That issue looks different in that CodeQL did not have a problem. You
can use the same PR, just rebase with master.
It looks like that had an issue triggering pipelines from GitHub which
might be fixed be rerunning after the push.
Thanks,
Michael
On 4/24/2024 7:08 PM, Yao, Jiewen wrote:
Ah, thank you Mike.
Should I close/re-open my PR?
Or should I keep waiting?
Thank you
Yao, Jiewen
-----Original Message-----
From: Kinney, Michael D <michael.d.kin...@intel.com>
Sent: Thursday, April 25, 2024 7:01 AM
To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io; Sean Brogan
<sean.bro...@microsoft.com>; Michael Kubacki
<mikub...@linux.microsoft.com>
Cc: Gerd Hoffmann <kra...@redhat.com>; Ard Biesheuvel <a...@kernel.org>;
Oliver Steffen <ostef...@redhat.com>; Ard Biesheuvel
<ardb+tianoc...@kernel.org>; Srikanth Aithal <srait...@amd.com>; Kinney,
Michael D <michael.d.kin...@intel.com>
Subject: RE: [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load driver in
confidential guests
Hi Jiewen,
Michael Kubacki has been working on a CI issue and a change is being merged
now.
Mike
-----Original Message-----
From: Yao, Jiewen <jiewen....@intel.com>
Sent: Wednesday, April 24, 2024 3:57 PM
To: devel@edk2.groups.io; Kinney, Michael D
<michael.d.kin...@intel.com>; Sean Brogan <sean.bro...@microsoft.com>
Cc: Gerd Hoffmann <kra...@redhat.com>; Ard Biesheuvel <a...@kernel.org>;
Oliver Steffen <ostef...@redhat.com>; Ard Biesheuvel
<ardb+tianoc...@kernel.org>; Srikanth Aithal <srait...@amd.com>
Subject: RE: [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load driver in
confidential guests
Hi Mike/Sean
Can someone look at the EDKII CI?
My PR has been blocked for 9 hours -
https://github.com/tianocore/edk2/pull/5595.
Thank you
Yao, Jiewen
-----Original Message-----
From: Ard Biesheuvel <a...@kernel.org>
Sent: Thursday, April 25, 2024 1:05 AM
To: Yao, Jiewen <jiewen....@intel.com>
Cc: Gerd Hoffmann <kra...@redhat.com>; devel@edk2.groups.io; Oliver
Steffen
<ostef...@redhat.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>;
Srikanth
Aithal <srait...@amd.com>
Subject: Re: [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load driver in
confidential guests
On Wed, 24 Apr 2024 at 18:36, Yao, Jiewen <jiewen....@intel.com>
wrote:
Thanks Ard.
I have submitted https://github.com/tianocore/edk2/pull/5595 3 hours
ago.
But it seems the CI stops working...
OK, I have dropped my PR.
-----Original Message-----
From: Ard Biesheuvel <a...@kernel.org>
Sent: Thursday, April 25, 2024 12:27 AM
To: Yao, Jiewen <jiewen....@intel.com>
Cc: Gerd Hoffmann <kra...@redhat.com>; devel@edk2.groups.io;
Oliver
Steffen
<ostef...@redhat.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>;
Srikanth
Aithal <srait...@amd.com>
Subject: Re: [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load
driver in
confidential guests
On Wed, 24 Apr 2024 at 08:45, Yao, Jiewen <jiewen....@intel.com>
wrote:
Reviewed-by: Jiewen Yao <jiewen....@intel.com>
Thanks, I've queued this up.
-----Original Message-----
From: Gerd Hoffmann <kra...@redhat.com>
Sent: Wednesday, April 24, 2024 2:00 PM
To: devel@edk2.groups.io
Cc: Oliver Steffen <ostef...@redhat.com>; Gerd Hoffmann
<kra...@redhat.com>; Ard Biesheuvel
<ardb+tianoc...@kernel.org>; Yao,
Jiewen
<jiewen....@intel.com>; Srikanth Aithal <srait...@amd.com>
Subject: [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load
driver in
confidential
guests
The VirtHstiDxe does not work in confidential guests. There
also isn't
anything we can reasonably test, neither flash storage nor SMM
mode will
be used in that case. So just skip driver load when running
in a
confidential guest.
Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org>
Cc: Jiewen Yao <jiewen....@intel.com>
Fixes: 506740982bba ("OvmfPkg/VirtHstiDxe: add code flash
check")
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
Tested-by: Srikanth Aithal <srait...@amd.com>
---
OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf | 1 +
OvmfPkg/VirtHstiDxe/VirtHstiDxe.c | 6 ++++++
2 files changed, 7 insertions(+)
diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
index 9514933011e8..b5c237288766 100644
--- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
+++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf
@@ -49,6 +49,7 @@ [FeaturePcd]
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
[Pcd]
+ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr
gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase
diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
index b6e53a1219d1..efaff0d1f3cb 100644
--- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
+++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c
@@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiLib.h>
+#include <Library/PcdLib.h>
#include <Library/PlatformInitLib.h>
#include <IndustryStandard/Hsti.h>
@@ -140,6 +141,11 @@ VirtHstiDxeEntrypoint (
EFI_STATUS Status;
EFI_EVENT Event;
+ if (PcdGet64 (PcdConfidentialComputingGuestAttr)) {
+ DEBUG ((DEBUG_INFO, "%a: confidential guest\n",
__func__));
+ return EFI_UNSUPPORTED;
+ }
+
DevId = VirtHstiGetHostBridgeDevId ();
switch (DevId) {
case INTEL_82441_DEVICE_ID:
--
2.44.0
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118240): https://edk2.groups.io/g/devel/message/118240
Mute This Topic: https://groups.io/mt/105705705/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
