OvmfPkg/AmdSevDxe: decrypt the pages of the initial SMRAM save state map
[mirror_edk2.git] / OvmfPkg / AmdSevDxe / AmdSevDxe.c
1 /** @file
2
3 AMD Sev Dxe driver. This driver is dispatched early in DXE, due to being list
4 in APRIORI. It clears C-bit from MMIO and NonExistent Memory space when SEV
5 is enabled.
6
7 Copyright (c) 2017, AMD Inc. All rights reserved.<BR>
8
9 This program and the accompanying materials are licensed and made available
10 under the terms and conditions of the BSD License which accompanies this
11 distribution. The full text of the license may be found at
12 http://opensource.org/licenses/bsd-license.php
13
14 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
15 WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16
17 **/
18
19 #include <Library/BaseLib.h>
20 #include <Library/BaseMemoryLib.h>
21 #include <Library/DebugLib.h>
22 #include <Library/DxeServicesTableLib.h>
23 #include <Library/MemEncryptSevLib.h>
24 #include <Library/MemoryAllocationLib.h>
25 #include <Library/PcdLib.h>
26
27 EFI_STATUS
28 EFIAPI
29 AmdSevDxeEntryPoint (
30 IN EFI_HANDLE ImageHandle,
31 IN EFI_SYSTEM_TABLE *SystemTable
32 )
33 {
34 EFI_STATUS Status;
35 EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;
36 UINTN NumEntries;
37 UINTN Index;
38
39 //
40 // Do nothing when SEV is not enabled
41 //
42 if (!MemEncryptSevIsEnabled ()) {
43 return EFI_UNSUPPORTED;
44 }
45
46 //
47 // Iterate through the GCD map and clear the C-bit from MMIO and NonExistent
48 // memory space. The NonExistent memory space will be used for mapping the
49 // MMIO space added later (eg PciRootBridge). By clearing both known MMIO and
50 // NonExistent memory space can gurantee that current and furture MMIO adds
51 // will have C-bit cleared.
52 //
53 Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);
54 if (!EFI_ERROR (Status)) {
55 for (Index = 0; Index < NumEntries; Index++) {
56 CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc;
57
58 Desc = &AllDescMap[Index];
59 if (Desc->GcdMemoryType == EfiGcdMemoryTypeMemoryMappedIo ||
60 Desc->GcdMemoryType == EfiGcdMemoryTypeNonExistent) {
61 Status = MemEncryptSevClearPageEncMask (
62 0,
63 Desc->BaseAddress,
64 EFI_SIZE_TO_PAGES (Desc->Length),
65 FALSE
66 );
67 ASSERT_EFI_ERROR (Status);
68 }
69 }
70
71 FreePool (AllDescMap);
72 }
73
74 //
75 // When SMM is enabled, clear the C-bit from SMM Saved State Area
76 //
77 // NOTES: The SavedStateArea address cleared here is before SMBASE
78 // relocation. Currently, we do not clear the SavedStateArea address after
79 // SMBASE is relocated due to the following reasons:
80 //
81 // 1) Guest BIOS never access the relocated SavedStateArea.
82 //
83 // 2) The C-bit works on page-aligned address, but the SavedStateArea
84 // address is not a page-aligned. Theoretically, we could roundup the address
85 // and clear the C-bit of aligned address but looking carefully we found
86 // that some portion of the page contains code -- which will causes a bigger
87 // issues for SEV guest. When SEV is enabled, all the code must be encrypted
88 // otherwise hardware will cause trap.
89 //
90 // We restore the C-bit for this SMM Saved State Area after SMBASE relocation
91 // is completed (See OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c).
92 //
93 if (FeaturePcdGet (PcdSmmSmramRequire)) {
94 UINTN MapPagesBase;
95 UINTN MapPagesCount;
96
97 Status = MemEncryptSevLocateInitialSmramSaveStateMapPages (
98 &MapPagesBase,
99 &MapPagesCount
100 );
101 ASSERT_EFI_ERROR (Status);
102
103 //
104 // Although these pages were set aside (i.e., allocated) by PlatformPei, we
105 // could be after a warm reboot from the OS. Don't leak any stale OS data
106 // to the hypervisor.
107 //
108 ZeroMem ((VOID *)MapPagesBase, EFI_PAGES_TO_SIZE (MapPagesCount));
109
110 Status = MemEncryptSevClearPageEncMask (
111 0, // Cr3BaseAddress -- use current CR3
112 MapPagesBase, // BaseAddress
113 MapPagesCount, // NumPages
114 TRUE // Flush
115 );
116 if (EFI_ERROR (Status)) {
117 DEBUG ((DEBUG_ERROR, "%a: MemEncryptSevClearPageEncMask(): %r\n",
118 __FUNCTION__, Status));
119 ASSERT (FALSE);
120 CpuDeadLoop ();
121 }
122 }
123
124 return EFI_SUCCESS;
125 }