Re: [edk2-devel] vTPM support in cloud-Hypervisor in aarch64

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Praveen K Paladugu" <prapal@linux.microsoft.com>
To: devel@edk2.groups.io
Subject: Re: [edk2-devel] vTPM support in cloud-Hypervisor in aarch64
Date: Tue, 17 May 2022 10:50:00 -0500	[thread overview]
Message-ID: <7716cb3a-e03b-8966-72c8-bfa4d2b3161e@linux.microsoft.com> (raw)
In-Reply-To: <16EB56FDE48A248C.20240@groups.io>

Closing the loop on this thread.

With some support from folks at ARM, I was able to narrow down the issue 
to Page Tables not correctly configured in EDKII to handle TPM device.

After marking the pages in vTPM address range (start:0xFED40000, 
len:0x5000) as device Pages (ARM_MEMORY_REGION_ATTRIBUTE_DEVICE), I was 
able to overcome the below reported Exception.

Regards,
Praveen

On 5/2/2022 11:35 AM, Praveen K Paladugu wrote:
> Folks,
> pinging on this thread to bubble it up.
> I'd appreciate any pointers you can provide on this bug.
> 
> 
> On 4/27/2022 1:00 PM, Praveen K Paladugu wrote:
>> Folks,
>>
>> I am trying to enable vTPM support in Windows Guest while using
>> cloud-hypervisor as the VMM and OVMF firmware from edk2 repo.
>>
>> The Firmware is built with the following command:
>>
>> build -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtCloudHv.dsc -b DEBUG \
>>           -D TPM2_ENABLE=TRUE -D TPM2_CONFIG_ENABLE=TRUE \
>>           -D SOURCE_DEBUG_ENABLE
>>
>> Below is the FDT, I am passing to the guest/firmware from
>> cloud-hypervisor:
>>
>>   Printing the FDT:
>>   /
>>     compatible : "linux,dummy-virt "
>>     #address-cells : [2]
>>     #size-cells : [2]
>>     interrupt-parent : [1]
>>     cpus/
>>       #address-cells : [1]
>>       #size-cells : [0]
>>       cpu@0/
>>         device_type : "cpu"
>>         compatible : "arm,arm-v8 "
>>         reg : [0]
>>         phandle : [6]
>>       cpu-map/
>>         cluster0/
>>           core0/
>>             thread0/
>>               cpu : [6]
>>     memory/
>>       device_type : "memory"
>>       reg : [0, 40000000, 0, 80000000]
>>     chosen/
>>       bootargs : "earlycon=pl011,mmio,0x09000000"
>>     intc/
>>       compatible : "arm,gic-v3 "
>>       interrupt-controller : []
>>       #interrupt-cells : [3]
>>       reg : [0, 8FF0000, 0, 10000, 0, 8FD0000, 0, 20000]
>>       phandle : [1]
>>       #address-cells : [2]
>>       #size-cells : [2]
>>       ranges : []
>>       interrupts : [1, 9, 4]
>>       msic/
>>         compatible : "arm,gic-v3-its "
>>         msi-controller : []
>>         phandle : [2]
>>         reg : [0, 8FB0000, 0, 20000]
>>     timer/
>>       compatible : "arm,armv8-timer "
>>       always-on : []
>>       interrupts : [1, D, 4, 1, E, 4, 1, B, 4, 1, A, 4]
>>     pmu/
>>       compatible : "arm,armv8-pmuv3 "
>>       interrupts : [1, 7, 104]
>>     apb-pclk/
>>       compatible : "fixed-clock "
>>       #clock-cells : [0]
>>       clock-frequency : "\u{1}n6"
>>       clock-output-names : "clk24mhz"
>>       phandle : [3]
>>     psci/
>>       compatible : "arm,psci-0.2 "
>>       method : "hvc"
>>     tpm@FED40000/
>>       compatible : "tcg,tpm-tis-mmio "
>>       interrupts : [0, 2C, 1]
>>       reg : [0, FED40000, 0, 5000]
>>     pl011@9000000/
>>       compatible : "arm,pl011 arm,primecell "
>>       reg : [0, 9000000, 0, 1000]
>>       clocks : [3]
>>       clock-names : "apb_pclk"
>>       interrupts : [0, B, 1]
>>     rtc@9010000/
>>       compatible : "arm,pl031 arm,primecell "
>>       reg : [0, 9010000, 0, 1000]
>>       interrupts : [0, 8, 4]
>>       clocks : [3]
>>       clock-names : "apb_pclk"
>>     pl061@9020000/
>>       compatible : "arm,pl061 arm,primecell "
>>       reg : [0, 9020000, 0, 1000]
>>       interrupts : [0, 9, 1]
>>       gpio-controller : []
>>       #gpio-cells : [2]
>>       clocks : [3]
>>       clock-names : "apb_pclk"
>>       phandle : [4]
>>     gpio-keys/
>>       compatible : "gpio-keys "
>>       #size-cells : [0]
>>       #address-cells : [1]
>>       button@1/
>>         label : "GPIO Key Poweroff"
>>         linux,code : [74]
>>         gpios : [4, 3, 0]
>>     pci@30000000/
>>       compatible : "pci-host-ecam-generic "
>>       device_type : "pci"
>>       ranges : [1000000, 0, 0, 0, 9050000, 0, 10000, 2000000, 0, 
>> 10000000, 0, 10000000, 0, 20000000, 3000000, 2, 0, 2, 0, FD, 0]
>>       bus-range : [0, 0]
>>       linux,pci-domain : [0]
>>       #address-cells : [3]
>>       #size-cells : [2]
>>       reg : [0, 30000000, 0, 100000]
>>       #interrupt-cells : [1]
>>       interrupt-map : []
>>       interrupt-map-mask : []
>>       dma-coherent : []
>>       msi-map : [0, 2, 0, 100]
>>       msi-parent : [2]
>>
>>
>> https://github.com/praveen-pk/edk2/commit/59cf5ce41ff6ad2f81273bbd55160747637c3cc2 
>>
>>   and
>> https://github.com/praveen-pk/edk2/commit/55e7fcc21b7aeaaae457f60f8427aaf1e2ff432c 
>>
>>
>> are the changes made to enable TPM support in cloud-hypervisor's recipe.
>>
>>
>> With the above setup I am running into the following failure:
>>
>> """""
>>
>> Install PPI: 6CC45765-CCE4-42FD-BC56-011AAAC6C9A8
>> Install PPI: 8C9F4DE3-7B90-47EF-9308-287CECD66DE8
>> Install PPI: E09F355D-DAE8-4910-B14A-92780FDCF7CB
>> Install PPI: 75CF14AE-3441-49DC-AA10-BB35A7BA8BAB
>> Loading PEIM BF7F2B0C-9F2F-4889-AB5C-12460022BE87
>> add-symbol-file 
>> /root/winiot/edk2/Build/ArmVirtCloudHv-AARCH64/DEBUG_GCC5/AARCH64/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei/DEBUG/Tcg2ConfigPei.dll 
>> 0xBFAC1240
>>
>> Loading PEIM at 0x000BFAC1160 EntryPoint=0x000BFAC2C2C Tcg2ConfigPei.efi
>>
>> Synchronous Exception at 0xBFAC312
>> """"
>>
>>
>> Further debugging I noticed the Exception happens during an MmioRead. 
>> Below is the related trace:
>>
>> """"
>> add-symbol-file 
>> /root/winiot/edk2/Build/ArmVirtCloudHv-AARCH6/DEBUG_GCC5/AARCH64/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei/DEBUG/Tcg2ConfigPei.dll 
>> 0xBFAC1240
>>
>> Loading PEIM at 0x000BFAC1160 EntryPoint=0x000BFAC2C2C Tcg2ConfigPei.efi
>>
>> _ModuleEntryPoint
>> ProcessLibraryConstructorList start _ModuleEntryPoint
>>   BaseDebugLibSerialPortConstructor
>>   TimerConstructor
>>   Tpm2DeviceLibConstructor
>>   Tpm2GetPtpInterface Register = FED40000
>>   Tpm2IsPtpPresence Start, Reg = FED40000
>>   ioLibArmVirt.c MmioRead8
>>   ioLibArmVirt.c MmioRead8
>> Synchronous Exception at 0xBFAC312
>> """"
>>
>> Any thoughts on what could be going wrong with TPM device 
>> configuration in the firmware? I'd appreciate any inputs on this issue.
>>
> 

-- 
Regards,
Praveen K Paladugu

     prev parent reply	other threads:[~2022-05-17 15:50 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <16E9DB2F22253A83.7308@groups.io>
2022-05-02 16:35 ` [edk2-devel] vTPM support in cloud-Hypervisor in aarch64 Praveen K Paladugu
     [not found] ` <16EB56FDE48A248C.20240@groups.io>
2022-05-17 15:50   ` Praveen K Paladugu [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=7716cb3a-e03b-8966-72c8-bfa4d2b3161e@linux.microsoft.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox