From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web11.2478.1657174750628988333 for ; Wed, 06 Jul 2022 23:19:10 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=XRGPkmx+; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1657174750; x=1688710750; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=4sX0ylQcDtGHKR01Oj7m7THyhBT9j9Gms1u2624DWRU=; b=XRGPkmx+w89SXjHC4P/CWZwRH4RIIepekV8MS/r7b1gp6wflEOs5YGTH sShYWU9eT74CcIxt0llahOIo8byjlMk23dZrPtyHg3Mm/znJjBzEGYO8r aGcpYQRWcFOIZZDfZt8Wr5yB/u5s7oOcqolS/xgAM80QN9fDS25wDOFgF 4xsvw3NUCYwoS+veWOzyIyQ1f4Gea+hVs3mUkbDduAbL4BmOviPLXz38T sLg5YN+7N17kohP8Q8fLAPgtKoR1Fil6Og30M2d7kwlxAU1ZTBn8Raev8 /YhzmhaSGdOW2pqLoQbhiZaU6Ek4wExorHgVP7dB3HlRUhjgvOcorJxVI A==; X-IronPort-AV: E=McAfee;i="6400,9594,10400"; a="264358745" X-IronPort-AV: E=Sophos;i="5.92,252,1650956400"; d="scan'208";a="264358745" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jul 2022 23:19:09 -0700 X-IronPort-AV: E=Sophos;i="5.92,252,1650956400"; d="scan'208";a="620653847" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.30.203]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jul 2022 23:19:07 -0700 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Gerd Hoffmann , Erdem Aktas , James Bottomley , Jiewen Yao , Tom Lendacky , Yuan Yu Subject: [PATCH 0/2] Re-design CcProbeLib Date: Thu, 7 Jul 2022 14:17:44 +0800 Message-Id: X-Mailer: git-send-email 2.29.2.windows.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3974 CcProbeLib once was designed to probe the Confidential Computing guest type by checking the PcdOvmfWorkArea. But this memory is allocated with either EfiACPIMemoryNVS or EfiBootServicesData. It cannot be accessed after ExitBootService. Please see the detailed analysis in BZ#3974. To fix this issue, CcProbeLib is re-designed as 2 implementation: - SecPeiCcProbeLib - CcProbeLib In SecPeiCcProbeLib we still check the CC guest type by reading the PcdOvmfWorkArea. Because it is used in SEC / PEI and we don't worry about the issues in BZ#3974. In CcProbeLib we call TdIsEnabled() to check if it is of Tdx guest. To improve the efficiency the result is cached in a global variable. In current stage only the Tdx related code is added in CcProbeLib. SEV code may be added in the future. The reason why we probe CC guest type in 2 different ways is the global varialbe. Global variable cannot be used in SEC/PEI and CcProbe is called very frequently. Code: https://github.com/mxu9/edk2/tree/CcProbeLib.BZ3974.v1 Cc: Gerd Hoffmann Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Tom Lendacky Cc: Yuan Yu Signed-off-by: Min Xu Min M Xu (2): OvmfPkg: Add SecPeiCcProbeLib OvmfPkg: Update CcProbeLib OvmfPkg/IntelTdx/IntelTdxX64.dsc | 1 + OvmfPkg/Library/CcProbeLib/CcProbeLib.c | 24 +++++++++++--- OvmfPkg/Library/CcProbeLib/CcProbeLib.inf | 5 +-- OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.c | 31 +++++++++++++++++++ .../Library/CcProbeLib/SecPeiCcProbeLib.inf | 25 +++++++++++++++ OvmfPkg/OvmfPkgX64.dsc | 3 ++ 6 files changed, 81 insertions(+), 8 deletions(-) create mode 100644 OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.c create mode 100644 OvmfPkg/Library/CcProbeLib/SecPeiCcProbeLib.inf -- 2.29.2.windows.2