From nobody Mon Feb 9 19:54:05 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+76804+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+76804+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 162428382721075.65023741241419; Mon, 21 Jun 2021 06:57:07 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id C011YY1788612xWb9otMXXnW; Mon, 21 Jun 2021 06:57:05 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.70]) by mx.groups.io with SMTP id smtpd.web12.47519.1624283819445933869 for ; Mon, 21 Jun 2021 06:56:59 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IWu6Q7HVRzztn2opYPJsHNuGCqRToUc6cBMRo4IvH3I2Mjf6b+QgrB8o1YcbYo2pD3nRNBZ3Mtk3Lyt5ezOh1XfR1y7/VO+cJQekp1D0JndRjqg0DNrotyNP78T4aJNSNKPkXKQfZ0P8cT6DVk7YCTZ1P1CNrqKldbxXOnZ+HNLV4fltaFbanRIyjKFnq6aAZQHKowL0NrxskaXPlePSNsr1zHbVEh8gPc/SnjVzIv7CsRKblzwFRBnbl1/X4YJSZ939CT35z6ZLPQ4bkHBwPf2KpqJggZeQj2UFJKOmLKnSmCDc1cmRR7250YVuTQ80JlmUtkt7cUokmM3CQpZowQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CL1myi0XU7As4Ctxxi95R7m0gOfZ6sCOv0R0H82VlOA=; b=Wmefqb5oETHZbDWObaW/LVw74cFsCmlLhW5I1hlavZ1dORZGOALjaj0qyXFgmDeLXlhlutv20xx7jTxFx4L5Vu/XvBxQQBZah9BkTFMMvA/4d9AWW7Ce9pEIxDkzV4Wykl+1EQxlJPESN3wHfRWCYIKdIDYTL8YugMZEzsePhDZMzYpI+sDcl4Am6fNaRwzDZWbyVHQiSIbpyOlHWTigd4NswcajPRbbZ8wdJ2dV4XL+eagQW/3HYY9jaoiXd5UPaAU3UlLJV6UoyrAf3zIqtW4acnMkCYJlTt/C823lgRBSWw0oEYGyVh4oh6AezQOt4x5//VLIPT6rCDI6oyCU5g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) by SN6PR12MB2829.namprd12.prod.outlook.com (2603:10b6:805:e8::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4242.23; Mon, 21 Jun 2021 13:56:57 +0000 X-Received: from SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::958d:2e44:518c:744c]) by SN6PR12MB2767.namprd12.prod.outlook.com ([fe80::958d:2e44:518c:744c%7]) with mapi id 15.20.4242.023; Mon, 21 Jun 2021 13:56:57 +0000 From: "Ashish Kalra via groups.io" To: devel@edk2.groups.io Cc: brijesh.singh@amd.com, Thomas.Lendacky@amd.com, jejb@linux.ibm.com, erdemaktas@google.com, jiewen.yao@intel.com, min.m.xu@intel.com, lersek@redhat.com, jordan.l.justen@intel.com, ard.biesheuvel@arm.com Subject: [edk2-devel] [PATCH v4 1/4] OvmfPkg/MemEncryptHypercallLib: add library to support SEV hypercalls. Date: Mon, 21 Jun 2021 13:56:47 +0000 Message-Id: <7d0a30a022a7d3d3e056af8f79b87ed9991d2f52.1624281247.git.ashish.kalra@amd.com> In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR11CA0163.namprd11.prod.outlook.com (2603:10b6:806:1bb::18) To SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from ashkalra_ubuntu_server.amd.com (165.204.77.1) by SA0PR11CA0163.namprd11.prod.outlook.com (2603:10b6:806:1bb::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4242.21 via Frontend Transport; Mon, 21 Jun 2021 13:56:56 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 9f08b20e-cf47-452f-0a9a-08d934bc6f07 X-MS-TrafficTypeDiagnostic: SN6PR12MB2829: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7691; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: qtCegVSL7/DI11QSJPHP69ag+/9bYvyARFlelwrXjS3pSPyQ/mHxRyIqBVBkZTDMC9lSCVrHfAh+QsKUjAXExUh/re+CaKSl2C+DaeyvQCHrQoTylPK4R93VNqGzRI0PVbF6LgykHLmreL2J/Az/fh/Aez3/jOD+W4fbrSC+Ei34WXAc4ae1JdkFcbmSHbE3XOFwYHSv1DwEtdQjYJTLUb+xhEHQbR5a4i7RS/VNbHiEHJgLbKn38KeVg63COKyN/mt+1bIfqxc6y63kcw7CWlMQo682ghlYD9xpiZJGtGum71KBJE2N7sQuo+Oyk9sPoQVZWZdKKNhV4ruDGXQ0Cu1j3jJUBhmUuyS/tFBz2vANW57W+urpzVS4Ok46oMdOOEtNQdriMKI1YbVgahXLOhkJBHil2tNEWIrB/2hLBGuwXAqzVnJtyiYrRev3XG2CshlCz1Rk9tvLFMFhRsy+RlcOLRVFGGRriTeiFSu+gVVlGqFDMVIQfnwjSCLZFfW/fwUcvtMUpQG/toojrq0tRUQ/68JP+siN3w8gurCAqsSNDqBrWiMDbIi2YqKEI6j4PMQvp3bL3+ZjcfhTXaAs++bd0BqCW4zf1GnKwbUlkr5+u9Wy+8CSamNqrzBmLRxgOmOMu5NbsXtWzw8Q0qV9yzolgKs7atH0JxUmS03rrwM= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?rUd06hVG5aK++LCOxAFCe1em9HhTRe55xPb5AWjVRhCoCkEjo66OOMVp7JF0?= =?us-ascii?Q?gwm7NU6DHno8wzqRDVEOzu57SoaGX2FN/jtYAkntvDDo6RBhGDW9E24QLki0?= =?us-ascii?Q?1IHJGm6K7qHxA5vpnp+X+LbLFg1fJ0YQ9/obT1I2a5MHzhJWIoEfKSiVcS3Q?= =?us-ascii?Q?EwfUXpZtuuP6D3x61FHXAJs5HorzidzW6sA+F0L79EN4dnOIxyIuVRM6Zfoh?= =?us-ascii?Q?lZItWXEpAcW52+Tva2yRuDvpHEJ0ucBDf62ReBtdbVqOY0gWWkCYkN4u+8Rg?= =?us-ascii?Q?qrm1vmeg14zqJzbLJ9rozCnTO+qbqhWv+IzFyG2CPB66SJF5FKGOEC/Bv0+A?= =?us-ascii?Q?nVkYfQF2fYJs/Tc8/hKA7RwtID8ImKsidBnE+RJPpyV1us/fYlC+dOkqqoFE?= =?us-ascii?Q?77qTq7dEu0Jmc3Yhk0QmTvjFkk577kCBWPjBld39v84ZC/vNjxMbwrcRhDdg?= =?us-ascii?Q?2j7+cZGK83CaS3gvg0LzKaFHn1TOlDYC/gZa8OC6tw/i4MwIdSlz2KZ8fatA?= =?us-ascii?Q?rkmn7+/TfjXEGUPcba6B9JjfKbHQEK/A0MNtUf+9mnqWiJJY1XZeGDTYqRAw?= =?us-ascii?Q?8vlzfxR0DJWc+qdWKKWGMfsGj/S1zwASischYYHNNV+Wl192aHcEsAZcV7dq?= =?us-ascii?Q?p+v4C4lDdnWHJSzg3rabIIyz+2X9jVqqKT2Vinq+qN0EJDSi3BBPUn3DLuzS?= =?us-ascii?Q?pxkFCtYdiLDsrA20m6C0p6qlqV9+GRJd+7g0OstbMfYNz0mSnQmToWfKysmq?= =?us-ascii?Q?7MtX0pQEz+7DrEO+A00FMVBW4F9B5zH3OHGAyJ5gFm+TqZjeNSrmLhxNe+24?= =?us-ascii?Q?PuOgc8c9f7hAqMFaJ19KGfNrx+g2miPqLOivLzXtY67EO8U9T+GrjSYVgQwS?= =?us-ascii?Q?gwqFhEjXNyCGbhJPrEv/rJ2VC/Wm97EwOK8H8qnNZY7z+0lMR3XtQRevfZyX?= =?us-ascii?Q?SqHn7vt5oJRUVEDHguM5aLb7RccXGLN5Nm0dkkRUehI0DMfQo235KdqquqQ+?= =?us-ascii?Q?fq8T6EG52PDiO9WJ5rrLf6iTS19rSuHPS3DhANj76TZvpdI8YiJi0pP/YtgL?= =?us-ascii?Q?+0WP7DFlpABbI1vVHLK+i4h9AZhXunRZIpE/jNB61WX3t+M4vPBS9oy5PeQ8?= =?us-ascii?Q?jcNIAiubaWH0ZGgv3JvWo//LZnDjOtg2qo1K5yGIdygICz0zkbTrMXFhBKN5?= =?us-ascii?Q?Bb2GdlbBjnv3RUKQU/DCh+FsVNnZv2bmcSHDHSBcbH+Nrg2af95AxMstCVKM?= =?us-ascii?Q?YZwM8oTtUhLxOiiLih/MEXsTiwIfP/TIGl9C9TKZ+VDfQ5El4DZ8tAJMpEjY?= =?us-ascii?Q?X4sKN6KPqHjLOTxQa8gxK9nc?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9f08b20e-cf47-452f-0a9a-08d934bc6f07 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2767.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jun 2021 13:56:57.2563 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Wxq8z3UB6aDPeVse29Oo/Adupt1PTpCeItbVML4xzjjRO20PwNjFGeBod1e83sVMryzAhUqYEwS6CpvXMI9WoA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2829 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ashish.kalra@amd.com X-Gm-Message-State: eh2z9nhkyup2Cn2NjU5sBgujx1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1624283825; bh=+BsUIjvl5m2bXsNpj98+OVox9ZPh7/Kp7q4f1GRiDuE=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=qpNoXjg+3YiyeZjUECuzDn3kesYpyhyIal82DY0o6H8ibv7L08EpXiHWYUjvuWuFS+f CO7swn1Px7Q6KciiY+sTY2ajRBBNIkzDng/KP2gV3eaJ6ndlFpn3FlOPWB786FeTTyOwy HcxstRdLwGqBLyX628qwHjFi9zy9EYUtrcQ= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Ashish Kalra Add SEV and SEV-ES hypercall abstraction library to support SEV Page encryption/deceryption status hypercalls for SEV and SEV-ES guests. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Signed-off-by: Ashish Kalra --- Maintainers.txt | 2= + OvmfPkg/Include/Library/MemEncryptHypercallLib.h | 43= ++++++++ OvmfPkg/Library/MemEncryptHypercallLib/Ia32/MemEncryptHypercallLib.c | 37= +++++++ OvmfPkg/Library/MemEncryptHypercallLib/MemEncryptHypercallLib.inf | 42= ++++++++ OvmfPkg/Library/MemEncryptHypercallLib/X64/AsmHelperStub.nasm | 28= ++++++ OvmfPkg/Library/MemEncryptHypercallLib/X64/MemEncryptHypercallLib.c | 105= ++++++++++++++++++++ OvmfPkg/OvmfPkgIa32.dsc | 1= + OvmfPkg/OvmfPkgIa32X64.dsc | 1= + OvmfPkg/OvmfPkgX64.dsc | 1= + OvmfPkg/OvmfXen.dsc | 1= + 10 files changed, 261 insertions(+) diff --git a/Maintainers.txt b/Maintainers.txt index ea54e0b7e9..8ecc8464ba 100644 --- a/Maintainers.txt +++ b/Maintainers.txt @@ -449,8 +449,10 @@ F: OvmfPkg/AmdSev/ F: OvmfPkg/AmdSevDxe/ F: OvmfPkg/Include/Guid/ConfidentialComputingSecret.h F: OvmfPkg/Include/Library/MemEncryptSevLib.h +F: OvmfPkg/Include/Library/MemEncryptHypercallLib.h F: OvmfPkg/IoMmuDxe/AmdSevIoMmu.* F: OvmfPkg/Library/BaseMemEncryptSevLib/ +F: OvmfPkg/Library/MemEncryptHypercallLib/ F: OvmfPkg/Library/PlatformBootManagerLibGrub/ F: OvmfPkg/Library/VmgExitLib/ F: OvmfPkg/PlatformPei/AmdSev.c diff --git a/OvmfPkg/Include/Library/MemEncryptHypercallLib.h b/OvmfPkg/Inc= lude/Library/MemEncryptHypercallLib.h new file mode 100644 index 0000000000..b241a189b6 --- /dev/null +++ b/OvmfPkg/Include/Library/MemEncryptHypercallLib.h @@ -0,0 +1,43 @@ +/** @file + + Define Secure Encrypted Virtualization (SEV) hypercall library. + + Copyright (c) 2020, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _MEM_ENCRYPT_HYPERCALL_LIB_H_ +#define _MEM_ENCRYPT_HYPERCALL_LIB_H_ + +#include + +#define KVM_HC_MAP_GPA_RANGE 12 +#define KVM_MAP_GPA_RANGE_PAGE_SZ_4K 0 +#define KVM_MAP_GPA_RANGE_PAGE_SZ_2M (1 << 0) +#define KVM_MAP_GPA_RANGE_PAGE_SZ_1G (1 << 1) +#define KVM_MAP_GPA_RANGE_ENC_STAT(n) ((n) << 4) +#define KVM_MAP_GPA_RANGE_ENCRYPTED KVM_MAP_GPA_RANGE_ENC_STAT(1) +#define KVM_MAP_GPA_RANGE_DECRYPTED KVM_MAP_GPA_RANGE_ENC_STAT(0) + +/** + This hyercall is used to notify hypervisor when a page is marked as + 'decrypted' (i.e C-bit removed). + + @param[in] PhysicalAddress The physical address that is the start= address + of a memory region. + @param[in] Length The length of memory region + @param[in] Mode SetCBit or ClearCBit + +**/ + +VOID +EFIAPI +SetMemoryEncDecHypercall3 ( + IN UINTN PhysicalAddress, + IN UINTN Length, + IN UINTN Mode + ); + +#endif diff --git a/OvmfPkg/Library/MemEncryptHypercallLib/Ia32/MemEncryptHypercal= lLib.c b/OvmfPkg/Library/MemEncryptHypercallLib/Ia32/MemEncryptHypercallLib= .c new file mode 100644 index 0000000000..2e73d47ee6 --- /dev/null +++ b/OvmfPkg/Library/MemEncryptHypercallLib/Ia32/MemEncryptHypercallLib.c @@ -0,0 +1,37 @@ +/** @file + + Secure Encrypted Virtualization (SEV) hypercall helper library + + Copyright (c) 2020, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include + +/** + This hyercall is used to notify hypervisor when a page is marked as + 'decrypted' (i.e C-bit removed). + + @param[in] PhysicalAddress The physical address that is the start= address + of a memory region. + @param[in] Length The length of memory region + @param[in] Mode SetCBit or ClearCBit + +**/ + +VOID +EFIAPI +SetMemoryEncDecHypercall3 ( + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Pages, + IN UINTN Mode + ) +{ + // + // Memory encryption bit is not accessible in 32-bit mode + // +} diff --git a/OvmfPkg/Library/MemEncryptHypercallLib/MemEncryptHypercallLib.= inf b/OvmfPkg/Library/MemEncryptHypercallLib/MemEncryptHypercallLib.inf new file mode 100644 index 0000000000..a77d58a7e6 --- /dev/null +++ b/OvmfPkg/Library/MemEncryptHypercallLib/MemEncryptHypercallLib.inf @@ -0,0 +1,42 @@ +## @file +# Library provides the hypervisor helper functions for SEV guest +# +# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# +## + +[Defines] + INF_VERSION =3D 1.25 + BASE_NAME =3D MemEncryptHypercallLib + FILE_GUID =3D 86f2501e-f128-45f3-91c4-3cff31656ca8 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D MemEncryptHypercallLib + +# +# The following information is for reference only and not required by the = build +# tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Packages] + MdeModulePkg/MdeModulePkg.dec + MdePkg/MdePkg.dec + UefiCpuPkg/UefiCpuPkg.dec + OvmfPkg/OvmfPkg.dec + +[Sources.X64] + X64/MemEncryptHypercallLib.c + X64/AsmHelperStub.nasm + +[Sources.IA32] + Ia32/MemEncryptHypercallLib.c + +[LibraryClasses] + BaseLib + DebugLib + VmgExitLib diff --git a/OvmfPkg/Library/MemEncryptHypercallLib/X64/AsmHelperStub.nasm = b/OvmfPkg/Library/MemEncryptHypercallLib/X64/AsmHelperStub.nasm new file mode 100644 index 0000000000..f29b96f9b0 --- /dev/null +++ b/OvmfPkg/Library/MemEncryptHypercallLib/X64/AsmHelperStub.nasm @@ -0,0 +1,28 @@ +DEFAULT REL +SECTION .text + +; VOID +; EFIAPI +; SetMemoryEncDecHypercall3AsmStub ( +; IN UINT HypercallNum, +; IN INTN Arg1, +; IN INTN Arg2, +; IN INTN Arg3 +; ); +global ASM_PFX(SetMemoryEncDecHypercall3AsmStub) +ASM_PFX(SetMemoryEncDecHypercall3AsmStub): + ; UEFI calling conventions require RBX to + ; be nonvolatile/callee-saved. + push rbx + ; Copy HypercallNumber to rax + mov rax, rcx + ; Copy Arg1 to the register expected by KVM + mov rbx, rdx + ; Copy Arg2 to register expected by KVM + mov rcx, r8 + ; Copy Arg2 to register expected by KVM + mov rdx, r9 + ; Call VMMCALL + vmmcall + pop rbx + ret diff --git a/OvmfPkg/Library/MemEncryptHypercallLib/X64/MemEncryptHypercall= Lib.c b/OvmfPkg/Library/MemEncryptHypercallLib/X64/MemEncryptHypercallLib.c new file mode 100644 index 0000000000..1c09ea012b --- /dev/null +++ b/OvmfPkg/Library/MemEncryptHypercallLib/X64/MemEncryptHypercallLib.c @@ -0,0 +1,105 @@ +/** @file + + Secure Encrypted Virtualization (SEV) hypercall helper library + + Copyright (c) 2020, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +// +// Interface exposed by the ASM implementation of the core hypercall +// +// + +VOID +EFIAPI +SetMemoryEncDecHypercall3AsmStub ( + IN UINTN HypercallNum, + IN UINTN PhysicalAddress, + IN UINTN Length, + IN UINTN Mode + ); + +STATIC +VOID +GhcbSetRegValid ( + IN OUT GHCB *Ghcb, + IN GHCB_REGISTER Reg + ) +{ + UINT32 RegIndex; + UINT32 RegBit; + + RegIndex =3D Reg / 8; + RegBit =3D Reg & 0x07; + + Ghcb->SaveArea.ValidBitmap[RegIndex] |=3D (1 << RegBit); +} + +/** + This hyercall is used to notify hypervisor when a page is marked as + 'decrypted' (i.e C-bit removed). + + @param[in] PhysicalAddress The physical address that is the start= address + of a memory region. + @param[in] Length The length of memory region + @param[in] Mode SetCBit or ClearCBit + +**/ + +VOID +EFIAPI +SetMemoryEncDecHypercall3 ( + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Pages, + IN UINTN Mode + ) +{ + if (MemEncryptSevEsIsEnabled ()) { + MSR_SEV_ES_GHCB_REGISTER Msr; + GHCB *Ghcb; + BOOLEAN InterruptState; + UINT64 Status; + + Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB); + Ghcb =3D Msr.Ghcb; + + VmgInit (Ghcb, &InterruptState); + + Ghcb->SaveArea.Rax =3D KVM_HC_MAP_GPA_RANGE; + GhcbSetRegValid (Ghcb, GhcbRax); + Ghcb->SaveArea.Rbx =3D PhysicalAddress; + GhcbSetRegValid (Ghcb, GhcbRbx); + Ghcb->SaveArea.Rcx =3D Pages; + GhcbSetRegValid (Ghcb, GhcbRcx); + Ghcb->SaveArea.Rdx =3D Mode; + GhcbSetRegValid (Ghcb, GhcbRdx); + Ghcb->SaveArea.Cpl =3D AsmReadCs() & 0x3; + GhcbSetRegValid (Ghcb, GhcbCpl); + + Status =3D VmgExit (Ghcb, SVM_EXIT_VMMCALL, 0, 0); + if (Status) { + DEBUG ((DEBUG_ERROR, "SVM_EXIT_VMMCALL failed %lx\n", Status)); + } + VmgDone (Ghcb, InterruptState); + } else { + SetMemoryEncDecHypercall3AsmStub ( + KVM_HC_MAP_GPA_RANGE, + PhysicalAddress, + Pages, + Mode + ); + } +} diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index f53efeae79..36f1d82ce7 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -176,6 +176,7 @@ VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLi= b.inf + MemEncryptHypercallLib|OvmfPkg/Library/MemEncryptHypercallLib/MemEncrypt= HypercallLib.inf !if $(SMM_REQUIRE) =3D=3D FALSE LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index b3662e17f2..2a743688b4 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -180,6 +180,7 @@ VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLi= b.inf + MemEncryptHypercallLib|OvmfPkg/Library/MemEncryptHypercallLib/MemEncrypt= HypercallLib.inf !if $(SMM_REQUIRE) =3D=3D FALSE LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 0a237a9058..eb9da51a15 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -180,6 +180,7 @@ VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLi= b.inf + MemEncryptHypercallLib|OvmfPkg/Library/MemEncryptHypercallLib/MemEncrypt= HypercallLib.inf !if $(SMM_REQUIRE) =3D=3D FALSE LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf !endif diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 3c1ca6bfd4..de0c052832 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -167,6 +167,7 @@ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoad= ImageLib.inf MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLi= b.inf + MemEncryptHypercallLib|OvmfPkg/Library/MemEncryptHypercallLib/MemEncrypt= HypercallLib.inf LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize= dDisplayLib.inf FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltL= ib.inf --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#76804): https://edk2.groups.io/g/devel/message/76804 Mute This Topic: https://groups.io/mt/83688875/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-