From nobody Mon Dec 23 09:47:59 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 151994910882722.404431831134048; Thu, 1 Mar 2018 16:05:08 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id EBE912255D6EE; Thu, 1 Mar 2018 15:58:29 -0800 (PST) Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 90D7E2255D6D6 for ; Thu, 1 Mar 2018 15:58:28 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C978E8D746; Fri, 2 Mar 2018 00:04:36 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-4.rdu2.redhat.com [10.10.120.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id E31F610B0F24; Fri, 2 Mar 2018 00:04:35 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Fri, 2 Mar 2018 01:04:07 +0100 Message-Id: <20180302000408.14201-20-lersek@redhat.com> In-Reply-To: <20180302000408.14201-1-lersek@redhat.com> References: <20180302000408.14201-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Fri, 02 Mar 2018 00:04:36 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Fri, 02 Mar 2018 00:04:36 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:'' Subject: [edk2] [PATCH 19/20] OvmfPkg/SmmCpuFeaturesLib: SEV: encrypt+free pages of init. save state map X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Jordan Justen , Brijesh Singh , Ard Biesheuvel MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Based on the following patch from Brijesh Singh : [PATCH v2 1/2] OvmfPkg/AmdSevDxe: Clear the C-bit from SMM Saved State http://mid.mail-archive.com/20180228161415.28723-2-brijesh.singh@amd.com https://lists.01.org/pipermail/edk2-devel/2018-February/022016.html Once PiSmmCpuDxeSmm relocates SMBASE for all VCPUs, the pages of the initial SMRAM save state map can be re-encrypted (including zeroing them out after setting the C-bit on them), and they can be released to DXE for general use (undoing the allocation that we did in PlatformPei's AmdSevInitialize() function). The decryption of the same pages (which will occur chronologically earlier) is implemented in the next patch; hence the "re-encryption" part of this patch is currently a no-op. The series is structured like this in order to be bisection-friendly. If the decryption patch preceded this patch, then an info leak would be created while standing between the patches. Cc: Ard Biesheuvel Cc: Brijesh Singh Cc: Jordan Justen Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf | 2 ++ OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c | 38 +++++++++++++= +++++++ 2 files changed, 40 insertions(+) diff --git a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf b/Ovmf= Pkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf index 5184abbf21bd..7c2aaa890b5e 100644 --- a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf +++ b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf @@ -19,21 +19,23 @@ [Defines] BASE_NAME =3D SmmCpuFeaturesLib MODULE_UNI_FILE =3D SmmCpuFeaturesLib.uni FILE_GUID =3D AC9991BE-D77A-464C-A8DE-A873DB8A4836 MODULE_TYPE =3D DXE_SMM_DRIVER VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D SmmCpuFeaturesLib CONSTRUCTOR =3D SmmCpuFeaturesLibConstructor =20 [Sources] SmmCpuFeaturesLib.c =20 [Packages] MdePkg/MdePkg.dec OvmfPkg/OvmfPkg.dec UefiCpuPkg/UefiCpuPkg.dec =20 [LibraryClasses] BaseLib BaseMemoryLib DebugLib + MemEncryptSevLib SmmServicesTableLib + UefiBootServicesTableLib diff --git a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c b/OvmfPk= g/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c index 13d929a983be..59c319e01bfb 100644 --- a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c +++ b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c @@ -1,39 +1,41 @@ /** @file The CPU specific programming for PiSmmCpuDxeSmm module. =20 Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
=20 This program and the accompanying materials are licensed and made availa= ble under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php =20 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WI= THOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. **/ =20 #include #include #include +#include #include #include +#include #include #include =20 // // EFER register LMA bit // #define LMA BIT10 =20 /** The constructor function =20 @param[in] ImageHandle The firmware allocated handle for the EFI image. @param[in] SystemTable A pointer to the EFI System Table. =20 @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS. =20 **/ EFI_STATUS EFIAPI SmmCpuFeaturesLibConstructor ( @@ -168,40 +170,76 @@ SmmCpuFeaturesHookReturnFromSmm ( if ((CpuSaveState->x64.AutoHALTRestart & BIT0) !=3D 0) { CpuSaveState->x64.AutoHALTRestart &=3D ~BIT0; } } return OriginalInstructionPointer; } =20 /** Hook point in normal execution mode that allows the one CPU that was ele= cted as monarch during System Management Mode initialization to perform addit= ional initialization actions immediately after all of the CPUs have processed = their first SMI and called SmmCpuFeaturesInitializeProcessor() relocating SMBA= SE into a buffer in SMRAM and called SmmCpuFeaturesHookReturnFromSmm(). **/ VOID EFIAPI SmmCpuFeaturesSmmRelocationComplete ( VOID ) { + EFI_STATUS Status; + UINTN MapPagesBase; + UINTN MapPagesCount; + + if (!MemEncryptSevIsEnabled ()) { + return; + } + + // + // Now that SMBASE relocation is complete, re-encrypt the original SMRAM= save + // state map's container pages, and release the pages to DXE. (The pages= were + // allocated in PlatformPei.) + // + Status =3D MemEncryptSevLocateInitialSmramSaveStateMapPages ( + &MapPagesBase, + &MapPagesCount + ); + ASSERT_EFI_ERROR (Status); + + Status =3D MemEncryptSevSetPageEncMask ( + 0, // Cr3BaseAddress -- use current CR3 + MapPagesBase, // BaseAddress + MapPagesCount, // NumPages + TRUE // Flush + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: MemEncryptSevSetPageEncMask(): %r\n", + __FUNCTION__, Status)); + ASSERT (FALSE); + CpuDeadLoop (); + } + + ZeroMem ((VOID *)MapPagesBase, EFI_PAGES_TO_SIZE (MapPagesCount)); + + Status =3D gBS->FreePages (MapPagesBase, MapPagesCount); + ASSERT_EFI_ERROR (Status); } =20 /** Return the size, in bytes, of a custom SMI Handler in bytes. If 0 is returned, then a custom SMI handler is not provided by this library, and the default SMI handler must be used. =20 @retval 0 Use the default SMI handler. @retval > 0 Use the SMI handler installed by SmmCpuFeaturesInstallSmiHandler(). The caller is required to allocate enough SMRAM for each CPU to support the size of t= he custom SMI handler. **/ UINTN EFIAPI SmmCpuFeaturesGetSmiHandlerSize ( VOID ) { return 0; --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel