From nobody Sat May 4 22:55:29 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+70692+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+70692+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one); dmarc=fail(p=none dis=none) header.from=amd.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1611338130138195.60003051768285; Fri, 22 Jan 2021 09:55:30 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 4OKYYY1788612x9kz27vT7dC; Fri, 22 Jan 2021 09:55:26 -0800 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.88]) by mx.groups.io with SMTP id smtpd.web09.12933.1611338120715200019 for ; Fri, 22 Jan 2021 09:55:20 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cte4ZKEQfHcJGyRKEkI4nkLvkvctQ4+Q9sYJ1IIfv7xBImZDrs/ZZe9dPpsXDErlL79+plGcCzDNO+b5VJ3TOJpz7n+Wuv0Lm6MVzFfazI6CTWzEB8baeJVjPECMjUOpTfNMLeus6Janl1oZY1++qwyHNgj3hSvo7d79Q5Em2F/eEjVWx/vN6EZIusM6tcEBNPMzksdl5IXJE0c2zLXb6ChWjzo9BiKytHtbBKpyBWRYRC2LMSltjnEnzcZqnlLB7uDVCpWR7w54nieZzfmxJP7CLt0X+nBhKIUMJat+EoqG1Ys/Y1U2IDSYlJwqDkrhvLGfGZMbmExohaOYFr8a6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=j3W6ZDE+9DI/vFN7yjwtFJSXzWUYuojB+thrpvxn5iw=; b=mzxiIR474F3yvmniOQwOhQxhphAcZLdTMIVQk7wy2lppJ4KNJadcRmcA8+H0Kt6+nh96zKfVseXm8FaKqs/dEYvTVG/a/tPrzu88oZ7ENWIlkXkvVnRzR2OHQl/ZPFbKL+nYAQEiRD8pKhoa17ey7+i7b38a1z9fHBtShcvaPSzUQEgNCLoip4WAwFBDRXot355ekpJBkEQjRg0fmttjfsve4qPDGT5AndutdZQHsqTuPQnxFvmRd5LLTZ+9XEe0WQPGma6+leaDV9ke53v8q126Oj1l+LBGlbqRdpmyUjrD+04vOXIfNDZqBgdTV/anXkoNc2ED0ZrDQHlK+0KRFg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR1201MB2506.namprd12.prod.outlook.com (2603:10b6:3:e7::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3763.11; Fri, 22 Jan 2021 17:55:19 +0000 X-Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3763.014; Fri, 22 Jan 2021 17:55:19 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [edk2-devel] [PATCH] OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Use physical address with SEV-ES Date: Fri, 22 Jan 2021 11:55:06 -0600 Message-ID: <8bba19920e58813f32889dec522bbcd8de113219.1611338106.git.thomas.lendacky@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CH2PR16CA0030.namprd16.prod.outlook.com (2603:10b6:610:50::40) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from tlendack-t1.amd.com (165.204.77.1) by CH2PR16CA0030.namprd16.prod.outlook.com (2603:10b6:610:50::40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3784.12 via Frontend Transport; Fri, 22 Jan 2021 17:55:18 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 37f3ac53-4a99-4254-fd6a-08d8befee188 X-MS-TrafficTypeDiagnostic: DM5PR1201MB2506: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Message-Info: c7j1mPu0+M2e7PxPXeD2UNTgEXXShM19T92ie9CPzeHOEUNqWrq6q0MqgYnxok2PytJYGfvzL3i3OFoSIPVSYPtNdHQ4auyrMDn8OlcAiesqwslUGdQDDSvlcfz36Mcg0YSxlmZ+0G+WPCNBG5m0wH57EL4aWQM3BlL42eSKXQoLbBaex7Oly5nYCdVYlFDrC/8O7MhU6ufR/RLxw6Vshv8qt2rFjbWQr3BHXrTWiKOYc9Zg+jy7tMktBP1I8t8r/vCFiB/H5sQIsxFl+I01ZZ15JkVoZE2uHNDivEwEhcznM2dJhHBZ/nDaAT5b6MfCwLUlOabwyzcvMKbf0E0/hJ+76qbK5m9ngR2h/3OujDbDRwROAu2HvKpJwptxvVmcIj1sYIoa0NW5bf3VHCgzy2ZK/1qUHhGwV8cawHwRw9XPbMHKUgec9og78nOwfVqstT1r3xzKHV3F+9rD2k8NfFFAxBALCJWSMqHaB/4ZxkgROmmusxiJeajhHfuy99KVV8O0dD5eCmnu8k6BrKRG0Q== X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?g3fxNfo/emXScz5dcuEQQVRCilclBeXNH2dj5gM/rJpkB1pKMQLjsQwQzg8V?= =?us-ascii?Q?7+YriOtgLVz8vAwFWI22u8lQKQf31FbbEglUcFl3D83eCXgrRkXkD+MDi41E?= =?us-ascii?Q?dl0sWy25gqVwq8IFW/QvyPlbwiRA7TX9ieMfhRfhDb5zX/qCon9SgYu4WLQc?= =?us-ascii?Q?rQ0hWfpDsITnrHpTQS/BF59kJCke1uxWwDuyC94iV8mwIZDFXC2Wj5iyD1fd?= =?us-ascii?Q?d4tzxfflCrOgP/qd7P52GfV396xQAIPtOwyVy+kVOAxacmX/oRrrSgWB2/3F?= =?us-ascii?Q?ZKMX8LQYZSW1xB/gFc1uX4cKRs9nMMH2cBxItf8zlkvhtB57+PB5nhuT9fIT?= =?us-ascii?Q?1QhmJCPeeN2DtxccINsJWdhRKlIscmXFvk4LppfWSb8/OdTnf2pWO0X6baOr?= =?us-ascii?Q?t0GdNDjheECDGCyzHFC4Or2QiyFT2zqdvsT2A5M/i5nkC+JvrZuj0HUtGFh+?= =?us-ascii?Q?jhtc4T5YhHhT53FEmvMCMvKzx7wOyF0noHdj1L0gf7W8PfsN0xy+9oVfOBgx?= =?us-ascii?Q?v3osuLhF4Hn93QbfcGVSomY2JYnJck/vYS1ILiRIY2SNZL+ZG7OttDvmKTNX?= =?us-ascii?Q?HhMsCLYXa5Oq1weq4VheI7WAvKDeLtWNiJL6E6dAMqda82Sp8+9DtoaIt3aE?= =?us-ascii?Q?W1S+Pmf0TWORmQ4wvw85svVbNURJwC3VVGmAxA0Jk03v54+0ZatVId5uopdH?= =?us-ascii?Q?ElsHVV1c+XIBO4B9aGAgyrDhFm9oxRlGh/sLGAbPzS7Hlh4UPhWfmVJpJMzI?= =?us-ascii?Q?h7H1Znc90x9h+Wv/TP/OUXsmBrg1Uz+6PlcmYucwZVY7x3iDwW4zDY+uyN8+?= =?us-ascii?Q?Gm+VWkaWDaSe7Et4nP3qPRSdXVOmncPwCrngboZtBdSEpc1dOlfuW2At/DBK?= =?us-ascii?Q?p5hlsfCQkeSicbNNx87XGnlqM3fBpg/00SUTT1wNsBMGij7Rdd/Fy8DLVHTP?= =?us-ascii?Q?bul2gA405UfHxYvbQamN3G0+moX/rmPn/KnlUOf1xpukdIQNw52bknJ52ImT?= =?us-ascii?Q?FJg8?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 37f3ac53-4a99-4254-fd6a-08d8befee188 X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Jan 2021 17:55:18.9706 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: DyI5Llzss2C1Fmrox2wIl551wqJ9K5XLr9FtjofX1ZYqkt//FPZ6fyRRhnqe06QAnXqWtiWGSI/neqzcI6xsvQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1201MB2506 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com X-Gm-Message-State: 3l78AyuDTQnXjGH9oThhWMyXx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1611338126; bh=7Lev9bXd+WaUL5BZ0CByCXDGSxdMBDoMRtEyyfFAHs4=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=ZAcQ7drWcmdrAvEmkLQre/MQjudKFW0kPsOzb8ohQp4AzCK5pmt5fGwibcdTqubxZtV Rh1Hka56xWOm4GHp/FWLwyZdRr7Em6+Dc+Cc01O7srf+/ev5LJfBhUnmcV7NaYmopbV0q 3CUVP0mIAwtDFqUhxr77QBKVW8Uf6NCyyeA= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3183 Under SEV-ES, a write to the flash device is done using a direct VMGEXIT to perform an MMIO write. The address provided to the MMIO write must be the physical address of the MMIO write destitnation. During boot, OVMF runs with an identity mapped pagetable structure so that VA =3D=3D PA and t= he VMGEXIT MMIO write destination is just the virtual address of the flash area address being written. However, when the UEFI SetVitualAddressMap() API is invoked, an identity mapped pagetable structure may not be in place and using the virtual address for the flash area address is no longer valid. This results in writes to the flash not being performed successfully. This can be seen by attempting to change the boot order under Linux. The update will appear to be performed, based on the output of the command. But rebooting the guest will show that the new boot order has not been set. To remedy this, update the Qemu flash services constructor to maintain a copy of the original PA of the flash device. When performing the VMGEXIT MMIO write, the PA can be calculated by subtracting the difference between the current flash virtual address base and the original physical address base. Using the resulting value in the MMIO write produces a successful write during boot and during runtime services. Fixes: 437eb3f7a8db7681afe0e6064d3a8edb12abb766 Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Signed-off-by: Tom Lendacky --- OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h | 1 + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c | 2 ++ OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c | 10 +++++++++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h b/OvmfPkg/Q= emuFlashFvbServicesRuntimeDxe/QemuFlash.h index 219d0d6e83cf..0a91c15d0e81 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h @@ -13,6 +13,7 @@ #include =20 extern UINT8 *mFlashBase; +extern UINT8 *mFlashBasePhysical; =20 /** Read from QEMU Flash diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c b/OvmfPkg/Q= emuFlashFvbServicesRuntimeDxe/QemuFlash.c index d19997032ec9..36ae63ebde31 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c @@ -26,6 +26,7 @@ =20 =20 UINT8 *mFlashBase; +UINT8 *mFlashBasePhysical; =20 STATIC UINTN mFdBlockSize =3D 0; STATIC UINTN mFdBlockCount =3D 0; @@ -251,6 +252,7 @@ QemuFlashInitialize ( ) { mFlashBase =3D (UINT8*)(UINTN) PcdGet32 (PcdOvmfFdBaseAddress); + mFlashBasePhysical =3D mFlashBase; mFdBlockSize =3D PcdGet32 (PcdOvmfFirmwareBlockSize); ASSERT(PcdGet32 (PcdOvmfFirmwareFdSize) % mFdBlockSize =3D=3D 0); mFdBlockCount =3D PcdGet32 (PcdOvmfFirmwareFdSize) / mFdBlockSize; diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c b/OvmfPk= g/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c index 1b0742967f71..db247f324e3c 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c @@ -52,11 +52,19 @@ QemuFlashPtrWrite ( if (MemEncryptSevEsIsEnabled ()) { MSR_SEV_ES_GHCB_REGISTER Msr; GHCB *Ghcb; + UINT64 PtrPa; BOOLEAN InterruptState; =20 Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB); Ghcb =3D Msr.Ghcb; =20 + // + // The MMIO write needs to be to the physical address of the flash poi= nter. + // Since this service is available as part of the EFI runtime services, + // account for a non-identity mapped VA after SetVitualAddressMap(). + // + PtrPa =3D (UINT64) (UINTN) (Ptr - (mFlashBase - mFlashBasePhysical)); + // // Writing to flash is emulated by the hypervisor through the use of w= rite // protection. This won't work for an SEV-ES guest because the write w= on't @@ -68,7 +76,7 @@ QemuFlashPtrWrite ( Ghcb->SharedBuffer[0] =3D Value; Ghcb->SaveArea.SwScratch =3D (UINT64) (UINTN) Ghcb->SharedBuffer; VmgSetOffsetValid (Ghcb, GhcbSwScratch); - VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, (UINT64) (UINTN) Ptr, 1); + VmgExit (Ghcb, SVM_EXIT_MMIO_WRITE, PtrPa, 1); VmgDone (Ghcb, InterruptState); } else { *Ptr =3D Value; --=20 2.30.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#70692): https://edk2.groups.io/g/devel/message/70692 Mute This Topic: https://groups.io/mt/80036772/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-