From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web11.41522.1640314952278507905 for ; Thu, 23 Dec 2021 19:02:32 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=YLLelpL2; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1640314952; x=1671850952; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=/m5B5XN6VctI+C3+/crzdGLjaT3urnlLZRX8BaJB2+k=; b=YLLelpL20cP0kQ86gJ4N8+JoXm4u1JU+ouI4sTtiiBd25DCwsnuw6dhT jT8k5wCsy6fHcSfJYT6hl7DFoxhG6+8dkh672l7yVuzu+zNBng0sDT3v6 iHidh9SpDUAwqMwq2H2oM9Bg0C7+V6Rm5PM/FcGpCGQtPp/9ZJMQev89Z 6SQoCNaYaoQURUImWDPHVUTduidmZZiqqXTttxSvtNVCKs/3rd7Sa82PR YwGeStZL7CBmOS4gmPyWMPb+LbanJaW5Ceqd3l0HIZpstJ9Iw3EGqTe/t iOEVbU0K5ptshEfwD5Nxae0DjqXbX6MPqEs7kz+tF2FqwgcunHQgk3XGY w==; X-IronPort-AV: E=McAfee;i="6200,9189,10207"; a="301681282" X-IronPort-AV: E=Sophos;i="5.88,231,1635231600"; d="scan'208";a="301681282" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Dec 2021 19:02:30 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,231,1635231600"; d="scan'208";a="522290734" Received: from orsmsx604.amr.corp.intel.com ([10.22.229.17]) by orsmga008.jf.intel.com with ESMTP; 23 Dec 2021 19:02:30 -0800 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Thu, 23 Dec 2021 19:02:30 -0800 Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Thu, 23 Dec 2021 19:02:29 -0800 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Thu, 23 Dec 2021 19:02:29 -0800 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.107) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Thu, 23 Dec 2021 19:02:29 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cjl7ZgrpDGQN67Z8wKSQuo4GVdacyVWzLnB7wIlcwSN/KS8ciJG9VCYw3TEVx5b7wfXTrXxePLN4ykUVwbVW45MbZsaJhbmXUwPdPeW8ikkftYv6rJA3UdLWOK6hsw0VhK3QSUC1fFU2SRaZSNniAkbnejuxn2FXlef0ajuVTjd7cV/IpAe8FKSk1VteloW/Q6qHXhdpd1RG3y4FDECc0YHmOLYLsOlUeVJKGHYkQM/OhgeTM6S5y0ng75g/+6ISw5q1ejCuSWF3WGGCRDwpUEMaSedG5sII0bDzFVGzxkw1aqLve/esdMCg00vjQ1R6JaG4Ikiy1qSuQ0Nj7yiveA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xaDrwQWIPAUnX5mK8BjF2zYSyrR0tqbujSCwTQ6PXMk=; b=kiDsrk8qN88bCZ+WX92qYLXeZ1qhzONEiVGMgGQyuq5tUXn+xqHqIp1ZVL7apIod/qkVQpGKavFVtWN5zmRiCyjiDA4asv6F43UVZNJbi6LXFQYOs4a4S5sr7Yhlbv83egKAk2Z+BqkQzvbMg22v/6cZjjRzS8+xfRozI66TsyyS89Vgw2gL87MIsjkvOOKzMsR1S/L/yTELCyFilMQFDzPt/1yYkZ3XAZdBC+gfuYBkZaOTvOsnUvLEU/NSI2ToNa9RHnJ7nQD7dSM8t8JjdlAaFPqumkz0zYW0z9TM2z8DSDQejQaMbv/0zXQXqCeuOr8ILmA+bnXL9f8p3Jg5rQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by PH7PR11MB5913.namprd11.prod.outlook.com (2603:10b6:510:137::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4823.19; Fri, 24 Dec 2021 03:02:28 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::fd42:b334:5030:af8d]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::fd42:b334:5030:af8d%4]) with mapi id 15.20.4823.021; Fri, 24 Dec 2021 03:02:28 +0000 From: "Min Xu" To: "devel@edk2.groups.io" , "kraxel@redhat.com" CC: "Kinney, Michael D" , Brijesh Singh , "Aktas, Erdem" , "James Bottomley" , "Yao, Jiewen" , "Tom Lendacky" Subject: Re: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Thread-Topic: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Thread-Index: AQHX8PBp3T4AYRIE0EySqY5nWcpMV6wzWvSAgAGrRwCAAClsgIAD7/RAgAI0B4CAAsQ50A== Date: Fri, 24 Dec 2021 03:02:27 +0000 Message-ID: References: <20211214134126.869-1-min.m.xu@intel.com> <20211214134126.869-9-min.m.xu@intel.com> <20211215102753.m4bp56bdxzgmdzkr@sirius.home.kraxel.org> <20211216142525.pkaxszwaevlpg4ap@sirius.home.kraxel.org> <20211220121145.aiqcqs6vd2hb2sb4@sirius.home.kraxel.org> In-Reply-To: <20211220121145.aiqcqs6vd2hb2sb4@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.200.16 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1d8f353e-e60c-4c43-7800-08d9c689d1ab x-ms-traffictypediagnostic: PH7PR11MB5913:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: +mAl9Boe+3ozYihynfkjk/EvqLr8i5iiDILQYKNR7wKDn0+8PVX+VSg90qylGOBlK5pLmDAg0iWGbC4vgu5QRiNfzMlQmw38EqzwXJ/BvDxreTaWCkoaS9ZbQ+QoLNAaRgx1Ek+Q1B2J6cle5ZQ0m3C7kn6xvMl6ZEP+BpOBAOsghDlqrH/WNTPA1FQdl9LCjoRGebl5TJFOkHkTnD4Fk1U2MwC3GTQafqMtd24PibE+dMxcJ+IVt+iBjuWU/Z3QHIJ4XA+927e3NsQO8ysFabGkuUZnry6ljle6YkCmf1kCh+28O/4zkvl2mTuJB7NYKnjmvmQM86I/LEHm+jzt0CXsCHp65FzP2gaDrjlwaPdcnYVB5NvoqBGjC26mL3F8XozzUlFokTk2eCrbzj4ZDkKTyfDTGpU8Pxv479huJdKT9SI/RCkrfkepWtBFfhuggvdd3aSLBrL3VKjf03UK6OmbKzUuP+E8s0vyBq7djuYY+jvvjIHbEnR59Wiw2g7WIW4i8JBVvbB5SKawwyU5A965qvvKCGoEInfRela5fEaTwLPxYv8BHbN4+5oecCM4zXVi9KvIyjdMdSohGOmHItMNqIOhpLAVCNnDugOPa37qTuIjJL24rNNjMErzi9F7KKjkMsHhs6O0CIyW4ASbu35AJ/dSfy5OsP4pcnC9WLA80hC4uJvrbTMh2NZg0hStHu/B6f8jRDX9fcvbAkbs7A== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(19627235002)(110136005)(186003)(5660300002)(4326008)(64756008)(76116006)(71200400001)(8676002)(55016003)(7696005)(83380400001)(8936002)(52536014)(38100700002)(316002)(9686003)(66556008)(508600001)(54906003)(6506007)(86362001)(66446008)(33656002)(2906002)(66946007)(26005)(82960400001)(122000001)(66476007)(38070700005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?TR6tRsLZFS/5XFd+btJhuEW6L5swVU4+aoDRlaPyMk0k1EU9bGcp1Eg5cKhl?= =?us-ascii?Q?d/vqY8Rat6X4fY/BM1g9jC9opgCHtEjOCqOxYfmKxTVrYWT5gmcEjRE7jr8w?= =?us-ascii?Q?UOxMFsdz5O/JZr5MtrR0TgsqzcodcCnrPGUHkR71xAVJZb0U+na7NPlCPktM?= =?us-ascii?Q?+10z2PP/71CAfCOoENmoXIYG0gQFmaSTgNdI6w0RDVTU/bQRgnNB+5OmaBsG?= =?us-ascii?Q?KLhziAASuWQFBNqnmgc19JYnBkoBUSqFaDN6UMGfmyxLgKOnWgT5BcDHr6Cd?= =?us-ascii?Q?4oYErvl0w96JLwe6GJQS94uoj2fPjy3MnlCnXO8t0Tv2Ja/qo/llac2iLDpJ?= =?us-ascii?Q?OgMRT1hx07W3m6lOt9M22VBqQRgHxBACi9aR9wldS0rqHWCvTxNbcvR2Eg4K?= =?us-ascii?Q?oilfgJ1qYgiIm3+/n32eY6us8Osgx9oXpyZqyut6lj6qo44T0AsDz8HJb1nz?= =?us-ascii?Q?fWc7Y0FZ8QUcyHg1leOumXVgapG9nsplIw6oLs6Vq7GYf2og8bjoKF/4MbgT?= =?us-ascii?Q?Npps90WrgLUzWaZxnNK3Jlctx/LKYaQlf9j2QZbuUd8CN7p2bQKXGUyJ0K8o?= =?us-ascii?Q?uUmmsUifqw0eUP5NmG7y7IBOKLYu3t6SqN+ClKtdyhd+mvUfEL6ou9iuUVBJ?= =?us-ascii?Q?TysYQY7Rq6eMy2qggYxPiQ6sGfKHNLcu6KwYoDtsIw9J/GfKFQPyJz2wkVKA?= =?us-ascii?Q?yaFo4Zj/F9kD28gCojMTz1CGg+aQ/FkZAt1eJaEXzHsjOKTjwuSNNNc4Us1j?= =?us-ascii?Q?o/RrKAKtD8n/Jcyem5cP90MofDc4GMeXJsPAOSYP1OnyOCiYk5Lv8+9uLaS+?= =?us-ascii?Q?EyzjdrXUgAwiJkX0Vrj+YtUaXLuuEfBxqiwB3NE83AkQKNKcRhPl9Nujm0hM?= =?us-ascii?Q?iCRNom7RHpILuDlmWWQpGWTjebcxDmHChC+W2ugfmoJUUmBx5ix94lX0Q4lb?= =?us-ascii?Q?kildTGgXwAGZzoqPu5DEsAfIDomG8E+cw9YoP2vxD0rJqYMdZFghSWxYQnsw?= =?us-ascii?Q?fFmXdnUVhHTXxopmxsGduurvWpWEpQJyGyc66S75ruKzZ5ezG3yqyCzhrx+G?= =?us-ascii?Q?ofcqnGNV+BgfirYW1LhO/LSZR2QsSWVv8FIWa0a2kQ7UI60eCT6jfI2OBZ2S?= =?us-ascii?Q?/D5/H4fKILh7i9V01TKqCnf95ao0nd64563cZiU7wGJZ3Tu7+sCihfqn8c/T?= =?us-ascii?Q?qXnvwLu2LutFaBVVL4MDn5Bx/igefEO0m2VtgvCFCK9HeAIwfJkDlq+3pG32?= =?us-ascii?Q?yOIiukWG907X7mBDN8EbgaSyJnxPrVaJtQ2INwmpjIpvvP5TxvLkWcZswbMX?= =?us-ascii?Q?OBoIH+XcGjfNHZGZjrVV40T3ZkldIHAzt5k0Gx4jf4LUaY7Zf9aIpERrmWsN?= =?us-ascii?Q?RoYQ4sD+oMGaKPVmCI9Ljsaeub0T9fer8BKbEAS8krN+vV0N5wIUUfNs6Jeg?= =?us-ascii?Q?b24Ls7T+rLeiW21S8xyoRydqJesNDH7xqUdA/ZHSVSu2SF7fPP5vDcLMfhgP?= =?us-ascii?Q?li1Q1xW+KHMV5w7FEajl1aBN2KxnD0YLfv+SeXSB/OouNg1PIWXJHc67jsIY?= =?us-ascii?Q?6sex+311maBqjGUZNUs8T7LIbrEynZ7q/yF0AkHQ4fqrHNYVnOWjyyQcphBz?= =?us-ascii?Q?Sg=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1d8f353e-e60c-4c43-7800-08d9c689d1ab X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Dec 2021 03:02:27.9154 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: I9Y0zjfEF/NupQrUawh/VQeO2etgszWVPOpNr3JUMZmnVa8uONRf0bskM135/lYKhIL334nFybHIJp50CBcbbw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB5913 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi >=20 > > > Why? Booting non-tdx guests without PEI shouldn't be fundamentally > > > different from a TDX guest. Memory detection needs fw_cfg instead > > > of the td_hob, and you have to skip some tdx setup steps, but that > should be it. > > > Code for all that exists in PlatformPei, it only needs to be moved > > > to a place where SEC can use it too. >=20 > > We would like to split TDVF Config-B into below stages. > > 1. Basic Config-B (wave-3) > > 1.1 A standalone IntelTdxX64.dsc/.fdf. Un-used drivers/libs are removed > from the fdf, such as network components, SMM drivers, TPM drivers, etc. > > 1.2 PEI FV is excluded from the build. Only DxeFV is included. > > 1.3 Since PEI FV is excluded from the build, so Basic Config-B can only= bring > up Tdx guest. It *CAN NOT* bring up legacy guest. >=20 > What blocks legacy guest bringup? >=20 > See above, I think it should not be hard to do, and given that TDX-capabl= e > hardware is not yet production ready I find it rather important that test= ing > the PEI-less boot workflow does not require TDX. Current PlatformPei does below tasks (no SMM, no S3): 1. Fetch the memory information from either e820 or CMOS, then create the R= esourceDescriptorHob. 2. Create MemoryAllocationHob for PeiFV/DxeFV, create FvHob for DxeFV. 3. Read the CPU count from QEMU and set the PCDs. 4. Create the ResourceDescriptorHob for MMIO and set the PCDs 5. Other Hobs, such as MemTypeInfoHob, CpuHob 6. Set PCDs, such as PcdSetNxForStack, PcdOvmfHostBridgePciDevId, PcdPciIoB= ase, etc 7. Calculate the memory for PEI and PublishPeiMemory 8. InstallClearCacheCallback/InstallFeatureControlCallback Task 7 is not needed in PEI-less boot up. Task 8 is not needed either because it is for MP Services. PCDs cannot be set in SEC phase, so the values should be saved in a Hob (fo= r example, PLATFORM_INFO_HOB). In early DXE phase these values are set to t= he PCDs. This is how TdxDxe does today. Other tasks can be done in SEC phase. I think there should be a lib (for ex= ample, PlatformPeiLib) to wrap these functions so that they can be re-used = by OvmfPkg/PlatformPei.=20 PEI-less booting up legacy guest doesn't support TPM. So to boot up legacy guest without PEI phase, there will be below changes. 1. OvmfStartupLib: (like TdxStartupLib) - Decompress DxeFv, locate DxeCore, create IdentityMappingPageTables, t= hen jump to DxeCore. 2. PlatformPeiLib: - Wrap the functions to do memory initialization, etc. (see tasks 1-5) 3. OvmfLegacyDxe - Set the PCDs (see task 6) Base upon above consideration, It's a big change. That's why we suggest imp= lement Config-B in 3 stages. I am also thinking about another option which includes PEI in build. (That'= s Config-B v1) In this option, Ovmf image layout is kept unchanged. In run-time Tdx guest = is probed. If it is Tdx guest, it goes to TdxStartup and brings up Tdx gues= t. Otherwise it follows normal Ovmf boot flow. The advantages are: 1. The change is small. 2. It doesn't impact the current legacy guest, nor the SEV guest. I know there are many discussions in above options. Can we follow below roa= d map so that we can discuss 3 (How to achieve ONE Binary) in more details? 1. Basic Config-B (PEI-less and only Tdx guest) 2. Advanced Config-B (RTMR based measurement) 3. One Binary Config-B (support legacy guest) > ... and given that TDX-capable > hardware is not yet production ready I find it rather important that test= ing > the PEI-less boot workflow does not require TDX. >=20 > It'll also make it much easier to add CI coverage. I am thinking if SEV features are covered in CI? Because I want to make sur= e our changes don't impact SEV. Thanks Min