From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Eric Dong <eric.dong@intel.com>,
Erdem Aktas <erdemaktas@google.com>,
Hao A Wu <hao.a.wu@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
James Bottomley <jejb@linux.ibm.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Michael D Kinney <michael.d.kinney@intel.com>,
Ray Ni <ray.ni@intel.com>, Rahul Kumar <rahul1.kumar@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Zhiguang Liu <zhiguang.liu@intel.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: [PATCH V7 00/37] Enable Intel TDX in OvmfPkg (Config-A)
Date: Mon, 28 Feb 2022 15:20:32 +0800 [thread overview]
Message-ID: <cover.1646031164.git.min.m.xu@intel.com> (raw)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3249
Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a
Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
confidentiality of TD memory contents and the TD's CPU state from other
software, including the hosting Virtual-Machine Monitor (VMM), unless
explicitly shared by the TD itself.
There are 2 configurations for TDVF to upstream. See below link for
the definitions of the 2 configurations.
https://edk2.groups.io/g/devel/message/76367
This patch-set is to enable Config-A in OvmfPkg.
- Merge the *basic* TDVF feature to existing OvmfX64Pkg.dsc. (Align
with existing SEV)
- Threat model: VMM is NOT out of TCB. (We don’t make things worse.)
- The OvmfX64Pkg.dsc includes SEV/TDX/normal OVMF basic boot capability.
The final binary can run on SEV/TDX/normal OVMF
- No changes to existing OvmfPkgX64 image layout.
- No need to add additional security features if they do not exist today
- No need to remove features if they exist today.
- RTMR is not supported
- PEI phase is NOT skipped in either Td or Non-Td
Patch 01 - 23 are changes in SEC phase. Also some libraries in these
patches are workable in SEC/PEI/DXE.
Patch 17 - 20 extract the common codes from OvmfPkg/PlatformPei to a new
PlatformInitLib. Then OvmfPkg/PlatformPei is refactored with this lib.
This is because there are 3 variants of PlatformPei in OvmfPkg and hence
many codes are duplicated.
Patch 21 then add Tdx specific codes in PlatformInitLib.
Patch 24 - 29 are changes in PEI phase.
Patch 30 - 34 are changes in DXE phase.
Patch 35 - 37 are for local Apic timer DXE driver.
[TDX]: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-whitepaper-final9-17.pdf
[TDX-Module]: https://software.intel.com/content/dam/develop/external/
us/en/documents/tdx-module-1.0-public-spec-v0.931.pdf
[TDVF]: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-virtual-firmware-design-guide-rev-1.pdf
[GCHI]: https://software.intel.com/content/dam/develop/external/us/en/
documents/intel-tdx-guest-hypervisor-communication-interface-1.0-344426-002.pdf
Code is at https://github.com/mxu9/edk2/tree/tdvf_wave2.v7
v7 changes:
- Based on the comments from last review, 8 PlatformInitLib patches
are squashed into 4 patches (#17-#20). These 4 patches are not
related to Tdx guest. Tdx related codes of PlatformInitLib is
in #21.
- gUefiOvmfPkgTdxPlatformGuid is renamed as gUefiOvmfPkgPlatformInfoGuid.
Because this GUID is used not only by Tdx guest, but also by
Legacy guest.
- PlatformInitLibNull is deleted.
- In PlatformPei Pml4Entries is cap at 512 entries when
mPhysMemAddressWidth > 48.
v7 not-addressed comments
- Comments in MpInitLib have not been addressed yet. It will be
addressed in the following version.
- Thanks much for your understanding.
v6 changes:
- PlatformInitLib and OvmfPkg/PlatformPei refactoring are covered in
patch from 17 - 24. These patches are not related to Tdx guest. Tdx
related codes of PlatformInitLib is in patch 25.
- In the previous patch-sets, TdHob is processed in
OvmfPkg/Sec/IntelTdx.c. Per Gerd's suggestion they are now moved
to PlatformInitLib/IntelTdx.c. So that they can be reused in Config-B.
- The default Accept page size is changed from 4K to 2M.
- The BspAcceptMemoryResourceRange is refactored according to Gerd's
comment.
- In ApRunLoop.nasm command field is set to zero as acknowledgement.
This is a fix based on the ACPI Spec v6.4,Sec titled "Multiprocessor
Wakeup Structure".
v6 not-addressed comments
- Comments in MpInitLib have not been addressed yet. It will be
addressed in the following version.
- Thanks much for your understanding.
v5 changes:
- PlatformInitLib is introduced which wraps the common functions in
OvmfPkg/PlatformPei. It is because there are a lot of duplicated
codes for Platform initialization in PEI phase and there are at least
3 variants of PlatformPei. Another reason is that in TDVF Config-B
PEI-less boot needs the similar initiliazation as PlatformPei. Based
on the discussion with the community, PlatformInitLib is introduced.
As the first stage OvmfPkg/PlatformPei is refactored with this lib.
In the future the other 2 PlatformPei variants will be refactored
as well.
- PcdIgnoreVeHalt is deprecated.
- Add spec link for Mailbox.
- Other minor changes, such as comments, uncrustify formats, etc.
v5 not-addressed comments
- Comments in MpInitLib have not been addressed yet. It will be
addressed in the following version.
- Some comments may be missed. I will re-visit the review emails.
- Thanks much for your understanding.
v4 changes:
- Split the TdxLib into 2 libraries. The TDX basic functions
(TdCall / TdVmCall / TdIsEnabled) are moved to BaseLib (#2).
The other functions are in TdxLib. (#3)
- Based on above changes (TdCall/TdVmCall/TdIsEnabled in BaseLib)
the TdxLib.inf is not necessary in some Pkgs, such as
UefiPayloadPkg. The duplicated source code are deleted (BaseIoLib
is the sample).
- Drop the Accepting pages with TDX MP service. Instead only BSP
accepts pages. There maybe boot performance issue. There are some
mitigations to it, such as 2M accept page size, lazy accept, etc.
We will re-visit this issue in a separate patch-set.
- Relocate Mailbox in TdxDxe driver instead of in PlatformPei. This
is to keep consistence with Config-B (PEI is skipped in Config-B).
- SetMmioSharedBit in TdxDxe driver instead of in DxeIplPeim after
CreateIdentityMappingPageTables. This is to keep consistence with
Config-B (PEI is skipped in Config-B).
- Some other minor changes, such as switch-case indention.
- Rebase the code base (commit: 8c06c53b585a) and update the code with
uncrustify.
v4 not-addressed comments:
- Comments in MpInitLib have not been addressed yet. It will be
addressed in the next version.
- BaseMemEncryptTdxLib is suggested to be merged with
BaseMemEncryptSevLib. It will be addressed in the next version.
- Gerd suggests a generic page table walker which is able to set
and clear bits for a given memory range in both SEV and TDX guest.
This suggestion will be addressed in the next version.
- Some comments may be missed. I will re-visit the review emails.
- Thanks much for your understanding.
v3 changes:
- LocalApicTimerDxe is split out to be a separate patch-series.
- VmTdExitLibNull/VmgExitLib are removed. Instead the VmgExitLib
is extended to handle #VE exception. (Patch 3-5)
- Split the Tdx support of base IoLib into 4 commits. (Patch 6-9)
- Alter of MADT table is updated. In previous version it was
created from scratch. Now it gets the installed table, copy
it to a larger buffer and append the ACPI_MADT_MPWK to it.
(Patch 25)
- Changes in BaseXApicX2ApicLib is refined based on the
feedbacks. (Add spec link of MSR access definition, rename
some funtion name, etc.) (Patch 11)
- Use PcdConfidentialComputingGuestAttr to probe TDX guest instead
of CPUID. But in some cases PcdConfidentialComputingGuestAttr
cannot be used because it has not been set yet.
- Some other minor changes.
v3 not-addressed comments:
- Some of the comments have not been addressed. This is because I
need more time to consider how to address these comments.
At the same time I want to submit a new version based on the above
changes so that community can review in a more efficient way.
(v2 is the version one month ago).
- Comments in MpInitLib have not been addressed yet. It will be
addressed in v4.
- BaseMemEncryptTdxLib should be merged with BaseMemEncryptSevLib.
It will be addressed in v4.
- Some comments may be missed. I will re-visit the review emails.
- Thanks much for your understanding.
v2 changes:
- Remove TdxProbeLib. It is to reduce the depencies of the lib.
- In v1 a new function (AllocatePagesWithMemoryType) is added in
PeiMemoryAllocationLib. This function is not necessary. It can
be replaced by PeiServicesAllocatePages.
- IoLibFifo.c is added in BaseIoLibIntrinsic. This file includes
the functions of read/write of I/O port fifo. These functions
will call TdIoReadFifo or SevIoReadFifo by checking TDX or SEV
in run-time.
- DXE related patches are added. (Patch 22-28)
- Fix typo in commit/comment message, or some minor changes.
- Rebase the edk2 code base. (4cc1458dbe00)
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Min Xu (37):
MdePkg: Add Tdx.h
MdePkg: Introduce basic Tdx functions in BaseLib
MdePkg: Add TdxLib to wrap Tdx operations
UefiCpuPkg: Extend VmgExitLibNull to handle #VE exception
OvmfPkg: Extend VmgExitLib to handle #VE exception
UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception
MdePkg: Add helper functions for Tdx guest in BaseIoLibIntrinsic
MdePkg: Support mmio for Tdx guest in BaseIoLibIntrinsic
MdePkg: Support IoFifo for Tdx guest in BaseIoLibIntrinsic
MdePkg: Support IoRead/IoWrite for Tdx guest in BaseIoLibIntrinsic
UefiCpuPkg: Support TDX in BaseXApicX2ApicLib
MdePkg: Add macro to check SEV / TDX guest
UefiCpuPkg: Enable Tdx support in MpInitLib
OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard
OvmfPkg: Add TdxMailboxLib
MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h
OvmfPkg: Create initial version of PlatformInitLib
OvmfPkg/PlatformInitLib: Add hob functions
OvmfPkg/PlatformInitLib: Add memory functions
OvmfPkg/PlatformInitLib: Add platform functions
OvmfPkg: Update PlatformInitLib to process Tdx hoblist
OvmfPkg/Sec: Declare local variable as volatile in
SecCoreStartupWithStack
OvmfPkg: Update Sec to support Tdx
OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation
MdeModulePkg: EFER should not be changed in TDX
MdeModulePkg: Add PcdTdxSharedBitMask
UefiCpuPkg: Update AddressEncMask in CpuPageTable
OvmfPkg: Update PlatformInitLib for Tdx guest to publish ram regions
OvmfPkg: Update PlatformPei to support Tdx guest
OvmfPkg: Update AcpiPlatformDxe to alter MADT table
OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper library
OvmfPkg: Add TdxDxe driver
OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxe
OvmfPkg: Update IoMmuDxe to support TDX
OvmfPkg: Rename XenTimerDxe to LocalApicTimerDxe
UefiCpuPkg: Setting initial-count register as the last step
OvmfPkg: Switch timer in build time for OvmfPkg
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 +
.../Core/DxeIplPeim/X64/VirtualMemory.c | 7 +
MdeModulePkg/MdeModulePkg.dec | 9 +
.../Include/ConfidentialComputingGuestAttr.h | 3 +
MdePkg/Include/IndustryStandard/Tdx.h | 203 ++++
MdePkg/Include/Library/BaseLib.h | 62 ++
MdePkg/Include/Library/TdxLib.h | 97 ++
MdePkg/Include/Pi/PiHob.h | 8 +
.../BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf | 2 +
.../BaseIoLibIntrinsicSev.inf | 7 +
MdePkg/Library/BaseIoLibIntrinsic/IoLib.c | 81 +-
MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c | 216 ++++
MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c | 51 +-
.../BaseIoLibIntrinsic/IoLibInternalTdx.c | 675 +++++++++++++
.../BaseIoLibIntrinsic/IoLibInternalTdxNull.c | 497 +++++++++
MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c | 73 +-
MdePkg/Library/BaseIoLibIntrinsic/IoLibSev.h | 166 +++
MdePkg/Library/BaseIoLibIntrinsic/IoLibTdx.h | 410 ++++++++
.../BaseIoLibIntrinsic/X64/IoFifoSev.nasm | 34 +-
MdePkg/Library/BaseLib/BaseLib.inf | 11 +
MdePkg/Library/BaseLib/IntelTdxNull.c | 83 ++
MdePkg/Library/BaseLib/X64/TdCall.nasm | 85 ++
MdePkg/Library/BaseLib/X64/TdProbe.c | 62 ++
MdePkg/Library/BaseLib/X64/TdVmcall.nasm | 145 +++
MdePkg/Library/TdxLib/AcceptPages.c | 180 ++++
MdePkg/Library/TdxLib/Rtmr.c | 83 ++
MdePkg/Library/TdxLib/TdInfo.c | 114 +++
MdePkg/Library/TdxLib/TdxLib.inf | 37 +
MdePkg/Library/TdxLib/TdxLibNull.c | 107 ++
MdePkg/MdePkg.dec | 3 +
MdePkg/MdePkg.dsc | 1 +
OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf | 1 +
OvmfPkg/AcpiPlatformDxe/QemuFwCfgAcpi.c | 14 +-
OvmfPkg/AmdSev/AmdSevX64.dsc | 8 +-
OvmfPkg/AmdSev/AmdSevX64.fdf | 3 +-
OvmfPkg/Bhyve/BhyveX64.dsc | 2 +
OvmfPkg/CloudHv/CloudHvX64.dsc | 5 +-
OvmfPkg/CloudHv/CloudHvX64.fdf | 2 +-
OvmfPkg/Include/IndustryStandard/IntelTdx.h | 67 ++
OvmfPkg/Include/Library/MemEncryptTdxLib.h | 81 ++
OvmfPkg/Include/Library/PlatformInitLib.h | 286 ++++++
OvmfPkg/Include/Library/TdxMailboxLib.h | 76 ++
.../Include/Protocol/QemuAcpiTableNotify.h | 27 +
OvmfPkg/Include/TdxCommondefs.inc | 51 +
OvmfPkg/IoMmuDxe/AmdSevIoMmu.c | 103 +-
OvmfPkg/IoMmuDxe/AmdSevIoMmu.h | 6 +-
OvmfPkg/IoMmuDxe/IoMmuDxe.c | 6 +-
OvmfPkg/IoMmuDxe/IoMmuDxe.inf | 5 +
.../BaseMemEncryptTdxLib.inf | 44 +
.../BaseMemEncryptTdxLibNull.inf | 35 +
.../BaseMemoryEncryptionNull.c | 90 ++
.../BaseMemEncryptTdxLib/MemoryEncryption.c | 948 ++++++++++++++++++
.../BaseMemEncryptTdxLib/VirtualMemory.h | 181 ++++
.../PlatformInitLib}/Cmos.c | 32 +-
OvmfPkg/Library/PlatformInitLib/IntelTdx.c | 553 ++++++++++
.../Library/PlatformInitLib/IntelTdxNull.c | 46 +
OvmfPkg/Library/PlatformInitLib/MemDetect.c | 707 +++++++++++++
OvmfPkg/Library/PlatformInitLib/Platform.c | 597 +++++++++++
.../PlatformInitLib/PlatformInitLib.inf | 94 ++
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c | 9 +-
.../Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf | 1 +
.../QemuFwCfgLib/QemuFwCfgLibInternal.h | 11 +
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c | 32 +
.../Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf | 2 +
OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c | 140 +++
.../Library/TdxMailboxLib/TdxMailboxLib.inf | 52 +
.../Library/TdxMailboxLib/TdxMailboxNull.c | 85 ++
OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf | 3 +-
OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h | 32 +
.../Library/VmgExitLib/VmTdExitVeHandler.c | 559 +++++++++++
OvmfPkg/Library/VmgExitLib/VmgExitLib.inf | 2 +
.../Library/VmgExitLib/X64/TdVmcallCpuid.nasm | 146 +++
.../LocalApicTimerDxe.c} | 4 +-
.../LocalApicTimerDxe.h} | 4 +-
.../LocalApicTimerDxe.inf} | 7 +-
OvmfPkg/Microvm/MicrovmX64.dsc | 5 +-
OvmfPkg/Microvm/MicrovmX64.fdf | 2 +-
OvmfPkg/OvmfPkg.dec | 17 +
OvmfPkg/OvmfPkgIa32.dsc | 12 +-
OvmfPkg/OvmfPkgIa32.fdf | 8 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 14 +-
OvmfPkg/OvmfPkgIa32X64.fdf | 8 +-
OvmfPkg/OvmfPkgX64.dsc | 29 +-
OvmfPkg/OvmfPkgX64.fdf | 11 +-
OvmfPkg/OvmfXen.dsc | 4 +-
OvmfPkg/OvmfXen.fdf | 2 +-
OvmfPkg/PlatformPei/Cmos.h | 48 -
OvmfPkg/PlatformPei/FeatureControl.c | 7 +-
OvmfPkg/PlatformPei/IntelTdx.c | 54 +
OvmfPkg/PlatformPei/MemDetect.c | 669 +-----------
OvmfPkg/PlatformPei/Platform.c | 522 ++--------
OvmfPkg/PlatformPei/Platform.h | 55 +-
OvmfPkg/PlatformPei/PlatformPei.inf | 7 +-
OvmfPkg/Sec/SecMain.c | 44 +-
OvmfPkg/Sec/SecMain.inf | 3 +
OvmfPkg/Sec/X64/SecEntry.nasm | 82 ++
OvmfPkg/TdxDxe/TdxAcpiTable.c | 213 ++++
OvmfPkg/TdxDxe/TdxAcpiTable.h | 60 ++
OvmfPkg/TdxDxe/TdxDxe.c | 261 +++++
OvmfPkg/TdxDxe/TdxDxe.inf | 64 ++
OvmfPkg/TdxDxe/X64/ApRunLoop.nasm | 90 ++
UefiCpuPkg/CpuDxe/CpuDxe.inf | 1 +
UefiCpuPkg/CpuDxe/CpuPageTable.c | 4 +
UefiCpuPkg/Include/Library/VmgExitLib.h | 28 +
.../BaseXApicX2ApicLib/BaseXApicX2ApicLib.c | 170 +++-
.../PeiDxeSmmCpuException.c | 17 +
.../SecPeiCpuException.c | 18 +
UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 3 +
UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 15 +-
UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h | 71 ++
UefiCpuPkg/Library/MpInitLib/MpLib.c | 27 +
UefiCpuPkg/Library/MpInitLib/MpLibTdx.c | 128 +++
UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c | 73 ++
UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 3 +
.../Library/VmgExitLibNull/VmTdExitNull.c | 38 +
.../Library/VmgExitLibNull/VmgExitLibNull.inf | 1 +
116 files changed, 10233 insertions(+), 1327 deletions(-)
create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
create mode 100644 MdePkg/Include/Library/TdxLib.h
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibFifo.c
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdxNull.c
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibSev.h
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibTdx.h
create mode 100644 MdePkg/Library/BaseLib/IntelTdxNull.c
create mode 100644 MdePkg/Library/BaseLib/X64/TdCall.nasm
create mode 100644 MdePkg/Library/BaseLib/X64/TdProbe.c
create mode 100644 MdePkg/Library/BaseLib/X64/TdVmcall.nasm
create mode 100644 MdePkg/Library/TdxLib/AcceptPages.c
create mode 100644 MdePkg/Library/TdxLib/Rtmr.c
create mode 100644 MdePkg/Library/TdxLib/TdInfo.c
create mode 100644 MdePkg/Library/TdxLib/TdxLib.inf
create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
create mode 100644 OvmfPkg/Include/IndustryStandard/IntelTdx.h
create mode 100644 OvmfPkg/Include/Library/MemEncryptTdxLib.h
create mode 100644 OvmfPkg/Include/Library/PlatformInitLib.h
create mode 100644 OvmfPkg/Include/Library/TdxMailboxLib.h
create mode 100644 OvmfPkg/Include/Protocol/QemuAcpiTableNotify.h
create mode 100644 OvmfPkg/Include/TdxCommondefs.inc
create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLib.inf
create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemEncryptTdxLibNull.inf
create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemoryEncryptionNull.c
create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/MemoryEncryption.c
create mode 100644 OvmfPkg/Library/BaseMemEncryptTdxLib/VirtualMemory.h
rename OvmfPkg/{PlatformPei => Library/PlatformInitLib}/Cmos.c (61%)
create mode 100644 OvmfPkg/Library/PlatformInitLib/IntelTdx.c
create mode 100644 OvmfPkg/Library/PlatformInitLib/IntelTdxNull.c
create mode 100644 OvmfPkg/Library/PlatformInitLib/MemDetect.c
create mode 100644 OvmfPkg/Library/PlatformInitLib/Platform.c
create mode 100644 OvmfPkg/Library/PlatformInitLib/PlatformInitLib.inf
create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c
create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf
create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailboxNull.c
create mode 100644 OvmfPkg/Library/VmgExitLib/VmTdExitHandler.h
create mode 100644 OvmfPkg/Library/VmgExitLib/VmTdExitVeHandler.c
create mode 100644 OvmfPkg/Library/VmgExitLib/X64/TdVmcallCpuid.nasm
rename OvmfPkg/{XenTimerDxe/XenTimerDxe.c => LocalApicTimerDxe/LocalApicTimerDxe.c} (95%)
rename OvmfPkg/{XenTimerDxe/XenTimerDxe.h => LocalApicTimerDxe/LocalApicTimerDxe.h} (96%)
rename OvmfPkg/{XenTimerDxe/XenTimerDxe.inf => LocalApicTimerDxe/LocalApicTimerDxe.inf} (80%)
delete mode 100644 OvmfPkg/PlatformPei/Cmos.h
create mode 100644 OvmfPkg/PlatformPei/IntelTdx.c
create mode 100644 OvmfPkg/TdxDxe/TdxAcpiTable.c
create mode 100644 OvmfPkg/TdxDxe/TdxAcpiTable.h
create mode 100644 OvmfPkg/TdxDxe/TdxDxe.c
create mode 100644 OvmfPkg/TdxDxe/TdxDxe.inf
create mode 100644 OvmfPkg/TdxDxe/X64/ApRunLoop.nasm
create mode 100644 UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h
create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdx.c
create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c
create mode 100644 UefiCpuPkg/Library/VmgExitLibNull/VmTdExitNull.c
--
2.29.2.windows.2
next reply other threads:[~2022-02-28 7:21 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-28 7:20 Min Xu [this message]
2022-02-28 7:20 ` [PATCH V7 01/37] MdePkg: Add Tdx.h Min Xu
2022-02-28 7:20 ` [PATCH V7 02/37] MdePkg: Introduce basic Tdx functions in BaseLib Min Xu
2022-02-28 7:20 ` [PATCH V7 03/37] MdePkg: Add TdxLib to wrap Tdx operations Min Xu
2022-02-28 7:20 ` [PATCH V7 04/37] UefiCpuPkg: Extend VmgExitLibNull to handle #VE exception Min Xu
2022-03-15 7:15 ` [edk2-devel] [PATCH V7 04/37] UefiCpuPkg: Extend VmgExitLibNull to handle #VE exception #ve Ni, Ray
2022-02-28 7:20 ` [PATCH V7 05/37] OvmfPkg: Extend VmgExitLib to handle #VE exception Min Xu
2022-02-28 7:20 ` [PATCH V7 06/37] UefiCpuPkg/CpuExceptionHandler: Add base support for the " Min Xu
2022-03-15 7:17 ` [edk2-devel] [PATCH V7 06/37] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception #ve Ni, Ray
2022-03-15 7:37 ` Min Xu
2022-02-28 7:20 ` [PATCH V7 07/37] MdePkg: Add helper functions for Tdx guest in BaseIoLibIntrinsic Min Xu
2022-02-28 7:20 ` [PATCH V7 08/37] MdePkg: Support mmio " Min Xu
2022-02-28 7:20 ` [PATCH V7 09/37] MdePkg: Support IoFifo " Min Xu
2022-02-28 7:20 ` [PATCH V7 10/37] MdePkg: Support IoRead/IoWrite " Min Xu
2022-02-28 7:20 ` [PATCH V7 11/37] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib Min Xu
2022-03-15 7:44 ` [edk2-devel] " Ni, Ray
2022-02-28 7:20 ` [PATCH V7 12/37] MdePkg: Add macro to check SEV / TDX guest Min Xu
2022-02-28 7:20 ` [PATCH V7 13/37] UefiCpuPkg: Enable Tdx support in MpInitLib Min Xu
2022-02-28 7:20 ` [PATCH V7 14/37] OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard Min Xu
2022-02-28 7:20 ` [PATCH V7 15/37] OvmfPkg: Add TdxMailboxLib Min Xu
2022-02-28 7:20 ` [PATCH V7 16/37] MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h Min Xu
2022-02-28 7:20 ` [PATCH V7 17/37] OvmfPkg: Create initial version of PlatformInitLib Min Xu
2022-03-01 12:32 ` Gerd Hoffmann
2022-02-28 7:20 ` [PATCH V7 18/37] OvmfPkg/PlatformInitLib: Add hob functions Min Xu
2022-03-01 12:33 ` Gerd Hoffmann
2022-02-28 7:20 ` [PATCH V7 19/37] OvmfPkg/PlatformInitLib: Add memory functions Min Xu
2022-03-01 13:09 ` Gerd Hoffmann
2022-03-02 1:05 ` Min Xu
2022-03-02 6:56 ` [edk2-devel] " Gerd Hoffmann
2022-03-08 2:39 ` Min Xu
2022-02-28 7:20 ` [PATCH V7 20/37] OvmfPkg/PlatformInitLib: Add platform functions Min Xu
2022-02-28 7:20 ` [PATCH V7 21/37] OvmfPkg: Update PlatformInitLib to process Tdx hoblist Min Xu
2022-02-28 7:20 ` [PATCH V7 22/37] OvmfPkg/Sec: Declare local variable as volatile in SecCoreStartupWithStack Min Xu
2022-02-28 7:20 ` [PATCH V7 23/37] OvmfPkg: Update Sec to support Tdx Min Xu
2022-03-01 13:11 ` Gerd Hoffmann
2022-02-28 7:20 ` [PATCH V7 24/37] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation Min Xu
2022-02-28 7:20 ` [PATCH V7 25/37] MdeModulePkg: EFER should not be changed in TDX Min Xu
2022-03-03 3:11 ` Wang, Jian J
2022-03-04 0:18 ` Min Xu
2022-03-04 1:36 ` Wang, Jian J
2022-02-28 7:20 ` [PATCH V7 26/37] MdeModulePkg: Add PcdTdxSharedBitMask Min Xu
2022-03-03 3:27 ` Wang, Jian J
2022-03-04 1:34 ` Min Xu
2022-02-28 7:20 ` [PATCH V7 27/37] UefiCpuPkg: Update AddressEncMask in CpuPageTable Min Xu
2022-03-15 8:03 ` [edk2-devel] " Ni, Ray
2022-03-16 5:35 ` Min Xu
2022-02-28 7:21 ` [PATCH V7 28/37] OvmfPkg: Update PlatformInitLib for Tdx guest to publish ram regions Min Xu
2022-03-01 13:12 ` Gerd Hoffmann
2022-02-28 7:21 ` [PATCH V7 29/37] OvmfPkg: Update PlatformPei to support Tdx guest Min Xu
2022-03-01 13:13 ` Gerd Hoffmann
2022-02-28 7:21 ` [PATCH V7 30/37] OvmfPkg: Update AcpiPlatformDxe to alter MADT table Min Xu
2022-02-28 7:21 ` [PATCH V7 31/37] OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper library Min Xu
2022-02-28 7:21 ` [PATCH V7 32/37] OvmfPkg: Add TdxDxe driver Min Xu
2022-02-28 7:21 ` [PATCH V7 33/37] OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxe Min Xu
2022-02-28 7:21 ` [PATCH V7 34/37] OvmfPkg: Update IoMmuDxe to support TDX Min Xu
2022-02-28 7:21 ` [PATCH V7 35/37] OvmfPkg: Rename XenTimerDxe to LocalApicTimerDxe Min Xu
2022-02-28 7:21 ` [PATCH V7 36/37] UefiCpuPkg: Setting initial-count register as the last step Min Xu
2022-03-15 8:07 ` [edk2-devel] " Ni, Ray
2022-05-10 20:30 ` Lendacky, Thomas
2022-05-11 2:00 ` Min Xu
2022-05-11 14:06 ` Lendacky, Thomas
2022-05-12 0:52 ` Min Xu
2022-05-13 22:12 ` Lendacky, Thomas
2022-05-19 21:54 ` Henz, Patrick
2022-05-20 3:50 ` Jeff Fan
2022-02-28 7:21 ` [PATCH V7 37/37] OvmfPkg: Switch timer in build time for OvmfPkg Min Xu
2022-03-01 2:19 ` 回复: [edk2-devel] [PATCH V7 00/37] Enable Intel TDX in OvmfPkg (Config-A) gaoliming
2022-03-01 6:39 ` Min Xu
2022-03-01 6:53 ` Yao, Jiewen
2022-03-10 6:21 ` Min Xu
2022-03-11 3:19 ` 回复: " gaoliming
2022-03-11 7:17 ` Min Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1646031164.git.min.m.xu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox