OvmfPkg/Tcg/TpmMmioSevDecryptPei/TpmMmioSevDecryptPeim.c

   1 /** @file
   2   Map TPM MMIO range unencrypted when SEV-ES is active.
   3   Install gOvmfTpmMmioAccessiblePpiGuid unconditionally.
   4
   5   Copyright (C) 2021, Advanced Micro Devices, Inc.
   6
   7   SPDX-License-Identifier: BSD-2-Clause-Patent
   8 **/
   9
  10 #include <PiPei.h>
  11
  12 #include <Library/DebugLib.h>
  13 #include <Library/MemEncryptSevLib.h>
  14 #include <Library/PcdLib.h>
  15 #include <Library/PeiServicesLib.h>
  16
  17 STATIC CONST EFI_PEI_PPI_DESCRIPTOR  mTpmMmioRangeAccessible = {
  18   EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
  19   &gOvmfTpmMmioAccessiblePpiGuid,
  20   NULL
  21 };
  22
  23 /**
  24   The entry point for TPM MMIO range mapping driver.
  25
  26   @param[in]  FileHandle   Handle of the file being invoked.
  27   @param[in]  PeiServices  Describes the list of possible PEI Services.
  28
  29   @retval  EFI_ABORTED  No need to keep this PEIM resident
  30 **/
  31 EFI_STATUS
  32 EFIAPI
  33 TpmMmioSevDecryptPeimEntryPoint (
  34   IN       EFI_PEI_FILE_HANDLE  FileHandle,
  35   IN CONST EFI_PEI_SERVICES     **PeiServices
  36   )
  37 {
  38   RETURN_STATUS  DecryptStatus;
  39   EFI_STATUS     Status;
  40
  41   DEBUG ((DEBUG_INFO, "%a\n", __FUNCTION__));
  42
  43   //
  44   // If SEV is active, MMIO succeeds against an encrypted physical address
  45   // because the nested page fault (NPF) that occurs on access does not
  46   // include the encryption bit in the guest physical address provided to the
  47   // hypervisor.
  48   //
  49   // If SEV-ES is active, MMIO would succeed against an encrypted physical
  50   // address because the #VC handler uses the virtual address (which is an
  51   // identity mapped physical address without the encryption bit) as the guest
  52   // physical address of the MMIO target in the VMGEXIT.
  53   //
  54   // However, if SEV-ES is active, before performing the actual MMIO, an
  55   // additional MMIO mitigation check is performed in the #VC handler to ensure
  56   // that MMIO is being done to/from an unencrypted address. To prevent guest
  57   // termination in this scenario, mark the range unencrypted ahead of access.
  58   //
  59   if (MemEncryptSevEsIsEnabled ()) {
  60     DEBUG ((
  61       DEBUG_INFO,
  62       "%a: mapping TPM MMIO address range unencrypted\n",
  63       __FUNCTION__
  64       ));
  65
  66     DecryptStatus = MemEncryptSevClearMmioPageEncMask (
  67                       0,
  68                       FixedPcdGet64 (PcdTpmBaseAddress),
  69                       EFI_SIZE_TO_PAGES ((UINTN)0x5000)
  70                       );
  71
  72     if (RETURN_ERROR (DecryptStatus)) {
  73       DEBUG ((
  74         DEBUG_ERROR,
  75         "%a: failed to map TPM MMIO address range unencrypted\n",
  76         __FUNCTION__
  77         ));
  78       ASSERT_RETURN_ERROR (DecryptStatus);
  79     }
  80   }
  81
  82   //
  83   // MMIO range available
  84   //
  85   Status = PeiServicesInstallPpi (&mTpmMmioRangeAccessible);
  86   ASSERT_EFI_ERROR (Status);
  87
  88   return EFI_ABORTED;
  89 }