summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* PrmPkg: Add initial PrmSsdtInstallDxe moduleMichael Kubacki2022-04-056-51/+171
| | | | | | | | | | | | | | | | | | | | | | | | | | | Adds a new module that installs a PRM SSDT. Note: A library class would allow a high degree of flexibility for platforms that choose: 1. To not install a PRM SSDT at all (using a NULL library instance) 2. To install a specific PRM SSDT implementation However, it is implemented as a driver since build tools are not linking ACPI tables to drivers from linked library classes. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Export major/minor version in PRM module PE COFF headerLiu2022-04-054-2/+10
| | | | | | | | | | | | | | | | | | | | | | | PRMT ACPI defined major version and minor version for each PRM module. PRM module will build its major/minor version in its PE COFF header. In boot time, PRM loader will collect the major/minor version from PE COFF header and fill them into PRMT ACPI table. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Liu Yun <yun.y.liu@intel.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Publish PRM operation region to support PRM ACPI _DSM invocationLiu2022-04-053-0/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A PRM Handler has a 1-to-1 mapping to the corresponding _DSM method. The UUID of the _DSM Method will be passed by the ASL code to the OpRegionHandler which will look up the PRMT Table to extract the pointer of the corresponding PRM Handler. PRM loader pre-builds an SSDT that includes this PRM operation region. In boot time, the PRM loader will load and publish this SSDT, so that in OS runtime ACPI _DSM can invoke the PRM handler by pass the UUID to PRM operation region. The pre-build SSDT also includes a PRMT device as a Sample ACPI _DSM to invoke PRM handler. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Liu Yun <yun.y.liu@intel.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Enable variable growth for the PRM_MODULE_EXPORT macroMichael Kubacki2022-04-052-10/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The PRM_MODULE_EXPORT parameterized macro allows a caller to produce a static PRM module export descriptor structure in the binary by simply passing PRM_HANDLER_EXPORT_ENTRY arguments with each argument representing a PRM handler to be exported by the module. Previously, the PRM_MODULE_EXPORT_DESCRIPTOR_STRUCT used in the PRM_MODULE_EXPORT macro was fixed to a maximum of three handlers. This change removes that restriction and allows the structure to grow based on the number of PRM handlers given to the macro. This means a local type will be customized per PRM module. The reference type PRM_MODULE_EXPORT_DESCRIPTOR_STRUCT keeps a field at the end that allows array access to PRM_HANDLER_EXPORT_DESCRIPTOR_STRUCT members. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add ALLOCATE_CONTEXT_BUFFER_IN_FW build optionMichael Kubacki2022-04-056-12/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's currently two approaches being considered for how to allocate the context buffer passed to PRM handlers: 1. The context buffer is allocated and populated in firmware. As such, the FW converts all pointers internal to the buffer to virtual memory addresses at the virtual address change event. A single context buffer pointer is given to the OS via the PRM ACPI table and the OS converts this single physical address to a virtual address when it passes the context buffer as a pointer to PRM handlers. 2. The context buffer is allocated and populated in the OS. The OS gets all the information needed to populate the context buffer from other pre-existing resources (mainly physical addresses in the PRM ACPI table). The OS converts all the physical addresses to virtual addresses, allocates the context buffer instances, and fills in the information. The OS passes the context buffer virtual address to PRM handlers. The prior behavior was (1). The current POR behavior has moved to (2). Until (2) is used more widely, it can be kept around with fairly minimal overhead via a build flag in a few places. So the default behavior is now (2) (the expected permanent behavior) with (1) easily enabled by defining "ALLOCATE_CONTEXT_BUFFER_IN_FW" in the compiler defined macros. A DSC define was added in PrmPkg.dsc to set this compiler macro in the package build. At some point in the future, all code (and some peripheral code) surrounded with this build flag can be removed if (2) is fully decided upon. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* Readme.md: Add initial contentMichael Kubacki2022-04-051-0/+212
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 Adds the following content to Readme.md: 1. A basic explanation of how the package is organized and where to find important items. 2. Adds instructions for building PrmPkg with edk2. 3. Adds a "Build Flags" section to the build instructions to explain any build flags that may be passed to influence the build. The final package will not have any build flags. A reasonable number are temporarily used to test different flows until final decisions are made as to which flow to keep. Most notably, only Visual Studio tool chains are currently supported due to the modifications made to support export tables. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add initial package DSC fileMichael Kubacki2022-04-051-0/+107
| | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 Adds the PrmPkg DSC file so all of the contents can be built as a stand-alone package. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add initial PrmSampleContextBufferModuleMichael Kubacki2022-04-055-0/+490
| | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 Adds a sample PRM module that demonstrates: 1. How to write a PRM module 2. How to use a basic PRM OS services 3. How to use a basic PRM module configuration library 4. How to use a context buffer during PRM handler execution Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add initial PrmSampleHardwareAccessModuleMichael Kubacki2022-04-053-0/+684
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 Adds a sample PRM module that demonstrates: 1. How to write a PRM module 2. How to use multiple PRM handlers in a module 3. How to use a basic PRM OS service 4. MSR access at OS runtime Note: This module contains a PRM handler to read from the HPET MMIO range but the memory map changes needed for this to succeed are currently not implemented. These will be implemented in a future change. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add initial PrmSampleMemoryAllocationModuleMichael Kubacki2022-04-052-0/+156
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 DEPRECATED: This module is no longer relevant since OS Services that allow memory allocation have been removed. It is still present in the source tree in the event dynamic memory allocation at OS runtime is needed again. Adds a sample PRM module that demonstrates: 1. How to write a PRM module 2. How to use a basic PRM OS service 3. How to dynamically allocate memory at OS runtime Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add initial PrmSamplePrintModuleMichael Kubacki2022-04-052-0/+196
| | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 Adds a simple sample PRM module that demonstrates: 1. How to write a PRM module 2. How to use multiple PRM handlers in a module 3. How to use a basic PRM OS service Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg/PrmConfigDxe: Add initial driverMichael Kubacki2022-04-056-0/+1739
| | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 This driver serves as a generic PRM configuration driver. Its primary role is to prepare PRM resources published by PRM module configuration libraries for OS runtime. As such, it locates all PRM Configuration Protocol instances and consumes the information to ready those resources. For example, set runtime memory attributes on MMIO ranges and convert physical addresses to virtual addresses in PRM buffers. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg/PrmContextBufferLib: Add initial library instanceMichael Kubacki2022-04-053-0/+330
| | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 This library is introduced to add a general abstraction for PRM context buffer management. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add PrmConfig protocol interfaceMichael Kubacki2022-04-051-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 The PRM Configuration protocol is used by PRM module configuration libraries to describe their resources so that a generic PRM Configuration DXE driver can prepare those resources for OS runtime. Therefore, multiple instances are expected in the system per boot with approximately one instance per PRM module. All PRM Configuration Protocol instances must be installed prior to end of DXE. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* PrmPkg: Add package and include headersMichael Kubacki2022-04-0510-0/+577
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3812 Adds a new package to maintain Platform Runtime Mechanism (PRM) support. This package is intended to include generic code that provides a common infrastructure to support PRM in firmware and a collection of sample PRM modules that demonstrate how to use the interfaces and other package resources to author a PRM module. The following initial headers are included in this commit: * Prm.h - Includes common content for PRM with no dependencies on other PRM header files. * PrmContextBuffer.h - Includes definitions for PRM context buffers. Context buffers are standardized structures that point to various resources available to a PRM handler during its execution. * PrmDataBuffer.h - Includes definitions for PRM data buffers. Within the context of PRM, these data buffers are composed of a generic header followed by a variable length blob of arbitrary data. * PrmExportDescriptor.h - Includes definitions for creating PRM export descriptors. A PRM export descriptor is a structure referenced in the export table of PRM module that contains PRM-specific metadata about the module. * PrmMmio.h - Includes definitions for describing MMIO ranges uses by PRM modules. * PrmModule.h - Includes definitions commonly used by PRM module authors. This file is provided to serve as a convenient include for PRM module authors. * PrmOsServices.h - Includes content specific to PRM OS services. OS Services will not planned to be present in the final version of PRM. The OS Services have been reduced to a simple debug print function. So this is currently planned to be a temporary file to support debugging during PRM development. Note: Modules built for the UEFI environment can be built by Visual Studio and non-Visual Studio toolchains. However, PRM modules are currently only supported on Visual Studio toolchain due to usage of export tables. Cc: Andrew Fish <afish@apple.com> Cc: Kang Gao <kang.gao@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Liu Yun <yun.y.liu@intel.com> Cc: Ankit Sinha <ankit.sinha@intel.com> Cc: Nate DeSimone <nathaniel.l.desimone@intel.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Liming Gao <gaoliming@byosoft.com.cn> Acked-by: Leif Lindholm <quic_llindhol@quicinc.com> Reviewed-by: Ankit Sinha <ankit.sinha@intel.com>
* OvmfPkg: Do not check VbeShim.h formatting with UncrustifyMichael Kubacki2022-04-041-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3875 The following files: OvmfPkg/Bhyve/BhyveRfbDxe/VbeShim.h OvmfPkg/QemuVideoDxe/VbeShim.h Are auto generated by the following generators: OvmfPkg/Bhyve/BhyveRfbDxe/VbeShim.sh OvmfPkg/QemuVideoDxe/VbeShim.sh Therefore, Uncrustify causes a file update to produce a very large diff due to formatting changes. This change does the following: 1. Reverts the Uncrustify changes applied to the files in commit ac0a286f4d74. 2. Uses a new UncrustifyCheck CI plugin configuration option to exclude the files from future formatting checks. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Cc: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
* OvmfPkg: Revert Uncrustify formatting in VbeShim.h filesMichael Kubacki2022-04-042-1601/+1599
| | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3875 Reverts changes automatically applied by Uncrustify in commit ac0a286. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Cc: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
* .pytool/Plugin/UncrustifyCheck: Add ignore file supportMichael Kubacki2022-04-042-0/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3880 Currently UncrustifyCheck.py provides the following exclusion options: 1. Override the type of files UncrustifyCheck operates against by default (.c and .h files). Using the "IgnoreStandardPaths" configuration option. 2. By default, UncrustifyCheck skips files in git submodules and ignored by git (the "SkipGitExclusions" configuration option can override this behavior). The goal of UncrustifyCheck is to provide consistent formatting across the codebase. In some rare circumstances, maintainers might need to exclude a specific file (or file pattern) within their package. For example, a small set of auto-generated files from another repository. This change adds a new configuration option that can be specified in a package CI YAML file to describe a list of files within the package that should be ignored by UncrustifyCheck. The configuration option is called "IgnoreFiles" and it uses similar syntax to git ignore to ignore a list of files. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Sean Brogan <sean.brogan@microsoft.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
* .pytool/Plugin/UncrustifyCheck: Update func to return absolute pathsMichael Kubacki2022-04-041-1/+6
| | | | | | | | | | | | | | | | | | Currently, UncrustifyCheck._get_git_ignored_paths() is documented to return a list of absolute file paths but it currently returns a list of relative file paths. This change updates the function to return a list of absolute file paths. The result is later compared to the list of absolute file paths for files to run against Uncrustify. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Sean Brogan <sean.brogan@microsoft.com> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* UefiPayloadPkg: Consume the new added DebugPrintErrorLevelLib instanceXie, Yuanhao2022-04-031-1/+1
| | | | | | | | | | | | | Change the DebugPrintErrorLevelLib instance in UefiPayloadPkg.dsc to allow bootloader to config DebugPrintErrorLevel. Cc: Guo Dong <guo.dong@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Maurice Ma <maurice.ma@intel.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
* UefiPayloadPkg: Change some configuration of the payloadXie, Yuanhao2022-04-031-5/+5
| | | | | | | | | | | | | | | | 1. Use PeiDxeDebugLibReportStatusCode library for DebugLib, and add ReportStatusCodeLib. 2. Remove gEfiMdeModulePkgTokenSpaceGuid.PcdSerialExtendedTxFifoSize overrided in UefiPayloadPkg.dsc. 3. Change PcdHardwareErrorRecordLevel to 1 Cc: Guo Dong <guo.dong@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Maurice Ma <maurice.ma@intel.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
* UefiPayloadPkg: Add a new DebugPrintErrorLevelLib instanceXie, Yuanhao2022-04-034-1/+151
| | | | | | | | | | | | | | It consumes the HOB defined in UefiPayloadPkg/Include/Guid/DebugPrintErrorLevel.h, and allow bootloader to config DebugPrintErrorLevel. Cc: Guo Dong <guo.dong@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Maurice Ma <maurice.ma@intel.com> Cc: Benjamin You <benjamin.you@intel.com> Cc: Sean Rhodes <sean@starlabs.systems> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
* OvmfPkg: Add dependency of VariableSmm driver to make it work normally.Zhihao Li2022-04-024-3/+7
| | | | | | | | | | | | | | | | | | | | | | REF? https://bugzilla.tianocore.org/show_bug.cgi?id=3861 UefiCpuPkg define a new Protocol with the new services SmmWaitForAllProcessor(), which can be used by SMI handler to optionally wait for other APs to complete SMM rendezvous in relaxed AP mode. VariableSmm driver need use SmmCpuRendezvousLib, So add SmmCpuRendezvousLib in OvmfPkg. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Sebastien Boeuf <sebastien.boeuf@intel.com> Signed-off-by: Zhihao Li <zhihao.li@intel.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg: Introduce IntelTdxX64 for TDVF Config-BMin Xu2022-04-022-0/+1122
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory Encryption (MKTME) with a new kind of virutal machines guest called a Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the confidentiality of TD memory contents and the TD's CPU state from other software, including the hosting Virtual-Machine Monitor (VMM), unless explicitly shared by the TD itself. There are 2 configurations for TDVF to upstream. See below link for the definitions of the 2 configurations. https://edk2.groups.io/g/devel/message/76367 This patch-set is to enable the basic feature of Config-B in OvmfPkg. - Add a standalone IntelTdxX64.dsc to a TDX specific directory for a *full* feature TDVF. (Align with existing SEV) - IntelTdx.dsc includes Tdx/Legacy OVMF basic boot capability. The final binary can run on Tdx/Legacy OVMF. - PEI phase is skipped. By design in Config-B there should be more advanced features, such as: - RTMR based measurement and measure boot. - Remove unnecessary drivers to reduce attack surface, such as network stack. To make the code review more efficiency, Config-B is split into 2 waves: - Basic feature of Config-B - Advanced feature of Config-B This patch contains 2 files (IntelTdxX64.dsc/IntelTdxX64.fdf) which enable the basic feature of Config-B. In the waves of Advanced feature of Config-B, we will re-visit these 2 files. TDX_PEI_LESS_BOOT is defined in IntelTdxX64.dsc to indicate it boots up without PEI phase. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* MdeModulePkg: Update PciEnumeratorSupport to ignore OptionRom if neededMin Xu2022-04-022-5/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Function of UpdatePciInfo() in PciEnumeratorSupport.c is used to update the bar information for those incompatible PCI device. It is the right place to check if the OptionRom need to be ignored. According to "Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage" in PI Spec 1.7, Type-specific flags can be set to 0 when Address Translation Offset == 6 to skip device option ROM (do not probe option rom BAR). Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg/IncompatiblePciDeviceSupportDxe: Ignore OptionRom in Td guestMin Xu2022-04-021-0/+46
| | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Host VMM may inject OptionRom which is untrusted in Td guest. So PCI OptionRom needs to be ignored if it is Td guest. According to "Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage" PI spec 1.7, type-specific flags can be set to 0 when Address Translation Offset == 6 to skip device option ROM. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg/IncompatiblePciDeviceSupportDxe: Refine the configurationMin Xu2022-04-021-31/+33
| | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 MMIO64_PREFERENCE is a fixed length data structure which contains one AddressSpaceDesc and one EndDesc. This patch removes MMIO64_PREFERENCE and create AddressSpaceDesc and EndDesc respectively. This change gives the chance to add more AddressSpaceDesc when CheckDevice is called. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update DxeAcpiTimerLib to read HostBridgeDevId in PlatformInfoHobMin Xu2022-04-022-6/+26
| | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 The entrypoint of DxeAcpiTimerLib checks HostBridgeDevId by reading PcdOvmfHostBridgePciDevId. If the DevId is not set, ASSERT is triggered. Normally this DevId is set in PlatformPei which is executed in PEI phase. This patch-set is introducing PEI-less boot which means PEI phase is skipped. So there is no chance to set this DevId. Instead HostBridgeDevId is set in PlatformInfoHob. So we can check if PlatformInfoHob exists and if HostBridgeDevId is set in this Hob. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update TdxDxe to set TDX PCDsMin Xu2022-04-022-1/+69
| | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 TDX_PEI_LESS_BOOT indicates the boot without PEI phase. In this case settings in EFI_HOB_PLATFORM_INFO should be set to its according PCDs. TdxDxe driver is workable for both Legacy guest and Tdx guest. It is because for Legacy guest (in PEI-less boot) there should be a place to set the PCDs based on EFI_HOB_PLATFORM_INFO hob. TdxDxe driver is the right place to do this work. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg/IntelTdx: Add Sec to bring up both Legacy and Tdx guestMin Xu2022-04-023-0/+410
| | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 OvmfPkg/IntelTdx/Sec is a simplied version of OvmfPkg/Sec. There are below differences between these 2 Sec - IntelTdx/Sec only supports Legacy guest and Tdx guest in X64. - IntelTdx/Sec calls PeilessStartup () to jump from SEC to DXE directly. - IntelTdx/Sec uses MemoryAllocationLib / HobLib / PrePiLib in EmbeddedPkg. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Add PeilessStartupLibMin Xu2022-04-029-0/+1896
| | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 PeilessStarupLib provides a function (PeilessStartup) which brings up both Legacy and Tdx guest from SEC phase to DXE phase. PEI phase is skipped so that the attack surfaces are reduced as much as possible. PeilessStartup() does below tasks: 1. Contruct the FW hoblist. Since PEI is skipped, we must find a memory region which is the largest one below 4GB. Then this memory region will be used as the firmware hoblist. 2. Initialize the platform. 3. Build various Hobs, such as SecFv Hob, DxeFv Hob, Stack Hob, etc. 4. At last DXE Core is located / loaded and transfer control to it. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Add PrePiHobListPointerLibTdxMin Xu2022-04-022-0/+86
| | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 This library sets / gets the Hob list pointer in TDX_WORK_AREA. This is because it is designed to be used in SEC where the value of global variable cannot be saved, so the Hob list pointer is saved in TDX_WORK_AREA. TDX_WORK_AREA shares the same base address as SEV_WORK_AREA which is pointed by PcdSevEsWorkAreaBase. This PCD will be renamed to PcdCcWorkAreaBase as Gerd suggested. See https://edk2.groups.io/g/devel/message/86642 Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Add TdxWorkArea definitionMin Xu2022-04-021-0/+15
| | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Add the TDX work area definition. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Switch timer in build time for OvmfPkgMin Xu2022-04-0210-14/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3711 Discussion in https://bugzilla.tianocore.org/show_bug.cgi?id=1496 shows that 8254TimerDxe was not written for OVMF. It was moved over from PcAtChipsetPkg to OvmfPkg in 2019. Probably because OVMF was the only user left. Most likely the reason OVMF used 8254TimerDxe initially was that it could just use the existing driver in PcAtChipsetPkg. And it simply hasn't been changed ever. CSM support was moved in 2019 too. (CSM support depends on 8254/8259 drivers). So 8254TimerDxe will be used when CSM_ENABLE=TRUE. There are 4 .dsc which include the 8254Timer. - OvmfPkg/AmdSev/AmdSevX64.dsc - OvmfPkg/OvmfPkgIa32.dsc - OvmfPkg/OvmfPkgIa32X64.dsc - OvmfPkg/OvmfPkgX64.dsc For the three OvmfPkg* configs using 8254TimerDxe with CSM_ENABLE=TRUE and LapicTimerDxe otherwise. For the AmdSev config it doesn't make sense to support a CSM. So use the lapic timer unconditionally. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Suggested-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* UefiCpuPkg: Setting initial-count register as the last stepMin Xu2022-04-021-5/+5
| | | | | | | | | | | | | | | | | | | | | | | BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3711 Per SDM, changing the mode of APIC timer (from one-shot to periodic or vice versa) by writing to the timer LVT entry does not start the timer. To start the timer, it is necessary to write to the initial-count register. If initial-count is wrote before mode change, it's possible that timer expired before the mode change. Thus failing the periodic mode. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Julien Grall <julien@xen.org> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Rename XenTimerDxe to LocalApicTimerDxeMin Xu2022-04-029-12/+12
| | | | | | | | | | | | | | | | | | | | | | BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3711 XenTimerDxe is a local Apic timer driver and it has nothing to do with Xen. So rename it to LocalApicTimerDxe. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Julien Grall <julien@xen.org> Acked-by: Anthony PERARD <anthony.perard@citrix.com Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update IoMmuDxe to support TDXMin Xu2022-04-0210-42/+85
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 The IOMMU protocol driver provides capabilities to set a DMA access attribute and methods to allocate, free, map and unmap the DMA memory for the PCI Bus devices. The current IoMmuDxe driver supports DMA operations inside SEV guest. To support DMA operation in TDX guest, CC_GUEST_IS_XXX (PcdConfidentialComputingGuestAttr) is used to determine if it is SEV guest or TDX guest. Due to security reasons all DMA operations inside the SEV/TDX guest must be performed on shared pages. The IOMMU protocol driver for the SEV/TDX guest uses a bounce buffer to map guest DMA buffer to shared pages in order to provide the support for DMA operations inside SEV/TDX guest. The call of SEV or TDX specific function to set/clear EncMask/SharedBit is determined by CC_GUEST_IS_XXX (PcdConfidentialComputingGuestAttr). Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxeMin Xu2022-04-022-4/+6
| | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 In the previous QemuFwCfgDxe only SEV is supported. This commit introduce TDX support in QemuFwCfgDxe. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Add TdxDxe driverMin Xu2022-04-028-0/+694
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 TdxDxe driver is dispatched early in DXE, due to being list in APRIORI. This module is responsible for below features: - Sets max logical cpus based on TDINFO - Sets PCI PCDs based on resource hobs - Set shared bit in MMIO region - Relocate Td mailbox and set its address in MADT table. 1. Set shared bit in MMIO region Qemu allows a ROM device to set to ROMD mode (default) or MMIO mode. When it is in ROMD mode, the device is mapped to guest memory and satisfies read access directly. In EDK2 Option ROM is treated as MMIO region. So Tdx guest access Option ROM via TDVMCALL(MMIO). But as explained above, since Qemu set the Option ROM to ROMD mode, the call of TDVMCALL(MMIO) always return INVALID_OPERAND. Tdvf then falls back to direct access. This requires to set the shared bit to corresponding PageTable entry. Otherwise it triggers GP fault. TdxDxe's entry point is the right place to set the shared bit in MMIO region because Option ROM has not been discoverd yet. 2. Relocate Td mailbox and set the new address in MADT Mutiprocessor Wakeup Table. In TDX the guest firmware is designed to publish a multiprocessor-wakeup structure to let the guest-bootstrap processor wake up guest-application processors with a mailbox. The mailbox is memory that the guest firmware can reserve so each guest virtual processor can have the guest OS send a message to them. The address of the mailbox is recorded in the MADT table. See [ACPI]. TdxDxe registers for protocol notification (gQemuAcpiTableNotifyProtocolGuid) to call the AlterAcpiTable(), in which MADT table is altered by the above Mailbox address. The protocol will be installed in AcpiPlatformDxe when the MADT table provided by Qemu is ready. This is to maintain the simplicity of the AcpiPlatformDxe. AlterAcpiTable is the registered function which traverses the ACPI table list to find the original MADT from Qemu. After the new MADT is configured and installed, the original one will be uninstalled. [ACPI] https://uefi.org/specs/ACPI/6.4/05_ACPI_Software_Programming_Model /ACPI_Software_Programming_Model.html#multiprocessor-wakeup-structure Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper libraryMin Xu2022-04-029-0/+1385
| | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Add Intel Tdx helper library. The library provides the routines to: - set or clear Shared bit for a given memory region. - query whether TDX is enabled. Please be noted, there a lot of duplicated codes for Page Table operations. These codes should be moved to a common library (PageTablesLib) so that it is more friendly for review and maintain. There is a new feature requirement https://bugzilla.tianocore.org/show_bug.cgi?id=847 which is to implement the library. After the lib is introduced, BaseMemEncryptTdxLib will be refactored. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update AcpiPlatformDxe to alter MADT tableMin Xu2022-04-023-1/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 In TDX the guest firmware is designed to publish a multiprocessor-wakeup structure to let the guest-bootstrap processor wake up guest-application processors with a mailbox. The mailbox is memory that the guest firmware can reserve so each guest virtual processor can have the guest OS send a message to them. The address of the mailbox is recorded in the MADT table. See [ACPI]. To maintain the simplicity of the AcpiPlatformDxe, the MADT ACPI table will be altered in another driver (TdxDxe) by installing a protocol to notify that the ACPI table provided by Qemu is ready. Then in TdxDxe a notification functioin will be called to alter the MADT table to recorded the mailbox address. The protocol is gQemuAcpiTableNotifyProtocolGuid. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update PlatformPei to support Tdx guestMin Xu2022-04-027-3/+104
| | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 OvmfPkg/PlatformPei is updated to support Tdx guest. There are below major changes. - Set Tdx related PCDs - Publish Tdx RamRegions In this patch there is another new function BuildPlatformInfoHob (). This function builds EFI_HOB_PLATFORM_INFO which contains the HostBridgeDevId. The hob is built in both Td guest and Non-Td guest. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update PlatformInitLib for Tdx guestMin Xu2022-04-025-1/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 There are below changes in PlatformInitLib for Tdx guest: 1. Publish ram regions In Tdx guest, the system memory is passed in TdHob by host VMM. So the major task of PlatformTdxPublishRamRegions is to walk thru the TdHob list and transfer the ResourceDescriptorHob and MemoryAllocationHob to the hobs in DXE phase. 2. Build MemoryAllocationHob for Tdx Mailbox and Ovmf work area. 3. Update of PlatformAddressWidthInitialization. The physical address width that Tdx guest supports is either 48 or 52. 4. Update of PlatformMemMapInitialization. 0xA0000 - 0xFFFFF is VGA bios region. Platform initialization marks the region as MMIO region. Dxe code maps MMIO region as IO region. As TDX guest, MMIO region is maps as shared. However VGA BIOS doesn't need to be shared. Guest TDX Linux maps VGA BIOS as private and accesses for BIOS and stuck on repeating EPT violation. VGA BIOS (more generally ROM region) should be private. Skip marking VGA BIOA region [0xa000, 0xfffff] as MMIO in HOB. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* UefiCpuPkg: Update AddressEncMask in CpuPageTableMin Xu2022-04-022-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 MMIO region in Tdx guest is set with PcdTdxSharedBitMask in TdxDxe's entry point. In SEV guest the page table entries is set with PcdPteMemoryEncryptionAddressOrMask when creating 1:1 identity table. So the AddressEncMask in GetPageTableEntry (@CpuPageTable.c) is either PcdPteMemoryEncryptionAddressOrMask (in SEV guest), or PcdTdxSharedBitMask (in TDX guest), or all-0 (in Legacy guest). Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* MdeModulePkg: Add PcdTdxSharedBitMaskMin Xu2022-04-029-0/+26
| | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Guest Physical Address (GPA) space in Td guest is divided into private and shared sub-spaces, determined by the SHARED bit of GPA. This PCD holds the shared bit mask. Its default value is 0 and it will be set in PlatformPei driver if it is of Td guest. Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* MdeModulePkg: Skip setting IA32_ERER.NXE if it has already been setMin Xu2022-04-021-3/+5
| | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 If IA32_ERER.NXE has already been set, skip setting it again. Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operationMin Xu2022-04-023-0/+45
| | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 If TDX is enabled then we do not support DMA operation in PEI phase. This is mainly because DMA in TDX guest requires using bounce buffer (which need to allocate dynamic memory and allocating a PAGE size'd buffer can be challenge in PEI phase). Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update Sec to support TdxMin Xu2022-04-0211-2/+184
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 There are below major changes in this commit. 1. SecEntry.nasm In TDX BSP and APs goes to the same entry point in SecEntry.nasm. BSP initialize the temporary stack and then jumps to SecMain, just as legacy Ovmf does. APs spin in a modified mailbox loop using initial mailbox structure. Its structure defition is in OvmfPkg/Include/IndustryStandard/IntelTdx.h. APs wait for command to see if the command is for me. If so execute the command. 2. Sec/SecMain.c When host VMM create the Td guest, the system memory informations are stored in TdHob, which is a memory region described in Tdx metadata. The system memory region in TdHob should be accepted before it can be accessed. So the major task of this patch is to process the TdHobList to accept the memory. After that TDVF follow the standard OVMF flow and jump to PEI phase. PcdUse1GPageTable is set to FALSE by default in OvmfPkgX64.dsc. It gives no chance for Intel TDX to support 1G page table. To support 1G page table this PCD is set to TRUE in OvmfPkgX64.dsc. TDX_GUEST_SUPPORTED is defined in OvmfPkgX64.dsc. This macro wraps the Tdx specific code. TDX only works on X64, so the code is only valid in X64 arch. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg/Sec: Declare local variable as volatile in SecCoreStartupWithStackMin Xu2022-04-021-5/+10
| | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Declare the local variables in SecCoreStartupWithStack that actually move the data elements as volatile to prevent the optimizer from replacing this function with the intrinsic memcpy(). Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
* OvmfPkg: Update PlatformInitLib to process Tdx hoblistMin Xu2022-04-025-1/+576
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 When host VMM create the Td guest, the system memory informations are stored in TdHob, which is a memory region described in Tdx metadata. The system memory region in TdHob should be accepted before it can be accessed. So the newly added function (ProcessTdxHobList) is to process the TdHobList to accept the memory. Because TdHobList is provided by host VMM which is not trusted, so its content should be checked before it is consumed by TDVF. Because ProcessTdxHobList is to be called in SEC phase, so PlatformInitLib.inf is updated to support SEC. Note: In this patch it is BSP which accepts the pages. So there maybe boot performance issue. There are some mitigations to this issue, such as lazy accept, 2M accept page size, etc. We will re-visit here in the future. EFI_RESOURCE_MEMORY_UNACCEPTED is a new ResourceType in EFI_HOB_RESOURCE_DESCRIPTOR. It is defined for the unaccepted memory passed from Host VMM. This is proposed in microsoft/mu_basecore#66 files#diff-b20a11152d1ce9249c691be5690b4baf52069efadf2e2546cdd2eb663d80c9 e4R237 according to UEFI-Code-First. The proposal was approved in 2021 in UEFI Mantis, and will be added to the new PI.next specification. Per the MdePkg reviewer's comments, before this new ResourceType is added in the PI spec, it should not be in MdePkg. So it is now defined as an internal implementation and will be moved to MdePkg/Include/Pi/PiHob.h after it is added in PI spec. See https://edk2.groups.io/g/devel/message/87641 PcdTdxAcceptPageSize is added for page accepting. Currently TDX supports 4K and 2M accept page size. The default value is 2M. Tdx guest is only supported in X64. So for IA32 ProcessTdxHobList just returns EFI_UNSUPPORTED. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>