3 AMD Sev Dxe driver. This driver is dispatched early in DXE, due to being list
4 in APRIORI. It clears C-bit from MMIO and NonExistent Memory space when SEV
7 Copyright (c) 2017 - 2020, AMD Inc. All rights reserved.<BR>
9 SPDX-License-Identifier: BSD-2-Clause-Patent
13 #include <IndustryStandard/Q35MchIch9.h>
14 #include <Library/BaseLib.h>
15 #include <Library/BaseMemoryLib.h>
16 #include <Library/DebugLib.h>
17 #include <Library/DxeServicesTableLib.h>
18 #include <Library/MemEncryptSevLib.h>
19 #include <Library/MemoryAllocationLib.h>
20 #include <Library/UefiBootServicesTableLib.h>
21 #include <Guid/ConfidentialComputingSevSnpBlob.h>
22 #include <Library/PcdLib.h>
23 #include <Protocol/MemoryAccept.h>
25 STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable
= {
26 SIGNATURE_32 ('A', 'M', 'D', 'E'),
29 (UINT64
)(UINTN
)FixedPcdGet32 (PcdOvmfSnpSecretsBase
),
30 FixedPcdGet32 (PcdOvmfSnpSecretsSize
),
31 (UINT64
)(UINTN
)FixedPcdGet32 (PcdOvmfCpuidBase
),
32 FixedPcdGet32 (PcdOvmfCpuidSize
),
35 STATIC EFI_HANDLE mAmdSevDxeHandle
= NULL
;
37 #define IS_ALIGNED(x, y) ((((x) & ((y) - 1)) == 0))
43 IN EDKII_MEMORY_ACCEPT_PROTOCOL
*This
,
44 IN EFI_PHYSICAL_ADDRESS StartAddress
,
49 // The StartAddress must be page-aligned, and the Size must be a positive
50 // multiple of SIZE_4KB. Use an assert instead of returning an erros since
51 // this is an EDK2-internal protocol.
53 ASSERT (IS_ALIGNED (StartAddress
, SIZE_4KB
));
54 ASSERT (IS_ALIGNED (Size
, SIZE_4KB
));
57 MemEncryptSevSnpPreValidateSystemRam (
59 EFI_SIZE_TO_PAGES (Size
)
65 STATIC EDKII_MEMORY_ACCEPT_PROTOCOL mMemoryAcceptProtocol
= {
72 IN EFI_HANDLE ImageHandle
,
73 IN EFI_SYSTEM_TABLE
*SystemTable
77 EFI_GCD_MEMORY_SPACE_DESCRIPTOR
*AllDescMap
;
82 // Do nothing when SEV is not enabled
84 if (!MemEncryptSevIsEnabled ()) {
85 return EFI_UNSUPPORTED
;
89 // Iterate through the GCD map and clear the C-bit from MMIO and NonExistent
90 // memory space. The NonExistent memory space will be used for mapping the
91 // MMIO space added later (eg PciRootBridge). By clearing both known MMIO and
92 // NonExistent memory space can gurantee that current and furture MMIO adds
93 // will have C-bit cleared.
95 Status
= gDS
->GetMemorySpaceMap (&NumEntries
, &AllDescMap
);
96 if (!EFI_ERROR (Status
)) {
97 for (Index
= 0; Index
< NumEntries
; Index
++) {
98 CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR
*Desc
;
100 Desc
= &AllDescMap
[Index
];
101 if ((Desc
->GcdMemoryType
== EfiGcdMemoryTypeMemoryMappedIo
) ||
102 (Desc
->GcdMemoryType
== EfiGcdMemoryTypeNonExistent
))
104 Status
= MemEncryptSevClearMmioPageEncMask (
107 EFI_SIZE_TO_PAGES (Desc
->Length
)
109 ASSERT_EFI_ERROR (Status
);
113 FreePool (AllDescMap
);
117 // If PCI Express is enabled, the MMCONFIG area has been reserved, rather
118 // than marked as MMIO, and so the C-bit won't be cleared by the above walk
119 // through the GCD map. Check for the MMCONFIG area and clear the C-bit for
122 if (PcdGet16 (PcdOvmfHostBridgePciDevId
) == INTEL_Q35_MCH_DEVICE_ID
) {
123 Status
= MemEncryptSevClearMmioPageEncMask (
125 FixedPcdGet64 (PcdPciExpressBaseAddress
),
126 EFI_SIZE_TO_PAGES (SIZE_256MB
)
129 ASSERT_EFI_ERROR (Status
);
133 // When SMM is enabled, clear the C-bit from SMM Saved State Area
135 // NOTES: The SavedStateArea address cleared here is before SMBASE
136 // relocation. Currently, we do not clear the SavedStateArea address after
137 // SMBASE is relocated due to the following reasons:
139 // 1) Guest BIOS never access the relocated SavedStateArea.
141 // 2) The C-bit works on page-aligned address, but the SavedStateArea
142 // address is not a page-aligned. Theoretically, we could roundup the address
143 // and clear the C-bit of aligned address but looking carefully we found
144 // that some portion of the page contains code -- which will causes a bigger
145 // issues for SEV guest. When SEV is enabled, all the code must be encrypted
146 // otherwise hardware will cause trap.
148 // We restore the C-bit for this SMM Saved State Area after SMBASE relocation
149 // is completed (See OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c).
151 if (FeaturePcdGet (PcdSmmSmramRequire
)) {
155 Status
= MemEncryptSevLocateInitialSmramSaveStateMapPages (
159 ASSERT_EFI_ERROR (Status
);
162 // Although these pages were set aside (i.e., allocated) by PlatformPei, we
163 // could be after a warm reboot from the OS. Don't leak any stale OS data
164 // to the hypervisor.
166 ZeroMem ((VOID
*)MapPagesBase
, EFI_PAGES_TO_SIZE (MapPagesCount
));
168 Status
= MemEncryptSevClearPageEncMask (
169 0, // Cr3BaseAddress -- use current CR3
170 MapPagesBase
, // BaseAddress
171 MapPagesCount
// NumPages
173 if (EFI_ERROR (Status
)) {
176 "%a: MemEncryptSevClearPageEncMask(): %r\n",
185 if (MemEncryptSevSnpIsEnabled ()) {
187 // Memory acceptance began being required in SEV-SNP, so install the
188 // memory accept protocol implementation for a SEV-SNP active guest.
190 Status
= gBS
->InstallProtocolInterface (
192 &gEdkiiMemoryAcceptProtocolGuid
,
193 EFI_NATIVE_INTERFACE
,
194 &mMemoryAcceptProtocol
196 ASSERT_EFI_ERROR (Status
);
199 // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.
200 // It contains the location for both the Secrets and CPUID page.
202 return gBS
->InstallConfigurationTable (
203 &gConfidentialComputingSevSnpBlobGuid
,