File 0007-OvmfPkg-Create-a-calling-area-used-to-communicate-wi.patch of Package ovmf
From 918bf44917c104b34ca82c82339012c7e875538b Mon Sep 17 00:00:00 2001
From: Tom Lendacky <thomas.lendacky@amd.com>
Date: Tue, 9 Jan 2024 12:44:28 -0600
Subject: [PATCH 07/17] OvmfPkg: Create a calling area used to communicate with
the SVSM
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
An SVSM requires a calling area page whose address (CAA) is used by the
SVSM to communicate and process the SVSM request.
Add a pre-defined page area to the OvmfPkg and AmdSev packages and define
corresponding PCDs used to communicate the location and size of the area.
Keep the AmdSev package in sync with the OvmfPkg and adjust the AmdSev
launch and hash area memory locations.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
---
OvmfPkg/AmdSev/AmdSevX64.fdf | 20 ++++++++++++++++++++
OvmfPkg/OvmfPkg.dec | 4 ++++
OvmfPkg/OvmfPkgX64.fdf | 3 +++
OvmfPkg/PlatformPei/AmdSev.c | 13 ++++++++++++-
OvmfPkg/PlatformPei/PlatformPei.inf | 2 ++
OvmfPkg/ResetVector/ResetVector.inf | 2 ++
OvmfPkg/ResetVector/ResetVector.nasmb | 15 +++++++++++++--
OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm | 20 ++++++++++++++++++++
8 files changed, 76 insertions(+), 3 deletions(-)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 463bd3e9ef15..6184e6361f20 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -75,6 +75,26 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase|gUefiOvmfPkgTokenSpaceGuid.PcdO
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
0x010000|0x010000
+
+0x00C000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
+
+0x00D000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
+
+0x00E000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
+
+0x00F000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
+
+0x010000|0x000C00
+gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+
+0x010C00|0x000400
+gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize
+
+0x011000|0x00F000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
0x020000|0x0E0000
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index e3861e5c1b39..a426653e862c 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -429,6 +429,10 @@
## Restrict boot to EFI applications in firmware volumes.
gUefiOvmfPkgTokenSpaceGuid.PcdBootRestrictToFirmware|FALSE|BOOLEAN|0x6c
+ ## The base address and size of the initial SVSM Calling Area.
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|0|UINT32|0x6e
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize|0|UINT32|0x6f
+
[PcdsDynamic, PcdsDynamicEx]
gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 41912fc1bece..26e95766df70 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -94,6 +94,9 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase|gUefiOvmfPkgTokenSpaceGuid.PcdO
0x00E000|0x001000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
+0x00F000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
+
0x010000|0x010000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e6b602d79a05..af832d3e535e 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -1,7 +1,7 @@
/**@file
Initialize Secure Encrypted Virtualization (SEV) support
- Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
+ Copyright (c) 2017 - 2024, Advanced Micro Devices. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -465,5 +465,16 @@ SevInitializeRam (
(UINT64)(UINTN)PcdGet32 (PcdOvmfCpuidSize),
EfiReservedMemoryType
);
+
+ //
+ // The calling area memory needs to be protected until the OS can create
+ // its own calling area. Mark it as EfiReservedMemoryType so that the
+ // guest firmware and OS do not use it as a system memory.
+ //
+ BuildMemoryAllocationHob (
+ (EFI_PHYSICAL_ADDRESS)(UINTN)PcdGet32 (PcdOvmfSecSvsmCaaBase),
+ (UINT64)(UINTN)PcdGet32 (PcdOvmfSecSvsmCaaSize),
+ EfiReservedMemoryType
+ );
}
}
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 3934aeed9514..d97057fc0a1a 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -127,6 +127,8 @@
gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaSize
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf
index a4154ca90c28..0f5f8fec0b77 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -62,5 +62,7 @@
gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 94fbb0a87b37..503f81eb7025 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -3,7 +3,7 @@
; This file includes all other code files to assemble the reset vector code
;
; Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.<BR>
-; Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; Copyright (c) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
; SPDX-License-Identifier: BSD-2-Clause-Patent
;
;------------------------------------------------------------------------------
@@ -64,6 +64,17 @@
%define SEV_SNP_SECRETS_SIZE (FixedPcdGet32 (PcdOvmfSnpSecretsSize))
%define CPUID_BASE (FixedPcdGet32 (PcdOvmfCpuidBase))
%define CPUID_SIZE (FixedPcdGet32 (PcdOvmfCpuidSize))
+%define SVSM_CAA_BASE (FixedPcdGet32 (PcdOvmfSecSvsmCaaBase))
+%define SVSM_CAA_SIZE (FixedPcdGet32 (PcdOvmfSecSvsmCaaSize))
+%if (FixedPcdGet32 (PcdSevLaunchSecretBase) > 0)
+ ; There's a reserved page for SEV secrets and hashes; the VMM will fill and
+ ; validate the page, or mark it as a zero page.
+ %define SEV_SNP_KERNEL_HASHES_BASE (FixedPcdGet32 (PcdSevLaunchSecretBase))
+ %define SEV_SNP_KERNEL_HASHES_SIZE (FixedPcdGet32 (PcdSevLaunchSecretSize) + FixedPcdGet32 (PcdQemuHashTableSize))
+%else
+ %define SEV_SNP_KERNEL_HASHES_BASE 0
+ %define SEV_SNP_KERNEL_HASHES_SIZE 0
+%endif
%define SNP_SEC_MEM_BASE_DESC_1 (FixedPcdGet32 (PcdOvmfSecPageTablesBase))
%define SNP_SEC_MEM_SIZE_DESC_1 (FixedPcdGet32 (PcdOvmfSecGhcbBase) - SNP_SEC_MEM_BASE_DESC_1)
;
@@ -75,7 +86,7 @@
;
%define SNP_SEC_MEM_BASE_DESC_2 (GHCB_BASE + 0x1000)
%define SNP_SEC_MEM_SIZE_DESC_2 (SEV_SNP_SECRETS_BASE - SNP_SEC_MEM_BASE_DESC_2)
-%define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE + CPUID_SIZE)
+%define SNP_SEC_MEM_BASE_DESC_3 (SVSM_CAA_BASE + SVSM_CAA_SIZE + SEV_SNP_KERNEL_HASHES_SIZE)
%define SNP_SEC_MEM_SIZE_DESC_3 (FixedPcdGet32 (PcdOvmfPeiMemFvBase) - SNP_SEC_MEM_BASE_DESC_3)
%ifdef ARCH_X64
diff --git a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
index d03fc6d45175..cb813bdbc5a2 100644
--- a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
+++ b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
@@ -26,6 +26,11 @@ BITS 64
;
%define OVMF_SECTION_TYPE_CPUID 0x3
+; The SVSM Calling Area Address (CAA)
+%define OVMF_SECTION_TYPE_SVSM_CAA 0x4
+
+; Kernel hashes section for measured direct boot
+%define OVMF_SECTION_TYPE_KERNEL_HASHES 0x10
ALIGN 16
@@ -65,6 +70,21 @@ CpuidSec:
DD CPUID_SIZE
DD OVMF_SECTION_TYPE_CPUID
+; SVSM CAA page
+SvsmCaa:
+ DD SVSM_CAA_BASE
+ DD SVSM_CAA_SIZE
+ DD OVMF_SECTION_TYPE_SVSM_CAA
+
+%if (SEV_SNP_KERNEL_HASHES_BASE > 0)
+; Kernel hashes for measured direct boot, or zero page if
+; there are no kernel hashes / SEV secrets
+SevSnpKernelHashes:
+ DD SEV_SNP_KERNEL_HASHES_BASE
+ DD SEV_SNP_KERNEL_HASHES_SIZE
+ DD OVMF_SECTION_TYPE_KERNEL_HASHES
+%endif
+
; Region need to be pre-validated by the hypervisor
PreValidate3:
DD SNP_SEC_MEM_BASE_DESC_3
--
2.44.0
