From: "gaoliming" <gaoliming@byosoft.com.cn>
To: <devel@edk2.groups.io>, <jiewen.yao@intel.com>,
"'Brijesh Singh'" <brijesh.singh@amd.com>
Cc: "'James Bottomley'" <jejb@linux.ibm.com>,
"'Xu, Min M'" <min.m.xu@intel.com>,
"'Tom Lendacky'" <thomas.lendacky@amd.com>,
"'Justen, Jordan L'" <jordan.l.justen@intel.com>,
"'Ard Biesheuvel'" <ardb+tianocore@kernel.org>,
"'Aktas, Erdem'" <erdemaktas@google.com>,
"'Michael Roth'" <Michael.Roth@amd.com>,
"'Gerd Hoffmann'" <kraxel@redhat.com>,
"'Aaron Young'" <aaron.young@oracle.com>,
"'Dann Frazier'" <dann.frazier@canonical.com>
Subject: 回复: [edk2-devel] [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the VmgExitLibNull
Date: Wed, 16 Feb 2022 13:54:36 +0800 [thread overview]
Message-ID: <006c01d822f9$ae3639a0$0aa2ace0$@byosoft.com.cn> (raw)
In-Reply-To: <MW4PR11MB58725FFA811691CC5EE8D6B88C359@MW4PR11MB5872.namprd11.prod.outlook.com>
Jiewen:
I agree to merge this patch for this stable tag 202202. Can you create PR
for it?
Thanks
Liming
> -----邮件原件-----
> 发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Yao, Jiewen
> 发送时间: 2022年2月16日 10:55
> 收件人: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Brijesh
> Singh <brijesh.singh@amd.com>
> 抄送: James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>;
> Justen, Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel
> <ardb+tianocore@kernel.org>; Aktas, Erdem <erdemaktas@google.com>;
> Michael Roth <Michael.Roth@amd.com>; Gerd Hoffmann
> <kraxel@redhat.com>; Aaron Young <aaron.young@oracle.com>; Dann
> Frazier <dann.frazier@canonical.com>; Gao, Liming
> <gaoliming@byosoft.com.cn>
> 主题: Re: [edk2-devel] [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the
> VmgExitLibNull
>
> + Liming
>
> Since it is an issue https://bugzilla.tianocore.org/show_bug.cgi?id=3835
in
> RC1, I assume we need merge it soon.
>
> Please double confirm.
>
> Thank you
> Yao, Jiewen
>
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao,
> Jiewen
> > Sent: Wednesday, February 16, 2022 10:52 AM
> > To: Brijesh Singh <brijesh.singh@amd.com>; devel@edk2.groups.io
> > Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> <min.m.xu@intel.com>;
> > Tom Lendacky <thomas.lendacky@amd.com>; Justen, Jordan L
> > <jordan.l.justen@intel.com>; Ard Biesheuvel <ardb+tianocore@kernel.org>;
> > Aktas, Erdem <erdemaktas@google.com>; Michael Roth
> > <Michael.Roth@amd.com>; Gerd Hoffmann <kraxel@redhat.com>; Aaron
> > Young <aaron.young@oracle.com>; Dann Frazier
> > <dann.frazier@canonical.com>; Michael Roth <michael.roth@amd.com>
> > Subject: Re: [edk2-devel] [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the
> > VmgExitLibNull
> >
> > Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
> >
> > > -----Original Message-----
> > > From: Brijesh Singh <brijesh.singh@amd.com>
> > > Sent: Tuesday, February 15, 2022 11:17 PM
> > > To: devel@edk2.groups.io
> > > Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> > <min.m.xu@intel.com>;
> > > Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> > > <thomas.lendacky@amd.com>; Justen, Jordan L
> <jordan.l.justen@intel.com>;
> > > Ard Biesheuvel <ardb+tianocore@kernel.org>; Aktas, Erdem
> > > <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>;
> Gerd
> > > Hoffmann <kraxel@redhat.com>; Brijesh Singh <brijesh.singh@amd.com>;
> > > Aaron Young <aaron.young@oracle.com>; Dann Frazier
> > > <dann.frazier@canonical.com>; Michael Roth <michael.roth@amd.com>
> > > Subject: [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the VmgExitLibNull
> > >
> > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3835
> > >
> > > The commit ade62c18f4742301bbef474ac10518bde5972fba caused a
> boot
> > > failure
> > > when OVMF is build with SECURE_BOOT/SMM enabled.
> > >
> > > This happen because the above commit extended the
> > > BaseMemEncryptSevLib.inf
> > > to include VmgExitLib. The FvbServicesSmm uses the functions provided
> > > by the MemEncryptSevLib to clear the memory encryption mask from the
> > > page table. It created a dependency, as shown below
> > >
> > > OvmfPkg/FvbServicesSmm.inf
> > > ---> MemEncryptSevLib class
> > > ---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf"
> instance
> > > ---> VmgExitLib
> > > ---> "OvmfPkg/VmgExitLib" instance
> > > ---> LocalApicLib class
> > > ---> UefiCpuPkg/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
> instance
> > > ---> TimerLib class
> > > ---> "OvmfPkg/AcpiTimerLib/DxeAcpiTimerLib.inf"
> instance
> > > ---> PciLib class
> > > ---> "OvmfPkg/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf"
> instance
> > >
> > > The LocalApicLib provides a constructor, execution of the constructor
> > > causes an exception. The SEV-ES and SEV-SNP do not support the SMM, so
> > > skip including the VmgExitLib chain. Use the module override to use
the
> > > VmgExitLibNull to avoid the inclusion of unneeded LocalApicLib
> dependency
> > > chain in FvbServicesSmm. We ran similar issue for AmdSevDxe driver,
> > > see commit 19914edc5a0202cc7830f819ffac7e7b2368166a
> > >
> > > After the patch, the dependency look like this:
> > >
> > > OvmfPkg/FvbServicesSmm.inf
> > > ---> MemEncryptSevLib class
> > > ---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf"
> instance
> > > ---> VmgExitLib
> > > ---> "UefiCpuPkg/Library/VmgExitLibNull" instance
> > >
> > > Fixes: ade62c18f4742301bbef474ac10518bde5972fba
> > > Reported-by: Aaron Young <aaron.young@oracle.com>
> > > Cc: Dann Frazier <dann.frazier@canonical.com>
> > > Cc: Michael Roth <michael.roth@amd.com>
> > > Cc: James Bottomley <jejb@linux.ibm.com>
> > > Cc: Min Xu <min.m.xu@intel.com>
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> > > Cc: Erdem Aktas <erdemaktas@google.com>
> > > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> > > ---
> > > OvmfPkg/CloudHv/CloudHvX64.dsc | 5 ++++-
> > > OvmfPkg/OvmfPkgIa32.dsc | 5 ++++-
> > > OvmfPkg/OvmfPkgIa32X64.dsc | 5 ++++-
> > > OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
> > > 4 files changed, 16 insertions(+), 4 deletions(-)
> > >
> > > diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc
> > > b/OvmfPkg/CloudHv/CloudHvX64.dsc
> > > index 8ac9227c5f50..3172100310b1 100644
> > > --- a/OvmfPkg/CloudHv/CloudHvX64.dsc
> > > +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
> > > @@ -906,7 +906,10 @@ [Components]
> > > #
> > > # Variable driver stack (SMM)
> > > #
> > > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
> > > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {
> > > + <LibraryClasses>
> > > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
> > > + }
> > >
> >
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {
> > > <LibraryClasses>
> > > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
> > > index 29eea82571c5..85abed24c1a7 100644
> > > --- a/OvmfPkg/OvmfPkgIa32.dsc
> > > +++ b/OvmfPkg/OvmfPkgIa32.dsc
> > > @@ -956,7 +956,10 @@ [Components]
> > > #
> > > # Variable driver stack (SMM)
> > > #
> > > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
> > > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {
> > > + <LibraryClasses>
> > > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
> > > + }
> > >
> >
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {
> > > <LibraryClasses>
> > > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc
> b/OvmfPkg/OvmfPkgIa32X64.dsc
> > > index 56d3c49ab21a..a9c1daecc1a8 100644
> > > --- a/OvmfPkg/OvmfPkgIa32X64.dsc
> > > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
> > > @@ -974,7 +974,10 @@ [Components.X64]
> > > #
> > > # Variable driver stack (SMM)
> > > #
> > > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
> > > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {
> > > + <LibraryClasses>
> > > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
> > > + }
> > >
> >
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {
> > > <LibraryClasses>
> > > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
> > > index f0924c0f9d0a..718399299f57 100644
> > > --- a/OvmfPkg/OvmfPkgX64.dsc
> > > +++ b/OvmfPkg/OvmfPkgX64.dsc
> > > @@ -971,7 +971,10 @@ [Components]
> > > #
> > > # Variable driver stack (SMM)
> > > #
> > > - OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
> > > + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {
> > > + <LibraryClasses>
> > > + VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
> > > + }
> > >
> >
> MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {
> > > <LibraryClasses>
> > > --
> > > 2.25.1
> >
> >
> >
> >
> >
>
>
>
>
>
next prev parent reply other threads:[~2022-02-16 5:54 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-15 15:16 [PATCH 1/1] OvmfPkg/FvbServicesSmm: use the VmgExitLibNull Brijesh Singh
2022-02-15 16:14 ` dann frazier
2022-02-16 2:51 ` Yao, Jiewen
[not found] ` <16D42481B2DB4BF7.16436@groups.io>
2022-02-16 2:55 ` [edk2-devel] " Yao, Jiewen
2022-02-16 5:54 ` gaoliming [this message]
2022-02-16 5:56 ` Yao, Jiewen
[not found] ` <16D42E9E0BFAD166.18853@groups.io>
2022-02-16 7:00 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='006c01d822f9$ae3639a0$0aa2ace0$@byosoft.com.cn' \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox