From nobody Mon Feb 9 23:39:19 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+84812+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+84812+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1639489329; cv=none; d=zohomail.com; s=zohoarc; b=idUkSyRwbsH+baIMctLi0fDVs3My1xXhX910wpKHjz0qm6Q8UB71b4IiFAvhvi5b+cf2k15iUGlKmyy18iuZd21/+CUkMECEqs7xKwF+YEDTDKMEv1dQXrurEuaaSJNSSRnZXH+GHdxYimr5UNWJWOQWTm8+iPpeTNmSmZnHwJQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1639489329; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=/9zp6X55XoS11bNvSnseQ1ziVQX2TD6aHJh4NsayUnQ=; b=MxVPaRWVEE6idHTxZiJWue9QSE5Md0gWNsf0Qtfc2VrTbIkgoPhORHQp6fWPwztQG5XN9KZnbskQEI1XKhPpNcIJcaIY8R6+l0VhvBCXcDFCjL1Cqb9UrTaX+4jN9pz13gv4EKI2jnMyZu9Ofdvs57FjExON+j9aRLuT+vSIbbw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+84812+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1639489329822871.6273114730395; Tue, 14 Dec 2021 05:42:09 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 3df5YY1788612xTgaitXK3Tt; Tue, 14 Dec 2021 05:42:09 -0800 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web08.25742.1639489321528370744 for ; Tue, 14 Dec 2021 05:42:09 -0800 X-IronPort-AV: E=McAfee;i="6200,9189,10197"; a="218993685" X-IronPort-AV: E=Sophos;i="5.88,205,1635231600"; d="scan'208";a="218993685" X-Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Dec 2021 05:42:08 -0800 X-IronPort-AV: E=Sophos;i="5.88,205,1635231600"; d="scan'208";a="465094264" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.30.115]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Dec 2021 05:42:06 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Michael D Kinney , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky , Gerd Hoffmann Subject: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Date: Tue, 14 Dec 2021 21:41:24 +0800 Message-Id: <20211214134126.869-9-min.m.xu@intel.com> In-Reply-To: <20211214134126.869-1-min.m.xu@intel.com> References: <20211214134126.869-1-min.m.xu@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: EnscqnMawwmdbP4u5Jwf5jmJx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1639489329; bh=UGEpLTSmhFtDQ92oIpBACei6SPoZ4aixCyXJMOXF2xw=; h=Cc:Date:From:Reply-To:Subject:To; b=sKpm5ml3lQLXvEdoEYRUmiw++H8ffrJEkpW9ilIZT8diOcSlUUJ6V8ZFtMsVBsOG5sX xMixDdC1umzEZOBvRm6/OP3Y3DyIFuP5i55tdBYDkXBPsE1UrFhn/vI2b58z/gLN2oWD9 vXTavj5JoHJjJJyPdC5gLrDrIquyXwCLmmY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1639489331677100001 Content-Type: text/plain; charset="utf-8" RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429 Tdvf Config-B skip PEI phase to reduce attack surface. So instead of jumping to SecStartupPhase2 (), TdxStartup () is called. This function brings up Tdx guest from SEC phase to DXE phase. Cc: Michael D Kinney Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Gerd Hoffmann Signed-off-by: Min Xu --- OvmfPkg/Sec/IntelTdx.c | 7 ++++++- OvmfPkg/Sec/SecMain.c | 17 +++++++++++++++++ OvmfPkg/Sec/SecMain.inf | 2 ++ 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/Sec/IntelTdx.c b/OvmfPkg/Sec/IntelTdx.c index d1d952e8d433..f9d44617b211 100644 --- a/OvmfPkg/Sec/IntelTdx.c +++ b/OvmfPkg/Sec/IntelTdx.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include #include @@ -25,6 +25,11 @@ =20 #define ALIGNED_2MB_MASK 0x1fffff =20 +#define GET_HOB_TYPE(Hob) ((Hob).Header->HobType) +#define GET_HOB_LENGTH(Hob) ((Hob).Header->HobLength) +#define GET_NEXT_HOB(Hob) ((Hob).Raw + GET_HOB_LENGTH (Hob)) +#define END_OF_HOB_LIST(Hob) (GET_HOB_TYPE (Hob) =3D=3D EFI_HOB_TYPE_END_= OF_HOB_LIST) + /** Check TDX is enabled. =20 diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c index e2f3ede93901..c5dd066941fe 100644 --- a/OvmfPkg/Sec/SecMain.c +++ b/OvmfPkg/Sec/SecMain.c @@ -33,6 +33,10 @@ #include "IntelTdx.h" #include "AmdSev.h" =20 +#ifdef INTEL_TDX_FULL_FEATURE + #include +#endif + #define SEC_IDT_ENTRY_COUNT 34 =20 typedef struct _SEC_IDT_TABLE { @@ -913,6 +917,19 @@ SecCoreStartupWithStack ( InitializeApicTimer (0, MAX_UINT32, TRUE, 5); DisableApicTimerInterrupt (); =20 + #ifdef INTEL_TDX_FULL_FEATURE + if (SecTdxIsEnabled ()) { + TdxStartup (&SecCoreData); + + // + // Never arrived here + // + ASSERT (FALSE); + CpuDeadLoop (); + } + + #endif + // // Initialize Debug Agent to support source level debug in SEC/PEI phase= s before memory ready. // diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf index 230ee5e465b9..05e49ab5ae81 100644 --- a/OvmfPkg/Sec/SecMain.inf +++ b/OvmfPkg/Sec/SecMain.inf @@ -38,6 +38,7 @@ MdeModulePkg/MdeModulePkg.dec UefiCpuPkg/UefiCpuPkg.dec OvmfPkg/OvmfPkg.dec + EmbeddedPkg/EmbeddedPkg.dec =20 [LibraryClasses] BaseLib @@ -58,6 +59,7 @@ =20 [LibraryClasses.X64] TdxLib + TdxStartupLib =20 [Ppis] gEfiTemporaryRamSupportPpiGuid # PPI ALWAYS_PRODUCED --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#84812): https://edk2.groups.io/g/devel/message/84812 Mute This Topic: https://groups.io/mt/87720802/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-