1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
/** @file
AMD Sev Dxe driver. This driver is dispatched early in DXE, due to being list
in APRIORI. It clears C-bit from MMIO and NonExistent Memory space when SEV
is enabled.
Copyright (c) 2017, AMD Inc. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/DxeServicesTableLib.h>
#include <Library/MemEncryptSevLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
EFI_STATUS
EFIAPI
AmdSevDxeEntryPoint (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;
UINTN NumEntries;
UINTN Index;
//
// Do nothing when SEV is not enabled
//
if (!MemEncryptSevIsEnabled ()) {
return EFI_UNSUPPORTED;
}
//
// Iterate through the GCD map and clear the C-bit from MMIO and NonExistent
// memory space. The NonExistent memory space will be used for mapping the
// MMIO space added later (eg PciRootBridge). By clearing both known MMIO and
// NonExistent memory space can gurantee that current and furture MMIO adds
// will have C-bit cleared.
//
Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);
if (!EFI_ERROR (Status)) {
for (Index = 0; Index < NumEntries; Index++) {
CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc;
Desc = &AllDescMap[Index];
if (Desc->GcdMemoryType == EfiGcdMemoryTypeMemoryMappedIo ||
Desc->GcdMemoryType == EfiGcdMemoryTypeNonExistent) {
Status = MemEncryptSevClearPageEncMask (
0,
Desc->BaseAddress,
EFI_SIZE_TO_PAGES (Desc->Length),
FALSE
);
ASSERT_EFI_ERROR (Status);
}
}
FreePool (AllDescMap);
}
//
// When SMM is enabled, clear the C-bit from SMM Saved State Area
//
// NOTES: The SavedStateArea address cleared here is before SMBASE
// relocation. Currently, we do not clear the SavedStateArea address after
// SMBASE is relocated due to the following reasons:
//
// 1) Guest BIOS never access the relocated SavedStateArea.
//
// 2) The C-bit works on page-aligned address, but the SavedStateArea
// address is not a page-aligned. Theoretically, we could roundup the address
// and clear the C-bit of aligned address but looking carefully we found
// that some portion of the page contains code -- which will causes a bigger
// issues for SEV guest. When SEV is enabled, all the code must be encrypted
// otherwise hardware will cause trap.
//
// We restore the C-bit for this SMM Saved State Area after SMBASE relocation
// is completed (See OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c).
//
if (FeaturePcdGet (PcdSmmSmramRequire)) {
UINTN MapPagesBase;
UINTN MapPagesCount;
Status = MemEncryptSevLocateInitialSmramSaveStateMapPages (
&MapPagesBase,
&MapPagesCount
);
ASSERT_EFI_ERROR (Status);
//
// Although these pages were set aside (i.e., allocated) by PlatformPei, we
// could be after a warm reboot from the OS. Don't leak any stale OS data
// to the hypervisor.
//
ZeroMem ((VOID *)MapPagesBase, EFI_PAGES_TO_SIZE (MapPagesCount));
Status = MemEncryptSevClearPageEncMask (
0, // Cr3BaseAddress -- use current CR3
MapPagesBase, // BaseAddress
MapPagesCount, // NumPages
TRUE // Flush
);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "%a: MemEncryptSevClearPageEncMask(): %r\n",
__FUNCTION__, Status));
ASSERT (FALSE);
CpuDeadLoop ();
}
}
return EFI_SUCCESS;
}
|
