From: "Sami Mujawar" <sami.mujawar@arm.com>
To: <devel@edk2.groups.io>
Cc: Sami Mujawar <sami.mujawar@arm.com>, <ardb+tianocore@kernel.org>,
<quic_llindhol@quicinc.com>, <kraxel@redhat.com>,
<Pierre.Gondois@arm.com>, <Suzuki.Poulose@arm.com>,
<jean-philippe@linaro.org>, <Matteo.Carlini@arm.com>,
<Akanksha.Jain2@arm.com>, <Ben.Adderson@arm.com>, <nd@arm.com>
Subject: [RFC PATCH v1 01/30] ArmVirtPkg: kvmtool: Add Emulated Runtime variable support
Date: Tue, 25 Apr 2023 17:03:59 +0100 [thread overview]
Message-ID: <20230425160428.27980-2-sami.mujawar@arm.com> (raw)
In-Reply-To: <20230425160428.27980-1-sami.mujawar@arm.com>
Although Kvmtool supports a CFI flash interface, it is currently
implemented using file backed support on the Host. This scenario
requires the VMM to be within the trust boundary.
In Confidential Compute Architecture the VMM is outside the trust
boundary. For such architectures Emulated Runtime variable storage
is desirable.
Therefore, make Emulated Runtime variable storage as the default
option and add a build flag ENABLE_CFI_FLASH to configure the
firmware build to use the CFI Flash as the Variable storage.
Signed-off-by: Sami Mujawar <sami.mujawar@arm.com>
---
ArmVirtPkg/ArmVirtKvmTool.dsc | 22 +++++++++++++++++++-
ArmVirtPkg/ArmVirtKvmTool.fdf | 4 +++-
2 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc
index d0afe1b49e250c554313c2077b89650d6f6d67cb..d2228a95726b24fe5c2edfbc84b1f5c23a85feba 100644
--- a/ArmVirtPkg/ArmVirtKvmTool.dsc
+++ b/ArmVirtPkg/ArmVirtKvmTool.dsc
@@ -1,7 +1,7 @@
# @file
# Workspace file for KVMTool virtual platform.
#
-# Copyright (c) 2018 - 2022, ARM Limited. All rights reserved.
+# Copyright (c) 2018 - 2023, ARM Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -50,7 +50,9 @@ [LibraryClasses.common]
ArmVirtMemInfoLib|ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf
TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf
+!ifdef ENABLE_CFI_FLASH
VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashKvmtoolLib/NorFlashKvmtoolLib.inf
+!endif
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
@@ -156,6 +158,13 @@ [PcdsFixedAtBuild.common]
#
gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16
+!ifndef ENABLE_CFI_FLASH
+ # Emulate Runtime Variable storage
+ gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvModeEnable|TRUE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
+!endif
+
[PcdsPatchableInModule.common]
#
# This will be overridden in the code
@@ -211,6 +220,7 @@ [PcdsDynamicDefault.common]
gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution|640
gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution|480
+!ifdef ENABLE_CFI_FLASH
# Setup Flash storage variables
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0x40000
@@ -218,6 +228,10 @@ [PcdsDynamicDefault.common]
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize|0x40000
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x40000
+!else
+ # Emulate Runtime Variable storage
+ gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+!endif
## RTC Register address in MMIO space.
gPcAtChipsetPkgTokenSpaceGuid.PcdRtcIndexRegister64|0x0
@@ -263,7 +277,9 @@ [Components.common]
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
+!ifdef ENABLE_CFI_FLASH
NULL|EmbeddedPkg/Library/NvVarStoreFormattedLib/NvVarStoreFormattedLib.inf
+!endif
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
}
@@ -271,7 +287,9 @@ [Components.common]
MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf {
<LibraryClasses>
+!ifdef ENABLE_CFI_FLASH
NULL|ArmVirtPkg/Library/NorFlashKvmtoolLib/NorFlashKvmtoolLib.inf
+!endif
}
MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
@@ -296,11 +314,13 @@ [Components.common]
NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf
}
+!ifdef ENABLE_CFI_FLASH
OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf {
<LibraryClasses>
# don't use unaligned CopyMem () on the UEFI varstore NOR flash region
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
}
+!endif
MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
diff --git a/ArmVirtPkg/ArmVirtKvmTool.fdf b/ArmVirtPkg/ArmVirtKvmTool.fdf
index 82aff47673cb3085c91c1dd7431683c8353c16e6..8ccbccd71e134e0ea97d49380293687aca43e8b9 100644
--- a/ArmVirtPkg/ArmVirtKvmTool.fdf
+++ b/ArmVirtPkg/ArmVirtKvmTool.fdf
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2018 - 2022, ARM Limited. All rights reserved.
+# Copyright (c) 2018 - 2023, ARM Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -154,7 +154,9 @@ [FV.FvMain]
INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf
INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf
INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+!ifdef ENABLE_CFI_FLASH
INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf
+!endif
#
# FAT filesystem + GPT/MBR partitioning + UDF filesystem
--
'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'
next prev parent reply other threads:[~2023-04-25 16:04 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-25 16:03 [RFC PATCH v1 00/30] Support for Arm CCA guest firmware Sami Mujawar
2023-04-25 16:03 ` Sami Mujawar [this message]
2023-05-10 11:32 ` [edk2-devel] [RFC PATCH v1 01/30] ArmVirtPkg: kvmtool: Add Emulated Runtime variable support Ard Biesheuvel
2023-05-15 10:36 ` Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 02/30] ArmPkg: Add helper function to detect RME Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 03/30] ArmPkg: Export SetMemoryRegionAttribute in ArmMmuLib Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 04/30] ArmPkg: Extend number of parameter registers in SMC call Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 05/30] ArmPkg & ArmVirtPkg: Make PcdMonitorConduitHvc a dynamic PCD Sami Mujawar
2023-05-10 11:38 ` Ard Biesheuvel
2023-05-15 10:37 ` Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 06/30] ArmVirtPkg: Add Arm CCA Realm Service Interface Library Sami Mujawar
2023-05-04 12:59 ` [edk2-devel] " Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 07/30] ArmVirtPkg: ArmCcaRsiLib: Add interfaces to manage the Realm IPA state Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 08/30] ArmVirtPkg: ArmCcaRsiLib: Add an interface to get an attestation token Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 09/30] ArmVirtPkg: ArmCcaRsiLib: Add interfaces to get/extend REMs Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 10/30] ArmVirtPkg: ArmCcaRsiLib: Add an interface to make a RSI Host Call Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 11/30] ArmVirtPkg: Define a GUID HOB for IPA width of a Realm Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 12/30] ArmVirtPkg: Add library for Arm CCA initialisation in PEI Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 13/30] ArmVirtPkg: Add NULL instance of ArmCcaInitPeiLib Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 14/30] ArmVirtPkg: Add library for Arm CCA helper functions Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 15/30] ArmVirtPkg: Add Null instance of ArmCcaLib Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 16/30] ArmVirtPkg: Define an interface to configure MMIO regions for Arm CCA Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 17/30] ArmVirtPkg: CloudHv: Add a NULL implementation of ArmCcaConfigureMmio Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 18/30] ArmVirtPkg: Qemu: " Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 19/30] ArmVirtPkg: Xen: " Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 20/30] ArmVirtPkg: Configure the MMIO regions for Arm CCA Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 21/30] ArmVirtPkg: Kvmtool: Use Null version of DebugLib in PrePi Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 22/30] ArmVirtPkg: Add Arm CCA libraries for Kvmtool guest firmware Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 23/30] ArmVirtPkg: Arm CCA configure system memory in early Pei Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 24/30] ArmVirtPkg: Perform Arm CCA initialisation in the Pei phase Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 25/30] ArmVirtPkg: Add ArmCcaDxe for early DXE phase initialisation Sami Mujawar
2023-05-10 12:08 ` Ard Biesheuvel
2023-05-15 10:39 ` Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 26/30] ArmVirtPkg: Introduce Realm Aperture Management Protocol Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 27/30] ArmVirtPkg: IoMMU driver to DMA from Realms Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 28/30] ArmVirtPkg: Enable Virtio communication for Arm CCA Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 29/30] MdePkg: Warn if AArch64 RNDR instruction is not supported Sami Mujawar
2023-04-25 16:04 ` [RFC PATCH v1 30/30] ArmVirtPkg: Kvmtool: Switch to use BaseRng for AArch64 Sami Mujawar
2023-05-04 15:13 ` [RFC PATCH v1 00/30] Support for Arm CCA guest firmware Jean-Philippe Brucker
2023-05-04 15:36 ` Ard Biesheuvel
2023-05-05 9:51 ` Jean-Philippe Brucker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230425160428.27980-2-sami.mujawar@arm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox