From 47001ab98914970e712d5580c2e83beb04add396 Mon Sep 17 00:00:00 2001 From: Tom Lendacky Date: Fri, 8 Mar 2024 07:32:50 -0800 Subject: [PATCH] Ovmfpkg/CcExitLib: Provide SVSM discovery support BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654 The SVSM specification documents an alternative method of discovery for the SVSM using a reserved CPUID bit and a reserved MSR. For the CPUID support, the #VC handler of an SEV-SNP guest should modify the returned value in the EAX register for the 0x8000001f CPUID function by setting bit 28 when an SVSM is present. For the MSR support, new reserved MSR 0xc001f000 has been defined. A #VC should be generated when accessing this MSR. The #VC handler is expected to ignore writes to this MSR and return the physical calling area address (CAA) on reads of this MSR. Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Cc: Jiewen Yao Cc: Laszlo Ersek Cc: Michael Roth Cc: Min Xu Acked-by: Gerd Hoffmann Signed-off-by: Tom Lendacky --- OvmfPkg/Library/CcExitLib/CcExitLib.inf | 3 ++- OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 29 +++++++++++++++++++-- OvmfPkg/Library/CcExitLib/SecCcExitLib.inf | 3 ++- 3 files changed, 31 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/Library/CcExitLib/CcExitLib.inf b/OvmfPkg/Library/CcExitLib/CcExitLib.inf index bc75cd5f5a..e09f18453a 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitLib.inf +++ b/OvmfPkg/Library/CcExitLib/CcExitLib.inf @@ -1,7 +1,7 @@ ## @file # CcExitLib Library. # -# Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.
# Copyright (C) 2020 - 2022, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -41,6 +41,7 @@ DebugLib LocalApicLib MemEncryptSevLib + AmdSvsmLib [Pcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c index 0fc30f7bc4..0b61d28f8b 100644 --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c @@ -1,7 +1,7 @@ /** @file X64 #VC Exception Handler functon. - Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.
+ Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -12,6 +12,7 @@ #include #include #include +#include #include #include #include @@ -713,10 +714,29 @@ MsrExit ( IN CC_INSTRUCTION_DATA *InstructionData ) { - UINT64 ExitInfo1, Status; + MSR_SVSM_CAA_REGISTER Msr; + UINT64 ExitInfo1; + UINT64 Status; ExitInfo1 = 0; + // + // The SVSM CAA MSR is a software implemented MSR and not supported + // by the hardware, handle it directly. + // + if (Regs->Rax == MSR_SVSM_CAA) { + // Writes to the SVSM CAA MSR are ignored + if (*(InstructionData->OpCodes + 1) == 0x30) { + return 0; + } + + Msr.Uint64 = AmdSvsmSnpGetCaa (); + Regs->Rax = Msr.Bits.Lower32Bits; + Regs->Rdx = Msr.Bits.Upper32Bits; + + return 0; + } + switch (*(InstructionData->OpCodes + 1)) { case 0x30: // WRMSR ExitInfo1 = 1; @@ -1388,6 +1408,11 @@ GetCpuidFw ( *Ebx = (*Ebx & 0xFFFFFF00) | (Ebx2 & 0x000000FF); /* node ID */ *Ecx = (*Ecx & 0xFFFFFF00) | (Ecx2 & 0x000000FF); + } else if (EaxIn == 0x8000001F) { + /* Set the SVSM feature bit if running under an SVSM */ + if (AmdSvsmIsSvsmPresent ()) { + *Eax |= BIT28; + } } Out: diff --git a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf index 811269dd2c..dff6cd2761 100644 --- a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf +++ b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf @@ -1,7 +1,7 @@ ## @file # VMGEXIT Support Library. # -# Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -41,6 +41,7 @@ LocalApicLib MemEncryptSevLib PcdLib + AmdSvsmLib [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase