[edk2-devel] vTPM support in cloud-Hypervisor in aarch64
Praveen K Paladugu
prapal at linux.microsoft.com
Tue May 17 15:50:00 UTC 2022
Closing the loop on this thread.
With some support from folks at ARM, I was able to narrow down the issue
to Page Tables not correctly configured in EDKII to handle TPM device.
After marking the pages in vTPM address range (start:0xFED40000,
len:0x5000) as device Pages (ARM_MEMORY_REGION_ATTRIBUTE_DEVICE), I was
able to overcome the below reported Exception.
Regards,
Praveen
On 5/2/2022 11:35 AM, Praveen K Paladugu wrote:
> Folks,
> pinging on this thread to bubble it up.
> I'd appreciate any pointers you can provide on this bug.
>
>
> On 4/27/2022 1:00 PM, Praveen K Paladugu wrote:
>> Folks,
>>
>> I am trying to enable vTPM support in Windows Guest while using
>> cloud-hypervisor as the VMM and OVMF firmware from edk2 repo.
>>
>> The Firmware is built with the following command:
>>
>> build -a AARCH64 -t GCC5 -p ArmVirtPkg/ArmVirtCloudHv.dsc -b DEBUG \
>> -D TPM2_ENABLE=TRUE -D TPM2_CONFIG_ENABLE=TRUE \
>> -D SOURCE_DEBUG_ENABLE
>>
>> Below is the FDT, I am passing to the guest/firmware from
>> cloud-hypervisor:
>>
>> Printing the FDT:
>> /
>> compatible : "linux,dummy-virt "
>> #address-cells : [2]
>> #size-cells : [2]
>> interrupt-parent : [1]
>> cpus/
>> #address-cells : [1]
>> #size-cells : [0]
>> cpu at 0/
>> device_type : "cpu"
>> compatible : "arm,arm-v8 "
>> reg : [0]
>> phandle : [6]
>> cpu-map/
>> cluster0/
>> core0/
>> thread0/
>> cpu : [6]
>> memory/
>> device_type : "memory"
>> reg : [0, 40000000, 0, 80000000]
>> chosen/
>> bootargs : "earlycon=pl011,mmio,0x09000000"
>> intc/
>> compatible : "arm,gic-v3 "
>> interrupt-controller : []
>> #interrupt-cells : [3]
>> reg : [0, 8FF0000, 0, 10000, 0, 8FD0000, 0, 20000]
>> phandle : [1]
>> #address-cells : [2]
>> #size-cells : [2]
>> ranges : []
>> interrupts : [1, 9, 4]
>> msic/
>> compatible : "arm,gic-v3-its "
>> msi-controller : []
>> phandle : [2]
>> reg : [0, 8FB0000, 0, 20000]
>> timer/
>> compatible : "arm,armv8-timer "
>> always-on : []
>> interrupts : [1, D, 4, 1, E, 4, 1, B, 4, 1, A, 4]
>> pmu/
>> compatible : "arm,armv8-pmuv3 "
>> interrupts : [1, 7, 104]
>> apb-pclk/
>> compatible : "fixed-clock "
>> #clock-cells : [0]
>> clock-frequency : "\u{1}n6"
>> clock-output-names : "clk24mhz"
>> phandle : [3]
>> psci/
>> compatible : "arm,psci-0.2 "
>> method : "hvc"
>> tpm at FED40000/
>> compatible : "tcg,tpm-tis-mmio "
>> interrupts : [0, 2C, 1]
>> reg : [0, FED40000, 0, 5000]
>> pl011 at 9000000/
>> compatible : "arm,pl011 arm,primecell "
>> reg : [0, 9000000, 0, 1000]
>> clocks : [3]
>> clock-names : "apb_pclk"
>> interrupts : [0, B, 1]
>> rtc at 9010000/
>> compatible : "arm,pl031 arm,primecell "
>> reg : [0, 9010000, 0, 1000]
>> interrupts : [0, 8, 4]
>> clocks : [3]
>> clock-names : "apb_pclk"
>> pl061 at 9020000/
>> compatible : "arm,pl061 arm,primecell "
>> reg : [0, 9020000, 0, 1000]
>> interrupts : [0, 9, 1]
>> gpio-controller : []
>> #gpio-cells : [2]
>> clocks : [3]
>> clock-names : "apb_pclk"
>> phandle : [4]
>> gpio-keys/
>> compatible : "gpio-keys "
>> #size-cells : [0]
>> #address-cells : [1]
>> button at 1/
>> label : "GPIO Key Poweroff"
>> linux,code : [74]
>> gpios : [4, 3, 0]
>> pci at 30000000/
>> compatible : "pci-host-ecam-generic "
>> device_type : "pci"
>> ranges : [1000000, 0, 0, 0, 9050000, 0, 10000, 2000000, 0,
>> 10000000, 0, 10000000, 0, 20000000, 3000000, 2, 0, 2, 0, FD, 0]
>> bus-range : [0, 0]
>> linux,pci-domain : [0]
>> #address-cells : [3]
>> #size-cells : [2]
>> reg : [0, 30000000, 0, 100000]
>> #interrupt-cells : [1]
>> interrupt-map : []
>> interrupt-map-mask : []
>> dma-coherent : []
>> msi-map : [0, 2, 0, 100]
>> msi-parent : [2]
>>
>>
>> https://github.com/praveen-pk/edk2/commit/59cf5ce41ff6ad2f81273bbd55160747637c3cc2
>>
>> and
>> https://github.com/praveen-pk/edk2/commit/55e7fcc21b7aeaaae457f60f8427aaf1e2ff432c
>>
>>
>> are the changes made to enable TPM support in cloud-hypervisor's recipe.
>>
>>
>> With the above setup I am running into the following failure:
>>
>> """""
>>
>> Install PPI: 6CC45765-CCE4-42FD-BC56-011AAAC6C9A8
>> Install PPI: 8C9F4DE3-7B90-47EF-9308-287CECD66DE8
>> Install PPI: E09F355D-DAE8-4910-B14A-92780FDCF7CB
>> Install PPI: 75CF14AE-3441-49DC-AA10-BB35A7BA8BAB
>> Loading PEIM BF7F2B0C-9F2F-4889-AB5C-12460022BE87
>> add-symbol-file
>> /root/winiot/edk2/Build/ArmVirtCloudHv-AARCH64/DEBUG_GCC5/AARCH64/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei/DEBUG/Tcg2ConfigPei.dll
>> 0xBFAC1240
>>
>> Loading PEIM at 0x000BFAC1160 EntryPoint=0x000BFAC2C2C Tcg2ConfigPei.efi
>>
>> Synchronous Exception at 0xBFAC312
>> """"
>>
>>
>> Further debugging I noticed the Exception happens during an MmioRead.
>> Below is the related trace:
>>
>> """"
>> add-symbol-file
>> /root/winiot/edk2/Build/ArmVirtCloudHv-AARCH6/DEBUG_GCC5/AARCH64/OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei/DEBUG/Tcg2ConfigPei.dll
>> 0xBFAC1240
>>
>> Loading PEIM at 0x000BFAC1160 EntryPoint=0x000BFAC2C2C Tcg2ConfigPei.efi
>>
>> _ModuleEntryPoint
>> ProcessLibraryConstructorList start _ModuleEntryPoint
>> BaseDebugLibSerialPortConstructor
>> TimerConstructor
>> Tpm2DeviceLibConstructor
>> Tpm2GetPtpInterface Register = FED40000
>> Tpm2IsPtpPresence Start, Reg = FED40000
>> ioLibArmVirt.c MmioRead8
>> ioLibArmVirt.c MmioRead8
>> Synchronous Exception at 0xBFAC312
>> """"
>>
>> Any thoughts on what could be going wrong with TPM device
>> configuration in the firmware? I'd appreciate any inputs on this issue.
>>
>
--
Regards,
Praveen K Paladugu
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89832): https://edk2.groups.io/g/devel/message/89832
Mute This Topic: https://groups.io/mt/90740087/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list