From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by mx.groups.io with SMTP id smtpd.web10.2765.1615253822787107694 for ; Mon, 08 Mar 2021 17:37:03 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: byosoft.com.cn, ip: 58.240.74.242, mailfrom: gaoliming@byosoft.com.cn) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Tue, 09 Mar 2021 09:36:57 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-Originating-IP: 58.246.60.130 X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: , Cc: "'Zhiguang Liu'" , "'Jordan Justen'" , "'Laszlo Ersek'" , "'Jiewen Yao'" References: In-Reply-To: Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIDAvM10gQWRkIFRkeExpYiBzdXBwb3J0IGZvciBJbnRlbCBURFg=?= Date: Tue, 9 Mar 2021 09:37:01 +0800 Message-ID: <000b01d71484$b39cb830$1ad62890$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQJ3EKhp2CCYcXvRafLF5AdCYq/18qk6580g Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn Min: This is a new feature. Please submit one BZ to catch it.=20 Thanks Liming > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: devel@edk2.groups.io =B4=FA= =B1=ED > min.m.xu@intel.com > =B7=A2=CB=CD=CA=B1=BC=E4: 2021=C4=EA3=D4=C29=C8=D5 8:55 > =CA=D5=BC=FE=C8=CB: devel@edk2.groups.io > =B3=AD=CB=CD: Min Xu ; Liming Gao > ; Zhiguang Liu ; Jorda= n > Justen ; Laszlo Ersek ; > Jiewen Yao > =D6=F7=CC=E2: [edk2-devel] [PATCH 0/3] Add TdxLib support for Intel TDX >=20 > From: Min Xu >=20 > The patch series provides lib support for Intel Trust Domain Extensions > (Intel TDX). >=20 > Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technolog= y > that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memor= y > Encryption (MKTME) with a new kind of virutal machines guest called a > Trust Domain (TD). A TD is desinged to run in a CPU mode that protects t= he > confidentiality of TD memory contents and the TD's CPU state from other > software, including the hosting Virtual-Machine Monitor (VMM), unless > explicitly shared by the TD itself. >=20 > The Intel TDX module uses the instruction-set architecture for Intel TDX > and the MKTME engine in the SOC to help serve as an intermediary between > the host VMM and the guest TD. TDCALL is the instruction which allows TD > guest privileged software to make a call for service into an underlying > TDX-module. >=20 > TdxLib is created with functions to perform the related Tdx operation. > This includes functions for: > - TdCall : to cause a VM exit to the Intel TDX module > - TdVmCall : it is a leaf function 0 for TDCALL > - TdVmCallCpuid : enable the TD guest to request VMM to emulate > CPUID > - TdReport : to retrieve TDREPORT_STRUCT > - TdAcceptPages : to accept pending private pages > - TdExtendRtmr : to extend one of the RTMR registers >=20 > The base function in MdePkg will not do anything and will return an erro= r > if a return value is required. It is expected that other packages > (like OvmfPkg) will create a version of the library to fully support a T= D > guest. >=20 > We create an OVMF version of this library to begin the process of providing > full support of TDX in OVMF. >=20 > To support the emulation and test purpose, 2 PCDs are added in OvmfPkg.d= ec > - PcdUseTdxAcceptPage > Indicate whether TdCall(AcceptPage) is used. > - PcdUseTdxEmulation > Indicate whether TdxEmulation is used. >=20 > See intel-trust-domain-extensions.html> >=20 > CC: Liming Gao > CC: Zhiguang Liu > CC: Jordan Justen > CC: Laszlo Ersek > CC: Jiewen Yao >=20 > Signed-off-by: Min Xu >=20 > Min Xu (3): > MdePkg: Add Tdx support lib > OvmfPkg: Add PCDs for TdxLib > OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF >=20 > MdePkg/Include/IndustryStandard/Tdx.h | 201 > +++++++++++++++++++++ > MdePkg/Include/Library/TdxLib.h | 165 ++++++++++++++++++ > MdePkg/Include/Protocol/Tdx.h | 22 +++ > MdePkg/Library/TdxLib/TdxLibNull.c | 155 +++++++++++++++++ > MdePkg/Library/TdxLib/TdxLibNull.inf | 33 ++++ > OvmfPkg/Library/TdxLib/AcceptPages.c | 68 ++++++++ > OvmfPkg/Library/TdxLib/Rtmr.c | 80 +++++++++ > OvmfPkg/Library/TdxLib/TdReport.c | 102 +++++++++++ > OvmfPkg/Library/TdxLib/TdxLib.inf | 48 ++++++ > OvmfPkg/Library/TdxLib/TdxLibSec.inf | 45 +++++ > OvmfPkg/Library/TdxLib/X64/Tdcall.nasm | 125 ++++++++++++++ > OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 > +++++++++++++++++++++++ > OvmfPkg/OvmfPkg.dec | 6 + > 13 files changed, 1261 insertions(+) > create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h > create mode 100644 MdePkg/Include/Library/TdxLib.h > create mode 100644 MdePkg/Include/Protocol/Tdx.h > create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c > create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf > create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c > create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c > create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c > create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf > create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf > create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm > create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm >=20 > -- > 2.29.2.windows.2 >=20 >=20 >=20 >=20 >=20