* [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
@ 2020-11-30 20:28 James Bottomley
2020-11-30 20:28 ` [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed James Bottomley
` (8 more replies)
0 siblings, 9 replies; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
v3:
- More grub and boot stripping (I think I got everything out, but
there may be something that strayed in the boot panic resolution).
- grub.sh tidy up with tabs->spaces.
- Move the reset vector GUIDisation patch to the front so it can be
applied independently
- Update the .dsc and .fdf files for variable policy
v2:
- Strip more out of AmdSev image (networking, secure boot, smm)
- give sev reset block a generic table guid and use it for boot secret area
- separate secret patches and make grub script more robust
- Add copyrights and fix formatting issues
v1:
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
This patch series is modelled on the structure of the Bhyve patches
for Ovmf, since it does somewhat similar things. This patch series
creates a separate build for an AmdSev OVMF.fd that does nothing
except combine with grub and boot straight through the internal grub
to try to mount an encrypted volume.
Concept: SEV Secure Encrypted Images
====================================
The SEV patches in Linux and OVMF allow for the booting of SEV VMs in
an encrypted state, but don't really show how this could be done with
an encrypted image. Since the key used to decrypt the image must be
maintained within the SEV encryption envelope, encrypted QCOW is not
an option because the key would then have to be known to QEMU which is
outside the encryption envelope. The proposal here is that an
encrypted image should be a QCOW image consisting of two partitions,
the normal unencrypted EFI partition (Identifying it as an OVMF
bootable image) and a luks encrypted root partition. The kernel would
be inside the encrypted root in the /boot directory. The secret
injected securely through QEMU is extracted by OVMF and passed to grub
which uses it to mount the encrypted root and boot the kernel
normally. The creator of the secret bundle must be satisfied with the
SEV attestation before the secret is constructed. Unfortunately, the
SEV attestation can only be on the first QEMU firmware volume and
nothing else, so this patch series builds grub itself into a firmware
volume and places it inside OVMF so that the entire boot system can be
attested. In a normal OVMF KVM system, the variable store is on the
second flash volume (which is read/write). Unfortunately, this
mutable configuration provided by the variables is outside the
attestation envelope and can significantly alter the boot path,
possibly leading to secret leak, so encrypted image boot should only
be done with the OVMF.fd that combines both the code and variables.
the OVMF.fd is constructed so that it becomes impossible to interrupt
the boot sequence after attestation and the system will either boot
the image or fail. The boot sequence runs the grub.efi embedded in the
OVMF firmware volume so the encrypted image owner knows their own
version of grub is the only one that will boot before injecting the
secret. Note this boot path actually ignores the unencrypted EFI
partition. However, as part of this design, the encrypted image may be
booted by a standard OVMF KVM boot and in that case, the user will
have to type the encryption password. This standard boot will be
insecure but it might be used by the constructor of the encrypted
images on their own private laptop, for instance. The standard boot
path will use the unencrypted EFI partition.
Patches Required Outside of OVMF
================================
There is a patch set to grub which allows it to extract the SEV secret
area from the configuration table and use the secret as a password to
do a luks crypto mount of root (this is the sevsecret grub module):
https://lists.gnu.org/archive/html/grub-devel/2020-11/msg00078.html
There is also a patch to qemu which allows it to search through the
OVMF.fd and find the SEV secret area which is now described inside the
Reset Vector using the existing SEV_ES reset block. This area is the
place QEMU will inject the encrypted SEV secret bundle.
Security of the System
======================
Since Grub is now part of the attested OVMF.fd bundle, the VM owner
knows absolutely that it will proceed straight to partition decryption
inside the attested code and boot the kernel off the encrypted
partition. Even if a different QCOW image is substituted, the boot
will fail without revealing the secret because the system is designed
to fail hard in that case and because the secret is always contained
within the encrypted envelope it should be impossible for the cloud
operator to obtain it even if they can pause the boot and examine the
machine memory.
Putting it All Together
=======================
This is somewhat hard. You must first understand how to boot a QEMU
system so as to have the VM pause after firmware loading (-S option)
and use the qmp port to request an attestation. Only if the
attestation corresponds to the expected sha256sum of OVMF.fd should
the secret bundle be constructed and injected using qmp. The tools
for constructing the secret bundle are in
https://github.com/AMDESE/sev-tool/
James
---
James Bottomley (6):
OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
OvmfPkg/AmdSev: add Grub Firmware Volume Package
OvmfPkg: create a SEV secret area in the AmdSev memfd
OvmfPkg/AmdSev: assign and protect the Sev Secret area
OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
OvmfPkg/OvmfPkg.dec | 8 +
OvmfPkg/AmdSev/AmdSevX64.dsc | 844 ++++++++++
OvmfPkg/AmdSev/AmdSevX64.fdf | 456 +++++
OvmfPkg/AmdSev/Grub/Grub.inf | 39 +
OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf | 37 +
OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35 +
.../PlatformBootManagerLibGrub.inf | 71 +
OvmfPkg/ResetVector/ResetVector.inf | 4 +
OvmfPkg/Include/Guid/SevLaunchSecret.h | 28 +
.../PlatformBootManagerLibGrub/BdsPlatform.h | 175 ++
OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 26 +
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 +
.../PlatformBootManagerLibGrub/BdsPlatform.c | 1482 +++++++++++++++++
.../PlatformBootManagerLibGrub/PlatformData.c | 214 +++
OvmfPkg/AmdSev/Grub/.gitignore | 1 +
OvmfPkg/AmdSev/Grub/grub.cfg | 46 +
OvmfPkg/AmdSev/Grub/grub.sh | 93 ++
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 70 +-
OvmfPkg/ResetVector/ResetVector.nasmb | 2 +
19 files changed, 3645 insertions(+), 11 deletions(-)
create mode 100644 OvmfPkg/AmdSev/AmdSevX64.dsc
create mode 100644 OvmfPkg/AmdSev/AmdSevX64.fdf
create mode 100644 OvmfPkg/AmdSev/Grub/Grub.inf
create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
create mode 100644 OvmfPkg/Include/Guid/SevLaunchSecret.h
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
create mode 100644 OvmfPkg/AmdSev/Grub/.gitignore
create mode 100644 OvmfPkg/AmdSev/Grub/grub.cfg
create mode 100644 OvmfPkg/AmdSev/Grub/grub.sh
--
2.26.2
^ permalink raw reply [flat|nested] 35+ messages in thread
* [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
@ 2020-11-30 20:28 ` James Bottomley
2020-12-03 8:10 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 2/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF James Bottomley
` (7 subsequent siblings)
8 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
Convert the current ES reset block structure to an extensible guid
based structure by appending a header and length, which allow for
multiple guid based data packets to be inserted.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
---
v2: added
v3: reworked
---
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 51 +++++++++++++++-----
1 file changed, 40 insertions(+), 11 deletions(-)
diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
index 980e0138e7fe..9e0a74fddfc1 100644
--- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
+++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
@@ -25,21 +25,40 @@ ALIGN 16
TIMES (0x1000 - ($ - EndOfPageTables) - 0x20) DB 0
%endif
+;
+; Padding to ensure first guid starts at 0xffffffd0
+;
+TIMES (15 - ((guidedStructureEnd - guidedStructureStart + 15) % 16)) DB 0
+
+; GUIDed structure. To traverse this you should first verify the
+; presence of the table footer guid
+; (96b582de-1fb2-45f7-baea-a366c55a082d) at 0xffffffd0. If that
+; is found, the two bytes at 0xffffffce are the entire table length.
+;
+; The table is composed of structures with the form:
+;
+; Data (arbitrary bytes identified by guid)
+; length from start of data to end of guid (2 bytes)
+; guid (16 bytes)
+;
+; so work back from the footer using the length to traverse until you
+; either find the guid you're looking for or run off the beginning of
+; the table.
+;
+guidedStructureStart:
+
;
; SEV-ES Processor Reset support
;
; sevEsResetBlock:
; For the initial boot of an AP under SEV-ES, the "reset" RIP must be
-; programmed to the RAM area defined by SEV_ES_AP_RESET_IP. A known offset
-; and GUID will be used to locate this block in the firmware and extract
-; the build time RIP value. The GUID must always be 48 bytes from the
-; end of the firmware.
+; programmed to the RAM area defined by SEV_ES_AP_RESET_IP. The data
+; format is:
;
-; 0xffffffca (-0x36) - IP value
-; 0xffffffcc (-0x34) - CS segment base [31:16]
-; 0xffffffce (-0x32) - Size of the SEV-ES reset block
-; 0xffffffd0 (-0x30) - SEV-ES reset block GUID
-; (00f771de-1a7e-4fcb-890e-68c77e2fb44e)
+; IP value [0:15]
+; CS segment base [31:16]
+;
+; GUID (SEV-ES reset block): 00f771de-1a7e-4fcb-890e-68c77e2fb44e
;
; A hypervisor reads the CS segement base and IP value. The CS segment base
; value represents the high order 16-bits of the CS segment base, so the
@@ -48,8 +67,6 @@ ALIGN 16
; program the EIP register with the IP value as read.
;
-TIMES (32 - (sevEsResetBlockEnd - sevEsResetBlockStart)) DB 0
-
sevEsResetBlockStart:
DD SEV_ES_AP_RESET_IP
DW sevEsResetBlockEnd - sevEsResetBlockStart
@@ -57,6 +74,18 @@ sevEsResetBlockStart:
DB 0x89, 0x0E, 0x68, 0xC7, 0x7E, 0x2F, 0xB4, 0x4E
sevEsResetBlockEnd:
+;
+; Table footer:
+;
+; length of whole table (16 bit word)
+; GUID (table footer): 96b582de-1fb2-45f7-baea-a366c55a082d
+;
+ DW guidedStructureEnd - guidedStructureStart
+ DB 0xDE, 0x82, 0xB5, 0x96, 0xB2, 0x1F, 0xF7, 0x45
+ DB 0xBA, 0xEA, 0xA3, 0x66, 0xC5, 0x5A, 0x08, 0x2D
+
+guidedStructureEnd:
+
ALIGN 16
applicationProcessorEntryPoint:
--
2.26.2
^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH v3 2/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
2020-11-30 20:28 ` [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed James Bottomley
@ 2020-11-30 20:28 ` James Bottomley
2020-12-03 8:20 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 3/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package James Bottomley
` (6 subsequent siblings)
8 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
This commit represents the file copied from OvmfPkgX64 with minor
changes to change the build name.
This package will form the basis for adding Sev specific features.
Since everything must go into a single rom file for attestation, the
separated build of code and variables is eliminated.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
---
v2: remove secure boot, smm and networking
v3: update for variable policy, remove stray smm/networking parts, remove CSM
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 833 +++++++++++++++++++++++++++++++++++
OvmfPkg/AmdSev/AmdSevX64.fdf | 450 +++++++++++++++++++
2 files changed, 1283 insertions(+)
create mode 100644 OvmfPkg/AmdSev/AmdSevX64.dsc
create mode 100644 OvmfPkg/AmdSev/AmdSevX64.fdf
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
new file mode 100644
index 000000000000..59778c49548c
--- /dev/null
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -0,0 +1,833 @@
+## @file
+# EFI/Framework Open Virtual Machine Firmware (OVMF) platform for SEV secure
+# virtual machine remote attestation and secret injection
+#
+# Copyright (c) 2020 James Bottomley, IBM Corporation.
+# Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>
+# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+################################################################################
+#
+# Defines Section - statements that will be processed to create a Makefile.
+#
+################################################################################
+[Defines]
+ PLATFORM_NAME = Ovmf
+ PLATFORM_GUID = 07ff380c-4760-4823-8f59-ec2cb06fbc16
+ PLATFORM_VERSION = 0.1
+ DSC_SPECIFICATION = 0x00010005
+ OUTPUT_DIRECTORY = Build/AmdSev
+ SUPPORTED_ARCHITECTURES = X64
+ BUILD_TARGETS = NOOPT|DEBUG|RELEASE
+ SKUID_IDENTIFIER = DEFAULT
+ FLASH_DEFINITION = OvmfPkg/AmdSev/AmdSevX64.fdf
+
+ #
+ # Defines for default states. These can be changed on the command line.
+ # -D FLAG=VALUE
+ #
+ DEFINE SOURCE_DEBUG_ENABLE = FALSE
+ DEFINE TPM_ENABLE = FALSE
+ DEFINE TPM_CONFIG_ENABLE = FALSE
+
+ #
+ # Device drivers
+ #
+ DEFINE PVSCSI_ENABLE = TRUE
+ DEFINE MPT_SCSI_ENABLE = TRUE
+ DEFINE LSI_SCSI_ENABLE = FALSE
+
+ #
+ # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to
+ # one of the supported values, in place of any of the convenience macros, is
+ # permitted.
+ #
+!ifdef $(FD_SIZE_1MB)
+ DEFINE FD_SIZE_IN_KB = 1024
+!else
+!ifdef $(FD_SIZE_2MB)
+ DEFINE FD_SIZE_IN_KB = 2048
+!else
+!ifdef $(FD_SIZE_4MB)
+ DEFINE FD_SIZE_IN_KB = 4096
+!else
+ DEFINE FD_SIZE_IN_KB = 4096
+!endif
+!endif
+!endif
+
+[BuildOptions]
+ GCC:RELEASE_*_*_CC_FLAGS = -DMDEPKG_NDEBUG
+ INTEL:RELEASE_*_*_CC_FLAGS = /D MDEPKG_NDEBUG
+ MSFT:RELEASE_*_*_CC_FLAGS = /D MDEPKG_NDEBUG
+!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(TOOL_CHAIN_TAG) != "CLANGPDB"
+ GCC:*_*_*_CC_FLAGS = -mno-mmx -mno-sse
+!endif
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ MSFT:*_*_X64_GENFW_FLAGS = --keepexceptiontable
+ GCC:*_*_X64_GENFW_FLAGS = --keepexceptiontable
+ INTEL:*_*_X64_GENFW_FLAGS = --keepexceptiontable
+!endif
+
+ #
+ # Disable deprecated APIs.
+ #
+ MSFT:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
+ INTEL:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
+ GCC:*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
+
+[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
+ GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
+ XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000
+ XCODE:*_*_*_MTOC_FLAGS = -align 0x1000
+ CLANGPDB:*_*_*_DLINK_FLAGS = /ALIGN:4096
+
+# Force PE/COFF sections to be aligned at 4KB boundaries to support page level
+# protection of DXE_SMM_DRIVER/SMM_CORE modules
+[BuildOptions.common.EDKII.DXE_SMM_DRIVER, BuildOptions.common.EDKII.SMM_CORE]
+ GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
+ XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000
+ XCODE:*_*_*_MTOC_FLAGS = -align 0x1000
+ CLANGPDB:*_*_*_DLINK_FLAGS = /ALIGN:4096
+
+################################################################################
+#
+# SKU Identification section - list of all SKU IDs supported by this Platform.
+#
+################################################################################
+[SkuIds]
+ 0|DEFAULT
+
+################################################################################
+#
+# Library Class section - list of all Library Classes needed by this Platform.
+#
+################################################################################
+[LibraryClasses]
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
+ BaseMemoryLib|MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf
+ BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
+ BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
+ SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
+ CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf
+ PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
+ PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
+ CacheMaintenanceLib|MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf
+ UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.inf
+ UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
+ HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
+ SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
+ UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
+ BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
+ FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
+ CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
+ DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
+ DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
+ PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
+ PciCf8Lib|MdePkg/Library/BasePciCf8Lib/BasePciCf8Lib.inf
+ PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
+ PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
+ PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
+ PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
+ PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
+ PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
+ IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
+ OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
+ SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
+ MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
+ UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
+ UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
+ UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
+ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
+ UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
+ DevicePathLib|MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf
+ NvVarsFileLib|OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.inf
+ FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
+ UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
+ SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
+ UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
+ SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
+ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
+ QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf
+ VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
+ LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+ MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
+ LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+ CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
+ FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
+
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
+ DebugCommunicationLib|SourceLevelDebugPkg/Library/DebugCommunicationLibSerialPort/DebugCommunicationLibSerialPort.inf
+!else
+ PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
+ DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
+!endif
+
+ LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
+ DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
+
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+
+ AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
+ VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+ VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
+ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
+
+ ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
+ ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf
+ S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
+ SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
+ OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
+ XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf
+ XenPlatformLib|OvmfPkg/Library/XenPlatformLib/XenPlatformLib.inf
+
+!if $(TPM_ENABLE) == TRUE
+ Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
+ Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
+ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
+ Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
+ TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+!else
+ Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
+ TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+!endif
+
+[LibraryClasses.common]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ VmgExitLib|OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
+
+[LibraryClasses.common.SEC]
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
+ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf
+!endif
+ ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
+ ExtractGuidedSectionLib|MdePkg/Library/BaseExtractGuidedSectionLib/BaseExtractGuidedSectionLib.inf
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf
+!endif
+ HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
+ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
+ PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
+ MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
+!if $(TOOL_CHAIN_TAG) == "XCODE5"
+ CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/Xcode5SecPeiCpuExceptionHandlerLib.inf
+!else
+ CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
+!endif
+
+[LibraryClasses.common.PEI_CORE]
+ HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
+ PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
+ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
+ MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
+ PeiCoreEntryPoint|MdePkg/Library/PeiCoreEntryPoint/PeiCoreEntryPoint.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
+ OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
+ PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
+
+[LibraryClasses.common.PEIM]
+ HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
+ PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
+ PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
+ MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
+ PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
+ OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
+ PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
+ ResourcePublicationLib|MdePkg/Library/PeiResourcePublicationLib/PeiResourcePublicationLib.inf
+ ExtractGuidedSectionLib|MdePkg/Library/PeiExtractGuidedSectionLib/PeiExtractGuidedSectionLib.inf
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf
+!endif
+ CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
+ MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+ QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
+ PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+ QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
+
+!if $(TPM_ENABLE) == TRUE
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
+!endif
+
+[LibraryClasses.common.DXE_CORE]
+ HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
+ DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
+ MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeCoreMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
+!endif
+ CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+
+[LibraryClasses.common.DXE_RUNTIME_DRIVER]
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+ DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/RuntimeDxeReportStatusCodeLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+ PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+ QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
+ VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
+
+[LibraryClasses.common.UEFI_DRIVER]
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+ DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
+ PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+
+[LibraryClasses.common.DXE_DRIVER]
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
+ UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ PlatformBootManagerLib|OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+ PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrintScLib.inf
+ QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
+ CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
+ LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
+!endif
+ PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+ MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+ QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
+ QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
+!if $(TPM_ENABLE) == TRUE
+ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
+!endif
+
+[LibraryClasses.common.UEFI_APPLICATION]
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+
+[LibraryClasses.common.DXE_SMM_DRIVER]
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
+ MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+ SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
+ MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
+ SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf
+!endif
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+ PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+
+[LibraryClasses.common.SMM_CORE]
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
+ ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
+ SmmCorePlatformHookLib|MdeModulePkg/Library/SmmCorePlatformHookLibNull/SmmCorePlatformHookLibNull.inf
+ MemoryAllocationLib|MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
+ SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
+ SmmServicesTableLib|MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
+!ifdef $(DEBUG_ON_SERIAL_PORT)
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+!else
+ DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
+!endif
+ PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
+
+################################################################################
+#
+# Pcd Section - list of all EDK II PCD Entries defined by this Platform.
+#
+################################################################################
+[PcdsFeatureFlag]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHiiOsRuntimeSupport|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdInstallAcpiSdtProtocol|TRUE
+
+[PcdsFixedAtBuild]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1
+ gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE
+ gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
+!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
+ # match PcdFlashNvStorageVariableSize purely for convenience
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000
+!endif
+!if $(FD_SIZE_IN_KB) == 4096
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400
+ # match PcdFlashNvStorageVariableSize purely for convenience
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x40000
+!endif
+
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeUseSerial|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeUseMemory|TRUE
+
+ gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
+
+ # DEBUG_INIT 0x00000001 // Initialization
+ # DEBUG_WARN 0x00000002 // Warnings
+ # DEBUG_LOAD 0x00000004 // Load events
+ # DEBUG_FS 0x00000008 // EFI File system
+ # DEBUG_POOL 0x00000010 // Alloc & Free (pool)
+ # DEBUG_PAGE 0x00000020 // Alloc & Free (page)
+ # DEBUG_INFO 0x00000040 // Informational debug messages
+ # DEBUG_DISPATCH 0x00000080 // PEI/DXE/SMM Dispatchers
+ # DEBUG_VARIABLE 0x00000100 // Variable
+ # DEBUG_BM 0x00000400 // Boot Manager
+ # DEBUG_BLKIO 0x00001000 // BlkIo Driver
+ # DEBUG_NET 0x00004000 // SNP Driver
+ # DEBUG_UNDI 0x00010000 // UNDI Driver
+ # DEBUG_LOADFILE 0x00020000 // LoadFile
+ # DEBUG_EVENT 0x00080000 // Event messages
+ # DEBUG_GCD 0x00100000 // Global Coherency Database changes
+ # DEBUG_CACHE 0x00200000 // Memory range cachability changes
+ # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
+ # // significantly impact boot performance
+ # DEBUG_ERROR 0x80000000 // Error
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
+
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
+!else
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
+!endif
+
+ # This PCD is used to set the base address of the PCI express hierarchy. It
+ # is only consulted when OVMF runs on Q35. In that case it is programmed into
+ # the PCIEXBAR register.
+ #
+ # On Q35 machine types that QEMU intends to support in the long term, QEMU
+ # never lets the RAM below 4 GB exceed 2816 MB.
+ gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xB0000000
+
+!if $(SOURCE_DEBUG_ENABLE) == TRUE
+ gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
+!endif
+
+ #
+ # The NumberOfPages values below are ad-hoc. They are updated sporadically at
+ # best (please refer to git-blame for past updates). The values capture a set
+ # of BIN hints that made sense at a particular time, for some (now likely
+ # unknown) workloads / boot paths.
+ #
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x80
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x10
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x80
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|0x100
+ gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0x100
+
+ # IRQs 5, 9, 10, 11 are level-triggered
+ gUefiOvmfPkgTokenSpaceGuid.Pcd8259LegacyModeEdgeLevel|0x0E20
+
+ # Point to the MdeModulePkg/Application/UiApp/UiApp.inf
+ gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
+
+################################################################################
+#
+# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
+#
+################################################################################
+
+[PcdsDynamicDefault]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
+
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration|FALSE
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|800
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution|600
+ gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable|FALSE
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId|0
+ gUefiOvmfPkgTokenSpaceGuid.PcdPciIoBase|0x0
+ gUefiOvmfPkgTokenSpaceGuid.PcdPciIoSize|0x0
+ gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio32Base|0x0
+ gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio32Size|0x0
+ gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Base|0x0
+ gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Size|0x800000000
+
+ gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|0
+
+ # Set video resolution for text setup.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution|640
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution|480
+
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosVersion|0x0208
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0
+ gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE
+
+ # Noexec settings for DXE.
+ gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
+
+ # UefiCpuPkg PCDs related to initial AP bringup and general AP management.
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0
+
+ # Set memory encryption mask
+ gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
+
+ # Set SEV-ES defaults
+ gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
+ gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
+ gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
+
+ gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
+
+!if $(TPM_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
+!endif
+
+[PcdsDynamicHii]
+!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
+!endif
+
+################################################################################
+#
+# Components Section - list of all EDK II Modules needed by this Platform.
+#
+################################################################################
+[Components]
+ OvmfPkg/ResetVector/ResetVector.inf
+
+ #
+ # SEC Phase modules
+ #
+ OvmfPkg/Sec/SecMain.inf {
+ <LibraryClasses>
+ NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
+ }
+
+ #
+ # PEI Phase modules
+ #
+ MdeModulePkg/Core/Pei/PeiMain.inf
+ MdeModulePkg/Universal/PCD/Pei/Pcd.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+ MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+ MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+ MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
+
+ OvmfPkg/PlatformPei/PlatformPei.inf
+ UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
+ UefiCpuPkg/CpuMpPei/CpuMpPei.inf
+
+!if $(TPM_ENABLE) == TRUE
+ OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+ SecurityPkg/Tcg/TcgPei/TcgPei.inf
+ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
+ <LibraryClasses>
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
+ }
+!endif
+
+ #
+ # DXE Phase modules
+ #
+ MdeModulePkg/Core/Dxe/DxeMain.inf {
+ <LibraryClasses>
+ NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
+ }
+
+ MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf
+ MdeModulePkg/Universal/StatusCodeHandler/RuntimeDxe/StatusCodeHandlerRuntimeDxe.inf
+ MdeModulePkg/Universal/PCD/Dxe/Pcd.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+
+ MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
+
+ MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
+ <LibraryClasses>
+!if $(TPM_ENABLE) == TRUE
+ NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
+!endif
+ }
+
+ MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
+ OvmfPkg/8259InterruptControllerDxe/8259.inf
+ UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
+ UefiCpuPkg/CpuDxe/CpuDxe.inf
+ OvmfPkg/8254TimerDxe/8254Timer.inf
+ OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.inf
+ OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
+ MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf {
+ <LibraryClasses>
+ PciHostBridgeLib|OvmfPkg/Library/PciHostBridgeLib/PciHostBridgeLib.inf
+ NULL|OvmfPkg/Library/PlatformHasIoMmuLib/PlatformHasIoMmuLib.inf
+ }
+ MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ }
+ MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
+ MdeModulePkg/Universal/Metronome/Metronome.inf
+ PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
+ MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
+ MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+ MdeModulePkg/Logo/LogoDxe.inf
+ MdeModulePkg/Application/UiApp/UiApp.inf {
+ <LibraryClasses>
+ NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
+ NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf
+ NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
+ }
+ OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
+ OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
+ OvmfPkg/Virtio10Dxe/Virtio10.inf
+ OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
+ OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
+ OvmfPkg/VirtioRngDxe/VirtioRng.inf
+ OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf
+ OvmfPkg/XenBusDxe/XenBusDxe.inf
+ OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf
+!if $(PVSCSI_ENABLE) == TRUE
+ OvmfPkg/PvScsiDxe/PvScsiDxe.inf
+!endif
+!if $(MPT_SCSI_ENABLE) == TRUE
+ OvmfPkg/MptScsiDxe/MptScsiDxe.inf
+!endif
+!if $(LSI_SCSI_ENABLE) == TRUE
+ OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
+!endif
+ MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+ MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
+ MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+ MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
+ MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
+ MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf {
+ <LibraryClasses>
+ PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
+ }
+ MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+ MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf {
+ <LibraryClasses>
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+ }
+ MdeModulePkg/Universal/PrintDxe/PrintDxe.inf
+ MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
+ MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+ MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
+ MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
+ FatPkg/EnhancedFatDxe/Fat.inf
+ MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+ MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
+ MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+ OvmfPkg/SataControllerDxe/SataControllerDxe.inf
+ MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
+ MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
+ MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+ MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+ MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+ MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+ MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
+
+ OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+ OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+ OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+
+ #
+ # ISA Support
+ #
+ OvmfPkg/SioBusDxe/SioBusDxe.inf
+ MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxe.inf
+ MdeModulePkg/Bus/Isa/Ps2KeyboardDxe/Ps2KeyboardDxe.inf
+
+ #
+ # SMBIOS Support
+ #
+ MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf {
+ <LibraryClasses>
+ NULL|OvmfPkg/Library/SmbiosVersionLib/DetectSmbiosVersionLib.inf
+ }
+ OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf
+
+ #
+ # ACPI Support
+ #
+ MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
+ OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
+ OvmfPkg/AcpiTables/AcpiTables.inf
+ MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
+ MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
+ MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
+
+ #
+ # Usb Support
+ #
+ MdeModulePkg/Bus/Pci/UhciDxe/UhciDxe.inf
+ MdeModulePkg/Bus/Pci/EhciDxe/EhciDxe.inf
+ MdeModulePkg/Bus/Pci/XhciDxe/XhciDxe.inf
+ MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf
+ MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
+ MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
+
+!if $(TOOL_CHAIN_TAG) != "XCODE5"
+ OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
+ <PcdsFixedAtBuild>
+ gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
+ }
+!endif
+ ShellPkg/Application/Shell/Shell.inf {
+ <LibraryClasses>
+ ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
+ NULL|ShellPkg/Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.inf
+ NULL|ShellPkg/Library/UefiShellLevel1CommandsLib/UefiShellLevel1CommandsLib.inf
+ NULL|ShellPkg/Library/UefiShellLevel3CommandsLib/UefiShellLevel3CommandsLib.inf
+ NULL|ShellPkg/Library/UefiShellDriver1CommandsLib/UefiShellDriver1CommandsLib.inf
+ NULL|ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.inf
+ NULL|ShellPkg/Library/UefiShellInstall1CommandsLib/UefiShellInstall1CommandsLib.inf
+ HandleParsingLib|ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.inf
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
+ BcfgCommandLib|ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.inf
+
+ <PcdsFixedAtBuild>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0xFF
+ gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
+ gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
+ }
+
+ OvmfPkg/PlatformDxe/Platform.inf
+ OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+ OvmfPkg/IoMmuDxe/IoMmuDxe.inf
+
+ #
+ # Variable driver stack (non-SMM)
+ #
+ OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
+ OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf {
+ <LibraryClasses>
+ PlatformFvbLib|OvmfPkg/Library/EmuVariableFvbLib/EmuVariableFvbLib.inf
+ }
+ MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
+ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
+ <LibraryClasses>
+ NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
+ }
+
+ #
+ # TPM support
+ #
+!if $(TPM_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
+ <LibraryClasses>
+ Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
+ NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
+ HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
+ }
+!if $(TPM_CONFIG_ENABLE) == TRUE
+ SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+ SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
+ <LibraryClasses>
+ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
+ }
+!endif
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
new file mode 100644
index 000000000000..b884166771f0
--- /dev/null
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -0,0 +1,450 @@
+## @file
+# Open Virtual Machine Firmware: FDF
+#
+# Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
+# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+################################################################################
+
+[Defines]
+!include OvmfPkg/OvmfPkgDefines.fdf.inc
+
+#
+# Build the variable store and the firmware code as one unified flash device
+# image.
+#
+[FD.OVMF]
+BaseAddress = $(FW_BASE_ADDRESS)
+Size = $(FW_SIZE)
+ErasePolarity = 1
+BlockSize = $(BLOCK_SIZE)
+NumBlocks = $(FW_BLOCKS)
+
+!include OvmfPkg/VarStore.fdf.inc
+
+$(VARS_SIZE)|$(FVMAIN_SIZE)
+FV = FVMAIN_COMPACT
+
+$(SECFV_OFFSET)|$(SECFV_SIZE)
+FV = SECFV
+
+################################################################################
+
+[FD.MEMFD]
+BaseAddress = $(MEMFD_BASE_ADDRESS)
+Size = 0xD00000
+ErasePolarity = 1
+BlockSize = 0x10000
+NumBlocks = 0xD0
+
+0x000000|0x006000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+
+0x006000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageSize
+
+0x007000|0x001000
+gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress|gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize
+
+0x008000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize
+
+0x009000|0x002000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
+
+0x00B000|0x001000
+gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
+
+0x010000|0x010000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
+
+0x020000|0x0E0000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
+FV = PEIFV
+
+0x100000|0xC00000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
+FV = DXEFV
+
+################################################################################
+
+[FV.SECFV]
+FvNameGuid = 763BED0D-DE9F-48F5-81F1-3E90E1B1A015
+BlockSize = 0x1000
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+#
+# SEC Phase modules
+#
+# The code in this FV handles the initial firmware startup, and
+# decompresses the PEI and DXE FVs which handles the rest of the boot sequence.
+#
+INF OvmfPkg/Sec/SecMain.inf
+
+INF RuleOverride=RESET_VECTOR OvmfPkg/ResetVector/ResetVector.inf
+
+################################################################################
+[FV.PEIFV]
+FvNameGuid = 6938079B-B503-4E3D-9D24-B28337A25806
+BlockSize = 0x10000
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+APRIORI PEI {
+ INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf
+}
+
+#
+# PEI Phase modules
+#
+INF MdeModulePkg/Core/Pei/PeiMain.inf
+INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf
+INF MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf
+INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf
+INF OvmfPkg/PlatformPei/PlatformPei.inf
+INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
+INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
+INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
+
+!if $(TPM_ENABLE) == TRUE
+INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
+INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
+INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
+!endif
+
+################################################################################
+
+[FV.DXEFV]
+FvForceRebase = FALSE
+FvNameGuid = 7CB8BDC9-F8EB-4F34-AAEA-3EE4AF6516A1
+BlockSize = 0x10000
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+APRIORI DXE {
+ INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
+ INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
+ INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+ INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
+}
+
+#
+# DXE Phase modules
+#
+INF MdeModulePkg/Core/Dxe/DxeMain.inf
+
+INF MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf
+INF MdeModulePkg/Universal/StatusCodeHandler/RuntimeDxe/StatusCodeHandlerRuntimeDxe.inf
+INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
+
+INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
+INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
+INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
+INF OvmfPkg/8259InterruptControllerDxe/8259.inf
+INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
+INF UefiCpuPkg/CpuDxe/CpuDxe.inf
+INF OvmfPkg/8254TimerDxe/8254Timer.inf
+INF OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.inf
+INF OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
+INF MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf
+INF MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf
+INF MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
+INF MdeModulePkg/Universal/Metronome/Metronome.inf
+INF PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
+
+INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
+INF OvmfPkg/Virtio10Dxe/Virtio10.inf
+INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
+INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
+INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
+INF OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf
+INF OvmfPkg/XenBusDxe/XenBusDxe.inf
+INF OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf
+!if $(PVSCSI_ENABLE) == TRUE
+INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
+!endif
+!if $(MPT_SCSI_ENABLE) == TRUE
+INF OvmfPkg/MptScsiDxe/MptScsiDxe.inf
+!endif
+!if $(LSI_SCSI_ENABLE) == TRUE
+INF OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
+!endif
+
+INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
+INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
+INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+INF MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
+INF MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
+INF MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf
+INF MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
+INF MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
+INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+INF MdeModulePkg/Application/UiApp/UiApp.inf
+INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
+INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
+INF MdeModulePkg/Universal/PrintDxe/PrintDxe.inf
+INF MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
+INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
+INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
+INF MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
+INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+INF OvmfPkg/SataControllerDxe/SataControllerDxe.inf
+INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
+INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
+INF MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
+INF MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
+INF MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
+INF MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
+INF MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
+
+INF OvmfPkg/SioBusDxe/SioBusDxe.inf
+!if $(SOURCE_DEBUG_ENABLE) == FALSE
+INF MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxe.inf
+!endif
+INF MdeModulePkg/Bus/Isa/Ps2KeyboardDxe/Ps2KeyboardDxe.inf
+
+INF MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf
+INF OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf
+
+INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
+INF OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
+INF RuleOverride=ACPITABLE OvmfPkg/AcpiTables/AcpiTables.inf
+INF MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
+INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
+INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
+
+INF FatPkg/EnhancedFatDxe/Fat.inf
+INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
+
+!if $(TOOL_CHAIN_TAG) != "XCODE5"
+INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
+!endif
+INF ShellPkg/Application/Shell/Shell.inf
+
+INF MdeModulePkg/Logo/LogoDxe.inf
+
+#
+# Usb Support
+#
+INF MdeModulePkg/Bus/Pci/UhciDxe/UhciDxe.inf
+INF MdeModulePkg/Bus/Pci/EhciDxe/EhciDxe.inf
+INF MdeModulePkg/Bus/Pci/XhciDxe/XhciDxe.inf
+INF MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf
+INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
+INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
+
+INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+
+INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
+INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
+INF OvmfPkg/PlatformDxe/Platform.inf
+INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
+
+
+#
+# Variable driver stack (non-SMM)
+#
+INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
+INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
+INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
+INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+
+#
+# TPM support
+#
+!if $(TPM_ENABLE) == TRUE
+INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
+INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+!if $(TPM_CONFIG_ENABLE) == TRUE
+INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
+!endif
+!endif
+
+################################################################################
+
+[FV.FVMAIN_COMPACT]
+FvNameGuid = 48DB5E17-707C-472D-91CD-1613E7EF51B0
+FvAlignment = 16
+ERASE_POLARITY = 1
+MEMORY_MAPPED = TRUE
+STICKY_WRITE = TRUE
+LOCK_CAP = TRUE
+LOCK_STATUS = TRUE
+WRITE_DISABLED_CAP = TRUE
+WRITE_ENABLED_CAP = TRUE
+WRITE_STATUS = TRUE
+WRITE_LOCK_CAP = TRUE
+WRITE_LOCK_STATUS = TRUE
+READ_DISABLED_CAP = TRUE
+READ_ENABLED_CAP = TRUE
+READ_STATUS = TRUE
+READ_LOCK_CAP = TRUE
+READ_LOCK_STATUS = TRUE
+
+FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
+ SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE {
+ #
+ # These firmware volumes will have files placed in them uncompressed,
+ # and then both firmware volumes will be compressed in a single
+ # compression operation in order to achieve better overall compression.
+ #
+ SECTION FV_IMAGE = PEIFV
+ SECTION FV_IMAGE = DXEFV
+ }
+ }
+
+!include OvmfPkg/FvmainCompactScratchEnd.fdf.inc
+
+################################################################################
+
+[Rule.Common.SEC]
+ FILE SEC = $(NAMED_GUID) {
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING ="$(MODULE_NAME)" Optional
+ VERSION STRING ="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.PEI_CORE]
+ FILE PEI_CORE = $(NAMED_GUID) {
+ PE32 PE32 Align=Auto $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING ="$(MODULE_NAME)" Optional
+ VERSION STRING ="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.PEIM]
+ FILE PEIM = $(NAMED_GUID) {
+ PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 Align=Auto $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.DXE_CORE]
+ FILE DXE_CORE = $(NAMED_GUID) {
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.DXE_DRIVER]
+ FILE DRIVER = $(NAMED_GUID) {
+ DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ RAW ACPI Optional |.acpi
+ RAW ASL Optional |.aml
+ }
+
+[Rule.Common.DXE_RUNTIME_DRIVER]
+ FILE DRIVER = $(NAMED_GUID) {
+ DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.UEFI_DRIVER]
+ FILE DRIVER = $(NAMED_GUID) {
+ DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.UEFI_DRIVER.BINARY]
+ FILE DRIVER = $(NAMED_GUID) {
+ DXE_DEPEX DXE_DEPEX Optional |.depex
+ PE32 PE32 |.efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.UEFI_APPLICATION]
+ FILE APPLICATION = $(NAMED_GUID) {
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.UEFI_APPLICATION.BINARY]
+ FILE APPLICATION = $(NAMED_GUID) {
+ PE32 PE32 |.efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.USER_DEFINED.ACPITABLE]
+ FILE FREEFORM = $(NAMED_GUID) {
+ RAW ACPI |.acpi
+ RAW ASL |.aml
+ }
+
+[Rule.Common.SEC.RESET_VECTOR]
+ FILE RAW = $(NAMED_GUID) {
+ RAW BIN Align = 16 |.bin
+ }
+
+[Rule.Common.SMM_CORE]
+ FILE SMM_CORE = $(NAMED_GUID) {
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
+
+[Rule.Common.DXE_SMM_DRIVER]
+ FILE SMM = $(NAMED_GUID) {
+ SMM_DEPEX SMM_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
+ PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
+ UI STRING="$(MODULE_NAME)" Optional
+ VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
+ }
--
2.26.2
^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH v3 3/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
2020-11-30 20:28 ` [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed James Bottomley
2020-11-30 20:28 ` [PATCH v3 2/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF James Bottomley
@ 2020-11-30 20:28 ` James Bottomley
2020-12-03 8:39 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd James Bottomley
` (5 subsequent siblings)
8 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
This is used to package up the grub bootloader into a firmware volume
where it can be executed as a shell like the UEFI Shell. Grub itself
is built as a minimal entity into a Fv and then added as a boot
option. By default the UEFI shell isn't built but for debugging
purposes it can be enabled and will then be presented as a boot option
(This should never be allowed for secure boot in an external data
centre but may be useful for local debugging). Finally all other boot
options except grub and possibly the shell are stripped and the boot
timeout forced to 0 so the system will not enter a setup menu and will
only boot to grub. This is done by copying the
Library/PlatformBootManagerLib into Library/PlatformBootManagerLibGrub
and then customizing it.
Boot failure is fatal to try to prevent secret theft.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
---
v2: strip out s3 and qemu boot contacts make grub script robust and
don't build grub.efi each time
v3: add copyrights, untabify grub.sh, strip more from PlatformBootLibGrub.
---
OvmfPkg/OvmfPkg.dec | 1 +
OvmfPkg/AmdSev/AmdSevX64.dsc | 21 +-
OvmfPkg/AmdSev/AmdSevX64.fdf | 7 +-
OvmfPkg/AmdSev/Grub/Grub.inf | 39 +
.../PlatformBootManagerLibGrub.inf | 71 +
.../PlatformBootManagerLibGrub/BdsPlatform.h | 175 ++
.../PlatformBootManagerLibGrub/BdsPlatform.c | 1482 +++++++++++++++++
.../PlatformBootManagerLibGrub/PlatformData.c | 214 +++
OvmfPkg/AmdSev/Grub/.gitignore | 1 +
OvmfPkg/AmdSev/Grub/grub.cfg | 46 +
OvmfPkg/AmdSev/Grub/grub.sh | 93 ++
11 files changed, 2141 insertions(+), 9 deletions(-)
create mode 100644 OvmfPkg/AmdSev/Grub/Grub.inf
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
create mode 100644 OvmfPkg/AmdSev/Grub/.gitignore
create mode 100644 OvmfPkg/AmdSev/Grub/grub.cfg
create mode 100644 OvmfPkg/AmdSev/Grub/grub.sh
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 6abde4fd9351..3fbf7a0ee1a4 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -116,6 +116,7 @@ [Guids]
gEfiLegacyDevOrderVariableGuid = {0xa56074db, 0x65fe, 0x45f7, {0xbd, 0x21, 0x2d, 0x2b, 0xdd, 0x8e, 0x96, 0x52}}
gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
gQemuKernelLoaderFsMediaGuid = {0x1428f772, 0xb64a, 0x441e, {0xb8, 0xc3, 0x9e, 0xbd, 0xd7, 0xf8, 0x93, 0xc7}}
+ gGrubFileGuid = {0xb5ae312c, 0xbc8a, 0x43b1, {0x9c, 0x62, 0xeb, 0xb8, 0x26, 0xdd, 0x5d, 0x07}}
[Ppis]
# PPI whose presence in the PPI database signals that the TPM base address
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 59778c49548c..18707725b3e4 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -25,6 +25,7 @@ [Defines]
BUILD_TARGETS = NOOPT|DEBUG|RELEASE
SKUID_IDENTIFIER = DEFAULT
FLASH_DEFINITION = OvmfPkg/AmdSev/AmdSevX64.fdf
+ PREBUILD = sh OvmfPkg/AmdSev/Grub/grub.sh
#
# Defines for default states. These can be changed on the command line.
@@ -34,6 +35,11 @@ [Defines]
DEFINE TPM_ENABLE = FALSE
DEFINE TPM_CONFIG_ENABLE = FALSE
+ #
+ # Shell can be useful for debugging but should not be enabled for production
+ #
+ DEFINE BUILD_SHELL = FALSE
+
#
# Device drivers
#
@@ -149,7 +155,6 @@ [LibraryClasses]
UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
DevicePathLib|MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf
- NvVarsFileLib|OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
@@ -184,9 +189,11 @@ [LibraryClasses]
VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
+!if $(BUILD_SHELL) == TRUE
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf
- S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
+!endif
+
SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf
@@ -343,7 +350,7 @@ [LibraryClasses.common.DXE_DRIVER]
!else
DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
!endif
- PlatformBootManagerLib|OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+ PlatformBootManagerLib|OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrintScLib.inf
QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
@@ -507,6 +514,7 @@ [PcdsFixedAtBuild]
# Point to the MdeModulePkg/Application/UiApp/UiApp.inf
gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
+ gEfiMdeModulePkgTokenSpaceGuid.PcdConInConnectOnDemand|TRUE
################################################################################
#
# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
@@ -751,8 +759,6 @@ [Components]
MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
OvmfPkg/AcpiTables/AcpiTables.inf
- MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
- MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
#
@@ -765,12 +771,14 @@ [Components]
MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
-!if $(TOOL_CHAIN_TAG) != "XCODE5"
+!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
}
!endif
+ OvmfPkg/AmdSev/Grub/Grub.inf
+!if $(BUILD_SHELL) == TRUE
ShellPkg/Application/Shell/Shell.inf {
<LibraryClasses>
ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
@@ -789,6 +797,7 @@ [Components]
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
}
+!endif
OvmfPkg/PlatformDxe/Platform.inf
OvmfPkg/AmdSevDxe/AmdSevDxe.inf
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index b884166771f0..1aa95826384a 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -257,17 +257,18 @@ [FV.DXEFV]
INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
INF OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
INF RuleOverride=ACPITABLE OvmfPkg/AcpiTables/AcpiTables.inf
-INF MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
-INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
-!if $(TOOL_CHAIN_TAG) != "XCODE5"
+!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
+INF OvmfPkg/AmdSev/Grub/Grub.inf
+!if $(BUILD_SHELL) == TRUE
INF ShellPkg/Application/Shell/Shell.inf
+!endif
INF MdeModulePkg/Logo/LogoDxe.inf
diff --git a/OvmfPkg/AmdSev/Grub/Grub.inf b/OvmfPkg/AmdSev/Grub/Grub.inf
new file mode 100644
index 000000000000..90dc6c7b1e73
--- /dev/null
+++ b/OvmfPkg/AmdSev/Grub/Grub.inf
@@ -0,0 +1,39 @@
+## @file
+# Create a Firmware Volume based Grub Bootloader
+#
+# Copyright (C) 2020 James Bottomley, IBM Corporation.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010006
+ BASE_NAME = Grub
+ # This is gGrubFileGuid
+ FILE_GUID = b5ae312c-bc8a-43b1-9c62-ebb826dd5d07
+ MODULE_TYPE = UEFI_APPLICATION
+ VERSION_STRING = 1.0
+ ENTRY_POINT = UefiMain
+
+[Packages]
+ OvmfPkg/OvmfPkg.dec
+
+#
+# The following information is for reference only and not required by
+# the build tools.
+#
+# VALID_ARCHITECTURES = X64
+#
+
+##
+# Note: The version of grub.efi this picks up can be generated by
+# grub.sh which must be specified as a PREBUILD in the .dsc file. If
+# grub.efi is newer than either grub.sh or grub.cfg then grub.sh will
+# exit with success meaning that if you move your own version of grub
+# in here (after checking out grub.sh and grub.cfg), PREBUILD won't
+# overwrite it.
+##
+[Binaries]
+ PE32|grub.efi|*
+
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
new file mode 100644
index 000000000000..9a806d17ec45
--- /dev/null
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
@@ -0,0 +1,71 @@
+## @file
+# Platform BDS customizations library.
+#
+# Copyright (C) 2020 James Bottomley, IBM Corporation.
+# Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = PlatformBootManagerLibGrub
+ FILE_GUID = 3a8f8431-f0c9-4c95-8a1d-04445c582d4e
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = PlatformBootManagerLib|DXE_DRIVER
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = X64
+#
+
+[Sources]
+ BdsPlatform.c
+ PlatformData.c
+ BdsPlatform.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ SourceLevelDebugPkg/SourceLevelDebugPkg.dec
+ OvmfPkg/OvmfPkg.dec
+ SecurityPkg/SecurityPkg.dec
+ ShellPkg/ShellPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ MemoryAllocationLib
+ UefiBootServicesTableLib
+ UefiRuntimeServicesTableLib
+ BaseMemoryLib
+ DebugLib
+ PcdLib
+ UefiBootManagerLib
+ BootLogoLib
+ DevicePathLib
+ PciLib
+ UefiLib
+ PlatformBmPrintScLib
+ Tcg2PhysicalPresenceLib
+
+[Pcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
+ gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate ## CONSUMES
+ gEfiMdePkgTokenSpaceGuid.PcdUartDefaultDataBits ## CONSUMES
+ gEfiMdePkgTokenSpaceGuid.PcdUartDefaultParity ## CONSUMES
+ gEfiMdePkgTokenSpaceGuid.PcdUartDefaultStopBits ## CONSUMES
+
+[Protocols]
+ gEfiPciRootBridgeIoProtocolGuid
+ gEfiDxeSmmReadyToLockProtocolGuid # PROTOCOL SOMETIMES_PRODUCED
+ gEfiLoadedImageProtocolGuid # PROTOCOL SOMETIMES_PRODUCED
+ gEfiFirmwareVolume2ProtocolGuid # PROTOCOL SOMETIMES_CONSUMED
+
+[Guids]
+ gEfiEndOfDxeEventGroupGuid
+ gEfiGlobalVariableGuid
+ gRootBridgesConnectedEventGroupGuid
+ gUefiShellFileGuid
+ gGrubFileGuid
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
new file mode 100644
index 000000000000..748c63081920
--- /dev/null
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
@@ -0,0 +1,175 @@
+/** @file
+ Platform BDS customizations include file.
+
+ Copyright (C) 2020 James Bottomley, IBM Corporation.
+ Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+Module Name:
+
+ BdsPlatform.h
+
+Abstract:
+
+ Head file for BDS Platform specific code
+
+**/
+
+#ifndef _PLATFORM_SPECIFIC_BDS_PLATFORM_H_
+#define _PLATFORM_SPECIFIC_BDS_PLATFORM_H_
+
+
+#include <PiDxe.h>
+
+#include <IndustryStandard/Pci.h>
+#include <IndustryStandard/Acpi.h>
+#include <IndustryStandard/SmBios.h>
+#include <IndustryStandard/PeImage.h>
+#include <IndustryStandard/Virtio095.h>
+
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseLib.h>
+#include <Library/PcdLib.h>
+#include <Library/PciLib.h>
+#include <Library/UefiBootManagerLib.h>
+#include <Library/BootLogoLib.h>
+#include <Library/HobLib.h>
+#include <Library/UefiLib.h>
+#include <Library/DxeServicesTableLib.h>
+#include <Library/DevicePathLib.h>
+#include <Library/IoLib.h>
+
+#include <Protocol/Decompress.h>
+#include <Protocol/PciIo.h>
+#include <Protocol/FirmwareVolume2.h>
+#include <Protocol/SimpleFileSystem.h>
+#include <Protocol/PciRootBridgeIo.h>
+#include <Protocol/DxeSmmReadyToLock.h>
+#include <Protocol/LoadedImage.h>
+
+#include <Guid/Acpi.h>
+#include <Guid/SmBios.h>
+#include <Guid/HobList.h>
+#include <Guid/GlobalVariable.h>
+#include <Guid/EventGroup.h>
+#include <Guid/DebugAgentGuid.h>
+
+#include <OvmfPlatforms.h>
+
+extern EFI_DEVICE_PATH_PROTOCOL *gPlatformConnectSequence[];
+extern ACPI_HID_DEVICE_PATH gPnpPs2KeyboardDeviceNode;
+extern ACPI_HID_DEVICE_PATH gPnp16550ComPortDeviceNode;
+extern UART_DEVICE_PATH gUartDeviceNode;
+extern VENDOR_DEVICE_PATH gTerminalTypeDeviceNode;
+
+#define PCI_DEVICE_PATH_NODE(Func, Dev) \
+ { \
+ { \
+ HARDWARE_DEVICE_PATH, \
+ HW_PCI_DP, \
+ { \
+ (UINT8) (sizeof (PCI_DEVICE_PATH)), \
+ (UINT8) ((sizeof (PCI_DEVICE_PATH)) >> 8) \
+ } \
+ }, \
+ (Func), \
+ (Dev) \
+ }
+
+#define PNPID_DEVICE_PATH_NODE(PnpId) \
+ { \
+ { \
+ ACPI_DEVICE_PATH, \
+ ACPI_DP, \
+ { \
+ (UINT8) (sizeof (ACPI_HID_DEVICE_PATH)), \
+ (UINT8) ((sizeof (ACPI_HID_DEVICE_PATH)) >> 8) \
+ }, \
+ }, \
+ EISA_PNP_ID((PnpId)), \
+ 0 \
+ }
+
+#define gPciIsaBridge \
+ PCI_DEVICE_PATH_NODE(0, 0x1f)
+
+#define gP2PBridge \
+ PCI_DEVICE_PATH_NODE(0, 0x1e)
+
+#define gPnpPs2Keyboard \
+ PNPID_DEVICE_PATH_NODE(0x0303)
+
+#define gPnp16550ComPort \
+ PNPID_DEVICE_PATH_NODE(0x0501)
+
+#define gUart \
+ { \
+ { \
+ MESSAGING_DEVICE_PATH, \
+ MSG_UART_DP, \
+ { \
+ (UINT8) (sizeof (UART_DEVICE_PATH)), \
+ (UINT8) ((sizeof (UART_DEVICE_PATH)) >> 8) \
+ } \
+ }, \
+ 0, \
+ 115200, \
+ 8, \
+ 1, \
+ 1 \
+ }
+
+#define gPcAnsiTerminal \
+ { \
+ { \
+ MESSAGING_DEVICE_PATH, \
+ MSG_VENDOR_DP, \
+ { \
+ (UINT8) (sizeof (VENDOR_DEVICE_PATH)), \
+ (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8) \
+ } \
+ }, \
+ DEVICE_PATH_MESSAGING_PC_ANSI \
+ }
+
+#define gEndEntire \
+ { \
+ END_DEVICE_PATH_TYPE, \
+ END_ENTIRE_DEVICE_PATH_SUBTYPE, \
+ { \
+ END_DEVICE_PATH_LENGTH, \
+ 0 \
+ } \
+ }
+
+#define PCI_CLASS_SCC 0x07
+#define PCI_SUBCLASS_SERIAL 0x00
+#define PCI_IF_16550 0x02
+#define IS_PCI_16550SERIAL(_p) IS_CLASS3 (_p, PCI_CLASS_SCC, PCI_SUBCLASS_SERIAL, PCI_IF_16550)
+#define IS_PCI_ISA_PDECODE(_p) IS_CLASS3 (_p, PCI_CLASS_BRIDGE, PCI_CLASS_BRIDGE_ISA_PDECODE, 0)
+
+typedef struct {
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;
+ UINTN ConnectType;
+} PLATFORM_CONSOLE_CONNECT_ENTRY;
+
+#define CONSOLE_OUT BIT0
+#define CONSOLE_IN BIT1
+#define STD_ERROR BIT2
+extern PLATFORM_CONSOLE_CONNECT_ENTRY gPlatformConsole[];
+extern PLATFORM_CONSOLE_CONNECT_ENTRY gXenPlatformConsole[];
+
+//
+// Platform BDS Functions
+//
+
+VOID
+PlatformInitializeConsole (
+ IN PLATFORM_CONSOLE_CONNECT_ENTRY *PlatformConsole
+ );
+
+#endif // _PLATFORM_SPECIFIC_BDS_PLATFORM_H_
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
new file mode 100644
index 000000000000..a8610fd55123
--- /dev/null
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
@@ -0,0 +1,1482 @@
+/** @file
+ Platform BDS customizations.
+
+ Copyright (C) 2020 James Bottomley, IBM Corporation.
+ Copyright (c) 2004 - 2019, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "BdsPlatform.h"
+#include <Guid/RootBridgesConnectedEventGroup.h>
+#include <Protocol/FirmwareVolume2.h>
+#include <Library/PlatformBmPrintScLib.h>
+#include <Library/Tcg2PhysicalPresenceLib.h>
+
+
+//
+// Global data
+//
+
+VOID *mEfiDevPathNotifyReg;
+EFI_EVENT mEfiDevPathEvent;
+UINT16 mHostBridgeDevId;
+
+//
+// Table of host IRQs matching PCI IRQs A-D
+// (for configuring PCI Interrupt Line register)
+//
+CONST UINT8 PciHostIrqs[] = {
+ 0x0a, 0x0a, 0x0b, 0x0b
+};
+
+//
+// Type definitions
+//
+
+typedef
+EFI_STATUS
+(EFIAPI *PROTOCOL_INSTANCE_CALLBACK)(
+ IN EFI_HANDLE Handle,
+ IN VOID *Instance,
+ IN VOID *Context
+ );
+
+/**
+ @param[in] Handle - Handle of PCI device instance
+ @param[in] PciIo - PCI IO protocol instance
+ @param[in] Pci - PCI Header register block
+**/
+typedef
+EFI_STATUS
+(EFIAPI *VISIT_PCI_INSTANCE_CALLBACK)(
+ IN EFI_HANDLE Handle,
+ IN EFI_PCI_IO_PROTOCOL *PciIo,
+ IN PCI_TYPE00 *Pci
+ );
+
+
+//
+// Function prototypes
+//
+
+EFI_STATUS
+VisitAllInstancesOfProtocol (
+ IN EFI_GUID *Id,
+ IN PROTOCOL_INSTANCE_CALLBACK CallBackFunction,
+ IN VOID *Context
+ );
+
+EFI_STATUS
+VisitAllPciInstancesOfProtocol (
+ IN VISIT_PCI_INSTANCE_CALLBACK CallBackFunction
+ );
+
+VOID
+InstallDevicePathCallback (
+ VOID
+ );
+
+VOID
+PlatformRegisterFvBootOption (
+ EFI_GUID *FileGuid,
+ CHAR16 *Description,
+ UINT32 Attributes
+ )
+{
+ EFI_STATUS Status;
+ INTN OptionIndex;
+ EFI_BOOT_MANAGER_LOAD_OPTION NewOption;
+ EFI_BOOT_MANAGER_LOAD_OPTION *BootOptions;
+ UINTN BootOptionCount;
+ MEDIA_FW_VOL_FILEPATH_DEVICE_PATH FileNode;
+ EFI_LOADED_IMAGE_PROTOCOL *LoadedImage;
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;
+
+ Status = gBS->HandleProtocol (
+ gImageHandle,
+ &gEfiLoadedImageProtocolGuid,
+ (VOID **) &LoadedImage
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ EfiInitializeFwVolDevicepathNode (&FileNode, FileGuid);
+ DevicePath = DevicePathFromHandle (LoadedImage->DeviceHandle);
+ ASSERT (DevicePath != NULL);
+ DevicePath = AppendDevicePathNode (
+ DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *) &FileNode
+ );
+ ASSERT (DevicePath != NULL);
+
+ Status = EfiBootManagerInitializeLoadOption (
+ &NewOption,
+ LoadOptionNumberUnassigned,
+ LoadOptionTypeBoot,
+ Attributes,
+ Description,
+ DevicePath,
+ NULL,
+ 0
+ );
+ ASSERT_EFI_ERROR (Status);
+ FreePool (DevicePath);
+
+ BootOptions = EfiBootManagerGetLoadOptions (
+ &BootOptionCount, LoadOptionTypeBoot
+ );
+
+ OptionIndex = EfiBootManagerFindLoadOption (
+ &NewOption, BootOptions, BootOptionCount
+ );
+
+ if (OptionIndex == -1) {
+ Status = EfiBootManagerAddLoadOptionVariable (&NewOption, MAX_UINTN);
+ ASSERT_EFI_ERROR (Status);
+ }
+ EfiBootManagerFreeLoadOption (&NewOption);
+ EfiBootManagerFreeLoadOptions (BootOptions, BootOptionCount);
+}
+
+/**
+ Remove all MemoryMapped(...)/FvFile(...) and Fv(...)/FvFile(...) boot options
+ whose device paths do not resolve exactly to an FvFile in the system.
+
+ Also strip out every boot option that is not an FvFile, meaning the system
+ can only boot either the Grub or (if built) the shell.
+
+ This removes any boot options that point to binaries built into the firmware
+ and have become stale due to any of the following:
+ - DXEFV's base address or size changed (historical),
+ - DXEFV's FvNameGuid changed,
+ - the FILE_GUID of the pointed-to binary changed,
+ - the referenced binary is no longer built into the firmware.
+
+ EfiBootManagerFindLoadOption() used in PlatformRegisterFvBootOption() only
+ avoids exact duplicates.
+**/
+VOID
+RemoveStaleFvFileOptions (
+ VOID
+ )
+{
+ EFI_BOOT_MANAGER_LOAD_OPTION *BootOptions;
+ UINTN BootOptionCount;
+ UINTN Index;
+
+ BootOptions = EfiBootManagerGetLoadOptions (&BootOptionCount,
+ LoadOptionTypeBoot);
+
+ for (Index = 0; Index < BootOptionCount; ++Index) {
+ EFI_DEVICE_PATH_PROTOCOL *Node1, *Node2, *SearchNode;
+ EFI_STATUS Status;
+ EFI_HANDLE FvHandle;
+
+ //
+ // If the device path starts with neither MemoryMapped(...) nor Fv(...),
+ // then delete the boot option.
+ //
+ Node1 = BootOptions[Index].FilePath;
+ if (!(DevicePathType (Node1) == HARDWARE_DEVICE_PATH &&
+ DevicePathSubType (Node1) == HW_MEMMAP_DP) &&
+ !(DevicePathType (Node1) == MEDIA_DEVICE_PATH &&
+ DevicePathSubType (Node1) == MEDIA_PIWG_FW_VOL_DP)) {
+ EfiBootManagerDeleteLoadOptionVariable (
+ BootOptions[Index].OptionNumber, LoadOptionTypeBoot);
+ continue;
+ }
+
+ //
+ // If the second device path node is not FvFile(...), then delete the boot
+ // option.
+ //
+ Node2 = NextDevicePathNode (Node1);
+ if (DevicePathType (Node2) != MEDIA_DEVICE_PATH ||
+ DevicePathSubType (Node2) != MEDIA_PIWG_FW_FILE_DP) {
+ EfiBootManagerDeleteLoadOptionVariable (
+ BootOptions[Index].OptionNumber, LoadOptionTypeBoot);
+ continue;
+ }
+
+ //
+ // Locate the Firmware Volume2 protocol instance that is denoted by the
+ // boot option. If this lookup fails (i.e., the boot option references a
+ // firmware volume that doesn't exist), then we'll proceed to delete the
+ // boot option.
+ //
+ SearchNode = Node1;
+ Status = gBS->LocateDevicePath (&gEfiFirmwareVolume2ProtocolGuid,
+ &SearchNode, &FvHandle);
+
+ if (!EFI_ERROR (Status)) {
+ //
+ // The firmware volume was found; now let's see if it contains the FvFile
+ // identified by GUID.
+ //
+ EFI_FIRMWARE_VOLUME2_PROTOCOL *FvProtocol;
+ MEDIA_FW_VOL_FILEPATH_DEVICE_PATH *FvFileNode;
+ UINTN BufferSize;
+ EFI_FV_FILETYPE FoundType;
+ EFI_FV_FILE_ATTRIBUTES FileAttributes;
+ UINT32 AuthenticationStatus;
+
+ Status = gBS->HandleProtocol (FvHandle, &gEfiFirmwareVolume2ProtocolGuid,
+ (VOID **)&FvProtocol);
+ ASSERT_EFI_ERROR (Status);
+
+ FvFileNode = (MEDIA_FW_VOL_FILEPATH_DEVICE_PATH *)Node2;
+ //
+ // Buffer==NULL means we request metadata only: BufferSize, FoundType,
+ // FileAttributes.
+ //
+ Status = FvProtocol->ReadFile (
+ FvProtocol,
+ &FvFileNode->FvFileName, // NameGuid
+ NULL, // Buffer
+ &BufferSize,
+ &FoundType,
+ &FileAttributes,
+ &AuthenticationStatus
+ );
+ if (!EFI_ERROR (Status)) {
+ //
+ // The FvFile was found. Keep the boot option.
+ //
+ continue;
+ }
+ }
+
+ //
+ // Delete the boot option.
+ //
+ Status = EfiBootManagerDeleteLoadOptionVariable (
+ BootOptions[Index].OptionNumber, LoadOptionTypeBoot);
+ DEBUG_CODE (
+ CHAR16 *DevicePathString;
+
+ DevicePathString = ConvertDevicePathToText(BootOptions[Index].FilePath,
+ FALSE, FALSE);
+ DEBUG ((
+ EFI_ERROR (Status) ? DEBUG_WARN : DEBUG_VERBOSE,
+ "%a: removing stale Boot#%04x %s: %r\n",
+ __FUNCTION__,
+ (UINT32)BootOptions[Index].OptionNumber,
+ DevicePathString == NULL ? L"<unavailable>" : DevicePathString,
+ Status
+ ));
+ if (DevicePathString != NULL) {
+ FreePool (DevicePathString);
+ }
+ );
+ }
+
+ EfiBootManagerFreeLoadOptions (BootOptions, BootOptionCount);
+}
+
+EFI_STATUS
+EFIAPI
+ConnectRootBridge (
+ IN EFI_HANDLE RootBridgeHandle,
+ IN VOID *Instance,
+ IN VOID *Context
+ );
+
+STATIC
+EFI_STATUS
+EFIAPI
+ConnectVirtioPciRng (
+ IN EFI_HANDLE Handle,
+ IN VOID *Instance,
+ IN VOID *Context
+ );
+
+//
+// BDS Platform Functions
+//
+/**
+ Do the platform init, can be customized by OEM/IBV
+
+ Possible things that can be done in PlatformBootManagerBeforeConsole:
+
+ > Update console variable: 1. include hot-plug devices;
+ > 2. Clear ConIn and add SOL for AMT
+ > Register new Driver#### or Boot####
+ > Register new Key####: e.g.: F12
+ > Signal ReadyToLock event
+ > Authentication action: 1. connect Auth devices;
+ > 2. Identify auto logon user.
+**/
+VOID
+EFIAPI
+PlatformBootManagerBeforeConsole (
+ VOID
+ )
+{
+ EFI_HANDLE Handle;
+ EFI_STATUS Status;
+ UINT16 FrontPageTimeout = 0;
+
+ DEBUG ((DEBUG_INFO, "PlatformBootManagerBeforeConsole\n"));
+ InstallDevicePathCallback ();
+
+ VisitAllInstancesOfProtocol (&gEfiPciRootBridgeIoProtocolGuid,
+ ConnectRootBridge, NULL);
+
+ //
+ // Signal the ACPI platform driver that it can download QEMU ACPI tables.
+ //
+ EfiEventGroupSignal (&gRootBridgesConnectedEventGroupGuid);
+
+ //
+ // We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe triggers
+ // the preparation of S3 system information. That logic has a hard dependency
+ // on the presence of the FACS ACPI table. Since our ACPI tables are only
+ // installed after PCI enumeration completes, we must not trigger the S3 save
+ // earlier, hence we can't signal End-of-Dxe earlier.
+ //
+ EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);
+
+ //
+ // Prevent further changes to LockBoxes or SMRAM.
+ //
+ Handle = NULL;
+ Status = gBS->InstallProtocolInterface (&Handle,
+ &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE,
+ NULL);
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // Dispatch deferred images after EndOfDxe event and ReadyToLock
+ // installation.
+ //
+ EfiBootManagerDispatchDeferredImages ();
+
+ PlatformInitializeConsole (gPlatformConsole);
+
+ Status = gRT->SetVariable (
+ EFI_TIME_OUT_VARIABLE_NAME,
+ &gEfiGlobalVariableGuid,
+ (EFI_VARIABLE_NON_VOLATILE |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_RUNTIME_ACCESS),
+ sizeof FrontPageTimeout,
+ &FrontPageTimeout
+ );
+ //
+ // Install both VIRTIO_DEVICE_PROTOCOL and (dependent) EFI_RNG_PROTOCOL
+ // instances on Virtio PCI RNG devices.
+ //
+ VisitAllInstancesOfProtocol (&gEfiPciIoProtocolGuid, ConnectVirtioPciRng,
+ NULL);
+}
+
+
+EFI_STATUS
+EFIAPI
+ConnectRootBridge (
+ IN EFI_HANDLE RootBridgeHandle,
+ IN VOID *Instance,
+ IN VOID *Context
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Make the PCI bus driver connect the root bridge, non-recursively. This
+ // will produce a number of child handles with PciIo on them.
+ //
+ Status = gBS->ConnectController (
+ RootBridgeHandle, // ControllerHandle
+ NULL, // DriverImageHandle
+ NULL, // RemainingDevicePath -- produce all
+ // children
+ FALSE // Recursive
+ );
+ return Status;
+}
+
+
+STATIC
+EFI_STATUS
+EFIAPI
+ConnectVirtioPciRng (
+ IN EFI_HANDLE Handle,
+ IN VOID *Instance,
+ IN VOID *Context
+ )
+{
+ EFI_PCI_IO_PROTOCOL *PciIo;
+ EFI_STATUS Status;
+ UINT16 VendorId;
+ UINT16 DeviceId;
+ UINT8 RevisionId;
+ BOOLEAN Virtio10;
+ UINT16 SubsystemId;
+
+ PciIo = Instance;
+
+ //
+ // Read and check VendorId.
+ //
+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_VENDOR_ID_OFFSET,
+ 1, &VendorId);
+ if (EFI_ERROR (Status)) {
+ goto Error;
+ }
+ if (VendorId != VIRTIO_VENDOR_ID) {
+ return EFI_SUCCESS;
+ }
+
+ //
+ // Read DeviceId and RevisionId.
+ //
+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16, PCI_DEVICE_ID_OFFSET,
+ 1, &DeviceId);
+ if (EFI_ERROR (Status)) {
+ goto Error;
+ }
+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint8, PCI_REVISION_ID_OFFSET,
+ 1, &RevisionId);
+ if (EFI_ERROR (Status)) {
+ goto Error;
+ }
+
+ //
+ // From DeviceId and RevisionId, determine whether the device is a
+ // modern-only Virtio 1.0 device. In case of Virtio 1.0, DeviceId can
+ // immediately be restricted to VIRTIO_SUBSYSTEM_ENTROPY_SOURCE, and
+ // SubsystemId will only play a sanity-check role. Otherwise, DeviceId can
+ // only be sanity-checked, and SubsystemId will decide.
+ //
+ if (DeviceId == 0x1040 + VIRTIO_SUBSYSTEM_ENTROPY_SOURCE &&
+ RevisionId >= 0x01) {
+ Virtio10 = TRUE;
+ } else if (DeviceId >= 0x1000 && DeviceId <= 0x103F && RevisionId == 0x00) {
+ Virtio10 = FALSE;
+ } else {
+ return EFI_SUCCESS;
+ }
+
+ //
+ // Read and check SubsystemId as dictated by Virtio10.
+ //
+ Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint16,
+ PCI_SUBSYSTEM_ID_OFFSET, 1, &SubsystemId);
+ if (EFI_ERROR (Status)) {
+ goto Error;
+ }
+ if ((Virtio10 && SubsystemId >= 0x40) ||
+ (!Virtio10 && SubsystemId == VIRTIO_SUBSYSTEM_ENTROPY_SOURCE)) {
+ Status = gBS->ConnectController (
+ Handle, // ControllerHandle
+ NULL, // DriverImageHandle -- connect all drivers
+ NULL, // RemainingDevicePath -- produce all child handles
+ FALSE // Recursive -- don't follow child handles
+ );
+ if (EFI_ERROR (Status)) {
+ goto Error;
+ }
+ }
+ return EFI_SUCCESS;
+
+Error:
+ DEBUG ((DEBUG_ERROR, "%a: %r\n", __FUNCTION__, Status));
+ return Status;
+}
+
+
+/**
+ Add IsaKeyboard to ConIn; add IsaSerial to ConOut, ConIn, ErrOut.
+
+ @param[in] DeviceHandle Handle of the LPC Bridge device.
+
+ @retval EFI_SUCCESS Console devices on the LPC bridge have been added to
+ ConOut, ConIn, and ErrOut.
+
+ @return Error codes, due to EFI_DEVICE_PATH_PROTOCOL missing
+ from DeviceHandle.
+**/
+EFI_STATUS
+PrepareLpcBridgeDevicePath (
+ IN EFI_HANDLE DeviceHandle
+ )
+{
+ EFI_STATUS Status;
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;
+ EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
+ CHAR16 *DevPathStr;
+
+ DevicePath = NULL;
+ Status = gBS->HandleProtocol (
+ DeviceHandle,
+ &gEfiDevicePathProtocolGuid,
+ (VOID*)&DevicePath
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ TempDevicePath = DevicePath;
+
+ //
+ // Register Keyboard
+ //
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gPnpPs2KeyboardDeviceNode);
+
+ EfiBootManagerUpdateConsoleVariable (ConIn, DevicePath, NULL);
+
+ //
+ // Register COM1
+ //
+ DevicePath = TempDevicePath;
+ gPnp16550ComPortDeviceNode.UID = 0;
+
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gPnp16550ComPortDeviceNode);
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gUartDeviceNode);
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gTerminalTypeDeviceNode);
+
+ //
+ // Print Device Path
+ //
+ DevPathStr = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
+ if (DevPathStr != NULL) {
+ DEBUG((
+ DEBUG_INFO,
+ "BdsPlatform.c+%d: COM%d DevPath: %s\n",
+ __LINE__,
+ gPnp16550ComPortDeviceNode.UID + 1,
+ DevPathStr
+ ));
+ FreePool(DevPathStr);
+ }
+
+ EfiBootManagerUpdateConsoleVariable (ConOut, DevicePath, NULL);
+ EfiBootManagerUpdateConsoleVariable (ConIn, DevicePath, NULL);
+ EfiBootManagerUpdateConsoleVariable (ErrOut, DevicePath, NULL);
+
+ //
+ // Register COM2
+ //
+ DevicePath = TempDevicePath;
+ gPnp16550ComPortDeviceNode.UID = 1;
+
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gPnp16550ComPortDeviceNode);
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gUartDeviceNode);
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gTerminalTypeDeviceNode);
+
+ //
+ // Print Device Path
+ //
+ DevPathStr = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
+ if (DevPathStr != NULL) {
+ DEBUG((
+ DEBUG_INFO,
+ "BdsPlatform.c+%d: COM%d DevPath: %s\n",
+ __LINE__,
+ gPnp16550ComPortDeviceNode.UID + 1,
+ DevPathStr
+ ));
+ FreePool(DevPathStr);
+ }
+
+ EfiBootManagerUpdateConsoleVariable (ConOut, DevicePath, NULL);
+ EfiBootManagerUpdateConsoleVariable (ConIn, DevicePath, NULL);
+ EfiBootManagerUpdateConsoleVariable (ErrOut, DevicePath, NULL);
+
+ return EFI_SUCCESS;
+}
+
+EFI_STATUS
+GetGopDevicePath (
+ IN EFI_DEVICE_PATH_PROTOCOL *PciDevicePath,
+ OUT EFI_DEVICE_PATH_PROTOCOL **GopDevicePath
+ )
+{
+ UINTN Index;
+ EFI_STATUS Status;
+ EFI_HANDLE PciDeviceHandle;
+ EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
+ EFI_DEVICE_PATH_PROTOCOL *TempPciDevicePath;
+ UINTN GopHandleCount;
+ EFI_HANDLE *GopHandleBuffer;
+
+ if (PciDevicePath == NULL || GopDevicePath == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Initialize the GopDevicePath to be PciDevicePath
+ //
+ *GopDevicePath = PciDevicePath;
+ TempPciDevicePath = PciDevicePath;
+
+ Status = gBS->LocateDevicePath (
+ &gEfiDevicePathProtocolGuid,
+ &TempPciDevicePath,
+ &PciDeviceHandle
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Try to connect this handle, so that GOP driver could start on this
+ // device and create child handles with GraphicsOutput Protocol installed
+ // on them, then we get device paths of these child handles and select
+ // them as possible console device.
+ //
+ gBS->ConnectController (PciDeviceHandle, NULL, NULL, FALSE);
+
+ Status = gBS->LocateHandleBuffer (
+ ByProtocol,
+ &gEfiGraphicsOutputProtocolGuid,
+ NULL,
+ &GopHandleCount,
+ &GopHandleBuffer
+ );
+ if (!EFI_ERROR (Status)) {
+ //
+ // Add all the child handles as possible Console Device
+ //
+ for (Index = 0; Index < GopHandleCount; Index++) {
+ Status = gBS->HandleProtocol (GopHandleBuffer[Index],
+ &gEfiDevicePathProtocolGuid, (VOID*)&TempDevicePath);
+ if (EFI_ERROR (Status)) {
+ continue;
+ }
+ if (CompareMem (
+ PciDevicePath,
+ TempDevicePath,
+ GetDevicePathSize (PciDevicePath) - END_DEVICE_PATH_LENGTH
+ ) == 0) {
+ //
+ // In current implementation, we only enable one of the child handles
+ // as console device, i.e. sotre one of the child handle's device
+ // path to variable "ConOut"
+ // In future, we could select all child handles to be console device
+ //
+
+ *GopDevicePath = TempDevicePath;
+
+ //
+ // Delete the PCI device's path that added by
+ // GetPlugInPciVgaDevicePath(). Add the integrity GOP device path.
+ //
+ EfiBootManagerUpdateConsoleVariable (ConOutDev, NULL, PciDevicePath);
+ EfiBootManagerUpdateConsoleVariable (ConOutDev, TempDevicePath, NULL);
+ }
+ }
+ gBS->FreePool (GopHandleBuffer);
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Add PCI display to ConOut.
+
+ @param[in] DeviceHandle Handle of the PCI display device.
+
+ @retval EFI_SUCCESS The PCI display device has been added to ConOut.
+
+ @return Error codes, due to EFI_DEVICE_PATH_PROTOCOL missing
+ from DeviceHandle.
+**/
+EFI_STATUS
+PreparePciDisplayDevicePath (
+ IN EFI_HANDLE DeviceHandle
+ )
+{
+ EFI_STATUS Status;
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;
+ EFI_DEVICE_PATH_PROTOCOL *GopDevicePath;
+
+ DevicePath = NULL;
+ GopDevicePath = NULL;
+ Status = gBS->HandleProtocol (
+ DeviceHandle,
+ &gEfiDevicePathProtocolGuid,
+ (VOID*)&DevicePath
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ GetGopDevicePath (DevicePath, &GopDevicePath);
+ DevicePath = GopDevicePath;
+
+ EfiBootManagerUpdateConsoleVariable (ConOut, DevicePath, NULL);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Add PCI Serial to ConOut, ConIn, ErrOut.
+
+ @param[in] DeviceHandle Handle of the PCI serial device.
+
+ @retval EFI_SUCCESS The PCI serial device has been added to ConOut, ConIn,
+ ErrOut.
+
+ @return Error codes, due to EFI_DEVICE_PATH_PROTOCOL missing
+ from DeviceHandle.
+**/
+EFI_STATUS
+PreparePciSerialDevicePath (
+ IN EFI_HANDLE DeviceHandle
+ )
+{
+ EFI_STATUS Status;
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;
+
+ DevicePath = NULL;
+ Status = gBS->HandleProtocol (
+ DeviceHandle,
+ &gEfiDevicePathProtocolGuid,
+ (VOID*)&DevicePath
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gUartDeviceNode);
+ DevicePath = AppendDevicePathNode (DevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *)&gTerminalTypeDeviceNode);
+
+ EfiBootManagerUpdateConsoleVariable (ConOut, DevicePath, NULL);
+ EfiBootManagerUpdateConsoleVariable (ConIn, DevicePath, NULL);
+ EfiBootManagerUpdateConsoleVariable (ErrOut, DevicePath, NULL);
+
+ return EFI_SUCCESS;
+}
+
+EFI_STATUS
+VisitAllInstancesOfProtocol (
+ IN EFI_GUID *Id,
+ IN PROTOCOL_INSTANCE_CALLBACK CallBackFunction,
+ IN VOID *Context
+ )
+{
+ EFI_STATUS Status;
+ UINTN HandleCount;
+ EFI_HANDLE *HandleBuffer;
+ UINTN Index;
+ VOID *Instance;
+
+ //
+ // Start to check all the PciIo to find all possible device
+ //
+ HandleCount = 0;
+ HandleBuffer = NULL;
+ Status = gBS->LocateHandleBuffer (
+ ByProtocol,
+ Id,
+ NULL,
+ &HandleCount,
+ &HandleBuffer
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ for (Index = 0; Index < HandleCount; Index++) {
+ Status = gBS->HandleProtocol (HandleBuffer[Index], Id, &Instance);
+ if (EFI_ERROR (Status)) {
+ continue;
+ }
+
+ Status = (*CallBackFunction) (
+ HandleBuffer[Index],
+ Instance,
+ Context
+ );
+ }
+
+ gBS->FreePool (HandleBuffer);
+
+ return EFI_SUCCESS;
+}
+
+
+EFI_STATUS
+EFIAPI
+VisitingAPciInstance (
+ IN EFI_HANDLE Handle,
+ IN VOID *Instance,
+ IN VOID *Context
+ )
+{
+ EFI_STATUS Status;
+ EFI_PCI_IO_PROTOCOL *PciIo;
+ PCI_TYPE00 Pci;
+
+ PciIo = (EFI_PCI_IO_PROTOCOL*) Instance;
+
+ //
+ // Check for all PCI device
+ //
+ Status = PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint32,
+ 0,
+ sizeof (Pci) / sizeof (UINT32),
+ &Pci
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ return (*(VISIT_PCI_INSTANCE_CALLBACK)(UINTN) Context) (
+ Handle,
+ PciIo,
+ &Pci
+ );
+
+}
+
+
+
+EFI_STATUS
+VisitAllPciInstances (
+ IN VISIT_PCI_INSTANCE_CALLBACK CallBackFunction
+ )
+{
+ return VisitAllInstancesOfProtocol (
+ &gEfiPciIoProtocolGuid,
+ VisitingAPciInstance,
+ (VOID*)(UINTN) CallBackFunction
+ );
+}
+
+
+/**
+ Do platform specific PCI Device check and add them to
+ ConOut, ConIn, ErrOut.
+
+ @param[in] Handle - Handle of PCI device instance
+ @param[in] PciIo - PCI IO protocol instance
+ @param[in] Pci - PCI Header register block
+
+ @retval EFI_SUCCESS - PCI Device check and Console variable update
+ successfully.
+ @retval EFI_STATUS - PCI Device check or Console variable update fail.
+
+**/
+EFI_STATUS
+EFIAPI
+DetectAndPreparePlatformPciDevicePath (
+ IN EFI_HANDLE Handle,
+ IN EFI_PCI_IO_PROTOCOL *PciIo,
+ IN PCI_TYPE00 *Pci
+ )
+{
+ EFI_STATUS Status;
+
+ Status = PciIo->Attributes (
+ PciIo,
+ EfiPciIoAttributeOperationEnable,
+ EFI_PCI_DEVICE_ENABLE,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // Here we decide whether it is LPC Bridge
+ //
+ if ((IS_PCI_LPC (Pci)) ||
+ ((IS_PCI_ISA_PDECODE (Pci)) &&
+ (Pci->Hdr.VendorId == 0x8086) &&
+ (Pci->Hdr.DeviceId == 0x7000)
+ )
+ ) {
+ //
+ // Add IsaKeyboard to ConIn,
+ // add IsaSerial to ConOut, ConIn, ErrOut
+ //
+ DEBUG ((DEBUG_INFO, "Found LPC Bridge device\n"));
+ PrepareLpcBridgeDevicePath (Handle);
+ return EFI_SUCCESS;
+ }
+ //
+ // Here we decide which Serial device to enable in PCI bus
+ //
+ if (IS_PCI_16550SERIAL (Pci)) {
+ //
+ // Add them to ConOut, ConIn, ErrOut.
+ //
+ DEBUG ((DEBUG_INFO, "Found PCI 16550 SERIAL device\n"));
+ PreparePciSerialDevicePath (Handle);
+ return EFI_SUCCESS;
+ }
+
+ //
+ // Here we decide which display device to enable in PCI bus
+ //
+ if (IS_PCI_DISPLAY (Pci)) {
+ //
+ // Add them to ConOut.
+ //
+ DEBUG ((DEBUG_INFO, "Found PCI display device\n"));
+ PreparePciDisplayDevicePath (Handle);
+ return EFI_SUCCESS;
+ }
+
+ return Status;
+}
+
+
+/**
+ Connect the predefined platform default console device.
+
+ Always try to find and enable PCI display devices.
+
+ @param[in] PlatformConsole Predefined platform default console device array.
+**/
+VOID
+PlatformInitializeConsole (
+ IN PLATFORM_CONSOLE_CONNECT_ENTRY *PlatformConsole
+ )
+{
+ UINTN Index;
+
+ //
+ // Do platform specific PCI Device check and add them to ConOut, ConIn,
+ // ErrOut
+ //
+ VisitAllPciInstances (DetectAndPreparePlatformPciDevicePath);
+
+ //
+ // Have chance to connect the platform default console,
+ // the platform default console is the minimum device group
+ // the platform should support
+ //
+ for (Index = 0; PlatformConsole[Index].DevicePath != NULL; ++Index) {
+ //
+ // Update the console variable with the connect type
+ //
+ if ((PlatformConsole[Index].ConnectType & CONSOLE_IN) == CONSOLE_IN) {
+ EfiBootManagerUpdateConsoleVariable (ConIn,
+ PlatformConsole[Index].DevicePath, NULL);
+ }
+ if ((PlatformConsole[Index].ConnectType & CONSOLE_OUT) == CONSOLE_OUT) {
+ EfiBootManagerUpdateConsoleVariable (ConOut,
+ PlatformConsole[Index].DevicePath, NULL);
+ }
+ if ((PlatformConsole[Index].ConnectType & STD_ERROR) == STD_ERROR) {
+ EfiBootManagerUpdateConsoleVariable (ErrOut,
+ PlatformConsole[Index].DevicePath, NULL);
+ }
+ }
+}
+
+
+/**
+ Configure PCI Interrupt Line register for applicable devices
+ Ported from SeaBIOS, src/fw/pciinit.c, *_pci_slot_get_irq()
+
+ @param[in] Handle - Handle of PCI device instance
+ @param[in] PciIo - PCI IO protocol instance
+ @param[in] PciHdr - PCI Header register block
+
+ @retval EFI_SUCCESS - PCI Interrupt Line register configured successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+SetPciIntLine (
+ IN EFI_HANDLE Handle,
+ IN EFI_PCI_IO_PROTOCOL *PciIo,
+ IN PCI_TYPE00 *PciHdr
+ )
+{
+ EFI_DEVICE_PATH_PROTOCOL *DevPathNode;
+ EFI_DEVICE_PATH_PROTOCOL *DevPath;
+ UINTN RootSlot;
+ UINTN Idx;
+ UINT8 IrqLine;
+ EFI_STATUS Status;
+ UINT32 RootBusNumber;
+
+ Status = EFI_SUCCESS;
+
+ if (PciHdr->Device.InterruptPin != 0) {
+
+ DevPathNode = DevicePathFromHandle (Handle);
+ ASSERT (DevPathNode != NULL);
+ DevPath = DevPathNode;
+
+ RootBusNumber = 0;
+ if (DevicePathType (DevPathNode) == ACPI_DEVICE_PATH &&
+ DevicePathSubType (DevPathNode) == ACPI_DP &&
+ ((ACPI_HID_DEVICE_PATH *)DevPathNode)->HID == EISA_PNP_ID(0x0A03)) {
+ RootBusNumber = ((ACPI_HID_DEVICE_PATH *)DevPathNode)->UID;
+ }
+
+ //
+ // Compute index into PciHostIrqs[] table by walking
+ // the device path and adding up all device numbers
+ //
+ Status = EFI_NOT_FOUND;
+ RootSlot = 0;
+ Idx = PciHdr->Device.InterruptPin - 1;
+ while (!IsDevicePathEnd (DevPathNode)) {
+ if (DevicePathType (DevPathNode) == HARDWARE_DEVICE_PATH &&
+ DevicePathSubType (DevPathNode) == HW_PCI_DP) {
+
+ Idx += ((PCI_DEVICE_PATH *)DevPathNode)->Device;
+
+ //
+ // Unlike SeaBIOS, which starts climbing from the leaf device
+ // up toward the root, we traverse the device path starting at
+ // the root moving toward the leaf node.
+ // The slot number of the top-level parent bridge is needed for
+ // Q35 cases with more than 24 slots on the root bus.
+ //
+ if (Status != EFI_SUCCESS) {
+ Status = EFI_SUCCESS;
+ RootSlot = ((PCI_DEVICE_PATH *)DevPathNode)->Device;
+ }
+ }
+
+ DevPathNode = NextDevicePathNode (DevPathNode);
+ }
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ if (RootBusNumber == 0 && RootSlot == 0) {
+ DEBUG((
+ DEBUG_ERROR,
+ "%a: PCI host bridge (00:00.0) should have no interrupts!\n",
+ __FUNCTION__
+ ));
+ ASSERT (FALSE);
+ }
+
+ //
+ // Final PciHostIrqs[] index calculation depends on the platform
+ // and should match SeaBIOS src/fw/pciinit.c *_pci_slot_get_irq()
+ //
+ switch (mHostBridgeDevId) {
+ case INTEL_82441_DEVICE_ID:
+ Idx -= 1;
+ break;
+ case INTEL_Q35_MCH_DEVICE_ID:
+ //
+ // SeaBIOS contains the following comment:
+ // "Slots 0-24 rotate slot:pin mapping similar to piix above, but
+ // with a different starting index - see q35-acpi-dsdt.dsl.
+ //
+ // Slots 25-31 all use LNKA mapping (or LNKE, but A:D = E:H)"
+ //
+ if (RootSlot > 24) {
+ //
+ // in this case, subtract back out RootSlot from Idx
+ // (SeaBIOS never adds it to begin with, but that would make our
+ // device path traversal loop above too awkward)
+ //
+ Idx -= RootSlot;
+ }
+ break;
+ default:
+ ASSERT (FALSE); // should never get here
+ }
+ Idx %= ARRAY_SIZE (PciHostIrqs);
+ IrqLine = PciHostIrqs[Idx];
+
+ DEBUG_CODE_BEGIN ();
+ {
+ CHAR16 *DevPathString;
+ STATIC CHAR16 Fallback[] = L"<failed to convert>";
+ UINTN Segment, Bus, Device, Function;
+
+ DevPathString = ConvertDevicePathToText (DevPath, FALSE, FALSE);
+ if (DevPathString == NULL) {
+ DevPathString = Fallback;
+ }
+ Status = PciIo->GetLocation (PciIo, &Segment, &Bus, &Device, &Function);
+ ASSERT_EFI_ERROR (Status);
+
+ DEBUG ((DEBUG_VERBOSE, "%a: [%02x:%02x.%x] %s -> 0x%02x\n", __FUNCTION__,
+ (UINT32)Bus, (UINT32)Device, (UINT32)Function, DevPathString,
+ IrqLine));
+
+ if (DevPathString != Fallback) {
+ FreePool (DevPathString);
+ }
+ }
+ DEBUG_CODE_END ();
+
+ //
+ // Set PCI Interrupt Line register for this device to PciHostIrqs[Idx]
+ //
+ Status = PciIo->Pci.Write (
+ PciIo,
+ EfiPciIoWidthUint8,
+ PCI_INT_LINE_OFFSET,
+ 1,
+ &IrqLine
+ );
+ }
+
+ return Status;
+}
+
+
+VOID
+PciAcpiInitialization (
+ )
+{
+ UINTN Pmba;
+
+ //
+ // Query Host Bridge DID to determine platform type
+ //
+ mHostBridgeDevId = PcdGet16 (PcdOvmfHostBridgePciDevId);
+ switch (mHostBridgeDevId) {
+ case INTEL_82441_DEVICE_ID:
+ Pmba = POWER_MGMT_REGISTER_PIIX4 (PIIX4_PMBA);
+ //
+ // 00:01.0 ISA Bridge (PIIX4) LNK routing targets
+ //
+ PciWrite8 (PCI_LIB_ADDRESS (0, 1, 0, 0x60), 0x0b); // A
+ PciWrite8 (PCI_LIB_ADDRESS (0, 1, 0, 0x61), 0x0b); // B
+ PciWrite8 (PCI_LIB_ADDRESS (0, 1, 0, 0x62), 0x0a); // C
+ PciWrite8 (PCI_LIB_ADDRESS (0, 1, 0, 0x63), 0x0a); // D
+ break;
+ case INTEL_Q35_MCH_DEVICE_ID:
+ Pmba = POWER_MGMT_REGISTER_Q35 (ICH9_PMBASE);
+ //
+ // 00:1f.0 LPC Bridge (Q35) LNK routing targets
+ //
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x60), 0x0a); // A
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x61), 0x0a); // B
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x62), 0x0b); // C
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x63), 0x0b); // D
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x68), 0x0a); // E
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x69), 0x0a); // F
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x6a), 0x0b); // G
+ PciWrite8 (PCI_LIB_ADDRESS (0, 0x1f, 0, 0x6b), 0x0b); // H
+ break;
+ default:
+ DEBUG ((DEBUG_ERROR, "%a: Unknown Host Bridge Device ID: 0x%04x\n",
+ __FUNCTION__, mHostBridgeDevId));
+ ASSERT (FALSE);
+ return;
+ }
+
+ //
+ // Initialize PCI_INTERRUPT_LINE for applicable present PCI devices
+ //
+ VisitAllPciInstances (SetPciIntLine);
+
+ //
+ // Set ACPI SCI_EN bit in PMCNTRL
+ //
+ IoOr16 ((PciRead32 (Pmba) & ~BIT0) + 4, BIT0);
+}
+
+EFI_STATUS
+EFIAPI
+ConnectRecursivelyIfPciMassStorage (
+ IN EFI_HANDLE Handle,
+ IN EFI_PCI_IO_PROTOCOL *Instance,
+ IN PCI_TYPE00 *PciHeader
+ )
+{
+ EFI_STATUS Status;
+ EFI_DEVICE_PATH_PROTOCOL *DevicePath;
+ CHAR16 *DevPathStr;
+
+ //
+ // Recognize PCI Mass Storage
+ //
+ if (IS_CLASS1 (PciHeader, PCI_CLASS_MASS_STORAGE)) {
+ DevicePath = NULL;
+ Status = gBS->HandleProtocol (
+ Handle,
+ &gEfiDevicePathProtocolGuid,
+ (VOID*)&DevicePath
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ //
+ // Print Device Path
+ //
+ DevPathStr = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
+ if (DevPathStr != NULL) {
+ DEBUG((
+ DEBUG_INFO,
+ "Found Mass Storage device: %s\n",
+ DevPathStr
+ ));
+ FreePool(DevPathStr);
+ }
+
+ Status = gBS->ConnectController (Handle, NULL, NULL, TRUE);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ }
+
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Connect with predefined platform connect sequence.
+
+ The OEM/IBV can customize with their own connect sequence.
+**/
+VOID
+PlatformBdsConnectSequence (
+ VOID
+ )
+{
+ UINTN Index;
+
+ DEBUG ((DEBUG_INFO, "PlatformBdsConnectSequence\n"));
+
+ Index = 0;
+
+ //
+ // Here we can get the customized platform connect sequence
+ // Notes: we can connect with new variable which record the
+ // last time boots connect device path sequence
+ //
+ while (gPlatformConnectSequence[Index] != NULL) {
+ //
+ // Build the platform boot option
+ //
+ EfiBootManagerConnectDevicePath (gPlatformConnectSequence[Index], NULL);
+ Index++;
+ }
+ EfiBootManagerConnectAll ();
+}
+
+/**
+ Do the platform specific action after the console is ready
+
+ Possible things that can be done in PlatformBootManagerAfterConsole:
+
+ > Console post action:
+ > Dynamically switch output mode from 100x31 to 80x25 for certain senarino
+ > Signal console ready platform customized event
+ > Run diagnostics like memory testing
+ > Connect certain devices
+ > Dispatch aditional option roms
+ > Special boot: e.g.: USB boot, enter UI
+**/
+VOID
+EFIAPI
+PlatformBootManagerAfterConsole (
+ VOID
+ )
+{
+ EFI_BOOT_MODE BootMode;
+
+ DEBUG ((DEBUG_INFO, "PlatformBootManagerAfterConsole\n"));
+
+ //
+ // Get current Boot Mode
+ //
+ BootMode = GetBootModeHob ();
+ DEBUG ((DEBUG_INFO, "Boot Mode:%x\n", BootMode));
+
+ //
+ // Go the different platform policy with different boot mode
+ // Notes: this part code can be change with the table policy
+ //
+ ASSERT (BootMode == BOOT_WITH_FULL_CONFIGURATION);
+
+ //
+ // Logo show
+ //
+ BootLogoEnableLogo ();
+
+ //
+ // Set PCI Interrupt Line registers and ACPI SCI_EN
+ //
+ PciAcpiInitialization ();
+
+ //
+ // Process TPM PPI request
+ //
+ Tcg2PhysicalPresenceLibProcessRequest (NULL);
+
+ //
+ // Perform some platform specific connect sequence
+ //
+ PlatformBdsConnectSequence ();
+
+ EfiBootManagerRefreshAllBootOption ();
+
+ //
+ // Register UEFI Shell (Will be removed if the Shell isn't built
+ // which is the default)
+ //
+ PlatformRegisterFvBootOption (
+ &gUefiShellFileGuid, L"EFI Internal Shell", LOAD_OPTION_ACTIVE
+ );
+
+ //
+ // Register Grub
+ //
+ PlatformRegisterFvBootOption (
+ &gGrubFileGuid, L"Grub Bootloader", LOAD_OPTION_ACTIVE
+ );
+
+ RemoveStaleFvFileOptions ();
+
+ PlatformBmPrintScRegisterHandler ();
+}
+
+/**
+ This notification function is invoked when an instance of the
+ EFI_DEVICE_PATH_PROTOCOL is produced.
+
+ @param Event The event that occurred
+ @param Context For EFI compatibility. Not used.
+
+**/
+VOID
+EFIAPI
+NotifyDevPath (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ EFI_HANDLE Handle;
+ EFI_STATUS Status;
+ UINTN BufferSize;
+ EFI_DEVICE_PATH_PROTOCOL *DevPathNode;
+ ATAPI_DEVICE_PATH *Atapi;
+
+ //
+ // Examine all new handles
+ //
+ for (;;) {
+ //
+ // Get the next handle
+ //
+ BufferSize = sizeof (Handle);
+ Status = gBS->LocateHandle (
+ ByRegisterNotify,
+ NULL,
+ mEfiDevPathNotifyReg,
+ &BufferSize,
+ &Handle
+ );
+
+ //
+ // If not found, we're done
+ //
+ if (EFI_NOT_FOUND == Status) {
+ break;
+ }
+
+ if (EFI_ERROR (Status)) {
+ continue;
+ }
+
+ //
+ // Get the DevicePath protocol on that handle
+ //
+ Status = gBS->HandleProtocol (Handle, &gEfiDevicePathProtocolGuid,
+ (VOID **)&DevPathNode);
+ ASSERT_EFI_ERROR (Status);
+
+ while (!IsDevicePathEnd (DevPathNode)) {
+ //
+ // Find the handler to dump this device path node
+ //
+ if (
+ (DevicePathType(DevPathNode) == MESSAGING_DEVICE_PATH) &&
+ (DevicePathSubType(DevPathNode) == MSG_ATAPI_DP)
+ ) {
+ Atapi = (ATAPI_DEVICE_PATH*) DevPathNode;
+ PciOr16 (
+ PCI_LIB_ADDRESS (
+ 0,
+ 1,
+ 1,
+ (Atapi->PrimarySecondary == 1) ? 0x42: 0x40
+ ),
+ BIT15
+ );
+ }
+
+ //
+ // Next device path node
+ //
+ DevPathNode = NextDevicePathNode (DevPathNode);
+ }
+ }
+
+ return;
+}
+
+
+VOID
+InstallDevicePathCallback (
+ VOID
+ )
+{
+ DEBUG ((DEBUG_INFO, "Registered NotifyDevPath Event\n"));
+ mEfiDevPathEvent = EfiCreateProtocolNotifyEvent (
+ &gEfiDevicePathProtocolGuid,
+ TPL_CALLBACK,
+ NotifyDevPath,
+ NULL,
+ &mEfiDevPathNotifyReg
+ );
+}
+
+/**
+ This function is called each second during the boot manager waits the
+ timeout.
+
+ @param TimeoutRemain The remaining timeout.
+**/
+VOID
+EFIAPI
+PlatformBootManagerWaitCallback (
+ UINT16 TimeoutRemain
+ )
+{
+ //
+ // Since the timeout should be forced to zero we should never
+ // Get here
+ //
+ ASSERT (FALSE);
+}
+
+/**
+ The function is called when no boot option could be launched,
+ including platform recovery options and options pointing to applications
+ built into firmware volumes.
+
+ If this function returns, BDS attempts to enter an infinite loop.
+**/
+VOID
+EFIAPI
+PlatformBootManagerUnableToBoot (
+ VOID
+ )
+{
+ //
+ // If we get here something failed about the grub boot but since
+ // We're privy to the secret we must panic and not retry or loop
+ //
+ ASSERT (FALSE);
+ CpuDeadLoop ();
+}
diff --git a/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
new file mode 100644
index 000000000000..e5945727f220
--- /dev/null
+++ b/OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
@@ -0,0 +1,214 @@
+/** @file
+ Defined the platform specific device path which will be used by
+ platform Bbd to perform the platform policy connect.
+
+ Copyright (C) 2020 James Bottomley, IBM Corporation.
+ Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "BdsPlatform.h"
+#include <Guid/QemuRamfb.h>
+#include <Guid/SerialPortLibVendor.h>
+
+//
+// Vendor UART Device Path structure
+//
+#pragma pack (1)
+typedef struct {
+ VENDOR_DEVICE_PATH VendorHardware;
+ UART_DEVICE_PATH Uart;
+ VENDOR_DEVICE_PATH TerminalType;
+ EFI_DEVICE_PATH_PROTOCOL End;
+} VENDOR_UART_DEVICE_PATH;
+#pragma pack ()
+
+//
+// USB Keyboard Device Path structure
+//
+#pragma pack (1)
+typedef struct {
+ USB_CLASS_DEVICE_PATH Keyboard;
+ EFI_DEVICE_PATH_PROTOCOL End;
+} USB_KEYBOARD_DEVICE_PATH;
+#pragma pack ()
+
+//
+// QemuRamfb Device Path structure
+//
+#pragma pack (1)
+typedef struct {
+ VENDOR_DEVICE_PATH Vendor;
+ ACPI_ADR_DEVICE_PATH AcpiAdr;
+ EFI_DEVICE_PATH_PROTOCOL End;
+} VENDOR_RAMFB_DEVICE_PATH;
+#pragma pack ()
+
+ACPI_HID_DEVICE_PATH gPnpPs2KeyboardDeviceNode = gPnpPs2Keyboard;
+ACPI_HID_DEVICE_PATH gPnp16550ComPortDeviceNode = gPnp16550ComPort;
+UART_DEVICE_PATH gUartDeviceNode = gUart;
+VENDOR_DEVICE_PATH gTerminalTypeDeviceNode = gPcAnsiTerminal;
+
+//
+// Platform specific keyboard device path
+//
+
+
+//
+// Debug Agent UART Device Path
+//
+VENDOR_UART_DEVICE_PATH gDebugAgentUartDevicePath = {
+ {
+ {
+ HARDWARE_DEVICE_PATH,
+ HW_VENDOR_DP,
+ {
+ (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
+ (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
+ }
+ },
+ EFI_DEBUG_AGENT_GUID,
+ },
+ {
+ {
+ MESSAGING_DEVICE_PATH,
+ MSG_UART_DP,
+ {
+ (UINT8) (sizeof (UART_DEVICE_PATH)),
+ (UINT8) ((sizeof (UART_DEVICE_PATH)) >> 8)
+ }
+ },
+ 0, // Reserved
+ 0, // BaudRate - Default
+ 0, // DataBits - Default
+ 0, // Parity - Default
+ 0, // StopBits - Default
+ },
+ gPcAnsiTerminal,
+ gEndEntire
+};
+
+STATIC USB_KEYBOARD_DEVICE_PATH gUsbKeyboardDevicePath = {
+ {
+ {
+ MESSAGING_DEVICE_PATH,
+ MSG_USB_CLASS_DP,
+ {
+ (UINT8)sizeof (USB_CLASS_DEVICE_PATH),
+ (UINT8)(sizeof (USB_CLASS_DEVICE_PATH) >> 8)
+ }
+ },
+ 0xFFFF, // VendorId: any
+ 0xFFFF, // ProductId: any
+ 3, // DeviceClass: HID
+ 1, // DeviceSubClass: boot
+ 1 // DeviceProtocol: keyboard
+ },
+ gEndEntire
+};
+
+STATIC VENDOR_RAMFB_DEVICE_PATH gQemuRamfbDevicePath = {
+ {
+ {
+ HARDWARE_DEVICE_PATH,
+ HW_VENDOR_DP,
+ {
+ (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
+ (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
+ }
+ },
+ QEMU_RAMFB_GUID,
+ },
+ {
+ {
+ ACPI_DEVICE_PATH,
+ ACPI_ADR_DP,
+ {
+ (UINT8) (sizeof (ACPI_ADR_DEVICE_PATH)),
+ (UINT8) ((sizeof (ACPI_ADR_DEVICE_PATH)) >> 8)
+ }
+ },
+ ACPI_DISPLAY_ADR (
+ 1, // DeviceIdScheme
+ 0, // HeadId
+ 0, // NonVgaOutput
+ 1, // BiosCanDetect
+ 0, // VendorInfo
+ ACPI_ADR_DISPLAY_TYPE_EXTERNAL_DIGITAL, // Type
+ 0, // Port
+ 0 // Index
+ ),
+ },
+ gEndEntire
+};
+
+STATIC VENDOR_UART_DEVICE_PATH gXenConsoleDevicePath = {
+ {
+ {
+ HARDWARE_DEVICE_PATH,
+ HW_VENDOR_DP,
+ {
+ (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
+ (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
+ }
+ },
+ EDKII_SERIAL_PORT_LIB_VENDOR_GUID
+ },
+ {
+ {
+ MESSAGING_DEVICE_PATH,
+ MSG_UART_DP,
+ {
+ (UINT8) (sizeof (UART_DEVICE_PATH)),
+ (UINT8) ((sizeof (UART_DEVICE_PATH)) >> 8)
+ }
+ },
+ 0,
+ FixedPcdGet64 (PcdUartDefaultBaudRate),
+ FixedPcdGet8 (PcdUartDefaultDataBits),
+ FixedPcdGet8 (PcdUartDefaultParity),
+ FixedPcdGet8 (PcdUartDefaultStopBits),
+ },
+ gPcAnsiTerminal,
+ gEndEntire
+};
+
+//
+// Predefined platform default console device path
+//
+PLATFORM_CONSOLE_CONNECT_ENTRY gPlatformConsole[] = {
+ {
+ (EFI_DEVICE_PATH_PROTOCOL *) &gDebugAgentUartDevicePath,
+ (CONSOLE_OUT | CONSOLE_IN | STD_ERROR)
+ },
+ {
+ (EFI_DEVICE_PATH_PROTOCOL *)&gUsbKeyboardDevicePath,
+ CONSOLE_IN
+ },
+ {
+ (EFI_DEVICE_PATH_PROTOCOL *)&gQemuRamfbDevicePath,
+ CONSOLE_OUT
+ },
+ {
+ NULL,
+ 0
+ }
+};
+
+PLATFORM_CONSOLE_CONNECT_ENTRY gXenPlatformConsole[] = {
+ {
+ (EFI_DEVICE_PATH_PROTOCOL *)&gXenConsoleDevicePath,
+ (CONSOLE_OUT | CONSOLE_IN | STD_ERROR)
+ },
+ {
+ NULL,
+ 0
+ }
+};
+
+//
+// Predefined platform connect sequence
+//
+EFI_DEVICE_PATH_PROTOCOL *gPlatformConnectSequence[] = { NULL };
+
diff --git a/OvmfPkg/AmdSev/Grub/.gitignore b/OvmfPkg/AmdSev/Grub/.gitignore
new file mode 100644
index 000000000000..7e3b30951f22
--- /dev/null
+++ b/OvmfPkg/AmdSev/Grub/.gitignore
@@ -0,0 +1 @@
+grub.efi
diff --git a/OvmfPkg/AmdSev/Grub/grub.cfg b/OvmfPkg/AmdSev/Grub/grub.cfg
new file mode 100644
index 000000000000..ee183693b56b
--- /dev/null
+++ b/OvmfPkg/AmdSev/Grub/grub.cfg
@@ -0,0 +1,46 @@
+## @file
+# Execute a script to recover the SEV supplied secret and use it to
+# decrypt a luks volume. For security, the kernel must be on an encrypted
+# volume so reboot if none are found.
+#
+# Copyright (C) 2020 James Bottomley, IBM Corporation.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+echo "Entering grub config"
+sevsecret
+if [ $? -ne 0 ]; then
+ echo "Failed to locate anything in the SEV secret area, prompting for password"
+ cryptomount -a
+else
+ cryptomount -s
+ if [ $? -ne 0 ]; then
+ echo "Failed to mount root securely, retrying with password prompt"
+ cryptomount -a
+ fi
+fi
+set root=
+for f in (crypto*); do
+ if [ -e $f/boot/grub/grub.cfg ]; then
+ set root=$f
+ set prefix=($root)/boot/grub
+ break;
+ fi
+done
+if [ x$root = x ]; then
+ echo "Failed to find any grub configuration on the encrypted volume"
+ sleep 5
+ reboot
+fi
+# rest of modules to get boot to work
+set modules="
+ boot
+ loadenv
+ "
+for f in $modules; do
+ insmod $f
+done
+echo "Transferring to ${prefix}/grub.cfg"
+source $prefix/grub.cfg
diff --git a/OvmfPkg/AmdSev/Grub/grub.sh b/OvmfPkg/AmdSev/Grub/grub.sh
new file mode 100644
index 000000000000..99807d7291b6
--- /dev/null
+++ b/OvmfPkg/AmdSev/Grub/grub.sh
@@ -0,0 +1,93 @@
+## @file
+# Build a version of grub capable of decrypting a luks volume with a SEV
+# Supplied secret
+#
+# Copyright (C) 2020 James Bottomley, IBM Corporation.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+set -e
+remove_efi=1
+
+cleanup() {
+ # remove the intermediates
+ for f in disk.fat grub-bootstrap.cfg; do
+ rm -f -- "${basedir}/$f"
+ done
+ if [ $remove_efi -eq 1 ]; then
+ rm -f -- "${basedir}/grub.efi"
+ fi
+}
+
+trap cleanup EXIT
+
+GRUB_MODULES="
+ part_msdos
+ part_gpt
+ cryptodisk
+ luks
+ gcry_rijndael
+ gcry_sha256
+ ext2
+ btrfs
+ xfs
+ fat
+ configfile
+ memdisk
+ sleep
+ normal
+ echo
+ test
+ regexp
+ linux
+ linuxefi
+ reboot
+ sevsecret
+ "
+basedir=$(dirname -- "$0")
+
+# don't run a build if grub.efi exists and is newer than the config files
+if [ -e "${basedir}/grub.efi" ] && \
+ [ "${basedir}/grub.efi" -nt "${basedir}/grub.cfg" ] && \
+ [ "${basedir}/grub.efi" -nt "${basedir}/grub.sh" ]; then
+ remove_efi=0
+ echo "preserving existing grub.efi" >&2
+ exit 0
+fi
+
+##
+# different distributions have different names for grub-mkimage, so
+# search all the known ones
+##
+mkimage=
+for b in grub2-mkimage grub-mkimage; do
+ if which "$b" > /dev/null 2>&1; then
+ mkimage="$b"
+ break
+ fi
+done
+if [ -z "$mkimage" ]; then
+ echo "Can't find grub mkimage" >&2
+ exit 1
+fi
+
+# GRUB's rescue parser doesn't understand 'if'.
+echo 'normal (memdisk)/grub.cfg' > "${basedir}/grub-bootstrap.cfg"
+
+# Now build a memdisk with the correct grub.cfg
+rm -f -- "${basedir}/disk.fat"
+mkfs.msdos -C -- "${basedir}/disk.fat" 64
+mcopy -i "${basedir}/disk.fat" -- "${basedir}/grub.cfg" ::grub.cfg
+
+
+${mkimage} -O x86_64-efi \
+ -p '(crypto0)' \
+ -c "${basedir}/grub-bootstrap.cfg" \
+ -m "${basedir}/disk.fat" \
+ -o "${basedir}/grub.efi" \
+ ${GRUB_MODULES}
+
+remove_efi=0
+echo "grub.efi generated in ${basedir}"
--
2.26.2
^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH v3 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
` (2 preceding siblings ...)
2020-11-30 20:28 ` [PATCH v3 3/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package James Bottomley
@ 2020-11-30 20:28 ` James Bottomley
2020-12-03 8:42 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area James Bottomley
` (4 subsequent siblings)
8 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
SEV needs an area to place an injected secret where OVMF can find it
and pass it up as a ConfigurationTable. This patch implements the
area itself as an addition to the SEV enhanced reset vector table using
an additional guid (4c2eb361-7d9b-4cc3-8081-127c90d3d294).
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
v2: move guid to OVMF token space, separate patches
v3: comment rewording
SEV Secret
---
OvmfPkg/OvmfPkg.dec | 6 ++++++
OvmfPkg/ResetVector/ResetVector.inf | 4 ++++
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 19 +++++++++++++++++++
OvmfPkg/ResetVector/ResetVector.nasmb | 2 ++
4 files changed, 31 insertions(+)
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 3fbf7a0ee1a4..7d27f8e16040 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -304,6 +304,12 @@ [PcdsFixedAtBuild]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|0|UINT32|0x40
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize|0|UINT32|0x41
+ ## The base address and size of the SEV Launch Secret Area provisioned
+ # after remote attestation. If this is set in the .fdf, the platform
+ # is responsible for protecting the area from DXE phase overwrites.
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43
+
[PcdsDynamic, PcdsDynamicEx]
gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf
index a53ae6c194ae..dc38f68919cd 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -43,3 +43,7 @@ [Pcd]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
+
+[FixedPcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
index 9e0a74fddfc1..5c6df5ee1a31 100644
--- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
+++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
@@ -47,6 +47,25 @@ TIMES (15 - ((guidedStructureEnd - guidedStructureStart + 15) % 16)) DB 0
;
guidedStructureStart:
+;
+; SEV Secret block
+;
+; This describes the guest ram area where the hypervisor may should
+; inject the secret. The data format is:
+;
+; base physical address (32 bit word)
+; table length (32 bit word)
+;
+; GUID (SEV secret block): 4c2eb361-7d9b-4cc3-8081-127c90d3d294
+;
+sevSecretBlockStart:
+ DD SEV_LAUNCH_SECRET_BASE
+ DD SEV_LAUNCH_SECRET_SIZE
+ DW sevSecretBlockEnd - sevSecretBlockStart
+ DB 0x61, 0xB3, 0x2E, 0x4C, 0x9B, 0x7D, 0xC3, 0x4C
+ DB 0x80, 0x81, 0x12, 0x7C, 0x90, 0xD3, 0xD2, 0x94
+sevSecretBlockEnd:
+
;
; SEV-ES Processor Reset support
;
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
index 4913b379a993..c5e0fe93abf4 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -83,5 +83,7 @@
%include "Main.asm"
%define SEV_ES_AP_RESET_IP FixedPcdGet32 (PcdSevEsWorkAreaBase)
+ %define SEV_LAUNCH_SECRET_BASE FixedPcdGet32 (PcdSevLaunchSecretBase)
+ %define SEV_LAUNCH_SECRET_SIZE FixedPcdGet32 (PcdSevLaunchSecretSize)
%include "Ia16/ResetVectorVtf0.asm"
--
2.26.2
^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
` (3 preceding siblings ...)
2020-11-30 20:28 ` [PATCH v3 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd James Bottomley
@ 2020-11-30 20:28 ` James Bottomley
2020-12-01 7:54 ` Ard Biesheuvel
2020-11-30 20:28 ` [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table James Bottomley
` (3 subsequent siblings)
8 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
Create a one page secret area in the MEMFD and protect the area with a
boot time HOB.
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/AmdSev/AmdSevX64.fdf | 4 +++
OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35 ++++++++++++++++++++++++++
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 ++++++++++++++++++
4 files changed, 65 insertions(+)
create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf
create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 18707725b3e4..e9c522bedad9 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -613,6 +613,7 @@ [Components]
OvmfPkg/PlatformPei/PlatformPei.inf
UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
UefiCpuPkg/CpuMpPei/CpuMpPei.inf
+ OvmfPkg/AmdSev/SecretPei/SecretPei.inf
!if $(TPM_ENABLE) == TRUE
OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index 1aa95826384a..b2656a1cf6fc 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -59,6 +59,9 @@ [FD.MEMFD]
0x00B000|0x001000
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
+0x00C000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+
0x010000|0x010000
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
@@ -138,6 +141,7 @@ [FV.PEIFV]
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
+INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf
!if $(TPM_ENABLE) == TRUE
INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
new file mode 100644
index 000000000000..08be156c4bc0
--- /dev/null
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
@@ -0,0 +1,35 @@
+## @file
+# PEI support for SEV Secrets
+#
+# Copyright (C) 2020 James Bottomley, IBM Corporation.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SecretPei
+ FILE_GUID = 45260dde-0c3c-4b41-a226-ef3803fac7d4
+ MODULE_TYPE = PEIM
+ VERSION_STRING = 1.0
+ ENTRY_POINT = InitializeSecretPei
+
+[Sources]
+ SecretPei.c
+
+[Packages]
+ OvmfPkg/OvmfPkg.dec
+ MdePkg/MdePkg.dec
+
+[LibraryClasses]
+ HobLib
+ PeimEntryPoint
+ PcdLib
+
+[FixedPcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+
+[Depex]
+ TRUE
diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
new file mode 100644
index 000000000000..ad491515dd5d
--- /dev/null
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -0,0 +1,25 @@
+/** @file
+ SEV Secret boot time HOB placement
+
+ Copyright (C) 2020 James Bottomley, IBM Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+#include <PiPei.h>
+#include <Library/HobLib.h>
+#include <Library/PcdLib.h>
+
+EFI_STATUS
+EFIAPI
+InitializeSecretPei (
+ IN EFI_PEI_FILE_HANDLE FileHandle,
+ IN CONST EFI_PEI_SERVICES **PeiServices
+ )
+{
+ BuildMemoryAllocationHob (
+ PcdGet32 (PcdSevLaunchSecretBase),
+ PcdGet32 (PcdSevLaunchSecretSize),
+ EfiBootServicesData
+ );
+
+ return EFI_SUCCESS;
+}
--
2.26.2
^ permalink raw reply related [flat|nested] 35+ messages in thread
* [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
` (4 preceding siblings ...)
2020-11-30 20:28 ` [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area James Bottomley
@ 2020-11-30 20:28 ` James Bottomley
2020-12-03 8:46 ` [edk2-devel] " Laszlo Ersek
2020-12-09 12:02 ` Yao, Jiewen
2020-12-01 8:05 ` [PATCH v3 0/6] SEV Encrypted Boot for Ovmf Ard Biesheuvel
` (2 subsequent siblings)
8 siblings, 2 replies; 35+ messages in thread
From: James Bottomley @ 2020-11-30 20:28 UTC (permalink / raw)
To: devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, jejb, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen,
Ard Biesheuvel
Now that the secret area is protected by a boot time HOB, extract its
location details into a configuration table referenced by
gSevLaunchSecretGuid so the boot loader or OS can locate it before a
call to ExitBootServices().
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
OvmfPkg/OvmfPkg.dec | 1 +
OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf | 37 ++++++++++++++++++++++++++
OvmfPkg/Include/Guid/SevLaunchSecret.h | 28 +++++++++++++++++++
OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 26 ++++++++++++++++++
6 files changed, 94 insertions(+)
create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
create mode 100644 OvmfPkg/Include/Guid/SevLaunchSecret.h
create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 7d27f8e16040..8a294116efaa 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -117,6 +117,7 @@ [Guids]
gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
gQemuKernelLoaderFsMediaGuid = {0x1428f772, 0xb64a, 0x441e, {0xb8, 0xc3, 0x9e, 0xbd, 0xd7, 0xf8, 0x93, 0xc7}}
gGrubFileGuid = {0xb5ae312c, 0xbc8a, 0x43b1, {0x9c, 0x62, 0xeb, 0xb8, 0x26, 0xdd, 0x5d, 0x07}}
+ gSevLaunchSecretGuid = {0xadf956ad, 0xe98c, 0x484c, {0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47}}
[Ppis]
# PPI whose presence in the PPI database signals that the TPM base address
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index e9c522bedad9..bb7697eb324b 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -778,6 +778,7 @@ [Components]
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
}
!endif
+ OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
OvmfPkg/AmdSev/Grub/Grub.inf
!if $(BUILD_SHELL) == TRUE
ShellPkg/Application/Shell/Shell.inf {
diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
index b2656a1cf6fc..e8fd4b8c7b89 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
+++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
@@ -269,6 +269,7 @@ [FV.DXEFV]
!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
!endif
+INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
INF OvmfPkg/AmdSev/Grub/Grub.inf
!if $(BUILD_SHELL) == TRUE
INF ShellPkg/Application/Shell/Shell.inf
diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
new file mode 100644
index 000000000000..62ab00a3d382
--- /dev/null
+++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
@@ -0,0 +1,37 @@
+## @file
+# Sev Secret configuration Table installer
+#
+# Copyright (C) 2020 James Bottomley, IBM Corporation.
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SecretDxe
+ FILE_GUID = 6e2b9619-8810-4e9d-a177-d432bb9abeda
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = InitializeSecretDxe
+
+[Sources]
+ SecretDxe.c
+
+[Packages]
+ OvmfPkg/OvmfPkg.dec
+ MdePkg/MdePkg.dec
+
+[LibraryClasses]
+ UefiBootServicesTableLib
+ UefiDriverEntryPoint
+
+[Guids]
+ gSevLaunchSecretGuid
+
+[FixedPcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+
+[Depex]
+ TRUE
diff --git a/OvmfPkg/Include/Guid/SevLaunchSecret.h b/OvmfPkg/Include/Guid/SevLaunchSecret.h
new file mode 100644
index 000000000000..fa5f3830bc2b
--- /dev/null
+++ b/OvmfPkg/Include/Guid/SevLaunchSecret.h
@@ -0,0 +1,28 @@
+ /** @file
+ UEFI Configuration Table for exposing the SEV Launch Secret location to UEFI
+ applications (boot loaders).
+
+ Copyright (C) 2020 James Bottomley, IBM Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+ **/
+
+#ifndef SEV_LAUNCH_SECRET_H_
+#define SEV_LAUNCH_SECRET_H_
+
+#include <Uefi/UefiBaseType.h>
+
+#define SEV_LAUNCH_SECRET_GUID \
+ { 0xadf956ad, \
+ 0xe98c, \
+ 0x484c, \
+ { 0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47 }, \
+ }
+
+typedef struct {
+ UINT32 Base;
+ UINT32 Size;
+} SEV_LAUNCH_SECRET_LOCATION;
+
+extern EFI_GUID gSevLaunchSecretGuid;
+
+#endif // SEV_LAUNCH_SECRET_H_
diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
new file mode 100644
index 000000000000..d8cc9b00946a
--- /dev/null
+++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
@@ -0,0 +1,26 @@
+/** @file
+ SEV Secret configuration table constructor
+
+ Copyright (C) 2020 James Bottomley, IBM Corporation.
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+#include <PiDxe.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Guid/SevLaunchSecret.h>
+
+STATIC SEV_LAUNCH_SECRET_LOCATION mSecretDxeTable = {
+ FixedPcdGet32 (PcdSevLaunchSecretBase),
+ FixedPcdGet32 (PcdSevLaunchSecretSize),
+};
+
+EFI_STATUS
+EFIAPI
+InitializeSecretDxe(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ return gBS->InstallConfigurationTable (&gSevLaunchSecretGuid,
+ &mSecretDxeTable
+ );
+}
--
2.26.2
^ permalink raw reply related [flat|nested] 35+ messages in thread
* Re: [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area
2020-11-30 20:28 ` [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area James Bottomley
@ 2020-12-01 7:54 ` Ard Biesheuvel
2020-12-01 18:36 ` [edk2-devel] " James Bottomley
0 siblings, 1 reply; 35+ messages in thread
From: Ard Biesheuvel @ 2020-12-01 7:54 UTC (permalink / raw)
To: James Bottomley, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen
Hi James,
On 11/30/20 9:28 PM, James Bottomley wrote:
> Create a one page secret area in the MEMFD and protect the area with a
> boot time HOB.
>
I take it 'protect' here only means prevent the memory from being used
for somethine else? In the context of security, encryption, secrets,
etc, it might be useful to call that out.
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> ---
> OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
> OvmfPkg/AmdSev/AmdSevX64.fdf | 4 +++
> OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35 ++++++++++++++++++++++++++
> OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 ++++++++++++++++++
> 4 files changed, 65 insertions(+)
> create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c
>
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
> index 18707725b3e4..e9c522bedad9 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
> @@ -613,6 +613,7 @@ [Components]
> OvmfPkg/PlatformPei/PlatformPei.inf
> UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
> UefiCpuPkg/CpuMpPei/CpuMpPei.inf
> + OvmfPkg/AmdSev/SecretPei/SecretPei.inf
>
> !if $(TPM_ENABLE) == TRUE
> OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
> index 1aa95826384a..b2656a1cf6fc 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.fdf
> +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
> @@ -59,6 +59,9 @@ [FD.MEMFD]
> 0x00B000|0x001000
> gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
>
> +0x00C000|0x001000
> +gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
> +
> 0x010000|0x010000
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
>
> @@ -138,6 +141,7 @@ [FV.PEIFV]
> INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
> INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
> +INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf
>
> !if $(TPM_ENABLE) == TRUE
> INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> new file mode 100644
> index 000000000000..08be156c4bc0
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> @@ -0,0 +1,35 @@
> +## @file
> +# PEI support for SEV Secrets
> +#
> +# Copyright (C) 2020 James Bottomley, IBM Corporation.
> +#
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +[Defines]
> + INF_VERSION = 0x00010005
> + BASE_NAME = SecretPei
> + FILE_GUID = 45260dde-0c3c-4b41-a226-ef3803fac7d4
> + MODULE_TYPE = PEIM
> + VERSION_STRING = 1.0
> + ENTRY_POINT = InitializeSecretPei
> +
> +[Sources]
> + SecretPei.c
> +
> +[Packages]
> + OvmfPkg/OvmfPkg.dec
> + MdePkg/MdePkg.dec
> +
> +[LibraryClasses]
> + HobLib
> + PeimEntryPoint
> + PcdLib
> +
> +[FixedPcd]
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
> +
> +[Depex]
> + TRUE
> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> new file mode 100644
> index 000000000000..ad491515dd5d
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> @@ -0,0 +1,25 @@
> +/** @file
> + SEV Secret boot time HOB placement
> +
> + Copyright (C) 2020 James Bottomley, IBM Corporation.
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +**/
> +#include <PiPei.h>
> +#include <Library/HobLib.h>
> +#include <Library/PcdLib.h>
> +
> +EFI_STATUS
> +EFIAPI
> +InitializeSecretPei (
> + IN EFI_PEI_FILE_HANDLE FileHandle,
> + IN CONST EFI_PEI_SERVICES **PeiServices
> + )
> +{
> + BuildMemoryAllocationHob (
> + PcdGet32 (PcdSevLaunchSecretBase),
> + PcdGet32 (PcdSevLaunchSecretSize),
> + EfiBootServicesData
> + );
> +
> + return EFI_SUCCESS;
> +}
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
` (5 preceding siblings ...)
2020-11-30 20:28 ` [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table James Bottomley
@ 2020-12-01 8:05 ` Ard Biesheuvel
2020-12-01 8:13 ` Laszlo Ersek
2020-12-01 15:26 ` James Bottomley
2020-12-01 8:05 ` Laszlo Ersek
2020-12-03 12:26 ` [edk2-devel] " Laszlo Ersek
8 siblings, 2 replies; 35+ messages in thread
From: Ard Biesheuvel @ 2020-12-01 8:05 UTC (permalink / raw)
To: James Bottomley, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen
On 11/30/20 9:28 PM, James Bottomley wrote:
> v3:
>
> - More grub and boot stripping (I think I got everything out, but
> there may be something that strayed in the boot panic resolution).
> - grub.sh tidy up with tabs->spaces.
> - Move the reset vector GUIDisation patch to the front so it can be
> applied independently
> - Update the .dsc and .fdf files for variable policy
>
> v2:
>
> - Strip more out of AmdSev image (networking, secure boot, smm)
> - give sev reset block a generic table guid and use it for boot secret area
> - separate secret patches and make grub script more robust
> - Add copyrights and fix formatting issues
>
> v1:
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>
> This patch series is modelled on the structure of the Bhyve patches
> for Ovmf, since it does somewhat similar things. This patch series
> creates a separate build for an AmdSev OVMF.fd that does nothing
> except combine with grub and boot straight through the internal grub
> to try to mount an encrypted volume.
>
This all looks reasonable to me, although I defer to Laszlo when it
comes to assessing the impact on maintainability of other platforms
under OvmfPkg.
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Is there any point to keeping the TPM bits in the AmdSev platform? Or
are these completely orthogonal? If there is no meaningful way [yet] to
plumb these together, it might be better to just rip that out entirely
so people don't make assumptions.
> Concept: SEV Secure Encrypted Images
> ====================================
>
> The SEV patches in Linux and OVMF allow for the booting of SEV VMs in
> an encrypted state, but don't really show how this could be done with
> an encrypted image. Since the key used to decrypt the image must be
> maintained within the SEV encryption envelope, encrypted QCOW is not
> an option because the key would then have to be known to QEMU which is
> outside the encryption envelope. The proposal here is that an
> encrypted image should be a QCOW image consisting of two partitions,
> the normal unencrypted EFI partition (Identifying it as an OVMF
> bootable image) and a luks encrypted root partition. The kernel would
> be inside the encrypted root in the /boot directory. The secret
> injected securely through QEMU is extracted by OVMF and passed to grub
> which uses it to mount the encrypted root and boot the kernel
> normally. The creator of the secret bundle must be satisfied with the
> SEV attestation before the secret is constructed. Unfortunately, the
> SEV attestation can only be on the first QEMU firmware volume and
> nothing else, so this patch series builds grub itself into a firmware
> volume and places it inside OVMF so that the entire boot system can be
> attested. In a normal OVMF KVM system, the variable store is on the
> second flash volume (which is read/write). Unfortunately, this
> mutable configuration provided by the variables is outside the
> attestation envelope and can significantly alter the boot path,
> possibly leading to secret leak, so encrypted image boot should only
> be done with the OVMF.fd that combines both the code and variables.
> the OVMF.fd is constructed so that it becomes impossible to interrupt
> the boot sequence after attestation and the system will either boot
> the image or fail. The boot sequence runs the grub.efi embedded in the
> OVMF firmware volume so the encrypted image owner knows their own
> version of grub is the only one that will boot before injecting the
> secret. Note this boot path actually ignores the unencrypted EFI
> partition. However, as part of this design, the encrypted image may be
> booted by a standard OVMF KVM boot and in that case, the user will
> have to type the encryption password. This standard boot will be
> insecure but it might be used by the constructor of the encrypted
> images on their own private laptop, for instance. The standard boot
> path will use the unencrypted EFI partition.
>
> Patches Required Outside of OVMF
> ================================
>
> There is a patch set to grub which allows it to extract the SEV secret
> area from the configuration table and use the secret as a password to
> do a luks crypto mount of root (this is the sevsecret grub module):
>
> https://lists.gnu.org/archive/html/grub-devel/2020-11/msg00078.html
>
> There is also a patch to qemu which allows it to search through the
> OVMF.fd and find the SEV secret area which is now described inside the
> Reset Vector using the existing SEV_ES reset block. This area is the
> place QEMU will inject the encrypted SEV secret bundle.
>
> Security of the System
> ======================
>
> Since Grub is now part of the attested OVMF.fd bundle, the VM owner
> knows absolutely that it will proceed straight to partition decryption
> inside the attested code and boot the kernel off the encrypted
> partition. Even if a different QCOW image is substituted, the boot
> will fail without revealing the secret because the system is designed
> to fail hard in that case and because the secret is always contained
> within the encrypted envelope it should be impossible for the cloud
> operator to obtain it even if they can pause the boot and examine the
> machine memory.
>
> Putting it All Together
> =======================
>
> This is somewhat hard. You must first understand how to boot a QEMU
> system so as to have the VM pause after firmware loading (-S option)
> and use the qmp port to request an attestation. Only if the
> attestation corresponds to the expected sha256sum of OVMF.fd should
> the secret bundle be constructed and injected using qmp. The tools
> for constructing the secret bundle are in
>
> https://github.com/AMDESE/sev-tool/
>
> James
>
> ---
>
> James Bottomley (6):
> OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
> OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
> OvmfPkg/AmdSev: add Grub Firmware Volume Package
> OvmfPkg: create a SEV secret area in the AmdSev memfd
> OvmfPkg/AmdSev: assign and protect the Sev Secret area
> OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
>
> OvmfPkg/OvmfPkg.dec | 8 +
> OvmfPkg/AmdSev/AmdSevX64.dsc | 844 ++++++++++
> OvmfPkg/AmdSev/AmdSevX64.fdf | 456 +++++
> OvmfPkg/AmdSev/Grub/Grub.inf | 39 +
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf | 37 +
> OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35 +
> .../PlatformBootManagerLibGrub.inf | 71 +
> OvmfPkg/ResetVector/ResetVector.inf | 4 +
> OvmfPkg/Include/Guid/SevLaunchSecret.h | 28 +
> .../PlatformBootManagerLibGrub/BdsPlatform.h | 175 ++
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 26 +
> OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 +
> .../PlatformBootManagerLibGrub/BdsPlatform.c | 1482 +++++++++++++++++
> .../PlatformBootManagerLibGrub/PlatformData.c | 214 +++
> OvmfPkg/AmdSev/Grub/.gitignore | 1 +
> OvmfPkg/AmdSev/Grub/grub.cfg | 46 +
> OvmfPkg/AmdSev/Grub/grub.sh | 93 ++
> OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 70 +-
> OvmfPkg/ResetVector/ResetVector.nasmb | 2 +
> 19 files changed, 3645 insertions(+), 11 deletions(-)
> create mode 100644 OvmfPkg/AmdSev/AmdSevX64.dsc
> create mode 100644 OvmfPkg/AmdSev/AmdSevX64.fdf
> create mode 100644 OvmfPkg/AmdSev/Grub/Grub.inf
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
> create mode 100644 OvmfPkg/Include/Guid/SevLaunchSecret.h
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
> create mode 100644 OvmfPkg/AmdSev/Grub/.gitignore
> create mode 100644 OvmfPkg/AmdSev/Grub/grub.cfg
> create mode 100644 OvmfPkg/AmdSev/Grub/grub.sh
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
` (6 preceding siblings ...)
2020-12-01 8:05 ` [PATCH v3 0/6] SEV Encrypted Boot for Ovmf Ard Biesheuvel
@ 2020-12-01 8:05 ` Laszlo Ersek
2020-12-03 12:26 ` [edk2-devel] " Laszlo Ersek
8 siblings, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-01 8:05 UTC (permalink / raw)
To: James Bottomley, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 11/30/20 21:28, James Bottomley wrote:
> v3:
>
> - More grub and boot stripping (I think I got everything out, but
> there may be something that strayed in the boot panic resolution).
> - grub.sh tidy up with tabs->spaces.
> - Move the reset vector GUIDisation patch to the front so it can be
> applied independently
> - Update the .dsc and .fdf files for variable policy
>
> v2:
>
> - Strip more out of AmdSev image (networking, secure boot, smm)
> - give sev reset block a generic table guid and use it for boot secret area
> - separate secret patches and make grub script more robust
> - Add copyrights and fix formatting issues
>
> v1:
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>
> This patch series is modelled on the structure of the Bhyve patches
> for Ovmf, since it does somewhat similar things. This patch series
> creates a separate build for an AmdSev OVMF.fd that does nothing
> except combine with grub and boot straight through the internal grub
> to try to mount an encrypted volume.
>
> Concept: SEV Secure Encrypted Images
> ====================================
>
> The SEV patches in Linux and OVMF allow for the booting of SEV VMs in
> an encrypted state, but don't really show how this could be done with
> an encrypted image. Since the key used to decrypt the image must be
> maintained within the SEV encryption envelope, encrypted QCOW is not
> an option because the key would then have to be known to QEMU which is
> outside the encryption envelope. The proposal here is that an
> encrypted image should be a QCOW image consisting of two partitions,
> the normal unencrypted EFI partition (Identifying it as an OVMF
> bootable image) and a luks encrypted root partition. The kernel would
> be inside the encrypted root in the /boot directory. The secret
> injected securely through QEMU is extracted by OVMF and passed to grub
> which uses it to mount the encrypted root and boot the kernel
> normally. The creator of the secret bundle must be satisfied with the
> SEV attestation before the secret is constructed. Unfortunately, the
> SEV attestation can only be on the first QEMU firmware volume and
> nothing else, so this patch series builds grub itself into a firmware
> volume and places it inside OVMF so that the entire boot system can be
> attested. In a normal OVMF KVM system, the variable store is on the
> second flash volume (which is read/write). Unfortunately, this
> mutable configuration provided by the variables is outside the
> attestation envelope and can significantly alter the boot path,
> possibly leading to secret leak, so encrypted image boot should only
> be done with the OVMF.fd that combines both the code and variables.
> the OVMF.fd is constructed so that it becomes impossible to interrupt
> the boot sequence after attestation and the system will either boot
> the image or fail. The boot sequence runs the grub.efi embedded in the
> OVMF firmware volume so the encrypted image owner knows their own
> version of grub is the only one that will boot before injecting the
> secret. Note this boot path actually ignores the unencrypted EFI
> partition. However, as part of this design, the encrypted image may be
> booted by a standard OVMF KVM boot and in that case, the user will
> have to type the encryption password. This standard boot will be
> insecure but it might be used by the constructor of the encrypted
> images on their own private laptop, for instance. The standard boot
> path will use the unencrypted EFI partition.
>
> Patches Required Outside of OVMF
> ================================
>
> There is a patch set to grub which allows it to extract the SEV secret
> area from the configuration table and use the secret as a password to
> do a luks crypto mount of root (this is the sevsecret grub module):
>
> https://lists.gnu.org/archive/html/grub-devel/2020-11/msg00078.html
>
> There is also a patch to qemu which allows it to search through the
> OVMF.fd and find the SEV secret area which is now described inside the
> Reset Vector using the existing SEV_ES reset block. This area is the
> place QEMU will inject the encrypted SEV secret bundle.
>
> Security of the System
> ======================
>
> Since Grub is now part of the attested OVMF.fd bundle, the VM owner
> knows absolutely that it will proceed straight to partition decryption
> inside the attested code and boot the kernel off the encrypted
> partition. Even if a different QCOW image is substituted, the boot
> will fail without revealing the secret because the system is designed
> to fail hard in that case and because the secret is always contained
> within the encrypted envelope it should be impossible for the cloud
> operator to obtain it even if they can pause the boot and examine the
> machine memory.
>
> Putting it All Together
> =======================
>
> This is somewhat hard. You must first understand how to boot a QEMU
> system so as to have the VM pause after firmware loading (-S option)
> and use the qmp port to request an attestation. Only if the
> attestation corresponds to the expected sha256sum of OVMF.fd should
> the secret bundle be constructed and injected using qmp. The tools
> for constructing the secret bundle are in
>
> https://github.com/AMDESE/sev-tool/
>
> James
>
> ---
>
> James Bottomley (6):
> OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
> OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
> OvmfPkg/AmdSev: add Grub Firmware Volume Package
> OvmfPkg: create a SEV secret area in the AmdSev memfd
> OvmfPkg/AmdSev: assign and protect the Sev Secret area
> OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
>
> OvmfPkg/OvmfPkg.dec | 8 +
> OvmfPkg/AmdSev/AmdSevX64.dsc | 844 ++++++++++
> OvmfPkg/AmdSev/AmdSevX64.fdf | 456 +++++
> OvmfPkg/AmdSev/Grub/Grub.inf | 39 +
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf | 37 +
> OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35 +
> .../PlatformBootManagerLibGrub.inf | 71 +
> OvmfPkg/ResetVector/ResetVector.inf | 4 +
> OvmfPkg/Include/Guid/SevLaunchSecret.h | 28 +
> .../PlatformBootManagerLibGrub/BdsPlatform.h | 175 ++
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 26 +
> OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 +
> .../PlatformBootManagerLibGrub/BdsPlatform.c | 1482 +++++++++++++++++
> .../PlatformBootManagerLibGrub/PlatformData.c | 214 +++
> OvmfPkg/AmdSev/Grub/.gitignore | 1 +
> OvmfPkg/AmdSev/Grub/grub.cfg | 46 +
> OvmfPkg/AmdSev/Grub/grub.sh | 93 ++
> OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 70 +-
> OvmfPkg/ResetVector/ResetVector.nasmb | 2 +
> 19 files changed, 3645 insertions(+), 11 deletions(-)
> create mode 100644 OvmfPkg/AmdSev/AmdSevX64.dsc
> create mode 100644 OvmfPkg/AmdSev/AmdSevX64.fdf
> create mode 100644 OvmfPkg/AmdSev/Grub/Grub.inf
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
> create mode 100644 OvmfPkg/Include/Guid/SevLaunchSecret.h
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
> create mode 100644 OvmfPkg/AmdSev/Grub/.gitignore
> create mode 100644 OvmfPkg/AmdSev/Grub/grub.cfg
> create mode 100644 OvmfPkg/AmdSev/Grub/grub.sh
>
Confirming that I got this; I'll need some time to get to it.
Thanks
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-01 8:05 ` [PATCH v3 0/6] SEV Encrypted Boot for Ovmf Ard Biesheuvel
@ 2020-12-01 8:13 ` Laszlo Ersek
2020-12-01 15:26 ` James Bottomley
1 sibling, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-01 8:13 UTC (permalink / raw)
To: Ard Biesheuvel, James Bottomley, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen
On 12/01/20 09:05, Ard Biesheuvel wrote:
> On 11/30/20 9:28 PM, James Bottomley wrote:
>> v3:
>>
>> - More grub and boot stripping (I think I got everything out, but
>> there may be something that strayed in the boot panic resolution).
>> - grub.sh tidy up with tabs->spaces.
>> - Move the reset vector GUIDisation patch to the front so it can be
>> applied independently
>> - Update the .dsc and .fdf files for variable policy
>>
>> v2:
>>
>> - Strip more out of AmdSev image (networking, secure boot, smm)
>> - give sev reset block a generic table guid and use it for boot secret
>> area
>> - separate secret patches and make grub script more robust
>> - Add copyrights and fix formatting issues
>>
>> v1:
>>
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>>
>> This patch series is modelled on the structure of the Bhyve patches
>> for Ovmf, since it does somewhat similar things. This patch series
>> creates a separate build for an AmdSev OVMF.fd that does nothing
>> except combine with grub and boot straight through the internal grub
>> to try to mount an encrypted volume.
>>
>
> This all looks reasonable to me, although I defer to Laszlo when it
> comes to assessing the impact on maintainability of other platforms
> under OvmfPkg.
>
> Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Thanks for reviewing this! I'll go through v3 later.
And, indeed, it was my request / suggestion (off-list, earlier) that the
feature please be implemented as a separate platform under OvmfPkg. This
new platform has very different goals from the earlier ones; in
particular their attitude about integration with the host side is
entirely different.
>
> Is there any point to keeping the TPM bits in the AmdSev platform?
I wondered that myself, when I was suggesting the removal of multiple
feature flags (such as SMM_REQUIRE, SECURE_BOOT_ENABLE, etc). TPM_ENABLE
didn't look immediately wrong or unsupportable in the new platform, so I
didn't suggest removing it.
> Or
> are these completely orthogonal? If there is no meaningful way [yet] to
> plumb these together, it might be better to just rip that out entirely
> so people don't make assumptions.
It's certainly good to trim this platform to the bare minimum, I'm just
generally unsure about TPM (swtpm / vTPM) use cases with OVMF (I never
use that feature, personally). I wouldn't want to regress an otherwise
valid use case.
Thanks
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-01 8:05 ` [PATCH v3 0/6] SEV Encrypted Boot for Ovmf Ard Biesheuvel
2020-12-01 8:13 ` Laszlo Ersek
@ 2020-12-01 15:26 ` James Bottomley
1 sibling, 0 replies; 35+ messages in thread
From: James Bottomley @ 2020-12-01 15:26 UTC (permalink / raw)
To: Ard Biesheuvel, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen
On Tue, 2020-12-01 at 09:05 +0100, Ard Biesheuvel wrote:
> On 11/30/20 9:28 PM, James Bottomley wrote:
> > v3:
> >
> > - More grub and boot stripping (I think I got everything out, but
> > there may be something that strayed in the boot panic
> > resolution).
> > - grub.sh tidy up with tabs->spaces.
> > - Move the reset vector GUIDisation patch to the front so it can be
> > applied independently
> > - Update the .dsc and .fdf files for variable policy
> >
> > v2:
> >
> > - Strip more out of AmdSev image (networking, secure boot, smm)
> > - give sev reset block a generic table guid and use it for boot
> > secret area
> > - separate secret patches and make grub script more robust
> > - Add copyrights and fix formatting issues
> >
> > v1:
> >
> > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> >
> > This patch series is modelled on the structure of the Bhyve patches
> > for Ovmf, since it does somewhat similar things. This patch series
> > creates a separate build for an AmdSev OVMF.fd that does nothing
> > except combine with grub and boot straight through the internal
> > grub to try to mount an encrypted volume.
> >
>
> This all looks reasonable to me, although I defer to Laszlo when it
> comes to assessing the impact on maintainability of other platforms
> under OvmfPkg.
>
> Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>
> Is there any point to keeping the TPM bits in the AmdSev platform?
> Or are these completely orthogonal? If there is no meaningful way
> [yet] to plumb these together, it might be better to just rip that
> out entirely so people don't make assumptions.
There is definitely a use case in the cloud for an attested VM boot and
run time whether that VM is encrypted or not. Although the SEV
attestation covers OVMF/grub it would still be useful to get the
regular boot time attestation from them as well, so I think OVMF will
require a TPM device even in the SEV use case.
Obviously there is still a question of how you run a vtpm in this use
case, since it would have to be part of the trusted envelope as well,
so it can't simply run in the host like vtpms usually do. However,
SEV-SNP is moving towards the concept of a trusted management VM, so I
do envisage that the vtpm would eventually be part of this or another
set up like it so it would be separate from the encrypted VM that's
running but part of the trusted envelope.
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area
2020-12-01 7:54 ` Ard Biesheuvel
@ 2020-12-01 18:36 ` James Bottomley
0 siblings, 0 replies; 35+ messages in thread
From: James Bottomley @ 2020-12-01 18:36 UTC (permalink / raw)
To: devel, ard.biesheuvel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Laszlo Ersek, Jordan Justen
On Tue, 2020-12-01 at 08:54 +0100, Ard Biesheuvel wrote:
> Hi James,
>
> On 11/30/20 9:28 PM, James Bottomley wrote:
> > Create a one page secret area in the MEMFD and protect the area
> > with a
> > boot time HOB.
> >
>
> I take it 'protect' here only means prevent the memory from being
> used for somethine else?
Yes, make sure it's not allocated as free memory until exit boot
services.
> In the context of security, encryption, secrets,
> etc, it might be useful to call that out.
OK, how about reserve instead of protect?
James
> > Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> > Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> > Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> > ---
> > OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
> > OvmfPkg/AmdSev/AmdSevX64.fdf | 4 +++
> > OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35
> > ++++++++++++++++++++++++++
> > OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 ++++++++++++++++++
> > 4 files changed, 65 insertions(+)
> > create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> > create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c
> >
> > diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc
> > b/OvmfPkg/AmdSev/AmdSevX64.dsc
> > index 18707725b3e4..e9c522bedad9 100644
> > --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
> > +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
> > @@ -613,6 +613,7 @@ [Components]
> > OvmfPkg/PlatformPei/PlatformPei.inf
> > UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
> > UefiCpuPkg/CpuMpPei/CpuMpPei.inf
> > + OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> >
> > !if $(TPM_ENABLE) == TRUE
> > OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
> > diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf
> > b/OvmfPkg/AmdSev/AmdSevX64.fdf
> > index 1aa95826384a..b2656a1cf6fc 100644
> > --- a/OvmfPkg/AmdSev/AmdSevX64.fdf
> > +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
> > @@ -59,6 +59,9 @@ [FD.MEMFD]
> > 0x00B000|0x001000
> >
> > gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpac
> > eGuid.PcdSevEsWorkAreaSize
> >
> > +0x00C000|0x001000
> > +gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgToke
> > nSpaceGuid.PcdSevLaunchSecretSize
> > +
> > 0x010000|0x010000
> >
> > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTok
> > enSpaceGuid.PcdOvmfSecPeiTempRamSize
> >
> > @@ -138,6 +141,7 @@ [FV.PEIFV]
> > INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> > INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
> > INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
> > +INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> >
> > !if $(TPM_ENABLE) == TRUE
> > INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
> > diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> > b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> > new file mode 100644
> > index 000000000000..08be156c4bc0
> > --- /dev/null
> > +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf
> > @@ -0,0 +1,35 @@
> > +## @file
> > +# PEI support for SEV Secrets
> > +#
> > +# Copyright (C) 2020 James Bottomley, IBM Corporation.
> > +#
> > +# SPDX-License-Identifier: BSD-2-Clause-Patent
> > +#
> > +##
> > +
> > +[Defines]
> > + INF_VERSION = 0x00010005
> > + BASE_NAME = SecretPei
> > + FILE_GUID = 45260dde-0c3c-4b41-a226-
> > ef3803fac7d4
> > + MODULE_TYPE = PEIM
> > + VERSION_STRING = 1.0
> > + ENTRY_POINT = InitializeSecretPei
> > +
> > +[Sources]
> > + SecretPei.c
> > +
> > +[Packages]
> > + OvmfPkg/OvmfPkg.dec
> > + MdePkg/MdePkg.dec
> > +
> > +[LibraryClasses]
> > + HobLib
> > + PeimEntryPoint
> > + PcdLib
> > +
> > +[FixedPcd]
> > + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
> > + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
> > +
> > +[Depex]
> > + TRUE
> > diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> > b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> > new file mode 100644
> > index 000000000000..ad491515dd5d
> > --- /dev/null
> > +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> > @@ -0,0 +1,25 @@
> > +/** @file
> > + SEV Secret boot time HOB placement
> > +
> > + Copyright (C) 2020 James Bottomley, IBM Corporation.
> > + SPDX-License-Identifier: BSD-2-Clause-Patent
> > +**/
> > +#include <PiPei.h>
> > +#include <Library/HobLib.h>
> > +#include <Library/PcdLib.h>
> > +
> > +EFI_STATUS
> > +EFIAPI
> > +InitializeSecretPei (
> > + IN EFI_PEI_FILE_HANDLE FileHandle,
> > + IN CONST EFI_PEI_SERVICES **PeiServices
> > + )
> > +{
> > + BuildMemoryAllocationHob (
> > + PcdGet32 (PcdSevLaunchSecretBase),
> > + PcdGet32 (PcdSevLaunchSecretSize),
> > + EfiBootServicesData
> > + );
> > +
> > + return EFI_SUCCESS;
> > +}
> >
>
>
>
>
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
2020-11-30 20:28 ` [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed James Bottomley
@ 2020-12-03 8:10 ` Laszlo Ersek
0 siblings, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-03 8:10 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 11/30/20 21:28, James Bottomley wrote:
> Convert the current ES reset block structure to an extensible guid
> based structure by appending a header and length, which allow for
> multiple guid based data packets to be inserted.
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>
> ---
>
> v2: added
> v3: reworked
> ---
> OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 51 +++++++++++++++-----
> 1 file changed, 40 insertions(+), 11 deletions(-)
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Thank you!
Laszlo
> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> index 980e0138e7fe..9e0a74fddfc1 100644
> --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> +++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> @@ -25,21 +25,40 @@ ALIGN 16
> TIMES (0x1000 - ($ - EndOfPageTables) - 0x20) DB 0
> %endif
>
> +;
> +; Padding to ensure first guid starts at 0xffffffd0
> +;
> +TIMES (15 - ((guidedStructureEnd - guidedStructureStart + 15) % 16)) DB 0
> +
> +; GUIDed structure. To traverse this you should first verify the
> +; presence of the table footer guid
> +; (96b582de-1fb2-45f7-baea-a366c55a082d) at 0xffffffd0. If that
> +; is found, the two bytes at 0xffffffce are the entire table length.
> +;
> +; The table is composed of structures with the form:
> +;
> +; Data (arbitrary bytes identified by guid)
> +; length from start of data to end of guid (2 bytes)
> +; guid (16 bytes)
> +;
> +; so work back from the footer using the length to traverse until you
> +; either find the guid you're looking for or run off the beginning of
> +; the table.
> +;
> +guidedStructureStart:
> +
> ;
> ; SEV-ES Processor Reset support
> ;
> ; sevEsResetBlock:
> ; For the initial boot of an AP under SEV-ES, the "reset" RIP must be
> -; programmed to the RAM area defined by SEV_ES_AP_RESET_IP. A known offset
> -; and GUID will be used to locate this block in the firmware and extract
> -; the build time RIP value. The GUID must always be 48 bytes from the
> -; end of the firmware.
> +; programmed to the RAM area defined by SEV_ES_AP_RESET_IP. The data
> +; format is:
> ;
> -; 0xffffffca (-0x36) - IP value
> -; 0xffffffcc (-0x34) - CS segment base [31:16]
> -; 0xffffffce (-0x32) - Size of the SEV-ES reset block
> -; 0xffffffd0 (-0x30) - SEV-ES reset block GUID
> -; (00f771de-1a7e-4fcb-890e-68c77e2fb44e)
> +; IP value [0:15]
> +; CS segment base [31:16]
> +;
> +; GUID (SEV-ES reset block): 00f771de-1a7e-4fcb-890e-68c77e2fb44e
> ;
> ; A hypervisor reads the CS segement base and IP value. The CS segment base
> ; value represents the high order 16-bits of the CS segment base, so the
> @@ -48,8 +67,6 @@ ALIGN 16
> ; program the EIP register with the IP value as read.
> ;
>
> -TIMES (32 - (sevEsResetBlockEnd - sevEsResetBlockStart)) DB 0
> -
> sevEsResetBlockStart:
> DD SEV_ES_AP_RESET_IP
> DW sevEsResetBlockEnd - sevEsResetBlockStart
> @@ -57,6 +74,18 @@ sevEsResetBlockStart:
> DB 0x89, 0x0E, 0x68, 0xC7, 0x7E, 0x2F, 0xB4, 0x4E
> sevEsResetBlockEnd:
>
> +;
> +; Table footer:
> +;
> +; length of whole table (16 bit word)
> +; GUID (table footer): 96b582de-1fb2-45f7-baea-a366c55a082d
> +;
> + DW guidedStructureEnd - guidedStructureStart
> + DB 0xDE, 0x82, 0xB5, 0x96, 0xB2, 0x1F, 0xF7, 0x45
> + DB 0xBA, 0xEA, 0xA3, 0x66, 0xC5, 0x5A, 0x08, 0x2D
> +
> +guidedStructureEnd:
> +
> ALIGN 16
>
> applicationProcessorEntryPoint:
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 2/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
2020-11-30 20:28 ` [PATCH v3 2/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF James Bottomley
@ 2020-12-03 8:20 ` Laszlo Ersek
0 siblings, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-03 8:20 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 11/30/20 21:28, James Bottomley wrote:
> This commit represents the file copied from OvmfPkgX64 with minor
> changes to change the build name.
>
> This package will form the basis for adding Sev specific features.
> Since everything must go into a single rom file for attestation, the
> separated build of code and variables is eliminated.
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>
> ---
>
> v2: remove secure boot, smm and networking
> v3: update for variable policy, remove stray smm/networking parts, remove CSM
> ---
> OvmfPkg/AmdSev/AmdSevX64.dsc | 833 +++++++++++++++++++++++++++++++++++
> OvmfPkg/AmdSev/AmdSevX64.fdf | 450 +++++++++++++++++++
> 2 files changed, 1283 insertions(+)
> create mode 100644 OvmfPkg/AmdSev/AmdSevX64.dsc
> create mode 100644 OvmfPkg/AmdSev/AmdSevX64.fdf
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Thanks,
Laszlo
>
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
> new file mode 100644
> index 000000000000..59778c49548c
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
> @@ -0,0 +1,833 @@
> +## @file
> +# EFI/Framework Open Virtual Machine Firmware (OVMF) platform for SEV secure
> +# virtual machine remote attestation and secret injection
> +#
> +# Copyright (c) 2020 James Bottomley, IBM Corporation.
> +# Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>
> +# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
> +#
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +################################################################################
> +#
> +# Defines Section - statements that will be processed to create a Makefile.
> +#
> +################################################################################
> +[Defines]
> + PLATFORM_NAME = Ovmf
> + PLATFORM_GUID = 07ff380c-4760-4823-8f59-ec2cb06fbc16
> + PLATFORM_VERSION = 0.1
> + DSC_SPECIFICATION = 0x00010005
> + OUTPUT_DIRECTORY = Build/AmdSev
> + SUPPORTED_ARCHITECTURES = X64
> + BUILD_TARGETS = NOOPT|DEBUG|RELEASE
> + SKUID_IDENTIFIER = DEFAULT
> + FLASH_DEFINITION = OvmfPkg/AmdSev/AmdSevX64.fdf
> +
> + #
> + # Defines for default states. These can be changed on the command line.
> + # -D FLAG=VALUE
> + #
> + DEFINE SOURCE_DEBUG_ENABLE = FALSE
> + DEFINE TPM_ENABLE = FALSE
> + DEFINE TPM_CONFIG_ENABLE = FALSE
> +
> + #
> + # Device drivers
> + #
> + DEFINE PVSCSI_ENABLE = TRUE
> + DEFINE MPT_SCSI_ENABLE = TRUE
> + DEFINE LSI_SCSI_ENABLE = FALSE
> +
> + #
> + # Flash size selection. Setting FD_SIZE_IN_KB on the command line directly to
> + # one of the supported values, in place of any of the convenience macros, is
> + # permitted.
> + #
> +!ifdef $(FD_SIZE_1MB)
> + DEFINE FD_SIZE_IN_KB = 1024
> +!else
> +!ifdef $(FD_SIZE_2MB)
> + DEFINE FD_SIZE_IN_KB = 2048
> +!else
> +!ifdef $(FD_SIZE_4MB)
> + DEFINE FD_SIZE_IN_KB = 4096
> +!else
> + DEFINE FD_SIZE_IN_KB = 4096
> +!endif
> +!endif
> +!endif
> +
> +[BuildOptions]
> + GCC:RELEASE_*_*_CC_FLAGS = -DMDEPKG_NDEBUG
> + INTEL:RELEASE_*_*_CC_FLAGS = /D MDEPKG_NDEBUG
> + MSFT:RELEASE_*_*_CC_FLAGS = /D MDEPKG_NDEBUG
> +!if $(TOOL_CHAIN_TAG) != "XCODE5" && $(TOOL_CHAIN_TAG) != "CLANGPDB"
> + GCC:*_*_*_CC_FLAGS = -mno-mmx -mno-sse
> +!endif
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + MSFT:*_*_X64_GENFW_FLAGS = --keepexceptiontable
> + GCC:*_*_X64_GENFW_FLAGS = --keepexceptiontable
> + INTEL:*_*_X64_GENFW_FLAGS = --keepexceptiontable
> +!endif
> +
> + #
> + # Disable deprecated APIs.
> + #
> + MSFT:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
> + INTEL:*_*_*_CC_FLAGS = /D DISABLE_NEW_DEPRECATED_INTERFACES
> + GCC:*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
> +
> +[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
> + GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
> + XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000
> + XCODE:*_*_*_MTOC_FLAGS = -align 0x1000
> + CLANGPDB:*_*_*_DLINK_FLAGS = /ALIGN:4096
> +
> +# Force PE/COFF sections to be aligned at 4KB boundaries to support page level
> +# protection of DXE_SMM_DRIVER/SMM_CORE modules
> +[BuildOptions.common.EDKII.DXE_SMM_DRIVER, BuildOptions.common.EDKII.SMM_CORE]
> + GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
> + XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000
> + XCODE:*_*_*_MTOC_FLAGS = -align 0x1000
> + CLANGPDB:*_*_*_DLINK_FLAGS = /ALIGN:4096
> +
> +################################################################################
> +#
> +# SKU Identification section - list of all SKU IDs supported by this Platform.
> +#
> +################################################################################
> +[SkuIds]
> + 0|DEFAULT
> +
> +################################################################################
> +#
> +# Library Class section - list of all Library Classes needed by this Platform.
> +#
> +################################################################################
> +[LibraryClasses]
> + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/BaseResetSystemLib.inf
> + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> + BaseMemoryLib|MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf
> + BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
> + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
> + BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
> + SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
> + CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf
> + PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
> + PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
> + CacheMaintenanceLib|MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf
> + UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.inf
> + UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
> + HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
> + SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
> + UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
> + BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
> + FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
> + CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
> + DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
> + DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
> + PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
> + PciCf8Lib|MdePkg/Library/BasePciCf8Lib/BasePciCf8Lib.inf
> + PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
> + PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
> + PciSegmentLib|MdePkg/Library/BasePciSegmentLibPci/BasePciSegmentLibPci.inf
> + PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
> + PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
> + PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
> + IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
> + OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
> + SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
> + MtrrLib|UefiCpuPkg/Library/MtrrLib/MtrrLib.inf
> + UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
> + UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
> + UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
> + UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
> + UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
> + DevicePathLib|MdePkg/Library/UefiDevicePathLibDevicePathProtocol/UefiDevicePathLibDevicePathProtocol.inf
> + NvVarsFileLib|OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.inf
> + FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
> + UefiCpuLib|UefiCpuPkg/Library/BaseUefiCpuLib/BaseUefiCpuLib.inf
> + SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
> + UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
> + SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
> + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
> + QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf
> + VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
> + LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
> + MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
> + LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
> + CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
> + FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
> +
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + PeCoffExtraActionLib|SourceLevelDebugPkg/Library/PeCoffExtraActionLibDebug/PeCoffExtraActionLibDebug.inf
> + DebugCommunicationLib|SourceLevelDebugPkg/Library/DebugCommunicationLibSerialPort/DebugCommunicationLibSerialPort.inf
> +!else
> + PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
> + DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
> +!endif
> +
> + LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
> + DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
> +
> + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> + RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
> +
> + AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
> + VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
> + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
> +
> + ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
> + ShellCEntryLib|ShellPkg/Library/UefiShellCEntryLib/UefiShellCEntryLib.inf
> + S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf
> + SmbusLib|MdePkg/Library/BaseSmbusLibNull/BaseSmbusLibNull.inf
> + OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf
> + XenHypercallLib|OvmfPkg/Library/XenHypercallLib/XenHypercallLib.inf
> + XenPlatformLib|OvmfPkg/Library/XenPlatformLib/XenPlatformLib.inf
> +
> +!if $(TPM_ENABLE) == TRUE
> + Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
> + Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
> + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
> + Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
> + TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
> +!else
> + Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
> + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
> +!endif
> +
> +[LibraryClasses.common]
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> + VmgExitLib|OvmfPkg/Library/VmgExitLib/VmgExitLib.inf
> +
> +[LibraryClasses.common.SEC]
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/BaseRomAcpiTimerLib.inf
> + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgSecLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformRomDebugLibIoPort.inf
> +!endif
> + ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
> + ExtractGuidedSectionLib|MdePkg/Library/BaseExtractGuidedSectionLib/BaseExtractGuidedSectionLib.inf
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf
> +!endif
> + HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
> + PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
> + PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
> + MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
> +!if $(TOOL_CHAIN_TAG) == "XCODE5"
> + CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/Xcode5SecPeiCpuExceptionHandlerLib.inf
> +!else
> + CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
> +!endif
> +
> +[LibraryClasses.common.PEI_CORE]
> + HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
> + PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
> + PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
> + MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
> + PeiCoreEntryPoint|MdePkg/Library/PeiCoreEntryPoint/PeiCoreEntryPoint.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
> + OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
> + PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
> +
> +[LibraryClasses.common.PEIM]
> + HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
> + PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
> + PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
> + MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
> + PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
> + OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
> + PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
> + ResourcePublicationLib|MdePkg/Library/PeiResourcePublicationLib/PeiResourcePublicationLib.inf
> + ExtractGuidedSectionLib|MdePkg/Library/PeiExtractGuidedSectionLib/PeiExtractGuidedSectionLib.inf
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SecPeiDebugAgentLib.inf
> +!endif
> + CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/PeiCpuExceptionHandlerLib.inf
> + MpInitLib|UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
> + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
> + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
> + QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
> +
> +!if $(TPM_ENABLE) == TRUE
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
> + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
> +!endif
> +
> +[LibraryClasses.common.DXE_CORE]
> + HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
> + DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
> + MemoryAllocationLib|MdeModulePkg/Library/DxeCoreMemoryAllocationLib/DxeCoreMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + ExtractGuidedSectionLib|MdePkg/Library/DxeExtractGuidedSectionLib/DxeExtractGuidedSectionLib.inf
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
> +!endif
> + CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> +
> +[LibraryClasses.common.DXE_RUNTIME_DRIVER]
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
> + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> + DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
> + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/RuntimeDxeReportStatusCodeLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
> + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
> + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
> +
> +[LibraryClasses.common.UEFI_DRIVER]
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
> + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> + DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
> + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
> + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
> +
> +[LibraryClasses.common.DXE_DRIVER]
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
> + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
> + UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + PlatformBootManagerLib|OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
> + PlatformBmPrintScLib|OvmfPkg/Library/PlatformBmPrintScLib/PlatformBmPrintScLib.inf
> + QemuBootOrderLib|OvmfPkg/Library/QemuBootOrderLib/QemuBootOrderLib.inf
> + CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/DxeCpuExceptionHandlerLib.inf
> + LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxDxeLib.inf
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/DxeDebugAgentLib.inf
> +!endif
> + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
> + MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
> + QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
> + QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
> +!if $(TPM_ENABLE) == TRUE
> + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
> + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
> +!endif
> +
> +[LibraryClasses.common.UEFI_APPLICATION]
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
> + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
> +
> +[LibraryClasses.common.DXE_SMM_DRIVER]
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
> + MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
> + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> + SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> + MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
> + SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SmmCpuExceptionHandlerLib.inf
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf
> +!endif
> + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
> +
> +[LibraryClasses.common.SMM_CORE]
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + TimerLib|OvmfPkg/Library/AcpiTimerLib/DxeAcpiTimerLib.inf
> + ResetSystemLib|OvmfPkg/Library/ResetSystemLib/DxeResetSystemLib.inf
> + SmmCorePlatformHookLib|MdeModulePkg/Library/SmmCorePlatformHookLibNull/SmmCorePlatformHookLibNull.inf
> + MemoryAllocationLib|MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf
> + ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
> + HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
> + SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
> + SmmServicesTableLib|MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
> +!ifdef $(DEBUG_ON_SERIAL_PORT)
> + DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
> +!else
> + DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf
> +!endif
> + PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf
> +
> +################################################################################
> +#
> +# Pcd Section - list of all EDK II PCD Entries defined by this Platform.
> +#
> +################################################################################
> +[PcdsFeatureFlag]
> + gEfiMdeModulePkgTokenSpaceGuid.PcdHiiOsRuntimeSupport|FALSE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress|FALSE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode|FALSE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdConOutGopSupport|TRUE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdConOutUgaSupport|FALSE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdInstallAcpiSdtProtocol|TRUE
> +
> +[PcdsFixedAtBuild]
> + gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeMemorySize|1
> + gEfiMdeModulePkgTokenSpaceGuid.PcdResetOnMemoryTypeInformationChange|FALSE
> + gEfiMdePkgTokenSpaceGuid.PcdMaximumGuidedExtractHandler|0x10
> +!if ($(FD_SIZE_IN_KB) == 1024) || ($(FD_SIZE_IN_KB) == 2048)
> + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x2000
> + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x2800
> + # match PcdFlashNvStorageVariableSize purely for convenience
> + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0xe000
> +!endif
> +!if $(FD_SIZE_IN_KB) == 4096
> + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize|0x8400
> + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize|0x8400
> + # match PcdFlashNvStorageVariableSize purely for convenience
> + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize|0x40000
> +!endif
> +
> + gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
> + gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeUseSerial|FALSE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdStatusCodeUseMemory|TRUE
> +
> + gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
> +
> + # DEBUG_INIT 0x00000001 // Initialization
> + # DEBUG_WARN 0x00000002 // Warnings
> + # DEBUG_LOAD 0x00000004 // Load events
> + # DEBUG_FS 0x00000008 // EFI File system
> + # DEBUG_POOL 0x00000010 // Alloc & Free (pool)
> + # DEBUG_PAGE 0x00000020 // Alloc & Free (page)
> + # DEBUG_INFO 0x00000040 // Informational debug messages
> + # DEBUG_DISPATCH 0x00000080 // PEI/DXE/SMM Dispatchers
> + # DEBUG_VARIABLE 0x00000100 // Variable
> + # DEBUG_BM 0x00000400 // Boot Manager
> + # DEBUG_BLKIO 0x00001000 // BlkIo Driver
> + # DEBUG_NET 0x00004000 // SNP Driver
> + # DEBUG_UNDI 0x00010000 // UNDI Driver
> + # DEBUG_LOADFILE 0x00020000 // LoadFile
> + # DEBUG_EVENT 0x00080000 // Event messages
> + # DEBUG_GCD 0x00100000 // Global Coherency Database changes
> + # DEBUG_CACHE 0x00200000 // Memory range cachability changes
> + # DEBUG_VERBOSE 0x00400000 // Detailed debug messages that may
> + # // significantly impact boot performance
> + # DEBUG_ERROR 0x80000000 // Error
> + gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x8000004F
> +
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x17
> +!else
> + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2F
> +!endif
> +
> + # This PCD is used to set the base address of the PCI express hierarchy. It
> + # is only consulted when OVMF runs on Q35. In that case it is programmed into
> + # the PCIEXBAR register.
> + #
> + # On Q35 machine types that QEMU intends to support in the long term, QEMU
> + # never lets the RAM below 4 GB exceed 2816 MB.
> + gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress|0xB0000000
> +
> +!if $(SOURCE_DEBUG_ENABLE) == TRUE
> + gEfiSourceLevelDebugPkgTokenSpaceGuid.PcdDebugLoadImageMethod|0x2
> +!endif
> +
> + #
> + # The NumberOfPages values below are ad-hoc. They are updated sporadically at
> + # best (please refer to git-blame for past updates). The values capture a set
> + # of BIN hints that made sense at a particular time, for some (now likely
> + # unknown) workloads / boot paths.
> + #
> + gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x80
> + gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x10
> + gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x80
> + gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesCode|0x100
> + gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0x100
> +
> + # IRQs 5, 9, 10, 11 are level-triggered
> + gUefiOvmfPkgTokenSpaceGuid.Pcd8259LegacyModeEdgeLevel|0x0E20
> +
> + # Point to the MdeModulePkg/Application/UiApp/UiApp.inf
> + gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
> +
> +################################################################################
> +#
> +# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform
> +#
> +################################################################################
> +
> +[PcdsDynamicDefault]
> + gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved|0
> +
> + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64|0
> + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwWorkingBase|0
> + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase|0
> + gEfiMdeModulePkgTokenSpaceGuid.PcdPciDisableBusEnumeration|FALSE
> + gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution|800
> + gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution|600
> + gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable|FALSE
> + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId|0
> + gUefiOvmfPkgTokenSpaceGuid.PcdPciIoBase|0x0
> + gUefiOvmfPkgTokenSpaceGuid.PcdPciIoSize|0x0
> + gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio32Base|0x0
> + gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio32Size|0x0
> + gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Base|0x0
> + gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Size|0x800000000
> +
> + gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut|0
> +
> + # Set video resolution for text setup.
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoHorizontalResolution|640
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSetupVideoVerticalResolution|480
> +
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosVersion|0x0208
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSmbiosDocRev|0x0
> + gUefiOvmfPkgTokenSpaceGuid.PcdQemuSmbiosValidated|FALSE
> +
> + # Noexec settings for DXE.
> + gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
> +
> + # UefiCpuPkg PCDs related to initial AP bringup and general AP management.
> + gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64
> + gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber|0
> +
> + # Set memory encryption mask
> + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
> +
> + # Set SEV-ES defaults
> + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
> + gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0
> + gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|0
> +
> + gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
> +
> +!if $(TPM_ENABLE) == TRUE
> + gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
> +!endif
> +
> +[PcdsDynamicHii]
> +!if $(TPM_ENABLE) == TRUE && $(TPM_CONFIG_ENABLE) == TRUE
> + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
> + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
> +!endif
> +
> +################################################################################
> +#
> +# Components Section - list of all EDK II Modules needed by this Platform.
> +#
> +################################################################################
> +[Components]
> + OvmfPkg/ResetVector/ResetVector.inf
> +
> + #
> + # SEC Phase modules
> + #
> + OvmfPkg/Sec/SecMain.inf {
> + <LibraryClasses>
> + NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
> + }
> +
> + #
> + # PEI Phase modules
> + #
> + MdeModulePkg/Core/Pei/PeiMain.inf
> + MdeModulePkg/Universal/PCD/Pei/Pcd.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> + }
> + MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> + }
> + MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> + }
> + MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> +
> + OvmfPkg/PlatformPei/PlatformPei.inf
> + UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
> + UefiCpuPkg/CpuMpPei/CpuMpPei.inf
> +
> +!if $(TPM_ENABLE) == TRUE
> + OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
> + SecurityPkg/Tcg/TcgPei/TcgPei.inf
> + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
> + <LibraryClasses>
> + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
> + }
> +!endif
> +
> + #
> + # DXE Phase modules
> + #
> + MdeModulePkg/Core/Dxe/DxeMain.inf {
> + <LibraryClasses>
> + NULL|MdeModulePkg/Library/LzmaCustomDecompressLib/LzmaCustomDecompressLib.inf
> + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
> + }
> +
> + MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf
> + MdeModulePkg/Universal/StatusCodeHandler/RuntimeDxe/StatusCodeHandlerRuntimeDxe.inf
> + MdeModulePkg/Universal/PCD/Dxe/Pcd.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> + }
> +
> + MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
> +
> + MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
> + <LibraryClasses>
> +!if $(TPM_ENABLE) == TRUE
> + NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
> + NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
> +!endif
> + }
> +
> + MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
> + OvmfPkg/8259InterruptControllerDxe/8259.inf
> + UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
> + UefiCpuPkg/CpuDxe/CpuDxe.inf
> + OvmfPkg/8254TimerDxe/8254Timer.inf
> + OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.inf
> + OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
> + MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf {
> + <LibraryClasses>
> + PciHostBridgeLib|OvmfPkg/Library/PciHostBridgeLib/PciHostBridgeLib.inf
> + NULL|OvmfPkg/Library/PlatformHasIoMmuLib/PlatformHasIoMmuLib.inf
> + }
> + MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + }
> + MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
> + MdeModulePkg/Universal/Metronome/Metronome.inf
> + PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
> + MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
> + MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
> + MdeModulePkg/Logo/LogoDxe.inf
> + MdeModulePkg/Application/UiApp/UiApp.inf {
> + <LibraryClasses>
> + NULL|MdeModulePkg/Library/DeviceManagerUiLib/DeviceManagerUiLib.inf
> + NULL|MdeModulePkg/Library/BootManagerUiLib/BootManagerUiLib.inf
> + NULL|MdeModulePkg/Library/BootMaintenanceManagerUiLib/BootMaintenanceManagerUiLib.inf
> + }
> + OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
> + OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
> + OvmfPkg/Virtio10Dxe/Virtio10.inf
> + OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
> + OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
> + OvmfPkg/VirtioRngDxe/VirtioRng.inf
> + OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf
> + OvmfPkg/XenBusDxe/XenBusDxe.inf
> + OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf
> +!if $(PVSCSI_ENABLE) == TRUE
> + OvmfPkg/PvScsiDxe/PvScsiDxe.inf
> +!endif
> +!if $(MPT_SCSI_ENABLE) == TRUE
> + OvmfPkg/MptScsiDxe/MptScsiDxe.inf
> +!endif
> +!if $(LSI_SCSI_ENABLE) == TRUE
> + OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
> +!endif
> + MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
> + MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
> + MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
> + MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
> + MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
> + MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf {
> + <LibraryClasses>
> + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
> + }
> + MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
> + MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf {
> + <LibraryClasses>
> + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
> + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> + }
> + MdeModulePkg/Universal/PrintDxe/PrintDxe.inf
> + MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
> + MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
> + MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
> + MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
> + FatPkg/EnhancedFatDxe/Fat.inf
> + MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
> + MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
> + MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
> + OvmfPkg/SataControllerDxe/SataControllerDxe.inf
> + MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
> + MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
> + MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
> + MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
> + MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
> + MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
> + MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
> +
> + OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
> + OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
> + OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
> +
> + #
> + # ISA Support
> + #
> + OvmfPkg/SioBusDxe/SioBusDxe.inf
> + MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxe.inf
> + MdeModulePkg/Bus/Isa/Ps2KeyboardDxe/Ps2KeyboardDxe.inf
> +
> + #
> + # SMBIOS Support
> + #
> + MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf {
> + <LibraryClasses>
> + NULL|OvmfPkg/Library/SmbiosVersionLib/DetectSmbiosVersionLib.inf
> + }
> + OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf
> +
> + #
> + # ACPI Support
> + #
> + MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
> + OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
> + OvmfPkg/AcpiTables/AcpiTables.inf
> + MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
> + MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
> + MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
> +
> + #
> + # Usb Support
> + #
> + MdeModulePkg/Bus/Pci/UhciDxe/UhciDxe.inf
> + MdeModulePkg/Bus/Pci/EhciDxe/EhciDxe.inf
> + MdeModulePkg/Bus/Pci/XhciDxe/XhciDxe.inf
> + MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf
> + MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
> + MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
> +
> +!if $(TOOL_CHAIN_TAG) != "XCODE5"
> + OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf {
> + <PcdsFixedAtBuild>
> + gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
> + }
> +!endif
> + ShellPkg/Application/Shell/Shell.inf {
> + <LibraryClasses>
> + ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
> + NULL|ShellPkg/Library/UefiShellLevel2CommandsLib/UefiShellLevel2CommandsLib.inf
> + NULL|ShellPkg/Library/UefiShellLevel1CommandsLib/UefiShellLevel1CommandsLib.inf
> + NULL|ShellPkg/Library/UefiShellLevel3CommandsLib/UefiShellLevel3CommandsLib.inf
> + NULL|ShellPkg/Library/UefiShellDriver1CommandsLib/UefiShellDriver1CommandsLib.inf
> + NULL|ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLib.inf
> + NULL|ShellPkg/Library/UefiShellInstall1CommandsLib/UefiShellInstall1CommandsLib.inf
> + HandleParsingLib|ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.inf
> + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
> + BcfgCommandLib|ShellPkg/Library/UefiShellBcfgCommandLib/UefiShellBcfgCommandLib.inf
> +
> + <PcdsFixedAtBuild>
> + gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0xFF
> + gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
> + gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|8000
> + }
> +
> + OvmfPkg/PlatformDxe/Platform.inf
> + OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> + OvmfPkg/IoMmuDxe/IoMmuDxe.inf
> +
> + #
> + # Variable driver stack (non-SMM)
> + #
> + OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
> + OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf {
> + <LibraryClasses>
> + PlatformFvbLib|OvmfPkg/Library/EmuVariableFvbLib/EmuVariableFvbLib.inf
> + }
> + MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
> + MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
> + <LibraryClasses>
> + NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
> + }
> +
> + #
> + # TPM support
> + #
> +!if $(TPM_ENABLE) == TRUE
> + SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
> + <LibraryClasses>
> + Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
> + NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
> + HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf
> + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf
> + }
> +!if $(TPM_CONFIG_ENABLE) == TRUE
> + SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> + SecurityPkg/Tcg/TcgDxe/TcgDxe.inf {
> + <LibraryClasses>
> + Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
> + }
> +!endif
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
> new file mode 100644
> index 000000000000..b884166771f0
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
> @@ -0,0 +1,450 @@
> +## @file
> +# Open Virtual Machine Firmware: FDF
> +#
> +# Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
> +# (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
> +#
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +################################################################################
> +
> +[Defines]
> +!include OvmfPkg/OvmfPkgDefines.fdf.inc
> +
> +#
> +# Build the variable store and the firmware code as one unified flash device
> +# image.
> +#
> +[FD.OVMF]
> +BaseAddress = $(FW_BASE_ADDRESS)
> +Size = $(FW_SIZE)
> +ErasePolarity = 1
> +BlockSize = $(BLOCK_SIZE)
> +NumBlocks = $(FW_BLOCKS)
> +
> +!include OvmfPkg/VarStore.fdf.inc
> +
> +$(VARS_SIZE)|$(FVMAIN_SIZE)
> +FV = FVMAIN_COMPACT
> +
> +$(SECFV_OFFSET)|$(SECFV_SIZE)
> +FV = SECFV
> +
> +################################################################################
> +
> +[FD.MEMFD]
> +BaseAddress = $(MEMFD_BASE_ADDRESS)
> +Size = 0xD00000
> +ErasePolarity = 1
> +BlockSize = 0x10000
> +NumBlocks = 0xD0
> +
> +0x000000|0x006000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
> +
> +0x006000|0x001000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfLockBoxStorageSize
> +
> +0x007000|0x001000
> +gEfiMdePkgTokenSpaceGuid.PcdGuidedExtractHandlerTableAddress|gUefiOvmfPkgTokenSpaceGuid.PcdGuidedExtractHandlerTableSize
> +
> +0x008000|0x001000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableSize
> +
> +0x009000|0x002000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
> +
> +0x00B000|0x001000
> +gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
> +
> +0x010000|0x010000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
> +
> +0x020000|0x0E0000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
> +FV = PEIFV
> +
> +0x100000|0xC00000
> +gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
> +FV = DXEFV
> +
> +################################################################################
> +
> +[FV.SECFV]
> +FvNameGuid = 763BED0D-DE9F-48F5-81F1-3E90E1B1A015
> +BlockSize = 0x1000
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +#
> +# SEC Phase modules
> +#
> +# The code in this FV handles the initial firmware startup, and
> +# decompresses the PEI and DXE FVs which handles the rest of the boot sequence.
> +#
> +INF OvmfPkg/Sec/SecMain.inf
> +
> +INF RuleOverride=RESET_VECTOR OvmfPkg/ResetVector/ResetVector.inf
> +
> +################################################################################
> +[FV.PEIFV]
> +FvNameGuid = 6938079B-B503-4E3D-9D24-B28337A25806
> +BlockSize = 0x10000
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +APRIORI PEI {
> + INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf
> +}
> +
> +#
> +# PEI Phase modules
> +#
> +INF MdeModulePkg/Core/Pei/PeiMain.inf
> +INF MdeModulePkg/Universal/PCD/Pei/Pcd.inf
> +INF MdeModulePkg/Universal/ReportStatusCodeRouter/Pei/ReportStatusCodeRouterPei.inf
> +INF MdeModulePkg/Universal/StatusCodeHandler/Pei/StatusCodeHandlerPei.inf
> +INF OvmfPkg/PlatformPei/PlatformPei.inf
> +INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
> +INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf
> +INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf
> +
> +!if $(TPM_ENABLE) == TRUE
> +INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
> +INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
> +INF SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> +!endif
> +
> +################################################################################
> +
> +[FV.DXEFV]
> +FvForceRebase = FALSE
> +FvNameGuid = 7CB8BDC9-F8EB-4F34-AAEA-3EE4AF6516A1
> +BlockSize = 0x10000
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +APRIORI DXE {
> + INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
> + INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
> + INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> + INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
> +}
> +
> +#
> +# DXE Phase modules
> +#
> +INF MdeModulePkg/Core/Dxe/DxeMain.inf
> +
> +INF MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf
> +INF MdeModulePkg/Universal/StatusCodeHandler/RuntimeDxe/StatusCodeHandlerRuntimeDxe.inf
> +INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
> +
> +INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
> +INF MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
> +INF MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
> +INF OvmfPkg/8259InterruptControllerDxe/8259.inf
> +INF UefiCpuPkg/CpuIo2Dxe/CpuIo2Dxe.inf
> +INF UefiCpuPkg/CpuDxe/CpuDxe.inf
> +INF OvmfPkg/8254TimerDxe/8254Timer.inf
> +INF OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.inf
> +INF OvmfPkg/PciHotPlugInitDxe/PciHotPlugInit.inf
> +INF MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf
> +INF MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf
> +INF MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
> +INF MdeModulePkg/Universal/Metronome/Metronome.inf
> +INF PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
> +
> +INF OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
> +INF OvmfPkg/Virtio10Dxe/Virtio10.inf
> +INF OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
> +INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
> +INF OvmfPkg/VirtioRngDxe/VirtioRng.inf
> +INF OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf
> +INF OvmfPkg/XenBusDxe/XenBusDxe.inf
> +INF OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf
> +!if $(PVSCSI_ENABLE) == TRUE
> +INF OvmfPkg/PvScsiDxe/PvScsiDxe.inf
> +!endif
> +!if $(MPT_SCSI_ENABLE) == TRUE
> +INF OvmfPkg/MptScsiDxe/MptScsiDxe.inf
> +!endif
> +!if $(LSI_SCSI_ENABLE) == TRUE
> +INF OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
> +!endif
> +
> +INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
> +INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
> +INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
> +INF MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
> +INF MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf
> +INF MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf
> +INF MdeModulePkg/Universal/Console/TerminalDxe/TerminalDxe.inf
> +INF MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
> +INF MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
> +INF MdeModulePkg/Application/UiApp/UiApp.inf
> +INF OvmfPkg/QemuKernelLoaderFsDxe/QemuKernelLoaderFsDxe.inf
> +INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
> +INF MdeModulePkg/Universal/PrintDxe/PrintDxe.inf
> +INF MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
> +INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
> +INF MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
> +INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
> +INF MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
> +INF MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
> +INF OvmfPkg/SataControllerDxe/SataControllerDxe.inf
> +INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
> +INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
> +INF MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf
> +INF MdeModulePkg/Universal/HiiDatabaseDxe/HiiDatabaseDxe.inf
> +INF MdeModulePkg/Universal/SetupBrowserDxe/SetupBrowserDxe.inf
> +INF MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf
> +INF MdeModulePkg/Universal/MemoryTest/NullMemoryTestDxe/NullMemoryTestDxe.inf
> +
> +INF OvmfPkg/SioBusDxe/SioBusDxe.inf
> +!if $(SOURCE_DEBUG_ENABLE) == FALSE
> +INF MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxe.inf
> +!endif
> +INF MdeModulePkg/Bus/Isa/Ps2KeyboardDxe/Ps2KeyboardDxe.inf
> +
> +INF MdeModulePkg/Universal/SmbiosDxe/SmbiosDxe.inf
> +INF OvmfPkg/SmbiosPlatformDxe/SmbiosPlatformDxe.inf
> +
> +INF MdeModulePkg/Universal/Acpi/AcpiTableDxe/AcpiTableDxe.inf
> +INF OvmfPkg/AcpiPlatformDxe/AcpiPlatformDxe.inf
> +INF RuleOverride=ACPITABLE OvmfPkg/AcpiTables/AcpiTables.inf
> +INF MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
> +INF MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
> +INF MdeModulePkg/Universal/Acpi/BootGraphicsResourceTableDxe/BootGraphicsResourceTableDxe.inf
> +
> +INF FatPkg/EnhancedFatDxe/Fat.inf
> +INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf
> +
> +!if $(TOOL_CHAIN_TAG) != "XCODE5"
> +INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
> +!endif
> +INF ShellPkg/Application/Shell/Shell.inf
> +
> +INF MdeModulePkg/Logo/LogoDxe.inf
> +
> +#
> +# Usb Support
> +#
> +INF MdeModulePkg/Bus/Pci/UhciDxe/UhciDxe.inf
> +INF MdeModulePkg/Bus/Pci/EhciDxe/EhciDxe.inf
> +INF MdeModulePkg/Bus/Pci/XhciDxe/XhciDxe.inf
> +INF MdeModulePkg/Bus/Usb/UsbBusDxe/UsbBusDxe.inf
> +INF MdeModulePkg/Bus/Usb/UsbKbDxe/UsbKbDxe.inf
> +INF MdeModulePkg/Bus/Usb/UsbMassStorageDxe/UsbMassStorageDxe.inf
> +
> +INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
> +
> +INF OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
> +INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
> +INF OvmfPkg/PlatformDxe/Platform.inf
> +INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
> +INF OvmfPkg/IoMmuDxe/IoMmuDxe.inf
> +
> +
> +#
> +# Variable driver stack (non-SMM)
> +#
> +INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
> +INF OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
> +INF MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf
> +INF MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> +
> +#
> +# TPM support
> +#
> +!if $(TPM_ENABLE) == TRUE
> +INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
> +INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
> +!if $(TPM_CONFIG_ENABLE) == TRUE
> +INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
> +!endif
> +!endif
> +
> +################################################################################
> +
> +[FV.FVMAIN_COMPACT]
> +FvNameGuid = 48DB5E17-707C-472D-91CD-1613E7EF51B0
> +FvAlignment = 16
> +ERASE_POLARITY = 1
> +MEMORY_MAPPED = TRUE
> +STICKY_WRITE = TRUE
> +LOCK_CAP = TRUE
> +LOCK_STATUS = TRUE
> +WRITE_DISABLED_CAP = TRUE
> +WRITE_ENABLED_CAP = TRUE
> +WRITE_STATUS = TRUE
> +WRITE_LOCK_CAP = TRUE
> +WRITE_LOCK_STATUS = TRUE
> +READ_DISABLED_CAP = TRUE
> +READ_ENABLED_CAP = TRUE
> +READ_STATUS = TRUE
> +READ_LOCK_CAP = TRUE
> +READ_LOCK_STATUS = TRUE
> +
> +FILE FV_IMAGE = 9E21FD93-9C72-4c15-8C4B-E77F1DB2D792 {
> + SECTION GUIDED EE4E5898-3914-4259-9D6E-DC7BD79403CF PROCESSING_REQUIRED = TRUE {
> + #
> + # These firmware volumes will have files placed in them uncompressed,
> + # and then both firmware volumes will be compressed in a single
> + # compression operation in order to achieve better overall compression.
> + #
> + SECTION FV_IMAGE = PEIFV
> + SECTION FV_IMAGE = DXEFV
> + }
> + }
> +
> +!include OvmfPkg/FvmainCompactScratchEnd.fdf.inc
> +
> +################################################################################
> +
> +[Rule.Common.SEC]
> + FILE SEC = $(NAMED_GUID) {
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING ="$(MODULE_NAME)" Optional
> + VERSION STRING ="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.PEI_CORE]
> + FILE PEI_CORE = $(NAMED_GUID) {
> + PE32 PE32 Align=Auto $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING ="$(MODULE_NAME)" Optional
> + VERSION STRING ="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.PEIM]
> + FILE PEIM = $(NAMED_GUID) {
> + PEI_DEPEX PEI_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 Align=Auto $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.DXE_CORE]
> + FILE DXE_CORE = $(NAMED_GUID) {
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.DXE_DRIVER]
> + FILE DRIVER = $(NAMED_GUID) {
> + DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + RAW ACPI Optional |.acpi
> + RAW ASL Optional |.aml
> + }
> +
> +[Rule.Common.DXE_RUNTIME_DRIVER]
> + FILE DRIVER = $(NAMED_GUID) {
> + DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.UEFI_DRIVER]
> + FILE DRIVER = $(NAMED_GUID) {
> + DXE_DEPEX DXE_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.UEFI_DRIVER.BINARY]
> + FILE DRIVER = $(NAMED_GUID) {
> + DXE_DEPEX DXE_DEPEX Optional |.depex
> + PE32 PE32 |.efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.UEFI_APPLICATION]
> + FILE APPLICATION = $(NAMED_GUID) {
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.UEFI_APPLICATION.BINARY]
> + FILE APPLICATION = $(NAMED_GUID) {
> + PE32 PE32 |.efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.USER_DEFINED.ACPITABLE]
> + FILE FREEFORM = $(NAMED_GUID) {
> + RAW ACPI |.acpi
> + RAW ASL |.aml
> + }
> +
> +[Rule.Common.SEC.RESET_VECTOR]
> + FILE RAW = $(NAMED_GUID) {
> + RAW BIN Align = 16 |.bin
> + }
> +
> +[Rule.Common.SMM_CORE]
> + FILE SMM_CORE = $(NAMED_GUID) {
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
> +
> +[Rule.Common.DXE_SMM_DRIVER]
> + FILE SMM = $(NAMED_GUID) {
> + SMM_DEPEX SMM_DEPEX Optional $(INF_OUTPUT)/$(MODULE_NAME).depex
> + PE32 PE32 $(INF_OUTPUT)/$(MODULE_NAME).efi
> + UI STRING="$(MODULE_NAME)" Optional
> + VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
> + }
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 3/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package
2020-11-30 20:28 ` [PATCH v3 3/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package James Bottomley
@ 2020-12-03 8:39 ` Laszlo Ersek
0 siblings, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-03 8:39 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 11/30/20 21:28, James Bottomley wrote:
> This is used to package up the grub bootloader into a firmware volume
> where it can be executed as a shell like the UEFI Shell. Grub itself
> is built as a minimal entity into a Fv and then added as a boot
> option. By default the UEFI shell isn't built but for debugging
> purposes it can be enabled and will then be presented as a boot option
> (This should never be allowed for secure boot in an external data
> centre but may be useful for local debugging). Finally all other boot
> options except grub and possibly the shell are stripped and the boot
> timeout forced to 0 so the system will not enter a setup menu and will
> only boot to grub. This is done by copying the
> Library/PlatformBootManagerLib into Library/PlatformBootManagerLibGrub
> and then customizing it.
>
> Boot failure is fatal to try to prevent secret theft.
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>
> ---
>
> v2: strip out s3 and qemu boot contacts make grub script robust and
> don't build grub.efi each time
> v3: add copyrights, untabify grub.sh, strip more from PlatformBootLibGrub.
> ---
> OvmfPkg/OvmfPkg.dec | 1 +
> OvmfPkg/AmdSev/AmdSevX64.dsc | 21 +-
> OvmfPkg/AmdSev/AmdSevX64.fdf | 7 +-
> OvmfPkg/AmdSev/Grub/Grub.inf | 39 +
> .../PlatformBootManagerLibGrub.inf | 71 +
> .../PlatformBootManagerLibGrub/BdsPlatform.h | 175 ++
> .../PlatformBootManagerLibGrub/BdsPlatform.c | 1482 +++++++++++++++++
> .../PlatformBootManagerLibGrub/PlatformData.c | 214 +++
> OvmfPkg/AmdSev/Grub/.gitignore | 1 +
> OvmfPkg/AmdSev/Grub/grub.cfg | 46 +
> OvmfPkg/AmdSev/Grub/grub.sh | 93 ++
> 11 files changed, 2141 insertions(+), 9 deletions(-)
> create mode 100644 OvmfPkg/AmdSev/Grub/Grub.inf
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformBootManagerLibGrub.inf
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.h
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/BdsPlatform.c
> create mode 100644 OvmfPkg/Library/PlatformBootManagerLibGrub/PlatformData.c
> create mode 100644 OvmfPkg/AmdSev/Grub/.gitignore
> create mode 100644 OvmfPkg/AmdSev/Grub/grub.cfg
> create mode 100644 OvmfPkg/AmdSev/Grub/grub.sh
[...]
> +VOID
> +EFIAPI
> +PlatformBootManagerBeforeConsole (
> + VOID
> + )
> +{
> + EFI_HANDLE Handle;
> + EFI_STATUS Status;
> + UINT16 FrontPageTimeout = 0;
(1) initialization of local variables is not permitted in the edk2
coding style; but we can fix this up at merge time.
(also now I understand why you kept gEfiGlobalVariableGuid and
UefiRuntimeServicesTableLib)
> +
> + DEBUG ((DEBUG_INFO, "PlatformBootManagerBeforeConsole\n"));
> + InstallDevicePathCallback ();
> +
> + VisitAllInstancesOfProtocol (&gEfiPciRootBridgeIoProtocolGuid,
> + ConnectRootBridge, NULL);
> +
> + //
> + // Signal the ACPI platform driver that it can download QEMU ACPI tables.
> + //
> + EfiEventGroupSignal (&gRootBridgesConnectedEventGroupGuid);
> +
> + //
> + // We can't signal End-of-Dxe earlier than this. Namely, End-of-Dxe triggers
> + // the preparation of S3 system information. That logic has a hard dependency
> + // on the presence of the FACS ACPI table. Since our ACPI tables are only
> + // installed after PCI enumeration completes, we must not trigger the S3 save
> + // earlier, hence we can't signal End-of-Dxe earlier.
> + //
> + EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);
> +
> + //
> + // Prevent further changes to LockBoxes or SMRAM.
> + //
> + Handle = NULL;
> + Status = gBS->InstallProtocolInterface (&Handle,
> + &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE,
> + NULL);
> + ASSERT_EFI_ERROR (Status);
> +
> + //
> + // Dispatch deferred images after EndOfDxe event and ReadyToLock
> + // installation.
> + //
> + EfiBootManagerDispatchDeferredImages ();
> +
> + PlatformInitializeConsole (gPlatformConsole);
> +
> + Status = gRT->SetVariable (
> + EFI_TIME_OUT_VARIABLE_NAME,
> + &gEfiGlobalVariableGuid,
> + (EFI_VARIABLE_NON_VOLATILE |
> + EFI_VARIABLE_BOOTSERVICE_ACCESS |
> + EFI_VARIABLE_RUNTIME_ACCESS),
> + sizeof FrontPageTimeout,
> + &FrontPageTimeout
> + );
> + //
> + // Install both VIRTIO_DEVICE_PROTOCOL and (dependent) EFI_RNG_PROTOCOL
> + // instances on Virtio PCI RNG devices.
> + //
> + VisitAllInstancesOfProtocol (&gEfiPciIoProtocolGuid, ConnectVirtioPciRng,
> + NULL);
> +}
[...]
with (1) fixed:
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Thanks!
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd
2020-11-30 20:28 ` [PATCH v3 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd James Bottomley
@ 2020-12-03 8:42 ` Laszlo Ersek
0 siblings, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-03 8:42 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 11/30/20 21:28, James Bottomley wrote:
> SEV needs an area to place an injected secret where OVMF can find it
> and pass it up as a ConfigurationTable. This patch implements the
> area itself as an addition to the SEV enhanced reset vector table using
> an additional guid (4c2eb361-7d9b-4cc3-8081-127c90d3d294).
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>
> ---
>
> v2: move guid to OVMF token space, separate patches
> v3: comment rewording
>
> SEV Secret
> ---
> OvmfPkg/OvmfPkg.dec | 6 ++++++
> OvmfPkg/ResetVector/ResetVector.inf | 4 ++++
> OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 19 +++++++++++++++++++
> OvmfPkg/ResetVector/ResetVector.nasmb | 2 ++
> 4 files changed, 31 insertions(+)
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> index 3fbf7a0ee1a4..7d27f8e16040 100644
> --- a/OvmfPkg/OvmfPkg.dec
> +++ b/OvmfPkg/OvmfPkg.dec
> @@ -304,6 +304,12 @@ [PcdsFixedAtBuild]
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|0|UINT32|0x40
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize|0|UINT32|0x41
>
> + ## The base address and size of the SEV Launch Secret Area provisioned
> + # after remote attestation. If this is set in the .fdf, the platform
> + # is responsible for protecting the area from DXE phase overwrites.
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43
> +
> [PcdsDynamic, PcdsDynamicEx]
> gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
> diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf
> index a53ae6c194ae..dc38f68919cd 100644
> --- a/OvmfPkg/ResetVector/ResetVector.inf
> +++ b/OvmfPkg/ResetVector/ResetVector.inf
> @@ -43,3 +43,7 @@ [Pcd]
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
> +
> +[FixedPcd]
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> index 9e0a74fddfc1..5c6df5ee1a31 100644
> --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> +++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> @@ -47,6 +47,25 @@ TIMES (15 - ((guidedStructureEnd - guidedStructureStart + 15) % 16)) DB 0
> ;
> guidedStructureStart:
>
> +;
> +; SEV Secret block
> +;
> +; This describes the guest ram area where the hypervisor may should
> +; inject the secret. The data format is:
> +;
> +; base physical address (32 bit word)
> +; table length (32 bit word)
> +;
> +; GUID (SEV secret block): 4c2eb361-7d9b-4cc3-8081-127c90d3d294
> +;
(1) s/may should/should/, but we can fix this up at merge.
The syntax updates look great otherwise, so my R-b stands.
Thanks!
Laszlo
> +sevSecretBlockStart:
> + DD SEV_LAUNCH_SECRET_BASE
> + DD SEV_LAUNCH_SECRET_SIZE
> + DW sevSecretBlockEnd - sevSecretBlockStart
> + DB 0x61, 0xB3, 0x2E, 0x4C, 0x9B, 0x7D, 0xC3, 0x4C
> + DB 0x80, 0x81, 0x12, 0x7C, 0x90, 0xD3, 0xD2, 0x94
> +sevSecretBlockEnd:
> +
> ;
> ; SEV-ES Processor Reset support
> ;
> diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
> index 4913b379a993..c5e0fe93abf4 100644
> --- a/OvmfPkg/ResetVector/ResetVector.nasmb
> +++ b/OvmfPkg/ResetVector/ResetVector.nasmb
> @@ -83,5 +83,7 @@
> %include "Main.asm"
>
> %define SEV_ES_AP_RESET_IP FixedPcdGet32 (PcdSevEsWorkAreaBase)
> + %define SEV_LAUNCH_SECRET_BASE FixedPcdGet32 (PcdSevLaunchSecretBase)
> + %define SEV_LAUNCH_SECRET_SIZE FixedPcdGet32 (PcdSevLaunchSecretSize)
> %include "Ia16/ResetVectorVtf0.asm"
>
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-11-30 20:28 ` [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table James Bottomley
@ 2020-12-03 8:46 ` Laszlo Ersek
2020-12-09 12:02 ` Yao, Jiewen
1 sibling, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-03 8:46 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 11/30/20 21:28, James Bottomley wrote:
> Now that the secret area is protected by a boot time HOB, extract its
> location details into a configuration table referenced by
> gSevLaunchSecretGuid so the boot loader or OS can locate it before a
> call to ExitBootServices().
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> ---
> OvmfPkg/OvmfPkg.dec | 1 +
> OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
> OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf | 37 ++++++++++++++++++++++++++
> OvmfPkg/Include/Guid/SevLaunchSecret.h | 28 +++++++++++++++++++
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 26 ++++++++++++++++++
> 6 files changed, 94 insertions(+)
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> create mode 100644 OvmfPkg/Include/Guid/SevLaunchSecret.h
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> index 7d27f8e16040..8a294116efaa 100644
> --- a/OvmfPkg/OvmfPkg.dec
> +++ b/OvmfPkg/OvmfPkg.dec
> @@ -117,6 +117,7 @@ [Guids]
> gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
> gQemuKernelLoaderFsMediaGuid = {0x1428f772, 0xb64a, 0x441e, {0xb8, 0xc3, 0x9e, 0xbd, 0xd7, 0xf8, 0x93, 0xc7}}
> gGrubFileGuid = {0xb5ae312c, 0xbc8a, 0x43b1, {0x9c, 0x62, 0xeb, 0xb8, 0x26, 0xdd, 0x5d, 0x07}}
> + gSevLaunchSecretGuid = {0xadf956ad, 0xe98c, 0x484c, {0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47}}
>
> [Ppis]
> # PPI whose presence in the PPI database signals that the TPM base address
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
> index e9c522bedad9..bb7697eb324b 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
> @@ -778,6 +778,7 @@ [Components]
> gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
> }
> !endif
> + OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> OvmfPkg/AmdSev/Grub/Grub.inf
> !if $(BUILD_SHELL) == TRUE
> ShellPkg/Application/Shell/Shell.inf {
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
> index b2656a1cf6fc..e8fd4b8c7b89 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.fdf
> +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
> @@ -269,6 +269,7 @@ [FV.DXEFV]
> !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
> INF OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellCommand.inf
> !endif
> +INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> INF OvmfPkg/AmdSev/Grub/Grub.inf
> !if $(BUILD_SHELL) == TRUE
> INF ShellPkg/Application/Shell/Shell.inf
> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> new file mode 100644
> index 000000000000..62ab00a3d382
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> @@ -0,0 +1,37 @@
> +## @file
> +# Sev Secret configuration Table installer
> +#
> +# Copyright (C) 2020 James Bottomley, IBM Corporation.
> +#
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +[Defines]
> + INF_VERSION = 0x00010005
> + BASE_NAME = SecretDxe
> + FILE_GUID = 6e2b9619-8810-4e9d-a177-d432bb9abeda
> + MODULE_TYPE = DXE_DRIVER
> + VERSION_STRING = 1.0
> + ENTRY_POINT = InitializeSecretDxe
> +
> +[Sources]
> + SecretDxe.c
> +
> +[Packages]
> + OvmfPkg/OvmfPkg.dec
> + MdePkg/MdePkg.dec
> +
> +[LibraryClasses]
> + UefiBootServicesTableLib
> + UefiDriverEntryPoint
> +
> +[Guids]
> + gSevLaunchSecretGuid
> +
> +[FixedPcd]
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
> +
> +[Depex]
> + TRUE
> diff --git a/OvmfPkg/Include/Guid/SevLaunchSecret.h b/OvmfPkg/Include/Guid/SevLaunchSecret.h
> new file mode 100644
> index 000000000000..fa5f3830bc2b
> --- /dev/null
> +++ b/OvmfPkg/Include/Guid/SevLaunchSecret.h
> @@ -0,0 +1,28 @@
> + /** @file
> + UEFI Configuration Table for exposing the SEV Launch Secret location to UEFI
> + applications (boot loaders).
> +
> + Copyright (C) 2020 James Bottomley, IBM Corporation.
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> + **/
> +
> +#ifndef SEV_LAUNCH_SECRET_H_
> +#define SEV_LAUNCH_SECRET_H_
> +
> +#include <Uefi/UefiBaseType.h>
> +
> +#define SEV_LAUNCH_SECRET_GUID \
> + { 0xadf956ad, \
> + 0xe98c, \
> + 0x484c, \
> + { 0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47 }, \
> + }
> +
> +typedef struct {
> + UINT32 Base;
> + UINT32 Size;
> +} SEV_LAUNCH_SECRET_LOCATION;
> +
> +extern EFI_GUID gSevLaunchSecretGuid;
> +
> +#endif // SEV_LAUNCH_SECRET_H_
> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> new file mode 100644
> index 000000000000..d8cc9b00946a
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> @@ -0,0 +1,26 @@
> +/** @file
> + SEV Secret configuration table constructor
> +
> + Copyright (C) 2020 James Bottomley, IBM Corporation.
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +**/
> +#include <PiDxe.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Guid/SevLaunchSecret.h>
> +
> +STATIC SEV_LAUNCH_SECRET_LOCATION mSecretDxeTable = {
> + FixedPcdGet32 (PcdSevLaunchSecretBase),
> + FixedPcdGet32 (PcdSevLaunchSecretSize),
> +};
> +
> +EFI_STATUS
> +EFIAPI
> +InitializeSecretDxe(
> + IN EFI_HANDLE ImageHandle,
> + IN EFI_SYSTEM_TABLE *SystemTable
> + )
> +{
> + return gBS->InstallConfigurationTable (&gSevLaunchSecretGuid,
> + &mSecretDxeTable
> + );
> +}
>
(1) The indentation is still not correct; it should be
return gBS->InstallConfigurationTable (
&gSevLaunchSecretGuid,
&mSecretDxeTable
);
note that the args are indented two spaces relative to the function
pointer field called "InstallConfigurationTable".
But, this can be fixed up at merge.
Now, please let me fetch my email; I'll go through any new comments I
may not have seen yet, and then I'll merge this.
Thanks!
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
` (7 preceding siblings ...)
2020-12-01 8:05 ` Laszlo Ersek
@ 2020-12-03 12:26 ` Laszlo Ersek
2020-12-03 14:27 ` James Bottomley
8 siblings, 1 reply; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-03 12:26 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
Hi James,
On 11/30/20 21:28, James Bottomley wrote:
> v3:
>
> - More grub and boot stripping (I think I got everything out, but
> there may be something that strayed in the boot panic resolution).
> - grub.sh tidy up with tabs->spaces.
> - Move the reset vector GUIDisation patch to the front so it can be
> applied independently
> - Update the .dsc and .fdf files for variable policy
In preparation for submitting the github PR for merging this series, I
first ran PatchCheck.py locally.
It doesn't like that I converted "OvmfPkg/AmdSev/Grub/grub.cfg" to LF,
in addition to "OvmfPkg/AmdSev/Grub/grub.sh".
PatchCheck.py recognizes the ".sh" suffix, so it's not complaining about
"OvmfPkg/AmdSev/Grub/grub.sh". But, the config file is a problem.
Can you please confirm that grub works fine if the config file has CRLF
line terminators? Because then I'll just convert the config file back to
CRLF, and merge the series.
Otherwise, we'll need a patch for "BaseTools/Scripts/PatchCheck.py", to
treat "grub.cfg" as another exception.
Thanks!
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-03 12:26 ` [edk2-devel] " Laszlo Ersek
@ 2020-12-03 14:27 ` James Bottomley
2020-12-04 0:46 ` Laszlo Ersek
0 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-12-03 14:27 UTC (permalink / raw)
To: devel, lersek
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On Thu, 2020-12-03 at 13:26 +0100, Laszlo Ersek wrote:
> Hi James,
>
> On 11/30/20 21:28, James Bottomley wrote:
> > v3:
> >
> > - More grub and boot stripping (I think I got everything out, but
> > there may be something that strayed in the boot panic
> > resolution).
> > - grub.sh tidy up with tabs->spaces.
> > - Move the reset vector GUIDisation patch to the front so it can be
> > applied independently
> > - Update the .dsc and .fdf files for variable policy
>
> In preparation for submitting the github PR for merging this series,
> I first ran PatchCheck.py locally.
>
> It doesn't like that I converted "OvmfPkg/AmdSev/Grub/grub.cfg" to
> LF, in addition to "OvmfPkg/AmdSev/Grub/grub.sh".
>
> PatchCheck.py recognizes the ".sh" suffix, so it's not complaining
> about "OvmfPkg/AmdSev/Grub/grub.sh". But, the config file is a
> problem.
>
> Can you please confirm that grub works fine if the config file has
> CRLF line terminators? Because then I'll just convert the config file
> back to CRLF, and merge the series.
I converted the entire file with unix2dos and grub does seem to be fine
with the CRLF line endings (probably because it wants to be a boot
loader beyond linux), so I think converting the file to CRLF is the
right way to go.
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-03 14:27 ` James Bottomley
@ 2020-12-04 0:46 ` Laszlo Ersek
2020-12-04 1:05 ` James Bottomley
0 siblings, 1 reply; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-04 0:46 UTC (permalink / raw)
To: devel, jejb
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 12/03/20 15:27, James Bottomley wrote:
> On Thu, 2020-12-03 at 13:26 +0100, Laszlo Ersek wrote:
>> Hi James,
>>
>> On 11/30/20 21:28, James Bottomley wrote:
>>> v3:
>>>
>>> - More grub and boot stripping (I think I got everything out, but
>>> there may be something that strayed in the boot panic
>>> resolution).
>>> - grub.sh tidy up with tabs->spaces.
>>> - Move the reset vector GUIDisation patch to the front so it can be
>>> applied independently
>>> - Update the .dsc and .fdf files for variable policy
>>
>> In preparation for submitting the github PR for merging this series,
>> I first ran PatchCheck.py locally.
>>
>> It doesn't like that I converted "OvmfPkg/AmdSev/Grub/grub.cfg" to
>> LF, in addition to "OvmfPkg/AmdSev/Grub/grub.sh".
>>
>> PatchCheck.py recognizes the ".sh" suffix, so it's not complaining
>> about "OvmfPkg/AmdSev/Grub/grub.sh". But, the config file is a
>> problem.
>>
>> Can you please confirm that grub works fine if the config file has
>> CRLF line terminators? Because then I'll just convert the config file
>> back to CRLF, and merge the series.
>
> I converted the entire file with unix2dos and grub does seem to be fine
> with the CRLF line endings (probably because it wants to be a boot
> loader beyond linux), so I think converting the file to CRLF is the
> right way to go.
I submitted PR <https://github.com/tianocore/edk2/pull/1175>, but it was
rejected due to ECC failures.
I think we all need to have a serious talk about ECC. I'll send a
separate email.
I'm really sorry.
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-04 0:46 ` Laszlo Ersek
@ 2020-12-04 1:05 ` James Bottomley
2020-12-04 1:55 ` Laszlo Ersek
0 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-12-04 1:05 UTC (permalink / raw)
To: Laszlo Ersek, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On Fri, 2020-12-04 at 01:46 +0100, Laszlo Ersek wrote:
> On 12/03/20 15:27, James Bottomley wrote:
> > On Thu, 2020-12-03 at 13:26 +0100, Laszlo Ersek wrote:
> > > Hi James,
> > >
> > > On 11/30/20 21:28, James Bottomley wrote:
> > > > v3:
> > > >
> > > > - More grub and boot stripping (I think I got everything out,
> > > > but there may be something that strayed in the boot panic
> > > > resolution).
> > > > - grub.sh tidy up with tabs->spaces.
> > > > - Move the reset vector GUIDisation patch to the front so it
> > > > can be applied independently
> > > > - Update the .dsc and .fdf files for variable policy
> > >
> > > In preparation for submitting the github PR for merging this
> > > series, I first ran PatchCheck.py locally.
> > >
> > > It doesn't like that I converted "OvmfPkg/AmdSev/Grub/grub.cfg"
> > > to LF, in addition to "OvmfPkg/AmdSev/Grub/grub.sh".
> > >
> > > PatchCheck.py recognizes the ".sh" suffix, so it's not
> > > complaining about "OvmfPkg/AmdSev/Grub/grub.sh". But, the config
> > > file is a problem.
> > >
> > > Can you please confirm that grub works fine if the config file
> > > has CRLF line terminators? Because then I'll just convert the
> > > config file back to CRLF, and merge the series.
> >
> > I converted the entire file with unix2dos and grub does seem to be
> > fine with the CRLF line endings (probably because it wants to be a
> > boot loader beyond linux), so I think converting the file to CRLF
> > is the right way to go.
>
> I submitted PR <https://github.com/tianocore/edk2/pull/1175>;, but it
> was rejected due to ECC failures.
>
> I think we all need to have a serious talk about ECC. I'll send a
> separate email.
>
> I'm really sorry.
Is it just complaining that gGrubFileGuid is the same as the FILE_GUID
in Grub.inf (as the comment in Grub.inf says) but it shouldn't be, so
the fix is to remove the comment and generate a new FILE_GUID for
Grub.inf?
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-04 1:05 ` James Bottomley
@ 2020-12-04 1:55 ` Laszlo Ersek
2020-12-04 2:01 ` Laszlo Ersek
0 siblings, 1 reply; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-04 1:55 UTC (permalink / raw)
To: jejb, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 12/04/20 02:05, James Bottomley wrote:
> On Fri, 2020-12-04 at 01:46 +0100, Laszlo Ersek wrote:
>> On 12/03/20 15:27, James Bottomley wrote:
>>> On Thu, 2020-12-03 at 13:26 +0100, Laszlo Ersek wrote:
>>>> Hi James,
>>>>
>>>> On 11/30/20 21:28, James Bottomley wrote:
>>>>> v3:
>>>>>
>>>>> - More grub and boot stripping (I think I got everything out,
>>>>> but there may be something that strayed in the boot panic
>>>>> resolution).
>>>>> - grub.sh tidy up with tabs->spaces.
>>>>> - Move the reset vector GUIDisation patch to the front so it
>>>>> can be applied independently
>>>>> - Update the .dsc and .fdf files for variable policy
>>>>
>>>> In preparation for submitting the github PR for merging this
>>>> series, I first ran PatchCheck.py locally.
>>>>
>>>> It doesn't like that I converted "OvmfPkg/AmdSev/Grub/grub.cfg"
>>>> to LF, in addition to "OvmfPkg/AmdSev/Grub/grub.sh".
>>>>
>>>> PatchCheck.py recognizes the ".sh" suffix, so it's not
>>>> complaining about "OvmfPkg/AmdSev/Grub/grub.sh". But, the config
>>>> file is a problem.
>>>>
>>>> Can you please confirm that grub works fine if the config file
>>>> has CRLF line terminators? Because then I'll just convert the
>>>> config file back to CRLF, and merge the series.
>>>
>>> I converted the entire file with unix2dos and grub does seem to be
>>> fine with the CRLF line endings (probably because it wants to be a
>>> boot loader beyond linux), so I think converting the file to CRLF
>>> is the right way to go.
>>
>> I submitted PR <https://github.com/tianocore/edk2/pull/1175>;, but it
>> was rejected due to ECC failures.
>>
>> I think we all need to have a serious talk about ECC. I'll send a
>> separate email.
>>
>> I'm really sorry.
>
> Is it just complaining that gGrubFileGuid is the same as the FILE_GUID
> in Grub.inf (as the comment in Grub.inf says) but it shouldn't be, so
> the fix is to remove the comment and generate a new FILE_GUID for
> Grub.inf?
>
> James
>
>
Log files (same content, modulo timestamps etc):
https://dev.azure.com/tianocore/11ea4a10-ac9f-4e5f-8b13-7def1f19d478/_apis/build/builds/16071/logs/115
https://dev.azure.com/tianocore/11ea4a10-ac9f-4e5f-8b13-7def1f19d478/_apis/build/builds/16072/logs/113
Two plugins failed (search either log for the string "Test Failed" --
there's going to be two instances).
(1) The GUID check plugin is one of both failures.
It's unjustified of course, because you *need* to know the FILE_GUID of
Grub.inf -- that's how you can generate boot option to it in the
Platform BDS library. Making gGrubFileGuid different from what's in
FILE_GUID would *break the code*.
One hack for this is to change the FILE_GUID in Grub.inf (regenerate it
with uuidgen), but then use a DSC-level FILE_GUID override, to make it
match gGrubFileGuid from the DEC file again:
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
> index bb7697eb324b..1593856faca1 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
> @@ -779,7 +779,10 @@ [Components]
> }
> !endif
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> - OvmfPkg/AmdSev/Grub/Grub.inf
> + OvmfPkg/AmdSev/Grub/Grub.inf {
> + <Defines>
> + FILE_GUID = ...
> + }
> !if $(BUILD_SHELL) == TRUE
> ShellPkg/Application/Shell/Shell.inf {
> <LibraryClasses>
But it's terrible for code that's actually valid.
So instead, we should add an exception to "OvmfPkg/OvmfPkg.ci.yaml",
near "GuidCheck".
(2) The other failure is from ECC.
I've evaluated the errors it has reported now, and all of them are
unjustifiedly reported.
Again, more exceptions are needed in "OvmfPkg/OvmfPkg.ci.yaml", this
time near "EccCheck".
I will send a short patch series to add the exceptions, and once that's
upstream, we *will* merge this (v3) series.
Thanks
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-04 1:55 ` Laszlo Ersek
@ 2020-12-04 2:01 ` Laszlo Ersek
2020-12-14 19:57 ` Laszlo Ersek
0 siblings, 1 reply; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-04 2:01 UTC (permalink / raw)
To: jejb, devel
Cc: dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel
On 12/04/20 02:55, Laszlo Ersek wrote:
> I will send a short patch series to add the exceptions, and once
> that's upstream, we *will* merge this (v3) series.
BTW the tweaks I added on top of your v3, in
<https://github.com/tianocore/edk2/pull/1175>, are as follows (git
range-diff output):
> 1: 4020c20b2342 ! 1: b96494ad75db OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
> @@ -8,8 +8,9 @@
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> -
> Message-Id: <20201130202819.3910-2-jejb@linux.ibm.com>
> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> + Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>
> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> 2: 488fbdbe7689 ! 2: acc8cb13da8d OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
> @@ -11,8 +11,9 @@
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> -
> Message-Id: <20201130202819.3910-3-jejb@linux.ibm.com>
> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> + Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
> new file mode 100644
> 3: 796ec96e3414 ! 3: b80ce0838781 OvmfPkg/AmdSev: add Grub Firmware Volume Package
> @@ -19,8 +19,10 @@
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> -
> Message-Id: <20201130202819.3910-4-jejb@linux.ibm.com>
> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> + [lersek@redhat.com: replace local variable initialization with assignment]
> + Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> --- a/OvmfPkg/OvmfPkg.dec
> @@ -779,7 +781,9 @@
> +{
> + EFI_HANDLE Handle;
> + EFI_STATUS Status;
> -+ UINT16 FrontPageTimeout = 0;
> ++ UINT16 FrontPageTimeout;
> ++
> ++ FrontPageTimeout = 0;
> +
> + DEBUG ((DEBUG_INFO, "PlatformBootManagerBeforeConsole\n"));
> + InstallDevicePathCallback ();
> 4: d954947f8d14 ! 4: f3cda3cadde4 OvmfPkg: create a SEV secret area in the AmdSev memfd
> @@ -10,8 +10,9 @@
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> -
> Message-Id: <20201130202819.3910-5-jejb@linux.ibm.com>
> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> + [lersek@redhat.com: fix typo in "ResetVectorVtf0.asm" comments]
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> --- a/OvmfPkg/OvmfPkg.dec
> @@ -52,7 +53,7 @@
> +;
> +; SEV Secret block
> +;
> -+; This describes the guest ram area where the hypervisor may should
> ++; This describes the guest ram area where the hypervisor should
> +; inject the secret. The data format is:
> +;
> +; base physical address (32 bit word)
> 5: 1a18c4921cdf ! 5: c38b3caf22ad OvmfPkg/AmdSev: assign and protect the Sev Secret area
> @@ -1,14 +1,17 @@
> Author: James Bottomley <jejb@linux.ibm.com>
>
> - OvmfPkg/AmdSev: assign and protect the Sev Secret area
> + OvmfPkg/AmdSev: assign and reserve the Sev Secret area
>
> - Create a one page secret area in the MEMFD and protect the area with a
> + Create a one page secret area in the MEMFD and reserve the area with a
> boot time HOB.
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> Message-Id: <20201130202819.3910-6-jejb@linux.ibm.com>
> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> + [lersek@redhat.com: s/protect/reserve/g in the commit message, at Ard's
> + and James's suggestion]
>
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
> 6: 6970b9413c93 ! 6: ea823d078162 OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
> @@ -11,6 +11,8 @@
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> Message-Id: <20201130202819.3910-7-jejb@linux.ibm.com>
> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> + [lersek@redhat.com: fix indentation of InstallConfigurationTable() args]
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> --- a/OvmfPkg/OvmfPkg.dec
> @@ -152,7 +154,8 @@
> + IN EFI_SYSTEM_TABLE *SystemTable
> + )
> +{
> -+ return gBS->InstallConfigurationTable (&gSevLaunchSecretGuid,
> -+ &mSecretDxeTable
> -+ );
> ++ return gBS->InstallConfigurationTable (
> ++ &gSevLaunchSecretGuid,
> ++ &mSecretDxeTable
> ++ );
> +}
I meant to include this range-diff in the email where I'd confirm the
merge and the commit range; too bad I got distracted with this ECC mess.
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-11-30 20:28 ` [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table James Bottomley
2020-12-03 8:46 ` [edk2-devel] " Laszlo Ersek
@ 2020-12-09 12:02 ` Yao, Jiewen
2020-12-09 15:46 ` James Bottomley
2020-12-10 9:12 ` Laszlo Ersek
1 sibling, 2 replies; 35+ messages in thread
From: Yao, Jiewen @ 2020-12-09 12:02 UTC (permalink / raw)
To: devel@edk2.groups.io, jejb@linux.ibm.com
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel, Yao, Jiewen
Hi James
I am not sure if this solution is only for AMD SEV or it is a generic solution to "pass a secret to grub and let grub decrypt the disk".
If it is only for AMD SEV, please stop reading and ignore my comment below.
If it is designed to be a generic solution to pass a secret to grub and let grub decrypt the disk. I have some thought below:
Intel TDX (https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html) have similar feature - a TDX virtual firmware may do attestation and get a key from remote key server.
We might use same architecture to pass the secrete to grub.
Initially, we define an ACPI 'SVKL' table to pass the secrete in intel-tdx-guest-hypervisor-communication-interface (https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-guest-hypervisor-communication-interface.pdf), section 4.4 storage volume key data.
But it is also OK if you want to use UEFI configuration table.
If we need a common API for both AMD SEV and Intel TDX, then I recommend some enhancement for SevLaunchSecret.h.
1) The file name (SevLaunchSecret.h) should be generic, such as TrustedVmSecret, StorageVolumeKey, etc. It should not include 'SEV'. Otherwise, we have to define a new GUID for 'TDX'.
2) The GUID name (gSevLaunchSecretGuid, SEV_LAUNCH_SECRET_GUID) should be generic. Same reason above.
3) The data structure name (SEV_LAUNCH_SECRET_LOCATION) should be generic. Same reason above.
4) The data structure field (SEV_LAUNCH_SECRET_LOCATION.Base) should use UINTN or EFI_PHYSICAL_ADDRESS to support above 4GB memory location.
5) The internal data structure of the secret is not defined. Is it raw binary? Or ASCII string password? Or DER format certificate? Or PEM format key? At least, we shall describe it in the header file.
6) The might be a chance that a key server need input multiple keys to a trusted VM. How we handle this? Do we expect multiple UEFI configuration tables and each table support one key? or one table to support multiple keys?
Would you please take a look at intel-tdx-guest-hypervisor-communication-interface, section 4.4 storage volume key data.
We defined multiple key layout, key type and key format. Please let us know if you have any thought.
Thank you
Yao Jiewen
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of James
> Bottomley
> Sent: Tuesday, December 1, 2020 4:28 AM
> To: devel@edk2.groups.io
> Cc: dovmurik@linux.vnet.ibm.com; Dov.Murik1@il.ibm.com;
> ashish.kalra@amd.com; brijesh.singh@amd.com; tobin@ibm.com;
> david.kaplan@amd.com; jon.grimm@amd.com; thomas.lendacky@amd.com;
> jejb@linux.ibm.com; frankeh@us.ibm.com; Dr . David Alan Gilbert
> <dgilbert@redhat.com>; Laszlo Ersek <lersek@redhat.com>; Justen, Jordan L
> <jordan.l.justen@intel.com>; Ard Biesheuvel <ard.biesheuvel@arm.com>
> Subject: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev
> Secret area using a configuration table
>
> Now that the secret area is protected by a boot time HOB, extract its
> location details into a configuration table referenced by
> gSevLaunchSecretGuid so the boot loader or OS can locate it before a
> call to ExitBootServices().
>
> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> ---
> OvmfPkg/OvmfPkg.dec | 1 +
> OvmfPkg/AmdSev/AmdSevX64.dsc | 1 +
> OvmfPkg/AmdSev/AmdSevX64.fdf | 1 +
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf | 37
> ++++++++++++++++++++++++++
> OvmfPkg/Include/Guid/SevLaunchSecret.h | 28 +++++++++++++++++++
> OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 26 ++++++++++++++++++
> 6 files changed, 94 insertions(+)
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> create mode 100644 OvmfPkg/Include/Guid/SevLaunchSecret.h
> create mode 100644 OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> index 7d27f8e16040..8a294116efaa 100644
> --- a/OvmfPkg/OvmfPkg.dec
> +++ b/OvmfPkg/OvmfPkg.dec
> @@ -117,6 +117,7 @@ [Guids]
> gLinuxEfiInitrdMediaGuid = {0x5568e427, 0x68fc, 0x4f3d, {0xac,
> 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68}}
> gQemuKernelLoaderFsMediaGuid = {0x1428f772, 0xb64a, 0x441e,
> {0xb8, 0xc3, 0x9e, 0xbd, 0xd7, 0xf8, 0x93, 0xc7}}
> gGrubFileGuid = {0xb5ae312c, 0xbc8a, 0x43b1, {0x9c, 0x62,
> 0xeb, 0xb8, 0x26, 0xdd, 0x5d, 0x07}}
> + gSevLaunchSecretGuid = {0xadf956ad, 0xe98c, 0x484c, {0xae,
> 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47}}
>
> [Ppis]
> # PPI whose presence in the PPI database signals that the TPM base
> address
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc
> b/OvmfPkg/AmdSev/AmdSevX64.dsc
> index e9c522bedad9..bb7697eb324b 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
> @@ -778,6 +778,7 @@ [Components]
> gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
> }
> !endif
> + OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> OvmfPkg/AmdSev/Grub/Grub.inf
> !if $(BUILD_SHELL) == TRUE
> ShellPkg/Application/Shell/Shell.inf {
> diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf
> b/OvmfPkg/AmdSev/AmdSevX64.fdf
> index b2656a1cf6fc..e8fd4b8c7b89 100644
> --- a/OvmfPkg/AmdSev/AmdSevX64.fdf
> +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
> @@ -269,6 +269,7 @@ [FV.DXEFV]
> !if $(TOOL_CHAIN_TAG) != "XCODE5" && $(BUILD_SHELL) == TRUE
> INF
> OvmfPkg/LinuxInitrdDynamicShellCommand/LinuxInitrdDynamicShellComma
> nd.inf
> !endif
> +INF OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> INF OvmfPkg/AmdSev/Grub/Grub.inf
> !if $(BUILD_SHELL) == TRUE
> INF ShellPkg/Application/Shell/Shell.inf
> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> new file mode 100644
> index 000000000000..62ab00a3d382
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf
> @@ -0,0 +1,37 @@
> +## @file
> +# Sev Secret configuration Table installer
> +#
> +# Copyright (C) 2020 James Bottomley, IBM Corporation.
> +#
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> +##
> +
> +[Defines]
> + INF_VERSION = 0x00010005
> + BASE_NAME = SecretDxe
> + FILE_GUID = 6e2b9619-8810-4e9d-a177-d432bb9abeda
> + MODULE_TYPE = DXE_DRIVER
> + VERSION_STRING = 1.0
> + ENTRY_POINT = InitializeSecretDxe
> +
> +[Sources]
> + SecretDxe.c
> +
> +[Packages]
> + OvmfPkg/OvmfPkg.dec
> + MdePkg/MdePkg.dec
> +
> +[LibraryClasses]
> + UefiBootServicesTableLib
> + UefiDriverEntryPoint
> +
> +[Guids]
> + gSevLaunchSecretGuid
> +
> +[FixedPcd]
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
> + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
> +
> +[Depex]
> + TRUE
> diff --git a/OvmfPkg/Include/Guid/SevLaunchSecret.h
> b/OvmfPkg/Include/Guid/SevLaunchSecret.h
> new file mode 100644
> index 000000000000..fa5f3830bc2b
> --- /dev/null
> +++ b/OvmfPkg/Include/Guid/SevLaunchSecret.h
> @@ -0,0 +1,28 @@
> + /** @file
> + UEFI Configuration Table for exposing the SEV Launch Secret location to
> UEFI
> + applications (boot loaders).
> +
> + Copyright (C) 2020 James Bottomley, IBM Corporation.
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> + **/
> +
> +#ifndef SEV_LAUNCH_SECRET_H_
> +#define SEV_LAUNCH_SECRET_H_
> +
> +#include <Uefi/UefiBaseType.h>
> +
> +#define SEV_LAUNCH_SECRET_GUID \
> + { 0xadf956ad, \
> + 0xe98c, \
> + 0x484c, \
> + { 0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47 }, \
> + }
> +
> +typedef struct {
> + UINT32 Base;
> + UINT32 Size;
> +} SEV_LAUNCH_SECRET_LOCATION;
> +
> +extern EFI_GUID gSevLaunchSecretGuid;
> +
> +#endif // SEV_LAUNCH_SECRET_H_
> diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> new file mode 100644
> index 000000000000..d8cc9b00946a
> --- /dev/null
> +++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
> @@ -0,0 +1,26 @@
> +/** @file
> + SEV Secret configuration table constructor
> +
> + Copyright (C) 2020 James Bottomley, IBM Corporation.
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +**/
> +#include <PiDxe.h>
> +#include <Library/UefiBootServicesTableLib.h>
> +#include <Guid/SevLaunchSecret.h>
> +
> +STATIC SEV_LAUNCH_SECRET_LOCATION mSecretDxeTable = {
> + FixedPcdGet32 (PcdSevLaunchSecretBase),
> + FixedPcdGet32 (PcdSevLaunchSecretSize),
> +};
> +
> +EFI_STATUS
> +EFIAPI
> +InitializeSecretDxe(
> + IN EFI_HANDLE ImageHandle,
> + IN EFI_SYSTEM_TABLE *SystemTable
> + )
> +{
> + return gBS->InstallConfigurationTable (&gSevLaunchSecretGuid,
> + &mSecretDxeTable
> + );
> +}
> --
> 2.26.2
>
>
>
>
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 12:02 ` Yao, Jiewen
@ 2020-12-09 15:46 ` James Bottomley
2020-12-09 15:54 ` James Bottomley
2020-12-09 16:33 ` Yao, Jiewen
2020-12-10 9:12 ` Laszlo Ersek
1 sibling, 2 replies; 35+ messages in thread
From: James Bottomley @ 2020-12-09 15:46 UTC (permalink / raw)
To: devel, jiewen.yao
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel
On Wed, 2020-12-09 at 12:02 +0000, Yao, Jiewen wrote:
> Hi James
> I am not sure if this solution is only for AMD SEV or it is a generic
> solution to "pass a secret to grub and let grub decrypt the disk".
Well, being open source, it's driven by the implementation, which is
AMD. However, if you look at how it works, it's composed of a secret
discovery piece and then a packaging piece which is this part. It's
certainly true that any discover mechanism could feed this packaging
piece, so I agree that the SecretDXE could pass up the secret from any
discovery mechanism not just SEV.
> If it is only for AMD SEV, please stop reading and ignore my comment
> below.
>
> If it is designed to be a generic solution to pass a secret to grub
> and let grub decrypt the disk. I have some thought below:
> Intel TDX (
> https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html
> ) have similar feature - a TDX virtual firmware may do attestation
> and get a key from remote key server.
> We might use same architecture to pass the secrete to grub.
> Initially, we define an ACPI 'SVKL' table to pass the secrete in
> intel-tdx-guest-hypervisor-communication-interface (
> https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-guest-hypervisor-communication-interface.pdf
> ), section 4.4 storage volume key data.
> But it is also OK if you want to use UEFI configuration table.
>From the coding point of view it's definitely easier to do a UEFI
configuration table. If I had to insert something inside ACPI I'd be
hijacking a lot more of the guts of OVMF to achieve it.
> If we need a common API for both AMD SEV and Intel TDX, then I
> recommend some enhancement for SevLaunchSecret.h.
> 1) The file name (SevLaunchSecret.h) should be generic, such as
> TrustedVmSecret, StorageVolumeKey, etc. It should not include 'SEV'.
> Otherwise, we have to define a new GUID for 'TDX'.
> 2) The GUID name (gSevLaunchSecretGuid, SEV_LAUNCH_SECRET_GUID)
> should be generic. Same reason above.
> 3) The data structure name (SEV_LAUNCH_SECRET_LOCATION) should be
> generic. Same reason above.
> 4) The data structure field (SEV_LAUNCH_SECRET_LOCATION.Base) should
> use UINTN or EFI_PHYSICAL_ADDRESS to support above 4GB memory
> location.
I agree with trying to make it more generic. what about replacing
SEV_LAUNCH with CONFIDENTIAL_COMPUTING
SevLaunch with ConfidentialComputing
And obviously making the area a UINT64.
> 5) The internal data structure of the secret is not defined. Is it
> raw binary? Or ASCII string password? Or DER format certificate? Or
> PEM format key? At least, we shall describe it in the header file.
Since OVMF doesn't interpret the area, I didn't describe it in this
patch, but if you look at how the grub piece works:
https://lists.gnu.org/archive/html/grub-devel/2020-11/msg00081.html
It's another GUIDed list, so all I've defined is a GUID that means
"this is a disk password". You can define a guid for any other content
type.
> 6) The might be a chance that a key server need input multiple keys
> to a trusted VM. How we handle this? Do we expect multiple UEFI
> configuration tables and each table support one key? or one table to
> support multiple keys?
The keys would each have their own guid which would be pieced up by the
receiver.
> Would you please take a look at intel-tdx-guest-hypervisor-
> communication-interface, section 4.4 storage volume key data.
> We defined multiple key layout, key type and key format. Please let
> us know if you have any thought.
I really think the standard GUIDed form:
GUID|len|data
Works best because a GUID is big enough to define for any number of
uses and it also means we don't have to define key types or anything,
because all a new consumer has to do is define their data structure and
give it a guid. The single uefi config table is passed through to all
the elements until it gets to one that recognizes the GUID.
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 15:46 ` James Bottomley
@ 2020-12-09 15:54 ` James Bottomley
2020-12-09 16:33 ` Yao, Jiewen
1 sibling, 0 replies; 35+ messages in thread
From: James Bottomley @ 2020-12-09 15:54 UTC (permalink / raw)
To: devel, jiewen.yao
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel
On Wed, 2020-12-09 at 07:46 -0800, James Bottomley wrote:
> On Wed, 2020-12-09 at 12:02 +0000, Yao, Jiewen wrote:
> > Would you please take a look at intel-tdx-guest-hypervisor-
> > communication-interface, section 4.4 storage volume key data.
OK, I read through the spec.
> > We defined multiple key layout, key type and key format. Please let
> > us know if you have any thought.
>
> I really think the standard GUIDed form:
>
> GUID|len|data
>
> Works best because a GUID is big enough to define for any number of
> uses and it also means we don't have to define key types or anything,
> because all a new consumer has to do is define their data structure
> and give it a guid. The single uefi config table is passed through
> to all the elements until it gets to one that recognizes the GUID.
The only other thing I would add here, is that you have indirect ACPI
tables whereas the above is direct. I think indirect might be useful
at the low level for scatter gather injection if it has to be done for
the architecture, but I think to make it easier for the consumers above
OVMF we gather all the information into on GUIDed table with no
indirection, which makes the above GUIDed form the best description.
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 15:46 ` James Bottomley
2020-12-09 15:54 ` James Bottomley
@ 2020-12-09 16:33 ` Yao, Jiewen
2020-12-09 16:38 ` James Bottomley
1 sibling, 1 reply; 35+ messages in thread
From: Yao, Jiewen @ 2020-12-09 16:33 UTC (permalink / raw)
To: jejb@linux.ibm.com, devel@edk2.groups.io
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel
Thanks. ConfidentialComputing seems a better name.
I agree with you that OVMF might not need understand the data structure.
But I am not sure if the grub is the only boot loader we want to support.
I think it might be a better idea to define the data structure clearly in OVMF.
As such, any boot loader can parse the data structure to decrypt the disk. They don’t need refer to grub.
Thank you
Yao Jiewen
> -----Original Message-----
> From: James Bottomley <jejb@linux.ibm.com>
> Sent: Wednesday, December 9, 2020 11:47 PM
> To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>
> Cc: dovmurik@linux.vnet.ibm.com; Dov.Murik1@il.ibm.com;
> ashish.kalra@amd.com; brijesh.singh@amd.com; tobin@ibm.com;
> david.kaplan@amd.com; jon.grimm@amd.com; thomas.lendacky@amd.com;
> frankeh@us.ibm.com; Dr . David Alan Gilbert <dgilbert@redhat.com>; Laszlo
> Ersek <lersek@redhat.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
> Ard Biesheuvel <ard.biesheuvel@arm.com>
> Subject: Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev
> Secret area using a configuration table
>
> On Wed, 2020-12-09 at 12:02 +0000, Yao, Jiewen wrote:
> > Hi James
> > I am not sure if this solution is only for AMD SEV or it is a generic
> > solution to "pass a secret to grub and let grub decrypt the disk".
>
> Well, being open source, it's driven by the implementation, which is
> AMD. However, if you look at how it works, it's composed of a secret
> discovery piece and then a packaging piece which is this part. It's
> certainly true that any discover mechanism could feed this packaging
> piece, so I agree that the SecretDXE could pass up the secret from any
> discovery mechanism not just SEV.
>
> > If it is only for AMD SEV, please stop reading and ignore my comment
> > below.
> >
> > If it is designed to be a generic solution to pass a secret to grub
> > and let grub decrypt the disk. I have some thought below:
> > Intel TDX (
> > https://software.intel.com/content/www/us/en/develop/articles/intel-
> trust-domain-extensions.html
> > ) have similar feature - a TDX virtual firmware may do attestation
> > and get a key from remote key server.
> > We might use same architecture to pass the secrete to grub.
> > Initially, we define an ACPI 'SVKL' table to pass the secrete in
> > intel-tdx-guest-hypervisor-communication-interface (
> >
> https://software.intel.com/content/dam/develop/external/us/en/document
> s/intel-tdx-guest-hypervisor-communication-interface.pdf
> > ), section 4.4 storage volume key data.
> > But it is also OK if you want to use UEFI configuration table.
>
> From the coding point of view it's definitely easier to do a UEFI
> configuration table. If I had to insert something inside ACPI I'd be
> hijacking a lot more of the guts of OVMF to achieve it.
>
> > If we need a common API for both AMD SEV and Intel TDX, then I
> > recommend some enhancement for SevLaunchSecret.h.
> > 1) The file name (SevLaunchSecret.h) should be generic, such as
> > TrustedVmSecret, StorageVolumeKey, etc. It should not include 'SEV'.
> > Otherwise, we have to define a new GUID for 'TDX'.
> > 2) The GUID name (gSevLaunchSecretGuid, SEV_LAUNCH_SECRET_GUID)
> > should be generic. Same reason above.
> > 3) The data structure name (SEV_LAUNCH_SECRET_LOCATION) should be
> > generic. Same reason above.
> > 4) The data structure field (SEV_LAUNCH_SECRET_LOCATION.Base) should
> > use UINTN or EFI_PHYSICAL_ADDRESS to support above 4GB memory
> > location.
>
> I agree with trying to make it more generic. what about replacing
>
> SEV_LAUNCH with CONFIDENTIAL_COMPUTING
> SevLaunch with ConfidentialComputing
>
> And obviously making the area a UINT64.
>
> > 5) The internal data structure of the secret is not defined. Is it
> > raw binary? Or ASCII string password? Or DER format certificate? Or
> > PEM format key? At least, we shall describe it in the header file.
>
> Since OVMF doesn't interpret the area, I didn't describe it in this
> patch, but if you look at how the grub piece works:
>
> https://lists.gnu.org/archive/html/grub-devel/2020-11/msg00081.html
>
> It's another GUIDed list, so all I've defined is a GUID that means
> "this is a disk password". You can define a guid for any other content
> type.
>
> > 6) The might be a chance that a key server need input multiple keys
> > to a trusted VM. How we handle this? Do we expect multiple UEFI
> > configuration tables and each table support one key? or one table to
> > support multiple keys?
>
> The keys would each have their own guid which would be pieced up by the
> receiver.
>
> > Would you please take a look at intel-tdx-guest-hypervisor-
> > communication-interface, section 4.4 storage volume key data.
> > We defined multiple key layout, key type and key format. Please let
> > us know if you have any thought.
>
> I really think the standard GUIDed form:
>
> GUID|len|data
>
> Works best because a GUID is big enough to define for any number of
> uses and it also means we don't have to define key types or anything,
> because all a new consumer has to do is define their data structure and
> give it a guid. The single uefi config table is passed through to all
> the elements until it gets to one that recognizes the GUID.
>
> James
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 16:33 ` Yao, Jiewen
@ 2020-12-09 16:38 ` James Bottomley
2020-12-09 16:51 ` Yao, Jiewen
0 siblings, 1 reply; 35+ messages in thread
From: James Bottomley @ 2020-12-09 16:38 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel
On Wed, 2020-12-09 at 16:33 +0000, Yao, Jiewen wrote:
> Thanks. ConfidentialComputing seems a better name.
>
> I agree with you that OVMF might not need understand the data
> structure. But I am not sure if the grub is the only boot loader we
> want to support.
To be clear: grub is just using it to get the disk password. I do
anticipate we'll also use it for provisioning keys directly into the
linux kernel as well, so multiple consumers were anticipated.
> I think it might be a better idea to define the data structure
> clearly in OVMF. As such, any boot loader can parse the data
> structure to decrypt the disk. They don’t need refer to grub.
I'll defer to what OVMF people want, but defining a table inside OVMF
that it doesn't actually use at all seems to be doing it at the wrong
layer.
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 16:38 ` James Bottomley
@ 2020-12-09 16:51 ` Yao, Jiewen
2020-12-09 17:04 ` James Bottomley
0 siblings, 1 reply; 35+ messages in thread
From: Yao, Jiewen @ 2020-12-09 16:51 UTC (permalink / raw)
To: jejb@linux.ibm.com, devel@edk2.groups.io
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel
> To be clear: grub is just using it to get the disk password. I do
> anticipate we'll also use it for provisioning keys directly into the
> linux kernel as well, so multiple consumers were anticipated.
Would you please share more information about the GUIDed key usage, except disk password?
What is the usage of the provisioning key for kernel?
Thank you
Yao Jiewen
> -----Original Message-----
> From: James Bottomley <jejb@linux.ibm.com>
> Sent: Thursday, December 10, 2020 12:39 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> Cc: dovmurik@linux.vnet.ibm.com; Dov.Murik1@il.ibm.com;
> ashish.kalra@amd.com; brijesh.singh@amd.com; tobin@ibm.com;
> david.kaplan@amd.com; jon.grimm@amd.com; thomas.lendacky@amd.com;
> frankeh@us.ibm.com; Dr . David Alan Gilbert <dgilbert@redhat.com>; Laszlo
> Ersek <lersek@redhat.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
> Ard Biesheuvel <ard.biesheuvel@arm.com>
> Subject: Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev
> Secret area using a configuration table
>
> On Wed, 2020-12-09 at 16:33 +0000, Yao, Jiewen wrote:
> > Thanks. ConfidentialComputing seems a better name.
> >
> > I agree with you that OVMF might not need understand the data
> > structure. But I am not sure if the grub is the only boot loader we
> > want to support.
>
> To be clear: grub is just using it to get the disk password. I do
> anticipate we'll also use it for provisioning keys directly into the
> linux kernel as well, so multiple consumers were anticipated.
>
> > I think it might be a better idea to define the data structure
> > clearly in OVMF. As such, any boot loader can parse the data
> > structure to decrypt the disk. They don’t need refer to grub.
>
> I'll defer to what OVMF people want, but defining a table inside OVMF
> that it doesn't actually use at all seems to be doing it at the wrong
> layer.
>
> James
>
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 16:51 ` Yao, Jiewen
@ 2020-12-09 17:04 ` James Bottomley
0 siblings, 0 replies; 35+ messages in thread
From: James Bottomley @ 2020-12-09 17:04 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Laszlo Ersek,
Justen, Jordan L, Ard Biesheuvel
On Wed, 2020-12-09 at 16:51 +0000, Yao, Jiewen wrote:
> > To be clear: grub is just using it to get the disk password. I do
> > anticipate we'll also use it for provisioning keys directly into
> > the linux kernel as well, so multiple consumers were anticipated.
>
> Would you please share more information about the GUIDed key usage,
> except disk password?
I think the point here is I don't define it. I only define the one
grub disk password use case. The GUIDed table format means that anyone
can define a GUID and a data format for their use case. Not actually
pre-specifying allows the use case to develop with the code.
> What is the usage of the provisioning key for kernel?
The usual problem is that you need an additional trusted public key in
the kernel primary keyring, so having the secret area inject a trusted
public key we can later use for things like third party module signing
and the like seems to be a good idea.
James
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-09 12:02 ` Yao, Jiewen
2020-12-09 15:46 ` James Bottomley
@ 2020-12-10 9:12 ` Laszlo Ersek
2020-12-10 9:27 ` Yao, Jiewen
1 sibling, 1 reply; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-10 9:12 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io, jejb@linux.ibm.com
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Justen, Jordan L,
Ard Biesheuvel
Hi Jiewen,
On 12/09/20 13:02, Yao, Jiewen wrote:
> Hi James
> I am not sure if this solution is only for AMD SEV or it is a generic solution to "pass a secret to grub and let grub decrypt the disk".
>
> If it is only for AMD SEV, please stop reading and ignore my comment below.
>
> If it is designed to be a generic solution to pass a secret to grub and let grub decrypt the disk. I have some thought below:
> Intel TDX (https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html) have similar feature - a TDX virtual firmware may do attestation and get a key from remote key server.
> We might use same architecture to pass the secrete to grub.
> Initially, we define an ACPI 'SVKL' table to pass the secrete in intel-tdx-guest-hypervisor-communication-interface (https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-guest-hypervisor-communication-interface.pdf), section 4.4 storage volume key data.
> But it is also OK if you want to use UEFI configuration table.
>
> If we need a common API for both AMD SEV and Intel TDX, then I recommend some enhancement for SevLaunchSecret.h.
> 1) The file name (SevLaunchSecret.h) should be generic, such as TrustedVmSecret, StorageVolumeKey, etc. It should not include 'SEV'. Otherwise, we have to define a new GUID for 'TDX'.
> 2) The GUID name (gSevLaunchSecretGuid, SEV_LAUNCH_SECRET_GUID) should be generic. Same reason above.
> 3) The data structure name (SEV_LAUNCH_SECRET_LOCATION) should be generic. Same reason above.
> 4) The data structure field (SEV_LAUNCH_SECRET_LOCATION.Base) should use UINTN or EFI_PHYSICAL_ADDRESS to support above 4GB memory location.
> 5) The internal data structure of the secret is not defined. Is it raw binary? Or ASCII string password? Or DER format certificate? Or PEM format key? At least, we shall describe it in the header file.
> 6) The might be a chance that a key server need input multiple keys to a trusted VM. How we handle this? Do we expect multiple UEFI configuration tables and each table support one key? or one table to support multiple keys?
>
> Would you please take a look at intel-tdx-guest-hypervisor-communication-interface, section 4.4 storage volume key data.
> We defined multiple key layout, key type and key format. Please let us know if you have any thought.
These are several change requests. I do not disagree with them, but I
strongly propose we implement them separately.
James's current v3 series presents a state that has been tested and
reviewed. I'd like to commit it as-is. If for nothing else, then because
I'd like the edk2 git commit history to have a snapshot of the work at
this stage.
We have ample time until the next edk2 stable tag. Right after this v3
series is committed, you guys can start generalizing it (e.g., renaming
files and variables). Working from special case to general case is not
uncommon. The feature need not be ready as soon as it is committed; it
needs to be stable and externally compatible at the next stable tag.
If some changes from your list above would be incompatible with other
software (which is also in the making, to my understanding), then I
would request / propose that patches for those other projects be held
back, until the generalization of the edk2 patches reaches a certain
maturity.
Basically, I wouldn't like to do an incremental review on this series
that introduces the above-described *amount* of changes, from v3 to v4.
And I would like to perform a from-the-scratch review even less, on this
series. I believe your requests have merit, I'd just like to see patches
"on top" that implement them. We're right after the last stable tag,
this is the time for some incompatibility, until things settle.
Thanks
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
2020-12-10 9:12 ` Laszlo Ersek
@ 2020-12-10 9:27 ` Yao, Jiewen
0 siblings, 0 replies; 35+ messages in thread
From: Yao, Jiewen @ 2020-12-10 9:27 UTC (permalink / raw)
To: Laszlo Ersek, devel@edk2.groups.io, jejb@linux.ibm.com
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com, Dr . David Alan Gilbert, Justen, Jordan L,
Ard Biesheuvel, Yao, Jiewen
I see your point. I will let the patch submitter make final decision on which way they want to go.
Thank you
Yao Jiewen
> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Thursday, December 10, 2020 5:12 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io;
> jejb@linux.ibm.com
> Cc: dovmurik@linux.vnet.ibm.com; Dov.Murik1@il.ibm.com;
> ashish.kalra@amd.com; brijesh.singh@amd.com; tobin@ibm.com;
> david.kaplan@amd.com; jon.grimm@amd.com; thomas.lendacky@amd.com;
> frankeh@us.ibm.com; Dr . David Alan Gilbert <dgilbert@redhat.com>; Justen,
> Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel
> <ard.biesheuvel@arm.com>
> Subject: Re: [edk2-devel] [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev
> Secret area using a configuration table
>
> Hi Jiewen,
>
> On 12/09/20 13:02, Yao, Jiewen wrote:
> > Hi James
> > I am not sure if this solution is only for AMD SEV or it is a generic solution
> to "pass a secret to grub and let grub decrypt the disk".
> >
> > If it is only for AMD SEV, please stop reading and ignore my comment
> below.
> >
> > If it is designed to be a generic solution to pass a secret to grub and let
> grub decrypt the disk. I have some thought below:
> > Intel TDX
> (https://software.intel.com/content/www/us/en/develop/articles/intel-
> trust-domain-extensions.html) have similar feature - a TDX virtual firmware
> may do attestation and get a key from remote key server.
> > We might use same architecture to pass the secrete to grub.
> > Initially, we define an ACPI 'SVKL' table to pass the secrete in intel-tdx-
> guest-hypervisor-communication-interface
> (https://software.intel.com/content/dam/develop/external/us/en/document
> s/intel-tdx-guest-hypervisor-communication-interface.pdf), section 4.4
> storage volume key data.
> > But it is also OK if you want to use UEFI configuration table.
> >
> > If we need a common API for both AMD SEV and Intel TDX, then I
> recommend some enhancement for SevLaunchSecret.h.
> > 1) The file name (SevLaunchSecret.h) should be generic, such as
> TrustedVmSecret, StorageVolumeKey, etc. It should not include 'SEV'.
> Otherwise, we have to define a new GUID for 'TDX'.
> > 2) The GUID name (gSevLaunchSecretGuid, SEV_LAUNCH_SECRET_GUID)
> should be generic. Same reason above.
> > 3) The data structure name (SEV_LAUNCH_SECRET_LOCATION) should be
> generic. Same reason above.
> > 4) The data structure field (SEV_LAUNCH_SECRET_LOCATION.Base) should
> use UINTN or EFI_PHYSICAL_ADDRESS to support above 4GB memory
> location.
> > 5) The internal data structure of the secret is not defined. Is it raw binary?
> Or ASCII string password? Or DER format certificate? Or PEM format key? At
> least, we shall describe it in the header file.
> > 6) The might be a chance that a key server need input multiple keys to a
> trusted VM. How we handle this? Do we expect multiple UEFI configuration
> tables and each table support one key? or one table to support multiple
> keys?
> >
> > Would you please take a look at intel-tdx-guest-hypervisor-
> communication-interface, section 4.4 storage volume key data.
> > We defined multiple key layout, key type and key format. Please let us
> know if you have any thought.
>
> These are several change requests. I do not disagree with them, but I
> strongly propose we implement them separately.
>
> James's current v3 series presents a state that has been tested and
> reviewed. I'd like to commit it as-is. If for nothing else, then because
> I'd like the edk2 git commit history to have a snapshot of the work at
> this stage.
>
> We have ample time until the next edk2 stable tag. Right after this v3
> series is committed, you guys can start generalizing it (e.g., renaming
> files and variables). Working from special case to general case is not
> uncommon. The feature need not be ready as soon as it is committed; it
> needs to be stable and externally compatible at the next stable tag.
>
> If some changes from your list above would be incompatible with other
> software (which is also in the making, to my understanding), then I
> would request / propose that patches for those other projects be held
> back, until the generalization of the edk2 patches reaches a certain
> maturity.
>
> Basically, I wouldn't like to do an incremental review on this series
> that introduces the above-described *amount* of changes, from v3 to v4.
> And I would like to perform a from-the-scratch review even less, on this
> series. I believe your requests have merit, I'd just like to see patches
> "on top" that implement them. We're right after the last stable tag,
> this is the time for some incompatibility, until things settle.
>
> Thanks
> Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-04 2:01 ` Laszlo Ersek
@ 2020-12-14 19:57 ` Laszlo Ersek
2020-12-21 15:00 ` Laszlo Ersek
0 siblings, 1 reply; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-14 19:57 UTC (permalink / raw)
To: jejb
Cc: devel, dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel,
Jiewen Yao
Hi James,
On 12/04/20 03:01, Laszlo Ersek wrote:
> On 12/04/20 02:55, Laszlo Ersek wrote:
>
>> I will send a short patch series to add the exceptions, and once
>> that's upstream, we *will* merge this (v3) series.
>
> BTW the tweaks I added on top of your v3, in
> <https://github.com/tianocore/edk2/pull/1175>, are as follows (git
> range-diff output):
>
>> 1: 4020c20b2342 ! 1: b96494ad75db OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
>> @@ -8,8 +8,9 @@
>>
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>> -
>> Message-Id: <20201130202819.3910-2-jejb@linux.ibm.com>
>> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> + Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>>
>> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
>> --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
>> 2: 488fbdbe7689 ! 2: acc8cb13da8d OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
>> @@ -11,8 +11,9 @@
>>
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>> -
>> Message-Id: <20201130202819.3910-3-jejb@linux.ibm.com>
>> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> + Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>>
>> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
>> new file mode 100644
>> 3: 796ec96e3414 ! 3: b80ce0838781 OvmfPkg/AmdSev: add Grub Firmware Volume Package
>> @@ -19,8 +19,10 @@
>>
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>> -
>> Message-Id: <20201130202819.3910-4-jejb@linux.ibm.com>
>> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> + [lersek@redhat.com: replace local variable initialization with assignment]
>> + Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>>
>> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
>> --- a/OvmfPkg/OvmfPkg.dec
>> @@ -779,7 +781,9 @@
>> +{
>> + EFI_HANDLE Handle;
>> + EFI_STATUS Status;
>> -+ UINT16 FrontPageTimeout = 0;
>> ++ UINT16 FrontPageTimeout;
>> ++
>> ++ FrontPageTimeout = 0;
>> +
>> + DEBUG ((DEBUG_INFO, "PlatformBootManagerBeforeConsole\n"));
>> + InstallDevicePathCallback ();
>> 4: d954947f8d14 ! 4: f3cda3cadde4 OvmfPkg: create a SEV secret area in the AmdSev memfd
>> @@ -10,8 +10,9 @@
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>> -
>> Message-Id: <20201130202819.3910-5-jejb@linux.ibm.com>
>> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> + [lersek@redhat.com: fix typo in "ResetVectorVtf0.asm" comments]
>>
>> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
>> --- a/OvmfPkg/OvmfPkg.dec
>> @@ -52,7 +53,7 @@
>> +;
>> +; SEV Secret block
>> +;
>> -+; This describes the guest ram area where the hypervisor may should
>> ++; This describes the guest ram area where the hypervisor should
>> +; inject the secret. The data format is:
>> +;
>> +; base physical address (32 bit word)
>> 5: 1a18c4921cdf ! 5: c38b3caf22ad OvmfPkg/AmdSev: assign and protect the Sev Secret area
>> @@ -1,14 +1,17 @@
>> Author: James Bottomley <jejb@linux.ibm.com>
>>
>> - OvmfPkg/AmdSev: assign and protect the Sev Secret area
>> + OvmfPkg/AmdSev: assign and reserve the Sev Secret area
>>
>> - Create a one page secret area in the MEMFD and protect the area with a
>> + Create a one page secret area in the MEMFD and reserve the area with a
>> boot time HOB.
>>
>> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
>> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>> Message-Id: <20201130202819.3910-6-jejb@linux.ibm.com>
>> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> + [lersek@redhat.com: s/protect/reserve/g in the commit message, at Ard's
>> + and James's suggestion]
>>
>> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
>> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
>> 6: 6970b9413c93 ! 6: ea823d078162 OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
>> @@ -11,6 +11,8 @@
>> Signed-off-by: James Bottomley <jejb@linux.ibm.com>
>> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>> Message-Id: <20201130202819.3910-7-jejb@linux.ibm.com>
>> + Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> + [lersek@redhat.com: fix indentation of InstallConfigurationTable() args]
>>
>> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
>> --- a/OvmfPkg/OvmfPkg.dec
>> @@ -152,7 +154,8 @@
>> + IN EFI_SYSTEM_TABLE *SystemTable
>> + )
>> +{
>> -+ return gBS->InstallConfigurationTable (&gSevLaunchSecretGuid,
>> -+ &mSecretDxeTable
>> -+ );
>> ++ return gBS->InstallConfigurationTable (
>> ++ &gSevLaunchSecretGuid,
>> ++ &mSecretDxeTable
>> ++ );
>> +}
>
> I meant to include this range-diff in the email where I'd confirm the
> merge and the commit range; too bad I got distracted with this ECC mess.
Additional updates (expressed incrementally), per prior discussion:
> 1: b96494ad75db = 1: 11f014f9a5a5 OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed
> 2: acc8cb13da8d = 2: ac3e7f9e93ab OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF
> 3: b80ce0838781 ! 3: da5e1715a902 OvmfPkg/AmdSev: add Grub Firmware Volume Package
> @@ -23,6 +23,10 @@
> Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
> [lersek@redhat.com: replace local variable initialization with assignment]
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> + [lersek@redhat.com: squash 'OvmfPkg: add "gGrubFileGuid=Grub" to
> + GuidCheck.IgnoreDuplicates', reviewed stand-alone by Phil (msgid
> + <e6eae551-8563-ccfb-5547-7a97da6d46e5@redhat.com>) and Ard (msgid
> + <10aeda37-def6-d9a4-6e02-4c66c1492f57@arm.com>)]
>
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> --- a/OvmfPkg/OvmfPkg.dec
> @@ -2327,3 +2331,16 @@
> +
> +remove_efi=0
> +echo "grub.efi generated in ${basedir}"
> +
> +diff --git a/OvmfPkg/OvmfPkg.ci.yaml b/OvmfPkg/OvmfPkg.ci.yaml
> +--- a/OvmfPkg/OvmfPkg.ci.yaml
> ++++ b/OvmfPkg/OvmfPkg.ci.yaml
> +@@
> + "IgnoreGuidName": ["ResetVector", "XenResetVector"], # Expected duplication for gEfiFirmwareVolumeTopFileGuid
> + "IgnoreGuidValue": [],
> + "IgnoreFoldersAndFiles": [],
> +- "IgnoreDuplicates": [],
> ++ "IgnoreDuplicates": ["gGrubFileGuid=Grub"],
> + },
> +
> + ## options defined .pytool/Plugin/LibraryClassCheck
> 4: f3cda3cadde4 = 4: 9caed44db39b OvmfPkg: create a SEV secret area in the AmdSev memfd
> 5: c38b3caf22ad = 5: dbba0abc831f OvmfPkg/AmdSev: assign and reserve the Sev Secret area
> 6: ea823d078162 = 6: 0612c2ecdc77 OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table
Merged as commit range ef3e73c6a0c0..01726b6d23d4, via the same PR:
<https://github.com/tianocore/edk2/pull/1175>.
Please proceed with addressing Jiewen's feedback, with further patches.
Thanks!
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
* Re: [edk2-devel] [PATCH v3 0/6] SEV Encrypted Boot for Ovmf
2020-12-14 19:57 ` Laszlo Ersek
@ 2020-12-21 15:00 ` Laszlo Ersek
0 siblings, 0 replies; 35+ messages in thread
From: Laszlo Ersek @ 2020-12-21 15:00 UTC (permalink / raw)
To: jejb
Cc: devel, dovmurik, Dov.Murik1, ashish.kalra, brijesh.singh, tobin,
david.kaplan, jon.grimm, thomas.lendacky, frankeh,
Dr . David Alan Gilbert, Jordan Justen, Ard Biesheuvel,
Jiewen Yao, Liming Gao (Byosoft address)
On 12/14/20 20:57, Laszlo Ersek wrote:
> Merged as commit range ef3e73c6a0c0..01726b6d23d4, via the same PR:
> <https://github.com/tianocore/edk2/pull/1175>.
I've listed <https://bugzilla.tianocore.org/show_bug.cgi?id=3077> under
<https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning#edk2-stable202102-tag-planning>.
Thanks
Laszlo
^ permalink raw reply [flat|nested] 35+ messages in thread
end of thread, other threads:[~2020-12-21 15:00 UTC | newest]
Thread overview: 35+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-11-30 20:28 [PATCH v3 0/6] SEV Encrypted Boot for Ovmf James Bottomley
2020-11-30 20:28 ` [PATCH v3 1/6] OvmfPkg/ResetVector: convert SEV-ES Reset Block structure to be GUIDed James Bottomley
2020-12-03 8:10 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 2/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF James Bottomley
2020-12-03 8:20 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 3/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package James Bottomley
2020-12-03 8:39 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd James Bottomley
2020-12-03 8:42 ` [edk2-devel] " Laszlo Ersek
2020-11-30 20:28 ` [PATCH v3 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area James Bottomley
2020-12-01 7:54 ` Ard Biesheuvel
2020-12-01 18:36 ` [edk2-devel] " James Bottomley
2020-11-30 20:28 ` [PATCH v3 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table James Bottomley
2020-12-03 8:46 ` [edk2-devel] " Laszlo Ersek
2020-12-09 12:02 ` Yao, Jiewen
2020-12-09 15:46 ` James Bottomley
2020-12-09 15:54 ` James Bottomley
2020-12-09 16:33 ` Yao, Jiewen
2020-12-09 16:38 ` James Bottomley
2020-12-09 16:51 ` Yao, Jiewen
2020-12-09 17:04 ` James Bottomley
2020-12-10 9:12 ` Laszlo Ersek
2020-12-10 9:27 ` Yao, Jiewen
2020-12-01 8:05 ` [PATCH v3 0/6] SEV Encrypted Boot for Ovmf Ard Biesheuvel
2020-12-01 8:13 ` Laszlo Ersek
2020-12-01 15:26 ` James Bottomley
2020-12-01 8:05 ` Laszlo Ersek
2020-12-03 12:26 ` [edk2-devel] " Laszlo Ersek
2020-12-03 14:27 ` James Bottomley
2020-12-04 0:46 ` Laszlo Ersek
2020-12-04 1:05 ` James Bottomley
2020-12-04 1:55 ` Laszlo Ersek
2020-12-04 2:01 ` Laszlo Ersek
2020-12-14 19:57 ` Laszlo Ersek
2020-12-21 15:00 ` Laszlo Ersek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox