Re: [edk2-devel] [Patch V6 01/14] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry

[duntan]

Hi all,

Could you please help to review this patch?

Thanks,
Dun

-Original Message-
From: devel@edk2.groups.io  On Behalf Of duntan
Sent: Friday, June 9, 2023 5:16 PM
To: devel@edk2.groups.io
Cc: Ard Biesheuvel ; Yao, Jiewen 
; Justen, Jordan L ; Gerd 
Hoffmann ; Tom Lendacky ; Ni, Ray 

Subject: [edk2-devel] [Patch V6 01/14] OvmfPkg:Remove code that apply 
AddressEncMask to non-leaf entry

Remove code that apply AddressEncMask to non-leaf entry when split smm page 
table by MemEncryptSevLib. In FvbServicesSmm driver, it calls 
MemEncryptSevClearMmioPageEncMask to clear AddressEncMask bit in page table for 
a specific range. In AMD SEV feature, this AddressEncMask bit in page table is 
used to indicate if the memory is guest private memory or shared memory. But 
all memory used by page table are treated as encrypted regardless of encryption 
bit.
So remove the EncMask bit for smm non-leaf page table entry doesn't impact AMD 
SEV feature.
If page split happens in the AddressEncMask bit clear process, there will be 
some new non-leaf entries with AddressEncMask applied in smm page table. When 
ReadyToLock, code in PiSmmCpuDxe module will use CpuPageTableLib to modify smm 
page table. So remove code to apply AddressEncMask for new non-leaf entries 
since CpuPageTableLib doesn't consume the EncMask PCD.

Signed-off-by: Dun Tan 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Jordan Justen 
Cc: Gerd Hoffmann 
Cc: Tom Lendacky 
Reviewed-by: Ray Ni 
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c 
b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
index cf2441b551..aba2e8c081 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
@@ -233,7 +233,7 @@ Split2MPageTo4K (
   // Fill in 2M page entry.
   //
   *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 |
-  IA32_PG_P | IA32_PG_RW | AddressEncMask);
+  IA32_PG_P | IA32_PG_RW);
 }
 
 /**
@@ -352,7 +352,7 @@ SetPageTablePoolReadOnly (
 PhysicalAddress += LevelSize[Level - 1];
   }
 
-  PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |
+  PageTable[Index] = (UINT64)(UINTN)NewPageTable |
  IA32_PG_P | IA32_PG_RW;
   PageTable = NewPageTable;
 }
@@ -440,7 +440,7 @@ Split1GPageTo2M (
   // Fill in 1G page entry.
   //
   *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry |
-  IA32_PG_P | IA32_PG_RW | AddressEncMask);
+  IA32_PG_P | IA32_PG_RW);
 
   PhysicalAddress2M = PhysicalAddress;
   for (IndexOfPageDirectoryEntries = 0;
--
2.31.1.windows.1








-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106083): https://edk2.groups.io/g/devel/message/106083
Mute This Topic: https://groups.io/mt/99524273/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [Patch V6 01/14] OvmfPkg:Remove code that apply AddressEncMask to non-leaf entry

[duntan]

Remove code that apply AddressEncMask to non-leaf entry when split
smm page table by MemEncryptSevLib. In FvbServicesSmm driver, it
calls MemEncryptSevClearMmioPageEncMask to clear AddressEncMask
bit in page table for a specific range. In AMD SEV feature, this
AddressEncMask bit in page table is used to indicate if the memory
is guest private memory or shared memory. But all memory used by
page table are treated as encrypted regardless of encryption bit.
So remove the EncMask bit for smm non-leaf page table entry
doesn't impact AMD SEV feature.
If page split happens in the AddressEncMask bit clear process,
there will be some new non-leaf entries with AddressEncMask
applied in smm page table. When ReadyToLock, code in PiSmmCpuDxe
module will use CpuPageTableLib to modify smm page table. So
remove code to apply AddressEncMask for new non-leaf entries
since CpuPageTableLib doesn't consume the EncMask PCD.

Signed-off-by: Dun Tan 
Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Jordan Justen 
Cc: Gerd Hoffmann 
Cc: Tom Lendacky 
Reviewed-by: Ray Ni 
---
 OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c 
b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
index cf2441b551..aba2e8c081 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c
@@ -233,7 +233,7 @@ Split2MPageTo4K (
   // Fill in 2M page entry.
   //
   *PageEntry2M = ((UINT64)(UINTN)PageTableEntry1 |
-  IA32_PG_P | IA32_PG_RW | AddressEncMask);
+  IA32_PG_P | IA32_PG_RW);
 }
 
 /**
@@ -352,7 +352,7 @@ SetPageTablePoolReadOnly (
 PhysicalAddress += LevelSize[Level - 1];
   }
 
-  PageTable[Index] = (UINT64)(UINTN)NewPageTable | AddressEncMask |
+  PageTable[Index] = (UINT64)(UINTN)NewPageTable |
  IA32_PG_P | IA32_PG_RW;
   PageTable = NewPageTable;
 }
@@ -440,7 +440,7 @@ Split1GPageTo2M (
   // Fill in 1G page entry.
   //
   *PageEntry1G = ((UINT64)(UINTN)PageDirectoryEntry |
-  IA32_PG_P | IA32_PG_RW | AddressEncMask);
+  IA32_PG_P | IA32_PG_RW);
 
   PhysicalAddress2M = PhysicalAddress;
   for (IndexOfPageDirectoryEntries = 0;
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#105969): https://edk2.groups.io/g/devel/message/105969
Mute This Topic: https://groups.io/mt/99424819/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-