From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web12.9311.1642669656172188178 for ; Thu, 20 Jan 2022 01:07:37 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=LgYKhS7N; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1642669656; x=1674205656; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=z1b3LqDbbrdNR53y5hxmN383moYmwsDtq6lRoIeKDhM=; b=LgYKhS7Nrszfy6ASTSJd5lWbaEyF4TwhVsoY7oFzqDuhOOdkFyf4AkDy hwYHJ8sUm4GQI/NN1VOezKPN6Fbk0y1iHdxDPxdkBpEUsKjTNvXaGPIyy RNscBLI4DozkG4qk/2Q/gqfOjx0Z1V0Rk6i3da1tvsw7T+Ce4bnvQsmo8 o6aozQrHt21OpLoyVPvrDRf+pRaJfd0eFdSHXVTfPO4HVnGFs5RW0PdDI sroQYR5aO4zonPZrmZwW1KFcnIsd1BkYl1PdElTTgkrUeA+2wrs17IZty o2qxCBWdb+j3YegAsRPMrU3SyTBQIrNTDanx2lwfEhZmLbrubfTzTQeHU w==; X-IronPort-AV: E=McAfee;i="6200,9189,10232"; a="225979206" X-IronPort-AV: E=Sophos;i="5.88,302,1635231600"; d="scan'208";a="225979206" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jan 2022 01:07:35 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,302,1635231600"; d="scan'208";a="626222631" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga004.jf.intel.com with ESMTP; 20 Jan 2022 01:07:34 -0800 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Thu, 20 Jan 2022 01:07:33 -0800 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Thu, 20 Jan 2022 01:07:33 -0800 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Thu, 20 Jan 2022 01:07:33 -0800 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.43) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Thu, 20 Jan 2022 01:07:33 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QAx83zvv7hWOhB+CaXXBScwtNb03j7vgmPfBljMmhu4b53MF3xSr4eErtUDcb1APEgoXfSReRFlyg6kGbz2lLF1XlDfCIiZCjal/NOIBuKxc1NBiUIT5d5Llib7qnOstrgqcx9Qeyo8hW7GQIobxXFpfMlJBV6Sh0ys6FsDXNdEkK/E/o3RL7JIaA9OhokmWeSgBZdEwVAySV/bySztsuK7xm9phroYgoDxDd9wKoviBX+lBq3vTwfje/A/30xUg6yHpkKOMVUytaTEMA/HHOrfA2T2uz3Igpinutc6nl/MxVwfd2DcRZwTjuoMgSF6STNxqUmKduLuuinidzlIZ1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7wYdyDyQfyzowwaa/ByniM2CJC/FQGrmjD+h70skT8o=; b=TYKqGZv7K4ReXIhZ+H1NGJFrC2bYnkkrzHAhNcocMTv2MT2ddoZ3UmTMslXDECTCwOkiT2JNP/5QTIFM6Jqe2m16o4qyXQ0c+fMoQN874VwntlkE+P1r8YvLxqYCwxbpj45jNAhjqDMvp3fLdBrOlDM2E8w/aMUzMNwDFZQQaFZEI8b1xhc7A+APOTEYTxH+8ul1DBCoUd8dpAMvblYE8wCWOIUp5ZFxngTKiLALCGMqqQn2spVaHeOqVfpUsXbrVRPY4y+7bnfsdT9fcy8HPGYgvQ96IaqyLBjXh3hXQZHdLCVgLjQTPffPffFpJj1BNewfDwA3i/EhDJ401/gZIA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by PH0PR11MB5158.namprd11.prod.outlook.com (2603:10b6:510:3b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.11; Thu, 20 Jan 2022 09:07:23 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::ed65:b010:fc2c:f48c]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::ed65:b010:fc2c:f48c%5]) with mapi id 15.20.4888.014; Thu, 20 Jan 2022 09:07:22 +0000 From: "Min Xu" To: "devel@edk2.groups.io" , "kraxel@redhat.com" CC: Ard Biesheuvel , "Justen, Jordan L" , Brijesh Singh , "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [edk2-devel] [PATCH V4 22/31] OvmfPkg: Update PlatformPei to support TDX Thread-Topic: [edk2-devel] [PATCH V4 22/31] OvmfPkg: Update PlatformPei to support TDX Thread-Index: AQHX8CFH2wrY83XtAEqkhMiWEMnGeawzQhaAgDiKTwA= Date: Thu, 20 Jan 2022 09:07:22 +0000 Message-ID: References: <94bb5cbbb19bb7b14513082b386554fc59168eb4.1639399598.git.min.m.xu@intel.com> <20211215085305.qb6akg5nlxio4m2h@sirius.home.kraxel.org> In-Reply-To: <20211215085305.qb6akg5nlxio4m2h@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.200.16 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 48f4b6c2-a837-4fe0-fd1e-08d9dbf4452d x-ms-traffictypediagnostic: PH0PR11MB5158:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: uqXMFbzlfIHCc4UfxnlleA2n2easMThFpWeZnxTpSJyUqZLONo/niLQ44bHuxaXJL5gQ0cZ0+VtEHWCEOP85rf5cGXblcVYdPWTCdFr/YIVtSQSdbse22/IYXcbkNzUp4ceGe6kU2FxtwayuY1kHQS54J3K+/JHvyN2gcx6T8MD8NFyWB8ve6ykIU9a5gcZ6adSTCRwnF16zl2itR3P+23JRQOaqkLtSMs7HqgE9MwtRabafq52gbR1pZ4nhVn4WaSxMPZ+CCHiPwqSKmpJ3V4Tjn7lbbQZ9KrkVLk0Vy6ZNk+GvUtC7/W/dDpZJ11JedYoVuiiIRSTDCCHrrOXlwdV88nZm/+UW3L7qMXxzgeTXwLF/LOY+I4/ULFj7gt4nl9i2es9QnhwLwfuD2La4xXtAGM43nD8nWlawC/ej73gPMBuNHxOCLxW9/oVwp5snOU8s7Xanmkm1B7xxvw6uMXe454ErHvyvI4x7AH4qjXrXgTg5jxA6Xbul1/ryGENjMxqKiks8hxB0Zuqbbhdpl3cVkx776fp2fXGYJ6yJhkcOeQGSRfBX1Heb/Jewm9paTjYMoOWQA9CzJNWd/0CCpTtQE5aC8mfxPOLHaJ5TCOXCcKzSvpUqhpYvXqJAoNBdvugDHl/8VwImlwy8Dzz8h0rcVWWEQz2hidB9LUNRNcrAqDd9I27ToQiv5KwJbSOen/9yn0rDfxh73nsYYGAviQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(2906002)(508600001)(71200400001)(38070700005)(4326008)(82960400001)(66476007)(5660300002)(83380400001)(86362001)(26005)(15650500001)(38100700002)(33656002)(7696005)(66446008)(66556008)(64756008)(55016003)(9686003)(52536014)(8936002)(110136005)(76116006)(54906003)(316002)(122000001)(66946007)(6506007)(8676002)(186003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?VgwaW7kONfFKquoIgH/j1JGhwG1GdpAUrwTxcoxAXiLPG64RhpfUtgMv6xcP?= =?us-ascii?Q?pbrDuAL4KfCRKatWw0U0rGBxJGdiUayOGmhhOW9+EGUnvOCs3fHbp0zEqYg2?= =?us-ascii?Q?I8iho2pLlaSF7BldMxk5P62XZYLrG7xkSWBk+ApqQdjGnnzFm8pcS2+6oLJ+?= =?us-ascii?Q?8wpl02xmcacwMXcNGIkg37rG+qNnnxTHaOWAutesowhyi9KZo0X7KSJZGqw5?= =?us-ascii?Q?iVcg0luOQTvBzyBMPVrd1/ZQBbH2S+0Hh3BgdtxZo9yQyY/F6IVVpsaIGQWP?= =?us-ascii?Q?xJjWaIZSWbuWWCd2VVke2kG6918AoDzIOsipP5Uw7VvN9o4ScaxugwTm5p/T?= =?us-ascii?Q?Mf3bATC0QsRY3XVke80gH02JNV7gPmaRQpk4Pq32RdrpFWVYEFP5ej2wiytY?= =?us-ascii?Q?7WuCtbikY5LIFpOg2ODnqdMskuzk794cbprhGVW82RyraLUkJChAJ1f0fDLu?= =?us-ascii?Q?djlvpUPJIHi8DWYeQ7gN5SwucBknOKq4TPJYHVyN1O+l+v/s4OJply3tgrYO?= =?us-ascii?Q?q7r5VPd+9SpRzsfJTk5DNCRJeUdri5I71U9orgs6zAeUvcM0T5VnIdcv4eQ+?= =?us-ascii?Q?a8kLknMDaT4vtOyEWRarGaY+PnRAUM+p6XoZBJ7CPu3vT14FViNZN1dwxo/+?= =?us-ascii?Q?2XzzKODkJKZNozu6Vlg6NzzncneRVSxSuCmQVRkEhnacj3KqnBff2RYihznV?= =?us-ascii?Q?ho3HHeuOyTlQiBX3GNCPQgrzTQw6QAu2oVZpelmj0zBZXdGx/gFyE2vHoiBM?= =?us-ascii?Q?ncyy8TSbKmY90sSchrmGieWwoHQ6WfhUYn9foCrpLryJ1t3JOUw82Z/FtPQk?= =?us-ascii?Q?bMhPx3E+YCKHV/21ofCLwC0CUivZVig3kJRLEV1ahEUsgEyq737S/FHVW4Vq?= =?us-ascii?Q?Fm1NV+saF+1oWMh0rChKudIxY3yIXbqxiCheV0s8YwGbRTbExWxSbygQMsPL?= =?us-ascii?Q?UUfwRUseiSIyF9QPsyjckp3CnIimSUQVLMpXc/Nr0pvyv4S9pTtAgpSfkEVK?= =?us-ascii?Q?6X64eyAyavcVSUSeyzf1LUwNXptfW6wLvIEZJrscorsDN45Yp4uArE5IRA6T?= =?us-ascii?Q?1yizATrVPrvjDCaPZgADAAAYd1KWCvA7cX/WmZB1Xu1fDehBmaGp8rTMtag5?= =?us-ascii?Q?TyM/apq5T0hm59JhLGqe+mYupMIAuRUjw48iNOEn5Jwyyf1zhWelqyxXMkbO?= =?us-ascii?Q?eRbVgwOHkC4qGX/YvkudnzJrwvzP3t91+vEh6409CnA8efW0FeQaGdEkUfR+?= =?us-ascii?Q?t8lDPZJEnCX34KoRUPtaLiECisf/5DKkMUBvb9lPbjUewdWBj0RAYN86Jc8Q?= =?us-ascii?Q?V4mQq7BO/7QUMpELWuq0yRubztWuN9paOLNSFabbfJXPPOUZN9ha06v75n9P?= =?us-ascii?Q?s00Un+SUAsAR6uBf7ldt/AtQ/+JygypN80e+P96oyZYV7LTKsH77gDf2YUMs?= =?us-ascii?Q?CHqp1p49TQ0zrOzfqCzphxvgTYnxM4wTspTSrLzTqiaCWq2Z7U1Q/7HiuJHU?= =?us-ascii?Q?x+YVeQU5F6GAzoHia5U/aM/70UfW67A8uo8RmVjdfQau1R9GlxHysF/ZNMBN?= =?us-ascii?Q?BusqqSZAhAmA9wqkdx8zgEboqoAG2QTmNFFBgjpikzFinneaNQWSkg47TXE2?= =?us-ascii?Q?u9zZfO64HAisozVYgSnPfYU=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 48f4b6c2-a837-4fe0-fd1e-08d9dbf4452d X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Jan 2022 09:07:22.7687 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 8qCNJqlspAjkOuwFnlbzinv87cFgMTnxe/C4Z3dRnv/AG3DKovlrj86tTIKNF8SgM7Mm4PEpccjQ7O/jKad2Yg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5158 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi > > +/** > > + Check if it is Tdx guest > > + > > + @retval TRUE It is Tdx guest > > + @retval FALSE It is not Tdx guest > > +**/ > > +BOOLEAN > > +PlatformPeiIsTdxGuest ( > > + VOID > > + ) > > +{ > > + CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER > *CcWorkAreaHeader; > > + > > + CcWorkAreaHeader =3D > (CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER > > +*)FixedPcdGet32 (PcdOvmfWorkAreaBase); > > + return (CcWorkAreaHeader !=3D NULL && CcWorkAreaHeader->GuestType > =3D=3D > > +GUEST_TYPE_INTEL_TDX); } >=20 > fwcfg patch adds a similar function. Can't we have a single function > somewhere, or have a #define for this check, instead of doing this > cut+paste programming? There is TdIsEnabled() in BaseLib. So PlatformPeiIsTdxGuest is deprecated i= n the next version. >=20 > > +VOID > > +EFIAPI > > +DEBUG_HOBLIST ( > > + IN CONST VOID *HobStart > > + ) > > +{ > > + EFI_PEI_HOB_POINTERS Hob; > > + > > + Hob.Raw =3D (UINT8 *)HobStart; > > + // > > + // Parse the HOB list until end of list or matching type is found. > > + // > > + while (!END_OF_HOB_LIST (Hob)) { > > + DEBUG ((DEBUG_INFO, "HOB(%p) : %x %x\n", Hob, Hob.Header- > >HobType, Hob.Header->HobLength)); > > + switch (Hob.Header->HobType) { > > + case EFI_HOB_TYPE_RESOURCE_DESCRIPTOR: > > + DEBUG (( > > + DEBUG_INFO, > > + "\t: %x %x %llx %llx\n", > > + Hob.ResourceDescriptor->ResourceType, > > + Hob.ResourceDescriptor->ResourceAttribute, > > + Hob.ResourceDescriptor->PhysicalStart, > > + Hob.ResourceDescriptor->ResourceLength > > + )); > > + > > + break; > > + case EFI_HOB_TYPE_MEMORY_ALLOCATION: > > + DEBUG (( > > + DEBUG_INFO, > > + "\t: %llx %llx %x\n", > > + Hob.MemoryAllocation->AllocDescriptor.MemoryBaseAddress, > > + Hob.MemoryAllocation->AllocDescriptor.MemoryLength, > > + Hob.MemoryAllocation->AllocDescriptor.MemoryType > > + )); > > + break; > > + default: > > + break; > > + } > > + > > + Hob.Raw =3D GET_NEXT_HOB (Hob); > > + } > > +} >=20 > Likewise, I've seen this before in another patch of this series. This will be deprecated in the next version. >=20 > > diff --git a/OvmfPkg/PlatformPei/MemDetect.c > > b/OvmfPkg/PlatformPei/MemDetect.c index 934d5c196570..9227fa260ccd > > 100644 > > --- a/OvmfPkg/PlatformPei/MemDetect.c > > +++ b/OvmfPkg/PlatformPei/MemDetect.c > > @@ -36,6 +36,7 @@ Module Name: > > #include > > #include > > #include > > +#include > > > > #include "Platform.h" > > #include "Cmos.h" > > @@ -556,7 +557,19 @@ AddressWidthInitialization ( > > mPhysMemAddressWidth =3D 36; > > } > > > > + #if defined (MDE_CPU_X64) > > + if (PlatformPeiIsTdxGuest ()) { > > + if (TdSharedPageMask () =3D=3D (1ULL << 47)) { > > + mPhysMemAddressWidth =3D 48; > > + } else { > > + mPhysMemAddressWidth =3D 52; > > + } > > + } > > + > > + ASSERT (mPhysMemAddressWidth <=3D 52); #else >=20 > Making this TDX-specific looks wrong to me. 5-level paging exists outsid= e TDX > too. >=20 > Given we don't support 5-level paging (yet) I think we can just drop this= and > revisit in case 5-level paging support is added in the future. >=20 > > + UINT32 Pml5Entries; >=20 > Same here. mPhysMemAddressWidth indicates the physical memory address width. Tdx guest= supports GPAW of 52 or 48. So I think here mPhysMemAddresWidth is correct. Even mPhysMemAddress is 52, we can still use 4-level paging. So I am going = to update GetPeiMemoryCap() like below: if (mPhysMemAddressWidth <=3D 39) { Pml4Entries =3D 1; PdpEntries =3D 1 << (mPhysMemAddressWidth - 30); ASSERT (PdpEntries <=3D 0x200); } else { if (TdIsEnabled ()) { <-- If it is td guest, then Pml4Entries= is set to 0x200. Pml4Entries =3D 0x200; } else { Pml4Entries =3D 1 << (mPhysMemAddressWidth - 39); } ASSERT (Pml4Entries <=3D 0x200); PdpEntries =3D 512; } Thanks Min