[edk2-devel] [PATCH V8 40/47] OvmfPkg: Update AcpiPlatformDxe to alter MADT table

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

In TDX the guest firmware is designed to publish a multiprocessor-wakeup
structure to let the guest-bootstrap processor wake up guest-application
processors with a mailbox. The mailbox is memory that the guest firmware
can reserve so each guest virtual processor can have the guest OS send
a message to them. The address of the mailbox is recorded in the MADT
table. See [ACPI].

To maintain the simplicity of the AcpiPlatformDxe, the MADT ACPI table
will be altered in another driver (TdxDxe) by installing a protocol
to notify that the ACPI table provided by Qemu is ready. Then in TdxDxe
a notification functioin will be called to alter the MADT table to recorded
the mailbox address.

The protocol is gQemuAcpiTableNotifyProtocolGuid.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf   |  1 +
 OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c   | 14 +-
 .../Include/Protocol/QemuAcpiTableNotify.h| 27 +++
 3 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 OvmfPkg/Include/Protocol/QemuAcpiTableNotify.h

diff --git a/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf 
b/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
index f22bd7cb6da1..09daf30bcd3d 100644
--- a/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
+++ b/OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
@@ -49,6 +49,7 @@
 [Protocols]
   gEfiAcpiTableProtocolGuid # PROTOCOL ALWAYS_CONSUMED
   gEfiPciIoProtocolGuid # PROTOCOL SOMETIMES_CONSUMED
+  gQemuAcpiTableNotifyProtocolGuid  # PROTOCOL PRODUCES
 
 [Guids]
   gRootBridgesConnectedEventGroupGuid
diff --git a/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c 
b/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c
index b885965a601e..c8dee17c13e6 100644
--- a/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c
+++ b/OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c
@@ -19,7 +19,10 @@
 #include// QemuFwCfgS3Enabled()
 #include  // gBS
 
+#include 
 #include "AcpiPlatform.h"
+EFI_HANDLE   mQemuAcpiHandle = NULL;
+QEMU_ACPI_TABLE_NOTIFY_PROTOCOL  mAcpiNotifyProtocol;
 
 //
 // The user structure for the ordered collection that will track the fw_cfg
@@ -1273,7 +1276,16 @@ UninstallAcpiTables:
   AcpiProtocol->UninstallAcpiTable (AcpiProtocol, InstalledKey[Installed]);
 }
   } else {
-DEBUG ((DEBUG_INFO, "%a: installed %d tables\n", __FUNCTION__, Installed));
+//
+// Install a protocol to notify that the ACPI table provided by Qemu is
+// ready.
+//
+gBS->InstallProtocolInterface (
+   &mQemuAcpiHandle,
+   &gQemuAcpiTableNotifyProtocolGuid,
+   EFI_NATIVE_INTERFACE,
+   &mAcpiNotifyProtocol
+   );
   }
 
   for (SeenPointerEntry = OrderedCollectionMin (SeenPointers);
diff --git a/OvmfPkg/Include/Protocol/QemuAcpiTableNotify.h 
b/OvmfPkg/Include/Protocol/QemuAcpiTableNotify.h
new file mode 100644
index ..a3dd2fc1dc91
--- /dev/null
+++ b/OvmfPkg/Include/Protocol/QemuAcpiTableNotify.h
@@ -0,0 +1,27 @@
+/** @file
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef QEMU_ACPI_TABLE_NOTIFY_H_
+#define QEMU_ACPI_TABLE_NOTIFY_H_
+
+#define QEMU_ACPI_TABLE_NOTIFY_GUID \
+  { 0x928939b2, 0x4235, 0x462f, { 0x95, 0x80, 0xf6, 0xa2, 0xb2, 0xc2, 0x1a, 
0x4f } };
+
+///
+/// Forward declaration
+///
+typedef struct _QEMU_ACPI_TABLE_NOTIFY_PROTOCOL 
QEMU_ACPI_TABLE_NOTIFY_PROTOCOL;
+
+///
+/// Protocol structure
+///
+struct _QEMU_ACPI_TABLE_NOTIFY_PROTOCOL {
+  UINT8Notify;
+};
+
+extern EFI_GUID  gQemuAcpiTableNotifyProtocolGuid;
+
+#endif
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87507): https://edk2.groups.io/g/devel/message/87507
Mute This Topic: https://groups.io/mt/89725444/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 39/47] OvmfPkg: Update PlatformPei to support Tdx guest

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

OvmfPkg/PlatformPei is updated to support Tdx guest. There are below
major changes.
 - Set Tdx related PCDs
 - Publish Tdx RamRegions

In this patch there is another new function BuildPlatformInfoHob ().
This function builds EFI_HOB_PLATFORM_INFO which contains the
HostBridgeDevId. The hob is built in both Td guest and Non-Td guest.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/OvmfPkg.dec  |  1 +
 OvmfPkg/PlatformPei/FeatureControl.c |  7 +++-
 OvmfPkg/PlatformPei/IntelTdx.c   | 51 
 OvmfPkg/PlatformPei/MemDetect.c  | 13 +--
 OvmfPkg/PlatformPei/Platform.c   | 13 +++
 OvmfPkg/PlatformPei/Platform.h   | 19 +++
 OvmfPkg/PlatformPei/PlatformPei.inf  |  3 ++
 7 files changed, 104 insertions(+), 3 deletions(-)
 create mode 100644 OvmfPkg/PlatformPei/IntelTdx.c

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index f3d06411b51b..746050d64ba7 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -133,6 +133,7 @@
   gGrubFileGuid = {0xb5ae312c, 0xbc8a, 0x43b1, {0x9c, 
0x62, 0xeb, 0xb8, 0x26, 0xdd, 0x5d, 0x07}}
   gConfidentialComputingSecretGuid  = {0xadf956ad, 0xe98c, 0x484c, {0xae, 
0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47}}
   gConfidentialComputingSevSnpBlobGuid  = {0x067b1f5f, 0xcf26, 0x44c5, {0x85, 
0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42}}
+  gUefiOvmfPkgPlatformInfoGuid  = {0xdec9b486, 0x1f16, 0x47c7, {0x8f, 
0x68, 0xdf, 0x1a, 0x41, 0x88, 0x8b, 0xa5}}
 
 [Ppis]
   # PPI whose presence in the PPI database signals that the TPM base address
diff --git a/OvmfPkg/PlatformPei/FeatureControl.c 
b/OvmfPkg/PlatformPei/FeatureControl.c
index 9af58c2655f8..5864ee0c214d 100644
--- a/OvmfPkg/PlatformPei/FeatureControl.c
+++ b/OvmfPkg/PlatformPei/FeatureControl.c
@@ -12,6 +12,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "Platform.h"
 
@@ -37,7 +38,11 @@ WriteFeatureControl (
   IN OUT VOID  *WorkSpace
   )
 {
-  AsmWriteMsr64 (MSR_IA32_FEATURE_CONTROL, mFeatureControlValue);
+  if (TdIsEnabled ()) {
+TdVmCall (TDVMCALL_WRMSR, (UINT64)MSR_IA32_FEATURE_CONTROL, 
mFeatureControlValue, 0, 0, 0);
+  } else {
+AsmWriteMsr64 (MSR_IA32_FEATURE_CONTROL, mFeatureControlValue);
+  }
 }
 
 /**
diff --git a/OvmfPkg/PlatformPei/IntelTdx.c b/OvmfPkg/PlatformPei/IntelTdx.c
new file mode 100644
index ..3c1ddbfafd80
--- /dev/null
+++ b/OvmfPkg/PlatformPei/IntelTdx.c
@@ -0,0 +1,51 @@
+/** @file
+  Initialize Intel TDX support.
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include "Platform.h"
+
+/**
+  This Function checks if TDX is available, if present then it sets
+  the dynamic PCDs for Tdx guest.
+  **/
+VOID
+IntelTdxInitialize (
+  VOID
+  )
+{
+ #ifdef MDE_CPU_X64
+  RETURN_STATUS  PcdStatus;
+
+  if (!TdIsEnabled ()) {
+return;
+  }
+
+  PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrIntelTdx);
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  PcdStatus = PcdSet64S (PcdTdxSharedBitMask, TdSharedPageMask ());
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  PcdStatus = PcdSetBoolS (PcdSetNxForStack, TRUE);
+  ASSERT_RETURN_ERROR (PcdStatus);
+ #endif
+}
diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
index 3907de1545de..ce329a09daae 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -37,7 +37,6 @@ Module Name:
 
 #include 
 #include 
-
 #include "Platform.h"
 
 extern EFI_HOB_PLATFORM_INFO  mPlatformInfoHob;
@@ -233,7 +232,12 @@ GetPeiMemoryCap (
 PdpEntries  = 1 << (mPlatformInfoHob.PhysMemAddressWidth - 30);
 ASSERT (PdpEntries <= 0x200);
   } else {
-Pml4Entries = 1 << (mPlatformInfoHob.PhysMemAddressWidth - 39);
+if (mPlatformInfoHob.PhysMemAddressWidth > 48) {
+  Pml4Entries = 0x200;
+} else {
+  Pml4Entries = 1 << (mPlatformInfoHob.PhysMemAddressWidth - 39);
+}
+
 ASSERT (Pml4Entries <= 0x200);
 PdpEntries = 512;
   }
@@ -356,6 +360,11 @@ InitializeRamRegions (
   IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
+  if (TdIsEnabled ()) {
+PlatformTdxPublishRamRegions ();
+return;
+  }
+
   PlatformQemuInitializeRam (PlatformInfoHob);
 
   SevInitializeRam ();
diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index 0f81c6193e12..94a23ab534c5 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -310,6 +310,17 @@ MaxCpuCountInitialization (
   ASSERT_RETURN_ERROR (PcdStatus);
 }
 
+/**
+ * @brief Builds PlatformInfo Hob
+ */
+VOID
+BuildPlatfor

[edk2-devel] [PATCH V8 38/47] OvmfPkg: Update PlatformInitLib for Tdx guest

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

There are below changes in PlatformInitLib for Tdx guest:

1. Publish ram regions
In Tdx guest, the system memory is passed in TdHob by host VMM. So
the major task of PlatformTdxPublishRamRegions is to walk thru the
TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
to the hobs in DXE phase.

2. Build MemoryAllocationHob for Tdx Mailbox and Ovmf work area.

3. Update of PlatformAddressWidthInitialization. The physical
address width that Tdx guest supports is either 48 or 52.

4. Update of PlatformMemMapInitialization.
0xA - 0xF is VGA bios region.  Platform initialization marks the
region as MMIO region. Dxe code maps MMIO region as IO region.
As TDX guest, MMIO region is maps as shared.  However VGA BIOS doesn't need
to be shared.  Guest TDX Linux maps VGA BIOS as private and accesses for
BIOS and stuck on repeating EPT violation.  VGA BIOS (more generally ROM
region) should be private.  Skip marking VGA BIOA region [0xa000, 0xf]
as MMIO in HOB.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/Library/PlatformInitLib.h | 14 ++
 OvmfPkg/Library/PlatformInitLib/IntelTdx.c| 49 +++
 .../Library/PlatformInitLib/IntelTdxNull.c| 16 ++
 OvmfPkg/Library/PlatformInitLib/MemDetect.c   | 14 ++
 OvmfPkg/Library/PlatformInitLib/Platform.c|  4 +-
 5 files changed, 96 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h 
b/OvmfPkg/Include/Library/PlatformInitLib.h
index f41b4f16d9fa..452a7be7af08 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -220,4 +220,18 @@ ProcessTdxHobList (
   VOID
   );
 
+/**
+  In Tdx guest, the system memory is passed in TdHob by host VMM. So
+  the major task of PlatformTdxPublishRamRegions is to walk thru the
+  TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
+  to the hobs in DXE phase.
+
+  MemoryAllocationHob should also be created for Mailbox and Ovmf work area.
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c 
b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
index c74c8ee20dae..338cd256af94 100644
--- a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
@@ -512,3 +512,52 @@ TransferTdxHobList (
 Hob.Raw = GET_NEXT_HOB (Hob);
   }
 }
+
+/**
+  In Tdx guest, the system memory is passed in TdHob by host VMM. So
+  the major task of PlatformTdxPublishRamRegions is to walk thru the
+  TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
+  to the hobs in DXE phase.
+
+  MemoryAllocationHob should also be created for Mailbox and Ovmf work area.
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  )
+{
+  if (!TdIsEnabled ()) {
+return;
+  }
+
+  TransferTdxHobList ();
+
+  //
+  // The memory region defined by PcdOvmfSecGhcbBackupBase is pre-allocated by
+  // host VMM and used as the td mailbox at the beginning of system boot.
+  //
+  BuildMemoryAllocationHob (
+FixedPcdGet32 (PcdOvmfSecGhcbBackupBase),
+FixedPcdGet32 (PcdOvmfSecGhcbBackupSize),
+EfiACPIMemoryNVS
+);
+
+  if (FixedPcdGet32 (PcdOvmfWorkAreaSize) != 0) {
+//
+// Reserve the work area.
+//
+// Since this memory range will be used by the Reset Vector on S3
+// resume, it must be reserved as ACPI NVS.
+//
+// If S3 is unsupported, then various drivers might still write to the
+// work area. We ought to prevent DXE from serving allocation requests
+// such that they would overlap the work area.
+//
+BuildMemoryAllocationHob (
+  (EFI_PHYSICAL_ADDRESS)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaBase),
+  (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaSize),
+  EfiBootServicesData
+  );
+  }
+}
diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c 
b/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
index af90e0866e89..3ebe582af8de 100644
--- a/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
@@ -28,3 +28,19 @@ ProcessTdxHobList (
 {
   return EFI_UNSUPPORTED;
 }
+
+/**
+  In Tdx guest, the system memory is passed in TdHob by host VMM. So
+  the major task of PlatformTdxPublishRamRegions is to walk thru the
+  TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
+  to the hobs in DXE phase.
+
+  MemoryAllocationHob should also be created for Mailbox and Ovmf work area.
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  )
+{
+}
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c 
b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
index fbd3073bd3d1..7c9b2627623b 100644
--- a/OvmfPkg/Library

[edk2-devel] [PATCH V8 37/47] UefiCpuPkg: Update AddressEncMask in CpuPageTable

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

MMIO region in Tdx guest is set with PcdTdxSharedBitMask in TdxDxe's
entry point. In SEV guest the page table entries is set with
PcdPteMemoryEncryptionAddressOrMask when creating 1:1 identity table.

So the AddressEncMask in GetPageTableEntry (@CpuPageTable.c) is either
PcdPteMemoryEncryptionAddressOrMask (in SEV guest), or
PcdTdxSharedBitMask (in TDX guest), or all-0 (in Legacy guest).

Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 UefiCpuPkg/CpuDxe/CpuDxe.inf | 1 +
 UefiCpuPkg/CpuDxe/CpuPageTable.c | 4 
 2 files changed, 5 insertions(+)

diff --git a/UefiCpuPkg/CpuDxe/CpuDxe.inf b/UefiCpuPkg/CpuDxe/CpuDxe.inf
index d87fe503d152..235241899222 100644
--- a/UefiCpuPkg/CpuDxe/CpuDxe.inf
+++ b/UefiCpuPkg/CpuDxe/CpuDxe.inf
@@ -80,6 +80,7 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask## 
CONSUMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuStackSwitchExceptionList  ## 
CONSUMES
   gUefiCpuPkgTokenSpaceGuid.PcdCpuKnownGoodStackSize## 
CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask## 
CONSUMES
 
 [Depex]
   TRUE
diff --git a/UefiCpuPkg/CpuDxe/CpuPageTable.c b/UefiCpuPkg/CpuDxe/CpuPageTable.c
index d9e65ab4b22a..28982936fade 100644
--- a/UefiCpuPkg/CpuDxe/CpuPageTable.c
+++ b/UefiCpuPkg/CpuDxe/CpuPageTable.c
@@ -307,6 +307,9 @@ GetPageTableEntry (
   // Make sure AddressEncMask is contained to smallest supported address field.
   //
   AddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & 
PAGING_1G_ADDRESS_MASK_64;
+  if (AddressEncMask == 0) {
+AddressEncMask = PcdGet64 (PcdTdxSharedBitMask) & 
PAGING_1G_ADDRESS_MASK_64;
+  }
 
   if (PagingContext->MachineType == IMAGE_FILE_MACHINE_X64) {
 if ((PagingContext->ContextData.X64.Attributes & 
PAGE_TABLE_LIB_PAGING_CONTEXT_IA32_X64_ATTRIBUTES_5_LEVEL) != 0) {
@@ -357,6 +360,7 @@ GetPageTableEntry (
 
   // 4k
   L1PageTable = (UINT64 *)(UINTN)(L2PageTable[Index2] & ~AddressEncMask & 
PAGING_4K_ADDRESS_MASK_64);
+
   if ((L1PageTable[Index1] == 0) && (Address != 0)) {
 *PageAttribute = PageNone;
 return NULL;
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87504): https://edk2.groups.io/g/devel/message/87504
Mute This Topic: https://groups.io/mt/89725439/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 36/47] MdeModulePkg: Add PcdTdxSharedBitMask

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Guest Physical Address (GPA) space in Td guest is divided into private
and shared sub-spaces, determined by the SHARED bit of GPA. This PCD
holds the shared bit mask. Its default value is 0 and it will be set
in PlatformPei driver if it is of Td guest.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 MdeModulePkg/MdeModulePkg.dec  | 4 
 OvmfPkg/AmdSev/AmdSevX64.dsc   | 3 +++
 OvmfPkg/Bhyve/BhyveX64.dsc | 3 +++
 OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++
 OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++
 OvmfPkg/OvmfPkgIa32.dsc| 3 +++
 OvmfPkg/OvmfPkgIa32X64.dsc | 1 +
 OvmfPkg/OvmfPkgX64.dsc | 3 +++
 OvmfPkg/OvmfXen.dsc| 3 +++
 9 files changed, 26 insertions(+)

diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index 463e889e9a68..1a2425974f44 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -2079,6 +2079,10 @@
   # @Prompt Enable PCIe Resizable BAR Capability support.
   
gEfiMdeModulePkgTokenSpaceGuid.PcdPcieResizableBarSupport|FALSE|BOOLEAN|0x1024
 
+  ## This PCD holds the shared bit mask for page table entries when Tdx is 
enabled.
+  # @Prompt The shared bit mask when Intel Tdx is enabled.
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x1025
+
 [PcdsPatchableInModule]
   ## Specify memory size with page number for PEI code when
   #  Loading Module at Fixed Address feature is enabled.
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index c173a72134f4..dda98aa43bdb 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -558,6 +558,9 @@
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
 
+  # Set Tdx shared bit mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
+
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index 656e407473bb..0daae82d6705 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -550,6 +550,9 @@
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
 
+  # Set Tdx shared bit mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
+
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
 
   # MdeModulePkg resolution sets up the system display resolution
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index c307f1cc7550..1732f281b435 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -603,6 +603,9 @@
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
 
+  # Set Tdx shared bit mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
+
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 0eac0c02c630..cde90f523520 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -592,6 +592,9 @@
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
 
+  # Set Tdx shared bit mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
+
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 8f02dca63869..01a26c234a88 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -618,6 +618,9 @@
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
 
+  # Set Tdx shared bit mask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
+
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 98a6748c62dd..bf08e893e053 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -631,6 +631,7 @@
 
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
 
   # Set SEV-ES defaults
   gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 2df5b2999610..3092036bb7f6 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -642,6 +642,9 @@
   # Set memory encryption mask
   gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
 
+  # Set Tdx shared bit mask
+  gEf

[edk2-devel] [PATCH V8 35/47] MdeModulePkg: Skip setting IA32_ERER.NXE if it has already been set

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

If IA32_ERER.NXE has already been set, skip setting it again.

Cc: Jian J Wang 
Cc: Hao A Wu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 8 +---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c 
b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
index 0700f310b203..bb426d0d0a6f 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -179,9 +179,11 @@ EnableExecuteDisableBit (
 {
   UINT64  MsrRegisters;
 
-  MsrRegisters  = AsmReadMsr64 (0xC080);
-  MsrRegisters |= BIT11;
-  AsmWriteMsr64 (0xC080, MsrRegisters);
+  MsrRegisters = AsmReadMsr64 (0xC080);
+  if ((MsrRegisters & BIT11) == 0) {
+MsrRegisters |= BIT11;
+AsmWriteMsr64 (0xC080, MsrRegisters);
+  }
 }
 
 /**
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87502): https://edk2.groups.io/g/devel/message/87502
Mute This Topic: https://groups.io/mt/89725436/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 34/47] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation

[Min Xu]

RFC： https://bugzilla.tianocore.org/show_bug.cgi?id=3429

If TDX is enabled then we do not support DMA operation in PEI phase.
This is mainly because DMA in TDX guest requires using bounce buffer
(which need to allocate dynamic memory and allocating a PAGE size'd
buffer can be challenge in PEI phase).

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 .../QemuFwCfgLib/QemuFwCfgLibInternal.h   | 11 +++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c   | 32 +++
 .../Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf  |  2 ++
 3 files changed, 45 insertions(+)

diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h
index 0b77cad1c030..6f7beb6ac1c7 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgLibInternal.h
@@ -59,4 +59,15 @@ InternalQemuFwCfgDmaBytes (
   IN UINT32  Control
   );
 
+/**
+  Check if it is Tdx guest
+
+  @retvalTRUE   It is Tdx guest
+  @retvalFALSE  It is not Tdx guest
+**/
+BOOLEAN
+QemuFwCfgIsTdxGuest (
+  VOID
+  );
+
 #endif
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
index f696fb7cacaa..b8230613dcea 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
@@ -14,12 +14,30 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "QemuFwCfgLibInternal.h"
 
 STATIC BOOLEAN  mQemuFwCfgSupported = FALSE;
 STATIC BOOLEAN  mQemuFwCfgDmaSupported;
 
+/**
+  Check if it is Tdx guest
+
+  @retvalTRUE   It is Tdx guest
+  @retvalFALSE  It is not Tdx guest
+**/
+BOOLEAN
+QemuFwCfgIsTdxGuest (
+  VOID
+  )
+{
+  CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER  *CcWorkAreaHeader;
+
+  CcWorkAreaHeader = (CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER *)FixedPcdGet32 
(PcdOvmfWorkAreaBase);
+  return (CcWorkAreaHeader != NULL && CcWorkAreaHeader->GuestType == 
GUEST_TYPE_INTEL_TDX);
+}
+
 /**
   Returns a boolean indicating if the firmware configuration interface
   is available or not.
@@ -81,6 +99,14 @@ QemuFwCfgInitialize (
 //
 if (MemEncryptSevIsEnabled ()) {
   DEBUG ((DEBUG_INFO, "SEV: QemuFwCfg fallback to IO Port interface.\n"));
+} else if (QemuFwCfgIsTdxGuest ()) {
+  //
+  // If TDX is enabled then we do not support DMA operations in PEI phase.
+  // This is mainly because DMA in TDX guest requires using bounce buffer
+  // (which need to allocate dynamic memory and allocating a PAGE size'd
+  // buffer can be challenge in PEI phase)
+  //
+  DEBUG ((DEBUG_INFO, "TDX: QemuFwCfg fallback to IO Port interface.\n"));
 } else {
   mQemuFwCfgDmaSupported = TRUE;
   DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n"));
@@ -163,6 +189,12 @@ InternalQemuFwCfgDmaBytes (
   //
   ASSERT (!MemEncryptSevIsEnabled ());
 
+  //
+  // TDX does not support DMA operations in PEI stage, we should
+  // not have reached here.
+  //
+  ASSERT (!QemuFwCfgIsTdxGuest ());
+
   Access.Control = SwapBytes32 (Control);
   Access.Length  = SwapBytes32 (Size);
   Access.Address = SwapBytes64 ((UINTN)Buffer);
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf 
b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
index 9f9af7d03201..3910511880c9 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
@@ -43,3 +43,5 @@
   MemoryAllocationLib
   MemEncryptSevLib
 
+[Pcd]
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87501): https://edk2.groups.io/g/devel/message/87501
Mute This Topic: https://groups.io/mt/89725435/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 33/47] OvmfPkg: Update Sec to support Tdx

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

There are below major changes in this commit.

1. SecEntry.nasm
In TDX BSP and APs goes to the same entry point in SecEntry.nasm.

BSP initialize the temporary stack and then jumps to SecMain, just as
legacy Ovmf does.

APs spin in a modified mailbox loop using initial mailbox structure.
Its structure defition is in OvmfPkg/Include/IndustryStandard/IntelTdx.h.
APs wait for command to see if the command is for me. If so execute the
command.

2. Sec/SecMain.c
When host VMM create the Td guest, the system memory informations are
stored in TdHob, which is a memory region described in Tdx metadata.
The system memory region in TdHob should be accepted before it can be
accessed. So the major task of this patch is to process the TdHobList
to accept the memory. After that TDVF follow the standard OVMF flow
and jump to PEI phase.

PcdUse1GPageTable is set to FALSE by default in OvmfPkgX64.dsc. It gives
no chance for Intel TDX to support 1G page table. To support 1G page
table this PCD is set to TRUE in OvmfPkgX64.dsc.

TDX_GUEST_SUPPORTED is defined in OvmfPkgX64.dsc. This macro wraps the
Tdx specific code.

TDX only works on X64, so the code is only valid in X64 arch.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/AmdSev/AmdSevX64.dsc  |  1 +
 OvmfPkg/Bhyve/BhyveX64.dsc|  1 +
 OvmfPkg/CloudHv/CloudHvX64.dsc|  1 +
 OvmfPkg/Include/TdxCommondefs.inc | 51 +++
 OvmfPkg/Microvm/MicrovmX64.dsc|  1 +
 OvmfPkg/OvmfPkgIa32X64.dsc|  2 +
 OvmfPkg/OvmfPkgX64.dsc| 14 ++
 OvmfPkg/OvmfXen.dsc   |  1 +
 OvmfPkg/Sec/SecMain.c | 29 ++-
 OvmfPkg/Sec/SecMain.inf   |  3 ++
 OvmfPkg/Sec/X64/SecEntry.nasm | 82 +++
 11 files changed, 184 insertions(+), 2 deletions(-)
 create mode 100644 OvmfPkg/Include/TdxCommondefs.inc

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 785049c88962..c173a72134f4 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -208,6 +208,7 @@
 [LibraryClasses.common]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   VmgExitLib|OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
+  TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
 
 [LibraryClasses.common.SEC]
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index 5fa08bebd73c..656e407473bb 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -228,6 +228,7 @@
 [LibraryClasses.common]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
+  TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
 
 [LibraryClasses.common.SEC]
 !ifdef $(DEBUG_ON_SERIAL_PORT)
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index b8a82380202c..c307f1cc7550 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -237,6 +237,7 @@
 [LibraryClasses.common]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   VmgExitLib|OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
+  TdxLib|MdePkg/Library/TdxLib/TdxLib.inf
 
 [LibraryClasses.common.SEC]
   TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
diff --git a/OvmfPkg/Include/TdxCommondefs.inc 
b/OvmfPkg/Include/TdxCommondefs.inc
new file mode 100644
index ..970eac96592a
--- /dev/null
+++ b/OvmfPkg/Include/TdxCommondefs.inc
@@ -0,0 +1,51 @@
+;--
+; @file
+; TDX Common defitions used by the APs in mailbox
+;
+; Copyright (c) 2021, Intel Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+;--
+
+CommandOffset equ   00h
+ApicidOffset  equ   04h
+WakeupVectorOffsetequ   08h
+OSArgsOffset  equ   10h
+FirmwareArgsOffsetequ   800h
+WakeupArgsRelocatedMailBoxequ   800h
+AcceptPageArgsPhysicalStart   equ   800h
+AcceptPageArgsPhysicalEnd equ   808h
+AcceptPageArgsChunkSize   equ   810h
+AcceptPageArgsPageSizeequ   818h
+CpuArrivalOffset  equ   900h
+CpusExitingOffset equ   0a00h
+TalliesOffset equ   0a08h
+ErrorsOffset  equ   0e08h
+
+SIZE_4KB  equ   1000h
+SIZE_2MB  equ   20h
+SIZE

[edk2-devel] [PATCH V8 32/47] OvmfPkg/Sec: Declare local variable as volatile in SecCoreStartupWithStack

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Declare the local variables in SecCoreStartupWithStack that actually
move the data elements as volatile to prevent the optimizer from
replacing this function with the intrinsic memcpy().

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Sec/SecMain.c | 15 ++-
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 2c5561661ef3..02520e25ab9a 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -757,12 +757,17 @@ SecCoreStartupWithStack (
   //
   IdtTableInStack.PeiService = NULL;
   for (Index = 0; Index < SEC_IDT_ENTRY_COUNT; Index++) {
-UINT8  *Src;
-UINT8  *Dst;
-UINTN  Byte;
+//
+// Declare the local variables that actually move the data elements as
+// volatile to prevent the optimizer from replacing this function with
+// the intrinsic memcpy()
+//
+CONST UINT8 *Src;
+volatile UINT8  *Dst;
+UINTN   Byte;
 
-Src = (UINT8 *)&mIdtEntryTemplate;
-Dst = (UINT8 *)&IdtTableInStack.IdtTable[Index];
+Src = (CONST UINT8 *)&mIdtEntryTemplate;
+Dst = (volatile UINT8 *)&IdtTableInStack.IdtTable[Index];
 for (Byte = 0; Byte < sizeof (mIdtEntryTemplate); Byte++) {
   Dst[Byte] = Src[Byte];
 }
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87499): https://edk2.groups.io/g/devel/message/87499
Mute This Topic: https://groups.io/mt/89725433/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 31/47] OvmfPkg: Update PlatformInitLib to process Tdx hoblist

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

When host VMM create the Td guest, the system memory informations are
stored in TdHob, which is a memory region described in Tdx metadata.
The system memory region in TdHob should be accepted before it can be
accessed. So the newly added function (ProcessTdxHobList) is to process
the TdHobList to accept the memory. Because TdHobList is provided by
host VMM which is not trusted, so its content should be checked before
it is consumed by TDVF.

Because ProcessTdxHobList is to be called in SEC phase, so
PlatformInitLib.inf is updated to support SEC.

Note: In this patch it is BSP which accepts the pages. So there maybe
boot performance issue. There are some mitigations to this issue, such
as lazy accept, 2M accept page size, etc. We will re-visit here in the
future.

PcdTdxAcceptPageSize is added for page accepting. Currently TDX supports
4K and 2M accept page size. The default value is 2M.

Tdx guest is only supported in X64. So for IA32 ProcessTdxHobList
just returns EFI_UNSUPPORTED.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/Library/PlatformInitLib.h |  17 +
 OvmfPkg/Library/PlatformInitLib/IntelTdx.c| 514 ++
 .../Library/PlatformInitLib/IntelTdxNull.c|  30 +
 .../PlatformInitLib/PlatformInitLib.inf   |  13 +-
 OvmfPkg/OvmfPkg.dec   |   3 +
 5 files changed, 576 insertions(+), 1 deletion(-)
 create mode 100644 OvmfPkg/Library/PlatformInitLib/IntelTdx.c
 create mode 100644 OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h 
b/OvmfPkg/Include/Library/PlatformInitLib.h
index 21fc385e35eb..f41b4f16d9fa 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -203,4 +203,21 @@ PlatformMaxCpuCountInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   );
 
+/**
+  In Tdx guest, some information need to be passed from host VMM to guest
+  firmware. For example, the memory resource, etc. These information are
+  prepared by host VMM and put in HobList which is described in TdxMetadata.
+
+  Information in HobList is treated as external input. From the security
+  perspective before it is consumed, it should be validated.
+
+  @retval   EFI_SUCCESS   Successfully process the hoblist
+  @retval   OthersOther error as indicated
+**/
+EFI_STATUS
+EFIAPI
+ProcessTdxHobList (
+  VOID
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c 
b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
new file mode 100644
index ..c74c8ee20dae
--- /dev/null
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
@@ -0,0 +1,514 @@
+/** @file
+  Initialize Intel TDX support.
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define ALIGNED_2MB_MASK  0x1f
+
+/**
+  This function will be called to accept pages. Only BSP accepts pages.
+
+  TDCALL(ACCEPT_PAGE) supports the accept page size of 4k and 2M. To
+  simplify the implementation, the Memory to be accpeted is splitted
+  into 3 parts:
+  -  <-- StartAddress1 (not 2M aligned)
+  |  part 1   |  Length1 < 2M
+  |---|  <-- StartAddress2 (2M aligned)
+  |   |  Length2 = Integer multiples of 2M
+  |  part 2   |
+  |   |
+  |---|  <-- StartAddress3
+  |  part 3   |  Length3 < 2M
+  |---|
+
+  @param[in] PhysicalAddress   Start physical adress
+  @param[in] PhysicalEnd   End physical address
+
+  @retvalEFI_SUCCESS   Accept memory successfully
+  @retvalOthersOther errors as indicated
+**/
+EFI_STATUS
+EFIAPI
+BspAcceptMemoryResourceRange (
+  IN EFI_PHYSICAL_ADDRESS  PhysicalAddress,
+  IN EFI_PHYSICAL_ADDRESS  PhysicalEnd
+  )
+{
+  EFI_STATUS  Status;
+  UINT32  AcceptPageSize;
+  UINT64  StartAddress1;
+  UINT64  StartAddress2;
+  UINT64  StartAddress3;
+  UINT64  TotalLength;
+  UINT64  Length1;
+  UINT64  Length2;
+  UINT64  Length3;
+  UINT64  Pages;
+
+  AcceptPageSize = FixedPcdGet32 (PcdTdxAcceptPageSize);
+  TotalLength= PhysicalEnd - PhysicalAddress;
+  StartAddress1  = 0;
+  StartAddress2  = 0;
+  StartAddress3  = 0;
+  Length1= 0;
+  Length2= 0;
+  Length3= 0;
+
+  if (TotalLength == 0) {
+return EFI_SUCCESS;
+  }
+
+  DEBUG ((DEBUG_INFO, "TdAccept: 0x%llx - 0x%llx\n", PhysicalAddress, 
TotalLength));
+
+  if (ALIGN_VALUE (PhysicalAddress, SIZE_2MB) != PhysicalAddress) {
+StartAddress1 = Physica

[edk2-devel] [PATCH V8 30/47] MdePkg: Add EFI_RESOURCE_MEMORY_UNACCEPTED defition

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Add EFI_RESOURCE_MEMORY_UNACCEPTED definition in PiHob.h. This definition
is for the unaccepted memory passed from Host VMM.

This is proposed in https://github.com/microsoft/mu_basecore/pull/66/
files#diff-b20a11152d1ce9249c691be5690b4baf52069efadf2e2546cdd2eb663d80c9e4R237
according to UEFI-Code-First.

The proposal was approved in 2021 in UEFI Mantis, and will be added to the
new PI.next specification.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 MdePkg/Include/Pi/PiHob.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Pi/PiHob.h b/MdePkg/Include/Pi/PiHob.h
index e9f0ab4309d1..aa08dd36d51f 100644
--- a/MdePkg/Include/Pi/PiHob.h
+++ b/MdePkg/Include/Pi/PiHob.h
@@ -232,7 +232,8 @@ typedef UINT32 EFI_RESOURCE_TYPE;
 #define EFI_RESOURCE_MEMORY_MAPPED_IO_PORT  0x0004
 #define EFI_RESOURCE_MEMORY_RESERVED0x0005
 #define EFI_RESOURCE_IO_RESERVED0x0006
-#define EFI_RESOURCE_MAX_MEMORY_TYPE0x0007
+#define EFI_RESOURCE_MEMORY_UNACCEPTED  0x0007
+#define EFI_RESOURCE_MAX_MEMORY_TYPE0x0008
 
 ///
 /// A type of recount attribute type.
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87497): https://edk2.groups.io/g/devel/message/87497
Mute This Topic: https://groups.io/mt/89725429/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 29/47] OvmfPkg/PlatformInitLib: Move functions to Platform.c

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

Move functions in PlatformPei/Platform.c to PlatformInitLib/Platform.c.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/Library/PlatformInitLib.h  |  34 ++
 OvmfPkg/Library/PlatformInitLib/Platform.c | 465 +
 OvmfPkg/PlatformPei/Platform.c | 451 
 3 files changed, 499 insertions(+), 451 deletions(-)

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h 
b/OvmfPkg/Include/Library/PlatformInitLib.h
index 2e4bb8140368..21fc385e35eb 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -169,4 +169,38 @@ PlatformQemuInitializeRamForS3 (
   IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   );
 
+VOID
+EFIAPI
+PlatformMemMapInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+/**
+ * Fetch "opt/ovmf/PcdSetNxForStack" from QEMU
+ *
+ * @param Setting The pointer to the setting of 
"/opt/ovmf/PcdSetNxForStack".
+ * @return EFI_SUCCESS  Successfully fetch the settings.
+ */
+EFI_STATUS
+EFIAPI
+PlatformNoexecDxeInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+VOID
+EFIAPI
+PlatformMiscInitialization (
+  IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+/**
+  Fetch the boot CPU count and the possible CPU count from QEMU, and expose
+  them to UefiCpuPkg modules. Set the mMaxCpuCount variable.
+**/
+VOID
+EFIAPI
+PlatformMaxCpuCountInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c 
b/OvmfPkg/Library/PlatformInitLib/Platform.c
index e41f230ff563..96bc41b1098c 100644
--- a/OvmfPkg/Library/PlatformInitLib/Platform.c
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -19,6 +19,18 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
 #include 
 
 VOID
@@ -104,3 +116,456 @@ PlatformAddMemoryRangeHob (
 {
   PlatformAddMemoryBaseSizeHob (MemoryBase, (UINT64)(MemoryLimit - 
MemoryBase));
 }
+
+VOID
+EFIAPI
+PlatformMemMapInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  UINT64  PciIoBase;
+  UINT64  PciIoSize;
+  UINT32  TopOfLowRam;
+  UINT64  PciExBarBase;
+  UINT32  PciBase;
+  UINT32  PciSize;
+
+  PciIoBase = 0xC000;
+  PciIoSize = 0x4000;
+
+  //
+  // Video memory + Legacy BIOS region
+  //
+  PlatformAddIoMemoryRangeHob (0x0A, BASE_1MB);
+
+  if (PlatformInfoHob->HostBridgeDevId == 0x /* microvm */) {
+PlatformAddIoMemoryBaseSizeHob (MICROVM_GED_MMIO_BASE, SIZE_4KB);
+PlatformAddIoMemoryBaseSizeHob (0xFEC0, SIZE_4KB); /* ioapic #1 */
+PlatformAddIoMemoryBaseSizeHob (0xFEC1, SIZE_4KB); /* ioapic #2 */
+return;
+  }
+
+  TopOfLowRam  = PlatformGetSystemMemorySizeBelow4gb (PlatformInfoHob);
+  PciExBarBase = 0;
+  if (PlatformInfoHob->HostBridgeDevId == INTEL_Q35_MCH_DEVICE_ID) {
+//
+// The MMCONFIG area is expected to fall between the top of low RAM and
+// the base of the 32-bit PCI host aperture.
+//
+PciExBarBase = FixedPcdGet64 (PcdPciExpressBaseAddress);
+ASSERT (TopOfLowRam <= PciExBarBase);
+ASSERT (PciExBarBase <= MAX_UINT32 - SIZE_256MB);
+PciBase = (UINT32)(PciExBarBase + SIZE_256MB);
+  } else {
+ASSERT (TopOfLowRam <= PlatformInfoHob->Uc32Base);
+PciBase = PlatformInfoHob->Uc32Base;
+  }
+
+  //
+  // address   purpose   size
+  //     -
+  // max(top, 2g)  PCI MMIO  0xFC00 - max(top, 2g)
+  // 0xFC00gap   44 MB
+  // 0xFEC0IO-APIC4 KB
+  // 0xFEC01000gap 1020 KB
+  // 0xFED0HPET   1 KB
+  // 0xFED00400gap  111 KB
+  // 0xFED1C000gap (PIIX4) / RCRB (ICH9) 16 KB
+  // 0xFED2gap  896 KB
+  // 0xFEE0LAPIC  1 MB
+  //
+  PciSize = 0xFC00 - PciBase;
+  PlatformAddIoMemoryBaseSizeHob (PciBase, PciSize);
+
+  PlatformInfoHob->PcdPciMmio32Base = PciBase;
+  PlatformInfoHob->PcdPciMmio32Size = PciSize;
+
+  PlatformAddIoMemoryBaseSizeHob (0xFEC0, SIZE_4KB);
+  PlatformAddIoMemoryBaseSizeHob (0xFED0, SIZE_1KB);
+  if (PlatformInfoHob->HostBridgeDevId == INTEL_Q35_MCH_DEVICE_ID) {
+PlatformAddIoMemoryBaseSizeHob (ICH9_ROOT_COMPLEX_BASE, SIZE_16KB);
+//
+// Note: there should be an
+//
+//   PlatformAddIoMemoryBaseSizeHob (PciExBarBase, SIZE_256MB);
+//
+// call below, just like the one above for RCBA. However, Linux insists
+// that the MMCONFIG area be marked in the E820 or UEFI memory map as
+// "reserved me

[edk2-devel] [PATCH V8 28/47] OvmfPkg/PlatformInitLib: Create MemDetect.c

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

Move functions in PlatformPei\MemDetect.c to PlatformInitLib\MemDetect.c.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/Library/PlatformInitLib.h |  37 +
 OvmfPkg/Library/PlatformInitLib/MemDetect.c   | 842 ++
 .../PlatformInitLib/PlatformInitLib.inf   |  49 +
 OvmfPkg/PlatformPei/MemDetect.c   | 804 +
 OvmfPkg/PlatformPei/Platform.h|  12 -
 5 files changed, 929 insertions(+), 815 deletions(-)
 create mode 100644 OvmfPkg/Library/PlatformInitLib/MemDetect.c

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h 
b/OvmfPkg/Include/Library/PlatformInitLib.h
index 9b99d4c1f514..2e4bb8140368 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -132,4 +132,41 @@ PlatformAddReservedMemoryBaseSizeHob (
   IN BOOLEAN   Cacheable
   );
 
+VOID
+EFIAPI
+PlatformQemuUc32BaseInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+UINT32
+EFIAPI
+PlatformGetSystemMemorySizeBelow4gb (
+  IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+/**
+  Initialize the mPhysMemAddressWidth variable, based on guest RAM size.
+**/
+VOID
+EFIAPI
+PlatformAddressWidthInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+/**
+  Peform Memory Detection for QEMU / KVM
+
+**/
+VOID
+EFIAPI
+PlatformQemuInitializeRam (
+  IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
+VOID
+EFIAPI
+PlatformQemuInitializeRamForS3 (
+  IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c 
b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
new file mode 100644
index ..fbd3073bd3d1
--- /dev/null
+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
@@ -0,0 +1,842 @@
+/**@file
+  Memory Detection for Virtual Machines.
+
+  Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+Module Name:
+
+  MemDetect.c
+
+**/
+
+//
+// The package level header files this module uses
+//
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+//
+// The Library classes this module consumes
+//
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+VOID
+EFIAPI
+PlatformQemuUc32BaseInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  UINT32  LowerMemorySize;
+
+  if (PlatformInfoHob->HostBridgeDevId == 0x /* microvm */) {
+return;
+  }
+
+  if (PlatformInfoHob->HostBridgeDevId == INTEL_Q35_MCH_DEVICE_ID) {
+//
+// On q35, the 32-bit area that we'll mark as UC, through variable MTRRs,
+// starts at PcdPciExpressBaseAddress. The platform DSC is responsible for
+// setting PcdPciExpressBaseAddress such that describing the
+// [PcdPciExpressBaseAddress, 4GB) range require a very small number of
+// variable MTRRs (preferably 1 or 2).
+//
+ASSERT (FixedPcdGet64 (PcdPciExpressBaseAddress) <= MAX_UINT32);
+PlatformInfoHob->Uc32Base = (UINT32)FixedPcdGet64 
(PcdPciExpressBaseAddress);
+return;
+  }
+
+  if (PlatformInfoHob->HostBridgeDevId == CLOUDHV_DEVICE_ID) {
+PlatformInfoHob->Uc32Size = CLOUDHV_MMIO_HOLE_SIZE;
+PlatformInfoHob->Uc32Base = CLOUDHV_MMIO_HOLE_ADDRESS;
+return;
+  }
+
+  ASSERT (PlatformInfoHob->HostBridgeDevId == INTEL_82441_DEVICE_ID);
+  //
+  // On i440fx, start with the [LowerMemorySize, 4GB) range. Make sure one
+  // variable MTRR suffices by truncating the size to a whole power of two,
+  // while keeping the end affixed to 4GB. This will round the base up.
+  //
+  LowerMemorySize   = PlatformGetSystemMemorySizeBelow4gb 
(PlatformInfoHob);
+  PlatformInfoHob->Uc32Size = GetPowerOfTwo32 ((UINT32)(SIZE_4GB - 
LowerMemorySize));
+  PlatformInfoHob->Uc32Base = (UINT32)(SIZE_4GB - PlatformInfoHob->Uc32Size);
+  //
+  // Assuming that LowerMemorySize is at least 1 byte, Uc32Size is at most 2GB.
+  // Therefore mQemuUc32Base is at least 2GB.
+  //
+  ASSERT (PlatformInfoHob->Uc32Base >= BASE_2GB);
+
+  if (PlatformInfoHob->Uc32Base != LowerMemorySize) {
+DEBUG ((
+  DEBUG_VERBOSE,
+  "%a: rounded UC32 base from 0x%x up to 0x%x, for "
+  "an UC32 size of 0x%x\n",
+  __FUNCTION__,
+  LowerMemorySize,
+  PlatformInfoHob->Uc32Base,
+  PlatformInfoHob->Uc32Size
+  ));
+  }
+}
+
+/**
+  Iterate over the RAM entries in QEMU's fw_cfg E820 RAM map that start outside
+  of the 32-bit address range.
+
+  Find the highest exclusive >=4GB RAM address, or produce memory resource
+  descriptor HOBs for RAM entries that start at or above 4GB.
+
+  @param[out] MaxAddress  If MaxAd

[edk2-devel] [PATCH V8 27/47] OvmfPkg/PlatformPei: Refactor MiscInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

MiscInitialization is split into 2 functions:
 - PlatformMiscInitialization is for PlatformInitLib.
 - MiscInitialization calls PlatformMiscInitialization and then sets
   PCD. It is for PlatformPei.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/Platform.c | 43 --
 1 file changed, 26 insertions(+), 17 deletions(-)

diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index 2d652b0dc127..a5ed2c0bcc99 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -57,12 +57,12 @@ PlatformMemMapInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
-  UINT64 PciIoBase;
-  UINT64 PciIoSize;
-  UINT32 TopOfLowRam;
-  UINT64 PciExBarBase;
-  UINT32 PciBase;
-  UINT32 PciSize;
+  UINT64  PciIoBase;
+  UINT64  PciIoSize;
+  UINT32  TopOfLowRam;
+  UINT64  PciExBarBase;
+  UINT32  PciBase;
+  UINT32  PciSize;
 
   PciIoBase = 0xC000;
   PciIoSize = 0x4000;
@@ -360,17 +360,16 @@ MiscInitializationForMicrovm (
 }
 
 VOID
-MiscInitialization (
+PlatformMiscInitialization (
   IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
-  UINTN  PmCmd;
-  UINTN  Pmba;
-  UINT32 PmbaAndVal;
-  UINT32 PmbaOrVal;
-  UINTN  AcpiCtlReg;
-  UINT8  AcpiEnBit;
-  RETURN_STATUS  PcdStatus;
+  UINTN   PmCmd;
+  UINTN   Pmba;
+  UINT32  PmbaAndVal;
+  UINT32  PmbaOrVal;
+  UINTN   AcpiCtlReg;
+  UINT8   AcpiEnBit;
 
   //
   // Disable A20 Mask
@@ -417,9 +416,6 @@ MiscInitialization (
   return;
   }
 
-  PcdStatus = PcdSet16S (PcdOvmfHostBridgePciDevId, 
PlatformInfoHob->HostBridgeDevId);
-  ASSERT_RETURN_ERROR (PcdStatus);
-
   if (PlatformInfoHob->HostBridgeDevId == CLOUDHV_DEVICE_ID) {
 DEBUG ((DEBUG_INFO, "%a: Cloud Hypervisor is done.\n", __FUNCTION__));
 return;
@@ -464,6 +460,19 @@ MiscInitialization (
   }
 }
 
+VOID
+MiscInitialization (
+  IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  RETURN_STATUS  PcdStatus;
+
+  PlatformMiscInitialization (PlatformInfoHob);
+
+  PcdStatus = PcdSet16S (PcdOvmfHostBridgePciDevId, 
PlatformInfoHob->HostBridgeDevId);
+  ASSERT_RETURN_ERROR (PcdStatus);
+}
+
 VOID
 BootModeInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87494): https://edk2.groups.io/g/devel/message/87494
Mute This Topic: https://groups.io/mt/89725424/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 26/47] OvmfPkg/PlatformPei: Refactor NoexecDxeInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

NoexecDxeInitialization is split into 2 functions:
 - PlatformNoexecDxeInitialization is for PlatformInitLib
 - NoexecDxeInitialization calls PlatformNoexecDxeInitialization and
   then sets PCD.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/Platform.c | 34 +-
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index 01fca33e7119..2d652b0dc127 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -59,7 +59,6 @@ PlatformMemMapInitialization (
 {
   UINT64 PciIoBase;
   UINT64 PciIoSize;
-  RETURN_STATUS  PcdStatus;
   UINT32 TopOfLowRam;
   UINT64 PciExBarBase;
   UINT32 PciBase;
@@ -199,24 +198,33 @@ MemMapInitialization (
   ASSERT_RETURN_ERROR (PcdStatus);
 }
 
-#define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName)   \
-  do {  \
-BOOLEAN   Setting;  \
-RETURN_STATUS PcdStatus;\
-\
-if (!RETURN_ERROR (QemuFwCfgParseBool ( \
-  "opt/ovmf/" #TokenName, &Setting))) { \
-  PcdStatus = PcdSetBoolS (TokenName, Setting); \
-  ASSERT_RETURN_ERROR (PcdStatus);  \
-}   \
-  } while (0)
+/**
+ * Fetch "opt/ovmf/PcdSetNxForStack" from QEMU
+ *
+ * @param Setting The pointer to the setting of 
"/opt/ovmf/PcdSetNxForStack".
+ * @return EFI_SUCCESS  Successfully fetch the settings.
+ */
+EFI_STATUS
+EFIAPI
+PlatformNoexecDxeInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  return QemuFwCfgParseBool ("opt/ovmf/PcdSetNxForStack", 
&PlatformInfoHob->PcdSetNxForStack);
+}
 
 VOID
 NoexecDxeInitialization (
   VOID
   )
 {
-  UPDATE_BOOLEAN_PCD_FROM_FW_CFG (PcdSetNxForStack);
+  RETURN_STATUS  Status;
+
+  Status = PlatformNoexecDxeInitialization (&mPlatformInfoHob);
+  if (!RETURN_ERROR (Status)) {
+Status = PcdSetBoolS (PcdSetNxForStack, mPlatformInfoHob.PcdSetNxForStack);
+ASSERT_RETURN_ERROR (Status);
+  }
 }
 
 VOID
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87493): https://edk2.groups.io/g/devel/message/87493
Mute This Topic: https://groups.io/mt/89725421/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 25/47] OvmfPkg/PlatformPei: Refactor MemMapInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

MemMapInitialization is split into 2 functions:
 - PlatformMemMapInitialization is for PlatformInfoLib
 - MemMapInitialization calls PlatformMemMapInitialization and then
   sets PCDs. It is for PlatformPei.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/Platform.c | 35 +-
 1 file changed, 26 insertions(+), 9 deletions(-)

diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index 3e02ba2c9fc4..01fca33e7119 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -52,7 +52,8 @@ EFI_PEI_PPI_DESCRIPTOR  mPpiBootMode[] = {
 };
 
 VOID
-MemMapInitialization (
+EFIAPI
+PlatformMemMapInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
@@ -110,10 +111,6 @@ MemMapInitialization (
   //
   PciSize = 0xFC00 - PciBase;
   PlatformAddIoMemoryBaseSizeHob (PciBase, PciSize);
-  PcdStatus = PcdSet64S (PcdPciMmio32Base, PciBase);
-  ASSERT_RETURN_ERROR (PcdStatus);
-  PcdStatus = PcdSet64S (PcdPciMmio32Size, PciSize);
-  ASSERT_RETURN_ERROR (PcdStatus);
 
   PlatformInfoHob->PcdPciMmio32Base = PciBase;
   PlatformInfoHob->PcdPciMmio32Size = PciSize;
@@ -173,15 +170,35 @@ MemMapInitialization (
 PciIoBase,
 PciIoSize
 );
-  PcdStatus = PcdSet64S (PcdPciIoBase, PciIoBase);
-  ASSERT_RETURN_ERROR (PcdStatus);
-  PcdStatus = PcdSet64S (PcdPciIoSize, PciIoSize);
-  ASSERT_RETURN_ERROR (PcdStatus);
 
   PlatformInfoHob->PcdPciIoBase = PciIoBase;
   PlatformInfoHob->PcdPciIoSize = PciIoSize;
 }
 
+VOID
+MemMapInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  RETURN_STATUS  PcdStatus;
+
+  PlatformMemMapInitialization (PlatformInfoHob);
+
+  if (PlatformInfoHob->HostBridgeDevId == 0x /* microvm */) {
+return;
+  }
+
+  PcdStatus = PcdSet64S (PcdPciMmio32Base, PlatformInfoHob->PcdPciMmio32Base);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus = PcdSet64S (PcdPciMmio32Size, PlatformInfoHob->PcdPciMmio32Size);
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  PcdStatus = PcdSet64S (PcdPciIoBase, PlatformInfoHob->PcdPciIoBase);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus = PcdSet64S (PcdPciIoSize, PlatformInfoHob->PcdPciIoSize);
+  ASSERT_RETURN_ERROR (PcdStatus);
+}
+
 #define UPDATE_BOOLEAN_PCD_FROM_FW_CFG(TokenName)   \
   do {  \
 BOOLEAN   Setting;  \
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87492): https://edk2.groups.io/g/devel/message/87492
Mute This Topic: https://groups.io/mt/89725420/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 23/47] OvmfPkg/PlatformPei: Refactor QemuUc32BaseInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

Rename QemuUc32BaseInitialization to PlatformQemuUc32BaseInitialization.
This function is for PlatformInitLib.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/MemDetect.c | 3 ++-
 OvmfPkg/PlatformPei/Platform.c  | 2 +-
 OvmfPkg/PlatformPei/Platform.h  | 3 ++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
index 56011143759c..33c39228e448 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -127,7 +127,8 @@ Q35SmramAtDefaultSmbaseInitialization (
 }
 
 VOID
-QemuUc32BaseInitialization (
+EFIAPI
+PlatformQemuUc32BaseInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index c184fdb57ee0..0bf92e117bee 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -780,7 +780,7 @@ InitializePlatform (
 
   PublishPeiMemory ();
 
-  QemuUc32BaseInitialization (&mPlatformInfoHob);
+  PlatformQemuUc32BaseInitialization (&mPlatformInfoHob);
 
   InitializeRamRegions (&mPlatformInfoHob);
 
diff --git a/OvmfPkg/PlatformPei/Platform.h b/OvmfPkg/PlatformPei/Platform.h
index a5fa27c3794f..b5e831aa68e2 100644
--- a/OvmfPkg/PlatformPei/Platform.h
+++ b/OvmfPkg/PlatformPei/Platform.h
@@ -38,7 +38,8 @@ GetSystemMemorySizeBelow4gb (
   );
 
 VOID
-QemuUc32BaseInitialization (
+EFIAPI
+PlatformQemuUc32BaseInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   );
 
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87491): https://edk2.groups.io/g/devel/message/87491
Mute This Topic: https://groups.io/mt/89725418/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 22/47] OvmfPkg/PlatformPei: Refactor MaxCpuCountInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

MaxCpuCountInitialization is splitted into two:
 - PlatformMaxCpuCountInitialization is for PlatformInitLib
 - MaxCpuCountInitialization is for PlatformPei. It calls
   PlatformMaxCpuCountInitialization then sets PCDs.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/Platform.c | 31 ++-
 1 file changed, 22 insertions(+), 9 deletions(-)

diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index 7d370c9b8fa8..c184fdb57ee0 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -542,13 +542,12 @@ Q35BoardVerification (
   them to UefiCpuPkg modules. Set the mMaxCpuCount variable.
 **/
 VOID
-MaxCpuCountInitialization (
+PlatformMaxCpuCountInitialization (
   IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
-  UINT16 BootCpuCount;
-  UINT32 MaxCpuCount;
-  RETURN_STATUS  PcdStatus;
+  UINT16  BootCpuCount;
+  UINT32  MaxCpuCount;
 
   //
   // Try to fetch the boot CPU count.
@@ -705,15 +704,29 @@ MaxCpuCountInitialization (
 ));
   ASSERT (BootCpuCount <= MaxCpuCount);
 
-  PcdStatus = PcdSet32S (PcdCpuBootLogicalProcessorNumber, BootCpuCount);
-  ASSERT_RETURN_ERROR (PcdStatus);
-  PcdStatus = PcdSet32S (PcdCpuMaxLogicalProcessorNumber, MaxCpuCount);
-  ASSERT_RETURN_ERROR (PcdStatus);
-
   PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber  = MaxCpuCount;
   PlatformInfoHob->PcdCpuBootLogicalProcessorNumber = BootCpuCount;
 }
 
+/**
+  Fetch the boot CPU count and the possible CPU count from QEMU, and expose
+  them to UefiCpuPkg modules. Set the mMaxCpuCount variable.
+**/
+VOID
+MaxCpuCountInitialization (
+  IN OUT EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  RETURN_STATUS  PcdStatus;
+
+  PlatformMaxCpuCountInitialization (PlatformInfoHob);
+
+  PcdStatus = PcdSet32S (PcdCpuBootLogicalProcessorNumber, 
PlatformInfoHob->PcdCpuBootLogicalProcessorNumber);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus = PcdSet32S (PcdCpuMaxLogicalProcessorNumber, 
PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber);
+  ASSERT_RETURN_ERROR (PcdStatus);
+}
+
 /**
   Perform Platform PEI initialization.
 
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87490): https://edk2.groups.io/g/devel/message/87490
Mute This Topic: https://groups.io/mt/89725417/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 21/47] OvmfPkg/PlatformPei: Refactor AddressWidthInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

>From this patch we start to restruct the functions which set PCDs into
two, one for PlatformInitLib, one for PlatformPei.

AddressWidthInitialization is the first one. It is splitted into two:
 - PlatformAddressWidthInitialization is for PlatformInitLib
 - AddressWidthInitialization is for PlatformPei. It calls
   PlatformAddressWidthInitialization then set PCDs.

Below functions are also refined for PlatformInitLib:
 - PlatformScanOrAdd64BitE820Ram
 - PlatformGetSystemMemorySizeAbove4gb
 - PlatformGetFirstNonAddress

All the SetPcd codes are removed from above functions.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/MemDetect.c | 111 
 OvmfPkg/PlatformPei/Platform.c  |   6 +-
 2 files changed, 75 insertions(+), 42 deletions(-)

diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
index 981a9ff28685..56011143759c 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -191,7 +191,7 @@ QemuUc32BaseInitialization (
   Find the highest exclusive >=4GB RAM address, or produce memory resource
   descriptor HOBs for RAM entries that start at or above 4GB.
 
-  @param[out] MaxAddress  If MaxAddress is NULL, then ScanOrAdd64BitE820Ram()
+  @param[out] MaxAddress  If MaxAddress is NULL, then 
PlatformScanOrAdd64BitE820Ram()
   produces memory resource descriptor HOBs for RAM
   entries that start at or above 4GB.
 
@@ -212,7 +212,7 @@ QemuUc32BaseInitialization (
 **/
 STATIC
 EFI_STATUS
-ScanOrAdd64BitE820Ram (
+PlatformScanOrAdd64BitE820Ram (
   IN BOOLEAN  AddHighHob,
   OUT UINT64  *LowMemory OPTIONAL,
   OUT UINT64  *MaxAddress OPTIONAL
@@ -387,7 +387,7 @@ GetSystemMemorySizeBelow4gb (
 return (UINT32)GetHighestSystemMemoryAddressFromPvhMemmap (TRUE);
   }
 
-  Status = ScanOrAdd64BitE820Ram (FALSE, &LowerMemorySize, NULL);
+  Status = PlatformScanOrAdd64BitE820Ram (FALSE, &LowerMemorySize, NULL);
   if ((Status == EFI_SUCCESS) && (LowerMemorySize > 0)) {
 return (UINT32)LowerMemorySize;
   }
@@ -409,7 +409,7 @@ GetSystemMemorySizeBelow4gb (
 
 STATIC
 UINT64
-GetSystemMemorySizeAbove4gb (
+PlatformGetSystemMemorySizeAbove4gb (
   )
 {
   UINT32  Size;
@@ -436,7 +436,7 @@ GetSystemMemorySizeAbove4gb (
 **/
 STATIC
 UINT64
-GetFirstNonAddress (
+PlatformGetFirstNonAddress (
   IN OUT  EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   )
 {
@@ -446,7 +446,6 @@ GetFirstNonAddress (
   FIRMWARE_CONFIG_ITEM  FwCfgItem;
   UINTN FwCfgSize;
   UINT64HotPlugMemoryEnd;
-  RETURN_STATUS PcdStatus;
 
   //
   // set FirstNonAddress to suppress incorrect compiler/analyzer warnings
@@ -460,9 +459,9 @@ GetFirstNonAddress (
   // Otherwise, get the flat size of the memory above 4GB from the CMOS (which
   // can only express a size smaller than 1TB), and add it to 4GB.
   //
-  Status = ScanOrAdd64BitE820Ram (FALSE, NULL, &FirstNonAddress);
+  Status = PlatformScanOrAdd64BitE820Ram (FALSE, NULL, &FirstNonAddress);
   if (EFI_ERROR (Status)) {
-FirstNonAddress = BASE_4GB + GetSystemMemorySizeAbove4gb ();
+FirstNonAddress = BASE_4GB + PlatformGetSystemMemorySizeAbove4gb ();
   }
 
   //
@@ -477,12 +476,6 @@ GetFirstNonAddress (
 
  #endif
 
-  //
-  // Otherwise, in order to calculate the highest address plus one, we must
-  // consider the 64-bit PCI host aperture too. Fetch the default size.
-  //
-  PlatformInfoHob->PcdPciMmio64Size = PcdGet64 (PcdPciMmio64Size);
-
   //
   // See if the user specified the number of megabytes for the 64-bit PCI host
   // aperture. Accept an aperture size up to 16TB.
@@ -524,8 +517,6 @@ GetFirstNonAddress (
 "%a: disabling 64-bit PCI host aperture\n",
 __FUNCTION__
 ));
-  PcdStatus = PcdSet64S (PcdPciMmio64Size, 0);
-  ASSERT_RETURN_ERROR (PcdStatus);
 }
 
 //
@@ -576,26 +567,6 @@ GetFirstNonAddress (
   //
   PlatformInfoHob->PcdPciMmio64Base = ALIGN_VALUE 
(PlatformInfoHob->PcdPciMmio64Base, GetPowerOfTwo64 
(PlatformInfoHob->PcdPciMmio64Size));
 
-  if (PlatformInfoHob->BootMode != BOOT_ON_S3_RESUME) {
-//
-// The core PciHostBridgeDxe driver will automatically add this range to
-// the GCD memory space map through our PciHostBridgeLib instance; here we
-// only need to set the PCDs.
-//
-PcdStatus = PcdSet64S (PcdPciMmio64Base, 
PlatformInfoHob->PcdPciMmio64Base);
-ASSERT_RETURN_ERROR (PcdStatus);
-PcdStatus = PcdSet64S (PcdPciMmio64Size, 
PlatformInfoHob->PcdPciMmio64Size);
-ASSERT_RETURN_ERROR (PcdStatus);
-
-DEBUG ((
-  DEBUG_INFO,
-  "%a: Pci64Base=0x%Lx Pci64Size=0x%Lx\n",
-  __FUNCTION__,
-  PlatformInfoHob->PcdPciMmio64Base,
-  PlatformInfoHob->PcdPciMmio64Size
-  ));
-

[edk2-devel] [PATCH V8 20/47] OvmfPkg/PlatformPei: Refactor MiscInitialization for CloudHV

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

Refactor MiscInitialization for CloudHV to set PCD as other platforms
do. Because in the following patch we will split the functions which
set PCDs into two, one for PlatformInitLib, one for PlatformPei.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/Platform.c | 13 ++---
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index af9e72cd7a98..3e0c56db57ed 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -380,13 +380,7 @@ MiscInitialization (
   AcpiEnBit  = ICH9_ACPI_CNTL_ACPI_EN;
   break;
 case CLOUDHV_DEVICE_ID:
-  DEBUG ((DEBUG_INFO, "%a: Cloud Hypervisor host bridge\n", __FUNCTION__));
-  PcdStatus = PcdSet16S (
-PcdOvmfHostBridgePciDevId,
-CLOUDHV_DEVICE_ID
-);
-  ASSERT_RETURN_ERROR (PcdStatus);
-  return;
+  break;
 default:
   DEBUG ((
 DEBUG_ERROR,
@@ -401,6 +395,11 @@ MiscInitialization (
   PcdStatus = PcdSet16S (PcdOvmfHostBridgePciDevId, 
PlatformInfoHob->HostBridgeDevId);
   ASSERT_RETURN_ERROR (PcdStatus);
 
+  if (PlatformInfoHob->HostBridgeDevId == CLOUDHV_DEVICE_ID) {
+DEBUG ((DEBUG_INFO, "%a: Cloud Hypervisor is done.\n", __FUNCTION__));
+return;
+  }
+
   //
   // If the appropriate IOspace enable bit is set, assume the ACPI PMBA has
   // been configured and skip the setup here. This matches the logic in
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87488): https://edk2.groups.io/g/devel/message/87488
Mute This Topic: https://groups.io/mt/89725414/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 19/47] OvmfPkg/PlatformPei: Refactor MiscInitialization

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

In MiscInitialization Microvm looks a little weird. Other platforms
call PcdSet16S to set the PcdOvmfHostBridgePciDevId with the value same
as PlatformInfoHob->HostBridgeDevId. But Microvm doesn't follow this
way. In switch-case 0x is Microvm, but set with
MICROVM_PSEUDO_DEVICE_ID. So we have to add a new function
( MiscInitializationForMicrovm ) for Microvm and delete the code in
MiscInitialization.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/Platform.c | 46 ++
 1 file changed, 36 insertions(+), 10 deletions(-)

diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c
index 80eb4cc9adcd..af9e72cd7a98 100644
--- a/OvmfPkg/PlatformPei/Platform.c
+++ b/OvmfPkg/PlatformPei/Platform.c
@@ -304,6 +304,36 @@ MicrovmInitialization (
   *FdtHobData = (UINTN)NewBase;
 }
 
+VOID
+MiscInitializationForMicrovm (
+  IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  RETURN_STATUS  PcdStatus;
+
+  ASSERT (PlatformInfoHob->HostBridgeDevId == 0x);
+
+  DEBUG ((DEBUG_INFO, "%a: microvm\n", __FUNCTION__));
+  //
+  // Disable A20 Mask
+  //
+  IoOr8 (0x92, BIT1);
+
+  //
+  // Build the CPU HOB with guest RAM size dependent address width and 16-bits
+  // of IO space. (Side note: unlike other HOBs, the CPU HOB is needed during
+  // S3 resume as well, so we build it unconditionally.)
+  //
+  BuildCpuHob (PlatformInfoHob->PhysMemAddressWidth, 16);
+
+  MicrovmInitialization ();
+  PcdStatus = PcdSet16S (
+PcdOvmfHostBridgePciDevId,
+MICROVM_PSEUDO_DEVICE_ID
+);
+  ASSERT_RETURN_ERROR (PcdStatus);
+}
+
 VOID
 MiscInitialization (
   IN EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
@@ -349,15 +379,6 @@ MiscInitialization (
   AcpiCtlReg = POWER_MGMT_REGISTER_Q35 (ICH9_ACPI_CNTL);
   AcpiEnBit  = ICH9_ACPI_CNTL_ACPI_EN;
   break;
-case 0x: /* microvm */
-  DEBUG ((DEBUG_INFO, "%a: microvm\n", __FUNCTION__));
-  MicrovmInitialization ();
-  PcdStatus = PcdSet16S (
-PcdOvmfHostBridgePciDevId,
-MICROVM_PSEUDO_DEVICE_ID
-);
-  ASSERT_RETURN_ERROR (PcdStatus);
-  return;
 case CLOUDHV_DEVICE_ID:
   DEBUG ((DEBUG_INFO, "%a: Cloud Hypervisor host bridge\n", __FUNCTION__));
   PcdStatus = PcdSet16S (
@@ -762,7 +783,12 @@ InitializePlatform (
 
   InstallClearCacheCallback ();
   AmdSevInitialize ();
-  MiscInitialization (&mPlatformInfoHob);
+  if (mPlatformInfoHob.HostBridgeDevId == 0x) {
+MiscInitializationForMicrovm (&mPlatformInfoHob);
+  } else {
+MiscInitialization (&mPlatformInfoHob);
+  }
+
   InstallFeatureControlCallback ();
 
   return EFI_SUCCESS;
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87487): https://edk2.groups.io/g/devel/message/87487
Mute This Topic: https://groups.io/mt/89725412/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 18/47] OvmfPkg/PlatformPei: Move global variables to PlatformInfoHob

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

The intention of PlatformInitLib is to extract the common function used
in OvmfPkg/PlatformPei. This lib will be used not only in PEI phase but
also in SEC phase. SEC phase cannot use global variables between
different functions. So PlatformInfoHob is created to hold the
informations shared between functions. For example, HostBridgeDevId
corespond to mHostBridgeDevId in PlatformPei.

In this patch we will first move below global variables to
PlatformInfoHob.
 - mBootMode
 - mS3Supported
 - mPhysMemAddressWidth
 - mMaxCpuCount
 - mHostBridgeDevId
 - mQ35SmramAtDefaultSmbase
 - mQemuUc32Base
 - mS3AcpiReservedMemorySize
 - mS3AcpiReservedMemoryBase

PlatformInfoHob also holds other information, for example,
PciIoBase / PciIoSize. This is because in SEC phase, PcdSetxxx
doesn't work. So we will restruct the functions which set PCDs
into two, one for PlatformInfoLib, one for PlatformPei.

So in this patch we first move global variables and PCDs to
PlatformInfoHob. All the changes are in OvmfPkg/PlatformPei.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Cc: Sebastien Boeuf 
Signed-off-by: Min Xu 
---
 OvmfPkg/PlatformPei/AmdSev.c  |  10 +-
 OvmfPkg/PlatformPei/Fv.c  |   6 +-
 OvmfPkg/PlatformPei/MemDetect.c   | 210 +++---
 OvmfPkg/PlatformPei/MemTypeInfo.c |   4 +-
 OvmfPkg/PlatformPei/Platform.c| 109 
 OvmfPkg/PlatformPei/Platform.h|  43 +++---
 6 files changed, 201 insertions(+), 181 deletions(-)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index fb7e21ec140f..c180383b42b0 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -24,6 +24,8 @@
 
 #include "Platform.h"
 
+extern EFI_HOB_PLATFORM_INFO  mPlatformInfoHob;
+
 STATIC
 UINT64
 GetHypervisorFeature (
@@ -228,7 +230,7 @@ AmdSevEsInitialize (
   //   Since the pages must survive across the UEFI to OS transition
   //   make them reserved.
   //
-  GhcbPageCount = mMaxCpuCount * 2;
+  GhcbPageCount = mPlatformInfoHob.PcdCpuMaxLogicalProcessorNumber * 2;
   GhcbBase  = AllocateReservedPages (GhcbPageCount);
   ASSERT (GhcbBase != NULL);
 
@@ -266,7 +268,7 @@ AmdSevEsInitialize (
   // Allocate #VC recursion backup pages. The number of backup pages needed is
   // one less than the maximum VC count.
   //
-  GhcbBackupPageCount = mMaxCpuCount * (VMGEXIT_MAXIMUM_VC_COUNT - 1);
+  GhcbBackupPageCount = mPlatformInfoHob.PcdCpuMaxLogicalProcessorNumber * 
(VMGEXIT_MAXIMUM_VC_COUNT - 1);
   GhcbBackupBase  = AllocatePages (GhcbBackupPageCount);
   ASSERT (GhcbBackupBase != NULL);
 
@@ -367,7 +369,7 @@ AmdSevInitialize (
   // until after re-encryption, in order to prevent an information leak to the
   // hypervisor.
   //
-  if (FeaturePcdGet (PcdSmmSmramRequire) && (mBootMode != BOOT_ON_S3_RESUME)) {
+  if (mPlatformInfoHob.SmmSmramRequire && (mPlatformInfoHob.BootMode != 
BOOT_ON_S3_RESUME)) {
 RETURN_STATUS  LocateMapStatus;
 UINTN  MapPagesBase;
 UINTN  MapPagesCount;
@@ -378,7 +380,7 @@ AmdSevInitialize (
 );
 ASSERT_RETURN_ERROR (LocateMapStatus);
 
-if (mQ35SmramAtDefaultSmbase) {
+if (mPlatformInfoHob.Q35SmramAtDefaultSmbase) {
   //
   // The initial SMRAM Save State Map has been covered as part of a larger
   // reserved memory allocation in InitializeRamRegions().
diff --git a/OvmfPkg/PlatformPei/Fv.c b/OvmfPkg/PlatformPei/Fv.c
index 8cd8cacc5913..b9bf1a1d8b01 100644
--- a/OvmfPkg/PlatformPei/Fv.c
+++ b/OvmfPkg/PlatformPei/Fv.c
@@ -13,6 +13,8 @@
 #include 
 #include 
 
+extern EFI_HOB_PLATFORM_INFO  mPlatformInfoHob;
+
 /**
   Publish PEI & DXE (Decompressed) Memory based FVs to let PEI
   and DXE know about them.
@@ -37,7 +39,7 @@ PeiFvInitialization (
   BuildMemoryAllocationHob (
 PcdGet32 (PcdOvmfPeiMemFvBase),
 PcdGet32 (PcdOvmfPeiMemFvSize),
-mS3Supported ? EfiACPIMemoryNVS : EfiBootServicesData
+mPlatformInfoHob.S3Supported ? EfiACPIMemoryNVS : EfiBootServicesData
 );
 
   //
@@ -45,7 +47,7 @@ PeiFvInitialization (
   //
   BuildFvHob (PcdGet32 (PcdOvmfDxeMemFvBase), PcdGet32 (PcdOvmfDxeMemFvSize));
 
-  SecureS3Needed = mS3Supported && FeaturePcdGet (PcdSmmSmramRequire);
+  SecureS3Needed = mPlatformInfoHob.S3Supported && 
mPlatformInfoHob.SmmSmramRequire;
 
   //
   // Create a memory allocation HOB for the DXE FV.
diff --git a/OvmfPkg/PlatformPei/MemDetect.c b/OvmfPkg/PlatformPei/MemDetect.c
index e5e105f377dd..981a9ff28685 100644
--- a/OvmfPkg/PlatformPei/MemDetect.c
+++ b/OvmfPkg/PlatformPei/MemDetect.c
@@ -37,20 +37,10 @@ Module Name:
 #include 
 #include 
 #include 
-#include 
 
 #include "Platform.h"
 
-UINT8  mPhysMemAddressWidth;
-
-STATIC UINT32  mS3AcpiReservedMemoryBase;
-STATIC UINT32  mS3AcpiReservedMemorySize;
-
-STATIC UINT16  mQ35TsegMbytes;
-
-BOOLEAN  m

[edk2-devel] [PATCH V8 17/47] OvmfPkg/PlatformInitLib: Add hob functions

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

In this patch of PlatformInitLib, below hob functions are introduced:
 - PlatformAddIoMemoryBaseSizeHob
 - PlatformAddIoMemoryRangeHob
 - PlatformAddMemoryBaseSizeHob
 - PlatformAddMemoryRangeHob
 - PlatformAddReservedMemoryBaseSizeHob

They correspond the below functions in OvmfPkg/PlatformPei:
 - AddIoMemoryBaseSizeHob
 - AddIoMemoryRangeHob
 - AddMemoryBaseSizeHob
 - AddMemoryRangeHob
 - AddReservedMemoryBaseSizeHob

After above hob functions are introduced in PlatformInitLib,
OvmfPkg/PlatformPei is refactored with this library.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/Library/PlatformInitLib.h |  36 ++
 OvmfPkg/Library/PlatformInitLib/Platform.c| 106 ++
 .../PlatformInitLib/PlatformInitLib.inf   |   2 +
 OvmfPkg/PlatformPei/MemDetect.c   |  20 ++--
 OvmfPkg/PlatformPei/Platform.c| 101 ++---
 OvmfPkg/PlatformPei/Platform.h|  31 -
 6 files changed, 165 insertions(+), 131 deletions(-)
 create mode 100644 OvmfPkg/Library/PlatformInitLib/Platform.c

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h 
b/OvmfPkg/Include/Library/PlatformInitLib.h
index 2ebac5ccb013..9b99d4c1f514 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -96,4 +96,40 @@ PlatformDebugDumpCmos (
   VOID
   );
 
+VOID
+EFIAPI
+PlatformAddIoMemoryBaseSizeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN UINT64MemorySize
+  );
+
+VOID
+EFIAPI
+PlatformAddIoMemoryRangeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN EFI_PHYSICAL_ADDRESS  MemoryLimit
+  );
+
+VOID
+EFIAPI
+PlatformAddMemoryBaseSizeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN UINT64MemorySize
+  );
+
+VOID
+EFIAPI
+PlatformAddMemoryRangeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN EFI_PHYSICAL_ADDRESS  MemoryLimit
+  );
+
+VOID
+EFIAPI
+PlatformAddReservedMemoryBaseSizeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN UINT64MemorySize,
+  IN BOOLEAN   Cacheable
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c 
b/OvmfPkg/Library/PlatformInitLib/Platform.c
new file mode 100644
index ..e41f230ff563
--- /dev/null
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -0,0 +1,106 @@
+/**@file
+
+  Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+  Copyright (c) 2011, Andrei Warkentin 
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+//
+// The package level header files this module uses
+//
+#include 
+
+//
+// The Library classes this module consumes
+//
+#include 
+#include 
+#include 
+#include 
+#include 
+
+VOID
+EFIAPI
+PlatformAddIoMemoryBaseSizeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN UINT64MemorySize
+  )
+{
+  BuildResourceDescriptorHob (
+EFI_RESOURCE_MEMORY_MAPPED_IO,
+EFI_RESOURCE_ATTRIBUTE_PRESENT |
+EFI_RESOURCE_ATTRIBUTE_INITIALIZED |
+EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE |
+EFI_RESOURCE_ATTRIBUTE_TESTED,
+MemoryBase,
+MemorySize
+);
+}
+
+VOID
+EFIAPI
+PlatformAddReservedMemoryBaseSizeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN UINT64MemorySize,
+  IN BOOLEAN   Cacheable
+  )
+{
+  BuildResourceDescriptorHob (
+EFI_RESOURCE_MEMORY_RESERVED,
+EFI_RESOURCE_ATTRIBUTE_PRESENT |
+EFI_RESOURCE_ATTRIBUTE_INITIALIZED |
+EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE |
+(Cacheable ?
+ EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE |
+ EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE |
+ EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE :
+ 0
+) |
+EFI_RESOURCE_ATTRIBUTE_TESTED,
+MemoryBase,
+MemorySize
+);
+}
+
+VOID
+EFIAPI
+PlatformAddIoMemoryRangeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN EFI_PHYSICAL_ADDRESS  MemoryLimit
+  )
+{
+  PlatformAddIoMemoryBaseSizeHob (MemoryBase, (UINT64)(MemoryLimit - 
MemoryBase));
+}
+
+VOID
+EFIAPI
+PlatformAddMemoryBaseSizeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN UINT64MemorySize
+  )
+{
+  BuildResourceDescriptorHob (
+EFI_RESOURCE_SYSTEM_MEMORY,
+EFI_RESOURCE_ATTRIBUTE_PRESENT |
+EFI_RESOURCE_ATTRIBUTE_INITIALIZED |
+EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE |
+EFI_RESOURCE_ATTRIBUTE_WRITE_COMBINEABLE |
+EFI_RESOURCE_ATTRIBUTE_WRITE_THROUGH_CACHEABLE |
+EFI_RESOURCE_ATTRIBUTE_WRITE_BACK_CACHEABLE |
+EFI_RESOURCE_ATTRIBUTE_TESTED,
+MemoryBase,
+MemorySize
+);
+}
+
+VOID
+EFIAPI
+PlatformAddMemoryRangeHob (
+  IN EFI_PHYSICAL_ADDRESS  MemoryBase,
+  IN EFI_PHYSICAL_ADDRESS  MemoryLimit
+  )
+{
+  PlatformAddMemoryBaseSizeHob (MemoryBase, (UINT64)(MemoryLimit - 
MemoryBase));
+}
diff --git a/OvmfPkg/Library/PlatformInit

[edk2-devel] [PATCH V8 16/47] OvmfPkg: Create initial version of PlatformInitLib

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3863

There are 3 variants of PlatformPei in OvmfPkg:
 - OvmfPkg/PlatformPei
 - OvmfPkg/XenPlatformPei
 - OvmfPkg/Bhyve/PlatformPei/PlatformPei.inf
These PlatformPeis can share many common codes, such as
Cmos / Hob / Memory / Platform related functions. This commit
(and its following several patches) are to create a PlatformInitLib
which wraps the common code called in above PlatformPeis.

In this initial version of PlatformInitLib, below Cmos related functions
are introduced:
 - PlatformCmosRead8
 - PlatformCmosWrite8
 - PlatformDebugDumpCmos

They correspond to the functions in OvmfPkg/PlatformPei:
 - CmosRead8
 - CmosWrite8
 - DebugDumpCmos

Considering this PlatformInitLib will be used in SEC phase, global
variables and dynamic PCDs are avoided. We use PlatformInfoHob
to exchange information between functions.

EFI_HOB_PLATFORM_INFO is the data struct which contains the platform
information, such as HostBridgeDevId, BootMode, S3Supported,
SmmSmramRequire, etc.

After PlatformInitLib is created, OvmfPkg/PlatformPei is refactored
with this library.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/AmdSev/AmdSevX64.dsc  |  1 +
 OvmfPkg/CloudHv/CloudHvX64.dsc|  1 +
 OvmfPkg/Include/Library/PlatformInitLib.h | 99 +++
 .../PlatformInitLib}/Cmos.c   | 32 +-
 .../PlatformInitLib/PlatformInitLib.inf   | 36 +++
 OvmfPkg/Microvm/MicrovmX64.dsc|  1 +
 OvmfPkg/OvmfPkg.dec   |  4 +
 OvmfPkg/OvmfPkgIa32.dsc   |  1 +
 OvmfPkg/OvmfPkgIa32X64.dsc|  1 +
 OvmfPkg/OvmfPkgX64.dsc|  1 +
 OvmfPkg/PlatformPei/Cmos.h| 48 -
 OvmfPkg/PlatformPei/MemDetect.c   |  8 +-
 OvmfPkg/PlatformPei/Platform.c| 29 +-
 OvmfPkg/PlatformPei/PlatformPei.inf   |  3 +-
 14 files changed, 183 insertions(+), 82 deletions(-)
 create mode 100644 OvmfPkg/Include/Library/PlatformInitLib.h
 rename OvmfPkg/{PlatformPei => Library/PlatformInitLib}/Cmos.c (61%)
 create mode 100644 OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
 delete mode 100644 OvmfPkg/PlatformPei/Cmos.h

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index fd56176796d5..785049c88962 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -280,6 +280,7 @@
 !include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
 
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
+  PlatformInitLib|OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
 
 [LibraryClasses.common.DXE_CORE]
   HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index b4d855d80f56..b8a82380202c 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -307,6 +307,7 @@
 !include OvmfPkg/OvmfTpmLibsPeim.dsc.inc
 
   MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
+  PlatformInitLib|OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
 
 [LibraryClasses.common.DXE_CORE]
   HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h 
b/OvmfPkg/Include/Library/PlatformInitLib.h
new file mode 100644
index ..2ebac5ccb013
--- /dev/null
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -0,0 +1,99 @@
+/** @file
+  PlatformInitLib header file.
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef PLATFORM_INIT_LIB_H_
+#define PLATFORM_INIT_LIB_H_
+
+#include 
+
+#pragma pack(1)
+typedef struct {
+  EFI_HOB_GUID_TYPEGuidHeader;
+  UINT16   HostBridgeDevId;
+
+  UINT64   PcdConfidentialComputingGuestAttr;
+  BOOLEAN  SevEsIsEnabled;
+
+  UINT32   BootMode;
+  BOOLEAN  S3Supported;
+
+  BOOLEAN  SmmSmramRequire;
+  BOOLEAN  Q35SmramAtDefaultSmbase;
+  UINT16   Q35TsegMbytes;
+
+  UINT64   FirstNonAddress;
+  UINT8PhysMemAddressWidth;
+  UINT32   Uc32Base;
+  UINT32   Uc32Size;
+
+  BOOLEAN  PcdSetNxForStack;
+  UINT64   PcdTdxSharedBitMask;
+
+  UINT64   PcdPciMmio64Base;
+  UINT64   PcdPciMmio64Size;
+  UINT32   PcdPciMmio32Base;
+  UINT32   PcdPciMmio32Size;
+  UINT64   PcdPciIoBase;
+  UINT64   PcdPciIoSize;
+
+  UINT64   PcdEmuVariableNvStoreReserved;
+  UINT32   PcdCpuBootLogicalProcessorNumber;
+  UINT32   PcdCpuMaxLogicalProcessorNumber;
+  UINT32   DefaultMaxCpuNumber;
+
+  UIN

[edk2-devel] [PATCH V8 15/47] OvmfPkg: Add TdxMailboxLib

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

In Tdx BSP may issues commands to APs for some task, for example, to
accept pages paralelly. BSP also need to wait until all the APs have
done the task. TdxMailboxLib wraps these common funtions for BSP.

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/Library/TdxMailboxLib.h   |  76 ++
 OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c| 141 ++
 .../Library/TdxMailboxLib/TdxMailboxLib.inf   |  52 +++
 .../Library/TdxMailboxLib/TdxMailboxNull.c|  85 +++
 OvmfPkg/OvmfPkg.dec   |   4 +
 5 files changed, 358 insertions(+)
 create mode 100644 OvmfPkg/Include/Library/TdxMailboxLib.h
 create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c
 create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf
 create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailboxNull.c

diff --git a/OvmfPkg/Include/Library/TdxMailboxLib.h 
b/OvmfPkg/Include/Library/TdxMailboxLib.h
new file mode 100644
index ..166cab43bc02
--- /dev/null
+++ b/OvmfPkg/Include/Library/TdxMailboxLib.h
@@ -0,0 +1,76 @@
+/** @file
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef TDX_MAILBOX_LIB_H_
+#define TDX_MAILBOX_LIB_H_
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/**
+  This function will be called by BSP to get the CPU number.
+
+  @retval   CPU number
+**/
+UINT32
+EFIAPI
+GetCpusNum (
+  VOID
+  );
+
+/**
+  Get the address of Td mailbox.
+**/
+volatile VOID *
+EFIAPI
+GetTdxMailBox (
+  VOID
+  );
+
+/**
+  This function will be called by BSP to wakeup APs the are spinning on mailbox
+  in protected mode
+
+  @param[in] Command  Command to send APs
+  @param[in] WakeupVector If used, address for APs to start executing
+  @param[in] WakeArgsXArgs to pass to APs for excuting commands
+**/
+VOID
+EFIAPI
+MpSendWakeupCommand (
+  IN UINT16  Command,
+  IN UINT64  WakeupVector,
+  IN UINT64  WakeupArgs1,
+  IN UINT64  WakeupArgs2,
+  IN UINT64  WakeupArgs3,
+  IN UINT64  WakeupArgs4
+  );
+
+/**
+  BSP wait until all the APs arriving. It means the task triggered by BSP is 
started.
+**/
+VOID
+EFIAPI
+MpSerializeStart (
+  VOID
+  );
+
+/**
+  BSP wait until all the APs arriving. It means the task triggered by BSP is 
ended.
+**/
+VOID
+EFIAPI
+MpSerializeEnd (
+  VOID
+  );
+
+#endif
diff --git a/OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c 
b/OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c
new file mode 100644
index ..74cb55611fe3
--- /dev/null
+++ b/OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c
@@ -0,0 +1,141 @@
+/** @file
+
+  Copyright (c) 2008, Intel Corporation. All rights reserved.
+  (C) Copyright 2016 Hewlett Packard Enterprise Development LP
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+volatile VOID  *mMailBox  = NULL;
+UINT32 mNumOfCpus = 0;
+
+/**
+  This function will be called by BSP to get the CPU number.
+
+  @retval   CPU number
+**/
+UINT32
+EFIAPI
+GetCpusNum (
+  VOID
+  )
+{
+  if (mNumOfCpus == 0) {
+mNumOfCpus = TdVCpuNum ();
+  }
+
+  return mNumOfCpus;
+}
+
+/**
+  Get the address of Td mailbox.
+**/
+volatile VOID *
+EFIAPI
+GetTdxMailBox (
+  VOID
+  )
+{
+  if (mMailBox == NULL) {
+mMailBox = (VOID *)(UINTN)PcdGet32 (PcdOvmfSecGhcbBackupBase);
+  }
+
+  return mMailBox;
+}
+
+/**
+  This function will be called by BSP to wakeup APs the are spinning on mailbox
+  in protected mode
+
+  @param[in] Command  Command to send APs
+  @param[in] WakeupVector If used, address for APs to start executing
+  @param[in] WakeArgsXArgs to pass to APs for excuting commands
+**/
+VOID
+EFIAPI
+MpSendWakeupCommand (
+  IN UINT16  Command,
+  IN UINT64  WakeupVector,
+  IN UINT64  WakeupArgs1,
+  IN UINT64  WakeupArgs2,
+  IN UINT64  WakeupArgs3,
+  IN UINT64  WakeupArgs4
+  )
+{
+  volatile MP_WAKEUP_MAILBOX  *MailBox;
+
+  MailBox   = (volatile MP_WAKEUP_MAILBOX *)GetTdxMailBox ();
+  MailBox->ApicId   = MP_CPU_PROTECTED_MODE_MAILBOX_APICID_INVALID;
+  MailBox->WakeUpVector = 0;
+  MailBox->Command  = MpProtectedModeWakeupCommandNoop;
+  MailBox->ApicId   = MP_CPU_PROTECTED_MODE_MAILBOX_APICID_BROADCAST;
+  MailBox->WakeUpVector = WakeupVector;
+  MailBox->WakeUpArgs1  = WakeupArgs1;
+  MailBox->WakeUpArgs2  = WakeupArgs2;
+  MailBox->WakeUpArgs3  = WakeupArgs3;
+  MailBox->WakeUpArgs4  = WakeupArgs4;
+  AsmCpuid (0x01, NULL, NULL, NULL, NULL);
+  MailBox->Command = Command;
+  AsmCpuid (0x01, NULL, NULL, NULL, NULL);
+  return;
+}
+
+/**
+  BSP wait until all the APs arriving. It means the task triggered by BSP is

[edk2-devel] [PATCH V8 14/47] OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

IntelTdx.h defines the defition used by TDX in OvmfPkg:
 - Mailbox related defitions,such as the data structure, command code,
   AP relocation defitions.

See Table 5.44 Multiprocessor Wakeup Mailbox Structure in below link.
https://uefi.org/specs/ACPI/6.4/05_ACPI_Software_Programming_Model/
ACPI_Software_Programming_Model.html#multiprocessor-wakeup-structure

Cc: Ard Biesheuvel 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Include/IndustryStandard/IntelTdx.h | 67 +
 1 file changed, 67 insertions(+)
 create mode 100644 OvmfPkg/Include/IndustryStandard/IntelTdx.h

diff --git a/OvmfPkg/Include/IndustryStandard/IntelTdx.h 
b/OvmfPkg/Include/IndustryStandard/IntelTdx.h
new file mode 100644
index ..cc849be2fb59
--- /dev/null
+++ b/OvmfPkg/Include/IndustryStandard/IntelTdx.h
@@ -0,0 +1,67 @@
+/** @file
+  Defines the defitions used by TDX in OvmfPkg.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef OVMF_INTEL_TDX_H_
+#define OVMF_INTEL_TDX_H_
+
+#include 
+#include 
+#include 
+#include 
+
+#define MP_CPU_PROTECTED_MODE_MAILBOX_APICID_INVALID0x
+#define MP_CPU_PROTECTED_MODE_MAILBOX_APICID_BROADCAST  0xFFFE
+
+typedef enum {
+  MpProtectedModeWakeupCommandNoop= 0,
+  MpProtectedModeWakeupCommandWakeup  = 1,
+  MpProtectedModeWakeupCommandSleep   = 2,
+  MpProtectedModeWakeupCommandAcceptPages = 3,
+} MP_CPU_PROTECTED_MODE_WAKEUP_CMD;
+
+#pragma pack(1)
+
+//
+// Describes the CPU MAILBOX control structure use to
+// wakeup cpus spinning in long mode
+//
+typedef struct {
+  UINT16Command;
+  UINT16Resv;
+  UINT32ApicId;
+  UINT64WakeUpVector;
+  UINT8 ResvForOs[2032];
+  //
+  // Arguments available for wakeup code
+  //
+  UINT64WakeUpArgs1;
+  UINT64WakeUpArgs2;
+  UINT64WakeUpArgs3;
+  UINT64WakeUpArgs4;
+  UINT8 Pad1[0xe0];
+  UINT64NumCpusArriving;
+  UINT8 Pad2[0xf8];
+  UINT64NumCpusExiting;
+  UINT32Tallies[256];
+  UINT8 Errors[256];
+  UINT8 Pad3[0xf8];
+} MP_WAKEUP_MAILBOX;
+
+//
+// AP relocation code information including code address and size,
+// this structure will be shared be C code and assembly code.
+// It is natural aligned by design.
+//
+typedef struct {
+  UINT8*RelocateApLoopFuncAddress;
+  UINTNRelocateApLoopFuncSize;
+} MP_RELOCATION_MAP;
+
+#pragma pack()
+
+#endif
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87482): https://edk2.groups.io/g/devel/message/87482
Mute This Topic: https://groups.io/mt/89725405/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 13/47] UefiCpuPkg: Enable Tdx support in MpInitLib

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

In TDVF BSP and APs are simplified. BSP is the vCPU-0, while the others
are treated as APs.

So MP intialization is rather simple. The processor info is retrieved by
TDCALL, ApWorker is not supported, BSP is always the working processor,
while the APs are just in a wait-for-precedure state.

Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |   3 +
 UefiCpuPkg/Library/MpInitLib/DxeMpLib.c   |  15 +-
 UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h |  71 ++
 UefiCpuPkg/Library/MpInitLib/MpLib.c  |  27 
 UefiCpuPkg/Library/MpInitLib/MpLibTdx.c   | 128 ++
 UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c   |  73 ++
 UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |   3 +
 7 files changed, 319 insertions(+), 1 deletion(-)
 create mode 100644 UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h
 create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdx.c
 create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c

diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf 
b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
index e1cd0b350008..159b4d16ed0e 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -24,10 +24,12 @@
 [Sources.IA32]
   Ia32/AmdSev.c
   Ia32/MpFuncs.nasm
+  MpLibTdxNull.c
 
 [Sources.X64]
   X64/AmdSev.c
   X64/MpFuncs.nasm
+  MpLibTdx.c
 
 [Sources.common]
   AmdSev.c
@@ -36,6 +38,7 @@
   MpLib.c
   MpLib.h
   Microcode.c
+  MpIntelTdx.h
 
 [Packages]
   MdePkg/MdePkg.dec
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c 
b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
index 60d14a5a0e10..237cad8c5fd6 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
@@ -7,6 +7,7 @@
 **/
 
 #include "MpLib.h"
+#include "MpIntelTdx.h"
 
 #include 
 #include 
@@ -15,8 +16,8 @@
 #include 
 #include 
 #include 
-
 #include 
+#include 
 
 #define  AP_SAFE_STACK_SIZE  128
 
@@ -824,6 +825,10 @@ MpInitLibStartupThisAP (
 {
   EFI_STATUS  Status;
 
+  if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {
+return EFI_UNSUPPORTED;
+  }
+
   //
   // temporarily stop checkAllApsStatus for avoid resource dead-lock.
   //
@@ -880,6 +885,10 @@ MpInitLibSwitchBSP (
   EFI_TIMER_ARCH_PROTOCOL  *Timer;
   UINT64   TimerPeriod;
 
+  if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {
+return EFI_UNSUPPORTED;
+  }
+
   TimerPeriod = 0;
   //
   // Locate Timer Arch Protocol
@@ -953,6 +962,10 @@ MpInitLibEnableDisableAP (
   EFI_STATUS  Status;
   BOOLEAN TempStopCheckState;
 
+  if (CC_GUEST_IS_TDX (PcdGet64 (PcdConfidentialComputingGuestAttr))) {
+return EFI_UNSUPPORTED;
+  }
+
   TempStopCheckState = FALSE;
   //
   // temporarily stop checkAllAPsStatus for initialize parameters.
diff --git a/UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h 
b/UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h
new file mode 100644
index ..b2136f466ce6
--- /dev/null
+++ b/UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h
@@ -0,0 +1,71 @@
+/** @file
+  Intel Tdx header file.
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef MP_INTEL_TDX_H_
+#define MP_INTEL_TDX_H_
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+/**
+  Gets detailed MP-related information on the requested processor at the
+  instant this call is made. This service may only be called from the BSP.
+
+  @param[in]  ProcessorNumber   The handle number of processor.
+  @param[out] ProcessorInfoBuffer   A pointer to the buffer where information 
for
+the requested processor is deposited.
+  @param[out]  HealthDataReturn processor health data.
+
+  @retval EFI_SUCCESS Processor information was returned.
+  @retval EFI_DEVICE_ERRORThe calling processor is an AP.
+  @retval EFI_INVALID_PARAMETER   ProcessorInfoBuffer is NULL.
+  @retval EFI_NOT_FOUND   The processor with the handle specified by
+  ProcessorNumber does not exist in the 
platform.
+  @retval EFI_NOT_READY   MP Initialize Library is not initialized.
+
+**/
+EFI_STATUS
+EFIAPI
+TdxMpInitLibGetProcessorInfo (
+  IN  UINTN  ProcessorNumber,
+  OUT EFI_PROCESSOR_INFORMATION  *ProcessorInfoBuffer,
+  OUT EFI_HEALTH_FLAGS   *HealthData  OPTIONAL
+  );
+
+/**
+  Retrieves the number of logical processor in the platform and the number of
+  those logical processors that are enabled on this boot. This service may only
+  be called from the BSP.
+
+  @param[out] NumberOfProcessors  Pointer to the total number of 
logical
+  

[edk2-devel] [PATCH V8 12/47] MdePkg: Add macro to check SEV / TDX guest

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Add macros CC_GUEST_IS_SEV / CC_GUEST_IS_TDX to check SEV / TDX guest.

Cc: Michael Roth 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Eric Dong 
Cc: James Bottomley 
Cc: Min Xu 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Jordan Justen 
Cc: Ard Biesheuvel 
Cc: Erdem Aktas 
Cc: Gerd Hoffmann 
Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 MdePkg/Include/ConfidentialComputingGuestAttr.h | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h 
b/MdePkg/Include/ConfidentialComputingGuestAttr.h
index 6a1301801519..dd2541c6dcdf 100644
--- a/MdePkg/Include/ConfidentialComputingGuestAttr.h
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -22,4 +22,7 @@ typedef enum {
   CCAttrIntelTdx = 0x200,
 } CONFIDENTIAL_COMPUTING_GUEST_ATTR;
 
+#define CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
+#define CC_GUEST_IS_SEV(x)  ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || 
(x) == CCAttrAmdSevSnp)
+
 #endif
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87480): https://edk2.groups.io/g/devel/message/87480
Mute This Topic: https://groups.io/mt/89725403/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 11/47] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

MSR is accessed in BaseXApicX2ApicLib. In TDX some MSRs are accessed
directly from/to CPU. Some should be accessed via explicit requests
from the host VMM using TDCALL(TDG.VP.VMCALL). This is done by the
help of TdxLib.

Please refer to [TDX] Section 18.1
TDX: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-module-1.0-public-spec-v0.931.pdf

Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 .../BaseXApicX2ApicLib/BaseXApicX2ApicLib.c   | 160 +-
 1 file changed, 152 insertions(+), 8 deletions(-)

diff --git a/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c 
b/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
index aaa42ff8450b..2d17177df12b 100644
--- a/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
+++ b/UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.c
@@ -23,11 +23,155 @@
 #include 
 #include 
 #include 
+#include 
 
 //
 // Library internal functions
 //
 
+/**
+  Some MSRs in TDX are accessed via TdCall.
+  Some are directly read/write from/to CPU.
+
+  @param  MsrIndex  Index of the MSR
+  @retval TRUE  MSR accessed via TdCall.
+  @retval FALSE MSR accessed not via TdCall.
+
+**/
+BOOLEAN
+AccessMsrTdxCall (
+  IN UINT32  MsrIndex
+  )
+{
+  if (!TdIsEnabled ()) {
+return FALSE;
+  }
+
+  switch (MsrIndex) {
+case MSR_IA32_X2APIC_TPR:
+case MSR_IA32_X2APIC_PPR:
+case MSR_IA32_X2APIC_EOI:
+case MSR_IA32_X2APIC_ISR0:
+case MSR_IA32_X2APIC_ISR1:
+case MSR_IA32_X2APIC_ISR2:
+case MSR_IA32_X2APIC_ISR3:
+case MSR_IA32_X2APIC_ISR4:
+case MSR_IA32_X2APIC_ISR5:
+case MSR_IA32_X2APIC_ISR6:
+case MSR_IA32_X2APIC_ISR7:
+case MSR_IA32_X2APIC_TMR0:
+case MSR_IA32_X2APIC_TMR1:
+case MSR_IA32_X2APIC_TMR2:
+case MSR_IA32_X2APIC_TMR3:
+case MSR_IA32_X2APIC_TMR4:
+case MSR_IA32_X2APIC_TMR5:
+case MSR_IA32_X2APIC_TMR6:
+case MSR_IA32_X2APIC_TMR7:
+case MSR_IA32_X2APIC_IRR0:
+case MSR_IA32_X2APIC_IRR1:
+case MSR_IA32_X2APIC_IRR2:
+case MSR_IA32_X2APIC_IRR3:
+case MSR_IA32_X2APIC_IRR4:
+case MSR_IA32_X2APIC_IRR5:
+case MSR_IA32_X2APIC_IRR6:
+case MSR_IA32_X2APIC_IRR7:
+  return FALSE;
+default:
+  break;
+  }
+
+  return TRUE;
+}
+
+/**
+  Read MSR value.
+
+  @param  MsrIndex  Index of the MSR to read
+  @retval 64-bitValue of MSR.
+
+**/
+UINT64
+LocalApicReadMsrReg64 (
+  IN UINT32  MsrIndex
+  )
+{
+  UINT64  Val;
+  UINT64  Status;
+
+  if (AccessMsrTdxCall (MsrIndex)) {
+Status = TdVmCall (TDVMCALL_RDMSR, (UINT64)MsrIndex, 0, 0, 0, &Val);
+if (Status != 0) {
+  TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
+}
+  } else {
+Val = AsmReadMsr64 (MsrIndex);
+  }
+
+  return Val;
+}
+
+/**
+  Write to MSR.
+
+  @param  MsrIndex  Index of the MSR to write to
+  @param  Value Value to be written to the MSR
+
+  @return Value
+
+**/
+UINT64
+LocalApicWriteMsrReg64 (
+  IN UINT32  MsrIndex,
+  IN UINT64  Value
+  )
+{
+  UINT64  Status;
+
+  if (AccessMsrTdxCall (MsrIndex)) {
+Status = TdVmCall (TDVMCALL_WRMSR, (UINT64)MsrIndex, Value, 0, 0, 0);
+if (Status != 0) {
+  TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
+}
+  } else {
+AsmWriteMsr64 (MsrIndex, Value);
+  }
+
+  return Value;
+}
+
+/**
+  Read MSR value.
+
+  @param  MsrIndex  Index of the MSR to read
+  @retval 32-bitValue of MSR.
+
+**/
+UINT32
+LocalApicReadMsrReg32 (
+  IN UINT32  MsrIndex
+  )
+{
+  return (UINT32)LocalApicReadMsrReg64 (MsrIndex);
+}
+
+/**
+  Write to MSR.
+
+  @param  MsrIndex  Index of the MSR to write to
+  @param  Value Value to be written to the MSR
+
+  @return Value
+
+**/
+UINT32
+LocalApicWriteMsrReg32 (
+  IN UINT32  MsrIndex,
+  IN UINT32  Value
+  )
+{
+  return (UINT32)LocalApicWriteMsrReg64 (MsrIndex, Value);
+}
+
 /**
   Determine if the CPU supports the Local APIC Base Address MSR.
 
@@ -78,7 +222,7 @@ GetLocalApicBaseAddress (
 return PcdGet32 (PcdCpuLocalApicBaseAddress);
   }
 
-  ApicBaseMsr.Uint64 = AsmReadMsr64 (MSR_IA32_APIC_BASE);
+  ApicBaseMsr.Uint64 = LocalApicReadMsrReg64 (MSR_IA32_APIC_BASE);
 
   return (UINTN)(LShiftU64 ((UINT64)ApicBaseMsr.Bits.ApicBaseHi, 32)) +
  (((UINTN)ApicBaseMsr.Bits.ApicBase) << 12);
@@ -109,12 +253,12 @@ SetLocalApicBaseAddress (
 return;
   }
 
-  ApicBaseMsr.Uint64 = AsmReadMsr64 (MSR_IA32_APIC_BASE);
+  ApicBaseMsr.Uint64 = LocalApicReadMsrReg64 (MSR_IA32_APIC_BASE);
 
   ApicBaseMsr.Bits.ApicBase   = (UINT32)(BaseAddress >> 12);
   ApicBaseMsr.Bits.ApicBaseHi = (UINT32)(RShiftU64 ((UINT64)BaseAddress, 32));
 
-  AsmWriteMsr64 (MSR_IA32_APIC_BASE, ApicBaseMsr.Uint64);
+  LocalApicWriteMsrReg64 (MSR_IA32_APIC_BASE, ApicBaseMsr.Uint64);
 }
 
 /**
@@ -154,7 +298,7 @@ ReadLocalApicReg (
 ASSERT (Mmio

[edk2-devel] [PATCH V8 10/47] MdePkg: Support IoRead/IoWrite for Tdx guest in BaseIoLibIntrinsic

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

This commit supports IoRead/IoWrite for SEV/TDX/Legacy guest in one
binary. It checks the guest type in runtime and then call corresponding
functions.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c | 51 --
 MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c | 73 +++-
 2 files changed, 99 insertions(+), 25 deletions(-)

diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c 
b/MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c
index 5c791289c469..05a739085967 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c
+++ b/MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c
@@ -16,6 +16,7 @@
 **/
 
 #include "BaseIoLibIntrinsicInternal.h"
+#include "IoLibTdx.h"
 
 /**
   Reads an 8-bit I/O port.
@@ -24,7 +25,9 @@
   This function must guarantee that all I/O read and write operations are
   serialized.
 
-  If 8-bit I/O port operations are not supported, then ASSERT().
+  If 8-bit I/O port operations are not supported, then ASSERT()
+
+  For Td guest TDVMCALL_IO is invoked to read I/O port.
 
   @param  Port  The I/O port to read.
 
@@ -42,7 +45,11 @@ IoRead8 (
 
   Flag = FilterBeforeIoRead (FilterWidth8, Port, &Data);
   if (Flag) {
-__asm__ __volatile__ ("inb %w1,%b0" : "=a" (Data) : "d" ((UINT16)Port));
+if (IsTdxGuest ()) {
+  Data = TdIoRead8 (Port);
+} else {
+  __asm__ __volatile__ ("inb %w1,%b0" : "=a" (Data) : "d" ((UINT16)Port));
+}
   }
 
   FilterAfterIoRead (FilterWidth8, Port, &Data);
@@ -59,6 +66,8 @@ IoRead8 (
 
   If 8-bit I/O port operations are not supported, then ASSERT().
 
+  For Td guest TDVMCALL_IO is invoked to write I/O port.
+
   @param  Port  The I/O port to write.
   @param  Value The value to write to the I/O port.
 
@@ -76,7 +85,11 @@ IoWrite8 (
 
   Flag = FilterBeforeIoWrite (FilterWidth8, Port, &Value);
   if (Flag) {
-__asm__ __volatile__ ("outb %b0,%w1" : : "a" (Value), "d" ((UINT16)Port));
+if (IsTdxGuest ()) {
+  TdIoWrite8 (Port, Value);
+} else {
+  __asm__ __volatile__ ("outb %b0,%w1" : : "a" (Value), "d" 
((UINT16)Port));
+}
   }
 
   FilterAfterIoWrite (FilterWidth8, Port, &Value);
@@ -94,6 +107,8 @@ IoWrite8 (
   If 16-bit I/O port operations are not supported, then ASSERT().
   If Port is not aligned on a 16-bit boundary, then ASSERT().
 
+  For Td guest TDVMCALL_IO is invoked to read I/O port.
+
   @param  Port  The I/O port to read.
 
   @return The value read.
@@ -112,7 +127,11 @@ IoRead16 (
 
   Flag = FilterBeforeIoRead (FilterWidth16, Port, &Data);
   if (Flag) {
-__asm__ __volatile__ ("inw %w1,%w0" : "=a" (Data) : "d" ((UINT16)Port));
+if (IsTdxGuest ()) {
+  Data = TdIoRead16 (Port);
+} else {
+  __asm__ __volatile__ ("inw %w1,%w0" : "=a" (Data) : "d" ((UINT16)Port));
+}
   }
 
   FilterAfterIoRead (FilterWidth16, Port, &Data);
@@ -130,6 +149,8 @@ IoRead16 (
   If 16-bit I/O port operations are not supported, then ASSERT().
   If Port is not aligned on a 16-bit boundary, then ASSERT().
 
+  For Td guest TDVMCALL_IO is invoked to write I/O port.
+
   @param  Port  The I/O port to write.
   @param  Value The value to write to the I/O port.
 
@@ -149,7 +170,11 @@ IoWrite16 (
 
   Flag = FilterBeforeIoWrite (FilterWidth16, Port, &Value);
   if (Flag) {
-__asm__ __volatile__ ("outw %w0,%w1" : : "a" (Value), "d" ((UINT16)Port));
+if (IsTdxGuest ()) {
+  TdIoWrite16 (Port, Value);
+} else {
+  __asm__ __volatile__ ("outw %w0,%w1" : : "a" (Value), "d" 
((UINT16)Port));
+}
   }
 
   FilterAfterIoWrite (FilterWidth16, Port, &Value);
@@ -167,6 +192,8 @@ IoWrite16 (
   If 32-bit I/O port operations are not supported, then ASSERT().
   If Port is not aligned on a 32-bit boundary, then ASSERT().
 
+  For Td guest TDVMCALL_IO is invoked to read I/O port.
+
   @param  Port  The I/O port to read.
 
   @return The value read.
@@ -185,7 +212,11 @@ IoRead32 (
 
   Flag = FilterBeforeIoRead (FilterWidth32, Port, &Data);
   if (Flag) {
-__asm__ __volatile__ ("inl %w1,%0" : "=a" (Data) : "d" ((UINT16)Port));
+if (IsTdxGuest ()) {
+  Data = TdIoRead32 (Port);
+} else {
+  __asm__ __volatile__ ("inl %w1,%0" : "=a" (Data) : "d" ((UINT16)Port));
+}
   }
 
   FilterAfterIoRead (FilterWidth32, Port, &Data);
@@ -203,6 +234,8 @@ IoRead32 (
   If 32-bit I/O port operations are not supported, then ASSERT().
   If Port is not aligned on a 32-bit boundary, then ASSERT().
 
+  For Td guest TDVMCALL_IO is invoked to write I/O port.
+
   @param  Port  The I/O port to write.
   @param  Value The value to write to the I/O port.
 
@@ -222,7 +255,11 @@ IoWrite32 (
 
   Flag = FilterBeforeIoWrite (FilterWidth32, Port, &Value);
   if (Flag) {
-__asm__ __volatile__ ("outl

[edk2-devel] [PATCH V8 09/47] MdePkg: Support IoFifo for Tdx guest in BaseIoLibIntrinsic

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Previously IoFifo functions are in X64/IoFifoSev.nasm which supports
both SEV guest and Legacy guest. IoLibFifo.c is introduced to support
SEV/TDX/Legacy guest in one binary. It checks the guest type in runtime
and call corresponding functions then.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 .../BaseIoLibIntrinsicSev.inf |   2 +
 MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c | 217 ++
 MdePkg/Library/BaseIoLibIntrinsic/IoLibSev.h  | 166 ++
 .../BaseIoLibIntrinsic/X64/IoFifoSev.nasm |  34 +--
 4 files changed, 402 insertions(+), 17 deletions(-)
 create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c
 create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibSev.h

diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf 
b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
index a74e54bee8b5..7fe1c60f046e 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
+++ b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
@@ -31,6 +31,7 @@
   BaseIoLibIntrinsicInternal.h
   IoHighLevel.c
   IoLibTdx.h
+  IoLibSev.h
 
 [Sources.IA32]
   IoLibGcc.c| GCC
@@ -44,6 +45,7 @@
   IoLibMsc.c| MSFT
   IoLib.c
   IoLibInternalTdx.c
+  IoLibFifo.c
   X64/IoFifoSev.nasm
 
 [Packages]
diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c 
b/MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c
new file mode 100644
index ..9a94bc6a054c
--- /dev/null
+++ b/MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c
@@ -0,0 +1,217 @@
+/** @file
+  IoFifo read/write routines.
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "BaseIoLibIntrinsicInternal.h"
+#include "IoLibSev.h"
+#include "IoLibTdx.h"
+#include 
+#include 
+
+/**
+  Reads an 8-bit I/O port fifo into a block of memory.
+
+  Reads the 8-bit I/O fifo port specified by Port.
+  The port is read Count times, and the read data is
+  stored in the provided Buffer.
+
+  This function must guarantee that all I/O read and write operations are
+  serialized.
+
+  If 8-bit I/O port operations are not supported, then ASSERT().
+
+  In TDX a serial of TdIoRead8 is invoked to read the I/O port fifo.
+
+  @param  PortThe I/O port to read.
+  @param  Count   The number of times to read I/O port.
+  @param  Buffer  The buffer to store the read data into.
+
+**/
+VOID
+EFIAPI
+IoReadFifo8 (
+  IN  UINTN  Port,
+  IN  UINTN  Count,
+  OUT VOID   *Buffer
+  )
+{
+  if (IsTdxGuest ()) {
+TdIoReadFifo8 (Port, Count, Buffer);
+  } else {
+SevIoReadFifo8 (Port, Count, Buffer);
+  }
+}
+
+/**
+  Writes a block of memory into an 8-bit I/O port fifo.
+
+  Writes the 8-bit I/O fifo port specified by Port.
+  The port is written Count times, and the write data is
+  retrieved from the provided Buffer.
+
+  This function must guarantee that all I/O write and write operations are
+  serialized.
+
+  If 8-bit I/O port operations are not supported, then ASSERT().
+
+  In TDX a serial of TdIoWrite8 is invoked to write data to the I/O port.
+
+  @param  PortThe I/O port to write.
+  @param  Count   The number of times to write I/O port.
+  @param  Buffer  The buffer to retrieve the write data from.
+
+**/
+VOID
+EFIAPI
+IoWriteFifo8 (
+  IN  UINTN  Port,
+  IN  UINTN  Count,
+  IN  VOID   *Buffer
+  )
+{
+  if (IsTdxGuest ()) {
+TdIoWriteFifo8 (Port, Count, Buffer);
+  } else {
+SevIoWriteFifo8 (Port, Count, Buffer);
+  }
+}
+
+/**
+  Reads a 16-bit I/O port fifo into a block of memory.
+
+  Reads the 16-bit I/O fifo port specified by Port.
+  The port is read Count times, and the read data is
+  stored in the provided Buffer.
+
+  This function must guarantee that all I/O read and write operations are
+  serialized.
+
+  If 16-bit I/O port operations are not supported, then ASSERT().
+
+  In TDX a serial of TdIoRead16 is invoked to read data from the I/O port.
+
+  @param  PortThe I/O port to read.
+  @param  Count   The number of times to read I/O port.
+  @param  Buffer  The buffer to store the read data into.
+
+**/
+VOID
+EFIAPI
+IoReadFifo16 (
+  IN  UINTN  Port,
+  IN  UINTN  Count,
+  OUT VOID   *Buffer
+  )
+{
+  if (IsTdxGuest ()) {
+TdIoReadFifo16 (Port, Count, Buffer);
+  } else {
+SevIoReadFifo16 (Port, Count, Buffer);
+  }
+}
+
+/**
+  Writes a block of memory into a 16-bit I/O port fifo.
+
+  Writes the 16-bit I/O fifo port specified by Port.
+  The port is written Count times, and the write data is
+  retrieved from the provided Buffer.
+
+  This function must guarantee that all I/O write and write operations are
+  serialized.
+
+  If 16-bit I/O port operations are not

[edk2-devel] [PATCH V8 08/47] MdePkg: Support mmio for Tdx guest in BaseIoLibIntrinsic

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

TDVF access MMIO with TDG.VP.VMCALL to invoke VMM provided emulation
functions. If the access to MMIO fails, it fall backs to the direct
access.

BaseIoLibIntrinsic.inf is the IoLib used by other packages. It will
not support I/O in Td guest. But some files are shared between
BaseIoLibIntrinsic and BaseIoLibIntrinsicSev (IoLib.c is the example). So
IoLibInternalTdxNull.c (which holds the null stub of the Td I/O routines)
is included in BaseIoLibIntrinsic.inf. BaseIoLibIntrinsic.inf doesn't
import TdxLib so that the Pkgs which include BaseIoLibIntrinsic.inf
need not include TdxLib.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 .../BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf |  2 +
 .../BaseIoLibIntrinsicSev.inf |  3 +
 MdePkg/Library/BaseIoLibIntrinsic/IoLib.c | 81 +--
 3 files changed, 78 insertions(+), 8 deletions(-)

diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf 
b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
index 97eeada0656e..27b15d9ae256 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
+++ b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
@@ -34,6 +34,8 @@
   IoLibMmioBuffer.c
   BaseIoLibIntrinsicInternal.h
   IoHighLevel.c
+  IoLibInternalTdxNull.c
+  IoLibTdx.h
 
 [Sources.IA32]
   IoLibGcc.c| GCC
diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf 
b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
index 336d79736d9a..a74e54bee8b5 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
+++ b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
@@ -30,17 +30,20 @@
   IoLibMmioBuffer.c
   BaseIoLibIntrinsicInternal.h
   IoHighLevel.c
+  IoLibTdx.h
 
 [Sources.IA32]
   IoLibGcc.c| GCC
   IoLibMsc.c| MSFT
   IoLib.c
+  IoLibInternalTdxNull.c
   Ia32/IoFifoSev.nasm
 
 [Sources.X64]
   IoLibGcc.c| GCC
   IoLibMsc.c| MSFT
   IoLib.c
+  IoLibInternalTdx.c
   X64/IoFifoSev.nasm
 
 [Packages]
diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLib.c 
b/MdePkg/Library/BaseIoLibIntrinsic/IoLib.c
index 9d42e21a691c..5bd02b56a1fa 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/IoLib.c
+++ b/MdePkg/Library/BaseIoLibIntrinsic/IoLib.c
@@ -7,6 +7,7 @@
 **/
 
 #include "BaseIoLibIntrinsicInternal.h"
+#include "IoLibTdx.h"
 
 /**
   Reads a 64-bit I/O port.
@@ -69,6 +70,8 @@ IoWrite64 (
 
   If 8-bit MMIO register operations are not supported, then ASSERT().
 
+  For Td guest TDVMCALL_MMIO is invoked to read MMIO registers.
+
   @param  Address The MMIO register to read.
 
   @return The value read.
@@ -86,7 +89,13 @@ MmioRead8 (
   Flag = FilterBeforeMmIoRead (FilterWidth8, Address, &Value);
   if (Flag) {
 MemoryFence ();
-Value = *(volatile UINT8 *)Address;
+
+if (IsTdxGuest ()) {
+  Value = TdMmioRead8 (Address);
+} else {
+  Value = *(volatile UINT8 *)Address;
+}
+
 MemoryFence ();
   }
 
@@ -104,6 +113,8 @@ MmioRead8 (
 
   If 8-bit MMIO register operations are not supported, then ASSERT().
 
+  For Td guest TDVMCALL_MMIO is invoked to write MMIO registers.
+
   @param  Address The MMIO register to write.
   @param  Value   The value to write to the MMIO register.
 
@@ -122,7 +133,13 @@ MmioWrite8 (
   Flag = FilterBeforeMmIoWrite (FilterWidth8, Address, &Value);
   if (Flag) {
 MemoryFence ();
-*(volatile UINT8 *)Address = Value;
+
+if (IsTdxGuest ()) {
+  TdMmioWrite8 (Address, Value);
+} else {
+  *(volatile UINT8 *)Address = Value;
+}
+
 MemoryFence ();
   }
 
@@ -141,6 +158,8 @@ MmioWrite8 (
   If 16-bit MMIO register operations are not supported, then ASSERT().
   If Address is not aligned on a 16-bit boundary, then ASSERT().
 
+  For Td guest TDVMCALL_MMIO is invoked to read MMIO registers.
+
   @param  Address The MMIO register to read.
 
   @return The value read.
@@ -159,7 +178,13 @@ MmioRead16 (
   Flag = FilterBeforeMmIoRead (FilterWidth16, Address, &Value);
   if (Flag) {
 MemoryFence ();
-Value = *(volatile UINT16 *)Address;
+
+if (IsTdxGuest ()) {
+  Value = TdMmioRead16 (Address);
+} else {
+  Value = *(volatile UINT16 *)Address;
+}
+
 MemoryFence ();
   }
 
@@ -178,6 +203,8 @@ MmioRead16 (
   If 16-bit MMIO register operations are not supported, then ASSERT().
   If Address is not aligned on a 16-bit boundary, then ASSERT().
 
+  For Td guest TDVMCALL_MMIO is invoked to write MMIO registers.
+
   @param  Address The MMIO register to write.
   @param  Value   The value to write to the MMIO register.
 
@@ -198,7 +225,13 @@ MmioWrite16 (
   Flag = FilterBeforeMmIoWrite (FilterWidth16, Address, &Value);
   if (Flag) {
 MemoryFence ();
-*(volatile UINT16 *)Address = Value;
+

[edk2-devel] [PATCH V8 07/47] MdePkg: Add helper functions for Tdx guest in BaseIoLibIntrinsic

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Intel TDX architecture does not prescribe a specific software convention
to perform I/O from the guest TD. Guest TD providers have many choices to
provide I/O to the guest. The common I/O models are emulated devices,
para-virtualized devices, SRIOV devices and Direct Device assignments.

TDVF chooses para-virtualized I/O (Choice-A) which use the TDG.VP.VMCALL
function to invoke the funtions provided by the host VMM to perform I/O.
Another choice (Choice-B) is the emulation performed by the #VE handler.

There are 2 benefits of para-virtualized I/O:
1. Performance.
   VMEXIT/VMENTRY is skipped so that the performance is better than #VE
   handler.
2. De-couple with #VE handler.
   Choice-B depends on the #VE handler which means I/O is not available
   until #VE handler is installed. For example, in PEI phase #VE handler
   is installed in CpuMpPei, while communication with Qemu (via I/O port)
   happen earlier than it.

IoLibInternalTdx.c provides the helper functions for Tdx guest.
IoLibInternalTdxNull.c provides the null version of the helper functions.
It is included in the Non-X64 IoLib so that the build will not be broken.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 .../BaseIoLibIntrinsicSev.inf |   2 +
 .../BaseIoLibIntrinsic/IoLibInternalTdx.c | 674 ++
 .../BaseIoLibIntrinsic/IoLibInternalTdxNull.c | 497 +
 MdePkg/Library/BaseIoLibIntrinsic/IoLibTdx.h  | 410 +++
 4 files changed, 1583 insertions(+)
 create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
 create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdxNull.c
 create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibTdx.h

diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf 
b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
index 34f9d1d1062f..336d79736d9a 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
+++ b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
@@ -51,3 +51,5 @@
   BaseLib
   RegisterFilterLib
 
+[LibraryClasses.X64]
+  TdxLib
diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c 
b/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
new file mode 100644
index ..1e539dbfbbad
--- /dev/null
+++ b/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
@@ -0,0 +1,674 @@
+/** @file
+  TDX I/O Library routines.
+
+  Copyright (c) 2020-2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+#include "BaseIoLibIntrinsicInternal.h"
+#include 
+#include 
+#include 
+#include 
+#include "IoLibTdx.h"
+
+// Size of TDVMCALL Access, including IO and MMIO
+#define TDVMCALL_ACCESS_SIZE_1  1
+#define TDVMCALL_ACCESS_SIZE_2  2
+#define TDVMCALL_ACCESS_SIZE_4  4
+#define TDVMCALL_ACCESS_SIZE_8  8
+
+// Direction of TDVMCALL Access, including IO and MMIO
+#define TDVMCALL_ACCESS_READ   0
+#define TDVMCALL_ACCESS_WRITE  1
+
+BOOLEAN  mTdxEnabled = FALSE;
+BOOLEAN  mTdxProbed  = FALSE;
+
+/**
+  Check if it is Tdx guest.
+
+  @return TRUEIt is Tdx guest
+  @return FALSE   It is not Tdx guest
+
+**/
+BOOLEAN
+EFIAPI
+IsTdxGuest (
+  VOID
+  )
+{
+  if (mTdxProbed) {
+return mTdxEnabled;
+  }
+
+  mTdxEnabled = TdIsEnabled ();
+  mTdxProbed  = TRUE;
+
+  return mTdxEnabled;
+}
+
+/**
+  Reads an 8-bit I/O port.
+
+  TDVMCALL_IO is invoked to read I/O port.
+
+  @param  Port  The I/O port to read.
+
+  @return The value read.
+
+**/
+UINT8
+EFIAPI
+TdIoRead8 (
+  IN  UINTN  Port
+  )
+{
+  UINT64  Status;
+  UINT64  Val;
+
+  Status = TdVmCall (TDVMCALL_IO, TDVMCALL_ACCESS_SIZE_1, 
TDVMCALL_ACCESS_READ, Port, 0, &Val);
+  if (Status != 0) {
+TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
+  }
+
+  return (UINT8)Val;
+}
+
+/**
+  Reads a 16-bit I/O port.
+
+  TDVMCALL_IO is invoked to write I/O port.
+
+  @param  Port  The I/O port to read.
+
+  @return The value read.
+
+**/
+UINT16
+EFIAPI
+TdIoRead16 (
+  IN  UINTN  Port
+  )
+{
+  UINT64  Status;
+  UINT64  Val;
+
+  ASSERT ((Port & 1) == 0);
+
+  Status = TdVmCall (TDVMCALL_IO, TDVMCALL_ACCESS_SIZE_2, 
TDVMCALL_ACCESS_READ, Port, 0, &Val);
+  if (Status != 0) {
+TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
+  }
+
+  return (UINT16)Val;
+}
+
+/**
+  Reads a 32-bit I/O port.
+
+  TDVMCALL_IO is invoked to read I/O port.
+
+  @param  Port  The I/O port to read.
+
+  @return The value read.
+
+**/
+UINT32
+EFIAPI
+TdIoRead32 (
+  IN  UINTN  Port
+  )
+{
+  UINT64  Status;
+  UINT64  Val;
+
+  ASSERT ((Port & 3) == 0);
+
+  Status = TdVmCall (TDVMCALL_IO, TDVMCALL_ACCESS_SIZE_4, 
TDVMCALL_ACCESS_READ, Port, 0, &Val);
+  if (Status != 0) {
+TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
+  }
+
+  return (UINT32)Val;
+}
+
+/**
+  Writes an 8-bit I/O port.
+
+  

[edk2-devel] [PATCH V8 06/47] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Add base support to handle #VE exceptions. Update the common exception
handlers to invoke the VmTdExitHandleVe () function of the VmgExitLib
library when a #VE is encountered. A non-zero return code will propagate
to the targeted exception handler.

Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 .../PeiDxeSmmCpuException.c| 17 +
 .../SecPeiCpuException.c   | 18 ++
 2 files changed, 35 insertions(+)

diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c 
b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c
index 762ea2460f91..4fa3f8202a33 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiDxeSmmCpuException.c
@@ -45,6 +45,23 @@ CommonExceptionHandlerWorker (
 }
   }
 
+  if (ExceptionType == VE_EXCEPTION) {
+EFI_STATUS  Status;
+//
+// #VE needs to be handled immediately upon enabling exception handling
+// and therefore can't use the RegisterCpuInterruptHandler() interface.
+//
+// Handle the #VE:
+//   On EFI_SUCCESS - Exception has been handled, return
+//   On other   - ExceptionType contains (possibly new) exception
+//value
+//
+Status = VmTdExitHandleVe (&ExceptionType, SystemContext);
+if (!EFI_ERROR (Status)) {
+  return;
+}
+  }
+
   ExceptionHandlerContext  = (EXCEPTION_HANDLER_CONTEXT 
*)(UINTN)(SystemContext.SystemContextIa32);
   ReservedVectors  = ExceptionHandlerData->ReservedVectors;
   ExternalInterruptHandler = ExceptionHandlerData->ExternalInterruptHandler;
diff --git a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c 
b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
index c614d5b0b6f1..148d89011721 100644
--- a/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
+++ b/UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuException.c
@@ -43,6 +43,24 @@ CommonExceptionHandler (
 }
   }
 
+  if (ExceptionType == VE_EXCEPTION) {
+EFI_STATUS  Status;
+//
+// #VE needs to be handled immediately upon enabling exception handling
+// and therefore can't use the RegisterCpuInterruptHandler() interface
+// (which isn't supported under Sec and Pei anyway).
+//
+// Handle the #VE:
+//   On EFI_SUCCESS - Exception has been handled, return
+//   On other   - ExceptionType contains (possibly new) exception
+//value
+//
+Status = VmTdExitHandleVe (&ExceptionType, SystemContext);
+if (!EFI_ERROR (Status)) {
+  return;
+}
+  }
+
   //
   // Initialize the serial port before dumping.
   //
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87474): https://edk2.groups.io/g/devel/message/87474
Mute This Topic: https://groups.io/mt/89725396/21656
Mute #ve:https://edk2.groups.io/g/devel/mutehashtag/ve
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 05/47] OvmfPkg: Extend VmgExitLib to handle #VE exception

[Min Xu]

RFC： https://bugzilla.tianocore.org/show_bug.cgi?id=3429

The base VmgExitLib library provides a default limited interface to
handle #VE exception. To provide full support, the OVMF version of
VmgExitLib is extended to provide full support of #VE handler.

Cc: Ard Biesheuvel 
Cc: Jiewen Yao 
Cc: Jordan Justen 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf  |   3 +-
 OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h  |  32 +
 .../Library/VmgExitLib/VmTdExitVeHandler.c| 559 ++
 OvmfPkg/Library/VmgExitLib/VmgExitLib.inf |   2 +
 .../Library/VmgExitLib/X64/TdVmcallCpuid.nasm | 146 +
 5 files changed, 741 insertions(+), 1 deletion(-)
 create mode 100644 OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h
 create mode 100644 OvmfPkg/Library/VmgExitLib/VmTdExitVeHandler.c
 create mode 100644 OvmfPkg/Library/VmgExitLib/X64/TdVmcallCpuid.nasm

diff --git a/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf 
b/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
index 78207fa0f9c9..f9bd4974f6dc 100644
--- a/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
+++ b/OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf
@@ -25,6 +25,8 @@
   VmgExitVcHandler.c
   VmgExitVcHandler.h
   SecVmgExitVcHandler.c
+  VmTdExitVeHandler.c
+  X64/TdVmcallCpuid.nasm
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -44,4 +46,3 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
-
diff --git a/OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h 
b/OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h
new file mode 100644
index ..7eacd0872f46
--- /dev/null
+++ b/OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h
@@ -0,0 +1,32 @@
+/** @file
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef VMTD_EXIT_HANDLER_H_
+#define VMTD_EXIT_HANDLER_H_
+
+#include 
+#include 
+
+/**
+  This function enable the TD guest to request the VMM to emulate CPUID
+  operation, especially for non-architectural, CPUID leaves.
+
+  @param[in]  EaxMain leaf of the CPUID
+  @param[in]  EcxSub-leaf of the CPUID
+  @param[out] ResultsReturned result of CPUID operation
+
+  @return EFI_SUCCESS
+**/
+EFI_STATUS
+EFIAPI
+TdVmCallCpuid (
+  IN UINT64  Eax,
+  IN UINT64  Ecx,
+  OUT VOID   *Results
+  );
+
+#endif
diff --git a/OvmfPkg/Library/VmgExitLib/VmTdExitVeHandler.c 
b/OvmfPkg/Library/VmgExitLib/VmTdExitVeHandler.c
new file mode 100644
index ..b73e877c093b
--- /dev/null
+++ b/OvmfPkg/Library/VmgExitLib/VmTdExitVeHandler.c
@@ -0,0 +1,559 @@
+/** @file
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include "VmTdExitHandler.h"
+#include 
+#include 
+#include 
+#include 
+
+typedef union {
+  struct {
+UINT32Eax;
+UINT32Edx;
+  } Regs;
+  UINT64Val;
+} MSR_DATA;
+
+typedef union {
+  UINT8Val;
+  struct {
+UINT8B : 1;
+UINT8X : 1;
+UINT8R : 1;
+UINT8W : 1;
+  } Bits;
+} REX;
+
+typedef union {
+  UINT8Val;
+  struct {
+UINT8Rm  : 3;
+UINT8Reg : 3;
+UINT8Mod : 2;
+  } Bits;
+} MODRM;
+
+typedef struct {
+  UINT64Regs[4];
+} CPUID_DATA;
+
+/**
+  Handle an CPUID event.
+
+  Use the TDVMCALL instruction to handle cpuid #ve
+
+  @param[in, out] Regs x64 processor context
+  @param[in]  Veinfo   VE Info
+
+  @retval 0Event handled successfully
+  @return  New exception value to propagate
+**/
+STATIC
+UINT64
+EFIAPI
+CpuIdExit (
+  IN EFI_SYSTEM_CONTEXT_X64 *Regs,
+  IN TDCALL_VEINFO_RETURN_DATA  *Veinfo
+  )
+{
+  CPUID_DATA  CpuIdData;
+  UINT64  Status;
+
+  Status = TdVmCallCpuid (Regs->Rax, Regs->Rcx, &CpuIdData);
+
+  if (Status == 0) {
+Regs->Rax = CpuIdData.Regs[0];
+Regs->Rbx = CpuIdData.Regs[1];
+Regs->Rcx = CpuIdData.Regs[2];
+Regs->Rdx = CpuIdData.Regs[3];
+  }
+
+  return Status;
+}
+
+/**
+  Handle an IO event.
+
+  Use the TDVMCALL instruction to handle either an IO read or an IO write.
+
+  @param[in, out] Regs x64 processor context
+  @param[in]  Veinfo   VE Info
+
+  @retval 0Event handled successfully
+  @return  New exception value to propagate
+**/
+STATIC
+UINT64
+EFIAPI
+IoExit (
+  IN OUT EFI_SYSTEM_CONTEXT_X64  *Regs,
+  IN TDCALL_VEINFO_RETURN_DATA   *Veinfo
+  )
+{
+  BOOLEAN  Write;
+  UINTNSize;
+  UINTNPort;
+  UINT64   Val;
+  UINT64   RepCnt;
+  UINT64   Status;
+
+  Val   = 0;
+  Write = Veinfo->ExitQualification.Io.Direction ? FALSE : TRUE;
+  Size  = Veinfo->ExitQualification.Io.Size + 1;
+  Port  = Veinfo->ExitQualification.Io.Port;
+
+ 

[edk2-devel] [PATCH V8 04/47] UefiCpuPkg: Extend VmgExitLibNull to handle #VE exception

[Min Xu]

RFC： https://bugzilla.tianocore.org/show_bug.cgi?id=3429

VmgExitLib performs the necessary processing to handle a #VC exception.
VmgExitLibNull is a NULL instance of VmgExitLib which provides a
default limited interface. In this commit VmgExitLibNull is extended to
handle a #VE exception with a default limited interface. A full feature
version of #VE handler will be created later.

Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Eric Dong 
Cc: Ray Ni 
Cc: Rahul Kumar 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Signed-off-by: Min Xu 
---
 UefiCpuPkg/Include/Library/VmgExitLib.h   | 28 ++
 .../Library/VmgExitLibNull/VmTdExitNull.c | 38 +++
 .../Library/VmgExitLibNull/VmgExitLibNull.inf |  1 +
 3 files changed, 67 insertions(+)
 create mode 100644 UefiCpuPkg/Library/VmgExitLibNull/VmTdExitNull.c

diff --git a/UefiCpuPkg/Include/Library/VmgExitLib.h 
b/UefiCpuPkg/Include/Library/VmgExitLib.h
index ebda1c3d907c..f9f911099a7b 100644
--- a/UefiCpuPkg/Include/Library/VmgExitLib.h
+++ b/UefiCpuPkg/Include/Library/VmgExitLib.h
@@ -15,6 +15,8 @@
 #include 
 #include 
 
+#define VE_EXCEPTION  20
+
 /**
   Perform VMGEXIT.
 
@@ -142,4 +144,30 @@ VmgExitHandleVc (
   IN OUT EFI_SYSTEM_CONTEXT  SystemContext
   );
 
+/**
+  Handle a #VE exception.
+
+  Performs the necessary processing to handle a #VE exception.
+
+  The base library function returns an error equal to VE_EXCEPTION,
+  to be propagated to the standard exception handling stack.
+
+  @param[in, out]  ExceptionType  Pointer to an EFI_EXCEPTION_TYPE to be set
+  as value to use on error.
+  @param[in, out]  SystemContext  Pointer to EFI_SYSTEM_CONTEXT
+
+  @retval  EFI_SUCCESSException handled
+  @retval  EFI_UNSUPPORTED#VE not supported, (new) exception value to
+  propagate provided
+  @retval  EFI_PROTOCOL_ERROR #VE handling failed, (new) exception value to
+  propagate provided
+
+**/
+EFI_STATUS
+EFIAPI
+VmTdExitHandleVe (
+  IN OUT EFI_EXCEPTION_TYPE  *ExceptionType,
+  IN OUT EFI_SYSTEM_CONTEXT  SystemContext
+  );
+
 #endif
diff --git a/UefiCpuPkg/Library/VmgExitLibNull/VmTdExitNull.c 
b/UefiCpuPkg/Library/VmgExitLibNull/VmTdExitNull.c
new file mode 100644
index ..6a4e8087cb89
--- /dev/null
+++ b/UefiCpuPkg/Library/VmgExitLibNull/VmTdExitNull.c
@@ -0,0 +1,38 @@
+/** @file
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+#include 
+#include 
+#include 
+
+/**
+  Handle a #VE exception.
+
+  Performs the necessary processing to handle a #VE exception.
+
+  @param[in, out]  ExceptionType  Pointer to an EFI_EXCEPTION_TYPE to be set
+  as value to use on error.
+  @param[in, out]  SystemContext  Pointer to EFI_SYSTEM_CONTEXT
+
+  @retval  EFI_SUCCESSException handled
+  @retval  EFI_UNSUPPORTED#VE not supported, (new) exception value to
+  propagate provided
+  @retval  EFI_PROTOCOL_ERROR #VE handling failed, (new) exception value to
+  propagate provided
+
+**/
+EFI_STATUS
+EFIAPI
+VmTdExitHandleVe (
+  IN OUT EFI_EXCEPTION_TYPE  *ExceptionType,
+  IN OUT EFI_SYSTEM_CONTEXT  SystemContext
+  )
+{
+  *ExceptionType = VE_EXCEPTION;
+
+  return EFI_UNSUPPORTED;
+}
diff --git a/UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf 
b/UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
index d8770a21c355..4aab601939ff 100644
--- a/UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
+++ b/UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
@@ -17,6 +17,7 @@
 
 [Sources.common]
   VmgExitLibNull.c
+  VmTdExitNull.c
 
 [Packages]
   MdePkg/MdePkg.dec
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87472): https://edk2.groups.io/g/devel/message/87472
Mute This Topic: https://groups.io/mt/89725394/21656
Mute #ve:https://edk2.groups.io/g/devel/mutehashtag/ve
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V8 03/47] MdePkg: Add TdxLib to wrap Tdx operations

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
 - TdAcceptPages   : Accept pending private pages and initialize the pages
 to all-0 using the TD ephemeral private key.
 - TdExtendRtmr: Extend measurement to one of the RTMR registers.
 - TdSharedPageMask: Get the Td guest shared page mask which indicates it
 is a Shared or Private page.
 - TdMaxVCpuNum: Get the maximum number of virtual CPUs.
 - TdVCpuNum   : Get the number of virtual CPUs.

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 MdePkg/Include/Library/TdxLib.h |  92 ++
 MdePkg/Library/TdxLib/AcceptPages.c | 181 
 MdePkg/Library/TdxLib/Rtmr.c|  84 +
 MdePkg/Library/TdxLib/TdInfo.c  | 115 ++
 MdePkg/Library/TdxLib/TdxLib.inf|  37 ++
 MdePkg/Library/TdxLib/TdxLibNull.c  | 106 
 MdePkg/MdePkg.dec   |   3 +
 MdePkg/MdePkg.dsc   |   1 +
 8 files changed, 619 insertions(+)
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Library/TdxLib/AcceptPages.c
 create mode 100644 MdePkg/Library/TdxLib/Rtmr.c
 create mode 100644 MdePkg/Library/TdxLib/TdInfo.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLib.inf
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c

diff --git a/MdePkg/Include/Library/TdxLib.h b/MdePkg/Include/Library/TdxLib.h
new file mode 100644
index ..55f0436cca1f
--- /dev/null
+++ b/MdePkg/Include/Library/TdxLib.h
@@ -0,0 +1,92 @@
+/** @file
+  TdxLib definitions
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef TDX_LIB_H_
+#define TDX_LIB_H_
+
+/**
+  This function accepts a pending private page, and initialize the page to
+  all-0 using the TD ephemeral private key.
+
+  @param[in]  StartAddress Guest physical address of the private page
+   to accept. [63:52] and [11:0] must be 0.
+  @param[in]  NumberOfPagesNumber of the pages to be accepted.
+  @param[in]  PageSize GPA page size. Accept 2M/4K page size.
+
+  @return EFI_SUCCESS
+**/
+EFI_STATUS
+EFIAPI
+TdAcceptPages (
+  IN UINT64  StartAddress,
+  IN UINT64  NumberOfPages,
+  IN UINT32  PageSize
+  );
+
+/**
+  This function extends one of the RTMR measurement register
+  in TDCS with the provided extension data in memory.
+  RTMR extending supports SHA384 which length is 48 bytes.
+
+  @param[in]  Data  Point to the data to be extended
+  @param[in]  DataLen   Length of the data. Must be 48
+  @param[in]  Index RTMR index
+
+  @return EFI_SUCCESS
+  @return EFI_INVALID_PARAMETER
+  @return EFI_DEVICE_ERROR
+
+**/
+EFI_STATUS
+EFIAPI
+TdExtendRtmr (
+  IN  UINT32  *Data,
+  IN  UINT32  DataLen,
+  IN  UINT8   Index
+  );
+
+/**
+  This function gets the Td guest shared page mask.
+
+  The guest indicates if a page is shared using the Guest Physical Address
+  (GPA) Shared (S) bit. If the GPA Width(GPAW) is 48, the S-bit is bit-47.
+  If the GPAW is 52, the S-bit is bit-51.
+
+  @return Shared page bit mask
+**/
+UINT64
+EFIAPI
+TdSharedPageMask (
+  VOID
+  );
+
+/**
+  This function gets the maximum number of Virtual CPUs that are usable for
+  Td Guest.
+
+  @return maximum Virtual CPUs number
+**/
+UINT32
+EFIAPI
+TdMaxVCpuNum (
+  VOID
+  );
+
+/**
+  This function gets the number of Virtual CPUs that are usable for Td
+  Guest.
+
+  @return Virtual CPUs number
+**/
+UINT32
+EFIAPI
+TdVCpuNum (
+  VOID
+  );
+
+#endif
diff --git a/MdePkg/Library/TdxLib/AcceptPages.c 
b/MdePkg/Library/TdxLib/AcceptPages.c
new file mode 100644
index ..3a2182e95f47
--- /dev/null
+++ b/MdePkg/Library/TdxLib/AcceptPages.c
@@ -0,0 +1,181 @@
+/** @file
+
+  Unaccepted memory is a special type of private memory. In Td guest
+  TDCALL [TDG.MEM.PAGE.ACCEPT] is invoked to accept the unaccepted
+  memory before use it.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+UINT64  mNumberOfDuplicatedAcceptedPages;
+
+#define TDX_ACCEPTPAGE_MAX_RETRIED  3
+
+// PageSize is mapped to PageLevel like below:
+// 4KB - 0, 2MB - 1
+UINT32  mTdxAcceptPageLevelMap[2] = {
+  SIZE_4KB,
+  SIZE_2MB
+};
+
+#define INVALID_ACCEPT_PAGELEVEL  ARRAY_SIZE(mTdxAcceptPageLevelMap)
+
+/**
+  This function gets the PageLevel according to the input page size.
+
+  @param[in]  PageSizePage size
+
+  @return UINT32  The mapped page level
+**/
+UINT32
+GetGpaPageLevel (
+  UINT32  PageSize
+  )
+{
+  UINT3

[edk2-devel] [PATCH V8 02/47] MdePkg: Introduce basic Tdx functions in BaseLib

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Introduce basic Tdx functions in BaseLib:
 - TdCall ()
 - TdVmCall ()
 - TdIsEnabled ()

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Brijesh Singh 
Cc: Erdem Aktas 
Cc: James Bottomley 
Cc: Jiewen Yao 
Cc: Tom Lendacky 
Cc: Gerd Hoffmann 
Acked-by: Gerd Hoffmann 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 MdePkg/Include/Library/BaseLib.h |  66 +++
 MdePkg/Library/BaseLib/BaseLib.inf   |   4 +
 MdePkg/Library/BaseLib/IntelTdxNull.c|  83 +
 MdePkg/Library/BaseLib/X64/TdCall.nasm   |  85 +
 MdePkg/Library/BaseLib/X64/TdProbe.c |  62 ++
 MdePkg/Library/BaseLib/X64/TdVmcall.nasm | 145 +++
 6 files changed, 445 insertions(+)
 create mode 100644 MdePkg/Library/BaseLib/IntelTdxNull.c
 create mode 100644 MdePkg/Library/BaseLib/X64/TdCall.nasm
 create mode 100644 MdePkg/Library/BaseLib/X64/TdProbe.c
 create mode 100644 MdePkg/Library/BaseLib/X64/TdVmcall.nasm

diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 6aa0d972186e..7cb7968f12e7 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -4759,6 +4759,72 @@ SpeculationBarrier (
   VOID
   );
 
+#if defined (MDE_CPU_X64) || defined (MDE_CPU_IA32)
+
+/**
+  The TDCALL instruction causes a VM exit to the Intel TDX module.  It is
+  used to call guest-side Intel TDX functions, either local or a TD exit
+  to the host VMM, as selected by Leaf.
+
+  @param[in]  LeafLeaf number of TDCALL instruction
+  @param[in]  Arg1Arg1
+  @param[in]  Arg2Arg2
+  @param[in]  Arg3Arg3
+  @param[in,out]  Results  Returned result of the Leaf function
+
+  @return EFI_SUCCESS
+  @return Other   See individual leaf functions
+**/
+UINTN
+EFIAPI
+TdCall (
+  IN UINT64Leaf,
+  IN UINT64Arg1,
+  IN UINT64Arg2,
+  IN UINT64Arg3,
+  IN OUT VOID  *Results
+  );
+
+/**
+  TDVMALL is a leaf function 0 for TDCALL. It helps invoke services from the
+  host VMM to pass/receive information.
+
+  @param[in] LeafNumber of sub-functions
+  @param[in] Arg1Arg1
+  @param[in] Arg2Arg2
+  @param[in] Arg3Arg3
+  @param[in] Arg4Arg4
+  @param[in,out] Results Returned result of the sub-function
+
+  @return EFI_SUCCESS
+  @return Other   See individual sub-functions
+
+**/
+UINTN
+EFIAPI
+TdVmCall (
+  IN UINT64Leaf,
+  IN UINT64Arg1,
+  IN UINT64Arg2,
+  IN UINT64Arg3,
+  IN UINT64Arg4,
+  IN OUT VOID  *Results
+  );
+
+/**
+  Probe if TD is enabled.
+
+  @return TRUETD is enabled.
+  @return FALSE   TD is not enabled.
+**/
+BOOLEAN
+EFIAPI
+TdIsEnabled (
+  VOID
+  );
+
+#endif
+
 #if defined (MDE_CPU_X64)
 //
 // The page size for the PVALIDATE instruction
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf 
b/MdePkg/Library/BaseLib/BaseLib.inf
index cebda3b210c1..16b7ac391705 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -210,6 +210,7 @@
   X86RdRand.c
   X86PatchInstruction.c
   X86SpeculationBarrier.c
+  IntelTdxNull.c
 
 [Sources.X64]
   X64/Thunk16.nasm
@@ -293,6 +294,9 @@
   X64/ReadCr0.nasm| MSFT
   X64/ReadEflags.nasm| MSFT
 
+  X64/TdCall.nasm
+  X64/TdVmcall.nasm
+  X64/TdProbe.c
 
   X64/Non-existing.c
   Math64.c
diff --git a/MdePkg/Library/BaseLib/IntelTdxNull.c 
b/MdePkg/Library/BaseLib/IntelTdxNull.c
new file mode 100644
index ..ec95470bd43e
--- /dev/null
+++ b/MdePkg/Library/BaseLib/IntelTdxNull.c
@@ -0,0 +1,83 @@
+/** @file
+
+  Null stub of TdxLib
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+
+/**
+  The TDCALL instruction causes a VM exit to the Intel TDX module.  It is
+  used to call guest-side Intel TDX functions, either local or a TD exit
+  to the host VMM, as selected by Leaf.
+  Leaf functions are described at 
+
+  @param[in]  LeafLeaf number of TDCALL instruction
+  @param[in]  Arg1Arg1
+  @param[in]  Arg2Arg2
+  @param[in]  Arg3Arg3
+  @param[in,out]  Results  Returned result of the Leaf function
+
+  @return EFI_SUCCESS
+  @return Other   See individual leaf functions
+**/
+UINTN
+EFIAPI
+TdCall (
+  IN UINT64Leaf,
+  IN UINT64Arg1,
+  IN UINT64Arg2,
+  IN UINT64Arg3,
+  IN OUT VOID  *Results
+  )
+{
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  TDVMALL is a leaf function 0 for TDCALL. It helps invoke services from the
+  host VMM to pass/receive information.
+
+  @param[in] LeafNumber of sub-functions
+  @param[in] Arg1Arg1
+  @param[in] Arg2Arg2
+  @param[in] Arg3Arg3
+  @param[in] Arg4Arg4
+  @param[in,out]

[edk2-devel] [PATCH V8 01/47] MdePkg: Add Tdx.h

[Min Xu]

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Tdx.h includes the Intel Trust Domain Extension definitions.

Detailed information can be found in below document:
https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-module-1eas-v0.85.039.pdf

Cc: Michael D Kinney 
Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Gerd Hoffmann 
Cc: Jiewen Yao 
Acked-by: Gerd Hoffmann 
Reviewed-by: Liming Gao 
Signed-off-by: Min Xu 
---
 MdePkg/Include/IndustryStandard/Tdx.h | 203 ++
 1 file changed, 203 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h

diff --git a/MdePkg/Include/IndustryStandard/Tdx.h 
b/MdePkg/Include/IndustryStandard/Tdx.h
new file mode 100644
index ..81df1361842b
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/Tdx.h
@@ -0,0 +1,203 @@
+/** @file
+  Intel Trust Domain Extension definitions
+  Detailed information is in below document:
+  https://software.intel.com/content/dam/develop/external/us/en/documents
+  /tdx-module-1eas-v0.85.039.pdf
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef MDE_PKG_TDX_H_
+#define MDE_PKG_TDX_H_
+
+#define EXIT_REASON_EXTERNAL_INTERRUPT  1
+#define EXIT_REASON_TRIPLE_FAULT2
+
+#define EXIT_REASON_PENDING_INTERRUPT7
+#define EXIT_REASON_NMI_WINDOW   8
+#define EXIT_REASON_TASK_SWITCH  9
+#define EXIT_REASON_CPUID10
+#define EXIT_REASON_HLT  12
+#define EXIT_REASON_INVD 13
+#define EXIT_REASON_INVLPG   14
+#define EXIT_REASON_RDPMC15
+#define EXIT_REASON_RDTSC16
+#define EXIT_REASON_VMCALL   18
+#define EXIT_REASON_VMCLEAR  19
+#define EXIT_REASON_VMLAUNCH 20
+#define EXIT_REASON_VMPTRLD  21
+#define EXIT_REASON_VMPTRST  22
+#define EXIT_REASON_VMREAD   23
+#define EXIT_REASON_VMRESUME 24
+#define EXIT_REASON_VMWRITE  25
+#define EXIT_REASON_VMOFF26
+#define EXIT_REASON_VMON 27
+#define EXIT_REASON_CR_ACCESS28
+#define EXIT_REASON_DR_ACCESS29
+#define EXIT_REASON_IO_INSTRUCTION   30
+#define EXIT_REASON_MSR_READ 31
+#define EXIT_REASON_MSR_WRITE32
+#define EXIT_REASON_INVALID_STATE33
+#define EXIT_REASON_MSR_LOAD_FAIL34
+#define EXIT_REASON_MWAIT_INSTRUCTION36
+#define EXIT_REASON_MONITOR_TRAP_FLAG37
+#define EXIT_REASON_MONITOR_INSTRUCTION  39
+#define EXIT_REASON_PAUSE_INSTRUCTION40
+#define EXIT_REASON_MCE_DURING_VMENTRY   41
+#define EXIT_REASON_TPR_BELOW_THRESHOLD  43
+#define EXIT_REASON_APIC_ACCESS  44
+#define EXIT_REASON_EOI_INDUCED  45
+#define EXIT_REASON_GDTR_IDTR46
+#define EXIT_REASON_LDTR_TR  47
+#define EXIT_REASON_EPT_VIOLATION48
+#define EXIT_REASON_EPT_MISCONFIG49
+#define EXIT_REASON_INVEPT   50
+#define EXIT_REASON_RDTSCP   51
+#define EXIT_REASON_PREEMPTION_TIMER 52
+#define EXIT_REASON_INVVPID  53
+#define EXIT_REASON_WBINVD   54
+#define EXIT_REASON_XSETBV   55
+#define EXIT_REASON_APIC_WRITE   56
+#define EXIT_REASON_RDRAND   57
+#define EXIT_REASON_INVPCID  58
+#define EXIT_REASON_VMFUNC   59
+#define EXIT_REASON_ENCLS60
+#define EXIT_REASON_RDSEED   61
+#define EXIT_REASON_PML_FULL 62
+#define EXIT_REASON_XSAVES   63
+#define EXIT_REASON_XRSTORS  64
+
+// TDCALL API Function Completion Status Codes
+#define TDX_EXIT_REASON_SUCCESS0x
+#define TDX_EXIT_REASON_PAGE_ALREADY_ACCEPTED  0x0B0A
+#define TDX_EXIT_REASON_PAGE_SIZE_MISMATCH 0xCB0B
+#define TDX_EXIT_REASON_OPERAND_INVALID0xC100
+#define TDX_EXIT_REASON_OPERAND_BUSY   0x8200
+
+// TDCALL [TDG.MEM.PAGE.ACCEPT] page size
+#define TDCALL_ACCEPT_PAGE_SIZE_4K  0
+#define TDCALL_ACCEPT_PAGE_SIZE_2M  1
+#define TDCALL_ACCEPT_PAGE_SIZE_1G  2
+
+#define TDCALL_TDVMCALL  0
+#define TDCALL_TDINFO1
+#define TDCALL_TDEXTENDRTMR  2
+#define TDCALL_TDGETVEINFO   3
+#define TDCALL_TDREPORT  4
+#define TDCALL_TDSETCPUIDVE  5
+#define TDCALL_TDACCEPTPAGE  6
+
+#define TDVMCALL_CPUID0xa
+#define TDVMCALL_HALT 0xc
+#define TDVMCALL_IO   0x0001e
+#define TDVMCALL_RDMSR0x0001f
+#define TDVMCALL_WRMSR0x00020
+#define TDVMCALL_MMIO 0x00030
+#define TDVMCALL_PCONFIG  0x00041
+
+#define TDVMCALL_GET_TDVMCALL_INFO   0x1
+#define TDVMCALL_MAPGPA  0x10001
+#define TDVMCALL_GET_QUOTE   0x10002
+#define TDVMCALL_REPORT_FATAL_ERR0x10003
+#define TDVMCALL_SETUP_EVENT_NOTIFY  0x10004
+
+#pragma pack(1)
+typedef struct {
+  UINT64Data[

[edk2-devel] [PATCH V8 00/47] Enable Intel TDX in OvmfPkg (Config-A)

[Min Xu]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3249

Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a 
Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
confidentiality of TD memory contents and the TD's CPU state from other
software, including the hosting Virtual-Machine Monitor (VMM), unless
explicitly shared by the TD itself.

There are 2 configurations for TDVF to upstream. See below link for
the definitions of the 2 configurations.
https://edk2.groups.io/g/devel/message/76367

This patch-set is to enable Config-A in OvmfPkg.
 - Merge the *basic* TDVF feature to existing OvmfX64Pkg.dsc. (Align
   with existing SEV)
 - Threat model: VMM is NOT out of TCB. (We don’t make things worse.)
 - The OvmfX64Pkg.dsc includes SEV/TDX/normal OVMF basic boot capability.
   The final binary can run on SEV/TDX/normal OVMF
 - No changes to existing OvmfPkgX64 image layout.
 - No need to add additional security features if they do not exist today
 - No need to remove features if they exist today.
 - RTMR is not supported
 - PEI phase is NOT skipped in either Td or Non-Td

Patch 01 - 33 are changes in SEC phase. Also some libraries in these
patches are workable in SEC/PEI/DXE.

Patch 16 - 29 extract the common codes from OvmfPkg/PlatformPei to a new
PlatformInitLib. After that OvmfPkg/PlatformPei is refactored with this
lib. These 14 patches are currently reviewed in another separate
patch-set. https://edk2.groups.io/g/devel/message/87327

Patch 34 - 39 are changes in PEI phase.

Patch 40 - 44 are changes in DXE phase.

Patch 45 - 47 are for local Apic timer DXE driver.

[TDX]: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-whitepaper-final9-17.pdf

[TDX-Module]: https://software.intel.com/content/dam/develop/external/
us/en/documents/tdx-module-1.0-public-spec-v0.931.pdf

[TDVF]: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-virtual-firmware-design-guide-rev-1.pdf

[GCHI]: https://software.intel.com/content/dam/develop/external/us/en/
documents/intel-tdx-guest-hypervisor-communication-interface-1.0-344426-002.pdf

Code is at https://github.com/mxu9/edk2/tree/tdvf_wave2.v8

v8 changes:
 - Based on the comments of PlatformInitLib and OvmfPkg/PlatformPei,
   a separte patch-set is created for the changes. It is now under review
   https://edk2.groups.io/g/devel/message/87327
 - Based on the comments, TdCall/TdVmCall/TdIsEnabled is wrapped with
   MDE_CPU_IA32 and MDE_CPU_X64.
 - EFI_RESOURCE_ATTRIBUTE_ENCRYPTED is removed based on the TDVF Spec
   update. Instead EFI_RESOURCE_MEMORY_UNACCEPTED is added to indicate
   the memory which to be accepted in TDVF. The corresponding logic
   of AcceptMemory is updated as well. Please see Patch 31.
 - PcdIa32EferChangeAllowed is deleted. Because for Td guest
   IA32_EFER.NXE is set by default. So we only need check whether it has
   been set before it is to be set again. See Patch 35.
 - Based on comments PcdTdxSharedBitMask is defined in
   [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
 - Delete un-necessary header files in TdxLib.h.
 - Other minor updates and changes.

v7 changes:
 - Based on the comments from last review, 8 PlatformInitLib patches
   are squashed into 4 patches (#17-#20). These 4 patches are not
   related to Tdx guest. Tdx related codes of PlatformInitLib is
   in #21.
 - gUefiOvmfPkgTdxPlatformGuid is renamed as gUefiOvmfPkgPlatformInfoGuid.
   Because this GUID is used not only by Tdx guest, but also by
   Legacy guest.
 - PlatformInitLibNull is deleted.
 - In PlatformPei Pml4Entries is cap at 512 entries when
   mPhysMemAddressWidth > 48.

v7 not-addressed comments
 - Comments in MpInitLib have not been addressed yet. It will be
   addressed in the following version.
 - Thanks much for your understanding.

v6 changes:
 - PlatformInitLib and OvmfPkg/PlatformPei refactoring are covered in
   patch from 17 - 24. These patches are not related to Tdx guest. Tdx
   related codes of PlatformInitLib is in patch 25.
 - In the previous patch-sets, TdHob is processed in
   OvmfPkg/Sec/IntelTdx.c. Per Gerd's suggestion they are now moved
   to PlatformInitLib/IntelTdx.c. So that they can be reused in Config-B.
 - The default Accept page size is changed from 4K to 2M.
 - The BspAcceptMemoryResourceRange is refactored according to Gerd's
   comment.
 - In ApRunLoop.nasm command field is set to zero as acknowledgement.
   This is a fix based on the ACPI Spec v6.4,Sec titled "Multiprocessor
   Wakeup Structure".

v6 not-addressed comments
 - Comments in MpInitLib have not been addressed yet. It will be
   addressed in the following version.
 - Thanks much for your understanding.

v5 changes:
 - PlatformInitLib is introduced which wraps the common functions in
   OvmfPkg/PlatformPei. It is becaus

[edk2-devel][edk2-platforms][PATCH V1 1/1] WhitleyOpenBoardPkg/JunctionCity: Build ACPI content

[Oram, Isaac W]

Use source versions of AcpiTables, AcpiPlatform, and StaticSkuDataDxe.

Cc: Nate DeSimone 
Cc: Chasel Chiu 
Cc: Manickavasakam Karpagavinayagam 
Signed-off-by: Isaac Oram 
---
 Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/PlatformPkg.fdf  |  3 +
 Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/build_board.py   | 63 

 Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/build_config.cfg | 15 +
 3 files changed, 81 insertions(+)

diff --git a/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/PlatformPkg.fdf 
b/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/PlatformPkg.fdf
index 0b919b5ea9..b72aa2b688 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/PlatformPkg.fdf
+++ b/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/PlatformPkg.fdf
@@ -601,6 +601,7 @@ SET gMinPlatformPkgTokenSpaceGuid.PcdFlashAreaSize 
= 0x0100
   # UBA DXE common and board specific components
   #
   !include WhitleyOpenBoardPkg/Uba/UbaDxeCommon.fdf
+  INF $(RP_PKG)/Uba/UbaMain/StaticSkuDataDxe/StaticSkuDataDxe.inf
   INF 
$(RP_PKG)/$(BOARD_NAME)/Uba/TypeJunctionCity/Dxe/UsbOcUpdateDxe/UsbOcUpdateDxe.inf
   INF 
$(RP_PKG)/$(BOARD_NAME)/Uba/TypeJunctionCity/Dxe/IioCfgUpdateDxe/IioCfgUpdateDxe.inf
   INF 
$(RP_PKG)/$(BOARD_NAME)/Uba/TypeJunctionCity/Dxe/SlotDataUpdateDxe/SlotDataUpdateDxe.inf
@@ -682,6 +683,8 @@ SET gMinPlatformPkgTokenSpaceGuid.PcdFlashAreaSize 
= 0x0100
   INF  BoardModulePkg/LegacySioDxe/LegacySioDxe.inf
   INF  MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
 
+  INF  RuleOverride = ACPITABLE 
WhitleyOpenBoardPkg/Features/Acpi/AcpiTables/AcpiTables10nm.inf
+  INF  WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatform.inf
   INF  WhitleyOpenBoardPkg/Features/AcpiVtd/AcpiVtd.inf
   INF  MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.inf
 
diff --git a/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/build_board.py 
b/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/build_board.py
index 33698f9809..72d0c5089a 100644
--- a/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/build_board.py
+++ b/Platform/Intel/WhitleyOpenBoardPkg/JunctionCity/build_board.py
@@ -25,6 +25,7 @@ def pre_build_ex(config, functions):
 :returns: nothing
 """
 print("pre_build_ex")
+
 config["BUILD_DIR_PATH"] = os.path.join(config["WORKSPACE"],
 'Build',
 config["PLATFORM_BOARD_PACKAGE"],
@@ -55,6 +56,68 @@ def pre_build_ex(config, functions):
 
 if config.get("API_MODE_FSP_WRAPPER_BUILD", "FALSE") == "TRUE":
 raise ValueError("FSP API Mode is currently unsupported on Ice Lake 
Xeon Scalable")
+
+# Build the ACPI AML offset table *.offset.h
+print("Info: re-generating PlatformOffset header files")
+
+execute_script = functions.get("execute_script")
+
+command = ["build", "-D", "MAX_SOCKET=" + config["MAX_SOCKET"]]
+
+if config["EXT_BUILD_FLAGS"] and config["EXT_BUILD_FLAGS"] != "":
+ext_build_flags = config["EXT_BUILD_FLAGS"].split(" ")
+ext_build_flags = [x.strip() for x in ext_build_flags]
+ext_build_flags = [x for x in ext_build_flags if x != ""]
+command.extend(ext_build_flags)
+
+aml_offsets_split = 
os.path.split(os.path.normpath(config["AML_OFFSETS_PATH"]))
+command.append("-p")
+command.append(os.path.normpath(config["AML_OFFSETS_PATH"]) + '.dsc')
+command.append("-m")
+command.append(os.path.join(aml_offsets_split[0], aml_offsets_split[1], 
aml_offsets_split[1] + '.inf'))
+command.append("-y")
+command.append(os.path.join(config["WORKSPACE"], "PreBuildReport.txt"))
+command.append("--log=" + os.path.join(config["WORKSPACE"], 
"PreBuild.log"))
+
+_, _, _, code = execute_script(command, config)
+if code != 0:
+print(" ".join(command))
+print("Error re-generating PlatformOffset header files")
+sys.exit(1)
+
+# Build AmlGenOffset command to consume the *.offset.h and produce 
AmlOffsetTable.c for StaticSkuDataDxe use.
+
+# Get destination path and filename from config
+relative_file_path = 
os.path.normpath(config["STRIPPED_AML_OFFSETS_FILE_PATH"]) # get path 
relative to Platform/Intel
+out_file_path = os.path.join(config["WORKSPACE_PLATFORM"], 
relative_file_path)  # full path to output file
+out_file_dir = os.path.dirname(out_file_path)  
 # remove filename
+
+out_file_root_ext = os.path.splitext(os.path.basename(out_file_path))  
 # root and extension of output file
+
+# Get relative path for the generated offset.h file
+relative_dsdt_file_path = os.path.normpath(config["DSDT_TABLE_FILE_PATH"]) 
 # path relative to Platform/Intel
+dsdt_file_root_ext = 
os.path.splitext(os.path.basename(relative_dsdt_file_path))# root and 
extension of generated offset.h file
+
+# Generate output directory if it doesn't exist
+if not os.path.exists(out_file_dir):
+

Re: [edk2-devel][edk2-platforms][PATCH V1 0/9] Add Whitley AcpiPlatform driver

[Oram, Isaac W]

Pushed as: 3c40bddded..7cd51aa3c1

-Original Message-
From: Desimone, Nathaniel L  
Sent: Thursday, March 10, 2022 5:13 PM
To: Oram, Isaac W ; devel@edk2.groups.io
Cc: Chiu, Chasel 
Subject: RE: [edk2-devel][edk2-platforms][PATCH V1 0/9] Add Whitley 
AcpiPlatform driver

For the series...

Reviewed-by: Nate DeSimone 

-Original Message-
From: Oram, Isaac W  
Sent: Thursday, March 10, 2022 2:41 PM
To: devel@edk2.groups.io
Cc: Desimone, Nathaniel L ; Chiu, Chasel 

Subject: [edk2-devel][edk2-platforms][PATCH V1 0/9] Add Whitley AcpiPlatform 
driver

This series converts the AcpiPlatform driver for Whitley ICX to open source.
The driver requires libraries providing:
16-bit CRC service
A library to update the tables based on boot time data.
A board hook library to control publishing individual tables and to modify 
tables.
A library to build MADT and SRAT tables during boot.
A Universal Board Abstraction library to translate UBA data.

The driver consumes the AcpiTables data file and the AML opcode patching table 
From StaticSkuDataDxe driver.

This code does not support the CooperCity hardware at present.
The code depends on additional DynamicSiLibraryProtocol2 and updated 
WhitleyFspBinPkg content.

Cc: Nate DeSimone 
Cc: Chasel Chiu 
Signed-off-by: Isaac Oram 

Isaac Oram (9):
  WhitleyOpenBoardPkg: Add definitions needed for AcpiPlatform driver
  WhitleySiliconPkg: Add definitions used in ACPI subsystem
  WhitleyOpenBoardPkg/BaseCrcLib: Add library for CRC16
  WhitleyOpenBoardPkg: Add UbaPlatLib Library
  WhitleyOpenBoardPkg/PlatformSpecificAcpiTableLib: Add library
  WhitleyOpenBoardPkg/BuildAcpiTablesLib: Add lib for building MADT and
SRAT
  WhitleyOpenBoardPkg/AcpiTablesLib: Add library for AcpiPlatform driver
  WhitleyOpenBoardPkg/AcpiPlatform: Add driver for publishing ACPI
tables
  WhitleyOpenBoardPkg/Build: Remove confusing build options

 Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatform.c   
  |  754 +
 Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatform.h   
  |  117 ++
 Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatform.inf 
  |  107 ++
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatformHooks.c
|  384 +
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatformHooks.h
|   51 +
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatformUtils.c
|  133 ++
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatformUtils.h
|   66 +
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Acpi/AcpiPlatform/AcpiPlatformVTDHooks.c
 | 1762 
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Pci/Dxe/PciHostBridge/PciHostBridge.inf
  |1 +
 
Platform/Intel/WhitleyOpenBoardPkg/Features/Pci/Dxe/PciPlatform/PciPlatform.inf 
 |1 +
 Platform/Intel/WhitleyOpenBoardPkg/Include/Acpi/Madt.h 
  |  118 ++
 Platform/Intel/WhitleyOpenBoardPkg/Include/Acpi/Slit.h 
  |   75 +
 Platform/Intel/WhitleyOpenBoardPkg/Include/Acpi/Srat.h 
  |   53 +
 Platform/Intel/WhitleyOpenBoardPkg/Include/Acpi/amlresrc.h 
  |  542 ++
 Platform/Intel/WhitleyOpenBoardPkg/Include/Dsc/BuildOptions.dsc
  |   18 +-
 Platform/Intel/WhitleyOpenBoardPkg/Include/Library/AcpiPlatformLib.h   
  |  107 ++
 Platform/Intel/WhitleyOpenBoardPkg/Include/Library/BuildAcpiTablesLib.h
  |  111 ++
 Platform/Intel/WhitleyOpenBoardPkg/Include/Library/CrcLib.h
  |   42 +
 
Platform/Intel/WhitleyOpenBoardPkg/Include/Library/PlatformSpecificAcpiTableLib.h
|  129 ++
 Platform/Intel/WhitleyOpenBoardPkg/Include/Library/PlatformStatusCodes.h   
  |  364 
 Platform/Intel/WhitleyOpenBoardPkg/Include/Library/UbaFpkConfigLib.h   
  |   55 +
 Platform/Intel/WhitleyOpenBoardPkg/Include/Library/UbaSmbiosUpdateLib.h
  |  275 +++
 
Platform/Intel/WhitleyOpenBoardPkg/Library/AcpiPlatformTableLib/AcpiPlatformLib.c
|  534 ++
 
Platform/Intel/WhitleyOpenBoardPkg/Library/AcpiPlatformTableLib/AcpiPlatformLib.inf
  |  127 ++
 
Platform/Intel/WhitleyOpenBoardPkg/Library/AcpiPlatfor

[edk2-devel] [PATCH v1] MdeModulePkg/DxeIpl: Create 5-level page table for long mode

[Jason Lou]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2008

Correct the logic about whether 5-level paging is supported.

Signed-off-by: Jason Lou 
Cc: Ray Ni 
Cc: Dandan Bi 
Cc: Liming Gao 
---
 MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c 
b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
index 0700f310b2..1ebab27820 100644
--- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
+++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
@@ -15,7 +15,7 @@
 2) IA-32 Intel(R) Architecture Software Developer's Manual Volume 
2:Instruction Set Reference, Intel
 3) IA-32 Intel(R) Architecture Software Developer's Manual Volume 3:System 
Programmer's Guide, Intel
 
-Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2022, Intel Corporation. All rights reserved.
 Copyright (c) 2017, AMD Incorporated. All rights reserved.
 
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -748,8 +748,8 @@ CreateIdentityMappingPageTables (
   CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS,
   CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_SUB_LEAF_INFO,
   NULL,
-  &EcxFlags.Uint32,
   NULL,
+  &EcxFlags.Uint32,
   NULL
   );
 if (EcxFlags.Bits.FiveLevelPage != 0) {
-- 
2.28.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87465): https://edk2.groups.io/g/devel/message/87465
Mute This Topic: https://groups.io/mt/89713434/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [edk2][PATCH V1 1/1] ArmPkg: Handle warm reboot request correctly

[Sami Mujawar]

Hi Pranav,

Please see my response inline marked [SAMI].

Regards,

Sami Mujawar


On 11/03/2022 06:06 AM, Pranav Madhu wrote:

Hi Sami,

Thanks for your comments. Please find my reply inline.

Regards,
Pranav


-Original Message-
From: Sami Mujawar 
Sent: Thursday, March 10, 2022 9:01 PM
To: Pranav Madhu ; devel@edk2.groups.io
Cc: Ard Biesheuvel ; nd 
Subject: Re: [edk2][PATCH V1 1/1] ArmPkg: Handle warm reboot request
correctly

Hi Pranav,

Thank you for this patch.

Please find my response inline marked [SAMI].

Regards,

Sami Mujawar


On 10/03/2022 01:10 PM, Pranav Madhu wrote:

The warm reboot requests are mapped to cold reboot as the power
control module was not capable of handling the warm reboot requests in
the legacy implementation. The support for warm reboot support is
added into the power control module. To support warm reset, update
ArmPsciResetSystemLib, and there by invoke the PSCI call with
parameters for warm reboot.

Signed-off-by: Pranav Madhu 
---
   ArmPkg/Include/IndustryStandard/ArmStdSmc.h  | 1 +
   ArmPkg/Library/ArmPsciResetSystemLib/ArmPsciResetSystemLib.c | 7

+--

   2 files changed, 6 insertions(+), 2 deletions(-)

Link to github branch for this patch -
https://github.com/Pranav-Madhu/edk2/tree/topics/warm_reboot

diff --git a/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
b/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
index 655edc21b205..c9059dead6e9 100644
--- a/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
+++ b/ArmPkg/Include/IndustryStandard/ArmStdSmc.h
@@ -93,6 +93,7 @@
   #define ARM_SMC_ID_PSCI_MIGRATE_AARCH320x8405
   #define ARM_SMC_ID_PSCI_SYSTEM_OFF 0x8408
   #define ARM_SMC_ID_PSCI_SYSTEM_RESET   0x8409
+#define ARM_SMC_ID_PSCI_SYSTEM_RESET2_AARCH64  0xc412

   /* The current PSCI version is:  0.2 */
   #define ARM_SMC_PSCI_VERSION_MAJOR  0 diff --git
a/ArmPkg/Library/ArmPsciResetSystemLib/ArmPsciResetSystemLib.c
b/ArmPkg/Library/ArmPsciResetSystemLib/ArmPsciResetSystemLib.c
index 7bcd34849507..27e048ba0f7a 100644
--- a/ArmPkg/Library/ArmPsciResetSystemLib/ArmPsciResetSystemLib.c
+++ b/ArmPkg/Library/ArmPsciResetSystemLib/ArmPsciResetSystemLib.c
@@ -45,10 +45,13 @@ LibResetSystem (
 ARM_SMC_ARGS  ArmSmcArgs;

 switch (ResetType) {
+case EfiResetWarm:
+  ArmSmcArgs.Arg0 = ARM_SMC_ID_PSCI_SYSTEM_RESET2_AARCH64;
+  ArmSmcArgs.Arg1 = 0;
+  ArmSmcArgs.Arg2 = 0;
+  break;

[SAMI] SYSTEM_RESET2 is an optional feature and if not supported would
return NOT_SUPPORTED. So, if a platform does not support SYSTEM_RESET2,
should the code here fall back to SYSTEM_RESET?
According to the PSCI specification, it is the responsibility of the OS to check
that SYSTEM_RESET2 is supported before calling SYSTEM_RESET2 (I believe this
is applicable for the case where UEFI is not used to boot the OS). However, if
the runtime service ResetSystem() is invoked by the OS requesting a warm
reset, is it not the firmware's responsibility to ensure that SYSTEM_RESET2 is
supported? Any thoughts?

Right, from PSCI specification, what I understood is before invoking 
SYSTEM_RESET2, the OS should query the PSCI capabilities using PSCI_FEATURES 
for SYSTEM_RESET2. The OS should invoke RESET2 only if PSCI_FEATURES returns 0. 
From spec, what I understood is it is not the responsibility of firmware. If OS 
issue RESET2 without querying FEATURES, the only option for firmware is to 
return NOT_SUPPORTED.


[SAMI] There are 2 scenarios:
1. A boot loader other than UEFI is used to boot the OS.
In this case the OS shall directly call the PSCI interface to reboot.
For this scenario the Linux kernel code performs the required checks and 
makes the appropriate PSCI call see 
https://elixir.bootlin.com/linux/v5.16.13/source/drivers/firmware/psci/psci.c#L299


2. UEFI is used to boot the OS.
In this case the UEFI Runtime Services ResetSystem() will be invoked by 
the OS to initiate a reboot.
In this scenario the checks performed by the OS to see if SYSTEM_RESET2 
is supported are irrelevant. It is the firmware that needs to perform 
the check. Although
the PSCI specification section '5.12.4 Caller responsibilities' mentions 
'The calling OS...'; this is an example, and in context with the current 
usage scenario, it is the
responsibility of the firmware (the Caller) to perform these checks. 
Otherwise this can result in failures on platforms that do not implement 
the SYSTEM_RESET2 feature.

The relevant code in the Linux kernel for this scenario can be seen at:
https://elixir.bootlin.com/linux/v5.16.13/source/drivers/firmware/efi/reboot.c#L13
https://elixir.bootlin.com/linux/v5.16.13/source/drivers/firmware/efi/runtime-wrappers.c#L412

I also noticed that there are 2 versions of the ResetSystem library:
[A] EfiResetSystemLib based implementation
  This is 
ArmPkg\Library\ArmPsciResetSystemLib\ArmPsciResetSystemLib.inf which 
links with EmbeddedPkg/ResetRuntimeDxe/ResetRuntimeDxe.inf

[B] ResetSystemLib based impleme

[edk2-devel] [PATCH] UefiPayloadPkg: Fix build error

[Sean Rhodes]

From: Guo Dong 

On windows build, need add -DPLATFORMX64_ENABLE=TRUE in the build
command line beside -DNETWORK_DRIVER_ENABLE=TRUE in order build
network features. So set PLATFORMX64_ENABLE to TRUE when need build
network feature.
On Linux build, DSC file should not have PcdAllowHttpConnections
when network feature is not built, else would cause build error.

Cc: Guo Dong 
Cc: Ray Ni 
Cc: Maurice Ma 
Cc: Benjamin You 
Signed-off-by: Guo Dong 
---
 UefiPayloadPkg/UefiPayloadPkg.dsc | 4 
 1 file changed, 4 insertions(+)

diff --git a/UefiPayloadPkg/UefiPayloadPkg.dsc 
b/UefiPayloadPkg/UefiPayloadPkg.dsc
index 558513baf1..f3806a8ebc 100644
--- a/UefiPayloadPkg/UefiPayloadPkg.dsc
+++ b/UefiPayloadPkg/UefiPayloadPkg.dsc
@@ -407,7 +407,9 @@
 [PcdsPatchableInModule.X64]
   gPcAtChipsetPkgTokenSpaceGuid.PcdRtcIndexRegister|$(RTC_INDEX_REGISTER)
   gPcAtChipsetPkgTokenSpaceGuid.PcdRtcTargetRegister|$(RTC_TARGET_REGISTER)
+!if $(NETWORK_DRIVER_ENABLE) == TRUE
   gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE
+!endif
 
 [PcdsPatchableInModule.common]
   gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 
0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
@@ -530,6 +532,8 @@
 # UEFI network modules
 #
 !if $(NETWORK_DRIVER_ENABLE) == TRUE
+[Defines]
+  DEFINE PLATFORMX64_ENABLE = TRUE
   !include NetworkPkg/Network.dsc.inc
 !endif
 
-- 
2.32.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87463): https://edk2.groups.io/g/devel/message/87463
Mute This Topic: https://groups.io/mt/89710183/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] DynamicTablesPkg: Fix serial port namespace path in DBG2

[PierreGondois]

Hi Sami,
The patch looks good to me:

Reviewed-by: Pierre Gondois 

On 3/10/22 18:39, Sami Mujawar wrote:

According to the Debug Port Table 2 (DBG2) specification,
February 17, 2021, the NamespaceString is a NULL terminated
ASCII string that consists of a fully qualified reference
to the object that represents the serial port device in the
ACPI namespace.

The DBG2 table generator did not populate the full device
path for the serial port device, and this results in a FWTS
test failure.

Therefore, populate the full namespace device path for the
serial port in DBG2 table.

Signed-off-by: Sami Mujawar 
---
The changes can be seen at:
https://github.com/samimujawar/edk2/tree/2105_dbg2_generator_namestring_issue_v1

  DynamicTablesPkg/Library/Acpi/Arm/AcpiDbg2LibArm/Dbg2Generator.c | 10 
+++---
  1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/DynamicTablesPkg/Library/Acpi/Arm/AcpiDbg2LibArm/Dbg2Generator.c 
b/DynamicTablesPkg/Library/Acpi/Arm/AcpiDbg2LibArm/Dbg2Generator.c
index 
3d513dbd1fbe8c47d270a9e639b2797098201d91..f6dfb3d94c10980a0e7712ce9427648b69974061
 100644
--- a/DynamicTablesPkg/Library/Acpi/Arm/AcpiDbg2LibArm/Dbg2Generator.c
+++ b/DynamicTablesPkg/Library/Acpi/Arm/AcpiDbg2LibArm/Dbg2Generator.c
@@ -1,7 +1,7 @@
  /** @file
DBG2 Table Generator
  
-  Copyright (c) 2017 - 2021, Arm Limited. All rights reserved.

+  Copyright (c) 2017 - 2022, Arm Limited. All rights reserved.
  
SPDX-License-Identifier: BSD-2-Clause-Patent
  
@@ -55,13 +55,17 @@ Requirements:

  */
  #define NAME_STR_DBG_PORT0  "COM0"
  
+/** A string representing the full path name of the debug port 0.

+*/
+#define NAMESPACE_STR_DBG_PORT0  "\\_SB_.COM0"
+
  /** An UID representing the debug port 0.
  */
  #define UID_DBG_PORT0  0
  
  /** The length of the namespace string.

  */
-#define DBG2_NAMESPACESTRING_FIELD_SIZE  sizeof (NAME_STR_DBG_PORT0)
+#define DBG2_NAMESPACESTRING_FIELD_SIZE  sizeof (NAMESPACE_STR_DBG_PORT0)
  
  /** The PL011 UART address range length.

  */
@@ -166,7 +170,7 @@ DBG2_TABLE  AcpiDbg2 = {
0,// {Template}: Serial Port Subtype
0,// {Template}: Serial Port Base Address
PL011_UART_LENGTH,
-  NAME_STR_DBG_PORT0
+  NAMESPACE_STR_DBG_PORT0
)
}
  };



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87462): https://edk2.groups.io/g/devel/message/87462
Mute This Topic: https://groups.io/mt/89691998/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH EDK2 v1 1/1] RedfishPkg: fix memory leak issue

[wenyi,xie via groups.io]

Hi Abner,

Thank you for your reviewing, here is the link to the PR.
https://github.com/tianocore/edk2/pull/2612

Regards
Wenyi

On 2022/3/11 15:03, Chang, Abner (HPS SW/FW Technologist) wrote:
> Hi Wenyi,
> Please add my RB in the commit message and create the PR against edk2, let me 
> know the link to PR as well.
> 
> Thanks,
> Abner
> --
> *From:* Chang, Abner (HPS SW/FW Technologist)
> *Sent:* Friday, March 11, 2022 1:48 PM
> *To:* Wenyi Xie ; devel@edk2.groups.io 
> ; Wang, Nickle (Server BIOS) 
> *Cc:* songdongku...@huawei.com 
> *Subject:* RE: [PATCH EDK2 v1 1/1] RedfishPkg: fix memory leak issue
>  
> Thanks for catching this.
> 
> Reviewed-by: Abner Chang 
> 
>> -Original Message-
>> From: Wenyi Xie 
>> Sent: Thursday, March 10, 2022 7:26 PM
>> To: devel@edk2.groups.io; Chang, Abner (HPS SW/FW Technologist)
>> ; Wang, Nickle (Server BIOS)
>> 
>> Cc: songdongku...@huawei.com; xiewen...@huawei.com
>> Subject: [PATCH EDK2 v1 1/1] RedfishPkg: fix memory leak issue
>> 
>> The calloc memory is not free when function collectionEvalOp
>> return in the halfway.
>> 
>> Cc: Abner Chang 
>> Cc: Nickle Wang 
>> Signed-off-by: Wenyi Xie 
>> ---
>>  RedfishPkg/PrivateLibrary/RedfishLib/edk2libredfish/src/payload.c | 16
>> +++-
>>  1 file changed, 7 insertions(+), 9 deletions(-)
>> 
>> diff --git
>> a/RedfishPkg/PrivateLibrary/RedfishLib/edk2libredfish/src/payload.c
>> b/RedfishPkg/PrivateLibrary/RedfishLib/edk2libredfish/src/payload.c
>> index 3f2b83e834d0..6c6e2246abe3 100644
>> --- a/RedfishPkg/PrivateLibrary/RedfishLib/edk2libredfish/src/payload.c
>> +++ b/RedfishPkg/PrivateLibrary/RedfishLib/edk2libredfish/src/payload.c
>> @@ -620,6 +620,7 @@ collectionEvalOp (
>>    if (((*StatusCode == NULL) && (members == NULL)) ||
>>    ((*StatusCode != NULL) && ((**StatusCode < HTTP_STATUS_200_OK) ||
>> (**StatusCode > HTTP_STATUS_206_PARTIAL_CONTENT
>>    {
>> +    free (valid);
>>  return members;
>>    }
>> 
>> @@ -633,6 +634,7 @@ collectionEvalOp (
>>  if (((*StatusCode == NULL) && (tmp == NULL)) ||
>>  ((*StatusCode != NULL) && ((**StatusCode < HTTP_STATUS_200_OK) ||
>> (**StatusCode > HTTP_STATUS_206_PARTIAL_CONTENT
>>  {
>> +  free (valid);
>>    return tmp;
>>  }
>> 
>> @@ -658,19 +660,15 @@ collectionEvalOp (
>> 
>>    cleanupPayload (members);
>>    if (validCount == 0) {
>> -    free (valid);
>> -    return NULL;
>> -  }
>> -
>> -  if (validCount == 1) {
>> +    ret = NULL;
>> +  } else if (validCount == 1) {
>>  ret = valid[0];
>> -    free (valid);
>> -    return ret;
>>    } else {
>>  ret = createCollection (payload->service, validCount, valid);
>> -    free (valid);
>> -    return ret;
>>    }
>> +
>> +  free (valid);
>> +  return ret;
>>  }
>> 
>>  static redfishPayload *
>> --
>> 2.20.1.windows.1
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#87461): https://edk2.groups.io/g/devel/message/87461
Mute This Topic: https://groups.io/mt/89683950/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-