From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
Jordan Justen <jordan.l.justen@intel.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Erdem Aktas <erdemaktas@google.com>,
James Bottomley <jejb@linux.ibm.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Subject: [PATCH 01/23] OvmfPkg: Add Tdx BFV/CFV PCDs and PcdOvmfImageSizeInKb
Date: Thu, 12 Aug 2021 19:56:40 +0800 [thread overview]
Message-ID: <7afbf137d786b28c100965d4cfbb0aa8012c79d2.1628767741.git.min.m.xu@intel.com> (raw)
In-Reply-To: <cover.1628767741.git.min.m.xu@intel.com>
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
Tdx Virtual Firmware (TDVF) includes one Firmware Volume (FV) known
as the Boot Firmware Volume (BFV). The FV format is defined in the
UEFI Platform Initialization (PI) spec. BFV includes all TDVF components
required during boot.
TDVF also include a configuration firmware volume (CFV) that is separated
from the BFV. The reason is because the CFV is measured in RTMR, while
the BFV is measured in MRTD.
In practice BFV is the code part of Ovmf image. CFV is the vars part of
Ovmf image (exclude the SPARE part).
PcdOvmfImageSizeInKb is added which is used to calculate the offset
of TdxMetadata in ResetVectorVtf0.asm.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
OvmfPkg/OvmfPkg.dec | 13 +++++++++++++
OvmfPkg/OvmfPkgDefines.fdf.inc | 10 ++++++++++
2 files changed, 23 insertions(+)
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 8fb6f257e8e8..ccda130f0ef6 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -329,6 +329,19 @@
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase|0x0|UINT32|0x47
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize|0x0|UINT32|0x48
+ ## The base address and size of the TDX Cfv base and size.
+ gUefiOvmfPkgTokenSpaceGuid.PcdCfvBase|0|UINT32|0x49
+ gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataOffset|0|UINT32|0x4a
+ gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize|0|UINT32|0x4b
+
+ ## The base address and size of the TDX Bfv base and size.
+ gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase|0|UINT32|0x4c
+ gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataOffset|0|UINT32|0x4d
+ gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataSize|0|UINT32|0x4e
+
+ ## Size of the Ovmf image in KB
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfImageSizeInKb|0|UINT32|0x4f
+
[PcdsDynamic, PcdsDynamicEx]
gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/OvmfPkgDefines.fdf.inc b/OvmfPkg/OvmfPkgDefines.fdf.inc
index 35fd454b97ab..777b7755b198 100644
--- a/OvmfPkg/OvmfPkgDefines.fdf.inc
+++ b/OvmfPkg/OvmfPkgDefines.fdf.inc
@@ -9,6 +9,7 @@
##
DEFINE BLOCK_SIZE = 0x1000
+DEFINE VARS_OFFSET = 0
#
# A firmware binary built with FD_SIZE_IN_KB=1024, and a firmware binary built
@@ -66,6 +67,7 @@ DEFINE SECFV_OFFSET = 0x003CC000
DEFINE SECFV_SIZE = 0x34000
!endif
+SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfImageSizeInKb = $(FD_SIZE_IN_KB)
SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress = $(FW_BASE_ADDRESS)
SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareFdSize = $(FW_SIZE)
SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFirmwareBlockSize = $(BLOCK_SIZE)
@@ -82,6 +84,14 @@ SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize = $(BLOCK_SIZ
SET gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwSpareBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwWorkingBase + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingSize
SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareSize = $(VARS_SPARE_SIZE)
+SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvBase = $(FW_BASE_ADDRESS)
+SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataOffset = $(VARS_OFFSET)
+SET gUefiOvmfPkgTokenSpaceGuid.PcdCfvRawDataSize = $(VARS_LIVE_SIZE)
+
+SET gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase = $(CODE_BASE_ADDRESS)
+SET gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataOffset = $(VARS_SIZE)
+SET gUefiOvmfPkgTokenSpaceGuid.PcdBfvRawDataSize = $(CODE_SIZE)
+
!if $(SMM_REQUIRE) == TRUE
SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase
SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase = gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwWorkingBase
--
2.29.2.windows.2
next prev parent reply other threads:[~2021-08-12 11:57 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-12 11:56 [PATCH 00/23] Enable Intel TDX in OvmfPkg (SEC/PEI) Min Xu
2021-08-12 11:56 ` Min Xu [this message]
2021-08-12 11:56 ` [PATCH 02/23] OvmfPkg/Sec: Update the check logic in SevEsIsEnabled Min Xu
2021-09-11 1:13 ` Erdem Aktas
2021-09-13 3:04 ` Min Xu
2021-08-12 11:56 ` [PATCH 03/23] OvmfPkg/ResetVector: Enable Intel TDX in ResetVector of Ovmf Min Xu
2021-09-11 1:14 ` Erdem Aktas
2021-09-13 6:06 ` Min Xu
2021-09-14 2:16 ` Erdem Aktas
2021-08-12 11:56 ` [PATCH 04/23] MdePkg: Add Tdx.h Min Xu
2021-08-12 20:52 ` Michael D Kinney
2021-08-12 22:57 ` Min Xu
2021-08-12 11:56 ` [PATCH 05/23] MdePkg: Add TdxProbeLib to probe Intel Tdx Min Xu
2021-08-16 9:43 ` [edk2-devel] " Gerd Hoffmann
2021-08-17 0:14 ` Min Xu
2021-08-17 8:20 ` Gerd Hoffmann
2021-08-17 8:43 ` Min Xu
2021-08-17 8:58 ` Gerd Hoffmann
2021-09-11 1:14 ` Erdem Aktas
2021-09-13 6:11 ` [edk2-devel] " Min Xu
2021-08-12 11:56 ` [PATCH 06/23] MdePkg: Add TdxLib to wrap Tdx operations Min Xu
2021-09-11 1:15 ` Erdem Aktas
2021-08-12 11:56 ` [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Min Xu
2021-08-17 8:38 ` [edk2-devel] " Gerd Hoffmann
2021-08-18 5:54 ` Min Xu
2021-08-19 6:30 ` Gerd Hoffmann
2021-08-19 13:12 ` Min Xu
2021-08-20 6:41 ` Gerd Hoffmann
2021-09-11 1:15 ` Erdem Aktas
2021-09-28 8:33 ` [edk2-devel] " Min Xu
2021-08-12 11:56 ` [PATCH 08/23] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib Min Xu
2021-08-12 11:56 ` [PATCH 09/23] UefiCpuPkg: Add VmTdExitLibNull Min Xu
2021-08-12 11:56 ` [PATCH 10/23] OvmfPkg: Prepare OvmfPkg to use the VmTdExitLib library Min Xu
2021-08-12 11:56 ` [PATCH 11/23] OvmfPkg: Implement library support for VmTdExitLib in Ovmf Min Xu
2021-08-12 11:56 ` [PATCH 12/23] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception Min Xu
2021-08-12 11:56 ` [PATCH 13/23] UefiCpuPkg: Enable Tdx support in MpInitLib Min Xu
2021-08-12 11:56 ` [PATCH 14/23] OvmfPkg: Update SecEntry.nasm to support Tdx Min Xu
2021-08-12 11:56 ` [PATCH 15/23] OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard Min Xu
2021-08-12 11:56 ` [PATCH 16/23] OvmfPkg: Add TdxMailboxLib Min Xu
2021-08-12 11:56 ` [PATCH 17/23] MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h Min Xu
2021-08-12 11:56 ` [PATCH 18/23] OvmfPkg: Enable Tdx in SecMain.c Min Xu
2021-08-19 6:49 ` [edk2-devel] " Gerd Hoffmann
2021-08-19 14:27 ` Min Xu
2021-08-20 7:22 ` Gerd Hoffmann
2021-08-24 12:07 ` Min Xu
2021-08-24 12:55 ` Ard Biesheuvel
2021-08-25 6:10 ` Yao, Jiewen
2021-08-25 7:52 ` Gerd Hoffmann
2021-08-25 9:07 ` Yao, Jiewen
2021-08-25 14:51 ` Gerd Hoffmann
2021-08-25 16:28 ` Yao, Jiewen
2021-08-26 8:31 ` Gerd Hoffmann
2021-08-26 16:58 ` Yao, Jiewen
2021-08-25 6:22 ` Gerd Hoffmann
2021-08-12 11:56 ` [PATCH 19/23] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation Min Xu
2021-08-12 11:56 ` [PATCH 20/23] MdePkg: Add AllocatePagesWithMemoryType support in PeiMemoryAllocationLib Min Xu
2021-08-12 20:43 ` Michael D Kinney
2021-08-15 2:51 ` Min Xu
2021-08-12 11:57 ` [PATCH 21/23] OvmfPkg: Add PcdUse1GPageTable support for TDX Min Xu
2021-08-12 11:57 ` [PATCH 22/23] MdeModulePkg: EFER should not be changed in TDX Min Xu
2021-08-12 11:57 ` [PATCH 23/23] OvmfPkg: Update PlatformPei to support TDX Min Xu
2021-08-31 10:45 ` [edk2-devel] [PATCH 00/23] Enable Intel TDX in OvmfPkg (SEC/PEI) Gerd Hoffmann
2021-09-01 5:41 ` Min Xu
2021-09-01 6:25 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7afbf137d786b28c100965d4cfbb0aa8012c79d2.1628767741.git.min.m.xu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox