From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0615.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe42::615]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A2C0921A16EEF for ; Tue, 16 May 2017 13:25:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=VKeHRMfOoHzMuEmgHI41VxI6c9YApH448AHDw/N83Gw=; b=Y86vS4YiORaWWJxK5cTek6BqUYDWhgNLBk0KjFLR9wtpf4ER8WheuahZKRzp2Brmb/M/VnVPbie7JvoZeZushMcHvwxoZ2Jesm3mSvZTsPOesvfmXq4AfoWxFeghbOl9aSv/JaZJdqOY7/uH9jXYDeMJOn/eeTDe6qfe6nLqdr0= Authentication-Results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=amd.com; Received: from [10.236.136.62] (165.204.77.1) by BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1084.16; Tue, 16 May 2017 20:25:54 +0000 To: Jordan Justen , Laszlo Ersek , References: <1494454162-9940-1-git-send-email-brijesh.singh@amd.com> <1494454162-9940-7-git-send-email-brijesh.singh@amd.com> <1ebdde6a-bad7-ed9a-b2af-7334477c8ae3@redhat.com> <149452462682.9607.8151737434916832513@jljusten-skl.jf.intel.com> <149487045771.31444.19976106484440238@jljusten-skl> <89da82c5-1e23-190b-0725-76f4da595987@amd.com> <149495739728.2794.9440373089056382638@jljusten-skl> CC: , , , Jiewen Yao From: Brijesh Singh Message-ID: <70e53c60-60a0-9cf8-9dc9-49d84718cc85@amd.com> Date: Tue, 16 May 2017 15:25:50 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <149495739728.2794.9440373089056382638@jljusten-skl> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: CY4PR16CA0007.namprd16.prod.outlook.com (10.172.173.17) To BY2PR12MB0146.namprd12.prod.outlook.com (10.162.82.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f3e61cfc-6777-4a53-4a1e-08d49c99c13e X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(201703131423075)(201703031133081); SRVR:BY2PR12MB0146; X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 3:SnUa7J+wSY4AYb8PrHVvRhTcAbBg2eISoaDsl7FlOtjdeaDOpA4f4Oa3j7ckRiOk2omf62SBasxAGS4OkvUoXFNOzGw4ctE67IgTRMBn+JFWGu559dD68q+6wIDLMf/o8SmD3CsewyokfgoHsWfUPb0N5l2PbV1MGElzCJedj9vH+S7tDift3KgtcYuBp0H5lGTRS1LRskdMKT+vI7P6a4590mhJ5iQjjijdmPcsj1YyrqFtLUWHvWOXMMJrkr8s1vqd1YAEX4tc0R0YlcRoYDgo84fnXTrOGqnJpg7QbSsRfcaYFLqQKYGtgnKymzRxkrmzz4IP/+C/8gmTl53f/44HXzJucy0DDRdO5FV6Hhw=; 25:X53E0FoYZezboUcGHhcdgvX/vm0MkIXfwafTXguW3EmxunBnsrVTZwh7B63OUbIT+cQisfflGfyKEy3L6hqGoi8QBPy5SWz6fW9e7IswRmFS/9zEdCsgxhuoXk7Av6JD3wCw02AN/FgUUqVH+9WNvLKsY2Us8Tg+VfRHarCwL8Tc+S3Xsx2m3HIOBywiDX6Ln0yKT/lF8g6v6TMo9jhddt7YSkdjni36SWRvpgOqOdjY3OVQusICIRBblmCQltd9cmQ6pgTeVUAYyL4VRxNw0k0sRUh53fWKLi8424FxiBDbd6wUGhFNgwNOSZ3HmkMC/ouTilURE2WFVDx1ZOmCMqDG8Ug3Ai9QgJ/nqxuUz5flqswK5M6kIbiEibiBTbWeohnYMWBSLQMGRrIQm6/l64DKHKhTJKW+oPgeLJ+Tcd5ervcuC7bZ5jstdXYPB7rEvbMQ2J3Dy96yinFsinlK72XY7dTObeeaww1YFam8mUM= X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 31:D5BWkDNJBtFdmb7W1Ku10tHIlcUO7XDz0eJy/BKzLEcvnStENHoDdRWFovJ9O/jaRSMKNw4XNofETRbbSiaj0fUEh/CRkyasWUayprcEgSwRkHM/OSsP1YKSkikpwICRAuddXOHxyO0vj00qt12IknIAD2l02RpVb+QduVFy1/fmDgwLWYKLSyamc8Fnu5Zf0+bDOiJUX+oemeAc/soUteoWA77Awew/SCxsAW+trsc=; 20:3W++269J5u3PROySBkvFBAZrLQVWL2xjMiUu8Xe5mLDbsQOjTtF8K18iZrHcHrLot4JKYAsvbVIyhX4AaVwlok0CENjaVucmzZdQnzM6qoIGGg33OJoFR4flxGqsattF87+T9t9KOdA0OPxR5/X6MzSzCHQm6ZrglWWk+xOSm+e23VUxqP/Ce7hJ4UySu2RKB8vSBGvrHfj7kOZU6gzhpJwB2ido5GNvfoOa7VWKCeEzWKEor2bVGNyIf602VsBjZxYNG2EG5aY32R1GQrnJ1fRWcVyRoJJ7+JTmn9+NUJJ5vmESBFFQoWBlQM04UPpbZJFOhhv486GEjZnQRe3e1OORWnCKq4eUIbTEi4PJbW1o7svMWvvDB7hhZgswBDjCLiCi020kPmwbHCPY5/8rSxF7OzMSA4/ATEgVRifYKe6ZfRdfmHaoa2eNEp040WuDZN+uwk20IYLypo+nCFlH0yz2nZ0jl+HgTn2I5CM+u8A92Fivj9dJ0P3Mp4jTKJEU X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(93006095)(93001095)(6055026)(6041248)(20161123560025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123555025)(20161123558100)(6072148); SRVR:BY2PR12MB0146; BCL:0; PCL:0; RULEID:; SRVR:BY2PR12MB0146; X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 4:/qu30uaEKgOTcozeo4d9sAXIm6z+fdNLV0ZuPjDOoOWBFtKt73I5AFPRM2fVnZ+gGKoENliIMR0pATrKDEx56xgfm7UoUqgIv9Z81RvF8gv8NRUgpLigqk5M1XekfK3Y7ccES5PnVenmSFnBV2pKK9Pk8tn9CwcBIcxT0FM2zDwRUohTJMA4lha/b8peNiLKtc2/As7wvjIYnUfh6kYztuJflkNAkpvH0SJHb+VNTNNOrZatg9BU+0VGdR/ldYMqTwbAKfx1QaEJlTqGIvZBkd9fSRKFub9QlVdevQ3ZzkaEdsGCbu4Qm9DhIxSy53Ry7bMyPdSpdo5ozexC1niSnwpq09NrtE3dFn+g0XNIzoj5/qklqE2TumdJONhlKe6XvoDLUGyX5e7K0qHMninB+dLtOkjHLEDOpzYiKGs/iM9bqFNLDfOW3DqwXAfQc8psM60dBqnjvjMwbvNkLqstpZl/bXELHUpCPTxis3O/fbS30VLe7a+x3MZD6AF+0Xt6SOEGmtC/4w585Xe6iebSOzrNuwTFPiBPBdlmRUZpGPz0ioeoE24f7fJRzooebGABq3Sz+GanBoxxz6yEwNKGQOtOOfAS5b2VlEL+6NRfXiNDHwl5Q4zp5gBsvpaALT56ROWT+otyWL4qbPRr1qqx8vfoWkGTE/sNS/QQDC9bMElg4TY1l+jAFzLRwRQ9zP7OiXw608tlkHbAPvgEPcymRISKmz7kl6TVxGl591CWdp5ysS4j5Ix42rtAQXb4KFGpOj0bEJldnZzDeV2ErtLsidimNaUI2U99nENmQ2yoQvk0yJREsZ7rfJHBbR6lhbu5 X-Forefront-PRVS: 03094A4065 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6049001)(6009001)(39860400002)(39450400003)(39840400002)(39410400002)(39850400002)(39400400002)(377454003)(377424004)(24454002)(54356999)(76176999)(8676002)(81166006)(50466002)(90366009)(36756003)(189998001)(229853002)(6246003)(77096006)(54906002)(83506001)(6486002)(50986999)(38730400002)(6116002)(4326008)(65956001)(66066001)(33646002)(23676002)(230700001)(305945005)(31686004)(86362001)(6666003)(47776003)(2906002)(31696002)(42186005)(478600001)(53546009)(25786009)(2950100002)(65826007)(53936002)(5660300001)(7736002)(4001350100001); DIR:OUT; SFP:1101; SCL:1; SRVR:BY2PR12MB0146; H:[10.236.136.62]; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCWTJQUjEyTUIwMTQ2OzIzOkhlY3NJVFZ4OUUyc0R3RlQ5cGNLOHpxeG5V?= =?utf-8?B?N3BITnN2MGxLTm1zMmdFUE5CR3ZrZlpZMDBZUW5FaXVpY2NFME9Zc2toSnVa?= =?utf-8?B?dFhrME9NME9OMEgrNk5kbjVScnk1VEhFK0NEUjA3bFA5UTJkQ0JROVEvVlBT?= =?utf-8?B?V3ltV0F2MXpjeVFVNGpVNHlsNm92Wi9YSkxxSjVqUzZqNHNJWEs2UHpIVU8r?= =?utf-8?B?WHo3VWpHb25oTjhuZFlvZDVMZys1emFoMFZOamNMcWZNMW9ESzF5RWM1Z3k4?= =?utf-8?B?S2NXd2UvcjY0aDNQVCtpUlA0bXU1dGpRam1FVVZQSys4dmZsVG0yVGhlWHhG?= =?utf-8?B?WlJsVUZxOVlCdGlGYkU1NlBpQnFRS0FkTk1ySEdjYUNVcWxYbGlIb1FFaVlS?= =?utf-8?B?ZE0vWUdQVWNDT3lUenFwMmlqTjZWYjV2ZzZoUDBGSWpac3NvYlI2NXYvWVp5?= =?utf-8?B?T0QzT0FiMFVQL0Y5MjNHRi90OFNJTHpWQ1R4SUFXbHRlL0pnRzNwaDlla3Jq?= =?utf-8?B?aE5reVpQNjBtVlJxNGZFYk5hL3VUUExBZTZBQkV3Nk9IRUV2YWZuUHZPMkdQ?= =?utf-8?B?OUlCUjlJemFncUNSNk5xQTlPL0N5T250UVVQNEhibUc4M01qTGZvVWFMbnhW?= =?utf-8?B?Zy9KSGtTSmlvNXpvc2Q0MnNnanc2WkxLSy8yTEd3dEJmdHIycEJtejJwSUpo?= =?utf-8?B?WkhrcitSZlI4aExxUjRvanlqRCt3TU5ocjV4Ly92b295OTZQaWFvdllBVDJ0?= =?utf-8?B?Z1pVdHRlWHY1RVh2akNIdVZ6SVhHdXpOdHdRNWc3YldFNGJPRVlrK1RnWFlV?= =?utf-8?B?UGQ2R1pibkpkRGh1OVZWaHQ1eVc3TjdUcngwQlFHcUhvR0VuUW9kb3NiMFRv?= =?utf-8?B?Z2dCNjZONlhDUVRQSjkrYU4zeHdYT09ma2dwUDIyWW9BYjFvUCtzU2Fnb3VI?= =?utf-8?B?Ym1nMjRjUHZrWXpaQmdXcEZRMnNHWGNQTkgxOGp4cTFEdnVqNTB4eDZxWlZu?= =?utf-8?B?TWtIUHFnU05ZaWhsMnZCWlFJUEtoNVNMSmlkR2V1ZnpDNU1xY1dYYmRyRnpj?= =?utf-8?B?NkNWMi9BVCtqZHZDQW1LY3RXZ2JYTVNrb1pLK1hoaTFTNmdWbjJlemwzZ2JN?= =?utf-8?B?MUp2eENiN3BWOVpaZ2tPVHlTTzZFZTdYdTRvcDQ5N0xyUG9MNCtpMG1hOEFM?= =?utf-8?B?ZkM1ZlRKejh2N0c0bmZ6eWR3SDI0Wmlsdm0zM3o2WExpTXJnM2tEdk0vU0dl?= =?utf-8?B?bURQSGxBeFpXcW9UWHJraFRRWEdPaWMyQmZOc0g4UGxOeTY1eTJqWm5QeFNx?= =?utf-8?B?OFdXRThURzlvZzEyemMwZ1VCZnZPN2hBQU50Tk8yWjVFbkRJb3lpWnh3S1Fm?= =?utf-8?B?Y3k5WFBZajhPMEtWamdHeDdLK25xaGo4QUtOSmE3Z0VkckdxWGdsRnBnaXhR?= =?utf-8?B?SkhwL2dYRHc4aVE5U2lXQUVvRDVYNXB1aTlydDI0TyswWGRxOWFVNkFjQ1Jk?= =?utf-8?B?cFQwNi84VklpczJ5VlNxWHVnbDRTcmdKUllHcHg0cUpZaUY3Y0RUc01ab0hG?= =?utf-8?B?cWE1b1pUWDUzMWhEanNzVnVVUDlVWjhiZVJzZ3NOdUIwOVM5V1ltaVdydnV4?= =?utf-8?B?UGgwN3Y1NTlJb2JHOHJjd2pVVExVZkxhRm5YVFNSdjlteFBFWVZUQ3c3R2xB?= =?utf-8?B?OFNUb1oweC81TWZ0M2lDd29UWjQvMzF3KzFzaHYyVEpGSFNLdzlwVXVNaWhm?= =?utf-8?B?U1BxQWh1NkF5Y1JmVzQvUT09?= X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 6:QKJfhiSnsuohFdeDJ5pwtfL9xkPf7taSfW8TSl8yucx7YPRC+X5uUANeLmmmsmjiXMHcu78QHTTK8VyjZzq68K1rfCbbgYO2yUI5Re2q/O2Jbpr6DzSKtkyat8foLgT62mIwRMJIzYdQbnrBztX0oyfVUqb4ZmV9zP2Ez3HNKEVkBrSnTb2rVCC0ENZeGlNAxeW91tbnGb0rHpCJjiBq3J987Lk//jZ1DQtRIANCDlSnYf/FHsvQyMSKL8We73938K4iEWibFBhn5mh6P5YfWphf8nm/hYzuoYE+foR55TEB8sggxKik6MY1wYkWfQ+LBnF1hRBOWTLsz7WsZ5PsVBzGzEovE2eHeMNB5zb/QzRV8aEBF7V8wZbrbk+eUVcYiVY8P8/votwgaRohuy9Oq2/OgWvRxs8WhhxS+ALeQrPSvoraQ5Y8AfzmwSUbLGI71ZP75LUVnkk6fyb0Torb7CpZ7BZAKqG0dUBk8BVKU1BxeF8WhysXpl35Z2ietwbHH7lW/xZzf6uU/lQX2nDOJNIeXYwAqeAy1IJPXpsfDpM=; 5:zWVWqy2JghdmuuLNvRB5JzCol6MIx9bummUH+XCsS8Ft3YU4tOSXLSjp7DUZB5bDRZF0aMZIqErqWwMI1Q9FYz2qqyA1aEtqFACa3/XHGMwq6dDYLHS6MxDyDRnYURXscmuvc/Ois1esDekKmEOPVg==; 24:YwEZjELsgcLw//OC0soYc3uzkT3XqXKp62Mhh9MP3EtaH1xNqRLH7ayJCaxlu78oVFj4Ergocqge/Zb8mW5ONshgiYGkd5Jacsdwa4gaz8A= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BY2PR12MB0146; 7:jNbhEYdLDrL2wxaNoV9FwX5BI3M01F5ORjYatsCPbsGguyKe5Pi8HcY6pZBrRswKSQ79pplhY2m8Fah7Ai1ffAR2zmaJqJkrc+2sx1NZAkWwdmhlzsUaMD0RWeQWNYVLkC1go6dI4XZWEzgtO2523TkulacGl74yczH8wryf1Q0xClifb92TqgHzn0wAtSCkI71dYIDU+3xCGxyRZ/xu/5iBxZPIxkENw47bIr7AN/WjQ8SivkXMhW5iS/u0fQKEikdBqLtMKLoFmEBboaAlga1UH3eOiXzCOTL89/q40PFuki/cJGLmwmnv2kEYH29opHSDTJjDDDJpnqeDfmTOvg==; 20:FkBV3YgGC/NaT4pE0U2Vuq2A3yl9s9guQJcbViTurqB/r8zcJ7YuQcrf/KfRQQBvKXsLZpCOj7iyHJlJU/Fbzc2h6AtFtDy6piXeqAp1nGQm+sD3HvWH4LHqM5d9Y1pdqDWYylkDnn4MRTqIIRmzTR7+BX86Zudx3UcB3rUBceNXGRo8fDh6DQjcIajiLneVql/I0xIPJLB9JFMgdhaNXW7U4IPa6uK9ku62R369QQt3ZO6by/oRNa5DfJDlV5na X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 May 2017 20:25:54.6315 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR12MB0146 Subject: Re: [RFC v4 06/13] OvmfPkg:AmdSevDxe: add AmdSevDxe driver X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 May 2017 20:25:57 -0000 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit On 05/16/2017 12:56 PM, Jordan Justen wrote: > On 2017-05-16 05:04:58, Brijesh Singh wrote: >> Hi Jordan, >> >> On 5/15/17 12:47 PM, Jordan Justen wrote: >>> On 2017-05-11 11:01:57, Brijesh Singh wrote: >>>> >>>> We basically need some kind of guarantee that this driver is run before any other >>>> drivers or libs access MMIO register/buffers. In additional to clearing encryption >>>> bit from MMIO spaces, the driver also installs IOMMU protocol. So far, IOMMU protocol >>>> is directly consumed by PciHostBridgeDxe driver and QemuFwCfgDxeLib. >>> What about adding a NULL protocol named >>> gOvmfIoMmuDetectionProtocolGuid? (Better name suggestions welcomed. :) >>> Then we can use this protocol in a depex where needed. >> It should be doable, If I find better name then I will use that :) >>> Maybe we should consider naming the driver IoMmuDxe instead? >>> >>> I think the generic PciRoot bridge driver shouldn't need this in the >>> depex because it will not start until the BDS phase, and the IoMmuDxe >>> driver would have been dispatched by then. >> Are you suggesting that we introduce a new IoMmuDxe driver and install >> IOMMU protocol unconditionally ? > > No. I'm suggesting we have a new protocol that only exists to allow > dependency expressions to know that we've attempted to detect an IoMmu > implementation. > Okay got it thanks. > The driver would "install" the protocol with a NULL pointer regardless > of whether the IoMmu protocol was installed. Maybe > gOvmfIoMmuDetectionAttemptedProtocolGuid would be a better name? > > The DXE fw-cfg library should then list this under depex. I think the > PCI Host bridge driver doesn't require the depex for the reason I > mentioned abobe. > > The gEdkiiIoMmuProtocolGuid protocol would only be installed be > installed when detected like your patches currently do. > > This method should allow the driver runtime order dependency to be > explicitly indicated. > > Regarding the 'IoMmuDxe' name, I was suggesting that AmdSevDxe be > renamed to IoMmuDxe. Since we would be installing the 'we tried to > detect iommu' protocol, it probably makes sense to put all the iommu > implementation support into a single driver and only install the > 'detection attempted' protocol it after trying to detect all supported > iommu implementations. > > There could be an issue with this. FvbServicesRuntimeDxe.inf is in the > apriori currently if SMM_REQUIRE is set, so if it needs the iommu > treatment, then this wouldn't work. This driver does use MM I/O just > below 4GB. I don't think your current patches would change how this > driver runs since it doesn't use the PCI host bridge protocol, so I > guess it is ok? > We do need to ensure that AmdSevDxe runs before FvbServicesRuntimeDxe.inf. As you rightly pointed, FvbServicesRuntimeDxe uses MM I/O below 4GB hence we need to clear encryption attribute from MMIO space before QemuFlash detection logic is invoked. In my patch set, I have listed AmdSevDxe.inf before FvbServicesRuntimeDxe.inf to ensure that we clear the MMIO before QemuFlash detection logic from FvbServicesRuntimeDxe.inf is invoked. Here is fdt file snippet after my patches. APRIORI DXE { INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf !if $(SMM_REQUIRE) == FALSE INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf !endif } > (It would be nice to get FvbServicesRuntimeDxe.inf out of the apriori > too, but that is a separate issue.) > Yes, if we can move that out from Apriori then maybe also need to add some kind of depex to ensure that it gets called after we clear memory encryption bit from MMIO regions. -Brijesh