Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: ee89b594306b98bee5aff590e8577b74a46c2619
https://github.com/tianocore/edk2/commit/ee89b594306b98bee5aff590e8577b74a46c2619
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
M UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c
M UefiCpuPkg/Library/MpInitLib/MpLib.h
M UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
M UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
Log Message:
-----------
UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
The RMPADJUST instruction is used to change the VMSA attribute of a page,
but the VMSA attribute can only be changed when running at VMPL0. To
prepare for running at a less priviledged VMPL, use the AmdSvsmLib library
API to perform the RMPADJUST. The AmdSvsmLib library will perform the
proper operation on behalf of the caller.
Cc: Gerd Hoffmann <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Rahul Kumar <[email protected]>
Cc: Ray Ni <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Acked-by: Ray Ni <[email protected]>
Commit: f6bf37c1711c07709b0817a996c5b5a97f263bdd
https://github.com/tianocore/edk2/commit/f6bf37c1711c07709b0817a996c5b5a97f263bdd
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf
M OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
M OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
M OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
Log Message:
-----------
OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate pages
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
The PVALIDATE instruction is used to change the SNP validation of a page,
but that can only be done when running at VMPL0. To prepare for running at
a less priviledged VMPL, use the AmdSvsmLib library API to perform the
PVALIDATE. The AmdSvsmLib library will perform the proper operation on
behalf of the caller.
Cc: Ard Biesheuvel <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: Min Xu <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Commit: 5a67a2efa7f0542f5afc7eb70f75bc8f6a6c4d24
https://github.com/tianocore/edk2/commit/5a67a2efa7f0542f5afc7eb70f75bc8f6a6c4d24
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/AmdSev/AmdSevX64.fdf
M OvmfPkg/OvmfPkg.dec
M OvmfPkg/OvmfPkgX64.fdf
M OvmfPkg/PlatformPei/AmdSev.c
M OvmfPkg/PlatformPei/PlatformPei.inf
M OvmfPkg/ResetVector/ResetVector.inf
M OvmfPkg/ResetVector/ResetVector.nasmb
M OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
Log Message:
-----------
OvmfPkg: Create a calling area used to communicate with the SVSM
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
An SVSM requires a calling area page whose address (CAA) is used by the
SVSM to communicate and process the SVSM request.
Add a pre-defined page area to the OvmfPkg and AmdSev packages and define
corresponding PCDs used to communicate the location and size of the area.
Keep the AmdSev package in sync with the OvmfPkg and adjust the AmdSev
launch and hash area memory locations.
Cc: Ard Biesheuvel <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: Min Xu <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Commit: b505f11f395ae71b1caed2b4ceb61f34023c709e
https://github.com/tianocore/edk2/commit/b505f11f395ae71b1caed2b4ceb61f34023c709e
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
Log Message:
-----------
OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
The PVALIDATE instruction can only be performed at VMPL0. An SVSM will
be present when running at VMPL1 or higher.
When an SVSM is present, use the SVSM_CORE_PVALIDATE call to perform
memory validation instead of issuing the PVALIDATE instruction directly.
Cc: Ard Biesheuvel <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Commit: 18fdffe825683df40d7a4a9eba11b8630bcef050
https://github.com/tianocore/edk2/commit/18fdffe825683df40d7a4a9eba11b8630bcef050
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c
Log Message:
-----------
OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
Similar to the Page State Change optimization added previously, also take
into account the possiblity of using the SVSM for PVALIDATE instructions.
Conditionally adjust the maximum number of entries based on how many
entries the SVSM calling area can support.
Cc: Ard Biesheuvel <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: Min Xu <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Commit: 28fecae8a39268e1e21ec1845f3f1e0176db1aa7
https://github.com/tianocore/edk2/commit/28fecae8a39268e1e21ec1845f3f1e0176db1aa7
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c
Log Message:
-----------
OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
The RMPADJUST instruction is used to alter the VMSA attribute of a page,
but the VMSA attribute can only be changed when running at VMPL0. When
an SVSM is present, use the SVSM_CORE_CREATE_VCPU and SVSM_CORE_DELTE_VCPU
calls to add or remove the VMSA attribute on a page instead of issuing
the RMPADJUST instruction directly.
Implement the AmdSvsmSnpVmsaRmpAdjust() API to perform the proper operation
to update the VMSA attribute.
Cc: Ard Biesheuvel <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Commit: a010681f74c9110a9e8e1753a98c13743b60f7f7
https://github.com/tianocore/edk2/commit/a010681f74c9110a9e8e1753a98c13743b60f7f7
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c
Log Message:
-----------
UefiCpuPkg/MpInitLib: AP creation support under an SVSM
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
When running under an SVSM, the VMPL level of the APs that are started
must match the VMPL level provided by the SVSM. Additionally, each AP
must have a Calling Area for use with the SVSM protocol. Update the AP
creation to properly support running under an SVSM.
Cc: Gerd Hoffmann <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Rahul Kumar <[email protected]>
Cc: Ray Ni <[email protected]>
Acked-by: Ray Ni <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Commit: 47001ab98914970e712d5580c2e83beb04add396
https://github.com/tianocore/edk2/commit/47001ab98914970e712d5580c2e83beb04add396
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/Library/CcExitLib/CcExitLib.inf
M OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
M OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
Log Message:
-----------
Ovmfpkg/CcExitLib: Provide SVSM discovery support
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
The SVSM specification documents an alternative method of discovery for
the SVSM using a reserved CPUID bit and a reserved MSR.
For the CPUID support, the #VC handler of an SEV-SNP guest should modify
the returned value in the EAX register for the 0x8000001f CPUID function
by setting bit 28 when an SVSM is present.
For the MSR support, new reserved MSR 0xc001f000 has been defined. A #VC
should be generated when accessing this MSR. The #VC handler is expected
to ignore writes to this MSR and return the physical calling area address
(CAA) on reads of this MSR.
Cc: Ard Biesheuvel <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: Min Xu <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Commit: 0afb8743493853e30171f6000de51242e22a1eb8
https://github.com/tianocore/edk2/commit/0afb8743493853e30171f6000de51242e22a1eb8
Author: Tom Lendacky <[email protected]>
Date: 2024-04-17 (Wed, 17 Apr 2024)
Changed paths:
M OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c
Log Message:
-----------
OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at VMPL0
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
Currently, an SEV-SNP guest will terminate if it is not running at VMPL0.
The requirement for running at VMPL0 is removed if an SVSM is present.
Update the current VMPL0 check to additionally check for the presence of
an SVSM is the guest is not running at VMPL0.
Cc: Ard Biesheuvel <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Laszlo Ersek <[email protected]>
Cc: Michael Roth <[email protected]>
Cc: Min Xu <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Tom Lendacky <[email protected]>
Compare: https://github.com/tianocore/edk2/compare/6ced1e91eff1...0afb87434938
To unsubscribe from these emails, change your notification settings at
https://github.com/tianocore/edk2/settings/notifications
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
