From nobody Sun Feb 8 16:53:26 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+87505+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+87505+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1647050182808678.4551704715886; Fri, 11 Mar 2022 17:56:22 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id C2WCYY1788612xkTp3fFX4tG; Fri, 11 Mar 2022 17:56:23 -0800 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.903.1647050145463002246 for ; Fri, 11 Mar 2022 17:56:22 -0800 X-IronPort-AV: E=McAfee;i="6200,9189,10283"; a="255895202" X-IronPort-AV: E=Sophos;i="5.90,175,1643702400"; d="scan'208";a="255895202" X-Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Mar 2022 17:56:22 -0800 X-IronPort-AV: E=Sophos;i="5.90,175,1643702400"; d="scan'208";a="555565282" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.29.254]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Mar 2022 17:56:19 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky , Gerd Hoffmann Subject: [edk2-devel] [PATCH V8 38/47] OvmfPkg: Update PlatformInitLib for Tdx guest Date: Sat, 12 Mar 2022 09:54:03 +0800 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: 8uDIbTMzC9Tsml4GGWt44ecRx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1647050183; bh=P3QR+CZNz/zyr0QVhUWT1B/zqeiSpZhIxwpc8/sicU4=; h=Cc:Date:From:Reply-To:Subject:To; b=biIzHe0Sx38hPXxnV7cqmyJUmIJPDSBqDMDynlUvS9qb3Fx+bJvGYtA5cDr++oW0lc6 YlwUm02zK0JyXgOIhPO///LLMqdP/jCbyGZt6rJhjBmuGNx3MTusyXVBsEkJXrkORBb94 dr2xj/dHT8N2u12SQIxqjx40WskujFuI4ck= X-ZohoMail-DKIM: fail (Signature date is -1 seconds in the future.) X-ZM-MESSAGEID: 1647050184485100006 Content-Type: text/plain; charset="utf-8" RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429 There are below changes in PlatformInitLib for Tdx guest: 1. Publish ram regions In Tdx guest, the system memory is passed in TdHob by host VMM. So the major task of PlatformTdxPublishRamRegions is to walk thru the TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob to the hobs in DXE phase. 2. Build MemoryAllocationHob for Tdx Mailbox and Ovmf work area. 3. Update of PlatformAddressWidthInitialization. The physical address width that Tdx guest supports is either 48 or 52. 4. Update of PlatformMemMapInitialization. 0xA0000 - 0xFFFFF is VGA bios region. Platform initialization marks the region as MMIO region. Dxe code maps MMIO region as IO region. As TDX guest, MMIO region is maps as shared. However VGA BIOS doesn't need to be shared. Guest TDX Linux maps VGA BIOS as private and accesses for BIOS and stuck on repeating EPT violation. VGA BIOS (more generally ROM region) should be private. Skip marking VGA BIOA region [0xa000, 0xfffff] as MMIO in HOB. Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Gerd Hoffmann Acked-by: Gerd Hoffmann Signed-off-by: Min Xu --- OvmfPkg/Include/Library/PlatformInitLib.h | 14 ++++++ OvmfPkg/Library/PlatformInitLib/IntelTdx.c | 49 +++++++++++++++++++ .../Library/PlatformInitLib/IntelTdxNull.c | 16 ++++++ OvmfPkg/Library/PlatformInitLib/MemDetect.c | 14 ++++++ OvmfPkg/Library/PlatformInitLib/Platform.c | 4 +- 5 files changed, 96 insertions(+), 1 deletion(-) diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h b/OvmfPkg/Include/Li= brary/PlatformInitLib.h index f41b4f16d9fa..452a7be7af08 100644 --- a/OvmfPkg/Include/Library/PlatformInitLib.h +++ b/OvmfPkg/Include/Library/PlatformInitLib.h @@ -220,4 +220,18 @@ ProcessTdxHobList ( VOID ); =20 +/** + In Tdx guest, the system memory is passed in TdHob by host VMM. So + the major task of PlatformTdxPublishRamRegions is to walk thru the + TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob + to the hobs in DXE phase. + + MemoryAllocationHob should also be created for Mailbox and Ovmf work are= a. +**/ +VOID +EFIAPI +PlatformTdxPublishRamRegions ( + VOID + ); + #endif // PLATFORM_INIT_LIB_H_ diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c b/OvmfPkg/Library/P= latformInitLib/IntelTdx.c index c74c8ee20dae..338cd256af94 100644 --- a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c +++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c @@ -512,3 +512,52 @@ TransferTdxHobList ( Hob.Raw =3D GET_NEXT_HOB (Hob); } } + +/** + In Tdx guest, the system memory is passed in TdHob by host VMM. So + the major task of PlatformTdxPublishRamRegions is to walk thru the + TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob + to the hobs in DXE phase. + + MemoryAllocationHob should also be created for Mailbox and Ovmf work are= a. +**/ +VOID +EFIAPI +PlatformTdxPublishRamRegions ( + VOID + ) +{ + if (!TdIsEnabled ()) { + return; + } + + TransferTdxHobList (); + + // + // The memory region defined by PcdOvmfSecGhcbBackupBase is pre-allocate= d by + // host VMM and used as the td mailbox at the beginning of system boot. + // + BuildMemoryAllocationHob ( + FixedPcdGet32 (PcdOvmfSecGhcbBackupBase), + FixedPcdGet32 (PcdOvmfSecGhcbBackupSize), + EfiACPIMemoryNVS + ); + + if (FixedPcdGet32 (PcdOvmfWorkAreaSize) !=3D 0) { + // + // Reserve the work area. + // + // Since this memory range will be used by the Reset Vector on S3 + // resume, it must be reserved as ACPI NVS. + // + // If S3 is unsupported, then various drivers might still write to the + // work area. We ought to prevent DXE from serving allocation requests + // such that they would overlap the work area. + // + BuildMemoryAllocationHob ( + (EFI_PHYSICAL_ADDRESS)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaBase), + (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfWorkAreaSize), + EfiBootServicesData + ); + } +} diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c b/OvmfPkg/Libra= ry/PlatformInitLib/IntelTdxNull.c index af90e0866e89..3ebe582af8de 100644 --- a/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c +++ b/OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c @@ -28,3 +28,19 @@ ProcessTdxHobList ( { return EFI_UNSUPPORTED; } + +/** + In Tdx guest, the system memory is passed in TdHob by host VMM. So + the major task of PlatformTdxPublishRamRegions is to walk thru the + TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob + to the hobs in DXE phase. + + MemoryAllocationHob should also be created for Mailbox and Ovmf work are= a. +**/ +VOID +EFIAPI +PlatformTdxPublishRamRegions ( + VOID + ) +{ +} diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library/= PlatformInitLib/MemDetect.c index fbd3073bd3d1..7c9b2627623b 100644 --- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c +++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c @@ -37,6 +37,8 @@ Module Name: #include #include #include +#include + #include =20 VOID @@ -528,7 +530,19 @@ PlatformAddressWidthInitialization ( PhysMemAddressWidth =3D 36; } =20 + #if defined (MDE_CPU_X64) + if (TdIsEnabled ()) { + if (TdSharedPageMask () =3D=3D (1ULL << 47)) { + PhysMemAddressWidth =3D 48; + } else { + PhysMemAddressWidth =3D 52; + } + } + + ASSERT (PhysMemAddressWidth <=3D 52); + #else ASSERT (PhysMemAddressWidth <=3D 48); + #endif =20 PlatformInfoHob->FirstNonAddress =3D FirstNonAddress; PlatformInfoHob->PhysMemAddressWidth =3D PhysMemAddressWidth; diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c b/OvmfPkg/Library/P= latformInitLib/Platform.c index 96bc41b1098c..0f63efbd3ac6 100644 --- a/OvmfPkg/Library/PlatformInitLib/Platform.c +++ b/OvmfPkg/Library/PlatformInitLib/Platform.c @@ -136,7 +136,9 @@ PlatformMemMapInitialization ( // // Video memory + Legacy BIOS region // - PlatformAddIoMemoryRangeHob (0x0A0000, BASE_1MB); + if (!TdIsEnabled ()) { + PlatformAddIoMemoryRangeHob (0x0A0000, BASE_1MB); + } =20 if (PlatformInfoHob->HostBridgeDevId =3D=3D 0xffff /* microvm */) { PlatformAddIoMemoryBaseSizeHob (MICROVM_GED_MMIO_BASE, SIZE_4KB); --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#87505): https://edk2.groups.io/g/devel/message/87505 Mute This Topic: https://groups.io/mt/89725441/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-