[edk2-devel] [PATCH v3 00/11] SEV-ES guest support fixes and cleanup

Fri Nov 6 06:29:38 UTC 2020

On 11/5/20 8:34 AM, Tom Lendacky wrote:
> On 11/4/20 9:29 PM, Laszlo Ersek wrote:
>> On 10/29/20 15:17, Lendacky, Thomas wrote:
>>> From: Tom Lendacky <thomas.lendacky at amd.com>
>>>
>>> This patch series provides some fixes, updates and cleanup to the SEV-ES
>>> guest support:
>>>
>>> - Update the calculation of the qword offset of fields within the GHCB
>>>    by removing the hardcoding of the offsets and using the OFFSET_OF ()
>>>    and sizeof () functions to calculate the values. Remove unused values
>>>    and add values that will be used in later patches.
>>>
>>> - Set the SwExitCode, SwExitInfo1, SwExitInfo2 and SwScratch valid bits
>>>    in the GHCB ValidBitmap area when these fields are for a VMGEXIT. This
>>>    is done by adding two new interfaces to the VmgExitLib library to set
>>>    and test the bits of the GHCB ValidBitmap. This reduces code 
>>> duplication
>>>    and keeps access to the ValidBitmap field within the VmgExitLib 
>>> library.
>>>
>>> - Update the Qemu flash drive services support to add SEV-ES support for
>>>    erasing blocks.
>>>
>>> - Disable interrupts when using the GHCB.
>>>
>>> - Use the processor number for setting the AP stack pointer instead of the
>>>    APIC ID by calling GetProcessorNumber().
>>>
>>> BZ: 
>>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3008&data=04%7C01%7Cthomas.lendacky%40amd.com%7C0697eb8b721342b8a39508d8813b1f3c%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637401438219622636%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7Ox%2FhGWT9GKg9v5gIX2xRjIvKLiGBkeBzT7Via20cZk%3D&reserved=0 
>>>
>>>
>>> ---
>>>
>>> These patches are based on commit:
>>> 6ad819c1abe3 ("FmpDevicePkg/FmpDeviceLib: Add Last Attempt Status to 
>>> Check/Set API")
>>>
>>> Cc: Ard Biesheuvel <ard.biesheuvel at arm.com>
>>> Cc: Eric Dong <eric.dong at intel.com>
>>> Cc: Laszlo Ersek <lersek at redhat.com>
>>> Cc: Liming Gao <gaoliming at byosoft.com.cn>
>>> Cc: Jordan Justen <jordan.l.justen at intel.com>
>>> Cc: Michael D Kinney <michael.d.kinney at intel.com>
>>> Cc: Rahul Kumar <rahul1.kumar at intel.com>
>>> Cc: Zhiguang Liu <zhiguang.liu at intel.com>
>>> Cc: Ray Ni <ray.ni at intel.com>
>>> Cc: Tom Lendacky <thomas.lendacky at amd.com>
>>> Cc: Brijesh Singh <brijesh.singh at amd.com>
>>>
>>> Changes since v2:
>>> - Don't rename the GHCB_REGISTER enum type.
>>>
>>> Changes since v1:
>>> - For the GHCB savearea changes, create a new reserved area name instead
>>>    of "renumbering" the reserved areas.
>>> - Rework the ValidBitmap set/test support to be part of the VmgExitLib
>>>    library. Create two new interfaces for setting and testing bits in the
>>>    GHCB ValidBitmap field and adjust all existing code and the new code in
>>>    this series to use these interfaces for the ValidBitmap updates/checks.
>>> - Don't disable interrupts for just the Qemu flash services support, but
>>>    rather, cover all users of the GHCB by disabling interrupts in 
>>> VmgInit()
>>>    and restoring them in VmgDone(). This requires changes to those
>>>    interaces.
>>>
>>> Tom Lendacky (11):
>>>    MdePkg: Clean up GHCB field offsets and save area
>>>    UefiCpuPkg/VmgExitLib: Add interfaces to set/read GHCB ValidBitmap
>>>      bits
>>>    OvmfPkg/VmgExitLib: Implement new VmgExitLib interfaces
>>>    OvmfPkg/VmgExitLib: Set the SW exit fields when performing VMGEXIT
>>>    OvmfPkg/VmgExitLib: Set the SwScratch valid bit for IOIO events
>>>    OvmfPkg/VmgExitLib: Set the SwScratch valid bit for MMIO events
>>>    UefiCpuPkg/MpInitLib: Set the SW exit fields when performing VMGEXIT
>>>    OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Set the SwScratch valid bit
>>>    OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Fix erase blocks for SEV-ES
>>>    UefiCpuPkg, OvmfPkg: Disable interrupts when using the GHCB
>>>    UefiCpuPkg/MpInitLib: For SEV-ES guest, set stack based on processor
>>>      number
>>>
>>>   MdePkg/Include/Register/Amd/Ghcb.h                    |  40 +++---
>>>   UefiCpuPkg/Include/Library/VmgExitLib.h               |  51 +++++++-
>>>   OvmfPkg/Library/VmgExitLib/VmgExitLib.c               |  84 
>>> ++++++++++++-
>>>   OvmfPkg/Library/VmgExitLib/VmgExitVcHandler.c         | 129 
>>> ++++++--------------
>>>   OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c    |   4 +-
>>>   OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c |   6 +-
>>>   UefiCpuPkg/Library/MpInitLib/DxeMpLib.c               |   5 +-
>>>   UefiCpuPkg/Library/MpInitLib/MpLib.c                  |  14 ++-
>>>   UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.c    |  60 +++++++--
>>>   UefiCpuPkg/Library/MpInitLib/X64/MpFuncs.nasm         |   6 +
>>>   10 files changed, 258 insertions(+), 141 deletions(-)
>>>
>>
>> I've submitted PR#1086 
>> <https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2%2Fpull%2F1086&data=04%7C01%7Cthomas.lendacky%40amd.com%7C0697eb8b721342b8a39508d8813b1f3c%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637401438219622636%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NH2IfxbTqaHvVijHOGExWFU%2FECzxOVwgJyVajPZjaCw%3D&reserved=0>, 
>>
>> but CI seems slower than usual today, and I really need some sleep, so I
>> won't wait for CI. Tom, if the PR succeeds, please close TianoCore#3008,
>> noting the commit range, and please also follow up in this thread with
>> the commit range.
> 
> Thanks, Laszlo!
> 
> It looks like it failed because it doesn't like the use of the "sizeof 
> (UINT64)". I suppose I can change that to just hard code a value of 8. Let 
> me know what you think.

I did verify that changing the "sizeof (UINT64)" to "8" in the first patch 
results in all CI tests passing. I can re-submit with that, if you feel 
that is the best course of action.

Thanks,
Tom

> 
> Thanks,
> Tom
> 
>>
>> Thanks!
>> Laszlo
>>

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67080): https://edk2.groups.io/g/devel/message/67080
Mute This Topic: https://groups.io/mt/77888107/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-