From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web08.14528.1635041488655037393 for ; Sat, 23 Oct 2021 19:11:29 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=WYejcARc; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10146"; a="216393902" X-IronPort-AV: E=Sophos;i="5.87,177,1631602800"; d="scan'208";a="216393902" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Oct 2021 19:11:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,177,1631602800"; d="scan'208";a="577358430" Received: from orsmsx604.amr.corp.intel.com ([10.22.229.17]) by fmsmga002.fm.intel.com with ESMTP; 23 Oct 2021 19:11:26 -0700 Received: from orsmsx606.amr.corp.intel.com (10.22.229.19) by ORSMSX604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Sat, 23 Oct 2021 19:11:26 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx606.amr.corp.intel.com (10.22.229.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Sat, 23 Oct 2021 19:11:26 -0700 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.174) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Sat, 23 Oct 2021 19:11:25 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TOSVyAiI+YQrTz8bOeJybG/5vjQ2rygI6eKuosE2+pYWylCjznPbjfxwMFCN7hH8JmYkt5M0t4sYt0/WhONeYePon8N16n0mYUAHNp/bKSJBC9V9VJFs5vosxSfPlV2Sp73nWrH+RA6Z8AM8iQqp8pGiOkQrxlJxnMYZh9PXhA+ugnSotKEYmC8lzEty9VmR7h3HQfMU4tOhW6Fh86oqXefHCs1CfdJ4eftNFB0C3Q+xJP4WJoiKnaUmqqWC5Gn2ZI2nFgntLN6+mILp5GAbx4ltgmTYVUsP3JOLPDFgK4WIXKG2NOHhhF/P6g1ZWWAhEOypzD1b+z6K0dnUanzlnA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8/FqstF+LveP/ze+7mMxodGB/nlxuLO0jUDmYV6Hz+M=; b=EofNMkDVxpkTumT+DZiAtBgytgykbzduDpZ2T0TZkhOai/ISLKR03IMSqX1qsd1uDA2BoF/WCbuPtqE+9Blk02CJ13A0lPAlZBrbxRLNJMCS4CIUkJkJRjMeANvl75UdqGUXnklBngSPg/UMNiknpKeR62Og0UUtUb7ohZzf0aBuIDbZrguKnFf1i2Qp/jRXOuYGoVpoNLR6xgTpMq2m2LIw4i4iDOusas4Um0BpMhP1JgwQuG7UoSkw6HDcqgj4QDYcwkcWkBKQweha18kYcz6KlWavwcz5m4HlA1wV59h0rU3/W4acQ9iSNflkwsBbBTj9FzbnmQbUkg6a0JgFoA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8/FqstF+LveP/ze+7mMxodGB/nlxuLO0jUDmYV6Hz+M=; b=WYejcARc5HEZyFYNMIULDCo/NYvt096rR8T5s8AkbIbxxJdXgcbisMV1BMyn4ZGgUE7/yxYrAjB7mTowjXcQal2lQa2/AdRYS1xzzK+v6q66Of3jtGeQMrwJHW12sI/beQ8FBbRp/YkNnSQvsZh5UKsJ5A+CEJpOyKI7gwJiR0A= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB5045.namprd11.prod.outlook.com (2603:10b6:510:3f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.16; Sun, 24 Oct 2021 02:11:20 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::c5cb:e37a:9f3:8f80]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::c5cb:e37a:9f3:8f80%5]) with mapi id 15.20.4628.020; Sun, 24 Oct 2021 02:11:19 +0000 From: "Yao, Jiewen" To: "Xu, Min M" , "devel@edk2.groups.io" CC: Ard Biesheuvel , Gerd Hoffmann , "Justen, Jordan L" , "Brijesh Singh" , Erdem Aktas , "James Bottomley" , Tom Lendacky Subject: Re: [PATCH V10 0/4] Add Intel TDX support in OvmfPkg/ResetVector Thread-Topic: [PATCH V10 0/4] Add Intel TDX support in OvmfPkg/ResetVector Thread-Index: AQHXxhFRLTngSNx7hUWT9pGYSbJ8xKvhbIJA Date: Sun, 24 Oct 2021 02:11:19 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.200.16 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f54e54e6-c874-416a-5a8e-08d9969391c3 x-ms-traffictypediagnostic: PH0PR11MB5045: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:901; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: xZF8WUNBbo5+2FqUxvS/wypmey9AVC46O5Ktrh6Sds+7mHkPNgRvhyQJZRPLry63SWkEXqkNrhnRR4ynuOuIDKNjfA3BKQ+02qe2g5ujjjkKBmjiOrSWWGbx6T8zuf0DJ90Fn5rEtWYKu70w6mJ+nWdxR1+Bk6ld7jO8wF7tA9Umbx5/ecRk/KFFneuJ1xLox7uVTy6E5UCLfh+PBNMbJ7uBNdpvqFgs729fN3a+LsyRY78fdgm/BzTcfqyrDV5q1DkF8xXQxoXOVRN6Q0LI2EjZDRWs5ifBYrTpMqbLFuyLKnCFLeV0C9nvG5NCyBYGLm6oCMqQFzFamCzNbhcI9t+Ia3cZWgGe8XOTdtbmRVTwO4DnGw2iJmu0YpUzp/BJ4dEuLr4i2Ag4YRNWqyLZDUJxZnvImjtujgXOUj/CfkhWSdl9KG5Ppbu1MSMfvE8msBOwslgzVCFR+VGtNLI7YBFERr8oHyuuJ1r9NkLKVCEPCCtZ0XD3G3b98uFXYDN4O6fAzBG75oTUDNW+HqESN4/xhWoNESM7s22yY6c420UrmRIa5SrGHWqyYusMPPovjUnTiSByeKolXGww15rNhZnGN6C8I1PUVXAekjsu9sSDegXJGJAgwgJH2bXUQ/+93ZLDng4TYkgKYfS8e2tAuK5dqq5nU27Y1DXouD4A/2GNROMeBBTr0OGxtm2iQuqht6udUyrHykgxEskoh0fbYP4jIORiI5HMxUtzOd2DWvWFZ2qZXWO7RzSKlO0wpbymWZlzEJKYiJQ1BeirvEP/DdXw54ZeqXRpikCKZSHSfueCLtVA1tkLtihxXegRYJMqK3qioYBWQ2XWRVInk9olng== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(9686003)(66556008)(66446008)(33656002)(66476007)(86362001)(76116006)(6506007)(4326008)(64756008)(66946007)(55016002)(38070700005)(5660300002)(82960400001)(7696005)(2906002)(316002)(53546011)(19627235002)(8936002)(26005)(110136005)(52536014)(508600001)(186003)(122000001)(38100700002)(8676002)(966005)(71200400001)(54906003)(83380400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?fWRrzg9XXELpJkw8Tmk2wwGGnC1FIKCFKyase5NznLAfqwNyl26muJ8q+ON2?= =?us-ascii?Q?zpuWmBWXtiSlpX7yQCNM5qEtHkEyDQlhdTNCxkmIBm7AKbIHSjH/yXCjU91M?= =?us-ascii?Q?+W+fhjB2twd4WqNBBEFI+uSAoSTkvgI9I/uP+xx03TEC0il3pzORZ1/Rsqko?= =?us-ascii?Q?JvmQRGn2HUzKdnPkZZuapo2/Nz1t5Ti3x81kCppAxWoscM9mMfrkBQVR95bN?= =?us-ascii?Q?OVXcci9WByCCI0i/K8GNglj/gxFr9HXqNMmX+gfBTes/fQhWsxe365R1TBgX?= =?us-ascii?Q?xfF6nLp9EIuiUuVw/qnrYa7951xZMovacux4CkNWXpx2rvmWniDv3nE/Q/CT?= =?us-ascii?Q?wAe+5lm3hZJDjiZ6nNrDVNKK22g0StzNmHI/EFuDb7Av5y8k0jXcim0g4Gqx?= =?us-ascii?Q?3zmNPpbQlFV7X7AqB5R05B25K46l8mHprPMNUvHg6DdpdKTuCymXib+Xc1nx?= =?us-ascii?Q?8AVyFm16ndBogvE5Qqb6aVk9cmick+YdiaGc78MXCPt2VBDE10if4KxoXlVY?= =?us-ascii?Q?SWxQaThPtSygBjop4vbS445lv1envXiSfdxZiirw6fHa9SNJlc/3edSTyjfh?= =?us-ascii?Q?gA0Nw0Cr36vszNP/C0FQ7zFqfWszX2LrK7q5H7y0VYkOfQpPlst+ZCQC8mx9?= =?us-ascii?Q?IXwgmT7UvEYZ22LAFPsz01ts0Y0eDpSbMo9bMz6chUZdC66tpDHN2NdZaFld?= =?us-ascii?Q?S0ULm5WKdXWlBIHqZKVMLGCdQCJ975AkoELkh/rtK6zJhASXl7GqhXBfWL3P?= =?us-ascii?Q?8pFrucQUNMX0f8VYylat4/FJ7kZqZJDWXW6Nim3z326vdzgJdjCNZEBkiLtQ?= =?us-ascii?Q?CdkMiWlhuwcOZW8yRT9D1v8VcNs/1Kmj7Jx8AKbaeinvnqICDw4ayl6D8RaY?= =?us-ascii?Q?Tycy2FDRcU9j1XkWh3d1xbwyI1GnbhwD6qRjLRwEk3hxdKe1IRNwDFuvQQb6?= =?us-ascii?Q?9zGv/oj3XZmZumJ5lmChmK+EaG6LgrGvyLlhmTToxlYHgXKt28jykGSbMv+K?= =?us-ascii?Q?6+5N/MVLHsnqfAHXEvPHS+rSQalq81wA9L+VyUL48rW7C3WnE7PiZk4Cdj2v?= =?us-ascii?Q?p9oEwVX/tp7O4Nmy5/d8YJ8/8UrdXCvT7lW2U8TdfolrEF3iUG8aFJqxLHfY?= =?us-ascii?Q?UTv1PJRvw4nZA9fCEaDRvgoHmMPtDW7hVNP6hl1ORdHgmhYJRXFKDm2s1SgJ?= =?us-ascii?Q?4tQB/MCRhYm2lzUnWcoaLwDzVRmCHiDUn8mKqdS7L4pdCtIzqtbZlslI8OAb?= =?us-ascii?Q?bb4UF1fY+avKGq4zaLkhVskG9ZrGBCwqsrhUP6gklI8fG4X3H1F62J6xCe5z?= =?us-ascii?Q?5/ACuef+WZsEulwPMl0r68LOZdx0fPyxxhIPs3HeMOXgktR+3VKyLjVwL75o?= =?us-ascii?Q?l3OpEzMDyLxf0E8MxktE0/fscm5QjDX37ddnCMBDDBliCTt+9yf92ZCHJSKf?= =?us-ascii?Q?EnVPWqHVLQU4Zl6xkSwLo2NbIhx0PiDerd7ANTO2BH6YVJZBtEN+ilAsxA4F?= =?us-ascii?Q?O0skGrBXGHgMj9sgoGWJiA550/dBnmUkgm8r2tda/0Gi4G2EqWI/IAzvZJvV?= =?us-ascii?Q?jvZJkLyxr7QLjkJNyFo/HUxCtsZpC+YEqIuwDhklk7q197ANScQx7o4w2i6v?= =?us-ascii?Q?imI8nPJkR6+yvGeoDbuzEQM=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f54e54e6-c874-416a-5a8e-08d9969391c3 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Oct 2021 02:11:19.7920 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: /1MkBOatS7hjYY0VgCkTyUkdA5pp+JsrmKULnyooXJJoXhSzjKstzhOr79WSWDnfNyh7fCpUjr+68PuY1HrUdA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5045 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Merged https://github.com/tianocore/edk2/pull/2142 f079e9b450b3896bb00eb7a9fed3a6ec7ed3cd04.. 8b76f235340922a6d293bff05978ba57= d3b498e1 > -----Original Message----- > From: Xu, Min M > Sent: Thursday, October 21, 2021 8:18 AM > To: devel@edk2.groups.io > Cc: Xu, Min M ; Ard Biesheuvel > ; Gerd Hoffmann ; Justen, > Jordan L ; Brijesh Singh ; > Erdem Aktas ; James Bottomley > ; Yao, Jiewen ; Tom Lendacky > > Subject: [PATCH V10 0/4] Add Intel TDX support in OvmfPkg/ResetVector >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3429 >=20 > Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology > that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory > Encryption (MKTME) with a new kind of virutal machines guest called a > Trust Domain (TD). A TD is desinged to run in a CPU mode that protects th= e > confidentiality of TD memory contents and the TD's CPU state from other > software, including the hosting Virtual-Machine Monitor (VMM), unless > explicitly shared by the TD itself. >=20 > The patch-sets to support Intel TDX in OvmfPkg is split into several > waves. This is wave-1 which adds Intel TDX support in OvmfPkg/ResetVector= . > Note: TDX only works in X64. >=20 > Patch #1: Ovmf uses its own Main.asm to reduce the complexity of Main.asm > in UefiCpuPkg. This Main.asm is an unmodified copy from > UefiCpuPkg/ReseteVector/Vtf0 (so no functional change) and the actual > changes for tdx come as incremental patches. >=20 > Patch #2: WORK_AREA_GUEST_TYPE is cleared in Main.asm instead of in > WORK_AREA_GUEST_TYPE. >=20 > Patch #3: Introduce IntelTdxMetadata.asm which describes the information > about the image for VMM use. >=20 > Patch #4: Enable TDX in OvmfPkg/ResetVector for ARCH_X64. >=20 > [TDX]: https://software.intel.com/content/dam/develop/external/us/en/ > documents/tdx-whitepaper-final9-17.pdf >=20 > [TDVF]: https://software.intel.com/content/dam/develop/external/us/en/ > documents/tdx-virtual-firmware-design-guide-rev-1.pdf >=20 > Code is at https://github.com/mxu9/edk2/tree/tdvf_wave1.v10 >=20 > v10 changes: > - Clear the OVMF_WORK_AREA in both ARCH_IA32 and ARCH_X64. > - Update the ReloadFlat32 based on the review comments. > - Other minor changes and update some comments. >=20 > v9 changes: > - Introduce IntelTdxMetadata.asm in a separate commit. > - Use absolute offset for the start of TdxMetadata so that VMM can > easily reach to the start of the metadata. >=20 > v8 changes: > - Create a separate commit for Main.asm. > - Create a separate commit for the clearance of WORK_AREA_GUEST_TYPE. > - Fix some inaccurate comments. >=20 > v7 changes: > - Refine the offset of TdxMetadata and remove the definition of > PcdOvmfImageSizeInKB > - Use MOV CR* instead of smsw in ResetVector > - Remove the new field (SubType) in > CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER. >=20 > v6 changes: > - Remove the 5-level paging support. 5-level paging enabling is *NOT* > super critical for TDX enabling at this moment. It will be enabled > later in a separate patch. > - Add a new field (SubType) in > CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER > to record the VM Guest SubType. > - In Main16 entry point, after TransitionFromReal16To32BitFlat, > WORK_AREA_GUEST_TYPE is cleared to 0. WORK_AREA_GUEST_TYPE was > previously cleared in SetCr3ForPageTables64 (see commit ab77b60). > This doesn't work after TDX is introduced in Ovmf. It is because all > TDX CPUs (BSP and APs) start to run from 0xfffffff0. In previous code > WORK_AREA_GUEST_TYPE will be cleared multi-times in TDX guest. So for > SEV and Legacy guest it is moved to Main16 entry point (after > TransitionFromReal16To32BitFlat). For TDX guest WORK_AREA_GUEST_TYPE > is cleared and set in InitTdxWorkarea. > - Make the return result of IsTdx be consistent with IsTdxEnabled. > - Fix some typo in the code comments. >=20 > v5 changes: > - Remove the changes of OVMF_WORK_AREA because Commit ab77b60 covers > those changes. > - Refine the TDX related changes in PageTables64.asm and > Flat32ToFlat64.asm. > - Add CheckTdxFeaturesBeforeBuildPagetables to check Non-Tdx, Tdx-BSP or > Tdx-APs. This routine is called before building page tables. >=20 > v4 changes: > - Refine the PageTables64.asm and Flat32ToFlat64.asm to enable TDX. > - Refine SEV_ES_WORK_AREA so that SEV/TDX/Legach guest all can use this > memory region. https://edk2.groups.io/g/devel/message/78345 is the > discussion. > - AmdSev.asm is removed because Brijesh Singh has done it in > https://edk2.groups.io/g/devel/message/78241. >=20 > v3 changes: > - Refine PageTables64.asm and Flat32ToFlat64.asm based on the review > comments in [ReviewComment-1] and [ReviewComment-2]. > - SEV codes are in AmdSev.asm > - TDX codes are in IntelTdx.asm > - Main.asm is created in OvmfPkg/ResetVector. The one in > UefiCpuPkg/ResetVector/Vtf0 is not used. > - Init32.asm/ReloadFlat32.asm in UefiCpuPkg/ResetVector/Vtf0/Ia32 are > deleted. They're moved to OvmfPkg/ResetVector/Ia32. > - InitTdx.asm is renamed to InteTdx.asm >=20 > v2 changes: > - Move InitTdx.asm and ReloadFlat32.asm from UefiCpuPkg/ResetVector/Vtf0 > to OvmfPkg/ResetVector. Init32.asm is created which is a null stub of > 32-bit initialization. In Main32 just simply call Init32. It makes > the Main.asm in UefiCpuPkg/ResetVector clean and clear. > - Init32.asm/InitTdx.asm/ReloadFlat32.asm are created under > OvmfPkg/ResetVector/Ia32. > - Update some descriptions of the patch-sets. > - Update the REF link in cover letter. > - Add Ard Biesheuvel in Cc list. >=20 > v1: https://edk2.groups.io/g/devel/message/77675 >=20 > Cc: Ard Biesheuvel > Cc: Gerd Hoffmann > Cc: Jordan Justen > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Tom Lendacky > Signed-off-by: Min Xu >=20 > Min Xu (4): > OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector > OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asm > OvmfPkg: Add IntelTdxMetadata.asm > OvmfPkg: Enable TDX in ResetVector >=20 > OvmfPkg/OvmfPkg.dec | 9 + > OvmfPkg/OvmfPkgDefines.fdf.inc | 9 + > OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 39 ++++ > OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm | 11 + > OvmfPkg/ResetVector/Ia32/IntelTdx.asm | 222 +++++++++++++++++++ > OvmfPkg/ResetVector/Ia32/PageTables64.asm | 22 +- > OvmfPkg/ResetVector/Main.asm | 121 ++++++++++ > OvmfPkg/ResetVector/ResetVector.inf | 9 + > OvmfPkg/ResetVector/ResetVector.nasmb | 28 +++ > OvmfPkg/ResetVector/X64/IntelTdxMetadata.asm | 115 ++++++++++ > 10 files changed, 581 insertions(+), 4 deletions(-) > create mode 100644 OvmfPkg/ResetVector/Ia32/IntelTdx.asm > create mode 100644 OvmfPkg/ResetVector/Main.asm > create mode 100644 OvmfPkg/ResetVector/X64/IntelTdxMetadata.asm >=20 > -- > 2.29.2.windows.2