[PATCH V2 0/6] Introduce CcProbe in MdePkg

[PATCH V2 0/6] Introduce CcProbe in MdePkg

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

Bad IO performance in SEC phase is observed after TDX features was
introduced. (after commit b6b2de884864 - "MdePkg: Support mmio for
Tdx guest in BaseIoLibIntrinsic").

This is because IsTdxGuest() will be called in each MMIO operation.
It is trying to cache the result of the probe in the efi data segment.
However, that doesn't work in SEC, because the data segment is read only
(so the write seems to succeed but a read will always return the
original value), leading to us calling TdIsEnabled() check for every
mmio we do, which is causing the slowdown because it's very expensive.

CcProbe is introduced in this patch-set. It is called in
BaseIoLibIntrinsicSev instead of IsTdxGuest. There are 2 versions of
the CcProbeLib. Null instance of CcProbe always returns
CCGuestTypeNonEncrypted. Its OvmfPkg version checks the Ovmf work area
and returns the CC guest type.

Code is at: https://github.com/mxu9/edk2/tree/cc_probe.v2

v2 changes:
 - Rename TdProbe to CcProbe to make the lib work for Confidential
   Computing guests.
 - Rename the GUEST_TYPE to CC_GUEST_TYPE and move it from
   WorkArea.h@OvmfPkg to ConfidentialComputingGuestAttr.h@MdePkg.
   This is because CcProbeLib is designed to return the CC Guest
   type and the lib is located at MdePkg.
 - Rename the CC_GUEST_TYPE's fields name to Camel style. See the
   commit message in patch #1.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>

Min Xu (6):
  MdePkg: Add CC_GUEST_TYPE in ConfidentialComputingGuestAttr.h
  OvmfPkg: Replace GUEST_TYPE with CC_GUEST_TYPE
  MdePkg: Add CcProbeLib
  OvmfPkg: Add CcProbeLib
  MdePkg: Probe Cc guest in BaseIoLibIntrinsicSev
  OvmfPkg: Add CcProbeLib in *.dsc

 .../Include/ConfidentialComputingGuestAttr.h  | 11 ++++++-
 MdePkg/Include/Library/CcProbeLib.h           | 26 ++++++++++++++++
 .../BaseIoLibIntrinsicSev.inf                 |  1 +
 .../BaseIoLibIntrinsic/IoLibInternalTdx.c     | 13 ++------
 .../Library/CcProbeLibNull/CcProbeLibNull.c   | 26 ++++++++++++++++
 .../Library/CcProbeLibNull/CcProbeLibNull.inf | 21 +++++++++++++
 MdePkg/MdePkg.dec                             |  5 +++
 MdePkg/MdePkg.dsc                             |  1 +
 OvmfPkg/AmdSev/AmdSevX64.dsc                  |  1 +
 OvmfPkg/Bhyve/BhyveX64.dsc                    |  1 +
 OvmfPkg/CloudHv/CloudHvX64.dsc                |  1 +
 OvmfPkg/Include/WorkArea.h                    |  9 +-----
 OvmfPkg/IntelTdx/IntelTdxX64.dsc              |  1 +
 .../PeiMemEncryptSevLibInternal.c             |  2 +-
 .../SecMemEncryptSevLibInternal.c             |  2 +-
 OvmfPkg/Library/CcProbeLib/CcProbeLib.c       | 31 +++++++++++++++++++
 OvmfPkg/Library/CcProbeLib/CcProbeLib.inf     | 25 +++++++++++++++
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c   |  2 +-
 OvmfPkg/Microvm/MicrovmX64.dsc                |  1 +
 OvmfPkg/OvmfPkgIa32.dsc                       |  1 +
 OvmfPkg/OvmfPkgIa32X64.dsc                    |  1 +
 OvmfPkg/OvmfPkgX64.dsc                        |  1 +
 OvmfPkg/OvmfXen.dsc                           |  1 +
 OvmfPkg/Sec/AmdSev.c                          |  2 +-
 24 files changed, 162 insertions(+), 24 deletions(-)
 create mode 100644 MdePkg/Include/Library/CcProbeLib.h
 create mode 100644 MdePkg/Library/CcProbeLibNull/CcProbeLibNull.c
 create mode 100644 MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
 create mode 100644 OvmfPkg/Library/CcProbeLib/CcProbeLib.c
 create mode 100644 OvmfPkg/Library/CcProbeLib/CcProbeLib.inf

-- 
2.29.2.windows.2

[PATCH V2 1/6] MdePkg: Add CC_GUEST_TYPE in ConfidentialComputingGuestAttr.h

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

The confidential computing guest type (GUEST_TYPE) was defined in
OvmfPkg/Include/WorkArea.h. Now it is to be moved to
MdePkg/Include/ConfidentialComputingGuestAttr.h and renamed as
CC_GUEST_TYPE.

There are 2 reasons for this change.
1. CC_GUEST_TYPE is a generic definition and will be used in CcProbeLib
   which is defined in MdePkg.
2. Based on the latest edk2 coding style:
 - First character should be upper case
 - Must contain lower case characters
 - No white space characters
 - Global variable name must start with a 'g'

As the first step CC_GUEST_TYPE is defined in this patch. In the
next patch GUEST_TYPE will be deleted. This is to make sure the
bisect work correctly.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 MdePkg/Include/ConfidentialComputingGuestAttr.h | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
index dd2541c6dcdf..9e9424a01559 100644
--- a/MdePkg/Include/ConfidentialComputingGuestAttr.h
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -1,5 +1,5 @@
 /** @file
-Definitions for Confidential Computing Attribute
+Definitions for Confidential Computing Guest Attributes
 
 Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -9,6 +9,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
 #define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
 
+//
+// Confidential computing guest type
+//
+typedef enum {
+  CCGuestTypeNonEncrypted = 0,
+  CCGuestTypeAmdSev,
+  CCGuestTypeIntelTdx,
+} CC_GUEST_TYPE;
+
 typedef enum {
   /* The guest is running with memory encryption disabled. */
   CCAttrNotEncrypted = 0,
-- 
2.29.2.windows.2

[PATCH V2 2/6] OvmfPkg: Replace GUEST_TYPE with CC_GUEST_TYPE

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

Replace GUEST_TYPE with CC_GUEST_TYPE which is defined in
MdePkg/Include/ConfidentialComputingGuestAttr.h.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/Include/WorkArea.h                               | 9 +--------
 .../BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c   | 2 +-
 .../BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c   | 2 +-
 OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c              | 2 +-
 OvmfPkg/Sec/AmdSev.c                                     | 2 +-
 5 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/OvmfPkg/Include/WorkArea.h b/OvmfPkg/Include/WorkArea.h
index b67edd14e79f..bf56fc4a6f65 100644
--- a/OvmfPkg/Include/WorkArea.h
+++ b/OvmfPkg/Include/WorkArea.h
@@ -10,14 +10,7 @@
 #ifndef __OVMF_WORK_AREA_H__
 #define __OVMF_WORK_AREA_H__
 
-//
-// Guest type for the work area
-//
-typedef enum {
-  GUEST_TYPE_NON_ENCRYPTED,
-  GUEST_TYPE_AMD_SEV,
-  GUEST_TYPE_INTEL_TDX,
-} GUEST_TYPE;
+#include <ConfidentialComputingGuestAttr.h>
 
 //
 // Confidential computing work area header definition. Any change
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index 3f8f91a5da12..fb9d3cbd3645 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -36,7 +36,7 @@ GetSevEsWorkArea (
   //
   // If its not SEV guest then SevEsWorkArea is not valid.
   //
-  if ((WorkArea == NULL) || (WorkArea->Header.GuestType != GUEST_TYPE_AMD_SEV)) {
+  if ((WorkArea == NULL) || (WorkArea->Header.GuestType != CCGuestTypeAmdSev)) {
     return NULL;
   }
 
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 80aceba01bcf..238e29e2a175 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -36,7 +36,7 @@ GetSevEsWorkArea (
   //
   // If its not SEV guest then SevEsWorkArea is not valid.
   //
-  if ((WorkArea == NULL) || (WorkArea->Header.GuestType != GUEST_TYPE_AMD_SEV)) {
+  if ((WorkArea == NULL) || (WorkArea->Header.GuestType != CCGuestTypeAmdSev)) {
     return NULL;
   }
 
diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
index b8230613dcea..1b8133bf5ad6 100644
--- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
+++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c
@@ -35,7 +35,7 @@ QemuFwCfgIsTdxGuest (
   CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER  *CcWorkAreaHeader;
 
   CcWorkAreaHeader = (CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER *)FixedPcdGet32 (PcdOvmfWorkAreaBase);
-  return (CcWorkAreaHeader != NULL && CcWorkAreaHeader->GuestType == GUEST_TYPE_INTEL_TDX);
+  return (CcWorkAreaHeader != NULL && CcWorkAreaHeader->GuestType == CCGuestTypeIntelTdx);
 }
 
 /**
diff --git a/OvmfPkg/Sec/AmdSev.c b/OvmfPkg/Sec/AmdSev.c
index d8fd35650d7d..0da6b36020fc 100644
--- a/OvmfPkg/Sec/AmdSev.c
+++ b/OvmfPkg/Sec/AmdSev.c
@@ -251,7 +251,7 @@ IsSevGuest (
 
   WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);
 
-  return ((WorkArea != NULL) && (WorkArea->Header.GuestType == GUEST_TYPE_AMD_SEV));
+  return ((WorkArea != NULL) && (WorkArea->Header.GuestType == CCGuestTypeAmdSev));
 }
 
 /**
-- 
2.29.2.windows.2

[PATCH V2 3/6] MdePkg: Add CcProbeLib

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

CcProbeLib is used to probe the Confidential Computing guest type.
This library is designed to run on SEC / PEI / DXE phases. A null
instance of the library always returns CCGuestTypeNonEncrypted.
A platform specific CcProbeLib will be implemented, for example,
in OvmfPkg.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 MdePkg/Include/Library/CcProbeLib.h           | 26 +++++++++++++++++++
 .../Library/CcProbeLibNull/CcProbeLibNull.c   | 26 +++++++++++++++++++
 .../Library/CcProbeLibNull/CcProbeLibNull.inf | 21 +++++++++++++++
 MdePkg/MdePkg.dec                             |  5 ++++
 MdePkg/MdePkg.dsc                             |  1 +
 5 files changed, 79 insertions(+)
 create mode 100644 MdePkg/Include/Library/CcProbeLib.h
 create mode 100644 MdePkg/Library/CcProbeLibNull/CcProbeLibNull.c
 create mode 100644 MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf

diff --git a/MdePkg/Include/Library/CcProbeLib.h b/MdePkg/Include/Library/CcProbeLib.h
new file mode 100644
index 000000000000..2857dddfb2d3
--- /dev/null
+++ b/MdePkg/Include/Library/CcProbeLib.h
@@ -0,0 +1,26 @@
+/** @file
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef CC_PROBE_LIB_H_
+#define CC_PROBE_LIB_H_
+
+#include <ConfidentialComputingGuestAttr.h>
+
+/**
+  Probe the ConfidentialComputing Guest type. See defition of
+  CC_GUEST_TYPE in <ConfidentialComputingGuestAttr.h>.
+
+  @return The guest type
+
+**/
+UINT8
+EFIAPI
+CcProbe (
+  VOID
+  );
+
+#endif
diff --git a/MdePkg/Library/CcProbeLibNull/CcProbeLibNull.c b/MdePkg/Library/CcProbeLibNull/CcProbeLibNull.c
new file mode 100644
index 000000000000..152d900eb099
--- /dev/null
+++ b/MdePkg/Library/CcProbeLibNull/CcProbeLibNull.c
@@ -0,0 +1,26 @@
+/** @file
+
+  Null stub of CcProbeLib
+
+  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/CcProbeLib.h>
+
+/**
+  Probe the ConfidentialComputing Guest type. See defition of
+  CC_GUEST_TYPE in <ConfidentialComputingGuestAttr.h>.
+
+  @return The guest type
+
+**/
+UINT8
+EFIAPI
+CcProbe (
+  VOID
+  )
+{
+  return CCGuestTypeNonEncrypted;
+}
diff --git a/MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf b/MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
new file mode 100644
index 000000000000..f37c25f73439
--- /dev/null
+++ b/MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
@@ -0,0 +1,21 @@
+## @file
+# CcProbeLib null instance.
+#
+#  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = CcProbeLibNull
+  FILE_GUID                      = B15D67FE-0DAC-4316-8E26-8A6b85E43782
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = CcProbeLib
+
+[Sources]
+  CcProbeLibNull.c
+
+[Packages]
+  MdePkg/MdePkg.dec
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 1934c9840423..faeb28c80cbd 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -267,6 +267,11 @@
   #
   RegisterFilterLib|Include/Library/RegisterFilterLib.h
 
+  ##  @libraryclass  This library provides interfances to probe ConfidentialComputing guest type.
+  #
+  #
+  CcProbeLib|Include/Library/CcProbeLib.h
+
 [LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64]
   ##  @libraryclass  Provides services to generate random number.
   #
diff --git a/MdePkg/MdePkg.dsc b/MdePkg/MdePkg.dsc
index d6a7af412be7..c8d282882ec1 100644
--- a/MdePkg/MdePkg.dsc
+++ b/MdePkg/MdePkg.dsc
@@ -130,6 +130,7 @@
   MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf
 
   MdePkg/Library/RegisterFilterLibNull/RegisterFilterLibNull.inf
+  MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
 
 [Components.IA32, Components.X64, Components.ARM, Components.AARCH64]
   #
-- 
2.29.2.windows.2

[PATCH V2 4/6] OvmfPkg: Add CcProbeLib

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

This is the OvmfPkg specific CcProbeLib. It checks the Ovmf WorkArea
(PcdOvmfWorkAreaBase) to return the guest type.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/Library/CcProbeLib/CcProbeLib.c   | 31 +++++++++++++++++++++++
 OvmfPkg/Library/CcProbeLib/CcProbeLib.inf | 25 ++++++++++++++++++
 2 files changed, 56 insertions(+)
 create mode 100644 OvmfPkg/Library/CcProbeLib/CcProbeLib.c
 create mode 100644 OvmfPkg/Library/CcProbeLib/CcProbeLib.inf

diff --git a/OvmfPkg/Library/CcProbeLib/CcProbeLib.c b/OvmfPkg/Library/CcProbeLib/CcProbeLib.c
new file mode 100644
index 000000000000..b4babcb423f7
--- /dev/null
+++ b/OvmfPkg/Library/CcProbeLib/CcProbeLib.c
@@ -0,0 +1,31 @@
+/** @file
+
+  CcProbeLib is used to probe the Confidential computing guest type.
+
+  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/CcProbeLib.h>
+#include <WorkArea.h>
+
+/**
+  Probe the ConfidentialComputing Guest type. See defition of
+  CC_GUEST_TYPE in <ConfidentialComputingGuestAttr.h>.
+
+  @return The guest type
+
+**/
+UINT8
+EFIAPI
+CcProbe (
+  VOID
+  )
+{
+  OVMF_WORK_AREA  *WorkArea;
+
+  WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);
+
+  return WorkArea != NULL ? WorkArea->Header.GuestType : CCGuestTypeNonEncrypted;
+}
diff --git a/OvmfPkg/Library/CcProbeLib/CcProbeLib.inf b/OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
new file mode 100644
index 000000000000..5300c9ba2644
--- /dev/null
+++ b/OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
@@ -0,0 +1,25 @@
+## @file
+# CcProbeLib is used to probe Confidential Computing guest type.
+#
+#  Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = CcProbeLib
+  FILE_GUID                      = 05184ec9-abb0-4491-8584-e388639a7c48
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = CcProbeLib
+
+[Sources]
+  CcProbeLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  OvmfPkg/OvmfPkg.dec
+
+[Pcd]
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
-- 
2.29.2.windows.2

[PATCH V2 5/6] MdePkg: Probe Cc guest in BaseIoLibIntrinsicSev

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

Bad IO performance in SEC phase is observed after TDX features was
introduced. (after commit b6b2de884864 - "MdePkg: Support mmio for
Tdx guest in BaseIoLibIntrinsic").

This is because IsTdxGuest() will be called in each MMIO operation.
It is trying to cache the result of the probe in the efi data segment.
However, that doesn't work in SEC, because the data segment is read only
(so the write seems to succeed but a read will always return the
original value), leading to us calling TdIsEnabled() check for every
mmio we do, which is causing the slowdown because it's very expensive.

This patch is to call CcProbe instead of TdIsEnabled in IsTdxGuest.
Null instance of CcProbe always returns CCGuestTypeNonEncrypted. Its
OvmfPkg version returns the guest type in Ovmf work area.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 .../BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf    |  1 +
 .../Library/BaseIoLibIntrinsic/IoLibInternalTdx.c   | 13 ++-----------
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
index 7fe1c60f046e..e1b8298ac451 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
+++ b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
@@ -55,6 +55,7 @@
   DebugLib
   BaseLib
   RegisterFilterLib
+  CcProbeLib
 
 [LibraryClasses.X64]
   TdxLib
diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c b/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
index 1e539dbfbbad..8af6fc35c591 100644
--- a/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
+++ b/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
@@ -10,6 +10,7 @@
 #include <Include/IndustryStandard/Tdx.h>
 #include <Library/TdxLib.h>
 #include <Register/Intel/Cpuid.h>
+#include <Library/CcProbeLib.h>
 #include "IoLibTdx.h"
 
 // Size of TDVMCALL Access, including IO and MMIO
@@ -22,9 +23,6 @@
 #define TDVMCALL_ACCESS_READ   0
 #define TDVMCALL_ACCESS_WRITE  1
 
-BOOLEAN  mTdxEnabled = FALSE;
-BOOLEAN  mTdxProbed  = FALSE;
-
 /**
   Check if it is Tdx guest.
 
@@ -38,14 +36,7 @@ IsTdxGuest (
   VOID
   )
 {
-  if (mTdxProbed) {
-    return mTdxEnabled;
-  }
-
-  mTdxEnabled = TdIsEnabled ();
-  mTdxProbed  = TRUE;
-
-  return mTdxEnabled;
+  return CcProbe () == CCGuestTypeIntelTdx;
 }
 
 /**
-- 
2.29.2.windows.2

[PATCH V2 6/6] OvmfPkg: Add CcProbeLib in *.dsc

[Min Xu]

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902

CcProbeLib is imported in BaseIoLibIntrinsicSev.
OvmfPkg/Library/CcProbeLib is the OvmfPkg version which checks
OvmfWorkArea to return the Cc guest type. It is included
in OvmfPkgX64.dsc and IntelTdx/IntelTdxX64.dsc.

Other .dsc include the MdePkg/Library/CcProbeLibNull because Cc guest
is not supported in those projects.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 OvmfPkg/AmdSev/AmdSevX64.dsc     | 1 +
 OvmfPkg/Bhyve/BhyveX64.dsc       | 1 +
 OvmfPkg/CloudHv/CloudHvX64.dsc   | 1 +
 OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 +
 OvmfPkg/Microvm/MicrovmX64.dsc   | 1 +
 OvmfPkg/OvmfPkgIa32.dsc          | 1 +
 OvmfPkg/OvmfPkgIa32X64.dsc       | 1 +
 OvmfPkg/OvmfPkgX64.dsc           | 1 +
 OvmfPkg/OvmfXen.dsc              | 1 +
 9 files changed, 9 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index fcdc3efab204..1c088f25fa4b 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -149,6 +149,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
index e1b6b8e15f36..a8fa4d38ab60 100644
--- a/OvmfPkg/Bhyve/BhyveX64.dsc
+++ b/OvmfPkg/Bhyve/BhyveX64.dsc
@@ -146,6 +146,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index 20f3bc340807..d1c85f60c768 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -158,6 +158,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index 245155d41b30..73a6c30096a8 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -135,6 +135,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 59580ccd4691..c9c843e116a9 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -156,6 +156,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index e4218b01f0fc..9e4ecd21fb17 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -154,6 +154,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index a80cdaacb8bc..75fb8095eec2 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -158,6 +158,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index fb2899f8a1be..2e534d0d2478 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -165,6 +165,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
index 7bd594c6e263..8d420cf54371 100644
--- a/OvmfPkg/OvmfXen.dsc
+++ b/OvmfPkg/OvmfXen.dsc
@@ -147,6 +147,7 @@
   PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
   PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
   PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+  CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
   SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
-- 
2.29.2.windows.2

Re: [edk2-devel] [PATCH V2 5/6] MdePkg: Probe Cc guest in BaseIoLibIntrinsicSev

[dann frazier]

On Fri, Apr 15, 2022 at 08:07:08AM +0800, Min Xu wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3902
> 
> Bad IO performance in SEC phase is observed after TDX features was
> introduced. (after commit b6b2de884864 - "MdePkg: Support mmio for
> Tdx guest in BaseIoLibIntrinsic").
> 
> This is because IsTdxGuest() will be called in each MMIO operation.
> It is trying to cache the result of the probe in the efi data segment.
> However, that doesn't work in SEC, because the data segment is read only
> (so the write seems to succeed but a read will always return the
> original value), leading to us calling TdIsEnabled() check for every
> mmio we do, which is causing the slowdown because it's very expensive.
> 
> This patch is to call CcProbe instead of TdIsEnabled in IsTdxGuest.
> Null instance of CcProbe always returns CCGuestTypeNonEncrypted. Its
> OvmfPkg version returns the guest type in Ovmf work area.

Hi!

I ran through our tests on stable-202205-rc1, and I'm finding that all
of the tests using 2M FD_SIZE & SMM_REQUIRE=TRUE are failing with
QEMU hanging w/o output. Equivalent tests w/ 4M FD_SIZE are working
fine. I bisected it down to this commit, and also confirmed that
reverting this commit on top of 202205-rc1 also avoids the problem.

I might have a chance to debug more tomorrow, but for now I just
wanted to flag it.

  -dann

> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Min Xu <min.m.xu@intel.com>
> ---
>  .../BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf    |  1 +
>  .../Library/BaseIoLibIntrinsic/IoLibInternalTdx.c   | 13 ++-----------
>  2 files changed, 3 insertions(+), 11 deletions(-)
> 
> diff --git a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
> index 7fe1c60f046e..e1b8298ac451 100644
> --- a/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
> +++ b/MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
> @@ -55,6 +55,7 @@
>    DebugLib
>    BaseLib
>    RegisterFilterLib
> +  CcProbeLib
>  
>  [LibraryClasses.X64]
>    TdxLib
> diff --git a/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c b/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
> index 1e539dbfbbad..8af6fc35c591 100644
> --- a/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
> +++ b/MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
> @@ -10,6 +10,7 @@
>  #include <Include/IndustryStandard/Tdx.h>
>  #include <Library/TdxLib.h>
>  #include <Register/Intel/Cpuid.h>
> +#include <Library/CcProbeLib.h>
>  #include "IoLibTdx.h"
>  
>  // Size of TDVMCALL Access, including IO and MMIO
> @@ -22,9 +23,6 @@
>  #define TDVMCALL_ACCESS_READ   0
>  #define TDVMCALL_ACCESS_WRITE  1
>  
> -BOOLEAN  mTdxEnabled = FALSE;
> -BOOLEAN  mTdxProbed  = FALSE;
> -
>  /**
>    Check if it is Tdx guest.
>  
> @@ -38,14 +36,7 @@ IsTdxGuest (
>    VOID
>    )
>  {
> -  if (mTdxProbed) {
> -    return mTdxEnabled;
> -  }
> -
> -  mTdxEnabled = TdIsEnabled ();
> -  mTdxProbed  = TRUE;
> -
> -  return mTdxEnabled;
> +  return CcProbe () == CCGuestTypeIntelTdx;
>  }
>  
>  /**

Re: [edk2-devel] [PATCH V2 5/6] MdePkg: Probe Cc guest in BaseIoLibIntrinsicSev

[Min Xu]

On May 17, 2022 6:22 AM, dann frazier wrote:
> I ran through our tests on stable-202205-rc1, and I'm finding that all of the
> tests using 2M FD_SIZE & SMM_REQUIRE=TRUE are failing with QEMU
> hanging w/o output. Equivalent tests w/ 4M FD_SIZE are working fine. I
> bisected it down to this commit, and also confirmed that reverting this
> commit on top of 202205-rc1 also avoids the problem.
> 
> I might have a chance to debug more tomorrow, but for now I just wanted to
> flag it.
This patch calls CcProbe () to get the Confidential Computing guest type. There are 2 versions of CcProbeLib, one is to get the Cc guest type from PcdOvmfWorkArea, the other is a null instance and it always return CcGuestTypeNonEncrypted (which means it is a legacy vm guest).  Only OvmfPkgX64.dsc and IntelTdxX64.dsc include the first one (which probe the PcdOvmfWorkArea). 

If this patch is reverted, it means it is to check the guest type by calling CPUID, not reading the PcdOvmfWorkArea.

Can you share your build command and qemu command so that I can try it in my side?

Thanks
Min

Re: [edk2-devel] [PATCH V2 5/6] MdePkg: Probe Cc guest in BaseIoLibIntrinsicSev

[Min Xu]

On May 17, 2022 9:15 AM, Xu Min wrote:
> On May 17, 2022 6:22 AM, dann frazier wrote:
> > I ran through our tests on stable-202205-rc1, and I'm finding that all
> > of the tests using 2M FD_SIZE & SMM_REQUIRE=TRUE are failing with
> QEMU
> > hanging w/o output. Equivalent tests w/ 4M FD_SIZE are working fine. I
> > bisected it down to this commit, and also confirmed that reverting
> > this commit on top of 202205-rc1 also avoids the problem.
> >
> > I might have a chance to debug more tomorrow, but for now I just
> > wanted to flag it.
> This patch calls CcProbe () to get the Confidential Computing guest type.
> There are 2 versions of CcProbeLib, one is to get the Cc guest type from
> PcdOvmfWorkArea, the other is a null instance and it always return
> CcGuestTypeNonEncrypted (which means it is a legacy vm guest).  Only
> OvmfPkgX64.dsc and IntelTdxX64.dsc include the first one (which probe the
> PcdOvmfWorkArea).
> 
> If this patch is reverted, it means it is to check the guest type by calling CPUID,
> not reading the PcdOvmfWorkArea.
> 
More investigation shows that the root cause is the wrong memory access in SMM driver (PiSmmCpuDxeSmm.inf). This issue can be triggered when SMM_REQUIRE is TRUE.
IoLib is used in PiSmmCpuDxeSmm.inf. In OvmfPkgX64 BaseIoLibIntrinsicSev.inf is included and it probes if the working guest is td guest by CcProbe(). CcProbe reads PcdOvmfWorkArea (0x80B000) to get the guest type. It works in Non-SMM mode. But in SMM mode it is illegal. So reverting the patch makes the probe to call CPUID (0x21) instead of reading PcdOvmfWorkArea. It does work.

I am thinking how to fix this issue and then send out the patch-set for review.

Thanks
Min