From nobody Mon Feb  9 06:50:41 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+90756+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+90756+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1656212780147421.34126537729196;
 Sat, 25 Jun 2022 20:06:20 -0700 (PDT)
Return-Path: <bounce+27952+90756+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 0hJXYY1788612xMjtMhIGsHi;
 Sat, 25 Jun 2022 20:06:19 -0700
X-Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mx.groups.io with SMTP id smtpd.web09.26612.1656212770864849318
 for <devel@edk2.groups.io>;
 Sat, 25 Jun 2022 20:06:18 -0700
X-IronPort-AV: E=McAfee;i="6400,9594,10389"; a="367554851"
X-IronPort-AV: E=Sophos;i="5.92,223,1650956400";
   d="scan'208";a="367554851"
X-Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 25 Jun 2022 20:06:17 -0700
X-IronPort-AV: E=Sophos;i="5.92,223,1650956400";
   d="scan'208";a="645862110"
X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.30.236])
  by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 25 Jun 2022 20:06:16 -0700
From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min M Xu <min.m.xu@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [edk2-devel] [PATCH V2 4/8] OvmfPkg/PlatformInitLib: Add functions
 for EmuVariableNvStore
Date: Sun, 26 Jun 2022 11:05:53 +0800
Message-Id: 
 <ef666ac24b3b64cf730790a789976b89708b7831.1656210686.git.min.m.xu@intel.com>
In-Reply-To: <cover.1656210686.git.min.m.xu@intel.com>
References: <cover.1656210686.git.min.m.xu@intel.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,min.m.xu@intel.com
X-Gm-Message-State: geZ5PjKX19xmNGvamlTjIW89x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1656212779;
 bh=DnQk1loAT8frzWIvw2DGpibYsi1ZkBBchOnRCeldWYU=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=GsErHDkqZIE/cFFkQ8BTGZ/i1WfcY2ED2H1dmiimU8c7cfv9cMLvp1tjyoBWW0rukyu
 SJHgXQ6Wkf7mKgT2nhhia5i5/WIG+Z0OfNo3QNh49Sh/FGSqe/VSaLjGs7qfdfR/LMMcV
 vFW2RJtXsbXgsnqKDqOcrPrjGQl/IdoneXs=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1656212781462100020
Content-Type: text/plain; charset="utf-8"

From: Min M Xu <min.m.xu@intel.com>

There are 2 functions added for EmuVariableNvStore:
 - PlatformReserveEmuVariableNvStore
 - PlatformInitEmuVariableNvStore

PlatformReserveEmuVariableNvStore allocate storage for NV variables early
on so it will be at a consistent address.

PlatformInitEmuVariableNvStore copies the content in
PcdOvmfFlashNvStorageVariableBase to the storage allocated by
PlatformReserveEmuVariableNvStore. This is used in the case that OVMF is
launched with -bios parameter. Because in that situation UEFI variables
will be partially emulated, and non-volatile variables may lose their
contents after a reboot. This makes the secure boot feature not working.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com> [jejb]
Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1]
Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky]
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/Include/Library/PlatformInitLib.h     | 34 ++++++++
 OvmfPkg/Library/PlatformInitLib/Platform.c    | 77 +++++++++++++++++++
 .../PlatformInitLib/PlatformInitLib.inf       |  2 +
 3 files changed, 113 insertions(+)

diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h b/OvmfPkg/Include/Li=
brary/PlatformInitLib.h
index a3acfb1fb196..3a84a56be3c1 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -251,4 +251,38 @@ TdxValidateCfv (
   IN UINT32  TdxCfvSize
   );
=20
+/**
+ Allocate storage for NV variables early on so it will be
+ at a consistent address.  Since VM memory is preserved
+ across reboots, this allows the NV variable storage to survive
+ a VM reboot.
+
+ *
+ * @retval VOID* The pointer to the storage for NV Variables
+ */
+VOID *
+EFIAPI
+PlatformReserveEmuVariableNvStore (
+  VOID
+  );
+
+/**
+ When OVMF is lauched with -bios parameter, UEFI variables will be
+ partially emulated, and non-volatile variables may lose their contents
+ after a reboot. This makes the secure boot feature not working.
+
+ This function is used to initialize the EmuVariableNvStore
+ with the conent in PcdOvmfFlashNvStorageVariableBase.
+
+ @param[in] EmuVariableNvStore      - A pointer to EmuVariableNvStore
+
+ @retval  EFI_SUCCESS   - Successfully init the EmuVariableNvStore
+ @retval  Others        - As the error code indicates
+ */
+EFI_STATUS
+EFIAPI
+PlatformInitEmuVariableNvStore (
+  IN VOID  *EmuVariableNvStore
+  );
+
 #endif // PLATFORM_INIT_LIB_H_
diff --git a/OvmfPkg/Library/PlatformInitLib/Platform.c b/OvmfPkg/Library/P=
latformInitLib/Platform.c
index c3d34e43af5a..194768379f2b 100644
--- a/OvmfPkg/Library/PlatformInitLib/Platform.c
+++ b/OvmfPkg/Library/PlatformInitLib/Platform.c
@@ -25,6 +25,7 @@
 #include <IndustryStandard/Pci22.h>
 #include <IndustryStandard/Q35MchIch9.h>
 #include <IndustryStandard/QemuCpuHotplug.h>
+#include <Library/MemoryAllocationLib.h>
 #include <Library/QemuFwCfgLib.h>
 #include <Library/QemuFwCfgS3Lib.h>
 #include <Library/QemuFwCfgSimpleParserLib.h>
@@ -576,3 +577,79 @@ PlatformMaxCpuCountInitialization (
   PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber  =3D MaxCpuCount;
   PlatformInfoHob->PcdCpuBootLogicalProcessorNumber =3D BootCpuCount;
 }
+
+/**
+ Allocate storage for NV variables early on so it will be
+ at a consistent address.  Since VM memory is preserved
+ across reboots, this allows the NV variable storage to survive
+ a VM reboot.
+
+ *
+ * @retval VOID* The pointer to the storage for NV Variables
+ */
+VOID *
+EFIAPI
+PlatformReserveEmuVariableNvStore (
+  VOID
+  )
+{
+  VOID    *VariableStore;
+  UINT32  VarStoreSize;
+
+  VarStoreSize =3D 2 * PcdGet32 (PcdFlashNvStorageFtwSpareSize);
+  //
+  // Allocate storage for NV variables early on so it will be
+  // at a consistent address.  Since VM memory is preserved
+  // across reboots, this allows the NV variable storage to survive
+  // a VM reboot.
+  //
+  VariableStore =3D
+    AllocateRuntimePages (
+      EFI_SIZE_TO_PAGES (VarStoreSize)
+      );
+  DEBUG ((
+    DEBUG_INFO,
+    "Reserved variable store memory: 0x%p; size: %dkb\n",
+    VariableStore,
+    VarStoreSize / 1024
+    ));
+
+  return VariableStore;
+}
+
+/**
+ When OVMF is lauched with -bios parameter, UEFI variables will be
+ partially emulated, and non-volatile variables may lose their contents
+ after a reboot. This makes the secure boot feature not working.
+
+ This function is used to initialize the EmuVariableNvStore
+ with the conent in PcdOvmfFlashNvStorageVariableBase.
+
+ @param[in] EmuVariableNvStore      - A pointer to EmuVariableNvStore
+
+ @retval  EFI_SUCCESS   - Successfully init the EmuVariableNvStore
+ @retval  Others        - As the error code indicates
+ */
+EFI_STATUS
+EFIAPI
+PlatformInitEmuVariableNvStore (
+  IN VOID  *EmuVariableNvStore
+  )
+{
+  UINT8   *Base;
+  UINT32  Size;
+  UINT32  EmuVariableNvStoreSize;
+
+  EmuVariableNvStoreSize =3D 2 * PcdGet32 (PcdFlashNvStorageFtwSpareSize);
+  if ((EmuVariableNvStore =3D=3D NULL) || (EmuVariableNvStoreSize =3D=3D 0=
)) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  Base =3D (UINT8 *)(UINTN)PcdGet32 (PcdOvmfFlashNvStorageVariableBase);
+  Size =3D (UINT32)PcdGet32 (PcdFlashNvStorageVariableSize);
+  ASSERT (Size < EmuVariableNvStoreSize);
+
+  CopyMem (EmuVariableNvStore, Base, Size);
+
+  return EFI_SUCCESS;
+}
diff --git a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf b/OvmfPkg/=
Library/PlatformInitLib/PlatformInitLib.inf
index d2fa2d998df8..fec1f8f24314 100644
--- a/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
+++ b/OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
@@ -47,6 +47,7 @@
   HobLib
   QemuFwCfgLib
   QemuFwCfgSimpleParserLib
+  MemoryAllocationLib
   MtrrLib
   PcdLib
   PciLib
@@ -96,6 +97,7 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize
=20
   gUefiOvmfPkgTokenSpaceGuid.PcdTdxAcceptPageSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase
=20
 [FeaturePcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode
--=20
2.29.2.windows.2



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90756): https://edk2.groups.io/g/devel/message/90756
Mute This Topic: https://groups.io/mt/91995191/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-