BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
The SVSM specification documents an alternative method of discovery for
the SVSM using a reserved CPUID bit and a reserved MSR.
For the CPUID support, the #VC handler of an SEV-SNP guest should modify
the returned value in the EAX register for the 0x801f CPUID function
by setting bit 28 when an SVSM is present.
For the MSR support, new reserved MSR 0xc001f000 has been defined. A #VC
should be generated when accessing this MSR. The #VC handler is expected
to ignore writes to this MSR and return the physical calling area address
(CAA) on reads of this MSR.
Signed-off-by: Tom Lendacky
---
OvmfPkg/Library/CcExitLib/CcExitLib.inf | 3 +-
OvmfPkg/Library/CcExitLib/SecCcExitLib.inf | 3 +-
OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 29 ++--
3 files changed, 31 insertions(+), 4 deletions(-)
diff --git a/OvmfPkg/Library/CcExitLib/CcExitLib.inf
b/OvmfPkg/Library/CcExitLib/CcExitLib.inf
index bc75cd5f5a04..692143acd9ad 100644
--- a/OvmfPkg/Library/CcExitLib/CcExitLib.inf
+++ b/OvmfPkg/Library/CcExitLib/CcExitLib.inf
@@ -1,7 +1,7 @@
## @file
# CcExitLib Library.
#
-# Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights
reserved.
# Copyright (C) 2020 - 2022, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -41,6 +41,7 @@ [LibraryClasses]
DebugLib
LocalApicLib
MemEncryptSevLib
+ CcSvsmLib
[Pcd]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
diff --git a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
index 811269dd2c06..6778c1af6516 100644
--- a/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
+++ b/OvmfPkg/Library/CcExitLib/SecCcExitLib.inf
@@ -1,7 +1,7 @@
## @file
# VMGEXIT Support Library.
#
-# Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.
+# Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights
reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -41,6 +41,7 @@ [LibraryClasses]
LocalApicLib
MemEncryptSevLib
PcdLib
+ CcSvsmLib
[FixedPcd]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
index 0fc30f7bc4f6..edb4b57655d4 100644
--- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
+++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
@@ -1,7 +1,7 @@
/** @file
X64 #VC Exception Handler functon.
- Copyright (C) 2020, Advanced Micro Devices, Inc. All rights reserved.
+ Copyright (C) 2020 - 2024, Advanced Micro Devices, Inc. All rights
reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -12,6 +12,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -713,10 +714,29 @@ MsrExit (
IN CC_INSTRUCTION_DATA *InstructionData
)
{
- UINT64 ExitInfo1, Status;
+ MSR_SVSM_CAA_REGISTER Msr;
+ UINT64 ExitInfo1;
+ UINT64 Status;
ExitInfo1 = 0;
+ //
+ // The SVSM CAA MSR is a software implemented MSR and not supported
+ // by the hardware, handle it directly.
+ //
+ if (Regs->Rax == MSR_SVSM_CAA) {
+// Writes to the SVSM CAA MSR are ignored
+if (*(InstructionData->OpCodes + 1) == 0x30) {
+ return 0;
+}
+
+Msr.Uint64 = CcSvsmSnpGetCaa ();
+Regs->Rax = Msr.Bits.Lower32Bits;
+Regs->Rdx = Msr.Bits.Upper32Bits;
+
+return 0;
+ }
+
switch (*(InstructionData->OpCodes + 1)) {
case 0x30: // WRMSR
ExitInfo1 = 1;
@@ -1388,6 +1408,11 @@ GetCpuidFw (
*Ebx = (*Ebx & 0xFF00) | (Ebx2 & 0x00FF);
/* node ID */
*Ecx = (*Ecx & 0xFF00) | (Ecx2 & 0x00FF);
+ } else if (EaxIn == 0x801F) {
+/* Set the SVSM feature bit if running under an SVSM */
+if (CcSvsmIsSvsmPresent ()) {
+ *Eax |= BIT28;
+}
}
Out:
--
2.42.0
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#115857): https://edk2.groups.io/g/devel/message/115857
Mute This Topic: https://groups.io/mt/104512981/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
