Re: [edk2-devel] [PATCH v4 38/40] OvmfPkg: Use the SEV-ES work area for the SEV-ES AP reset vector

Laszlo Ersek Thu, 06 Feb 2020 01:30:14 -0800

On 02/05/20 00:01, Lendacky, Thomas wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198
> 
> A hypervisor is not allowed to update an SEV-ES guest's register state,
> so when booting an SEV-ES guest AP, the hypervisor is not allowed to
> set the RIP to the guest requested value. Instead an SEV-ES AP must be
> re-directed from within the guest to the actual requested staring location
> as specified in the INIT-SIPI-SIPI sequence.
> 
> Use the SEV-ES work area for the reset vector code that contains support
> to jump to the desired RIP location after having been started. This is
> required for only the very first AP reset.
> 
> This new OVMF source file, ResetVectorVtf0.asm, is used in place of the
> original file through the use of the include path order set in
> OvmfPkg/ResetVector/ResetVector.inf under "[BuildOptions]".
> 
> Cc: Jordan Justen <jordan.l.jus...@intel.com>
> Cc: Laszlo Ersek <ler...@redhat.com>
> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
> Signed-off-by: Tom Lendacky <thomas.lenda...@amd.com>
> ---
>  OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 100 +++++++++++++++++++
>  OvmfPkg/ResetVector/ResetVector.nasmb        |   1 +
>  2 files changed, 101 insertions(+)
>  create mode 100644 OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> 
> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm 
> b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> new file mode 100644
> index 000000000000..980e0138e7fe
> --- /dev/null
> +++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> @@ -0,0 +1,100 @@
> +;------------------------------------------------------------------------------
> +; @file
> +; First code executed by processor after resetting.
> +; Derived from UefiCpuPkg/ResetVector/Vtf0/Ia16/ResetVectorVtf0.asm
> +;
> +; Copyright (c) 2008 - 2014, Intel Corporation. All rights reserved.<BR>
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;------------------------------------------------------------------------------
> +
> +BITS    16
> +
> +ALIGN   16
> +
> +;
> +; Pad the image size to 4k when page tables are in VTF0
> +;
> +; If the VTF0 image has page tables built in, then we need to make
> +; sure the end of VTF0 is 4k above where the page tables end.
> +;
> +; This is required so the page tables will be 4k aligned when VTF0 is
> +; located just below 0x100000000 (4GB) in the firmware device.
> +;
> +%ifdef ALIGN_TOP_TO_4K_FOR_PAGING
> +    TIMES (0x1000 - ($ - EndOfPageTables) - 0x20) DB 0
> +%endif
> +
> +;
> +; SEV-ES Processor Reset support
> +;
> +; sevEsResetBlock:
> +;   For the initial boot of an AP under SEV-ES, the "reset" RIP must be
> +;   programmed to the RAM area defined by SEV_ES_AP_RESET_IP. A known offset
> +;   and GUID will be used to locate this block in the firmware and extract
> +;   the build time RIP value. The GUID must always be 48 bytes from the
> +;   end of the firmware.
> +;
> +;   0xffffffca (-0x36) - IP value
> +;   0xffffffcc (-0x34) - CS segment base [31:16]
> +;   0xffffffce (-0x32) - Size of the SEV-ES reset block
> +;   0xffffffd0 (-0x30) - SEV-ES reset block GUID
> +;                        (00f771de-1a7e-4fcb-890e-68c77e2fb44e)
> +;
> +;   A hypervisor reads the CS segement base and IP value. The CS segment base
> +;   value represents the high order 16-bits of the CS segment base, so the
> +;   hypervisor must left shift the value of the CS segement base by 16 bits 
> to
> +;   form the full CS segment base for the CS segment register. It would then
> +;   program the EIP register with the IP value as read.
> +;
> +
> +TIMES (32 - (sevEsResetBlockEnd - sevEsResetBlockStart)) DB 0
> +
> +sevEsResetBlockStart:
> +    DD      SEV_ES_AP_RESET_IP
> +    DW      sevEsResetBlockEnd - sevEsResetBlockStart
> +    DB      0xDE, 0x71, 0xF7, 0x00, 0x7E, 0x1A, 0xCB, 0x4F
> +    DB      0x89, 0x0E, 0x68, 0xC7, 0x7E, 0x2F, 0xB4, 0x4E
> +sevEsResetBlockEnd:
> +
> +ALIGN   16
> +
> +applicationProcessorEntryPoint:
> +;
> +; Application Processors entry point
> +;
> +; GenFv generates code aligned on a 4k boundary which will jump to this
> +; location.  (0xffffffe0)  This allows the Local APIC Startup IPI to be
> +; used to wake up the application processors.
> +;
> +    jmp     EarlyApInitReal16
> +
> +ALIGN   8
> +
> +    DD      0
> +
> +;
> +; The VTF signature
> +;
> +; VTF-0 means that the VTF (Volume Top File) code does not require
> +; any fixups.
> +;
> +vtfSignature:
> +    DB      'V', 'T', 'F', 0
> +
> +ALIGN   16
> +
> +resetVector:
> +;
> +; Reset Vector
> +;
> +; This is where the processor will begin execution
> +;
> +    nop
> +    nop
> +    jmp     EarlyBspInitReal16
> +
> +ALIGN   16
> +
> +fourGigabytes:
> +
> diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb 
> b/OvmfPkg/ResetVector/ResetVector.nasmb
> index 97e36ef591ab..12265e7746c1 100644
> --- a/OvmfPkg/ResetVector/ResetVector.nasmb
> +++ b/OvmfPkg/ResetVector/ResetVector.nasmb
> @@ -82,5 +82,6 @@
>  
>  %include "Main.asm"
>  
> +  %define SEV_ES_AP_RESET_IP  FixedPcdGet32 (PcdSevEsWorkAreaBase)
>  %include "Ia16/ResetVectorVtf0.asm"
>  
>


Nice, thanks!

Reviewed-by: Laszlo Ersek <ler...@redhat.com>

Laszlo


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53853): https://edk2.groups.io/g/devel/message/53853
Mute This Topic: https://groups.io/mt/70985007/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v4 38/40] OvmfPkg: Use the SEV-ES work area for the SEV-ES AP reset vector

Reply via email to