From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web09.21069.1628769481864596349 for ; Thu, 12 Aug 2021 04:58:18 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: min.m.xu@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10073"; a="202524373" X-IronPort-AV: E=Sophos;i="5.84,315,1620716400"; d="scan'208";a="202524373" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Aug 2021 04:58:17 -0700 X-IronPort-AV: E=Sophos;i="5.84,315,1620716400"; d="scan'208";a="517433905" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.249.175.248]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Aug 2021 04:58:15 -0700 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky Subject: [PATCH 19/23] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation Date: Thu, 12 Aug 2021 19:56:58 +0800 Message-Id: X-Mailer: git-send-email 2.29.2.windows.2 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 If TDX is enabled then we do not support DMA operation in PEI phase. This is mainly because DMA in TDX guest requires using bounce buffer (which need to allocate dynamic memory and allocating a PAGE size'd buffer can be challenge in PEI phase). Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Signed-off-by: Min Xu --- OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c | 15 +++++++++++++++ OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf | 1 + 2 files changed, 16 insertions(+) diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c index ecabd88fab66..aae5f2fcb51f 100644 --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c @@ -14,6 +14,7 @@ #include #include #include +#include #include "QemuFwCfgLibInternal.h" @@ -82,6 +83,14 @@ QemuFwCfgInitialize ( // if (MemEncryptSevIsEnabled ()) { DEBUG ((DEBUG_INFO, "SEV: QemuFwCfg fallback to IO Port interface.\n")); + } else if (TdxIsEnabled ()) { + // + // If TDX is enabled then we do not support DMA operations in PEI phase. + // This is mainly because DMA in TDX guest requires using bounce buffer + // (which need to allocate dynamic memory and allocating a PAGE size'd + // buffer can be challenge in PEI phase) + // + DEBUG ((DEBUG_INFO, "TDX: QemuFwCfg fallback to IO Port interface.\n")); } else { mQemuFwCfgDmaSupported = TRUE; DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n")); @@ -162,6 +171,12 @@ InternalQemuFwCfgDmaBytes ( // ASSERT (!MemEncryptSevIsEnabled ()); + // + // TDX does not support DMA operations in PEI stage, we should + // not have reached here. + // + ASSERT (!TdxIsEnabled ()); + Access.Control = SwapBytes32 (Control); Access.Length = SwapBytes32 (Size); Access.Address = SwapBytes64 ((UINTN)Buffer); diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf index 9f9af7d03201..808cb16f75e1 100644 --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf @@ -42,4 +42,5 @@ IoLib MemoryAllocationLib MemEncryptSevLib + TdxProbeLib -- 2.29.2.windows.2