From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR01-DB5-obe.outbound.protection.outlook.com (EUR01-DB5-obe.outbound.protection.outlook.com [40.107.15.73]) by mx.groups.io with SMTP id smtpd.web10.83956.1682438688830226331 for ; Tue, 25 Apr 2023 09:04:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@armh.onmicrosoft.com header.s=selector2-armh-onmicrosoft-com header.b=tpSVHP4l; spf=pass (domain: arm.com, ip: 40.107.15.73, mailfrom: sami.mujawar@arm.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+w4gO6Uj8Jkt++7ACJ0wCttUc8O/m4k4hbxpzVPFznc=; b=tpSVHP4lrczKQshtBStAMo7vqtGGux4z/EUnXpystPpJv76vgOyQezHY3TB2oc3S39aAn2GRD1lXWQRjDraZmstFyMszeUsb90cNeIOkrAhZkXD+qu4kNkjtIepgSlOYyHgPMuacNoQqpvgNxxZrMfTjpnWSh8HDLtJnHX/tx6s= Received: from AS9PR01CA0047.eurprd01.prod.exchangelabs.com (2603:10a6:20b:542::28) by PA4PR08MB6288.eurprd08.prod.outlook.com (2603:10a6:102:f3::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 16:04:45 +0000 Received: from AM7EUR03FT059.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:542:cafe::49) by AS9PR01CA0047.outlook.office365.com (2603:10a6:20b:542::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 16:04:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT059.mail.protection.outlook.com (100.127.140.215) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 16:04:45 +0000 Received: ("Tessian outbound 3570909035da:v136"); Tue, 25 Apr 2023 16:04:44 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 837b05f3741222ac X-CR-MTA-TID: 64aa7808 Received: from 832eb5b6e3ad.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id C8433F6B-7576-43F5-A93B-8880B81CB2C4.1; Tue, 25 Apr 2023 16:04:38 +0000 Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 832eb5b6e3ad.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 25 Apr 2023 16:04:38 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KwhdfDaf8SamSez1laHTpDqcxoVXAGDY5jemOn8hHMWf1a9UQRk+R4S20/cxAJaj+rkqEX95Pkih7s0TTe+EDM6u8YfiYXh+mXiy8MaZRhUdH1mjZgKFpwsPPwxSWJrR4UGDh4jQbWdoD4NEXMErbHkhAOEJQp/21bHmdCHe5g+WEtEJPm9dsdbeH5X/k0V/X3+7IlV8TBFHkeW1hwv3o48g3udzMNUO37iiHS+j0cqX0CafZR3B72aBktjb3tyTMv7wDVHIauXsUKH4G1/OPGcfTi+oMNo58KpXgIdyaTeatkGhrgbUVzsn2ujdHWu8Is7jLJIp0Ad7ey5jNTziTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+w4gO6Uj8Jkt++7ACJ0wCttUc8O/m4k4hbxpzVPFznc=; b=fmJpB8TEf9C/fV6MlcF0Fk9MSjuijHrl2/2DtpVDrUsRUhRIQ8pRzrhl3pFZyojTqtgMfiRijms6U4RNQnVl4t8n47T7lslhbNT7LBTh79zu4/oQ7l5y6H7YECYUsIsDbiGrCDmHES/w31fQ8IZU+1jM1pggP8xL5WSrFVEKZEGaTfjsm8ApP8w8lbZu188D7bkffnjnFjduWvt+GmGC6E4tm3EZP7Ln02Cehnl0gwAhu/6E8TE4itJ7QsyLIBvNoWi5bGy/s//cJVZ8h8d2RYQt+PtpqTaO6voWTFU98gXTWa8uhfuoOUx7HD2oZVav2Tidr7FSBVLhJ4h15Qcqaw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+w4gO6Uj8Jkt++7ACJ0wCttUc8O/m4k4hbxpzVPFznc=; b=tpSVHP4lrczKQshtBStAMo7vqtGGux4z/EUnXpystPpJv76vgOyQezHY3TB2oc3S39aAn2GRD1lXWQRjDraZmstFyMszeUsb90cNeIOkrAhZkXD+qu4kNkjtIepgSlOYyHgPMuacNoQqpvgNxxZrMfTjpnWSh8HDLtJnHX/tx6s= Received: from DB6PR0601CA0033.eurprd06.prod.outlook.com (2603:10a6:4:17::19) by VI1PR08MB5469.eurprd08.prod.outlook.com (2603:10a6:803:132::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.33; Tue, 25 Apr 2023 16:04:33 +0000 Received: from DBAEUR03FT052.eop-EUR03.prod.protection.outlook.com (2603:10a6:4:17:cafe::b5) by DB6PR0601CA0033.outlook.office365.com (2603:10a6:4:17::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6319.34 via Frontend Transport; Tue, 25 Apr 2023 16:04:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by DBAEUR03FT052.mail.protection.outlook.com (100.127.142.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6340.20 via Frontend Transport; Tue, 25 Apr 2023 16:04:32 +0000 Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.23; Tue, 25 Apr 2023 16:04:31 +0000 Received: from E114225.Arm.com (10.1.196.36) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.2507.23 via Frontend Transport; Tue, 25 Apr 2023 16:04:30 +0000 From: "Sami Mujawar" To: CC: Sami Mujawar , , , , , , , , , , Subject: [RFC PATCH v1 01/30] ArmVirtPkg: kvmtool: Add Emulated Runtime variable support Date: Tue, 25 Apr 2023 17:03:59 +0100 Message-ID: <20230425160428.27980-2-sami.mujawar@arm.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20230425160428.27980-1-sami.mujawar@arm.com> References: <20230425160428.27980-1-sami.mujawar@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DBAEUR03FT052:EE_|VI1PR08MB5469:EE_|AM7EUR03FT059:EE_|PA4PR08MB6288:EE_ X-MS-Office365-Filtering-Correlation-Id: 31ff02fe-4e8d-4ea8-48bf-08db45a6c98b x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: KlHAAuJUhmpQQqqc3/dA0/fUHZUdL8ucqBrsJQ/rMS5GWCpVfNj/psIr8MnVdI3+m68FbPjFP/c/XFeUhvWGwjTfM1HGzkK7TquJUpAkJUqNiTpKgt2xoFdDdnFJ0pJsayxQWYNrBI4AvE7JYDO4+nztQZiOtyjmVPwHVo1Veo/KlbrPcmZhnWUWjsViAV1egi0pbc/xYPpno7Oy2NsYI5SD75SqYY8svc7dcSuXGCdk+0aUQyVkC42L+zYyY4pnJgOvY14HDlUjSup36A8AgxDH0PnWJm3sVsug7JJpJnaIJS/vkGvKExmyE9iFtQ+FCDLrc9Wxz5evvpuF4TG2ago2u16RNM+yKvJ/pb/OXUoylcz69mRI1Frc3heFMpfIVZgQv2+HciT8SYSOYH8wgAa66TWWf1SqROheZZJmPjpK/THibRA5WBQNUUe0qrywj4edwjQ06dyJZ3l04laz8A8jcMuLTQj99sdXssGNAsowG4MDvN115sMD8cik94MismDz/8U9hF7C6d+vijRNDEkrYjxnkIUGlfiCcobmqWyXabDe6h8fkfFVZanfrGbQmHSYVBYQqltfCXNA1C5Iw3oTVmlCZIDnwbkiVkhvlwxLm1ETCtKlZxQybBCce+pIPaCJSWtesZyH5Qrd37ConRl29Cxy5LkZX1k5ZMEpOhqKsRlAfvjl1ITNI8fegUiz4KKFxAOmBvD+x/lPfor2cr16Gicg+UHPSC8JUMx9JVg= X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230028)(4636009)(396003)(39850400004)(346002)(136003)(376002)(451199021)(46966006)(36840700001)(7696005)(2906002)(2616005)(6666004)(186003)(40480700001)(1076003)(70206006)(70586007)(8936002)(8676002)(41300700001)(6916009)(4326008)(316002)(26005)(478600001)(44832011)(5660300002)(54906003)(82740400003)(356005)(81166007)(82310400005)(36756003)(86362001)(36860700001)(47076005)(336012)(426003)(83380400001)(34070700002)(36900700001);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB5469 Return-Path: Sami.Mujawar@arm.com X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT059.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 088ed2c7-f53f-4ff3-ec43-08db45a6c22b X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: RQ3rUS258ctdUz8x3WxGotno6h3pVQTUXim6mImerL0sF/wp2HdLlhOsvHqXccfShJNICi/PqNHvx1cdgiFTYox4lbtfVBwXiaLzts5+cT6hRHguMHPkhalcdcUz/9gKRIL02RyEHZobyLbsA8zvtBo5rhqlKBAskGEpzvZLBHGYV/iew/FEGvp3nF9StCjjI5k9SfJv9fDSPue0w4a/kZtCEA8QCYK57ICbUzrX/RwcTRMxgI+/++iiJ/TbfpHcy0uzvzB9TuTI9OeEbuesncwS4dlgxpomphX7Vhus5GagptfCtlQm0p1nkTptGPwppw/m8hWq5PejqFE715a+CuLHwBBFJMqVEihRQnLvbQ1bFDMKE5j6tBzIEfq/BaDyXL3F+vfsuoAHOSC/UoGrbv2Q9ZXYq4p+RnuNnmVenqBpnDy4m70h9QAVyi90cMfHTEUZ4sPWKeScXKbLfpadIF2ydXHGc1M6wYtsHO15/vyyHGc56OsYhdOlsVKJnP4MwSAB2PSmgWkhbrxcWHgQzmGYRsziszDJfmw5viIf6/1q3+zmIwkyyGrIkc7wMdLRmwwmUOZsIf2WjMQFHeD9qHtIMhid3OUblrOxVnowViVgLnMUvwHTJgvxFimgxdLt1E/v9RteYu4Pi81SItqBGZLYrpZQOwB52hmAHByKNMp1KzxoZLrpjARyAer0l4qTsJsEFVQ4vkbo5bsUIWzUSAIlFkP8YGS1I35n+l0xLnw= X-Forefront-Antispam-Report: CIP:63.35.35.123;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:64aa7808-outbound-1.mta.getcheckrecipient.com;PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com;CAT:NONE;SFS:(13230028)(4636009)(136003)(376002)(346002)(396003)(39860400002)(451199021)(40470700004)(46966006)(36840700001)(34070700002)(336012)(82740400003)(81166007)(426003)(26005)(1076003)(40480700001)(186003)(2616005)(83380400001)(8936002)(47076005)(44832011)(36860700001)(2906002)(8676002)(5660300002)(40460700003)(36756003)(478600001)(54906003)(7696005)(316002)(6666004)(4326008)(6916009)(70586007)(41300700001)(70206006)(86362001)(82310400005);DIR:OUT;SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Apr 2023 16:04:45.0824 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 31ff02fe-4e8d-4ea8-48bf-08db45a6c98b X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT059.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PA4PR08MB6288 Content-Type: text/plain Although Kvmtool supports a CFI flash interface, it is currently implemented using file backed support on the Host. This scenario requires the VMM to be within the trust boundary. In Confidential Compute Architecture the VMM is outside the trust boundary. For such architectures Emulated Runtime variable storage is desirable. Therefore, make Emulated Runtime variable storage as the default option and add a build flag ENABLE_CFI_FLASH to configure the firmware build to use the CFI Flash as the Variable storage. Signed-off-by: Sami Mujawar --- ArmVirtPkg/ArmVirtKvmTool.dsc | 22 +++++++++++++++++++- ArmVirtPkg/ArmVirtKvmTool.fdf | 4 +++- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/ArmVirtPkg/ArmVirtKvmTool.dsc b/ArmVirtPkg/ArmVirtKvmTool.dsc index d0afe1b49e250c554313c2077b89650d6f6d67cb..d2228a95726b24fe5c2edfbc84b1f5c23a85feba 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.dsc +++ b/ArmVirtPkg/ArmVirtKvmTool.dsc @@ -1,7 +1,7 @@ # @file # Workspace file for KVMTool virtual platform. # -# Copyright (c) 2018 - 2022, ARM Limited. All rights reserved. +# Copyright (c) 2018 - 2023, ARM Limited. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -50,7 +50,9 @@ [LibraryClasses.common] ArmVirtMemInfoLib|ArmVirtPkg/Library/KvmtoolVirtMemInfoLib/KvmtoolVirtMemInfoLib.inf TimerLib|ArmPkg/Library/ArmArchTimerLib/ArmArchTimerLib.inf +!ifdef ENABLE_CFI_FLASH VirtNorFlashPlatformLib|ArmVirtPkg/Library/NorFlashKvmtoolLib/NorFlashKvmtoolLib.inf +!endif CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf @@ -156,6 +158,13 @@ [PcdsFixedAtBuild.common] # gEmbeddedTokenSpaceGuid.PcdPrePiCpuIoSize|16 +!ifndef ENABLE_CFI_FLASH + # Emulate Runtime Variable storage + gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvModeEnable|TRUE + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000 + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800 +!endif + [PcdsPatchableInModule.common] # # This will be overridden in the code @@ -211,6 +220,7 @@ [PcdsDynamicDefault.common] gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution|640 gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution|480 +!ifdef ENABLE_CFI_FLASH # Setup Flash storage variables gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize|0x40000 @@ -218,6 +228,10 @@ [PcdsDynamicDefault.common] gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize|0x40000 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize|0x40000 +!else + # Emulate Runtime Variable storage + gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0 +!endif ## RTC Register address in MMIO space. gPcAtChipsetPkgTokenSpaceGuid.PcdRtcIndexRegister64|0x0 @@ -263,7 +277,9 @@ [Components.common] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf { NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf +!ifdef ENABLE_CFI_FLASH NULL|EmbeddedPkg/Library/NvVarStoreFormattedLib/NvVarStoreFormattedLib.inf +!endif BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf } @@ -271,7 +287,9 @@ [Components.common] MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf { +!ifdef ENABLE_CFI_FLASH NULL|ArmVirtPkg/Library/NorFlashKvmtoolLib/NorFlashKvmtoolLib.inf +!endif } MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf @@ -296,11 +314,13 @@ [Components.common] NULL|ArmVirtPkg/Library/ArmVirtTimerFdtClientLib/ArmVirtTimerFdtClientLib.inf } +!ifdef ENABLE_CFI_FLASH OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf { # don't use unaligned CopyMem () on the UEFI varstore NOR flash region BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf } +!endif MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf diff --git a/ArmVirtPkg/ArmVirtKvmTool.fdf b/ArmVirtPkg/ArmVirtKvmTool.fdf index 82aff47673cb3085c91c1dd7431683c8353c16e6..8ccbccd71e134e0ea97d49380293687aca43e8b9 100644 --- a/ArmVirtPkg/ArmVirtKvmTool.fdf +++ b/ArmVirtPkg/ArmVirtKvmTool.fdf @@ -1,5 +1,5 @@ # -# Copyright (c) 2018 - 2022, ARM Limited. All rights reserved. +# Copyright (c) 2018 - 2023, ARM Limited. All rights reserved. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -154,7 +154,9 @@ [FV.FvMain] INF ArmPkg/Drivers/ArmGic/ArmGicDxe.inf INF ArmPkg/Drivers/TimerDxe/TimerDxe.inf INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf +!ifdef ENABLE_CFI_FLASH INF OvmfPkg/VirtNorFlashDxe/VirtNorFlashDxe.inf +!endif # # FAT filesystem + GPT/MBR partitioning + UDF filesystem -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)'