[edk2-devel] [RFC PATCH v1 00/30] Support for Arm CCA guest firmware
Jean-Philippe Brucker
jean-philippe at linaro.org
Fri May 5 09:51:26 UTC 2023
On Thu, May 04, 2023 at 05:36:32PM +0200, Ard Biesheuvel wrote:
> On Thu, 4 May 2023 at 17:13, Jean-Philippe Brucker
> <jean-philippe at linaro.org> wrote:
> >
> > Hello,
> >
> > On Tue, Apr 25, 2023 at 05:03:58PM +0100, Sami Mujawar wrote:
> > > We are happy to announce an early RFC version of the Arm Confidential
> > > Compute Architecture (CCA) support for the Kvmtool guest firmware.
> > > The intention is to seek early feedback in the following areas:
> > > * Integration of the Arm CCA in ArmVirtPkg
> > > * Generalise the operations wherever possible with other Confidential
> > > Compute solutions and Virtual Machine Managers (VMMs)
> >
> > Experimental support for ArmVirtQemu is available at [1]. Most of it
> > simply includes Sami's libraries into ArmVirtQemu, but there are a few
> > things specific to QEMU, one of which I still haven't figured out.
> >
> > The early debug support in PEI is problematic. A realm must access the
> > emulated serial port through unprotected Intermediate Physical Address
> > (IPA aka GPA) which is the upper half of the IPA space. The IPA address
> > must have the most significant bit set. Once the MMU is enabled and
> > ArmCcaConfigureMmio() runs, the page tables point to the right IPA so
> > there is no problem. Before that however, EarlyFdtPL011SerialPortLib would
> > need to access the device using the unprotected IPA address. So far I
> > haven't managed to implement this, so the early serial debug is just
> > disabled.
> >
>
> Did you spot the changes I made recently for booting at EL1 with hard
> coded [initial] page tables in flash? It seems to me that mapping the
> serial port in there shouldn't be that hard.
Ah I did but I had misunderstood your change, it does set a TTBR right at
the beginning in ArmPlatformPeiBootAction. Although we can't hardcode the
serial port mapping (because its address in a Realm depends on the IPA
width which varies across VM configurations), I can probably patch it
early enough.
Thanks,
Jean
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#104109): https://edk2.groups.io/g/devel/message/104109
Mute This Topic: https://groups.io/mt/98496036/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list