From: "Min Xu" <min.m.xu@intel.com>
To: "Ni, Ray" <ray.ni@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Dong, Eric" <eric.dong@intel.com>,
"Kumar, Rahul1" <rahul1.kumar@intel.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Erdem Aktas <erdemaktas@google.com>,
James Bottomley <jejb@linux.ibm.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [PATCH V2 07/28] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib
Date: Thu, 14 Oct 2021 07:58:48 +0000 [thread overview]
Message-ID: <PH0PR11MB5064C1E64024C974C08C1D1EC5B89@PH0PR11MB5064.namprd11.prod.outlook.com> (raw)
In-Reply-To: <BN0PR11MB5696587FEB7B5FEE810F90F28CB79@BN0PR11MB5696.namprd11.prod.outlook.com>
On October 13, 2021 1:31 PM, Ray Ni wrote:
> Min,
> Comments below:
>
> +**/
> +BOOLEAN
> +EFIAPI
>
> 1. EFIAPI is for public lib API. Is this a public API?
No, it is not a public API. The EFIAPI will be removed. Thanks for reminder.
>
> +BaseXApicIsTdxGuest (
> + VOID
> + )
> +{
> + UINT32 Eax;
> + UINT32 Ebx;
> + UINT32 Ecx;
> + UINT32 Edx;
> + UINT32 LargestEax;
> +
> + if (mBaseXApicTdxProbed) {
> + return mBaseXApicIsTdxEnabled;
> + }
> +
> + mBaseXApicIsTdxEnabled = FALSE;
>
> 2. ApicLib can be used in pre-mem running directly in flash.
> The global variable cannot be modified in that case.
What will happen when the global variable is modified in flash?
Will the system hang? Or just a failure of write operation?
>
>
> +
> + do {
> + AsmCpuid (0, &LargestEax, &Ebx, &Ecx, &Edx);
>
> +
> + if (Ebx != SIGNATURE_32 ('G', 'e', 'n', 'u')
> + || Edx != SIGNATURE_32 ('i', 'n', 'e', 'I')
> + || Ecx != SIGNATURE_32 ('n', 't', 'e', 'l')) {
> + break;
> + }
> +
> + AsmCpuid (1, NULL, NULL, &Ecx, NULL);
> + if ((Ecx & BIT31) == 0) {
> + break;
> + }
> +
> + if (LargestEax < 0x21) {
> + break;
> + }
> +
> + AsmCpuidEx (0x21, 0, &Eax, &Ebx, &Ecx, &Edx);
> + if (Ebx != SIGNATURE_32 ('I', 'n', 't', 'e')
> + || Edx != SIGNATURE_32 ('l', 'T', 'D', 'X')
> + || Ecx != SIGNATURE_32 (' ', ' ', ' ', ' ')) {
> + break;
> + }
>
>
> 3. Can you use definition from MdePkg\Include\Register\Intel\Cpuid.h instead
> of hardcode 0, 1, 0x21, "Genu" and etc.?
Thanks for reminder. It will be updated in the next version.
CPUID leaf 0x21 is newly added in [TDX] Section 10.2
TDX: https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-module-1.0-public-spec-v0.931.pdf
Can I add a definition of leaf 0x21 in MdePkg\Include\Register\Intel\Cpuid.h?
>
> +
> + mBaseXApicIsTdxEnabled = TRUE;
>
> 4. avoid relying on global variable for caching the result.
Is it because LocalApicLib will run in flash?
>
> +
> + switch (MsrIndex) {
> + case MSR_IA32_X2APIC_TPR:
> + case MSR_IA32_X2APIC_PPR:
> + case MSR_IA32_X2APIC_EOI:
> + case MSR_IA32_X2APIC_ISR0:
> + case MSR_IA32_X2APIC_ISR1:
> + case MSR_IA32_X2APIC_ISR2:
> + case MSR_IA32_X2APIC_ISR3:
> + case MSR_IA32_X2APIC_ISR4:
> + case MSR_IA32_X2APIC_ISR5:
> + case MSR_IA32_X2APIC_ISR6:
> + case MSR_IA32_X2APIC_ISR7:
> + case MSR_IA32_X2APIC_TMR0:
> + case MSR_IA32_X2APIC_TMR1:
> + case MSR_IA32_X2APIC_TMR2:
> + case MSR_IA32_X2APIC_TMR3:
> + case MSR_IA32_X2APIC_TMR4:
> + case MSR_IA32_X2APIC_TMR5:
> + case MSR_IA32_X2APIC_TMR6:
> + case MSR_IA32_X2APIC_TMR7:
> + case MSR_IA32_X2APIC_IRR0:
> + case MSR_IA32_X2APIC_IRR1:
> + case MSR_IA32_X2APIC_IRR2:
> + case MSR_IA32_X2APIC_IRR3:
> + case MSR_IA32_X2APIC_IRR4:
> + case MSR_IA32_X2APIC_IRR5:
> + case MSR_IA32_X2APIC_IRR6:
> + case MSR_IA32_X2APIC_IRR7:
>
> 5. Can you explain in the comments about what spec says that above MSR can
> be accessed directly while others cannot?
TDX: https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-module-1.0-public-spec-v0.931.pdf
[TDX] Section 18.1
>
>
> + UINT64 Val;
> + UINT64 Status;
> + if (!AccessMsrNative (MsrIndex) && BaseXApicIsTdxGuest ()) {
>
> 6. can we simplify the above check with " if (!AccessMsrNative (MsrIndex))"?
> IsTdxGuest() can be called inside AccessMsrNative().
Sure. It will be updated in next version.
>
> +UINT32
> +EFIAPI
>
> 7. No EFIAPI please.
Sure. It will be fixed in next version.
>
> +ReadMsrReg32 (
> + IN UINT32 MsrIndex
> + )
> +{
> + UINT64 Val;
> + UINT64 Status;
> + if (!AccessMsrNative (MsrIndex) && BaseXApicIsTdxGuest ()) {
> + Status = TdVmCall (TDVMCALL_RDMSR, (UINT64) MsrIndex, 0, 0, 0, &Val);
> + if (Status != 0) {
> + TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
> + }
> + } else {
> + Val = AsmReadMsr32 (MsrIndex);
> + }
> + return (UINT32)(UINTN) Val;
>
> 8. Can you directly call ReadMsrReg64()?
Sure. It will be updated in next version.
>
>
> +VOID
> +EFIAPI
> +WriteMsrReg32 (
> + IN UINT32 MsrIndex,
> + IN UINT32 Val
> + )
> +{
> + UINT64 Status;
> + if (!AccessMsrNative (MsrIndex) && BaseXApicIsTdxGuest ()) {
> + Status = TdVmCall (TDVMCALL_WRMSR, (UINT64) MsrIndex, (UINT64) Val, 0,
> 0, 0);
> + if (Status != 0) {
> + DEBUG((DEBUG_ERROR, "WriteMsrReg32 returned failure.
> Status=0x%llx\n", Status));
> + TdVmCall (TDVMCALL_HALT, 0, 0, 0, 0, 0);
> + }
> + } else {
> + AsmWriteMsr32 (MsrIndex, Val);
>
> 8. Can you directly call WriteMsrReg64()?
Sure. It will be updated in next version.
>
>
> - ApicBaseMsr.Uint64 = AsmReadMsr64 (MSR_IA32_APIC_BASE);
> + ApicBaseMsr.Uint64 = ReadMsrReg64 (MSR_IA32_APIC_BASE);
>
> 9. I prefer to use "LocalApicLibReadMsr64()". It indicates two meanings:
> a. it's a local function which can be found within this lib
> b. it's consistent with "AsmReadMsr64".
Sure. It will be updated in next version.
>
Thanks.
Min
next prev parent reply other threads:[~2021-10-14 7:59 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-05 3:39 [PATCH V2 00/28] Enable Intel TDX in OvmfPkg (Config-A) Min Xu
2021-10-05 3:39 ` [PATCH V2 01/28] OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector Min Xu
2021-10-05 3:39 ` [PATCH V2 02/28] OvmfPkg: Enable TDX in ResetVector Min Xu
2021-10-05 3:39 ` [PATCH V2 03/28] OvmfPkg: Merge TEMP_MEM entries in Tdx metadata Min Xu
2021-10-05 3:39 ` [PATCH V2 04/28] MdePkg: Add Tdx.h Min Xu
2021-10-12 7:48 ` [edk2-devel] " Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 05/28] MdePkg: Add TdxLib to wrap Tdx operations Min Xu
2021-10-12 8:22 ` [edk2-devel] " Gerd Hoffmann
2021-10-13 12:13 ` Min Xu
2021-10-14 5:30 ` Gerd Hoffmann
2021-10-22 2:06 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 06/28] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Min Xu
2021-10-12 10:05 ` [edk2-devel] " Gerd Hoffmann
2021-10-13 13:40 ` Min Xu
2021-10-14 5:37 ` Gerd Hoffmann
2021-10-14 6:24 ` Min Xu
2021-10-14 9:03 ` Gerd Hoffmann
2021-10-22 5:23 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 07/28] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib Min Xu
2021-10-12 10:15 ` [edk2-devel] " Gerd Hoffmann
2021-10-13 14:06 ` Min Xu
2021-10-13 5:30 ` Ni, Ray
2021-10-14 7:58 ` Min Xu [this message]
2021-10-05 3:39 ` [PATCH V2 08/28] UefiCpuPkg: Add VmTdExitLibNull Min Xu
2021-10-05 3:39 ` [PATCH V2 09/28] UefiPayloadPkg: Prepare UefiPayloadPkg to use the VmTdExitLib library Min Xu
2021-10-05 3:39 ` [PATCH V2 10/28] OvmfPkg: Prepare OvmfPkg " Min Xu
2021-10-05 3:39 ` [PATCH V2 11/28] OvmfPkg: Implement library support for VmTdExitLib in Ovmf Min Xu
2021-10-05 3:39 ` [PATCH V2 12/28] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception Min Xu
2021-10-12 10:27 ` [edk2-devel] " Gerd Hoffmann
2021-10-26 5:06 ` Min Xu
2021-10-26 6:11 ` Gerd Hoffmann
2021-10-26 8:23 ` Min Xu
2021-10-26 10:24 ` Gerd Hoffmann
2021-10-26 12:09 ` Min Xu
2021-10-27 7:19 ` Gerd Hoffmann
2021-10-28 1:59 ` Yao, Jiewen
2021-10-28 15:35 ` Brijesh Singh
2021-10-28 15:52 ` Yao, Jiewen
2021-10-28 18:28 ` Lendacky, Thomas
2021-10-29 0:17 ` Yao, Jiewen
2021-10-29 4:52 ` Gerd Hoffmann
2021-10-29 7:51 ` Min Xu
2021-10-29 11:40 ` Gerd Hoffmann
2021-11-01 13:54 ` Sami Mujawar
2021-11-01 13:57 ` Yao, Jiewen
[not found] ` <16B2583BF2C9DB9C.5572@groups.io>
2021-10-29 0:20 ` Yao, Jiewen
2021-10-29 0:25 ` Brijesh Singh
[not found] ` <16B20F4407499229.28171@groups.io>
2021-10-28 2:07 ` Yao, Jiewen
2021-10-28 8:24 ` Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 13/28] UefiCpuPkg: Enable Tdx support in MpInitLib Min Xu
2021-10-12 10:31 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 0:27 ` Min Xu
2021-10-14 6:04 ` Gerd Hoffmann
2021-10-14 6:31 ` Min Xu
2021-10-14 6:56 ` Gerd Hoffmann
2021-10-13 6:01 ` Ni, Ray
2021-10-14 8:22 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 14/28] OvmfPkg: Update SecEntry.nasm to support Tdx Min Xu
2021-10-12 10:38 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 0:55 ` Min Xu
2021-10-14 6:51 ` Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 15/28] OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard Min Xu
2021-10-05 3:39 ` [PATCH V2 16/28] OvmfPkg: Add TdxMailboxLib Min Xu
2021-10-05 3:39 ` [PATCH V2 17/28] MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h Min Xu
2021-10-05 3:39 ` [PATCH V2 18/28] OvmfPkg: Enable Tdx in SecMain.c Min Xu
2021-10-05 3:39 ` [PATCH V2 19/28] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation Min Xu
2021-10-05 3:39 ` [PATCH V2 20/28] MdeModulePkg: EFER should not be changed in TDX Min Xu
2021-10-05 3:39 ` [PATCH V2 21/28] OvmfPkg: Update PlatformPei to support TDX Min Xu
2021-10-13 4:49 ` [edk2-devel] " Gerd Hoffmann
2021-10-15 1:31 ` Yao, Jiewen
2021-10-15 5:45 ` Gerd Hoffmann
2021-10-15 6:41 ` Yao, Jiewen
2021-10-05 3:39 ` [PATCH V2 22/28] UefiCpuPkg: Define ConfidentialComputingGuestAttr (Temp) Min Xu
2021-10-05 3:39 ` [PATCH V2 23/28] OvmfPkg: Update AcpiPlatformDxe to alter MADT table Min Xu
2021-10-05 3:39 ` [PATCH V2 24/28] OvmfPkg: Add TdxDxe driver Min Xu
2021-10-12 11:50 ` [edk2-devel] " Gerd Hoffmann
2021-10-18 8:38 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 25/28] OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper library Min Xu
2021-10-12 12:13 ` [edk2-devel] " Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 26/28] OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxe Min Xu
2021-10-05 3:39 ` [PATCH V2 27/28] OvmfPkg: Update IoMmuDxe to support TDX Min Xu
2021-10-12 12:15 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 2:11 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 28/28] OvmfPkg: Add LocalApicTimerDxe Min Xu
2021-10-12 13:02 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 5:20 ` Min Xu
2021-10-15 1:21 ` Yao, Jiewen
2021-10-25 7:37 ` Min Xu
2021-10-25 11:27 ` Gerd Hoffmann
2021-10-26 1:29 ` Min Xu
2021-10-26 5:50 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR11MB5064C1E64024C974C08C1D1EC5B89@PH0PR11MB5064.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox