On 09/19/19 21:52, Lendacky, Thomas wrote:
> From: Tom Lendacky <thomas.lendacky@amd.com>
>
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198
>
> Currently, the OVMF code relies on the hypervisor to enable the cache
> support on the processor in order to improve the boot speed. However,
> with SEV-ES, the hypervisor is not allowed to change the CR0 register
> to enable caching.
>
> Update the OVMF Sec support to enable caching in order to improve the
> boot speed when running as an SEV-ES guest.
>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
> ---
> OvmfPkg/Sec/SecMain.inf | 1 +
> OvmfPkg/Sec/SecMain.c | 10 ++++++++++
> 2 files changed, 11 insertions(+)
>
> diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
> index 7f53845f5436..fdf00e5d8be3 100644
> --- a/OvmfPkg/Sec/SecMain.inf
> +++ b/OvmfPkg/Sec/SecMain.inf
> @@ -51,6 +51,7 @@ [LibraryClasses]
> ExtractGuidedSectionLib
> LocalApicLib
> CpuExceptionHandlerLib
> + MemEncryptSevLib
>
> [Ppis]
> gEfiTemporaryRamSupportPpiGuid # PPI ALWAYS_PRODUCED
> diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
> index 7f1dfb2e57c1..20716d484ab0 100644
> --- a/OvmfPkg/Sec/SecMain.c
> +++ b/OvmfPkg/Sec/SecMain.c
> @@ -25,6 +25,7 @@
> #include <Library/ExtractGuidedSectionLib.h>
> #include <Library/LocalApicLib.h>
> #include <Library/CpuExceptionHandlerLib.h>
> +#include <Library/MemEncryptSevLib.h>
>
> #include <Ppi/TemporaryRamSupport.h>
>
> @@ -755,6 +756,15 @@ SecCoreStartupWithStack (
>
> ProcessLibraryConstructorList (NULL, NULL);
>
> + //
> + // Under SEV-ES, the hypervisor can't modify CR0 and so can't enable
> + // caching in order to speed up the boot. Enable caching early for
> + // an SEV-ES guest.
> + //
> + if (MemEncryptSevEsIsEnabled()) {
> + AsmEnableCache ();
> + }
> +
> DEBUG ((EFI_D_INFO,
> "SecCoreStartupWithStack(0x%x, 0x%x)\n",
> (UINT32)(UINTN)BootFv,
>
Please see under patch#16; IMO, we should open-code the CPUID+RDMSR
sequence here.
Thanks,
Laszlo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#48371): https://edk2.groups.io/g/devel/message/48371
Mute This Topic: https://groups.io/mt/34203554/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-