From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web11.7866.1646140317062267380 for ; Tue, 01 Mar 2022 05:11:57 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Q+keijIf; spf=pass (domain: redhat.com, ip: 170.10.129.124, mailfrom: kraxel@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646140316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Z6AXvT3EnmSwH8ON4Uto9nxD/EIzRbh1oH0EEjeWVMU=; b=Q+keijIfpQADDjOTJVm5qfj7pkr6+2+U97joUKMC9tBaUGxPZNJp2Mn1o827j42b5IjsTH vRyXyiFOcfm7NJkvKWT5inwQmgKC0MYXlwN16whqdfhgiuBI1XuwzZX9GJv+hKn4+a4aQ+ heRtqQjHCAxHxqhm+Tkiu1rwf4GV4KM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-481-QQaZc6PXMEmx_VR6tnkoTQ-1; Tue, 01 Mar 2022 08:11:53 -0500 X-MC-Unique: QQaZc6PXMEmx_VR6tnkoTQ-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5BB7E800422; Tue, 1 Mar 2022 13:11:51 +0000 (UTC) Received: from sirius.home.kraxel.org (unknown [10.39.195.81]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1B0DD1053B38; Tue, 1 Mar 2022 13:11:51 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 86D83180086C; Tue, 1 Mar 2022 14:11:49 +0100 (CET) Date: Tue, 1 Mar 2022 14:11:49 +0100 From: "Gerd Hoffmann" To: Min Xu Cc: devel@edk2.groups.io, Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky Subject: Re: [PATCH V7 23/37] OvmfPkg: Update Sec to support Tdx Message-ID: <20220301131149.xbofookq5d44hcfd@sirius.home.kraxel.org> References: <126b30c43cb90c7117339f2412cb54e848b7d9db.1646031164.git.min.m.xu@intel.com> MIME-Version: 1.0 In-Reply-To: <126b30c43cb90c7117339f2412cb54e848b7d9db.1646031164.git.min.m.xu@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=kraxel@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Feb 28, 2022 at 03:20:55PM +0800, Min Xu wrote: > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 > > There are below major changes in this commit. > > 1. SecEntry.nasm > In TDX BSP and APs goes to the same entry point in SecEntry.nasm. > > BSP initialize the temporary stack and then jumps to SecMain, just as > legacy Ovmf does. > > APs spin in a modified mailbox loop using initial mailbox structure. > Its structure defition is in OvmfPkg/Include/IndustryStandard/IntelTdx.h. > APs wait for command to see if the command is for me. If so execute the > command. > > 2. Sec/SecMain.c > When host VMM create the Td guest, the system memory informations are > stored in TdHob, which is a memory region described in Tdx metadata. > The system memory region in TdHob should be accepted before it can be > accessed. So the major task of this patch is to process the TdHobList > to accept the memory. After that TDVF follow the standard OVMF flow > and jump to PEI phase. > > PcdUse1GPageTable is set to FALSE by default in OvmfPkgX64.dsc. It gives > no chance for Intel TDX to support 1G page table. To support 1G page > table this PCD is set to TRUE in OvmfPkgX64.dsc. > > TDX_GUEST_SUPPORTED is defined in OvmfPkgX64.dsc. This macro wraps the > Tdx specific code. > > TDX only works on X64, so the code is only valid in X64 arch. > > Cc: Ard Biesheuvel > Cc: Jordan Justen > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Gerd Hoffmann > Signed-off-by: Min Xu Acked-by: Gerd Hoffmann