diff options
| author | Laszlo Ersek <lersek@redhat.com> | 2019-09-20 17:07:43 +0200 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-02-05 12:59:32 +0000 |
| commit | 300aae1180909b9141225d6a67e100fbfacc758f (patch) | |
| tree | 7a086f8355a7fefb54c98258d44f436ea576806d | |
| parent | 84b223c18ca41532645e7594067e87d509a3c96f (diff) | |
| download | edk2-300aae1180909b9141225d6a67e100fbfacc758f.zip edk2-300aae1180909b9141225d6a67e100fbfacc758f.tar.gz edk2-300aae1180909b9141225d6a67e100fbfacc758f.tar.bz2 | |
OvmfPkg/SEV: don't manage the lifecycle of the SMRAM at the default SMBASE
When OVMF runs in a SEV guest, the initial SMM Save State Map is
(1) allocated as EfiBootServicesData type memory in OvmfPkg/PlatformPei,
function AmdSevInitialize(), for preventing unintended information
sharing with the hypervisor;
(2) decrypted in AmdSevDxe;
(3) re-encrypted in OvmfPkg/Library/SmmCpuFeaturesLib, function
SmmCpuFeaturesSmmRelocationComplete(), which is called by
PiSmmCpuDxeSmm right after initial SMBASE relocation;
(4) released to DXE at the same location.
The SMRAM at the default SMBASE is a superset of the initial Save State
Map. The reserved memory allocation in InitializeRamRegions(), from the
previous patch, must override the allocating and freeing in (1) and (4),
respectively. (Note: the decrypting and re-encrypting in (2) and (3) are
unaffected.)
In AmdSevInitialize(), only assert the containment of the initial Save
State Map, in the larger area already allocated by InitializeRamRegions().
In SmmCpuFeaturesSmmRelocationComplete(), preserve the allocation of the
initial Save State Map into OS runtime, as part of the allocation done by
InitializeRamRegions(). Only assert containment.
These changes only affect the normal boot path (the UEFI memory map is
untouched during S3 resume).
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1512
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Message-Id: <20200129214412.2361-9-lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
| -rw-r--r-- | OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c | 21 | ||||
| -rw-r--r-- | OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf | 4 | ||||
| -rw-r--r-- | OvmfPkg/PlatformPei/AmdSev.c | 24 |
3 files changed, 42 insertions, 7 deletions
diff --git a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c index 0bfdeda..7ef7ed9 100644 --- a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c +++ b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c @@ -6,14 +6,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/
+#include <IndustryStandard/Q35MchIch9.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemEncryptSevLib.h>
+#include <Library/PcdLib.h>
#include <Library/SmmCpuFeaturesLib.h>
#include <Library/SmmServicesTableLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <PiSmm.h>
+#include <Register/Intel/SmramSaveStateMap.h>
#include <Register/QemuSmramSaveStateMap.h>
//
@@ -215,8 +218,22 @@ SmmCpuFeaturesSmmRelocationComplete ( ZeroMem ((VOID *)MapPagesBase, EFI_PAGES_TO_SIZE (MapPagesCount));
- Status = gBS->FreePages (MapPagesBase, MapPagesCount);
- ASSERT_EFI_ERROR (Status);
+ if (PcdGetBool (PcdQ35SmramAtDefaultSmbase)) {
+ //
+ // The initial SMRAM Save State Map has been covered as part of a larger
+ // reserved memory allocation in PlatformPei's InitializeRamRegions(). That
+ // allocation is supposed to survive into OS runtime; we must not release
+ // any part of it. Only re-assert the containment here.
+ //
+ ASSERT (SMM_DEFAULT_SMBASE <= MapPagesBase);
+ ASSERT (
+ (MapPagesBase + EFI_PAGES_TO_SIZE (MapPagesCount) <=
+ SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE)
+ );
+ } else {
+ Status = gBS->FreePages (MapPagesBase, MapPagesCount);
+ ASSERT_EFI_ERROR (Status);
+ }
}
/**
diff --git a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf index dd316f2..97a10af 100644 --- a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf +++ b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf @@ -30,5 +30,9 @@ BaseMemoryLib
DebugLib
MemEncryptSevLib
+ PcdLib
SmmServicesTableLib
UefiBootServicesTableLib
+
+[Pcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 2ae8126..e484f4b 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -9,6 +9,7 @@ //
// The package level header files this module uses
//
+#include <IndustryStandard/Q35MchIch9.h>
#include <Library/DebugLib.h>
#include <Library/HobLib.h>
#include <Library/MemEncryptSevLib.h>
@@ -16,6 +17,7 @@ #include <PiPei.h>
#include <Register/Amd/Cpuid.h>
#include <Register/Cpuid.h>
+#include <Register/Intel/SmramSaveStateMap.h>
#include "Platform.h"
@@ -83,10 +85,22 @@ AmdSevInitialize ( );
ASSERT_RETURN_ERROR (LocateMapStatus);
- BuildMemoryAllocationHob (
- MapPagesBase, // BaseAddress
- EFI_PAGES_TO_SIZE (MapPagesCount), // Length
- EfiBootServicesData // MemoryType
- );
+ if (mQ35SmramAtDefaultSmbase) {
+ //
+ // The initial SMRAM Save State Map has been covered as part of a larger
+ // reserved memory allocation in InitializeRamRegions().
+ //
+ ASSERT (SMM_DEFAULT_SMBASE <= MapPagesBase);
+ ASSERT (
+ (MapPagesBase + EFI_PAGES_TO_SIZE (MapPagesCount) <=
+ SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE)
+ );
+ } else {
+ BuildMemoryAllocationHob (
+ MapPagesBase, // BaseAddress
+ EFI_PAGES_TO_SIZE (MapPagesCount), // Length
+ EfiBootServicesData // MemoryType
+ );
+ }
}
}
|