summaryrefslogtreecommitdiffstats
path: root/OvmfPkg
Commit message (Collapse)AuthorAgeFilesLines
* OvmfPkg/Library/ResetSystemLib: Fix Microvm VS2019 NOOPT build issueMichael D Kinney2021-11-121-1/+1
| | | | | | | | | | | | | REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3731 Fix VS2019 NOOPT build issues with OvmfPkg/Microvm/MicrovmX64.dsc by fixing typecast of MICROVM_GED_MMIO_BASE_REGS to a VOID *. Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
* OvmfPkg/Bhyve/PlatformPei: Fix VS2019 X64 NOOPT build issueMichael D Kinney2021-11-111-1/+1
| | | | | | | | | | | | | REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3724 Add typecast to fix build error with VS2019 X64 NOOPT converting a UINT64 value to UINT32 value. Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Rebecca Cran <rebecca@bsdio.com> Acked-by: Peter Grehan <grehan@freebsd.org>
* OvmfPkg/Xen: Fix VS2019 build issuesMichael D Kinney2021-11-113-8/+8
| | | | | | | | | | | | | | | | | REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3722 Fix VS2019 NOOPT build issues related to converting a larger integer value to a smaller integer value. Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Julien Grall <julien@xen.org> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg: Reproduce builds across source format changesMichael D Kinney2021-11-084-8/+8
| | | | | | | | | | | | | | | REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3688 Use DEBUG_LINE_NUMBER instead of __LINE__. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Michael Kubacki <michael.kubacki@microsoft.com> Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Tested-by: Michael Kubacki <michael.kubacki@microsoft.com>
* OvmfPkg: Enable TDX in ResetVectorMin Xu2021-10-246-0/+286
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory Encryption (MKTME) with a new kind of virutal machines guest called a Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the confidentiality of TD memory contents and the TD's CPU state from other software, including the hosting Virtual-Machine Monitor (VMM), unless explicitly shared by the TD itself. Note: Intel TDX is only available on X64, so the Tdx related changes are in X64 path. In IA32 path, there may be null stub to make the build success. This patch includes below major changes. 1. Ia32/IntelTdx.asm IntelTdx.asm includes below routines used in ResetVector - IsTdx Check if the running system is Tdx guest. - InitTdxWorkarea It initialize the TDX_WORK_AREA. Because it is called by both BSP and APs and to avoid the race condition, only BSP can initialize the WORK_AREA. AP will wait until the field of TDX_WORK_AREA_PGTBL_READY is set. - ReloadFlat32 After reset all CPUs in TDX are initialized to 32-bit protected mode. But GDT register is not set. So this routine loads the GDT then jump to Flat 32 protected mode again. - InitTdx This routine wrap above 3 routines together to do Tdx initialization in ResetVector phase. - IsTdxEnabled It is a OneTimeCall to probe if TDX is enabled by checking the CC_WORK_AREA. - CheckTdxFeaturesBeforeBuildPagetables This routine is called to check if it is Non-TDX guest, TDX-Bsp or TDX-APs. Because in TDX guest all the initialization is done by BSP (including the page tables). APs should not build the tables. - TdxPostBuildPageTables It is called after Page Tables are built by BSP. byte[TDX_WORK_AREA_PGTBL_READY] is set by BSP to indicate APs can leave spin and go. 2. Ia32/PageTables64.asm As described above only the TDX BSP build the page tables. So PageTables64.asm is updated to make sure only TDX BSP build the PageTables. TDX APs will skip the page table building and set Cr3 directly. 3. Ia16/ResetVectorVtf0.asm In Tdx all CPUs "reset" to run on 32-bit protected mode with flat descriptor (paging disabled). But in Non-Td guest the initial state of CPUs is 16-bit real mode. To resolve this conflict, BITS 16/32 is used in the ResetVectorVtf0.asm. It checks the 32-bit protected mode or 16-bit real mode, then jump to the corresponding entry point. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg: Add IntelTdxMetadata.asmMin Xu2021-10-246-0/+188
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 In TDX when host VMM creates a new guest TD, some initial set of TD-private pages are added using the TDH.MEM.PAGE.ADD function. These pages typically contain Virtual BIOS code and data along with some clear pages for stacks and heap. In the meanwhile, some configuration data need be measured by host VMM. Tdx Metadata is designed for this purpose to indicate host VMM how to do the above tasks. More detailed information of Metadata is in [TDVF] Section 11. Tdx Metadata describes the information about the image for VMM use. For example, the base address and length of the TdHob, Bfv, Cfv, etc. The offset of the Metadata is stored in a GUID-ed structure which is appended in the GUID-ed chain from a fixed GPA (0xffffffd0). In this commit there are 2 new definitions of BFV & CFV. Tdx Virtual Firmware (TDVF) includes one Firmware Volume (FV) known as the Boot Firmware Volume (BFV). The FV format is defined in the UEFI Platform Initialization (PI) spec. BFV includes all TDVF components required during boot. TDVF also include a configuration firmware volume (CFV) that is separated from the BFV. The reason is because the CFV is measured in RTMR, while the BFV is measured in MRTD. In practice BFV is the code part of Ovmf image (OVMF_CODE.fd). CFV is the vars part of Ovmf image (OVMF_VARS.fd). Since AMD SEV has already defined some SEV specific memory region in MEMFD. TDX re-uses some of the memory regions defined by SEV. - MailBox : PcdOvmfSecGhcbBackupBase|PcdOvmfSecGhcbBackupSize - TdHob : PcdOvmfSecGhcbBase|PcdOvmfSecGhcbSize [TDVF] https://software.intel.com/content/dam/develop/external/us/en/ documents/tdx-virtual-firmware-design-guide-rev-1.pdf Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg: Clear WORK_AREA_GUEST_TYPE in Main.asmMin Xu2021-10-242-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Previously WORK_AREA_GUEST_TYPE was cleared in SetCr3ForPageTables64. This is workable for Legacy guest and SEV guest. But it doesn't work after Intel TDX is introduced. It is because all TDX CPUs (BSP and APs) start to run from 0xfffffff0, thus WORK_AREA_GUEST_TYPE will be cleared multi-times if it is TDX guest. So the clearance of WORK_AREA_GUEST_TYPE is moved to Main16 entry point in Main.asm. Note: WORK_AREA_GUEST_TYPE is only defined for ARCH_X64. For Intel TDX, its corresponding entry point is Main32 (which will be introduced in next commit in this patch-set). WORK_AREA_GUEST_TYPE will be cleared there. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVectorMin Xu2021-10-241-0/+103
| | | | | | | | | | | | | | | | | | | | | | | | | | | | RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Previously OvmfPkg/ResetVector uses the Main.asm in UefiCpuPkg/ReseteVector/Vtf0. In this Main.asm there is only Main16 entry point. This patch-set is to introduce Intel TDX into Ovmf. Main32 entry point is needed in Main.asm by Intel TDX. To reduce the complexity of Main.asm in UefiCpuPkg, OvmfPkg create its own Main.asm to meet the requirement of Intel TDX. This Main.asm is an unmodified copy (so no functional change) and the actual changes for tdx come as incremental patches. UefiCpuPkg/ResetVector/Vtf0/main.asm -> OvmfPkg/ResetVector/Main.asm Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/AmdSev: update the fdf to use new workarea PCDBrijesh Singh2021-10-191-1/+8
| | | | | | | | | | | | | | | | | | | | | The commit 80e67af9afca added support for the generic work area concept used mainly by the encrypted VMs but missed update the AmdSev package. Fixes: 80e67af9afca ("OvmfPkg: introduce a common work area") Cc: James Bottomley <jejb@linux.ibm.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Reported-by: Dov Murik <dovmurik@linux.ibm.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Dov Murik <dovmurik@linux.ibm.com> Tested-by: Dov Murik <dovmurik@linux.ibm.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* Ovmfpkg: update Ia32 build to use new work areaBrijesh Singh2021-10-192-1/+5
| | | | | | | | | | | | | | | | | | | | | | The commit 80e67af9afca added support for the generic work area concept used mainly by the encrypted VMs. In the past, the work area was preliminary used by the SEV-ES VMs. The SEV-ES support is available for the X64 builds only. But now, that work area header contains fields that nonencrypted VMs and SEV VMs can use. They can be built for IA32. So, moving the work area defines outside of X64. Fixes: 80e67af9afca ("OvmfPkg: introduce a common work area") Cc: James Bottomley <jejb@linux.ibm.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* ArmVirtPkg/VirtioFdtDxe: Relocate VirtioFdtDxe to OvmfPkg/FdtAbner Chang2021-10-142-0/+163
| | | | | | | | | | | | | | | | | | | Relocate VirtioFdtDxe to OvmfPkg/Fdt, this driver is leverage by both ARM and RISC-V archs. Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/FdtPciHostBridgeLib: Add RISC-V in the supported arch.Abner Chang2021-10-141-1/+1
| | | | | | | | | | | | | Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
* ArmVirtPkg/FdtPciHostBridgeLib: Relocate FdtPciHostBridgeLib to OvmfPkg/FdtAbner Chang2021-10-142-0/+470
| | | | | | | | | | | | | | | | | | | | | Relocate FdtPciHostBridgeLib to OvmfPkg/Fdt, this library is leverage by both ARM and RISC-V archs. Also use PcdPciMmio32Translation and PcdPciMmio64Translation PCDs provided by MdePkg instead of ArmPkg. Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/QemuFwCfgLibMmio: Add RISC-V arch supportAbner Chang2021-10-142-4/+5
| | | | | | | | | | | | | | Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
* ArmVirtPkg/QemuFwCfgLib: Relocate QemuFwCfgLib to OvmfPkgAbner Chang2021-10-142-0/+681
| | | | | | | | | | | | | | | | | | | | Relocate QemuFwCfgLib to OvmfPkg/Library/QemuFwCfgLib and rename it to QemuFwCfgLibMmio, this library is leverage by both ARM and RISC-V archs. Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/HighMemDxe: Add RISC-V in the supported arch.Abner Chang2021-10-142-2/+4
| | | | | | | | | | | | | | | | Add RISC-V VM in the file header. Add RISC-V to the supported arch. Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
* ArmVirtPkg/HighMemDxe: Relocate HighMemDxe to OvmfPkgAbner Chang2021-10-142-0/+172
| | | | | | | | | | | | | | | | | | | Relocate HighMemDxe to OvmfPkg/Fdt, this library is leverage by both ARM and RISC-V archs. Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Cc: Jiewen Yao <jiewen.yao@intel.com>
* ArmVirtPkg/FdtPciPcdProducerLib: Relocate PciPcdProducerLib to OvmfPkgAbner Chang2021-10-142-0/+191
| | | | | | | | | | | | | | | | | | | | | Relocate PciPcdProducerLib to OvmfPkg/Fdt, this library is leverage by both ARM and RISC-V archs. Add OvmfPkg/Fdt maintainers in Maintainers.txt Signed-off-by: Abner Chang <abner.chang@hpe.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Leif Lindholm <leif@nuviainc.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Daniel Schaefer <daniel.schaefer@hpe.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Reviewed-by: Daniel Schaefer <daniel.schaefer@hpe.com> Reviewed-by: Sunil V L <sunilvl@ventanamicro.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Cc: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/Microvm: wire up serial console, drop super-ioGerd Hoffmann2021-10-053-6/+49
| | | | | | | | | | | | Microvm has no LPC bridge, so drop the PciSioSerialDxe driver. Use SerialDxe instead, with ioport hardcoded to 0x3f8 aka com1 aka ttyS0. With this tianocore boots to uefi shell prompt on the serial console. Direct kernel boot can be used too. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: use PciHostBridgeLibNullGerd Hoffmann2021-10-051-1/+1
| | | | | | | | | Shortcut PCI support for now (proper PCIe support will be wired up later). Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: BdsPlatform: PciAcpiInitialization tweak.Gerd Hoffmann2021-10-051-0/+2
| | | | | | | | Nothing to do here ;) Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/ResetSystemLib: add driver for microvmGerd Hoffmann2021-10-058-7/+231
| | | | | | | | Uses the generic event device to reset and poweroff. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: PlatformPei/Platform: add id.Gerd Hoffmann2021-10-052-0/+19
| | | | | | | | Add + set microvm id for PcdOvmfHostBridgePciDevId. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: PlatformPei/Platform memory map tweaksGerd Hoffmann2021-10-051-0/+6
| | | | | | | | Microvm needs ioapic hobs only. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: PlatformPei/MemDetect tweaksGerd Hoffmann2021-10-051-0/+4
| | | | | | | | Skip host bridge setup on microvm. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: use XenTimerDxe (lapic timer)Gerd Hoffmann2021-10-052-4/+3
| | | | | | | | | | | | Microvm has no acpi timer, so go use XenTimerDxe which uses the local apic instead. Set PcdFSBClock to 1000 MHz, which is the lapic timer frequency used by KVM. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: use MdePkg/Library/SecPeiDxeTimerLibCpuGerd Hoffmann2021-10-051-8/+1
| | | | | | | | Microvm has no acpi timer, so use the generic lib instead. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: no emulated scsiGerd Hoffmann2021-10-052-18/+0
| | | | | | | | | Microvm focus is virtio, so go drop support for emulated scsi host adapters. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: no csmGerd Hoffmann2021-10-052-32/+0
| | | | | | | | | Guests depending on BIOS will probably not work that well with microvm due to legacy hardware being not available. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: no sevGerd Hoffmann2021-10-052-3/+0
| | | | | | | | Microvm has no SEV support. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: no tpmGerd Hoffmann2021-10-052-93/+1
| | | | | | | | | Microvm has no TPM support. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: no secure bootGerd Hoffmann2021-10-052-19/+0
| | | | | | | | Without SMM secure boot isn't actually secure, so drop it too. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: no smmGerd Hoffmann2021-10-052-115/+1
| | | | | | | | Microvm has no SMM support. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: rename output files, fix includesGerd Hoffmann2021-10-052-11/+11
| | | | | | | | | | Rename the firmware volume files (s/OVMF/MICROVM/). Fix includes so they work with microvm config being in a subdirectory. With this patch applied the build works. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/Microvm: copy OvmfPkgX64 files as-isGerd Hoffmann2021-10-052-0/+1584
| | | | | | | | | | | Create Microvm subdirectory. Copy OvmfPkgX64 .dsc and .fdf files unmodified as starting point for MicrovmX64. Changes come as separate patches, to simplify patch review and rebases. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg: Reference new Tcg2PlatformPei in the build systemStefan Berger2021-09-308-0/+20
| | | | | | | | | | | | | | | | | | | Compile the Tcg2PlatformPei related code now to support TPM 2 platform hierachy disablement if the TPM state cannot be resumed upon S3 resume. Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg: Reference new Tcg2PlatformDxe in the build system for compilationStefan Berger2021-09-308-0/+20
| | | | | | | | | | | | | | | | | | Compile the Tcg2PlatformDxe related code now. Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg: Handle TPM 2 physical presence opcodes much earlierStefan Berger2021-09-303-22/+31
| | | | | | | | | | | | | | | | | | | | | Handle the TPM 2 physical presence interface (PPI) opcodes in PlatformBootManagerBeforeConsole() before the TPM 2 platform hierarchy is disabled. Since the handling of the PPI opcodes may require inter- action with the user, initialize the keyboard before handling PPI codes. Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg/TPM PPI: Connect default consoles for user interactionStefan Berger2021-09-302-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Activate the default console when user interaction is required for the processing of TPM 2 physical presence interface opcodes. Background: TPM 2 physical presence interface (PPI) opcodes need to be handled before the TPM 2 platform hierarchy is disabled. Due to this requirement we will move the function call to handle the PPI opcodes into PlatformBootManagerBeforeConsole() which runs before the initialization of the consoles. However, since for interaction with the user we need the console to be available, activate it now before displaying any message to the user. Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Peter Grehan <grehan@freebsd.org> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
* OvmfPkg: set a default value for the WorkAreaHeader PCDCorvin Köhne2021-09-222-1/+6
| | | | | | | | | | SEC checks in IsSevGuest if the PCD defined WorkAreaHeader size matches the size of the WorkAreaHeader struct definition. Set a default value for the PCD to avoid unnecessary DSC/FDF file changes in all OVMF DSC/FDF files. Signed-off-by: Corvin Köhne <c.koehne@beckhoff.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* UefiCpuPkg: Refactor initialization of CPU features during S3 resumeLou, Yun2021-09-161-5/+2
| | | | | | | | | | | | | | | | | REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3621 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3631 Refactor initialization of CPU features during S3 resume. In addition, the macro ACPI_CPU_DATA_STRUCTURE_UPDATE is used to fix incompatibility issue caused by ACPI_CPU_DATA structure update. It will be removed after all the platform code uses new ACPI_CPU_DATA structure. Signed-off-by: Jason Lou <yun.lou@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Rahul Kumar <rahul1.kumar@intel.com>
* OvmfPkg/OvmfXen: Fix build with QemuKernelLoaderFsDxeAnthony PERARD2021-09-061-1/+4
| | | | | | | | | | | | VerifyBlob() has been added recently to QemuKernelLoaderFsDxe, also QemuKernelLoaderFsDxe has been added recently to OvmfXen but without an implementation of VerifyBlob(). Fix this by adding the same runes that have been added to OvmfPkgX64.dsc. Fixes: 9f3eda177a4b ("OvmfPkg/OvmfXen: add QemuKernelLoaderFsDxe") Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
* OvmfPkg/OvmfXen: add QemuKernelLoaderFsDxeLin, Gary (HPS OE-Linux)2021-08-312-0/+2
| | | | | | | | | | | | Without QemuKernelLoaderFsDxe, QemuLoadKernelImage() couldn't download the kernel, initrd, and kernel command line from QEMU's fw_cfg. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3574 Signed-off-by: Gary Lin <gary.lin@hpe.com> Acked-by: Anthony PERARD <anthony.perard@citrix.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Tested-by: Jim Fehlig <jfehlig@suse.com>
* OvmfPkg/SmmControl2Dxe: use PcdAcpiS3Enable to detect S3 supportLin, Gary (HPS OE-Linux)2021-08-312-3/+3
| | | | | | | | | | | | To avoid the potential inconsistency between PcdAcpiS3Enable and QemuFwCfgS3Enabled(), this commit modifies SmmControl2Dxe to detect S3 support by PcdAcpiS3Enable as modules in MdeModulePkg do. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3573 Signed-off-by: Gary Lin <gary.lin@hpe.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Tested-by: Jim Fehlig <jfehlig@suse.com>
* OvmfPkg/PlatformBootManagerLib: use PcdAcpiS3Enable to detect S3 supportLin, Gary (HPS OE-Linux)2021-08-312-1/+2
| | | | | | | | | | | | To avoid the potential inconsistency between PcdAcpiS3Enable and QemuFwCfgS3Enabled(), this commit modifies PlatformBootManagerLib to detect S3 support by PcdAcpiS3Enable as modules in MdeModulePkg do. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3573 Signed-off-by: Gary Lin <gary.lin@hpe.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Tested-by: Jim Fehlig <jfehlig@suse.com>
* OvmfPkg/LockBoxLib: use PcdAcpiS3Enable to detect S3 supportLin, Gary (HPS OE-Linux)2021-08-312-5/+2
| | | | | | | | | | | | | To avoid the potential inconsistency between PcdAcpiS3Enable and QemuFwCfgS3Enabled(), this commit modifies LockBoxLib to detect S3 support by PcdAcpiS3Enable as modules in MdeModulePkg do. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3573 Signed-off-by: Gary Lin <gary.lin@hpe.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Tested-by: Jim Fehlig <jfehlig@suse.com>
* OvmfPkg/OvmfXen: set PcdAcpiS3Enable at initializationLin, Gary (HPS OE-Linux)2021-08-312-0/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | There are several functions in OvmfPkg/Library using QemuFwCfgS3Enabled() to detect the S3 support status. However, in MdeModulePkg, PcdAcpiS3Enable is used to check S3 support. Since InitializeXenPlatform() didn't set PcdAcpiS3Enable as InitializePlatform() did, this made the inconsistency between drivers/functions. For example, S3SaveStateDxe checked PcdAcpiS3Enable and skipped S3BootScript because the default value is FALSE. On the other hand, PlatformBootManagerBeforeConsole() from OvmfPkg/Library called QemuFwCfgS3Enabled() and found it returned TRUE, so it invoked SaveS3BootScript(). However, S3SaveStateDxe skipped S3BootScript, so SaveS3BootScript() asserted due to EFI_NOT_FOUND. This issue mainly affects "HVM Direct Kernel Boot". When used, "fw_cfg" is enabled in QEMU and QemuFwCfgS3Enabled() returns true in that case. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3573 Signed-off-by: Gary Lin <gary.lin@hpe.com> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Tested-by: Jim Fehlig <jfehlig@suse.com>
* OvmfPkg/VirtioMmioDeviceLib: enable virtio 1.0Gerd Hoffmann2021-08-301-1/+1
| | | | | | | | | Now with everything in place for virtio 1.0 devices we can let VirtioMmioInit() return SUCCESS. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Adapt feature bit handlingGerd Hoffmann2021-08-301-5/+23
| | | | | | | | virtio 1.0 has 64 feature bits instead of 32. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
* OvmfPkg/VirtioMmioDeviceLib: virtio 1.0: Add default QueueNumGerd Hoffmann2021-08-302-1/+12
| | | | | | | | | Use QueueNumMax as QueueNum default for drivers which do not explicitly call VIRTIO_DEVICE_PROTOCOL->SetQueueSize(). Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>