登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
14 Star 6 Fork 55

src-openEuler/edk2

代码 Issues 13 Pull Requests 11 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
0076-OvmfPkg-BaseMemEncryptLib-Save-memory-encrypt-status.patch 6.47 KB
一键复制 编辑 原始数据 按行查看 历史
hanliyang 提交于 2024-10-23 18:02 . Support live migration for Hygon CSV1/2/3 guests, fix nesting #VC
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159
From d9edefe3936aecbb9640a390cd990f1771e0dac2 Mon Sep 17 00:00:00 2001

From: Xin Jiang <[email protected]>

Date: Wed, 10 Jan 2024 17:34:57 +0800

Subject: [PATCH 9/9] OvmfPkg/BaseMemEncryptLib: Save memory encrypt status in

 reserved memory



The MMIO routine of VC handler will get memory encrypt status to

validate MMIO address. MemEncryptSevGetEncryptionMask() will enable

interrupt while interrupt must be disabled during VC.



During DXE stage, VC routine as below:

CcExitHandleVc->MemEncryptSevGetAddressRangeState->

MemEncryptSevGetEncryptionMask->PcdGet64(PcdPteMemoryEncryptionAddressOrMask)



Unfortunately, PcdGet64() will enable interrupt in VC context.



Signed-off-by: Xin Jiang <[email protected]>

---

 OvmfPkg/AmdSev/AmdSevX64.fdf                             | 5 ++++-

 .../Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf | 4 ++++

 .../BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c   | 9 ++-------

 OvmfPkg/OvmfPkg.dec                                      | 4 ++++

 OvmfPkg/OvmfPkgX64.fdf                                   | 5 ++++-

 OvmfPkg/PlatformPei/AmdSev.c                             | 2 ++

 OvmfPkg/PlatformPei/Csv.c                                | 6 ++++++

 OvmfPkg/PlatformPei/PlatformPei.inf                      | 2 ++

 8 files changed, 28 insertions(+), 9 deletions(-)



diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf

index 714ab004..b0d9033f 100644

--- a/OvmfPkg/AmdSev/AmdSevX64.fdf

+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf

@@ -80,7 +80,10 @@ gUefiOvmfPkgTokenSpaceGuid.PcdCsvDefaultSecureCallBase|gUefiOvmfPkgTokenSpaceGui

 0x012000|0x001000

 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidSize

 

-0x013000|0x00D000

+0x013000|0x001000

+gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase|gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize

+

+0x014000|0x00C000

 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize

 

 0x020000|0x0E0000

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf

index 4d32fae6..6f2f69d0 100644

--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf

+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf

@@ -61,3 +61,7 @@

 [Pcd]

   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask

   gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr

+

+[FixedPcd]

+  gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase

+  gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c

index d80ebe2f..a9d43237 100644

--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c

+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c

@@ -22,8 +22,6 @@

 

 STATIC UINT64   mCurrentAttr                   = 0;

 STATIC BOOLEAN  mCurrentAttrRead               = FALSE;

-STATIC UINT64   mSevEncryptionMask             = 0;

-STATIC BOOLEAN  mSevEncryptionMaskSaved        = FALSE;

 STATIC BOOLEAN  mSevLiveMigrationStatus        = FALSE;

 STATIC BOOLEAN  mSevLiveMigrationStatusChecked = FALSE;

 

@@ -193,10 +191,7 @@ MemEncryptSevGetEncryptionMask (

   VOID

   )

 {

-  if (!mSevEncryptionMaskSaved) {

-    mSevEncryptionMask      = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);

-    mSevEncryptionMaskSaved = TRUE;

-  }

+  UINT64 *MemEncryptStatus = (UINT64 *)(UINT64)FixedPcdGet32 (PcdMemEncrpytStatusBase);

 

-  return mSevEncryptionMask;

+  return *MemEncryptStatus;

 }

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec

index d50b1ae3..a6016d58 100644

--- a/OvmfPkg/OvmfPkg.dec

+++ b/OvmfPkg/OvmfPkg.dec

@@ -443,6 +443,10 @@

   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidBase|0|UINT32|0x72

   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidSize|0|UINT32|0x73

 

+  ## the base address of memory encryption status.

+  gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase|0|UINT32|0x74

+  gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize|0|UINT32|0x75

+

 [PcdsDynamic, PcdsDynamicEx]

   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2

   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10

diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf

index b1cf0d99..a34b9f57 100644

--- a/OvmfPkg/OvmfPkgX64.fdf

+++ b/OvmfPkg/OvmfPkgX64.fdf

@@ -100,7 +100,10 @@ gUefiOvmfPkgTokenSpaceGuid.PcdCsvDefaultSecureCallBase|gUefiOvmfPkgTokenSpaceGui

 0x011000|0x001000

 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidSize

 

-0x012000|0x00E000

+0x012000|0x001000

+gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase|gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize

+

+0x013000|0x00D000

 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize

 

 0x020000|0x0E0000

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c

index 553e841e..7c4ef899 100644

--- a/OvmfPkg/PlatformPei/AmdSev.c

+++ b/OvmfPkg/PlatformPei/AmdSev.c

@@ -379,6 +379,8 @@ AmdSevInitialize (

   PcdStatus      = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask);

   ASSERT_RETURN_ERROR (PcdStatus);

 

+  *(UINT64 *)(UINT64)FixedPcdGet32 (PcdMemEncrpytStatusBase) = EncryptionMask;

+

   DEBUG ((DEBUG_INFO, "SEV is enabled (mask 0x%lx)\n", EncryptionMask));

 

   //

diff --git a/OvmfPkg/PlatformPei/Csv.c b/OvmfPkg/PlatformPei/Csv.c

index a52112d5..fe8c059b 100644

--- a/OvmfPkg/PlatformPei/Csv.c

+++ b/OvmfPkg/PlatformPei/Csv.c

@@ -33,6 +33,12 @@ CsvInitializeMemInfo (

   UINT64                      LowerMemorySize;

   UINT64                      UpperMemorySize;

 

+  BuildMemoryAllocationHob (

+    (EFI_PHYSICAL_ADDRESS)(UINTN) FixedPcdGet32 (PcdMemEncrpytStatusBase),

+    (UINT64)(UINTN) FixedPcdGet32 (PcdMemEncrpytStatusSize),

+    EfiReservedMemoryType

+    );

+

   if (!CsvIsEnabled ()) {

     return ;

   }

diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf

index 07de179f..c2d503fa 100644

--- a/OvmfPkg/PlatformPei/PlatformPei.inf

+++ b/OvmfPkg/PlatformPei/PlatformPei.inf

@@ -137,6 +137,8 @@

   gUefiOvmfPkgTokenSpaceGuid.PcdCsvDefaultSecureCallSize

   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidBase

   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidSize

+  gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase

+  gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize

 

 [FeaturePcd]

   gUefiOvmfPkgTokenSpaceGuid.PcdCsmEnable

-- 

2.25.1
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/src-openeuler/edk2.git
[email protected]:src-openeuler/edk2.git
src-openeuler
edk2
edk2
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
仓库举报
回到顶部