From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web11.50209.1629266093007422727 for ; Tue, 17 Aug 2021 22:54:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=fNQMcFcX; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: min.m.xu@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10079"; a="196519029" X-IronPort-AV: E=Sophos;i="5.84,330,1620716400"; d="scan'208";a="196519029" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Aug 2021 22:54:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,330,1620716400"; d="scan'208";a="441740985" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by orsmga002.jf.intel.com with ESMTP; 17 Aug 2021 22:54:51 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Tue, 17 Aug 2021 22:54:51 -0700 Received: from orsmsx605.amr.corp.intel.com (10.22.229.18) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Tue, 17 Aug 2021 22:54:50 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4 via Frontend Transport; Tue, 17 Aug 2021 22:54:50 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.176) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Tue, 17 Aug 2021 22:54:50 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=la/yBp5FjwtAxw1mJDXF+PQGFYJ7viWtB4k0q2iWF+AthSRiaTp1D2xIaTqHdk9oDSk4ri7zQSnLrb9MHyiLGcHt7BqytMhqd6uKpoTI1eZdgYzB9rMq07ZXe8NdM3qz9RUYXnPJ1bn6G9tWs6ik5rmC1sJZv7B10qVG0TN/VbdXQVszg/HwpSvGNRXpN5lSAqrrrNRa1onyip7slO4k485FyC7QItRhAJR6fpr028d+QK+7Uqm3k7bSqdPWbP/QwYMwr3ZpgoxX+gTIHtVLOIfydI4QYZ2IWfY7qhRBV7C2aIlprl83gMez1eFqa8xd1uPe9aMq2dBcQ26aNywgPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r/DgBhI0hqN1zB1b3pfv/GvmUiHtJAl7hP0XH5rzqxg=; b=VchSpRnH2nNbaGI89Py6n4ZRqIHmDKN1wEOD594XJC2rKRYl9AULj5EgHLSXdqoshxCYmoPs+gPcrEQdWIWqUpNqBZpc+yAALgTgdEzf8bj7gV6jv8IO+kZl088J/1nhioZCeW/BvHS3XMsewFhTs/yZGlIgTkJdtJU7IItseSo3rjcklh4Ni/kwEuTZZ5Fum+BJ30x2E51EdEcwJ4xj8rFWyjhJ3SQfIj7w+Tk+neRuPe39lYq6jbSt4rwN9hzWyeQaNHW/fQJiSvsCGA8bKikp7U8LUGfi/CJkHIF4rYKjch9hSigOqWHeDMxb/rEsiIDBP6yWdgkNaxKwXsCqww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r/DgBhI0hqN1zB1b3pfv/GvmUiHtJAl7hP0XH5rzqxg=; b=fNQMcFcXzDhBzXgpzl1fxFfa40HsYJM8970+XNqEVfAfY1+lyNyQ1OSLdyFxn8pEpxwb12TGM/wUIKq9EvsrVoqcmLVbYbsjjbxE91jQ7I2ieGd/WJRzRqk+bGRJa6zOm21RQerhzpkzRP6YSdoZE8ng9eG3ovFnVSi+zsL/MJc= Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by PH0PR11MB5015.namprd11.prod.outlook.com (2603:10b6:510:39::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.15; Wed, 18 Aug 2021 05:54:48 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::c93:200e:5aeb:e11b]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::c93:200e:5aeb:e11b%3]) with mapi id 15.20.4415.024; Wed, 18 Aug 2021 05:54:48 +0000 From: "Min Xu" To: Gerd Hoffmann , "devel@edk2.groups.io" CC: "Kinney, Michael D" , Liming Gao , "Liu, Zhiguang" , "Brijesh Singh" , Erdem Aktas , "James Bottomley" , "Yao, Jiewen" , "Tom Lendacky" Subject: Re: [edk2-devel] [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Thread-Topic: [edk2-devel] [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Thread-Index: AQHXj3FG2qCELoaR5kuNNBD2Jm4z+qt3Z5YAgAFhJVA= Date: Wed, 18 Aug 2021 05:54:48 +0000 Message-ID: References: <8f56e6f50477bf00d5121e6515388fe68525b1e2.1628767741.git.min.m.xu@intel.com> <20210817083822.vx2ts6twmm2fspqc@sirius.home.kraxel.org> In-Reply-To: <20210817083822.vx2ts6twmm2fspqc@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.5.1.3 authentication-results: redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 3b9d1c4b-4493-46ca-38d9-08d9620cb075 x-ms-traffictypediagnostic: PH0PR11MB5015: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: IEAknhL7O/zHDeAXccsimXjK6853zIf1Clne+qGaiyTiwhCeR8K90UA6AvpkrZR9mJuEQ3LUwsztqj6m2JbitOpymebklOV7ydZF/mM4yI2SgL2fQ7EPK82qGtE/MQwcxddC2gUd7lW+i38sEEeTJRL+CfYpLmSg8PIgtzvFpWgeaCDoogW2lKC1eEVpmGPkqQ2HDKcaPTsEVPNKfSswtzXiB8gFpq6XGi48U6N/ciZni3BjTTcGgMKnnm+PBEFBwNcAwoEuAfEsg0V0NVx6O91dDm+BEhj9Thh5j69OY6vWUssntdF2ePXCVpbUy+IPUs85tjftFYt23vohSUxNQPEGjzXMUo+gGQTZpijwAmDMQgfttQmqZDDQ8PnaviBkMDBumzQhVnxgs/qvyxVQAeY874vLWZ2Gq6Erarj6wMJAvr118AinP37dx+MGHzkEKhlHZLjtGs9u5WlNsLOo8CANMWNMS9cZpLD59zeHvxzRlcfngI/1xOShiX8tsnAXyk6IXnyiX867psPTcdRClXGD54IvHPT97jPzrjOQA7zs5jOV98YZ5aIug92GEdrn6q9Y2Vr8nT/TbUrabus7NFSqufkgQRFo2bujXq3Q0uPuwQ3t5/CcvQoRhCT2rwHIsDbt14a3/JuPWhmqWuSGwFR0KGFH2HC4+4qFBOOZ0EmN2dJ6CzAMsHisO6CbuGN7pHFRMwhIjVRRKMAEWB33b7muDRYJXfzHDi8aZlI+fVe+tbb/GDuPmi8NxPvRmOIlfEnMQph210hP0HTz8lwy1wB2GVrF6I2b+4s70raaXPI8SeVd2ef10ud223Rjot6yLRmdw4894hEENmWebL9WoA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(366004)(376002)(396003)(39860400002)(346002)(136003)(9686003)(5660300002)(55016002)(66946007)(38070700005)(33656002)(478600001)(316002)(122000001)(52536014)(38100700002)(186003)(54906003)(15650500001)(71200400001)(83380400001)(8936002)(86362001)(110136005)(8676002)(76116006)(26005)(4326008)(6506007)(64756008)(66446008)(66476007)(66556008)(2906002)(7696005)(966005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?/5NPaVNQYLh4XT1L/CbygW5kWNM6ZTbVh1rp8LBRJ+9WWP52E8+Q+DG86IFQ?= =?us-ascii?Q?iA7SWiGJ2twyux22KoxSw3y6b9GkkTLgQdv3d2yOvxo9EskaL9VsbSDXDrkS?= =?us-ascii?Q?i8I88emvcd0VHEeEXRf3H7fWQchdA7v9qsrqG3iahq7d4mHpGte3Jz8cmCy1?= =?us-ascii?Q?q0Mz3P4XejNmHRfA0oXfdsBDJ4zpg8v/pv1/Tb0doYKA8ZM9cYwTSfWy0ykZ?= =?us-ascii?Q?VGico0haLUBa6aVSXgrD4C01D7SJeeHhPv3VnD4YsIsv99y+sarVOBL0RZCq?= =?us-ascii?Q?e1h1Ubel6K4lCX+YAiEAWmhufN7EQ7XNvKaqmRGSGQKXa5LMPTaCzyMNeDzb?= =?us-ascii?Q?ydGIap8RgbwYSjPGsRLxDJVynyN3ar7TuNcrO/O/zlDoM2Ej6XvWqo0g1Z+S?= =?us-ascii?Q?Z7YKFH/ChryP/rZWqZoNIDb1jrmaPMdGs+h0A6i5o+0Qm1Zsjkz/3y3pbuNS?= =?us-ascii?Q?QR35bSwgcQsbLJemEnfe1+qcLb71UA4TEbEpgHze8pqsKzIyO3QGF2WnFdop?= =?us-ascii?Q?UAx9nEpX9RJM+BQtAIeHV+nUdnACHR4fc3guVxM5PVMAo0KRaVAAkIoY8pK0?= =?us-ascii?Q?micoovfNX9oGYMrXicXliAUW0P2Rwkl54DSPs/dEReX69EMIpXXKoiZ/h6wK?= =?us-ascii?Q?mN4dOW/7h7f7+bGY1t7Qg4d4IJp8t0Qh+fZVtRPT11ekqIXUDaErSRzmGT9J?= =?us-ascii?Q?55zdG3KBEepwqFuUyDuvl/yFGHRc26z+1GfiKlqvAyrkzhOVRQfDroqajM0p?= =?us-ascii?Q?swkdX6MysChTC4BJ7vIEBbtatSnt2wNlyK8d8zlldtYc4ATBLZPvf2ruOUts?= =?us-ascii?Q?DnekH1BPX7uWL5dKG4EZWGtZchFa/p92IJiP/4mw0jZ+m8cx3fAUorOm+Xhq?= =?us-ascii?Q?uzV2sTLHVmsdXUkXzE5KleD+hCIABx5pBPpf4+Sb5z4Oi9xuwbGHIGxKTEUq?= =?us-ascii?Q?RaQ7B2S+MjhHS3flJUHO2IUKEcIackxPL7qCgRLi+ZptyYwi9PUREQphRtkO?= =?us-ascii?Q?qbi3aTO+W8qRIJrtZZuBycwVtuAiHYCSMc+7lzB4hTGuOFLHBgfhCX5ZUnNI?= =?us-ascii?Q?Y1nEsLNfCHYG2PSDNftUnfQpmg5ob8CXRkZPuvHXSfRzQ8a1SUgfEH4PECFp?= =?us-ascii?Q?vE0LLDIzTqrtk1wW7c9ie6is+r/Xl0y5uyFDLwGLspE/tnEspq9BPUSJuxNv?= =?us-ascii?Q?YEFUzWGtwzqqD+w6BozzeTDm0mm9V85eA0wtB4Y/OQfHAXtksDsfi4NCOURj?= =?us-ascii?Q?3Vzy/OaoWIMda0hzYhQPA7oq5Xc8YGi9D+FXBcVU8mhG9W5segur6zfRw4Db?= =?us-ascii?Q?ygkZ4UziHDi7pUtWQeEhHrmy?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3b9d1c4b-4493-46ca-38d9-08d9620cb075 X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Aug 2021 05:54:48.8212 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: SeSckcrtdRE03z5Bso8ePr9kOfRUnMowi6kaJqVwFrVGujhqwTPS6vxbGJaqQTzfEnMPOvavhzfa+WlyriFR2w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5015 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On August 17, 2021 4:38 PM, Gerd Hoffmann wrote: >=20 > Hi, >=20 > > In the I/O functions of above files, if IsTdxGuest() returns TRUE, > > then Td I/O routine is called, otherwise the legacy I/O routine is call= ed. > > Td I/O routines are declared in IoLibTdx.h and implemented in > > IoLibInternalTdx.c. >=20 > Sorry, I'm a bit late to the party, but what is the overall long plan her= e? > Yes there are discussions about the TDVF (Trust Domain Virtual Firmware). https://edk2.groups.io/g/devel/topic/83283616#76022 The design slides and recorded meeting are in below link: https://edk2.groups.io/g/devel/files/Designs/2021/0611 >=20 > IIRC some of the TDX features require a separate firmware binary. So, if= we > need a separate binary anyway at some point in the future, isn't it simpl= er then > to use a separate firmware binary right from the start? >=20 > You can simply add a Tdx-specific variant of the library > (BaseIoLibIntrinsicTdx.inf) and switch at compile time instead of having = runtime > switches all over the place. >=20 TDVF has 2 Config for upstream. See https://edk2.groups.io/g/devel/message/= 76367 Config-A merge the *basic* TDVF features to existing OvmfX64Pkg.dsc. (Align= with existing SEV). OvmfX64Pkg.dsc includes SEV/TDX/normal OVMF basic boot capability. The fina= l binary can run on SEV/TDX/normal OVMF So we have to probe the Td guest in run-time and switch to the correspondin= g I/O routine. The solution of using a separate firmware binary is not feasible in this si= tuation. Thanks. Min