On 4/19/22 00:06, Yao, Jiewen wrote:
OK. Let me describe what I think.
PCI Express BAR need to be initialized by someone in the platform.
This initialization may require CFG8. That is understandable.
A good design is that: After the PCIE BAR is initialized, it can be accessed.
Requires additional step (such as clear C-bit) means the PCIE BAR is not fully
initialized originally. I don't think it is a good idea.
So far, the problem is TdxDxe, but what if a PEI driver also wants to use
access PCIE space? It may run into same problem.
I think the best way is to clear C-bit in PciExBarInitialization(), as SEV
specific step to finish initialization.
https://github.com/tianocore/edk2/blob/master/OvmfPkg/Library/PlatformInitLib/Platform.c#L261
As such, no matter how many drivers want to use PCIE, they can.
Splitting PCIE bar programming and C bit clearing is a big problem. In this
window, no one can actually touch the PCIE bar, although it seems being
initialized...
I tried this approach and it does not work. It is because new page tables
are used in the DXE phase and so the c-bit has to be cleared in the new
page tables vs the page tables used in PEI.
Thanks,
Tom
Thank you
Yao Jiewen
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiewen
Sent: Tuesday, April 19, 2022 12:47 PM
To: Xu, Min M <min.m...@intel.com>; devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem
<erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Tom
Lendacky <thomas.lenda...@amd.com>
Subject: Re: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver
Can SEV clear the C-bit in SEC phase?
I think that is right way to ensure PCI Express can always be accessed by
anyone.
-----Original Message-----
From: Xu, Min M <min.m...@intel.com>
Sent: Tuesday, April 19, 2022 12:39 PM
To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem
<erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Tom
Lendacky <thomas.lenda...@amd.com>
Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver
In AmdSevDxe's entry point it clears the C-bit from PcdPciExpressBaseAddress
and other memory spaces if needed. Please see
https://github.com/tianocore/edk2/blob/master/OvmfPkg/AmdSevDxe/AmdSev
Dxe.c#L81-L95. After that OVMF can use PCI express.
This broken is caused by the call sequence of TdxDxe driver and AmdSevDxe
driver. Currently TdxDxe driver is loaded before AmdSevDxe, so in SEV-ES guest
the C-bit of PcdPciExpressBaseAddress hasn't been cleared. In this situation
the
access to PciExpressBaseAddress trigger exceptions (lib constructor in TdxDxe).
There are 2 options to fix this issue.
1. Adjust the load sequence of AmdSevDxe and TdxDxe (Load AmdSevDxe
before
TdxDxe)
2. Make TdxDxe to import BasePciLibCf8.inf instead of DxePciLibI440FxQ35.inf
(just like AmdSevDxe)
Tom and I tested above 2 options in SEV and TDX and all work.
-----Original Message-----
From: Yao, Jiewen <jiewen....@intel.com>
Sent: Tuesday, April 19, 2022 12:16 PM
To: Xu, Min M <min.m...@intel.com>; devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem
<erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Tom
Lendacky <thomas.lenda...@amd.com>
Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver
Do you mean, with SEV introduced, OVMF cannot use PCI express any more?
Thank you
Yao Jiewen
-----Original Message-----
From: Xu, Min M <min.m...@intel.com>
Sent: Tuesday, April 19, 2022 11:05 AM
To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem
<erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>;
Tom
Lendacky <thomas.lenda...@amd.com>
Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe
driver
On April 19, 2022 10:54 AM, Yao Jiewen wrote:
Why does TdxDxe call TdxMailbox in an SEV platform?
Or why does TdxMailbox call SynchronizationLib in an SEV platform?
TdxDxe will not call TdxMailbox/SynchronizationLib in SEV platform.
The problem is in the lib constructor. When TdxDxe driver is loaded,
before its entry point is called, the lib constructors will be called even in a
SEV platform.
There are many places we can do CcProbe to stop action. Why we need
do it in DSC?
So we cannot stop the lib constructor with CcProbe in this case.
Thanks
Min
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89195): https://edk2.groups.io/g/devel/message/89195
Mute This Topic: https://groups.io/mt/90554139/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
