[edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver

Min Xu min.m.xu at intel.com
Tue Apr 19 04:39:27 UTC 2022 

In AmdSevDxe's entry point it clears the C-bit from PcdPciExpressBaseAddress and other memory spaces if needed. Please see https://github.com/tianocore/edk2/blob/master/OvmfPkg/AmdSevDxe/AmdSevDxe.c#L81-L95. After that OVMF can use PCI express.

This broken is caused by the call sequence of TdxDxe driver and AmdSevDxe driver. Currently TdxDxe driver is loaded before AmdSevDxe, so in SEV-ES guest the C-bit of PcdPciExpressBaseAddress hasn't been cleared. In this situation the access to PciExpressBaseAddress trigger exceptions (lib constructor in TdxDxe).

There are 2 options to fix this issue.
1. Adjust the load sequence of AmdSevDxe and TdxDxe (Load AmdSevDxe before TdxDxe)
2. Make TdxDxe to import BasePciLibCf8.inf instead of DxePciLibI440FxQ35.inf (just like AmdSevDxe)

Tom and I tested above 2 options in SEV and TDX and all work.

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao at intel.com>
> Sent: Tuesday, April 19, 2022 12:16 PM
> To: Xu, Min M <min.m.xu at intel.com>; devel at edk2.groups.io
> Cc: Brijesh Singh <brijesh.singh at amd.com>; Aktas, Erdem
> <erdemaktas at google.com>; James Bottomley <jejb at linux.ibm.com>; Tom
> Lendacky <thomas.lendacky at amd.com>
> Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver
> 
> Do you mean, with SEV introduced, OVMF cannot use PCI express any more?
> 
> Thank you
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: Xu, Min M <min.m.xu at intel.com>
> > Sent: Tuesday, April 19, 2022 11:05 AM
> > To: Yao, Jiewen <jiewen.yao at intel.com>; devel at edk2.groups.io
> > Cc: Brijesh Singh <brijesh.singh at amd.com>; Aktas, Erdem
> > <erdemaktas at google.com>; James Bottomley <jejb at linux.ibm.com>; Tom
> > Lendacky <thomas.lendacky at amd.com>
> > Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe
> > driver
> >
> > On April 19, 2022 10:54 AM, Yao Jiewen wrote:
> > >
> > > Why does TdxDxe call TdxMailbox in an SEV platform?
> > > Or why does TdxMailbox call SynchronizationLib in an SEV platform?
> > >
> > TdxDxe will not call TdxMailbox/SynchronizationLib in SEV platform.
> > The problem is in the lib constructor. When TdxDxe driver is loaded,
> > before its entry point is called, the lib constructors will be called even in a
> SEV platform.
> > >
> > > There are many places we can do CcProbe to stop action. Why we need
> > > do it in DSC?
> > So we cannot stop the lib constructor with CcProbe in this case.
> >
> > Thanks
> > Min


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89050): https://edk2.groups.io/g/devel/message/89050
Mute This Topic: https://groups.io/mt/90554139/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list