| 1 | /** @file
|
|---|
| 2 | Map TPM MMIO range unencrypted when SEV-ES is active.
|
|---|
| 3 | Install gOvmfTpmMmioAccessiblePpiGuid unconditionally.
|
|---|
| 4 |
|
|---|
| 5 | Copyright (C) 2021, Advanced Micro Devices, Inc.
|
|---|
| 6 |
|
|---|
| 7 | SPDX-License-Identifier: BSD-2-Clause-Patent
|
|---|
| 8 | **/
|
|---|
| 9 |
|
|---|
| 10 |
|
|---|
| 11 | #include <PiPei.h>
|
|---|
| 12 |
|
|---|
| 13 | #include <Library/DebugLib.h>
|
|---|
| 14 | #include <Library/MemEncryptSevLib.h>
|
|---|
| 15 | #include <Library/PcdLib.h>
|
|---|
| 16 | #include <Library/PeiServicesLib.h>
|
|---|
| 17 |
|
|---|
| 18 | STATIC CONST EFI_PEI_PPI_DESCRIPTOR mTpmMmioRangeAccessible = {
|
|---|
| 19 | EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
|
|---|
| 20 | &gOvmfTpmMmioAccessiblePpiGuid,
|
|---|
| 21 | NULL
|
|---|
| 22 | };
|
|---|
| 23 |
|
|---|
| 24 | /**
|
|---|
| 25 | The entry point for TPM MMIO range mapping driver.
|
|---|
| 26 |
|
|---|
| 27 | @param[in] FileHandle Handle of the file being invoked.
|
|---|
| 28 | @param[in] PeiServices Describes the list of possible PEI Services.
|
|---|
| 29 |
|
|---|
| 30 | @retval EFI_ABORTED No need to keep this PEIM resident
|
|---|
| 31 | **/
|
|---|
| 32 | EFI_STATUS
|
|---|
| 33 | EFIAPI
|
|---|
| 34 | TpmMmioSevDecryptPeimEntryPoint (
|
|---|
| 35 | IN EFI_PEI_FILE_HANDLE FileHandle,
|
|---|
| 36 | IN CONST EFI_PEI_SERVICES **PeiServices
|
|---|
| 37 | )
|
|---|
| 38 | {
|
|---|
| 39 | RETURN_STATUS DecryptStatus;
|
|---|
| 40 | EFI_STATUS Status;
|
|---|
| 41 |
|
|---|
| 42 | DEBUG ((DEBUG_INFO, "%a\n", __FUNCTION__));
|
|---|
| 43 |
|
|---|
| 44 | //
|
|---|
| 45 | // If SEV is active, MMIO succeeds against an encrypted physical address
|
|---|
| 46 | // because the nested page fault (NPF) that occurs on access does not
|
|---|
| 47 | // include the encryption bit in the guest physical address provided to the
|
|---|
| 48 | // hypervisor.
|
|---|
| 49 | //
|
|---|
| 50 | // If SEV-ES is active, MMIO would succeed against an encrypted physical
|
|---|
| 51 | // address because the #VC handler uses the virtual address (which is an
|
|---|
| 52 | // identity mapped physical address without the encryption bit) as the guest
|
|---|
| 53 | // physical address of the MMIO target in the VMGEXIT.
|
|---|
| 54 | //
|
|---|
| 55 | // However, if SEV-ES is active, before performing the actual MMIO, an
|
|---|
| 56 | // additional MMIO mitigation check is performed in the #VC handler to ensure
|
|---|
| 57 | // that MMIO is being done to/from an unencrypted address. To prevent guest
|
|---|
| 58 | // termination in this scenario, mark the range unencrypted ahead of access.
|
|---|
| 59 | //
|
|---|
| 60 | if (MemEncryptSevEsIsEnabled ()) {
|
|---|
| 61 | DEBUG ((DEBUG_INFO,
|
|---|
| 62 | "%a: mapping TPM MMIO address range unencrypted\n",
|
|---|
| 63 | __FUNCTION__));
|
|---|
| 64 |
|
|---|
| 65 | DecryptStatus = MemEncryptSevClearPageEncMask (
|
|---|
| 66 | 0,
|
|---|
| 67 | FixedPcdGet64 (PcdTpmBaseAddress),
|
|---|
| 68 | EFI_SIZE_TO_PAGES ((UINTN) 0x5000),
|
|---|
| 69 | FALSE
|
|---|
| 70 | );
|
|---|
| 71 |
|
|---|
| 72 | if (RETURN_ERROR (DecryptStatus)) {
|
|---|
| 73 | DEBUG ((DEBUG_ERROR,
|
|---|
| 74 | "%a: failed to map TPM MMIO address range unencrypted\n",
|
|---|
| 75 | __FUNCTION__));
|
|---|
| 76 | ASSERT_RETURN_ERROR (DecryptStatus);
|
|---|
| 77 | }
|
|---|
| 78 | }
|
|---|
| 79 |
|
|---|
| 80 | //
|
|---|
| 81 | // MMIO range available
|
|---|
| 82 | //
|
|---|
| 83 | Status = PeiServicesInstallPpi (&mTpmMmioRangeAccessible);
|
|---|
| 84 | ASSERT_EFI_ERROR (Status);
|
|---|
| 85 |
|
|---|
| 86 | return EFI_ABORTED;
|
|---|
| 87 | }
|
|---|
