[v6] Enable Intel TDX in OvmfPkg (Config-A)

[edk2-devel] [PATCH V6 33/42] OvmfPkg: Update PlatformInitLib for Tdx guest to publish ram regions

Posted by Min Xu 3 years, 11 months ago

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

In Tdx guest, the system memory is passed in TdHob by host VMM. So
the major task of PlatformTdxPublishRamRegions is to walk thru the
TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
to the hobs in DXE phase.

MemoryAllocationHob should also be created for Mailbox and Ovmf work area.

Another update is in PlatformAddressWidthInitialization. The physical
address width that Tdx guest supports is either 48 or 52.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/Include/Library/PlatformInitLib.h     | 14 ++++++
 OvmfPkg/Library/PlatformInitLib/IntelTdx.c    | 49 +++++++++++++++++++
 .../Library/PlatformInitLib/IntelTdxNull.c    | 16 ++++++
 OvmfPkg/Library/PlatformInitLib/MemDetect.c   | 13 +++++
 4 files changed, 92 insertions(+)

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h b/OvmfPkg/Include/Library/PlatformInitLib.h
index 538fd7aee48c..6a88a9b4a69c 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -269,4 +269,18 @@ ProcessTdxHobList (
   VOID
   );
 
+/**
+  In Tdx guest, the system memory is passed in TdHob by host VMM. So
+  the major task of PlatformTdxPublishRamRegions is to walk thru the
+  TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
+  to the hobs in DXE phase.
+
+  MemoryAllocationHob should also be created for Mailbox and Ovmf work area.
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
index 1ee24dfe754d..e9243cfa7e37 100644
--- a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
@@ -502,3 +502,52 @@ TransferTdxHobList (
     Hob.Raw = GET_NEXT_HOB (Hob);
   }
 }
+
+/**
+  In Tdx guest, the system memory is passed in TdHob by host VMM. So
+  the major task of PlatformTdxPublishRamRegions is to walk thru the
+  TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
+  to the hobs in DXE phase.
+
+  MemoryAllocationHob should also be created for Mailbox and Ovmf work area.
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  )
+{
+  if (!TdIsEnabled ()) {
+    return;
+  }
+
+  TransferTdxHobList ();
+
+  //
+  // The memory region defined by PcdOvmfSecGhcbBackupBase is pre-allocated by
+  // host VMM and used as the td mailbox at the beginning of system boot.
+  //
+  BuildMemoryAllocationHob (
+    FixedPcdGet32 (PcdOvmfSecGhcbBackupBase),
+    FixedPcdGet32 (PcdOvmfSecGhcbBackupSize),
+    EfiACPIMemoryNVS
+    );
+
+  if (FixedPcdGet32 (PcdOvmfWorkAreaSize) != 0) {
+    //
+    // Reserve the work area.
+    //
+    // Since this memory range will be used by the Reset Vector on S3
+    // resume, it must be reserved as ACPI NVS.
+    //
+    // If S3 is unsupported, then various drivers might still write to the
+    // work area. We ought to prevent DXE from serving allocation requests
+    // such that they would overlap the work area.
+    //
+    BuildMemoryAllocationHob (
+      (EFI_PHYSICAL_ADDRESS)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaBase),
+      (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaSize),
+      EfiBootServicesData
+      );
+  }
+}
diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c b/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
index af90e0866e89..3ebe582af8de 100644
--- a/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
@@ -28,3 +28,19 @@ ProcessTdxHobList (
 {
   return EFI_UNSUPPORTED;
 }
+
+/**
+  In Tdx guest, the system memory is passed in TdHob by host VMM. So
+  the major task of PlatformTdxPublishRamRegions is to walk thru the
+  TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob
+  to the hobs in DXE phase.
+
+  MemoryAllocationHob should also be created for Mailbox and Ovmf work area.
+**/
+VOID
+EFIAPI
+PlatformTdxPublishRamRegions (
+  VOID
+  )
+{
+}
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
index 5a9cb6e638ed..af4c851d479d 100644
--- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c
+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
@@ -34,6 +34,7 @@ Module Name:
 #include <Library/MtrrLib.h>
 #include <Library/QemuFwCfgLib.h>
 #include <Library/QemuFwCfgSimpleParserLib.h>
+#include <Library/TdxLib.h>
 
 #include <Library/PlatformInitLib.h>
 
@@ -481,7 +482,19 @@ PlatformAddressWidthInitialization (
     PhysMemAddressWidth = 36;
   }
 
+ #if defined (MDE_CPU_X64)
+  if (TdIsEnabled ()) {
+    if (TdSharedPageMask () == (1ULL << 47)) {
+      PhysMemAddressWidth = 48;
+    } else {
+      PhysMemAddressWidth = 52;
+    }
+  }
+
+  ASSERT (PhysMemAddressWidth <= 52);
+ #else
   ASSERT (PhysMemAddressWidth <= 48);
+ #endif
 
   return PhysMemAddressWidth;
 }
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86795): https://edk2.groups.io/g/devel/message/86795
Mute This Topic: https://groups.io/mt/89252063/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V6 33/42] OvmfPkg: Update PlatformInitLib for Tdx guest to publish ram regions

Posted by Gerd Hoffmann 3 years, 11 months ago

  Hi,

> Another update is in PlatformAddressWidthInitialization. The physical
> address width that Tdx guest supports is either 48 or 52.

Hmm.  Sure this is correct?

48 is the max _virtual_ address space possible with 4-level paging.
The _physical_ address space might be much smaller, like this
(kaby lake desktop system):

    # lscpu
    Architecture:            x86_64
      CPU op-mode(s):        32-bit, 64-bit
      Address sizes:         39 bits physical, 48 bits virtual
      Byte Order:            Little Endian

Maybe all TDX-capable Intel CPUs actually have >= 48 bits physical,
so this could be fine, but please double-check.

thanks,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86888): https://edk2.groups.io/g/devel/message/86888
Mute This Topic: https://groups.io/mt/89252063/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V6 33/42] OvmfPkg: Update PlatformInitLib for Tdx guest to publish ram regions

Posted by Yao, Jiewen 3 years, 11 months ago

I think both are correct.

The dump info is from a *client* machine in old generation - kabylake. 39 bits physical is good enough.

GPAW in TD is enforced by TDX-module. Please refer to
https://www.intel.com/content/dam/develop/external/us/en/documents/tdx-module-1.0-public-spec-v0.931.pdf, 
Section 10.1.2, Table 10.1 - RBX[5:0] is GPAW - only 48 and 52 are possible.

Thank you
Yao Jiewen

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> Sent: Wednesday, February 23, 2022 6:07 PM
> To: Xu, Min M <min.m.xu@intel.com>
> Cc: devel@edk2.groups.io; Ard Biesheuvel <ardb+tianocore@kernel.org>; Justen,
> Jordan L <jordan.l.justen@intel.com>; Brijesh Singh <brijesh.singh@amd.com>;
> Aktas, Erdem <erdemaktas@google.com>; James Bottomley
> <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> <thomas.lendacky@amd.com>
> Subject: Re: [edk2-devel] [PATCH V6 33/42] OvmfPkg: Update PlatformInitLib
> for Tdx guest to publish ram regions
> 
>   Hi,
> 
> > Another update is in PlatformAddressWidthInitialization. The physical
> > address width that Tdx guest supports is either 48 or 52.
> 
> Hmm.  Sure this is correct?
> 
> 48 is the max _virtual_ address space possible with 4-level paging.
> The _physical_ address space might be much smaller, like this
> (kaby lake desktop system):
> 
>     # lscpu
>     Architecture:            x86_64
>       CPU op-mode(s):        32-bit, 64-bit
>       Address sizes:         39 bits physical, 48 bits virtual
>       Byte Order:            Little Endian
> 
> Maybe all TDX-capable Intel CPUs actually have >= 48 bits physical,
> so this could be fine, but please double-check.
> 
> thanks,
>   Gerd
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86893): https://edk2.groups.io/g/devel/message/86893
Mute This Topic: https://groups.io/mt/89252063/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V6 33/42] OvmfPkg: Update PlatformInitLib for Tdx guest to publish ram regions

Posted by Gerd Hoffmann 3 years, 11 months ago

On Wed, Feb 23, 2022 at 10:49:08AM +0000, Yao, Jiewen wrote:
> I think both are correct.

> Section 10.1.2, Table 10.1 - RBX[5:0] is GPAW - only 48 and 52 are possible.

Ok.
Acked-by: Gerd Hoffmann <kraxel@redhat.com>

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#86901): https://edk2.groups.io/g/devel/message/86901
Mute This Topic: https://groups.io/mt/89252063/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-