On Fri, Apr 21, 2023 at 09:26:44AM -0500, Tom Lendacky wrote: > On 4/21/23 03:36, Dun Tan wrote: > > Remove code that apply AddressEncMask to non-leaf entry when split > > smm page table by MemEncryptSevLib. In FvbServicesSmm driver, it > > calls MemEncryptSevClearMmioPageEncMask to clear AddressEncMask > > bit in page table for a specific range. In AMD SEV feature, this > > AddressEncMask bit in page table is used to indicate if the memory > > is guest private memory or shared memory. But all memory used by > > page table are treated as encrypted regardless of encryption bit. > > So remove the EncMask bit for smm non-leaf page table entry > > doesn't impact AMD SEV feature. > > If page split happens in the AddressEncMask bit clear process, > > there will be some new non-leaf entries with AddressEncMask > > applied in smm page table. When ReadyToLock, code in PiSmmCpuDxe > > module will use CpuPageTableLib to modify smm page table. So > > remove code to apply AddressEncMask for new non-leaf entries > > since CpuPageTableLib doesn't consume the EncMask PCD. > > I'm really not a fan of removing the encryption mask, because technically it > is correct to have it present in non-leaf entries. I really think the > pagetable library should be able to work correctly with or without the > encryption mask.
Agree. We have a bunch of custom page page code in TDX and SEV support libraries. See here: - Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c - Library/BaseMemEncryptTdxLib/MemoryEncryption.c - Library/PeilessStartupLib/X64/VirtualMemory.c I'd like to see those switched over to use the pagetable library, and that probably requires support for the tdx/sev specific page table bits. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#103463): https://edk2.groups.io/g/devel/message/103463 Mute This Topic: https://groups.io/mt/98406586/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
