraryConstructorList() because some of the library constru= ctors + // perform some functions that result in #VC exceptions being generate= d. + // + // Due to this code executing before library constructors, *all* libra= ry + // API calls are theoretically interface contract violations. However, + // because this is SEC (executing in flash), those constructors cannot + // write variables with static storage duration anyway. Furthermore, o= nly + // a small, restricted set of APIs, such as AsmWriteIdtr() and + // InitializeCpuExceptionHandlers(), are called, where we require that= the + // underlying library not require constructors to have been invoked and + // that the library instance not trigger any #VC exceptions. + // + AsmWriteIdtr (&IdtDescriptor); + InitializeCpuExceptionHandlers (NULL); + } + ProcessLibraryConstructorList (NULL, NULL); =20 + if (!SevEsIsEnabled ()) { + // + // For non SEV-ES guests, just load the IDTR. + // + AsmWriteIdtr (&IdtDescriptor); + } + DEBUG ((DEBUG_INFO, "SecCoreStartupWithStack(0x%x, 0x%x)\n", (UINT32)(UINTN)BootFv, @@ -751,19 +919,6 @@ SecCoreStartupWithStack ( // InitializeFloatingPointUnits (); =20 - // - // Initialize IDT - // - IdtTableInStack.PeiService =3D NULL; - for (Index =3D 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) { - CopyMem (&IdtTableInStack.IdtTable[Index], &mIdtEntryTemplate, sizeof = (mIdtEntryTemplate)); - } - - IdtDescriptor.Base =3D (UINTN)&IdtTableInStack.IdtTable; - IdtDescriptor.Limit =3D (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1); - - AsmWriteIdtr (&IdtDescriptor); - #if defined (MDE_CPU_X64) // // ASSERT that the Page Tables were set by the reset vector code to --=20 2.27.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#63879): https://edk2.groups.io/g/devel/message/63879 Mute This Topic: https://groups.io/mt/76056589/1787277 Mute #vc: https://groups.io/g/edk2/mutehashtag/vc Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-