From: Ceping Sun <cepingx....@intel.com> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4572
According to section 3.2 of the [GHCI] spec, if the return status is "TDG.VP.VMCALL_RETRY", TD must retry this operation for the pages in the region starting at the GPA specified in R11. Currently, TDVF has not handled the retry results of MapGPA. For this, TDVF should add the API to output the GPA at which MapGPA failed in R11 to handle the retry results. Reference: [GHCI]: TDX Guest-Host-Communication Interface v1.0 https://cdrdv2.intel.com/v1/dl/getContent/726790 Cc: Erdem Aktas <erdemak...@google.com> Cc: James Bottomley <j...@linux.ibm.com> Cc: Jiewen Yao <jiewen....@intel.com> Cc: Min Xu <min.m...@intel.com> Cc: Tom Lendacky <thomas.lenda...@amd.com> Cc: Michael Roth <michael.r...@amd.com> Cc: Gerd Hoffmann <kra...@redhat.com> Signed-off-by: Ceping Sun <cepingx....@intel.com> --- .../BaseMemEncryptTdxLib/MemoryEncryption.c | 19 +++ .../X64/TdVmCallMapGPA.nasm | 130 ++++++++++++++++++ 2 files changed, 149 insertions(+) create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/X64/TdVmCallMapGPA.nasm diff --git a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c index a01dc98852b8..b47f56b391a5 100644 --- a/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c +++ b/OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c @@ -38,6 +38,25 @@ typedef enum { STATIC PAGE_TABLE_POOL *mPageTablePool = NULL; +/** + This function is used to help request the host VMM to map a GPA range as + private or shared-memory mappings. + @param[in] Address 4K aligned start GPA of address range. + @param[in] Length Size of GPA region to be mapped. + @param[in,out] Results Returned result of the GPA at which MapGPA failed + + @return 0 A successful mapping + @return Other Some errors occurred while mapping +**/ + +UINTN +EFIAPI +TdVmCallMapGPA ( + IN UINT64 Address, + IN UINT64 Length, + IN OUT VOID *Results + ); + /** Returns boolean to indicate whether to indicate which, if any, memory encryption is enabled diff --git a/OvmfPkg/Library/BaseMemEncryptTdxLib/X64/TdVmCallMapGPA.nasm b/OvmfPkg/Library/BaseMemEncryptTdxLib/X64/TdVmCallMapGPA.nasm new file mode 100644 index 000000000000..37186bd0a0dd --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptTdxLib/X64/TdVmCallMapGPA.nasm @@ -0,0 +1,130 @@ +;------------------------------------------------------------------------------ +;* +;* Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR> +;* SPDX-License-Identifier: BSD-2-Clause-Patent +;* +;* +;------------------------------------------------------------------------------ + +DEFAULT REL +SECTION .text + +%define TDVMCALL_EXPOSE_REGS_MASK 0xffec +%define TDVMCALL 0x0 +%define TDVMCALL_MAPGPA 0x10001 +%define TDVMCALL_STATUS_RETRY 0x1 + +%macro tdcall 0 + db 0x66,0x0f,0x01,0xcc +%endmacro + +%macro tdcall_push_regs 0 + push rbp + mov rbp, rsp + push r15 + push r14 + push r13 + push r12 + push rbx + push rsi + push rdi +%endmacro + +%macro tdcall_pop_regs 0 + pop rdi + pop rsi + pop rbx + pop r12 + pop r13 + pop r14 + pop r15 + pop rbp +%endmacro + +%macro tdcall_regs_preamble 2 + mov rax, %1 + + xor rcx, rcx + mov ecx, %2 + + ; R10 = 0 (standard TDVMCALL) + + xor r10d, r10d + + ; Zero out unused (for standard TDVMCALL) registers to avoid leaking + ; secrets to the VMM. + + xor ebx, ebx + xor esi, esi + xor edi, edi + + xor edx, edx + xor ebp, ebp + xor r8d, r8d + xor r9d, r9d +%endmacro + +%macro tdcall_regs_postamble 0 + xor ebx, ebx + xor esi, esi + xor edi, edi + + xor ecx, ecx + xor edx, edx + xor r8d, r8d + xor r9d, r9d + xor r10d, r10d + xor r11d, r11d +%endmacro + +;------------------------------------------------------------------------------ +; 0 => RAX = TDCALL leaf +; M => RCX = TDVMCALL register behavior +; 1 => R10 = standard vs. vendor +; 0xa => R11 = TDVMCALL function / MapGPA +; RCX => R12 = p1 +; RDX => R13 = p2 + +; UINT64 +; EFIAPI +; TdVmCallMapGPA ( +; UINT64 Address, // Rcx +; UINT64 Length, // Rdx +; UINT64 *Results // r8 +; ) +global ASM_PFX(TdVmCallMapGPA) +ASM_PFX(TdVmCallMapGPA): + tdcall_push_regs + + mov r11, TDVMCALL_MAPGPA + mov r12, rcx + mov r13, rdx + + push r8 + + tdcall_regs_preamble TDVMCALL, TDVMCALL_EXPOSE_REGS_MASK + + tdcall + + ; ignore return dataif TDCALL reports failure. + test rax, rax + jnz .no_return_data + + ; Propagate TDVMCALL success/failure to return value. + mov rax, r10 + + ; Retrieve the Val pointer. + pop r8 + test r8, r8 + jz .no_return_data + + ; On Retry, propagate TDVMCALL output value to output param + cmp rax, TDVMCALL_STATUS_RETRY + jnz .no_return_data + mov [r8], r11 +.no_return_data: + tdcall_regs_postamble + + tdcall_pop_regs + + ret -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#110158): https://edk2.groups.io/g/devel/message/110158 Mute This Topic: https://groups.io/mt/102212638/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
