PCDs cannot be set in SEC phase, so the values should be saved in aYes, I think we need a PlatformLib for the platform initialization
code. With PEI we would simply link the lib into PlatformPei, without
PEI we would link parts of the lib into SEC and parts of the lib into
PEI-less booting up legacy guest doesn't support TPM.Yes. Basically rename TdxStartupLib to OvmfStartupLib and add some
2. PlatformPeiLib:Yes. Move code from PlatformPei to PlatformLib. Might also need some
reorganization due to SEC restrictions.
3. OvmfLegacyDxeWell, in Tdx mode you have to set some PCDs too ...
Also not sure we actually need a new Dxe. Can't we just handle
that in PlatformDxe in case of a PEI-less boot?
I know there are many discussions in above options. Can we follow below road map so that we can discuss 3 (How to achieve ONE Binary) in more details?IMHO step #1 must be reorganizing the platform initialization code for
PEI-less boot (create PlatformLib as discussed above).
This patch series side-steps that by simply duplicating the code. PCI
initialization for example. Also setting the tdx PCDs. Having two (or
even more) copies of the same code in the tree is a bad idea though.
It makes long-term maintenance harder for various reasons.
AmdSevX64.dsc has build-test coverage. There is no qemu boot test... and given that TDX-capableI am thinking if SEV features are covered in CI?
because FlashRomImage() (in OvmfPkg/PlatformCI/PlatformBuildLib.py)
is not flexible enough for that. Fixing that and adding a boot test
(in non-sev mode) shouldn't be that difficult though.
Same for IntelTdx.dsc: adding a CI boot test (in non-tdx mode) should be
easy, and it should help preventing regressions in PEI-less boot flow.