[edk2-devel] [PATCH v1 0/1] EmbeddedPkg: DwMmcHcDxe: Add support for Designware SDMMC driver

[Loh, Tien Hock]

From: Loh Tien Hock 

This adds support for Designware SDMMC driver. The SDMMC driver depends on
MdeModulePkg/Bus/Sd/, and produces EFI_SD_MMC_PASS_THRU_PROTOCOL. The
driver uses MMIO to read/write, and uses
gEdkiiNonDiscoverableDeviceProtocolGuid. Platform needs to register device
with gEdkiiNonDiscoverableDeviceProtocolGuid.

Tien Hock, Loh (1):
  EmbeddedPkg: DwMmcHcDxe: Add support for Designware SDMMC driver

 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.dec  |   40 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.inf  |   70 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.h|  817 ++
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.h  |  985 
 EmbeddedPkg/Include/Protocol/PlatformDwMmc.h   |   79 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/ComponentName.c |  214 +++
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.c| 1296 
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.c  | 1603 
 EmbeddedPkg/Drivers/DwMmcHcDxe/EmmcDevice.c| 1042 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/SdDevice.c  | 1105 ++
 10 files changed, 7251 insertions(+)
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.dec
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.inf
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.h
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.h
 create mode 100644 EmbeddedPkg/Include/Protocol/PlatformDwMmc.h
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/ComponentName.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/EmmcDevice.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/SdDevice.c

-- 
2.12.3



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72575): https://edk2.groups.io/g/devel/message/72575
Mute This Topic: https://groups.io/mt/81196313/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] Cancelled Event: TianoCore Bug Triage - APAC / NAMO - Tuesday, 9 March 2021 #cal-cancelled

[devel@edk2.groups.io Calendar]

BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Groups.io Inc//Groups.io Calendar//EN
METHOD:CANCELLED
CALSCALE:GREGORIAN
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
LAST-MODIFIED:20201011T015911Z
TZURL:http://tzurl.org/zoneinfo-outlook/America/Los_Angeles
X-LIC-LOCATION:America/Los_Angeles
BEGIN:DAYLIGHT
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
DTSTART:19700308T02
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
DTSTART:19701101T02
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
X-GIOIDS:Event:1055055 
UID:mlda.1580078539586725120.r...@groups.io
DTSTAMP:20210309T072452Z
ORGANIZER;CN=Liming Gao:mailto:gaolim...@byosoft.com.cn
DTSTART:20210310T023000Z
DTEND:20210310T033000Z
SUMMARY:TianoCore Bug Triage - APAC / NAMO
DESCRIPTION:TianoCore Bug Triage - APAC / NAMO\n\nHosted by Liming Gao\n\
 nhttps://meetingsamer34.webex.com/meetingsamer34/j.php?MTID=mb96c5bd411bd
 010e1e6d43a6f6c65f45\n\nWednesday\, Jan 20\, 2021 10:30 am | 50 minutes |
  (UTC+08:00) Beijing\, Chongqing\, Hong Kong\, Urumqi\n\nOccurs every Wed
 nesday effective 1/20/2021 from 10:30 AM to 11:20 AM\, (UTC+08:00) Beijin
 g\, Chongqing\, Hong Kong\, Urumqi\n\nMeeting number: 126 867 1239\n\nPas
 sword: ZhqYQunw246 (94797869 from video systems)\n\nd8edc6c9604344b08f727
 b4bf054eaac_20210120T023000Z\n\nJoin by video system\n\nDial 1268671239@m
 eetingsamer34.webex.com\n\nYou can also dial 173.243.2.68 and enter your 
 meeting number.\n\nJoin by phone\n\nUse VoIP only
LOCATION:https://meetingsamer34.webex.com/meetingsamer34/j.php?MTID=mb96c
 5bd411bd010e1e6d43a6f6c65f45
SEQUENCE:999
STATUS:CANCELLED
END:VEVENT
END:VCALENDAR


invite.ics
Description: application/ics

回复: [edk2-devel] TianoCore Bug Triage - APAC / NAMO - Tue, 03/09/2021 6:30pm-7:30pm #cal-reminder

[gaoliming]

Hi, all

 Few new issues are submitted this week. Let’s cancel this week meeting.

 


  3251

EDK2 Pla

MinPlatf

unassig...@tianocore.org

UNCO

Added Tcg2Acpi driver to EDK2-Platform 
 

23:48:48

kun@microsoft.com


  3250

EDK2 Pla

MinPlatf

unassig...@tianocore.org

UNCO

Resolve dependencies of VariableSmmRuntimeDxe 
 

23:46:20

kun@microsoft.com


  3228

EDK2

Code

unassig...@tianocore.org

UNCO

gcc: error: unrecognized command line option ‘-no-pie’ 
 

Mon 09:34

ser...@posteo.net


  3246

EDK2

Code

unassig...@tianocore.org

UNCO

Add a new library class RegisterFilterLib in edk2 to filter/trace port 
IO/MMIO/MSR access  

Mon 00:21

dandan...@intel.com


  3247

EDK2

Code

unassig...@tianocore.org

UNCO

LocateHandleBuffer fail if number of Handle varies 
 

Sun 23:03

xiewenyi0...@163.com

 

Thanks

Liming

发件人: devel@edk2.groups.io  
发送时间: 2021年3月9日 10:30
收件人: devel@edk2.groups.io
主题: [edk2-devel] TianoCore Bug Triage - APAC / NAMO - Tue, 03/09/2021 
6:30pm-7:30pm #cal-reminder

 

Reminder: TianoCore Bug Triage - APAC / NAMO

When: Tuesday, 9 March 2021, 6:30pm to 7:30pm, (GMT-08:00) America/Los Angeles 

Where:https://meetingsamer34.webex.com/meetingsamer34/j.php?MTID=mb96c5bd411bd010e1e6d43a6f6c65f45

View Event  

Organizer: Liming Gao gaolim...@byosoft.com.cn 


Description: 

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

 

https://meetingsamer34.webex.com/meetingsamer34/j.php?MTID=mb96c5bd411bd010e1e6d43a6f6c65f45

Wednesday, Jan 20, 2021 10:30 am | 50 minutes | (UTC+08:00) Beijing, Chongqing, 
Hong Kong, Urumqi

Occurs every Wednesday effective 1/20/2021 from 10:30 AM to 11:20 AM, 
(UTC+08:00) Beijing, Chongqing, Hong Kong, Urumqi

Meeting number: 126 867 1239

Password: ZhqYQunw246 (94797869 from video systems)

d8edc6c9604344b08f727b4bf054eaac_20210120T023000Z

 

Join by video system

Dial 1268671...@meetingsamer34.webex.com 
 

You can also dial 173.243.2.68 and enter your meeting number.

 

Join by phone

Use VoIP only





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72573): https://edk2.groups.io/g/devel/message/72573
Mute This Topic: https://groups.io/mt/81196162/21656
Mute #cal-reminder:https://edk2.groups.io/g/devel/mutehashtag/cal-reminder
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V3 3/3] OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

[Yao, Jiewen]

Hi
Would you please try to merge TdxLib and TdxLibSec?
I am not sure if we really need two instance.

Also, can we remove MemoryAllocationLib ? 
If it is just used to allocate aligned memory, can we allocate aligned memory 
in stack instead of heap ?



> -Original Message-
> From: Xu, Min M 
> Sent: Tuesday, March 9, 2021 2:13 PM
> To: devel@edk2.groups.io
> Cc: Xu, Min M ; Justen, Jordan L
> ; Laszlo Ersek ; Yao, Jiewen
> ; Reiland, Doug 
> Subject: [PATCH V3 3/3] OvmfPkg: Implement library support for TdxLib SEC and
> DXE on OVMF
> 
> The base TdxLib in MdePkg/Library provides a default limited interface.
> As it does not provide full support, create an OVMF version of this library
> to begin the process of providing full support of TDX in OVMF.
> 
> Cc: Jordan Justen 
> Cc: Laszlo Ersek 
> Cc: Jiewen Yao 
> 
> Signed-off-by: Min Xu 
> Signed-off-by: Doug Reiland 
> ---
>  OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
>  OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
>  OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
>  OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
>  OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
>  OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
>  OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
>  7 files changed, 679 insertions(+)
>  create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
>  create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
>  create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
>  create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
>  create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
>  create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
>  create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm
> 
> diff --git a/OvmfPkg/Library/TdxLib/AcceptPages.c
> b/OvmfPkg/Library/TdxLib/AcceptPages.c
> new file mode 100644
> index ..3848bb6a95a4
> --- /dev/null
> +++ b/OvmfPkg/Library/TdxLib/AcceptPages.c
> @@ -0,0 +1,68 @@
> +/** @file
> +
> +  There are 4 defined types in TD memory.
> +  Unaccepted memory is a special type of private memory. The OVMF must
> +  invoke TDCALL [TDG.MEM.PAGE.ACCEPT] the unaccepted memory before use
> it.
> +
> +  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
> +
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +UINT64  mNumberOfDuplicatedAcceptedPages;
> +
> +/**
> +  This function accept a pending private page, and initialize the page to
> +  all-0 using the TD ephemeral private key.
> +
> +  @param[in]  StartAddress   Guest physical address of the private
> + page to accept.
> +  @param[in]  NumberOfPages  Number of the pages to be accepted.
> +
> +  @return EFI_SUCCESS
> +**/
> +EFI_STATUS
> +EFIAPI
> +TdAcceptPages (
> +  IN UINT64  StartAddress,
> +  IN UINT64  NumberOfPages
> +  )
> +{
> +  UINT64  Address;
> +  UINT64  Status;
> +  UINT64  Index;
> +
> +  //
> +  // Determine if we need to accept pages before use
> +  //
> +  if (FixedPcdGetBool(PcdUseTdxAcceptPage) == FALSE) {
> + return EFI_SUCCESS;
> +  }
> +
> +  Address = StartAddress;
> +
> +  for( Index = 0; Index < NumberOfPages; Index++) {
> +Status = TdCall(TDCALL_TDACCEPTPAGE,Address, 0, 0, 0);
> +if (Status != TDX_EXIT_REASON_SUCCESS) {
> +if ((Status & ~0xFFULL) == TDX_EXIT_REASON_PAGE_ALREADY_ACCEPTED)
> {
> +  ++mNumberOfDuplicatedAcceptedPages;
> +  DEBUG((DEBUG_VERBOSE, "Address %llx already accepted. Total number
> of already accepted pages %ld\n",
> +Address, mNumberOfDuplicatedAcceptedPages));
> +} else {
> +  DEBUG((DEBUG_ERROR, "Address %llx failed to be accepted. Error
> = %ld\n",
> +Address, Status));
> +  ASSERT(Status == TDX_EXIT_REASON_SUCCESS);
> +}
> +}
> +Address += EFI_PAGE_SIZE;
> +  }
> +  return EFI_SUCCESS;
> +}
> +
> diff --git a/OvmfPkg/Library/TdxLib/Rtmr.c b/OvmfPkg/Library/TdxLib/Rtmr.c
> new file mode 100644
> index ..a4b36b6c4bef
> --- /dev/null
> +++ b/OvmfPkg/Library/TdxLib/Rtmr.c
> @@ -0,0 +1,80 @@
> +/** @file
> +
> +  Extends one of the RTMR measurement registers in TDCS with the provided
> +  extension data in memory.
> +
> +  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
> +
> +  SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +#define RTMR_COUNT  4
> +
> +/**
> +  This function extends one of the RTMR measurement register
> +  in TDCS with the provided extension data in memory.
> +  RTMR extending supports SHA384 which length is 48 bytes.
> +
> +  @param[in]  Data  Point to the data to be extended
> +  @param[in]  DataLen   Length of the data. Must be 48
> +  @param[in]  Index RTMR index
> +
> +  @return 

Re: [edk2-devel] [PATCH V3 2/3] OvmfPkg: Add PCDs for TdxLib

[Yao, Jiewen]

Hi
May I understand why we need this : PcdUseTdxAcceptPage ?
I think accepting page is always required.


For PcdUseTdxEmulation, This is only for pre-production.
For real production, I don't think we need this one, right?


> -Original Message-
> From: Xu, Min M 
> Sent: Tuesday, March 9, 2021 2:13 PM
> To: devel@edk2.groups.io
> Cc: Xu, Min M ; Justen, Jordan L
> ; Laszlo Ersek ; Yao, Jiewen
> ; Reiland, Doug 
> Subject: [PATCH V3 2/3] OvmfPkg: Add PCDs for TdxLib
> 
> TdxLib for OvmfPkg depends on the below PCDs
>   - PcdUseTdxAcceptPage
> Indicate whether TdCall(AcceptPage) is used.
>   - PcdUseTdxEmulation
> Indicate whether TdxEmulation is used.
> 
> Cc: Jordan Justen 
> Cc: Laszlo Ersek 
> Cc: Jiewen Yao 
> 
> Signed-off-by: Min Xu 
> Signed-off-by: Doug Reiland 
> ---
>  OvmfPkg/OvmfPkg.dec | 6 ++
>  1 file changed, 6 insertions(+)
> 
> diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
> index 4348bb45c64a..68b3fd86d516 100644
> --- a/OvmfPkg/OvmfPkg.dec
> +++ b/OvmfPkg/OvmfPkg.dec
> @@ -317,6 +317,12 @@
>gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42
>gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43
> 
> +  ## Indicate whether TdCall(AcceptPage) is used.
> +  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxAcceptPage|TRUE|BOOLEAN|0x44
> +  ## Indicate whether TdxEmulation is used.
> +  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxEmulation|0x1|UINT32|0x45
> +
> +
>  [PcdsDynamic, PcdsDynamicEx]
>gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
> 
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN
> |0x10
> --
> 2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72571): https://edk2.groups.io/g/devel/message/72571
Mute This Topic: https://groups.io/mt/81195557/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH v1 1/1] EmbeddedPkg: DwMmcHcDxe: Add support for Designware SDMMC driver

[Loh, Tien Hock]

Please skip this patch, I missed one file in the patch.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72570): https://edk2.groups.io/g/devel/message/72570
Mute This Topic: https://groups.io/mt/81194433/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH V3 1/3] MdePkg: Add Tdx support lib

[Yao, Jiewen]

Hi Min
Some recommendation:

1) Please separate 1 big patch to multiple smaller ones.
1 patch for TdxLib
1 patch for Tdx protocol.
1 patch for TDX event log ACPI table.
1 patch for TDX Library.

2) The ACPI definition from TDX protocol should be isolated to TdxAcpi.h

#define EFI_TDX_EVENT_DATA_SIGNATURE  SIGNATURE_32 ('T', 'D', 'E', 'L')

3) There is no description for TD protocol itself and TD event data ACPI table. 
Please add them.

You may copy some content from the specification.

4) I think we are following TDX spec to provide TdxLib.
I don't see the need to provide NULL version in MdePkg. We can put real TdxLib 
to MdePkg.

5) If possible, please provide TDX spec link in the file header comment session.
As such, the reviewer can check the spec easily.


> -Original Message-
> From: Xu, Min M 
> Sent: Tuesday, March 9, 2021 2:13 PM
> To: devel@edk2.groups.io
> Cc: Xu, Min M ; Liming Gao
> ; Liu, Zhiguang ; Yao,
> Jiewen ; Reiland, Doug 
> Subject: [PATCH V3 1/3] MdePkg: Add Tdx support lib
> 
> Intel Trust Domain Extension (Intel TDX) refers to an Intel technology
> that extends Virtual Machines Extensions (VMX) and Multi-Key Total
> Memory Encryption (MKTME) with a new kind of virtual machine guest
> called a Trust Domain (TD).
> 
> TdxLib is created with functions to perform the related Tdx operation.
> This includes functions for:
>   - TdCall : to cause a VM exit to the Intel TDX module
>   - TdVmCall   : it is a leaf function 0 for TDCALL
>   - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
>   - TdReport   : to retrieve TDREPORT_STRUCT
>   - TdAcceptPages  : to accept pending private pages
>   - TdExtendRtmr   : to extend one of the RTMR registers
> 
> The base function in this dirver will not do anything and will return
> an error if a return value is required. It is expected that other
> packages (like OvmfPkg) will create a version of the library to fully
> support a TD guest.
> 
> Cc: Liming Gao 
> Cc: Zhiguang Liu 
> Cc: Jiewen Yao 
> 
> Signed-off-by: Min Xu 
> Signed-off-by: Doug Reiland 
> ---
>  MdePkg/Include/IndustryStandard/Tdx.h | 201 ++
>  MdePkg/Include/Library/TdxLib.h   | 165 +
>  MdePkg/Include/Protocol/Tdx.h |  29 
>  MdePkg/Library/TdxLib/TdxLibNull.c| 155 
>  MdePkg/Library/TdxLib/TdxLibNull.inf  |  33 +
>  5 files changed, 583 insertions(+)
>  create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
>  create mode 100644 MdePkg/Include/Library/TdxLib.h
>  create mode 100644 MdePkg/Include/Protocol/Tdx.h
>  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
>  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
> 
> diff --git a/MdePkg/Include/IndustryStandard/Tdx.h
> b/MdePkg/Include/IndustryStandard/Tdx.h
> new file mode 100644
> index ..dbcc31c26528
> --- /dev/null
> +++ b/MdePkg/Include/IndustryStandard/Tdx.h
> @@ -0,0 +1,201 @@
> +/** @file
> +  Intel Trust Domain Extension definitions
> +
> +  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD
> License
> +  which accompanies this distribution.  The full text of the license may be 
> found
> at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#ifndef _TDX_H_
> +#define _TDX_H_
> +
> +#define EXIT_REASON_EXTERNAL_INTERRUPT  1
> +#define EXIT_REASON_TRIPLE_FAULT2
> +
> +#define EXIT_REASON_PENDING_INTERRUPT   7
> +#define EXIT_REASON_NMI_WINDOW  8
> +#define EXIT_REASON_TASK_SWITCH 9
> +#define EXIT_REASON_CPUID   10
> +#define EXIT_REASON_HLT 12
> +#define EXIT_REASON_INVD13
> +#define EXIT_REASON_INVLPG  14
> +#define EXIT_REASON_RDPMC   15
> +#define EXIT_REASON_RDTSC   16
> +#define EXIT_REASON_VMCALL  18
> +#define EXIT_REASON_VMCLEAR 19
> +#define EXIT_REASON_VMLAUNCH20
> +#define EXIT_REASON_VMPTRLD 21
> +#define EXIT_REASON_VMPTRST 22
> +#define EXIT_REASON_VMREAD  23
> +#define EXIT_REASON_VMRESUME24
> +#define EXIT_REASON_VMWRITE 25
> +#define EXIT_REASON_VMOFF   26
> +#define EXIT_REASON_VMON27
> +#define EXIT_REASON_CR_ACCESS   28
> +#define EXIT_REASON_DR_ACCESS   29
> +#define EXIT_REASON_IO_INSTRUCTION  30
> +#define EXIT_REASON_MSR_READ31
> +#define EXIT_REASON_MSR_WRITE   32
> +#define EXIT_REASON_INVALID_STATE   33
> +#define EXIT_REASON_MSR_LOAD_FAIL   34
> +#define EXIT_REASON_MWAIT_INSTRUCTION   36
> +#define EXIT_REASON_MONITOR_TRAP_FLAG   37
> +#define 

[edk2-devel] [PATCH V3 3/3] OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

[Min Xu]

The base TdxLib in MdePkg/Library provides a default limited interface.
As it does not provide full support, create an OVMF version of this library
to begin the process of providing full support of TDX in OVMF.

Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 
---
 OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
 OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
 OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
 OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
 OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
 7 files changed, 679 insertions(+)
 create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
 create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm

diff --git a/OvmfPkg/Library/TdxLib/AcceptPages.c 
b/OvmfPkg/Library/TdxLib/AcceptPages.c
new file mode 100644
index ..3848bb6a95a4
--- /dev/null
+++ b/OvmfPkg/Library/TdxLib/AcceptPages.c
@@ -0,0 +1,68 @@
+/** @file
+
+  There are 4 defined types in TD memory.
+  Unaccepted memory is a special type of private memory. The OVMF must
+  invoke TDCALL [TDG.MEM.PAGE.ACCEPT] the unaccepted memory before use it.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+UINT64  mNumberOfDuplicatedAcceptedPages;
+
+/**
+  This function accept a pending private page, and initialize the page to
+  all-0 using the TD ephemeral private key.
+
+  @param[in]  StartAddress   Guest physical address of the private
+ page to accept.
+  @param[in]  NumberOfPages  Number of the pages to be accepted.
+
+  @return EFI_SUCCESS
+**/
+EFI_STATUS
+EFIAPI
+TdAcceptPages (
+  IN UINT64  StartAddress,
+  IN UINT64  NumberOfPages
+  )
+{
+  UINT64  Address;
+  UINT64  Status;
+  UINT64  Index;
+
+  //
+  // Determine if we need to accept pages before use
+  //
+  if (FixedPcdGetBool(PcdUseTdxAcceptPage) == FALSE) {
+ return EFI_SUCCESS;
+  }
+
+  Address = StartAddress;
+
+  for( Index = 0; Index < NumberOfPages; Index++) {
+Status = TdCall(TDCALL_TDACCEPTPAGE,Address, 0, 0, 0);
+if (Status != TDX_EXIT_REASON_SUCCESS) {
+if ((Status & ~0xFFULL) == TDX_EXIT_REASON_PAGE_ALREADY_ACCEPTED) {
+  ++mNumberOfDuplicatedAcceptedPages;
+  DEBUG((DEBUG_VERBOSE, "Address %llx already accepted. Total number 
of already accepted pages %ld\n",
+Address, mNumberOfDuplicatedAcceptedPages));
+} else {
+  DEBUG((DEBUG_ERROR, "Address %llx failed to be accepted. Error = 
%ld\n",
+Address, Status));
+  ASSERT(Status == TDX_EXIT_REASON_SUCCESS);
+}
+}
+Address += EFI_PAGE_SIZE;
+  }
+  return EFI_SUCCESS;
+}
+
diff --git a/OvmfPkg/Library/TdxLib/Rtmr.c b/OvmfPkg/Library/TdxLib/Rtmr.c
new file mode 100644
index ..a4b36b6c4bef
--- /dev/null
+++ b/OvmfPkg/Library/TdxLib/Rtmr.c
@@ -0,0 +1,80 @@
+/** @file
+
+  Extends one of the RTMR measurement registers in TDCS with the provided
+  extension data in memory.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define RTMR_COUNT  4
+
+/**
+  This function extends one of the RTMR measurement register
+  in TDCS with the provided extension data in memory.
+  RTMR extending supports SHA384 which length is 48 bytes.
+
+  @param[in]  Data  Point to the data to be extended
+  @param[in]  DataLen   Length of the data. Must be 48
+  @param[in]  Index RTMR index
+
+  @return EFI_SUCCESS
+  @return EFI_INVALID_PARAMETER
+  @return EFI_DEVICE_ERROR
+
+**/
+EFI_STATUS
+EFIAPI
+TdExtendRtmr(
+  IN  UINT32  *Data,
+  IN  UINT32  DataLen,
+  IN  UINT8   Index
+  )
+{
+  EFI_STATUSStatus;
+  UINT64*Buffer;
+  UINT64TdCallStatus;
+
+  Status = EFI_SUCCESS;
+
+  ASSERT(Index >= 0 && Index < RTMR_COUNT);
+  ASSERT(DataLen == SHA384_DIGEST_SIZE);
+
+  //
+  // Allocate 64B aligned mem to hold the sha384 hash value
+  //
+  Buffer = AllocateAlignedPages(EFI_SIZE_TO_PAGES(SHA384_DIGEST_SIZE), 64);
+  if(Data == NULL){
+return EFI_OUT_OF_RESOURCES;
+  }
+  CopyMem(Buffer, Data, SHA384_DIGEST_SIZE);
+
+  TdCallStatus = TdCall(TDCALL_TDEXTENDRTMR, (UINT64)Buffer, Index, 0, 0);
+
+  if(TdCallStatus == TDX_EXIT_REASON_SUCCESS){
+Status = EFI_SUCCESS;
+  }else 

[edk2-devel] [PATCH V3 0/3] Add TdxLib support for Intel TDX

[Min Xu]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3249

The patch series provides lib support for Intel Trust Domain Extensions
(Intel TDX).

Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a 
Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
confidentiality of TD memory contents and the TD's CPU state from other
software, including the hosting Virtual-Machine Monitor (VMM), unless
explicitly shared by the TD itself.

The Intel TDX module uses the instruction-set architecture for Intel TDX
and the MKTME engine in the SOC to help serve as an intermediary between
the host VMM and the guest TD. TDCALL is the instruction which allows TD
guest privileged software to make a call for service into an underlying
TDX-module.

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
  - TdCall : to cause a VM exit to the Intel TDX module
  - TdVmCall   : it is a leaf function 0 for TDCALL
  - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
  - TdReport   : to retrieve TDREPORT_STRUCT
  - TdAcceptPages  : to accept pending private pages
  - TdExtendRtmr   : to extend one of the RTMR registers

The base function in MdePkg will not do anything and will return an error
if a return value is required. It is expected that other packages
(like OvmfPkg) will create a version of the library to fully support a TD
guest.

We create an OVMF version of this library to begin the process of providing
full support of TDX in OVMF.

To support the emulation and test purpose, 2 PCDs are added in OvmfPkg.dec
  - PcdUseTdxAcceptPage
Indicate whether TdCall(AcceptPage) is used.
  - PcdUseTdxEmulation
Indicate whether TdxEmulation is used.

, defitions in TdxLib comes from:
  [1] Intel TDX(R) Module 1.0 EAS
  [2] Intel(R) TDX Guest-Hypervisor Communication Interface

Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 

Min Xu (3):
  MdePkg: Add Tdx support lib
  OvmfPkg: Add PCDs for TdxLib
  OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

 MdePkg/Include/IndustryStandard/Tdx.h| 201 +
 MdePkg/Include/Library/TdxLib.h  | 165 ++
 MdePkg/Include/Protocol/Tdx.h|  29 
 MdePkg/Library/TdxLib/TdxLibNull.c   | 155 +
 MdePkg/Library/TdxLib/TdxLibNull.inf |  33 
 OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
 OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
 OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
 OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
 OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
 OvmfPkg/OvmfPkg.dec  |   6 +
 13 files changed, 1268 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Include/Protocol/Tdx.h
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
 create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
 create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm

-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72565): https://edk2.groups.io/g/devel/message/72565
Mute This Topic: https://groups.io/mt/81195550/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V3 2/3] OvmfPkg: Add PCDs for TdxLib

[Min Xu]

TdxLib for OvmfPkg depends on the below PCDs
  - PcdUseTdxAcceptPage
Indicate whether TdCall(AcceptPage) is used.
  - PcdUseTdxEmulation
Indicate whether TdxEmulation is used.

Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 
---
 OvmfPkg/OvmfPkg.dec | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 4348bb45c64a..68b3fd86d516 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -317,6 +317,12 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43
 
+  ## Indicate whether TdCall(AcceptPage) is used.
+  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxAcceptPage|TRUE|BOOLEAN|0x44
+  ## Indicate whether TdxEmulation is used.
+  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxEmulation|0x1|UINT32|0x45
+
+
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72567): https://edk2.groups.io/g/devel/message/72567
Mute This Topic: https://groups.io/mt/81195557/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V3 1/3] MdePkg: Add Tdx support lib

[Min Xu]

Intel Trust Domain Extension (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total
Memory Encryption (MKTME) with a new kind of virtual machine guest
called a Trust Domain (TD).

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
  - TdCall : to cause a VM exit to the Intel TDX module
  - TdVmCall   : it is a leaf function 0 for TDCALL
  - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
  - TdReport   : to retrieve TDREPORT_STRUCT
  - TdAcceptPages  : to accept pending private pages
  - TdExtendRtmr   : to extend one of the RTMR registers

The base function in this dirver will not do anything and will return
an error if a return value is required. It is expected that other
packages (like OvmfPkg) will create a version of the library to fully
support a TD guest.

Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 
---
 MdePkg/Include/IndustryStandard/Tdx.h | 201 ++
 MdePkg/Include/Library/TdxLib.h   | 165 +
 MdePkg/Include/Protocol/Tdx.h |  29 
 MdePkg/Library/TdxLib/TdxLibNull.c| 155 
 MdePkg/Library/TdxLib/TdxLibNull.inf  |  33 +
 5 files changed, 583 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Include/Protocol/Tdx.h
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf

diff --git a/MdePkg/Include/IndustryStandard/Tdx.h 
b/MdePkg/Include/IndustryStandard/Tdx.h
new file mode 100644
index ..dbcc31c26528
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/Tdx.h
@@ -0,0 +1,201 @@
+/** @file
+  Intel Trust Domain Extension definitions
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD 
License
+  which accompanies this distribution.  The full text of the license may be 
found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _TDX_H_
+#define _TDX_H_
+
+#define EXIT_REASON_EXTERNAL_INTERRUPT  1
+#define EXIT_REASON_TRIPLE_FAULT2
+
+#define EXIT_REASON_PENDING_INTERRUPT   7
+#define EXIT_REASON_NMI_WINDOW  8
+#define EXIT_REASON_TASK_SWITCH 9
+#define EXIT_REASON_CPUID   10
+#define EXIT_REASON_HLT 12
+#define EXIT_REASON_INVD13
+#define EXIT_REASON_INVLPG  14
+#define EXIT_REASON_RDPMC   15
+#define EXIT_REASON_RDTSC   16
+#define EXIT_REASON_VMCALL  18
+#define EXIT_REASON_VMCLEAR 19
+#define EXIT_REASON_VMLAUNCH20
+#define EXIT_REASON_VMPTRLD 21
+#define EXIT_REASON_VMPTRST 22
+#define EXIT_REASON_VMREAD  23
+#define EXIT_REASON_VMRESUME24
+#define EXIT_REASON_VMWRITE 25
+#define EXIT_REASON_VMOFF   26
+#define EXIT_REASON_VMON27
+#define EXIT_REASON_CR_ACCESS   28
+#define EXIT_REASON_DR_ACCESS   29
+#define EXIT_REASON_IO_INSTRUCTION  30
+#define EXIT_REASON_MSR_READ31
+#define EXIT_REASON_MSR_WRITE   32
+#define EXIT_REASON_INVALID_STATE   33
+#define EXIT_REASON_MSR_LOAD_FAIL   34
+#define EXIT_REASON_MWAIT_INSTRUCTION   36
+#define EXIT_REASON_MONITOR_TRAP_FLAG   37
+#define EXIT_REASON_MONITOR_INSTRUCTION 39
+#define EXIT_REASON_PAUSE_INSTRUCTION   40
+#define EXIT_REASON_MCE_DURING_VMENTRY  41
+#define EXIT_REASON_TPR_BELOW_THRESHOLD 43
+#define EXIT_REASON_APIC_ACCESS 44
+#define EXIT_REASON_EOI_INDUCED 45
+#define EXIT_REASON_GDTR_IDTR   46
+#define EXIT_REASON_LDTR_TR 47
+#define EXIT_REASON_EPT_VIOLATION   48
+#define EXIT_REASON_EPT_MISCONFIG   49
+#define EXIT_REASON_INVEPT  50
+#define EXIT_REASON_RDTSCP  51
+#define EXIT_REASON_PREEMPTION_TIMER52
+#define EXIT_REASON_INVVPID 53
+#define EXIT_REASON_WBINVD  54
+#define EXIT_REASON_XSETBV  55
+#define EXIT_REASON_APIC_WRITE  56
+#define EXIT_REASON_RDRAND  57
+#define EXIT_REASON_INVPCID 58
+#define EXIT_REASON_VMFUNC  59
+#define EXIT_REASON_ENCLS   60
+#define EXIT_REASON_RDSEED  61
+#define EXIT_REASON_PML_FULL62
+#define EXIT_REASON_XSAVES  63
+#define EXIT_REASON_XRSTORS 64
+
+// TDCALL API Function Completion Status Codes
+#define TDX_EXIT_REASON_SUCCESS 0x

Re: [edk2-devel] [PATCH 1/3] MdePkg: Add Tdx support lib

[Min Xu]

Hi, Liming
In https://software.intel.com/content/www/us/en/develop/articles/
intel-trust-domain-extensions.html, there are documents:
  [1] Intel TDX(R) Module 1.0 EAS
  [2] Intel(R) TDX Guest-Hypervisor Communication Interface

Defition of MdePkg/Include/IndustryStandard/Tdx.h comes from [1][2]
Defition of MdePkg/Include/Protocol/Tdx.h Comes from [2] Chap 4.3


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of
> gaoliming
> Sent: Tuesday, March 9, 2021 9:39 AM
> To: devel@edk2.groups.io; Xu, Min M 
> Cc: Reiland, Doug ; Liu, Zhiguang
> ; Yao, Jiewen 
> Subject: 回复: [edk2-devel] [PATCH 1/3] MdePkg: Add Tdx support lib
> 
> Min:
> 
> Where is the definition in MdePkg/Include/IndustryStandard/Tdx.h from?
> Is it from
> https://software.intel.com/content/www/us/en/develop/articles/intel-
> trust-do
> main-extensions.html?
> 
> Where is the definition in MdePkg/Include/Protocol/Tdx.h from?
> 
> Thanks
> Liming
> > -邮件原件-
> > 发件人: devel@edk2.groups.io  代表
> > min.m...@intel.com
> > 发送时间: 2021年3月9日 8:55
> > 收件人: devel@edk2.groups.io
> > 抄送: Min Xu ; Doug Reiland
> > ; Liming Gao ;
> > Zhiguang Liu ; Jiewen Yao
> > 
> > 主题: [edk2-devel] [PATCH 1/3] MdePkg: Add Tdx support lib
> >
> > From: Min Xu 
> >
> > Intel Trust Domain Extension (Intel TDX) refers to an Intel technology
> > that extends Virtual Machines Extensions (VMX) and Multi-Key Total
> > Memory Encryption (MKTME) with a new kind of virtual machine guest
> > called a Trust Domain (TD).
> >
> > TdxLib is created with functions to perform the related Tdx operation.
> > This includes functions for:
> >   - TdCall : to cause a VM exit to the Intel TDX module
> >   - TdVmCall   : it is a leaf function 0 for TDCALL
> >   - TdVmCallCpuid  : enable the TD guest to request VMM to emulate
> > CPUID
> >   - TdReport   : to retrieve TDREPORT_STRUCT
> >   - TdAcceptPages  : to accept pending private pages
> >   - TdExtendRtmr   : to extend one of the RTMR registers
> >
> > The base function in this dirver will not do anything and will return
> > an error if a return value is required. It is expected that other
> > packages (like OvmfPkg) will create a version of the library to fully
> > support a TD guest.
> >
> > Signed-off-by: Min Xu 
> > Signed-off-by: Doug Reiland 
> >
> > CC: Liming Gao 
> > CC: Zhiguang Liu 
> > CC: Jiewen Yao 
> > ---
> >  MdePkg/Include/IndustryStandard/Tdx.h | 201
> > ++
> >  MdePkg/Include/Library/TdxLib.h   | 165 +
> >  MdePkg/Include/Protocol/Tdx.h |  22 +++
> >  MdePkg/Library/TdxLib/TdxLibNull.c| 155 
> >  MdePkg/Library/TdxLib/TdxLibNull.inf  |  33 +
> >  5 files changed, 576 insertions(+)
> >  create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
> >  create mode 100644 MdePkg/Include/Library/TdxLib.h  create mode
> > 100644 MdePkg/Include/Protocol/Tdx.h  create mode 100644
> > MdePkg/Library/TdxLib/TdxLibNull.c
> >  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
> >
> > diff --git a/MdePkg/Include/IndustryStandard/Tdx.h
> > b/MdePkg/Include/IndustryStandard/Tdx.h
> > new file mode 100644
> > index 00..dbcc31c265
> > --- /dev/null
> > +++ b/MdePkg/Include/IndustryStandard/Tdx.h
> > @@ -0,0 +1,201 @@
> > +/** @file
> >
> > +  Intel Trust Domain Extension definitions
> >
> > +
> >
> > +  Copyright (c) 2020 - 2021, Intel Corporation. All rights
> > + reserved.
> >
> > +  This program and the accompanying materials
> >
> > +  are licensed and made available under the terms and conditions of
> > + the
> > BSD License
> >
> > +  which accompanies this distribution.  The full text of the license
> > + may
> be
> > found at
> >
> > +  http://opensource.org/licenses/bsd-license.php
> >
> > +
> >
> > +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> > BASIS,
> >
> > +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> > EXPRESS OR IMPLIED.
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#ifndef _TDX_H_
> >
> > +#define _TDX_H_
> >
> > +
> >
> > +#define EXIT_REASON_EXTERNAL_INTERRUPT  1
> >
> > +#define EXIT_REASON_TRIPLE_FAULT2
> >
> > +
> >
> > +#define EXIT_REASON_PENDING_INTERRUPT   7
> >
> > +#define EXIT_REASON_NMI_WINDOW  8
> >
> > +#define EXIT_REASON_TASK_SWITCH 9
> >
> > +#define EXIT_REASON_CPUID   10
> >
> > +#define EXIT_REASON_HLT 12
> >
> > +#define EXIT_REASON_INVD13
> >
> > +#define EXIT_REASON_INVLPG  14
> >
> > +#define EXIT_REASON_RDPMC   15
> >
> > +#define EXIT_REASON_RDTSC   16
> >
> > +#define EXIT_REASON_VMCALL  18
> >
> > +#define EXIT_REASON_VMCLEAR 19
> >
> > +#define EXIT_REASON_VMLAUNCH20
> >
> > +#define EXIT_REASON_VMPTRLD 21
> >
> > +#define EXIT_REASON_VMPTRST 22
> >
> > +#define EXIT_REASON_VMREAD  23
> >
> > +#define EXIT_REASON_VMRESUME24
> >
> > 

[edk2-devel] [PATCH v1 0/1] Add support for Designware SDMMC driver

[Loh, Tien Hock]

From: Loh Tien Hock 

This adds support for Designware SDMMC driver. The SDMMC driver depends on
MdeModulePkg/Bus/Sd/, and produces EFI_SD_MMC_PASS_THRU_PROTOCOL. The
driver uses MMIO to read/write, and uses
gEdkiiNonDiscoverableDeviceProtocolGuid. Platform needs to register device
with gEdkiiNonDiscoverableDeviceProtocolGuid.

Tien Hock, Loh (1):
  EmbeddedPkg: DwMmcHcDxe: Add support for Designware SDMMC driver

 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.dec  |   40 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.inf  |   70 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.h|  817 ++
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.h  |  985 
 EmbeddedPkg/Drivers/DwMmcHcDxe/ComponentName.c |  214 +++
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.c| 1305 
 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.c  | 1603 
 EmbeddedPkg/Drivers/DwMmcHcDxe/EmmcDevice.c| 1042 +
 EmbeddedPkg/Drivers/DwMmcHcDxe/SdDevice.c  | 1105 ++
 9 files changed, 7181 insertions(+)
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.dec
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.inf
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.h
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.h
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/ComponentName.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHcDxe.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/DwMmcHci.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/EmmcDevice.c
 create mode 100644 EmbeddedPkg/Drivers/DwMmcHcDxe/SdDevice.c

-- 
2.12.3



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72562): https://edk2.groups.io/g/devel/message/72562
Mute This Topic: https://groups.io/mt/81194432/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V2 3/3] OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

[Min Xu]

The base TdxLib in MdePkg/Library provides a default limited interface.
As it does not provide full support, create an OVMF version of this library
to begin the process of providing full support of TDX in OVMF.

Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 
---
 OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
 OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
 OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
 OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
 OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
 7 files changed, 679 insertions(+)
 create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
 create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm

diff --git a/OvmfPkg/Library/TdxLib/AcceptPages.c 
b/OvmfPkg/Library/TdxLib/AcceptPages.c
new file mode 100644
index ..3848bb6a95a4
--- /dev/null
+++ b/OvmfPkg/Library/TdxLib/AcceptPages.c
@@ -0,0 +1,68 @@
+/** @file
+
+  There are 4 defined types in TD memory.
+  Unaccepted memory is a special type of private memory. The OVMF must
+  invoke TDCALL [TDG.MEM.PAGE.ACCEPT] the unaccepted memory before use it.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+UINT64  mNumberOfDuplicatedAcceptedPages;
+
+/**
+  This function accept a pending private page, and initialize the page to
+  all-0 using the TD ephemeral private key.
+
+  @param[in]  StartAddress   Guest physical address of the private
+ page to accept.
+  @param[in]  NumberOfPages  Number of the pages to be accepted.
+
+  @return EFI_SUCCESS
+**/
+EFI_STATUS
+EFIAPI
+TdAcceptPages (
+  IN UINT64  StartAddress,
+  IN UINT64  NumberOfPages
+  )
+{
+  UINT64  Address;
+  UINT64  Status;
+  UINT64  Index;
+
+  //
+  // Determine if we need to accept pages before use
+  //
+  if (FixedPcdGetBool(PcdUseTdxAcceptPage) == FALSE) {
+ return EFI_SUCCESS;
+  }
+
+  Address = StartAddress;
+
+  for( Index = 0; Index < NumberOfPages; Index++) {
+Status = TdCall(TDCALL_TDACCEPTPAGE,Address, 0, 0, 0);
+if (Status != TDX_EXIT_REASON_SUCCESS) {
+if ((Status & ~0xFFULL) == TDX_EXIT_REASON_PAGE_ALREADY_ACCEPTED) {
+  ++mNumberOfDuplicatedAcceptedPages;
+  DEBUG((DEBUG_VERBOSE, "Address %llx already accepted. Total number 
of already accepted pages %ld\n",
+Address, mNumberOfDuplicatedAcceptedPages));
+} else {
+  DEBUG((DEBUG_ERROR, "Address %llx failed to be accepted. Error = 
%ld\n",
+Address, Status));
+  ASSERT(Status == TDX_EXIT_REASON_SUCCESS);
+}
+}
+Address += EFI_PAGE_SIZE;
+  }
+  return EFI_SUCCESS;
+}
+
diff --git a/OvmfPkg/Library/TdxLib/Rtmr.c b/OvmfPkg/Library/TdxLib/Rtmr.c
new file mode 100644
index ..a4b36b6c4bef
--- /dev/null
+++ b/OvmfPkg/Library/TdxLib/Rtmr.c
@@ -0,0 +1,80 @@
+/** @file
+
+  Extends one of the RTMR measurement registers in TDCS with the provided
+  extension data in memory.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define RTMR_COUNT  4
+
+/**
+  This function extends one of the RTMR measurement register
+  in TDCS with the provided extension data in memory.
+  RTMR extending supports SHA384 which length is 48 bytes.
+
+  @param[in]  Data  Point to the data to be extended
+  @param[in]  DataLen   Length of the data. Must be 48
+  @param[in]  Index RTMR index
+
+  @return EFI_SUCCESS
+  @return EFI_INVALID_PARAMETER
+  @return EFI_DEVICE_ERROR
+
+**/
+EFI_STATUS
+EFIAPI
+TdExtendRtmr(
+  IN  UINT32  *Data,
+  IN  UINT32  DataLen,
+  IN  UINT8   Index
+  )
+{
+  EFI_STATUSStatus;
+  UINT64*Buffer;
+  UINT64TdCallStatus;
+
+  Status = EFI_SUCCESS;
+
+  ASSERT(Index >= 0 && Index < RTMR_COUNT);
+  ASSERT(DataLen == SHA384_DIGEST_SIZE);
+
+  //
+  // Allocate 64B aligned mem to hold the sha384 hash value
+  //
+  Buffer = AllocateAlignedPages(EFI_SIZE_TO_PAGES(SHA384_DIGEST_SIZE), 64);
+  if(Data == NULL){
+return EFI_OUT_OF_RESOURCES;
+  }
+  CopyMem(Buffer, Data, SHA384_DIGEST_SIZE);
+
+  TdCallStatus = TdCall(TDCALL_TDEXTENDRTMR, (UINT64)Buffer, Index, 0, 0);
+
+  if(TdCallStatus == TDX_EXIT_REASON_SUCCESS){
+Status = EFI_SUCCESS;
+  }else 

[edk2-devel] [PATCH V2 1/3] MdePkg: Add Tdx support lib

[Min Xu]

Intel Trust Domain Extension (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total
Memory Encryption (MKTME) with a new kind of virtual machine guest
called a Trust Domain (TD).

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
  - TdCall : to cause a VM exit to the Intel TDX module
  - TdVmCall   : it is a leaf function 0 for TDCALL
  - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
  - TdReport   : to retrieve TDREPORT_STRUCT
  - TdAcceptPages  : to accept pending private pages
  - TdExtendRtmr   : to extend one of the RTMR registers

The base function in this dirver will not do anything and will return
an error if a return value is required. It is expected that other
packages (like OvmfPkg) will create a version of the library to fully
support a TD guest.

Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 
---
 MdePkg/Include/IndustryStandard/Tdx.h | 201 ++
 MdePkg/Include/Library/TdxLib.h   | 165 +
 MdePkg/Include/Protocol/Tdx.h |  22 +++
 MdePkg/Library/TdxLib/TdxLibNull.c| 155 
 MdePkg/Library/TdxLib/TdxLibNull.inf  |  33 +
 5 files changed, 576 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Include/Protocol/Tdx.h
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf

diff --git a/MdePkg/Include/IndustryStandard/Tdx.h 
b/MdePkg/Include/IndustryStandard/Tdx.h
new file mode 100644
index ..dbcc31c26528
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/Tdx.h
@@ -0,0 +1,201 @@
+/** @file
+  Intel Trust Domain Extension definitions
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD 
License
+  which accompanies this distribution.  The full text of the license may be 
found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _TDX_H_
+#define _TDX_H_
+
+#define EXIT_REASON_EXTERNAL_INTERRUPT  1
+#define EXIT_REASON_TRIPLE_FAULT2
+
+#define EXIT_REASON_PENDING_INTERRUPT   7
+#define EXIT_REASON_NMI_WINDOW  8
+#define EXIT_REASON_TASK_SWITCH 9
+#define EXIT_REASON_CPUID   10
+#define EXIT_REASON_HLT 12
+#define EXIT_REASON_INVD13
+#define EXIT_REASON_INVLPG  14
+#define EXIT_REASON_RDPMC   15
+#define EXIT_REASON_RDTSC   16
+#define EXIT_REASON_VMCALL  18
+#define EXIT_REASON_VMCLEAR 19
+#define EXIT_REASON_VMLAUNCH20
+#define EXIT_REASON_VMPTRLD 21
+#define EXIT_REASON_VMPTRST 22
+#define EXIT_REASON_VMREAD  23
+#define EXIT_REASON_VMRESUME24
+#define EXIT_REASON_VMWRITE 25
+#define EXIT_REASON_VMOFF   26
+#define EXIT_REASON_VMON27
+#define EXIT_REASON_CR_ACCESS   28
+#define EXIT_REASON_DR_ACCESS   29
+#define EXIT_REASON_IO_INSTRUCTION  30
+#define EXIT_REASON_MSR_READ31
+#define EXIT_REASON_MSR_WRITE   32
+#define EXIT_REASON_INVALID_STATE   33
+#define EXIT_REASON_MSR_LOAD_FAIL   34
+#define EXIT_REASON_MWAIT_INSTRUCTION   36
+#define EXIT_REASON_MONITOR_TRAP_FLAG   37
+#define EXIT_REASON_MONITOR_INSTRUCTION 39
+#define EXIT_REASON_PAUSE_INSTRUCTION   40
+#define EXIT_REASON_MCE_DURING_VMENTRY  41
+#define EXIT_REASON_TPR_BELOW_THRESHOLD 43
+#define EXIT_REASON_APIC_ACCESS 44
+#define EXIT_REASON_EOI_INDUCED 45
+#define EXIT_REASON_GDTR_IDTR   46
+#define EXIT_REASON_LDTR_TR 47
+#define EXIT_REASON_EPT_VIOLATION   48
+#define EXIT_REASON_EPT_MISCONFIG   49
+#define EXIT_REASON_INVEPT  50
+#define EXIT_REASON_RDTSCP  51
+#define EXIT_REASON_PREEMPTION_TIMER52
+#define EXIT_REASON_INVVPID 53
+#define EXIT_REASON_WBINVD  54
+#define EXIT_REASON_XSETBV  55
+#define EXIT_REASON_APIC_WRITE  56
+#define EXIT_REASON_RDRAND  57
+#define EXIT_REASON_INVPCID 58
+#define EXIT_REASON_VMFUNC  59
+#define EXIT_REASON_ENCLS   60
+#define EXIT_REASON_RDSEED  61
+#define EXIT_REASON_PML_FULL62
+#define EXIT_REASON_XSAVES  63
+#define EXIT_REASON_XRSTORS 64
+
+// TDCALL API Function Completion Status Codes
+#define TDX_EXIT_REASON_SUCCESS 0x

[edk2-devel] [PATCH V2 2/3] OvmfPkg: Add PCDs for TdxLib

[Min Xu]

TdxLib for OvmfPkg depends on the below PCDs
  - PcdUseTdxAcceptPage
Indicate whether TdCall(AcceptPage) is used.
  - PcdUseTdxEmulation
Indicate whether TdxEmulation is used.

Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 
---
 OvmfPkg/OvmfPkg.dec | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 4348bb45c64a..68b3fd86d516 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -317,6 +317,12 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43
 
+  ## Indicate whether TdCall(AcceptPage) is used.
+  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxAcceptPage|TRUE|BOOLEAN|0x44
+  ## Indicate whether TdxEmulation is used.
+  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxEmulation|0x1|UINT32|0x45
+
+
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72560): https://edk2.groups.io/g/devel/message/72560
Mute This Topic: https://groups.io/mt/81193346/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH V2 0/3] Add TdxLib support for Intel TDX

[Min Xu]

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3249

The patch series provides lib support for Intel Trust Domain Extensions
(Intel TDX).

Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a 
Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
confidentiality of TD memory contents and the TD's CPU state from other
software, including the hosting Virtual-Machine Monitor (VMM), unless
explicitly shared by the TD itself.

The Intel TDX module uses the instruction-set architecture for Intel TDX
and the MKTME engine in the SOC to help serve as an intermediary between
the host VMM and the guest TD. TDCALL is the instruction which allows TD
guest privileged software to make a call for service into an underlying
TDX-module.

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
  - TdCall : to cause a VM exit to the Intel TDX module
  - TdVmCall   : it is a leaf function 0 for TDCALL
  - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
  - TdReport   : to retrieve TDREPORT_STRUCT
  - TdAcceptPages  : to accept pending private pages
  - TdExtendRtmr   : to extend one of the RTMR registers

The base function in MdePkg will not do anything and will return an error
if a return value is required. It is expected that other packages
(like OvmfPkg) will create a version of the library to fully support a TD
guest.

We create an OVMF version of this library to begin the process of providing
full support of TDX in OVMF.

To support the emulation and test purpose, 2 PCDs are added in OvmfPkg.dec
  - PcdUseTdxAcceptPage
Indicate whether TdCall(AcceptPage) is used.
  - PcdUseTdxEmulation
Indicate whether TdxEmulation is used.

See 

Cc: Liming Gao 
Cc: Zhiguang Liu 
Cc: Jordan Justen 
Cc: Laszlo Ersek 
Cc: Jiewen Yao 

Signed-off-by: Min Xu 
Min Xu (3):
  MdePkg: Add Tdx support lib
  OvmfPkg: Add PCDs for TdxLib
  OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

 MdePkg/Include/IndustryStandard/Tdx.h| 201 +
 MdePkg/Include/Library/TdxLib.h  | 165 ++
 MdePkg/Include/Protocol/Tdx.h|  22 +++
 MdePkg/Library/TdxLib/TdxLibNull.c   | 155 +
 MdePkg/Library/TdxLib/TdxLibNull.inf |  33 
 OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
 OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
 OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
 OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
 OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
 OvmfPkg/OvmfPkg.dec  |   6 +
 13 files changed, 1261 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Include/Protocol/Tdx.h
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
 create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
 create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm

-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72558): https://edk2.groups.io/g/devel/message/72558
Mute This Topic: https://groups.io/mt/81193344/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] TianoCore Bug Triage - APAC / NAMO - Tue, 03/09/2021 6:30pm-7:30pm #cal-reminder

[devel@edk2.groups.io Calendar]

*Reminder:* TianoCore Bug Triage - APAC / NAMO

*When:* Tuesday, 9 March 2021, 6:30pm to 7:30pm, (GMT-08:00) America/Los Angeles

*Where:* 
https://meetingsamer34.webex.com/meetingsamer34/j.php?MTID=mb96c5bd411bd010e1e6d43a6f6c65f45

View Event ( https://edk2.groups.io/g/devel/viewevent?eventid=1055055 )

*Organizer:* Liming Gao gaolim...@byosoft.com.cn ( 
gaolim...@byosoft.com.cn?subject=Re:%20Event:%20TianoCore%20Bug%20Triage%20-%20APAC%20%2F%20NAMO
 )

*Description:*

TianoCore Bug Triage - APAC / NAMO

Hosted by Liming Gao

https://meetingsamer34.webex.com/meetingsamer34/j.php?MTID=mb96c5bd411bd010e1e6d43a6f6c65f45

Wednesday, Jan 20, 2021 10:30 am | 50 minutes | (UTC+08:00) Beijing, Chongqing, 
Hong Kong, Urumqi

Occurs every Wednesday effective 1/20/2021 from 10:30 AM to 11:20 AM, 
(UTC+08:00) Beijing, Chongqing, Hong Kong, Urumqi

Meeting number: 126 867 1239

Password: ZhqYQunw246 (94797869 from video systems)

d8edc6c9604344b08f727b4bf054eaac_20210120T023000Z

Join by video system

Dial 1268671...@meetingsamer34.webex.com

You can also dial 173.243.2.68 and enter your meeting number.

Join by phone

Use VoIP only


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72557): https://edk2.groups.io/g/devel/message/72557
Mute This Topic: https://groups.io/mt/81192571/21656
Mute #cal-reminder:https://edk2.groups.io/g/devel/mutehashtag/cal-reminder
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] MdeModulePkg: Initialize local variable value before they are used

[Wu, Hao A]

> -Original Message-
> From: Liming Gao 
> Sent: Tuesday, March 9, 2021 9:24 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J ; Wu, Hao A 
> Subject: [PATCH] MdeModulePkg: Initialize local variable value before they are
> used
> 
> This change is to fix the compiler error on GCC49 release build.


Thanks Liming. The patch looks good to me:
Reviewed-by: Hao A Wu 

I have one question that I think both the reports are false positives.
Do you think it will be better to add this information in the commit message?

Best Regards,
Hao Wu


> 
> Cc: Jian J Wang 
> Cc: Hao A Wu 
> Signed-off-by: Liming Gao 
> ---
>  MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c | 1 +
>  .../Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c| 1 +
>  2 files changed, 2 insertions(+)
> 
> diff --git a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
> b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
> index e99a812a44..0779f94f9e 100644
> --- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
> +++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
> @@ -1122,6 +1122,7 @@ AhciDmaTransfer (
> 
>Map   = NULL;
>PciIo = Instance->PciIo;
> +  Status = EFI_SUCCESS;
> 
>if (PciIo == NULL) {
>  return EFI_INVALID_PARAMETER;
> diff --git
> a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
> b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
> index 0c9299c8b0..7822cbf4bb 100644
> ---
> a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
> +++
> b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
> @@ -117,6 +117,7 @@ CreateBasicVariablePolicy (
> 
>// Now we've gotta determine the total size of the buffer required for
>// the VariablePolicy structure.
> +  NameSize  = 0;
>TotalSize = sizeof( VARIABLE_POLICY_ENTRY );
>if (Name != NULL) {
>  NameSize = StrnSizeS( Name, MAX_UINT16 );
> --
> 2.27.0.windows.1
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72556): https://edk2.groups.io/g/devel/message/72556
Mute This Topic: https://groups.io/mt/81191206/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

回复: [edk2-devel] [PATCH 0/3] Add TdxLib support for Intel TDX

[gaoliming]

Min:
  This is a new feature. Please submit one BZ to catch it. 

Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io  代表
> min.m...@intel.com
> 发送时间: 2021年3月9日 8:55
> 收件人: devel@edk2.groups.io
> 抄送: Min Xu ; Liming Gao
> ; Zhiguang Liu ; Jordan
> Justen ; Laszlo Ersek ;
> Jiewen Yao 
> 主题: [edk2-devel] [PATCH 0/3] Add TdxLib support for Intel TDX
> 
> From: Min Xu 
> 
> The patch series provides lib support for Intel Trust Domain Extensions
> (Intel TDX).
> 
> Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
> that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
> Encryption (MKTME) with a new kind of virutal machines guest called a
> Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
> confidentiality of TD memory contents and the TD's CPU state from other
> software, including the hosting Virtual-Machine Monitor (VMM), unless
> explicitly shared by the TD itself.
> 
> The Intel TDX module uses the instruction-set architecture for Intel TDX
> and the MKTME engine in the SOC to help serve as an intermediary between
> the host VMM and the guest TD. TDCALL is the instruction which allows TD
> guest privileged software to make a call for service into an underlying
> TDX-module.
> 
> TdxLib is created with functions to perform the related Tdx operation.
> This includes functions for:
>   - TdCall : to cause a VM exit to the Intel TDX module
>   - TdVmCall   : it is a leaf function 0 for TDCALL
>   - TdVmCallCpuid  : enable the TD guest to request VMM to emulate
> CPUID
>   - TdReport   : to retrieve TDREPORT_STRUCT
>   - TdAcceptPages  : to accept pending private pages
>   - TdExtendRtmr   : to extend one of the RTMR registers
> 
> The base function in MdePkg will not do anything and will return an error
> if a return value is required. It is expected that other packages
> (like OvmfPkg) will create a version of the library to fully support a TD
> guest.
> 
> We create an OVMF version of this library to begin the process of
providing
> full support of TDX in OVMF.
> 
> To support the emulation and test purpose, 2 PCDs are added in OvmfPkg.dec
>   - PcdUseTdxAcceptPage
> Indicate whether TdCall(AcceptPage) is used.
>   - PcdUseTdxEmulation
> Indicate whether TdxEmulation is used.
> 
> See  intel-trust-domain-extensions.html>
> 
> CC: Liming Gao 
> CC: Zhiguang Liu 
> CC: Jordan Justen 
> CC: Laszlo Ersek 
> CC: Jiewen Yao 
> 
> Signed-off-by: Min Xu 
> 
> Min Xu (3):
>   MdePkg: Add Tdx support lib
>   OvmfPkg: Add PCDs for TdxLib
>   OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF
> 
>  MdePkg/Include/IndustryStandard/Tdx.h| 201
> +
>  MdePkg/Include/Library/TdxLib.h  | 165 ++
>  MdePkg/Include/Protocol/Tdx.h|  22 +++
>  MdePkg/Library/TdxLib/TdxLibNull.c   | 155 +
>  MdePkg/Library/TdxLib/TdxLibNull.inf |  33 
>  OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
>  OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
>  OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
>  OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
>  OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
>  OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
>  OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211
> +++
>  OvmfPkg/OvmfPkg.dec  |   6 +
>  13 files changed, 1261 insertions(+)
>  create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
>  create mode 100644 MdePkg/Include/Library/TdxLib.h
>  create mode 100644 MdePkg/Include/Protocol/Tdx.h
>  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
>  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
>  create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
>  create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
>  create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
>  create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
>  create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
>  create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
>  create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm
> 
> --
> 2.29.2.windows.2
> 
> 
> 
> 
> 





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72554): https://edk2.groups.io/g/devel/message/72554
Mute This Topic: https://groups.io/mt/81191437/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

回复: [edk2-devel] [PATCH 1/3] MdePkg: Add Tdx support lib

[gaoliming]

Min:
 
Where is the definition in MdePkg/Include/IndustryStandard/Tdx.h from? 
Is it from
https://software.intel.com/content/www/us/en/develop/articles/intel-trust-do
main-extensions.html?

Where is the definition in MdePkg/Include/Protocol/Tdx.h from?

Thanks
Liming
> -邮件原件-
> 发件人: devel@edk2.groups.io  代表
> min.m...@intel.com
> 发送时间: 2021年3月9日 8:55
> 收件人: devel@edk2.groups.io
> 抄送: Min Xu ; Doug Reiland
> ; Liming Gao ;
> Zhiguang Liu ; Jiewen Yao 
> 主题: [edk2-devel] [PATCH 1/3] MdePkg: Add Tdx support lib
> 
> From: Min Xu 
> 
> Intel Trust Domain Extension (Intel TDX) refers to an Intel technology
> that extends Virtual Machines Extensions (VMX) and Multi-Key Total
> Memory Encryption (MKTME) with a new kind of virtual machine guest
> called a Trust Domain (TD).
> 
> TdxLib is created with functions to perform the related Tdx operation.
> This includes functions for:
>   - TdCall : to cause a VM exit to the Intel TDX module
>   - TdVmCall   : it is a leaf function 0 for TDCALL
>   - TdVmCallCpuid  : enable the TD guest to request VMM to emulate
> CPUID
>   - TdReport   : to retrieve TDREPORT_STRUCT
>   - TdAcceptPages  : to accept pending private pages
>   - TdExtendRtmr   : to extend one of the RTMR registers
> 
> The base function in this dirver will not do anything and will return
> an error if a return value is required. It is expected that other
> packages (like OvmfPkg) will create a version of the library to fully
> support a TD guest.
> 
> Signed-off-by: Min Xu 
> Signed-off-by: Doug Reiland 
> 
> CC: Liming Gao 
> CC: Zhiguang Liu 
> CC: Jiewen Yao 
> ---
>  MdePkg/Include/IndustryStandard/Tdx.h | 201
> ++
>  MdePkg/Include/Library/TdxLib.h   | 165 +
>  MdePkg/Include/Protocol/Tdx.h |  22 +++
>  MdePkg/Library/TdxLib/TdxLibNull.c| 155 
>  MdePkg/Library/TdxLib/TdxLibNull.inf  |  33 +
>  5 files changed, 576 insertions(+)
>  create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
>  create mode 100644 MdePkg/Include/Library/TdxLib.h
>  create mode 100644 MdePkg/Include/Protocol/Tdx.h
>  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
>  create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
> 
> diff --git a/MdePkg/Include/IndustryStandard/Tdx.h
> b/MdePkg/Include/IndustryStandard/Tdx.h
> new file mode 100644
> index 00..dbcc31c265
> --- /dev/null
> +++ b/MdePkg/Include/IndustryStandard/Tdx.h
> @@ -0,0 +1,201 @@
> +/** @file
> 
> +  Intel Trust Domain Extension definitions
> 
> +
> 
> +  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
> 
> +  This program and the accompanying materials
> 
> +  are licensed and made available under the terms and conditions of the
> BSD License
> 
> +  which accompanies this distribution.  The full text of the license may
be
> found at
> 
> +  http://opensource.org/licenses/bsd-license.php
> 
> +
> 
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
> BASIS,
> 
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
> EXPRESS OR IMPLIED.
> 
> +
> 
> +**/
> 
> +
> 
> +#ifndef _TDX_H_
> 
> +#define _TDX_H_
> 
> +
> 
> +#define EXIT_REASON_EXTERNAL_INTERRUPT  1
> 
> +#define EXIT_REASON_TRIPLE_FAULT2
> 
> +
> 
> +#define EXIT_REASON_PENDING_INTERRUPT   7
> 
> +#define EXIT_REASON_NMI_WINDOW  8
> 
> +#define EXIT_REASON_TASK_SWITCH 9
> 
> +#define EXIT_REASON_CPUID   10
> 
> +#define EXIT_REASON_HLT 12
> 
> +#define EXIT_REASON_INVD13
> 
> +#define EXIT_REASON_INVLPG  14
> 
> +#define EXIT_REASON_RDPMC   15
> 
> +#define EXIT_REASON_RDTSC   16
> 
> +#define EXIT_REASON_VMCALL  18
> 
> +#define EXIT_REASON_VMCLEAR 19
> 
> +#define EXIT_REASON_VMLAUNCH20
> 
> +#define EXIT_REASON_VMPTRLD 21
> 
> +#define EXIT_REASON_VMPTRST 22
> 
> +#define EXIT_REASON_VMREAD  23
> 
> +#define EXIT_REASON_VMRESUME24
> 
> +#define EXIT_REASON_VMWRITE 25
> 
> +#define EXIT_REASON_VMOFF   26
> 
> +#define EXIT_REASON_VMON27
> 
> +#define EXIT_REASON_CR_ACCESS   28
> 
> +#define EXIT_REASON_DR_ACCESS   29
> 
> +#define EXIT_REASON_IO_INSTRUCTION  30
> 
> +#define EXIT_REASON_MSR_READ31
> 
> +#define EXIT_REASON_MSR_WRITE   32
> 
> +#define EXIT_REASON_INVALID_STATE   33
> 
> +#define EXIT_REASON_MSR_LOAD_FAIL   34
> 
> +#define EXIT_REASON_MWAIT_INSTRUCTION   36
> 
> +#define EXIT_REASON_MONITOR_TRAP_FLAG   37
> 
> +#define EXIT_REASON_MONITOR_INSTRUCTION 39
> 
> +#define EXIT_REASON_PAUSE_INSTRUCTION   40
> 
> +#define EXIT_REASON_MCE_DURING_VMENTRY  41
> 
> +#define EXIT_REASON_TPR_BELOW_THRESHOLD 43
> 
> +#define EXIT_REASON_APIC_ACCESS 44
> 
> +#define EXIT_REASON_EOI_INDUCED 45
> 
> +#define EXIT_REASON_GDTR_IDTR   46
> 
> 

[edk2-devel] 回复: [PATCH 1/1] MdePkg/UefiLib: Correct the arguments passed to IsLanguageSupported()

[gaoliming]

Reviewed-by: Liming Gao 

> -邮件原件-
> 发件人: Chandramohan Akula 
> 发送时间: 2021年3月8日 11:03
> 收件人: devel@edk2.groups.io
> 抄送: Chandramohan Akula ;
> Michael D Kinney ; Liming Gao
> ; Zhiguang Liu 
> 主题: [PATCH 1/1] MdePkg/UefiLib: Correct the arguments passed to
> IsLanguageSupported()
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3211
> 
> Correct the arguments passed to the IsLanguageSupported() function in
> AddUnicodeString2() and LookupUnicodeString2() as expected by the function
> 
> Cc: Michael D Kinney 
> Cc: Liming Gao 
> Cc: Zhiguang Liu 
> Signed-off-by: Chandramohan Akula 
> ---
>  MdePkg/Library/UefiLib/UefiLib.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/MdePkg/Library/UefiLib/UefiLib.c
> b/MdePkg/Library/UefiLib/UefiLib.c
> index 835218f9824f..b6a33a0a488e 100644
> --- a/MdePkg/Library/UefiLib/UefiLib.c
> +++ b/MdePkg/Library/UefiLib/UefiLib.c
> @@ -839,7 +839,7 @@ LookupUnicodeString2 (
>SupportedLanguages += 3;
> 
>  }
> 
>} else {
> 
> -Found = !IsLanguageSupported(Language, SupportedLanguages);
> 
> +Found = !IsLanguageSupported(SupportedLanguages, Language);
> 
>}
> 
> 
> 
> 
> 
> @@ -1133,7 +1133,7 @@ AddUnicodeString2 (
>SupportedLanguages += 3;
> 
>  }
> 
>} else {
> 
> -Found = !IsLanguageSupported(Language, SupportedLanguages);
> 
> +Found = !IsLanguageSupported(SupportedLanguages, Language);
> 
>}
> 
>//
> 
>// If Language is not a member of SupportedLanguages, then return
> EFI_UNSUPPORTED
> 
> --
> 2.27.0





-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72553): https://edk2.groups.io/g/devel/message/72553
Mute This Topic: https://groups.io/mt/81191329/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

回复: [edk2-devel] 回复: [edk2-devel] [PATCH v6 0/7] Add MmUnblockMemoryLib Interface and Usages

[gaoliming]

Kun:

 That’s enough. I just upload it into 
https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Release-Planning#update-notes

 

Thanks

Liming

发件人: Kun Qin  
发送时间: 2021年3月8日 10:22
收件人: gaoliming ; devel@edk2.groups.io
主题: Re: [edk2-devel] 回复: [edk2-devel] [PATCH v6 0/7] Add MmUnblockMemoryLib 
Interface and Usages

 

Hi Liming,

I have drafted a short update note below. This is my first time doing it, 
please let me know if you have any feedbacks:

*   VariableSmmRuntimeDxe.inf depends on library class MmUnblockMemoryLib. 
Platforms supporting variable service through SMM should configure platform DSC 
in [LibraryClasses]
```MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf```
*   Tcg2Smm is split into 2 drivers: Tcg2Smm and Tcg2Acpi. Platforms 
supporting TCG2 Physical Presence and Memory Clear through ACPI method should 
add a new entry in [Components] section of platform DSC as well as the 
corresponding FV section in platform FDF
```SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf```

I will work on updating edk2-platform in that regards shortly.

Thanks,
Kun 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72552): https://edk2.groups.io/g/devel/message/72552
Mute This Topic: https://groups.io/mt/81191246/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH] MdeModulePkg: Initialize local variable value before they are used

[gaoliming]

This change is to fix the compiler error on GCC49 release build.

Cc: Jian J Wang 
Cc: Hao A Wu 
Signed-off-by: Liming Gao 
---
 MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c | 1 +
 .../Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c| 1 +
 2 files changed, 2 insertions(+)

diff --git a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c 
b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
index e99a812a44..0779f94f9e 100644
--- a/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
+++ b/MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AhciMode.c
@@ -1122,6 +1122,7 @@ AhciDmaTransfer (
 
   Map   = NULL;
   PciIo = Instance->PciIo;
+  Status = EFI_SUCCESS;
 
   if (PciIo == NULL) {
 return EFI_INVALID_PARAMETER;
diff --git 
a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c 
b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
index 0c9299c8b0..7822cbf4bb 100644
--- a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
+++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c
@@ -117,6 +117,7 @@ CreateBasicVariablePolicy (
 
   // Now we've gotta determine the total size of the buffer required for
   // the VariablePolicy structure.
+  NameSize  = 0;
   TotalSize = sizeof( VARIABLE_POLICY_ENTRY );
   if (Name != NULL) {
 NameSize = StrnSizeS( Name, MAX_UINT16 );
-- 
2.27.0.windows.1




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72551): https://edk2.groups.io/g/devel/message/72551
Mute This Topic: https://groups.io/mt/81191206/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 3/3] OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

[min . m . xu]

From: Min Xu 

The base TdxLib in MdePkg/Library provides a default limited interface.
As it does not provide full support, create an OVMF version of this library
to begin the process of providing full support of TDX in OVMF.

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 

CC: Jordan Justen 
CC: Laszlo Ersek 
CC: Jiewen Yao 
---
 OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
 OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
 OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
 OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
 OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
 7 files changed, 679 insertions(+)
 create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
 create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm

diff --git a/OvmfPkg/Library/TdxLib/AcceptPages.c 
b/OvmfPkg/Library/TdxLib/AcceptPages.c
new file mode 100644
index 00..3848bb6a95
--- /dev/null
+++ b/OvmfPkg/Library/TdxLib/AcceptPages.c
@@ -0,0 +1,68 @@
+/** @file
+
+  There are 4 defined types in TD memory.
+  Unaccepted memory is a special type of private memory. The OVMF must
+  invoke TDCALL [TDG.MEM.PAGE.ACCEPT] the unaccepted memory before use it.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+UINT64  mNumberOfDuplicatedAcceptedPages;
+
+/**
+  This function accept a pending private page, and initialize the page to
+  all-0 using the TD ephemeral private key.
+
+  @param[in]  StartAddress   Guest physical address of the private
+ page to accept.
+  @param[in]  NumberOfPages  Number of the pages to be accepted.
+
+  @return EFI_SUCCESS
+**/
+EFI_STATUS
+EFIAPI
+TdAcceptPages (
+  IN UINT64  StartAddress,
+  IN UINT64  NumberOfPages
+  )
+{
+  UINT64  Address;
+  UINT64  Status;
+  UINT64  Index;
+
+  //
+  // Determine if we need to accept pages before use
+  //
+  if (FixedPcdGetBool(PcdUseTdxAcceptPage) == FALSE) {
+ return EFI_SUCCESS;
+  }
+
+  Address = StartAddress;
+
+  for( Index = 0; Index < NumberOfPages; Index++) {
+Status = TdCall(TDCALL_TDACCEPTPAGE,Address, 0, 0, 0);
+if (Status != TDX_EXIT_REASON_SUCCESS) {
+if ((Status & ~0xFFULL) == TDX_EXIT_REASON_PAGE_ALREADY_ACCEPTED) {
+  ++mNumberOfDuplicatedAcceptedPages;
+  DEBUG((DEBUG_VERBOSE, "Address %llx already accepted. Total number 
of already accepted pages %ld\n",
+Address, mNumberOfDuplicatedAcceptedPages));
+} else {
+  DEBUG((DEBUG_ERROR, "Address %llx failed to be accepted. Error = 
%ld\n",
+Address, Status));
+  ASSERT(Status == TDX_EXIT_REASON_SUCCESS);
+}
+}
+Address += EFI_PAGE_SIZE;
+  }
+  return EFI_SUCCESS;
+}
+
diff --git a/OvmfPkg/Library/TdxLib/Rtmr.c b/OvmfPkg/Library/TdxLib/Rtmr.c
new file mode 100644
index 00..a4b36b6c4b
--- /dev/null
+++ b/OvmfPkg/Library/TdxLib/Rtmr.c
@@ -0,0 +1,80 @@
+/** @file
+
+  Extends one of the RTMR measurement registers in TDCS with the provided
+  extension data in memory.
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define RTMR_COUNT  4
+
+/**
+  This function extends one of the RTMR measurement register
+  in TDCS with the provided extension data in memory.
+  RTMR extending supports SHA384 which length is 48 bytes.
+
+  @param[in]  Data  Point to the data to be extended
+  @param[in]  DataLen   Length of the data. Must be 48
+  @param[in]  Index RTMR index
+
+  @return EFI_SUCCESS
+  @return EFI_INVALID_PARAMETER
+  @return EFI_DEVICE_ERROR
+
+**/
+EFI_STATUS
+EFIAPI
+TdExtendRtmr(
+  IN  UINT32  *Data,
+  IN  UINT32  DataLen,
+  IN  UINT8   Index
+  )
+{
+  EFI_STATUSStatus;
+  UINT64*Buffer;
+  UINT64TdCallStatus;
+
+  Status = EFI_SUCCESS;
+
+  ASSERT(Index >= 0 && Index < RTMR_COUNT);
+  ASSERT(DataLen == SHA384_DIGEST_SIZE);
+
+  //
+  // Allocate 64B aligned mem to hold the sha384 hash value
+  //
+  Buffer = AllocateAlignedPages(EFI_SIZE_TO_PAGES(SHA384_DIGEST_SIZE), 64);
+  if(Data == NULL){
+return EFI_OUT_OF_RESOURCES;
+  }
+  CopyMem(Buffer, Data, SHA384_DIGEST_SIZE);
+
+  TdCallStatus = TdCall(TDCALL_TDEXTENDRTMR, (UINT64)Buffer, Index, 0, 0);
+
+  if(TdCallStatus == TDX_EXIT_REASON_SUCCESS){
+Status = EFI_SUCCESS;
+  

[edk2-devel] [PATCH 1/3] MdePkg: Add Tdx support lib

[min . m . xu]

From: Min Xu 

Intel Trust Domain Extension (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total
Memory Encryption (MKTME) with a new kind of virtual machine guest
called a Trust Domain (TD).

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
  - TdCall : to cause a VM exit to the Intel TDX module
  - TdVmCall   : it is a leaf function 0 for TDCALL
  - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
  - TdReport   : to retrieve TDREPORT_STRUCT
  - TdAcceptPages  : to accept pending private pages
  - TdExtendRtmr   : to extend one of the RTMR registers

The base function in this dirver will not do anything and will return
an error if a return value is required. It is expected that other
packages (like OvmfPkg) will create a version of the library to fully
support a TD guest.

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 

CC: Liming Gao 
CC: Zhiguang Liu 
CC: Jiewen Yao 
---
 MdePkg/Include/IndustryStandard/Tdx.h | 201 ++
 MdePkg/Include/Library/TdxLib.h   | 165 +
 MdePkg/Include/Protocol/Tdx.h |  22 +++
 MdePkg/Library/TdxLib/TdxLibNull.c| 155 
 MdePkg/Library/TdxLib/TdxLibNull.inf  |  33 +
 5 files changed, 576 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Include/Protocol/Tdx.h
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf

diff --git a/MdePkg/Include/IndustryStandard/Tdx.h 
b/MdePkg/Include/IndustryStandard/Tdx.h
new file mode 100644
index 00..dbcc31c265
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/Tdx.h
@@ -0,0 +1,201 @@
+/** @file
+  Intel Trust Domain Extension definitions
+
+  Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD 
License
+  which accompanies this distribution.  The full text of the license may be 
found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _TDX_H_
+#define _TDX_H_
+
+#define EXIT_REASON_EXTERNAL_INTERRUPT  1
+#define EXIT_REASON_TRIPLE_FAULT2
+
+#define EXIT_REASON_PENDING_INTERRUPT   7
+#define EXIT_REASON_NMI_WINDOW  8
+#define EXIT_REASON_TASK_SWITCH 9
+#define EXIT_REASON_CPUID   10
+#define EXIT_REASON_HLT 12
+#define EXIT_REASON_INVD13
+#define EXIT_REASON_INVLPG  14
+#define EXIT_REASON_RDPMC   15
+#define EXIT_REASON_RDTSC   16
+#define EXIT_REASON_VMCALL  18
+#define EXIT_REASON_VMCLEAR 19
+#define EXIT_REASON_VMLAUNCH20
+#define EXIT_REASON_VMPTRLD 21
+#define EXIT_REASON_VMPTRST 22
+#define EXIT_REASON_VMREAD  23
+#define EXIT_REASON_VMRESUME24
+#define EXIT_REASON_VMWRITE 25
+#define EXIT_REASON_VMOFF   26
+#define EXIT_REASON_VMON27
+#define EXIT_REASON_CR_ACCESS   28
+#define EXIT_REASON_DR_ACCESS   29
+#define EXIT_REASON_IO_INSTRUCTION  30
+#define EXIT_REASON_MSR_READ31
+#define EXIT_REASON_MSR_WRITE   32
+#define EXIT_REASON_INVALID_STATE   33
+#define EXIT_REASON_MSR_LOAD_FAIL   34
+#define EXIT_REASON_MWAIT_INSTRUCTION   36
+#define EXIT_REASON_MONITOR_TRAP_FLAG   37
+#define EXIT_REASON_MONITOR_INSTRUCTION 39
+#define EXIT_REASON_PAUSE_INSTRUCTION   40
+#define EXIT_REASON_MCE_DURING_VMENTRY  41
+#define EXIT_REASON_TPR_BELOW_THRESHOLD 43
+#define EXIT_REASON_APIC_ACCESS 44
+#define EXIT_REASON_EOI_INDUCED 45
+#define EXIT_REASON_GDTR_IDTR   46
+#define EXIT_REASON_LDTR_TR 47
+#define EXIT_REASON_EPT_VIOLATION   48
+#define EXIT_REASON_EPT_MISCONFIG   49
+#define EXIT_REASON_INVEPT  50
+#define EXIT_REASON_RDTSCP  51
+#define EXIT_REASON_PREEMPTION_TIMER52
+#define EXIT_REASON_INVVPID 53
+#define EXIT_REASON_WBINVD  54
+#define EXIT_REASON_XSETBV  55
+#define EXIT_REASON_APIC_WRITE  56
+#define EXIT_REASON_RDRAND  57
+#define EXIT_REASON_INVPCID 58
+#define EXIT_REASON_VMFUNC  59
+#define EXIT_REASON_ENCLS   60
+#define EXIT_REASON_RDSEED  61
+#define EXIT_REASON_PML_FULL62
+#define EXIT_REASON_XSAVES  63
+#define EXIT_REASON_XRSTORS 64
+
+// TDCALL API Function Completion Status Codes
+#define TDX_EXIT_REASON_SUCCESS 

[edk2-devel] [PATCH 2/3] OvmfPkg: Add PCDs for TdxLib

[min . m . xu]

From: Min Xu 

TdxLib for OvmfPkg depends on the below PCDs
  - PcdUseTdxAcceptPage
Indicate whether TdCall(AcceptPage) is used.
  - PcdUseTdxEmulation
Indicate whether TdxEmulation is used.

Signed-off-by: Min Xu 
Signed-off-by: Doug Reiland 

CC: Jordan Justen 
CC: Laszlo Ersek 
CC: Jiewen Yao 
---
 OvmfPkg/OvmfPkg.dec | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 4348bb45c6..68b3fd86d5 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -317,6 +317,12 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|0x0|UINT32|0x42
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize|0x0|UINT32|0x43
 
+  ## Indicate whether TdCall(AcceptPage) is used.
+  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxAcceptPage|TRUE|BOOLEAN|0x44
+  ## Indicate whether TdxEmulation is used.
+  gUefiOvmfPkgTokenSpaceGuid.PcdUseTdxEmulation|0x1|UINT32|0x45
+
+
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72549): https://edk2.groups.io/g/devel/message/72549
Mute This Topic: https://groups.io/mt/81191035/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 0/3] Add TdxLib support for Intel TDX

[min . m . xu]

From: Min Xu 

The patch series provides lib support for Intel Trust Domain Extensions
(Intel TDX).

Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
Encryption (MKTME) with a new kind of virutal machines guest called a 
Trust Domain (TD). A TD is desinged to run in a CPU mode that protects the
confidentiality of TD memory contents and the TD's CPU state from other
software, including the hosting Virtual-Machine Monitor (VMM), unless
explicitly shared by the TD itself.

The Intel TDX module uses the instruction-set architecture for Intel TDX
and the MKTME engine in the SOC to help serve as an intermediary between
the host VMM and the guest TD. TDCALL is the instruction which allows TD
guest privileged software to make a call for service into an underlying
TDX-module.

TdxLib is created with functions to perform the related Tdx operation.
This includes functions for:
  - TdCall : to cause a VM exit to the Intel TDX module
  - TdVmCall   : it is a leaf function 0 for TDCALL
  - TdVmCallCpuid  : enable the TD guest to request VMM to emulate CPUID
  - TdReport   : to retrieve TDREPORT_STRUCT
  - TdAcceptPages  : to accept pending private pages
  - TdExtendRtmr   : to extend one of the RTMR registers

The base function in MdePkg will not do anything and will return an error
if a return value is required. It is expected that other packages
(like OvmfPkg) will create a version of the library to fully support a TD
guest.

We create an OVMF version of this library to begin the process of providing
full support of TDX in OVMF.

To support the emulation and test purpose, 2 PCDs are added in OvmfPkg.dec
  - PcdUseTdxAcceptPage
Indicate whether TdCall(AcceptPage) is used.
  - PcdUseTdxEmulation
Indicate whether TdxEmulation is used.

See 

CC: Liming Gao 
CC: Zhiguang Liu 
CC: Jordan Justen 
CC: Laszlo Ersek 
CC: Jiewen Yao 

Signed-off-by: Min Xu 

Min Xu (3):
  MdePkg: Add Tdx support lib
  OvmfPkg: Add PCDs for TdxLib
  OvmfPkg: Implement library support for TdxLib SEC and DXE on OVMF

 MdePkg/Include/IndustryStandard/Tdx.h| 201 +
 MdePkg/Include/Library/TdxLib.h  | 165 ++
 MdePkg/Include/Protocol/Tdx.h|  22 +++
 MdePkg/Library/TdxLib/TdxLibNull.c   | 155 +
 MdePkg/Library/TdxLib/TdxLibNull.inf |  33 
 OvmfPkg/Library/TdxLib/AcceptPages.c |  68 
 OvmfPkg/Library/TdxLib/Rtmr.c|  80 +
 OvmfPkg/Library/TdxLib/TdReport.c| 102 +++
 OvmfPkg/Library/TdxLib/TdxLib.inf|  48 ++
 OvmfPkg/Library/TdxLib/TdxLibSec.inf |  45 +
 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm   | 125 ++
 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm | 211 +++
 OvmfPkg/OvmfPkg.dec  |   6 +
 13 files changed, 1261 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tdx.h
 create mode 100644 MdePkg/Include/Library/TdxLib.h
 create mode 100644 MdePkg/Include/Protocol/Tdx.h
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.c
 create mode 100644 MdePkg/Library/TdxLib/TdxLibNull.inf
 create mode 100644 OvmfPkg/Library/TdxLib/AcceptPages.c
 create mode 100644 OvmfPkg/Library/TdxLib/Rtmr.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdReport.c
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLib.inf
 create mode 100644 OvmfPkg/Library/TdxLib/TdxLibSec.inf
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdcall.nasm
 create mode 100644 OvmfPkg/Library/TdxLib/X64/Tdvmcall.nasm

-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72547): https://edk2.groups.io/g/devel/message/72547
Mute This Topic: https://groups.io/mt/81191033/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 1/2 v5] Drivers/OpTeeRpmb: Add an OP-TEE backed RPMB driver

[Ilias Apalodimas]

On Fri, Mar 05, 2021 at 05:58:49PM +, Pierre wrote:
> Hi Ilias,
> Here is the rest of the review. Sorry to do it in 2 times.

No worries, I'll try to pick up all the comments.

>
> Regards,
>
> Pierre
>
>
> >
> > +/**
> >
> > +  Fixup the Pcd values for variable storage
> >
> > +
> >
> > +  Since the upper layers of EDK2 expect a memory mapped interface and
> > we can't
> >
> > +  offer that from an RPMB, the driver allocates memory on init and
> > passes that
> >
> > +  on the upper layers. Since the memory is dynamically allocated and we
> > can't set the
> >
> > +  PCD is StMM context, we need to patch it correctly on each access
> >
> > +
> >
> > +  @retval EFI_SUCCESS Protocol was found and PCDs patched up
> The error codes are missing.

Yea, but I'll remove the overflow check on v6 so that should be fine as-is.

> >
> > +
> >
> > + **/
> >
> > +EFI_STATUS
> >
> > +EFIAPI
> >
> >

[...]

> > +  ASSERT_EFI_ERROR (Status);
> >
> > +
> >
> > +  Instance = INSTANCE_FROM_FVB_THIS (FvbProtocol);
> >
> > +  // The Pcd is user defined, so make sure we don't overflow
> >
> > +  if (Instance->MemBaseAddress > MAX_UINT64 - PcdGet32
> > (PcdFlashNvStorageVariableSize)) {
> I think this can be removed since the next condition is more strict.

ditto

> >
> > +return EFI_INVALID_PARAMETER;
> >
> > +  }
> >
> > +
> >
> >
> [...]
> > +STATIC
> >
> > +EFI_STATUS
> >
> > +ReadWriteRpmb (
> >
> > +  UINTN  SvcAct,
> >
> > +  UINTN  Addr,
> >
> > +  UINTN  NumBytes,
> >
> > +  UINTN  Offset
> >
> > +  )
> >
> > +{
> >
> > +  ARM_SVC_ARGS  SvcArgs;
> >
> > +  EFI_STATUSStatus;
> >
> > +
> >
> > +  ZeroMem (, sizeof (SvcArgs));
> >
> > +
> >
> > +  SvcArgs.Arg0 = ARM_SVC_ID_FFA_MSG_SEND_DIRECT_REQ_AARCH64;
>
> If this is an FFA call, is it possible to:
>  - put a reference in the header to the spec (it should be similar to the
> one at
> edk2/ArmPkg/Library/StandaloneMmMmuLib/AArch64/ArmMmuStandaloneMmLib.c)
>  - check the return status of the SVC call against the ones available at
> edk2/ArmPkg/Include/IndustryStandard/ArmFfaSvc.h
>  - if possible, remove the dependency to 
>

The call is technically an FFA one but at the moment OP-TEE returns the StMM
return code which is defined in the last header you mention.
The relevant code is in ./core/arch/arm/kernel/stmm_sp.c function
tee2stmm_ret_val().
So unless we redefine that in OP-TEE or (better imho), wait for a full FFA
mechanism to be in place, I'd prefer leaving it as is.
Keep in mind that adding the full FFA will also get rid of the hardcoded IDs
on the beginning of the file.

> >
> > +  SvcArgs.Arg1 = mStorageId;
> > +  //

[...]

> >
> > +  if (   (FwVolHeader->Revision  != EFI_FVH_REVISION)
> >
> > +  || (FwVolHeader->Signature != EFI_FVH_SIGNATURE)
> >
> > +  || (FwVolHeader->FvLength  != FvLength)
> >
> > +  )
> could be on the same line -> ') {'

ok

> >
> > +  {
> >
> >
> > +  if (VariableStoreHeader->Size != VariableStoreLength) {
> >
> > +DEBUG ((DEBUG_INFO, "%a: Variable Store Length does not match\n",
> >
> > +  __FUNCTION__));
> >
> > +return EFI_VOLUME_CORRUPTED;
> >
> > +  }
> >
> > +
> >
> > +  return EFI_SUCCESS;
> >
> empty line, could be removed

ok

> > +

> >
> > +(PcdGet64 (PcdFlashNvStorageFtwWorkingBase64) +
> >
> > +PcdGet32 (PcdFlashNvStorageFtwWorkingSize)) ==
> >
> > +PcdGet64 (PcdFlashNvStorageFtwSpareBase64));
> >
> > +
> >
> > +  // Check if the size of the area is at least one block size
> >
> > +  ASSERT (
> >
> > +(PcdGet32 (PcdFlashNvStorageVariableSize) > 0) &&
> I think the first check (Size > 0) is redundant with the second one (Size >
> BlockSize).

Yea it seems so. This was again a c/p from other drivers handling the
PCD, but we can start
clean here.

> >
> > +(PcdGet32 (PcdFlashNvStorageVariableSize) / Instance->BlockSize > 0)
> >
> > +);
> >
> > +  ASSERT (
> >
> > +(PcdGet32 (PcdFlashNvStorageFtwWorkingSize) > 0) &&


[...]

> > +
> >
> > +  SetMem (, sizeof (mInstance), 0);
> NIT: you can use ZeroMem()

Sure

> >
> > +
> >
> > +  mInstance.FvbProtocol.GetPhysicalAddress =
> > OpTeeRpmbFvbGetPhysicalAddress;
> >
> > +  mInstance.FvbProtocol.GetAttributes  = OpTeeRpmbFvbGetAttributes;
> >
> > +  mInstance.FvbProtocol.SetAttributes  = OpTeeRpmbFvbSetAttributes;
> >
> > +  mInstance.FvbProtocol.GetBlockSize   = OpTeeRpmbFvbGetBlockSize;
> >
> > +  mInstance.FvbProtocol.EraseBlocks= OpTeeRpmbFvbErase;
> >
> > +  mInstance.FvbProtocol.Write  = OpTeeRpmbFvbWrite;
> >
> > +  mInstance.FvbProtocol.Read   = OpTeeRpmbFvbRead;
> >
> > +
> >
> > +  mInstance.MemBaseAddress = (EFI_PHYSICAL_ADDRESS)Addr;
> >
> > +  mInstance.Signature  = FLASH_SIGNATURE;
> >
> > +  mInstance.Initialize = FvbInitialize;
> >
> > +  mInstance.BlockSize  = EFI_PAGE_SIZE;
> >
> > +  mInstance.NBlocks= NBlocks;
> >
> > +
> >
> > +  // The Pcd is user defined, so make sure we don't overflow
> >
> > +  if (mInstance.MemBaseAddress > 

Re: [edk2-devel] [RFC][patch] Add a new library class RegisterFilterLib in edk2 to filter/trace port IO/MMIO/MSR access

[Michael D Kinney]

> -Original Message-
> From: Laszlo Ersek 
> Sent: Monday, March 8, 2021 7:38 AM
> To: devel@edk2.groups.io; Bi, Dandan 
> Cc: Kinney, Michael D ; Liming Gao 
> ; Liu, Zhiguang
> 
> Subject: Re: [edk2-devel] [RFC][patch] Add a new library class 
> RegisterFilterLib in edk2 to filter/trace port IO/MMIO/MSR
> access
> 
> On 03/08/21 06:15, Dandan Bi wrote:
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3246
> >
> > 1.Purpose:
> >   Skip port IO/MMIO/MSR access in some emulatoion env.
> >   Trace port IO/MMIO/MSR access.
> >
> > 2.Plan to do in Edk2:
> >   Filter and trace in low level APIs in BaseIoLibIntrinsic and BaseLib.
> >   Add a new library class (RegisterFilterLib) for the filter and trace 
> > functionality.
> >
> > 3.Plan to filter and trace scope in Edk2 :
> >   a. Port IO R/W: IA32 X64 (Only filter/trace for IA32 X64)
> >   b. MMIO R/W: IA32 X64 EBC ARM AARCH64 RISCV64 (Filter/trace for the 
> > Arches supported in BaseIoLibIntrinsic.inf)
> >   c. MSR R/W: IA32 X64 (Only filter/trace for IA32 X64, if other ARCH has 
> > similar use case can add new APIs per needs)
> >
> > 4.RegisterFilterLib Library Class:
> >   a. Add RegisterFilterLib library class for the filter and trace operation.
> >   b. Add RegisterFilterLib.h in MdePkg/Include/Library.
> >   c. 12 APIs will be added to filter and trace port IO, MMIO and MSR access.
> >   d. Add a NULL instance RegisterFilterLibNull in MdePkg/Library.(Verified 
> > that null instance will not impact binary
> size.)
> >   e. Platform can implement its own RegisterFilterLib instance.
> >
> >   12 APIs can be divided into 2 categories:
> >   6 [Before] APIs use to check whether need to execute port IO/MMIO/MSR 
> > access or do some tracing before access.
> >   6 [After] APIs use to trace after port IO/MMIO/MSR access.
> >   The detailed API definitions are included in this patch.
> >
> >   For port IO access:
> >   FilterBeforeIoRead
> >   FilterAfterIoRead
> >   FilterBeforeIoWrite
> >   FilterAfterIoWrite
> >
> >   For MMIO access:
> >   FilterBeforeMmIoRead
> >   FilterAfterMmIoRead
> >   FilterBeforeMmIoWrite
> >   FilterAfterMmIoWrite
> >
> >   For MSR access:
> >   FilterBeforeMsrRead
> >   FilterAfterMsrRead
> >   FilterBeforeMsrWrite
> >   FilterAfterMsrWrite
> >
> > 5.Change and Impact
> >   a. Add the RegisterFilterLib libary class and RegisterFilterLibNull 
> > instance firstly.
> >   b. Update the dsc in edk2 and edk2-platform repo to consume the 
> > RegisterFilterLibNull instance.
> >   c. Update the BaseLib and IoLib to consume RegisterFilterLib.
> >
> >   This is an incompatible change.
> >   No code change in BaseLib and IoLib consumers, only need to change dsc to 
> > consume new FilterLib instance.
> >   Update BaseIoLibIntrinsic.inf and BaseIoLibIntrinsicSev.inf to consume 
> > RegisterFilterLib for all supported Arch
> >   Update BaseLib.inf to consume RegisterFilterLib only for IA32 and X64
> 
> Seems like a sound plan, but there are more IoLib instances than the above:
> 
> MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
> MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicArmVirt.inf
> MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf

I agree that all 3 of these need to be included in the plan.

> MdePkg/Library/DxeIoLibCpuIo2/DxeIoLibCpuIo2.inf
> MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
> MdePkg/Library/SmmIoLibSmmCpuIo2/SmmIoLibSmmCpuIo2.inf

The IoLib instances all perform their I/O operation by calling
a dynamic PPI/Protocol services.  I would recommend that we do not update
these instances, and instead only apply the RegisterFilterLib to 
IoLib instances that perform he direct access to the hardware.
Any IoLib instances that access the hardware through a PPI/Protocol
should not be updated.

We have a few implementations of the CPI I/O PPI/Protocol that
use the BaseIoLibIntrinsics, so those would actually be covered
by the first set of lib instances.  If a platform decides to 
implement a new version of the CPU I/O PPI/Protocol that does not
use one of the BaseIoLibInstrinsic instances, then they would
have the option of using the RegisterFilterLib in that new
implementation of the CPI I/O PPI/Protocol.

> 
> Thanks
> Laszlo
> 
> >
> > This topic has been reviewed in Tiano Design meeting of 2021/0305
> > RegisterFilterLib header file and desgin foil can be found in:
> > https://edk2.groups.io/g/devel/files/Designs/2021/0305
> >
> >
> > Cc: Michael D Kinney 
> > Cc: Liming Gao 
> > Cc: Zhiguang Liu 
> > Signed-off-by: Dandan Bi 
> > ---
> >  MdePkg/Include/Library/RegisterFilterLib.h | 224 +
> >  1 file changed, 224 insertions(+)
> >  create mode 100644 MdePkg/Include/Library/RegisterFilterLib.h
> >
> > diff --git a/MdePkg/Include/Library/RegisterFilterLib.h 
> > b/MdePkg/Include/Library/RegisterFilterLib.h
> > new file mode 100644
> > index 00..be111304ba
> > --- /dev/null
> > +++ b/MdePkg/Include/Library/RegisterFilterLib.h
> > @@ -0,0 +1,224 @@
> > +/** 

Re: [edk2-devel] [edk2-platforms][PATCH V2 0/2] Enable SMMUv3 for Arm SGI/RD platforms

[Vivek Kumar Gautam]

Hi Sami,


On 3/5/21 7:43 PM, Sami Mujawar wrote:

Hi Vivek,

Thank you for this patch.

For this series.
Reviewed-by: Sami Mujawar 

I will merge this series once the merge window opens.


Thanks for reviewing the patches and taking them.

Best regards
Vivek



Regards,

Sami Mujawar

-Original Message-
From: Vivek Kumar Gautam 
Sent: 05 March 2021 01:21 PM
To: devel@edk2.groups.io
Cc: ardb+tianoc...@kernel.org; l...@nuviainc.com; Sami Mujawar 

Subject: Re: [edk2-devel] [edk2-platforms][PATCH V2 0/2] Enable SMMUv3 for Arm 
SGI/RD platforms



On 3/5/21 6:44 PM, Vivek Kumar Gautam via groups.io wrote:

Arm's SMMUv3 present in various SGI/RD platforms provides address
translation support for devices such as the ones present over PCIe.
SMMUv3 also supports Address Translation Service (ATS) and Page
Request Interface (PRI) to work with PCIe devices.
ATS allows PCIe devices to request translation from a translation
agent such as SMMU, and then cache these translation in their private
cache called as Address Translation Cache (ATC).
Devices that support PRI can also enable the feature when ATS is
enabled as ATS is a prerequisite for PRI.

The I/O topology on SGI/RD platforms includes I/O devices (or PCIe
devices) connected to a SMMU-v3, and an GIC ITS block that facilitates
interrupt translations for message signaled interrupts. A typical view
of this topology is as below -

 ---      
|  PCIe device  |>|  SMMUv3|>|   ITS  |
| (RequesterID) | | (StreamID) | | (DeviceID) |
 ---      

This patch series adds the SMMU-v3 node in iort table, and sets up the
connection between these iort nodes to forward the traffic in the right
manner.


After applying these patches, the resulting updated Iort Acpi table
looks like below:


Shell> Acpiview -s iort





   --- IORT Table ---



Address  : 0xF98DF598

Length   : 236



 : 49 4F 52 54 EC 00 00 00 - 00 A5 41 52 4D 4C 54 44
IORT..ARMLTD

0010 : 41 52 4D 53 47 49 20 20 - 27 07 14 20 41 52 4D 20   ARMSGI
'.. ARM

0020 : 99 00 00 00 03 00 00 00 - 30 00 00 00 00 00 00 00
0...

0030 : 00 18 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00


0040 : 01 00 00 00 00 00 00 00 - 04 6C 00 02 00 00 00 00
.l..

0050 : 02 00 00 00 44 00 00 00 - 00 00 00 4F 00 00 00 00
D..O

0060 : 01 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00


0070 : 00 00 00 00 04 01 00 00 - 00 00 00 00 06 01 00 00


0080 : 05 01 00 00 00 00 00 00 - 01 00 00 00 00 00 00 00


0090 : FF FF 00 00 00 00 00 00 - 30 00 00 00 00 00 00 00
0...

00A0 : 00 00 00 00 01 00 00 00 - 00 00 01 00 30 00 00 00
0...

00B0 : 01 00 00 00 02 38 00 00 - 00 00 00 00 01 00 00 00
.8..

00C0 : 24 00 00 00 01 00 00 00 - 00 00 00 00 01 00 00 00
$...

00D0 : 00 00 00 00 00 00 00 00 - 00 00 00 00 FF FF 00 00


00E0 : 00 00 00 00 48 00 00 00 - 00 00 00 00   H...



Table Checksum : OK



IORT :

Signature  : IORT

Length : 236

Revision   : 0

Checksum   : 0xA5

Oem ID : ARMLTD

Oem Table ID   : ARMSGI

Oem Revision   : 0x20140727

Creator ID : ARM

Creator Revision   : 0x99

Number of IORT Nodes   : 3

Offset to Array of IORT Nodes  : 0x30

Reserved   : 0x0

* Node Offset *: 0x30

ITS Node   :

  Type : 0

  Length   : 24

  Revision : 0

  Reserved : 0x0

  Number of ID mappings: 0

  Reference to ID Array: 0x0

  Number of ITSs   : 1

  GIC ITS Identifier Array [0] :

GIC ITS Identifier : 0

* Node Offset *: 0x48

SMMUV3 Node:

  Type : 4

  Length   : 108

  Revision : 2

  Reserved : 0x0

  Number of ID mappings: 2

  Reference to ID Array: 0x44

  Base Address : 0x4F00

  Flags: 0x1

  Reserved : 0x0

  VATOS Address: 0x0

  Model: 0

  Event  

Re: [edk2-devel] [PATCH v3 0/5] UefiCpuPkg/StandaloneMmCpuFeaturesLib: Add Standalone MM support

[Laszlo Ersek]

On 02/17/21 22:32, Michael Kubacki wrote:
> From: Michael Kubacki 
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3218
> 
> The present SmmCpuFeaturesLib implementation in UefiCpuPkg can be
> useful for IA32/X64 platforms that need a library instance for
> a Standalone MM environment. Much of the logic can be reused and a
> new INF can isolate the differences unique to Standalone MM.
> 
> This patch series contains an initial set of changes for cleaning
> up pre-existing design issues in the library. The final two patches
> contain changes needed for Standalone MM support.
> 
> Here's an overview of how the three library instances are organized
> that may be a useful reference (provided by Laszlo):
> 
> Traditional,  Traditional,  Standalone,
> no STMSTM   no STM
> 
> Entry point type   DXE   DXE   MM
> 
> Lib inst. init.basic STM   basic
> 
> Processor init.basic STM   basic
> 
> PCD access any   any   fixed
> 
> * Traditional no STM = SmmCpuFeaturesLib.inf
> * Traditional STM = SmmCpuFeaturesLibStm.inf
> * Standalone no STM = StandaloneMmCpuFeaturesLib.inf
> 
> V3 changes:
> 
>   PATCH v3 2/5 is a new patch in the series that renames the file
>   SmmCpuFeaturesLib.c to SmmCpuFeaturesLibCommon.c to more clearly
>   identify implementation in the file as shared between all library
>   instances.
> 
>   PATCH v3 3/5 adds a new source file SmmCpuFeaturesLib.c that
>   contains the constructor specific to the Traditional MM no
>   STM library instance. This was previously implemented in a
>   file built by the Standalone MM instance and while not
>   harmful, it was not clean.
> 
>   PATCH v3 4/5 updates "@retval" to "@return" in the documentation
>   for GetCpuMaxLogicalProcessorNumber() since it is not a constant
>   return value.
>   
>   PATCH v3 5/5 contains a commit message update to note that all
>   instances of "PiSmm.h" in the library source files have been
>   updated to "PiMm.h" for consistency throughout the library.
> 
> V2 changes:
> 
>   Due to some pre-existing design issues in the library that
>   affected a single v1 patch that add Standalone MM support,
>   it was suggested to first address those issues and then add the
>   new INF StandaloneMmCpuFeaturesLib.inf.
> 
>   To address these concerns, the following v1 patch was converted
>   into a v2 patch series:
>   https://edk2.groups.io/g/devel/message/71626
> 
>   The first two patches in v2 primarily addressed those concerns.
> 
>   PATCH v2 1/4 and PATCH v2 2/4 focused on fixing pre-existing
>   design issues.
> 
>   PATCH v2 3/4 and PATCH v2 4/4 focused on the changes needed to add
>   Standalone MM support.
> 
> Cc: Eric Dong 
> Cc: Ray Ni 
> Cc: Laszlo Ersek 
> Cc: Rahul Kumar 
> Signed-off-by: Michael Kubacki 
> 
> Michael Kubacki (5):
>   UefiCpuPkg/SmmCpuFeaturesLib: Move multi-instance function decl to
> header
>   UefiCpuPkg/SmmCpuFeaturesLib: Rename SmmCpuFeaturesLib.c
>   UefiCpuPkg/SmmCpuFeaturesLib: Cleanup library constructors
>   UefiCpuPkg/SmmCpuFeaturesLib: Abstract PcdCpuMaxLogicalProcessorNumber
>   UefiCpuPkg/SmmCpuFeaturesLib: Add Standalone MM support
> 
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/Ia32/SmmStmSupport.c
>   |   2 +-
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c 
>   | 608 +---
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/{SmmCpuFeaturesLib.c => 
> SmmCpuFeaturesLibCommon.c}|  36 +-
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibNoStm.c
>   |   3 +-
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmStm.c
>   |  26 +-
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/StandaloneMmCpuFeaturesLib.c
>   |  50 ++
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/TraditionalMmCpuFeaturesLib.c   
>   |  28 +
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/X64/SmmStmSupport.c 
>   |   2 +-
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/CpuFeaturesLib.h
>   |  48 ++
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf   
>   |   3 +
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLibStm.inf
>   |   4 +-
>  UefiCpuPkg/Library/SmmCpuFeaturesLib/{SmmCpuFeaturesLib.inf => 
> StandaloneMmCpuFeaturesLib.inf} |  22 +-
>  UefiCpuPkg/UefiCpuPkg.dsc
>   |   1 +
>  13 files changed, 172 insertions(+), 661 deletions(-)
>  copy UefiCpuPkg/Library/SmmCpuFeaturesLib/{SmmCpuFeaturesLib.c => 
> SmmCpuFeaturesLibCommon.c} (93%)
>  create mode 100644 
> UefiCpuPkg/Library/SmmCpuFeaturesLib/StandaloneMmCpuFeaturesLib.c
>  create mode 100644 
> 

Re: 回复: [edk2-devel] [edk2-platforms][PATCH v1 1/1] MinPlatformPkg/Acpi/AcpiSmm: Add Standalone MM support

[Michael Kubacki]

Sent v2 with the BZ in the commit description:
https://edk2.groups.io/g/devel/message/72541

Thanks,
Michael

On 3/7/2021 5:23 PM, gaoliming wrote:

Michael:
   Can you submit one BZ to track this change?

Thanks
Liming

-邮件原件-
发件人: devel@edk2.groups.io  代表 Michael
Kubacki
发送时间: 2021年3月6日 9:38
收件人: devel@edk2.groups.io
抄送: Chasel Chiu ; Nate DeSimone
; Liming Gao ;
Eric Dong 
主题: [edk2-devel] [edk2-platforms][PATCH v1 1/1]
MinPlatformPkg/Acpi/AcpiSmm: Add Standalone MM support

From: Michael Kubacki 

Adds a new module called AcpiStandaloneMm that serves the same role
as AcpiSmm but in a Standalone MM environment.

This change follows a similar pattern to other changes that have
added Standalone MM support to a SMM module. The SMM INF name and
file path remain unaltered to allow backward compatibility and much
of the code is shared between the driver instances with unique entry
points for each respective module type.

Cc: Chasel Chiu 
Cc: Nate DeSimone 
Cc: Liming Gao 
Cc: Eric Dong 
Signed-off-by: Michael Kubacki 
---
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/{AcpiSmm.c => AcpiMm.c}
| 33 +--
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c
| 34 
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c
| 34 
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.h
| 23 +
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.h
| 24 --
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.inf
| 21 ++--
  Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/{AcpiSmm.inf =>
AcpiStandaloneMm.inf} | 32 +-
  Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc
|  2 ++
  8 files changed, 133 insertions(+), 70 deletions(-)

diff --git a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.c
b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.c
similarity index 81%
rename from Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.c
rename to Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.c
index 809f75d3c588..2cf559f3fe09 100644
--- a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.c
+++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.c
@@ -1,12 +1,20 @@
  /** @file
-  Acpi Smm driver.
+  Functions shared between driver instances.

  Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
  SPDX-License-Identifier: BSD-2-Clause-Patent

  **/

-#include "AcpiSmm.h"
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "AcpiMm.h"

  /**
Enable SCI
@@ -53,20 +61,13 @@ DisableAcpiCallback (
  }

  /**
-  Initializes the Acpi Smm Driver
-
-  @param[in] ImageHandle   - Pointer to the loaded image protocol for
this driver
-  @param[in] SystemTable   - Pointer to the EFI System Table
-
-  @retval Status   - EFI_SUCCESS
-  @retval Assert, otherwise.
+  ACPI initialization logic shared between the Traditional MM and
+  Standalone MM driver instances.

  **/
-EFI_STATUS
-EFIAPI
-InitializeAcpiSmm (
-  IN EFI_HANDLEImageHandle,
-  IN EFI_SYSTEM_TABLE  *SystemTable
+VOID
+InitializeAcpiMm (
+  VOID
)
  {
EFI_STATUSStatus;
@@ -77,7 +78,7 @@ InitializeAcpiSmm (
//
// Locate the ICH SMM SW dispatch protocol
//
-  Status = gSmst->SmmLocateProtocol (,
NULL, (VOID**));
+  Status = gMmst->MmLocateProtocol (,
NULL, (VOID**) );
ASSERT_EFI_ERROR (Status);

//
@@ -103,6 +104,4 @@ InitializeAcpiSmm (
   
   );
ASSERT_EFI_ERROR (Status);
-
-  return EFI_SUCCESS;
  }
diff --git
a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c
b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c
new file mode 100644
index ..f378942fdc07
--- /dev/null
+++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c
@@ -0,0 +1,34 @@
+/** @file
+  Standalone MM driver for ACPI initialization.
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+#include "AcpiMm.h"
+
+/**
+  The Standalone MM driver entry point.
+
+  @param[in] ImageHandle   - Pointer to the loaded image protocol for
this driver
+  @param[in] SystemTable   - Pointer to the EFI MM System Table
+
+  @retval Status   - EFI_SUCCESS
+  @retval Assert, otherwise.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiStandaloneMmEntryPoint (
+  IN EFI_HANDLE ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE*MmSystemTable
+  )
+{
+  InitializeAcpiMm ();
+
+  return EFI_SUCCESS;
+}
diff --git
a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c
b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c
new file mode 100644
index ..9512926b9e2e
--- /dev/null
+++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c
@@ -0,0 +1,34 @@
+/** @file
+  Traditional MM driver for ACPI initialization.
+

[edk2-devel] [edk2-platforms][PATCH v2 1/1] MinPlatformPkg/Acpi/AcpiSmm: Add Standalone MM support

[Michael Kubacki]

From: Michael Kubacki 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3248

Adds a new module called AcpiStandaloneMm that serves the same role
as AcpiSmm but in a Standalone MM environment.

This change follows a similar pattern to other changes that have
added Standalone MM support to a SMM module. The SMM INF name and
file path remain unaltered to allow backward compatibility and much
of the code is shared between the driver instances with unique entry
points for each respective module type.

Cc: Chasel Chiu 
Cc: Nate DeSimone 
Cc: Liming Gao 
Cc: Eric Dong 
Signed-off-by: Michael Kubacki 
---

Notes:
V2 change: Add BZ link

 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/{AcpiSmm.c => AcpiMm.c} 
  | 33 +--
 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c  
  | 34 
 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c 
  | 34 
 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.h
  | 23 +
 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.h   
  | 24 --
 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.inf 
  | 21 ++--
 Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/{AcpiSmm.inf => 
AcpiStandaloneMm.inf} | 32 +-
 Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc   
  |  2 ++
 8 files changed, 133 insertions(+), 70 deletions(-)

diff --git a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.c 
b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.c
similarity index 81%
rename from Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.c
rename to Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.c
index 809f75d3c588..2cf559f3fe09 100644
--- a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiSmm.c
+++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiMm.c
@@ -1,12 +1,20 @@
 /** @file
-  Acpi Smm driver.
+  Functions shared between driver instances.
 
 Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
-#include "AcpiSmm.h"
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "AcpiMm.h"
 
 /**
   Enable SCI
@@ -53,20 +61,13 @@ DisableAcpiCallback (
 }
 
 /**
-  Initializes the Acpi Smm Driver
-
-  @param[in] ImageHandle   - Pointer to the loaded image protocol for this 
driver
-  @param[in] SystemTable   - Pointer to the EFI System Table
-
-  @retval Status   - EFI_SUCCESS
-  @retval Assert, otherwise.
+  ACPI initialization logic shared between the Traditional MM and
+  Standalone MM driver instances.
 
 **/
-EFI_STATUS
-EFIAPI
-InitializeAcpiSmm (
-  IN EFI_HANDLEImageHandle,
-  IN EFI_SYSTEM_TABLE  *SystemTable
+VOID
+InitializeAcpiMm (
+  VOID
   )
 {
   EFI_STATUSStatus;
@@ -77,7 +78,7 @@ InitializeAcpiSmm (
   //
   // Locate the ICH SMM SW dispatch protocol
   //
-  Status = gSmst->SmmLocateProtocol (, NULL, 
(VOID**));
+  Status = gMmst->MmLocateProtocol (, NULL, 
(VOID**) );
   ASSERT_EFI_ERROR (Status);
 
   //
@@ -103,6 +104,4 @@ InitializeAcpiSmm (
  
  );
   ASSERT_EFI_ERROR (Status);
-
-  return EFI_SUCCESS;
 }
diff --git a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c 
b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c
new file mode 100644
index ..f378942fdc07
--- /dev/null
+++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiStandaloneMm.c
@@ -0,0 +1,34 @@
+/** @file
+  Standalone MM driver for ACPI initialization.
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+#include "AcpiMm.h"
+
+/**
+  The Standalone MM driver entry point.
+
+  @param[in] ImageHandle   - Pointer to the loaded image protocol for this 
driver
+  @param[in] SystemTable   - Pointer to the EFI MM System Table
+
+  @retval Status   - EFI_SUCCESS
+  @retval Assert, otherwise.
+
+**/
+EFI_STATUS
+EFIAPI
+AcpiStandaloneMmEntryPoint (
+  IN EFI_HANDLE ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE*MmSystemTable
+  )
+{
+  InitializeAcpiMm ();
+
+  return EFI_SUCCESS;
+}
diff --git a/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c 
b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c
new file mode 100644
index ..9512926b9e2e
--- /dev/null
+++ b/Platform/Intel/MinPlatformPkg/Acpi/AcpiSmm/AcpiTraditionalMm.c
@@ -0,0 +1,34 @@
+/** @file
+  Traditional MM driver for ACPI initialization.
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include 
+
+#include "AcpiMm.h"
+
+/**
+  The Traditional MM driver entry point.
+
+  

Re: [edk2-devel] [PATCH] Platform/RaspberryPi: Dynamically build UARTs info in ACPI

[Pete Batard]

Hi Sunny,

Thanks a lot for submitting this patch!

This is something that has been on the Raspberry Pi platform TODO list 
for some time, so your contribution is much appreciated.


Please find 4 comments inline:

On 2021.03.06 09:24, Sunny Hsuan-Wen Wang wrote:

Changes:

   1. Add code to ConfigDxe driver and AcpiTables module to dynamically

  build either Mini UART or PL011 UART info in ACPI. This fixes the

  issue discussed in https://github.com/pftf/RPi4/issues/118.

   2. Merge changes in edk2-platforms-raspberrypi-pl011-bth-noflow.diff

  in https://github.com/worproject/RPi-Bluetooth-Testing/

  for enabling Bluetooth and serial port (Mini UART) in Windows OS.

   3. Cleanup by moving duplicate Debug Port 2 table related defines and

  structures to a newly created header file (RpiDebugPort2Table.h).


Ideally, I would prefer if 1-3 and 2 were submitted as separate patches 
in a series, as one can consider that the ACPI assigning of the 
Spcr/Dbg2 tables is independent of the Bluetooth related changes.


For instance, regardless of Bluetooth usage, one of course wants the 
serial ports used by Windows to match the ones defined in config.txt. So 
I would say that we have at least two separate functional changes in 
this patch, that should probably be made more explicit by splitting them 
into separare commits.



Testing Done:

   - Booted to UEFI shell and use acpiview command to check the result of

 the different UART settings in config.txt (enabling either Mini UART

 or PL011) and SPCR, DBG2 tables and device BTH0 are dynamically

 changed as expected.

   - Successfully booted Windows 10 (20279.1) on SD (made by WOR) with

 the RPi-Windows-Drivers release ver 0.5 downloaded from

 https://github.com/worproject/RPi-Windows-Drivers/releases

 and checked that both Bluetooth and serial port (Mini UART) can

 work fine.



Cc: Samer El-Haj-Mahmoud 

Cc: Pete Batard 

Cc: Ard Biesheuvel 

Cc: Leif Lindholm 

Signed-off-by: Sunny Hsuan-Wen Wang 

---

  .../RaspberryPi/AcpiTables/AcpiTables.inf |   7 +-

  .../RaspberryPi/AcpiTables/Dbg2MiniUart.aslc  |  82 

  .../AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc}  | 187 -

  .../RaspberryPi/AcpiTables/SpcrMiniUart.aslc  |  92 +

  .../AcpiTables/{Spcr.aslc => SpcrPl011.aslc}  | 189 +-

  Platform/RaspberryPi/AcpiTables/Uart.asl  |  18 +-

  .../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c | 123 +++-

  .../IndustryStandard/RpiDebugPort2Table.h |  33 +++

  8 files changed, 516 insertions(+), 215 deletions(-)

  create mode 100644 Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc

  rename Platform/RaspberryPi/AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc} (73%)

  create mode 100644 Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc

  rename Platform/RaspberryPi/AcpiTables/{Spcr.aslc => SpcrPl011.aslc} (88%)

  create mode 100644 
Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h



diff --git a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf 
b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf

index d2cce074e5..6c08cacbb3 100644

--- a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf

+++ b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf

@@ -2,6 +2,7 @@

  #

  #  ACPI table data and ASL sources required to boot the platform.

  #

+#  Copyright (c) 2021, Sunny Hsuan-Wen Wang 

  #  Copyright (c) 2019, ARM Limited. All rights reserved.

  #  Copyright (c) 2017, Andrey Warkentin 

  #  Copyright (c) Microsoft Corporation. All rights reserved.

@@ -27,12 +28,14 @@

AcpiTables.h

Madt.aslc

Fadt.aslc

-  Dbg2.aslc

+  Dbg2MiniUart.aslc

+  Dbg2Pl011.aslc

Gtdt.aslc

Iort.aslc

Dsdt.asl

Csrt.aslc

-  Spcr.aslc

+  SpcrMiniUart.aslc

+  SpcrPl011.aslc

Pptt.aslc

SsdtThermal.asl



diff --git a/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc 
b/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc

new file mode 100644

index 00..eec4ba1562

--- /dev/null

+++ b/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc

@@ -0,0 +1,82 @@

+/** @file

+ *

+ *  Debug Port Table (DBG2)

+ *

+ *  Copyright (c) 2021, Sunny Hsuan-Wen Wang 

+ *  Copyright (c) 2019, Pete Batard 

+ *  Copyright (c) 2012-2020, ARM Limited. All rights reserved.

+ *

+ *  SPDX-License-Identifier: BSD-2-Clause-Patent

+ *

+ **/

+

+#include 

+#include 

+#include 

+#include 

+#include 

+

+#include "AcpiTables.h"

+

+#pragma pack(1)

+

+#define RPI_UART_INTERFACE_TYPE 
EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_BCM2835_UART

+#define RPI_UART_BASE_ADDRESS   
BCM2836_MINI_UART_BASE_ADDRESS

+#define RPI_UART_LENGTH 
BCM2836_MINI_UART_LENGTH

+//

+// RPI_UART_STR should match the value used Uart.asl

+//

+#define RPI_UART_STR{ '\\', '_', 'S', 'B', 
'.', 'G', 'D', 'V', '0', '.', 'U', 'R', 'T', 'M', 0x00 }

+

+#define 

[edk2-devel] [PATCH] Platform/RaspberryPi: Dynamically build UARTs info in ACPI

[Sunny Hsuan-Wen Wang]

Changes:
  1. Add code to ConfigDxe driver and AcpiTables module to dynamically
 build either Mini UART or PL011 UART info in ACPI. This fixes the
 issue discussed in https://github.com/pftf/RPi4/issues/118.
  2. Merge changes in edk2-platforms-raspberrypi-pl011-bth-noflow.diff
 in https://github.com/worproject/RPi-Bluetooth-Testing/
 for enabling Bluetooth and serial port (Mini UART) in Windows OS.
  3. Cleanup by moving duplicate Debug Port 2 table related defines and
 structures to a newly created header file (RpiDebugPort2Table.h).

Testing Done:
  - Booted to UEFI shell and use acpiview command to check the result of
the different UART settings in config.txt (enabling either Mini UART
or PL011) and SPCR, DBG2 tables and device BTH0 are dynamically
changed as expected.
  - Successfully booted Windows 10 (20279.1) on SD (made by WOR) with
the RPi-Windows-Drivers release ver 0.5 downloaded from
https://github.com/worproject/RPi-Windows-Drivers/releases
and checked that both Bluetooth and serial port (Mini UART) can
work fine.

Cc: Samer El-Haj-Mahmoud 
Cc: Pete Batard 
Cc: Ard Biesheuvel 
Cc: Leif Lindholm 
Signed-off-by: Sunny Hsuan-Wen Wang 
---
 .../RaspberryPi/AcpiTables/AcpiTables.inf |   7 +-
 .../RaspberryPi/AcpiTables/Dbg2MiniUart.aslc  |  82 
 .../AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc}  | 187 -
 .../RaspberryPi/AcpiTables/SpcrMiniUart.aslc  |  92 +
 .../AcpiTables/{Spcr.aslc => SpcrPl011.aslc}  | 189 +-
 Platform/RaspberryPi/AcpiTables/Uart.asl  |  18 +-
 .../RaspberryPi/Drivers/ConfigDxe/ConfigDxe.c | 123 +++-
 .../IndustryStandard/RpiDebugPort2Table.h |  33 +++
 8 files changed, 516 insertions(+), 215 deletions(-)
 create mode 100644 Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
 rename Platform/RaspberryPi/AcpiTables/{Dbg2.aslc => Dbg2Pl011.aslc} (73%)
 create mode 100644 Platform/RaspberryPi/AcpiTables/SpcrMiniUart.aslc
 rename Platform/RaspberryPi/AcpiTables/{Spcr.aslc => SpcrPl011.aslc} (88%)
 create mode 100644 
Platform/RaspberryPi/Include/IndustryStandard/RpiDebugPort2Table.h

diff --git a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf 
b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
index d2cce074e5..6c08cacbb3 100644
--- a/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
+++ b/Platform/RaspberryPi/AcpiTables/AcpiTables.inf
@@ -2,6 +2,7 @@
 #
 #  ACPI table data and ASL sources required to boot the platform.
 #
+#  Copyright (c) 2021, Sunny Hsuan-Wen Wang 
 #  Copyright (c) 2019, ARM Limited. All rights reserved.
 #  Copyright (c) 2017, Andrey Warkentin 
 #  Copyright (c) Microsoft Corporation. All rights reserved.
@@ -27,12 +28,14 @@
   AcpiTables.h
   Madt.aslc
   Fadt.aslc
-  Dbg2.aslc
+  Dbg2MiniUart.aslc
+  Dbg2Pl011.aslc
   Gtdt.aslc
   Iort.aslc
   Dsdt.asl
   Csrt.aslc
-  Spcr.aslc
+  SpcrMiniUart.aslc
+  SpcrPl011.aslc
   Pptt.aslc
   SsdtThermal.asl

diff --git a/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc 
b/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
new file mode 100644
index 00..eec4ba1562
--- /dev/null
+++ b/Platform/RaspberryPi/AcpiTables/Dbg2MiniUart.aslc
@@ -0,0 +1,82 @@
+/** @file
+ *
+ *  Debug Port Table (DBG2)
+ *
+ *  Copyright (c) 2021, Sunny Hsuan-Wen Wang 
+ *  Copyright (c) 2019, Pete Batard 
+ *  Copyright (c) 2012-2020, ARM Limited. All rights reserved.
+ *
+ *  SPDX-License-Identifier: BSD-2-Clause-Patent
+ *
+ **/
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include "AcpiTables.h"
+
+#pragma pack(1)
+
+#define RPI_UART_INTERFACE_TYPE 
EFI_ACPI_DBG2_PORT_SUBTYPE_SERIAL_BCM2835_UART
+#define RPI_UART_BASE_ADDRESS   
BCM2836_MINI_UART_BASE_ADDRESS
+#define RPI_UART_LENGTH 
BCM2836_MINI_UART_LENGTH
+//
+// RPI_UART_STR should match the value used Uart.asl
+//
+#define RPI_UART_STR{ '\\', '_', 'S', 'B', 
'.', 'G', 'D', 'V', '0', '.', 'U', 'R', 'T', 'M', 0x00 }
+
+#define DBG2_DEBUG_PORT_DDI(NumReg, SubType, UartBase, UartAddrLen, 
UartNameStr) {\
+{  
   \
+  EFI_ACPI_DBG2_DEBUG_DEVICE_INFORMATION_STRUCT_REVISION, /* UINT8 
Revision */\
+  sizeof (DBG2_DEBUG_DEVICE_INFORMATION), /* 
UINT16Length */  \
+  NumReg, /* UINT8 
NumberofGenericAddressRegisters */ \
+  RPI_DBG2_NAMESPACESTRING_FIELD_SIZE,/* 
UINT16NameSpaceStringLength */   \
+  OFFSET_OF (DBG2_DEBUG_DEVICE_INFORMATION, NameSpaceString), /* 
UINT16NameSpaceStringOffset */   \
+  0,  /* 
UINT16

Re: [edk2-devel] [PATCH 0/2 v5] Add support for running StandaloneMm as OP-TEE TA

[Leif Lindholm]

Hi Sami,

My £0.05 would be something like:
- Drivers/OpTee/OpteeRpmbPkg
- Platform/StandaloneMm/PlatformStandaloneMmPkg

I think until we have more generic STMM solutions, it may be tricky
to figure out the optimal layout, so if the yneed to change in future,
that's fine.

/
Leif

On Wed, Mar 03, 2021 at 11:32:53 +, Sami Mujawar wrote:
> Hi Ard, Leif,
> 
> This patch series is creating 2 new folders Platform/StMMRpmb & 
> Drivers/OpTeeRpmb.
>- Should these be in Drivers\StandaloneMmRpmbPkg similar to 
> Drivers\OptionRomPkg ?
>- Also, the maintainer.txt file would need updating accordingly.
> 
> Any advice/suggestions about this, please.
> 
> Regards,
> 
> Sami Mujawar
> 
> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of Ilias 
> Apalodimas via groups.io
> Sent: 12 February 2021 05:35 PM
> To: devel@edk2.groups.io; Sami Mujawar 
> Cc: ardb+tianoc...@kernel.org; sughosh.g...@linaro.org; l...@nuviainc.com; 
> Ilias Apalodimas 
> Subject: [edk2-devel] [PATCH 0/2 v5] Add support for running StandaloneMm as 
> OP-TEE TA
> 
> Hi, 
> 
> This is v5 of [1] 
> 
> Changes since V4:
>  - More coding stule fixes proposed by Sami, which Ecc or Patchcheck didn't
>report.
>  - Adding missing error handling in InitializeFvAndVariableStoreHeaders().
>An allocation wasn't properly checked for success
> 
> Changes since V3:
>  - Coding style fixes proposed by Sami
>  - Fixed all reported PatchCheck errors
>  - Added overflow checks on the base aaddress allocated for EFI variables.
>The size of the partition is user defined (via Pcd's) and the memory layout
>and allocation address depends on OP-TEE. So let's make sure we won't 
> overflow
>when calculating the 3 partitions needed for FTW
>  - Switched some PcdGet/Set32 to 64 to accomodate 64-bit addressing
>  - Removed some duplicate entries in 
> Platform/StMMRpmb/PlatformStandaloneMm.dsc
>  - Added reviewed-by tags on patch 2/2
> 
> Changes since V2:
>  - Allocate a dynamic number of pages based on the Pcd values instead
>of a static number
>  - Clean up unused structs in header file
>  - Added checks in OpTeeRpmbFvbGetBlockSize and handle NumLba=0
> 
> Changes since V1:
> Some enhancements made by Ilias to the Optee Rpmb driver
> 
> [1] 
> https://edk2.groups.io/g/devel/message/66483?p=,,,20,0,0,0::Created,,ilias+apalodimas,20,2,0,77703661
> 
> Ilias Apalodimas (2):
>   Drivers/OpTeeRpmb: Add an OP-TEE backed RPMB driver
>   StMMRpmb: Add support for building StandaloneMm image for OP-TEE
> 
>  Drivers/OpTeeRpmb/FixupPcd.c   |  89 ++
>  Drivers/OpTeeRpmb/FixupPcd.inf |  43 +
>  Drivers/OpTeeRpmb/OpTeeRpmbFv.inf  |  58 ++
>  Drivers/OpTeeRpmb/OpTeeRpmbFvb.c   | 920 +
>  Drivers/OpTeeRpmb/OpTeeRpmbFvb.h   |  52 ++
>  Platform/StMMRpmb/PlatformStandaloneMm.dsc | 165 
>  Platform/StMMRpmb/PlatformStandaloneMm.fdf | 111 +++
>  7 files changed, 1438 insertions(+)
>  create mode 100644 Drivers/OpTeeRpmb/FixupPcd.c
>  create mode 100644 Drivers/OpTeeRpmb/FixupPcd.inf
>  create mode 100644 Drivers/OpTeeRpmb/OpTeeRpmbFv.inf
>  create mode 100644 Drivers/OpTeeRpmb/OpTeeRpmbFvb.c
>  create mode 100644 Drivers/OpTeeRpmb/OpTeeRpmbFvb.h
>  create mode 100644 Platform/StMMRpmb/PlatformStandaloneMm.dsc
>  create mode 100644 Platform/StMMRpmb/PlatformStandaloneMm.fdf
> 
> -- 
> 2.30.0
> 
> 
> 
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72538): https://edk2.groups.io/g/devel/message/72538
Mute This Topic: https://groups.io/mt/80588992/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [RFC][patch] Add a new library class RegisterFilterLib in edk2 to filter/trace port IO/MMIO/MSR access

[Laszlo Ersek]

On 03/08/21 06:15, Dandan Bi wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3246
> 
> 1.Purpose:
>   Skip port IO/MMIO/MSR access in some emulatoion env.
>   Trace port IO/MMIO/MSR access.
> 
> 2.Plan to do in Edk2:
>   Filter and trace in low level APIs in BaseIoLibIntrinsic and BaseLib.
>   Add a new library class (RegisterFilterLib) for the filter and trace 
> functionality.
> 
> 3.Plan to filter and trace scope in Edk2 :
>   a. Port IO R/W: IA32 X64 (Only filter/trace for IA32 X64)
>   b. MMIO R/W: IA32 X64 EBC ARM AARCH64 RISCV64 (Filter/trace for the Arches 
> supported in BaseIoLibIntrinsic.inf)
>   c. MSR R/W: IA32 X64 (Only filter/trace for IA32 X64, if other ARCH has 
> similar use case can add new APIs per needs)
> 
> 4.RegisterFilterLib Library Class:
>   a. Add RegisterFilterLib library class for the filter and trace operation.
>   b. Add RegisterFilterLib.h in MdePkg/Include/Library.
>   c. 12 APIs will be added to filter and trace port IO, MMIO and MSR access.
>   d. Add a NULL instance RegisterFilterLibNull in MdePkg/Library.(Verified 
> that null instance will not impact binary size.)
>   e. Platform can implement its own RegisterFilterLib instance.
> 
>   12 APIs can be divided into 2 categories:
>   6 [Before] APIs use to check whether need to execute port IO/MMIO/MSR 
> access or do some tracing before access.
>   6 [After] APIs use to trace after port IO/MMIO/MSR access.
>   The detailed API definitions are included in this patch.
> 
>   For port IO access:
>   FilterBeforeIoRead 
>   FilterAfterIoRead
>   FilterBeforeIoWrite 
>   FilterAfterIoWrite
> 
>   For MMIO access:
>   FilterBeforeMmIoRead
>   FilterAfterMmIoRead
>   FilterBeforeMmIoWrite
>   FilterAfterMmIoWrite
> 
>   For MSR access:
>   FilterBeforeMsrRead 
>   FilterAfterMsrRead
>   FilterBeforeMsrWrite
>   FilterAfterMsrWrite
> 
> 5.Change and Impact
>   a. Add the RegisterFilterLib libary class and RegisterFilterLibNull 
> instance firstly.
>   b. Update the dsc in edk2 and edk2-platform repo to consume the 
> RegisterFilterLibNull instance.
>   c. Update the BaseLib and IoLib to consume RegisterFilterLib.
>   
>   This is an incompatible change.
>   No code change in BaseLib and IoLib consumers, only need to change dsc to 
> consume new FilterLib instance.
>   Update BaseIoLibIntrinsic.inf and BaseIoLibIntrinsicSev.inf to consume 
> RegisterFilterLib for all supported Arch
>   Update BaseLib.inf to consume RegisterFilterLib only for IA32 and X64

Seems like a sound plan, but there are more IoLib instances than the above:

MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicArmVirt.inf
MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
MdePkg/Library/DxeIoLibCpuIo2/DxeIoLibCpuIo2.inf
MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
MdePkg/Library/SmmIoLibSmmCpuIo2/SmmIoLibSmmCpuIo2.inf

Thanks
Laszlo

> 
> This topic has been reviewed in Tiano Design meeting of 2021/0305
> RegisterFilterLib header file and desgin foil can be found in:
> https://edk2.groups.io/g/devel/files/Designs/2021/0305
> 
> 
> Cc: Michael D Kinney 
> Cc: Liming Gao 
> Cc: Zhiguang Liu 
> Signed-off-by: Dandan Bi 
> ---
>  MdePkg/Include/Library/RegisterFilterLib.h | 224 +
>  1 file changed, 224 insertions(+)
>  create mode 100644 MdePkg/Include/Library/RegisterFilterLib.h
> 
> diff --git a/MdePkg/Include/Library/RegisterFilterLib.h 
> b/MdePkg/Include/Library/RegisterFilterLib.h
> new file mode 100644
> index 00..be111304ba
> --- /dev/null
> +++ b/MdePkg/Include/Library/RegisterFilterLib.h
> @@ -0,0 +1,224 @@
> +/** @file
> +  Public include file for the Port IO/MMIO/MSR filter Library
> +
> +Copyright (c) 2021, Intel Corporation. All rights reserved.
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef __REGISTER_FILTER_LIB_H__
> +#define __REGISTER_FILTER_LIB_H__
> +
> +typedef enum {
> +  FilterWidth8,
> +  FilterWidth16,
> +  FilterWidth32,
> +  FilterWidth64
> +} FILTER_IO_WIDTH;
> +
> +/**
> +  Filter IO read operation before read IO port.
> +  It is used to filter IO read operation.
> +
> +  It will return the flag to decide whether require read real IO port.
> +  It can be used for emulation environment.
> +
> +  @param[in]   WidthSignifies the width of the I/O operation.
> +  @param[in]   Address  The base address of the I/O operation.
> +  @param[in]   Buffer   The destination buffer to store the results.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +FilterBeforeIoRead (
> +  IN FILTER_IO_WIDTH   Width,
> +  IN UINTN Address,
> +  IN OUT VOID  *Buffer
> +  );
> +
> +/**
> +  Trace IO read operation after read IO port.
> +  It is used to trace IO operation.
> +
> +  @param[in]   WidthSignifies the width of the I/O operation.
> +  @param[in]   Address  The base address of the I/O operation.
> +  @param[in]   Buffer   The destination buffer to store the results.
> +
> +**/
> 

Re: 回复: [edk2-devel] New Year, New PR Thread

[Laszlo Ersek]

Hi Ray,

On 03/08/21 13:26, Ni, Ray wrote:
> 
> 
>> -Original Message-
>> From: Rebecca Cran 
>> Sent: Monday, March 8, 2021 10:43 AM
>> To: Ni, Ray ; devel@edk2.groups.io; 
>> gaolim...@byosoft.com.cn; bret.barke...@microsoft.com
>> Subject: Re: 回复: [edk2-devel] New Year, New PR Thread
>>
>> It was discussed in the recent Community Meeting last week.
>>
>> Now that the stable tag has been created, I believe it's moving forward
>> as the highest priority task (behind, for example, converting the line
>> endings from Windows to UNIX).
> 
> Converting the line endings will cause "git blame" useless because
> every line of code now is changed by someone who changes the line endings.

it doesn't make git-blame useless, just a bit less comfortable.

For example, with master being at 59a3ccb09e7a, assume you run:

  git blame -- BaseTools/Scripts/ConvertFceToStructurePcd.py

and you get an output snippet like

ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 528) for i in 
range(len(info_list)-1,-1,-1):
ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 529)   if 
len(info_list[i]) == 0:
ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 530) 
info_list.remove(info_list[i])
d79b63c64f58a (Leif Lindholm2019-09-18 22:41:08 +0100 531) for i in 
(inf_list, title_all, header_list):
d79b63c64f58a (Leif Lindholm2019-09-18 22:41:08 +0100 532)   i.sort()
ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 533) return 
keys,title_all,info_list,header_list,inf_list

Assume you are curious about the "sort" invocation, so you run

  git show d79b63c64f58a

But that only tells you:

commit d79b63c64f58ac47e570e8d2e9b090525f7e8efd
Author: Leif Lindholm 
Date:   Wed Sep 18 22:41:08 2019 +0100

BaseTools: correct line endings for ConvertFce Python script

Cc: Bob Feng 
Cc: Liming Gao 
Signed-off-by: Leif Lindholm 
Reviewed-by: Bob Feng 
Reviewed-by: Liming Gao 
Acked-by: Ard Biesheuvel 
Reviewed-by: Philippe Mathieu-Daude 

So what can we do in this case?

Simple: run git blame "as of the direct parent" of commit d79b63c64f58a:

  git blame d79b63c64f58a^ -- BaseTools/Scripts/ConvertFceToStructurePcd.py

Then you get:

ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 506) for i in 
range(len(info_list)-1,-1,-1):
ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 507)   if 
len(info_list[i]) == 0:
ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 508) 
info_list.remove(info_list[i])
cfb29d2bda57b (Fan, ZhijuX  2019-04-15 16:55:01 +0800 509) for i in 
(inf_list, title_all, header_list):
cfb29d2bda57b (Fan, ZhijuX  2019-04-15 16:55:01 +0800 510)   i.sort()
ef529e6ab7c31 (Liming Gao   2018-07-17 11:42:21 +0800 511) return 
keys,title_all,info_list,header_list,inf_list

And this time you can run:

  git show cfb29d2bda57b

which gives you the commit you are after:

commit cfb29d2bda57baa344bded40cf12af81b13e8a40
Author: Fan, ZhijuX 
Date:   Mon Apr 15 16:55:01 2019 +0800

BaseTools:update ConvertFceToStructurePcd.py with the char order PCD name.

BZ:https://bugzilla.tianocore.org/show_bug.cgi?id=1718

BaseTools\Scripts\ConvertFceToStructurePcd.py
Update script to sort the PCD order base on PcdName,
then base on Pcd field name.

Cc: Liming Gao 
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Zhiju.Fan 
Reviewed-by: Liming Gao 

This command sequence can be repeated as many times as necessary. git-blame 
gives you a commit, run git-show to check the commit. If the commit is not 
relevant (i.e., you need to run earlier), re-run git-blame on the same file, 
but at the *direct parent commit* of the previously used commit, using the 
caret (^) notation.

It also works if files are renamed (or code is moved between files). In that 
case, "git-show" will tell you the original file name, so when you run 
git-blame on the parent commit, you can use the original file name too.

Thanks
Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72536): https://edk2.groups.io/g/devel/message/72536
Mute This Topic: https://groups.io/mt/81164385/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] UefiCpuPkg/PiSmmCpu: Don't allocate Token for SmmStartupThisAp

[Laszlo Ersek]

On 03/08/21 03:16, Ray Ni wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3199
> 
> When Token points to mSmmStartupThisApToken, this routine is called
> from SmmStartupThisAp() in non-blocking mode due to
> PcdCpuSmmBlockStartupThisAp == FALSE.
> 
> In this case, caller wants to startup AP procedure in non-blocking
> mode and cannot get the completion status from the Token because there
> is no way to return the Token to caller from SmmStartupThisAp().
> Caller needs to use its specific way to query the completion status.
> 
> There is no need to allocate a token for such case so the 2 overheads
> can be avoided:
> 1. Call AllocateTokenBuffer() when there is no free token.
> 2. Get a free token from the token buffer.
> 
> Signed-off-by: Ray Ni 
> Cc: Eric Dong 
> Cc: Laszlo Ersek 
> Cc: Rahul Kumar 
> ---
>  UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c | 27 ---
>  1 file changed, 20 insertions(+), 7 deletions(-)
> 
> diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c 
> b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> index 6227b2428a..efb89832ca 100644
> --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c
> @@ -1,7 +1,7 @@
>  /** @file
>  SMM MP service implementation
>  
> -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
> +Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.
>  Copyright (c) 2017, AMD Incorporated. All rights reserved.
>  
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> @@ -22,6 +22,7 @@ UINTN   mSemaphoreSize;
>  SPIN_LOCK   *mPFLock = NULL;
>  SMM_CPU_SYNC_MODE   mCpuSmmSyncMode;
>  BOOLEAN mMachineCheckSupported = FALSE;
> +MM_COMPLETION   mSmmStartupThisApToken;
>  
>  extern UINTN mSmmShadowStackSize;
>  
> @@ -1240,9 +1241,23 @@ InternalSmmStartupThisAp (
>mSmmMpSyncData->CpuData[CpuIndex].Procedure = Procedure;
>mSmmMpSyncData->CpuData[CpuIndex].Parameter = ProcArguments;
>if (Token != NULL) {
> -ProcToken= GetFreeToken (1);
> -mSmmMpSyncData->CpuData[CpuIndex].Token = ProcToken;
> -*Token = (MM_COMPLETION)ProcToken->SpinLock;
> +if (Token != ) {
> +  //
> +  // When Token points to mSmmStartupThisApToken, this routine is called
> +  // from SmmStartupThisAp() in non-blocking mode 
> (PcdCpuSmmBlockStartupThisAp == FALSE).
> +  // 
> +  // In this case, caller wants to startup AP procedure in non-blocking
> +  // mode and cannot get the completion status from the Token because 
> there
> +  // is no way to return the Token to caller from SmmStartupThisAp().
> +  // Caller needs to use its implementation specific way to query the 
> completion status.
> +  // 
> +  // There is no need to allocate a token for such case so the overhead 
> of SMRAM and
> +  // the allocation operation can be avoided.
> +  //
> +  ProcToken= GetFreeToken (1);

(1) please fix the whitespace error here (it comes from the pre-patch
code, but it's just one character, so we can fix it in this patch)


> +  mSmmMpSyncData->CpuData[CpuIndex].Token = ProcToken;

(2) It seems like this patch introduces a new code path.
InternalSmmStartupThisAp() will continue thinking that this invocation
is non-blocking:

  if (Token == NULL) {
AcquireSpinLock (mSmmMpSyncData->CpuData[CpuIndex].Busy);
ReleaseSpinLock (mSmmMpSyncData->CpuData[CpuIndex].Busy);
  }

but APHandler() will think that the invocation was blocking, and it will
not call ReleaseToken() any longer:

if (mSmmMpSyncData->CpuData[CpuIndex].Token != NULL) {
  ReleaseToken (CpuIndex);
}

This behavior seems OK to me.

However, please modify the commit message: I think we should list the
3rd step we are omitting (after AllocateTokenBuffer / GetFreeToken) --
namely, ReleaseToken().

With these two superficial updates:

Reviewed-by: Laszlo Ersek 

Thanks
Laszlo

> +  *Token = (MM_COMPLETION)ProcToken->SpinLock;
> +}
>}
>mSmmMpSyncData->CpuData[CpuIndex].Status= CpuStatus;
>if (mSmmMpSyncData->CpuData[CpuIndex].Status != NULL) {
> @@ -1474,8 +1489,6 @@ SmmStartupThisAp (
>IN OUT  VOID  *ProcArguments OPTIONAL
>)
>  {
> -  MM_COMPLETION   Token;
> -
>gSmmCpuPrivate->ApWrapperFunc[CpuIndex].Procedure = Procedure;
>gSmmCpuPrivate->ApWrapperFunc[CpuIndex].ProcedureArgument = ProcArguments;
>  
> @@ -1486,7 +1499,7 @@ SmmStartupThisAp (
>  ProcedureWrapper,
>  CpuIndex,
>  >ApWrapperFunc[CpuIndex],
> -FeaturePcdGet (PcdCpuSmmBlockStartupThisAp) ? NULL : ,
> +FeaturePcdGet (PcdCpuSmmBlockStartupThisAp) ? NULL : 
> ,
>  0,
>  NULL
>  );
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72535): https://edk2.groups.io/g/devel/message/72535
Mute This Topic: 

Re: [edk2-devel] [PATCH 1/1] EmbeddedPkg: Only print LibGetTime message about compile time epoch once

[Leif Lindholm]

On Fri, Mar 05, 2021 at 17:12:46 +0100, Ard Biesheuvel wrote:
> On Fri, 5 Mar 2021 at 17:11, Rebecca Cran  wrote:
> >
> > The message "LibGetTime: RtcEpochSeconds non volatile variable was not
> > found - Using compilation time epoch." can be printed a very large
> > number of times, causing log files to become excessively large. This is
> > because the RtcEpochSeconds variable only gets set if LibSetTime is
> > called, for example by running 'time 12:00' in the UEFI Shell.
> >
> > Avoid this by setting RtcEpochSeconds to BUILD_EPOCH (EpochSeconds)
> > after printing the message. It's set to a volatile variable so the
> > message will be displayed on future boots and not hidden.
> >
> > Commit 44ae214591e58af468eacb7b873eaa0bc187c4fa reduced the verbosity of
> > the message to DEBUG_VERBOSE. Revert it back to DEBUG_INFO so it's more
> > prominent now that it doesn't get printed so frequently.
> >
> > Signed-off-by: Rebecca Cran 
> 
> Acked-by: Ard Biesheuvel 

Reviewed-by: Leif Lindholm 

Pushed as 94fa95c8746c.

Thanks!

> > ---
> >  EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c | 10 
> > +-
> >  1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > diff --git 
> > a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c 
> > b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c
> > index 4210708cff36..de6fbb40e61b 100644
> > --- a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c
> > +++ b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c
> > @@ -88,10 +88,18 @@ LibGetTime (
> >  //
> >  EpochSeconds = BUILD_EPOCH;
> >  DEBUG ((
> > -  DEBUG_VERBOSE,
> > +  DEBUG_INFO,
> >"LibGetTime: %s non volatile variable was not found - Using 
> > compilation time epoch.\n",
> >mEpochVariableName
> >));
> > +
> > +EfiSetVariable (
> > +  (CHAR16 *)mEpochVariableName,
> > +  ,
> > +  EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
> > +  sizeof (EpochSeconds),
> > +  
> > +  );
> >}
> >Counter = GetPerformanceCounter ();
> >EpochSeconds += DivU64x64Remainder (Counter, Freq, );
> > --
> > 2.26.2
> >


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72534): https://edk2.groups.io/g/devel/message/72534
Mute This Topic: https://groups.io/mt/81106280/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: 回复: [edk2-devel] New Year, New PR Thread

[Ni, Ray]

> -Original Message-
> From: Rebecca Cran 
> Sent: Monday, March 8, 2021 10:43 AM
> To: Ni, Ray ; devel@edk2.groups.io; 
> gaolim...@byosoft.com.cn; bret.barke...@microsoft.com
> Subject: Re: 回复: [edk2-devel] New Year, New PR Thread
> 
> It was discussed in the recent Community Meeting last week.
> 
> Now that the stable tag has been created, I believe it's moving forward
> as the highest priority task (behind, for example, converting the line
> endings from Windows to UNIX).

Converting the line endings will cause "git blame" useless because
every line of code now is changed by someone who changes the line endings.



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72533): https://edk2.groups.io/g/devel/message/72533
Mute This Topic: https://groups.io/mt/81164385/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/2 v5] StMMRpmb: Add support for building StandaloneMm image for OP-TEE

[Ilias Apalodimas]

On Fri, 5 Mar 2021 at 20:07, PierreGondois  wrote:
>
> Hi Ilias,
> Thanks for the answer.
> Is it necessary to have the 'COMPRESSION_TOOL_GUID' define ? I could not find 
> any use of it. If this is coming from StandaloneMmPkg/StandaloneMmPkg.dsc we 
> might want to remove it there aswel.
>

Ok, I'll have a look and remove it

> Regards,
> Pierre


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72532): https://edk2.groups.io/g/devel/message/72532
Mute This Topic: https://groups.io/mt/80588995/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-