1. Patchew
  2. EDK2
  3. [edk2-devel] [PATCH V9 0/4] Add Intel TDX support in OvmfPkg/ResetVector
  4. View patch

[edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm

Min Xu posted 4 patches 4 years, 3 months ago
There is a newer version of this series
[edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm
Posted by Min Xu 4 years, 3 months ago 
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Previously WORK_AREA_GUEST_TYPE was cleared in SetCr3ForPageTables64.
This is workable for Legacy guest and SEV guest. But it doesn't work
after Intel TDX is introduced. It is because all TDX CPUs (BSP and APs)
start to run from 0xfffffff0, thus WORK_AREA_GUEST_TYPE will be cleared
multi-times if it is TDX guest. So the clearance of WORK_AREA_GUEST_TYPE
is moved to Main16 entry point in Main.asm.
Note: WORK_AREA_GUEST_TYPE is only defined for ARCH_X64.

For Intel TDX, its corresponding entry point is Main32 (which will be
introduced in next commit in this patch-set). WORK_AREA_GUEST_TYPE will
be cleared there.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/ResetVector/Ia32/PageTables64.asm | 4 ----
 OvmfPkg/ResetVector/Main.asm              | 8 ++++++++
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index 07b6ca070909..02528221e560 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -42,10 +42,6 @@ BITS    32
 ;
 SetCr3ForPageTables64:
 
-    ; Clear the WorkArea header. The SEV probe routines will populate the
-    ; work area when detected.
-    mov     byte[WORK_AREA_GUEST_TYPE], 0
-
     ; Check whether the SEV is active and populate the SevEsWorkArea
     OneTimeCall   CheckSevFeatures
 
diff --git a/OvmfPkg/ResetVector/Main.asm b/OvmfPkg/ResetVector/Main.asm
index ae90a148fce7..a501fbe880f2 100644
--- a/OvmfPkg/ResetVector/Main.asm
+++ b/OvmfPkg/ResetVector/Main.asm
@@ -36,6 +36,14 @@ Main16:
 
 BITS    32
 
+%ifdef ARCH_X64
+
+    ; Clear the WorkArea header. The SEV probe routines will populate the
+    ; work area when detected.
+    mov     byte[WORK_AREA_GUEST_TYPE], 0
+
+%endif
+
     ;
     ; Search for the Boot Firmware Volume (BFV)
     ;
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81793): https://edk2.groups.io/g/devel/message/81793
Mute This Topic: https://groups.io/mt/86253724/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm
Posted by Gerd Hoffmann 4 years, 3 months ago 
On Tue, Oct 12, 2021 at 10:37:48AM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> 
> Previously WORK_AREA_GUEST_TYPE was cleared in SetCr3ForPageTables64.
> This is workable for Legacy guest and SEV guest. But it doesn't work
> after Intel TDX is introduced. It is because all TDX CPUs (BSP and APs)
> start to run from 0xfffffff0, thus WORK_AREA_GUEST_TYPE will be cleared
> multi-times if it is TDX guest. So the clearance of WORK_AREA_GUEST_TYPE
> is moved to Main16 entry point in Main.asm.
> Note: WORK_AREA_GUEST_TYPE is only defined for ARCH_X64.
> 
> For Intel TDX, its corresponding entry point is Main32 (which will be
> introduced in next commit in this patch-set). WORK_AREA_GUEST_TYPE will
> be cleared there.

Acked-by: Gerd Hoffmann <kraxel@redhat.com>

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81803): https://edk2.groups.io/g/devel/message/81803
Mute This Topic: https://groups.io/mt/86253724/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm
Posted by Lendacky, Thomas via groups.io 4 years, 3 months ago 
On 10/11/21 9:37 PM, Min Xu wrote:
> RFC: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3429&amp;data=04%7C01%7Cthomas.lendacky%40amd.com%7Cc4c4ac9654a940ada92308d98d2994d0%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637696032012206979%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=1SVRKXztfFcaVVer1AYOhLIhs6sVW%2BwtYQNxuuHHbTE%3D&amp;reserved=0
> 
> Previously WORK_AREA_GUEST_TYPE was cleared in SetCr3ForPageTables64.
> This is workable for Legacy guest and SEV guest. But it doesn't work
> after Intel TDX is introduced. It is because all TDX CPUs (BSP and APs)
> start to run from 0xfffffff0, thus WORK_AREA_GUEST_TYPE will be cleared
> multi-times if it is TDX guest. So the clearance of WORK_AREA_GUEST_TYPE
> is moved to Main16 entry point in Main.asm.
> Note: WORK_AREA_GUEST_TYPE is only defined for ARCH_X64.
> 
> For Intel TDX, its corresponding entry point is Main32 (which will be
> introduced in next commit in this patch-set). WORK_AREA_GUEST_TYPE will
> be cleared there.
> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Brijesh Singh <brijesh.singh@amd.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Signed-off-by: Min Xu <min.m.xu@intel.com>
> ---
>   OvmfPkg/ResetVector/Ia32/PageTables64.asm | 4 ----
>   OvmfPkg/ResetVector/Main.asm              | 8 ++++++++
>   2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> index 07b6ca070909..02528221e560 100644
> --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
> @@ -42,10 +42,6 @@ BITS    32
>   ;
>   SetCr3ForPageTables64:
>   
> -    ; Clear the WorkArea header. The SEV probe routines will populate the
> -    ; work area when detected.
> -    mov     byte[WORK_AREA_GUEST_TYPE], 0
> -
>       ; Check whether the SEV is active and populate the SevEsWorkArea
>       OneTimeCall   CheckSevFeatures
>   
> diff --git a/OvmfPkg/ResetVector/Main.asm b/OvmfPkg/ResetVector/Main.asm
> index ae90a148fce7..a501fbe880f2 100644
> --- a/OvmfPkg/ResetVector/Main.asm
> +++ b/OvmfPkg/ResetVector/Main.asm
> @@ -36,6 +36,14 @@ Main16:
>   
>   BITS    32
>   
> +%ifdef ARCH_X64

A regular SEV guest can be built in the hybrid IA32 and X64 configuration, 
so this will break existing SEV firmwares built in that manner. Only 
SEV-ES and SEV-SNP require the full X64 confguration.

Thanks,
Tom

> +
> +    ; Clear the WorkArea header. The SEV probe routines will populate the
> +    ; work area when detected.
> +    mov     byte[WORK_AREA_GUEST_TYPE], 0
> +
> +%endif
> +
>       ;
>       ; Search for the Boot Firmware Volume (BFV)
>       ;
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81830): https://edk2.groups.io/g/devel/message/81830
Mute This Topic: https://groups.io/mt/86253724/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm
Posted by Min Xu 4 years, 3 months ago 
On October 12, 2021 9:23 PM, Lendacky Thomas wrote:
> On 10/11/21 9:37 PM, Min Xu wrote:
> > diff --git a/OvmfPkg/ResetVector/Main.asm
> > b/OvmfPkg/ResetVector/Main.asm index ae90a148fce7..a501fbe880f2
> 100644
> > --- a/OvmfPkg/ResetVector/Main.asm
> > +++ b/OvmfPkg/ResetVector/Main.asm
> > @@ -36,6 +36,14 @@ Main16:
> >
> >   BITS    32
> >
> > +%ifdef ARCH_X64
> 
> A regular SEV guest can be built in the hybrid IA32 and X64 configuration, so this
> will break existing SEV firmwares built in that manner. Only SEV-ES and SEV-SNP
> require the full X64 confguration.
> 
WORK_AREA_GUEST_TYPE is defined in https://github.com/tianocore/edk2/blob/master/OvmfPkg/ResetVector/ResetVector.nasmb#L75 and previously it was cleared in https://github.com/tianocore/edk2/blob/master/OvmfPkg/ResetVector/Ia32/PageTables64.asm#L47. These 2 lines are both surrounded by ARCH_X64.
So in this commit, the clearance of WORK_AREA_GUEST_TYPE in Main.asm is surrounded by ARCH_X64 too.
Brijesh, what's your comments on this change?

Thanks!
Min


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81840): https://edk2.groups.io/g/devel/message/81840
Mute This Topic: https://groups.io/mt/86253724/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm
Posted by Brijesh Singh via groups.io 4 years, 3 months ago 
On 10/12/21 5:58 PM, Xu, Min M wrote:
> On October 12, 2021 9:23 PM, Lendacky Thomas wrote:
>> On 10/11/21 9:37 PM, Min Xu wrote:
>>> diff --git a/OvmfPkg/ResetVector/Main.asm
>>> b/OvmfPkg/ResetVector/Main.asm index ae90a148fce7..a501fbe880f2
>> 100644
>>> --- a/OvmfPkg/ResetVector/Main.asm
>>> +++ b/OvmfPkg/ResetVector/Main.asm
>>> @@ -36,6 +36,14 @@ Main16:
>>>
>>>   BITS    32
>>>
>>> +%ifdef ARCH_X64
>> A regular SEV guest can be built in the hybrid IA32 and X64 configuration, so this
>> will break existing SEV firmwares built in that manner. Only SEV-ES and SEV-SNP
>> require the full X64 confguration.
>>
> WORK_AREA_GUEST_TYPE is defined in https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2%2Fblob%2Fmaster%2FOvmfPkg%2FResetVector%2FResetVector.nasmb%23L75&amp;data=04%7C01%7Cbrijesh.singh%40amd.com%7C10fd025cc9324fe76a0808d98de49924%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637696835234415070%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=y7cujCXYfhvORki5aNbLF9Eq3BBrcfHykvlWFcYAciI%3D&amp;reserved=0 and previously it was cleared in https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2%2Fblob%2Fmaster%2FOvmfPkg%2FResetVector%2FIa32%2FPageTables64.asm%23L47&amp;data=04%7C01%7Cbrijesh.singh%40amd.com%7C10fd025cc9324fe76a0808d98de49924%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637696835234425063%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=AQLw4AJ%2FFxoGjfT6arKFSTvkCshRMz1v5RLZOnA8p4A%3D&amp;reserved=0. These 2 lines are both surrounded by ARCH_X64.
> So in this commit, the clearance of WORK_AREA_GUEST_TYPE in Main.asm is surrounded by ARCH_X64 too.
> Brijesh, what's your comments on this change?

Good point Tom. The WORK_AREA_GUEST_TYPE define should be moved outside
the ARCH_X86. I missed it mainly because we renamed the ESWorkArea to
Generic workarea but EsWorkArea was defined in ARCH_X86 only.

Min,

I can send a patch to move define outside the ARCH_X64 and then you can
align the TDX code accordingly.

> Thanks!
> Min



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81888): https://edk2.groups.io/g/devel/message/81888
Mute This Topic: https://groups.io/mt/86253724/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH V9 2/4] OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm
Posted by Min Xu 4 years, 3 months ago 
On October 13, 2021 11:46 PM, Brijesh Singh wrote:
> On 10/12/21 5:58 PM, Xu, Min M wrote:
> > On October 12, 2021 9:23 PM, Lendacky Thomas wrote:
> Good point Tom. The WORK_AREA_GUEST_TYPE define should be moved
> outside the ARCH_X86. I missed it mainly because we renamed the
> ESWorkArea to Generic workarea but EsWorkArea was defined in ARCH_X86
> only.
> 
> Min,
> 
> I can send a patch to move define outside the ARCH_X64 and then you can
> align the TDX code accordingly.
> 
Ok. I will update the TDX code based on your new patch.

Thanks.
Min


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81929): https://edk2.groups.io/g/devel/message/81929
Mute This Topic: https://groups.io/mt/86253724/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.