]>
Commit | Line | Data |
---|---|---|
8e7edbbf TL |
1 | /** @file\r |
2 | Map TPM MMIO range unencrypted when SEV-ES is active.\r | |
3 | Install gOvmfTpmMmioAccessiblePpiGuid unconditionally.\r | |
4 | \r | |
5 | Copyright (C) 2021, Advanced Micro Devices, Inc.\r | |
6 | \r | |
7 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
8 | **/\r | |
9 | \r | |
10 | \r | |
11 | #include <PiPei.h>\r | |
12 | \r | |
13 | #include <Library/DebugLib.h>\r | |
14 | #include <Library/MemEncryptSevLib.h>\r | |
15 | #include <Library/PcdLib.h>\r | |
16 | #include <Library/PeiServicesLib.h>\r | |
17 | \r | |
18 | STATIC CONST EFI_PEI_PPI_DESCRIPTOR mTpmMmioRangeAccessible = {\r | |
19 | EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r | |
20 | &gOvmfTpmMmioAccessiblePpiGuid,\r | |
21 | NULL\r | |
22 | };\r | |
23 | \r | |
24 | /**\r | |
25 | The entry point for TPM MMIO range mapping driver.\r | |
26 | \r | |
27 | @param[in] FileHandle Handle of the file being invoked.\r | |
28 | @param[in] PeiServices Describes the list of possible PEI Services.\r | |
29 | \r | |
30 | @retval EFI_ABORTED No need to keep this PEIM resident\r | |
31 | **/\r | |
32 | EFI_STATUS\r | |
33 | EFIAPI\r | |
34 | TpmMmioSevDecryptPeimEntryPoint (\r | |
35 | IN EFI_PEI_FILE_HANDLE FileHandle,\r | |
36 | IN CONST EFI_PEI_SERVICES **PeiServices\r | |
37 | )\r | |
38 | {\r | |
39 | RETURN_STATUS DecryptStatus;\r | |
40 | EFI_STATUS Status;\r | |
41 | \r | |
42 | DEBUG ((DEBUG_INFO, "%a\n", __FUNCTION__));\r | |
43 | \r | |
44 | //\r | |
45 | // If SEV is active, MMIO succeeds against an encrypted physical address\r | |
46 | // because the nested page fault (NPF) that occurs on access does not\r | |
47 | // include the encryption bit in the guest physical address provided to the\r | |
48 | // hypervisor.\r | |
49 | //\r | |
50 | // If SEV-ES is active, MMIO would succeed against an encrypted physical\r | |
51 | // address because the #VC handler uses the virtual address (which is an\r | |
52 | // identity mapped physical address without the encryption bit) as the guest\r | |
53 | // physical address of the MMIO target in the VMGEXIT.\r | |
54 | //\r | |
55 | // However, if SEV-ES is active, before performing the actual MMIO, an\r | |
56 | // additional MMIO mitigation check is performed in the #VC handler to ensure\r | |
57 | // that MMIO is being done to/from an unencrypted address. To prevent guest\r | |
58 | // termination in this scenario, mark the range unencrypted ahead of access.\r | |
59 | //\r | |
60 | if (MemEncryptSevEsIsEnabled ()) {\r | |
61 | DEBUG ((DEBUG_INFO,\r | |
62 | "%a: mapping TPM MMIO address range unencrypted\n",\r | |
63 | __FUNCTION__));\r | |
64 | \r | |
65 | DecryptStatus = MemEncryptSevClearPageEncMask (\r | |
66 | 0,\r | |
67 | FixedPcdGet64 (PcdTpmBaseAddress),\r | |
68 | EFI_SIZE_TO_PAGES ((UINTN) 0x5000),\r | |
69 | FALSE\r | |
70 | );\r | |
71 | \r | |
72 | if (RETURN_ERROR (DecryptStatus)) {\r | |
73 | DEBUG ((DEBUG_ERROR,\r | |
74 | "%a: failed to map TPM MMIO address range unencrypted\n",\r | |
75 | __FUNCTION__));\r | |
76 | ASSERT_RETURN_ERROR (DecryptStatus);\r | |
77 | }\r | |
78 | }\r | |
79 | \r | |
80 | //\r | |
81 | // MMIO range available\r | |
82 | //\r | |
83 | Status = PeiServicesInstallPpi (&mTpmMmioRangeAccessible);\r | |
84 | ASSERT_EFI_ERROR (Status);\r | |
85 | \r | |
86 | return EFI_ABORTED;\r | |
87 | }\r |