tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

UefiCpuPkg/MpInitLib: AP creation support under an SVSM 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654

When running under an SVSM, the VMPL level of the APs that are started
must match the VMPL level provided by the SVSM. Additionally, each AP
must have a Calling Area for use with the SVSM protocol. Update the AP
creation to properly support running under an SVSM.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Acked-by: Ray Ni <ray.ni@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
This commit is contained in:
Tom Lendacky 2024-03-08 07:32:44 -08:00 committed by mergify[bot]
parent 28fecae8a3
commit a010681f74
1 changed files with 19 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
View File

@ -44,7 +44,8 @@ SevSnpPerformApAction (
if (Action == SVM_VMGEXIT_SNP_AP_CREATE) {
//
// Turn the page into a recognized VMSA page.
// Turn the page into a recognized VMSA page. When an SVSM is present
// the page following the VMSA is the Calling Area page.
//
VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, TRUE);
if (EFI_ERROR (VmsaStatus)) {
@ -56,6 +57,7 @@ SevSnpPerformApAction (
}
ExitInfo1 = (UINT64)ApicId << 32;
ExitInfo1 |= (UINT64)SaveArea->Vmpl << 16;
ExitInfo1 |= Action;
ExitInfo2 = (UINT64)(UINTN)SaveArea;
@ -87,8 +89,9 @@ SevSnpPerformApAction (
if (Action == SVM_VMGEXIT_SNP_AP_DESTROY) {
//
// Make the current VMSA not runnable and accessible to be
// reprogrammed.
// Make the current VMSA not runnable and accessible to be reprogrammed.
// When an SVSM is present the page following the VMSA is the Calling Area
// page.
//
VmsaStatus = AmdSvsmSnpVmsaRmpAdjust (SaveArea, ApicId, FALSE);
if (EFI_ERROR (VmsaStatus)) {
@ -116,6 +119,7 @@ SevSnpCreateSaveArea (
UINT32 ApicId
)
{
UINTN PageCount;
UINT8 *Pages;
SEV_ES_SAVE_AREA *SaveArea;
IA32_CR0 ApCr0;
@ -125,13 +129,19 @@ SevSnpCreateSaveArea (
UINTN StartIp;
UINT8 SipiVector;
//
// When running under an SVSM, a Calling Area page is also needed and is
// always the page following the VMSA.
//
PageCount = AmdSvsmIsSvsmPresent () ? 2 : 1;
if (CpuData->SevEsSaveArea == NULL) {
//
// Allocate a page for the SEV-ES Save Area and initialize it. Due to AMD
// erratum #1467 (VMSA cannot be on a 2MB boundary), allocate an extra page
// to choose from to work around the issue.
//
Pages = AllocateReservedPages (2);
Pages = AllocateReservedPages (PageCount + 1);
if (!Pages) {
return;
}
@ -140,12 +150,12 @@ SevSnpCreateSaveArea (
// Since page allocation works by allocating downward in the address space,
// try to always free the first (lower address) page to limit possible holes
// in the memory map. So, if the address of the second page is 2MB aligned,
// then use the first page and free the second page. Otherwise, free the
// then use the first page and free the last page. Otherwise, free the
// first page and use the second page.
//
if (_IS_ALIGNED (Pages + EFI_PAGE_SIZE, SIZE_2MB)) {
SaveArea = (SEV_ES_SAVE_AREA *)Pages;
FreePages (Pages + EFI_PAGE_SIZE, 1);
FreePages (Pages + (EFI_PAGE_SIZE * PageCount), 1);
} else {
SaveArea = (SEV_ES_SAVE_AREA *)(Pages + EFI_PAGE_SIZE);
FreePages (Pages, 1);
@ -163,7 +173,7 @@ SevSnpCreateSaveArea (
}
}
ZeroMem (SaveArea, EFI_PAGE_SIZE);
ZeroMem (SaveArea, EFI_PAGE_SIZE * PageCount);
//
// Propogate the CR0.NW and CR0.CD setting to the AP
@ -239,10 +249,10 @@ SevSnpCreateSaveArea (
//
// Set the SEV-SNP specific fields for the save area:
// VMPL - always VMPL0
// VMPL - based on current mode
// SEV_FEATURES - equivalent to the SEV_STATUS MSR right shifted 2 bits
//
SaveArea->Vmpl = 0;
SaveArea->Vmpl = AmdSvsmSnpGetVmpl ();
SaveArea->SevFeatures = AsmReadMsr64 (MSR_SEV_STATUS) >> 2;
SevSnpPerformApAction (SaveArea, ApicId, SVM_VMGEXIT_SNP_AP_CREATE);