[edk2-devel] [PATCH 00/23] Enable Intel TDX in OvmfPkg (SEC/PEI)
Min Xu
min.m.xu at intel.com
Thu Aug 12 11:56:39 UTC 2021
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3249
Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a
Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
confidentiality of TD memory contents and the TD's CPU state from other
software, including the hosting Virtual-Machine Monitor (VMM), unless
explicitly shared by the TD itself.
The patch-sets to support Intel TDX in OvmfPkg is split into several
waves. This is Wave-2 which enables Intel TDX in SEC/PEI phases of
OvmfPkgX64. (This is because Intel TDX is only available on X64).
Note:
As mentioned above the whole TDX Virtual Firmware upstream to EDK2 is
splitted into several waves. Wave-1 is focused on the changes in
OvmfPkg/ResetVector. It is still in review. (Hope we can finish it soon).
Wave-2 is focused on the changes in SEC/PEI phases. To make the review
more efficient we send Wave-2 before the review of Wave-1 is finished.
Wave-2 has little dependencies on Wave-1 except some PCDs definitions.
So reviewers can skip Patch 01-03. Once Wave-1 is done, Wave-2 will be
rebased on the latest code base. Thanks for your understanding.
Patch 01-03 are the patches of Wave-1 (ResetVector phase). They can be
skipped.
Patch 04 - 18 are changes in SEC phase. Also some libraries in these patches
are workable in both SEC and PEI.
Patch 19 - 23 are changes for PEI phase.
Patch 04:
Tdx.h is added in the patch which includes the Intel Trust Domain
Extension definitions.
Detailed information can be found in below document:
https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-module-1eas-v0.85.039.pdf
Patch 05:
It provides *TdxIsEnabled* to determine Td or Non-Td by a new CPUID
leaf(0x21).
Patch 06:
TdxLib is provided in this patch to wrap the functions which perform the
related Tdx operation.
Patch 07:
TDVF chooses para-virtualized I/O which use the TDG.VP.VMCALL function
to invoke the funtions provided by the host VMM to perform I/O.
BaseIoLibIntrinsicSev.inf is updated to support the I/O in Tdx guest.
Some null stub are also added in BaseIoLibIntrinsic.inf to prevent the
broken of build process.
Patch 08:
In this patch BaseXApicX2ApicLib is updated to support Intel TDX. The
major change is access to MSR because some MSR should be accessed via
explicit requests from the host VMM using TDCALL(TDG.VP.VMCALL).
Patch 09 - 12:
These patches add VmTdExitLib library and add base support to handle #VE
exceptions under the help of VmTdExitLib.
Patch 13:
This patch enable Tdx support in MpInitLib.
Patch 14:
In this patch BSP initialize the temporary stack and then jumps to
SecMain, just as legacy Ovmf does.
APs spin in a modified mailbox loop using initial mailbox structure.
They wait for command to see if the command is for me. If so execute
the command.
Patch 15:
IntelTdx.h is added to define the defitions used by TDX in OvmfPkg.
Patch 16:
In Tdx BSP may issues commands to APs for some task, for example, to
accept pages paralelly. BSP also need to wait until all the APs have
done the task. TdxMailboxLib wraps these common funtions for BSP.
Patch 17:
In this patch EFI_RESOURCE_ATTRIBUTE_ENCRYPTED is added which indicates
the attribute of Physical memory encrypted.
Patch 18:
Now we're ready to update SecMain.c to support Intel TDX. The major
changes of this patch is to accept the private memory described in
Td hoblist. Then TDVF follow the standard OVMF flow and jump to PEI
phase.
Patch 19:
This patch checks Tdx in QemuFwCfgPei to avoid DMA operation. This is
mainly because DMA in TDX guest requires using bounce buffer (which need
to allocate dynamic memory and allocating a PAGE size'd buffer can be
challenge in PEI phase).
Patch 20:
A new function - AllocatePagesWithMemoryType - is added in
PeiMemoryAllocationLib. This is because when doing RelocateMailbox,
the memory of ACPI Nvs need be allocated.
Patch 21:
PcdUse1GPageTable is set to FALSE by default in OvmfPkgX64.dsc. It gives
no chance to support 1G page table. To support 1G page table in TDX this
PCD is set to TRUE in OvmfPkgX64.dsc.
Patch 22:
In TDX IA32_ERER is RO to host VMM. It could not be changed. A new PCD -
PcdIa32EferChangeAllowed - is added in MdeModulePkg.dec and it will be
set to FALSE in Tdx guest.
Patch 23:
Intel TDX has its own requirement in InitializePlatform (PlatformPei).
- Publish the ram region
- Relocate mailbox
- Create PlatformInfoHob
[TDX]: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-whitepaper-final9-17.pdf
[TDVF]: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-virtual-firmware-design-guide-rev-1.pdf
Code is at https://github.com/mxu9/edk2/tree/tdvf_wave2
Cc: Brijesh Singh <brijesh.singh at amd.com>
Cc: Eric Dong <eric.dong at intel.com>
Cc: Erdem Aktas <erdemaktas at google.com>
Cc: Hao A Wu <hao.a.wu at intel.com>
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: James Bottomley <jejb at linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Liming Gao <gaoliming at byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney at intel.com>
Cc: Ray Ni <ray.ni at intel.com>
Cc: Rahul Kumar <rahul1.kumar at intel.com>
Cc: Tom Lendacky <thomas.lendacky at amd.com>
Cc: Zhiguang Liu <zhiguang.liu at intel.com>
Signed-off-by: Min Xu <min.m.xu at intel.com>
Min Xu (23):
OvmfPkg: Add Tdx BFV/CFV PCDs and PcdOvmfImageSizeInKb
OvmfPkg/Sec: Update the check logic in SevEsIsEnabled
OvmfPkg/ResetVector: Enable Intel TDX in ResetVector of Ovmf
MdePkg: Add Tdx.h
MdePkg: Add TdxProbeLib to probe Intel Tdx
MdePkg: Add TdxLib to wrap Tdx operations
MdePkg: Update BaseIoLibIntrinsicSev to support Tdx
UefiCpuPkg: Support TDX in BaseXApicX2ApicLib
UefiCpuPkg: Add VmTdExitLibNull
OvmfPkg: Prepare OvmfPkg to use the VmTdExitLib library
OvmfPkg: Implement library support for VmTdExitLib in Ovmf
UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception
UefiCpuPkg: Enable Tdx support in MpInitLib
OvmfPkg: Update SecEntry.nasm to support Tdx
OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard
OvmfPkg: Add TdxMailboxLib
MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h
OvmfPkg: Enable Tdx in SecMain.c
OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation
MdePkg: Add AllocatePagesWithMemoryType support in
PeiMemoryAllocationLib
OvmfPkg: Add PcdUse1GPageTable support for TDX
MdeModulePkg: EFER should not be changed in TDX
OvmfPkg: Update PlatformPei to support TDX
MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 1 +
.../Core/DxeIplPeim/X64/VirtualMemory.c | 6 +
MdeModulePkg/MdeModulePkg.dec | 5 +
MdePkg/Include/IndustryStandard/Tdx.h | 200 +++++
MdePkg/Include/Library/MemoryAllocationLib.h | 21 +
MdePkg/Include/Library/TdxLib.h | 167 +++++
MdePkg/Include/Library/TdxProbeLib.h | 25 +
MdePkg/Include/Pi/PiHob.h | 8 +
.../BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf | 2 +
.../BaseIoLibIntrinsicSev.inf | 6 +-
MdePkg/Library/BaseIoLibIntrinsic/IoLib.c | 97 ++-
MdePkg/Library/BaseIoLibIntrinsic/IoLibGcc.c | 49 +-
.../BaseIoLibIntrinsic/IoLibInternalTdx.c | 690 ++++++++++++++++++
.../BaseIoLibIntrinsic/IoLibInternalTdxNull.c | 499 +++++++++++++
MdePkg/Library/BaseIoLibIntrinsic/IoLibMsc.c | 73 +-
MdePkg/Library/BaseIoLibIntrinsic/IoLibTdx.h | 411 +++++++++++
.../BaseIoLibIntrinsic/X64/IoFifoSev.nasm | 133 ++++
.../MemoryAllocationLib.c | 27 +
MdePkg/Library/TdxLib/AcceptPages.c | 136 ++++
MdePkg/Library/TdxLib/Rtmr.c | 118 +++
MdePkg/Library/TdxLib/TdInfo.c | 101 +++
MdePkg/Library/TdxLib/TdxLib.inf | 39 +
MdePkg/Library/TdxLib/TdxLibNull.c | 192 +++++
MdePkg/Library/TdxLib/X64/Tdcall.nasm | 120 +++
MdePkg/Library/TdxLib/X64/Tdvmcall.nasm | 206 ++++++
MdePkg/Library/TdxProbeLib/InternalTdxProbe.h | 25 +
MdePkg/Library/TdxProbeLib/TdProbeNull.c | 25 +
MdePkg/Library/TdxProbeLib/TdxProbeLib.c | 35 +
MdePkg/Library/TdxProbeLib/TdxProbeLib.inf | 34 +
MdePkg/Library/TdxProbeLib/X64/TdProbe.nasm | 97 +++
MdePkg/MdePkg.dec | 6 +
MdePkg/MdePkg.dsc | 2 +
OvmfPkg/Include/IndustryStandard/IntelTdx.h | 77 ++
OvmfPkg/Include/Library/TdxMailboxLib.h | 75 ++
OvmfPkg/Include/TdxCommondefs.inc | 51 ++
OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPei.c | 15 +
.../Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf | 1 +
OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c | 138 ++++
.../Library/TdxMailboxLib/TdxMailboxLib.inf | 52 ++
.../Library/TdxMailboxLib/TdxMailboxNull.c | 86 +++
OvmfPkg/Library/VmTdExitLib/VmTdExitLib.inf | 41 ++
.../Library/VmTdExitLib/VmTdExitVeHandler.c | 515 +++++++++++++
OvmfPkg/OvmfPkg.dec | 27 +
OvmfPkg/OvmfPkgDefines.fdf.inc | 10 +
OvmfPkg/OvmfPkgIa32.dsc | 4 +
OvmfPkg/OvmfPkgIa32X64.dsc | 4 +
OvmfPkg/OvmfPkgX64.dsc | 8 +
OvmfPkg/OvmfXen.dsc | 1 +
OvmfPkg/PlatformPei/FeatureControl.c | 9 +-
OvmfPkg/PlatformPei/IntelTdx.c | 268 +++++++
OvmfPkg/PlatformPei/IntelTdxNull.c | 35 +
OvmfPkg/PlatformPei/MemDetect.c | 20 +-
OvmfPkg/PlatformPei/Platform.c | 2 +
OvmfPkg/PlatformPei/Platform.h | 17 +
OvmfPkg/PlatformPei/PlatformPei.inf | 14 +
OvmfPkg/PlatformPei/X64/ApRunLoop.nasm | 83 +++
OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 39 +
OvmfPkg/ResetVector/Ia32/AmdSev.asm | 7 -
OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm | 9 +
OvmfPkg/ResetVector/Ia32/IntelTdx.asm | 265 +++++++
OvmfPkg/ResetVector/Ia32/PageTables64.asm | 113 ++-
OvmfPkg/ResetVector/Main.asm | 121 +++
OvmfPkg/ResetVector/ResetVector.inf | 12 +-
OvmfPkg/ResetVector/ResetVector.nasmb | 48 +-
OvmfPkg/ResetVector/X64/IntelTdxMetadata.asm | 110 +++
OvmfPkg/Sec/IntelTdx.c | 608 +++++++++++++++
OvmfPkg/Sec/IntelTdx.h | 33 +
OvmfPkg/Sec/SecMain.c | 45 +-
OvmfPkg/Sec/SecMain.inf | 7 +
OvmfPkg/Sec/X64/SecEntry.nasm | 313 ++++++++
UefiCpuPkg/Include/Library/VmTdExitLib.h | 47 ++
.../BaseXApicX2ApicLib/BaseXApicX2ApicLib.c | 172 ++++-
.../BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf | 2 +
.../DxeCpuExceptionHandlerLib.inf | 1 +
.../PeiCpuExceptionHandlerLib.inf | 1 +
.../PeiDxeSmmCpuException.c | 18 +
.../SecPeiCpuException.c | 19 +
.../SecPeiCpuExceptionHandlerLib.inf | 1 +
.../SmmCpuExceptionHandlerLib.inf | 1 +
.../Xcode5SecPeiCpuExceptionHandlerLib.inf | 1 +
UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 5 +
UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 14 +-
UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h | 107 +++
UefiCpuPkg/Library/MpInitLib/MpLib.c | 26 +
UefiCpuPkg/Library/MpInitLib/MpLibTdx.c | 142 ++++
UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c | 117 +++
UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 5 +
.../Library/MpInitLib/X64/IntelTdcall.nasm | 120 +++
.../Library/VmTdExitLibNull/VmTdExitLibNull.c | 37 +
.../VmTdExitLibNull/VmTdExitLibNull.inf | 34 +
UefiCpuPkg/UefiCpuPkg.dec | 9 +
UefiCpuPkg/UefiCpuPkg.dsc | 4 +
92 files changed, 7610 insertions(+), 112 deletions(-)
create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
create mode 100644 MdePkg/Include/Library/TdxLib.h
create mode 100644 MdePkg/Include/Library/TdxProbeLib.h
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdx.c
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibInternalTdxNull.c
create mode 100644 MdePkg/Library/BaseIoLibIntrinsic/IoLibTdx.h
create mode 100644 MdePkg/Library/TdxLib/AcceptPages.c
create mode 100644 MdePkg/Library/TdxLib/Rtmr.c
create mode 100644 MdePkg/Library/TdxLib/TdInfo.c
create mode 100644 MdePkg/Library/TdxLib/TdxLib.inf
create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
create mode 100644 MdePkg/Library/TdxLib/X64/Tdcall.nasm
create mode 100644 MdePkg/Library/TdxLib/X64/Tdvmcall.nasm
create mode 100644 MdePkg/Library/TdxProbeLib/InternalTdxProbe.h
create mode 100644 MdePkg/Library/TdxProbeLib/TdProbeNull.c
create mode 100644 MdePkg/Library/TdxProbeLib/TdxProbeLib.c
create mode 100644 MdePkg/Library/TdxProbeLib/TdxProbeLib.inf
create mode 100644 MdePkg/Library/TdxProbeLib/X64/TdProbe.nasm
create mode 100644 OvmfPkg/Include/IndustryStandard/IntelTdx.h
create mode 100644 OvmfPkg/Include/Library/TdxMailboxLib.h
create mode 100644 OvmfPkg/Include/TdxCommondefs.inc
create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailbox.c
create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailboxLib.inf
create mode 100644 OvmfPkg/Library/TdxMailboxLib/TdxMailboxNull.c
create mode 100644 OvmfPkg/Library/VmTdExitLib/VmTdExitLib.inf
create mode 100644 OvmfPkg/Library/VmTdExitLib/VmTdExitVeHandler.c
create mode 100644 OvmfPkg/PlatformPei/IntelTdx.c
create mode 100644 OvmfPkg/PlatformPei/IntelTdxNull.c
create mode 100644 OvmfPkg/PlatformPei/X64/ApRunLoop.nasm
create mode 100644 OvmfPkg/ResetVector/Ia32/IntelTdx.asm
create mode 100644 OvmfPkg/ResetVector/Main.asm
create mode 100644 OvmfPkg/ResetVector/X64/IntelTdxMetadata.asm
create mode 100644 OvmfPkg/Sec/IntelTdx.c
create mode 100644 OvmfPkg/Sec/IntelTdx.h
create mode 100644 UefiCpuPkg/Include/Library/VmTdExitLib.h
create mode 100644 UefiCpuPkg/Library/MpInitLib/MpIntelTdx.h
create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdx.c
create mode 100644 UefiCpuPkg/Library/MpInitLib/MpLibTdxNull.c
create mode 100644 UefiCpuPkg/Library/MpInitLib/X64/IntelTdcall.nasm
create mode 100644 UefiCpuPkg/Library/VmTdExitLibNull/VmTdExitLibNull.c
create mode 100644 UefiCpuPkg/Library/VmTdExitLibNull/VmTdExitLibNull.inf
--
2.29.2.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79156): https://edk2.groups.io/g/devel/message/79156
Mute This Topic: https://groups.io/mt/84837888/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list