Re: [PATCH V4 24/31] OvmfPkg: Add TdxDxe driver

["Gerd Hoffmann" <kraxel@redhat.com>]

On Mon, Dec 13, 2021 at 08:56:55PM +0800, Min Xu wrote:
> RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
> 
> TdxDxe driver is dispatched early in DXE, due to being list in APRIORI.
> This module is responsible for below features:
>  - Sets max logical cpus based on TDINFO
>  - Sets PCI PCDs based on resource hobs
>  - Set shared bit in MMIO region
>  - Relocate Td mailbox and set its address in MADT table.
> 
> 1. Set shared bit in MMIO region
> 
> Qemu allows a ROM device to set to ROMD mode (default) or MMIO mode.
> When it is in ROMD mode, the device is mapped to guest memory and
> satisfies read access directly.
> 
> In EDK2 Option ROM is treated as MMIO region. So Tdx guest access
> Option ROM via TDVMCALL(MMIO). But as explained above, since Qemu set
> the Option ROM to ROMD mode, the call of TDVMCALL(MMIO) always return
> INVALID_OPERAND. Tdvf then falls back to direct access. This requires
> to set the shared bit to corresponding PageTable entry. Otherwise it
> triggers GP fault.
> 
> TdxDxe's entry point is the right place to set the shared bit in MMIO
> region because Option ROM has not been discoverd yet.
> 
> 2. Relocate Td mailbox and set the new address in MADT Mutiprocessor
> Wakeup Table.
> 
> In TDX the guest firmware is designed to publish a multiprocessor-wakeup
> structure to let the guest-bootstrap processor wake up guest-application
> processors with a mailbox. The mailbox is memory that the guest firmware
> can reserve so each guest virtual processor can have the guest OS send
> a message to them. The address of the mailbox is recorded in the MADT
> table. See [ACPI].
> 
> TdxDxe registers for protocol notification
> (gQemuAcpiTableNotifyProtocolGuid) to call the AlterAcpiTable(), in
> which MADT table is altered by the above Mailbox address. The protocol
> will be installed in AcpiPlatformDxe when the MADT table provided by
> Qemu is ready. This is to maintain the simplicity of the AcpiPlatformDxe.
> 
> AlterAcpiTable is the registered function which traverses the ACPI
> table list to find the original MADT from Qemu. After the new MADT is
> configured and installed, the original one will be uninstalled.
> 
> [ACPI] https://uefi.org/specs/ACPI/6.4/05_ACPI_Software_Programming_Model
> /ACPI_Software_Programming_Model.html#multiprocessor-wakeup-structure
> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Brijesh Singh <brijesh.singh@amd.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Min Xu <min.m.xu@intel.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>

take care,
  Gerd