From nobody Wed Oct  1 20:45:29 2025
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+47642+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1568922755922897.9167581176972;
 Thu, 19 Sep 2019 12:52:35 -0700 (PDT)
Return-Path: <bounce+27952+47642+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id e8bZYY1788612x4D90MIuKNd;
 Thu, 19 Sep 2019 12:52:35 -0700
X-Received: from NAM03-DM3-obe.outbound.protection.outlook.com
 (NAM03-DM3-obe.outbound.protection.outlook.com [40.107.80.49])
 by groups.io with SMTP; Thu, 19 Sep 2019 12:52:35 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=K2bU6Xzbo3pVRTB7S7mw6WaFtKOe/K6Z1VhqKFK+u9fZcqN+n+qrYx/vqj2AUJVfMPOsoUvXdkLfn5lHum6fmDTIHTCblvRnGFT3ivnYuIW+bJUuAZuYyoRk6xu2loqJC7KmFnhXIDdB3wmGD37p422AEK6ow9b1YxFApTtxCkmjWYKql16wrVmApDU0zytM1HcxUtH60lLuZasXIleYInYPdZcryCpkMd+lNsWSvm+kARFzDole70bNx2x3I0MLmcQt7yZOHuPWol9lpr6GhRrofICAUGMXolY2OzD6T+e26VbDaYO25UNoguNmD89fK5uXgDyzXESXCyZYllgJNQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=GLlqY5NQYtbpVpuHy7beXxC6YAP/VG/p9Bzvvz2TpOc=;
 b=Aewr4lPGbgTUGqyUTvcB9HJcemuvS/zUDnSMoGbvV9T4nNP8P5TArz4s3GmsFW87DybliPf2lwQMIr+DXZyHtUl5P1ydoc6Aw7aYvSfmE19P04h9WCXUZJ0e7zWRBT8PxfJhyncp+gPr+uapqzO4dZsQ71O84Y16Il7BHVW8lxs1Mp06D+O9sOW9mAXC/fyViOr4uclx5Oie+8aHHTpLLOEcUZZ1FPMa4T66uW/pvQKc+CrmUQg6S1mSTZrJoVwvaSKfZb3FQbjI4JodXytp/FMYYgOuc7bBO1MfJo2iwcicR1y9lez5gTzhMcf0jDMRlRreyL8GXxmiggv1560x1g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.104.150) by
 DM6PR12MB2890.namprd12.prod.outlook.com (20.179.71.152) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2263.23; Thu, 19 Sep 2019 19:52:33 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::400e:f0c3:7ca:2fcc]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::400e:f0c3:7ca:2fcc%6]) with mapi id 15.20.2284.009; Thu, 19 Sep 2019
 19:52:33 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>
CC: Jordan Justen <jordan.l.justen@intel.com>, Laszlo Ersek
	<lersek@redhat.com>, Ard Biesheuvel <ard.biesheuvel@linaro.org>, Michael D
 Kinney <michael.d.kinney@intel.com>, Liming Gao <liming.gao@intel.com>, Eric
 Dong <eric.dong@intel.com>, Ray Ni <ray.ni@intel.com>, "Singh, Brijesh"
	<brijesh.singh@amd.com>
Subject: [edk2-devel] [RFC PATCH v2 08/44] OvmfPkg: Create GHCB pages for use
 during Pei and Dxe phase
Thread-Topic: [RFC PATCH v2 08/44] OvmfPkg: Create GHCB pages for use during
 Pei and Dxe phase
Thread-Index: AQHVbyPHXRDv/YGRIEiL4Ddvjs4NBA==
Date: Thu, 19 Sep 2019 19:52:33 +0000
Message-ID: 
 <9799d415f652618c8a960cdb0040918185588652.1568922728.git.thomas.lendacky@amd.com>
References: <cover.1568922728.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1568922728.git.thomas.lendacky@amd.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-clientproxiedby: SN4PR0501CA0146.namprd05.prod.outlook.com
 (2603:10b6:803:2c::24) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:182::22)
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [165.204.78.1]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4756aa61-f346-4835-33c9-08d73d3ae9a1
x-ms-office365-filtering-ht: Tenant
x-ms-traffictypediagnostic: DM6PR12MB2890:
x-ms-exchange-purlcount: 1
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <DM6PR12MB28907169CACC2A702DD6CB45EC890@DM6PR12MB2890.namprd12.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as
 permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+47642+1787277+3901457@groups.io;
 helo=web01.groups.io;
received-spf: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 
 Membm+uCOvEOnLnSOqln5UAByZnLMwmO2MUjfMGnWOL+2x9WmRXzcd0hyaRvToBMj3truTxujciks2Js59BZPNOlaiAIfOrl5oETxbrg2rM8NMMaG2WEXqk5q8m0qiiE9MviWzrhCoEHaAH4O0oprM9VsIoR+T//b/LqbkaCEqboxf3XN0p9B66nB7eMMcBBKTWYSO7+IxjVgnKEh45Pb+n+r1r5fi7MZm/sBxngETlCKgssjX/37QCFMEbpGDEBZWqDNoebuKU/sclVW9dKpqlJPJOnxuYfszmchJYv95WVhOX4zLORsr8UoUXsWkx6vL/XiHOpij0HJmuYNeSTn3QRv8gvumoDI889sU0f5ZhFEcsvrDhDYtZfIiGlGX/d1IM1dmQBehbLbmNkbk0wHjQQxazHEndS+CFku9/x3LE=
MIME-Version: 1.0
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 4756aa61-f346-4835-33c9-08d73d3ae9a1
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Sep 2019 19:52:33.5276
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 jnrBrRiSgnuBSbVU25GmBx+MjdNCYnjnvv76N698zStP4741Xk1H+Z7vgPpZb1ywKasf9UWHYYkZ937FlFs0aw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB2890
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: vi1qoNFSxNV3bCQ7VLKjgnTBx1787277AA=
Content-Language: en-US
Content-ID: <1D2FD5EBCDC4E2488ACE870DA98017A3@namprd12.prod.outlook.com>
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1568922755;
 bh=eH6ptAvNfXUMztySv1WRzwL4sZJ0VgkQLT+TDwd2hV4=;
 h=CC:Content-Type:Date:From:Reply-To:Subject:To;
 b=kXBKMIuO2LO0/C1iqtaG4MqWLi/TUggj2ahvZodQQxLUBp2esBdp8ixUkaxLSivPiox
 s1U3JNU5ODtckZ06AqCZAYiJq8iX7fpeArsFoXH4t9+MTnNZ8o7scq8SA8+3E4AW1zIKz
 lw9ze7VnwgmFtUddCfIqXDtlXAupRwi0oIM=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Type: text/plain; charset="utf-8"

From: Tom Lendacky <thomas.lendacky@amd.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Allocate memory for the GHCB pages during SEV initialization for use
during Pei and Dxe phases. The GHCB page(s) must be shared pages, so
clear the encryption mask from the current page table entries. Upon
successful allocation, set the GHCB PCDs (PcdGhcbBase and PcdGhcbSize).

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/OvmfPkgIa32.dsc             |  2 ++
 OvmfPkg/OvmfPkgIa32X64.dsc          |  2 ++
 OvmfPkg/OvmfPkgX64.dsc              |  2 ++
 OvmfPkg/PlatformPei/PlatformPei.inf |  2 ++
 OvmfPkg/PlatformPei/AmdSev.c        | 36 ++++++++++++++++++++++++++++-
 5 files changed, 43 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 0ce5c01722ef..4369cf6d55e5 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -560,6 +560,8 @@ [PcdsDynamicDefault]
=20
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index e7455e35a55d..a74f5028068e 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -572,6 +572,8 @@ [PcdsDynamicDefault]
=20
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 0b8305cd10a2..fd714d386e75 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -571,6 +571,8 @@ [PcdsDynamicDefault]
=20
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index a9e424a6012a..62abc99f4622 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -105,6 +105,8 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
   gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize
=20
 [FixedPcd]
   gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 7ae2f26a2ba7..30c0e4af7252 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -16,6 +16,9 @@
 #include <PiPei.h>
 #include <Register/Amd/Cpuid.h>
 #include <Register/Cpuid.h>
+#include <Register/Amd/Msr.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
=20
 #include "Platform.h"
=20
@@ -30,7 +33,10 @@ AmdSevEsInitialize (
   VOID
   )
 {
-  RETURN_STATUS     PcdStatus;
+  VOID              *GhcbBase;
+  PHYSICAL_ADDRESS  GhcbBasePa;
+  UINTN             GhcbPageCount;
+  RETURN_STATUS     PcdStatus, DecryptStatus;
=20
   if (!MemEncryptSevEsIsEnabled ()) {
     return;
@@ -38,6 +44,34 @@ AmdSevEsInitialize (
=20
   PcdStatus =3D PcdSetBoolS (PcdSevEsActive, 1);
   ASSERT_RETURN_ERROR (PcdStatus);
+
+  //
+  // Allocate GHCB pages.
+  //
+  GhcbPageCount =3D mMaxCpuCount;
+  GhcbBase =3D AllocatePages (GhcbPageCount);
+  ASSERT (GhcbBase);
+
+  GhcbBasePa =3D (PHYSICAL_ADDRESS)(UINTN) GhcbBase;
+
+  DecryptStatus =3D MemEncryptSevClearPageEncMask (
+    0,
+    GhcbBasePa,
+    GhcbPageCount,
+    TRUE
+    );
+  ASSERT_RETURN_ERROR (DecryptStatus);
+
+  SetMem (GhcbBase, GhcbPageCount * SIZE_4KB, 0);
+
+  PcdStatus =3D PcdSet64S (PcdGhcbBase, (UINT64)GhcbBasePa);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus =3D PcdSet64S (PcdGhcbSize, (UINT64)EFI_PAGES_TO_SIZE (GhcbPag=
eCount));
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  DEBUG ((DEBUG_INFO, "SEV-ES is enabled, %u GHCB pages allocated starting=
 at 0x%lx\n", GhcbPageCount, GhcbBase));
+
+  AsmWriteMsr64 (MSR_SEV_ES_GHCB, (UINT64)GhcbBasePa);
 }
=20
 /**
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#47642): https://edk2.groups.io/g/devel/message/47642
Mute This Topic: https://groups.io/mt/34203543/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-