From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53748+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857325506546.3480412927845;
 Tue, 4 Feb 2020 15:02:05 -0800 (PST)
Return-Path: <bounce+27952+53748+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id bU8gYY1788612xogaAGcODyF;
 Tue, 04 Feb 2020 15:02:05 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1654.1580857323583857410
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:04 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=WDPUGBPq9SX3B6Ibm9z6935xHnkY2pj1i8adD7JLsYRWJoTY/zQKXuia5cwmTyFUyAHzqmojV+t+q19Sr7xa7CK0LPfzWyeB96ZNJBM4djAuSuHg5A5O40dHPYLNkAU+aZZ6ozNH+SmgLXTtQvucSEUrUySkm+33xH9SSARHYG2CecCEogq4pRAbQdDpQhg/dAE6d5sKwvuvUT1ru/6tgdJrDWyw4siPOfnCzuYH1KFyIyPfwJyoBXUZRTz5rn1A5j9ArGrkZfmg9vGYwgYuyk1u7H94khAF4u/8krhlro1MnlmgDcgBCZzw1L08EvyuOik22DGKp9xQVs7d5RayGQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=vQKWDO71TeBMs1WJHDPb9J7fuQQZFiBY2jkyUoYYw3k=;
 b=BjDzQW5YHf7BkSsnalECSFD6wQ/jbOm6G2lch8lJqb34CU5tbVkoCXFnT9pezQJq0SE+VNrfL2PLpWW8Q/L3G1s+9dhwXkBBhHUBdrPEZSuPyuK6HW4B01U703xBLih3aKdorodDEFMLsnQsznJitoYyoCGLY4DXQ47ae9U0CJDA+i4Ib1RVYEe1iV0ZaeLW3QSEqw7YPk4Wf0k29npo+DAB05j59dwWTvQLyX4Uu9R5SxLD5+Cj6zzfuCm75h9lOgMjU5hZRKXfASS5m4k0jB8q+3ZIj5mbH5l3iEl8Klx7bnLo14x8dmtQ6d2T9iYvnxX0iFMeFsen/0wuapc9Lw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:02 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:02 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Hao A Wu <hao.a.wu@intel.com>
Subject: [edk2-devel] [PATCH v4 01/40] MdePkg: Create PCDs to be used in
 support of SEV-ES
Date: Tue,  4 Feb 2020 17:01:05 -0600
Message-Id: 
 <46e0301662e5cba91f39117e4dea2f72530f47c3.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:01:59 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 71dc3341-b2fe-44f1-ae18-08d7a9c63e0e
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930B9776A9CB65928CEEAD0EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8273;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53748+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 5IcwE9EHWyTZAImgQrYGUGsAn4K/np2QeYB4tVgDf8LWnPT4w8EoxnRFaJTZuFO5X5dDPu43qe0LtfsxbCNO/FoyDCJSbeEbeb7MTrFwp7zfw1r5TKBPsGxer8J3yYgKNqBWiqO+3bLd0WrFrbdISGSnSesJAFZn5+2KdvYewo/HCOS9h+87FrDgVdHZqY69rboBaAj73038V9dTk6KW5hb5LHArkMOcNqOtYoMFbUP7x59mGC/1Mb1BQjXES+PB0Vk2NivPfA4xay/UmSstEaEC/xTEyzlFBxX6ObHmVkykRHsgTZ1jhgN5+xmWomsFgGXiMSJGzoC4eCKNhIof2D4ImLv0lYcTyVR6zRBW4IEEjFyxEHikVFTPB7xMugueFrPBDfodpWA0RvEhCuHJz71nmLznKW13LRM6W4hO5PMCsKpEH2+OWF9Jo2x9RxGYk51KJi0EcSWhjzDbMgfK+hWQxJ1XNoCqmghi/Nhm1vdOMk0fnpajX+i5oVmL27htZY7rPWBI6gaq3KGnUJRRaQ==
X-MS-Exchange-AntiSpam-MessageData: 
 8KGR1VAtlqpDZYaQJqE6jcTSov3gcv0SLR6lxQ29/Oh2syp31f+ULjhnf6y+1t7QytC7kTkBl7TVLkTiYSZJ5ySwWqIutTyE5Axx6xH3ojoATSYItcoayS2RzOc+KgjpS2Dg3RQWM+ttJN4G491ORw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 71dc3341-b2fe-44f1-ae18-08d7a9c63e0e
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:00.9110
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 Rl6Bi+M5bpjln/7k6sndFEmUA3h2CBJLURycHN+6vkeKpKM63fHEobzl4j0Lm14tbuCNzrd1sSHbfr4tARTYMw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 7cXpz9MJf4dRd9rbihcgMtMHx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857325;
 bh=6joHFnx0XyWPX2pjxbfNEHSCgof38sKvumsEimnGnCA=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=FrmVOK5y1mcG3yTBVNLQz072okA46+Wa7SmRRIOqzsfHpeHryFLgJ/2XVyZNc2A3CHb
 U+VVI6hWFTVKFcRbrJmtvlT0mi/XvqeEWaKj01IhnVXo3JhijUdhKaIzcmsjf8a+S9Kmb
 bGQg3HI4dN/VdjUIi2YU5691RrSCmPQtVZo=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Two new fixed PCDs are needed to support SEV-ES under OVMF:
  - PcdSecGhcbBase  UINT64 value that is the base address of the GHCB
                    used during the SEC phase.
  - PcdSecGhcbSize  UINT64 value that is the size, in bytes, of the GHCB
                    area used during the SEC phase.

Three new dynamic PCDs are needed to support SEV-ES under OVMF:
  - PcdSevEsIsEnabled: BOOLEAN value used to indicate if SEV-ES is enabled
  - PcdGhcbBase:       UINT64 value that is the base address of the GHCB
                       allocation.
  - PcdGhcbSize:       UINT64 value that is the size, in bytes, of the
                       GHCB allocation (size is dependent on the number of
                       APs).

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdeModulePkg/MdeModulePkg.dec |  9 +++++++++
 UefiCpuPkg/UefiCpuPkg.dec     | 14 ++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index e840cebe2eae..4474c4d5bd43 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -2065,6 +2065,15 @@ [PcdsDynamic, PcdsDynamicEx]
   # @Prompt If there is any test key used by the platform.
   gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x00030003
=20
+  ## This dynamic PCD holds the base address of the GHCB pool allocation.
+  # @Prompt GHCB Pool Base Address
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0|UINT64|0x00030007
+
+  ## This dynamic PCD holds the total size of the GHCB pool allocation.
+  #  The amount of memory allocated for GHCBs is dependent on the number o=
f APs.
+  # @Prompt GHCB Pool Size
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0|UINT64|0x00030008
+
 [PcdsDynamicEx]
   ## This dynamic PCD enables the default variable setting.
   #  Its value is the default store ID value. The default value is zero as=
 Standard default.
diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index a6ebdde1cfb6..005703d8a3e7 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -161,6 +161,14 @@ [PcdsFixedAtBuild]
   # @Prompt Specify the count of pre allocated SMM MP tokens per chunk.
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmMpTokenCountPerChunk|64|UINT32|0x3000=
2002
=20
+  ## The base address of the SEC GHCB page used by SEV-ES.
+  # @Prompt SEC GHCB Base Address
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase|0|UINT32|0x30002003
+
+  ## The total size of the SEC GHCB page used by SEV-ES.
+  # @Prompt SEC GHCB Size
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbSize|0|UINT32|0x30002004
+
 [PcdsFixedAtBuild, PcdsPatchableInModule]
   ## This value is the CPU Local APIC base address, which aligns the addre=
ss on a 4-KByte boundary.
   # @Prompt Configure base address of CPU Local APIC
@@ -367,5 +375,11 @@ [PcdsDynamic, PcdsDynamicEx]
   # @ValidRange  0x80000001 | 0 - 1
   gUefiCpuPkgTokenSpaceGuid.PcdCpuProcTraceOutputScheme|0x0|UINT8|0x600000=
15
=20
+  ## This dynamic PCD indicates whether SEV-ES is enabled
+  #   TRUE  - SEV-ES is enabled
+  #   FALSE - SEV-ES is not enabled
+  # @Prompt SEV-ES Status
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|FALSE|BOOLEAN|0x60000016
+
 [UserExtensions.TianoCore."ExtraFiles"]
   UefiCpuPkgExtra.uni
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53748): https://edk2.groups.io/g/devel/message/53748
Mute This Topic: https://groups.io/mt/70984918/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53749+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 158085732610319.58629068405685;
 Tue, 4 Feb 2020 15:02:06 -0800 (PST)
Return-Path: <bounce+27952+53749+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id bZQTYY1788612xTwMOT0pYnn;
 Tue, 04 Feb 2020 15:02:05 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1654.1580857323583857410
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:04 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Eqb/258S6fm9ntZC6sQjoy9S5l+rjbNyZ2KNMDFEGPNWcFdM2poC/sT762onbzdwzXXo9LRABxhcNcaesSeUPdTr1jlSjJ0R8/Mwqzk/l9kPpJayrcJowPsG/pb3uoSf+9OAAk/wzj8MvQbJ7rHvwmU5lj5A+BmYbQGW+lSXP0pd07C6VVyzd11wT8SYLA9Qp9gr8hKnHZ7aU1Y1LkIt34bhaWUxcUBbJTgTWDd8+cQxQ2d2JXAoRnkwGbnKQDqFLYEfBV1EuzURdn3adTAKbOrjhcugk5+BI07qpsslp6oJ2uq7rKeO+oGcJfWsJ2OVJq4j5m4pUdqd5V52ohzz0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=s769PCkbjW4HOLriYRwGu2gIhnwbm+2Qw3s0UU52LLk=;
 b=Mhxc3YS1TcO1I64Z9xtekDiLJCSteg6RekAn7lpfZ4ognLBC1vFRff/bOG0ESVcTT8k7IyCYQHdCe+pHoUi34LGAUuNErV8UYD+arrGfA6KNJoyjmwd7iW9oL2Ms2GtDdblyuKKB/9SQl6/xKi2Qt3hgH+AF6hrA97Ts5t4TmqxH6kCoCxm/ZJZFvb962ucC6UDnDbIBf92WRDhA0xHV85omlu1bk706KY93UTL4rfbTdGHi3OQ0W3FUzBGlSZ1G1hNru/IAZ1no2OccIRy9IdCSNQr4KuooHLIv47y2OOxbXGSpSxv0P+g4xGutdHma1kzwY3NEO6pu4TDNEYFe+Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:02 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:02 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 02/40] MdePkg: Add the MSR definition for the
 GHCB register
Date: Tue,  4 Feb 2020 17:01:06 -0600
Message-Id: 
 <af05fabe1a1656f6599c8a043c63e5e17d599574.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:01 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 0c9f3d80-cb89-400c-ef89-08d7a9c63ec2
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393078ACD5823B9588E83FBBEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:4941;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53749+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 zMFIu3XdKXY+n3gQA4H6ifp/nvN9LAbos5lue2cr1ckwyEUItg9s+HvBpi92PihWsCNBWk6CQesBzlqFXZ/brHEOpIX+a4WCi+WFIw37IVJNlvVSvxmwdSBKHA8ouD9rQKkWucRvAJZ/R2HqUvk2M/Vvjt2U+2LGzFZeCLfeDEX998or02gSyNR52G3D/sGVVV+PQdoqnxbtH0Lqnjb6h6v3drlXiykLViPqJdhDRFBpUZ8qA4P539k6XZzaOEqpG9kGNsRKs+xe+fN5Uf8uv69EcdhOUjVt2LPPERaejVOy2/teHHe3DWUyTJXcKohc9nPQul3oKVASKKSHag4dmQnnh1z1e4JVK3nr++/NIdp1iITXARY14BIrX2svOi5I0A8bvlUwmy38I7u8JLKCwCAmd/DgKrXaG3/WXE6D8ItrXdiP+ifopMqNut2cgatVXtMSxIVore6KAXnuc+G+4NhjTX4I8guyppASrRTdMIYHNtPdb+4mlNz5HvK4UDOrORMbKhXepJ7uwHcasonsiA==
X-MS-Exchange-AntiSpam-MessageData: 
 8If8JwZjOOzZ7fFfBNW3/k747lsadDtFxTEkzbcGjcnYNsWSShxPGMyTjBqg6HHiTiQGR6GByistUIpKbLvuYogVpaBr5zIOF/c8imCI0qUAO0CWi8OH81P4ZuXR2SFrTiGzRg87A6IiWNGNnGn1uw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 0c9f3d80-cb89-400c-ef89-08d7a9c63ec2
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:01.9844
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 i8L5ddzO8ccuj1aHqf6i8ITUEl4wrdcvXXhn0fhJFWa3uwhzQgy0xIi6cI/L+i45KCAKSTrggtNCu2eYY/JhEQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: n9cPI0BDeWp7FIj2auvTF7nIx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857325;
 bh=gB0UdSABDsjaRzqPvsdLvv/AGRjTMlayM8UWXL+AFwg=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=Mnmu9UBlwEKIta6mrVgOs3RIMrbUn7fS+Tynz26IgJAhG74MPNj1A40W6qXEw9KSJSv
 wHDA8YfqrCZ0ZHqTDwiDPOEJKXpNaKU4PfFa0s+xBQqJO43f4YhIXz2azUC0wU6TRBDsA
 hOA32Mo/zYKjqs7jgg3JU51XsUtBui/WY00=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

For SEV-ES, the GHCB page address is stored in the GHCB MSR register
(0xc0010130). Define the register and the format used for register
during GHCB protocol negotiation.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Include/Register/Amd/Fam17Msr.h | 31 ++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/MdePkg/Include/Register/Amd/Fam17Msr.h b/MdePkg/Include/Regist=
er/Amd/Fam17Msr.h
index 37b935dcdb30..6e8ac11bae74 100644
--- a/MdePkg/Include/Register/Amd/Fam17Msr.h
+++ b/MdePkg/Include/Register/Amd/Fam17Msr.h
@@ -17,6 +17,37 @@
 #ifndef __FAM17_MSR_H__
 #define __FAM17_MSR_H__
=20
+/**
+  Secure Encrypted Virtualization - Encrypted State (SEV-ES) GHCB register
+
+**/
+#define MSR_SEV_ES_GHCB                    0xc0010130
+
+/**
+  MSR information returned for #MSR_SEV_ES_GHCB
+**/
+typedef union {
+  struct {
+    UINT64  Function:12;
+  } GhcbInfo;
+
+  struct {
+    UINT8   Reserved[3];
+    UINT8   SevEncryptionBitPos;
+    UINT16  SevEsProtocolMin;
+    UINT16  SevEsProtocolMax;
+  } GhcbProtocol;
+
+  VOID    *Ghcb;
+
+  UINT64  GhcbPhysicalAddress;
+} MSR_SEV_ES_GHCB_REGISTER;
+
+#define GHCB_INFO_SEV_INFO                 1
+#define GHCB_INFO_SEV_INFO_GET             2
+#define GHCB_INFO_CPUID_REQUEST            4
+#define GHCB_INFO_CPUID_RESPONSE           5
+
 /**
   Secure Encrypted Virtualization (SEV) status register
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53749): https://edk2.groups.io/g/devel/message/53749
Mute This Topic: https://groups.io/mt/70984920/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53750+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857326317305.67061989135414;
 Tue, 4 Feb 2020 15:02:06 -0800 (PST)
Return-Path: <bounce+27952+53750+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 1gR4YY1788612x7vxbepTTjD;
 Tue, 04 Feb 2020 15:02:05 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1654.1580857323583857410
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:05 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=I3ElVi1wbK6C/YpdAZpTZ3EfVSWZxQ9SMtZs4+ftNzc8jXwTE3LF+buR3maZKSFMBepaNr/t1o9FtaZp826hVb8tkk5PnHlor053qeo1FxggSVbU1RF3mYiiWmDPMoEg1w4nCDKm9ojSBOPR+ZmgvB+8bmTC9QEPkgltWTpXf4xQ9S7K5Od2iRGY/EEPruCYnQ2Uditr1dNEOMgnyzfY/RObJ87Ohcfx6Lpf8j0/wAsBt++JNTDca567ogpU/2WSmb6zkgIWZ/HvT9rpZSoT4uhL1k7JLDcmc0qvhGv9avHqdVbI5XHmB+iqXu+IwaTkVFbaTtLOAMpUKmthKnv9Pw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=WoLMbk2O3UYc0MK+RGAz6OVA/8R8jF47V0Nj3Z9EZQU=;
 b=ctX21S1jKqCf/A5lvMg+6FRJr5+eNm9L6O3FkxHlFa6gY/m9BrMkT4s00AJsV7dvkzjGlK/n0Ip1E1xuRI99lnaMG8vjvCKw8zMO8VKvWD+LmTU5UBF9YQ2if22Upop2qMlnEAFj31b4Rk4/RrZBR00VIkf8Vv/dtHkyvuEqJVlCUh0JfJ0qAKfZ1zXWPCc18Rbr4UXfE0e9Ad7rLXY9nYSkpsC46LS6oV6xbhQoJUbwpXkSL73WdMdHB1Fj2UwUgCgcAeE1vkXNsImoosK5HJV5CuKpvAT4BM9AxfwoQYw0RSw82KBureLtwrXPIxwMFnHldcRXeT1qYEc0o5g1Lg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:03 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:03 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 03/40] MdePkg: Add a structure definition for
 the GHCB
Date: Tue,  4 Feb 2020 17:01:07 -0600
Message-Id: 
 <257c109e6df1589f71a2d8d171af824fc8c6ea16.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:02 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: dc5c358d-c38c-4bd7-d198-08d7a9c63f75
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393000917B86154052A6EBF3EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53750+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 btNNjWdpPhgDCK1z9l/Tlf28KfwXnZG354WkjY7C6hlT/wcQy6JOscjU3OVlsJP7gZyWJVDoB3d2CLca4DWFl5EL0O2UzdsMOquAcq1hHt2T08bae3GNYP+tQIa/NIjYa8ssL9CDQs03uSk4kir27KHlwssv4l5uXlnQ9YJs3L+rAfFd+XRZPnqGWi354kB7mTOQYjwVsRMGPmd2IGBxXDqKtjc3K4CRL6dqmDLslJ7Qvo+kUReuA8HFybdwU08SlsKT00W/hmxmrpZiO3VFel18Pstws2SBTXbF/9iUi+QysIl9G/uQQHpY51UjkMUTQqB7xw8+TaSoFzuLikyEfx4oVhg8KTpUK4nw4BVDutEPFUrod+O8+1zO9ugwDVf5xGpZBRk+OuBwS8xmulp1MR+xEqC1yelqRrcNvC/n9Cy0QAL2hmJeKBhALCHMjNku1Js1TOF16yneNDLXB9PhGMd52a8UnnMtgVbPGgETxGmSyIq/HuvngrEGmAHReQbB7dBE7oVKOUtjF99r73cwhg==
X-MS-Exchange-AntiSpam-MessageData: 
 X8MV60aw9g9L2Wk6d7dPEA90E0dLtFPFS6Vlh/yVE0NjmuKkZkiyCoRefYPqCM1RhoVB+PS1za44u9isbN9D3/IGZ6Ce+W94FBbKgfrft5OvfTDh/jUK76sCB3BAPiGM0maSkoXn8+RYmBIpDPtH7g==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 dc5c358d-c38c-4bd7-d198-08d7a9c63f75
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:03.2287
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 mWTQRF1/zS9RrAKVHF23BwyMR+BgaDH0JOSMYDOslpj1IC49MsnaNGzUgEzDBdFbzZX/vsqMYVrnaDbAmLh4nQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: VXamUN8apsMQfnAVbynGVpYEx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857325;
 bh=aXFpbp+TW8tDT6VSoEMi8bRot3GB1cQ2QIL50lIfQoU=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=EotCbxKXBKG/byp7mQVWTFT+K8z/uXeOvBmniLl8p87YJqVK6HB6IP9Id6gIPlljSs4
 EeCh0NwMGzJLcBbC634OSgEJjKJq9OBFy3Xml/A1Vvw2BQyWkZyMGDlh6peUlViyr5ImM
 HfNfVbCXvv0IbeNtVnz3zJmzVoks+dkiipw=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

The GHCB is used by an SEV-ES guest for communicating between the guest
and the hypervisor. Create the GHCB definition as defined by the GHCB
protocol definition.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Include/Register/Amd/Ghcb.h | 136 +++++++++++++++++++++++++++++
 1 file changed, 136 insertions(+)
 create mode 100644 MdePkg/Include/Register/Amd/Ghcb.h

diff --git a/MdePkg/Include/Register/Amd/Ghcb.h b/MdePkg/Include/Register/A=
md/Ghcb.h
new file mode 100644
index 000000000000..efe09bac9ea0
--- /dev/null
+++ b/MdePkg/Include/Register/Amd/Ghcb.h
@@ -0,0 +1,136 @@
+/** @file
+  Guest-Hypervisor Communication Block (GHCB) Definition.
+
+  Provides data types allowing an SEV-ES guest to interact with the hyperv=
isor
+  using the GHCB protocol.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+  @par Specification Reference:
+  SEV-ES Guest-Hypervisor Communication Block Standardization
+
+**/
+
+#ifndef __GHCB_H__
+#define __GHCB_H__
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+
+#define UD_EXCEPTION  6
+#define GP_EXCEPTION 13
+
+#define GHCB_VERSION_MIN     1
+#define GHCB_VERSION_MAX     1
+
+#define GHCB_STANDARD_USAGE  0
+
+typedef enum {
+  SvmExitDr7Read       =3D 0x27,
+  SvmExitDr7Write      =3D 0x37,
+  SvmExitRdtsc         =3D 0x6E,
+  SvmExitRdpmc,
+  SvmExitCpuid         =3D 0x72,
+  SvmExitInvd          =3D 0x76,
+  SvmExitIoioProt      =3D 0x7B,
+  SvmExitMsr,
+  SvmExitVmmCall       =3D 0x81,
+  SvmExitRdtscp        =3D 0x87,
+  SvmExitWbinvd        =3D 0x89,
+  SvmExitMonitor,
+  SvmExitMwait,
+  SvmExitNpf           =3D 0x400,
+
+  // VMG special exits
+  SvmExitMmioRead      =3D 0x80000001,
+  SvmExitMmioWrite,
+  SvmExitNmiComplete,
+  SvmExitApResetHold,
+  SvmExitApJumpTable,
+
+  SvmExitUnsupported   =3D 0x8000FFFF,
+} SVM_EXITCODE;
+
+typedef enum {
+  GhcbCpl              =3D 25,
+  GhcbRflags           =3D 46,
+  GhcbRip,
+  GhcbRsp              =3D 59,
+  GhcbRax              =3D 63,
+  GhcbRcx              =3D 97,
+  GhcbRdx,
+  GhcbRbx,
+  GhcbRbp              =3D 101,
+  GhcbRsi,
+  GhcbRdi,
+  GhcbR8,
+  GhcbR9,
+  GhcbR10,
+  GhcbR11,
+  GhcbR12,
+  GhcbR13,
+  GhcbR14,
+  GhcbR15,
+  GhcbXCr0             =3D 125,
+} GHCB_REGISTER;
+
+typedef struct {
+  UINT8                  Reserved1[203];
+  UINT8                  Cpl;
+  UINT8                  Reserved2[148];
+  UINT64                 Dr7;
+  UINT8                  Reserved3[144];
+  UINT64                 Rax;
+  UINT8                  Reserved4[264];
+  UINT64                 Rcx;
+  UINT64                 Rdx;
+  UINT64                 Rbx;
+  UINT8                  Reserved5[112];
+  UINT64                 SwExitCode;
+  UINT64                 SwExitInfo1;
+  UINT64                 SwExitInfo2;
+  UINT64                 SwScratch;
+  UINT8                  Reserved6[56];
+  UINT64                 XCr0;
+  UINT8                  ValidBitmap[16];
+  UINT64                 X87StateGpa;
+  UINT8                  Reserved7[1016];
+} __attribute__ ((__packed__)) GHCB_SAVE_AREA;
+
+typedef struct {
+  GHCB_SAVE_AREA         SaveArea;
+  UINT8                  SharedBuffer[2032];
+  UINT8                  Reserved1[10];
+  UINT16                 ProtocolVersion;
+  UINT32                 GhcbUsage;
+} __attribute__ ((__packed__)) __attribute__ ((aligned(SIZE_4KB))) GHCB;
+
+typedef union {
+  struct {
+    UINT32  Lower32Bits;
+    UINT32  Upper32Bits;
+  } Elements;
+
+  UINT64    Uint64;
+} GHCB_EXIT_INFO;
+
+typedef union {
+  struct {
+    UINT32  Vector:8;
+    UINT32  Type:3;
+    UINT32  ErrorCodeValid:1;
+    UINT32  Rsvd:19;
+    UINT32  Valid:1;
+    UINT32  ErrorCode;
+  } Elements;
+
+  UINT64    Uint64;
+} GHCB_EVENT_INJECTION;
+
+#define GHCB_EVENT_INJECTION_TYPE_INT        0
+#define GHCB_EVENT_INJECTION_TYPE_NMI        2
+#define GHCB_EVENT_INJECTION_TYPE_EXCEPTION  3
+#define GHCB_EVENT_INJECTION_TYPE_SOFT_INT   4
+
+#endif
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53750): https://edk2.groups.io/g/devel/message/53750
Mute This Topic: https://groups.io/mt/70984921/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53751+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857327888376.2930550214468;
 Tue, 4 Feb 2020 15:02:07 -0800 (PST)
Return-Path: <bounce+27952+53751+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id WWdBYY1788612xQJLPN8MU4u;
 Tue, 04 Feb 2020 15:02:07 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.86])
 by mx.groups.io with SMTP id smtpd.web09.1685.1580857326836339527
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:07 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=j2X572ViYBV8j4I3CSv3w7FShM13vXmKmrrbOiRVM2dilZAqlos7Wy51lFGzJF3PJCAgLju8XVqkz6gHYhdUoEPG51/GUU1iHbmZpPhY0tdt3JMr5D6BTkk4i2Q5dD4tdBOMjKzChtqtfJ725No35llk3JYxvbc40zNgVuJELGTJvUoh3U6trFOQzgcscc821znsx1lmOUKlxLGB44sp0CaDxH8XzfxbDNfFWq4F0WIYRJRMD6jlaGob6RDRlShGT0OkBtq5/yLCJ0lMvU1O5W3gqXEmBKcImesTRKA4mwMgH+vALNN7qY/DdIQIqr7Omux8hyFWpYiC8vdAak7mxA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=yezQhckrMZQ1AswvFMcMcVc3R0jz1u2cCwDS6NLj0nk=;
 b=Ugx+zk03+vDwSOZV6GTDzlkq9zuKFFO+wcAFSnc/41DxyQkyYGsplDziZO0GvcuAgQG0VWFJxAVWY6fOHQEIBDKoF3c4OHiN1nki+7Ndstwr4ajUDGhn1sNh6981HsWGqr01jaxa+yB4zq0A0lEZYlwyWM0IKwVtYrVcdvvp5sj9mQKKIPXPJjKX1QvzPWg6uTqDq33qs1+vmP68WfX9E8J7ITbFJZWbmDS/w5E0ucW8i9BIr/9sXNrtcnxelS8zDCfKUMQsRzslaAXQo2+kMs6MYVzBsJFYVTffcJAGWB4JH/Ie2FISVa1wg/BsxW8tj4wruYenZAZScfivZIfKyw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:04 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:04 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Hao A Wu <hao.a.wu@intel.com>,
	Dandan Bi <dandan.bi@intel.com>
Subject: [edk2-devel] [PATCH v4 04/40] MdeModulePkg/DxeIplPeim: Support GHCB
 pages when creating page tables
Date: Tue,  4 Feb 2020 17:01:08 -0600
Message-Id: 
 <83ebcd61855d83ba70c7ffb2f11c351826cc17a2.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:03 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 9b998ab4-ca18-4284-b12e-08d7a9c6404c
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930475489B170061B173323EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53751+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 DZF1jPldDBRM1ogXvcFRlIHSPu0YjGNItam40NaTw+n+dtIdvFiw/qhUSJKJnKJw4gHrqy4eAxakZ/Ed8DVjYubY52GtBDzF0+it0xubr9OnPOUGULU+ANRnAel4KSv7NsURo9PtL8U7P7rZRdaaWUAAMhD63qxYG7IOhw0QoQj75ZGXkRanxlh8Ii4SkA6ECmMY/5p4ExvsJ2G09fYfmE3/3DgObPIyYJj7XMZRVGxqZRafPJf4wrfWdnMOcdTiVRSGBCPIkcHUPF8ZFjhTHkyCTJFAORAcpPEhn6Hl28At6mzwteiVqCscVsbnh5MACsOKIbFcfwvztkxqjv3MEPubV47xwEkhYNE3uRcxNuSFY54vWOwpv5Trr/YHaRstNU7M8NE0bY9UFPbw1x0sS0KbR0CJ0xhQRCVn6hIA3ahr2bzker9MGUidXOdSZjgmfM50St8Wcx/y3msHtspn5p2aqos5MVQDj/k1n42f+9M4GCaAcZqdVKg8/WW4Psz7FC6Jo3r7flgujpZgn+SJgA==
X-MS-Exchange-AntiSpam-MessageData: 
 Qc7qR5QWn7ORHpQh2vLzfivnfG7rLwScbq3GB+8IMKhWT8oT6hH8tf4GvnDgw7iBTsVvmpp/1vsntv5B9Ik1mJZkYdO/9AjsTRxkBW81iFViI8f8TPiJgjgye9br0CFdJgI7zBv2iF57pnrvyUCaIA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 9b998ab4-ca18-4284-b12e-08d7a9c6404c
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:04.6109
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 1OqznCbeUtIkQvOHpWW8uJnuJkRVTRmCvQ+ko0A0I5TBKkOXXcCf1+hObjhc6O7MFDHhQIyOwFUCDJoFBrP4KQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 1PXl8BIB6fQACAVmVHCCHVclx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857327;
 bh=6YLYfreEOd8RY/1iJf8Ur7CeAuBz4UJ+6lNZYOMyHhM=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=WT4BKgRYONF5TXPTf+WZkeBDX40JaN8YBIfB0GOLdvY7Z4/BTdf7V9PAHsfgIimQ+0s
 +GmwlDj+QT4PloGelMo9dgVoN+Rtlu1qqaFcpZhzLYlZapn4AWR0bgxISzPfALo+gp5Js
 oV1OoN/sJMPdL8OQnOzTk9F7u9+yuVcJ3vc=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

GHCB pages must be mapped as shared pages, so modify the process of
creating identity mapped pagetable entries so that GHCB entries are
created without the encryption bit set.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf       |  2 +
 .../Core/DxeIplPeim/X64/VirtualMemory.h       | 12 ++++-
 .../Core/DxeIplPeim/Ia32/DxeLoadFunc.c        |  4 +-
 .../Core/DxeIplPeim/X64/DxeLoadFunc.c         | 11 ++++-
 .../Core/DxeIplPeim/X64/VirtualMemory.c       | 49 ++++++++++++++-----
 5 files changed, 62 insertions(+), 16 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf b/MdeModulePkg/Core/Dx=
eIplPeim/DxeIpl.inf
index 98bc17fc9d1f..5e6b78e295e6 100644
--- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
+++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
@@ -111,6 +111,8 @@ [Pcd.IA32,Pcd.X64]
   gEfiMdeModulePkgTokenSpaceGuid.PcdHeapGuardPropertyMask               ##=
 CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard                       ##=
 CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdUse5LevelPageTable                  ##=
 SOMETIMES_CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase                            ##=
 CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize                            ##=
 CONSUMES
=20
 [Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64]
   gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack               ## SOMETIM=
ES_CONSUMES
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h b/MdeModulePk=
g/Core/DxeIplPeim/X64/VirtualMemory.h
index 2d0493f109e8..6b7c38a441d6 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h
@@ -201,6 +201,8 @@ EnableExecuteDisableBit (
   @param[in, out] PageEntry2M           Pointer to 2M page entry.
   @param[in]      StackBase             Stack base address.
   @param[in]      StackSize             Stack size.
+  @param[in]      GhcbBase              GHCB page area base address.
+  @param[in]      GhcbSize              GHCB page area size.
=20
 **/
 VOID
@@ -208,7 +210,9 @@ Split2MPageTo4K (
   IN EFI_PHYSICAL_ADDRESS               PhysicalAddress,
   IN OUT UINT64                         *PageEntry2M,
   IN EFI_PHYSICAL_ADDRESS               StackBase,
-  IN UINTN                              StackSize
+  IN UINTN                              StackSize,
+  IN EFI_PHYSICAL_ADDRESS               GhcbBase,
+  IN UINTN                              GhcbSize
   );
=20
 /**
@@ -217,6 +221,8 @@ Split2MPageTo4K (
=20
   @param[in] StackBase  Stack base address.
   @param[in] StackSize  Stack size.
+  @param[in] GhcbBase   GHCB page area base address.
+  @param[in] GhcbSize   GHCB page area size.
=20
   @return The address of 4 level page map.
=20
@@ -224,7 +230,9 @@ Split2MPageTo4K (
 UINTN
 CreateIdentityMappingPageTables (
   IN EFI_PHYSICAL_ADDRESS   StackBase,
-  IN UINTN                  StackSize
+  IN UINTN                  StackSize,
+  IN EFI_PHYSICAL_ADDRESS   GhcbBase,
+  IN UINTN                  GhcbkSize
   );
=20
=20
diff --git a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c b/MdeModulePkg=
/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
index 6e8ca824d469..284b34818ca7 100644
--- a/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/Ia32/DxeLoadFunc.c
@@ -123,7 +123,7 @@ Create4GPageTablesIa32Pae (
         //
         // Need to split this 2M page that covers stack range.
         //
-        Split2MPageTo4K (PhysicalAddress, (UINT64 *) PageDirectoryEntry, S=
tackBase, StackSize);
+        Split2MPageTo4K (PhysicalAddress, (UINT64 *) PageDirectoryEntry, S=
tackBase, StackSize, 0, 0);
       } else {
         //
         // Fill in the Page Directory entries
@@ -282,7 +282,7 @@ HandOffToDxeCore (
     //
     // Create page table and save PageMapLevel4 to CR3
     //
-    PageTables =3D CreateIdentityMappingPageTables (BaseOfStack, STACK_SIZ=
E);
+    PageTables =3D CreateIdentityMappingPageTables (BaseOfStack, STACK_SIZ=
E, 0, 0);
=20
     //
     // End of PEI phase signal
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c b/MdeModulePkg/=
Core/DxeIplPeim/X64/DxeLoadFunc.c
index f465eb1d8ac4..156a477d8467 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
@@ -35,6 +35,8 @@ HandOffToDxeCore (
   UINT32                          Index;
   EFI_VECTOR_HANDOFF_INFO         *VectorInfo;
   EFI_PEI_VECTOR_HANDOFF_INFO_PPI *VectorHandoffInfoPpi;
+  VOID                            *GhcbBase;
+  UINTN                           GhcbSize;
=20
   //
   // Clear page 0 and mark it as allocated if NULL pointer detection is en=
abled.
@@ -81,12 +83,19 @@ HandOffToDxeCore (
   TopOfStack =3D (VOID *) ((UINTN) BaseOfStack + EFI_SIZE_TO_PAGES (STACK_=
SIZE) * EFI_PAGE_SIZE - CPU_STACK_ALIGNMENT);
   TopOfStack =3D ALIGN_POINTER (TopOfStack, CPU_STACK_ALIGNMENT);
=20
+  //
+  // Get the address and size of the GHCB pages
+  //
+  GhcbBase =3D (VOID *) PcdGet64 (PcdGhcbBase);
+  GhcbSize =3D PcdGet64 (PcdGhcbSize);
+
   PageTables =3D 0;
   if (FeaturePcdGet (PcdDxeIplBuildPageTables)) {
     //
     // Create page table and save PageMapLevel4 to CR3
     //
-    PageTables =3D CreateIdentityMappingPageTables ((EFI_PHYSICAL_ADDRESS)=
 (UINTN) BaseOfStack, STACK_SIZE);
+    PageTables =3D CreateIdentityMappingPageTables ((EFI_PHYSICAL_ADDRESS)=
 (UINTN) BaseOfStack, STACK_SIZE,
+                                                  (EFI_PHYSICAL_ADDRESS) (=
UINTN) GhcbBase, GhcbSize);
   } else {
     //
     // Set NX for stack feature also require PcdDxeIplBuildPageTables be T=
RUE
diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c b/MdeModulePk=
g/Core/DxeIplPeim/X64/VirtualMemory.c
index 516cf908bc88..32a81d1f3c21 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -181,6 +181,8 @@ EnableExecuteDisableBit (
   @param Size         Size of the given physical memory.
   @param StackBase    Base address of stack.
   @param StackSize    Size of stack.
+  @param GhcbBase     Base address of GHCB pages.
+  @param GhcbSize     Size of GHCB area.
=20
   @retval TRUE      Page table should be split.
   @retval FALSE     Page table should not be split.
@@ -190,7 +192,9 @@ ToSplitPageTable (
   IN EFI_PHYSICAL_ADDRESS               Address,
   IN UINTN                              Size,
   IN EFI_PHYSICAL_ADDRESS               StackBase,
-  IN UINTN                              StackSize
+  IN UINTN                              StackSize,
+  IN EFI_PHYSICAL_ADDRESS               GhcbBase,
+  IN UINTN                              GhcbSize
   )
 {
   if (IsNullDetectionEnabled () && Address =3D=3D 0) {
@@ -209,6 +213,12 @@ ToSplitPageTable (
     }
   }
=20
+  if (GhcbBase) {
+    if ((Address < GhcbBase + GhcbSize) && ((Address + Size) > GhcbBase)) {
+      return TRUE;
+    }
+  }
+
   return FALSE;
 }
 /**
@@ -322,6 +332,8 @@ AllocatePageTableMemory (
   @param[in, out] PageEntry2M           Pointer to 2M page entry.
   @param[in]      StackBase             Stack base address.
   @param[in]      StackSize             Stack size.
+  @param[in]      GhcbBase              GHCB page area base address.
+  @param[in]      GhcbSize              GHCB page area size.
=20
 **/
 VOID
@@ -329,7 +341,9 @@ Split2MPageTo4K (
   IN EFI_PHYSICAL_ADDRESS               PhysicalAddress,
   IN OUT UINT64                         *PageEntry2M,
   IN EFI_PHYSICAL_ADDRESS               StackBase,
-  IN UINTN                              StackSize
+  IN UINTN                              StackSize,
+  IN EFI_PHYSICAL_ADDRESS               GhcbBase,
+  IN UINTN                              GhcbSize
   )
 {
   EFI_PHYSICAL_ADDRESS                  PhysicalAddress4K;
@@ -355,7 +369,12 @@ Split2MPageTo4K (
     //
     // Fill in the Page Table entries
     //
-    PageTableEntry->Uint64 =3D (UINT64) PhysicalAddress4K | AddressEncMask;
+    PageTableEntry->Uint64 =3D (UINT64) PhysicalAddress4K;
+    if (!GhcbBase
+        || (PhysicalAddress4K < GhcbBase)
+        || (PhysicalAddress4K >=3D GhcbBase + GhcbSize)) {
+      PageTableEntry->Uint64 |=3D AddressEncMask;
+    }
     PageTableEntry->Bits.ReadWrite =3D 1;
=20
     if ((IsNullDetectionEnabled () && PhysicalAddress4K =3D=3D 0) ||
@@ -383,6 +402,8 @@ Split2MPageTo4K (
   @param[in, out] PageEntry1G           Pointer to 1G page entry.
   @param[in]      StackBase             Stack base address.
   @param[in]      StackSize             Stack size.
+  @param[in]      GhcbBase              GHCB page area base address.
+  @param[in]      GhcbSize              GHCB page area size.
=20
 **/
 VOID
@@ -390,7 +411,9 @@ Split1GPageTo2M (
   IN EFI_PHYSICAL_ADDRESS               PhysicalAddress,
   IN OUT UINT64                         *PageEntry1G,
   IN EFI_PHYSICAL_ADDRESS               StackBase,
-  IN UINTN                              StackSize
+  IN UINTN                              StackSize,
+  IN EFI_PHYSICAL_ADDRESS               GhcbBase,
+  IN UINTN                              GhcbSize
   )
 {
   EFI_PHYSICAL_ADDRESS                  PhysicalAddress2M;
@@ -413,11 +436,11 @@ Split1GPageTo2M (
=20
   PhysicalAddress2M =3D PhysicalAddress;
   for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntries < 51=
2; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PhysicalAddress2M +=
=3D SIZE_2MB) {
-    if (ToSplitPageTable (PhysicalAddress2M, SIZE_2MB, StackBase, StackSiz=
e)) {
+    if (ToSplitPageTable (PhysicalAddress2M, SIZE_2MB, StackBase, StackSiz=
e, GhcbBase, GhcbSize)) {
       //
       // Need to split this 2M page that covers NULL or stack range.
       //
-      Split2MPageTo4K (PhysicalAddress2M, (UINT64 *) PageDirectoryEntry, S=
tackBase, StackSize);
+      Split2MPageTo4K (PhysicalAddress2M, (UINT64 *) PageDirectoryEntry, S=
tackBase, StackSize, GhcbBase, GhcbSize);
     } else {
       //
       // Fill in the Page Directory entries
@@ -616,6 +639,8 @@ EnablePageTableProtection (
=20
   @param[in] StackBase  Stack base address.
   @param[in] StackSize  Stack size.
+  @param[in] GhcbBase   GHCB base address.
+  @param[in] GhcbSize   GHCB size.
=20
   @return The address of 4 level page map.
=20
@@ -623,7 +648,9 @@ EnablePageTableProtection (
 UINTN
 CreateIdentityMappingPageTables (
   IN EFI_PHYSICAL_ADDRESS   StackBase,
-  IN UINTN                  StackSize
+  IN UINTN                  StackSize,
+  IN EFI_PHYSICAL_ADDRESS   GhcbBase,
+  IN UINTN                  GhcbSize
   )
 {
   UINT32                                        RegEax;
@@ -809,8 +836,8 @@ CreateIdentityMappingPageTables (
         PageDirectory1GEntry =3D (VOID *) PageDirectoryPointerEntry;
=20
         for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntrie=
s < 512; IndexOfPageDirectoryEntries++, PageDirectory1GEntry++, PageAddress=
 +=3D SIZE_1GB) {
-          if (ToSplitPageTable (PageAddress, SIZE_1GB, StackBase, StackSiz=
e)) {
-            Split1GPageTo2M (PageAddress, (UINT64 *) PageDirectory1GEntry,=
 StackBase, StackSize);
+          if (ToSplitPageTable (PageAddress, SIZE_1GB, StackBase, StackSiz=
e, GhcbBase, GhcbSize)) {
+            Split1GPageTo2M (PageAddress, (UINT64 *) PageDirectory1GEntry,=
 StackBase, StackSize, GhcbBase, GhcbSize);
           } else {
             //
             // Fill in the Page Directory entries
@@ -840,11 +867,11 @@ CreateIdentityMappingPageTables (
           PageDirectoryPointerEntry->Bits.Present =3D 1;
=20
           for (IndexOfPageDirectoryEntries =3D 0; IndexOfPageDirectoryEntr=
ies < 512; IndexOfPageDirectoryEntries++, PageDirectoryEntry++, PageAddress=
 +=3D SIZE_2MB) {
-            if (ToSplitPageTable (PageAddress, SIZE_2MB, StackBase, StackS=
ize)) {
+            if (ToSplitPageTable (PageAddress, SIZE_2MB, StackBase, StackS=
ize, GhcbBase, GhcbSize)) {
               //
               // Need to split this 2M page that covers NULL or stack rang=
e.
               //
-              Split2MPageTo4K (PageAddress, (UINT64 *) PageDirectoryEntry,=
 StackBase, StackSize);
+              Split2MPageTo4K (PageAddress, (UINT64 *) PageDirectoryEntry,=
 StackBase, StackSize, GhcbBase, GhcbSize);
             } else {
               //
               // Fill in the Page Directory entries
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53751): https://edk2.groups.io/g/devel/message/53751
Mute This Topic: https://groups.io/mt/70984923/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53752+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 158085732868724.714125676464846;
 Tue, 4 Feb 2020 15:02:08 -0800 (PST)
Return-Path: <bounce+27952+53752+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id YjDqYY1788612xte4W9xlrMx;
 Tue, 04 Feb 2020 15:02:08 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1685.1580857326836339527
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:07 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=cdDSi/Fi+0x149cJMipRpDueAnKYKP3Ui/bjg1fpcoKcdirUNEiqc95rnnI0InXQ5AsalPGuBpEqNxRUEYAZk4QzBsXXDZ67dt9YLeRArTi2CJZHM6yrCPGPiA6i803XAiaZoKZgP5ERFU9KUhZsVus8M1gsbcfPEPaCIyjW3FxKsYhYrkyZ0QWUl4vIMo74ioCzMZb3cVQdQ18fsjmPSIlM3wKVyxTYnuZpVy/N2ZBGq7eLr9waozzBH1X6r51N37OiASYl/Y40b8p+Fj6uCtLYZpsTC3Cf1ZpEWqTofIsf381eAAOVaHmoHsbhFLHWOxAb/Xif9X2RPbKbbOgBWw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=dJLAtSvxBEhMMaH044vhrl8h8HKGd+FxPghL2yN868s=;
 b=a5Sj2o7fw7G6HCw0/uCHNQWVf0ttAmzna4v5BvkjxsBcbHmbWa9NKygHS7BA1boNC4Y9+cThwsF7qUawt0iZqBLjpJmO8K9BcV4Nue70oTNGO32MvOSsRLYsiXMPh1PQ5R32BrkMUP+Zf8+HyfjeaPa+YJP2ZDzCVZyc2hPq/7E6ZjwCHs06fr+BtH6fdlcDSDLSqoRj6QguaJRaQOD1QsG8wrGbwJYBARXRpK/47dINn6auO6eBoxjVnJ9KuAvlh8UXGMva5/eSzKGFGIlr67KNvZDzBBOy1wxxtDLpSs4bLlOoE0ZvGJIMF0ammk2LdWNENFcn/7hbZ6TT23casA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:05 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:05 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 05/40] MdePkg/BaseLib: Add support for the
 XGETBV instruction
Date: Tue,  4 Feb 2020 17:01:09 -0600
Message-Id: 
 <0ca07425fe0a9b73d8394df0b5868d3173dc95aa.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:04 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 7a13416c-f32b-4dd0-3001-08d7a9c640f7
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39304032D0FA7F623F529CFBEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7219;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53752+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 1BsaGY/GXjvSKmZgyiqqDO7NNFL+qNRCZ1fWavVdQCHVirJlzq6mqioKG2GC4dZoeWouXxOJuIMAIu5ZXXDhHJ8rkl7wByYDwu2MVAXRnxMIYAYbqCcA4jLjlIGenVntaoVeva6aAccBWDQKVPep+H1j55Zr1l6aIyFK/GKmxFIlSSgvvMKiRNBakjpiQaxuM32ho+vaMwJdWqN/3Dsu+30wd9yUZdffEsGkZShN40QNej6hxi16hPZn/iwFt0p1grkoTqA5Fd45osfXp9b6S4iwy9vgCVGuzEsP9Pk1s40i5R2do97NxLew0uLuzzKT/kSfz3g868l6/RPp34Ko525JjFk8XaFsD3wqL8O/4LHGGXj2HAYI6AA2PjwHIsFSR+yn5qq16IIeqrGptaAUFujauWBmaY2SVgiv7wX/PMOIcELpDKP1l3CPetFOKuyygAHOxCk0WrdsEPsxV3Ml7F65Rd2nZYUlk2xRdSQOtGOjMVQG+xbEeejtwiNOfOtNmW0DvbQzSfhNQtaDXldPpQ==
X-MS-Exchange-AntiSpam-MessageData: 
 OQRSfMqW3vHG5KRaT9jbOJTTqrxiKwDzVBeqTJgc6v0oAeNnLbp+jE8FM1kRjH4BDxsAyNN0Ht77FlRByJnn+bmirrdK5aHza1rtpIZ8xkkuRNTxCNO3FtLfo4jpd1hwmtL7XuBG4ys7MzEf4CWI4w==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 7a13416c-f32b-4dd0-3001-08d7a9c640f7
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:05.7383
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 zLrsSS4bPcdzpb1CPSrUwBuBB0AWPOsHMA6CGLK8VZbxdzyyuP99YJvqWv33AaXKy6eoBdtJJB4wbqJgUWD+GQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 7mWcQVnf615LufOMfxP4j5YQx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857328;
 bh=J2RUug0q17Xbmf2avzxcpxifWHrvTTC/Zw2CgKqzIVI=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=cFHapHwORfyhjSB+LZ58MRc5S8rjMiTDMW6TIolqc6UVuVyVHB18y+uw6B0nn2lTZJf
 C6kZ2tGhaqd1ir9iQP+hTt6kpjYRfFvVdz4wnt2iuJxRn8Xnz17xRTdRU0kvOl046Paa6
 DcDr8j7hX6GvPQU9O2n1MhY0s6wEqh6ot28=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a CPUID instruction requires the current value of the XCR0
register. In order to retrieve that value, the XGETBV instruction needs
to be executed.

Provide the necessary support to execute the XGETBV instruction.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Library/BaseLib/BaseLib.inf      |  2 ++
 MdePkg/Include/Library/BaseLib.h        | 17 +++++++++++++
 MdePkg/Library/BaseLib/Ia32/GccInline.c | 28 ++++++++++++++++++++
 MdePkg/Library/BaseLib/X64/GccInline.c  | 30 ++++++++++++++++++++++
 MdePkg/Library/BaseLib/Ia32/XGetBv.nasm | 31 ++++++++++++++++++++++
 MdePkg/Library/BaseLib/X64/XGetBv.nasm  | 34 +++++++++++++++++++++++++
 6 files changed, 142 insertions(+)
 create mode 100644 MdePkg/Library/BaseLib/Ia32/XGetBv.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/XGetBv.nasm

diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/Ba=
seLib.inf
index 3586beb0ab5c..d7a1dd017e95 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -152,6 +152,7 @@ [Sources.Ia32]
   Ia32/ARShiftU64.c | MSFT
   Ia32/EnableCache.c | MSFT
   Ia32/DisableCache.c | MSFT
+  Ia32/XGetBv.nasm | MSFT
=20
=20
   Ia32/GccInline.c | GCC
@@ -286,6 +287,7 @@ [Sources.X64]
   X64/ReadCr2.nasm| MSFT
   X64/ReadCr0.nasm| MSFT
   X64/ReadEflags.nasm| MSFT
+  X64/XGetBv.nasm | MSFT
=20
=20
   X64/Non-existing.c
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/Base=
Lib.h
index ecadff8b235e..d0cbb52ed8f9 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -7889,6 +7889,23 @@ AsmLfence (
   VOID
   );
=20
+/**
+  Executes a XGETBV instruction
+
+  Executes a XGETBV instruction. This function is only available on IA-32 =
and
+  x64.
+
+  @param[in] Index        Extended control register index
+
+  @retval                 The current value of the extended control regist=
er
+**/
+UINT64
+EFIAPI
+AsmXGetBv (
+  IN UINT32  Index
+  );
+
+
 /**
   Patch the immediate operand of an IA32 or X64 instruction such that the =
byte,
   word, dword or qword operand is encoded at the end of the instruction's
diff --git a/MdePkg/Library/BaseLib/Ia32/GccInline.c b/MdePkg/Library/BaseL=
ib/Ia32/GccInline.c
index 5287200f8754..591f0bb0e097 100644
--- a/MdePkg/Library/BaseLib/Ia32/GccInline.c
+++ b/MdePkg/Library/BaseLib/Ia32/GccInline.c
@@ -1763,3 +1763,31 @@ AsmFlushCacheLine (
 }
=20
=20
+/**
+  Executes a XGETBV instruction
+
+  Executes a XGETBV instruction. This function is only available on IA-32 =
and
+  x64.
+
+  @param[in] Index        Extended control register index
+
+  @retval                 The current value of the extended control regist=
er
+**/
+UINT64
+EFIAPI
+AsmXGetBv (
+  IN UINT32 Index
+  )
+{
+  UINT64 Data;
+
+  __asm__ __volatile__ (
+    "xgetbv"
+    : "=3DA" (Data)
+    : "c"  (Index)
+    );
+
+  return Data;
+}
+
+
diff --git a/MdePkg/Library/BaseLib/X64/GccInline.c b/MdePkg/Library/BaseLi=
b/X64/GccInline.c
index 154ce1f57e92..3eed1205adb2 100644
--- a/MdePkg/Library/BaseLib/X64/GccInline.c
+++ b/MdePkg/Library/BaseLib/X64/GccInline.c
@@ -1798,3 +1798,33 @@ AsmFlushCacheLine (
 }
=20
=20
+/**
+  Executes a XGETBV instruction
+
+  Executes a XGETBV instruction. This function is only available on IA-32 =
and
+  x64.
+
+  @param[in] Index        Extended control register index
+
+  @retval                 The current value of the extended control regist=
er
+**/
+UINT64
+EFIAPI
+AsmXGetBv (
+  IN UINT32 Index
+  )
+{
+  UINT32 LowData;
+  UINT32 HighData;
+
+  __asm__ __volatile__ (
+    "xgetbv"
+    : "=3Da" (LowData),
+      "=3Dd" (HighData)
+    : "c"  (Index)
+    );
+
+  return (((UINT64)HighData) << 32) | LowData;
+}
+
+
diff --git a/MdePkg/Library/BaseLib/Ia32/XGetBv.nasm b/MdePkg/Library/BaseL=
ib/Ia32/XGetBv.nasm
new file mode 100644
index 000000000000..23ad38df0710
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/XGetBv.nasm
@@ -0,0 +1,31 @@
+;-------------------------------------------------------------------------=
-----
+;
+; Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   XGetBv.Asm
+;
+; Abstract:
+;
+;   AsmXgetBv function
+;
+; Notes:
+;
+;-------------------------------------------------------------------------=
-----
+
+    SECTION .text
+
+;-------------------------------------------------------------------------=
-----
+; UINT64
+; EFIAPI
+; AsmXGetBv (
+;   IN UINT32  Index
+;   );
+;-------------------------------------------------------------------------=
-----
+global ASM_PFX(AsmXGetBv)
+ASM_PFX(AsmXGetBv):
+    mov     ecx, [esp + 4]
+    xgetbv
+    ret
diff --git a/MdePkg/Library/BaseLib/X64/XGetBv.nasm b/MdePkg/Library/BaseLi=
b/X64/XGetBv.nasm
new file mode 100644
index 000000000000..cd73e972d31b
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X64/XGetBv.nasm
@@ -0,0 +1,34 @@
+;-------------------------------------------------------------------------=
-----
+;
+; Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   XGetBv.Asm
+;
+; Abstract:
+;
+;   AsmXgetBv function
+;
+; Notes:
+;
+;-------------------------------------------------------------------------=
-----
+
+    DEFAULT REL
+    SECTION .text
+
+;-------------------------------------------------------------------------=
-----
+; UINT64
+; EFIAPI
+; AsmXGetBv (
+;   IN UINT32  Index
+;   );
+;-------------------------------------------------------------------------=
-----
+global ASM_PFX(AsmXGetBv)
+ASM_PFX(AsmXGetBv):
+    xgetbv
+    shl     rdx, 32
+    or      rax, rdx
+    ret
+
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53752): https://edk2.groups.io/g/devel/message/53752
Mute This Topic: https://groups.io/mt/70984924/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53753+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857329356219.4914501442413;
 Tue, 4 Feb 2020 15:02:09 -0800 (PST)
Return-Path: <bounce+27952+53753+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 53bdYY1788612xqQlW6tduf6;
 Tue, 04 Feb 2020 15:02:09 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1685.1580857326836339527
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:08 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=n76K6t3X1mdXCu9M2DXG8CWRf+gXilXbp3K6L+9PXrIbJIhXiLcfu4fZyBr/kailNzBQVVsDCBBnBEXJ+zeGYd2lS2Whk2gnx6tGdNesu8W/QTkHEk7S0vZZvXl/7D2aUFz7K6SIvcBiPnMdtrmVY9tJikXZPcVmJNB6u0WBCTp7oOsTH7N6rhKc1/AbFqWTPbxQhK1q7ukhDax8nv/MEbN8uPGkHOKZOUD8VvigoiMf8bP2Kx2lDqP+wnUhXDztSVPbifJN+573qCrWTfdbf4gikc+WhlvUWBAqvP5ZhnbobSorUt8oNsmPuScbSv7FVd3inVyDJ41AJuGdXKHlqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=CBfVap4vPozJx1JTBBc3yU/O2JWaVQWWuzRPp+PkizU=;
 b=XMLGgE0XyHzVGNxgUXaLUTxxs/Zdjb/NJxYwCvjMu3G3RoLcLlBKn/UQ9bEc/SlFX8e/Pf6eNKMtTBBdhUtUzXtAIbsJLnFrGWtA7ISU0d/yYk/SU9Cb7b9YmBWDMJ6Ym06yaZPWOM5gx+Cz+orY520l4YyxPrJIA1Foh/xMzasKjHjg59yTUjZRAeLj1Saag6SrGhVG41RCIITDGRp6JhqZEea2tRT06shVIAwOldWnzNRElD+ZkD6+P3Y+0P8snb9d0uH2qpRkPbuQUTq8FgaQdGqH87PUqrar1TgSuLEze7a/232yTYOA7hd7B5J9coq27oHijd7rV9wO6ZVr6w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:07 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:06 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 06/40] MdePkg/BaseLib: Add support for the
 VMGEXIT instruction
Date: Tue,  4 Feb 2020 17:01:10 -0600
Message-Id: 
 <75355c8085d91a70d9e6a72869d877adea3fe06f.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:05 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: ab3eb0cc-60ac-4795-7ed8-08d7a9c641a5
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930F615FAD5B3CB66FB568FEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53753+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 HCHk0RvZubq8hjWVdPt9BHq+UMcri7ycWiaiaAf/WYH/nYScc452Jx00/QyEn50BiMS47frQu1rXl+fwoLqJ39E1X53KHFjDwv+JQSKjAufykBxvAgHzwwDfEZ57ACqDUJeEOq9VMxAR7I5uH1mOhKHeJmAHJiHa2ElDelp4tVzjANlpBBWut+43BkfFr8ZnRzJFjijaaU92lAV56q68XEYbaIJ6DpCtYgj7KpnxCsgCXODPimQtRTHl1RDxgxytKPyDXBALQwK9IY2hvqoSRliLbs4+mTP0jlgWu2ryyNrfplfcqNbTAX37W6gKc3ZHg23quEMjJ10O+OvEl2nsmCC/GJI7i559mnK0J7tNJegUzz7/20tv6/wsygTIA8WEtTawo7YRpSbRzSFTY69I4LAt9YcLJ7GndLZZNCuJeGnmq8rrnXXq63BB36RQtCOFu39RcAl+oYp42AONx4ahmNgN1KmFlH7ApROhe/6esGK4XqheLLoD3vOYshPbW8cIdjOVuu5eP30S0b9k0CDOYg==
X-MS-Exchange-AntiSpam-MessageData: 
 r8/8fo7mlZIQB76MZ2PR1VfRsPhxyj9HiJ0nM3iCbEe5Ch1xlPPAtiqbxgE22Dljj11BwL8H0U6364xG/3vQPOWgoT9eudgUOTqh7o51OTNC995OI9xNKlSPP59ThklxSt/p52vy1NHtu2tZsk9C0A==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ab3eb0cc-60ac-4795-7ed8-08d7a9c641a5
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:06.8546
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 0EW5KoeeosH/k1BR6DLOAQsvTavmdy4EftZwPXdQpNj57EHilM/Ye0c8jUbzOuz1YZcVrsS8PPqD99lOFUB3Kg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: XWL4uPuM8dmCf7YmGMrOyVIMx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857329;
 bh=hwn5H0KeGKD9xXbWOV6wmwLUvi224ysKffbMHDpvgyI=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=g3DtgS1QvB57epDzL/dJIaWaUbwHTlyqi+wRDzCs1MIuBtgtChINywVAJwfF2loLUND
 rUgQ4Gl1LKwDeMWHvOfi0ZoGP0vNyshVYfUW7JOcRFKP0p731UGC1zZVg4hMfoi2kKHLm
 X9XWV6GtCeJ2KAKECExwlm/QABaFxmppvQo=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

VMGEXIT is a new instruction used for Hypervisor/Guest communication when
running as an SEV-ES guest. A VMGEXIT will cause an automatic exit (AE)
to occur, resulting in a #VMEXIT with an exit code value of 0x403.

Provide the necessary support to execute the VMGEXIT instruction, which
is "rep; vmmcall".

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 MdePkg/Library/BaseLib/BaseLib.inf       |  2 ++
 MdePkg/Include/Library/BaseLib.h         | 14 +++++++++
 MdePkg/Library/BaseLib/Ia32/GccInline.c  | 17 +++++++++++
 MdePkg/Library/BaseLib/X64/GccInline.c   | 17 +++++++++++
 MdePkg/Library/BaseLib/Ia32/VmgExit.nasm | 37 ++++++++++++++++++++++++
 MdePkg/Library/BaseLib/X64/VmgExit.nasm  | 32 ++++++++++++++++++++
 6 files changed, 119 insertions(+)
 create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExit.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/VmgExit.nasm

diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/Ba=
seLib.inf
index d7a1dd017e95..62a09197b8a8 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -153,6 +153,7 @@ [Sources.Ia32]
   Ia32/EnableCache.c | MSFT
   Ia32/DisableCache.c | MSFT
   Ia32/XGetBv.nasm | MSFT
+  Ia32/VmgExit.nasm | MSFT
=20
=20
   Ia32/GccInline.c | GCC
@@ -288,6 +289,7 @@ [Sources.X64]
   X64/ReadCr0.nasm| MSFT
   X64/ReadEflags.nasm| MSFT
   X64/XGetBv.nasm | MSFT
+  X64/VmgExit.nasm | MSFT
=20
=20
   X64/Non-existing.c
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/Base=
Lib.h
index d0cbb52ed8f9..99fff8af5a3c 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -7906,6 +7906,20 @@ AsmXGetBv (
   );
=20
=20
+/**
+  Executes a VMGEXIT instruction (VMMCALL with a REP prefix)
+
+  Executes a VMGEXIT instruction. This function is only available on IA-32=
 and
+  x64.
+
+**/
+VOID
+EFIAPI
+AsmVmgExit (
+  VOID
+  );
+
+
 /**
   Patch the immediate operand of an IA32 or X64 instruction such that the =
byte,
   word, dword or qword operand is encoded at the end of the instruction's
diff --git a/MdePkg/Library/BaseLib/Ia32/GccInline.c b/MdePkg/Library/BaseL=
ib/Ia32/GccInline.c
index 591f0bb0e097..ee8c62c79c93 100644
--- a/MdePkg/Library/BaseLib/Ia32/GccInline.c
+++ b/MdePkg/Library/BaseLib/Ia32/GccInline.c
@@ -1791,3 +1791,20 @@ AsmXGetBv (
 }
=20
=20
+/**
+  Executes a VMGEXIT instruction.
+
+  Executes a VMGEXIT instruction. This function is only available on IA-32=
 and
+  X64.
+
+**/
+VOID
+EFIAPI
+AsmVmgExit (
+  VOID
+  )
+{
+  __asm__ __volatile__ ("rep; vmmcall":::"memory");
+}
+
+
diff --git a/MdePkg/Library/BaseLib/X64/GccInline.c b/MdePkg/Library/BaseLi=
b/X64/GccInline.c
index 3eed1205adb2..277974eff9ee 100644
--- a/MdePkg/Library/BaseLib/X64/GccInline.c
+++ b/MdePkg/Library/BaseLib/X64/GccInline.c
@@ -1828,3 +1828,20 @@ AsmXGetBv (
 }
=20
=20
+/**
+  Executes a VMGEXIT instruction.
+
+  Executes a VMGEXIT instruction. This function is only available on IA-32=
 and
+  X64.
+
+**/
+VOID
+EFIAPI
+AsmVmgExit (
+  VOID
+  )
+{
+  __asm__ __volatile__ ("rep; vmmcall":::"memory");
+}
+
+
diff --git a/MdePkg/Library/BaseLib/Ia32/VmgExit.nasm b/MdePkg/Library/Base=
Lib/Ia32/VmgExit.nasm
new file mode 100644
index 000000000000..85e6260b4e2c
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ia32/VmgExit.nasm
@@ -0,0 +1,37 @@
+;-------------------------------------------------------------------------=
-----
+;
+; Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   VmgExit.Asm
+;
+; Abstract:
+;
+;   AsmVmgExit function
+;
+; Notes:
+;
+;-------------------------------------------------------------------------=
-----
+
+    SECTION .text
+
+;-------------------------------------------------------------------------=
-----
+; VOID
+; EFIAPI
+; AsmVmgExit (
+;   VOID
+;   );
+;-------------------------------------------------------------------------=
-----
+global ASM_PFX(AsmVmgExit)
+ASM_PFX(AsmVmgExit):
+;
+; NASM doesn't support the vmmcall instruction in 32-bit mode, so work aro=
und
+; this by temporarily switching to 64-bit mode.
+;
+BITS    64
+    rep     vmmcall
+BITS    32
+    ret
+
diff --git a/MdePkg/Library/BaseLib/X64/VmgExit.nasm b/MdePkg/Library/BaseL=
ib/X64/VmgExit.nasm
new file mode 100644
index 000000000000..400d0302c4a3
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X64/VmgExit.nasm
@@ -0,0 +1,32 @@
+;-------------------------------------------------------------------------=
-----
+;
+; Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+; Module Name:
+;
+;   VmgExit.Asm
+;
+; Abstract:
+;
+;   AsmVmgExit function
+;
+; Notes:
+;
+;-------------------------------------------------------------------------=
-----
+
+    DEFAULT REL
+    SECTION .text
+
+;-------------------------------------------------------------------------=
-----
+; VOID
+; EFIAPI
+; AsmVmgExit (
+;   VOID
+;   );
+;-------------------------------------------------------------------------=
-----
+global ASM_PFX(AsmVmgExit)
+ASM_PFX(AsmVmgExit):
+    rep     vmmcall
+    ret
+
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53753): https://edk2.groups.io/g/devel/message/53753
Mute This Topic: https://groups.io/mt/70984925/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53754+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857330687749.0906948569192;
 Tue, 4 Feb 2020 15:02:10 -0800 (PST)
Return-Path: <bounce+27952+53754+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 539nYY1788612xN4hxhiS80K;
 Tue, 04 Feb 2020 15:02:10 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.69])
 by mx.groups.io with SMTP id smtpd.web09.1687.1580857329476437021
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:09 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=jMxZlsWt1u1MX6MCSwZnTusUE0auxjfkkr5DNn/+L+SWFmANSb4yefZOK1kXn8dJxPF6mMsfJDIMhvwhqxxj8Kkk/8susdl9wMadWPTfzQzHsaiYAX6DOlhl0JkUNeHfmQ6Hetkh1+kGQvopwX1xAItkNMPum2BklvvUTQoN/N03BbAfMNrDDhC3tOaHJyoqjz9I9ZwJ1XiB1TCqJqNqjiw3HOzDNfD4Wnm3ixayYpTlu5+pl1DmfqqX423YChNbIgbrm4J3Hv5LipZk1sLwUPU6DvSq6l4bRNYppSLQFVgB+oi1mBAUwJ83ZesRwMOZ5akrPQt6WKFMCAFe2Nbq0Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=2S9g92J8Q7eoqvEAyEqmD1SQ4rO5Zqk901XPSBy2RiY=;
 b=a29PWOjs6leFCLO7tdROwA4HQAXQltA0p8XuoRazx+Uldc3KQyGlb2kFmAbYdILVtIJL1xkmOG7LzT0w737HNaTi5JqR3Tpbttf/5Y1Eks/oAfDihQGXHtxZm6unxmrBHE8M1ObygIaq0eaDnemg/36rA0oQnYFPI2JCYA7AuJhRjxIzYpMvr1t8buXXK5qrfIg7oxv5QFmyRusXiM05fjbjKgdt2fgLUwWqp7xCt86rMVsh0v5hJQtyB9bVUS9eDBuw/T8AcHw6hyMbQyV3xxGT1tB3k/WpjrYj6kEijdHDXXkp+8eiWY9wHGom9rxXgeBR0QMBMhmDTp8UBFDSdQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:08 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:08 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 07/40] UefiCpuPkg: Implement library support
 for VMGEXIT
Date: Tue,  4 Feb 2020 17:01:11 -0600
Message-Id: 
 <d5be9b362fc64e3095ca181cdfebf6bff7913ea0.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:07 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 1fcae116-637a-4655-6a8a-08d7a9c6424b
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930EA7CE84BB320CF7D64D8EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53754+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 tgOpdV/fqmO0BtIaNAMugXG4CXGTwjk7U0PcTG7oApayevv2ruVOsNs3xYyf6Ebnu+A5JKdg0uDDYj3lU02S9mcsWGqthucFmYWslTIdEjgyDRdHgPhGKu5hXz2u99l3qqLEOrBjGJf0Ju7vSWmnIhcd/D59TRfzaTl1upoYatK1pRQFo+jtslAm1WifhPIuEHLYi/5NdvYWtA/LZMaeUC9yyMvpfQCzkgChbTaTXmeruShwe9alXo7fXauphsAs5758kRgujhEglSt/utVj2M4hcD8BENYTsSwdAXcTcMUPILWBK8k1KCmgLmburZaCqOInuArWDpQ27M0mHAUNS/SvwZUzkIhk+8GZGSVYCkUsvAyCQc0LNTIJ+hFJ/FzftTWfw4pQqyku6vxdtDBroqDyS/VkapGU1lRV1mTwxLbnKDluZ+C+36kRNyShLXtyU8d6Kd6e/pnwEkLhUeyvs/KmXtNOFMf3E+3ljrcNHtMqDg3disn7oEQUKlEwYsoAgW/E5hTdYvHMjCp8pcf5Zg==
X-MS-Exchange-AntiSpam-MessageData: 
 sCJvddsOUY6LhODitZtN3+XiN2kjdgACUf0PdZAQnNiGNYJlYcqBW7/ncDaojL4DYZTLlnVT78Z0iSayEb6JFGl5IM47qkm2QTlxgaSE2GxtSGzzT8Xa9yw5flvW7+Goo8uwCoF7L1YDm6yKKBGqMw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 1fcae116-637a-4655-6a8a-08d7a9c6424b
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:07.9650
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 ZGgUFPRXploEjp0aF1KkMycl1WpQBCLMml2AQkHreqSM9pdHcnNpoP8cWRFoBeq+qM8eexPQSZY2hfHEKlJ4Hg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 1pYPp9c1ThvGpNXDi29MwObwx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857330;
 bh=6BmX6aWPNtLChKBrB4QZsxEl1BBTCuf/ursGcsk6cvM=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=EilObhF5jxOvDwdDdKjXNm1/MoINKWI5q0tdRvqGgVqp+ZVwjPUGGzjDbbrIUUKdoLp
 x2jURMVjq8RRl371L67WRSlD6THNcF1MsJd6ElSwTVZpn3iHrvA3E0xgkoh+YuXbwg+Th
 qSMKYqKI+SpeFbzDrKP9TbK1sWv3bE69wx8=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

To support issuing a VMGEXIT instruction, create a library that can be
used to perform GHCB and VMGEXIT related operations and to issue the
actual VMGEXIT instruction when using the GHCB.

Additionally, two VMGEXIT / MMIO related functions are created to support
flash emulation. Flash emulation currently is done by marking the flash
area as read-only and taking a nested page fault to perform the emulation
of the instruction. However, emulation cannot be performed because there
is no instruction decode assist support when SEV-ES is enabled. Provide
routines to initiate an MMIO request to perform actual writes to flash.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec                    |   3 +
 UefiCpuPkg/UefiCpuPkg.dsc                    |   5 +
 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf |  33 ++++
 UefiCpuPkg/Include/Library/VmgExitLib.h      | 111 +++++++++++
 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.c   | 187 +++++++++++++++++++
 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.uni |  15 ++
 6 files changed, 354 insertions(+)
 create mode 100644 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 create mode 100644 UefiCpuPkg/Include/Library/VmgExitLib.h
 create mode 100644 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.c
 create mode 100644 UefiCpuPkg/Library/VmgExitLib/VmgExitLib.uni

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 005703d8a3e7..893d2d06b0f2 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -53,6 +53,9 @@ [LibraryClasses.IA32, LibraryClasses.X64]
   ##
   MpInitLib|Include/Library/MpInitLib.h
=20
+  ##  @libraryclass  Provides function to support VMGEXIT processing.
+  VmgExitLib|Include/Library/VmgExitLib.h
+
 [Guids]
   gUefiCpuPkgTokenSpaceGuid      =3D { 0xac05bf33, 0x995a, 0x4ed4, { 0xaa,=
 0xb8, 0xef, 0x7a, 0xe8, 0xf, 0x5c, 0xb0 }}
   gMsegSmramGuid                 =3D { 0x5802bce4, 0xeeee, 0x4e33, { 0xa1,=
 0x30, 0xeb, 0xad, 0x27, 0xf0, 0xe4, 0x39 }}
diff --git a/UefiCpuPkg/UefiCpuPkg.dsc b/UefiCpuPkg/UefiCpuPkg.dsc
index d28cb5cccb52..5ab7e423e8ab 100644
--- a/UefiCpuPkg/UefiCpuPkg.dsc
+++ b/UefiCpuPkg/UefiCpuPkg.dsc
@@ -63,6 +63,7 @@ [LibraryClasses.common.SEC]
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
   PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/=
PeiServicesTablePointerLibIdt.inf
   MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc=
ationLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.PEIM]
   MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc=
ationLib.inf
@@ -74,6 +75,7 @@ [LibraryClasses.common.PEIM]
 [LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM]
   PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/=
PeiServicesTablePointerLibIdt.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.DXE_DRIVER]
   MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll=
ocationLib.inf
@@ -81,12 +83,14 @@ [LibraryClasses.common.DXE_DRIVER]
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
   RegisterCpuFeaturesLib|UefiCpuPkg/Library/RegisterCpuFeaturesLib/DxeRegi=
sterCpuFeaturesLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.DXE_SMM_DRIVER]
   SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableL=
ib.inf
   MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAlloc=
ationLib.inf
   HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.UEFI_APPLICATION]
   UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiA=
pplicationEntryPoint.inf
@@ -136,6 +140,7 @@ [Components.IA32, Components.X64]
   UefiCpuPkg/Library/SmmCpuPlatformHookLibNull/SmmCpuPlatformHookLibNull.i=
nf
   UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
   UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibStm.inf
+  UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationPei.inf
   UefiCpuPkg/PiSmmCommunication/PiSmmCommunicationSmm.inf
   UefiCpuPkg/SecCore/SecCore.inf
diff --git a/UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf b/UefiCpuPkg/Libr=
ary/VmgExitLib/VmgExitLib.inf
new file mode 100644
index 000000000000..6acfa779e75a
--- /dev/null
+++ b/UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
@@ -0,0 +1,33 @@
+## @file
+#  VMGEXIT Support Library.
+#
+#  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<B=
R>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    =3D 0x00010005
+  BASE_NAME                      =3D VmgExitLib
+  MODULE_UNI_FILE                =3D VmgExitLib.uni
+  FILE_GUID                      =3D 3cd7368f-ef9b-4a9b-9571-2ed93813677e
+  MODULE_TYPE                    =3D BASE
+  VERSION_STRING                 =3D 1.0
+  LIBRARY_CLASS                  =3D VmgExitLib
+
+#
+# The following information is for reference only and not required by the =
build tools.
+#
+#  VALID_ARCHITECTURES           =3D IA32 X64
+#
+
+[Sources]
+  VmgExitLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
+
+[LibraryClasses]
+  BaseLib
+
diff --git a/UefiCpuPkg/Include/Library/VmgExitLib.h b/UefiCpuPkg/Include/L=
ibrary/VmgExitLib.h
new file mode 100644
index 000000000000..602b213f1f63
--- /dev/null
+++ b/UefiCpuPkg/Include/Library/VmgExitLib.h
@@ -0,0 +1,111 @@
+/** @file
+  Public header file for the VMGEXIT Support library class.
+
+  This library class defines some routines used when invoking the VMGEXIT
+  instruction in support of SEV-ES.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __VMG_EXIT_LIB_H__
+#define __VMG_EXIT_LIB_H__
+
+#include <Register/Amd/Ghcb.h>
+
+
+/**
+  Perform VMGEXIT.
+
+  Sets the necessary fields of the GHCB, invokes the VMGEXIT instruction a=
nd
+  then handles the return actions.
+
+  @param[in]  GHCB       A pointer to the GHCB
+  @param[in]  ExitCode   VMGEXIT code to be assigned to the SwExitCode fie=
ld of
+                         the GHCB.
+  @param[in]  ExitInfo1  VMGEXIT information to be assigned to the SwExitI=
nfo1
+                         field of the GHCB.
+  @param[in]  ExitInfo2  VMGEXIT information to be assigned to the SwExitI=
nfo2
+                         field of the GHCB.
+
+  @retval  0       VMGEXIT succeeded.
+  @retval  Others  VMGEXIT processing did not succeed. Exception number to
+                   be issued.
+
+**/
+UINTN
+EFIAPI
+VmgExit (
+  GHCB                *Ghcb,
+  UINT64              ExitCode,
+  UINT64              ExitInfo1,
+  UINT64              ExitInfo2
+  );
+
+/**
+  Perform pre-VMGEXIT initialization/preparation.
+
+  Performs the necessary steps in preparation for invoking VMGEXIT.
+
+  @param[in]  GHCB       A pointer to the GHCB
+
+**/
+VOID
+EFIAPI
+VmgInit (
+  GHCB                *Ghcb
+  );
+
+/**
+  Perform post-VMGEXIT cleanup.
+
+  Performs the necessary steps to cleanup after invoking VMGEXIT.
+
+  @param[in]  GHCB       A pointer to the GHCB
+
+**/
+VOID
+EFIAPI
+VmgDone (
+  GHCB                *Ghcb
+  );
+
+#define VMGMMIO_READ   False
+#define VMGMMIO_WRITE  True
+
+/**
+  Perform MMIO write of a buffer to a non-MMIO marked range.
+
+  Performs an MMIO write without taking a #VC. This is useful
+  for Flash devices, which are marked read-only.
+
+  @param[in]  UINT8      A pointer to the destination buffer
+  @param[in]  UINTN      The immediate value to write
+  @param[in]  UINTN      Number of bytes to write
+
+**/
+VOID
+EFIAPI
+VmgMmioWrite (
+  UINT8               *Dest,
+  UINT8               *Src,
+  UINTN                Bytes
+  );
+
+/**
+  Issue the GHCB set AP Jump Table VMGEXIT.
+
+  Performs a VMGEXIT using the GHCB AP Jump Table exit code to save the
+  AP Jump Table address with the hypervisor for retrieval at a later time.
+
+  @param[in]  EFI_PHYSICAL_ADDRESS  Physical address of the AP Jump Table
+
+**/
+UINTN
+EFIAPI
+VmgExitSetAPJumpTable (
+  EFI_PHYSICAL_ADDRESS  Address
+  );
+
+#endif
diff --git a/UefiCpuPkg/Library/VmgExitLib/VmgExitLib.c b/UefiCpuPkg/Librar=
y/VmgExitLib/VmgExitLib.c
new file mode 100644
index 000000000000..4e7315a58202
--- /dev/null
+++ b/UefiCpuPkg/Library/VmgExitLib/VmgExitLib.c
@@ -0,0 +1,187 @@
+/** @file
+  VMGEXIT Support Library.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Uefi.h>
+#include <Library/BaseMemoryLib.h>
+#include <Register/Amd/Ghcb.h>
+#include <Register/Amd/Msr.h>
+
+STATIC
+UINT64
+VmgExitErrorCheck (
+  GHCB                *Ghcb
+  )
+{
+  GHCB_EVENT_INJECTION  Event;
+  GHCB_EXIT_INFO        ExitInfo;
+  UINT64                Status;
+
+  ExitInfo.Uint64 =3D Ghcb->SaveArea.SwExitInfo1;
+  ASSERT ((ExitInfo.Elements.Lower32Bits =3D=3D 0) ||
+          (ExitInfo.Elements.Lower32Bits =3D=3D 1));
+
+  Status =3D 0;
+  if (ExitInfo.Elements.Lower32Bits =3D=3D 0) {
+    return Status;
+  }
+
+  if (ExitInfo.Elements.Lower32Bits =3D=3D 1) {
+    ASSERT (Ghcb->SaveArea.SwExitInfo2 !=3D 0);
+
+    // Check that the return event is valid
+    Event.Uint64 =3D Ghcb->SaveArea.SwExitInfo2;
+    if (Event.Elements.Valid &&
+        Event.Elements.Type =3D=3D GHCB_EVENT_INJECTION_TYPE_EXCEPTION) {
+      switch (Event.Elements.Vector) {
+      case GP_EXCEPTION:
+      case UD_EXCEPTION:
+        // Use returned event as return code
+        Status =3D Event.Uint64;
+      }
+    }
+  }
+
+  if (Status =3D=3D 0) {
+    GHCB_EVENT_INJECTION  Event;
+
+    Event.Uint64 =3D 0;
+    Event.Elements.Vector =3D GP_EXCEPTION;
+    Event.Elements.Type   =3D GHCB_EVENT_INJECTION_TYPE_EXCEPTION;
+    Event.Elements.Valid  =3D 1;
+
+    Status =3D Event.Uint64;
+  }
+
+  return Status;
+}
+
+UINT64
+EFIAPI
+VmgExit (
+  GHCB                *Ghcb,
+  UINT64              ExitCode,
+  UINT64              ExitInfo1,
+  UINT64              ExitInfo2
+  )
+{
+  Ghcb->SaveArea.SwExitCode =3D ExitCode;
+  Ghcb->SaveArea.SwExitInfo1 =3D ExitInfo1;
+  Ghcb->SaveArea.SwExitInfo2 =3D ExitInfo2;
+
+  //
+  // Guest memory is used for the guest-hypervisor communication, so fence
+  // the invocation of the VMGEXIT instruction to ensure GHCB accesses are
+  // synchronized properly.
+  //
+  MemoryFence ();
+  AsmVmgExit ();
+  MemoryFence ();
+
+  return VmgExitErrorCheck (Ghcb);
+}
+
+VOID
+EFIAPI
+VmgInit (
+  GHCB                *Ghcb
+  )
+{
+  SetMem (&Ghcb->SaveArea, sizeof (Ghcb->SaveArea), 0);
+}
+
+VOID
+EFIAPI
+VmgDone (
+  GHCB                *Ghcb
+  )
+{
+}
+
+UINTN
+EFIAPI
+VmgMmio (
+  UINT8               *MmioAddress,
+  UINT8               *Buffer,
+  UINTN               Bytes,
+  BOOLEAN             Write
+  )
+{
+  UINT64                    MmioOp, ExitInfo1, ExitInfo2, Status;
+  GHCB                      *Ghcb;
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+
+  Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+  Ghcb =3D Msr.Ghcb;
+
+  VmgInit (Ghcb);
+
+  if (Write) {
+    MmioOp =3D SvmExitMmioWrite;
+  } else {
+    MmioOp =3D SvmExitMmioRead;
+  }
+
+  ExitInfo1 =3D (UINT64) (UINTN) MmioAddress;
+  ExitInfo2 =3D Bytes;
+
+  if (Write) {
+    CopyMem (Ghcb->SharedBuffer, Buffer, Bytes);
+  }
+
+  Ghcb->SaveArea.SwScratch =3D (UINT64) (UINTN) Ghcb->SharedBuffer;
+  Status =3D VmgExit (Ghcb, MmioOp, ExitInfo1, ExitInfo2);
+  if (Status !=3D 0) {
+    return Status;
+  }
+
+  if (!Write) {
+    CopyMem (Buffer, Ghcb->SharedBuffer, Bytes);
+  }
+
+  VmgDone (Ghcb);
+
+  return 0;
+}
+
+VOID
+EFIAPI
+VmgMmioWrite (
+  UINT8               *Dest,
+  UINT8               *Src,
+  UINTN                Bytes
+  )
+{
+  VmgMmio (Dest, Src, Bytes, TRUE);
+}
+
+UINTN
+EFIAPI
+VmgExitSetAPJumpTable (
+  EFI_PHYSICAL_ADDRESS  Address
+  )
+{
+  UINT64                    ExitInfo1, ExitInfo2, Status;
+  GHCB                      *Ghcb;
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+
+  Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+  Ghcb =3D Msr.Ghcb;
+
+  VmgInit (Ghcb);
+
+  ExitInfo1 =3D 0;
+  ExitInfo2 =3D (UINT64) (UINTN) Address;
+
+  Status =3D VmgExit (Ghcb, SvmExitApJumpTable, ExitInfo1, ExitInfo2);
+
+  VmgDone (Ghcb);
+
+  return Status;
+}
+
diff --git a/UefiCpuPkg/Library/VmgExitLib/VmgExitLib.uni b/UefiCpuPkg/Libr=
ary/VmgExitLib/VmgExitLib.uni
new file mode 100644
index 000000000000..e8656aae4726
--- /dev/null
+++ b/UefiCpuPkg/Library/VmgExitLib/VmgExitLib.uni
@@ -0,0 +1,15 @@
+// /** @file
+// VMGEXIT support library instance.
+//
+// VMGEXIT support library instance.
+//
+// Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<B=
R>
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "VMGEXIT Support L=
ibrary."
+
+#string STR_MODULE_DESCRIPTION          #language en-US "VMGEXIT Support L=
ibrary."
+
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53754): https://edk2.groups.io/g/devel/message/53754
Mute This Topic: https://groups.io/mt/70984926/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53755+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857332590410.7043321196833;
 Tue, 4 Feb 2020 15:02:12 -0800 (PST)
Return-Path: <bounce+27952+53755+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id ZZv3YY1788612xKkGA267cud;
 Tue, 04 Feb 2020 15:02:12 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.58])
 by mx.groups.io with SMTP id smtpd.web11.1658.1580857331216675910
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:11 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=HnkD81ZzHMQppwblSD+9im6h8KWC0zI/XF4k9AMcPLALABUcjGlGNEKx1MoZewgqaJuRNxNVDwVEYxqPEC8wYlBI+lI/XfRqYByqqIU9WLRhonUePrKJK8KNgxLsCn/XBRXhoiNgd4c4RuTx7aUKD/aT+Y5h6Tn0FIqfrMtT6Os6rJHnIvIvTPxzW8Fow2YEBSOVhhrigm4+lA5JfQE9WJHwp8S/OTrP4Bpry4UHssKoXvBVldXHLS6xuRHMC7lSA48B70So2fz9LPOpIe647Hrt3e7p0GTX9U3l6PwtSaT7gHmKP3zGNDnve3f9PubIUej6yvZsCLU2n3LddmNQgg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=VlKNk8XISNE0+kGfjnY5dpnhM2VN1+HF+zu/1w+l3H8=;
 b=eMU68UduuoAO0uyUn5j/2aetu+6AzdIMqI2p1TJNHgBrrraHVuhpFMsJP1vr+CZ/TvDzNet9G/ayw16xvLuzv5/68Y0nw5reLMCYZ53uP85xWxym6IrURmpOuevTDyPX63gmqu3f2SIX3dMKbxpxqMPG7HdaNXVR7hlA/eSeYGUbFHyzhsR2gqmEhmtGFNab9XmhXNy40SG6T9u2HcpdyPnDwSJomSOYXKW1c7dROH/+NMFT1dpifkqjFloUeHYBZdcTyMRjje/hItKqW3o+IP+nnxzldP56JPJVgLqoIUi1DziDqrvflcPhAz8bHLO6n1hkniITQH2BfZYfPZejXg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:09 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:09 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Maurice Ma <maurice.ma@intel.com>,
	Guo Dong <guo.dong@intel.com>,
	Benjamin You <benjamin.you@intel.com>
Subject: [edk2-devel] [PATCH v4 08/40] UefiCpuPkg/CpuExceptionHandler: Add
 base support for the #VC exception
Date: Tue,  4 Feb 2020 17:01:12 -0600
Message-Id: 
 <18638c9ee90a20f9758bf6072115e8c491dfb098.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:08 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 84c71f87-e94c-4e85-d6d7-08d7a9c64306
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39306EB9DD8B5D6ECF40B534EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53755+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 83/WGPSCjXCtywIxMYOdTf+Y3O4JUToEC5tQpNLop7kxBHkTxk3+g2MdkrB4WPgOHOE8KQQzrZoViKhlCzZ/4HDWOxm3D9ZBSeoBqruT0R3RdPY/YzmgURF/fZGuYAHRWc53J62g/wEjn4Qpqs9+x2w5pNLdHvSrUNSXe4T628iNAm/n3r54kedfsGFvUhkERQGMUmHmcPha8fKnKkeP/7SQzcn5H7eBKFD5GX09JqaY1LZXge/DNzkYSlOL5PcpnFV1gsadEWiScOr3LW4+pEd1Llxfl6yqRVEHdv2y3OlIvGfwmAFIhHZ8j/37I9Z+Bi4FNLnZYCflLmCwN9W7X8PgPwJ7IxgZJ/OEK1xSWp2Q30ic1JvPg3eGF/ZVtuHGjTeHu9kfSP/rzGrC+OaXbaZ3HvDNtu5fwF6m8a13mhqkMTTjD8v5j1D4dqJKjTPBqhPlChbgUeb2rF9uUi858vt9312UPbeAW/yTQjZTtZAW4RJIytOAVjzJzAggirnFPeuPG0ve5sOtlmEIknANQw==
X-MS-Exchange-AntiSpam-MessageData: 
 blOXpRXY007Z7yPDU8DChL2wd7OGhS/X7pc1rCYfV4ZeHBxUYee7jOA+rVbiY/gC6Hpf06e8hjK56141zOg83dZRcn21K82FAOnaTcTsm0G5xUG4RX/i/Iwwl+wXci2aE8yNx1NLARMb/37QDAL2lQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 84c71f87-e94c-4e85-d6d7-08d7a9c64306
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:09.2693
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 p72eU/Red2a54jhkZA6xvEoKdD8J6VKNoV4juCTmE3VEn1enJsedXeaM8Sgl51Ueixk1vxT25OrznygiLuKYjg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: pJvU2xur1OQpheX9wNlPXeoox1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857332;
 bh=UMU2BiGarFQiwHO0YfCggxFKxr8W1XgqSxSikWapIfA=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=E+sDl9AkK+nJuyTuc0IYoGP4bmE/nVKWUlhBIf92Gt2twpBmf+00qwwXIN7XZKowKqA
 tHGVVPOeGqDktl5wvM+cCkxicdh0MqWot3C3IbxjF/I/PHwAy23vJQYS+kCtubGryRERj
 Ids9HORH3alpDJeOcp1OGidX+XQrmJsZvoA=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Add base support to handle #VC exceptions.  This includes a stub routine
to invoke when a #VC exception occurs and special checks in the common
exception handlers to invoke the #VC exception handler routine.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Guo Dong <guo.dong@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/OvmfPkgIa32.dsc                       |  5 ++
 OvmfPkg/OvmfPkgIa32X64.dsc                    |  5 ++
 OvmfPkg/OvmfPkgX64.dsc                        |  5 ++
 UefiPayloadPkg/UefiPayloadPkgIa32.dsc         |  2 +
 UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc      |  2 +
 .../DxeCpuExceptionHandlerLib.inf             |  5 ++
 .../PeiCpuExceptionHandlerLib.inf             |  5 ++
 .../SecPeiCpuExceptionHandlerLib.inf          |  8 +++
 .../SmmCpuExceptionHandlerLib.inf             |  5 ++
 .../CpuExceptionHandlerLib/AMDSevVcCommon.h   | 26 +++++++++
 .../CpuExceptionCommon.h                      |  2 +
 .../CpuExceptionCommon.c                      |  2 +-
 .../Ia32/AMDSevVcCommon.c                     | 24 ++++++++
 .../PeiDxeAMDSevVcHandler.c                   | 29 ++++++++++
 .../PeiDxeSmmCpuException.c                   | 16 ++++++
 .../SecAMDSevVcHandler.c                      | 55 +++++++++++++++++++
 .../SecPeiCpuException.c                      | 16 ++++++
 .../X64/AMDSevVcCommon.c                      | 50 +++++++++++++++++
 18 files changed, 261 insertions(+), 1 deletion(-)
 create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/AMDSevVcCommo=
n.h
 create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/AMDSevVc=
Common.c
 create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeAMDSevV=
cHandler.c
 create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/SecAMDSevVcHa=
ndler.c
 create mode 100644 UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcC=
ommon.c

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 4568b78cadf1..41ec761e3f17 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -236,6 +236,7 @@ [LibraryClasses.common.SEC]
   PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/=
PeiServicesTablePointerLibIdt.inf
   MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc=
ationLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiC=
puExceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.PEI_CORE]
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
@@ -274,6 +275,7 @@ [LibraryClasses.common.PEIM]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib=
.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
   PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
@@ -299,6 +301,7 @@ [LibraryClasses.common.DXE_CORE]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
=20
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
@@ -349,6 +352,7 @@ [LibraryClasses.common.DXE_DRIVER]
   PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrin=
tScLib.inf
   QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 !if $(SMM_REQUIRE) =3D=3D TRUE
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
 !else
@@ -392,6 +396,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
   DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i=
nf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 152b5d067116..41cc3eec3757 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -241,6 +241,7 @@ [LibraryClasses.common.SEC]
   PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/=
PeiServicesTablePointerLibIdt.inf
   MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc=
ationLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiC=
puExceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.PEI_CORE]
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
@@ -279,6 +280,7 @@ [LibraryClasses.common.PEIM]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib=
.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
   PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
@@ -304,6 +306,7 @@ [LibraryClasses.common.DXE_CORE]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
=20
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
@@ -354,6 +357,7 @@ [LibraryClasses.common.DXE_DRIVER]
   PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrin=
tScLib.inf
   QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 !if $(SMM_REQUIRE) =3D=3D TRUE
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
 !else
@@ -397,6 +401,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
   DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i=
nf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf
 !endif
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 4bfad441bd9f..46a679a0073e 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -241,6 +241,7 @@ [LibraryClasses.common.SEC]
   PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/=
PeiServicesTablePointerLibIdt.inf
   MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc=
ationLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiC=
puExceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.PEI_CORE]
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
@@ -279,6 +280,7 @@ [LibraryClasses.common.PEIM]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib=
.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
   PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
@@ -304,6 +306,7 @@ [LibraryClasses.common.DXE_CORE]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
=20
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
@@ -354,6 +357,7 @@ [LibraryClasses.common.DXE_DRIVER]
   PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrin=
tScLib.inf
   QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 !if $(SMM_REQUIRE) =3D=3D TRUE
   LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
 !else
@@ -397,6 +401,7 @@ [LibraryClasses.common.DXE_SMM_DRIVER]
   DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.i=
nf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
 !if $(SOURCE_DEBUG_ENABLE) =3D=3D TRUE
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf
 !endif
diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32.dsc b/UefiPayloadPkg/UefiPay=
loadPkgIa32.dsc
index d52945442e0e..c2f7217c964e 100644
--- a/UefiPayloadPkg/UefiPayloadPkgIa32.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkgIa32.dsc
@@ -233,6 +233,7 @@ [LibraryClasses.common.DXE_CORE]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.DXE_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
@@ -244,6 +245,7 @@ [LibraryClasses.common.DXE_DRIVER]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
=20
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
diff --git a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc b/UefiPayloadPkg/Uefi=
PayloadPkgIa32X64.dsc
index 0736cd995476..b7cfeeff9b49 100644
--- a/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkgIa32X64.dsc
@@ -234,6 +234,7 @@ [LibraryClasses.common.DXE_CORE]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.DXE_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
@@ -245,6 +246,7 @@ [LibraryClasses.common.DXE_DRIVER]
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
 !endif
   CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuE=
xceptionHandlerLib.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
   MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
=20
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandl=
erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandle=
rLib.inf
index e41383573043..dc328e230de3 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.i=
nf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.i=
nf
@@ -26,17 +26,21 @@ [Sources.Ia32]
   Ia32/ExceptionTssEntryAsm.nasm
   Ia32/ArchExceptionHandler.c
   Ia32/ArchInterruptDefs.h
+  Ia32/AMDSevVcCommon.c
=20
 [Sources.X64]
   X64/ExceptionHandlerAsm.nasm
   X64/ArchExceptionHandler.c
   X64/ArchInterruptDefs.h
+  X64/AMDSevVcCommon.c
=20
 [Sources.common]
   CpuExceptionCommon.h
   CpuExceptionCommon.c
   PeiDxeSmmCpuException.c
   DxeException.c
+  PeiDxeAMDSevVcHandler.c
+  AMDSevVcCommon.h
=20
 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard
@@ -57,3 +61,4 @@ [LibraryClasses]
   PeCoffGetEntryPointLib
   MemoryAllocationLib
   DebugLib
+  VmgExitLib
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandl=
erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandle=
rLib.inf
index f31423ac0f91..37dbbdb35711 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.i=
nf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.i=
nf
@@ -26,17 +26,21 @@ [Sources.Ia32]
   Ia32/ExceptionTssEntryAsm.nasm
   Ia32/ArchExceptionHandler.c
   Ia32/ArchInterruptDefs.h
+  Ia32/AMDSevVcCommon.c
=20
 [Sources.X64]
   X64/ExceptionHandlerAsm.nasm
   X64/ArchExceptionHandler.c
   X64/ArchInterruptDefs.h
+  X64/AMDSevVcCommon.c
=20
 [Sources.common]
   CpuExceptionCommon.h
   CpuExceptionCommon.c
   PeiCpuException.c
   PeiDxeSmmCpuException.c
+  PeiDxeAMDSevVcHandler.c
+  AMDSevVcCommon.h
=20
 [Packages]
   MdePkg/MdePkg.dec
@@ -52,6 +56,7 @@ [LibraryClasses]
   HobLib
   MemoryAllocationLib
   SynchronizationLib
+  VmgExitLib
=20
 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard    # CONSUMES
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHa=
ndlerLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException=
HandlerLib.inf
index 6d25cafe2ca3..86f21abd9fd0 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLi=
b.inf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLi=
b.inf
@@ -26,16 +26,20 @@ [Sources.Ia32]
   Ia32/ExceptionTssEntryAsm.nasm
   Ia32/ArchExceptionHandler.c
   Ia32/ArchInterruptDefs.h
+  Ia32/AMDSevVcCommon.c
=20
 [Sources.X64]
   X64/ExceptionHandlerAsm.nasm
   X64/ArchExceptionHandler.c
   X64/ArchInterruptDefs.h
+  X64/AMDSevVcCommon.c
=20
 [Sources.common]
   CpuExceptionCommon.h
   CpuExceptionCommon.c
   SecPeiCpuException.c
+  SecAMDSevVcHandler.c
+  AMDSevVcCommon.h
=20
 [Packages]
   MdePkg/MdePkg.dec
@@ -48,3 +52,7 @@ [LibraryClasses]
   PrintLib
   LocalApicLib
   PeCoffGetEntryPointLib
+  VmgExitLib
+
+[Pcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandl=
erLib.inf b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandle=
rLib.inf
index 66c7f59e3c91..c84f964b5f89 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.i=
nf
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.i=
nf
@@ -26,17 +26,21 @@ [Sources.Ia32]
   Ia32/ExceptionTssEntryAsm.nasm
   Ia32/ArchExceptionHandler.c
   Ia32/ArchInterruptDefs.h
+  Ia32/AMDSevVcCommon.c
=20
 [Sources.X64]
   X64/ExceptionHandlerAsm.nasm
   X64/ArchExceptionHandler.c
   X64/ArchInterruptDefs.h
+  X64/AMDSevVcCommon.c
=20
 [Sources.common]
   CpuExceptionCommon.h
   CpuExceptionCommon.c
   PeiDxeSmmCpuException.c
   SmmException.c
+  PeiDxeAMDSevVcHandler.c
+  AMDSevVcCommon.h
=20
 [Packages]
   MdePkg/MdePkg.dec
@@ -51,4 +55,5 @@ [LibraryClasses]
   LocalApicLib
   PeCoffGetEntryPointLib
   DebugLib
+  VmgExitLib
=20
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/AMDSevVcCommon.h b/U=
efiCpuPkg/Library/CpuExceptionHandlerLib/AMDSevVcCommon.h
new file mode 100644
index 000000000000..c0a2ecd17d4c
--- /dev/null
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/AMDSevVcCommon.h
@@ -0,0 +1,26 @@
+/** @file
+  Common header file for SEV-ES #VC Exception Handler Support.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _AMD_SEV_VC_COMMON_H_
+#define _AMD_SEV_VC_COMMON_H_
+
+#include <Protocol/DebugSupport.h>
+#include <Register/Amd/Ghcb.h>
+
+UINTN
+DoVcException(
+  EFI_SYSTEM_CONTEXT  Context
+  );
+
+UINTN
+DoVcCommon(
+  GHCB                *Ghcb,
+  EFI_SYSTEM_CONTEXT  Context
+  );
+
+#endif
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h
index 805dd9cbb4ff..0f274e7ea328 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.h
@@ -24,6 +24,8 @@
 #define  CPU_INTERRUPT_NUM         256
 #define  HOOKAFTER_STUB_SIZE        16
=20
+#define  VC_EXCEPTION               29
+
 //
 // Exception Error Code of Page-Fault Exception
 //
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c
index 8adbd43fefb4..39e4dd9e9417 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/CpuExceptionCommon.c
@@ -14,7 +14,7 @@
 //
 // 1 means an error code will be pushed, otherwise 0
 //
-CONST UINT32 mErrorCodeFlag =3D 0x00227d00;
+CONST UINT32 mErrorCodeFlag =3D 0x20227d00;
=20
 //
 // Define the maximum message length
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/AMDSevVcCommon.=
c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/AMDSevVcCommon.c
new file mode 100644
index 000000000000..0b67ac69d7f4
--- /dev/null
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/Ia32/AMDSevVcCommon.c
@@ -0,0 +1,24 @@
+/** @file
+  IA32 SEV-ES #VC Exception Handler functons.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include "AMDSevVcCommon.h"
+
+UINTN
+DoVcCommon (
+  GHCB                *Ghcb,
+  EFI_SYSTEM_CONTEXT  Context
+  )
+{
+  EFI_SYSTEM_CONTEXT_IA32  *Regs =3D Context.SystemContextIa32;
+
+  Regs->ExceptionData =3D 0;
+
+  return GP_EXCEPTION;
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeAMDSevVcHandle=
r.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeAMDSevVcHandler.c
new file mode 100644
index 000000000000..9c86c01cac74
--- /dev/null
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeAMDSevVcHandler.c
@@ -0,0 +1,29 @@
+/** @file
+  PEI and DXE SEV-ES #VC Exception Handler functons.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Register/Amd/Msr.h>
+#include "CpuExceptionCommon.h"
+#include "AMDSevVcCommon.h"
+
+UINTN
+DoVcException (
+  EFI_SYSTEM_CONTEXT  Context
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+  GHCB                      *Ghcb;
+
+  Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+  ASSERT(Msr.GhcbInfo.Function =3D=3D 0);
+
+  Ghcb =3D Msr.Ghcb;
+
+  return DoVcCommon (Ghcb, Context);
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuExceptio=
n.c b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c
index 72c2aeca4c13..0c248e7eb904 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c
@@ -7,6 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
=20
 #include "CpuExceptionCommon.h"
+#include "AMDSevVcCommon.h"
 #include <Library/DebugLib.h>
=20
 /**
@@ -86,6 +87,21 @@ CommonExceptionHandlerWorker (
     break;
   }
=20
+  if (ExceptionType =3D=3D VC_EXCEPTION) {
+    UINTN  Status;
+    //
+    // #VC must be handled for an SEV-ES guest
+    //
+    Status =3D DoVcException(SystemContext);
+    if (Status) {
+      // Exception not handled - Status contains the desired exception now
+      ExceptionType =3D Status;
+    } else {
+      // Exception handled
+      return;
+    }
+  }
+
   if (ExternalInterruptHandler !=3D NULL &&
       ExternalInterruptHandler[ExceptionType] !=3D NULL) {
     (ExternalInterruptHandler[ExceptionType]) (ExceptionType, SystemContex=
t);
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecAMDSevVcHandler.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecAMDSevVcHandler.c
new file mode 100644
index 000000000000..ca8fc486be81
--- /dev/null
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecAMDSevVcHandler.c
@@ -0,0 +1,55 @@
+/** @file
+  SEC SEV-ES #VC Exception Handler functons.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Register/Amd/Msr.h>
+#include "CpuExceptionCommon.h"
+#include "AMDSevVcCommon.h"
+
+
+UINTN
+DoVcException(
+  EFI_SYSTEM_CONTEXT  Context
+  )
+{
+  MSR_SEV_ES_GHCB_REGISTER  Msr;
+  GHCB                      *Ghcb;
+
+  Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+  Ghcb =3D Msr.Ghcb;
+
+  if (Msr.GhcbInfo.Function !=3D 0) {
+    if (Msr.GhcbInfo.Function !=3D GHCB_INFO_SEV_INFO) {
+      ASSERT (0);
+      return GP_EXCEPTION;
+    }
+
+    if (Msr.GhcbProtocol.SevEsProtocolMin > Msr.GhcbProtocol.SevEsProtocol=
Max) {
+      ASSERT (0);
+      return GP_EXCEPTION;
+    }
+
+    if ((Msr.GhcbProtocol.SevEsProtocolMin > GHCB_VERSION_MAX) ||
+        (Msr.GhcbProtocol.SevEsProtocolMax < GHCB_VERSION_MIN)) {
+      ASSERT (0);
+      return GP_EXCEPTION;
+    }
+
+    Msr.GhcbPhysicalAddress =3D FixedPcdGet32 (PcdSecGhcbBase);
+    AsmWriteMsr64(MSR_SEV_ES_GHCB, Msr.GhcbPhysicalAddress);
+
+    Ghcb =3D Msr.Ghcb;
+    SetMem (Ghcb, sizeof (*Ghcb), 0);
+
+    /* Set the version to the maximum that can be supported */
+    Ghcb->ProtocolVersion =3D MIN (Msr.GhcbProtocol.SevEsProtocolMax, GHCB=
_VERSION_MAX);
+    Ghcb->GhcbUsage =3D GHCB_STANDARD_USAGE;
+  }
+
+  return DoVcCommon(Ghcb, Context);
+}
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
index 20148db74cf8..998a90ba61a6 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
@@ -8,6 +8,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 #include <PiPei.h>
 #include "CpuExceptionCommon.h"
+#include "AMDSevVcCommon.h"
=20
 CONST UINTN    mDoFarReturnFlag  =3D 0;
=20
@@ -24,6 +25,21 @@ CommonExceptionHandler (
   IN EFI_SYSTEM_CONTEXT   SystemContext
   )
 {
+  if (ExceptionType =3D=3D VC_EXCEPTION) {
+    UINTN  Status;
+    //
+    // #VC must be handled for an SEV-ES guest
+    //
+    Status =3D DoVcException(SystemContext);
+    if (Status) {
+      // Exception not handled - Status contains the desired exception now
+      ExceptionType =3D Status;
+    } else {
+      // Exception handled
+      return;
+    }
+  }
+
   //
   // Initialize the serial port before dumping.
   //
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
new file mode 100644
index 000000000000..cee5ce806473
--- /dev/null
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -0,0 +1,50 @@
+/** @file
+  X64 SEV-ES #VC Exception Handler functons.
+
+  Copyright (c) 2019, Advanced Micro Devices, Inc. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/VmgExitLib.h>
+#include "AMDSevVcCommon.h"
+
+UINTN
+DoVcCommon (
+  GHCB                *Ghcb,
+  EFI_SYSTEM_CONTEXT  Context
+  )
+{
+  EFI_SYSTEM_CONTEXT_X64   *Regs =3D Context.SystemContextX64;
+  UINT64                   Status;
+  UINTN                    ExitCode, VcRet;
+
+  VmgInit (Ghcb);
+
+  ExitCode =3D Regs->ExceptionData;
+  switch (ExitCode) {
+  default:
+    Status =3D VmgExit (Ghcb, SvmExitUnsupported, ExitCode, 0);
+    if (Status =3D=3D 0) {
+      Regs->ExceptionData =3D 0;
+      VcRet =3D GP_EXCEPTION;
+    } else {
+      GHCB_EVENT_INJECTION  Event;
+
+      Event.Uint64 =3D Status;
+      if (Event.Elements.ErrorCodeValid) {
+        Regs->ExceptionData =3D Event.Elements.ErrorCode;
+      } else {
+        Regs->ExceptionData =3D 0;
+      }
+
+      VcRet =3D Event.Elements.Vector;
+    }
+  }
+
+  VmgDone (Ghcb);
+
+  return VcRet;
+}
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53755): https://edk2.groups.io/g/devel/message/53755
Mute This Topic: https://groups.io/mt/70984928/1787277
Mute #vc: https://groups.io/mk?hashtag=3Dvc&subid=3D3901457
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53756+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 158085733295312.445185742795957;
 Tue, 4 Feb 2020 15:02:12 -0800 (PST)
Return-Path: <bounce+27952+53756+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id nWnqYY1788612xzfwZHug3H6;
 Tue, 04 Feb 2020 15:02:12 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1658.1580857331216675910
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:12 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=G98toPdChffHZGn4+Gh5kY49+UJzYC85vtqJkSSuP5kadAPPy6RHLFu1CYC6FbfAlORvtkBKMyezntnIYSxdx0uYtPN2feTG3B48XdpRgGB2PfYBxyfouqVAaMR8b4WOfypuuTy0TaQI7gF2oSQSAWy9cKmuQor/xSx7QD7RY1Vmd2AHjBADFJ6O6giJC+Vn24Vc59gMU5Ye8zhtADKFmU/PE2gAx7S9m6wVVG9lsNvpDwNRUQjNvYc45FhMfSN8KBS/Usk0MD26jyNBtuy3OFIGQ6pqxri+kBqB2Krm6Dsl4XhyJgcEUbNTcIn8YcmuqXkZtLOO69+ZUmAvGfzusw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=1N6NqX+J8daV0dX+59E6HCbQel+rhWUwzYNS1kx6hdc=;
 b=T9wecmlUm7pwgJPRc1PYxagQZVYUAcsEBu7zoyxmdDnqVTDw2laSJCZLkDbSs06CTQ3X4iHM7w+MsZr3YK6FMI6js6ZSnN7gDI/JTulTV77UJz0w8Ui6ikK7H057iRTrKeHjt93/3S7zntR/s7d0Bfr6Wp4R83O8mVOPNu4o3nVZv7607j/yGSGPaRC5gqYSL3lqTrrXcoruOnv0WK94OkU59JVcYT0EqGZsukTXqUbofRDDhJS0yX0MR02dqQG/0j0k+F4AeJK1U1QUUJXBwU+SwCPyz0UIvabw6UW3ovocjyDVpYvjGuZAXj/9bShEOPeqvHm0ylhKc/SB3ohB8g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:10 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:10 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 09/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for IOIO_PROT NAE events
Date: Tue,  4 Feb 2020 17:01:13 -0600
Message-Id: 
 <108809751af1a53b02822f556c0542532eb3fa50.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:09 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 4bb0915d-f580-4822-1843-08d7a9c643bb
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393021E69B39D53B9D8F0DEDEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:6790;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53756+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 Xj2/kF7rAbxK8Cov1FPXdrIwduymQpQFtgLUyy/rk1q/XPa96jxFC2uotAQgOHOpdhMvGJRS4+8GvgPIEEZdMsn1EUfGD6XOHLNRsmcJlrQN/8G+HoqKBKoV/fu6QiPvC7J0iUffUht2oSRT+tnl2NqIRlt8MBHIrliLL6s+25aTV22dPdB2pvnL7bJ2/T2MHYp/XJCHkPmvneG4DC8+YeRTerFZvDTjjzK0jQccE6Ob63frOv/7iYE10Hk4faEhNh7kGTu2R12qiUeQdLRpRrGrLcz5ZO9UmjS/6XBedWBPRjMlW1kN3MvQ3lQxee8KIx0UDLGT7wJk38LXKDNN/1G/6jU/1J1Lb3RKGNi9h5cc6v5QcqmON2mlwExmiQLue8lk1hJCvabx5RBn9RojtgsyhC1xsHJ2BpCOuwnuHIDK7QAOuJ1XrpQ/Z583XJ5sgko+Zf+dYJE6MVDK3XVdR4JaCHXfFHbonyvcvI6xW6H/Ge6OTDyUUD1r2F1X4nu9dC59xwm4B3CJFs2Br6Jllg==
X-MS-Exchange-AntiSpam-MessageData: 
 b5ejw858Rd7zxi57qAifCV7OmMCbw6HpwQhV6SrvLDBipyeCfClWgexDXSht3WWUWtagDlhmknd/G+UpQWxB49KK1zy/9SrE4USj0Bdt4R92IkVuMHvbp2Q4WZjKAviNfrt5vBBFzHSvMbmeMA8x+g==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 4bb0915d-f580-4822-1843-08d7a9c643bb
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:10.3436
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 OMjSiyn2Jzww7uMvUJKZjmnpJDA0YHHGY3vJmmHGD9WIQ/LjHWHlSn2dS6HDxirtlSoPGvKMlEjKyuA6QVSgLQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: EnuVti01muiL2e3aHCl8zEb9x1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857332;
 bh=QD+ivE1FRfWBuwbVMg8UmJXN+1dk/ws7x3hPWLD3eI0=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=U7j6Jru3upN1ziMxfeRD1GExIiw3n7sM3iOPby9Q1P9/+HV2tsHaJr162gDrP6Jpq1S
 3SIvBVEsQ+wkyJje2tSy79Ax43eT/mMgtna1WmPkrB813G3GemdiqnKbgOsGw9yOn++Le
 BHkXgPAWJZ0LqDigvUq7ddIOcNnKFw3M+D8=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a IOIO_PROT intercept generates a #VC exception. VMGEXIT
must be used to allow the hypervisor to handle this intercept.

Add support to construct the required GHCB values to support a IOIO_PROT
NAE event.  Parse the instruction that generated the #VC exception,
setting the required register values in the GHCB and creating the proper
SW_EXITINFO1 value in the GHCB.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 463 +++++++++++++++++-
 1 file changed, 449 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index cee5ce806473..48eb5c2358ed 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -11,6 +11,431 @@
 #include <Library/VmgExitLib.h>
 #include "AMDSevVcCommon.h"
=20
+typedef enum {
+  LongMode64Bit        =3D 0,
+  LongModeCompat32Bit,
+  LongModeCompat16Bit,
+} SEV_ES_INSTRUCTION_MODE;
+
+typedef enum {
+  Size8Bits            =3D 0,
+  Size16Bits,
+  Size32Bits,
+  Size64Bits,
+} SEV_ES_INSTRUCTION_SIZE;
+
+typedef enum {
+  SegmentEs            =3D 0,
+  SegmentCs,
+  SegmentSs,
+  SegmentDs,
+  SegmentFs,
+  SegmentGs,
+} SEV_ES_INSTRUCTION_SEGMENT;
+
+typedef enum {
+  RepNone              =3D 0,
+  RepZ,
+  RepNZ,
+} SEV_ES_INSTRUCTION_REP;
+
+typedef union {
+  struct {
+    UINT8  B:1;
+    UINT8  X:1;
+    UINT8  R:1;
+    UINT8  W:1;
+    UINT8  REX:4;
+  } Bits;
+
+  UINT8  Uint8;
+} SEV_ES_INSTRUCTION_REX_PREFIX;
+
+typedef union {
+  struct {
+    UINT8  Rm:3;
+    UINT8  Reg:3;
+    UINT8  Mod:2;
+  } Bits;
+
+  UINT8  Uint8;
+} SEV_ES_INSTRUCTION_MODRM;
+
+typedef union {
+  struct {
+    UINT8  Base:3;
+    UINT8  Index:3;
+    UINT8  Scale:2;
+  } Bits;
+
+  UINT8  Uint8;
+} SEV_ES_INSTRUCTION_SIB;
+
+typedef struct {
+  struct {
+    UINT8  Rm;
+    UINT8  Reg;
+    UINT8  Mod;
+  } ModRm;
+
+  struct {
+    UINT8  Base;
+    UINT8  Index;
+    UINT8  Scale;
+  } Sib;
+
+  UINTN  RegData;
+  UINTN  RmData;
+} SEV_ES_INSTRUCTION_OPCODE_EXT;
+
+typedef struct {
+  GHCB                           *Ghcb;
+
+  SEV_ES_INSTRUCTION_MODE        Mode;
+  SEV_ES_INSTRUCTION_SIZE        DataSize;
+  SEV_ES_INSTRUCTION_SIZE        AddrSize;
+  BOOLEAN                        SegmentSpecified;
+  SEV_ES_INSTRUCTION_SEGMENT     Segment;
+  SEV_ES_INSTRUCTION_REP         RepMode;
+
+  UINT8                          *Begin;
+  UINT8                          *End;
+
+  UINT8                          *Prefixes;
+  UINT8                          *OpCodes;
+  UINT8                          *Displacement;
+  UINT8                          *Immediate;
+
+  SEV_ES_INSTRUCTION_REX_PREFIX  RexPrefix;
+
+  BOOLEAN                        ModRmPresent;
+  SEV_ES_INSTRUCTION_MODRM       ModRm;
+
+  BOOLEAN                        SibPresent;
+  SEV_ES_INSTRUCTION_SIB         Sib;
+
+  UINT8                          PrefixSize;
+  UINT8                          OpCodeSize;
+  UINT8                          DisplacementSize;
+  UINT8                          ImmediateSize;
+
+  SEV_ES_INSTRUCTION_OPCODE_EXT  Ext;
+} SEV_ES_INSTRUCTION_DATA;
+
+typedef
+UINT64
+(*NAE_EXIT) (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  );
+
+
+STATIC
+BOOLEAN
+GhcbIsRegValid (
+  GHCB                *Ghcb,
+  GHCB_REGISTER       Reg
+  )
+{
+  UINT32  RegIndex =3D Reg / 8;
+  UINT32  RegBit   =3D Reg & 0x07;
+
+  return (Ghcb->SaveArea.ValidBitmap[RegIndex] & (1 << RegBit));
+}
+
+STATIC
+VOID
+GhcbSetRegValid (
+  GHCB                *Ghcb,
+  GHCB_REGISTER       Reg
+  )
+{
+  UINT32  RegIndex =3D Reg / 8;
+  UINT32  RegBit   =3D Reg & 0x07;
+
+  Ghcb->SaveArea.ValidBitmap[RegIndex] |=3D (1 << RegBit);
+}
+
+STATIC
+VOID
+DecodePrefixes (
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  SEV_ES_INSTRUCTION_MODE  Mode;
+  SEV_ES_INSTRUCTION_SIZE  ModeDataSize;
+  SEV_ES_INSTRUCTION_SIZE  ModeAddrSize;
+  UINT8                    *Byte;
+
+  /*TODO: Determine current mode - 64-bit for now */
+  Mode =3D LongMode64Bit;
+  ModeDataSize =3D Size32Bits;
+  ModeAddrSize =3D Size64Bits;
+
+  InstructionData->Mode =3D Mode;
+  InstructionData->DataSize =3D ModeDataSize;
+  InstructionData->AddrSize =3D ModeAddrSize;
+
+  InstructionData->Prefixes =3D InstructionData->Begin;
+
+  Byte =3D InstructionData->Prefixes;
+  for ( ; ; Byte++, InstructionData->PrefixSize++) {
+    switch (*Byte) {
+    case 0x26:
+    case 0x2E:
+    case 0x36:
+    case 0x3E:
+      if (Mode !=3D LongMode64Bit) {
+        InstructionData->SegmentSpecified =3D TRUE;
+        InstructionData->Segment =3D (*Byte >> 3) & 3;
+      }
+      break;
+
+    case 0x40 ... 0x4F:
+      InstructionData->RexPrefix.Uint8 =3D *Byte;
+      if (*Byte & 0x08)
+        InstructionData->DataSize =3D Size64Bits;
+      break;
+
+    case 0x64:
+      InstructionData->SegmentSpecified =3D TRUE;
+      InstructionData->Segment =3D *Byte & 7;
+      break;
+
+    case 0x66:
+      if (!InstructionData->RexPrefix.Uint8) {
+        InstructionData->DataSize =3D
+          (Mode =3D=3D LongMode64Bit)       ? Size16Bits :
+          (Mode =3D=3D LongModeCompat32Bit) ? Size16Bits :
+          (Mode =3D=3D LongModeCompat16Bit) ? Size32Bits : 0;
+      }
+      break;
+
+    case 0x67:
+      InstructionData->AddrSize =3D
+        (Mode =3D=3D LongMode64Bit)       ? Size32Bits :
+        (Mode =3D=3D LongModeCompat32Bit) ? Size16Bits :
+        (Mode =3D=3D LongModeCompat16Bit) ? Size32Bits : 0;
+      break;
+
+    case 0xF0:
+      break;
+
+    case 0xF2:
+      InstructionData->RepMode =3D RepZ;
+      break;
+
+    case 0xF3:
+      InstructionData->RepMode =3D RepNZ;
+      break;
+
+    default:
+      InstructionData->OpCodes =3D Byte;
+      InstructionData->OpCodeSize =3D (*Byte =3D=3D 0x0F) ? 2 : 1;
+
+      InstructionData->End =3D Byte + InstructionData->OpCodeSize;
+      InstructionData->Displacement =3D InstructionData->End;
+      InstructionData->Immediate =3D InstructionData->End;
+      return;
+    }
+  }
+}
+
+UINT64
+InstructionLength (
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  return (UINT64) (InstructionData->End - InstructionData->Begin);
+}
+
+STATIC
+VOID
+InitInstructionData (
+  SEV_ES_INSTRUCTION_DATA  *InstructionData,
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs
+  )
+{
+  SetMem (InstructionData, sizeof (*InstructionData), 0);
+  InstructionData->Ghcb =3D Ghcb;
+  InstructionData->Begin =3D (UINT8 *) Regs->Rip;
+  InstructionData->End =3D (UINT8 *) Regs->Rip;
+
+  DecodePrefixes (Regs, InstructionData);
+}
+
+STATIC
+UINT64
+UnsupportedExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  Status =3D VmgExit (Ghcb, SvmExitUnsupported, Regs->ExceptionData, 0);
+  if (Status =3D=3D 0) {
+    GHCB_EVENT_INJECTION  Event;
+
+    Event.Uint64 =3D 0;
+    Event.Elements.Vector =3D GP_EXCEPTION;
+    Event.Elements.Type   =3D GHCB_EVENT_INJECTION_TYPE_EXCEPTION;
+    Event.Elements.Valid  =3D 1;
+
+    Status =3D Event.Uint64;
+  }
+
+  return Status;
+}
+
+#define IOIO_TYPE_STR  (1 << 2)
+#define IOIO_TYPE_IN   1
+#define IOIO_TYPE_INS  (IOIO_TYPE_IN | IOIO_TYPE_STR)
+#define IOIO_TYPE_OUT  0
+#define IOIO_TYPE_OUTS (IOIO_TYPE_OUT | IOIO_TYPE_STR)
+
+#define IOIO_REP       (1 << 3)
+
+#define IOIO_ADDR_64   (1 << 9)
+#define IOIO_ADDR_32   (1 << 8)
+#define IOIO_ADDR_16   (1 << 7)
+
+#define IOIO_DATA_32   (1 << 6)
+#define IOIO_DATA_16   (1 << 5)
+#define IOIO_DATA_8    (1 << 4)
+
+#define IOIO_SEG_ES    (0 << 10)
+#define IOIO_SEG_DS    (3 << 10)
+
+STATIC
+UINT64
+IoioExitInfo (
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  ExitInfo =3D 0;
+
+  switch (*(InstructionData->OpCodes)) {
+  // IN immediate opcodes
+  case 0xE4:
+  case 0xE5:
+    InstructionData->ImmediateSize =3D 1;
+    InstructionData->End++;
+    ExitInfo |=3D IOIO_TYPE_IN;
+    ExitInfo |=3D ((*(InstructionData->OpCodes + 1)) << 16);
+    break;
+
+  // OUT immediate opcodes
+  case 0xE6:
+  case 0xE7:
+    InstructionData->ImmediateSize =3D 1;
+    InstructionData->End++;
+    ExitInfo |=3D IOIO_TYPE_OUT;
+    ExitInfo |=3D ((*(InstructionData->OpCodes + 1)) << 16) | IOIO_TYPE_OU=
T;
+    break;
+
+  // IN register opcodes
+  case 0xEC:
+  case 0xED:
+    ExitInfo |=3D IOIO_TYPE_IN;
+    ExitInfo |=3D ((Regs->Rdx & 0xffff) << 16);
+    break;
+
+  // OUT register opcodes
+  case 0xEE:
+  case 0xEF:
+    ExitInfo |=3D IOIO_TYPE_OUT;
+    ExitInfo |=3D ((Regs->Rdx & 0xffff) << 16);
+    break;
+
+  default:
+    return 0;
+  }
+
+  switch (*(InstructionData->OpCodes)) {
+  case 0xE4:
+  case 0xE6:
+  case 0xEC:
+  case 0xEE:
+    // Single-byte opcodes
+    ExitInfo |=3D IOIO_DATA_8;
+    break;
+
+  default:
+    // Length determined by instruction parsing
+    ExitInfo |=3D (InstructionData->DataSize =3D=3D Size16Bits) ? IOIO_DAT=
A_16
+                                                          : IOIO_DATA_32;
+  }
+
+  switch (InstructionData->AddrSize) {
+  case Size16Bits:
+    ExitInfo |=3D IOIO_ADDR_16;
+    break;
+
+  case Size32Bits:
+    ExitInfo |=3D IOIO_ADDR_32;
+    break;
+
+  case Size64Bits:
+    ExitInfo |=3D IOIO_ADDR_64;
+    break;
+
+  default:
+    break;
+  }
+
+  if (InstructionData->RepMode) {
+    ExitInfo |=3D IOIO_REP;
+  }
+
+  return ExitInfo;
+}
+
+STATIC
+UINT64
+IoioExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  ExitInfo1, Status;
+
+  ExitInfo1 =3D IoioExitInfo (Regs, InstructionData);
+  if (!ExitInfo1) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+
+  if (!(ExitInfo1 & IOIO_TYPE_IN)) {
+    Ghcb->SaveArea.Rax =3D Regs->Rax;
+    GhcbSetRegValid (Ghcb, GhcbRax);
+  }
+
+  //FIXME: This is likely needed for the merging cases (size<32 bits)
+  //       Pass in zero and perform merge here (only for non-string)
+  Ghcb->SaveArea.Rax =3D Regs->Rax;
+  GhcbSetRegValid (Ghcb, GhcbRax);
+
+  Status =3D VmgExit (Ghcb, SvmExitIoioProt, ExitInfo1, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (ExitInfo1 & IOIO_TYPE_IN) {
+    if (!GhcbIsRegValid (Ghcb, GhcbRax)) {
+      return UnsupportedExit (Ghcb, Regs, InstructionData);
+    }
+    Regs->Rax =3D Ghcb->SaveArea.Rax;
+  }
+
+  return 0;
+}
+
 UINTN
 DoVcCommon (
   GHCB                *Ghcb,
@@ -18,6 +443,8 @@ DoVcCommon (
   )
 {
   EFI_SYSTEM_CONTEXT_X64   *Regs =3D Context.SystemContextX64;
+  SEV_ES_INSTRUCTION_DATA  InstructionData;
+  NAE_EXIT                 NaeExit;
   UINT64                   Status;
   UINTN                    ExitCode, VcRet;
=20
@@ -25,23 +452,31 @@ DoVcCommon (
=20
   ExitCode =3D Regs->ExceptionData;
   switch (ExitCode) {
+  case SvmExitIoioProt:
+    NaeExit =3D IoioExit;
+    break;
+
   default:
-    Status =3D VmgExit (Ghcb, SvmExitUnsupported, ExitCode, 0);
-    if (Status =3D=3D 0) {
-      Regs->ExceptionData =3D 0;
-      VcRet =3D GP_EXCEPTION;
+    NaeExit =3D UnsupportedExit;
+  }
+
+  InitInstructionData (&InstructionData, Ghcb, Regs);
+
+  Status =3D NaeExit (Ghcb, Regs, &InstructionData);
+  if (Status =3D=3D 0) {
+    Regs->Rip +=3D InstructionLength(&InstructionData);
+    VcRet =3D 0;
+  } else {
+    GHCB_EVENT_INJECTION  Event;
+
+    Event.Uint64 =3D Status;
+    if (Event.Elements.ErrorCodeValid) {
+      Regs->ExceptionData =3D Event.Elements.ErrorCode;
     } else {
-      GHCB_EVENT_INJECTION  Event;
-
-      Event.Uint64 =3D Status;
-      if (Event.Elements.ErrorCodeValid) {
-        Regs->ExceptionData =3D Event.Elements.ErrorCode;
-      } else {
-        Regs->ExceptionData =3D 0;
-      }
-
-      VcRet =3D Event.Elements.Vector;
+      Regs->ExceptionData =3D 0;
     }
+
+    VcRet =3D Event.Elements.Vector;
   }
=20
   VmgDone (Ghcb);
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53756): https://edk2.groups.io/g/devel/message/53756
Mute This Topic: https://groups.io/mt/70984930/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53757+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857334028784.8984963345804;
 Tue, 4 Feb 2020 15:02:14 -0800 (PST)
Return-Path: <bounce+27952+53757+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id II0dYY1788612xu0oEa6ZfHj;
 Tue, 04 Feb 2020 15:02:13 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.74])
 by mx.groups.io with SMTP id smtpd.web12.1639.1580857332959241939
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:13 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Ua8PxTes1CmlxVLCQRzKG+SBLeaTpX10G0FgiRBTHAgkJTyhp3FgP80l+unRbttxGmFVfF769z59YQA3Gg4lbjwBA7lNa5Q7bnWmT8KdqX7X8Ef73WFn8WHfUOUrMrhvLyOMVkgCBhycvIlXEp2QVAVVEEAzxd+ESX4Nmw4FBePV8/EelgdC/DPifDfOCvBDtaAk6SzNS42fMoPweEegAlGta03vRVPeNNuMi7bg5Rp9oYVBXFGteWMT1OcGmUFuKb616vgW0xgQ5pDpcq4dQML2okdx/BzG0SAKNjOb3wVwYsvKclCziRvP3l2YSdw0PIXSvWRtWy97aTkOdUHGHQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=uzzJ+NhxH1F8dICxlgldhHTtj0jLCpO97baZU/QqGHY=;
 b=CdM7kOpMW5Qpe3DkIwMEkSqp/SOXDeLMRyD0QhD2a8VK3wvrQyWe/OyCKj5kkXXzqoGoYEq5Hf6/1UprqcxGAUV1c01r1eO0vjuZ4uhT2sJ9qdxlpAFJ5WzyaDMC4NLjGYE0hCa0jSIQijUvDdJd5qXdsI/lIlcxG4Rrq2g6jM1AIn2VA+Pon6EY4ZIsNXwJozhRONoocChAAamQwxygIFsTAUp6h6dl/GOXlc+t1s5T55aRhnW+CulcSY6OxCgsebXCmx/1ZWA08zn5z498Dfh/SRR05tZqM/mRM8v0Hq9HNqLOi1deYXG/51tBJnefoxt3zkD/67eUoBJoDsE3Fw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:11 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:11 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 10/40] UefiCpuPkg/CpuExceptionHandler: Support
 string IO for IOIO_PROT NAE events
Date: Tue,  4 Feb 2020 17:01:14 -0600
Message-Id: 
 <ca5ccd0aaa07fce3083fc4fc7d5cc5ef8cb41cf6.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:10 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: da9f31f2-9f77-4f7d-15dc-08d7a9c64459
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930ADA37D7902282AB4FC12EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53757+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 ajaPsPiVCOCV0DBwDAmUwDNbe5nEDWtFtah5USLXeVgvwE52AITlfZbZOrfypDYytIQdgXwPhhvPy8/x/3KaD84IoMNCF6hROkev4ZIUbsQjekIgjT5DSMdyXnPlUob9w/HF2gihRvbZ4Ahkq1K4KMUDM4UXsqlEw8xW5i3WC2c5tD73QS+6/93YMGjf7DPlI4keTnqJWwvadFQpLaCr7RvbCVlioC/S8bIk9JFd8IyCtWLoQBKiTjaj1HbjxMVHJbizMMqOukr3u3w6JO/fNVEzKczaaIlLuYVa66JAWNLQgox7qW3FAGwX3QbMokV03hWWzfKzG1KyTRQL3KA5Eg/V2ZxEKxtco+QEXufs69CF1Uhi5j2PDmqdxmp0PC2RqR3BUAJhlb0IPKNTxnPEbbWDCvwRUISOOt2EBqdk78rdeeWmkcp0kQmuvuT4xTaJEFiAD3niHVZmAKoAdphrqoRBKWXl0+mJKQr3Orl33/lHOfTXZzIUSTlhoNraZi8Fpqug2ASyctpMiBhqUfxkkQ==
X-MS-Exchange-AntiSpam-MessageData: 
 ISlX2h8OBvcs51FmITEqhSCyRLP9TJ0eyld8VJBbGyfxzN/ky30ZccOEplHka/PeBVdXwN+e0Rgsd0m647UUky9Au756ww7ulzxCe9kubvSHsvXS2RK6hQunfVkZkpY3j4JpxkvT8sJLSWJqbfJSEw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 da9f31f2-9f77-4f7d-15dc-08d7a9c64459
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:11.3820
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 rp3ElMO1AFBcuf8OZ6Xv6bZ00uiNvgDmSF6INeK6ZdryobXzVXy4U1zMXocuvT13ryiKJr7Uvfl7HuWHyoYgEA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 8ttg00qZmn9YcjlIJKA1RNzIx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857333;
 bh=9V9F06rDLXNtESZZ7Gxk59olQLVdy1NG1yEWfQsuxBs=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=oT1xr7iU2bQYth5FsNluvez8dvmRecUopkfWza3xDhPLBtq1uuSdK1cfadn/FCCYePk
 VuabNsul5THcixSRWWfPNREiuGsbutK7a+TXsZ7sXbrrVm4TOWgpDlZ6xrgi4Nqqh+Alz
 Cf3i7qAKXIuJQ1JB4+2d7ATk8tZxTArSWt4=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Add support to the #VC exception handler to handle string IO. This
requires expanding the IO instruction parsing to recognize string based
IO instructions as well as preparing an un-encrypted buffer to be used
to transfer (either to or from the guest) the string contents for the IO
operation. The SW_EXITINFO2 and SW_SCRATCH fields of the GHCB are set
appropriately for the operation. Multiple VMGEXIT invocations may be
needed to complete the string IO operation.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 78 ++++++++++++++++---
 1 file changed, 68 insertions(+), 10 deletions(-)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 48eb5c2358ed..49609c5ef22f 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -321,6 +321,22 @@ IoioExitInfo (
   UINT64  ExitInfo =3D 0;
=20
   switch (*(InstructionData->OpCodes)) {
+  // INS opcodes
+  case 0x6C:
+  case 0x6D:
+    ExitInfo |=3D IOIO_TYPE_INS;
+    ExitInfo |=3D IOIO_SEG_ES;
+    ExitInfo |=3D ((Regs->Rdx & 0xffff) << 16);
+    break;
+
+  // OUTS opcodes
+  case 0x6E:
+  case 0x6F:
+    ExitInfo |=3D IOIO_TYPE_OUTS;
+    ExitInfo |=3D IOIO_SEG_DS;
+    ExitInfo |=3D ((Regs->Rdx & 0xffff) << 16);
+    break;
+
   // IN immediate opcodes
   case 0xE4:
   case 0xE5:
@@ -358,6 +374,8 @@ IoioExitInfo (
   }
=20
   switch (*(InstructionData->OpCodes)) {
+  case 0x6C:
+  case 0x6E:
   case 0xE4:
   case 0xE6:
   case 0xEC:
@@ -404,7 +422,8 @@ IoioExit (
   SEV_ES_INSTRUCTION_DATA  *InstructionData
   )
 {
-  UINT64  ExitInfo1, Status;
+  UINT64   ExitInfo1, ExitInfo2, Status;
+  BOOLEAN  String;
=20
   ExitInfo1 =3D IoioExitInfo (Regs, InstructionData);
   if (!ExitInfo1) {
@@ -421,16 +440,55 @@ IoioExit (
   Ghcb->SaveArea.Rax =3D Regs->Rax;
   GhcbSetRegValid (Ghcb, GhcbRax);
=20
-  Status =3D VmgExit (Ghcb, SvmExitIoioProt, ExitInfo1, 0);
-  if (Status) {
-    return Status;
-  }
-
-  if (ExitInfo1 & IOIO_TYPE_IN) {
-    if (!GhcbIsRegValid (Ghcb, GhcbRax)) {
-      return UnsupportedExit (Ghcb, Regs, InstructionData);
+  String =3D (ExitInfo1 & IOIO_TYPE_STR) ? TRUE : FALSE;
+  if (String) {
+    UINTN  IoBytes, VmgExitBytes;
+    UINTN  GhcbCount, OpCount;
+
+    Status =3D 0;
+
+    IoBytes =3D (ExitInfo1 >> 4) & 0x7;
+    GhcbCount =3D sizeof (Ghcb->SharedBuffer) / IoBytes;
+
+    OpCount =3D (ExitInfo1 & IOIO_REP) ? Regs->Rcx : 1;
+    while (OpCount) {
+      ExitInfo2 =3D MIN (OpCount, GhcbCount);
+      VmgExitBytes =3D ExitInfo2 * IoBytes;
+
+      if (!(ExitInfo1 & IOIO_TYPE_IN)) {
+        CopyMem (Ghcb->SharedBuffer, (VOID *) Regs->Rsi, VmgExitBytes);
+        Regs->Rsi +=3D VmgExitBytes;
+      }
+
+      Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer;
+      Status =3D VmgExit (Ghcb, SvmExitIoioProt, ExitInfo1, ExitInfo2);
+      if (Status) {
+        return Status;
+      }
+
+      if (ExitInfo1 & IOIO_TYPE_IN) {
+        CopyMem ((VOID *) Regs->Rdi, Ghcb->SharedBuffer, VmgExitBytes);
+        Regs->Rdi +=3D VmgExitBytes;
+      }
+
+      if (ExitInfo1 & IOIO_REP) {
+        Regs->Rcx -=3D ExitInfo2;
+      }
+
+      OpCount -=3D ExitInfo2;
+    }
+  } else {
+    Status =3D VmgExit (Ghcb, SvmExitIoioProt, ExitInfo1, 0);
+    if (Status) {
+      return Status;
+    }
+
+    if (ExitInfo1 & IOIO_TYPE_IN) {
+      if (!GhcbIsRegValid (Ghcb, GhcbRax)) {
+        return UnsupportedExit (Ghcb, Regs, InstructionData);
+      }
+      Regs->Rax =3D Ghcb->SaveArea.Rax;
     }
-    Regs->Rax =3D Ghcb->SaveArea.Rax;
   }
=20
   return 0;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53757): https://edk2.groups.io/g/devel/message/53757
Mute This Topic: https://groups.io/mt/70984931/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53758+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857336658165.85303776869057;
 Tue, 4 Feb 2020 15:02:16 -0800 (PST)
Return-Path: <bounce+27952+53758+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id jGguYY1788612xrewRsvMJTL;
 Tue, 04 Feb 2020 15:02:16 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.62])
 by mx.groups.io with SMTP id smtpd.web12.1641.1580857335440137478
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:15 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=K/n+mMNfVVV+ypfil20M6MJBB1CFsDVa/Hzs/Ncw+Nb1EV3cj2LyvOlZCv5MqaYWGoNY6Fad8EzcG0dfb7VO/TMm68txKZ/UJt3qsK9SAmNcbtRN7ORjwZnVp+c6VG33NRAKErGneCpRakWQjJ7IRFM4+IfWcaFxNt32oJKSQxLULaVpRjjgHFgp61e9VN0Gvq2DZVR1/eVD21DpZqAoJTBZUWTtmqyA6JzN+JiD/ha+x1ehoTvOaWW7hcMTC6E05eDWG0IhLRXELsGdlk2hqG46X/VW/YyorOaTDViOhFIJbywuCLzvqFYt9Kw7p0RoBsTiRmFLOIDYNPb4eGlZ4A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=e4sCynUDNTguoOsRaoHBwYCnHnkjbuRAknq4q2jM3jo=;
 b=DSHThlacqk8LnrApMtYi1YPx1rr6PfZo047F44GXqmiL3TYS54fwQfG1rmebYJyqkQaUMrLZs2a+bG8MYj7iTwySKaWHt+kNPoRofgYvgJYJhOZKUHc9W/8GjRwZhLLl3jtjUmsHH1RjDugAdLID3TQWcte/ufX1ZJH0ojEl2cXoH83M/I0uASd9EloLVhv31vYi7aTdsIn8mmh7oP7csGFShem8K/xgGyf1svdmGICz9dJvtIIeQ0eWNXkUaa7AHdxyaoGvnXa19E6ZpTsDFt3nddjBAbgGb6IhMD1Npjaa86IW54v2Op1vBwZGBTeAxCNyfTXWBjX0lkb2Y7oz6g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:12 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:12 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 11/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for CPUID NAE events
Date: Tue,  4 Feb 2020 17:01:15 -0600
Message-Id: 
 <61424c7a4070ebef96d4853dcae61864dcd4a3e0.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:11 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: ecdf3262-e5f8-401f-39cf-08d7a9c64500
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393076A06775E303EC2B54C9EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:6108;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53758+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 T4PcZdIIJxLmsjzJmV2Ns28piZ+9ebNUtQnHg/9NH00zhZGnmEbBdFHPMn4pTGo3HgE6YxnG+Qym+ZtZienSfcolEEk9qk6W2tTI+v+RNNI2UIsA+AR4Pb4mM/yRQLyfW2F9LmVk8guc9G4Swu8UFu3NcE9t0avhzKI7cLM1vT1qBe4O/TvRccH2a3RNneNQz2joTh+cSM5Yt5l3ix9+ZO2SlbtUZ9J8Vi0/Wa69HE3aLz7UegZhpPJNpqW7lnSIjmMFF508nZExwHpnGIzkoGw2N2N3mwXu+h10OAJ5C7HHlTQL8GzdZBG5DSLpeBZpHMTygcrGEsa5wx6t72yAPb/62lR/Wze67U8o/6luBdDrypugEykNVbG8ia7tWjE9pVco0mxpvNBT4GQdOT3uYhCvE9hj6VqimphL/63F0WayV4VwgOIp6YrW6enE8OWsuVyFMrDsHOVxkPMspZLUmxL0wXiNSUv4eMRgPQ2YPiSNw/r8+BH9TgxWGYUBAVg1rfdCBmXLWK3av7/4CJBFqQ==
X-MS-Exchange-AntiSpam-MessageData: 
 g6K1YJQ0/6NQNkr2gycXtOe1X5r68xupb7bF4H9TWMp7u8ai4iwXAWbH6PQeD/4CGdflUEG0P/xpxVhfNzLyUi/bhycG3BwH1PwxnZWu7SDWLRrNBTATGIatMUbIOHJHM4Ji7SIWqa7x8IqiJQsFRA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ecdf3262-e5f8-401f-39cf-08d7a9c64500
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:12.4924
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 5qbJyQjUMEx/eYvilZpwxKpum8NU8f88WTsfkbV3MI1qGDyiPxonqddZIU1EoazRDjVKi/uF9727m7Qm3LR1Yw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: GoQmp5hG6bmjIowuz70C4U3kx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857336;
 bh=qyr/ZFsQcOgTpWPGIiqKxHGdp+FXKzQWM3fGG2SUCPQ=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=hSuvIV6a5Wig3o7yDGzJsP/zKQqr7U3ZgHPdl+xolhKWHIA4m6i8rvlZcQQO9SCR0zD
 aim9AZC4OLwZVIh/TOw+74Cv1vDMDeXwx3S18r9vHjPMnnwo+Hjv6DpL0KMO7B2/EOMul
 h6YQyXmPCa2Gdg+26G400Aj5dhA37EOE2kU=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a CPUID intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Add support to construct the required GHCB values to support a CPUID NAE
event. Additionally, CPUID 0x0000_000d requires XCR0 to be supplied in
the GHCB, so add support to issue the XGETBV instruction.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 44 +++++++++++++++++++
 1 file changed, 44 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 49609c5ef22f..90541c9a0390 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -11,6 +11,8 @@
 #include <Library/VmgExitLib.h>
 #include "AMDSevVcCommon.h"
=20
+#define CR4_OSXSAVE (1 << 18)
+
 typedef enum {
   LongMode64Bit        =3D 0,
   LongModeCompat32Bit,
@@ -494,6 +496,44 @@ IoioExit (
   return 0;
 }
=20
+STATIC
+UINT64
+CpuidExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  Ghcb->SaveArea.Rax =3D Regs->Rax;
+  GhcbSetRegValid (Ghcb, GhcbRax);
+  Ghcb->SaveArea.Rcx =3D Regs->Rcx;
+  GhcbSetRegValid (Ghcb, GhcbRcx);
+  if (Regs->Rax =3D=3D 0x0000000d) {
+    Ghcb->SaveArea.XCr0 =3D (AsmReadCr4 () & CR4_OSXSAVE) ? AsmXGetBv (0) =
: 1;
+    GhcbSetRegValid (Ghcb, GhcbXCr0);
+  }
+
+  Status =3D VmgExit (Ghcb, SvmExitCpuid, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (!GhcbIsRegValid (Ghcb, GhcbRax) ||
+      !GhcbIsRegValid (Ghcb, GhcbRbx) ||
+      !GhcbIsRegValid (Ghcb, GhcbRcx) ||
+      !GhcbIsRegValid (Ghcb, GhcbRdx)) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+  Regs->Rax =3D Ghcb->SaveArea.Rax;
+  Regs->Rbx =3D Ghcb->SaveArea.Rbx;
+  Regs->Rcx =3D Ghcb->SaveArea.Rcx;
+  Regs->Rdx =3D Ghcb->SaveArea.Rdx;
+
+  return 0;
+}
+
 UINTN
 DoVcCommon (
   GHCB                *Ghcb,
@@ -510,6 +550,10 @@ DoVcCommon (
=20
   ExitCode =3D Regs->ExceptionData;
   switch (ExitCode) {
+  case SvmExitCpuid:
+    NaeExit =3D CpuidExit;
+    break;
+
   case SvmExitIoioProt:
     NaeExit =3D IoioExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53758): https://edk2.groups.io/g/devel/message/53758
Mute This Topic: https://groups.io/mt/70984933/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53759+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857337718622.2144641766473;
 Tue, 4 Feb 2020 15:02:17 -0800 (PST)
Return-Path: <bounce+27952+53759+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id miVjYY1788612xWvVscGSsfN;
 Tue, 04 Feb 2020 15:02:17 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web12.1641.1580857335440137478
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:16 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=AUszV/HQxiVvPJ+VF7aGZQbTbGL8PAbj70nMgohI73fOYAcLDtwKsTXsfYwqY22lAUdVqfKSnbUK27RPrKVXBmW4TYHOco/qkJD1xYjgP2CQJJ4/mcAuUa5K5c/Dc20ua3MtEi3lgPmw/EEMthIqG6wmOqwIVBHeyccngGJU+svhezXM3Sn0jand1r49/ctLhGGHSbhCh8MwJ0I92h3MwUgq16i1NJIZZSHmS0+mku/EL3qAu56tKWUkHtVriBalvMyQa95QKXG8TiQHXbbBZVusmR0E2WeIYBDTaYL7cRyhUTebZuuwsAIY13tu2iqjKAYS98REgXTrC3RpiTFRTQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=BlItfbnAD+qmh/knIKdLvBKWk4/nhXnkMgRfWebBevI=;
 b=JP2T+PLylghPPlQ90loP9kolSIkT5UeotKpdWmOtSlE6jlonQzTejQuQ3E85NK+Ei6WbCNRAuLAZDmVgLuQktRWmFjXEug4PwWKyT7dbu+JbeBUr5DZjCT/ARC5mJ6RywWQcql1dxAItKW0wkYCwlKrSXNmQXSN3mnPQKh2qFhPCe7xhF86XM2d4bafBf/1cnbhGmXhRKXEiIzpbnTFtE3mZEhzjLptToRshQ7PRUkiczOkohx+ZOa53H6Zx/cz2XOM1Xo9J+5oAXAb4OWkOQzQEG80m2IIB5s2cdJVcym/zuXvjK8S3QChKAaY40qqOCrgXuJ39uVWxZn63DMMqiA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:14 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:14 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 12/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for MSR_PROT NAE events
Date: Tue,  4 Feb 2020 17:01:16 -0600
Message-Id: 
 <b70b08b850e5e70594fa29537fd63d60784be4e5.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:12 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 1bbd7beb-744b-4663-9246-08d7a9c645a1
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930D7335F1B604612C00F81EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:6790;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53759+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 B8eLU3Bl2ohQtudfswH72huAR7E0OTQaaDhUFLCZ8QCX5HITX0TgrbKxqEe44nSe2NoeG5E3+5YSi6nhUK6YpS/rhisZKuEW0qRWl5XhN9fXhuFsXT+xi1+UZfnfX+zBL+hUG4aePed2iuVUKHCA7TX55l+Bg2FfiPfyCTiE2mHC8RA0xf3Z5PjTXQc4AMD02NX8taVJEkHbucpEElMBQxeGdPWacdvHL+5o8IyjPPdWaFpCXdWBd/21JCWrbuKaPLTkaBkedbe83z67/vMGofKvvwC2dOWNSNrwet2bsIqZRVEdxV/SVJNVLlVgGoCcpOzMfW+3CggfGZ6vF3DV9dk7S3WAHQ/mh9OY1Efr0vgyOkcqL6hR3jRSJohxsRbq0MtrKff45cckj2kitE/l5QPUjn9IWROCgUXt1RY1pDaOxJh24lATXIaXnlsDu8nP82zY0C4+Ghy3sUtLJ2ivSwkNWS8qkutEWIIn64j3fD0YsBcxlnpxGppBjQGzXXnUgxT9nWjMl3JQ3WRsAawMQA==
X-MS-Exchange-AntiSpam-MessageData: 
 vcYYyKL6hGVyJszvqQjsX1ne20AeA7Vmjh/WxP2oZCPQSuzGIMwwoEobwNZXtOGMBzujxAM73yIefZ5ic8Ka1+mbrTxl4ezlkkyAiBKZwfs07TFG4zy66sU/0KFVjnqd300tyo3gKFxetxvNZRriYw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 1bbd7beb-744b-4663-9246-08d7a9c645a1
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:13.5258
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 HNQhGBo0nC8Z87GY0rcrfbNkdIKgr0hNY2bdTv9k7pIIPfG0LmM79yYbY+O9FSZxUA+ox5Jxh2/3YNxb5c5P/A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: A6SWK38Za4thrtcys7K48jLpx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857337;
 bh=0RMwahZnlZauW8XWmZju7xRARkkv+8FEJh2N/Nmwd3A=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=aPYDLcodxgq/Fh1K40GSKs7q5k/DNYOGBd8cYTSej0rS/PQ7lGkNI4Ojz6F5drmeF48
 IYWB9E1ze/GECI+T1yAWB1Au0nwC9NY6gK3Ze/PGNDm1O3hSt5Idb9v0s1Sc/qif6lsEF
 +SPt0FKak5w+bbxo7pujepxzAyq6xsDe5pU=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a MSR_PROT intercept generates a #VC exception. VMGEXIT must
be used to allow the hypervisor to handle this intercept.

Add support to construct the required GHCB values to support an MSR_PROT
NAE event. Parse the instruction that generated the #VC exception to
determine whether it is RDMSR or WRMSR, setting the required register
register values in the GHCB and creating the proper SW_EXIT_INFO1 value in
the GHCB.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 49 +++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 90541c9a0390..25bcc34218d7 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -294,6 +294,51 @@ UnsupportedExit (
   return Status;
 }
=20
+STATIC
+UINT64
+MsrExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  ExitInfo1, Status;
+
+  ExitInfo1 =3D 0;
+
+  switch (*(InstructionData->OpCodes + 1)) {
+  case 0x30: // WRMSR
+    ExitInfo1 =3D 1;
+    Ghcb->SaveArea.Rax =3D Regs->Rax;
+    GhcbSetRegValid (Ghcb, GhcbRax);
+    Ghcb->SaveArea.Rdx =3D Regs->Rdx;
+    GhcbSetRegValid (Ghcb, GhcbRdx);
+    /* Fallthrough */
+  case 0x32: // RDMSR
+    Ghcb->SaveArea.Rcx =3D Regs->Rcx;
+    GhcbSetRegValid (Ghcb, GhcbRcx);
+    break;
+  default:
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+
+  Status =3D VmgExit (Ghcb, SvmExitMsr, ExitInfo1, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (!ExitInfo1) {
+    if (!GhcbIsRegValid (Ghcb, GhcbRax) ||
+        !GhcbIsRegValid (Ghcb, GhcbRdx)) {
+      return UnsupportedExit (Ghcb, Regs, InstructionData);
+    }
+    Regs->Rax =3D Ghcb->SaveArea.Rax;
+    Regs->Rdx =3D Ghcb->SaveArea.Rdx;
+  }
+
+  return 0;
+}
+
 #define IOIO_TYPE_STR  (1 << 2)
 #define IOIO_TYPE_IN   1
 #define IOIO_TYPE_INS  (IOIO_TYPE_IN | IOIO_TYPE_STR)
@@ -558,6 +603,10 @@ DoVcCommon (
     NaeExit =3D IoioExit;
     break;
=20
+  case SvmExitMsr:
+    NaeExit =3D MsrExit;
+    break;
+
   default:
     NaeExit =3D UnsupportedExit;
   }
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53759): https://edk2.groups.io/g/devel/message/53759
Mute This Topic: https://groups.io/mt/70984934/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53760+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857339105350.40340988460594;
 Tue, 4 Feb 2020 15:02:19 -0800 (PST)
Return-Path: <bounce+27952+53760+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id UHgHYY1788612xraZIvlDbQt;
 Tue, 04 Feb 2020 15:02:18 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.52])
 by mx.groups.io with SMTP id smtpd.web09.1692.1580857338005546073
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:18 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=dcgpiCROFiJSE1cfjAck2HsuXoA/9SUi3sCocb6JwId+gcRx3anZB+jEg339MGAqsD0BwVyCPX0CixVEVvSi6enx78empfJ05PPjuyD7PwS8vzSXo2ekpnlFocoyGW3pKsqZ4PDBjektdWsKChrpeBt+5Z/safwsJJ/AN+XcGwaw/dfu3SYXhazwXqpV7X6nL+QDIPQUqlbvQj3+1XjW3oK0RLutrahRldXpvnu6RY9nnRPPaNLeI/kbGOASOdZhIwOqTz/9xX8gL29jdie+rWqh67SinJNRywqm31v/RvoPdUi9SDJzDMLIaAWOOeDGg7Lb/7S5UeN/fZiz/AHBkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=bRwJ+VzOYLoqshdx7mV97MZOmkwc78Mv6FHJ5LAs7do=;
 b=M+i5eNkYy+aVx9L9DphmhhhusGObuU8mvzE+1H/jT93Yc7LfNwQJFNgw467xmHQJiYYSjVZU5oD4j4Kyy6HMcXn0kfyk0JWSlkjiXQFBC07FRHuYvsVovS2wUs3pYQ/TyhF8EszgGlT62amhYXRkgAT7xCRjMhlj7DEWKFbmpXQBppXx2mO9dq8gvKn+NsIhY1pAW+zrcEvyjW3dr8yrxiMhysId6qjLG+EPG9buxbAMzxBs6FutK+SKyWo+hjz3uo3VSPkj6+ZCjoyHcag7yWyDflCqz6Q3qTsaNutV4/KaU4loKkC1raLAu3kEUKdgSAHJKijqCaEz2smJ3h2FZw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:15 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:15 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 13/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for NPF NAE events (MMIO)
Date: Tue,  4 Feb 2020 17:01:17 -0600
Message-Id: 
 <76cf9430278f4be37048eae0ad2bc7f1011f156f.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:13 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: c100c819-039a-497f-8267-08d7a9c64645
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39305D27FA252B398EE2A60FEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7219;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53760+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 lZSdh+ZUrjUPjc4ENnSqEbguffb5bTH4Lc69tI2ULFrdJf9mUHs1LhMebdvZZ2EfMRvi7MSN7vgLjwJWkl+sO9saJmkuuQzNIQ/Sm6afrKZM2LWHJ+8jDUVSzbrdvmhCTFI3gF0GOCDwJg7EuEZK4Lgad6z99hgIo7Go+slI/u8+nV7jl02Ja7fKIEf/R2p5fQgP9JOnzKYb8NOTM351UxVhHCJkfzXZ/47ZbxypoX1N0gn+38NLH6gjsHD39JQJihjOR+OL2GFZ564PBUkSy6+BfA+RuSFp0y2umF+T2judVXeA7veujoiN6X76303h/IxXNBtFh9pdKbSpKOEPFGM3dH60CKU4EGS3BDFVf28J+eOXdzJc2Dk8qN76HH5QhpECQntsY2yei1w+3QqcDLQIAzdQQkhC72BXCucVoiB2+WAhfmFvBLY/v0VehBsSAhtYc/Xi3OuvmAflNyEuuuR/Pp5tA4XKXkRpHfmZMwZxm9zRHdPDvhcZFnFqd7z2yzAyErE5wlJqy/W1beX+DQ==
X-MS-Exchange-AntiSpam-MessageData: 
 TG06Uvg5Sgcb0KlNAeNmjsp2Y4VDYLhywZt7xUlF3Mit5lMqOfdYGSpamtT1PfcEDGS0IWXEPxYrUTRBWNOrjLq4UuE0rNpmSf0McBb/wL9vcKOrTJPJSeYhFXvM+w3leHvUrXLVLMb7uTMsswNQjA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 c100c819-039a-497f-8267-08d7a9c64645
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:14.7011
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 dzxyQbEeGoPaHkkNXXmnluICnPtx9IOLcxPWGmZgviMeTCElpr8IyebMBq2U+fnRDtVoAPcWjUZKYR29mUkpFA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: FE0NSSvYBvZlKIHCkcqQoPyzx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857338;
 bh=+0zFOMuFroTh71RUHoEWthZBEL6z2Etkwbea33qAUME=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=QY74Cln+JkIj0sThsSVn6j85hlAhvpOrcgMvuPeHa8ha0wUWjKoPMRlBIhFepp7Yb1/
 xXmjH3Crk1cVDOYaMc+SysQRH3exzpeGpgu/ZbAGv/MmPLt0gBULtal5sE9rxOKrdHJ9x
 BjNF2GdB7Pag+uKTQifCnGOxPbE5yGWMniQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a NPF intercept for an NPT entry with a reserved bit set
generates a #VC exception. This condition is assumed to be an MMIO access.
VMGEXIT must be used to allow the hypervisor to handle this intercept.

Add support to construct the required GHCB values to support a NPF NAE
event for MMIO.  Parse the instruction that generated the #VC exception,
setting the required register values in the GHCB and creating the proper
SW_EXIT_INFO1, SW_EXITINFO2 and SW_SCRATCH values in the GHCB.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 305 +++++++++++++++++-
 1 file changed, 303 insertions(+), 2 deletions(-)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 25bcc34218d7..c68aeb5d2c10 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -86,8 +86,8 @@ typedef struct {
     UINT8  Scale;
   } Sib;
=20
-  UINTN  RegData;
-  UINTN  RmData;
+  INTN  RegData;
+  INTN  RmData;
 } SEV_ES_INSTRUCTION_OPCODE_EXT;
=20
 typedef struct {
@@ -159,6 +159,198 @@ GhcbSetRegValid (
   Ghcb->SaveArea.ValidBitmap[RegIndex] |=3D (1 << RegBit);
 }
=20
+STATIC
+INT64 *
+GetRegisterPointer (
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  UINT8                    Register
+  )
+{
+  UINT64 *Reg;
+
+  switch (Register) {
+  case 0:
+    Reg =3D &Regs->Rax;
+    break;
+  case 1:
+    Reg =3D &Regs->Rcx;
+    break;
+  case 2:
+    Reg =3D &Regs->Rdx;
+    break;
+  case 3:
+    Reg =3D &Regs->Rbx;
+    break;
+  case 4:
+    Reg =3D &Regs->Rsp;
+    break;
+  case 5:
+    Reg =3D &Regs->Rbp;
+    break;
+  case 6:
+    Reg =3D &Regs->Rsi;
+    break;
+  case 7:
+    Reg =3D &Regs->Rdi;
+    break;
+  case 8:
+    Reg =3D &Regs->R8;
+    break;
+  case 9:
+    Reg =3D &Regs->R9;
+    break;
+  case 10:
+    Reg =3D &Regs->R10;
+    break;
+  case 11:
+    Reg =3D &Regs->R11;
+    break;
+  case 12:
+    Reg =3D &Regs->R12;
+    break;
+  case 13:
+    Reg =3D &Regs->R13;
+    break;
+  case 14:
+    Reg =3D &Regs->R14;
+    break;
+  case 15:
+    Reg =3D &Regs->R15;
+    break;
+  default:
+    Reg =3D NULL;
+  }
+  ASSERT (Reg !=3D NULL);
+
+  return (INT64 *) Reg;
+}
+
+STATIC
+VOID
+UpdateForDisplacement (
+  SEV_ES_INSTRUCTION_DATA  *InstructionData,
+  UINTN                    Size
+  )
+{
+  InstructionData->DisplacementSize =3D Size;
+  InstructionData->Immediate +=3D Size;
+  InstructionData->End +=3D Size;
+}
+
+STATIC
+BOOLEAN
+IsRipRelative (
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  SEV_ES_INSTRUCTION_OPCODE_EXT  *Ext =3D &InstructionData->Ext;
+
+  return ((InstructionData =3D=3D LongMode64Bit) &&
+          (Ext->ModRm.Mod =3D=3D 0) &&
+          (Ext->ModRm.Rm =3D=3D 5)  &&
+          (InstructionData->SibPresent =3D=3D FALSE));
+}
+
+STATIC
+UINTN
+GetEffectiveMemoryAddress (
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  SEV_ES_INSTRUCTION_OPCODE_EXT  *Ext =3D &InstructionData->Ext;
+  INTN                           EffectiveAddress =3D 0;
+
+  if (IsRipRelative (InstructionData)) {
+    /* RIP-relative displacement is a 32-bit signed value */
+    INT32 RipRelative =3D *(INT32 *) InstructionData->Displacement;
+
+    UpdateForDisplacement (InstructionData, 4);
+    return (UINTN) ((INTN) Regs->Rip + RipRelative);
+  }
+
+  switch (Ext->ModRm.Mod) {
+  case 1:
+    UpdateForDisplacement (InstructionData, 1);
+    EffectiveAddress +=3D (INT8) (*(INT8 *) (InstructionData->Displacement=
));
+    break;
+  case 2:
+    switch (InstructionData->AddrSize) {
+    case Size16Bits:
+      UpdateForDisplacement (InstructionData, 2);
+      EffectiveAddress +=3D (INT16) (*(INT16 *) (InstructionData->Displace=
ment));
+      break;
+    default:
+      UpdateForDisplacement (InstructionData, 4);
+      EffectiveAddress +=3D (INT32) (*(INT32 *) (InstructionData->Displace=
ment));
+      break;
+    }
+    break;
+  }
+
+  if (InstructionData->SibPresent) {
+    if (Ext->Sib.Index !=3D 4) {
+      EffectiveAddress +=3D (*GetRegisterPointer (Regs, Ext->Sib.Index) <<=
 Ext->Sib.Scale);
+    }
+
+    if ((Ext->Sib.Base !=3D 5) || Ext->ModRm.Mod) {
+      EffectiveAddress +=3D *GetRegisterPointer (Regs, Ext->Sib.Base);
+    } else {
+      UpdateForDisplacement (InstructionData, 4);
+      EffectiveAddress +=3D (INT32) (*(INT32 *) (InstructionData->Displace=
ment));
+    }
+  } else {
+    EffectiveAddress +=3D *GetRegisterPointer (Regs, Ext->ModRm.Rm);
+  }
+
+  return (UINTN) EffectiveAddress;
+}
+
+STATIC
+VOID
+DecodeModRm (
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  SEV_ES_INSTRUCTION_REX_PREFIX  *RexPrefix =3D &InstructionData->RexPrefi=
x;
+  SEV_ES_INSTRUCTION_OPCODE_EXT  *Ext =3D &InstructionData->Ext;
+  SEV_ES_INSTRUCTION_MODRM       *ModRm =3D &InstructionData->ModRm;
+  SEV_ES_INSTRUCTION_SIB         *Sib =3D &InstructionData->Sib;
+
+  InstructionData->ModRmPresent =3D TRUE;
+  ModRm->Uint8 =3D *(InstructionData->End);
+
+  InstructionData->Displacement++;
+  InstructionData->Immediate++;
+  InstructionData->End++;
+
+  Ext->ModRm.Mod =3D ModRm->Bits.Mod;
+  Ext->ModRm.Reg =3D (RexPrefix->Bits.R << 3) | ModRm->Bits.Reg;
+  Ext->ModRm.Rm  =3D (RexPrefix->Bits.B << 3) | ModRm->Bits.Rm;
+
+  Ext->RegData =3D *GetRegisterPointer (Regs, Ext->ModRm.Reg);
+
+  if (Ext->ModRm.Mod =3D=3D 3) {
+    Ext->RmData =3D *GetRegisterPointer (Regs, Ext->ModRm.Rm);
+  } else {
+    if (ModRm->Bits.Rm =3D=3D 4) {
+      InstructionData->SibPresent =3D TRUE;
+      Sib->Uint8 =3D *(InstructionData->End);
+
+      InstructionData->Displacement++;
+      InstructionData->Immediate++;
+      InstructionData->End++;
+
+      Ext->Sib.Scale =3D Sib->Bits.Scale;
+      Ext->Sib.Index =3D (RexPrefix->Bits.X << 3) | Sib->Bits.Index;
+      Ext->Sib.Base  =3D (RexPrefix->Bits.B << 3) | Sib->Bits.Base;
+    }
+
+    Ext->RmData =3D GetEffectiveMemoryAddress (Regs, InstructionData);
+  }
+}
+
 STATIC
 VOID
 DecodePrefixes (
@@ -294,6 +486,111 @@ UnsupportedExit (
   return Status;
 }
=20
+STATIC
+UINT64
+MmioExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  ExitInfo1, ExitInfo2, Status;
+  UINTN   Bytes;
+  INTN    *Register;
+
+  Bytes =3D 0;
+
+  switch (*(InstructionData->OpCodes)) {
+  /* MMIO write */
+  case 0x88:
+    Bytes =3D 1;
+  case 0x89:
+    DecodeModRm (Regs, InstructionData);
+    Bytes =3D (Bytes) ? Bytes
+                    : (InstructionData->DataSize =3D=3D Size16Bits) ? 2
+                    : (InstructionData->DataSize =3D=3D Size32Bits) ? 4
+                    : (InstructionData->DataSize =3D=3D Size64Bits) ? 8
+                    : 0;
+
+    if (InstructionData->Ext.ModRm.Mod =3D=3D 3) {
+      /* NPF on two register operands??? */
+      return UnsupportedExit (Ghcb, Regs, InstructionData);
+    }
+
+    ExitInfo1 =3D InstructionData->Ext.RmData;
+    ExitInfo2 =3D Bytes;
+    CopyMem (Ghcb->SharedBuffer, &InstructionData->Ext.RegData, Bytes);
+
+    Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer;
+    Status =3D VmgExit (Ghcb, SvmExitMmioWrite, ExitInfo1, ExitInfo2);
+    if (Status) {
+      return Status;
+    }
+    break;
+
+  case 0xC6:
+    Bytes =3D 1;
+  case 0xC7:
+    DecodeModRm (Regs, InstructionData);
+    Bytes =3D (Bytes) ? Bytes
+                    : (InstructionData->DataSize =3D=3D Size16Bits) ? 2
+                    : (InstructionData->DataSize =3D=3D Size32Bits) ? 4
+                    : 0;
+
+    InstructionData->ImmediateSize =3D Bytes;
+    InstructionData->End +=3D Bytes;
+
+    ExitInfo1 =3D InstructionData->Ext.RmData;
+    ExitInfo2 =3D Bytes;
+    CopyMem (Ghcb->SharedBuffer, InstructionData->Immediate, Bytes);
+
+    Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer;
+    Status =3D VmgExit (Ghcb, SvmExitMmioWrite, ExitInfo1, ExitInfo2);
+    if (Status) {
+      return Status;
+    }
+    break;
+
+  /* MMIO read */
+  case 0x8A:
+    Bytes =3D 1;
+  case 0x8B:
+    DecodeModRm (Regs, InstructionData);
+    Bytes =3D (Bytes) ? Bytes
+                    : (InstructionData->DataSize =3D=3D Size16Bits) ? 2
+                    : (InstructionData->DataSize =3D=3D Size32Bits) ? 4
+                    : (InstructionData->DataSize =3D=3D Size64Bits) ? 8
+                    : 0;
+    if (InstructionData->Ext.ModRm.Mod =3D=3D 3) {
+      /* NPF on two register operands??? */
+      return UnsupportedExit (Ghcb, Regs, InstructionData);
+    }
+
+    ExitInfo1 =3D InstructionData->Ext.RmData;
+    ExitInfo2 =3D Bytes;
+
+    Ghcb->SaveArea.SwScratch =3D (UINT64) Ghcb->SharedBuffer;
+    Status =3D VmgExit (Ghcb, SvmExitMmioRead, ExitInfo1, ExitInfo2);
+    if (Status) {
+      return Status;
+    }
+
+    Register =3D GetRegisterPointer (Regs, InstructionData->Ext.ModRm.Reg);
+    if (Bytes =3D=3D 4) {
+      /* Zero-extend for 32-bit operation */
+      *Register =3D 0;
+    }
+    CopyMem (Register, Ghcb->SharedBuffer, Bytes);
+    break;
+
+  default:
+    Status =3D GP_EXCEPTION;
+    ASSERT (0);
+  }
+
+  return Status;
+}
+
 STATIC
 UINT64
 MsrExit (
@@ -607,6 +904,10 @@ DoVcCommon (
     NaeExit =3D MsrExit;
     break;
=20
+  case SvmExitNpf:
+    NaeExit =3D MmioExit;
+    break;
+
   default:
     NaeExit =3D UnsupportedExit;
   }
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53760): https://edk2.groups.io/g/devel/message/53760
Mute This Topic: https://groups.io/mt/70984936/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53761+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857339821525.657379695697;
 Tue, 4 Feb 2020 15:02:19 -0800 (PST)
Return-Path: <bounce+27952+53761+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id KvMnYY1788612xgqBZqd5T7G;
 Tue, 04 Feb 2020 15:02:19 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1692.1580857338005546073
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:18 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=oLKMoDqMydiIoF0ooBcYG3lVS/mq6gKIu3kLY+C6Kh3DeR6jJ2QlLHy3wD5uW2O+6SG2L5YhKaJZN6yQLCiJWbFqQNLZz0s6DEe/o7I1lE841d+L6Xfwhj9FctDTbMC7kCVWlInMcaS1cQvVOJbmfOu8A30mu7Mww82SYyBLnD0Iueq3JDS/OkRWtjFETmU6j2OF9nvnIWJbQOCxIb0cnkRBGV8ookbIFX1UHaM1QeQLppDcDymXujE6t2k3EKGH2XyTauTUkH6eLHhOKh66fDqcYooGXakyPH0s4WC2nNLObOnXFsbrTgk1JymzqBMp5xGCbV2JkFCotES/gx3B4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=8L/gPVBo+QltpzO1k0JSPJXWxH7djOktRRZazDChnqk=;
 b=U2CiPjsjStow8a3foVLGFZYkHQipzpSeZyOtxjHD5YQxftIUJzSUis69mDflUv2lOwTjqLM/3Hd9VG2UBd8DkL0bs9FB6c0KjzHfs5J9hVhTr5JGe9blfO2M0RyLjRziSZNwbBtqVHhTS7aEBpq9pp+5hbhC3ViZLakyR4OX6EltEmyh8FSLKKz2uFExYwj5pWVcW3ETienA2C3ExRCAqm42ivK9C+fo5vchCU+0+1W9+xPIHGtyXYlMi1RRYRtPGSEZGp8hnEg9rXR5tKEYIiw9dm/zxtfGHtERw9qmqCnjDzJ12ZPogy2KVbzNlCvgqKa5fU7iOK6aSQQYb9VEEg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:16 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:16 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 14/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for WBINVD NAE events
Date: Tue,  4 Feb 2020 17:01:18 -0600
Message-Id: 
 <f4342e10e287775b1c18af8fcf91bd094a647118.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:14 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 6f20e838-d7cd-43d1-27ac-08d7a9c646f9
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39308B7BFC1C448A1D3EDB87EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53761+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 vPP8w3vzl0TWQgwW3a5/myk/BrrvCwpmjPY6mOwcyDTsjRii0UpIkqPDL1TeWDEwDfuYXEGE4XklGso+UiGP30fmcl52wZcGGHp7QZoEce0pS9b6HhuYtPe9E42VOUrXFiTKUSuxBnH2HJEBhccEwfe3asHG9AV4WfOPAxkQzY+qF62njuFZHvIl6QkK8/TrLWVtsr+i5hd0sWFeI+HkUbgZPkAxWWPgApmP17/YsUNDYmz20MijlojyYX1H78QWK4in57KTG5Hf3+1ju5FzlBZn0TxeuzC7qB3sHdTFQQu5elw6a72M4a3dFc/ukcAVfU8hmlMtQqKnz+D/WZQw8R72D8zkFa+kzHZyD5++rsiey0PlfDJJPGeumdkk6Q6N7abd0wlqEsab6tQHbozR9kEE8AzOusrSFWf+ljOaIiI7B3JOhkXSQWhUUS1v/iPmWunJ6C5tNuXwE5Wtsxcc6cjdbVUVx5AGJhbdm2ZQHsZxb024ps246V8m4YI3b+3eQbGxR2cpwXlnf/oxBWo/uw==
X-MS-Exchange-AntiSpam-MessageData: 
 cMZZL3PWjNppKIxmsnBAAxRaPafn3bCdRfNB8fUGo5Hf0/7kAP4+HaagtDUCYADWqSKG39JwQWoGYimuaJy6xERWO894ic+Yw0nqthDzCg9F1KiSN3OP1k8AVjMGw0OxxU7esioBo61fTAj5eI3DUw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 6f20e838-d7cd-43d1-27ac-08d7a9c646f9
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:15.9035
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 BFtAUt3zWY4n7AhDea6IY4wSLP1uyn6nF1XeVQyU9pu9uLN6+sxHJAgei7WL6M2WT6uALEYxHEpl8vp/KmYang==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: UJUopwcCXVxd6ig8Rk6Aj45Rx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857339;
 bh=czc6RWMtMMOqEyv5zu7xK7ju4LhaWBepjNMBey9/FDA=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=E67jHn3pi2J4znTiLg2xd4q5h4/FuCPD7GftR6psJTrbRkEnwjx4SlrS5/9FdEGesNP
 e4TVGoEX7tmnX4Th9Nm1+TlT/nyIa1TajsdVjkt+3pwo9bfeQScXFbz3uXmUCDyYu6NKW
 wp3B0F704L/sO0kBG0TRv0TUV6hAqIkDEOg=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a WBINVD intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index c68aeb5d2c10..03003e9113fa 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -591,6 +591,24 @@ MmioExit (
   return Status;
 }
=20
+STATIC
+UINT64
+WbinvdExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  Status =3D VmgExit (Ghcb, SvmExitWbinvd, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  return 0;
+}
+
 STATIC
 UINT64
 MsrExit (
@@ -904,6 +922,10 @@ DoVcCommon (
     NaeExit =3D MsrExit;
     break;
=20
+  case SvmExitWbinvd:
+    NaeExit =3D WbinvdExit;
+    break;
+
   case SvmExitNpf:
     NaeExit =3D MmioExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53761): https://edk2.groups.io/g/devel/message/53761
Mute This Topic: https://groups.io/mt/70984937/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53762+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857340428959.8891297962483;
 Tue, 4 Feb 2020 15:02:20 -0800 (PST)
Return-Path: <bounce+27952+53762+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 6RXQYY1788612xkvc8hLdBBA;
 Tue, 04 Feb 2020 15:02:20 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1692.1580857338005546073
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:19 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=hrd9uCtZ/ggnKUi2hT/Vo6y9xbZ1IbWvQLY9RjgXt6uL1VPA8vDaXi4jWHAWPQpliKftySennnJ5HbSJWJQ61gzcPuOdPBwxdEoGgOgHVqIhuigVhhP+/C6nXiJ5JVxz6Yxws/Qqucfqs5KYA0X7TNUlEANVKjxEIzGpLQV/QIg/XWx7KJUVmkNMYU4lYvEXoE0fgfmJh+2MLQfQMRYtpE3MeJvNSBVfAucCPsxqb8ALYPMiBK3jb3OIgGIAr1HDPL3rn6QhCTsHFtRx/TuJGOKnQzvlHM0Wa8cdTOG/ddGFozO9u4nlCUZt2/MSUTFigW8SmqTOD/NUFHJFKqVd6Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=jIzo5r3O2Wk+iHnmj3iDu3sJq0FTPdRiUdYrpSak6t0=;
 b=gZtAx/gHmb4H80hyNweSULnm/MQMaPYRtfRZbjX20p9rd3Tgo3AZXDVa7A5RViB/BAbjOnUOOJxYh0dO9PR2SzzO3DD3g7IR63MJCduKNPs7cwM9goRKfgTJWzzK6uqEEsv1gSahSQg9EDsEOqZq42NpwAiiqQRTJGBwG9SjQMIYxiB7DtpR2KiYH5Pgsc3zC/DE8Jh8OmarJkYQne+rVCQ5G8mL6r9WPQPOrEgG5qSCQ7uAc2tOsbY6mZ9sE9epo/zHK+Xu9W9F78kYJTdGaU3FfBhvtadBWCWDLoQC1Tv2D7E7V28Unq/JrReVl/5GAZE6I8tpZqJNX9nmD/Wiuw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:17 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:17 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 15/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for RDTSC NAE events
Date: Tue,  4 Feb 2020 17:01:19 -0600
Message-Id: 
 <3fd96d42cc3e735733605f46b8bb8a0d7a9be708.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:16 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: ec47cf4b-76fc-4303-7ee3-08d7a9c647ac
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930860B1C18812C997922F5EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53762+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 S9rZco8bbUkCZHspHY/c2Ut0WCfa1++4z0VWY5bvY6CAeNggf27MuX2haKhllm3g7LNl62UCDwKucFi5I8/cqiB9T/2qdKldjhzctVArT4P/3Oi/mZJf5l8QlJnp0obSx2kbGvLQfve5eW9ZOlUehRQiFLXr2jERHO7B9eNCumQcs5pqVRVTvArE+KUFFitlOolTUtMwIGycCIV0gIMCwV99P5KQp4JpowxFkFpNvzd35shLsfqGxgGx1QNG/1T1yySaFgUpeROFmUuogXOTbzGzr76x0ddzux8TLuKmMJT+jKEwR68hqm9xa85qlUBPDpIP4jUhUWRjitMNUzOJgX7tx092j/vaH/3tfK7997VHGPSStSH5GmyesVDs2U9+UQy1L7R0E3ayLWd0YFCLVECDKG+fYl/fiDBUYl4lLdcRMVtRo0MjeQ9PV/fehBDSlIuR7kKOaPkqkTxlqPTro5LVVaSFuyfH512f8Tl9NbhhGNUUGWT34yaHpVTFPDxadvAnctA0nNRAZUw/8TGhMQ==
X-MS-Exchange-AntiSpam-MessageData: 
 gmVHi33/Q95cGw37ocRucL9sK6C0nle9HqgWG5fbtrJZrBLLVmpd5bYDtYrvHIYVSqcCmTFXg+5U8y8N4ZLGyCXv5buWGVj6qVM8wDrqF4bI0RAQ9Gj7wV7XbQJhW1hdUZ3WcbJS9aico1CghSYo6Q==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ec47cf4b-76fc-4303-7ee3-08d7a9c647ac
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:16.9569
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 QfMp4SdFd9rXRPfYx6nUaSDIeXq0a/kEeC7pqnZ69vPK3ttMTBuzHCzy75y92U1Jd7wWwCfUabIB0gkvTSi9qQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: ylDKTE2uOZth79XBTCLuPbdLx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857340;
 bh=WRMtI1LyOnyE6VW+9Eu/j1A8QT8YGPlmLdscYw2qIo8=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=fYbcL++BF0HBKC8gqKIr+SRdNWIcBvGP6YQUTB/mNKtYFs2srANvWezx0FBt9UUNzlc
 DFFKGE7zETZMEoPjtNf5vYgp5/HHAMvjPj6rlLLyWZxJbMhafc4XumNTahMUkW77Gtdr2
 5KLaMwT2M0af4pKCY0XJlJWC5vIPNrhTzuM=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a RDTSC intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 03003e9113fa..552fe2e1a343 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -894,6 +894,31 @@ CpuidExit (
   return 0;
 }
=20
+STATIC
+UINT64
+RdtscExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  Status =3D VmgExit (Ghcb, SvmExitRdtsc, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (!GhcbIsRegValid (Ghcb, GhcbRax) ||
+      !GhcbIsRegValid (Ghcb, GhcbRdx)) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+  Regs->Rax =3D Ghcb->SaveArea.Rax;
+  Regs->Rdx =3D Ghcb->SaveArea.Rdx;
+
+  return 0;
+}
+
 UINTN
 DoVcCommon (
   GHCB                *Ghcb,
@@ -910,6 +935,10 @@ DoVcCommon (
=20
   ExitCode =3D Regs->ExceptionData;
   switch (ExitCode) {
+  case SvmExitRdtsc:
+    NaeExit =3D RdtscExit;
+    break;
+
   case SvmExitCpuid:
     NaeExit =3D CpuidExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53762): https://edk2.groups.io/g/devel/message/53762
Mute This Topic: https://groups.io/mt/70984938/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53763+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857340852540.6859589584209;
 Tue, 4 Feb 2020 15:02:20 -0800 (PST)
Return-Path: <bounce+27952+53763+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id MgaQYY1788612xrGfuiaf6KJ;
 Tue, 04 Feb 2020 15:02:20 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1692.1580857338005546073
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:19 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ctMRCGLPHu5mye/gvn0fKhiRCblUs56cOshr3rdIh72Pa2V4uZsK00Rl012Heg2G6qQjO17kFm+E0AH/VF8eRK9SWehHHAsayEA3ZYJZPAgsEeuqc86ZrH76K4OOOxcYMk5rf/d7NXIbszuzHqGDekuDsusl1IW+KMmmDUhil3+56NoLEWL9tVMwL7zCEyftLBqqzgV0SSU9uzk0IUcVQXOBgZVQKhc84FqiBIXEWzFd6bGhFIRehyNcQmFF3JaTMsSP2tcvQzp4LbJ4/TMMhrQrbVdk16ZIZxVSBuIUVfgxRvkvBw/VRE3oF8Dz3b8WSKGeFI9DMNUldxVDHbPy+Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=UuUZ7rYIwEsLaCBbk3MGDWyM7vEMwCEx/yOnta6eUnY=;
 b=lCPByt/we31o9jJjDkLY3Dxl5DYu1HAPiROeFulCUnMji+Qlz+kO8g3gRY/xwLViZIQXlgGh2zlM6C7Atx088KV5QnM8FRXuh60hmsk3Egz/72ftFZNlW5RvrnXdGuBUBIzoAZa6YqJitv3ymBzq//uaDlAxm005C3elIzjSo4W6N+Qs6U6O1P6TXy3wdQmLws7aX11vEGpxuEs5M8nPCYqZHNZNuuvdHl88zJtugZ/ifH9qdrPezE9Tes+vDg93bTRWtHkzgViTZWWCptcKtxKgHphjU0sNLt+Rm3SsNx1+tnPT75zmooJzxZgoGwBjpGnUOLrWoSE6UJK4mlzKiw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:18 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:18 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 16/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for RDPMC NAE events
Date: Tue,  4 Feb 2020 17:01:20 -0600
Message-Id: 
 <120361d3390b049782aab490b38776080736abdc.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:17 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: fefb3801-9140-4ba1-77fc-08d7a9c6484c
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39308E472F07C858464A292CEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53763+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 hdW2zxafXJnpZOmt5buveYzrH+WIT6YkM99K2nKNA2Ej0qIqgXFIjfdNjh7YSJLXyfaqZ1dc0uMupCGTw0GnYx97BbZvFBNplY8jZ9e+Y1AQ957R6Bxk2hpCOWcs9Eo9RNIRowonPEqI9jUxD12OkdJyX60AgUCYKMgot1lNlCgw9U2LzT01ozYZcmQbH6qr+h9Rui5HhpbFYNEd46Wn7MxGvD3OEl8nwCEbfMZtJqxFOl6/sYQ6eJyU03LpZ0/fxlq2y+n4BAwv0p9Is8rDhwXa4tfrOPdtQReAmnx1EM3aeT3g4VAxl7TvlJ+5Zq+bymQEDx7+LMzci/wXDpsVXd99p1bzLYU648uJ8YM+ACfd/sxFXNvwH4k+Ty8n7ua2OmDEqQJ6H3GSCeFa3urc/GokG5MElfkcFbds4FIC7eYyDZvCiVTlGhL3+vrR/JKI4+xJ1D+Ct7sOeyx4hMJtGzVSlVvHQBM5Q/QQgtovl1X68tLLwVWBUp50IZByrCfCEKoYd8zxmziTha2mGB/agg==
X-MS-Exchange-AntiSpam-MessageData: 
 5ydlqTCdW7ovNK9YCn7LVnyu8XuckZWnnK9WE7UujLzvypiJQYmnXviimUi8pj6w869s5WUxK1jniQL1e3xvM32ruqti3kdunlP/Eo+cgWxzbPYXj7emVSVIxBF/ozeB8RBn92MuuqbzAEyxYGJOWQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 fefb3801-9140-4ba1-77fc-08d7a9c6484c
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:18.0212
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 IHGVVDC5RW1AScLSmYoI4JMm+dycpC0lfgUOFr783kWQJWf6Ra658PSyEBXCB/GIlkUCccBhKR47FzzrYeBqTw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: vstaW7X1JSCQ0dgr0ALi7ou7x1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857340;
 bh=0IjRWO9PtFi44LUFZ5oRlaFc1v382yZrSqi41kL3a1o=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=bLkH0mLp+PTl29v1JViIgKC39QXWfJzm5tI7GrH90uFbTH+htWM/za7BHniyelNEnMZ
 bSpgvE/MXpQt4QG4K2R2VOV4AQJnepQyy+k5JdXZBfGc9YgeYAgNYqWuzswE3+5GuRqKt
 BDgKvZRYz4fCbGH5Q9bKC/myaJE1wi+uc9g=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a RDPMC intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 32 +++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 552fe2e1a343..c2bc213e602c 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -894,6 +894,34 @@ CpuidExit (
   return 0;
 }
=20
+STATIC
+UINT64
+RdpmcExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  Ghcb->SaveArea.Rcx =3D Regs->Rcx;
+  GhcbSetRegValid (Ghcb, GhcbRcx);
+
+  Status =3D VmgExit (Ghcb, SvmExitRdpmc, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (!GhcbIsRegValid (Ghcb, GhcbRax) ||
+      !GhcbIsRegValid (Ghcb, GhcbRdx)) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+  Regs->Rax =3D Ghcb->SaveArea.Rax;
+  Regs->Rdx =3D Ghcb->SaveArea.Rdx;
+
+  return 0;
+}
+
 STATIC
 UINT64
 RdtscExit (
@@ -939,6 +967,10 @@ DoVcCommon (
     NaeExit =3D RdtscExit;
     break;
=20
+  case SvmExitRdpmc:
+    NaeExit =3D RdpmcExit;
+    break;
+
   case SvmExitCpuid:
     NaeExit =3D CpuidExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53763): https://edk2.groups.io/g/devel/message/53763
Mute This Topic: https://groups.io/mt/70984939/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53764+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857341922206.39515201824133;
 Tue, 4 Feb 2020 15:02:21 -0800 (PST)
Return-Path: <bounce+27952+53764+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id FK4wYY1788612xYHitGarMb7;
 Tue, 04 Feb 2020 15:02:21 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1692.1580857338005546073
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:20 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=PxCvWyh/D6deu7vhsQTMJPt0lFKEAfecH1aNb63PNb7mntlpTof3LwjCc+yAyZhaREHoUb0Vwf8CHodlcVveHQhaVNUyqXBr8Inb9qtXaceJwgHUWbvswMRhVyESqlzpuPLfUDnGhG1Z5m28YOboheZB/ylzMtZyN0Zi020k5bZpzyr+DLDeLR7StOxYRTjP1k74UYT3Dp7zYoC1xX0d0gMQijv9hoAF/usdE00Hg93eWUhDY5iDb7r5dFqylVy0LSCA4eNr244+PTlhp5wNfQKU9dJr7pPEvyAuPowhdJ3mFYHMvWdBrlLSoJY9ioxgoXPCLvUZrdv0ariD/VBpyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=4rl6/NudVtsF2p87pB1OVDhzK2Mqe9kbkCPupa5sdqs=;
 b=Nmk03A7qBCGEhd2bCsRo3p0AYe9Wgd68lqtaIhj2SZ29uuHQtKe1S72QVc433dRDSb/u8l0ZLLpaoZ0Sc1JPVY/OqU04lQfgHQeEVbLZRJlmg1PWbFbXskvb+tZ0ISKCMoGDclBYY5tnNWLusLbIjeb5BHCZK3DacEO1jL/rpBhL9SZHOWPF/xlmyqVgAF4mV6a0eWFN9Oq/PxNrU/3an4Ry9HcFjTuApege3rha6J/saVheucVyRJuHfyjRHPsHHpFGZkiolWCl22SW5Dd6cR8foeO4Uv4W1REVLzyDBu+szCtzsM3RhpM+6Nk2jyhsWAcvf9RLXWk8AHFeT2JiLg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:19 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:19 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 17/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for INVD NAE events
Date: Tue,  4 Feb 2020 17:01:21 -0600
Message-Id: 
 <6df3201439cc932d8cfe91054eccca27921c9573.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:18 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 70e2828d-c3d5-4813-6783-08d7a9c648f9
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39303978A12ECF167A3AB9FBEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53764+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 e0TRYDz3qynt+klX0zbMX6NnNmDCFxIxYyCXAx1ZemRoxWLWDDi6+1Sif5JB4Q7t0q3crWQXFxS2DqSeZjkDk8+CmO/oT9jeqts19diMwzSXQzCuirzWA8Uws0lzgylztG9vCVnr48Wy8IhWjNtpI3W/7tIy5WzTWvFHCHDeyIaAQGxUo0EaR9Y4aMQ7XmKUlzvu6WlSVjAOO+MCks9GIkBUP7OTKpBfjlx6MMeg2tJGX3zcZ3L8EPB+EIUiw4ek9MYGRXY37KrpRbiiTfk8KY3lAzfAXoRkjCmae2lU8y7ySuBPMKuaQrIBcY6mzEQ6MR4L+YBMN+T9SS728VAGT/je7+WzacbMwUSZ04LogoGseXZ1iKB1h928wNjl0+IKLfPtatF/MH5UdTdJ00+tUV7vJ9s0eKYXBu1GJKLUWP9BZH2EGUYTfa2szfgE+MuWWLl4/qtezEUWtovb38bdXKZSNmA87XKjkz2AVBuQXY5LMQQJSdXh/QtuV3BXsk17FGZaouw9dV7X9mXb9WFZ0w==
X-MS-Exchange-AntiSpam-MessageData: 
 9Xertu3/bJLlnWOSt9xh/WkWTYmURFpNGYQlXkJasDsDdvdgSX1ZoDYp+onowJfl46BjX/4Zh4LbzQSXeU8ZvH5dLCmBp2OmxbEIem2O+sTpiLhRFnkTOtNsj30YKetRPGbeHmJkTKiAD/QpLRW2yA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 70e2828d-c3d5-4813-6783-08d7a9c648f9
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:19.1706
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 iI2BPLJZgwkIdprN3c8EmSneJoIENcPB5f76322F8b6yN9w5a2skDENPjGG6J+AWCYQqn1R9L985wPnMGxYGAw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: T2xWRsN0mZDCX6cUmII1SELmx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857341;
 bh=XMqXdbGPM7KCB6FfiRdE9oA+5Wn/lrREy0+ieLjsbmg=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=DzkpAp+aIKXK96LibkSL1EtW8qe5sT76fIP++DO/tkN7E3KGoBmaZsZKkE0khWxYBpb
 Riaw4PHvsOKlqNCW1/d0PH11OCiWnqSX8JipY+Bd/bFiEGyE6t3hZiK1mJ/CAoSv1PbjW
 WU981djTgyqwWnk06lD1A8l9Q8jf4iFxkYI=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a INVD intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index c2bc213e602c..a47bba5ac1c1 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -856,6 +856,24 @@ IoioExit (
   return 0;
 }
=20
+STATIC
+UINT64
+InvdExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  Status =3D VmgExit (Ghcb, SvmExitInvd, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  return 0;
+}
+
 STATIC
 UINT64
 CpuidExit (
@@ -975,6 +993,10 @@ DoVcCommon (
     NaeExit =3D CpuidExit;
     break;
=20
+  case SvmExitInvd:
+    NaeExit =3D InvdExit;
+    break;
+
   case SvmExitIoioProt:
     NaeExit =3D IoioExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53764): https://edk2.groups.io/g/devel/message/53764
Mute This Topic: https://groups.io/mt/70984940/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53765+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857342929249.22484078626076;
 Tue, 4 Feb 2020 15:02:22 -0800 (PST)
Return-Path: <bounce+27952+53765+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id XYzoYY1788612xGBruFmNChq;
 Tue, 04 Feb 2020 15:02:22 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.57])
 by mx.groups.io with SMTP id smtpd.web12.1646.1580857341841322832
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:22 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=AmpvwSM7s7Bdd84GJXd6mmTuelpME05WxSSaJzVmRCkecxtIayrrNo9VWnopVb5ztKfi6g4kwFcIvWW2LOeLOrTyf/41r38GqDq/0kczm0QgRij1wepcCR1pv1msCUB0tgYypfIZgCT+zxhf753UkkC5Sta6odatWxoE1s1B39ribmrvbjVpjr+/y5RXnGQuNKQQbBRBTBIMnAjPs0CRwm1hiv6m/8Hh+LN2f4x5ruI+UjtCaN16j/a3+ZWDJR7f/TZ9ASx06FFfSG9tf2vBv8hti5ZPmcSQEV/7NGpjS9/XIUyl9NcvPvpEf8ja4LH/cwS+do7CRAy6Ark1jUQqpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=HWMqrbLRwZW1s2syh9em5+wd7Uni2ZSZl2q8AZzsLJw=;
 b=oDR7wH121g5UsMzXukmtVkM4GCtzj6IaUqrLog3y1hlL9m5NT0vgs/s5qX9HuCI3gIpOVY5z1+DCk6MkrGO5WfbhiIgWhNx/XQ/V58j7oczjOuhiUxm60DiUAEPRxcKIL8/1owEyjPJPbosm/MK++zY/vI90Dc768MTEjO3/X4/PywX+HeTkrTgL+RcEo7uTxF15rRO+0hB3cNjq0VyVvJcYnQOWJuo0rqxUeUwYeFIyhiasjAX58lKYvsKN+7ZmnlZFaKgfPiA4NbOJ3jVGUqq1RN2GuYdZSU90p9Se95uy8UaYCGYrwDkK8Xk/x3Mb2uLLxC/2v3DdhU1tBLJhXw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:20 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:20 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 18/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for VMMCALL NAE events
Date: Tue,  4 Feb 2020 17:01:22 -0600
Message-Id: 
 <64143f04ce4c47595ee53012817e2130f10c1d6e.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:19 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: ed47d3d8-e132-4ff8-c329-08d7a9c649aa
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39309CEC88CC20FF9A3F2340EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53765+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 01o/6ZAoGZNcyvI141X8Fm6VjBKJRznkFi9/CujYYeCFzAjL91mGqQwjLtitTOn/nG1EIzx14nSJDzhkjc+PbB+sD4toRx1KgxVUFqR6mLGscrEaCQ4ty7lntc3OR7xqZpJkNRuwGGqr/x3SctGj6t0RZvbcVILxJaLqpJDAv0aCQJ9SGMtJxOJychDHqz24nvpxzlllC6spxE1F8nxA13X16k6KKDxg6fIoNP+6oKfWNOT6T+6sfULPiOhT4jE+wYKOU0Dyb7cdrwezG7l2n2FZlisEhsu2rKsXaNKWzJ7fhgTmdY2YapbGpRp6bM+I55gf7Bqe2euJvrkeJBpTFRz1U3Qlo0AksNXsi+vY+5VffRnKhc0B43ghf+Fv2HqL+j3r8VVpHsASRbgZtBVEarx2rQOGoSS8wW8jK0BOwlvXCxUGy4LGQcYhnHbcGggik5rbbOr5SBaEUl7ixtomSYB4u5733C6/+Eeu0Kf0SFBpzsfBnKsmDOF6j/ilzmIf2Y/ur4kQ2gjy0z9AS+NG8w==
X-MS-Exchange-AntiSpam-MessageData: 
 mmZwHf/a5Potgol9UxHIc03yieBLLGnGdY2q+cGevmuerNBMepz5t7RPKEHFnch//ZrxeOiJucto4nAa7FLW9rub44+cHMvfdxs+OYQmVkTRg8klaMvgHII0FGviKEZdBhY5L68Fida4pavNZNdmAw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 ed47d3d8-e132-4ff8-c329-08d7a9c649aa
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:20.4648
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 P8ggbya47qzDSirvPUebGWS7iU+L6ckRskVN1NhuLqhws7VxneuN4UaUid6M3Fh+d1zPZMwv1U4RrgFfRaxk2g==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: JScs7Sb0zWeSLHZcJCXMLzSax1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857342;
 bh=O6Yw/j2NmaJTwz3nGrbCrIvtuyUQH32SQM0xSgTZ4RU=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=qXTPIWWYslggpU8i8rhM4vuEbW9l5AnkdEy4eMBYUNxVrv2ZxZzfuKqeqkAfC0KLIW9
 Au7ooNT9HTkF8bZ/j21pIxY/0s3I1I+5Q0BH14rrHDUHN+AEsIMmU6tr2PfIvawkU5KcF
 Zk6SQSmQsZqYUXIZEMi8bmLSbN2Q+fykRfQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a VMMCALL intercept generates a #VC exception. VMGEXIT must
be used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 34 +++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index a47bba5ac1c1..734c2bbeb989 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -609,6 +609,36 @@ WbinvdExit (
   return 0;
 }
=20
+STATIC
+UINT64
+VmmCallExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  DecodeModRm (Regs, InstructionData);
+
+  Ghcb->SaveArea.Rax =3D Regs->Rax;
+  GhcbSetRegValid (Ghcb, GhcbRax);
+  Ghcb->SaveArea.Cpl =3D (UINT8) (Regs->Cs & 0x3);
+  GhcbSetRegValid (Ghcb, GhcbCpl);
+
+  Status =3D VmgExit (Ghcb, SvmExitVmmCall, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (!GhcbIsRegValid (Ghcb, GhcbRax)) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+  Regs->Rax =3D Ghcb->SaveArea.Rax;
+
+  return 0;
+}
+
 STATIC
 UINT64
 MsrExit (
@@ -1005,6 +1035,10 @@ DoVcCommon (
     NaeExit =3D MsrExit;
     break;
=20
+  case SvmExitVmmCall:
+    NaeExit =3D VmmCallExit;
+    break;
+
   case SvmExitWbinvd:
     NaeExit =3D WbinvdExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53765): https://edk2.groups.io/g/devel/message/53765
Mute This Topic: https://groups.io/mt/70984941/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53766+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857344125884.4577613818494;
 Tue, 4 Feb 2020 15:02:24 -0800 (PST)
Return-Path: <bounce+27952+53766+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id G2BLYY1788612xijPkLVc7E1;
 Tue, 04 Feb 2020 15:02:23 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.52])
 by mx.groups.io with SMTP id smtpd.web10.1665.1580857343101360274
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:23 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=c9xJ8kUjkEm5F3JZyPlM/6JQKGKldSHUc7yFY6l/cxtPmShH+ZJG2emtJLOac5aSm2pcR9sk1f9Uw7heSEN2olJtxTDFHYfDKqR8NZBJsSvffly/4TN4h0y1OY6TbRMQ+0G3vGo3dFqAYEHg1mE6BlzxXkgzPbPOc6XVFyYDz//+lPsbh6Jc9rqD2nOLael5YmWQOINHqWZbZv1lgXtngH34L2Sf45srxemLTE/dhwlAtGJzqJdzW4mr6RwwArwbDoo2+0m6oOSpvA2qqC/j6++g4jSgOEjEweyME7h9VrC40jBib05glJixukCU0cBDtGKSyAcu/ueJLlEsvZwFkw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ySpnu2LSCPI7ZfnWXEQjmZYar7FHl13GfJrz7a9c9jY=;
 b=Os75xdRO7j9O1uV3LBL+RDxbLc0dSZRixsf/zI4p1WmA6RLcCBBhmb8Dx10yC7k9XqDyafE7wNvRAi32BYlHfRf16mOaGVE/hsEoKj75Rc9p56LUDrT4OZFWTicCzyKsOiit0ObeyaTX9lnl3Co1IlVcNgRJqsDDmjH9VMKk1YiHOsfCknq9jUKo+WTcCHi/K3VmfvkCEb6Mb5SsbIuW3PGWeFZ71DNel1WKCD0ENyuSm/Vw9+Iwp6b4FYY/DrShK2sLvwn5J3bJ/xQpZ19E0LOVrDkJMuVhU74Zmn38hpWD3HiaRjLb+d5tQj7GEx3BLI0oHriwYjHrqCBAgpYSJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:21 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:21 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 19/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for RDTSCP NAE events
Date: Tue,  4 Feb 2020 17:01:23 -0600
Message-Id: 
 <c98d91882ac48ddb20f3a0a3610e9aa867e5fef8.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:20 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: a2fe2d99-76c0-4e88-97cb-08d7a9c64a63
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930A13A8527F2F0E95ECCEBEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53766+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 xalJOw26VMX9PhJQHuM11XPDBwZuySXAK0jn/jNTr0M2PcIlItvxwjUZyotwc2LiYu3SlPAP1XVHPM9iPzBE6+KIJExOI5/+rFa2nFCYnasffGg0zhXGHIp2ewKpiW0azHVg2QSOkDgWu8lTLS2uphGHEYPUOH2231J4AodfNRWPgxssQaJNr8Akwh790LT0Fc4TivgJue42aj8RQ1tpaqIgF1k9wgN2pbD6B5p9RNmvXR//zeQZJ3TykHWcTrbS7o5PVxs8g9BNrmB/rXvD1GQpuGdDnMRkVaPjsqms4oeMLBKP4cTD8ahePPudCM5LC38hxg4JCHJlW+SiemBvhaDTT4uKhAQFOFmzXEQJ5qOO6hXb4AOAW01ua2tBO63NULQmeq8bjKK96J8uk8ueSVz6sRLymJdj+drTVThz7E8w4bdKgr/sZoTlqAnqdWjwPTMBiyhi72pEsE2kDcjnoh+z1g2g71z3dt6SGsEvPw0/wKeBn8DLOi9gT9tIHiIXmFyjSLHcp/2ewMYhAamdug==
X-MS-Exchange-AntiSpam-MessageData: 
 cwjaCSUtWrOoRQ/BJELN4SKLydna44k70cg0Ermete8XR4mlixJL3yKcVv+t17kKYXZdShyV0WcZkSdbxrYanPv5bqXxBGIDjDuphKqwVx7OPA6nVcTkeQkSGNxpjpT2gzqj54yBav38KG5Tc633nw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 a2fe2d99-76c0-4e88-97cb-08d7a9c64a63
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:21.4982
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 yuXGTpKHavZzgrG4/wvUCFSGu47DpGDbNVbyf3YlG0klXKq7Oe4Shcxdka7Wya4evWQFq6QfJpyIXI1z88CK3w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: piKueYEFxQTAD7LfyErhOi5ux1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857343;
 bh=w/1G5MWr9B+CrFeNNhdYPDQf5WPexyuWL78zpZ36hgk=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=Vf3p873slcjaF/dxhpSjkhyjgWngi1Ozj73gPYATXrJs3Vjk7RMaNJjaxZEVutasyqL
 pQfl7Q4QBUXPe8v9f+95SFAfecRQg0EDw9MT6QgmEnGerFu6AzJ18gdqdKxrmg5VSc3Iq
 hc9tpZcGwHUTO0Lu++65HkfI/sunIs3oYIQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a RDTSCP intercept generates a #VC exception. VMGEXIT must be
used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 33 +++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 734c2bbeb989..f18fbe97e147 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -609,6 +609,35 @@ WbinvdExit (
   return 0;
 }
=20
+STATIC
+UINT64
+RdtscpExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  DecodeModRm (Regs, InstructionData);
+
+  Status =3D VmgExit (Ghcb, SvmExitRdtscp, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  if (!GhcbIsRegValid (Ghcb, GhcbRax) ||
+      !GhcbIsRegValid (Ghcb, GhcbRcx) ||
+      !GhcbIsRegValid (Ghcb, GhcbRdx)) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+  Regs->Rax =3D Ghcb->SaveArea.Rax;
+  Regs->Rcx =3D Ghcb->SaveArea.Rcx;
+  Regs->Rdx =3D Ghcb->SaveArea.Rdx;
+
+  return 0;
+}
+
 STATIC
 UINT64
 VmmCallExit (
@@ -1039,6 +1068,10 @@ DoVcCommon (
     NaeExit =3D VmmCallExit;
     break;
=20
+  case SvmExitRdtscp:
+    NaeExit =3D RdtscpExit;
+    break;
+
   case SvmExitWbinvd:
     NaeExit =3D WbinvdExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53766): https://edk2.groups.io/g/devel/message/53766
Mute This Topic: https://groups.io/mt/70984942/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53767+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857344842286.8280447272457;
 Tue, 4 Feb 2020 15:02:24 -0800 (PST)
Return-Path: <bounce+27952+53767+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 7TAEYY1788612xWupSycfXkY;
 Tue, 04 Feb 2020 15:02:24 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web10.1665.1580857343101360274
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:23 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=b1jQbibm4TVM2VVGQSbpuwloZApwj+URZHnl3cKn35Oi5CoVKTOEUKMjwKsF4WbiC9L4f83vh0ItQxufhpm7xN76s+HrEAS1Wpk0CMBUwKLPP+tjdmXKY/6hUXvjopnmz3n1uhnNwUh3y3K32PyMpAKOOXrXfrlgoeJCxnwPgL8DMNTdzzO+AXMUx02hrMBmj7yRvayuE8gXh5utOorT3kS+mAm675ZiywxK/mICXqB0CcU2b7i/gDcPEr5KtJG12Hig1EynbEr/Tr/CdOVWk5edwXueH4ThlrG0FA/m4ib/fNOZo59XTcbw74YyPYD+2aIBj2XTCsrefaoPvAIhow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=vQxyWAFCSwnkPP4JhfckQXAveFz1I5Mcl5mO2uQeQu4=;
 b=Irk+f+jlWNGXiWMLtBcsp1OMDM7pJJS4Ec7rz01077qN2gtshLFWUXXwgOcE7onqN/py+s7lmHV8EeEByQRffRqMJAblKuixKYAk429aIsfS2p5zP1Ppp53VurUNUQPpMvMQ3ufHG8LOntZZ4ILg398YHxxi6027G6+F2QG7p75StsasIBcBKhiRlPjr7cG2moTTRIfoyG6XN1Rm7ftn0T4oc93dGAA/cJpgYh750IDlIut1UQ5ykuUG2kQYAXIRsnHNowBJsw9xxj3+pLSJzT2rMC9CqDoIrFI6UOvTLMq1Ns3USew0jDrMFkCaA7ZR9DQscLMC0MyxiP5igPc/VQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:22 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:22 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 20/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for MONITOR/MONITORX NAE events
Date: Tue,  4 Feb 2020 17:01:24 -0600
Message-Id: 
 <0e5a8093c885baa235c6482b09b1e01198e73dc7.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:21 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: e6566a71-1aa1-4d4e-6db2-08d7a9c64b0a
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393076612569343FEDB588ADEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53767+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 rI6xcZDv3ek4FF2o+goDD6Qf+VbomGn1C4SMC2Ct1ya9ZO7KFKuiatRG6Rep3XG+umHVln90++Vtqm9XE19OSDtF1PjtcvwQlAeQxVh2D6t4ZZ0eHpstpQ8/jt1k4B4zosnMzVPEiMESeiVEJPe0neceE8qO+K2ZdIgjW5aPzq39mTVAT0RLlKV4qXpj6iFEXrZRFFJVirXztk6dFor5aH3MsBz6Ik4+Zo4K3ULpLE9riMQKd8JT8/aj5EjFsOTU56s2DK0AUNGLLc7u1Jfq7IveH7W2wvbjWhU5Wo9D3rrlGUR/rcl4xO5o2RZRNg6/4cWrbXhG98e7j46eBLhAiFbyXGCSX+G+0o4L7/UD0nu05ROAMWVQgNJdBACL9VLhWlunnfEqcpJYdM0dhzNJtYcB53bb3OtKg530dCT/xpWVq4IIXC33eW0GU/Qn9SxYayf6+zycAXLLNIsOawEOIhAVasidxtiEUj5VKn83ttTF3QtTa9m/C/H9AeURpNckfvfIgfgWhAgTprxrINN4gQ==
X-MS-Exchange-AntiSpam-MessageData: 
 SOOAOxtMZ2gLoKkyNHvMv9albEvGhYVw4n7ggPCcKWNcG9fNs5uyCNBl3rm570bVTn3YgxjMe8Kr7N+xuYb5xEl0ae0IDCxsKcvcD0ZA67RG9C1qmkrv42BeJyh7vgvRITUAjyQy9FqTm4v2ejcyug==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 e6566a71-1aa1-4d4e-6db2-08d7a9c64b0a
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:22.5966
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 PPKqqpatPa+xw+I0Qf47AustoC22USDwj6DgL2LtigB4OToSgrmwMn60uziXufLdgukESdd71hBhJ4uvAkxsAg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 88H0RlXFUXESsWhy9WNxCBujx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857344;
 bh=LQtO3W6ueZv295my+HnazBu5AS6aW4BJEfNiHRVAmWc=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=BKnMavBf0vgtZBNVjV/aHJrR0nNPcRbshmZ5rQWespZ2zKBvWPeiQ1rETMzposEY2HR
 CcaLzyCAlW+exP2Os+xNvgZDg4JjYO38/sE7RQFqP6OFVl6jJptqfHb+TzKqAxx3vKhAA
 bBgb32otRqKRpHCZRsH0Q+t8QzEJJ3+DPME=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a MONITOR/MONITORX intercept generates a #VC exception.
VMGEXIT must be used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index f18fbe97e147..93341a647e48 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -591,6 +591,33 @@ MmioExit (
   return Status;
 }
=20
+STATIC
+UINT64
+MonitorExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  DecodeModRm (Regs, InstructionData);
+
+  Ghcb->SaveArea.Rax =3D Regs->Rax;  // Identity mapped, so VA =3D PA
+  GhcbSetRegValid (Ghcb, GhcbRax);
+  Ghcb->SaveArea.Rcx =3D Regs->Rcx;
+  GhcbSetRegValid (Ghcb, GhcbRcx);
+  Ghcb->SaveArea.Rdx =3D Regs->Rdx;
+  GhcbSetRegValid (Ghcb, GhcbRdx);
+
+  Status =3D VmgExit (Ghcb, SvmExitMonitor, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  return 0;
+}
+
 STATIC
 UINT64
 WbinvdExit (
@@ -1076,6 +1103,10 @@ DoVcCommon (
     NaeExit =3D WbinvdExit;
     break;
=20
+  case SvmExitMonitor:
+    NaeExit =3D MonitorExit;
+    break;
+
   case SvmExitNpf:
     NaeExit =3D MmioExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53767): https://edk2.groups.io/g/devel/message/53767
Mute This Topic: https://groups.io/mt/70984943/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53768+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857346374928.9385446397537;
 Tue, 4 Feb 2020 15:02:26 -0800 (PST)
Return-Path: <bounce+27952+53768+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id wVeKYY1788612xI6uGxwKDFz;
 Tue, 04 Feb 2020 15:02:26 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.55])
 by mx.groups.io with SMTP id smtpd.web10.1666.1580857345373237202
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:25 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=oLiam6WT6eceH1ta80zJCFBDM6EbMZyYymut8ZWJJ1kYHRuTgQTYIAXlNdmDHh32dQvjlbtxhcJuwgzAUKs/91cABiUL8Et6OtmEru8vv4mZkcc/0w6GUqw/SKoJnAv+Sd6G6pIN0uNy2EtrLbYzqMZ7Qtp3yQdyyTn7OSnUCCeNUXyvm7kl1+PdLgNTzIH9xmMBoJQPb7GcjCpuq4yUP8bIWeHQjycZ+RI7I0RyVgKivlTbuT8Gdwy5wryoMjyT3Md997YkIVQhfr9c/btbzz1w1gVGCvfmZWvmhErsckBpq2oFDfUn1YzaE0M5fArc5oIxIRH5nfPA/95zh3wyGQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=bkAF7fRWDFHrwkkADfxVuIBV9u7uW0OxV4VsCQ4GzzY=;
 b=jSCLpVejaVbfYWv7wmzuwiiJYwC/aMs4h/LLk7YQBVbkx7aYiWTWCkTnPtiF1s/GAM7p164GLJylqV2U5ex1k98M9Ffv7QBQaMDP/kXImyWbJobgx8ca/AALnPfvDogKnpxBb2s/WiHfOXhSh1OQZlSLoextNjEhg/P619ukRb63J/0A2HzAiZnLpqTKciyHqRBvSjR8olUHvFyDxo0JzuvEPaT1S/vaKXWKccZJSGfaijsoiu4JFHNwDV/U32nxYQi5927kqn2SI0nH1EUlYxv7TQPU1rubEmB0UfIlB+Sgqm+ks34/WyRkOQg5S2JKZWcKZQj7e9FWS/DCJtDOBQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:24 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:24 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 21/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for MWAIT/MWAITX NAE events
Date: Tue,  4 Feb 2020 17:01:25 -0600
Message-Id: 
 <249fb0ca366c123d5044a674689f36d982170048.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:22 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 49c573ed-7dba-4ad1-38bf-08d7a9c64bd0
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39303E5B7C4A13E3459ED033EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:2000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53768+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 wRE2d3hr+g8VrrRB3ORUjrHeGXqpkfjVpAtDedVbP73MU0f4ydk7N9QJyeTJ4DPJ4GYxcIrT1pGGx88sYkWpfSNgWvyg2faVE67IE2VcGqqr4ox5tSiLFoa56+IXnocB4GOOYDjMUZM2Fn63iDU8jroapWoNAjWr0wSQa5iTNPPwN7AcaAA9cZBCwV7sRkNhhL8eCOnvbsAni97SBAke/UP4tQyapX6/058fqTOvG5m8rI0ttIRcCijNJh5XewFUa9hnUwoX/ipfEfItVL+kGUbjK//o+y2w8mdA5b/DdUkkmsviky9tOSSNojQoK1yuu2M6I0Efd50bKmxJ61FIDOnq7ttkcrtlwB0p6lo1C8rOPdNBzPylt6748o87WEBa+l/tdsALB/ig1Gwl5T/ZwJPC8ADoghlDK410GFHw5M7W416d3pxZFljr4ciAS4sbfnhi7tP7klhZoaeqZNu4ucvGKJpMhdWXjLlYvIgZFL/90nlVHg3q5QYNGMfwjfsLBxTlUvSTw0jlM/RVcp2BKg==
X-MS-Exchange-AntiSpam-MessageData: 
 DGno/BRSojP0rfKBWz+mUKd478ai2LE8g/FZ7LpCJMNfJSOoOPteIZvjS5judIdKoyv/Ivn3jB8SurdfhwngDdGLCIYZrrP1MHDtqG2fOdWY9MKmXfd7PanUwgkYazs5JSR3FextijRJXCFmGaYElg==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 49c573ed-7dba-4ad1-38bf-08d7a9c64bd0
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:23.9009
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 AMpIFa0c5glEGw0D0p5q/6GZKgPwpvUiD4SL+9h9y2mYwiECy4ZEYCNOSDb+LjiKAQNDD220EPbHVTulF91XLg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 5y2LUyWOdCq4Alr10dAERN12x1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857346;
 bh=yyVRmD2dxs9eSZLfUwsNPoeY4B5kOiqZbpCEMiW1RR0=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=lKOjgMfy/xwyQZiGM2KvvMtLBjfLV5WFnB6LU4Ijf2AAJE64vqRd577y+FqBW33BRVM
 WPgDTzOV+5B9hcF/NcHY9HZJtq9QDcOxUWvojZ11gP5K2tmbzgmsA5rDYH1LDFdSYZloB
 TW1fAUQnu/Gt4TzbdFhrnsV/uCrLR43csCM=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a MWAIT/MWAITX intercept generates a #VC exception.
VMGEXIT must be used to allow the hypervisor to handle this intercept.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 93341a647e48..4318014ceb45 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -591,6 +591,31 @@ MmioExit (
   return Status;
 }
=20
+STATIC
+UINT64
+MwaitExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  UINT64  Status;
+
+  DecodeModRm (Regs, InstructionData);
+
+  Ghcb->SaveArea.Rax =3D Regs->Rax;
+  GhcbSetRegValid (Ghcb, GhcbRax);
+  Ghcb->SaveArea.Rcx =3D Regs->Rcx;
+  GhcbSetRegValid (Ghcb, GhcbRcx);
+
+  Status =3D VmgExit (Ghcb, SvmExitMwait, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  return 0;
+}
+
 STATIC
 UINT64
 MonitorExit (
@@ -1107,6 +1132,10 @@ DoVcCommon (
     NaeExit =3D MonitorExit;
     break;
=20
+  case SvmExitMwait:
+    NaeExit =3D MwaitExit;
+    break;
+
   case SvmExitNpf:
     NaeExit =3D MmioExit;
     break;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53768): https://edk2.groups.io/g/devel/message/53768
Mute This Topic: https://groups.io/mt/70984944/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53769+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857348040943.1636315907156;
 Tue, 4 Feb 2020 15:02:28 -0800 (PST)
Return-Path: <bounce+27952+53769+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id CSpMYY1788612x9oRFjXtHf5;
 Tue, 04 Feb 2020 15:02:27 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.54])
 by mx.groups.io with SMTP id smtpd.web09.1698.1580857346746299392
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:27 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=TvZrieSY3mABDvCO533yunDL0R403WhHXttffZsH+O14iEwMIAG3uz+oS/rPWyfMwVSeG7bQYQEtppbdo4mIBF0k/t4LXzYTK+w7t2ZGiFRX2GTifONB3Bft6beF0xyPp/R1zY+8Sjlngg5/0fwlQRn7qa1STk57ACFQyB9xv3cpKMn6QzIhjFWqsRAqAJNeenhj4IwGRch/HIu2JLl9PaZigKTHIytCFk5z1aKvIhEc9k6gue9Ni+wfLLID3pbi+01K5Td5b1KSSIrwausheAra/osR0GkqirYBYUfcRPUgzvARSm8sm3ubqrfhGJrf41/9qJCFlKL+hrkHh93x2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=7Uusw474axFUl8LMSIFKKeVB+J0JqjSeobSgwJyG40Q=;
 b=m01x6pl5GVxKgQkKWHgf6A3SW7qrk/Y8tkjxnhc2tvQGTcVOrICugabe9pnP0cUZEr7wfYSkaHwzSuiie0S3HhjITqlCbFE2YJ9EYuVOWFlZKAVOKU3W7PNBT84FA7QNpGZPoFjryKXSBh+ll8vIPDjcnpoajIivVRSIWejvPAww1UNLkCa6QQO/ag19nTOoNyRuIf66IRBB2ai2lUq0fGmpulG7zj9pGRPMa8RHTvaDGScpeycHfheS/s9Rtnc2wDuRk5jP28jOy4zDRujRv7OVPO4gnA40HmfMikh7aCj5SL5jTrpj1p4ajVm0vrZbhhoH8PKTfRLsDGj4Hehk+g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:25 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:25 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 22/40] UefiCpuPkg/CpuExceptionHandler: Add
 support for DR7 Read/Write NAE events
Date: Tue,  4 Feb 2020 17:01:26 -0600
Message-Id: 
 <a679f9cff4b9f17242b0a378a35fc0989bf56d95.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:24 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 6dd3ebcb-a132-4f3f-1b76-08d7a9c64c7a
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930684602951250968D44C4EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7219;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53769+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 IlRjHvg8+CMNLXB/U9mme9PI5yhbC75wKXLLIheHMDhuvqu6FQZFqTpmmfWvRtVkDKxsUHRgbLN39nxjPU4UxgFRtudO1rfKjJ8268fPuHhFfN8RTmpwXXrJuevs8Da4i6wNaJwanVGZCmIE5obJghQLY5+Hu8/eHL2GhhEN91luWh5PM2ykwDHkg0Ol3i0N7DB+cHAC/oVAPdd/KOocW2+Lx5agjfZTYIX8JlkAQ41vy95yAziAF+BoTX7vE/zBG4E2fgK8aWNltUQyy+Dh8FMRxxo6iux7PJQIWAD/S+9uVN/pMcnOERx1lC++SPnpAtC9t+DCymdq7xrSjaJwHAULfPbXSZ3rC761WZs0LnTz7GZbeSray6CZHh2XLY6bS34ZZlfYtLej2D2MNhoMVP2fGaJhkBwnaNBTLR2Ob1VHGvr0mXnlfhzry3pdWygFWo0LtQeb6sdQVgp9voOarHHjWEX+ICMnm/SvaKH+RJgz42aZdCsFRYA3slwCTRcLXeuQjYjnZYCSss/0P0jlmQ==
X-MS-Exchange-AntiSpam-MessageData: 
 aJERay7EBoZV4fO/WusI2LSeKTlTXYkQimYBbDVbEPjdtTSzJxkveJnAv0anUTGp2hWIZHpvvfk08mV5aCKPHJpRJYZOpNoD0DqWqF+d53Cf+vII/42GV5EFV4bgsnTihnAhWuORfCSsVaM2jHhyvw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 6dd3ebcb-a132-4f3f-1b76-08d7a9c64c7a
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:25.2561
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 z4B9eJUzPBsPjdHWcDtlYVOmt6d0RqkGcDjE6q1hwp9cqTa3CjwxeN2GS9wdU6x/1AeFvsgyhkd3H136kJ6+dw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: CQPSlBo2GdxMrEQ7TybOGXKix1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857347;
 bh=MCImZJElyv0aHmd/lgp+hUDkcQDJqyYAx2GDbbU19dE=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=lj9Bw2535Ml/qcLlComSCLpb1kNV467VmqcwvRxaKSjjhKI13X02QqWw2cBl/HUQg0V
 ABaVam1Szt74OyZPQ5aqlUI0owkv2qd2k6URzpRIRrDZ+D2UJlCbpw82MklUYZISFrzsg
 yP3lheipAXbN5oTTcABRDFogJ7g59Gcxa6E=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Under SEV-ES, a DR7 read or write intercept generates a #VC exception.
The #VC handler must provide special support to the guest for this. On
a DR7 write, the #VC handler must cache the value and issue a VMGEXIT
to notify the hypervisor of the write. However, the #VC handler must
not actually set the value of the DR7 register. On a DR7 read, the #VC
handler must return the cached value of the DR7 register to the guest.
VMGEXIT is not invoked for a DR7 register read.

To avoid exception recursion, a #VC exception will not try to read and
push the actual debug registers into the EFI_SYSTEM_CONTEXT_X64 struct
and instead push zeroes. The #VC exception handler does not make use of
the debug registers from saved context.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 .../X64/AMDSevVcCommon.c                      | 68 +++++++++++++++++++
 .../X64/ExceptionHandlerAsm.nasm              | 17 +++++
 2 files changed, 85 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c=
 b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
index 4318014ceb45..2932e7341345 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/AMDSevVcCommon.c
@@ -13,6 +13,12 @@
=20
 #define CR4_OSXSAVE (1 << 18)
=20
+#define DR7_RESET_VALUE 0x400
+typedef struct {
+  BOOLEAN  Dr7Cached;
+  UINT64   Dr7;
+} SEV_ES_PER_CPU_DATA;
+
 typedef enum {
   LongMode64Bit        =3D 0,
   LongModeCompat32Bit,
@@ -1076,6 +1082,60 @@ RdtscExit (
   return 0;
 }
=20
+STATIC
+UINT64
+Dr7WriteExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  SEV_ES_INSTRUCTION_OPCODE_EXT  *Ext =3D &InstructionData->Ext;
+  SEV_ES_PER_CPU_DATA            *SevEsData =3D (SEV_ES_PER_CPU_DATA *) (G=
hcb + 1);
+  INTN                           *Register;
+  UINT64                         Status;
+
+  DecodeModRm (Regs, InstructionData);
+
+  /* MOV DRn always treats MOD =3D=3D 3 no matter how encoded */
+  Register =3D GetRegisterPointer (Regs, Ext->ModRm.Rm);
+
+  /* Using a value of 0 for ExitInfo1 means RAX holds the value */
+  Ghcb->SaveArea.Rax =3D *Register;
+  GhcbSetRegValid (Ghcb, GhcbRax);
+
+  Status =3D VmgExit (Ghcb, SvmExitDr7Write, 0, 0);
+  if (Status) {
+    return Status;
+  }
+
+  SevEsData->Dr7 =3D *Register;
+  SevEsData->Dr7Cached =3D TRUE;
+
+  return 0;
+}
+
+STATIC
+UINT64
+Dr7ReadExit (
+  GHCB                     *Ghcb,
+  EFI_SYSTEM_CONTEXT_X64   *Regs,
+  SEV_ES_INSTRUCTION_DATA  *InstructionData
+  )
+{
+  SEV_ES_INSTRUCTION_OPCODE_EXT  *Ext =3D &InstructionData->Ext;
+  SEV_ES_PER_CPU_DATA            *SevEsData =3D (SEV_ES_PER_CPU_DATA *) (G=
hcb + 1);
+  INTN                           *Register;
+
+  DecodeModRm (Regs, InstructionData);
+
+  /* MOV DRn always treats MOD =3D=3D 3 no matter how encoded */
+  Register =3D GetRegisterPointer (Regs, Ext->ModRm.Rm);
+  *Register =3D (SevEsData->Dr7Cached) ? SevEsData->Dr7 : DR7_RESET_VALUE;
+
+  return 0;
+}
+
 UINTN
 DoVcCommon (
   GHCB                *Ghcb,
@@ -1092,6 +1152,14 @@ DoVcCommon (
=20
   ExitCode =3D Regs->ExceptionData;
   switch (ExitCode) {
+  case SvmExitDr7Read:
+    NaeExit =3D Dr7ReadExit;
+    break;
+
+  case SvmExitDr7Write:
+    NaeExit =3D Dr7WriteExit;
+    break;
+
   case SvmExitRdtsc:
     NaeExit =3D RdtscExit;
     break;
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ExceptionHandler=
Asm.nasm b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ExceptionHandlerAs=
m.nasm
index 19198f273137..26cae56cc5cf 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ExceptionHandlerAsm.nasm
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/X64/ExceptionHandlerAsm.nasm
@@ -18,6 +18,8 @@
 ; CommonExceptionHandler()
 ;
=20
+%define VC_EXCEPTION 29
+
 extern ASM_PFX(mErrorCodeFlag)    ; Error code flags for exceptions
 extern ASM_PFX(mDoFarReturnFlag)  ; Do far return flag
 extern ASM_PFX(CommonExceptionHandler)
@@ -225,6 +227,9 @@ HasErrorCode:
     push    rax
=20
 ;; UINT64  Dr0, Dr1, Dr2, Dr3, Dr6, Dr7;
+    cmp     qword [rbp + 8], VC_EXCEPTION
+    je      VcDebugRegs          ; For SEV-ES (#VC) Debug registers ignored
+
     mov     rax, dr7
     push    rax
     mov     rax, dr6
@@ -237,7 +242,19 @@ HasErrorCode:
     push    rax
     mov     rax, dr0
     push    rax
+    jmp     DrFinish
=20
+VcDebugRegs:
+;; UINT64  Dr0, Dr1, Dr2, Dr3, Dr6, Dr7 are skipped for #VC to avoid excep=
tion recursion
+    xor     rax, rax
+    push    rax
+    push    rax
+    push    rax
+    push    rax
+    push    rax
+    push    rax
+
+DrFinish:
 ;; FX_SAVE_STATE_X64 FxSaveState;
     sub rsp, 512
     mov rdi, rsp
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53769): https://edk2.groups.io/g/devel/message/53769
Mute This Topic: https://groups.io/mt/70984945/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53770+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857348226799.0651439932913;
 Tue, 4 Feb 2020 15:02:28 -0800 (PST)
Return-Path: <bounce+27952+53770+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id BJVEYY1788612xyPZGJbbZOy;
 Tue, 04 Feb 2020 15:02:27 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1698.1580857346746299392
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:27 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ICXIBv6IyZUIFkf/NpwUJGCS+q2Q2N8iYLkMio4xNQhkag/ZRwiZ/WuDgEmo1wsJJ1s9gC7lfoai5DzcuCEuY3zXL+DweacqC2jlWLesETeRV4uphdXOYTNGX0ON/mYAbKmmPxn7B99BCRVYp0dBJCLPJqqZTjtEgv/g9eTC/y9zdpgIccLBn/S+3uKrqC2jT8ogpgk1rGyZoYsAktL9l92GTy7YrRXZZfgxjKukvpevrV07n92rKJyUFE69T7zOZWhDymnqUdj3i3jZBI7U3MDSAaMbbcDlj0b/Jfz04a1BNhDeStw4MfiYlsBqWj2kFH5kekY8L2oLftvJA4h3CA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=leVy/1jMt4vkgIwUhcvhFGhuHT6gyzYQe7pro2sMB0A=;
 b=XLkWnpffIV98Cq7Fnr9TPl+935a5FDL4MQMkNfkcHBA7QvaMNC21pRaZMzOJ6QOSOaT6jqUIeJfR5aRQxq0rOtvhkssIR1urYhWy5nzmcINwmhzx++tXqIxtbzhj+djGMd+DKAaNkG4P1jaCqBQ4VgvKTuulQUlCdgd3uZH9CxZUaebHB6TBFXZvm+W7xlSgyBLNmwzN5sH7DpNljIZt4+JnzSL3ECYERNhFnizgKelVK1AwIfDeYyIjAgoUzbsey88viLyk6dqFz1sLpufvOeT3gq2trPVqhvG689uV3kVrY+GN7xtfJD8ezOnHgRJc3rlJpNPHZDzasSt8kvT5OA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:26 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:26 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 23/40] OvmfPkg/MemEncryptSevLib: Add an SEV-ES
 guest indicator function
Date: Tue,  4 Feb 2020 17:01:27 -0600
Message-Id: 
 <72fe7b157cad7782b81be256f7396aeb32fb04c5.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:25 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 3ffb3adb-9d3d-4e7a-b5df-08d7a9c64d4c
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39307239088DEB8520E9874FEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:4125;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53770+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 wxztremLK46yOfA4lj0o7wmHq74YCu1gzSaPWiGLnXtFxDh0klAx6p3vEQtz7AlzR4HbdFQhF+xmNvAtA2z2QZPbe3e8eztO6xL8sEGhtCSDmUcJ6RFEbmEBnSGJtvUK1W3fhv0L90QMQzh/DDD+EE4Fi1OL03cLXl5poWPlZdcs8Q4JZxB61Witgr26LUA0xephKOBX7sPRJHYpXfP7IdWrhACGdRgQcuWTQjQbdrKlMjnhX4aMgBab/3GoyutLkaO0tycBCCVZpOoOkxWh2yVqtJIV7rDfcotdD4RQXpt9o62bimmJgj2Ysz63mJc/E0HXKQLl8sVFSajXFjUIU0wgm9cv26tE+7TSXGZ3WLSZiPjsQVuKuN1HQxTRncPJLGuGvYOS10+zQO6En0DHkxYkBCw5dwojxtFSQW7OTnrUR0M1LGAd3JbMetndmLNuhWtaHUDZcUag9d1HchpYhympt8o3C5fhqtgGCO6B1ub/EAkh/n4EZhWocwVyoJjt+kPx/mZvNDoLSZGuI/oBDQ==
X-MS-Exchange-AntiSpam-MessageData: 
 QwwI1yH5CXaT8KSmjKGjJXWazDVFt+wsuWHF6FPZHKAEQOR8QRbY2vLCBwBrV3IIrwhiTY5lmc9TWLnMHkgNrdSAk/AgUiYSOKhMdlOX8khzqupeo/5ZtFpC/blemV3//u8KZNpbasAC7LrTbJTx/w==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 3ffb3adb-9d3d-4e7a-b5df-08d7a9c64d4c
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:26.4184
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 gC5D/TiX7sxA9vMAK8mNtNwxELJ209CGqnzyp5jhJk1Ti2A4vX3LvgY+twJpDpER2w2Qu3WQXAgtuf2hmh8xng==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: pjWFwrheRBOyb0hU7LY34DBWx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857347;
 bh=1sK5OnJg8Xf3PTuE++MpVntlYl3pU2M697NFLoOQgFY=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=IE9bTGrRrYqkSsYvQ+RC1QbLdse/Pk6CDwp8dpt6+pxpgrv/f8fC4LYNlrHEhxV3Jyk
 Ez9Q1VhxJnSIxW0WfxGMjKTIkdOMfj2FNwQ9MNptJmg3pwjwGNNc4k8mtyMkJdq+974lP
 c8cWDHyJQqLSYOCYizuUmp3H9AAFmcCTrZE=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Create a function that can be used to determine if the VM is running
as an SEV-ES guest.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h    | 12 +++
 .../MemEncryptSevLibInternal.c                | 75 ++++++++++++-------
 2 files changed, 60 insertions(+), 27 deletions(-)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L=
ibrary/MemEncryptSevLib.h
index 64dd6977b0f8..a50a0de9c870 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -13,6 +13,18 @@
=20
 #include <Base.h>
=20
+/**
+  Returns a boolean to indicate whether SEV-ES is enabled
+
+  @retval TRUE           SEV-ES is enabled
+  @retval FALSE          SEV-ES is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsIsEnabled (
+  VOID
+  );
+
 /**
   Returns a boolean to indicate whether SEV is enabled
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.=
c b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
index 96a66e373f11..c859bb141963 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
@@ -20,19 +20,17 @@
 #include <Uefi/UefiBaseType.h>
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
+STATIC BOOLEAN mSevEsStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 /**
=20
-  Returns a boolean to indicate whether SEV is enabled
-
-  @retval TRUE           SEV is enabled
-  @retval FALSE          SEV is not enabled
+  Reads and sets the status of SEV features
   **/
 STATIC
-BOOLEAN
+VOID
 EFIAPI
-InternalMemEncryptSevIsEnabled (
+InternalMemEncryptSevStatus (
   VOID
   )
 {
@@ -56,32 +54,55 @@ InternalMemEncryptSevIsEnabled (
       //
       Msr.Uint32 =3D AsmReadMsr32 (MSR_SEV_STATUS);
       if (Msr.Bits.SevBit) {
-        return TRUE;
+        mSevStatus =3D TRUE;
+      }
+
+      //
+      // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
+      //
+      if (Msr.Bits.SevEsBit) {
+        mSevEsStatus =3D TRUE;
       }
     }
   }
=20
-  return FALSE;
-}
-
-/**
-  Returns a boolean to indicate whether SEV is enabled
-
-  @retval TRUE           SEV is enabled
-  @retval FALSE          SEV is not enabled
-**/
-BOOLEAN
-EFIAPI
-MemEncryptSevIsEnabled (
-  VOID
-  )
-{
-  if (mSevStatusChecked) {
-    return mSevStatus;
-  }
-
-  mSevStatus =3D InternalMemEncryptSevIsEnabled();
   mSevStatusChecked =3D TRUE;
+}
+
+/**
+  Returns a boolean to indicate whether SEV-ES is enabled
+
+  @retval TRUE           SEV-ES is enabled
+  @retval FALSE          SEV-ES is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus();
+  }
+
+  return mSevEsStatus;
+}
+
+/**
+  Returns a boolean to indicate whether SEV is enabled
+
+  @retval TRUE           SEV is enabled
+  @retval FALSE          SEV is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus();
+  }
=20
   return mSevStatus;
 }
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53770): https://edk2.groups.io/g/devel/message/53770
Mute This Topic: https://groups.io/mt/70984946/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53771+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857350213719.8192490623242;
 Tue, 4 Feb 2020 15:02:30 -0800 (PST)
Return-Path: <bounce+27952+53771+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id qeVdYY1788612xtJLAb0YBD4;
 Tue, 04 Feb 2020 15:02:29 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.56])
 by mx.groups.io with SMTP id smtpd.web11.1662.1580857348756254860
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:29 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=MebPRVLy073S4jS/AeTNZIlRFziKKQJNWv1ECmO6YWHS5GLDUga6B7RnTBoZIGIxsQ2sD8Hd7cvEigLcsgnrl1RzevSCygrErWkdas1tZCvJv+wS7c6OYFisFYyBKvJ5pxoVhmhHUr/c2kS88HVgsLDiXjtGuQL0foTP0+V27uEYuRFi1pHPbwEpex6b1NKHLMcWsXqdNoZYa9NUd1t1oQ40jlKK9xIFJptnKSVwWRWjmt4pRzu0HymIf66pHn2KOea8rZashug1Cbb+EdpOx0ohTl8hMwb6T0b3jqR0yJFx+i8hYevJkvBuxS3Fi0XyfkYiIzt7LvlIHxJzq/Dk8g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=h+xNPODanO7j1iZmxSMCO8bZvuy3/0IuXghAhpEzVlM=;
 b=KMFxsJYMBGnCbXn5UaIK0c7qN/zzKjo0ASmII2UNMFCfql44drTAdGVi3KTwZtoARJX1kvyLMetONL3CfTkS22cPlFx8ak1gNy/cKomtG6Ur0L8NOmP/MwrPAn358y4AO8PtHbRPeWFUQXSUVZI8sNm3pkHjrEx1v70/uaZ+u1uetGm5f3kz9vJP6shf1sEa07X1P3Z009FLlZ1NMoZRjcfPDLt1iXNXBBgIGoRRYcpj44Bu/TaH16f10mCudx7MFSu6zvlfokdwnn1gB05c+UBKFzZtH0+/vf2WIv/gS1OLDTNMFqFGyiy/ay/VRhFbmtiG/niwnBepb+9hzSA5fA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:27 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:27 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 24/40] OvmfPkg: Add support to perform SEV-ES
 initialization
Date: Tue,  4 Feb 2020 17:01:28 -0600
Message-Id: 
 <cc6a237046e7c7afdc078455bcad0beb1aca6e51.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:26 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: cc329d91-d1fb-4f64-7efa-08d7a9c64df0
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393076843541B3D1F10569FCEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:5797;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53771+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 ySyIHP2jfpCcuuYpOTllQXHdc3Ged0OEKmivd+eECGq5cgZfNksCb6Ie16pSqqAj5B0bCTYfUA3Yh8WJFc5kRVDzZUseNxcRuxL4+ucqNK0jHNMpTWXzgg/WwxSvIA/2YnTXQTkzTBNDkjUScOmzsYCPNY8jnrA+l/Vc+unPcZtKdNRCkitXau2FZfp2PN+2ZFCSpKPorFLBjHKcJJ6m0wFN/g3JFz098u8fAZFq6onbrwg4cRBnf7OWSzITg5A882TUPRl0c4hkI+kBJ6Q0X9sh4jJdGLgu26rW52DnBjNMn+Zuj5N1rhdf9ntB4+GvJJm+tMM0cCXdJE9QhH3iPDHfU40pUzRzb8VwPTApNpY/5vVbLRLe+jz5FU7ET4uCwHH+rbFIthKF4wJgZ943rpjsOK4LSgRtgj5etwL33L48qsTpo2QH3Oa4y/CuvbIqFWNtxRzqtG/lZ+7vUejrX0ISwV8tEDszZysVmtjh49HwFxSFM5wdkj3a7tttYQvQdiYX1IRf+ZnvavM0CZhZoQ==
X-MS-Exchange-AntiSpam-MessageData: 
 lp3gSSkSXXIqHcui+0OWQsMDJMhCvlqOI3Zt6RAwDnwZ+Kz0g/fg8YeOwyXrO1LE7yIgiuWV1bl1jcQ4KrrEHg9s+hXvt+is7ErrxBXciQNcDhQQ6nZRzqYVNmkjx3t4bzaMm1hICW5ydPAd2rH53g==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 cc329d91-d1fb-4f64-7efa-08d7a9c64df0
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:27.4628
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 gsyRBH6sQGNGnO6le+3PWWpn19N/mGGZbTAVQC44ykQBTlF59PXPkqQ3NIym+NUpiW1qXuJk1W4jj346PfjSSw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: MLz2XG4etFy3koLnnKHi2k5Cx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857349;
 bh=ImOz//2kIdF9woWtrmcetswP6/7uod9P2C898WosiAk=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=oGFQV2thcqAN9FhLt6iCbBk8R4NXDBQqJ/pHy89Srfa7lT6GInrZQzaMS6pfZV1JwPL
 8GbWdEMqf0kqr+ddJckJckkC/gq9H9haeXX3bZKnKdnJfqYV22pcOBUjli+T+WpVDtYe7
 UrfRGhwYlPwPzsDcfJ0ibiMTxiDWLnWWiWQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

When SEV-ES is enabled, then SEV is also enabled. Add support to the SEV
initialization function to also check for SEV-ES being enabled, and if
enabled, set the SEV-ES enabled PCD (PcdSevEsIsEnabled).

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/OvmfPkgIa32.dsc             |  3 +++
 OvmfPkg/OvmfPkgIa32X64.dsc          |  3 +++
 OvmfPkg/OvmfPkgX64.dsc              |  3 +++
 OvmfPkg/PlatformPei/PlatformPei.inf |  1 +
 OvmfPkg/PlatformPei/AmdSev.c        | 26 ++++++++++++++++++++++++++
 5 files changed, 36 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 41ec761e3f17..6642f2b008dc 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -568,6 +568,9 @@ [PcdsDynamicDefault]
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
=20
+  # Set SEV-ES defaults
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
+
 !if $(SMM_REQUIRE) =3D=3D TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 41cc3eec3757..66589b2228c4 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -580,6 +580,9 @@ [PcdsDynamicDefault]
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
=20
+  # Set SEV-ES defaults
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
+
 !if $(SMM_REQUIRE) =3D=3D TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 46a679a0073e..2e5c30d5c631 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -579,6 +579,9 @@ [PcdsDynamicDefault]
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
=20
+  # Set SEV-ES defaults
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
+
 !if $(SMM_REQUIRE) =3D=3D TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index 30eaebdfae63..8af236a5c23e 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -100,6 +100,7 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
=20
 [FixedPcd]
   gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 2ae8126ccf8a..c12aea46d94e 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -19,6 +19,27 @@
=20
 #include "Platform.h"
=20
+/**
+
+  Initialize SEV-ES support if running as an SEV-ES guest.
+
+  **/
+STATIC
+VOID
+AmdSevEsInitialize (
+  VOID
+  )
+{
+  RETURN_STATUS     PcdStatus;
+
+  if (!MemEncryptSevEsIsEnabled ()) {
+    return;
+  }
+
+  PcdStatus =3D PcdSetBoolS (PcdSevEsIsEnabled, TRUE);
+  ASSERT_RETURN_ERROR (PcdStatus);
+}
+
 /**
=20
   Function checks if SEV support is available, if present then it sets
@@ -89,4 +110,9 @@ AmdSevInitialize (
       EfiBootServicesData                // MemoryType
       );
   }
+
+  //
+  // Check and perform SEV-ES initialization if required.
+  //
+  AmdSevEsInitialize ();
 }
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53771): https://edk2.groups.io/g/devel/message/53771
Mute This Topic: https://groups.io/mt/70984947/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53773+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857353722561.9469365195354;
 Tue, 4 Feb 2020 15:02:33 -0800 (PST)
Return-Path: <bounce+27952+53773+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id HHviYY1788612x0UB0ggpSpB;
 Tue, 04 Feb 2020 15:02:33 -0800
X-Received: from NAM04-SN1-obe.outbound.protection.outlook.com
 (NAM04-SN1-obe.outbound.protection.outlook.com [40.107.70.81])
 by mx.groups.io with SMTP id smtpd.web09.1703.1580857352661846323
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:32 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=TTI1zWR3nvjt7jrzcn7nIQQzStQqgFtNJVDVvV18SomqTtsOuxwcWhhwWQhLMOKtRsw9qUOhxZVOaDU/226DcEo9DRA9R8UGZ8+Uh7HhpekGdbGsVRaDsoHXHNlP54m3UM18FwYPAb1EztkpGgJ4ar2lfBZnJM4W+RmhTubMDq0UkEfjYpQn1hNJIVQqFynat1lfYXC5L/MBZveGTxMmH3GUo8zTxB2wN0XCsiGQwqeQRRH9qn5MpIVJeMgK9fLzpt89n+ZOUUgeHFDXJGefocnOHaLeVmkH/CB3GMoNJKUhPTWCcANk1vFMmjh3JQ4lhpPegPJzJvNFudY49m9zxg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ox2/XG/C5lKTYHk1eJLp02oMoZZAUuHvFKWq0kEGzas=;
 b=XnKRry69kVOH6U9835xcLCEBbLF0XQRrDgxr4q6M4Js5BUfqUUtB06fwgNgt/Da8Tm278GFDdIit7yV74KGD9KB4L/Tm8NTIIIxbJOIUnnBoTdVsi7dL2KX6XagrUf9FfTJFEB4a/idUEN7cx8A42QZgRHH4AbuCD0Ze2+TgnHv9+SUYgPeoYJQuVwAJbUKsi9hn/h/k/P375bPEZcgNMGetlP8nmrLXaYqvTJ+AO6bF2gCBjFMPCdfrArHFaNplcu/HqXsa3KaqxnQrs5VXG34KOYIpnlV4KZxPvccoPP1SFUvV7Ts4m8DSV4Hkb/uIYM7/44u31W+tsetNY0Omyg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB2764.namprd12.prod.outlook.com (20.176.116.30) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:28 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:28 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 25/40] OvmfPkg: Create a GHCB page for use
 during Sec phase
Date: Tue,  4 Feb 2020 17:01:29 -0600
Message-Id: 
 <08865bec872b03c80b2cabad58033c4facf35c9a.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:27 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 8d684237-593e-43ac-db4f-08d7a9c64e98
X-MS-TrafficTypeDiagnostic: DM6PR12MB2764:|DM6PR12MB2764:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB2764EF1134FAB9CAA24FA380EC030@DM6PR12MB2764.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:5516;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53773+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 fC31whmzvAzT5a8yyxvuhpiOxBfmCZXbslfrnK41K3qQK4qeMlJESIFruE9OD4CrEuavlVGNz//MuYTU4j6F76P4dt3EYOdKg1/CelyXUuFRKxfn9PhZ8oS9wyYyO+dsYtAR2fswJGxiMYdHqqFg3n9cLXfBCcG08fqXOwz/qhDBeO4HCUAMOBLG9hFvsa6GPkC4ZI3KYHgcVRaqlJKhhvbsTciyQGBxMsNtJLySWpWfx5Vl3bt7+nqM+qfdCrfNBRrGd7NL8BCO0+b99PZzac4Ppj01Ps3g3Bhgtwk9Wx5UNZ7YRmh2n8mMXnpCWiQNuNsgk1GTVV3m3DNX3pELPOYcHm2SS3rer8yv7NMAaNx2EB8V8uJ912S3m0D1IEvYquQbjwAlpDNYASq7y/P+pbuEIoE5HiYjx8zIXauULiLY2xNzhqEs6QwVtqWfcGAT0MmkX3ztHzeDMq69MluHDvZLzilmI2nGlfpwX0qAA5BVF3i26tGQBuJuGjDvufLJcnLUuyVQ85rUTTK66gagTA==
X-MS-Exchange-AntiSpam-MessageData: 
 qYz3skyA57RNojtfh+fZ9mWQiQq+TUOiRnCwK7SX6bHwieAeh/qiM1hu3cF6iT9TYH4JG4jIzm/Xdygh3rpKH28eeNKECaZbp2j6sRTklEj44an6yXz5gnjqUTpn48OWzxG3epKv5wer23STo/8cHA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 8d684237-593e-43ac-db4f-08d7a9c64e98
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:28.6232
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 0/iuHyrWp22qNsXiLJr1BwBDAufZhof5GvwIb+WyjFMluToWZ642jY07wXncWLIIT+fyZxmb3e8aKHHrOtu7NA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB2764
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: fQrF2wjxsTlXrt0cYLu03RTxx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857353;
 bh=KCLHJHU5Q/Juepep7ygue4d9Oh45QoZ655YW3mpmQQ0=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=WrK7murabWP9WVasx7u8j9qg8Wt4lllFruorKPHJhKpjWx/98uaLobGu4MC+HnWp5kS
 U+4lkCW2UzXZX2ZmhLlDt7yKvSdI0o/v7fZckcpByj4VaLGKZp2j/XQnh6WoJLX1oEqnE
 w2+vwmXh0Wlf9kBf+MkuOUJMDWBwjyfyPUY=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

A GHCB page is needed during the Sec phase, so this new page must be
created. Since the #VC exception handler routines assume that a per-CPU
variable area is immediately after the GHCB, this per-CPU variable area
must also be created. Since the GHCB must be marked as an un-encrypted,
or shared, page, an additional pagetable page is required to break down
the 2MB region where the GHCB page lives into 4K pagetable entries.

Create a new entry in the OVMF memory layout for the new page table
page and for the SEC GHCB and per-CPU variable pages. After breaking down
the 2MB page, update the GHCB page table entry to remove the encryption
mask.

The GHCB page will be used by the SEC #VC exception handler. The #VC
exception handler will fill in the necessary fields of the GHCB and exit
to the hypervisor using the VMGEXIT instruction. The hypervisor then
accesses the GHCB in order to perform the requested function.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/OvmfPkg.dec                       |  5 ++
 OvmfPkg/OvmfPkgX64.fdf                    |  6 ++
 OvmfPkg/ResetVector/ResetVector.inf       |  5 ++
 OvmfPkg/ResetVector/Ia32/PageTables64.asm | 76 +++++++++++++++++++++++
 OvmfPkg/ResetVector/ResetVector.nasmb     | 17 +++++
 5 files changed, 109 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index d5fee805ef4a..19723786d729 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -228,6 +228,11 @@ [PcdsFixedAtBuild]
   ## Number of page frames to use for storing grant table entries.
   gUefiOvmfPkgTokenSpaceGuid.PcdXenGrantFrames|4|UINT32|0x33
=20
+  ## Specify the extra page table needed to mark the GHCB as unencrypted.
+  #  The value should be a multiple of 4KB for each.
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|0x0|UINT32|0x34
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize|0x0|UINT32|0x35
+
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 0488e5d95ffe..f541481dc95c 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -76,6 +76,12 @@ [FD.MEMFD]
 0x007000|0x001000
 gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress|gUefiOvmfPkgT=
okenSpaceGuid.PcdGuidedExtractHandlerTableSize
=20
+0x008000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|gUefiOvmfPkgTokenSp=
aceGuid.PcdOvmfSecGhcbPageTableSize
+
+0x009000|0x002000
+gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase|gUefiCpuPkgTokenSpaceGuid.PcdSecG=
hcbSize
+
 0x010000|0x010000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace=
Guid.PcdOvmfSecPeiTempRamSize
=20
diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese=
tVector.inf
index b0ddfa5832a2..9aedbe9b3640 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -26,6 +26,7 @@ [Sources]
 [Packages]
   OvmfPkg/OvmfPkg.dec
   MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
   UefiCpuPkg/UefiCpuPkg.dec
=20
 [BuildOptions]
@@ -33,5 +34,9 @@ [BuildOptions]
    *_*_X64_NASMB_FLAGS =3D -I$(WORKSPACE)/UefiCpuPkg/ResetVector/Vtf0/
=20
 [Pcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto=
r/Ia32/PageTables64.asm
index abad009f20f5..9f86ddf6f08f 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -21,6 +21,11 @@ BITS    32
 %define PAGE_2M_MBO            0x080
 %define PAGE_2M_PAT          0x01000
=20
+%define PAGE_4K_PDE_ATTR (PAGE_ACCESSED + \
+                          PAGE_DIRTY + \
+                          PAGE_READ_WRITE + \
+                          PAGE_PRESENT)
+
 %define PAGE_2M_PDE_ATTR (PAGE_2M_MBO + \
                           PAGE_ACCESSED + \
                           PAGE_DIRTY + \
@@ -75,6 +80,37 @@ NoSev:
 SevExit:
     OneTimeCallRet CheckSevFeature
=20
+; Check if Secure Encrypted Virtualization - Encrypted State (SEV-ES) feat=
ure
+; is enabled.
+;
+; Modified:  EAX, EBX, ECX
+;
+; If SEV-ES is enabled then EAX will be non-zero.
+; If SEV-ES is disabled then EAX will be zero.
+;
+CheckSevEsFeature:
+    xor       eax, eax
+
+    ; SEV-ES can't be enabled if SEV isn't, so first check the encryption
+    ; mask.
+    test      edx, edx
+    jz        NoSevEs
+
+    ; Save current value of encryption mask
+    mov       ebx, edx
+
+    ; Check if SEV-ES is enabled
+    ;  MSR_0xC0010131 - Bit 1 (SEV-ES enabled)
+    mov       ecx, 0xc0010131
+    rdmsr
+    and       eax, 2
+
+    ; Restore encryption mask
+    mov       edx, ebx
+
+NoSevEs:
+    OneTimeCallRet CheckSevEsFeature
+
 ;
 ; Modified:  EAX, EBX, ECX, EDX
 ;
@@ -139,6 +175,46 @@ pageTableEntriesLoop:
     mov     [(ecx * 8 + PT_ADDR (0x2000 - 8)) + 4], edx
     loop    pageTableEntriesLoop
=20
+    OneTimeCall   CheckSevEsFeature
+    test    eax, eax
+    jz      SetCr3
+
+    ;
+    ; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted.
+    ; This requires the 2MB page for this range be broken down into 512 4KB
+    ; pages.  All will be marked encrypted, except for the GHCB.
+    ;
+    mov     ecx, (GHCB_BASE >> 21)
+    mov     eax, GHCB_PT_ADDR + PAGE_PDP_ATTR
+    mov     [ecx * 8 + PT_ADDR (0x2000)], eax
+
+    ;
+    ; Page Table Entries (512 * 4KB entries =3D> 2MB)
+    ;
+    mov     ecx, 512
+pageTableEntries4kLoop:
+    mov     eax, ecx
+    dec     eax
+    shl     eax, 12
+    add     eax, GHCB_BASE & 0xFFE0_0000
+    add     eax, PAGE_4K_PDE_ATTR
+    mov     [ecx * 8 + GHCB_PT_ADDR - 8], eax
+    mov     [(ecx * 8 + GHCB_PT_ADDR - 8) + 4], edx
+    loop    pageTableEntries4kLoop
+
+    ;
+    ; Clear the encryption bit from the GHCB entry
+    ;
+    mov     ecx, (GHCB_BASE & 0x1F_FFFF) >> 12
+    mov     [ecx * 8 + GHCB_PT_ADDR + 4], strict dword 0
+
+    mov     ecx, GHCB_SIZE / 4
+    xor     eax, eax
+clearGhcbMemoryLoop:
+    mov     dword[ecx * 4 + GHCB_BASE - 4], eax
+    loop    clearGhcbMemoryLoop
+
+SetCr3:
     ;
     ; Set CR3 now that the paging structures are available
     ;
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re=
setVector.nasmb
index 75cfe16654b1..c25932513b80 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -53,8 +53,25 @@
     %error "This implementation inherently depends on PcdOvmfSecPageTables=
Size"
   %endif
=20
+  %if (FixedPcdGet32 (PcdOvmfSecGhcbPageTableSize) !=3D 0x1000)
+    %error "This implementation inherently depends on PcdOvmfSecGhcbPageTa=
bleSize"
+  %endif
+
+  %if (FixedPcdGet32 (PcdSecGhcbSize) !=3D 0x2000)
+    %error "This implementation inherently depends on PcdSecGhcbSize"
+  %endif
+
+  %if ((FixedPcdGet32 (PcdSecGhcbBase) >> 21) !=3D \
+       ((FixedPcdGet32 (PcdSecGhcbBase) + FixedPcdGet32 (PcdSecGhcbSize) -=
 1) >> 21))
+    %error "This implementation inherently depends on PcdSecGhcbBase not s=
traddling a 2MB boundary"
+  %endif
+
   %define PT_ADDR(Offset) (FixedPcdGet32 (PcdOvmfSecPageTablesBase) + (Off=
set))
 %include "Ia32/Flat32ToFlat64.asm"
+
+  %define GHCB_PT_ADDR (FixedPcdGet32 (PcdOvmfSecGhcbPageTableBase))
+  %define GHCB_BASE (FixedPcdGet32 (PcdSecGhcbBase))
+  %define GHCB_SIZE (FixedPcdGet32 (PcdSecGhcbSize))
 %include "Ia32/PageTables64.asm"
 %endif
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53773): https://edk2.groups.io/g/devel/message/53773
Mute This Topic: https://groups.io/mt/70984949/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53775+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857354824988.5318597344657;
 Tue, 4 Feb 2020 15:02:34 -0800 (PST)
Return-Path: <bounce+27952+53775+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id qmhaYY1788612xtbrGtruhDQ;
 Tue, 04 Feb 2020 15:02:34 -0800
X-Received: from NAM04-SN1-obe.outbound.protection.outlook.com
 (NAM04-SN1-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web09.1703.1580857352661846323
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:33 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=BFZdmMawCmmcxMMgniGcLWXwDTbybdw+gVusnYufiCJxUEJ7auZ7IoHNTYepz8ttQ0L/UjW7O0Vw5Sx4yN4o18aSVkJlyWIjYh+Dd/crHmeJdp4oOMQ2Bpe3QHk9wvJANA4KsEsJrQCB7N7cS3SAlPOnI99JrA64jsxVgc+LnOn0uIlSTjrNEy0wa5+xbvsObiXBzELepLO01JkUc+ALz59RKxMb2l5RSbKWdK965HzKICsHwUC3xvwIH92HRn9V4QekMm5XWDloeiSoo5Qk00rnd//JB2k9Pvre6/3usiQNK9Sp4KpmKJsc70EeKNFhw4Ds65SkdXjG5nFDKvUakQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=7kzcm+Wt4e5xyhCk4ykPWSNnJM9Akxb90W0bAtLNBb0=;
 b=Rx/eSvqZ/r1bgbrpRjyUyaMWvN6Urx9EOxCsRyzPVzdJRlhxL4tWxheSA9G3RnxcNkXD2cGnRMuZgckX6vP2TqnIS6ChqzoFtbTuXSaDmsqagID6A81zQbYNQkqN9pdTl06JvAxSbONcHcqeQdDR6E4PFIilYxrKR1aucvHd4QPyx06D5ai7rOO1MKerYq7gshZZJXwg5rKS+fIT7odnSMESdHDrSF3d7CiWthngcMaJwnBn0zW0NUU8K4brfEFjAPGalJQScZkKORiIhgbm6EO1z5Zzab61q5p1DkjwPQ3nXnCeJKl/lrMsYGP+/gULu0aiLgodeJbCz36ZwSj1Yg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB2764.namprd12.prod.outlook.com (20.176.116.30) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:29 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:29 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Anthony Perard <anthony.perard@citrix.com>,
	Julien Grall <julien.grall@arm.com>
Subject: [edk2-devel] [PATCH v4 26/40] OvmfPkg/PlatformPei: Reserve
 GHCB-related areas if S3 is supported
Date: Tue,  4 Feb 2020 17:01:30 -0600
Message-Id: 
 <90e89cb506cc2bf4c02c68674d6f3eb6731948a7.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:28 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: d3266e53-32d2-451c-43ce-08d7a9c64f4d
X-MS-TrafficTypeDiagnostic: DM6PR12MB2764:|DM6PR12MB2764:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB27645ED851D715572F499A74EC030@DM6PR12MB2764.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53775+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 n/2jMb5zJUfx+Bpliocxg03BoZkx4hbopPbiuyT8Mmu+MTZQ3cOkEa0cdwML3UNu0mO6kGUzSMtGOS4rJCfADksLro8xpgwSJPXCaoCC8Q0RAYT1BiV0dW72An/5IKkVCezHjmYV3AWJ2xLyO34GtimmLyBeGlZkm66UTLW6YlZIh1gwlZYYmRJvYo51ur/MrL5JCo/Ia9qtkxaQnQC4SqAp3bS2JUoC/WQ9lXV/5K2/3XT1EnYDh0QmuVIc9aw1pizBAGrBtrxc8WVPWPxc+XFP9p4wLQoRoD95SCKrY0TPu2zeRgCMv70YxsZHgBx0yRSt1c7SH0W4mA8/4IB9i7pudB7n2eROigO2zuflbP3bWxWMLGWoj/JL+vDmXl0Gr/K2XsEHHk4pA+Q7ERaUGzZxeFVS2Q/Ks4JxYWisQ8nktpD+M/PdczbNOvY+Gmp+
X-MS-Exchange-AntiSpam-MessageData: 
 zXsGbYWv8RCyQ9ih7t/rMHXyns7bRy2Ixyt+6u69kL3Z/oadaL/JrlSWcbIKQtQueg9s/VSwe8ly1lJS0soHvyJjpqo0wuOAFVJtvGx7cqWaagYMBZD9gdT4cdFW/ANzA0YQX5UKGRVEYVfromThEw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 d3266e53-32d2-451c-43ce-08d7a9c64f4d
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:29.8005
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 E4hTiVG/8wfGXUZUP5mRkmFwqcojqandHzg1TDhgQsxqMdbGGB7FS0KSbwlVJl40hIREeOxnk5braA+pcZKtJQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB2764
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 4vgtR3LBSRyZb918Zr1TAz9Fx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857354;
 bh=DCW3isaTQFTy2LVnzkhuPM5i+HnTcHf90rZ+Swq7X3k=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=aa6wl8YARo3qkeeJLqzSl+73RjGwmiLKSeNa4xM6qC48NtveYveR3HUqnHYCje+Qjga
 oilf3iQuiri47z6CJUmNtP6YCl0se83PM/IjQTdRg8vwwztbdgdWKjxP3r5pNEZ98O9IF
 XA8Brx+SI81ZiHlHTV3yi1/UR+X+HzSdRo4=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Protect the memory used by an SEV-ES guest when S3 is supported. This
includes the page table used to break down the 2MB page that contains
the GHCB so that it can be marked un-encrypted, as well as the GHCB
area.

Regarding the lifecycle of the GHCB-related memory areas:
  PcdOvmfSecGhcbPageTableBase
  PcdOvmfSecGhcbBase

(a) when and how it is initialized after first boot of the VM

  If SEV-ES is enabled, the GHCB-related areas are initialized during
  the SEC phase [OvmfPkg/ResetVector/Ia32/PageTables64.asm].

(b) how it is protected from memory allocations during DXE

  If S3 and SEV-ES are enabled, then InitializeRamRegions()
  [OvmfPkg/PlatformPei/MemDetect.c] protects the ranges with an AcpiNVS
  memory allocation HOB, in PEI.

  If S3 is disabled, then these ranges are not protected. DXE's own page
  tables are first built while still in PEI (see HandOffToDxeCore()
  [MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c]). Those tables are
  located in permanent PEI memory. After CR3 is switched over to them
  (which occurs before jumping to the DXE core entry point), we don't have
  to preserve PcdOvmfSecGhcbPageTableBase. PEI switches to GHCB pages in
  permanent PEI memory and DXE will use these PEI GHCB pages, so we don't
  have to preserve PcdOvmfSecGhcbBase.

(c) how it is protected from the OS

  If S3 is enabled, then (b) reserves it from the OS too.

  If S3 is disabled, then the range needs no protection.

(d) how it is accessed on the S3 resume path

  It is rewritten same as in (a), which is fine because (b) reserved it.

(e) how it is accessed on the warm reset path

  It is rewritten same as in (a).

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien.grall@arm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/PlatformPei/PlatformPei.inf |  4 ++++
 OvmfPkg/PlatformPei/MemDetect.c     | 23 +++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index 8af236a5c23e..3f24cce678c0 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -72,6 +72,8 @@ [Pcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageSize
   gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize
@@ -100,6 +102,8 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase
+  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbSize
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
=20
 [FixedPcd]
diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetec=
t.c
index d451989f31c9..677e65e86d7b 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -26,6 +26,7 @@ Module Name:
 #include <Library/DebugLib.h>
 #include <Library/HobLib.h>
 #include <Library/IoLib.h>
+#include <Library/MemEncryptSevLib.h>
 #include <Library/PcdLib.h>
 #include <Library/PciLib.h>
 #include <Library/PeimEntryPoint.h>
@@ -805,6 +806,28 @@ InitializeRamRegions (
       (UINT64)(UINTN) PcdGet32 (PcdOvmfSecPageTablesSize),
       EfiACPIMemoryNVS
       );
+
+    if (MemEncryptSevEsIsEnabled ()) {
+      //
+      // If SEV-ES is enabled, reserve the GHCB-related memory area. This
+      // includes the extra page table used to break down the 2MB page
+      // mapping into 4KB page entries where the GHCB resides and the
+      // GHCB area itself.
+      //
+      // Since this memory range will be used by the Reset Vector on S3
+      // resume, it must be reserved as ACPI NVS.
+      //
+      BuildMemoryAllocationHob (
+        (EFI_PHYSICAL_ADDRESS)(UINTN) PcdGet32 (PcdOvmfSecGhcbPageTableBas=
e),
+        (UINT64)(UINTN) PcdGet32 (PcdOvmfSecGhcbPageTableSize),
+        EfiACPIMemoryNVS
+        );
+      BuildMemoryAllocationHob (
+        (EFI_PHYSICAL_ADDRESS)(UINTN) PcdGet32 (PcdSecGhcbBase),
+        (UINT64)(UINTN) PcdGet32 (PcdSecGhcbSize),
+        EfiACPIMemoryNVS
+        );
+    }
 #endif
   }
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53775): https://edk2.groups.io/g/devel/message/53775
Mute This Topic: https://groups.io/mt/70984951/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53772+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857353358368.4516361390546;
 Tue, 4 Feb 2020 15:02:33 -0800 (PST)
Return-Path: <bounce+27952+53772+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id dDZ8YY1788612xlhI85uIKmE;
 Tue, 04 Feb 2020 15:02:33 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.75])
 by mx.groups.io with SMTP id smtpd.web09.1702.1580857352424086864
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:32 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=QqfttA6eiNZEA1hkt3ahKs1grgdewAB+jMzwPtf9NbIBLc3Vq4ZYsEQbZW1+Jz+2uRY5oHjfHSCHyp4yEX1xFRYN1FaVX1qXYQu8hagbxRBo8ozzam34ZBek218TyNE6stE0eMwba9s5Tf5ZYQ8wzysmZSLcd/LKiWO1GW+GYDynAEbpG4TA4GEi1gLelAq7RLgABoFMrNwZ3YvrN5jphJC0GcrUut+PCFtp6aLx/SJmXC0uJzgyAiHMLgmhDXEQNiwgS3nL/B37OPM2VV+gS0I+M3u3lRIli6QzlCejoHJrC8rE9Xx0ALfmUPfoUs/hMP9SooAHb5eLjsC2pByfuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Oo58yseObeZ10asBHTIacIp92hIVYu3Ij1SLI45DMLw=;
 b=GQ5VanF3kDPCAH7y/+jf9Odqc+pTdAgThE7itoy2I0K2SIBTFW7iisKrDbQOyCdvMx5f9QzAnDcuozztxuH2OV0tbzDzUv1Mrwg1Bh3Bfb6HY7+CvnlinsEl6LhJpf37LrpZwrSCujAybaYi4f1G5xfcCv2HdhnoGr+hS3zAYxkMwop6xp5SQtwfcAIy02o6sTo5LoSwQ0+XnPl5Wk5LKWPqqz0EOGGRQHUJK3cvzmyg6DyIRECetYl3N6PqNQddbCbrIoyx3jrpd+9Jr5xLag7keamGRJ/35zEuRRVP0kxPaBzQMOVAX6BDLy0YVwiYgrxYoskC8vQV6twJbbqk/Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:31 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:31 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 27/40] OvmfPkg: Create GHCB pages for use
 during Pei and Dxe phase
Date: Tue,  4 Feb 2020 17:01:31 -0600
Message-Id: 
 <1767f850fdc7aa119c294dffb1bdaa286251e9bc.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:30 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 2dc87c6b-40a4-46ef-d721-08d7a9c65008
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393075E266F4E26DDD0DE698EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53772+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 JRiGB0SiCzL+oZ+SA1hQUwYXSTRdN23sDNLe7Qq570KtDL1U2bfpVKp87hkeAbBZGAC/Rrha4iVukDczUluCtpuefrQ8FeNOsAfW/E8TS/a7HsHEhRNcMwTFsxrKQpcUH6ZwQy+mECuxjJGuZdmy4sa8ebfZtcLi7E6LQ8k+xfnjT7X9QrdBrMEhrh/9IIqxQflSI9BphntRdLEOJNb/KUvkjCUShy+DzKD7gcmBv/Lwb9ckdhydPHG8RUDq1jkldjAOtWX6Oc3b9JykJYuQ/pwM4DcCYFA/0RwWDh3vQmWmsoq0byw3HAzkg93pln3Y9DltfOf1RJuKluM8ale4C+iaI8RWmuN7BsonNiGfErWMD6J4ylQI9qdH7viwT8h53QrR/eZzArVobIHTPQcec8SayUH5B3J9yJgH5d+dwWzAw8kqQt4kPYvWJTIYK39HaNZ5XlT/G8l5JW+vVsxWPwZbTArqPQQEdTAmscTAM4B53bAZCAqYQAsCAs3zDI/5VpDwY/XNNW6ljYDZ3MOBMw==
X-MS-Exchange-AntiSpam-MessageData: 
 +TqTnzzQGsy9+BWV42xYr0jiDsO+gl9LpwXBm4/NT79idQeaDRZbBe0hpFuREYCPuk/6TzPaZxbFdjokmlMNVa9sYJsoPRJWhkxdhLZqrmqKF5KqbH9jtX5z8KZwWhiU3kpcS3tYIr8e2eGO8doKEw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 2dc87c6b-40a4-46ef-d721-08d7a9c65008
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:31.0108
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 4PpUsy1CpzuRxbPLStOoNv1pbMJmEHs038qmnXdUkdW11i4hZQy2oidWSLau27poD632HKq1wDRvcsPC0BHbYQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: qDhmC6xJkwkb0lHLQ54SxCMxx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857353;
 bh=AVjI/XT1nLVHFrXcy89rzH7Qxl0vPpnPHlFkyjqWZQk=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=Zl82zg6o71WMWSTA+ueCji63z/ZXxXwWOIaLKvT0CicFb0yUc6QICCIjts6V7PbKQ26
 cMa2xLxiWwJSnQplJYIpd4oi0+UBdmDgojDpJCmReF5QGrlVzhZ4HjWjqJC/sVQwupci2
 9UwsA7Ijjh2EnO3c8Y+Dc3/EMKhQe1dQo1I=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Allocate memory for the GHCB pages and the per-CPU variable pages during
SEV initialization for use during Pei and Dxe phases. The GHCB page(s)
must be shared pages, so clear the encryption mask from the current page
table entries. Upon successful allocation, set the GHCB PCDs (PcdGhcbBase
and PcdGhcbSize).

The per-CPU variable page needs to be unique per AP. Using the page after
the GHCB ensures that it is unique per AP. But, it also ends up being
marked shared/unencrypted when it doesn't need to be. It is possible
during PEI to mark only the GHCB pages as shared (and that is done), but
DXE is not as easy. There needs to be a way to change the pagetables
created for DXE using CreateIdentityMappingPageTables() before switching
to them.

The GHCB pages (one per vCPU) will be used by the PEI and DXE #VC
exception handlers. The #VC exception handler will fill in the necessary
fields of the GHCB and exit to the hypervisor using the VMGEXIT
instruction. The hypervisor then accesses the GHCB associated with the
vCPU in order to perform the requested function.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/OvmfPkgIa32.dsc             |  2 ++
 OvmfPkg/OvmfPkgIa32X64.dsc          |  2 ++
 OvmfPkg/OvmfPkgX64.dsc              |  2 ++
 OvmfPkg/PlatformPei/PlatformPei.inf |  2 ++
 OvmfPkg/PlatformPei/AmdSev.c        | 38 ++++++++++++++++++++++++++++-
 5 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 6642f2b008dc..c364da521579 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -569,6 +569,8 @@ [PcdsDynamicDefault]
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
=20
   # Set SEV-ES defaults
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 66589b2228c4..0adae1e0be30 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -581,6 +581,8 @@ [PcdsDynamicDefault]
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
=20
   # Set SEV-ES defaults
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 2e5c30d5c631..4b5e96a32b0b 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -580,6 +580,8 @@ [PcdsDynamicDefault]
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
=20
   # Set SEV-ES defaults
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
=20
 !if $(SMM_REQUIRE) =3D=3D TRUE
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index 3f24cce678c0..397d4d33c5b9 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -97,6 +97,8 @@ [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy
   gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index c12aea46d94e..900b0d977d61 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -9,12 +9,15 @@
 //
 // The package level header files this module uses
 //
+#include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
 #include <Library/HobLib.h>
 #include <Library/MemEncryptSevLib.h>
+#include <Library/MemoryAllocationLib.h>
 #include <Library/PcdLib.h>
 #include <PiPei.h>
 #include <Register/Amd/Cpuid.h>
+#include <Register/Amd/Msr.h>
 #include <Register/Cpuid.h>
=20
 #include "Platform.h"
@@ -30,7 +33,10 @@ AmdSevEsInitialize (
   VOID
   )
 {
-  RETURN_STATUS     PcdStatus;
+  VOID              *GhcbBase;
+  PHYSICAL_ADDRESS  GhcbBasePa;
+  UINTN             GhcbPageCount;
+  RETURN_STATUS     PcdStatus, DecryptStatus;
=20
   if (!MemEncryptSevEsIsEnabled ()) {
     return;
@@ -38,6 +44,36 @@ AmdSevEsInitialize (
=20
   PcdStatus =3D PcdSetBoolS (PcdSevEsIsEnabled, TRUE);
   ASSERT_RETURN_ERROR (PcdStatus);
+
+  //
+  // Allocate GHCB and per-CPU variable pages.
+  //
+  GhcbPageCount =3D mMaxCpuCount * 2;
+  GhcbBase =3D AllocatePages (GhcbPageCount);
+  ASSERT (GhcbBase !=3D NULL);
+
+  GhcbBasePa =3D (PHYSICAL_ADDRESS)(UINTN) GhcbBase;
+
+  DecryptStatus =3D MemEncryptSevClearPageEncMask (
+    0,
+    GhcbBasePa,
+    GhcbPageCount,
+    TRUE
+    );
+  ASSERT_RETURN_ERROR (DecryptStatus);
+
+  ZeroMem (GhcbBase, EFI_PAGES_TO_SIZE (GhcbPageCount));
+
+  PcdStatus =3D PcdSet64S (PcdGhcbBase, GhcbBasePa);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus =3D PcdSet64S (PcdGhcbSize, EFI_PAGES_TO_SIZE (GhcbPageCount));
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  DEBUG ((DEBUG_INFO,
+    "SEV-ES is enabled, %lu GHCB pages allocated starting at 0x%p\n",
+    (UINT64)GhcbPageCount, GhcbBase));
+
+  AsmWriteMsr64 (MSR_SEV_ES_GHCB, GhcbBasePa);
 }
=20
 /**
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53772): https://edk2.groups.io/g/devel/message/53772
Mute This Topic: https://groups.io/mt/70984948/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53774+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857354770612.5552563313394;
 Tue, 4 Feb 2020 15:02:34 -0800 (PST)
Return-Path: <bounce+27952+53774+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id TEV4YY1788612x55GIruxuSE;
 Tue, 04 Feb 2020 15:02:34 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.56])
 by mx.groups.io with SMTP id smtpd.web09.1705.1580857353471612661
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:33 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Ayp4suHUMklWW6RKRGYLFWcCGJ5gIowkari1FvrIcHjFpItYgGw805vKxK39+R1NwD6MYeXdrkJOGcOnDs23NP4OsRzOfYswo3jspCSPat+ait5bYdVxLIXQ/Uo/sccTdl2SYN/dfAp3aLGUzY8XDlzEyBMuhkMBxDK4QCTMH9STQM3PaQdMLOUGZ2MJHsWxvNe3xB6KEjn34NirizVOj8XKvgcQ8q79+6o5uoTOgMu2XVMbiPy+OCQv9SaEtxaXLZ1lI9qKcLs9A0SdlKJs11koF+ZcZiqcAaxQQ7IvlWrTMEqfqB8lW9MDFf4/zid0UuHjvUUoYU+8w8R1yn4/Sw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=cxdxAcO3q/b5tcDM+fdGTldTlNcA+yYTVSxHNlhBx4o=;
 b=VrjCKDAXsz0XnioQW9HTly/SPE77lPs8mrG6cwhBjLZKNAgzbC7+7LeeqVMC05z9ok3CnA749wpX3KIypNMDcLpGBNzpB5Zwdd2/BrJyZXqc7nS/nyKqPnDXGQM+fjRqZNJzQqYs1oex3HZBqVA//9bQgFcF2NlFR8baFxY8ngZdqYuRA2zDpY1NYATMSbLTMrbdadJtZtLCCY9utPCAa9kD8t7TboBNZ0E15iGFxmGN4LlL7gbBwaiWMlAtlZ/9iZcS1g7TzEwIwPKQdeW9gKGo33h24YXXQXyYDI+6qu+Ll9IK456MbJ2/eZzzb4qjJLhllE8BMtFDNcZTC4wPtQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:32 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:32 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 28/40] OvmfPkg/PlatformPei: Move early GDT
 into ram when SEV-ES is enabled
Date: Tue,  4 Feb 2020 17:01:32 -0600
Message-Id: 
 <478fad59616ff4d60c329dd9eaa9d56a9e448610.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:31 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 08d5cd28-8f15-49e6-8ef8-08d7a9c650ab
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930961BC0F705D692D2C4EAEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8273;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53774+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 VX81UNz7xnDubzCqWWUbuIkkGPmXLhKY0I1WAmA9E+PgF+F85sw88ScyvkeFJiBCs4MgAkj2moSvmAkovqTBctGs+K/L9ASTlyNMstCDtki3R8ZMdcTewB9QEF9qpul7Qz9DAhLBvu5tXe1imyAHQ7t7PUsGrU0rzN3ukdvRFIqQ0wolq9RRGO3ly5GcEOySBZ24BDRcKromJIthjI09gPrcAAmkoaSsdt8KS1xQFOo51+1f39ueF+Fnf3RegpwQnG7RPAxuNX8iGzCbZYehF0DmyJ+KlvT5PJi6LcBfRHI2m5BgZJ90ktIkgtGd3rdfmFvnXJVjgSrP39UVBA+qmZLz8BjCQPw959BI7ETScROIJzg+VEveYjfunelUd3rd9pba9B84msI0QIQki6E8l+f7a6nvJ7yA0ymd5mU74uYVCkK7U2NCq9AWwwgg3jUsUKrqrTST3q9vEfMPL0smXm4/pmmqVygY+JjPUIru/dyKgCJG+05JzeBodiLRZptwDdml2IvcfQ37fljgVd+H8g==
X-MS-Exchange-AntiSpam-MessageData: 
 L94UV/DEMWK5x0fP2cKCqYz+wiJt6CW5DEfbzGcKCy+9MRea2NtYcA2D/hIzjfHrPq0Koa0pgJA1r5FVkwx8FSLMfwjPrWoSog1dQ1c64fcbOT+V04ZLa0LW3qR0cPb/4wa99EIVxOO7ptFkodVc2w==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 08d5cd28-8f15-49e6-8ef8-08d7a9c650ab
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:32.0822
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 2RBFjBL5wp5g991Agt6WlSx+En/PXfGPkKLi6wZP5cLPf1Rs5MSAr6RN8dYvj6B3ddnQfKMWaNuGaX3vO4+Rdg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: ZlTSGlSyGFoueNigeK8Hpj1Qx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857354;
 bh=UjhtUBRfjB48cdvTRMBN6nCQbLcILVfHOVejPDHZN1Q=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=EaS6XY2CU2XPycHm0S9uFSDnIdcQD//0zdi4BgE0CC/SiH8xMhfeRilMgQoN7ktxo+Y
 0gmTu2dfkNPBSSBm3kmoZRG5KyyITtbTOU08TLN1+NZD9O/JAOQQn8kWVgllU6I5tx2S+
 G7nARVueyo0wViGgK2ejlG7iewcggDVYFbk=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

The SEV support will clear the C-bit from non-RAM areas.  The early GDT
lives in a non-RAM area, so when an exception occurs (like a #VC) the GDT
will be read as un-encrypted even though it is encrypted. This will result
in a failure to be able to handle the exception.

Move the GDT into RAM so it can be accessed without error when running as
an SEV-ES guest.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/PlatformPei/AmdSev.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 900b0d977d61..b3fd2d86541a 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -37,6 +37,8 @@ AmdSevEsInitialize (
   PHYSICAL_ADDRESS  GhcbBasePa;
   UINTN             GhcbPageCount;
   RETURN_STATUS     PcdStatus, DecryptStatus;
+  IA32_DESCRIPTOR   Gdtr;
+  VOID              *Gdt;
=20
   if (!MemEncryptSevEsIsEnabled ()) {
     return;
@@ -74,6 +76,22 @@ AmdSevEsInitialize (
     (UINT64)GhcbPageCount, GhcbBase));
=20
   AsmWriteMsr64 (MSR_SEV_ES_GHCB, GhcbBasePa);
+
+  //
+  // The SEV support will clear the C-bit from non-RAM areas.  The early G=
DT
+  // lives in a non-RAM area, so when an exception occurs (like a #VC) the=
 GDT
+  // will be read as un-encrypted even though it was created before the C-=
bit
+  // was cleared (encrypted). This will result in a failure to be able to
+  // handle the exception.
+  //
+  AsmReadGdtr (&Gdtr);
+
+  Gdt =3D AllocatePages (EFI_SIZE_TO_PAGES ((UINTN) Gdtr.Limit + 1));
+  ASSERT (Gdt !=3D NULL);
+
+  CopyMem (Gdt, (VOID *) Gdtr.Base, Gdtr.Limit + 1);
+  Gdtr.Base =3D (UINTN) Gdt;
+  AsmWriteGdtr (&Gdtr);
 }
=20
 /**
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53774): https://edk2.groups.io/g/devel/message/53774
Mute This Topic: https://groups.io/mt/70984950/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53776+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857355939110.50355145167953;
 Tue, 4 Feb 2020 15:02:35 -0800 (PST)
Return-Path: <bounce+27952+53776+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id GzyuYY1788612xKBSwjBuYmX;
 Tue, 04 Feb 2020 15:02:35 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.63])
 by mx.groups.io with SMTP id smtpd.web11.1667.1580857354621927671
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:02:34 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=NhqmaNEob3T3YSSY+TzVZRyEdOK+JXPdCupL0Gl1LPBlVQjIDyCXmOAjf+ir9knuH0XpclwlCD2jd2qV5fqg21ktKmg6cYISmpWCldDConGsyKK8gU6F4sdBk/VmBCnqECxPAlx7UnuaqnsVaUSDgRsk/B1FvPn9/CjGVnVKHCn+iO6J6vBbsGUENsXNkhRqvn1R2PocMyzBl4tTbFwxxSr489keLvP2ulY+c6tjhyEUtChs4rNp7FCWiFXufyXCy+vhQ24fvGAi0E0NeHEA1HkCsWfkIxH89ne26US72h+8KonjZccG+oaOOAE+1qqWPeeml2As7JkWwOnTfwRlwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=T/fY1JiZAODuGuDMcprlaG36m4YqSHS3GlxRjNOYOV8=;
 b=W4a0PAIiL0p67f0for53YjJnjpjWWnEc7Zqbp1+WEEjNd2+ujr9Q+9bFSLIeMPEQWQDlJhSVX+EDUIg+dEACuDBlvDVe6EQp2/vuyo2Qv5BlxA5VdevVuqA6NYydU61SaxhjZUCoyPHqzEo5/afk3UTnt0LwNAW/kYgnT8r7S/+PAw1lhbxm2VEze66dnRFHw2UZxemzoEQhqYT1xfRG36diPRL2NXIYGv3/W2PsT0mRL1FzG81p+kd2GVW44ZKB/71+OU2Q6nCRZHuoLKId5KouQ2SFbAaQp1B6sys5KL9ssj6Ncwry3LL5GYXh5HbePfgcZyIcs9LeYTJko1a/hQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:02:33 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:02:33 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 29/40] UefiCpuPkg: Create an SEV-ES workarea
 PCD
Date: Tue,  4 Feb 2020 17:01:33 -0600
Message-Id: 
 <64b8ad547359780c9093300545e43d663f2c6496.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:32 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 407dd6b8-dde4-41c9-1a01-08d7a9c65162
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393092EB2E3BE48FAC5FF44CEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:3383;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53776+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 cN56+Tk8Da04Xxg/Q9QfN5C+cew/0ix1YvgRiUwBAacFfTtL+sa1VM4UtB3JyxGuExJeDQWkhnBM27q2pKZ1S1qh2fNw29nF5JpFi939NDk34Xjdy5fN1iN/0QAHAHWwI61J0XdagEB/FwwFHJP056Ic3rdLa3dIPCQkWEROnMvCTrN3B4is5yPjZ0t0t1yWp86/Gu5ng9rbLzLrmJw7Ylv+bzLuOu3xHhnat25lvUhPvTqZfCBtaHV8ZOI02SLan/OwTB6IjYxxwlFXPNlM7ldmqypdGQkDAStHgn8bpzkeSXJs6+yq/UAIQ5IHAtOOzFE9HM7Q4Gb4TnutnnHFCN6+hhllPTS/n/y9eFPddV/uF16phNNlbwWbC5zYH9HkzBIPg6fHK1Y4XBaltF9vehBXb77euU8r3JTV+/6RZ89npT8KQK7vkSvzPOgycG4OGiWU1GGYKzkVDWkKNduuQ8/Lj8DuQVg1Tu5S8kbN2LTP1DVym5oyZHwK6oYdm7wlrcACYyt62PtWH0mDlAHpng==
X-MS-Exchange-AntiSpam-MessageData: 
 r87rTA/zf2JEiFi5Yun8ioSJ++1JLnWzZhuTjQOVCIrNKBVxAcayHtp/qko0aV2ye6lGeDTP9j6VwegAg741HL97SS0Qq92yFvPbwpEwevAX1z9ArABtuMqvBFxdsleTdV3DE7x2mDIeDTtJUs3R8g==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 407dd6b8-dde4-41c9-1a01-08d7a9c65162
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:33.2725
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 EDO6H35Uugdr6pSxIRDpUmy3bSI5WmZeCUyiS0rYHptCaiYhawHOQ5XskrnDkvcHH7kecSMKtkz8Kp1H/FCkvg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: SeObvcgURE739ZEposDDWMhTx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857355;
 bh=au7LKTrW38gaGkYZTL/sPw+GbVF8hGNKM3UwU2eI9QQ=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=u3sPeg1CmL1j7vDaPdUMwIMJ8idPV2gC2a7csEnlfGj01foQRCnSDxl061RrXRBrQms
 Q7HGlwM5I8GZjWZ+Vwy84YfiLVY56zoHOKeX9NSuf0mf64IumAOnGEHbGQGr/lotxX2C4
 2z8GzOV8Y3Wo2cmDCT/1m31Ad8q6DFGOgIo=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Create an SEV-ES workarea PCD. This PCD will be used for BSP communication
during SEC and for AP startup during PEI and DXE phases, the latter is the
reason for creating it in the UefiCpuPkg.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/UefiCpuPkg.dec | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec
index 893d2d06b0f2..16218ab4b2f4 100644
--- a/UefiCpuPkg/UefiCpuPkg.dec
+++ b/UefiCpuPkg/UefiCpuPkg.dec
@@ -172,6 +172,14 @@ [PcdsFixedAtBuild]
   # @Prompt SEC GHCB Size
   gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbSize|0|UINT32|0x30002004
=20
+  ## Area of memory where the SEV-ES work area block lives.
+  # @Prompt Configure the SEV-ES work area base
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|0x0|UINT32|0x30002005
+
+  ## Size of teh area of memory where the SEV-ES work area block lives.
+  # @Prompt Configure the SEV-ES work area base
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize|0x0|UINT32|0x30002006
+
 [PcdsFixedAtBuild, PcdsPatchableInModule]
   ## This value is the CPU Local APIC base address, which aligns the addre=
ss on a 4-KByte boundary.
   # @Prompt Configure base address of CPU Local APIC
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53776): https://edk2.groups.io/g/devel/message/53776
Mute This Topic: https://groups.io/mt/70984952/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53777+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857386859219.96338673112655;
 Tue, 4 Feb 2020 15:03:06 -0800 (PST)
Return-Path: <bounce+27952+53777+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id s3gHYY1788612xfy8P8VHYjc;
 Tue, 04 Feb 2020 15:03:06 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.61])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:06 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=RLOOmaoGHBN8l6MyRXanWbNgN6uzJdb2DmL9WrPBtmJXEz2hUw170U7LtVA8qiP21PORdvw3dweGI0/Z6tyvKkA4KbqMF5Z5xnbKX5l4ZX6+Ox+kZHAPiWfCl5m01oex9v0ZtD+wS8hhs1diponm9+9u1/2sZ1Qszv6awbiKlHENu18ufc0QzDWJS9lSocwVF+KJh0DOLrBSTs8YPweZXFHvPVuRRePB3pMHiEsWAZEyro3i1YrvZvP0P3katDrwAs4bSfi90IBCwy+Bbjdn86QRm6i0tViyWx+hykkqe7QEMKvi/fC2gr+YqlKd9yP4aPB5x1pk7OS9SGGDGh6doA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=nGiLjub4Kcd3bv+BZa5LhJ1SpytHwE/xhHEJdf9iMkk=;
 b=SfnI+mmzVf7girm5TsQSYBm6gmCV1/Z9mm7gmr+FM+aAfsJmn3lr68VguBJV3PJ75vpFR09fQ0+10Omk3V/6mSPFLOKF2vLYiDxZagMRHcYeoKJzh1H9dmgfc5cOitRKyVKalr8DPqKYcl003g1H0ogXxhszLZT0EMoj2PBTW4x6o+ryyFY8Xb1P0iBqo4St8vH+U97aMhVjF9qtriWJyvYysBwlqslr1pUNwS7m2ZdJFG9LK7xoBljT3wIW48Aj1N/Gmir2jc+jo3/4Z6jx3AMzP6bto4G91eti9YhkreEUunKdQPMpqG9BiPDWYlu0qwIFTl0M5Lv1BU74mW/VoQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:04 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:04 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 30/40] OvmfPkg: Reserve a page in memory for
 the SEV-ES usage
Date: Tue,  4 Feb 2020 17:01:34 -0600
Message-Id: 
 <0e6bf397c276117bfca51f574870a4927c05c173.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:33 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: c4eec5ac-1183-4bab-eb6e-08d7a9c6520a
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB393063BB0832CC778762F835EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53777+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 /3Q7U1LsOGhXOM8JLdbFLqNqFpXSwTPkKARwvIY9E2P027DFoxqEfnnRvt9DDVny4QTA6pgM9160xDjqGKN7H/7cRG3qQF80igMruG0lGseMv5eB+qpJf5v8mR24TStyJ8fvad4zio6EZDWN2GnH/BKPV4C81oX3jHfPrGPr5FQsT+jgk8EVoXrNzUhRRblerg/MEdJN2sjE7+eBXuxqm3ICHpWik039YVzfAA1TSUPF2CuLXpOLOX42JW6JVtGKRPwZczzeGSvS2x+ieFT0Mf7fY86GoDx2gPJSK+QtZdcej+rMlo8dgNZ7/0bSahL0G2fRNlRZxS59fUirVqffa6LwvBxlcDqjhD+77cAsFnDX8jMbDX07PwX3mvis0q3UZE4uQZ1jiD2PiGdZWIrcYNRBbBzs4iiSpm0XjFvXPl/6F/2zWTMKLPvdlJZXSh6pozYKJLOeI6q908ODZYm43R9kMkkzGAh99lxaIb0kttHzgeiKBmwdOk0OTUEdDcKmVN9Vn5et5Z4A7Yp/MUKL0A==
X-MS-Exchange-AntiSpam-MessageData: 
 lueP1raoaZOxaz6RF4SyZv5TRAZGUuCOlVvnb2CFR+T7VPrbh0sfqBeFdCEHI5uuP4wQI2mIZbxQ++hWrigWLOXOkjecVUOic0+fPL5lLWQ8qtbzI1qu94ukXdNx47jv1XtSFEtaKuDreR79lg4xSw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 c4eec5ac-1183-4bab-eb6e-08d7a9c6520a
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:34.3879
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 ONP917vjW51TLO7NBMaT1PHmFMzy0+qXPfJ+RUkkfqr7kWvWrz8/USStwjzYmPtmOt8vBninO7ZHbrbSSuotCA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: sJYAJPRcopPUqFUhgc976Rmkx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857386;
 bh=TIsRMKJzNNydelmab+dE3u0K9SFSA+WPnS2NG6rMPfw=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=mu2iDX0xjFei5FzrO8xIwvLAWLl/bHqAx1npI2onCLBetUa1e87HMBYkyo3hS5Yw9xs
 2VBQB/by2kE1qFczr7TjTAVB51ncoJNUI0VE+OzNh1Ed5JQeEze9ZZXbrhUWPBJS0lpbs
 dI2feqKc1RGfoZ9ixGnFvSl7sF/M+BKPkoc=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Reserve a fixed area of memory for SEV-ES use and set a fixed PCD,
PcdSevEsWorkAreaBase, to this value.

This area will be used by SEV-ES support for two purposes:
  1. Communicating the SEV-ES status during BSP boot to SEC:
     Using a byte of memory from the page, the BSP reset vector code can
     communicate the SEV-ES status to SEC for use before exception
     handling can be enabled in SEC. After SEC, this field is no longer
     valid and the standard way of determine if SEV-ES is active should
     be used.

  2. Establishing an area of memory for AP boot support:
     A hypervisor is not allowed to update an SEV-ES guest's register
     state, so when booting an SEV-ES guest AP, the hypervisor is not
     allowed to set the RIP to the guest requested value. Instead an
     SEV-ES AP must be re-directed from within the guest to the actual
     requested staring location as specified in the INIT-SIPI-SIPI
     sequence.

     Use this memory for reset vector code that can be programmed to have
     the AP jump to the desired RIP location after starting the AP. This
     is required for only the very first AP reset.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/OvmfPkgX64.fdf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index f541481dc95c..3504aa35dc37 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -82,6 +82,9 @@ [FD.MEMFD]
 0x009000|0x002000
 gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase|gUefiCpuPkgTokenSpaceGuid.PcdSecG=
hcbSize
=20
+0x00B000|0x001000
+gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.P=
cdSevEsWorkAreaSize
+
 0x010000|0x010000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace=
Guid.PcdOvmfSecPeiTempRamSize
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53777): https://edk2.groups.io/g/devel/message/53777
Mute This Topic: https://groups.io/mt/70984999/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53778+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857387486131.36059578360744;
 Tue, 4 Feb 2020 15:03:07 -0800 (PST)
Return-Path: <bounce+27952+53778+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id DK49YY1788612xVi0HnoK3PT;
 Tue, 04 Feb 2020 15:03:07 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:06 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=XKP1Yb9sM+TtZyhqqOIkqNpbu0CVkCAiEFjYlESQHBsaQ66CU1fvMYQELzTbV4/9jvnA4VXlfg0p4D2aMtTfdJbS2BgFjYzJYsjZRtKn2JHPDDQqHqHeng82Xr97OvUhXyaNup/Tm6TIOnK1X8vL1G48wT1CFKM1H+lmytLadnpo+PmFgoVTVw2MWjehzn8/2bmdxBjko0f3mTEnKrIIO95BszlFb6DOHXnqbJzUkTOULLxJwAR+o1J3KOL3HK5w2zxG/8wj7+r2Q9vO/uB40hcPUkvbfwS+8PbwyGmUhGr5keJ+167aX/cILylKPu9FDsCeR4zftubOBb/6s5stOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=hscIHQBDuiS9wzrc5NENQWJl+YgyJNxwiD6YeLPebvU=;
 b=N7mQKAfSzqrLTqQYkGqI6TjmWbmBTyMozufTVmPDzwA5Gb3FU8HhQHNP8zEySW+plzIb7UG9corB0MXLnKDBMkRjk3B037EIa/qhXFUo3CP0yfjzz+Tud06JMFyS/et3KXjZ/k35z0tIDgSM5TA1VZaBbOU5zcD9PKXK0Hn/vhjTS6mOvchjRvQB9rz87Sm7Ko9D6oHp7xwzFQ33BXG/Cim4ezPfBpYq0BfWGXmiu8W0wp/np6HJPD3eCxcWvNzOpJsnUy20CHzyd6p+QEEvioUKYjfL98hVwbxPJxZRPag8ignLHsMhZCfGr/RX7LQ18uvMNOy+479Opv41G/RE6w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:05 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:05 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 31/40] OvmfPkg/ResetVector: Add support for a
 32-bit SEV check
Date: Tue,  4 Feb 2020 17:01:35 -0600
Message-Id: 
 <68967471a5e9c2652c1a43ff2d5557e5983c0625.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:34 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 8b10cb71-6d4f-4009-c905-08d7a9c652bf
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930145082CB7BB74D1E5653EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53778+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 n9F9qRjPCjMOl9ByAZbzG35N/2P6YUwduiLLldGSPQBm4mkUgmSWXyQp9jGlUI3m/zaZ554yv1zOTSQxzQ5fY7dx3CM6pQcyAZvvIYRCwBcAWL08QGUblH969ev+rJxP+WQg7AeegV2HcG4Khpsgaun5YqkKQENlzEgFhz5dHp/+pRmbngzsjx+L+qiWgDYZWAjo7K10V1jmr4zJBGujYIfsMiGH28oBNwK8gOGIM81hZY/wvIKyaUXwvrK/Z9R/N7yCf259XdKoB6gAgi4RIqML4Ls4EB8Sq/zWJs2TE+DzQ71CLmgea2sLhU7cCODJg1eeWN+cpGRMv/M1neO8ADUZhTkaDp8qgIYK+2/ZsxKsQs67g2ydi/zmj/jZB/3DEGqki+IgEaV9oFN1K0ifB7WTksJkPzbDZTE8Fm0ReVOmRNG1P3yGCM3aOVvFwUnS8MPe912eNTYKa2m4ntGb8q7eVTYg1caaqpLQ5HXfV48/3m1Vjvp/m5RUVypvCIHZRjruuXjMt1I9Y0wip1tftw==
X-MS-Exchange-AntiSpam-MessageData: 
 F3r+xcCQFoaQXxAuhyWbx6PJ7+gJI+0WN7PmED3+9oEeSgy2eOc5ZGjpFJc2jlpDe9Mp2qChsiLF2O91VUZQ773oAvRDq+nlrUBlO5BgTNp0bbOx3fWuL8zjp81kSrBzlGpqf57SQECgExdHaGIQHA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 8b10cb71-6d4f-4009-c905-08d7a9c652bf
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:35.5232
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 HOf1nT/hInrtGPzBXBYfoZ9Bmc5Xl6rCviU4emSLnYHEQpkwekC0qGOGyyDKj/yI/OOXGKr2Zth6teivBSow/A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: OQlqih7c3lGq8dXYxEsxdPAsx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857387;
 bh=FgLuDScHArWdOnpz0Slow2HjHJOrCStXHzYqTDEaQeg=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=FtDH29rEnl9jHHj0A7TCeM36F+aHb9pmXovM6mb/yoDht24PsAbpQVKQdyMOQbXVRuB
 2BFp+/QNskrGispghOc8ZwkxdvMJPL26/DUJkN9mJZOUg/2X08M4CocITCFurgQzhshjy
 KmJVdbtrl7M8O6401l12RSdZXJzukYwTLYY=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

During BSP startup, the reset vector code will issue a CPUID instruction
while in 32-bit mode. When running as an SEV-ES guest, this will trigger
a #VC exception.

Add exception handling support to the early reset vector code to catch
these exceptions.  Also, since the guest is in 32-bit mode at this point,
writes to the GHCB will be encrypted and thus not able to be read by the
hypervisor, so use the GHCB CPUID request/response protocol to obtain the
requested CPUID function values and provide these to the guest.

The exception handling support is active during the SEV check and uses the
OVMF temporary RAM space for a stack. After the SEV check is complete, the
exception handling support is removed and the stack pointer cleared.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/ResetVector/ResetVector.inf       |   3 +
 OvmfPkg/ResetVector/Ia32/PageTables64.asm | 275 +++++++++++++++++++++-
 OvmfPkg/ResetVector/ResetVector.nasmb     |   2 +
 3 files changed, 277 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese=
tVector.inf
index 9aedbe9b3640..f9e9578d22b2 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -36,7 +36,10 @@ [BuildOptions]
 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase
   gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbSize
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto=
r/Ia32/PageTables64.asm
index 9f86ddf6f08f..7c72128a84d6 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -36,13 +36,58 @@ BITS    32
                        PAGE_READ_WRITE + \
                        PAGE_PRESENT)
=20
+;
+; SEV-ES #VC exception handler support
+;
+; #VC handler local variable locations
+;
+%define VC_CPUID_RESULT_EAX         0
+%define VC_CPUID_RESULT_EBX         4
+%define VC_CPUID_RESULT_ECX         8
+%define VC_CPUID_RESULT_EDX        12
+%define VC_GHCB_MSR_EDX            16
+%define VC_GHCB_MSR_EAX            20
+%define VC_CPUID_REQUEST_REGISTER  24
+%define VC_CPUID_FUNCTION          28
+
+; #VC handler total local variable size
+;
+%define VC_VARIABLE_SIZE           32
+
+; #VC handler GHCB CPUID request/response protocol values
+;
+%define GHCB_CPUID_REQUEST          4
+%define GHCB_CPUID_RESPONSE         5
+%define GHCB_CPUID_REGISTER_SHIFT  30
+%define CPUID_INSN_LEN              2
+
+
 ; Check if Secure Encrypted Virtualization (SEV) feature is enabled
 ;
-; If SEV is enabled then EAX will be at least 32
+; Modified:  EAX, EBX, ECX, EDX, ESP
+;
+; If SEV is enabled then EAX will be at least 32.
 ; If SEV is disabled then EAX will be zero.
 ;
 CheckSevFeature:
+    ; Set the first byte of the workarea to zero to communicate to the SEC
+    ; phase that SEV-ES is not enabled. If SEV-ES is enabled, the CPUID
+    ; instruction will trigger a #VC exception where the first byte of the
+    ; workarea will be set to one.
+    mov     byte[SEV_ES_WORK_AREA], 0
+
+    ;
+    ; Set up exception handlers to check for SEV-ES
+    ;   Load temporary RAM stack based on PCDs (see SevEsIdtVmmComm for
+    ;   stack usage)
+    ;   Establish exception handlers
+    ;
+    mov       esp, SEV_ES_VC_TOP_OF_STACK
+    mov       eax, ADDR_OF(Idtr)
+    lidt      [cs:eax]
+
     ; Check if we have a valid (0x8000_001F) CPUID leaf
+    ;   CPUID raises a #VC exception if running as an SEV-ES guest
     mov       eax, 0x80000000
     cpuid
=20
@@ -53,8 +98,8 @@ CheckSevFeature:
     jl        NoSev
=20
     ; Check for memory encryption feature:
-    ;  CPUID  Fn8000_001F[EAX] - Bit 1
-    ;
+    ; CPUID  Fn8000_001F[EAX] - Bit 1
+    ;   CPUID raises a #VC exception if running as an SEV-ES guest
     mov       eax,  0x8000001f
     cpuid
     bt        eax, 1
@@ -78,6 +123,15 @@ NoSev:
     xor       eax, eax
=20
 SevExit:
+    ;
+    ; Clear exception handlers and stack
+    ;
+    push      eax
+    mov       eax, ADDR_OF(IdtrClear)
+    lidt      [cs:eax]
+    pop       eax
+    mov       esp, 0
+
     OneTimeCallRet CheckSevFeature
=20
 ; Check if Secure Encrypted Virtualization - Encrypted State (SEV-ES) feat=
ure
@@ -222,3 +276,218 @@ SetCr3:
     mov     cr3, eax
=20
     OneTimeCallRet SetCr3ForPageTables64
+
+;
+; Start of #VC exception handling routines
+;
+
+SevEsIdtNotCpuid:
+    ;
+    ; Use VMGEXIT to request termination.
+    ;   1 - #VC was not for CPUID
+    ;
+    mov     eax, 1
+    jmp     SevEsIdtTerminate
+
+SevEsIdtNoCpuidResponse:
+    ;
+    ; Use VMGEXIT to request termination.
+    ;   2 - GHCB_CPUID_RESPONSE not received
+    ;
+    mov     eax, 2
+
+SevEsIdtTerminate:
+    ;
+    ; Use VMGEXIT to request termination. At this point the reason code is
+    ; located in EAX, so shift it left 16 bits to the proper location.
+    ;
+    ; EAX[11:0]  =3D> 0x100 - request termination
+    ; EAX[15:12] =3D> 0x1   - OVMF
+    ; EAX[23:16] =3D> 0xXX  - REASON CODE
+    ;
+    shl     eax, 16
+    or      eax, 0x1100
+    xor     edx, edx
+    mov     ecx, 0xc0010130
+    wrmsr
+    ;
+    ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-b=
it
+    ; mode, so work around this by temporarily switching to 64-bit mode.
+    ;
+BITS    64
+    rep     vmmcall
+BITS    32
+
+    ;
+    ; We shouldn't come back from the VMGEXIT, but if we do, just loop.
+    ;
+SevEsIdtHlt:
+    hlt
+    jmp     SevEsIdtHlt
+    iret
+
+    ;
+    ; Total stack usage for the #VC handler is 44 bytes:
+    ;   - 12 bytes for the exception IRET (after popping error code)
+    ;   - 32 bytes for the local variables.
+    ;
+SevEsIdtVmmComm:
+    ;
+    ; If we're here, then we are an SEV-ES guest and this
+    ; was triggered by a CPUID instruction
+    ;
+    ; Set the first byte of the workarea to one to communicate to the SEC
+    ; phase that SEV-ES is enabled.
+    mov     byte[SEV_ES_WORK_AREA], 1
+
+    pop     ecx                     ; Error code
+    cmp     ecx, 0x72               ; Be sure it was CPUID
+    jne     SevEsIdtNotCpuid
+
+    ; Set up local variable room on the stack
+    ;   CPUID function         : + 28
+    ;   CPUID request register : + 24
+    ;   GHCB MSR (EAX)         : + 20
+    ;   GHCB MSR (EDX)         : + 16
+    ;   CPUID result (EDX)     : + 12
+    ;   CPUID result (ECX)     : + 8
+    ;   CPUID result (EBX)     : + 4
+    ;   CPUID result (EAX)     : + 0
+    sub     esp, VC_VARIABLE_SIZE
+
+    ; Save the CPUID function being requested
+    mov     [esp + VC_CPUID_FUNCTION], eax
+
+    ; The GHCB CPUID protocol uses the following mapping to request
+    ; a specific register:
+    ;   0 =3D> EAX, 1 =3D> EBX, 2 =3D> ECX, 3 =3D> EDX
+    ;
+    ; Set EAX as the first register to request. This will also be used as a
+    ; loop variable to request all register values (EAX to EDX).
+    xor     eax, eax
+    mov     [esp + VC_CPUID_REQUEST_REGISTER], eax
+
+    ; Save current GHCB MSR value
+    mov     ecx, 0xc0010130
+    rdmsr
+    mov     [esp + VC_GHCB_MSR_EAX], eax
+    mov     [esp + VC_GHCB_MSR_EDX], edx
+
+NextReg:
+    ;
+    ; Setup GHCB MSR
+    ;   GHCB_MSR[63:32] =3D CPUID function
+    ;   GHCB_MSR[31:30] =3D CPUID register
+    ;   GHCB_MSR[11:0]  =3D CPUID request protocol
+    ;
+    mov     eax, [esp + VC_CPUID_REQUEST_REGISTER]
+    cmp     eax, 4
+    jge     VmmDone
+
+    shl     eax, GHCB_CPUID_REGISTER_SHIFT
+    or      eax, GHCB_CPUID_REQUEST
+    mov     edx, [esp + VC_CPUID_FUNCTION]
+    mov     ecx, 0xc0010130
+    wrmsr
+
+    ;
+    ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-b=
it
+    ; mode, so work around this by temporarily switching to 64-bit mode.
+    ;
+BITS    64
+    rep     vmmcall
+BITS    32
+
+    ;
+    ; Read GHCB MSR
+    ;   GHCB_MSR[63:32] =3D CPUID register value
+    ;   GHCB_MSR[31:30] =3D CPUID register
+    ;   GHCB_MSR[11:0]  =3D CPUID response protocol
+    ;
+    mov     ecx, 0xc0010130
+    rdmsr
+    mov     ecx, eax
+    and     ecx, 0xfff
+    cmp     ecx, GHCB_CPUID_RESPONSE
+    jne     SevEsIdtNoCpuidResponse
+
+    ; Save returned value
+    shr     eax, GHCB_CPUID_REGISTER_SHIFT
+    mov     [esp + eax * 4], edx
+
+    ; Next register
+    inc     word [esp + VC_CPUID_REQUEST_REGISTER]
+
+    jmp     NextReg
+
+VmmDone:
+    ;
+    ; At this point we have all CPUID register values. Restore the GHCB MS=
R,
+    ; set the return register values and return.
+    ;
+    mov     eax, [esp + VC_GHCB_MSR_EAX]
+    mov     edx, [esp + VC_GHCB_MSR_EDX]
+    mov     ecx, 0xc0010130
+    wrmsr
+
+    mov     eax, [esp + VC_CPUID_RESULT_EAX]
+    mov     ebx, [esp + VC_CPUID_RESULT_EBX]
+    mov     ecx, [esp + VC_CPUID_RESULT_ECX]
+    mov     edx, [esp + VC_CPUID_RESULT_EDX]
+
+    add     esp, VC_VARIABLE_SIZE
+
+    ; Update the EIP value to skip over the now handled CPUID instruction
+    ; (the CPUID instruction has a length of 2)
+    add     word [esp], CPUID_INSN_LEN
+    iret
+
+ALIGN   2
+
+Idtr:
+    dw      IDT_END - IDT_BASE - 1  ; Limit
+    dd      ADDR_OF(IDT_BASE)       ; Base
+
+IdtrClear:
+    dw      0                       ; Limit
+    dd      0                       ; Base
+
+ALIGN   16
+
+;
+; The Interrupt Descriptor Table (IDT)
+;   This will be used to determine if SEV-ES is enabled.  Upon execution
+;   of the CPUID instruction, a VMM Communication Exception will occur.
+;   This will tell us if SEV-ES is enabled.  We can use the current value
+;   of the GHCB MSR to determine the SEV attributes.
+;
+IDT_BASE:
+;
+; Vectors 0 - 28 (No handlers)
+;
+%rep 29
+    dw      0                                    ; Offset low bits 15..0
+    dw      0x10                                 ; Selector
+    db      0                                    ; Reserved
+    db      0x8E                                 ; Gate Type (IA32_IDT_GAT=
E_TYPE_INTERRUPT_32)
+    dw      0                                    ; Offset high bits 31..16
+%endrep
+;
+; Vector 29 (VMM Communication Exception)
+;
+    dw      (ADDR_OF(SevEsIdtVmmComm) & 0xffff)  ; Offset low bits 15..0
+    dw      0x10                                 ; Selector
+    db      0                                    ; Reserved
+    db      0x8E                                 ; Gate Type (IA32_IDT_GAT=
E_TYPE_INTERRUPT_32)
+    dw      (ADDR_OF(SevEsIdtVmmComm) >> 16)     ; Offset high bits 31..16
+;
+; Vectors 30 - 31 (No handlers)
+;
+%rep 2
+    dw      0                                    ; Offset low bits 15..0
+    dw      0x10                                 ; Selector
+    db      0                                    ; Reserved
+    db      0x8E                                 ; Gate Type (IA32_IDT_GAT=
E_TYPE_INTERRUPT_32)
+    dw      0                                    ; Offset high bits 31..16
+%endrep
+IDT_END:
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re=
setVector.nasmb
index c25932513b80..97e36ef591ab 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -72,6 +72,8 @@
   %define GHCB_PT_ADDR (FixedPcdGet32 (PcdOvmfSecGhcbPageTableBase))
   %define GHCB_BASE (FixedPcdGet32 (PcdSecGhcbBase))
   %define GHCB_SIZE (FixedPcdGet32 (PcdSecGhcbSize))
+  %define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase))
+  %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase)=
 + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))
 %include "Ia32/PageTables64.asm"
 %endif
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53778): https://edk2.groups.io/g/devel/message/53778
Mute This Topic: https://groups.io/mt/70985001/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53779+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857388027991.7059884935894;
 Tue, 4 Feb 2020 15:03:08 -0800 (PST)
Return-Path: <bounce+27952+53779+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id vBNRYY1788612xkd2JVePLMg;
 Tue, 04 Feb 2020 15:03:07 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:07 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=cyM8LlysJy32+seUojcG2h0okkhvTgThB7tlsyXCvssAoDQ3fjRUERNnI2VtocS47m5y1skOZlHJKrJVxA0VEahf7GyRI33jAiLSSYX1REnBKzE+xCvdb6DDYw9ROnGPigJrqol4LYYbvVwsChTqEkB1J5Ij7usK2u8KR4JNZo7mT+4QJAG1D+JQkNOrJLpMx+S+D8gLRm1NwZaVU2rVNEJlwL4gEZcLsjSxW1+TFUO8dXH5sz1kSZFqFitESymDM5c/RxsVHfy1ohQc9c/u47lv+yyV875JaJ0I+fxQI18xHIMXmZW6Hp/BXyXUOnJ12ZkLIZy9ow/P5BPIgDLAkQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=FPJ+maiqB+MGO+G/y6fU6OXTtJFjducuKZXQ/HBbtTc=;
 b=n+U3Oa84GZHqbKUvuRSfBffkVijx2vSzZIhk3pv4fDWJgUAM0RJ+DTsZCZfR7BO2LUQHgZuxlYeCKl/oJCZeIsaXjZmMoATge2RNj/UmlQa8QcGzbNWHtkyhzZA8+lTmH4ueVbrXVCYxEVg6237ifdlwwxbP4TONtTjPRT1PnfeZnXoFWLRHeBpkuMhhh5rsmW/O3zBNFG+SeTyOATSrU5rxnix5xaRQMRFwodXoD90LAQlmOmq/eSWf0HwIGzuwNjDnQc0V/+Czvqs5bBTPdsOj8hcKWnbgbNBV5jwM/bBj8ADSvh6RipY0/TzqsI+7U7Gh3dU1fv/Cj3t4GrjbAw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:05 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:05 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 32/40] OvmfPkg/Sec: Add #VC exception handling
 for Sec phase
Date: Tue,  4 Feb 2020 17:01:36 -0600
Message-Id: 
 <2af37abfa288fb07caf3bdbfe694278caad203ac.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:35 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: cef2e05f-f7dc-4b70-80d7-08d7a9c65362
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930C0EAA9236750B75827A1EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53779+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 DdjiXqxAu2IIk7Hs8Dwq69NZwnOLZpqDlIJBI9o4g1zIcYqCYSTHIaeGRBv02XWbZKvj3xMfEXEGYoUGXfR+ELCQ4XneE+QqQ6e3mfK3kpvt9RMZ51LDgeUQintJwC+cz4swkDfsppik2andUW64h21WrmlYtORrlSFP04/O0UqNoIBDNYaHDNkqC3bAnwfu3zvLgaN6xPe3G86ZlNy9SQcNvGUPBHOnodWamrmh5TWLQuub1CyNvj6dtV5MqklHGpQnQFEGgTZQ4aXNNv1npYOqJIQC0ItLiBwSa31H6KMSdOSzuc7PrT/nJSj72CPV81udpmKCL0ltKW2jP0fmQaZ8CSJ0ienxgh3fbkTtnFQ0wnCb1OUakSJ71LMrnrq7O/q1ijc/ocNqyK8vN46G37q2msaRVCxS9MJ97LyMOp7/MoTn2jPyz13ZE+7n3iynuUCahYK1iqbSzios4hahZkqM+Wohh7K3rDsVCn87Sz8VBmXguTSxjNH6nMeapwwCqPFGIVlNabqTCv5cEq2GZg==
X-MS-Exchange-AntiSpam-MessageData: 
 6tXWzl1AHnufQ5yc6MYivG0ffGH41GLeu8IWLyQ9IIetAcW9fPnkh28kHQgr0r8GKIF09+9xEF4X2aze2unHMnehJCrNe7t0aQXW+1gE79l50f0WUXfNk1rMm1PS8A4wQXjdPN11tLT6xIL7CszzLQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 cef2e05f-f7dc-4b70-80d7-08d7a9c65362
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:36.6456
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 O4oqfwlzWBG8XIOuPc+lpB7nzAAsd1DM9To9TPFLpyJHw95AejMFAmO3OEB2f4w3JF3sINZogsUKKXZkHdMbtw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: c7bA3aBKgWpIu83FSK0AlMUQx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857387;
 bh=m5i87ZWoQHVpRUS6a6zQcniYX8Q+p063pMSw+dkEGlM=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=vVLk9SqThZ+4NyoElFV/zn4rKpjIy2Ub4dRa2fCKbFoM3qu1Uk5i5S5/mgmlSq7Wk76
 eP6WhWmGnE8FV1LFSifHf9GzJ+o0/W3MjT5RBkwk9+SHTqLAeE9cnjyJ8kVdBAreYNRk7
 aWV7JiDOPZs+9INpgS2FhqD3sNC2BvorkQU=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

An SEV-ES guest will generate a #VC exception when it encounters a
non-automatic exit (NAE) event. It is expected that the #VC exception
handler will communicate with the hypervisor using the GHCB to handle
the NAE event.

NAE events can occur during the Sec phase, so initialize exception
handling early in the OVMF Sec support.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/Sec/SecMain.inf |  2 ++
 OvmfPkg/Sec/SecMain.c   | 76 ++++++++++++++++++++++++++++++++++-------
 2 files changed, 65 insertions(+), 13 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
index 63ba4cb555fb..401d06039dd3 100644
--- a/OvmfPkg/Sec/SecMain.inf
+++ b/OvmfPkg/Sec/SecMain.inf
@@ -50,11 +50,13 @@ [LibraryClasses]
   PeCoffExtraActionLib
   ExtractGuidedSectionLib
   LocalApicLib
+  CpuExceptionHandlerLib
=20
 [Ppis]
   gEfiTemporaryRamSupportPpiGuid                # PPI ALWAYS_PRODUCED
=20
 [Pcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index bae9764577f0..2bab7128ade2 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -24,6 +24,7 @@
 #include <Library/PeCoffExtraActionLib.h>
 #include <Library/ExtractGuidedSectionLib.h>
 #include <Library/LocalApicLib.h>
+#include <Library/CpuExceptionHandlerLib.h>
=20
 #include <Ppi/TemporaryRamSupport.h>
=20
@@ -34,6 +35,10 @@ typedef struct _SEC_IDT_TABLE {
   IA32_IDT_GATE_DESCRIPTOR  IdtTable[SEC_IDT_ENTRY_COUNT];
 } SEC_IDT_TABLE;
=20
+typedef struct _SEC_SEV_ES_WORK_AREA {
+  UINT8  SevEsEnabled;
+} SEC_SEV_ES_WORK_AREA;
+
 VOID
 EFIAPI
 SecStartupPhase2 (
@@ -712,6 +717,19 @@ FindAndReportEntryPoints (
   return;
 }
=20
+STATIC
+BOOLEAN
+SevEsIsEnabled (
+  VOID
+  )
+{
+  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;
+
+  SevEsWorkArea =3D (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAr=
eaBase);
+
+  return ((SevEsWorkArea !=3D NULL) && (SevEsWorkArea->SevEsEnabled !=3D 0=
));
+}
+
 VOID
 EFIAPI
 SecCoreStartupWithStack (
@@ -737,8 +755,53 @@ SecCoreStartupWithStack (
     Table[Index] =3D 0;
   }
=20
+  //
+  // Initialize IDT - Since this is before library constructors are called,
+  // we use a loop rather than CopyMem.
+  //
+  IdtTableInStack.PeiService =3D NULL;
+  for (Index =3D 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) {
+    UINT8  *Src, *Dst;
+    UINTN  Byte;
+
+    Src =3D (UINT8 *) &mIdtEntryTemplate;
+    Dst =3D (UINT8 *) &IdtTableInStack.IdtTable[Index];
+    for (Byte =3D 0; Byte < sizeof (mIdtEntryTemplate); Byte++) {
+      Dst[Byte] =3D Src[Byte];
+    }
+  }
+
+  IdtDescriptor.Base  =3D (UINTN)&IdtTableInStack.IdtTable;
+  IdtDescriptor.Limit =3D (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1);
+
+  if (SevEsIsEnabled()) {
+    //
+    // For SEV-ES guests, the exception handler is needed before calling
+    // ProcessLibraryConstructorList() because some of the library constru=
ctors
+    // perform some functions that result in #VC exceptions being generate=
d.
+    //
+    // Due to this code executing before library constructors, *all* libra=
ry
+    // API calls are theoretically interface contract violations. However,
+    // because this is SEC (executing in flash), those constructors cannot
+    // write variables with static storage duration anyway. Furthermore, o=
nly
+    // a small, restricted set of APIs, such as AsmWriteIdtr() and
+    // InitializeCpuExceptionHandlers(), are called, where we require that=
 the
+    // underlying library not require constructors to have been invoked and
+    // that the library instance not trigger any #VC exceptions.
+    //
+    AsmWriteIdtr (&IdtDescriptor);
+    InitializeCpuExceptionHandlers (NULL);
+  }
+
   ProcessLibraryConstructorList (NULL, NULL);
=20
+  if (!SevEsIsEnabled()) {
+    //
+    // For non SEV-ES guests, just load the IDTR.
+    //
+    AsmWriteIdtr (&IdtDescriptor);
+  }
+
   DEBUG ((EFI_D_INFO,
     "SecCoreStartupWithStack(0x%x, 0x%x)\n",
     (UINT32)(UINTN)BootFv,
@@ -751,19 +814,6 @@ SecCoreStartupWithStack (
   //
   InitializeFloatingPointUnits ();
=20
-  //
-  // Initialize IDT
-  //
-  IdtTableInStack.PeiService =3D NULL;
-  for (Index =3D 0; Index < SEC_IDT_ENTRY_COUNT; Index ++) {
-    CopyMem (&IdtTableInStack.IdtTable[Index], &mIdtEntryTemplate, sizeof =
(mIdtEntryTemplate));
-  }
-
-  IdtDescriptor.Base  =3D (UINTN)&IdtTableInStack.IdtTable;
-  IdtDescriptor.Limit =3D (UINT16)(sizeof (IdtTableInStack.IdtTable) - 1);
-
-  AsmWriteIdtr (&IdtDescriptor);
-
 #if defined (MDE_CPU_X64)
   //
   // ASSERT that the Page Tables were set by the reset vector code to
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53779): https://edk2.groups.io/g/devel/message/53779
Mute This Topic: https://groups.io/mt/70985002/1787277
Mute #vc: https://groups.io/mk?hashtag=3Dvc&subid=3D3901457
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53780+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857388421101.68822809444089;
 Tue, 4 Feb 2020 15:03:08 -0800 (PST)
Return-Path: <bounce+27952+53780+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id LBFhYY1788612xs4FQJlPGk6;
 Tue, 04 Feb 2020 15:03:08 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:07 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=KaJAIw8lVZqVxa0OuavW0tpJy8fKeh5oH0PK9Ow5RALUUf+LOiYS57hpUlkbV8a0+Yo11I7TS3yvQ5ER4dGbOH4yNzcbh5dPBFiL/D9zdSLu29IPjC/vBHinkb8yRcY0WPiut7/7lFMuNhE6m0SZQGrU+Mw2tXOqiztHGQf76txKdLAKfvPaUR4Msi40NCIScX841IZjWL5nFOLKKn7HwRsOuF6Yd5qNes7Jx11+D0PWZmcJhBt4nQNDdrMI0ra+HYsvosuskaQVVdW3/15eqXHVpXHU9LYj1Sok/ek765prc99lXrd4FyQEOVJuWi8LGzI6Z7fHWJzGQkPHccfq0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=EBqaAOzUqEYIHgr995Cv+o63QK54PuMQpSh10UwIK94=;
 b=WxOCwwkn1OOuYACbRjyvmoXbjzvVziTQnvlCLdytp/V/SuoKoY61GD+Wpusr9iNoN1LrcQ4ZiZUzoHp/bXguDfxl18NR16vZzlwMktv6NbCHMQrfWkYvAvIp5RI37a9NbKjrd2mBk9kyyIPsPYoOQkI6/nARktPLGXPDcnriCgYcGchoX+U0hjpDtsX82avT1SSXVkrOpRb+CLwYDVPKxSg+6qUOKpFesUCx9z5caq91kMz8VaWb8hAHATFDypz+n05YjO7n1YC/e6UPy2sVoE9cxlfBa9yKElddDC4S7rFJzhgNPycv5w82mxS/lQANATc2z+A0Z6VYrZSZKn7Zbw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:06 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:05 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 33/40] OvmfPkg/Sec: Enable cache early to
 speed up booting
Date: Tue,  4 Feb 2020 17:01:37 -0600
Message-Id: 
 <7b601b8cf0abc1b71d7a0ccb172e71a39b8b15fa.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:36 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 650c0bd6-76c9-4826-6be3-08d7a9c65411
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39304348F1DB6758C53C923FEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53780+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 7gXWZ6JrQUbGxlLuoUmy8LpHj81Y2C3Cyx25aCYxh3vAxQBtvkSobdg6LGGqfABVAUOcORj1SOYGIeByN040YAXUYI5PEa5+JEm3Y0BzeZsB35G9FW4gubYpoFo8Y7//IMl5w6hn4YEAIhXrudjPOBHqqv6Cg2LpGghbEDkKSGPP9DAjvbRqBUDNjXOW+DAdjJ1AC6/JaRXXtFDLtHia3EbdOT3i11Wuyr6W7SCpfH3xWueymU7beogKd1pIP7nna8MNjuP1afdSLAMdkCZC4Yn0I4hnEG1mPR5+Wd0GNZx8hXPTFLz/6K25BMdQx/HBgHX13ayCNd2fy5rCojLowotaVB5w4/PAW5Dmqwb8jKPx40My0imWw489TQmwTOMY08rcDHTUY7zhiEy6povzK+3r9VQlxWU85Ht9kPwG8BN8WxY7+x1udyYImzT4h5+yYedTn73ojRGqdAp+UJ1wIV3ajUO8xTWZKkHCKP5x/xiQ3fupgMKGAAecjJ9fFVAWN3O1x99iAueFahZMhOYagw==
X-MS-Exchange-AntiSpam-MessageData: 
 /nyaojksb6FXjFpzoOZrm8+PPKfg25w3722oGJ+FSPojPIEIN9kcNg27JBY96aC2/p7MzV6lSbCUds9dq0s5uPVFoyrtWX+s5n6MdkWYIJM/q1E0c1FJhCljpVeTE8pNj32shuwAYEXyHivO2mn9lw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 650c0bd6-76c9-4826-6be3-08d7a9c65411
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:37.7889
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 oA2XjeRazyK7tFoduOwgCKZWF2ZVIn+AGvl3uKgjVY1JHSd7vnlEV/vQzEzJLrDaRuijOZaB1eL8lXDX78LFNg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: 6htEjzttP28jeNhh9XpMvSUox1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857388;
 bh=sBzlCvVtl9atqWY1JVqbYtS64yHqq2m6byFMam0Wjrw=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=boyB1IBV4ldzuJq67reC1p0QT+2A81u/Ts5bCDTYHs/eS06G50Je+dyMjpQ4L4XTHSg
 Qb8aXPxJCa4TRzbxbS/NnnjJgi2YYZnjUvCW0fytT99jdW9zcGDwDgPaRBhbDTbISq+z1
 8UFdfP+0wjXf3QIeP12+cOF7MyQuZc/tvKM=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Currently, the OVMF code relies on the hypervisor to enable the cache
support on the processor in order to improve the boot speed. However,
with SEV-ES, the hypervisor is not allowed to change the CR0 register
to enable caching.

Update the OVMF Sec support to enable caching in order to improve the
boot speed when running as an SEV-ES guest.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/Sec/SecMain.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 2bab7128ade2..439c8a09be17 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -800,6 +800,13 @@ SecCoreStartupWithStack (
     // For non SEV-ES guests, just load the IDTR.
     //
     AsmWriteIdtr (&IdtDescriptor);
+  } else {
+    //
+    // Under SEV-ES, the hypervisor can't modify CR0 and so can't enable
+    // caching in order to speed up the boot. Enable caching early for
+    // an SEV-ES guest.
+    //
+    AsmEnableCache ();
   }
=20
   DEBUG ((EFI_D_INFO,
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53780): https://edk2.groups.io/g/devel/message/53780
Mute This Topic: https://groups.io/mt/70985003/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53781+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 158085738900440.598766903937644;
 Tue, 4 Feb 2020 15:03:09 -0800 (PST)
Return-Path: <bounce+27952+53781+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id CBZiYY1788612x6ZSORDquSZ;
 Tue, 04 Feb 2020 15:03:08 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:08 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=KwaqKhuy83KObgIV93R1wtCTmjv5UmdHClYhawgWpxohzka/AbU5LGZLVzf7k++8vSembkY0ZI1APOj37Uxma2H/JkAG7eumyWYMsDZgYVMJye2SllvV6wBDSiPRfY++yZJTosrnN7nfWkW1SS20EvluNwgUzqKCzcYRKNE2Elw2W9bPii5rVsf31gbymTP/AR2yWc0uDVpGaN0IAmJEnNu1F3Yk37tljthPb8bnoWsT3HNKD3xwH20clKpCm6i2/ekpgPEphAT1lesNZ8metJvp2Uxy48K5U6WG83vMqnoECkWtVTNePbvBY/mD5VsTvoyZIoffce91qSw/tSaGSA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=FgGDMsSknsN+X6CJW2+8XkNkOWIiELrvkzZBqfcQ9aA=;
 b=Pt6Fe/qlxFIKrqkHvPNMusTwEU0e0A0Y6kIGjrKyYxP8GTf+pPB9CzeHsvjj10S+adWFofYvQvrIKtcFz0pfOnkZxvKgJnIBS7PMG81lNo2uUmR8jGf0I562Im6K5O0C225jqP/PVsIcqQ7v/umgeci1WGr1uAM1sUwT8qjcTvXv3rVzrvkC/pPjJwuxCUyiAIK7K/fFN49txw0dHOx1ZzgDt1VPhLj/AIs1HirvickK7tcNFsf1Bda2VNksERCbln6rKx/Iuh5tDLfHXnjygnztDqjBoIWw+il0FgQ2HqtfsXLhDVQXyU2Zh6hHGX08rdz0aq+/YLjpEGHVZbPWgA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:06 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:06 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 34/40] OvmfPkg/QemuFlashFvbServicesRuntimeDxe:
 Bypass flash detection with SEV-ES is enabled
Date: Tue,  4 Feb 2020 17:01:38 -0600
Message-Id: 
 <c116c342ddcd813d003e31e79feaf4726f30bc90.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:38 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: c89fd06b-b1bf-4165-38d5-08d7a9c654bc
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39300739F96F9E1BE1D6A1BCEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53781+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 1K2Q6tW+4rwjNaQ2wVbLV3hRy4MaggdyoY4RHzYfrMOdXF4cLc4IIzZ7Qw2q+Krk7BjSE7VaWyd/5+65rPuRRSWOvowl7KY1spMGUuDkHN+8uS6ZiPTqUQYx6Sz8+aI2bCxQqJeqCe844dQaP+sa9X5GzZs6wHAuJHG9/RFWJC2TWcFcULF+R3Gfarl1TsQS1v3cr3Qgv5sRbiktbygz6vCcMjD52KM4BzmdxbCJSW+E+o6fDfBJsilrBh8ZNSuIZYUt57uCEUBLZyNZfnqX1gWe/a3mHkQTpzFp5SATN/NVbd6PWybXVnWucpINhJBLvLDiuRo3VzT1/sQ61xa7Qc5ZWudfThrT8AVxZoFGpvkOVmyWHja2gz7IViu94EwaMF4IHFEzLR9SHFvcY0lXfwN2Q+H2M3BGwoKJlfmN0TEM04pVt8SkPZHp4kfmHXlkNgKnQZh4egHpWEX3IOSoMx4bB6cYWOfWLk3QXafiSLGyeEnAIijcE/niubS9w7/B82K2Ev2vZwfaZUv2net0tOij8zWRN0rASCtCusbDkGbhbNQUfdV8d+gf/PQGk4Hu
X-MS-Exchange-AntiSpam-MessageData: 
 W4Hk4Hx/4EDdI3YRN7owbS2Z8aYjhHQ5JURQjzLlLr63t6hwmtNCrup9t5EYj1wzDSkruo9uU/usMTrTHAikKDKGQrt2L2BZmHlxX65UbTnE1IvBL7jk5D1pRS6fclq7uB1IMq3s0SzmF5+qwboa/Q==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 c89fd06b-b1bf-4165-38d5-08d7a9c654bc
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:38.9123
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 vDMHVTtzqZ0chnCs9ixOYidQLmGzysTL9uL0w6xGinfU7jXXEcBai7v4LzYArXhS4Wer+J9DkLr1q2LZwrwRPw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: l2Zbxl4eCVOEFsdPQhqR8MYTx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857388;
 bh=H4R5nEqPkumel1TV9qgFCbobbqj0slfRAeFI2LrJy5E=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=DVkvDAgjtkRRcLPHkz+aXyj3WMHgL/4E4RzeogwPkqE6jqv9fj06Goip3YpMlTWsu9P
 g3SC2ZD8OTSwhu/2D2K2uRJMLjp0RRN0Ns4u6qL6Ny+Li/0mr8wPxPfPHuJx0mz4RLHiT
 wEdn2/vVnJHcwTY/3LIrc7cvB6wrT3B0iBU=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

The flash detection routine will attempt to determine how the flash
device behaves (e.g. ROM, RAM, Flash). But when SEV-ES is enabled and
the flash device behaves as a ROM device (meaning it is marked read-only
by the hypervisor), this check may result in an infinite nested page fault
because of the attempted write. Since the instruction cannot be emulated
when SEV-ES is enabled, the RIP is never advanced, resulting in repeated
nested page faults.

When SEV-ES is enabled, exit the flash detection early and assume that
the FD behaves as Flash. This will result in QemuFlashWrite() being called
to store EFI variables, which will also result in an infinite nested page
fault when the write is performed. In this case, update QemuFlashWrite()
to use the VmgMmioWrite function from the VmgExitLib library to have the
hypervisor perform the write without having to emulate the instruction.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/OvmfPkgIa32.dsc                       |  1 +
 OvmfPkg/OvmfPkgIa32X64.dsc                    |  1 +
 OvmfPkg/OvmfPkgX64.dsc                        |  1 +
 .../FvbServicesRuntimeDxe.inf                 |  2 ++
 .../QemuFlash.h                               |  6 +++++
 .../QemuFlash.c                               | 23 ++++++++++++++++---
 .../QemuFlashDxe.c                            | 15 ++++++++++++
 .../QemuFlashSmm.c                            |  9 ++++++++
 8 files changed, 55 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index c364da521579..ac67fc1bd8b8 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -320,6 +320,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.UEFI_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 0adae1e0be30..ecf5c2ad54a3 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -325,6 +325,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.UEFI_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 4b5e96a32b0b..33f7571d4df0 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -325,6 +325,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
+  VmgExitLib|UefiCpuPkg/Library/VmgExitLib/VmgExitLib.inf
=20
 [LibraryClasses.common.UEFI_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.i=
nf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
index ca6326e833ed..0b7741ac07f8 100644
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
@@ -38,6 +38,7 @@ [Sources]
 [Packages]
   MdePkg/MdePkg.dec
   MdeModulePkg/MdeModulePkg.dec
+  UefiCpuPkg/UefiCpuPkg.dec
   OvmfPkg/OvmfPkg.dec
=20
 [LibraryClasses]
@@ -52,6 +53,7 @@ [LibraryClasses]
   UefiBootServicesTableLib
   UefiDriverEntryPoint
   UefiRuntimeLib
+  VmgExitLib
=20
 [Guids]
   gEfiEventVirtualAddressChangeGuid   # ALWAYS_CONSUMED
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h b/OvmfPkg/Q=
emuFlashFvbServicesRuntimeDxe/QemuFlash.h
index f1afabcbe6ae..19ac1f733279 100644
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.h
@@ -89,5 +89,11 @@ QemuFlashBeforeProbe (
   IN  UINTN                   FdBlockCount
   );
=20
+VOID
+QemuFlashPtrWrite (
+  IN        volatile UINT8    *Ptr,
+  IN        UINT8             Value
+  );
+
 #endif
=20
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c b/OvmfPkg/Q=
emuFlashFvbServicesRuntimeDxe/QemuFlash.c
index c81c58972bf2..ccf5ad7f7afb 100644
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c
@@ -9,6 +9,7 @@
=20
 #include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
+#include <Library/MemEncryptSevLib.h>
 #include <Library/PcdLib.h>
=20
 #include "QemuFlash.h"
@@ -80,6 +81,21 @@ QemuFlashDetected (
=20
   DEBUG ((EFI_D_INFO, "QEMU Flash: Attempting flash detection at %p\n", Pt=
r));
=20
+  if (MemEncryptSevEsIsEnabled()) {
+    //
+    // When SEV-ES is enabled, the check below can result in an infinite
+    // loop with respect to a nested page fault. When the memslot is mapped
+    // read-only, the nested page table entry is read-only. The check below
+    // will cause a nested page fault that cannot be emulated, causing
+    // the instruction to retried over and over. For SEV-ES, acknowledge t=
hat
+    // the FD appears as ROM and not as FLASH, but report FLASH anyway bec=
ause
+    // FLASH behavior can be simulated using VMGEXIT.
+    //
+    DEBUG ((DEBUG_INFO,
+      "QEMU Flash: SEV-ES enabled, assuming FD behaves as FLASH\n"));
+    return TRUE;
+  }
+
   OriginalUint8 =3D *Ptr;
   *Ptr =3D CLEAR_STATUS_CMD;
   ProbeUint8 =3D *Ptr;
@@ -181,8 +197,9 @@ QemuFlashWrite (
   //
   Ptr =3D QemuFlashPtr (Lba, Offset);
   for (Loop =3D 0; Loop < *NumBytes; Loop++) {
-    *Ptr =3D WRITE_BYTE_CMD;
-    *Ptr =3D Buffer[Loop];
+    QemuFlashPtrWrite (Ptr, WRITE_BYTE_CMD);
+    QemuFlashPtrWrite (Ptr, Buffer[Loop]);
+
     Ptr++;
   }
=20
@@ -190,7 +207,7 @@ QemuFlashWrite (
   // Restore flash to read mode
   //
   if (*NumBytes > 0) {
-    *(Ptr - 1) =3D READ_ARRAY_CMD;
+    QemuFlashPtrWrite (Ptr - 1, READ_ARRAY_CMD);
   }
=20
   return EFI_SUCCESS;
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c b/OvmfPk=
g/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c
index 5aabe9d7b59c..939463a8e17c 100644
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c
@@ -10,6 +10,8 @@
 **/
=20
 #include <Library/UefiRuntimeLib.h>
+#include <Library/MemEncryptSevLib.h>
+#include <Library/VmgExitLib.h>
=20
 #include "QemuFlash.h"
=20
@@ -32,3 +34,16 @@ QemuFlashBeforeProbe (
   // Do nothing
   //
 }
+
+VOID
+QemuFlashPtrWrite (
+  IN        volatile UINT8    *Ptr,
+  IN        UINT8             Value
+  )
+{
+  if (MemEncryptSevEsIsEnabled()) {
+    VmgMmioWrite ((UINT8 *) Ptr, &Value, 1);
+  } else {
+    *Ptr =3D Value;
+  }
+}
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c b/OvmfPk=
g/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c
index 7eb426e03855..eff40ae28032 100644
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashSmm.c
@@ -46,3 +46,12 @@ QemuFlashBeforeProbe (
              );
   ASSERT_EFI_ERROR (Status);
 }
+
+VOID
+QemuFlashPtrWrite (
+  IN        volatile UINT8    *Ptr,
+  IN        UINT8             Value
+  )
+{
+  *Ptr =3D Value;
+}
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53781): https://edk2.groups.io/g/devel/message/53781
Mute This Topic: https://groups.io/mt/70985004/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53782+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857389392366.77244445622046;
 Tue, 4 Feb 2020 15:03:09 -0800 (PST)
Return-Path: <bounce+27952+53782+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id svIeYY1788612x9wWLWgieF3;
 Tue, 04 Feb 2020 15:03:08 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:08 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=jvUMO5+h3BH153NaZquq6f8igYA48oeXOUMNgIbgGmr9DixYVCgT3moJWxokg7CfhCYAAVvcflZjr0+sSkFyNAYMId7gWYl5ofzWatb0IIi66VY9854wMSPY7qPbXsi5yHNBA7EMkk6AFpmAvFtdvwZQbZKTY+PcsRlarbu5hrwWWeNvcVshUViSZVtp1S04SmKfsLUT+6YYoNpiscnHWNSYhZxmKrF8LmuRtT3ZNtM4RhUlHIdSlBke+O+ziMAOWLs4t+5dHSWehHMqoI9RE/ZUh0r1JvN8Wd3TbrZrIgrq1CpXB8VrjTvrm+jEEo0wWQxoSttG9Q+s7xBTXz6Z2A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=LGS8EU+cWS2ozHJvHVfFgMED5b6m7aBtoRsPGIbY+A4=;
 b=lFVDdYUvpdek1SYkBz0oix4jI0m6xChpT1OYwZ5tD3VleYOeR8zB9pilztM/6/vYFK47GjIFko7H4rM1XEm9uHKuBTCPt2JUnp2PfgToKnjOE+Q8n3B9fixBmHLl0MXdYxNhI95NU0RsKwTiBuixgtZghBBcEo7kefnciZaY7zBO1+TIN0DX9c15hMWI5572/5RWaiiiQaltkH+3roTvUdoWjEI4x+QqH2lsmLqMchtO50MK6acTAnXpYJPSjBokYTw4bsUw5c4nr5UJVBv7z+osTdRJqGm3VWK37w667OPETGEnbcq5AEx5LbgJjUyJ2F4LmNRDGnrqQLVbUx0j4Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:07 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:07 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 35/40] UefiCpuPkg: Add a 16-bit protected mode
 code segment descriptor
Date: Tue,  4 Feb 2020 17:01:39 -0600
Message-Id: 
 <88431f5fc55a0083acddf8e6936c7d2ba4c9e3d8.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:39 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 389e4810-9240-413c-3a46-08d7a9c65561
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930015419E03DEAFE30B7F4EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:5797;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53782+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 nWY/awviqtWBSKznjTsPLqoT/ac0nNcjPLPI9xUmpp0gjHr1kUSO0XW6TY8hH4GW8nEN2w3sf5eFCMhNrdLyTq6zVpGqNpZOvGR8n+gU+D1NmUMDtyMHfK3cS5SA8xSSEotTfFAk/sVNcLyW2L5wtQ2kbVIFlMzTcg0Cv34Hbj5ABMYSxXDsHqxLDY+4P+uoXgB2VvKCH+RBqxaXZ8y6R/LWINpE1T+6yu+v9WrMDBDjgc0O7+Zg2S5fKzCsGGcrlWbZnjgmWy2ZoyQjZ2xK/tDlexVOkpuNd8LwlsF/sh3KU1yn2a/3YK09+lEF3smF1LVuJ2Uceuixj/sz5efM7pPXrvDssWcVDjqnRQr6giUAaxE6wnoltAG6pqjdfLIQ9RuzGZVrviNblSy3hxXdwTtUXS33YCN9wAy/nZbC4K8HGKRvXVxftGo5rZu6+0kCCTRXazIsQTYnWdu+LDaucis3D/OPUYflCJ5BLLcnhBgCV6zq99i2Q2DfSYsQtF5W7kUd4fuxxn1sk10t4zjNPw==
X-MS-Exchange-AntiSpam-MessageData: 
 58iKq27ESR5INULITb0bhzlmxD+D1kkpEapeMiK9B+6ZPu8/56YUK16aHtDkcLwdpzVw6IdWyL6mEBE3Mt+nD/fpXfKUez6GgJMwVfe+L6ejkm/Tn2nDhLlgXXeCs5HiOttDLqAYpEIMHfLZpwhU1w==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 389e4810-9240-413c-3a46-08d7a9c65561
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:39.9797
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 igUZ4fIdvvS2KkcakhTJbkCgT8zUYo5iLPIOXPa1nDGHDaWLHXIO2sXM9ZHio3f2vn1vm1yRauA6i/+0L2I+kg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: e4NnB34mug4wMbsvzLCqKB3ux1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857388;
 bh=7EewQQV1SqwY2e+CdOR1HHjWWB4cqEbGNHvK7A8YS/Q=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=XYXzHbTVJjKXSw5wngqD+VDZdw5Lsu6h/l/R7DdzFcVNYFM3FTbpu4FDAQMwEHxCWEQ
 y1Mnohkw4JD7r1KnenHdqs/hh0oWQfDAyPotxJIUGSMzOu6Pa+X+PCGBEvYt0eaCUB0ro
 VEbVUvxvYhODkuDQ5WbWV51SomCDhLLB3NQ=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

A hypervisor is not allowed to update an SEV-ES guests register state,
so when booting an SEV-ES guest AP, the hypervisor is not allowed to
set the RIP to the guest requested value. Instead, an SEV-ES AP must be
transition from 64-bit long mode to 16-bit real mode in response to an
INIT-SIPI-SIPI sequence. This requires a 16-bit code segment descriptor.
For PEI, create this descriptor in the reset vector GDT table. For DXE,
create this descriptor from the newly reserved entry at location 0x28.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/CpuDxe/CpuGdt.h                          | 4 ++--
 UefiCpuPkg/CpuDxe/CpuGdt.c                          | 8 ++++----
 UefiCpuPkg/ResetVector/Vtf0/Ia16/Real16ToFlat32.asm | 9 +++++++++
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/UefiCpuPkg/CpuDxe/CpuGdt.h b/UefiCpuPkg/CpuDxe/CpuGdt.h
index e5c36f37b96a..80e224b47fcd 100644
--- a/UefiCpuPkg/CpuDxe/CpuGdt.h
+++ b/UefiCpuPkg/CpuDxe/CpuGdt.h
@@ -36,7 +36,7 @@ struct _GDT_ENTRIES {
   GDT_ENTRY LinearCode;
   GDT_ENTRY SysData;
   GDT_ENTRY SysCode;
-  GDT_ENTRY Spare4;
+  GDT_ENTRY SysCode16;
   GDT_ENTRY LinearData64;
   GDT_ENTRY LinearCode64;
   GDT_ENTRY Spare5;
@@ -49,7 +49,7 @@ struct _GDT_ENTRIES {
 #define LINEAR_CODE_SEL   OFFSET_OF (GDT_ENTRIES, LinearCode)
 #define SYS_DATA_SEL      OFFSET_OF (GDT_ENTRIES, SysData)
 #define SYS_CODE_SEL      OFFSET_OF (GDT_ENTRIES, SysCode)
-#define SPARE4_SEL        OFFSET_OF (GDT_ENTRIES, Spare4)
+#define SYS_CODE16_SEL    OFFSET_OF (GDT_ENTRIES, SysCode16)
 #define LINEAR_DATA64_SEL OFFSET_OF (GDT_ENTRIES, LinearData64)
 #define LINEAR_CODE64_SEL OFFSET_OF (GDT_ENTRIES, LinearCode64)
 #define SPARE5_SEL        OFFSET_OF (GDT_ENTRIES, Spare5)
diff --git a/UefiCpuPkg/CpuDxe/CpuGdt.c b/UefiCpuPkg/CpuDxe/CpuGdt.c
index 87fd6955f24b..6a80829be884 100644
--- a/UefiCpuPkg/CpuDxe/CpuGdt.c
+++ b/UefiCpuPkg/CpuDxe/CpuGdt.c
@@ -70,14 +70,14 @@ STATIC GDT_ENTRIES GdtTemplate =3D {
     0x0,
   },
   //
-  // SPARE4_SEL
+  // SYS_CODE16_SEL
   //
   {
-    0x0,            // limit 15:0
+    0x0FFFF,        // limit 15:0
     0x0,            // base 15:0
     0x0,            // base 23:16
-    0x0,            // type
-    0x0,            // limit 19:16, flags
+    0x09A,          // present, ring 0, code, execute/read
+    0x08F,          // page-granular, 16-bit
     0x0,            // base 31:24
   },
   //
diff --git a/UefiCpuPkg/ResetVector/Vtf0/Ia16/Real16ToFlat32.asm b/UefiCpuP=
kg/ResetVector/Vtf0/Ia16/Real16ToFlat32.asm
index ce4ebfffb688..0e79a3984b16 100644
--- a/UefiCpuPkg/ResetVector/Vtf0/Ia16/Real16ToFlat32.asm
+++ b/UefiCpuPkg/ResetVector/Vtf0/Ia16/Real16ToFlat32.asm
@@ -129,5 +129,14 @@ LINEAR_CODE64_SEL   equ $-GDT_BASE
     DB      0            ; base 31:24
 %endif
=20
+; linear code segment descriptor
+LINEAR_CODE16_SEL     equ $-GDT_BASE
+    DW      0xffff       ; limit 15:0
+    DW      0            ; base 15:0
+    DB      0            ; base 23:16
+    DB      PRESENT_FLAG(1)|DPL(0)|SYSTEM_FLAG(1)|DESC_TYPE(CODE32_TYPE)
+    DB      GRANULARITY_FLAG(1)|DEFAULT_SIZE32(0)|CODE64_FLAG(0)|UPPER_LIM=
IT(0xf)
+    DB      0            ; base 31:24
+
 GDT_END:
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53782): https://edk2.groups.io/g/devel/message/53782
Mute This Topic: https://groups.io/mt/70985005/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53783+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857389959914.4363748848309;
 Tue, 4 Feb 2020 15:03:09 -0800 (PST)
Return-Path: <bounce+27952+53783+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id jmSEYY1788612xDX5YcK8vqD;
 Tue, 04 Feb 2020 15:03:09 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web11.1675.1580857385855360254
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:09 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=LjSJpgMlk8w/cNzq4lDMaHWlkOUbYzb40DV8FRye2sBDnt+R4pkecJIV56tKJon+DYCnnLLHiQvclKsgER4H/Y7RTR8AIMhKUz2Wn82+qbEbishGeEQEvR5sKaNY3pulOLCWfpYVoUlaVvXgGm301EJGux7CHaJlkZ8MxvNHrMhQMexb/0Y/WvFZFPPvjUlnhOP6g9k6RgqZcrmOXGOibzGL82yCqTWrLK8JuTmTYX/GnyiE3tVBS4xYveUJAcCOK+mseEzvyBM7+AGG07Ng0arltMgMgfryoDt2kttchBOELhIVTIaCSr+UX29u2F/vRFFUZ7PBvL/+9L6pYTBBxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=cbUCObaKXeUU2VJZ8sPh0LzUsOUKTLMglMOP2GkVL4Q=;
 b=cbw/loy+8h7NBesAQ+aNcHvfMrG1aKFPgYS3AOZh1MmbfTo3U47hiOjwD/CNr93TfvVRoTnMg8xt3IZEZW6IlbrcO0pSWqIp5sb8a4ZoaltluBCanbbaLUi4Ml7i67RH4YmnMzPQzZlQHgwpb/Vtkar1cV6UyeZTY9tAjx7cH1VbNehtihRgz3qIbX2z1OYtOuou2TT0qJPH8Kp2cm1C/5kMxXdXQ07YLLMhcVqULCZ8BtiDmS9Cq/Qvf/YqD6MJXLktnwfgIwJtLstnSLDxR5t3qi7nWyoVHh76sq5e8RVIEzGEURpqUc+nac7vx+TtquqeAx3qNEfjzuWFoKVPcQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:07 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:07 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 36/40] UefiCpuPkg/MpInitLib: Add a CPU MP data
 flag to indicate if SEV-ES is enabled
Date: Tue,  4 Feb 2020 17:01:40 -0600
Message-Id: 
 <e20894d30263ffd8324fc562ed5c1970def4bc18.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:40 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 817b2a4d-0ff2-48a2-1881-08d7a9c6560d
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930BCFC7F86C43489523248EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53783+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 s4KqAPBxvtaFM7k3KXybh1Y9dFpCbq9O0bBIrr6i07mmW/Sd6ukpXPuXNp+JTGcJxuF/A1g+jsCQqX4tBR01uRvnOdKM8zzrJEPPtb33HtonQC+3fiplQDXJCrfnpXGZasWc9M893SU+BZfdIdDbWLyfsG102do72pQAU63kdlFS67N4dOfrgIOSOqFJsQXw8HA0cVcO9Bh3y5PX+xYs80kTwwNucxeDH2HiiYEB1A/NjvCdoy3c+e0ny268bys3XtLOb/yMK39ZYom77Uz+tpMAiu9Twp1y4oHvmZzuDktgS/GZhkcTaioWLVkz5mnCELiK4Yx41m3VG4czXA29trSFgWytdPPKRyg/DENjbXga3ERjUGW3MGOXAzpA0RVdp9qn+Im7YLEbmcWjQ9Gb8Ty5jatvwHXdvGTmjoRAHvVXRlJukhlAfnCVretjaaYZxazS/JURL0rZCqRmwY5jChoB9nOeVudeJEoBXnKfkAP4Ekr0qKOwlDBU4QeYNQaTYTYHu7JHPakE+dR2gVMtxA==
X-MS-Exchange-AntiSpam-MessageData: 
 QLHXarbNdyIclodmA8d2/KM2f4dBMKkBRmCuKKx7Cj0gKA/giVgB5I2r8OplQGmoV3VbYtLSgHKGz5kB8jFBpB6CI1wXsUK6bvKAJbyRnwiNU5yvCiFfkcR1Tnj0p7wAsDBGgTfZA61dMCsRTBHGTQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 817b2a4d-0ff2-48a2-1881-08d7a9c6560d
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:41.0530
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 MEn2h17DOjluDYIilwQ0W1cNCIRCOxczp/Lzbo7O46cJaJ8MFtMH98eqGnOb9Na1T9cqW5Sm5KqzPyYhliib4A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: jolL0yc4iwHsbT54mEoZgB9ox1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857389;
 bh=DHj/2fI27k/F3l+Gxdj9UXgl0LglCUFtKtgxXVnH1is=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=L/19F/9p9OOu3SxIxLVXxsDGaCDC9qMt+irp3Ky8hnHnZ+/I4rLGh2t2kIf5c38b9uj
 DgpKnix4QbNtZZX3m1CX8LVaB5bezdkAsZ86d8XmZgW5OvnSG2Qau3mxarVZZPF7XK/nC
 C3msBcKAjB8kwin0pYfKax2IrRdz1dFriNo=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

When starting APs in an SMP configuration, the AP needs to know if it is
running as an SEV-ES guest in order to assign a GHCB page.

Add a field to the CPU_MP_DATA structure that will indicate if SEV-ES is
enabled. This new field is set during MP library initialization with the
PCD value PcdSevEsIsEnabled. This flag can then be used to determine if
SEV-ES is enabled.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 1 +
 UefiCpuPkg/Library/MpInitLib/MpLib.h          | 2 ++
 UefiCpuPkg/Library/MpInitLib/MpLib.c          | 1 +
 4 files changed, 5 insertions(+)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib=
rary/MpInitLib/DxeMpInitLib.inf
index bf5d18d521e9..2c26f20c1972 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -69,5 +69,6 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode                       ## CONS=
UMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate                   ## SOME=
TIMES_CONSUMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuShadowMicrocodeByFit             ## CONS=
UMES
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled                      ## CONS=
UMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard                  ## CONS=
UMES
=20
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib=
rary/MpInitLib/PeiMpInitLib.inf
index 555125a7c575..66b2acfe98e7 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -61,6 +61,7 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode                       ## CONS=
UMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate                   ## SOME=
TIMES_CONSUMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuShadowMicrocodeByFit             ## CONS=
UMES
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled                      ## CONS=
UMES
=20
 [Guids]
   gEdkiiS3SmmInitDoneGuid
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn=
itLib/MpLib.h
index 7c62d75accfb..864b16872010 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -273,6 +273,8 @@ struct _CPU_MP_DATA {
   // driver.
   //
   BOOLEAN                        WakeUpByInitSipiSipi;
+
+  BOOLEAN                        SevEsIsEnabled;
 };
=20
 extern EFI_GUID mCpuInitMpLibHobGuid;
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpIn=
itLib/MpLib.c
index 855d37ba3ed8..5e3183c2493b 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -1687,6 +1687,7 @@ MpInitLibInitialize (
     CpuMpData->MicrocodePatchAddress    =3D OldCpuMpData->MicrocodePatchAd=
dress;
   }
   InitializeSpinLock(&CpuMpData->MpLock);
+  CpuMpData->SevEsIsEnabled =3D PcdGetBool (PcdSevEsIsEnabled);
=20
   //
   // Make sure no memory usage outside of the allocated buffer.
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53783): https://edk2.groups.io/g/devel/message/53783
Mute This Topic: https://groups.io/mt/70985006/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53785+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857392513993.9076379476431;
 Tue, 4 Feb 2020 15:03:12 -0800 (PST)
Return-Path: <bounce+27952+53785+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id Uju4YY1788612x7BEPGAV1q5;
 Tue, 04 Feb 2020 15:03:12 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web10.1685.1580857389917988958
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:10 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Kf/14gKSGLlt9UQPwZz42YW9Vu1u9RW3sPmCW/s4k4I1xMYSKu2XvaObmeAT1PX9CGkraaUNYOT+TPYHz1syMpzahKAc9WljZxOWaOjZDoWZHQv7ZMpD2W8fg2nkeLsZ4l1U++NoYHaSEiDPyB0BbLrM7eX/znJf2TgW9fL5Tabz1owVX8TOtfi7j65hWbvQ+8ySSygrdcOchR1DCn0OaiUruz8jTwUJK2QG+2nlGHNWDfxgMWWLhb9tbvzkrQ71w0dXwdyldHc62DgXKPy2O2uMmL6iSOMci++BkoBXmY+sHcfRw1CeK4IyfRIXkaHKSWRbzpFxBlmcjW1JNS1jdw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=nTb76SeyIW32rQHqJKPnX6Yi7uqmhBbu0E0QK5dYYHk=;
 b=aCISgxe2Q90dv+jXSmx7kRR8S+W9QSvt6S1KmY7U3cuWz8mHgjnfZ4dGsHcF7ABL1P46IPtPZ5g3mns6Ar9+6sMxIdLNW5hawESoT/+eK9R8Q7c7LGEm9aWkG4j1uEZ5svumo+PFWObmHe49K8P/KkpOF/IEWamzuNyBDws6psXgFp9wn3OyLuKaIdz3XVsvBlIr5fD7FIKnUWGVGGK2zCEOTub0Uat9YOMGYHZhOa32lnOt+drOvFaPmRNbOTPtJBj5zz54rIagBNGniPm8uXO4zPd8n9ggv4GYFCWaNJrZaXX4TIg+rCsZlQCQr+h9H2A6ayD9G9UZwynRJseYvA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:08 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:08 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 37/40] UefiCpuPkg: Allow AP booting under
 SEV-ES
Date: Tue,  4 Feb 2020 17:01:41 -0600
Message-Id: 
 <f016fec51b8c06a84415b5b6adae578dd5faa0af.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:41 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 7879eb65-f6a0-4d2d-a0f9-08d7a9c656aa
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930C6A897539C90CACEAF2FEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53785+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 YCVoXQWDONcmhxIfzGMN9Se17iG79r9cdKyqvIW5S+fyF5Kv/rfgm2x5n083U5WZcu/2Qc65XznTAZGVGsCLBOwP0n3kug5LDx4TONV+Iabh0X0mDjIjOLq+Giw2C1RSQZIS8xX7d5/VI74CZZrl0WIzQ308qqOzaNr0LsKb+PqE6AA/BsC70s47rc8Q1t7poBqWLVBIDXZVGlhw4XPKafZ948UNZSUAZHka9hEGPJbeUEkKF5j8FCyvM1/j+zRy77/69nVgYSoc0QpV09QM1n/eb79ayouXmERakdi8fMtnYhvBdikK03S7eO2xpMfULKkAz/tfoQC6x7n98kWBDU+7rUB7Tt/OFmzGdWfj+/2SkB4qAkuu2P8DVpo4OtisXz+0wTUfsI51X6D7leXwsB6oysirACFjydM5JnzaEnGR1I30TeVoJbCbDXoPxUwVqbkLbABFZY4Jb5zI6P4GzXhL/wCMfMxw95U42B1D1lKK7t5hDVQ206d0aE/uMxVzIgRX5Z2y+ZKEUri6H2UiTA==
X-MS-Exchange-AntiSpam-MessageData: 
 GIn/2tC5RqiYydQ0ThSfj9PekYXOwhf9RTFdXiZDYKgmdW8qyWDkbFAF5VuG9QMj8zd/rOZKqMS3EuqlXq4KLztueK75e2TgM88b0TkQwSMdijR+bNIvof8gGux3uzdakCecEIwj923zX23isnrqrg==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 7879eb65-f6a0-4d2d-a0f9-08d7a9c656aa
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:42.1754
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 f+U9KRoB6nwI0od/VWplqXjTBXJNfN3zycekCdiYQoaATR6YIFYjMFzgWqEtEDad+Ftf/EhT9gMfZrZfYzrc3w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: gzhlaMjnVrq4lz5bF0LJmpFXx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857392;
 bh=Q8sKp/A8f+9L2vx9ggnLDddfqPCmx4v6DwxsQZN4O7Y=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=RFecYeY8sV4YRbf0qm/rO1AHUuEKCsHab2nWbbUx2+1G/o3n/4irHcSf8Mz4Rl6Wg/n
 kYvJDoa5WpQVQXkVNT9V6SVQGWn+dy8YTUTR5oSYhdtnuziFsDz9quWkd7JzIVWK3inb1
 5m81tA7VUrDt+qHAsGYr8zaCvMY9PvowtvM=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Typically, an AP is booted using the INIT-SIPI-SIPI sequence. This
sequence is intercepted by the hypervisor, which sets the AP's registers
to the values requested by the sequence. At that point, the hypervisor can
start the AP, which will then begin execution at the appropriate location.

Under SEV-ES, AP booting presents some challenges since the hypervisor is
not allowed to alter the AP's register state. In this situation, we have
to distinguish between the AP's first boot and AP's subsequent boots.

First boot:
 Once the AP's register state has been defined (which is before the guest
 is first booted) it cannot be altered. Should the hypervisor attempt to
 alter the register state, the change would be detected by the hardware
 and the VMRUN instruction would fail. Given this, the first boot for the
 AP is required to begin execution with this initial register state, which
 is typically the reset vector. This prevents the BSP from directing the
 AP startup location through the INIT-SIPI-SIPI sequence.

 To work around this, the firmware will provide a build time reserved area
 that can be used as the initial IP value. The hypervisor can extract this
 location value by checking for the SEV-ES reset block GUID that must be
 located 48-bytes from the end of the firmware. The format of the SEV-ES
 reset block area is:

   0x00 - 0x01 - SEV-ES Reset IP
   0x02 - 0x03 - SEV-ES Reset CS Segment Base[32:16]
   0x04 - 0x05 - Size of the SEV-ES reset block
   0x06 - 0x15 - SEV-ES Reset Block GUID
                   (00f771de-1a7e-4fcb-890e-68c77e2fb44e)

   The total size is 22 bytes. Any expansion to this block must be done
   by adding new values before existing values.

 The hypervisor will use the IP and CS values obtained from the SEV-ES
 reset block to set as the AP's initial values. The CS Segment Base
 represents the upper 16 bits of the CS segment base and must be left
 shifted by 16 bits to form the complete CS segment base value.

 Before booting the AP for the first time, the BSP must initialize the
 SEV-ES reset area. This consists of programming a FAR JMP instruction
 to the contents of a memory location that is also located in the SEV-ES
 reset area. The BSP must program the IP and CS values for the FAR JMP
 based on values drived from the INIT-SIPI-SIPI sequence.

Subsequent boots:
 Again, the hypervisor cannot alter the AP register state, so a method is
 required to take the AP out of halt state and redirect it to the desired
 IP location. If it is determined that the AP is running in an SEV-ES
 guest, then instead of calling CpuSleep(), a VMGEXIT is issued with the
 AP Reset Hold exit code (0x80000004). The hypervisor will put the AP in
 a halt state, waiting for an INIT-SIPI-SIPI sequence. Once the sequence
 is recognized, the hypervisor will resume the AP. At this point the AP
 must transition from the current 64-bit long mode down to 16-bit real
 mode and begin executing at the derived location from the INIT-SIPI-SIPI
 sequence.

 Another change is around the area of obtaining the (x2)APIC ID during AP
 startup. During AP startup, the AP can't take a #VC exception before the
 AP has established a stack. However, the AP stack is set by using the
 (x2)APIC ID, which is obtained through CPUID instructions. A CPUID
 instruction will cause a #VC, so a different method must be used. The
 GHCB protocol supports a method to obtain CPUID information from the
 hypervisor through the GHCB MSR. This method does not require a stack,
 so it is used to obtain the necessary CPUID information to determine the
 (x2)APIC ID.

The new 16-bit protected mode GDT entry is used in order to transition
from 64-bit long mode down to 16-bit real mode.

A new assembler routine is created that takes the AP from 64-bit long mode
to 16-bit real mode.  This is located under 1MB in memory and transitions
from 64-bit long mode to 32-bit compatibility mode to 16-bit protected
mode and finally 16-bit real mode.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |   3 +
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |   3 +
 UefiCpuPkg/Library/MpInitLib/MpLib.h          |  60 ++++
 UefiCpuPkg/Library/MpInitLib/DxeMpLib.c       |  70 ++++-
 UefiCpuPkg/Library/MpInitLib/MpLib.c          | 256 +++++++++++++++++-
 UefiCpuPkg/Library/MpInitLib/PeiMpLib.c       |  19 ++
 UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c  |   2 +-
 UefiCpuPkg/Library/MpInitLib/Ia32/MpEqu.inc   |   2 +-
 .../Library/MpInitLib/Ia32/MpFuncs.nasm       |  15 +
 UefiCpuPkg/Library/MpInitLib/X64/MpEqu.inc    |   4 +-
 UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm | 239 ++++++++++++++++
 11 files changed, 659 insertions(+), 14 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib=
rary/MpInitLib/DxeMpInitLib.inf
index 2c26f20c1972..c52951651851 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -51,6 +51,7 @@ [LibraryClasses]
   UefiBootServicesTableLib
   DebugAgentLib
   SynchronizationLib
+  VmgExitLib
=20
 [Protocols]
   gEfiTimerArchProtocolGuid                     ## SOMETIMES_CONSUMES
@@ -70,5 +71,7 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate                   ## SOME=
TIMES_CONSUMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuShadowMicrocodeByFit             ## CONS=
UMES
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled                      ## CONS=
UMES
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase                   ## SOME=
TIMES_CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard                  ## CONS=
UMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase                       ## CONS=
UMES
=20
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib=
rary/MpInitLib/PeiMpInitLib.inf
index 66b2acfe98e7..ff392aeec763 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -50,6 +50,7 @@ [LibraryClasses]
   UefiCpuLib
   SynchronizationLib
   PeiServicesLib
+  VmgExitLib
=20
 [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber        ## CONS=
UMES
@@ -62,6 +63,8 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate                   ## SOME=
TIMES_CONSUMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuShadowMicrocodeByFit             ## CONS=
UMES
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled                      ## CONS=
UMES
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase                   ## SOME=
TIMES_CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase                       ## CONS=
UMES
=20
 [Guids]
   gEdkiiS3SmmInitDoneGuid
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn=
itLib/MpLib.h
index 864b16872010..63d81ac3e42e 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -170,6 +170,11 @@ typedef struct {
   UINT8             *RelocateApLoopFuncAddress;
   UINTN             RelocateApLoopFuncSize;
   UINTN             ModeTransitionOffset;
+  UINTN             SwitchToRealSize;
+  UINTN             SwitchToRealOffset;
+  UINTN             SwitchToRealNoNxOffset;
+  UINTN             SwitchToRealPM16ModeOffset;
+  UINTN             SwitchToRealPM16ModeSize;
 } MP_ASSEMBLY_ADDRESS_MAP;
=20
 typedef struct _CPU_MP_DATA  CPU_MP_DATA;
@@ -208,6 +213,8 @@ typedef struct {
   // Enable5LevelPaging indicates whether 5-level paging is enabled in lon=
g mode.
   //
   BOOLEAN               Enable5LevelPaging;
+  BOOLEAN               SevEsIsEnabled;
+  UINTN                 GhcbBase;
 } MP_CPU_EXCHANGE_INFO;
=20
 #pragma pack()
@@ -256,6 +263,7 @@ struct _CPU_MP_DATA {
   UINT8                          ApLoopMode;
   UINT8                          ApTargetCState;
   UINT16                         PmCodeSegment;
+  UINT16                         Pm16CodeSegment;
   CPU_AP_DATA                    *CpuData;
   volatile MP_CPU_EXCHANGE_INFO  *MpCpuExchangeInfo;
=20
@@ -275,8 +283,47 @@ struct _CPU_MP_DATA {
   BOOLEAN                        WakeUpByInitSipiSipi;
=20
   BOOLEAN                        SevEsIsEnabled;
+  UINTN                          SevEsAPBuffer;
+  UINTN                          SevEsAPResetStackStart;
+  CPU_MP_DATA                    *NewCpuMpData;
+
+  UINT64                         GhcbBase;
 };
=20
+#define AP_RESET_STACK_SIZE 64
+
+#pragma pack(1)
+
+typedef struct {
+  UINT8   InsnBuffer[8];
+  UINT16  Rip;
+  UINT16  Segment;
+} SEV_ES_AP_JMP_FAR;
+
+#pragma pack()
+
+/**
+  Assembly code to move an AP from long mode to real mode.
+
+  Move an AP from long mode to real mode in preparation to invoking
+  the reset vector.  This is used for SEV-ES guests where a hypervisor
+  is not allowed to set the CS and RIP to point to the reset vector.
+
+  @param[in]  BufferStart  The reset vector target.
+  @param[in]  Code16       16-bit protected mode code segment value.
+  @param[in]  Code32       32-bit protected mode code segment value.
+  @param[in]  StackStart   The start of a stack to be used for transitioni=
ng
+                           from long mode to real mode.
+**/
+typedef
+VOID
+(EFIAPI AP_RESET) (
+  IN UINTN    BufferStart,
+  IN UINT16   Code16,
+  IN UINT16   Code32,
+  IN UINTN    StackStart
+  );
+
 extern EFI_GUID mCpuInitMpLibHobGuid;
=20
 /**
@@ -382,6 +429,19 @@ GetModeTransitionBuffer (
   IN UINTN                BufferSize
   );
=20
+/**
+  Return the address of the SEV-ES AP jump table.
+
+  This buffer is required in order for an SEV-ES guest to transition from
+  UEFI into an OS.
+
+  @retval other   Return SEV-ES AP jump table buffer
+**/
+UINTN
+GetSevEsAPMemory (
+  VOID
+  );
+
 /**
   This function will be called by BSP to wakeup AP.
=20
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M=
pInitLib/DxeMpLib.c
index b17e287bbf49..8df5b6d919e6 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
@@ -12,6 +12,8 @@
 #include <Library/UefiBootServicesTableLib.h>
 #include <Library/DebugAgentLib.h>
 #include <Library/DxeServicesTableLib.h>
+#include <Register/Amd/Fam17Msr.h>
+#include <Register/Amd/Ghcb.h>
=20
 #include <Protocol/Timer.h>
=20
@@ -145,6 +147,39 @@ GetModeTransitionBuffer (
   return (UINTN)StartAddress;
 }
=20
+/**
+  Return the address of the SEV-ES AP jump table.
+
+  This buffer is required in order for an SEV-ES guest to transition from
+  UEFI into an OS.
+
+  @retval other   Return SEV-ES AP jump table buffer
+**/
+UINTN
+GetSevEsAPMemory (
+  VOID
+  )
+{
+  EFI_STATUS            Status;
+  EFI_PHYSICAL_ADDRESS  StartAddress;
+
+  //
+  // Allocate 1 page for AP jump table page
+  //
+  StartAddress =3D BASE_4GB - 1;
+  Status =3D gBS->AllocatePages (
+                  AllocateMaxAddress,
+                  EfiReservedMemoryType,
+                  1,
+                  &StartAddress
+                  );
+  ASSERT_EFI_ERROR (Status);
+
+  DEBUG ((DEBUG_INFO, "Dxe: SevEsAPMemory =3D %lx\n", (UINTN) StartAddress=
));
+
+  return (UINTN) StartAddress;
+}
+
 /**
   Checks APs status and updates APs status if needed.
=20
@@ -219,6 +254,38 @@ CheckApsStatus (
   }
 }
=20
+/**
+  Get Protected mode code segment with 16-bit default addressing
+  from current GDT table.
+
+  @return  Protected mode 16-bit code segment value.
+**/
+UINT16
+GetProtectedMode16CS (
+  VOID
+  )
+{
+  IA32_DESCRIPTOR          GdtrDesc;
+  IA32_SEGMENT_DESCRIPTOR  *GdtEntry;
+  UINTN                    GdtEntryCount;
+  UINT16                   Index;
+
+  Index =3D (UINT16) -1;
+  AsmReadGdtr (&GdtrDesc);
+  GdtEntryCount =3D (GdtrDesc.Limit + 1) / sizeof (IA32_SEGMENT_DESCRIPTOR=
);
+  GdtEntry =3D (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;
+  for (Index =3D 0; Index < GdtEntryCount; Index++) {
+    if (GdtEntry->Bits.L =3D=3D 0) {
+      if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.DB =3D=3D 0) {
+        break;
+      }
+    }
+    GdtEntry++;
+  }
+  ASSERT (Index !=3D GdtEntryCount);
+  return Index * 8;
+}
+
 /**
   Get Protected mode code segment from current GDT table.
=20
@@ -239,7 +306,7 @@ GetProtectedModeCS (
   GdtEntry =3D (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;
   for (Index =3D 0; Index < GdtEntryCount; Index++) {
     if (GdtEntry->Bits.L =3D=3D 0) {
-      if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.L =3D=3D 0) {
+      if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.DB =3D=3D 1) {
         break;
       }
     }
@@ -301,6 +368,7 @@ MpInitChangeApLoopCallback (
=20
   CpuMpData =3D GetCpuMpData ();
   CpuMpData->PmCodeSegment =3D GetProtectedModeCS ();
+  CpuMpData->Pm16CodeSegment =3D GetProtectedMode16CS ();
   CpuMpData->ApLoopMode =3D PcdGet8 (PcdCpuApLoopMode);
   mNumberToFinish =3D CpuMpData->CpuCount - 1;
   WakeUpAP (CpuMpData, TRUE, 0, RelocateApLoop, NULL, TRUE);
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpIn=
itLib/MpLib.c
index 5e3183c2493b..ca8a3a3a7be9 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -7,6 +7,9 @@
 **/
=20
 #include "MpLib.h"
+#include <Library/VmgExitLib.h>
+#include <Register/Amd/Fam17Msr.h>
+#include <Register/Amd/Ghcb.h>
=20
 EFI_GUID mCpuInitMpLibHobGuid =3D CPU_INIT_MP_LIB_HOB_GUID;
=20
@@ -288,6 +291,14 @@ GetApLoopMode (
       //
       ApLoopMode =3D ApInHltLoop;
     }
+
+    if (PcdGetBool (PcdSevEsIsEnabled)) {
+      //
+      // For SEV-ES, force AP in Hlt-loop mode in order to use the GHCB
+      // protocol for starting APs
+      //
+      ApLoopMode =3D ApInHltLoop;
+    }
   }
=20
   if (ApLoopMode !=3D ApInMwaitLoop) {
@@ -579,6 +590,108 @@ InitializeApData (
   SetApState (&CpuMpData->CpuData[ProcessorNumber], CpuStateIdle);
 }
=20
+/**
+  Get Protected mode code segment with 16-bit default addressing
+  from current GDT table.
+
+  @return  Protected mode 16-bit code segment value.
+**/
+STATIC
+UINT16
+GetProtectedMode16CS (
+  VOID
+  )
+{
+  IA32_DESCRIPTOR          GdtrDesc;
+  IA32_SEGMENT_DESCRIPTOR  *GdtEntry;
+  UINTN                    GdtEntryCount;
+  UINT16                   Index;
+
+  Index =3D (UINT16) -1;
+  AsmReadGdtr (&GdtrDesc);
+  GdtEntryCount =3D (GdtrDesc.Limit + 1) / sizeof (IA32_SEGMENT_DESCRIPTOR=
);
+  GdtEntry =3D (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;
+  for (Index =3D 0; Index < GdtEntryCount; Index++) {
+    if (GdtEntry->Bits.L =3D=3D 0 &&
+        GdtEntry->Bits.DB =3D=3D 0 &&
+        GdtEntry->Bits.Type > 8) {
+      break;
+    }
+    GdtEntry++;
+  }
+  ASSERT (Index !=3D GdtEntryCount);
+  return Index * 8;
+}
+
+/**
+  Get Protected mode code segment with 32-bit default addressing
+  from current GDT table.
+
+  @return  Protected mode 32-bit code segment value.
+**/
+STATIC
+UINT16
+GetProtectedMode32CS (
+  VOID
+  )
+{
+  IA32_DESCRIPTOR          GdtrDesc;
+  IA32_SEGMENT_DESCRIPTOR  *GdtEntry;
+  UINTN                    GdtEntryCount;
+  UINT16                   Index;
+
+  Index =3D (UINT16) -1;
+  AsmReadGdtr (&GdtrDesc);
+  GdtEntryCount =3D (GdtrDesc.Limit + 1) / sizeof (IA32_SEGMENT_DESCRIPTOR=
);
+  GdtEntry =3D (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;
+  for (Index =3D 0; Index < GdtEntryCount; Index++) {
+    if (GdtEntry->Bits.L =3D=3D 0 &&
+        GdtEntry->Bits.DB =3D=3D 1 &&
+        GdtEntry->Bits.Type > 8) {
+      break;
+    }
+    GdtEntry++;
+  }
+  ASSERT (Index !=3D GdtEntryCount);
+  return Index * 8;
+}
+
+/**
+  Reset an AP when in SEV-ES mode.
+
+  @retval EFI_DEVICE_ERROR        Reset of AP failed.
+**/
+STATIC
+VOID
+MpInitLibSevEsAPReset (
+  GHCB                         *Ghcb,
+  CPU_MP_DATA                  *CpuMpData
+  )
+{
+  UINT16           Code16, Code32;
+  AP_RESET         *APResetFn;
+  UINTN            BufferStart;
+  UINTN            StackStart;
+
+  Code16 =3D GetProtectedMode16CS ();
+  Code32 =3D GetProtectedMode32CS ();
+
+  if (CpuMpData->WakeupBufferHigh !=3D 0) {
+    APResetFn =3D (AP_RESET *) (CpuMpData->WakeupBufferHigh + CpuMpData->A=
ddressMap.SwitchToRealNoNxOffset);
+  } else {
+    APResetFn =3D (AP_RESET *) (CpuMpData->MpCpuExchangeInfo->BufferStart =
+ CpuMpData->AddressMap.SwitchToRealOffset);
+  }
+
+  BufferStart =3D CpuMpData->MpCpuExchangeInfo->BufferStart;
+  StackStart =3D CpuMpData->SevEsAPResetStackStart -
+                 (AP_RESET_STACK_SIZE * GetApicId ());
+
+  //
+  // This call never returns.
+  //
+  APResetFn (BufferStart, Code16, Code32, StackStart);
+}
+
 /**
   This function will be called from AP reset code if BSP uses WakeUpAP.
=20
@@ -734,7 +847,28 @@ ApWakeupFunction (
       //
       while (TRUE) {
         DisableInterrupts ();
-        CpuSleep ();
+        if (CpuMpData->SevEsIsEnabled) {
+          MSR_SEV_ES_GHCB_REGISTER  Msr;
+          GHCB                      *Ghcb;
+
+          Msr.GhcbPhysicalAddress =3D AsmReadMsr64 (MSR_SEV_ES_GHCB);
+          Ghcb =3D Msr.Ghcb;
+
+          VmgInit (Ghcb);
+          VmgExit (Ghcb, SvmExitApResetHold, 0, 0);
+          /*TODO: Check return value to verify SIPI issued */
+
+          //
+          // Awakened in a new phase? Use the new CpuMpData
+          //
+          if (CpuMpData->NewCpuMpData) {
+            CpuMpData =3D CpuMpData->NewCpuMpData;
+          }
+
+          MpInitLibSevEsAPReset (Ghcb, CpuMpData);
+        } else {
+          CpuSleep ();
+        }
         CpuPause ();
       }
     }
@@ -847,6 +981,9 @@ FillExchangeInfoData (
   ExchangeInfo->Enable5LevelPaging =3D (BOOLEAN) (Cr4.Bits.LA57 =3D=3D 1);
   DEBUG ((DEBUG_INFO, "%a: 5-Level Paging =3D %d\n", gEfiCallerBaseName, E=
xchangeInfo->Enable5LevelPaging));
=20
+  ExchangeInfo->SevEsIsEnabled  =3D CpuMpData->SevEsIsEnabled;
+  ExchangeInfo->GhcbBase        =3D CpuMpData->GhcbBase;
+
   //
   // Get the BSP's data of GDT and IDT
   //
@@ -873,8 +1010,9 @@ FillExchangeInfoData (
   // EfiBootServicesCode to avoid page fault if NX memory protection is en=
abled.
   //
   if (CpuMpData->WakeupBufferHigh !=3D 0) {
-    Size =3D CpuMpData->AddressMap.RendezvousFunnelSize -
-           CpuMpData->AddressMap.ModeTransitionOffset;
+    Size =3D CpuMpData->AddressMap.RendezvousFunnelSize +
+             CpuMpData->AddressMap.SwitchToRealSize -
+             CpuMpData->AddressMap.ModeTransitionOffset;
     CopyMem (
       (VOID *)CpuMpData->WakeupBufferHigh,
       CpuMpData->AddressMap.RendezvousFunnelAddress +
@@ -927,7 +1065,8 @@ BackupAndPrepareWakeupBuffer(
   CopyMem (
     (VOID *) CpuMpData->WakeupBuffer,
     (VOID *) CpuMpData->AddressMap.RendezvousFunnelAddress,
-    CpuMpData->AddressMap.RendezvousFunnelSize
+    CpuMpData->AddressMap.RendezvousFunnelSize +
+      CpuMpData->AddressMap.SwitchToRealSize
     );
 }
=20
@@ -948,6 +1087,40 @@ RestoreWakeupBuffer(
     );
 }
=20
+/**
+  Calculate the size of the reset stack.
+**/
+STATIC
+UINTN
+GetApResetStackSize(
+  VOID
+  )
+{
+  return AP_RESET_STACK_SIZE * PcdGet32(PcdCpuMaxLogicalProcessorNumber);
+}
+
+/**
+  Calculate the size of the reset vector.
+
+  @param[in]  AddressMap  The pointer to Address Map structure.
+**/
+STATIC
+UINTN
+GetApResetVectorSize(
+  IN MP_ASSEMBLY_ADDRESS_MAP  *AddressMap
+  )
+{
+  UINTN  Size;
+
+  Size =3D ALIGN_VALUE (AddressMap->RendezvousFunnelSize +
+                        AddressMap->SwitchToRealSize +
+                        sizeof (MP_CPU_EXCHANGE_INFO),
+                      CPU_STACK_ALIGNMENT);
+  Size +=3D GetApResetStackSize ();
+
+  return Size;
+}
+
 /**
   Allocate reset vector buffer.
=20
@@ -961,16 +1134,22 @@ AllocateResetVector (
   UINTN           ApResetVectorSize;
=20
   if (CpuMpData->WakeupBuffer =3D=3D (UINTN) -1) {
-    ApResetVectorSize =3D CpuMpData->AddressMap.RendezvousFunnelSize +
-                          sizeof (MP_CPU_EXCHANGE_INFO);
+    ApResetVectorSize =3D GetApResetVectorSize (&CpuMpData->AddressMap);
=20
     CpuMpData->WakeupBuffer      =3D GetWakeupBuffer (ApResetVectorSize);
     CpuMpData->MpCpuExchangeInfo =3D (MP_CPU_EXCHANGE_INFO *) (UINTN)
-                    (CpuMpData->WakeupBuffer + CpuMpData->AddressMap.Rende=
zvousFunnelSize);
+                    (CpuMpData->WakeupBuffer +
+                       CpuMpData->AddressMap.RendezvousFunnelSize +
+                       CpuMpData->AddressMap.SwitchToRealSize);
     CpuMpData->WakeupBufferHigh  =3D GetModeTransitionBuffer (
-                                    CpuMpData->AddressMap.RendezvousFunnel=
Size -
+                                    CpuMpData->AddressMap.RendezvousFunnel=
Size +
+                                    CpuMpData->AddressMap.SwitchToRealSize=
 -
                                     CpuMpData->AddressMap.ModeTransitionOf=
fset
                                     );
+    //
+    // The reset stack starts at the end of the buffer.
+    //
+    CpuMpData->SevEsAPResetStackStart =3D CpuMpData->WakeupBuffer + ApRese=
tVectorSize;
   }
   BackupAndPrepareWakeupBuffer (CpuMpData);
 }
@@ -985,7 +1164,31 @@ FreeResetVector (
   IN CPU_MP_DATA              *CpuMpData
   )
 {
-  RestoreWakeupBuffer (CpuMpData);
+  //
+  // If SEV-ES is enabled, the reset area is needed for AP parking and
+  // and AP startup in the OS, so the reset area is reserved. Do not
+  // perform the restore as this will overwrite memory which has data
+  // needed by SEV-ES.
+  //
+  if (!CpuMpData->SevEsIsEnabled) {
+    RestoreWakeupBuffer (CpuMpData);
+  }
+}
+
+/**
+  Allocate the SEV-ES AP jump table buffer.
+
+  @param[in, out]  CpuMpData  The pointer to CPU MP Data structure.
+**/
+VOID
+AllocateSevEsAPMemory (
+  IN OUT CPU_MP_DATA          *CpuMpData
+  )
+{
+  if (CpuMpData->SevEsAPBuffer =3D=3D (UINTN) -1) {
+    CpuMpData->SevEsAPBuffer =3D
+      CpuMpData->SevEsIsEnabled ? GetSevEsAPMemory () : 0;
+  }
 }
=20
 /**
@@ -1022,6 +1225,7 @@ WakeUpAP (
       CpuMpData->InitFlag   !=3D ApInitDone) {
     ResetVectorRequired =3D TRUE;
     AllocateResetVector (CpuMpData);
+    AllocateSevEsAPMemory (CpuMpData);
     FillExchangeInfoData (CpuMpData);
     SaveLocalApicTimerSetting (CpuMpData);
   }
@@ -1058,6 +1262,35 @@ WakeUpAP (
       }
     }
     if (ResetVectorRequired) {
+      //
+      // For SEV-ES, the initial AP boot address will be defined by
+      // PcdSevEsWorkAreaBase. The Segment/Rip must be the jump address
+      // from the original INIT-SIPI-SIPI.
+      //
+      if (CpuMpData->SevEsIsEnabled) {
+        SEV_ES_AP_JMP_FAR *JmpFar;
+        UINT32            Offset, InsnByte;
+        UINT8             LoNib, HiNib;
+
+        JmpFar =3D (SEV_ES_AP_JMP_FAR *) FixedPcdGet32 (PcdSevEsWorkAreaBa=
se);
+        ASSERT (JmpFar !=3D NULL);
+
+        Offset =3D FixedPcdGet32 (PcdSevEsWorkAreaBase);
+        Offset +=3D sizeof(JmpFar->InsnBuffer);
+        LoNib =3D (UINT8) Offset;
+        HiNib =3D (UINT8) (Offset >> 8);
+
+        // JMP FAR [CS:XXYY] =3D> 2E FF 2E YY XX
+        InsnByte =3D 0;
+        JmpFar->InsnBuffer[InsnByte++] =3D 0x2E;  // CS override prefix
+        JmpFar->InsnBuffer[InsnByte++] =3D 0xFF;  // JMP (FAR)
+        JmpFar->InsnBuffer[InsnByte++] =3D 0x2E;  // ModRM (JMP memory loc=
ation)
+        JmpFar->InsnBuffer[InsnByte++] =3D LoNib; // YY offset ...
+        JmpFar->InsnBuffer[InsnByte++] =3D HiNib; // XX offset ...
+
+        JmpFar->Rip =3D 0;
+        JmpFar->Segment =3D (UINT16) (ExchangeInfo->BufferStart >> 4);
+      }
       //
       // Wakeup all APs
       //
@@ -1625,7 +1858,7 @@ MpInitLibInitialize (
   ASSERT (MaxLogicalProcessorNumber !=3D 0);
=20
   AsmGetAddressMap (&AddressMap);
-  ApResetVectorSize =3D AddressMap.RendezvousFunnelSize + sizeof (MP_CPU_E=
XCHANGE_INFO);
+  ApResetVectorSize =3D GetApResetVectorSize (&AddressMap);
   ApStackSize =3D PcdGet32(PcdCpuApStackSize);
   ApLoopMode  =3D GetApLoopMode (&MonitorFilterSize);
=20
@@ -1688,6 +1921,8 @@ MpInitLibInitialize (
   }
   InitializeSpinLock(&CpuMpData->MpLock);
   CpuMpData->SevEsIsEnabled =3D PcdGetBool (PcdSevEsIsEnabled);
+  CpuMpData->SevEsAPBuffer  =3D (UINTN) -1;
+  CpuMpData->GhcbBase       =3D PcdGet64 (PcdGhcbBase);
=20
   //
   // Make sure no memory usage outside of the allocated buffer.
@@ -1751,6 +1986,7 @@ MpInitLibInitialize (
     // APs have been wakeup before, just get the CPU Information
     // from HOB
     //
+    OldCpuMpData->NewCpuMpData =3D CpuMpData;
     CpuMpData->CpuCount  =3D OldCpuMpData->CpuCount;
     CpuMpData->BspNumber =3D OldCpuMpData->BspNumber;
     CpuMpData->CpuInfoInHob =3D OldCpuMpData->CpuInfoInHob;
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c b/UefiCpuPkg/Library/M=
pInitLib/PeiMpLib.c
index 06e3f5d0d3da..e8103a9ce094 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
@@ -280,6 +280,25 @@ GetModeTransitionBuffer (
   return 0;
 }
=20
+/**
+  Return the address of the SEV-ES AP jump table.
+
+  This buffer is required in order for an SEV-ES guest to transition from
+  UEFI into an OS.
+
+  @retval other   Return SEV-ES AP jump table buffer
+**/
+UINTN
+GetSevEsAPMemory (
+  VOID
+  )
+{
+  //
+  // PEI phase doesn't need to do such transition. So simply return 0.
+  //
+  return 0;
+}
+
 /**
   Checks APs status and updates APs status if needed.
=20
diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c b/UefiCpuPkg/PiSm=
mCpuDxeSmm/X64/SmmFuncsArch.c
index 6298571e29b2..28f8e8e133e5 100644
--- a/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
+++ b/UefiCpuPkg/PiSmmCpuDxeSmm/X64/SmmFuncsArch.c
@@ -121,7 +121,7 @@ GetProtectedModeCS (
   GdtEntry =3D (IA32_SEGMENT_DESCRIPTOR *) GdtrDesc.Base;
   for (Index =3D 0; Index < GdtEntryCount; Index++) {
     if (GdtEntry->Bits.L =3D=3D 0) {
-      if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.L =3D=3D 0) {
+      if (GdtEntry->Bits.Type > 8 && GdtEntry->Bits.DB =3D=3D 1) {
         break;
       }
     }
diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/MpEqu.inc b/UefiCpuPkg/Libra=
ry/MpInitLib/Ia32/MpEqu.inc
index efb1bc2bf7cb..4f5a7c859a56 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/MpEqu.inc
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/MpEqu.inc
@@ -19,7 +19,7 @@ CPU_SWITCH_STATE_IDLE         equ        0
 CPU_SWITCH_STATE_STORED       equ        1
 CPU_SWITCH_STATE_LOADED       equ        2
=20
-LockLocation                  equ        (RendezvousFunnelProcEnd - Rendez=
vousFunnelProcStart)
+LockLocation                  equ        (SwitchToRealProcEnd - Rendezvous=
FunnelProcStart)
 StackStartAddressLocation     equ        LockLocation + 04h
 StackSizeLocation             equ        LockLocation + 08h
 ApProcedureLocation           equ        LockLocation + 0Ch
diff --git a/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm b/UefiCpuPkg/Li=
brary/MpInitLib/Ia32/MpFuncs.nasm
index b74046b76af3..309d53bf3b37 100644
--- a/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm
+++ b/UefiCpuPkg/Library/MpInitLib/Ia32/MpFuncs.nasm
@@ -215,6 +215,16 @@ CProcedureInvoke:
     jmp        $                 ; Never reach here
 RendezvousFunnelProcEnd:
=20
+;-------------------------------------------------------------------------=
------------
+;SwitchToRealProc procedure follows.
+;NOT USED IN 32 BIT MODE.
+;-------------------------------------------------------------------------=
------------
+global ASM_PFX(SwitchToRealProc)
+ASM_PFX(SwitchToRealProc):
+SwitchToRealProcStart:
+    jmp        $                 ; Never reach here
+SwitchToRealProcEnd:
+
 ;-------------------------------------------------------------------------=
------------
 ;  AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfAp=
Stack, CountTofinish);
 ;-------------------------------------------------------------------------=
------------
@@ -263,6 +273,11 @@ ASM_PFX(AsmGetAddressMap):
     mov        dword [ebx + 0Ch], AsmRelocateApLoopStart
     mov        dword [ebx + 10h], AsmRelocateApLoopEnd - AsmRelocateApLoop=
Start
     mov        dword [ebx + 14h], Flat32Start - RendezvousFunnelProcStart
+    mov        dword [ebx + 18h], SwitchToRealProcEnd - SwitchToRealProcSt=
art       ; SwitchToRealSize
+    mov        dword [ebx + 1Ch], SwitchToRealProcStart - RendezvousFunnel=
ProcStart ; SwitchToRealOffset
+    mov        dword [ebx + 20h], SwitchToRealProcStart - Flat32Start     =
          ; SwitchToRealNoNxOffset
+    mov        dword [ebx + 24h], 0                                       =
          ; SwitchToRealPM16ModeOffset
+    mov        dword [ebx + 28h], 0                                       =
          ; SwitchToRealPM16ModeSize
=20
     popad
     ret
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/MpEqu.inc b/UefiCpuPkg/Librar=
y/MpInitLib/X64/MpEqu.inc
index 58ef369342a7..c92daaaffd6b 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/MpEqu.inc
+++ b/UefiCpuPkg/Library/MpInitLib/X64/MpEqu.inc
@@ -19,7 +19,7 @@ CPU_SWITCH_STATE_IDLE         equ        0
 CPU_SWITCH_STATE_STORED       equ        1
 CPU_SWITCH_STATE_LOADED       equ        2
=20
-LockLocation                  equ        (RendezvousFunnelProcEnd - Rendez=
vousFunnelProcStart)
+LockLocation                  equ        (SwitchToRealProcEnd - Rendezvous=
FunnelProcStart)
 StackStartAddressLocation     equ        LockLocation + 08h
 StackSizeLocation             equ        LockLocation + 10h
 ApProcedureLocation           equ        LockLocation + 18h
@@ -41,3 +41,5 @@ ModeTransitionSegmentLocation       equ  LockLocation + 9=
8h
 ModeHighMemoryLocation              equ  LockLocation + 9Ah
 ModeHighSegmentLocation             equ  LockLocation + 9Eh
 Enable5LevelPagingLocation          equ  LockLocation + 0A0h
+SevEsIsEnabledLocation              equ  LockLocation + 0A1h
+GhcbBaseLocation                    equ  LockLocation + 0A2h
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm b/UefiCpuPkg/Lib=
rary/MpInitLib/X64/MpFuncs.nasm
index 87f2523e856f..6956b408d004 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm
+++ b/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm
@@ -184,9 +184,97 @@ Releaselock:
     add        edi, StackStartAddressLocation
     add        rax, qword [edi]
     mov        rsp, rax
+
+    lea        edi, [esi + SevEsIsEnabledLocation]
+    cmp        byte [edi], 1        ; SevEsIsEnabled
+    jne        CProcedureInvoke
+
+    ;
+    ; program GHCB
+    ;   Each page after the GHCB is a per-CPU page, so the calculation pro=
grams
+    ;   a GHCB to be every 8KB.
+    ;
+    mov        eax, SIZE_4KB
+    shl        eax, 1                            ; EAX =3D SIZE_4K * 2
+    mov        ecx, ebx
+    mul        ecx                               ; EAX =3D SIZE_4K * 2 * C=
puNumber
+    mov        edi, esi
+    add        edi, GhcbBaseLocation
+    add        rax, qword [edi]
+    mov        rdx, rax
+    shr        rdx, 32
+    mov        rcx, 0xc0010130
+    wrmsr
     jmp        CProcedureInvoke
=20
 GetApicId:
+    lea        edi, [esi + SevEsIsEnabledLocation]
+    cmp        byte [edi], 1        ; SevEsIsEnabled
+    jne        DoCpuid
+
+    ;
+    ; Since we don't have a stack yet, we can't take a #VC
+    ; exception. Use the GHCB protocol to perform the CPUID
+    ; calls.
+    ;
+    mov        rcx, 0xc0010130
+    rdmsr
+    shl        rdx, 32
+    or         rax, rdx
+    mov        rdi, rax             ; RDI now holds the original GHCB GPA
+
+    mov        rdx, 0               ; CPUID function 0
+    mov        rax, 0               ; RAX register requested
+    or         rax, 4
+    wrmsr
+    rep vmmcall
+    rdmsr
+    cmp        edx, 0bh
+    jb         NoX2ApicSevEs        ; CPUID level below CPUID_EXTENDED_TOP=
OLOGY
+
+    mov        rdx, 0bh             ; CPUID function 0x0b
+    mov        rax, 040000000h      ; RBX register requested
+    or         rax, 4
+    wrmsr
+    rep vmmcall
+    rdmsr
+    test       edx, 0ffffh
+    jz         NoX2ApicSevEs        ; CPUID.0BH:EBX[15:0] is zero
+
+    mov        rdx, 0bh             ; CPUID function 0x0b
+    mov        rax, 0c0000000h      ; RDX register requested
+    or         rax, 4
+    wrmsr
+    rep vmmcall
+    rdmsr
+
+    ; Processor is x2APIC capable; 32-bit x2APIC ID is now in EDX
+    jmp        RestoreGhcb
+
+NoX2ApicSevEs:
+    ; Processor is not x2APIC capable, so get 8-bit APIC ID
+    mov        rdx, 1               ; CPUID function 1
+    mov        rax, 040000000h      ; RBX register requested
+    or         rax, 4
+    wrmsr
+    rep vmmcall
+    rdmsr
+    shr        edx, 24
+
+RestoreGhcb:
+    mov        rbx, rdx             ; Save x2APIC/APIC ID
+
+    mov        rdx, rdi             ; RDI holds the saved GHCB GPA
+    shr        rdx, 32
+    mov        eax, edi
+    wrmsr
+
+    mov        rdx, rbx
+
+    ; x2APIC ID or APIC ID is in EDX
+    jmp        GetProcessorNumber
+
+DoCpuid:
     mov        eax, 0
     cpuid
     cmp        eax, 0bh
@@ -253,12 +341,158 @@ CProcedureInvoke:
=20
 RendezvousFunnelProcEnd:
=20
+;-------------------------------------------------------------------------=
------------
+;SwitchToRealProc procedure follows.
+;ALSO THIS PROCEDURE IS EXECUTED BY APs TRANSITIONING TO 16 BIT MODE. HENC=
E THIS PROC
+;IS IN MACHINE CODE.
+;  SwitchToRealProc (UINTN BufferStart, UINT16 Code16, UINT16 Code32, UINT=
N StackStart)
+;  rcx - Buffer Start
+;  rdx - Code16 Selector Offset
+;  r8  - Code32 Selector Offset
+;  r9  - Stack Start
+;-------------------------------------------------------------------------=
------------
+global ASM_PFX(SwitchToRealProc)
+ASM_PFX(SwitchToRealProc):
+SwitchToRealProcStart:
+BITS 64
+    cli
+
+    ;
+    ; Get RDX reset value before changing stacks since the
+    ; new stack won't be able to accomodate a #VC exception.
+    ;
+    push       rax
+    push       rbx
+    push       rcx
+    push       rdx
+
+    mov        rax, 1
+    cpuid
+    mov        rsi, rax                    ; Save off the reset value for =
RDX
+
+    pop        rdx
+    pop        rcx
+    pop        rbx
+    pop        rax
+
+    ;
+    ; Establish stack below 1MB
+    ;
+    mov        rsp, r9
+
+    ;
+    ; Push ultimate Reset Vector onto the stack
+    ;
+    mov        rax, rcx
+    shr        rax, 4
+    push       word 0x0002                 ; RFLAGS
+    push       ax                          ; CS
+    push       word 0x0000                 ; RIP
+    push       word 0x0000                 ; For alignment, will be discar=
ded
+
+    ;
+    ; Get address of "16-bit operand size" label
+    ;
+    lea        rbx, [PM16Mode]
+
+    ;
+    ; Push addresses used to change to compatibility mode
+    ;
+    lea        rax, [CompatMode]
+    push       r8
+    push       rax
+
+    ;
+    ; Clear R8 - R15, for reset, before going into 32-bit mode
+    ;
+    xor        r8, r8
+    xor        r9, r9
+    xor        r10, r10
+    xor        r11, r11
+    xor        r12, r12
+    xor        r13, r13
+    xor        r14, r14
+    xor        r15, r15
+
+    ;
+    ; Far return into 32-bit mode
+    ;
+o64 retf
+
+BITS 32
+CompatMode:
+    ;
+    ; Set up stack to prepare for exiting protected mode
+    ;
+    push       edx                         ; Code16 CS
+    push       ebx                         ; PM16Mode label address
+
+    ;
+    ; Disable paging
+    ;
+    mov        eax, cr0                    ; Read CR0
+    btr        eax, 31                     ; Set PG=3D0
+    mov        cr0, eax                    ; Write CR0
+
+    ;
+    ; Disable long mode
+    ;
+    mov        ecx, 0c0000080h             ; EFER MSR number
+    rdmsr                                  ; Read EFER
+    btr        eax, 8                      ; Set LME=3D0
+    wrmsr                                  ; Write EFER
+
+    ;
+    ; Disable PAE
+    ;
+    mov        eax, cr4                    ; Read CR4
+    btr        eax, 5                      ; Set PAE=3D0
+    mov        cr4, eax                    ; Write CR4
+
+    mov        edx, esi                    ; Restore RDX reset value
+
+    ;
+    ; Switch to 16-bit operand size
+    ;
+    retf
+
+BITS 16
+    ;
+    ; At entry to this label
+    ;   - RDX will have its reset value
+    ;   - On the top of the stack
+    ;     - Alignment data (two bytes) to be discarded
+    ;     - IP for Real Mode (two bytes)
+    ;     - CS for Real Mode (two bytes)
+    ;
+PM16Mode:
+    mov        eax, cr0                    ; Read CR0
+    btr        eax, 0                      ; Set PE=3D0
+    mov        cr0, eax                    ; Write CR0
+
+    pop        ax                          ; Discard alignment data
+
+    ;
+    ; Clear registers (except RDX and RSP) before going into 16-bit mode
+    ;
+    xor        eax, eax
+    xor        ebx, ebx
+    xor        ecx, ecx
+    xor        esi, esi
+    xor        edi, edi
+    xor        ebp, ebp
+
+    iret
+
+SwitchToRealProcEnd:
+
 ;-------------------------------------------------------------------------=
------------
 ;  AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfAp=
Stack, CountTofinish);
 ;-------------------------------------------------------------------------=
------------
 global ASM_PFX(AsmRelocateApLoop)
 ASM_PFX(AsmRelocateApLoop):
 AsmRelocateApLoopStart:
+BITS 64
     cli                          ; Disable interrupt before switching to 3=
2-bit mode
     mov        rax, [rsp + 40]   ; CountTofinish
     lock dec   dword [rax]       ; (*CountTofinish)--
@@ -324,6 +558,11 @@ ASM_PFX(AsmGetAddressMap):
     mov        qword [rcx + 18h], rax
     mov        qword [rcx + 20h], AsmRelocateApLoopEnd - AsmRelocateApLoop=
Start
     mov        qword [rcx + 28h], Flat32Start - RendezvousFunnelProcStart
+    mov        qword [rcx + 30h], SwitchToRealProcEnd - SwitchToRealProcSt=
art          ; SwitchToRealSize
+    mov        qword [rcx + 38h], SwitchToRealProcStart - RendezvousFunnel=
ProcStart    ; SwitchToRealOffset
+    mov        qword [rcx + 40h], SwitchToRealProcStart - Flat32Start     =
             ; SwitchToRealNoNxOffset
+    mov        qword [rcx + 48h], PM16Mode - RendezvousFunnelProcStart    =
             ; SwitchToRealPM16ModeOffset
+    mov        qword [rcx + 50h], SwitchToRealProcEnd - PM16Mode          =
             ; SwitchToRealPM16ModeSize
     ret
=20
 ;-------------------------------------------------------------------------=
------------
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53785): https://edk2.groups.io/g/devel/message/53785
Mute This Topic: https://groups.io/mt/70985008/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53784+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 158085739242126.966833379159652;
 Tue, 4 Feb 2020 15:03:12 -0800 (PST)
Return-Path: <bounce+27952+53784+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 39L6YY1788612xNyll9NEKY2;
 Tue, 04 Feb 2020 15:03:12 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.86])
 by mx.groups.io with SMTP id smtpd.web10.1685.1580857389917988958
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:10 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=YlpVmIJ/CW33OpRYWfiwzGR3RZpiZmDuUZKgxiL2dYfIpo6JGjL2qnCfJobyH8qRlvyyBjSBCq925acDYPQ86UL9MBQtx3+pBJ/PsMLgQ0z4kHksyR2m9zqyNhiJfHsqoFNQKWF/fK86S6PhH15AHplwVNnFfGfXPFFy2gbe0ZPDzmfdtFwSpBY2P0GHqQPGeMfUwjrXxwnYgHckTgqr65ifzoyZP39G2zBm0dvYQ3GlfK/FcuORU6UGmhekhHqzUtigvcB1B77mGFnx2BF0ut1WZ6U3fv4idanpoeuJf2f46hQ2PHKPACL3KcrahLexZHaAtwgYacvG8XTH9ujG5w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NAgTch9dW8xX8rqLU2HUbsKJtJD1b8oLwFlpCmR6svE=;
 b=MohhlRQ+T0yYr+W4DdF8eyFeb+Qg7rP+2OH9CqUIO/yxYH1+dtZM2rPpbBfTiWhAXUtLSnAcFJ1RFdLe+jyA2VaaeVGi0nS/BMVvERotH2qJjsVNa09TnxYwg/FZCl8nYIP3w2E5plKylyos4qWxopFL88HDOYwZPeEvZEru8k+F6Nll9EBUiWIzrhn7lMvAf48YmLO7N8AKRkdQ4KxA7h73Z7kH9aMl4bmP0Y1LMurJ0Oqqn4yx2cZx61VIZKd/eDIOUkJKti0/XCbg86XYiAZYiIFFKNsZROCUinOXoC/eRN18z13A6SRdvN3fo2r+E674a5enFouxfRqGTS4sBw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:08 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:08 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 38/40] OvmfPkg: Use the SEV-ES work area for
 the SEV-ES AP reset vector
Date: Tue,  4 Feb 2020 17:01:42 -0600
Message-Id: 
 <bb88dc35d8f4c83640876bcdaabae4ad712a4d1f.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:42 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 28cbd95b-dba7-4f8c-4aba-08d7a9c6575c
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB39303EB44C36E7CDC5689DAEEC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53784+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 KPE7IGHUBqVDD60WHInmVRwTnq6aNXVYykusb3d5jTCgl3+YtrpFt54LIq59jiBiTLtj0/KRjAAfi+hayv+23LaXFlmLuIWfSro0vWwdb4dIRaM2iHTD6WAM8+h2aJtfCYpuSfLlNOCePiWR6C60ogbJ2TV7O7Pvu2cJUZVCQfMBvo/jmh5tdQPA1lsY5xv8hDWJoLYWSQLn6UlJ70tuqdy1sDah5bTqv9UJnQ2XW2Shi8laYJBCI4eD9xEUNCfqlnZTBKlVGh5CeBEbzZamYKvaaU5Z8s8yAhOmb+Qzva6rXC2rBD4ibnQX8McsGt/kGVwc3qvO6N9UPAIdTZDR1si/WV/dJ7UbGz/jcCe2+OaQUhSbilA14kMBJw6T42MNSqmtB+y1VZNGvGmqcxelWXVRcy9GkygdqfjAONapVH733Me4M9GHfoKtGH/gBd7wmVkCghFF8PhG+ccW22qwwPvb1QW0WNSopas/VXKXAhOCYTl34zDdvSrMdOqxmNiJUegl+xm+4ORLyJMz6gFNvA==
X-MS-Exchange-AntiSpam-MessageData: 
 /TFLtGq+YTxBvI1P3EAZE9J8PQvPFtBiGyy/U2drW0Jsy4wQEzd5lOGE1qUTiTzBnBE/F5DX8DnY/f3G1ChZaJNhn+sJaWw7PofrYkGoSrocLS+gO7N0fSEgPNyDmjl0H7yO8lISxU1IEMoQ2rWNeQ==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 28cbd95b-dba7-4f8c-4aba-08d7a9c6575c
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:43.2698
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 P+Mtvecz4FTSUEXmGdvv/FOGK0cZ0EAWm8q5+Uqv+02BtGtHb4UOUku5PEZOkFUfeHtuEEeaUZajTKp43QCOSw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: tw9PhqnOI17DYjLEcA7kgctdx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857392;
 bh=VMrBvNtlA225f9iaF8paLVYomYlcDRgf7LuvciuEEF8=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=qVkjxp58pE/fRkZJpA2/zCr5h4vB86VBAJA+3MN1cB75T9/CHQOyggDM5aaQ3B8sKKy
 3N1OkJA30ifbHThAqOkQMIxghbv+RuVvhYHDKvpjO0AJyIj37mA0vQPEUTS5+ppyWza8h
 zmj+fARlmsbHjOYW2+TNcIPspDVhPeOgVY0=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

A hypervisor is not allowed to update an SEV-ES guest's register state,
so when booting an SEV-ES guest AP, the hypervisor is not allowed to
set the RIP to the guest requested value. Instead an SEV-ES AP must be
re-directed from within the guest to the actual requested staring location
as specified in the INIT-SIPI-SIPI sequence.

Use the SEV-ES work area for the reset vector code that contains support
to jump to the desired RIP location after having been started. This is
required for only the very first AP reset.

This new OVMF source file, ResetVectorVtf0.asm, is used in place of the
original file through the use of the include path order set in
OvmfPkg/ResetVector/ResetVector.inf under "[BuildOptions]".

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 100 +++++++++++++++++++
 OvmfPkg/ResetVector/ResetVector.nasmb        |   1 +
 2 files changed, 101 insertions(+)
 create mode 100644 OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm

diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVe=
ctor/Ia16/ResetVectorVtf0.asm
new file mode 100644
index 000000000000..980e0138e7fe
--- /dev/null
+++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
@@ -0,0 +1,100 @@
+;-------------------------------------------------------------------------=
-----
+; @file
+; First code executed by processor after resetting.
+; Derived from UefiCpuPkg/ResetVector/Vtf0/Ia16/ResetVectorVtf0.asm
+;
+; Copyright (c) 2008 - 2014, Intel Corporation. All rights reserved.<BR>
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+;-------------------------------------------------------------------------=
-----
+
+BITS    16
+
+ALIGN   16
+
+;
+; Pad the image size to 4k when page tables are in VTF0
+;
+; If the VTF0 image has page tables built in, then we need to make
+; sure the end of VTF0 is 4k above where the page tables end.
+;
+; This is required so the page tables will be 4k aligned when VTF0 is
+; located just below 0x100000000 (4GB) in the firmware device.
+;
+%ifdef ALIGN_TOP_TO_4K_FOR_PAGING
+    TIMES (0x1000 - ($ - EndOfPageTables) - 0x20) DB 0
+%endif
+
+;
+; SEV-ES Processor Reset support
+;
+; sevEsResetBlock:
+;   For the initial boot of an AP under SEV-ES, the "reset" RIP must be
+;   programmed to the RAM area defined by SEV_ES_AP_RESET_IP. A known offs=
et
+;   and GUID will be used to locate this block in the firmware and extract
+;   the build time RIP value. The GUID must always be 48 bytes from the
+;   end of the firmware.
+;
+;   0xffffffca (-0x36) - IP value
+;   0xffffffcc (-0x34) - CS segment base [31:16]
+;   0xffffffce (-0x32) - Size of the SEV-ES reset block
+;   0xffffffd0 (-0x30) - SEV-ES reset block GUID
+;                        (00f771de-1a7e-4fcb-890e-68c77e2fb44e)
+;
+;   A hypervisor reads the CS segement base and IP value. The CS segment b=
ase
+;   value represents the high order 16-bits of the CS segment base, so the
+;   hypervisor must left shift the value of the CS segement base by 16 bit=
s to
+;   form the full CS segment base for the CS segment register. It would th=
en
+;   program the EIP register with the IP value as read.
+;
+
+TIMES (32 - (sevEsResetBlockEnd - sevEsResetBlockStart)) DB 0
+
+sevEsResetBlockStart:
+    DD      SEV_ES_AP_RESET_IP
+    DW      sevEsResetBlockEnd - sevEsResetBlockStart
+    DB      0xDE, 0x71, 0xF7, 0x00, 0x7E, 0x1A, 0xCB, 0x4F
+    DB      0x89, 0x0E, 0x68, 0xC7, 0x7E, 0x2F, 0xB4, 0x4E
+sevEsResetBlockEnd:
+
+ALIGN   16
+
+applicationProcessorEntryPoint:
+;
+; Application Processors entry point
+;
+; GenFv generates code aligned on a 4k boundary which will jump to this
+; location.  (0xffffffe0)  This allows the Local APIC Startup IPI to be
+; used to wake up the application processors.
+;
+    jmp     EarlyApInitReal16
+
+ALIGN   8
+
+    DD      0
+
+;
+; The VTF signature
+;
+; VTF-0 means that the VTF (Volume Top File) code does not require
+; any fixups.
+;
+vtfSignature:
+    DB      'V', 'T', 'F', 0
+
+ALIGN   16
+
+resetVector:
+;
+; Reset Vector
+;
+; This is where the processor will begin execution
+;
+    nop
+    nop
+    jmp     EarlyBspInitReal16
+
+ALIGN   16
+
+fourGigabytes:
+
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re=
setVector.nasmb
index 97e36ef591ab..12265e7746c1 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -82,5 +82,6 @@
=20
 %include "Main.asm"
=20
+  %define SEV_ES_AP_RESET_IP  FixedPcdGet32 (PcdSevEsWorkAreaBase)
 %include "Ia16/ResetVectorVtf0.asm"
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53784): https://edk2.groups.io/g/devel/message/53784
Mute This Topic: https://groups.io/mt/70985007/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53786+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580857392752307.3497464809441;
 Tue, 4 Feb 2020 15:03:12 -0800 (PST)
Return-Path: <bounce+27952+53786+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id mQ0pYY1788612xRedYAzbwV5;
 Tue, 04 Feb 2020 15:03:12 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web10.1685.1580857389917988958
 for <devel@edk2.groups.io>;
 Tue, 04 Feb 2020 15:03:11 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=a//mMkKFWEyYAUdgZTpp0CsZ/DrCSkA3U0LY5joz4S8SyAAN0jkVHXUKjvMyE6UfSVOMhmCAqd/QgTgJ2yoW8Xs8PhZDGkhNxCNhtqyabcHaAJPHRg49O/Uw/I63mWWoLdLGAobW2tI1IpnhDRVtACSkWe+XWYFs1pDoqorej8EvngLEhnFMpyOUK5AoT6MoKonNGkmdCVMEJUS9hLmBYM9XQuuTpRZFgAaIuhSrd+iZFb2o2X8+yPfezd1EQu5WD0IrS2SMqRb8hx2UA3GTHMqiRsID8INDtuHxNF/ZCZf0FSYKLTpSfUVkF6QxBrReVcMMJfxu0L/+1bKCujVW4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=ocoGiTnb9S0lUMKlgYerC9dEAFdGQqpobvTdwjEJQKk=;
 b=Ko+FiEn77WYmgwSWCqPqn+UA1cdxoVGarJXwwZ/iEWg/FvyoiuIevTwpqA/lzWbE06z45Y3nO8U8d2g2NRCql0CQwz0slZXPDFYuNEg3EZL8saqB2D/tPqq6gtd2/qhS6h98xo48/gwKdxw24VRbp9u/3hlmnaCsNGj2ARQCN1IL9TywyrF5B9S0rmmGyuqU6E3viBpXxeDDuF+71ZDliqLs8FMk+hB1eDBeI3aNcj5rQ537w3VWvwnw4bLvgSyduES4MsjWsezcDdxEvAJgYlWwaEGOkbO91ocPuQUYi+Vz0vqwDTw4AfwbHa8cPMrOGitNWJS5Z48mMk47HF0j1Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3930.namprd12.prod.outlook.com (10.255.174.19) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2686.29; Tue, 4 Feb 2020 23:03:09 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Tue, 4 Feb 2020
 23:03:09 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [PATCH v4 39/40] OvmfPkg: Move the GHCB allocations into
 reserved memory
Date: Tue,  4 Feb 2020 17:01:43 -0600
Message-Id: 
 <876b1c9ab30c7e61f1d645024a7ec2f9570a0615.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR16CA0062.namprd16.prod.outlook.com
 (2603:10b6:805:ca::39) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR16CA0062.namprd16.prod.outlook.com (2603:10b6:805:ca::39) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Tue, 4 Feb 2020 23:02:43 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 3dab2b76-59c7-4076-299c-08d7a9c657ff
X-MS-TrafficTypeDiagnostic: DM6PR12MB3930:|DM6PR12MB3930:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB3930C2BA3FC7CB772F5F1609EC030@DM6PR12MB3930.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:3044;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53786+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 w0i+kKA7VVGjSS6wsmf3ggUN3nSYVh0HEQETp6rW7FYpOaqOeOkZNhYqgt71nQmTPTwWeAV463xdD4Dfvrbb89r33B//UhPaQ9Kzd6NsYnGwo5AAII30dRj7OnCTuDxpNM1X3ExxzVJYeMu3XC+aBnGq/MdIO9LgzT3bSHPQyAktmbBaPBT33EjUg0+YOqMQU+DmNgcTnybgYacBRdonhLCB7/2vkgkcXAos0O8M0lURf8E9Gjcd/iG5PJebwM2rvVVdKfSNfZFLTNR5iV6/eWXdwjzKVCfl+EFGx+OzMG0bO8YMBqyDIsZsKV8YkTnWu0LlPQpmIOFgeHAOv3rqHKcXLdHNhGTmz9jTuKuvSVJJDtFFbd8YLE4HlGNxT877LKG10V+0xXMKIld1Dvn3yqd+KGmPl7LERDpNdGW5l+tRCAtJ47U0EmR6Zib08cy6vMZc2DI5u9QnM54gLyIsHAncZc/pxk5LHws5MNWmOc77cVyfvIwLjtIzWaZvt2LNv5XwerA7hI6Nq+7sXb4mAg==
X-MS-Exchange-AntiSpam-MessageData: 
 Z64TZYjh8hqQjeDb++heEwuqjXul56M3YxV30dqSFQ4ffdrnTSAyVrnl1kE3lz6mmgL3MiWkd9s0GNZwerfITWszZS8eAPa3YEPAdnsDwDJSh7g8u9tKJOiOsr1h+P6HdMvGKbvRbRdbadikZJvImA==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 3dab2b76-59c7-4076-299c-08d7a9c657ff
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2020 23:02:44.3182
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 YwOrR61t8Gbz1lSrDJ8mpP6x6/1+6EW73lrCSBFWfEHqPD/gnQVmh1sC+Q1w4GsEnl8hCPS6wlCIJZRVB1LU3Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3930
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: ELOBAKt9tncllY7pGIjDToQQx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580857392;
 bh=hq4R8fG7BwoVTjQ/zf7x2n8tavCND+njIbylHVEtWAI=;
 h=Cc:Content-Type:Date:From:Reply-To:Subject:To;
 b=vuTi4cyQP7R70P/5NXApxhgd1oZ0ALXTCd6FyhLoZb8YOxVNjbaLRvtG6XlF7AorZyN
 udwyoBmjYLbCIScBuZZeAKpB/hLn+sgTAbrw8c1fPuJP0DMfjT91IEyiUDi9IbRyZi6Ri
 CxzrncyRP4VYecrXGfJIu0tK5eqkJ7IysUs=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

After having transitioned from UEFI to the OS, the OS will need to boot
the APs. For an SEV-ES guest, the APs will have been parked by UEFI using
GHCB pages allocated by UEFI. The hypervisor will write to the GHCB
SW_EXITINFO2 field of the GHCB when the AP is booted. As a result, the
GHCB pages must be marked reserved so that the OS does not attempt to use
them and experience memory corruption because of the hypervisor write.

Change the GHCB allocation from the default boot services memory to
reserved memory.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 OvmfPkg/PlatformPei/AmdSev.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index b3fd2d86541a..84b337325d5c 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -49,9 +49,11 @@ AmdSevEsInitialize (
=20
   //
   // Allocate GHCB and per-CPU variable pages.
+  //   Since the pages must survive across the UEFI to OS transition
+  //   make them reserved.
   //
   GhcbPageCount =3D mMaxCpuCount * 2;
-  GhcbBase =3D AllocatePages (GhcbPageCount);
+  GhcbBase =3D AllocateReservedPages (GhcbPageCount);
   ASSERT (GhcbBase !=3D NULL);
=20
   GhcbBasePa =3D (PHYSICAL_ADDRESS)(UINTN) GhcbBase;
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53786): https://edk2.groups.io/g/devel/message/53786
Mute This Topic: https://groups.io/mt/70985009/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-

From nobody Wed May 15 02:09:15 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)
  smtp.mailfrom=bounce+27952+53826+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1580910981649356.62816987551537;
 Wed, 5 Feb 2020 05:56:21 -0800 (PST)
Return-Path: <bounce+27952+53826+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id JgWgYY1788612x53Eneo71g9;
 Wed, 05 Feb 2020 05:56:21 -0800
X-Received: from NAM12-MW2-obe.outbound.protection.outlook.com
 (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.87])
 by mx.groups.io with SMTP id smtpd.web10.7680.1580910980353628309
 for <devel@edk2.groups.io>;
 Wed, 05 Feb 2020 05:56:20 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=I/6j2rojI7RB/RC+KOZ/xP6ejUA0kOT/KjYVGm5tpT+lCQbJ2xaDr57hk8quidji/tXLsIDqWcNPpdcTl0uFFfWZqU/b8pgayeUcEatwDUHiFRtuXnPKtgS0qQu/IAsSyWWKH5kPxyu1c/kFNSnWyYMqPeVeD9GVji/Wwf4wz1O+F1TbRiKT9Sa4svKNeEgvfXXtqHWJKWPQ7maFbYqQe6JBlbI5rh51Ee2femLr/Eu/dsE++WBqVAcmEOF95D7PVagGx3lfcNLrxf2WXdCCDv7UyKcq9hCGepa2HFfAuo0lv1j0/IeS9iAWu42jOCkBbBYI2AmI8iXorKdbgv3nQg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=OHUDojvdBh+w0Hm7vkbL6ioXnfM7hyLD8Gd34mf3qYI=;
 b=ZDtbARszFXdtlwpROkTPN+EXiCWOSI6lvT15pt+OTiwMRckuhqCojqVc4+nJmWX3oKcFQDCpVyGUxjoC+0FWHzVvWHRa1eq9X+YMj/tqMPyPIYBxICSpkxxi3/ERKx1F44pQltnz6ymrYI1Ya/UageGmIyPfzkQwKdPzugV/dRW/xo8sj7TARje34zz53aDE3hh1FcTB3AJ/qBQ11OekGcRBfS6nW4e2R3Ug5xpgFBzQJkB6wEDnhIh/LpvXsuWA2pInY1xC+BphI726E5qhU6BlcMU/qqzOOtRRWbtAqkQ+nopRHs54eOiOJjnOsp60fKw28dwdhByxbjIw7+sTgQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by
 DM6PR12MB3306.namprd12.prod.outlook.com (20.179.105.148) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2707.21; Wed, 5 Feb 2020 13:56:19 +0000
X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270]) by DM6PR12MB3163.namprd12.prod.outlook.com
 ([fe80::a0cd:463:f444:c270%7]) with mapi id 15.20.2707.020; Wed, 5 Feb 2020
 13:56:19 +0000
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
To: devel@edk2.groups.io
Subject: [edk2-devel] [PATCH v4 40/40] UefiCpuPkg/MpInitLib: Prepare SEV-ES
 guest APs for OS use
Date: Wed,  5 Feb 2020 07:56:07 -0600
Message-Id: 
 <2f70be850cbdab468a91100f52ee1ff8aecb4a93.1580857303.git.thomas.lendacky@amd.com>
In-Reply-To: <cover.1580857303.git.thomas.lendacky@amd.com>
References: <cover.1580857303.git.thomas.lendacky@amd.com>
X-ClientProxiedBy: SN6PR04CA0096.namprd04.prod.outlook.com
 (2603:10b6:805:f2::37) To DM6PR12MB3163.namprd12.prod.outlook.com
 (2603:10b6:5:15e::26)
MIME-Version: 1.0
X-Received: from tlendack-t1.amd.com (165.204.77.1) by
 SN6PR04CA0096.namprd04.prod.outlook.com (2603:10b6:805:f2::37) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.32 via Frontend
 Transport; Wed, 5 Feb 2020 13:56:18 +0000
X-Originating-IP: [165.204.77.1]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 3870a5d9-c812-44d6-fe2b-08d7aa432cb9
X-MS-TrafficTypeDiagnostic: DM6PR12MB3306:
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB33061448E303B1A7AA6F103AEC020@DM6PR12MB3306.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8273;
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+53826+1787277+3901457@groups.io;
 helo=web01.groups.io;
Received-SPF: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 545LP9hscEO509OfR9rKWHmUzGOwa9GVkHyARA0CxJuZaS5XCAj/Jml9SZZz7UjyTfdJdbf9FrSdBU2dmvJ/MsU4tsbuK4e0RKcqDlBBq4vWR5TghzWZU/xuKTDxHAgfTM8veliEdfWpiwyMnnmYKzMvgneXlFMtflVLW59zzmaEK8DcPrtBsSseCUKlR5fnB2vltKJOlxVAeGkBrvLEpKY1hD4cK/iaxUgSyz2AP7efqfHQWavhIZ4nxI0hSwT4yQVnt2hG+ebt5jJNRPIkHYPXDGEKS257hyCaSNzWPA4eBhyRn8Z4vjetdeol3EeLgO+pzrQ8QFj9PcPhiKpZXho2r/AGakYQLXWK29cz7Vv+RNuzK90WWjT0avjEpw52c90eVmi4kUHPIK5keMZfkNMeCBK+k74uFT9qYs1jiFg9CtrIcGma/hrLxax6Di7raVObggH4cn+hb78kTQfbLOZoIpOTJkl5LTSZhNyLoCWMc6EfaYxrSC8wb5CLywyO5W0ldt1nuLC/i2JsmGhQzw==
X-MS-Exchange-AntiSpam-MessageData: 
 alhH4LqN9Iy3rz4ak3BSC8EdCILHxQBtC9Z74DYqEWHjImJyPdzJ5xfY+QJSr2Z2Um3PD5ENs77140U/YdPm5Sl+S+AZeryTUo7yede5F9NkKKqJgEbhbNqqC8d8LyBIounbOZ42MHomoSSaM1RKzw==
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 3870a5d9-c812-44d6-fe2b-08d7aa432cb9
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Feb 2020 13:56:18.9949
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 ODELs7sKt9oGBr51RfyNMFm5kQfny3G3YF95QtX65QaCm4PeT/KyZr0lklyI1SeanqVEtfS4ZkL+VzcqZrA5hw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3306
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com
X-Gm-Message-State: u2C6yt70U9vgQSo0XPpHcbMnx1787277AA=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1580910981;
 bh=eoRvi9DnXUENppPG4Cz+GFZHDx9OME5/TbZ9V+yLD20=;
 h=Content-Type:Date:From:Reply-To:Subject:To;
 b=FcHVYz8CDbH9kFtiYQqPWrPKOWZVk3Mj+sxNfpDUJG92SYh+nYQz03cxET6bQ7XPD77
 v65iFo1GVl0mYh4PknOLfXUxcghGIizuZypEbXvS3noaJ3C5zI5ychXfb/+66aB/0NCtS
 ELngqLvkJrbzRj0xt4KXj3kiUNIuh8MXK/Q=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198

Before UEFI transfers control to the OS, it must park the AP. This is
done using the AsmRelocateApLoop function to transition into 32-bit
non-paging mode. For an SEV-ES guest, a few additional things must be
done:
  - AsmRelocateApLoop must be updated to support SEV-ES. This means
    performing a VMGEXIT AP Reset Hold instead of an MWAIT or HLT loop.
  - Since the AP must transition to real mode, a small routine is copied
    to the WakeupBuffer area. Since the WakeupBuffer will be used by
    the AP during OS booting, it must be placed in reserved memory.
    Additionally, the AP stack must be located where it can be accessed
    in real mode.
  - Once the AP is in real mode it will transfer control to the
    destination specified by the OS in the SEV-ES AP Jump Table. The
    SEV-ES AP Jump Table address is saved by the hypervisor for the OS
    using the GHCB VMGEXIT AP Jump Table exit code.

Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/MpLib.h          |   8 +-
 UefiCpuPkg/Library/MpInitLib/DxeMpLib.c       |  44 +++++-
 UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm | 131 ++++++++++++++++--
 3 files changed, 166 insertions(+), 17 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn=
itLib/MpLib.h
index 63d81ac3e42e..541bc3613006 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -290,7 +290,8 @@ struct _CPU_MP_DATA {
   UINT64                         GhcbBase;
 };
=20
-#define AP_RESET_STACK_SIZE 64
+#define AP_SAFE_STACK_SIZE  128
+#define AP_RESET_STACK_SIZE AP_SAFE_STACK_SIZE
=20
 #pragma pack(1)
=20
@@ -346,8 +347,11 @@ VOID
   IN BOOLEAN                 MwaitSupport,
   IN UINTN                   ApTargetCState,
   IN UINTN                   PmCodeSegment,
+  IN UINTN                   Pm16CodeSegment,
   IN UINTN                   TopOfApStack,
-  IN UINTN                   NumberToFinish
+  IN UINTN                   NumberToFinish,
+  IN UINTN                   SevEsAPJumpTable,
+  IN UINTN                   WakeupBuffer
   );
=20
 /**
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M=
pInitLib/DxeMpLib.c
index 8df5b6d919e6..77a09548a517 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
@@ -12,13 +12,13 @@
 #include <Library/UefiBootServicesTableLib.h>
 #include <Library/DebugAgentLib.h>
 #include <Library/DxeServicesTableLib.h>
+#include <Library/VmgExitLib.h>
 #include <Register/Amd/Fam17Msr.h>
 #include <Register/Amd/Ghcb.h>
=20
 #include <Protocol/Timer.h>
=20
 #define  AP_CHECK_INTERVAL     (EFI_TIMER_PERIOD_MILLISECONDS (100))
-#define  AP_SAFE_STACK_SIZE    128
=20
 CPU_MP_DATA      *mCpuMpData =3D NULL;
 EFI_EVENT        mCheckAllApsEvent =3D NULL;
@@ -86,6 +86,13 @@ GetWakeupBuffer (
 {
   EFI_STATUS              Status;
   EFI_PHYSICAL_ADDRESS    StartAddress;
+  EFI_MEMORY_TYPE         MemoryType;
+
+  if (PcdGetBool (PcdSevEsIsEnabled)) {
+    MemoryType =3D EfiReservedMemoryType;
+  } else {
+    MemoryType =3D EfiBootServicesData;
+  }
=20
   //
   // Try to allocate buffer below 1M for waking vector.
@@ -98,7 +105,7 @@ GetWakeupBuffer (
   StartAddress =3D 0x88000;
   Status =3D gBS->AllocatePages (
                   AllocateMaxAddress,
-                  EfiBootServicesData,
+                  MemoryType,
                   EFI_SIZE_TO_PAGES (WakeupBufferSize),
                   &StartAddress
                   );
@@ -177,6 +184,11 @@ GetSevEsAPMemory (
=20
   DEBUG ((DEBUG_INFO, "Dxe: SevEsAPMemory =3D %lx\n", (UINTN) StartAddress=
));
=20
+  //
+  // Save the SevEsAPMemory as the AP jump table.
+  //
+  VmgExitSetAPJumpTable (StartAddress);
+
   return (UINTN) StartAddress;
 }
=20
@@ -331,17 +343,26 @@ RelocateApLoop (
   BOOLEAN                MwaitSupport;
   ASM_RELOCATE_AP_LOOP   AsmRelocateApLoopFunc;
   UINTN                  ProcessorNumber;
+  UINTN                  StackStart;
=20
   MpInitLibWhoAmI (&ProcessorNumber);
   CpuMpData    =3D GetCpuMpData ();
   MwaitSupport =3D IsMwaitSupport ();
+  if (CpuMpData->SevEsIsEnabled) {
+    StackStart =3D CpuMpData->SevEsAPResetStackStart;
+  } else {
+    StackStart =3D mReservedTopOfApStack;
+  }
   AsmRelocateApLoopFunc =3D (ASM_RELOCATE_AP_LOOP) (UINTN) mReservedApLoop=
Func;
   AsmRelocateApLoopFunc (
     MwaitSupport,
     CpuMpData->ApTargetCState,
     CpuMpData->PmCodeSegment,
-    mReservedTopOfApStack - ProcessorNumber * AP_SAFE_STACK_SIZE,
-    (UINTN) &mNumberToFinish
+    CpuMpData->Pm16CodeSegment,
+    StackStart - ProcessorNumber * AP_SAFE_STACK_SIZE,
+    (UINTN) &mNumberToFinish,
+    CpuMpData->SevEsAPBuffer,
+    CpuMpData->WakeupBuffer
     );
   //
   // It should never reach here
@@ -375,6 +396,21 @@ MpInitChangeApLoopCallback (
   while (mNumberToFinish > 0) {
     CpuPause ();
   }
+
+  if (CpuMpData->SevEsIsEnabled && (CpuMpData->WakeupBuffer !=3D (UINTN) -=
1)) {
+    //
+    // There are APs present. Re-use reserved memory area below 1MB from
+    // WakeupBuffer as the area to be used for transitioning to 16-bit mode
+    // in support of booting of the AP by an OS.
+    //
+    CopyMem (
+      (VOID *) CpuMpData->WakeupBuffer,
+      (VOID *) CpuMpData->AddressMap.RendezvousFunnelAddress +
+                 CpuMpData->AddressMap.SwitchToRealPM16ModeOffset,
+      CpuMpData->AddressMap.SwitchToRealPM16ModeSize
+      );
+  }
+
   DEBUG ((DEBUG_INFO, "%a() done!\n", __FUNCTION__));
 }
=20
diff --git a/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm b/UefiCpuPkg/Lib=
rary/MpInitLib/X64/MpFuncs.nasm
index 6956b408d004..3b8ec477b8b3 100644
--- a/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm
+++ b/UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm
@@ -465,6 +465,10 @@ BITS 16
     ;     - IP for Real Mode (two bytes)
     ;     - CS for Real Mode (two bytes)
     ;
+    ; This label is also used with AsmRelocateApLoop. During MP finalizati=
on,
+    ; the code from PM16Mode to SwitchToRealProcEnd is copied to the start=
 of
+    ; the WakeupBuffer, allowing a parked AP to be booted by an OS.
+    ;
 PM16Mode:
     mov        eax, cr0                    ; Read CR0
     btr        eax, 0                      ; Set PE=3D0
@@ -487,32 +491,95 @@ PM16Mode:
 SwitchToRealProcEnd:
=20
 ;-------------------------------------------------------------------------=
------------
-;  AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, TopOfAp=
Stack, CountTofinish);
+;  AsmRelocateApLoop (MwaitSupport, ApTargetCState, PmCodeSegment, Pm16Cod=
eSegment, TopOfApStack, CountTofinish, SevEsAPJumpTable, WakeupBuffer);
 ;-------------------------------------------------------------------------=
------------
 global ASM_PFX(AsmRelocateApLoop)
 ASM_PFX(AsmRelocateApLoop):
 AsmRelocateApLoopStart:
 BITS 64
+    cmp        qword [rsp + 56], 0
+    je         NoSevEs
+
+    ;
+    ; Perform some SEV-ES related setup before leaving 64-bit mode
+    ;
+    push       rcx
+    push       rdx
+
+    ;
+    ; Get the RDX reset value using CPUID
+    ;
+    mov        rax, 1
+    cpuid
+    mov        rsi, rax          ; Save off the reset value for RDX
+
+    ;
+    ; Prepare the GHCB for the AP_HLT_LOOP VMGEXIT call
+    ;   - Must be done while in 64-bit long mode so that writes to
+    ;     the GHCB memory will be unencrypted.
+    ;   - No NAE events can be generated once this is set otherwise
+    ;     the AP_RESET_HOLD SW_EXITCODE will be overwritten.
+    ;
+    mov        rcx, 0xc0010130
+    rdmsr                        ; Retrieve current GHCB address
+    shl        rdx, 32
+    or         rdx, rax
+
+    mov        rdi, rdx
+    xor        rax, rax
+    mov        rcx, 0x800
+    shr        rcx, 3
+    rep stosq                    ; Clear the GHCB
+
+    mov        rax, 0x80000004   ; VMGEXIT AP_RESET_HOLD
+    mov        [rdx + 0x390], rax
+
+    pop        rdx
+    pop        rcx
+
+NoSevEs:
     cli                          ; Disable interrupt before switching to 3=
2-bit mode
-    mov        rax, [rsp + 40]   ; CountTofinish
+    mov        rax, [rsp + 48]   ; CountTofinish
     lock dec   dword [rax]       ; (*CountTofinish)--
-    mov        rsp, r9
-    push       rcx
-    push       rdx
=20
-    lea        rsi, [PmEntry]    ; rsi <- The start address of transition =
code
+    mov        rax, [rsp + 56]   ; SevEsAPJumpTable
+    mov        rbx, [rsp + 64]   ; WakeupBuffer
+    mov        rsp, [rsp + 40]   ; TopOfApStack
+
+    push       rax               ; Save SevEsAPJumpTable
+    push       rbx               ; Save WakeupBuffer
+    push       r9                ; Save Pm16CodeSegment
+    push       rcx               ; Save MwaitSupport
+    push       rdx               ; Save ApTargetCState
+
+    lea        rax, [PmEntry]    ; rax <- The start address of transition =
code
=20
     push       r8
-    push       rsi
-    DB         0x48
-    retf
+    push       rax
+
+    ;
+    ; Clear R8 - R15, for reset, before going into 32-bit mode
+    ;
+    xor        r8, r8
+    xor        r9, r9
+    xor        r10, r10
+    xor        r11, r11
+    xor        r12, r12
+    xor        r13, r13
+    xor        r14, r14
+    xor        r15, r15
+
+    ;
+    ; Far return into 32-bit mode
+    ;
+o64 retf
+
 BITS 32
 PmEntry:
     mov        eax, cr0
     btr        eax, 31           ; Clear CR0.PG
     mov        cr0, eax          ; Disable paging and caches
=20
-    mov        ebx, edx          ; Save EntryPoint to rbx, for rdmsr will =
overwrite rdx
     mov        ecx, 0xc0000080
     rdmsr
     and        ah, ~ 1           ; Clear LME
@@ -525,6 +592,8 @@ PmEntry:
     add        esp, 4
     pop        ecx,
     add        esp, 4
+
+MwaitCheck:
     cmp        cl, 1              ; Check mwait-monitor support
     jnz        HltLoop
     mov        ebx, edx           ; Save C-State to ebx
@@ -538,10 +607,50 @@ MwaitLoop:
     shl        eax, 4
     mwait
     jmp        MwaitLoop
+
 HltLoop:
+    pop        edx                ; PM16CodeSegment
+    add        esp, 4
+    pop        ebx                ; WakeupBuffer
+    add        esp, 4
+    pop        eax                ; SevEsAPJumpTable
+    add        esp, 4
+    cmp        eax, 0             ; Check for SEV-ES
+    je         DoHlt
+
+    cli
+    ;
+    ; SEV-ES is enabled, use VMGEXIT (GHCB information already
+    ; set by caller)
+    ;
+BITS 64
+    rep        vmmcall
+BITS 32
+
+    ;
+    ; Back from VMGEXIT AP_HLT_LOOP
+    ;   Push the FLAGS/CS/IP values to use
+    ;
+    push       word 0x0002        ; EFLAGS
+    xor        ecx, ecx
+    mov        cx, [eax + 2]      ; CS
+    push       cx
+    mov        cx, [eax]          ; IP
+    push       cx
+    push       word 0x0000        ; For alignment, will be discarded
+
+    push       edx
+    push       ebx
+
+    mov        edx, esi           ; Restore RDX reset value
+
+    retf
+
+DoHlt:
     cli
     hlt
-    jmp        HltLoop
+    jmp        DoHlt
+
 BITS 64
 AsmRelocateApLoopEnd:
=20
--=20
2.17.1


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53826): https://edk2.groups.io/g/devel/message/53826
Mute This Topic: https://groups.io/mt/70995558/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-