From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-12.2 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, MAILING_LIST_MULTI,MSGID_FROM_MTA_HEADER,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61254C433E6 for ; Mon, 1 Feb 2021 19:04:48 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B526064DA8 for ; Mon, 1 Feb 2021 19:04:47 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B526064DA8 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=amd.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Received: from localhost ([::1]:43960 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1l6eVC-0002lE-Gj for qemu-devel@archiver.kernel.org; Mon, 01 Feb 2021 14:04:46 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:40812) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l6eUC-00027x-86 for qemu-devel@nongnu.org; Mon, 01 Feb 2021 14:03:47 -0500 Received: from mail-bn8nam11on2081.outbound.protection.outlook.com ([40.107.236.81]:43232 helo=NAM11-BN8-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l6eU9-00076R-4j for qemu-devel@nongnu.org; Mon, 01 Feb 2021 14:03:43 -0500 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lObkGGM5DqEWxsZCE96LXd+9L6pavEMhE0/eMhaqyOIpTz1OfwMrMPtaxsMLHJelhfoQY0fZfhq6DLBBRvA9vdNAD6Sg88RIUBHIjULTrrobsK1MITXrxoZFEkPsUjTvYIyLtJu4U94Zg+Hc5m17MLothPwilEEygxw209RxIGWZX/EyV7lmigUL9mb49qwJj7Gc1Qiy+BEo/lHdUkG0D30faUMul9ZSnZM87zRdWmd15OzbNoeUC9U1stCnrWyr7y+H3OedlNUnyA8QU5DtrM93YkwKx5XWLnR2MnZ6e0mYi9mf0a6dgg5BSxXtBo4mM9AS16IFsOC4yWP+OjmkAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=alf/zCiutV3hIIRAd5wjjjpcaBfWRjQcxUoWKjOSxJI=; b=b7+cpgOad4IB4nBhmZQdlUy9UZAIRy5o3H4+++CpfR3BXhKLW0BRZnaEbSwWsytgWcl+fwMt9gJeZYdDtWo70I26WhIkBQrkF/m6G9P+DV6JuxrUwyFrXJHrLy6+lgu8Gy/Xgyb5wtSFLIJcmC7Kp4+yRGLJ5R++vQU8e7oIbY7ekYuYML+2OlC01njzl6IwpV6GB+m2Y4tSUyYc1oA11Ghnlww28IaoCvHJpulbuMu3vv/Qb1yCXGmCnsTO82nIorr998gBLFj/hy9GRpKViGENuH5R2BICyVOPDnT3sbyh4corfWUX7DO7+qjTw2ZGFt3TB8C1P4AdzHN5CH3veQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=alf/zCiutV3hIIRAd5wjjjpcaBfWRjQcxUoWKjOSxJI=; b=nUsCtIP87mhqUNDSHHu1zooLq8uoKXmMctzeXdNLpflQpboEnQz79iO8SAedGWr3yhGOF0jk3AU3dpRr8zRLKHzerkVB4/agYFae1VYqOeelVMUjlxASoycijRd4SVh80KL6LIlJ5I9hzGY3X+BghB3mTv6HLpF6hzIPulk6LI8= Authentication-Results: linaro.org; dkim=none (message not signed) header.d=none;linaro.org; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR12MB1354.namprd12.prod.outlook.com (2603:10b6:3:7a::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.17; Mon, 1 Feb 2021 18:48:31 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b8aa:f23e:fcad:23ee]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b8aa:f23e:fcad:23ee%8]) with mapi id 15.20.3805.025; Mon, 1 Feb 2021 18:48:31 +0000 Subject: Re: [PATCH v6 3/6] sev/i386: Allow AP booting under SEV-ES To: Venu Busireddy References: <22db2bfb4d6551aed661a9ae95b4fdbef613ca21.1611682609.git.thomas.lendacky@amd.com> <20210129174416.GC231819@dt> From: Tom Lendacky Message-ID: <08a46e00-940c-eec3-bc7e-a5d21d8f0609@amd.com> Date: Mon, 1 Feb 2021 12:48:28 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 In-Reply-To: <20210129174416.GC231819@dt> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [67.79.209.213] X-ClientProxiedBy: SN7PR04CA0055.namprd04.prod.outlook.com (2603:10b6:806:120::30) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SN7PR04CA0055.namprd04.prod.outlook.com (2603:10b6:806:120::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3805.16 via Frontend Transport; Mon, 1 Feb 2021 18:48:30 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: b44709f2-3a4a-4a45-14f5-08d8c6e1f88e X-MS-TrafficTypeDiagnostic: DM5PR12MB1354: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ugVjVLNUlmlfthcU+gBP/1VS4PN1DZnr18A8ok+0jaEipjM+P8AOjzF1CzBz12EBhW8AhhrSpPsTU0Sr9DkSEz6e0WkxNfw8FI67pJOA5ZjmqA82sm9Q2XlqpNfm+YFaZteL+P9xXYHan3DOElB4sITcnhWLzyuAbT6MhydM3LMeKl8eBUO3Y5AhgJlI0yXXCpg+/T+GRseLhziP1Ypy5FjOsULNn4TzcP64gNPN2sMS6D0bqUy9bvZPm/NdOCUBXvhrn0HFgGQaOlLA0uvlYU5GskhVLrE4y76RpSGwEKORpbH25hIkL9jRZKHZrzC2ckWyBo7xtseKBrx4YJmHgxpcOtcovxdbAsObdywDinflo3mkUpXWxX7Mxo2kmuY+bX2cC9XwFR4kaQPeS6sjYWP7FuciSyGCuYRTBLdEXWkfiPPFV7UZM/pSVnzAK7jMZK5LCYzV52v8tCvC3BQkGcgjZYnvMNykO3/YCxcFkIZQCPy7zxwfanVazZHZ4EPlwNcWuhwBLz2EyVcmmWtF2CLRHhD2T7Z87UTgEKfo4fpucIWiO93UKBq/EayZGr09kYvBX1TL3hEoxBpNSQnh39Res9im0GrpIUWkmJSmuVo= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR12MB1355.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(6506007)(53546011)(52116002)(7416002)(8676002)(6512007)(54906003)(6486002)(6916009)(66476007)(83380400001)(66556008)(66946007)(5660300002)(8936002)(2616005)(186003)(31686004)(2906002)(498600001)(16526019)(4326008)(36756003)(956004)(31696002)(86362001)(26005)(45980500001)(43740500002); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?bmpYWkhwQnd4bXVuNjlpYkwrSmFmbXYxZ3dOSHhrdnZxWitPYlNWeUNIb2Nm?= =?utf-8?B?eDBXcWIrMkpPVUhiYjZ5T1VjTUpxSEdJMEM2aHBveW92YklnbjQ0aTB2R1Jv?= =?utf-8?B?NXdhMzJNOVBXVGRYYVNNUldwaWNaVlRubVlwUHQrajhYaGNsT1liRjV0WlVq?= =?utf-8?B?cjRLS3hGaUZXeUc0enVQcy8vdnVmV1hoNDZpcHVuUXRtWURjbUJLYmY2cmdB?= =?utf-8?B?MkxSMWlzRmZTVWJUelBqT3ZodVl5WG4zbGhoRWhkTWw2VUFOZ0w1S2h6Ti9n?= =?utf-8?B?TS95c1NCSzg3a283SHh3SEx5Rk5zU1FMYlFhM2dYS2FobkhTdmVTRWRYbmVM?= =?utf-8?B?Y3NIbEdQY1hpejIxYjZvZkppeXlVWi9XaXZJbGFDdUcrVTVpSG02Z1IyeDJ1?= =?utf-8?B?Y0ZVMlVobXNXQ2VaUlJKSFUvMFp5dS9KeXVKcDZEQ3VMSWlUbEk2MkdkOTRS?= =?utf-8?B?MnFNUlJ0UzlSOHc3VVBkTExaTDN0WG5tak93TS80Qmh6NWNtamJZeUplYkVK?= =?utf-8?B?L3pyNlRSeTNJdU1JWmNvSHYwL0lLR2h2M0hlcVRtRThKTkVrME5Xd2gxaVhu?= =?utf-8?B?d2V1SWlOMUZ0eDdGZCsvb2hLd21EeWVVL3Z6V2dPeG93QmNVS3UxVnhkOEE0?= =?utf-8?B?d3p3VjRoQ0F2UFpsT3hwc2VSemNWWnpQa1crQWswWmdYc2tsU1llRk15Q3Vm?= =?utf-8?B?bnBjV2ZNQktLQVlGanJkdk44YTFmU2ZkeTAvUytqQUxCYUtJQ1FjZDU4bUdx?= =?utf-8?B?bUxVV0hZVzdxZGc1ZndvM0Q2QTBsVXZnMXlwQXFGTTJLT08xSExVTTFoVVN1?= =?utf-8?B?OEhTNi9HWUIxeVFwb1V0QkN2cjlUYkV3NjN6SE5rU21XbUowZGZZQm1VOUJ2?= =?utf-8?B?aVF6N01IY3hyZUdSVzdvOWZ4VVZGbytKYmxRNkVpN0QrK1l5YnV1dUplM2JF?= =?utf-8?B?YUVSZzIvRHYvS2psRXVFQyt1R1gvVzNZT0l3MDJYQmQvY2xxaHAvcFZTb2No?= =?utf-8?B?T2I2M1l6cFdsT2g4SjFrenRoZmZHMEV0ZEZYbkN1eTg2dGtuZXVPbk9OSVRa?= =?utf-8?B?V2hLWk5pOE94NncyN09WY0lqM2xjaXU5c2wyeWQ3WWFsblpKNTRtTEVGdnUz?= =?utf-8?B?MGR3MzZDN1dIaDZ0eXpVK3IzL0FQNlY4UnZpMXNVbUZwVHFXc21oSXRvUnF3?= =?utf-8?B?N0dLNmdYWTk2MUtxR2ZQZFEyU2hlZllJbEM2N0h3UjQ2YVhQc2JaYVZsL0Vu?= =?utf-8?B?MVZoYjd6Skw4cFhOd3VTT3FRVWVIOHBiK2VtMk41aDZZbzEyNUZYaEw3a2Fv?= =?utf-8?B?K2h0T0RsR1lXSUJHaFZiSmF3SERQRVZsSUV2bTJVRTlFcTIvN05xV2JFVzBF?= =?utf-8?B?cWNsQ3c5R1hJNTZVckIzdFVpZnJIWWV5MlJ6bHI1YXBPOWtETHdwODA1NUYx?= =?utf-8?Q?mQVMFhim?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: b44709f2-3a4a-4a45-14f5-08d8c6e1f88e X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Feb 2021 18:48:31.4886 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: NvkPzCFD9laIUMCG97Lr61Ds40v9s6QjUDi6BAtNrcksSs3DV912Qu1kmQHOG6UcluGKo/cVn/sOYjVRzKDtZA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1354 Received-SPF: softfail client-ip=40.107.236.81; envelope-from=Thomas.Lendacky@amd.com; helo=NAM11-BN8-obe.outbound.protection.outlook.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Brijesh Singh , Eduardo Habkost , kvm@vger.kernel.org, "Michael S. Tsirkin" , Connor Kuehl , Sean Christopherson , Marcelo Tosatti , Richard Henderson , "Dr. David Alan Gilbert" , qemu-devel@nongnu.org, Paolo Bonzini , Jiri Slaby , Richard Henderson Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" On 1/29/21 11:44 AM, Venu Busireddy wrote: > On 2021-01-26 11:36:46 -0600, Tom Lendacky wrote: >> From: Tom Lendacky >> >> When SEV-ES is enabled, it is not possible modify the guests register >> state after it has been initially created, encrypted and measured. >> >> Normally, an INIT-SIPI-SIPI request is used to boot the AP. However, the >> hypervisor cannot emulate this because it cannot update the AP register >> state. For the very first boot by an AP, the reset vector CS segment >> value and the EIP value must be programmed before the register has been >> encrypted and measured. Search the guest firmware for the guest for a >> specific GUID that tells Qemu the value of the reset vector to use. >> >> Cc: Paolo Bonzini >> Cc: "Michael S. Tsirkin" >> Cc: Marcel Apfelbaum >> Cc: Richard Henderson >> Cc: Eduardo Habkost >> Cc: Marcelo Tosatti >> Signed-off-by: Tom Lendacky >> --- ... >> + >> + /* >> + * SEV info block not found in the Firmware GUID Table (or there isn't >> + * a Firmware GUID Table), fall back to the original implementation. >> + */ >> + data = flash_ptr + flash_size - 0x20; > > Even if the SEV_INFO_BLOCK_GUID is always located at 32 bytes from the end > of the flash, isn't it better to define a constant with a value of 0x20? A follow-on patch that updates both this and the table parser code from James would probably be best. Thanks, Tom > >> +