From nobody Tue Feb 10 10:59:24 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+85994+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+85994+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1642901978; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Qh5WSXaRdkNrk3x7v2veDVJvSL56bhjV0y7U2Wm9LRoOAUBD9CDRUvQ8zd/iUnP+VU/+rnwjgcIc+4gUrSt/5yohaLIVPcuH0nMe0OrSHZgAbaC06wwx84U9ANzWPMOgjZ4mOFDJ9wSLrYHamZuAxIrZ5FzAomhiNj4OPQs/VLo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1642901978;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=toaO4XzC3Djeht688JNmhkUUgrilXj4GiqE34h0tDlw=;
	b=AuRoGJNz/KYJ7cRXlfcCmH2CUDdEX6iedfdCNw1fppcstZjqMTzDTr0GRuHns8sRvYFRdLDRd8b1+M62kPntJttEUflEOlqR2vkI2i/pIDyGdnnK6wUrSq4EOriKkN9FLv97KU/hrSZULxBLjFS7GIDowEjhcOw0gkekTqq5Hrg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+85994+1787277+3901457@groups.io;
	dmarc=fail header.from=<min.m.xu@intel.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1642901978562320.3896491784933;
 Sat, 22 Jan 2022 17:39:38 -0800 (PST)
Return-Path: <bounce+27952+85994+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id BSNYYY1788612xHms1K6Tn2B;
 Sat, 22 Jan 2022 17:39:38 -0800
X-Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
 by mx.groups.io with SMTP id smtpd.web11.4554.1642901975017978470
 for <devel@edk2.groups.io>;
 Sat, 22 Jan 2022 17:39:36 -0800
X-IronPort-AV: E=McAfee;i="6200,9189,10235"; a="244686096"
X-IronPort-AV: E=Sophos;i="5.88,309,1635231600";
   d="scan'208";a="244686096"
X-Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 22 Jan 2022 17:39:24 -0800
X-IronPort-AV: E=Sophos;i="5.88,309,1635231600";
   d="scan'208";a="695033265"
X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.30.84])
  by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 22 Jan 2022 17:39:22 -0800
From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH V5 24/33] OvmfPkg: Update PlatformInitLib to
 support Tdx guest
Date: Sun, 23 Jan 2022 09:36:55 +0800
Message-Id: 
 <4df4c77b9d0e8665867fb77b9889a4bd9e8d619d.1642899774.git.min.m.xu@intel.com>
In-Reply-To: <cover.1642899774.git.min.m.xu@intel.com>
References: <cover.1642899774.git.min.m.xu@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,min.m.xu@intel.com
X-Gm-Message-State: Egs2y7rWpHEV1KbTlIhcePq0x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1642901978;
 bh=R7dVxSjQ5dmH+8T5wUELb3p+zwgXiWG7ypDRWZgqQ4o=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=wXnuf7eAp3R1zNmW34iRJmnDhwbwyGURJspYuFQU4TtSEyXP3AywK6bJvAevn8ayOnF
 IsXaPloZce072/aeG+UTbtESqtr5qtfGMIT5ek+JPmd7B0kfrzrGi9Noec4fPQIdRNYdV
 KesntW+PlNQML5A4n8Xguf8mEx6XRqpE7SI=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1642901980368100003
Content-Type: text/plain; charset="utf-8"

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429

In Tdx guest, the system memory is passed in TdHob by host VMM. So
the major task of PlatformTdxPublishRamRegions is to walk thru the
TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
to the hobs in DXE phase.

MemoryAllocationHob should also be created for Mailbox and Ovmf work area.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
---
 OvmfPkg/Include/Library/PlatformInitLib.h     |   6 +
 OvmfPkg/Library/PlatformInitLib/IntelTdx.c    | 112 ++++++++++++++++++
 .../PlatformInitLib/PlatformInitLib.inf       |   4 +
 3 files changed, 122 insertions(+)
 create mode 100644 OvmfPkg/Library/PlatformInitLib/IntelTdx.c

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h b/OvmfPkg/Include/Li=
brary/PlatformInitLib.h
index afab76e46623..b81f5d314d53 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -246,4 +246,10 @@ PlatformAddReservedMemoryBaseSizeHob (
   IN BOOLEAN               Cacheable
   );
=20
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c b/OvmfPkg/Library/P=
latformInitLib/IntelTdx.c
new file mode 100644
index 000000000000..00c89740f2f6
--- /dev/null
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
@@ -0,0 +1,112 @@
+/** @file
+  Initialize Intel TDX support.
+
+  Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/HobLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <IndustryStandard/Tdx.h>
+#include <IndustryStandard/IntelTdx.h>
+#include <IndustryStandard/QemuFwCfg.h>
+#include <Library/QemuFwCfgLib.h>
+#include <Library/PeiServicesLib.h>
+#include <Library/TdxLib.h>
+#include <WorkArea.h>
+#include <ConfidentialComputingGuestAttr.h>
+
+/**
+  Transfer the incoming HobList for the TD to the final HobList for Dxe.
+  The Hobs transferred in this function are ResourceDescriptor hob and
+  MemoryAllocation hob.
+
+  @param[in] VmmHobList    The Hoblist pass the firmware
+
+**/
+VOID
+EFIAPI
+TransferTdxHobList (
+  VOID
+  )
+{
+  EFI_PEI_HOB_POINTERS  Hob;
+
+  //
+  // PcdOvmfSecGhcbBase is used as the TD_HOB in Tdx guest.
+  //
+  Hob.Raw =3D (UINT8 *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);
+  while (!END_OF_HOB_LIST (Hob)) {
+    switch (Hob.Header->HobType) {
+      case EFI_HOB_TYPE_RESOURCE_DESCRIPTOR:
+        BuildResourceDescriptorHob (
+          Hob.ResourceDescriptor->ResourceType,
+          Hob.ResourceDescriptor->ResourceAttribute,
+          Hob.ResourceDescriptor->PhysicalStart,
+          Hob.ResourceDescriptor->ResourceLength
+          );
+        break;
+      case EFI_HOB_TYPE_MEMORY_ALLOCATION:
+        BuildMemoryAllocationHob (
+          Hob.MemoryAllocation->AllocDescriptor.MemoryBaseAddress,
+          Hob.MemoryAllocation->AllocDescriptor.MemoryLength,
+          Hob.MemoryAllocation->AllocDescriptor.MemoryType
+          );
+        break;
+    }
+
+    Hob.Raw =3D GET_NEXT_HOB (Hob);
+  }
+}
+
+/**
+
+  Publish memory regions in Intel TDX guest.
+
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  )
+{
+  if (!TdIsEnabled ()) {
+    return;
+  }
+
+  TransferTdxHobList ();
+
+  //
+  // The memory region defined by PcdOvmfSecGhcbBackupBase is pre-allocate=
d by
+  // host VMM and used as the td mailbox at the beginning of system boot.
+  //
+  BuildMemoryAllocationHob (
+    FixedPcdGet32 (PcdOvmfSecGhcbBackupBase),
+    FixedPcdGet32 (PcdOvmfSecGhcbBackupSize),
+    EfiACPIMemoryNVS
+    );
+
+  if (FixedPcdGet32 (PcdOvmfWorkAreaSize) !=3D 0) {
+    //
+    // Reserve the work area.
+    //
+    // Since this memory range will be used by the Reset Vector on S3
+    // resume, it must be reserved as ACPI NVS.
+    //
+    // If S3 is unsupported, then various drivers might still write to the
+    // work area. We ought to prevent DXE from serving allocation requests
+    // such that they would overlap the work area.
+    //
+    BuildMemoryAllocationHob (
+      (EFI_PHYSICAL_ADDRESS)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaBase),
+      (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaSize),
+      EfiBootServicesData
+      );
+  }
+}
diff --git a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf b/OvmfPkg/=
Library/PlatformInitLib/PlatformInitLib.inf
index 060ce0f54f2b..4a3a49cd38c8 100644
--- a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
+++ b/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
@@ -26,6 +26,7 @@
   Cmos.c
   MemDetect.c
   Platform.c
+  IntelTdx.c
=20
 [Packages]
   EmbeddedPkg/EmbeddedPkg.dec
@@ -49,6 +50,9 @@
   MtrrLib
   PcdLib
=20
+[LibraryClasses.X64]
+  TdxLib
+
 [FixedPcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
--=20
2.29.2.windows.2



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#85994): https://edk2.groups.io/g/devel/message/85994
Mute This Topic: https://groups.io/mt/88617549/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-