OvmfPkg/ResetVector: Clear SEV encryption bit for non-leaf PTEs

Future changes will make use of CpuPageTableLib to handle splitting
page table mappings during SEC phase. While it's not strictly required
by hardware, CpuPageTableLib relies on non-leaf PTEs never having the
encryption bit set, so go ahead change the page table setup code to
satisfy this expectation.

Suggested-by: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
This commit is contained in:
Michael Roth 2024-05-02 13:49:21 +02:00 committed by mergify[bot]
parent 5f783827bb
commit fd290ab862
2 changed files with 14 additions and 11 deletions

View File

@ -162,11 +162,14 @@ SevClearPageEncMaskForGhcbPage:
; ;
; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted. ; The initial GHCB will live at GHCB_BASE and needs to be un-encrypted.
; This requires the 2MB page for this range be broken down into 512 4KB ; This requires the 2MB page for this range be broken down into 512 4KB
; pages. All will be marked encrypted, except for the GHCB. ; pages. All will be marked encrypted, except for the GHCB. Since the
; original PMD entry is no longer a leaf entry, remove the encryption
; bit when pointing to the PTE page.
; ;
mov ecx, (GHCB_BASE >> 21) mov ecx, (GHCB_BASE >> 21)
mov eax, GHCB_PT_ADDR + PAGE_PDP_ATTR mov eax, GHCB_PT_ADDR + PAGE_PDP_ATTR
mov [ecx * 8 + PT_ADDR (0x2000)], eax mov [ecx * 8 + PT_ADDR (0x2000)], eax
mov [ecx * 8 + PT_ADDR (0x2000) + 4], strict dword 0
; ;
; Page Table Entries (512 * 4KB entries => 2MB) ; Page Table Entries (512 * 4KB entries => 2MB)

View File

@ -67,7 +67,7 @@ BITS 32
; ;
; Create page tables for 4-level paging ; Create page tables for 4-level paging
; ;
; Argument: upper 32 bits of the page table entries ; Argument: upper 32 bits of the leaf page table entries
; ;
%macro CreatePageTables4Level 1 %macro CreatePageTables4Level 1
@ -78,19 +78,19 @@ BITS 32
; Top level Page Directory Pointers (1 * 512GB entry) ; Top level Page Directory Pointers (1 * 512GB entry)
; ;
mov dword[PT_ADDR (0)], PT_ADDR (0x1000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0)], PT_ADDR (0x1000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (4)], %1 mov dword[PT_ADDR (4)], 0
; ;
; Next level Page Directory Pointers (4 * 1GB entries => 4GB) ; Next level Page Directory Pointers (4 * 1GB entries => 4GB)
; ;
mov dword[PT_ADDR (0x1000)], PT_ADDR (0x2000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0x1000)], PT_ADDR (0x2000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (0x1004)], %1 mov dword[PT_ADDR (0x1004)], 0
mov dword[PT_ADDR (0x1008)], PT_ADDR (0x3000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0x1008)], PT_ADDR (0x3000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (0x100C)], %1 mov dword[PT_ADDR (0x100C)], 0
mov dword[PT_ADDR (0x1010)], PT_ADDR (0x4000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0x1010)], PT_ADDR (0x4000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (0x1014)], %1 mov dword[PT_ADDR (0x1014)], 0
mov dword[PT_ADDR (0x1018)], PT_ADDR (0x5000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0x1018)], PT_ADDR (0x5000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (0x101C)], %1 mov dword[PT_ADDR (0x101C)], 0
; ;
; Page Table Entries (2048 * 2MB entries => 4GB) ; Page Table Entries (2048 * 2MB entries => 4GB)
@ -141,7 +141,7 @@ BITS 32
; ;
; Create page tables for 5-level paging with gigabyte pages ; Create page tables for 5-level paging with gigabyte pages
; ;
; Argument: upper 32 bits of the page table entries ; Argument: upper 32 bits of the leaf page table entries
; ;
; We have 6 pages available for the early page tables, ; We have 6 pages available for the early page tables,
; we use four of them: ; we use four of them:
@ -164,15 +164,15 @@ BITS 32
; level 5 ; level 5
mov dword[PT_ADDR (0)], PT_ADDR (0x1000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0)], PT_ADDR (0x1000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (4)], %1 mov dword[PT_ADDR (4)], 0
; level 4 ; level 4
mov dword[PT_ADDR (0x1000)], PT_ADDR (0x3000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0x1000)], PT_ADDR (0x3000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (0x1004)], %1 mov dword[PT_ADDR (0x1004)], 0
; level 3 (1x -> level 2, 3x 1GB) ; level 3 (1x -> level 2, 3x 1GB)
mov dword[PT_ADDR (0x3000)], PT_ADDR (0x2000) + PAGE_PDE_DIRECTORY_ATTR mov dword[PT_ADDR (0x3000)], PT_ADDR (0x2000) + PAGE_PDE_DIRECTORY_ATTR
mov dword[PT_ADDR (0x3004)], %1 mov dword[PT_ADDR (0x3004)], 0
mov dword[PT_ADDR (0x3008)], (1 << 30) + PAGE_PDE_LARGEPAGE_ATTR mov dword[PT_ADDR (0x3008)], (1 << 30) + PAGE_PDE_LARGEPAGE_ATTR
mov dword[PT_ADDR (0x300c)], %1 mov dword[PT_ADDR (0x300c)], %1
mov dword[PT_ADDR (0x3010)], (2 << 30) + PAGE_PDE_LARGEPAGE_ATTR mov dword[PT_ADDR (0x3010)], (2 << 30) + PAGE_PDE_LARGEPAGE_ATTR