tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Acidanthera UEFI Development Kit based on EDK II edk2-stable202311
23,493 Commits 12 Branches 0 Tags 320 MiB
C 76.4%
Assembly 10.5%
Python 9.3%
Rich Text Format 1.5%
C++ 0.8%
Other 1.1%
Go to file
Laszlo Ersek 5e2e5647b9 OvmfPkg/AmdSevDxe: decrypt the pages of the initial SMRAM save state map 
Based on the following patch from Brijesh Singh <brijesh.singh@amd.com>:

  [PATCH v2 1/2] OvmfPkg/AmdSevDxe: Clear the C-bit from SMM Saved State
  http://mid.mail-archive.com/20180228161415.28723-2-brijesh.singh@amd.com
  https://lists.01.org/pipermail/edk2-devel/2018-February/022016.html

Original commit message from Brijesh:

> When OVMF is built with SMM, SMMSaved State area (SMM_DEFAULT_SMBASE +
> SMRAM_SAVE_STATE_MAP_OFFSET) contains data which need to be accessed by
> both guest and hypervisor. Since the data need to be accessed by both
> hence we must map the SMMSaved State area as unencrypted (i.e C-bit
> cleared).
>
> This patch clears the SavedStateArea address before SMBASE relocation.
> Currently, we do not clear the SavedStateArea address after SMBASE is
> relocated due to the following reasons:
>
> 1) Guest BIOS never access the relocated SavedStateArea.
>
> 2) The C-bit works on page-aligned address, but the SavedStateArea
> address is not a page-aligned. Theoretically, we could roundup the
> address and clear the C-bit of aligned address but looking carefully we
> found that some portion of the page contains code -- which will causes a
> bigger issue for the SEV guest. When SEV is enabled, all the code must
> be encrypted otherwise hardware will cause trap.

Changes by Laszlo:

- separate AmdSevDxe bits from SmmCpuFeaturesLib bits;

- spell out PcdLib dependency with #include and in LibraryClasses;

- replace (SMM_DEFAULT_SMBASE + SMRAM_SAVE_STATE_MAP_OFFSET) calculation
  with call to new MemEncryptSevLocateInitialSmramSaveStateMapPages()
  function;

- consequently, pass page-aligned BaseAddress to
  MemEncryptSevClearPageEncMask();

- zero the pages before clearing the C-bit;

- pass Flush=TRUE to MemEncryptSevClearPageEncMask();

- harden the treatment of MemEncryptSevClearPageEncMask() failure.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Tested-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
 		2018-03-06 13:30:38 +01:00
AppPkg AppPkg/WebServer: Fix build failure. 2017-09-14 08:55:09 +08:00
ArmPkg ArmPkg/Library/CompilerIntrinsicsLib: Enable VS2017/ARM builds 2018-02-07 09:49:22 +08:00
ArmPlatformPkg ArmPlatformPkg/MemoryInitPeiLib: reserve rather than remove FV memory 2018-02-28 16:10:58 +00:00
ArmVirtPkg ArmVirtPkg: switch to DXE runtime version of DebugLib where appropriate 2018-02-24 13:58:53 +00:00
BaseTools BaseTools/GenVtf: silence false "stringop-overflow" warning with memcpy() 2018-03-05 22:38:35 +01:00
BeagleBoardPkg BeagleBoardPkg: drop unused PcdCacheEnabled dependency 2018-02-09 09:40:11 +00:00
Conf EDK II: Add .gitignore 2014-10-14 16:08:15 +00:00
CorebootModulePkg CorebootModulePkg/CbSupportDxe: Remove duplicated IO Space addition 2017-11-16 10:52:00 +08:00
CorebootPayloadPkg CorebootPayloadPkg/FbGop: Produces correct PixelsPerScanLine 2018-02-05 13:58:30 +08:00
CryptoPkg CryptoPkg: Update package version to 0.98 2018-01-23 08:56:27 +08:00
DuetPkg DuetPkg: Add SafeIntLib and BmpSupportLib to DSC files 2018-02-11 16:06:31 -08:00
EdkCompatibilityPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
EdkShellBinPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
EdkShellPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
EmbeddedPkg EmbeddedPkg: use central variable definitions in .vfr files 2018-02-23 14:23:35 +00:00
EmulatorPkg EmulatorPkg: Undefine CR3 macro in Host.h 2018-02-27 18:33:51 +08:00
FatBinPkg FatBinPkg: New EnhancedFatDxe binaries for IA32, X64, EBC and IPF 2017-12-22 09:40:18 +08:00
FatPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
IntelFrameworkModulePkg IntelFrameworkModulePkg/GenericBdsLib: Remove the useless Perf codes 2018-02-12 11:36:15 +08:00
IntelFrameworkPkg IntelFrameworkPkg/FrameworkUefiLib: Sync with MdePkg/UefiLib 2018-02-11 15:10:17 -08:00
IntelFsp2Pkg IntelFsp2Pkg-Tools: GenCfgOpt.py shouldn't include specific UPD name 2017-11-08 20:44:29 +08:00
IntelFsp2WrapperPkg IntelFsp2WrapperPkg: Update BaseFspWrapperApiLib to pass XCODE5 build 2018-01-18 15:39:54 +08:00
IntelFspPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
IntelFspWrapperPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
IntelSiliconPkg IntelSiliconPkg IntelVTdPmrPei: Install IOMMU PPI for pre-memory phase 2018-02-07 18:28:12 +08:00
MdeModulePkg MdeModulePkg/Terminal: ReadKeyStrokeEx always return key state 2018-03-06 12:14:29 +08:00
MdePkg MdePkg/DevicePathFromText: Fix byte orders of iSCSI.Lun 2018-03-03 15:12:50 +08:00
NetworkPkg NetworkPkg/HttpDxe: Support HTTP Delete Method. 2018-03-02 11:15:54 +08:00
Nt32Pkg Nt32Pkg/Nt32Pkg.fdf: Increase the size of FLASH Device. 2018-02-08 08:23:26 +08:00
Omap35xxPkg Omap35xxPkg: add GetTimeInNanoSecond implementation 2017-11-30 14:32:30 +00:00
OptionRomPkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
OvmfPkg OvmfPkg/AmdSevDxe: decrypt the pages of the initial SMRAM save state map 2018-03-06 13:30:38 +01:00
PcAtChipsetPkg PcAtChipsetPkg PeiAcpiTimerLib: Add the missing DebugLib header file 2018-02-07 09:16:15 +08:00
QuarkPlatformPkg QuarkPlatformPkg: Add SafeIntLib and BmpSupportLib to DSC files 2018-02-11 16:06:25 -08:00
QuarkSocPkg QuarkSocPkg/QNCSmmDispatcher: Fix use after free issue #2 2017-08-16 19:42:17 -07:00
SecurityPkg SecurityPkg/Tcg2Pei: drop Tcg2PhysicalPresenceLib dependency 2018-03-02 15:23:12 +01:00
ShellBinPkg ShellBinPkg: Ia32/X64 Shell binary update. 2017-12-22 09:22:05 +08:00
ShellPkg ShellPkg/ConsoleLogger: Fix a typo in UpdateDisplayFromHistory() 2018-03-04 12:06:16 +08:00
SignedCapsulePkg SignedCapsulePkg: Update EdkiiSystemCapsuleLib to check PCD value 2017-12-08 13:31:00 +08:00
SourceLevelDebugPkg SourceLevelDebugPkg DebugUsb3: Check mUsb3Instance before dereferencing it 2018-02-11 10:32:27 +08:00
StdLib StdLib/BsdSocketLib: Remove unused variables 2017-11-13 07:39:06 -08:00
StdLibPrivateInternalFiles edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
UefiCpuPkg UefiCpuPkg S3ResumePei: Signal S3SmmInitDone 2018-03-03 14:20:57 +08:00
UnixPkg
Vlv2DeviceRefCodePkg edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
Vlv2TbltDevicePkg Vlv2TbltDevicePkg/Override/GenericBdsLib:Remove useless Perf code 2018-02-12 11:36:15 +08:00
.gitignore edk2: Add .DS_Store to .gitignore for macOS 2017-05-19 15:14:34 -07:00
.gitmodules CryptoPkg: Adding OpenSSL as one submodule of EDKII repo 2018-01-18 14:06:15 +08:00
BuildNotes2.txt BaseTools: Updated BuildNotes URLs 2016-03-25 09:46:44 +08:00
Contributions.txt edk2: Fix typo in Contributions.txt 2017-08-16 17:50:44 +08:00
License.txt edk2: Move License.txt file to root 2017-08-03 11:02:17 -07:00
Maintainers.txt Maintainers.txt: Add Jiewen to be co-maintainer of SecurityPkg. 2018-03-02 09:25:00 +08:00
Readme.md edk2: Add Readme.md to root of edk2 repository 2017-08-03 11:02:25 -07:00
edksetup.bat BaseTools: suppress usage instructions with rebuild options 2017-07-04 10:16:13 +08:00
edksetup.sh BaseTools/edksetup.sh: fix invalid test for current working directory 2017-08-10 12:54:58 +08:00

Readme.md

EDK II Project

A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications from www.uefi.org.

Contributions to the EDK II open source project are covered by the TianoCore Contribution Agreement 1.1

The majority of the content in the EDK II open source project uses a BSD 2-Clause License. The EDK II open source project contains the following components that are covered by additional licenses:

The EDK II Project is composed of packages. The maintainers for each package are listed in Maintainers.txt.

Resources