Date   

[PATCH v9 05/10] OvmfPkg: define CPU_HOT_EJECT_DATA

Ankur Arora
 

Define CPU_HOT_EJECT_DATA and add PCD PcdCpuHotEjectDataAddress, which
will be used to share CPU ejection state between OvmfPkg/CpuHotPlugSmm
and PiSmmCpuDxeSmm.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Aaron Young <aaron.young@oracle.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3132
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
---

Notes:
Addresses the following comments from v8:

(1) Get rid of the unnecessary commit specifier from the subject.
(2) s/MaxNumberOfCpus/PcdCpuMaxLogicalProcessorNumber/
(3) Shifted the comments to be above each structure field.

OvmfPkg/OvmfPkg.dec | 4 +++
OvmfPkg/Include/Pcd/CpuHotEjectData.h | 60 +++++++++++++++++++++++++++++++++++
2 files changed, 64 insertions(+)
create mode 100644 OvmfPkg/Include/Pcd/CpuHotEjectData.h

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 4348bb45c64a..9629707020ba 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -352,6 +352,10 @@ [PcdsDynamic, PcdsDynamicEx]
# This PCD is only accessed if PcdSmmSmramRequire is TRUE (see below).
gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase|FALSE|BOOLEAN|0x34

+ ## This PCD adds a communication channel between OVMF's SmmCpuFeaturesLib
+ # instance in PiSmmCpuDxeSmm, and CpuHotplugSmm.
+ gUefiOvmfPkgTokenSpaceGuid.PcdCpuHotEjectDataAddress|0|UINT64|0x46
+
[PcdsFeatureFlag]
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderPciTranslation|TRUE|BOOLEAN|0x1c
gUefiOvmfPkgTokenSpaceGuid.PcdQemuBootOrderMmioTranslation|FALSE|BOOLEAN|0x1d
diff --git a/OvmfPkg/Include/Pcd/CpuHotEjectData.h b/OvmfPkg/Include/Pcd/CpuHotEjectData.h
new file mode 100644
index 000000000000..06714375526c
--- /dev/null
+++ b/OvmfPkg/Include/Pcd/CpuHotEjectData.h
@@ -0,0 +1,60 @@
+/** @file
+ Definition for the CPU_HOT_EJECT_DATA structure, which shares
+ CPU hot-eject state between OVMF's SmmCpuFeaturesLib instance in
+ PiSmmCpuDxeSmm, and CpuHotplugSmm.
+
+ CPU_HOT_EJECT_DATA is allocated in SMRAM, and pointed-to by
+ PcdCpuHotEjectDataAddress.
+
+ PcdCpuHotEjectDataAddress is valid when SMM_REQUIRE is TRUE
+ and PcdCpuMaxLogicalProcessorNumber > 1.
+
+ Copyright (C) 2021, Oracle Corporation.
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef CPU_HOT_EJECT_DATA_H_
+#define CPU_HOT_EJECT_DATA_H_
+
+/**
+ CPU Hot-eject handler, called from SmmCpuFeaturesRendezvousExit()
+ on each CPU at exit from SMM.
+
+ @param[in] ProcessorNum ProcessorNum denotes the CPU exiting SMM,
+ and will be used as an index into
+ CPU_HOT_EJECT_DATA->QemuSelectorMap. It is
+ identical to the processor handle in
+ EFI_SMM_CPU_SERVICE_PROTOCOL.
+**/
+typedef
+VOID
+(EFIAPI *CPU_HOT_EJECT_HANDLER) (
+ IN UINTN ProcessorNum
+ );
+
+//
+// CPU_EJECT_QEMU_SELECTOR_INVALID marks CPUs not being ejected in
+// CPU_HOT_EJECT_DATA->QemuSelectorMap.
+//
+// QEMU CPU Selector is UINT32, so we choose an invalid value larger
+// than that type.
+//
+#define CPU_EJECT_QEMU_SELECTOR_INVALID (MAX_UINT64)
+
+typedef struct {
+ //
+ // Maps ProcessorNum -> QemuSelector for pending hot-ejects
+ //
+ volatile UINT64 *QemuSelectorMap;
+ //
+ // Handler to do the CPU ejection
+ //
+ volatile CPU_HOT_EJECT_HANDLER Handler;
+ //
+ // Entries in the QemuSelectorMap
+ //
+ UINT32 ArrayLength;
+} CPU_HOT_EJECT_DATA;
+
+#endif // CPU_HOT_EJECT_DATA_H_
--
2.9.3


[PATCH v9 06/10] OvmfPkg/SmmCpuFeaturesLib: init CPU ejection state

Ankur Arora
 

Init CPU_HOT_EJECT_DATA, which will be used to share CPU ejection
state between SmmCpuFeaturesLib (via PiSmmCpuDxeSmm) and CpuHotPlugSmm.

The init happens via SmmCpuFeaturesSmmRelocationComplete(), and so it
will run as part of the PiSmmCpuDxeSmm entry point function,
PiCpuSmmEntry(). Once inited, CPU_HOT_EJECT_DATA is exposed via
PcdCpuHotEjectDataAddress.

The CPU hot-eject handler (CPU_HOT_EJECT_DATA->Handler) is setup when
there is an ejection request via CpuHotplugSmm.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Aaron Young <aaron.young@oracle.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3132
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
---

Notes:
Addresses the following comments from v8:

(1) Remove line before the "if (MaxNumberofCpus == 1)" check.
(3) Fixup the space around "||".
(2,6) Simplify the three SafeInt multiplication into the ones suggested
by Laszlo.
(4) Get rid of the mixed sizeof(mCpuHotEjectData->QemuSelectorMap[0]) and
sizeof(UINT64) in favour of UINT64 everywhere. I was planning to use
the first, but describing the alignment needed is easier in terms of the
second.
Also, as Laszlo's comments on v8-patch-9 mention, we don't really need
this alignment for correctness reasons. This patch retains it, so we
don't pay access penalty for unaligned access.
(5) Change alignment from UINT64 to UINT64-1.
(7) Use the more idiomatic ALIGN_POINTER instead of ALIGN_VALUE.
(8) RETURN_ERROR -> ASSERT_RETURN_ERROR.

.../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf | 4 ++
.../Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c | 77 ++++++++++++++++++++++
2 files changed, 81 insertions(+)

diff --git a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
index 97a10afb6e27..8a426a4c10fb 100644
--- a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
+++ b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf
@@ -30,9 +30,13 @@ [LibraryClasses]
BaseMemoryLib
DebugLib
MemEncryptSevLib
+ MemoryAllocationLib
PcdLib
+ SafeIntLib
SmmServicesTableLib
UefiBootServicesTableLib

[Pcd]
+ gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber
+ gUefiOvmfPkgTokenSpaceGuid.PcdCpuHotEjectDataAddress
gUefiOvmfPkgTokenSpaceGuid.PcdQ35SmramAtDefaultSmbase
diff --git a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c
index 7ef7ed98342e..5c025bc717c3 100644
--- a/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c
+++ b/OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c
@@ -11,10 +11,13 @@
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemEncryptSevLib.h>
+#include <Library/MemoryAllocationLib.h>
#include <Library/PcdLib.h>
+#include <Library/SafeIntLib.h>
#include <Library/SmmCpuFeaturesLib.h>
#include <Library/SmmServicesTableLib.h>
#include <Library/UefiBootServicesTableLib.h>
+#include <Pcd/CpuHotEjectData.h>
#include <PiSmm.h>
#include <Register/Intel/SmramSaveStateMap.h>
#include <Register/QemuSmramSaveStateMap.h>
@@ -171,6 +174,77 @@ SmmCpuFeaturesHookReturnFromSmm (
return OriginalInstructionPointer;
}

+STATIC CPU_HOT_EJECT_DATA *mCpuHotEjectData = NULL;
+
+/**
+ Initialize mCpuHotEjectData if PcdCpuMaxLogicalProcessorNumber > 1.
+
+ Also setup the corresponding PcdCpuHotEjectDataAddress.
+**/
+STATIC
+VOID
+InitCpuHotEjectData (
+ VOID
+ )
+{
+ UINTN Size;
+ UINT32 Idx;
+ UINT32 MaxNumberOfCpus;
+ RETURN_STATUS PcdStatus;
+
+ MaxNumberOfCpus = PcdGet32 (PcdCpuMaxLogicalProcessorNumber);
+ if (MaxNumberOfCpus == 1) {
+ return;
+ }
+
+ //
+ // We allocate CPU_HOT_EJECT_DATA and CPU_HOT_EJECT_DATA->QemuSelectorMap[]
+ // in a single allocation, and explicitly align the QemuSelectorMap[] (which
+ // is a UINT64 array) at its natural boundary.
+ // Accordingly, allocate:
+ // sizeof(*mCpuHotEjectData) + (MaxNumberOfCpus * sizeof(UINT64))
+ // and, add sizeof(UINT64) - 1 to use as padding if needed.
+ //
+
+ if (RETURN_ERROR (SafeUintnMult (MaxNumberOfCpus, sizeof (UINT64), &Size)) ||
+ RETURN_ERROR (SafeUintnAdd (Size, sizeof (*mCpuHotEjectData), &Size)) ||
+ RETURN_ERROR (SafeUintnAdd (Size, sizeof (UINT64) - 1, &Size))) {
+ DEBUG ((DEBUG_ERROR, "%a: invalid CPU_HOT_EJECT_DATA\n", __FUNCTION__));
+ goto Fatal;
+ }
+
+ mCpuHotEjectData = AllocatePool (Size);
+ if (mCpuHotEjectData == NULL) {
+ ASSERT (mCpuHotEjectData != NULL);
+ goto Fatal;
+ }
+
+ mCpuHotEjectData->Handler = NULL;
+ mCpuHotEjectData->ArrayLength = MaxNumberOfCpus;
+
+ mCpuHotEjectData->QemuSelectorMap = ALIGN_POINTER (mCpuHotEjectData + 1,
+ sizeof (UINT64));
+ //
+ // We use mCpuHotEjectData->QemuSelectorMap to map
+ // ProcessorNum -> QemuSelector. Initialize to invalid values.
+ //
+ for (Idx = 0; Idx < mCpuHotEjectData->ArrayLength; Idx++) {
+ mCpuHotEjectData->QemuSelectorMap[Idx] = CPU_EJECT_QEMU_SELECTOR_INVALID;
+ }
+
+ //
+ // Expose address of CPU Hot eject Data structure
+ //
+ PcdStatus = PcdSet64S (PcdCpuHotEjectDataAddress,
+ (UINTN)(VOID *)mCpuHotEjectData);
+ ASSERT_RETURN_ERROR (PcdStatus);
+
+ return;
+
+Fatal:
+ CpuDeadLoop ();
+}
+
/**
Hook point in normal execution mode that allows the one CPU that was elected
as monarch during System Management Mode initialization to perform additional
@@ -188,6 +262,9 @@ SmmCpuFeaturesSmmRelocationComplete (
UINTN MapPagesBase;
UINTN MapPagesCount;

+
+ InitCpuHotEjectData ();
+
if (!MemEncryptSevIsEnabled ()) {
return;
}
--
2.9.3


[PATCH v9 04/10] OvmfPkg/CpuHotplugSmm: introduce UnplugCpus()

Ankur Arora
 

Introduce UnplugCpus() which maps each APIC ID being unplugged
onto the hardware ID of the processor and informs PiSmmCpuDxeSmm
of removal by calling EFI_SMM_CPU_SERVICE_PROTOCOL.RemoveProcessor().

With this change we handle the first phase of unplug where we collect
the CPUs that need to be unplugged and mark them for removal in SMM
data structures.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Aaron Young <aaron.young@oracle.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3132
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
OvmfPkg/CpuHotplugSmm/CpuHotplug.c | 84 ++++++++++++++++++++++++++++++++++++++
1 file changed, 84 insertions(+)

diff --git a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
index ee1497b93140..59f000eb7886 100644
--- a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
+++ b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
@@ -190,6 +190,83 @@ RevokeNewSlot:
}

/**
+ Process to be hot-unplugged CPUs, per QemuCpuhpCollectApicIds().
+
+ For each such CPU, report the CPU to PiSmmCpuDxeSmm via
+ EFI_SMM_CPU_SERVICE_PROTOCOL. If the to be hot-unplugged CPU is
+ unknown, skip it silently.
+
+ @param[in] ToUnplugApicIds The APIC IDs of the CPUs that are about to be
+ hot-unplugged.
+
+ @param[in] ToUnplugCount The number of filled-in APIC IDs in
+ ToUnplugApicIds.
+
+ @retval EFI_SUCCESS Known APIC IDs have been removed from SMM data
+ structures.
+
+ @return Error codes propagated from
+ mMmCpuService->RemoveProcessor().
+**/
+STATIC
+EFI_STATUS
+UnplugCpus (
+ IN APIC_ID *ToUnplugApicIds,
+ IN UINT32 ToUnplugCount
+ )
+{
+ EFI_STATUS Status;
+ UINT32 ToUnplugIdx;
+ UINTN ProcessorNum;
+
+ ToUnplugIdx = 0;
+ while (ToUnplugIdx < ToUnplugCount) {
+ APIC_ID RemoveApicId;
+
+ RemoveApicId = ToUnplugApicIds[ToUnplugIdx];
+
+ //
+ // mCpuHotPlugData->ApicId maps ProcessorNum -> ApicId. Use it to find
+ // the ProcessorNum for the APIC ID to be removed.
+ //
+ for (ProcessorNum = 0;
+ ProcessorNum < mCpuHotPlugData->ArrayLength;
+ ProcessorNum++) {
+ if (mCpuHotPlugData->ApicId[ProcessorNum] == RemoveApicId) {
+ break;
+ }
+ }
+
+ //
+ // Ignore the unplug if APIC ID not found
+ //
+ if (ProcessorNum == mCpuHotPlugData->ArrayLength) {
+ DEBUG ((DEBUG_VERBOSE, "%a: did not find APIC ID " FMT_APIC_ID
+ " to unplug\n", __FUNCTION__, RemoveApicId));
+ ToUnplugIdx++;
+ continue;
+ }
+
+ //
+ // Mark ProcessorNum for removal from SMM data structures
+ //
+ Status = mMmCpuService->RemoveProcessor (mMmCpuService, ProcessorNum);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: RemoveProcessor(" FMT_APIC_ID "): %r\n",
+ __FUNCTION__, RemoveApicId, Status));
+ return Status;
+ }
+
+ ToUnplugIdx++;
+ }
+
+ //
+ // We've removed this set of APIC IDs from SMM data structures.
+ //
+ return EFI_SUCCESS;
+}
+
+/**
CPU Hotplug MMI handler function.

This is a root MMI handler.
@@ -311,6 +388,13 @@ CpuHotplugMmi (
}
}

+ if (ToUnplugCount > 0) {
+ Status = UnplugCpus (mToUnplugApicIds, ToUnplugCount);
+ if (EFI_ERROR (Status)) {
+ goto Fatal;
+ }
+ }
+
//
// We've handled this MMI.
//
--
2.9.3


[PATCH v9 03/10] OvmfPkg/CpuHotplugSmm: add Qemu Cpu Status helper

Ankur Arora
 

Add QemuCpuhpWriteCpuStatus() which will be used to update the QEMU
CPU status register. On error, it hangs in a similar fashion as
other helper functions.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Aaron Young <aaron.young@oracle.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3132
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
OvmfPkg/CpuHotplugSmm/QemuCpuhp.h | 6 ++++++
OvmfPkg/CpuHotplugSmm/QemuCpuhp.c | 22 ++++++++++++++++++++++
2 files changed, 28 insertions(+)

diff --git a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h
index 3e2c2192e1c0..8bb3c66e9b44 100644
--- a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h
+++ b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h
@@ -42,6 +42,12 @@ QemuCpuhpWriteCpuSelector (
);

VOID
+QemuCpuhpWriteCpuStatus (
+ IN CONST EFI_MM_CPU_IO_PROTOCOL *MmCpuIo,
+ IN UINT8 CpuStatus
+ );
+
+VOID
QemuCpuhpWriteCommand (
IN CONST EFI_MM_CPU_IO_PROTOCOL *MmCpuIo,
IN UINT8 Command
diff --git a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c
index 8434dd446b96..dc86ab96777a 100644
--- a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c
+++ b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c
@@ -114,6 +114,28 @@ QemuCpuhpWriteCpuSelector (
}

VOID
+QemuCpuhpWriteCpuStatus (
+ IN CONST EFI_MM_CPU_IO_PROTOCOL *MmCpuIo,
+ IN UINT8 CpuStatus
+ )
+{
+ EFI_STATUS Status;
+
+ Status = MmCpuIo->Io.Write (
+ MmCpuIo,
+ MM_IO_UINT8,
+ ICH9_CPU_HOTPLUG_BASE + QEMU_CPUHP_R_CPU_STAT,
+ 1,
+ &CpuStatus
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: %r\n", __FUNCTION__, Status));
+ ASSERT (FALSE);
+ CpuDeadLoop ();
+ }
+}
+
+VOID
QemuCpuhpWriteCommand (
IN CONST EFI_MM_CPU_IO_PROTOCOL *MmCpuIo,
IN UINT8 Command
--
2.9.3


[PATCH v9 02/10] OvmfPkg/CpuHotplugSmm: collect hot-unplug events

Ankur Arora
 

Process fw_remove events in QemuCpuhpCollectApicIds(), and collect APIC IDs
and QEMU CPU Selectors for CPUs being hot-unplugged.

In addition, we now ignore CPUs which only have remove set. These
CPUs haven't been processed by OSPM yet.

This is based on the QEMU hot-unplug protocol documented here:
https://lore.kernel.org/qemu-devel/20201204170939.1815522-3-imammedo@redhat.com/

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Aaron Young <aaron.young@oracle.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3132
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
---

Notes:
Addresses the following comments from v8:
(1) Fix commit message to mention that we collect cpu-selectors as well.
(2,3,6) s/UnplugSelector/UnplugSelectors/ in CpuHotplug.c, QemuCpuhp.c
(4) Fix comment above the declaration of the now renamed mToUnplugSelector.
(5) Fix spacing around "||".
(7) Fix QemuCpuCollectApicIds() comments to line up descriptions for
ToUnplugSelectors and other params.
(8) s/ExtendSel/ExtendSels/.
(9) Add the (ExtendSels => ExtendIds) assert.
(10) Fix the missing CurrentSelector++ bug.

OvmfPkg/CpuHotplugSmm/QemuCpuhp.h | 1 +
OvmfPkg/Include/IndustryStandard/QemuCpuHotplug.h | 1 +
OvmfPkg/CpuHotplugSmm/CpuHotplug.c | 29 +++++--
OvmfPkg/CpuHotplugSmm/QemuCpuhp.c | 101 +++++++++++++++-------
4 files changed, 93 insertions(+), 39 deletions(-)

diff --git a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h
index 8adaa0ad91f0..3e2c2192e1c0 100644
--- a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h
+++ b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.h
@@ -55,6 +55,7 @@ QemuCpuhpCollectApicIds (
OUT APIC_ID *PluggedApicIds,
OUT UINT32 *PluggedCount,
OUT APIC_ID *ToUnplugApicIds,
+ OUT UINT32 *ToUnplugSelectors,
OUT UINT32 *ToUnplugCount
);

diff --git a/OvmfPkg/Include/IndustryStandard/QemuCpuHotplug.h b/OvmfPkg/Include/IndustryStandard/QemuCpuHotplug.h
index a34a6d3fae61..2ec7a107a64d 100644
--- a/OvmfPkg/Include/IndustryStandard/QemuCpuHotplug.h
+++ b/OvmfPkg/Include/IndustryStandard/QemuCpuHotplug.h
@@ -34,6 +34,7 @@
#define QEMU_CPUHP_STAT_ENABLED BIT0
#define QEMU_CPUHP_STAT_INSERT BIT1
#define QEMU_CPUHP_STAT_REMOVE BIT2
+#define QEMU_CPUHP_STAT_FW_REMOVE BIT4

#define QEMU_CPUHP_RW_CMD_DATA 0x8

diff --git a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
index bf68fcd42914..ee1497b93140 100644
--- a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
+++ b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
@@ -45,13 +45,16 @@ STATIC CPU_HOT_PLUG_DATA *mCpuHotPlugData;
// don't want to allocate SMRAM at OS runtime, and potentially fail (or
// fragment the SMRAM map).
//
-// These arrays provide room for ("possible CPU count" minus one) APIC IDs
-// each, as we don't expect every possible CPU to appear, or disappear, in a
-// single MMI. The numbers of used (populated) elements in the arrays are
+// The first array stores APIC IDs for hot-plug events, the second and the
+// third store APIC IDs and QEMU CPU Selectors (both indexed similarly) for
+// hot-unplug events. All of these provide room for "possible CPU count" minus
+// one elements as we don't expect every possible CPU to appear, or disappear,
+// in a single MMI. The numbers of used (populated) elements in the arrays are
// determined on every MMI separately.
//
STATIC APIC_ID *mPluggedApicIds;
STATIC APIC_ID *mToUnplugApicIds;
+STATIC UINT32 *mToUnplugSelectors;
//
// Address of the non-SMRAM reserved memory page that contains the Post-SMM Pen
// for hot-added CPUs.
@@ -289,6 +292,7 @@ CpuHotplugMmi (
mPluggedApicIds,
&PluggedCount,
mToUnplugApicIds,
+ mToUnplugSelectors,
&ToUnplugCount
);
if (EFI_ERROR (Status)) {
@@ -333,7 +337,9 @@ CpuHotplugEntry (
)
{
EFI_STATUS Status;
+ UINTN Len;
UINTN Size;
+ UINTN SizeSel;

//
// This module should only be included when SMM support is required.
@@ -387,8 +393,9 @@ CpuHotplugEntry (
//
// Allocate the data structures that depend on the possible CPU count.
//
- if (RETURN_ERROR (SafeUintnSub (mCpuHotPlugData->ArrayLength, 1, &Size)) ||
- RETURN_ERROR (SafeUintnMult (sizeof (APIC_ID), Size, &Size))) {
+ if (RETURN_ERROR (SafeUintnSub (mCpuHotPlugData->ArrayLength, 1, &Len)) ||
+ RETURN_ERROR (SafeUintnMult (sizeof (APIC_ID), Len, &Size)) ||
+ RETURN_ERROR (SafeUintnMult (sizeof (UINT32), Len, &SizeSel))) {
Status = EFI_ABORTED;
DEBUG ((DEBUG_ERROR, "%a: invalid CPU_HOT_PLUG_DATA\n", __FUNCTION__));
goto Fatal;
@@ -405,6 +412,12 @@ CpuHotplugEntry (
DEBUG ((DEBUG_ERROR, "%a: MmAllocatePool(): %r\n", __FUNCTION__, Status));
goto ReleasePluggedApicIds;
}
+ Status = gMmst->MmAllocatePool (EfiRuntimeServicesData, SizeSel,
+ (VOID **)&mToUnplugSelectors);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: MmAllocatePool(): %r\n", __FUNCTION__, Status));
+ goto ReleaseToUnplugApicIds;
+ }

//
// Allocate the Post-SMM Pen for hot-added CPUs.
@@ -412,7 +425,7 @@ CpuHotplugEntry (
Status = SmbaseAllocatePostSmmPen (&mPostSmmPenAddress,
SystemTable->BootServices);
if (EFI_ERROR (Status)) {
- goto ReleaseToUnplugApicIds;
+ goto ReleaseToUnplugSelectors;
}

//
@@ -472,6 +485,10 @@ ReleasePostSmmPen:
SmbaseReleasePostSmmPen (mPostSmmPenAddress, SystemTable->BootServices);
mPostSmmPenAddress = 0;

+ReleaseToUnplugSelectors:
+ gMmst->MmFreePool (mToUnplugSelectors);
+ mToUnplugSelectors = NULL;
+
ReleaseToUnplugApicIds:
gMmst->MmFreePool (mToUnplugApicIds);
mToUnplugApicIds = NULL;
diff --git a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c
index 8d4a6693c8d6..8434dd446b96 100644
--- a/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c
+++ b/OvmfPkg/CpuHotplugSmm/QemuCpuhp.c
@@ -145,27 +145,30 @@ QemuCpuhpWriteCommand (

On error, the contents of the output parameters are undefined.

- @param[in] MmCpuIo The EFI_MM_CPU_IO_PROTOCOL instance for
- accessing IO Ports.
+ @param[in] MmCpuIo The EFI_MM_CPU_IO_PROTOCOL instance for
+ accessing IO Ports.

- @param[in] PossibleCpuCount The number of possible CPUs in the system. Must
- be positive.
+ @param[in] PossibleCpuCount The number of possible CPUs in the system. Must
+ be positive.

- @param[in] ApicIdCount The number of elements each one of the
- PluggedApicIds and ToUnplugApicIds arrays can
- accommodate. Must be positive.
+ @param[in] ApicIdCount The number of elements each one of the
+ PluggedApicIds and ToUnplugApicIds arrays can
+ accommodate. Must be positive.

- @param[out] PluggedApicIds The APIC IDs of the CPUs that have been
- hot-plugged.
+ @param[out] PluggedApicIds The APIC IDs of the CPUs that have been
+ hot-plugged.

- @param[out] PluggedCount The number of filled-in APIC IDs in
- PluggedApicIds.
+ @param[out] PluggedCount The number of filled-in APIC IDs in
+ PluggedApicIds.

- @param[out] ToUnplugApicIds The APIC IDs of the CPUs that are about to be
- hot-unplugged.
+ @param[out] ToUnplugApicIds The APIC IDs of the CPUs that are about to be
+ hot-unplugged.

- @param[out] ToUnplugCount The number of filled-in APIC IDs in
- ToUnplugApicIds.
+ @param[out] ToUnplugSelectors The QEMU Selectors of the CPUs that are about
+ to be hot-unplugged.
+
+ @param[out] ToUnplugCount The number of filled-in APIC IDs in
+ ToUnplugApicIds.

@retval EFI_INVALID_PARAMETER PossibleCpuCount is zero, or ApicIdCount is
zero.
@@ -187,6 +190,7 @@ QemuCpuhpCollectApicIds (
OUT APIC_ID *PluggedApicIds,
OUT UINT32 *PluggedCount,
OUT APIC_ID *ToUnplugApicIds,
+ OUT UINT32 *ToUnplugSelectors,
OUT UINT32 *ToUnplugCount
)
{
@@ -204,6 +208,7 @@ QemuCpuhpCollectApicIds (
UINT32 PendingSelector;
UINT8 CpuStatus;
APIC_ID *ExtendIds;
+ UINT32 *ExtendSels;
UINT32 *ExtendCount;
APIC_ID NewApicId;

@@ -245,10 +250,10 @@ QemuCpuhpCollectApicIds (
if ((CpuStatus & QEMU_CPUHP_STAT_INSERT) != 0) {
//
// The "insert" event guarantees the "enabled" status; plus it excludes
- // the "remove" event.
+ // the "fw_remove" event.
//
if ((CpuStatus & QEMU_CPUHP_STAT_ENABLED) == 0 ||
- (CpuStatus & QEMU_CPUHP_STAT_REMOVE) != 0) {
+ (CpuStatus & QEMU_CPUHP_STAT_FW_REMOVE) != 0) {
DEBUG ((DEBUG_ERROR, "%a: CurrentSelector=%u CpuStatus=0x%x: "
"inconsistent CPU status\n", __FUNCTION__, CurrentSelector,
CpuStatus));
@@ -259,33 +264,63 @@ QemuCpuhpCollectApicIds (
CurrentSelector));

ExtendIds = PluggedApicIds;
+ ExtendSels = NULL;
ExtendCount = PluggedCount;
- } else if ((CpuStatus & QEMU_CPUHP_STAT_REMOVE) != 0) {
- DEBUG ((DEBUG_VERBOSE, "%a: CurrentSelector=%u: remove\n", __FUNCTION__,
- CurrentSelector));
+ } else if ((CpuStatus & QEMU_CPUHP_STAT_FW_REMOVE) != 0) {
+ //
+ // "fw_remove" event guarantees "enabled".
+ //
+ if ((CpuStatus & QEMU_CPUHP_STAT_ENABLED) == 0) {
+ DEBUG ((DEBUG_ERROR, "%a: CurrentSelector=%u CpuStatus=0x%x: "
+ "inconsistent CPU status\n", __FUNCTION__, CurrentSelector,
+ CpuStatus));
+ return EFI_PROTOCOL_ERROR;
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "%a: CurrentSelector=%u: fw_remove\n",
+ __FUNCTION__, CurrentSelector));

ExtendIds = ToUnplugApicIds;
+ ExtendSels = ToUnplugSelectors;
ExtendCount = ToUnplugCount;
+ } else if ((CpuStatus & QEMU_CPUHP_STAT_REMOVE) != 0) {
+ //
+ // Let the OSPM deal with the "remove" event.
+ //
+ DEBUG ((DEBUG_VERBOSE, "%a: CurrentSelector=%u: remove (ignored)\n",
+ __FUNCTION__, CurrentSelector));
+
+ ExtendIds = NULL;
+ ExtendSels = NULL;
+ ExtendCount = NULL;
} else {
DEBUG ((DEBUG_VERBOSE, "%a: CurrentSelector=%u: no event\n",
__FUNCTION__, CurrentSelector));
break;
}

- //
- // Save the APIC ID of the CPU with the pending event, to the corresponding
- // APIC ID array.
- //
- if (*ExtendCount == ApicIdCount) {
- DEBUG ((DEBUG_ERROR, "%a: APIC ID array too small\n", __FUNCTION__));
- return EFI_BUFFER_TOO_SMALL;
- }
- QemuCpuhpWriteCommand (MmCpuIo, QEMU_CPUHP_CMD_GET_ARCH_ID);
- NewApicId = QemuCpuhpReadCommandData (MmCpuIo);
- DEBUG ((DEBUG_VERBOSE, "%a: ApicId=" FMT_APIC_ID "\n", __FUNCTION__,
- NewApicId));
- ExtendIds[(*ExtendCount)++] = NewApicId;
+ ASSERT ((ExtendIds == NULL) == (ExtendCount == NULL));
+ ASSERT ((ExtendSels == NULL) || (ExtendIds != NULL));

+ if (ExtendIds != NULL) {
+ //
+ // Save the APIC ID of the CPU with the pending event, to the
+ // corresponding APIC ID array.
+ // For unplug events, also save the CurrentSelector.
+ //
+ if (*ExtendCount == ApicIdCount) {
+ DEBUG ((DEBUG_ERROR, "%a: APIC ID array too small\n", __FUNCTION__));
+ return EFI_BUFFER_TOO_SMALL;
+ }
+ QemuCpuhpWriteCommand (MmCpuIo, QEMU_CPUHP_CMD_GET_ARCH_ID);
+ NewApicId = QemuCpuhpReadCommandData (MmCpuIo);
+ DEBUG ((DEBUG_VERBOSE, "%a: ApicId=" FMT_APIC_ID "\n", __FUNCTION__,
+ NewApicId));
+ if (ExtendSels != NULL) {
+ ExtendSels[(*ExtendCount)] = CurrentSelector;
+ }
+ ExtendIds[(*ExtendCount)++] = NewApicId;
+ }
//
// We've processed the CPU with (known) pending events, but we must never
// clear events. Therefore we need to advance past this CPU manually;
--
2.9.3


[PATCH v9 01/10] OvmfPkg/CpuHotplugSmm: refactor hotplug logic

Ankur Arora
 

Refactor CpuHotplugMmi() to pull out the CPU hotplug logic into
ProcessHotAddedCpus(). This is in preparation for supporting CPU
hot-unplug.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Aaron Young <aaron.young@oracle.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3132
Signed-off-by: Ankur Arora <ankur.a.arora@oracle.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
OvmfPkg/CpuHotplugSmm/CpuHotplug.c | 210 ++++++++++++++++++++++---------------
1 file changed, 126 insertions(+), 84 deletions(-)

diff --git a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
index cfe698ed2b5e..bf68fcd42914 100644
--- a/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
+++ b/OvmfPkg/CpuHotplugSmm/CpuHotplug.c
@@ -62,6 +62,129 @@ STATIC UINT32 mPostSmmPenAddress;
//
STATIC EFI_HANDLE mDispatchHandle;

+/**
+ Process CPUs that have been hot-added, per QemuCpuhpCollectApicIds().
+
+ For each such CPU, relocate the SMBASE, and report the CPU to PiSmmCpuDxeSmm
+ via EFI_SMM_CPU_SERVICE_PROTOCOL. If the supposedly hot-added CPU is already
+ known, skip it silently.
+
+ @param[in] PluggedApicIds The APIC IDs of the CPUs that have been
+ hot-plugged.
+
+ @param[in] PluggedCount The number of filled-in APIC IDs in
+ PluggedApicIds.
+
+ @retval EFI_SUCCESS CPUs corresponding to all the APIC IDs are
+ populated.
+
+ @retval EFI_OUT_OF_RESOURCES Out of APIC ID space in "mCpuHotPlugData".
+
+ @return Error codes propagated from SmbaseRelocate()
+ and mMmCpuService->AddProcessor().
+**/
+STATIC
+EFI_STATUS
+ProcessHotAddedCpus (
+ IN APIC_ID *PluggedApicIds,
+ IN UINT32 PluggedCount
+ )
+{
+ EFI_STATUS Status;
+ UINT32 PluggedIdx;
+ UINT32 NewSlot;
+
+ //
+ // The Post-SMM Pen need not be reinstalled multiple times within a single
+ // root MMI handling. Even reinstalling once per root MMI is only prudence;
+ // in theory installing the pen in the driver's entry point function should
+ // suffice.
+ //
+ SmbaseReinstallPostSmmPen (mPostSmmPenAddress);
+
+ PluggedIdx = 0;
+ NewSlot = 0;
+ while (PluggedIdx < PluggedCount) {
+ APIC_ID NewApicId;
+ UINT32 CheckSlot;
+ UINTN NewProcessorNumberByProtocol;
+
+ NewApicId = PluggedApicIds[PluggedIdx];
+
+ //
+ // Check if the supposedly hot-added CPU is already known to us.
+ //
+ for (CheckSlot = 0;
+ CheckSlot < mCpuHotPlugData->ArrayLength;
+ CheckSlot++) {
+ if (mCpuHotPlugData->ApicId[CheckSlot] == NewApicId) {
+ break;
+ }
+ }
+ if (CheckSlot < mCpuHotPlugData->ArrayLength) {
+ DEBUG ((DEBUG_VERBOSE, "%a: APIC ID " FMT_APIC_ID " was hot-plugged "
+ "before; ignoring it\n", __FUNCTION__, NewApicId));
+ PluggedIdx++;
+ continue;
+ }
+
+ //
+ // Find the first empty slot in CPU_HOT_PLUG_DATA.
+ //
+ while (NewSlot < mCpuHotPlugData->ArrayLength &&
+ mCpuHotPlugData->ApicId[NewSlot] != MAX_UINT64) {
+ NewSlot++;
+ }
+ if (NewSlot == mCpuHotPlugData->ArrayLength) {
+ DEBUG ((DEBUG_ERROR, "%a: no room for APIC ID " FMT_APIC_ID "\n",
+ __FUNCTION__, NewApicId));
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Store the APIC ID of the new processor to the slot.
+ //
+ mCpuHotPlugData->ApicId[NewSlot] = NewApicId;
+
+ //
+ // Relocate the SMBASE of the new CPU.
+ //
+ Status = SmbaseRelocate (NewApicId, mCpuHotPlugData->SmBase[NewSlot],
+ mPostSmmPenAddress);
+ if (EFI_ERROR (Status)) {
+ goto RevokeNewSlot;
+ }
+
+ //
+ // Add the new CPU with EFI_SMM_CPU_SERVICE_PROTOCOL.
+ //
+ Status = mMmCpuService->AddProcessor (mMmCpuService, NewApicId,
+ &NewProcessorNumberByProtocol);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: AddProcessor(" FMT_APIC_ID "): %r\n",
+ __FUNCTION__, NewApicId, Status));
+ goto RevokeNewSlot;
+ }
+
+ DEBUG ((DEBUG_INFO, "%a: hot-added APIC ID " FMT_APIC_ID ", SMBASE 0x%Lx, "
+ "EFI_SMM_CPU_SERVICE_PROTOCOL assigned number %Lu\n", __FUNCTION__,
+ NewApicId, (UINT64)mCpuHotPlugData->SmBase[NewSlot],
+ (UINT64)NewProcessorNumberByProtocol));
+
+ NewSlot++;
+ PluggedIdx++;
+ }
+
+ //
+ // We've processed this batch of hot-added CPUs.
+ //
+ return EFI_SUCCESS;
+
+RevokeNewSlot:
+ mCpuHotPlugData->ApicId[NewSlot] = MAX_UINT64;
+
+ return Status;
+}

/**
CPU Hotplug MMI handler function.
@@ -122,8 +245,6 @@ CpuHotplugMmi (
UINT8 ApmControl;
UINT32 PluggedCount;
UINT32 ToUnplugCount;
- UINT32 PluggedIdx;
- UINT32 NewSlot;

//
// Assert that we are entering this function due to our root MMI handler
@@ -179,87 +300,11 @@ CpuHotplugMmi (
goto Fatal;
}

- //
- // Process hot-added CPUs.
- //
- // The Post-SMM Pen need not be reinstalled multiple times within a single
- // root MMI handling. Even reinstalling once per root MMI is only prudence;
- // in theory installing the pen in the driver's entry point function should
- // suffice.
- //
- SmbaseReinstallPostSmmPen (mPostSmmPenAddress);
-
- PluggedIdx = 0;
- NewSlot = 0;
- while (PluggedIdx < PluggedCount) {
- APIC_ID NewApicId;
- UINT32 CheckSlot;
- UINTN NewProcessorNumberByProtocol;
-
- NewApicId = mPluggedApicIds[PluggedIdx];
-
- //
- // Check if the supposedly hot-added CPU is already known to us.
- //
- for (CheckSlot = 0;
- CheckSlot < mCpuHotPlugData->ArrayLength;
- CheckSlot++) {
- if (mCpuHotPlugData->ApicId[CheckSlot] == NewApicId) {
- break;
- }
- }
- if (CheckSlot < mCpuHotPlugData->ArrayLength) {
- DEBUG ((DEBUG_VERBOSE, "%a: APIC ID " FMT_APIC_ID " was hot-plugged "
- "before; ignoring it\n", __FUNCTION__, NewApicId));
- PluggedIdx++;
- continue;
- }
-
- //
- // Find the first empty slot in CPU_HOT_PLUG_DATA.
- //
- while (NewSlot < mCpuHotPlugData->ArrayLength &&
- mCpuHotPlugData->ApicId[NewSlot] != MAX_UINT64) {
- NewSlot++;
- }
- if (NewSlot == mCpuHotPlugData->ArrayLength) {
- DEBUG ((DEBUG_ERROR, "%a: no room for APIC ID " FMT_APIC_ID "\n",
- __FUNCTION__, NewApicId));
+ if (PluggedCount > 0) {
+ Status = ProcessHotAddedCpus (mPluggedApicIds, PluggedCount);
+ if (EFI_ERROR (Status)) {
goto Fatal;
}
-
- //
- // Store the APIC ID of the new processor to the slot.
- //
- mCpuHotPlugData->ApicId[NewSlot] = NewApicId;
-
- //
- // Relocate the SMBASE of the new CPU.
- //
- Status = SmbaseRelocate (NewApicId, mCpuHotPlugData->SmBase[NewSlot],
- mPostSmmPenAddress);
- if (EFI_ERROR (Status)) {
- goto RevokeNewSlot;
- }
-
- //
- // Add the new CPU with EFI_SMM_CPU_SERVICE_PROTOCOL.
- //
- Status = mMmCpuService->AddProcessor (mMmCpuService, NewApicId,
- &NewProcessorNumberByProtocol);
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "%a: AddProcessor(" FMT_APIC_ID "): %r\n",
- __FUNCTION__, NewApicId, Status));
- goto RevokeNewSlot;
- }
-
- DEBUG ((DEBUG_INFO, "%a: hot-added APIC ID " FMT_APIC_ID ", SMBASE 0x%Lx, "
- "EFI_SMM_CPU_SERVICE_PROTOCOL assigned number %Lu\n", __FUNCTION__,
- NewApicId, (UINT64)mCpuHotPlugData->SmBase[NewSlot],
- (UINT64)NewProcessorNumberByProtocol));
-
- NewSlot++;
- PluggedIdx++;
}

//
@@ -267,9 +312,6 @@ CpuHotplugMmi (
//
return EFI_SUCCESS;

-RevokeNewSlot:
- mCpuHotPlugData->ApicId[NewSlot] = MAX_UINT64;
-
Fatal:
ASSERT (FALSE);
CpuDeadLoop ();
--
2.9.3


[PATCH v9 00/10] support CPU hot-unplug

Ankur Arora
 

Hi,

This series adds OVMF support for CPU hot-unplug.

QEMU secureboot hot-unplug logic corresponding to this is in upstream.
Also posted here:
https://lore.kernel.org/qemu-devel/20201207140739.3829993-1-imammedo@redhat.com/

Testing (with QEMU 5.2.50):
- Stable with randomized CPU plug/unplug (guest maxcpus=33,128)
- Synthetic tests with simultaneous multi CPU hot-unplug

Also at:
github.com/terminus/edk2/ hot-unplug-v9

Changelog:

v9:
- Rebased on top of edd46cd407ea
- Clarify comments around memory-barriers in patches 7, 8, 9
- Address other review comments from v8

v8:
- Fixes a couple of ECC issues in the code (in patches 7, 9)
URL: https://patchew.org/EDK2/20210222071928.1401820-1-ankur.a.arora@oracle.com/

v7:
- Address review comments from v6.
- Fix ejection bug where we were using APIC ID to do the ejection
rather than the Qemu Selector.
- Describes safety properties and ordering needed for concurrent
accesses to CPU_HOT_EJECT_DATA->QemuSelectorMap, and
CPU_HOT_EJECT_DATA->Handler.
URL: https://patchew.org/EDK2/20210219090444.1332380-1-ankur.a.arora@oracle.com/

v6:
- addresses v5 review comments.
URL: https://patchew.org/EDK2/20210129005950.467638-1-ankur.a.arora@oracle.com/

v5:
- fixes ECC errors (all but one in "OvmfPkg/CpuHotplugSmm: add
add Qemu Cpu Status helper").
URL: https://patchew.org/EDK2/20210126064440.299596-1-ankur.a.arora@oracle.com/

v4:
- Gets rid of unnecessary UefiCpuPkg changes
URL: https://patchew.org/EDK2/20210118063457.358581-1-ankur.a.arora@oracle.com/

v3:
- Use a saner PCD based interface to share state between PiSmmCpuDxeSmm
and OvmfPkg/CpuHotplugSmm
- Cleaner split of the hot-unplug code
URL: https://patchew.org/EDK2/20210115074533.277448-1-ankur.a.arora@oracle.com/

v2:
- Do the ejection via SmmCpuFeaturesRendezvousExit()
URL: https://patchew.org/EDK2/20210107195515.106158-1-ankur.a.arora@oracle.com/

RFC:
URL: https://patchew.org/EDK2/20201208053432.2690694-1-ankur.a.arora@oracle.com/

Please review.

Thanks
Ankur

Ankur Arora (10):
OvmfPkg/CpuHotplugSmm: refactor hotplug logic
OvmfPkg/CpuHotplugSmm: collect hot-unplug events
OvmfPkg/CpuHotplugSmm: add Qemu Cpu Status helper
OvmfPkg/CpuHotplugSmm: introduce UnplugCpus()
OvmfPkg: define CPU_HOT_EJECT_DATA
OvmfPkg/SmmCpuFeaturesLib: init CPU ejection state
OvmfPkg/SmmCpuFeaturesLib: call CPU hot-eject handler
OvmfPkg/CpuHotplugSmm: add EjectCpu()
OvmfPkg/CpuHotplugSmm: do actual CPU hot-eject
OvmfPkg/SmmControl2Dxe: negotiate CPU hot-unplug

OvmfPkg/OvmfPkg.dec | 4 +
OvmfPkg/CpuHotplugSmm/CpuHotplugSmm.inf | 2 +
.../SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf | 4 +
OvmfPkg/CpuHotplugSmm/QemuCpuhp.h | 7 +
OvmfPkg/Include/IndustryStandard/QemuCpuHotplug.h | 2 +
OvmfPkg/Include/Pcd/CpuHotEjectData.h | 60 +++
OvmfPkg/CpuHotplugSmm/CpuHotplug.c | 576 +++++++++++++++++----
OvmfPkg/CpuHotplugSmm/QemuCpuhp.c | 123 +++--
.../Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.c | 111 ++++
OvmfPkg/SmmControl2Dxe/SmiFeatures.c | 18 +-
10 files changed, 775 insertions(+), 132 deletions(-)
create mode 100644 OvmfPkg/Include/Pcd/CpuHotEjectData.h

--
2.9.3


Re: Conflicting virtual addresses causing Runtime Services issues

Jon Nettleton
 

On Fri, Mar 12, 2021 at 4:02 AM Jon Nettleton via groups.io
<jon=solid-run.com@groups.io> wrote:

On Thu, Mar 11, 2021 at 11:39 PM Ard Biesheuvel <ardb@kernel.org> wrote:

On Thu, 11 Mar 2021 at 23:25, Laszlo Ersek <lersek@redhat.com> wrote:

Adding Ard and Leif, comments below:

On 03/11/21 15:50, Laszlo Ersek wrote:
On 03/11/21 10:48, Jon Nettleton wrote:
[...]

And this is where the pointer gets remapped again and into the MMIO
space of the nor flash. If I remove the calls to ConvertPointer for
the FvbProtocol I am still seeing those addresses getting remapped
but only once and runtime works as expected.

I am seeing that in
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
&mVariableModuleGlobal->FvbInstance->* are all being converted. It
is possible this is a long standing bug and it just so happens that
our configuration has caused a conflict and exposed it.
Yes, this is curious, I noticed it too yesterday, trying to see where
the FVB protocol member function pointers were converted. I found that
OVMF's flash driver (OvmfPkg/QemuFlashFvbServicesRuntimeDxe) didn't do
it, but MdeModulePkg/Universal/Variable/RuntimeDxe did. That was
certainly strange, as the variable driver is a consumer of the
protocol (not the producer thereof), so I'd say it has no business
poking new values into the protocol interface structure.
[...]

... Strangely, the other flash (FVB) driver in edk2,
ArmPlatformPkg/Drivers/NorFlashDxe, *does* perform the conversion
itself! See NorFlashVirtualNotifyEvent().

I don't understand that. Is it possible that, with
"ArmPlatformPkg/Drivers/NorFlashDxe" too, the conversion happens
*twice*, but (at least) one of those mappings is "identity"?
Confirmed.

I had to write some elaborate debug patches for determining this,
because in ArmVirtQemu, I cannot produce DEBUG output from the
SetVirtualAddressMap() notification functions. So here's the approach I
took:

(1) Introduce a new GUID-ed HOB structure in MdeModulePkg. The structure
itself lives in reserved memory, but its address is exposed in a GUID-ed
HOB. The structure is named FVB_ADDRESS_LIST, and it has the following
fields:

- signature ("FVBADRLS" -- FVB Address List)
- 16 entries of:
- owner signature [what driver set this entry]
- address
- number of entries used (aka next entry to fill)

(2) In PlatformPei, allocate and initialize this structure (in reserved
memory), and expose its address via the GUID-ed HOB. Furthermore,
produce a log message with the allocation address.

(3) In NorFlashDxe, look up the structure via the GUID-ed HOB, in the
entry point function; remember the address in a global variable. In the
SetVirtualAddressMap() handler function, treat the conversion of the
"GetPhysicalAddress" FVB member function specially: via the global
variable pointer to FVB_ADDRESS_LIST in reserved memory, save both the
physical (original) and the virtual (converted) address of the
"GetPhysicalAddress" FVB member function, in new entries. As owner
signature in both entries, use "NORFLASH".

(4) In the runtime DXE variable driver, do the exact same thing, just
use a different "owner signature" -- "VARIABLE".

(5) Once the guest is up and running, run "efibootmgr --delete-timeout"
at a root prompt in the guest, deleting the existent "Timeout" UEFI
non-volatile variable, for verifying that the runtime variable (write)
service is functional.

(6) Using the log message from point (2):

PlatformPeim: FvbAddressList @ 13FEC9000
hexdump the guest memory containing the FVB_ADDRESS_LIST, as follows:

$ virsh qemu-monitor-command aavmf.rhel7.registered --hmp xp /268cb 0x13FEC9000
Ccomments to the right of the hexdump:

000000013fec9000: 'F' 'V' 'B' 'A' 'D' 'R' 'L' 'S' <- structure signature: FVBADRLS
000000013fec9008: 'N' 'O' 'R' 'F' 'L' 'A' 'S' 'H' <- entry[0], signature: NORFLASH
000000013fec9010: 'T' ' ' '\xc6' ';' '\x01' '\x00' '\x00' '\x00' <- entry[0], GetPhysicalAddress *physical*: 0x000000013bc62054
000000013fec9018: 'N' 'O' 'R' 'F' 'L' 'A' 'S' 'H' <- entry[1], signature: NORFLASH
000000013fec9020: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[1], GetPhysicalAddress *virtual*: 0x00000000244e2054
000000013fec9028: 'V' 'A' 'R' 'I' 'A' 'B' 'L' 'E' <- entry[2], signature: VARIABLE
000000013fec9030: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[2], GetPhysicalAddress *physical*: 0x00000000244e2054
000000013fec9038: 'V' 'A' 'R' 'I' 'A' 'B' 'L' 'E' <- entry[3], signature: VARIABLE
000000013fec9040: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[3], GetPhysicalAddress *virtual*: 0x00000000244e2054
000000013fec9048: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9050: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9058: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9060: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9068: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9070: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9078: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9080: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9088: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9090: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9098: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90a0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90a8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90b0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90b8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90c0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90c8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90d0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90d8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90e0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90e8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90f0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90f8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9100: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9108: '\x04' '\x00' '\x00' '\x00' <- number of entries used: 4
This shows the following:

- both NorFlashDxe and the runtime DXE variable driver converted the
FVB.GetPhysicalAddress member function,

- the NorFlashDxe driver acted first, the runtime DXE variable driver
acted second,

- when the runtime DXE variable driver "converted" the "physical"
address to virtual address, there was no change (and no crash!),
because the virtual address map passed in by the Linux kernel
apparently identity maps this area -- just as I guessed.

So we definitely have a bug (only Linux's page tables save us from the
crash); now the question is:

Which driver is wrong to even attempt the conversion of the FVB member
functions?

The answer must be documented somewhere highly visible.

Debug patches attached, for the record (based on commit edd46cd407ea).
Thanks for inviting me to this party!

So the tl;dr here is that some points get converted twice, which
usually is not a problem because the virtual address resulting from
the conversion is rarely mistaken for a physical address living in a
EFI_MEMORY_RUNTIME region.

So I agree with Laszlo's assertion that the consumer of a protocol has
no business updating its protocol pointers, so this should definitely
be fixed in the core VariableRuntime driver. However, given the
typical nature of the variable stack, i.e., a platform specfic NOR
flash driver combined with the generic FTW and variable drivers, doing
so would likely break many out of tree platforms where the NOR flash
driver does not bother to update its pointers at all.
Not ideal, but we could add a flag to Runtime Services and let the platform
specify if it is remapping the FVB. This would allow us to not break legacy
drivers, but still easily let properly designed platforms bypass this
behaviour. As time progressed this could be used to for a deprecation
warning, until it became the default handling of FVB pointer conversion.
Something like the attached patch possibly?


Re: [edk2-discuss] Google Summer of Code Interested Student

Nate DeSimone
 

Hi Caden,

Great to meet you and welcome to the TianoCore project! Glad you hear you are interested! Sorry it has taken me a while to get back to you, researching the topics you are interested in ended up being somewhat involved 😊.

I went back and did some investigation of current state of the terminal driver, and some of the work has already been done. However, there are some things missing and some odd bugs that need attention. To give you a little more detail, the Terminal driver is located at https://github.com/tianocore/edk2/tree/master/MdeModulePkg/Universal/Console/TerminalDxe

The most prevalent use case for the terminal driver is to display the BIOS setup menu on headless server systems using a PC style serial port connected to a laptop via null modem. This allows administrators to adjust BIOS settings on rack mounted systems without needing to connect a monitor and keyboard.

Historically, the BIOS setup menu would be rendered using the IBM PC VGA text mode, which encoded text using code page 437 (CP437). This was important for box-drawing characters, such as β”Œ , ─ , and ┐ , which VGA text mode encodes as 0xDA, 0xC4, and 0xBF respectively. However, most terminal emulators assume text to be encoded in UTF-8. Unicode defines these box drawing characters as 0x250C, 0x2500, and 0x2510. In UTF-8 encoding, these characters translate into 3 byte sequences of (0xE2, 0x94, 0x8C), (0xE2, 0x94, 0x80), and (0xE2, 0x94, 0x90) respectively. The VGA encodings of these box characters will end up generating errors if one attempts to decode them as strict UTF-8, though most terminals assume that the intended characters to be drawn are Ú, Γ„, and ΒΏ, which have the Unicode character codes 0xDA, 0xC4, and 0xBF. The end result is the BIOS setup menu looks like this:

ΓšΓ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„ΒΏ
Β³ Device Manager Β³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ

Devices List List all the Driver
> Driver Health Manager Health instances to
> RAM Disk Configuration manage
> OVMF Platform Configuration
> iSCSI Configuration
> Network Device List


Press ESC to exit.


ΓšΓ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„Γ„ΒΏ
Β³ Β³
Β³ ^v=Move Highlight <Enter>=Select Entry Esc=Exit Β³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ

Instead of like this:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Device Manager β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Devices List List all the Driver
> Driver Health Manager Health instances to
> RAM Disk Configuration manage
> OVMF Platform Configuration
> iSCSI Configuration
> Network Device List


Press ESC to exit.


β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ β”‚
β”‚ ^v=Move Highlight <Enter>=Select Entry Esc=Exit β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

The terminal driver has fully supported both the legacy CP437 encoding and the UTF-8 encoding for more than 10 years now. Which mode to use is part of the configuration settings given to the terminal driver at start up. However, those configuration settings need to come from somewhere. For example, OVMF has the following page in its setup menu for configuring the serial terminal:

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Set COM Attributes β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Set COM Baud Rate <115200> Set COM Baud Rate
Set COM Data Bits <8>
Set COM Parity <None>
Set COM Stop Bits <One>
Set COM Terminal Type <PC_ANSI>
Set COM Flow Control <None>

Commit Changes and Exit
Discard Changes and Exit


β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ F9=Reset to Defaults F10=Save β”‚
β”‚ ^v=Move Highlight <Enter>=Select Entry Esc=Exit β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

The default terminal type is PC_ANSI, which uses CP437. In this day and age that is probably not the right default anymore, though one could argue whether PC_ANSI being the default is a "bug". Here is the list of supported terminal types:

- PC_ANSI
- VT_100
- VT_100_PLUS
- VT_UTF8
- TTY_TERM
- LINUX
- XTERM_R6
- VT_400
- SCO

Now, here is the first unquestionable bug. All of these terminal types except for VT_UTF8 output the box drawing characters using CP437. The VT-100 did not use CP437 for box drawing characters. On the VT-100, the terminal driver should output the escape sequence "ESC ( 0" to switch the character set from ASCII to "DEC Special Graphics". Then, while in DEC Special Graphics mode, β”Œ , ─ , and ┐ , are encoded as 0x6C, 0x71, and 0x6B respectively. After outputting the box drawing characters, the terminal driver should switch back to ASCII using the escape sequence "ESC ( B". Implementing this will introduce the interesting problem of optimizing display performance by limiting the number of character mode switches.

For all the modes listed above, the VT-100 method should be used for drawing box characters (and other characters in the DEC special graphics character set) with the exception of PC_ANSI and VT_UTF8, which should use CP437 and UTF-8 respectively. In general, DEC special graphics has been around for such a long time that all terminal emulators support it, so it should be the preferred method of outputting characters outside the initial 0-127 basic ASCII codes, with UTF-8 as a fallback if the character can't be encoded by either basic ASCII or DEC special graphics. The difference between VT_UTF8 and the other modes is that DEC special graphics should never be used. PC_ANSI mode should never use DEC special graphics either.

Now, here is the second bug. That BIOS setup menu page that OVMF has for configuring the serial port has a field for setting the terminal type. But, changing the value in that field doesn't actually change the configuration data that is sent to the terminal driver. So the terminal driver always ends up using PC_ANSI mode even if the user changes that setting. This isn’t a bug in the terminal driver really, it’s a bug in OVMF's setup menu implementation. But it does create the appearance of a problem in the terminal driver and should be fixed as part of this GSoC project. This should be fixed in both he OVMF implementation and the MinPlatform implementation.

I'm not sure if the terminal driver improvements would absorb the entire 10 week coding window. If you had time left, you could consider spending it writing unit tests.

Looking at your experience, it seems like you have more experience with Python coding than with C coding. Both the terminal driver improvements and unit tests would be written in C. Another option you could consider is we have a lot of Python code in TianoCore as well. The two major pieces of Python code are BaseTools and EdkRepo. BaseTools provides the build system for TianoCore and implements the logic necessary to compile a BIOS ROM file from source. EdkRepo is the multi-repository tool for EDK II. EdkRepo automates common developer workflows for projects that use more than one git repository (many TianoCore projects do). We would gladly accept project proposals for either BaseTools or EdkRepo. If either of those interest you I can point you to some places where they can be improved and give you some project ideas.

The most important outcome from GSoC in our view is that our students learn something, get some exposure, and have a great experience that they will remember fondly for years to come. We want you to be successful. Gauge your comfort level and pick a project that you feel you can achieve in the 10 week period. Sorry for the long email, but I hope it helps. Finally I'd like to reiterate... Welcome to the project!

With Best Regards,
Nate

-----Original Message-----
From: Laszlo Ersek <lersek@redhat.com>
Sent: Wednesday, March 10, 2021 8:17 AM
To: discuss@edk2.groups.io
Cc: cadenkline9@gmail.com; Desimone, Nathaniel L <nathaniel.l.desimone@intel.com>
Subject: Re: [edk2-discuss] Google Summer of Code Interested Student

adding Nate

On 03/10/21 03:10, mailto:cadenkline9@gmail.com wrote:
Hello, My name is Caden Kline. I am a freshmen Computer Science major in the US. I intend to specialize in Systems or Security or both. The main two tasks I am hoping to apply for are "Terminal driver improvements" and "Writing Unit Tests". However, I am primarily interested in any system level work and willing to work on anything. I am concerned about the difficulty in completing these tasks so I'm going to list my experience.

My relevant experience for C programming language is a one semester introduction to C and Unix class I am currently taking. Outside of formal experience, I have primarily interacted with C and assembly with capture the flag/wargame binary exploitation challenges, and unfinished projects such as a chip8 emulator. My primary programming experience is Java and Python thanks to my high school and college classes. I have participated in several past google code-ins. My github profile is https://github.com/Pokemod97 .

Is there anything I can do to improve my chances to be selected or any other feedback? Thank you for taking the time to read this message.





Re: [PATCH v2 1/2] OvmfPkg/IntelGvtGopDxe: Intel GVT-g GOP Implementation.

Colin Xu <colin.xu@...>
 

On Fri, 12 Mar 2021, Rebecca Cran wrote:

On 3/5/2021 6:19 AM, Laszlo Ersek wrote:

(3) There's a whole lot of style issues in the code, and I absolutely
don't see myself identifying every single one of those for you, in a
4000+ line driver.
(EFI_D_xxx macro usage, line wrapping issues with multi-line function
calls, comment style problems, an assumption of varargs support with
function-like macros on all edk2 toolchains, building the driver only
for X64, ...)
The other style issue I noticed was the leading double underscores in the include guards - e.g.:
Thanks Rebecca. I'll fix them.

Best Regards,
Colin

diff --git a/OvmfPkg/IntelGvtGopDxe/Common.h b/OvmfPkg/IntelGvtGopDxe/Common.h
new file mode 100644
index 000000000000..cf30752eb8f3
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Common.h
@@ -0,0 +1,45 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __COMMON_H_

--
Rebecca Cran







Re: [PATCH v2 1/2] OvmfPkg/IntelGvtGopDxe: Intel GVT-g GOP Implementation.

Rebecca Cran
 

On 3/5/2021 6:19 AM, Laszlo Ersek wrote:

(3) There's a whole lot of style issues in the code, and I absolutely
don't see myself identifying every single one of those for you, in a
4000+ line driver.

(EFI_D_xxx macro usage, line wrapping issues with multi-line function
calls, comment style problems, an assumption of varargs support with
function-like macros on all edk2 toolchains, building the driver only
for X64, ...)
The other style issue I noticed was the leading double underscores in the include guards - e.g.:

diff --git a/OvmfPkg/IntelGvtGopDxe/Common.h b/OvmfPkg/IntelGvtGopDxe/Common.h
new file mode 100644
index 000000000000..cf30752eb8f3
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Common.h
@@ -0,0 +1,45 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __COMMON_H_

--
Rebecca Cran


Re: [PATCH v2 1/2] OvmfPkg/IntelGvtGopDxe: Intel GVT-g GOP Implementation.

Colin Xu <colin.xu@...>
 

--
Best Regards,
Colin Xu

On Fri, 5 Mar 2021, Laszlo Ersek wrote:
Thanks a lot for your comment, Laszlo! See my reply also end of the patch.
Hi Gerd, Alex, would you mind share your thoughts as well?

Adding Gerd and Alex; some comments below (near the end of the patch --
keeping full context for Gerd's and Alex's sake):

On 03/05/21 07:20, Colin Xu wrote:
Intel GVT-g GOP DXE supports OVMF GOP output its frame buffer to vGPU
partitioned aperture mapped by GGTT, so that the GOP output can be
mediated to its backend for display (i.e. QEMU GTK display via dma-buf).

Unlike ACRN GVT-d integrating native GOP/VBT into it's OVMF, the GVT-g
GOP is an open-source implementation which follows Intel GVT-g framework
to interact with KVMGT in host kernel so that the GOP frame buffer
content can be processed properly.

With GVT-g GOP enabled OVMF, guest VM can output its framebuffer
content to KVMGT via GOP, with a proper backend support (i.e. QEMU GTK
display with dma-buf), the following content is now directly visible to
user unlike previosly need a second GPU:
- OVMF EFI Shell
- Bootloader (i.e. grub)
- OS installation progress. (before built-in GFX driver loaded)
- Pre GFX Driver display (i.e. Android/Linux boot splash or logo,
Windows 8.1 boot progress/safe mode/recovery mode/BSOD/GPU-disabled
desktop, etc.)

GVT-g GOP has below capabilites:
- Check GVT-g compatibility via PV info, only enable GVT-g GOP when it's
compatible with KVMGT.
- R/W MMIO from BAR0.
- R/W Global GTT from BAR0.
- Reserve and program OpRegion address at ASLS location so that guest
driver can decode GVT-g simluated VBT and enabled display properly.
- Reserve guest memory and map to BAR2 partitioned range with proper
GGTT, so that KVMGT can access via proper guest GTT to host GGTT map.
- All supported EFI_GRAPHICS_OUTPUT_BLT_OPERATION from/to video memory.
- Enable/disable GOP content on PIPE_A, PLANE_PRIMARY with proper scaling.
- VBE Shim so that some OS can query non-empty mode info via INT10 call
to enable the desktop when GPU is disabled.

V2:
Program PIPESRC to match active H/V.

Signed-off-by: Colin Xu <colin.xu@intel.com>
---
OvmfPkg/IntelGvtGopDxe/Common.h | 45 +
OvmfPkg/IntelGvtGopDxe/DebugHelper.h | 20 +
OvmfPkg/IntelGvtGopDxe/Display.c | 1077 +++++++++++++++++++++
OvmfPkg/IntelGvtGopDxe/Display.h | 141 +++
OvmfPkg/IntelGvtGopDxe/GopDriver.c | 478 +++++++++
OvmfPkg/IntelGvtGopDxe/GpuReg.c | 91 ++
OvmfPkg/IntelGvtGopDxe/GpuReg.h | 175 ++++
OvmfPkg/IntelGvtGopDxe/Gtt.c | 162 ++++
OvmfPkg/IntelGvtGopDxe/Gtt.h | 51 +
OvmfPkg/IntelGvtGopDxe/IntelGvtGopDxe.inf | 59 ++
OvmfPkg/IntelGvtGopDxe/VbeShim.asm | 343 +++++++
OvmfPkg/IntelGvtGopDxe/VbeShim.c | 258 +++++
OvmfPkg/IntelGvtGopDxe/VbeShim.h | 912 +++++++++++++++++
OvmfPkg/IntelGvtGopDxe/VbeShim.sh | 81 ++
OvmfPkg/IntelGvtGopDxe/VirtualGpu.c | 400 ++++++++
OvmfPkg/IntelGvtGopDxe/VirtualGpu.h | 52 +
16 files changed, 4345 insertions(+)
create mode 100644 OvmfPkg/IntelGvtGopDxe/Common.h
create mode 100644 OvmfPkg/IntelGvtGopDxe/DebugHelper.h
create mode 100644 OvmfPkg/IntelGvtGopDxe/Display.c
create mode 100644 OvmfPkg/IntelGvtGopDxe/Display.h
create mode 100644 OvmfPkg/IntelGvtGopDxe/GopDriver.c
create mode 100644 OvmfPkg/IntelGvtGopDxe/GpuReg.c
create mode 100644 OvmfPkg/IntelGvtGopDxe/GpuReg.h
create mode 100644 OvmfPkg/IntelGvtGopDxe/Gtt.c
create mode 100644 OvmfPkg/IntelGvtGopDxe/Gtt.h
create mode 100644 OvmfPkg/IntelGvtGopDxe/IntelGvtGopDxe.inf
create mode 100644 OvmfPkg/IntelGvtGopDxe/VbeShim.asm
create mode 100644 OvmfPkg/IntelGvtGopDxe/VbeShim.c
create mode 100644 OvmfPkg/IntelGvtGopDxe/VbeShim.h
create mode 100755 OvmfPkg/IntelGvtGopDxe/VbeShim.sh
create mode 100644 OvmfPkg/IntelGvtGopDxe/VirtualGpu.c
create mode 100644 OvmfPkg/IntelGvtGopDxe/VirtualGpu.h

diff --git a/OvmfPkg/IntelGvtGopDxe/Common.h b/OvmfPkg/IntelGvtGopDxe/Common.h
new file mode 100644
index 000000000000..cf30752eb8f3
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Common.h
@@ -0,0 +1,45 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __COMMON_H_
+
+#include <Protocol/PciIo.h>
+#include <Protocol/DevicePath.h>
+#include <Protocol/GraphicsOutput.h>
+
+#include <Library/BaseLib.h>
+#include <Library/PcdLib.h>
+#include <Library/UefiLib.h>
+#include <Library/UefiDriverEntryPoint.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/DevicePathLib.h>
+
+#include <IndustryStandard/Pci.h>
+
+#include "DebugHelper.h"
+
+#define IS_ALIGNED(addr, size) (((UINTN) (addr) & (size - 1)) == 0)
+
+typedef struct {
+ UINT64 Signature;
+ EFI_HANDLE Handle;
+ EFI_PCI_IO_PROTOCOL *PciIo;
+ UINT64 OriginalPciAttr;
+ EFI_GRAPHICS_OUTPUT_PROTOCOL GraphicsOutputProtocol;
+ EFI_DEVICE_PATH_PROTOCOL *GopDevPath;
+ VOID *VirtualGpu;
+} GVT_GOP_PRIVATE_DATA;
+
+#define GVT_GOP_MAGIC SIGNATURE_64('G','V','T','G','V','G','O','P')
+#define GVT_GOP_PRIVATE_DATA_FROM_THIS(a) CR(a, GVT_GOP_PRIVATE_DATA, GraphicsOutputProtocol, GVT_GOP_MAGIC)
+
+#define __COMMON_H_
+#endif //__COMMON_H_
diff --git a/OvmfPkg/IntelGvtGopDxe/DebugHelper.h b/OvmfPkg/IntelGvtGopDxe/DebugHelper.h
new file mode 100644
index 000000000000..75158d713ec3
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/DebugHelper.h
@@ -0,0 +1,20 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __DEBUGHELPER_H_
+#define __DEBUGHELPER_H_
+
+#include <Library/DebugLib.h>
+
+#define GVT_DEBUG(ErrLevel, Fmt, Args...) \
+ do { \
+ DEBUG ((ErrLevel, "GvtGop: "Fmt, ##Args));\
+ } while (FALSE)
+
+#endif //__DEBUGHELPER_H_
diff --git a/OvmfPkg/IntelGvtGopDxe/Display.c b/OvmfPkg/IntelGvtGopDxe/Display.c
new file mode 100644
index 000000000000..133de25ff03c
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Display.c
@@ -0,0 +1,1077 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "Common.h"
+#include "Display.h"
+#include "GpuReg.h"
+#include "Gtt.h"
+#include "VirtualGpu.h"
+
+EFI_STATUS
+IntelVirtualGpuDisplayInit (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ PINTEL_VIRTUAL_GPU_DISPLAY Display;
+ UINT32 Val32;
+ UINTN Width, Height, ModeNumber;
+ EFI_TPL OriginalTPL;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+ Display = &VirtualGpu->Display;
+
+ /*
+ * If PcdVideoHorizontalResolution or PcdVideoVerticalResolution is not set,
+ * GOP will query the mode list reported to find the highest resolution.
+ * Otherwise, check if the set PcdVideo*Resolution is defined.
+ * If not supported, try 800x600 which is required by UEFI/EFI spec.
+ * If still not supported, use the 1st mode in mode list.
+ * If there are multiple video devices, graphic console driver will set all
+ * the video devices to the same mode.
+ * According to UEFI/EFI spec, in addition to platform design guide, on-board
+ * graphics should support native mode of the display, plug-in graphics
+ * should support 800x600x32 or 640x480x32.
+ * According to some OS requirement (i.e. UEFI requirment for Windows 10),
+ * integrated displays should support panel native resolution and external
+ * displays should support the maximum resolution of both GPU and display in
+ * GOP. For alternate display output, it should support native or highest
+ * compatible resolution, otherwise support an known mode to be compatible
+ * with as many monitors as possible (640x480, 1024x768).
+ * Due to above requirement, use native resolution if PcdVideo*Resolution is
+ * not defined. To reduce GGTT write overhead, also limit the maximum to
+ * DISPLAY_WIDTH_MAX/DISPLAY_HEIGHT_MAX.
+ */
+
+ RegRead32 (Private, HTOTAL(PIPE_A), &Val32);
+ Display->HActive = (Val32 & 0xFFF) + 1;
+ RegRead32 (Private, VTOTAL(PIPE_A), &Val32);
+ Display->VActive = (Val32 & 0xFFF) + 1;
+
+ if (Display->HActive != 0 && Display->VActive != 0) {
+ Width = Display->HActive;
+ Height = Display->VActive;
+ if (Display->HActive > DISPLAY_WIDTH_MAX ||
+ Display->VActive > DISPLAY_HEIGHT_MAX) {
+ Width = DISPLAY_WIDTH_MAX;
+ Height = DISPLAY_HEIGHT_MAX;
+ }
+ } else {
+ Width = DISPLAY_WIDTH_DEFAULT;
+ Height = DISPLAY_HEIGHT_DEFAULT;
+ }
+
+ Display->Width = Width;
+ Display->Height = Height;
+ Display->Format = PixelBlueGreenRedReserved8BitPerColor;
+ Display->Bpp = 4;
+ Display->MaxMode = 1;
+
+ // Add default if defined
+ if (PcdGet32 (PcdVideoHorizontalResolution) != 0 &&
+ PcdGet32 (PcdVideoVerticalResolution) != 0 &&
+ PcdGet32 (PcdVideoHorizontalResolution) != Width &&
+ PcdGet32 (PcdVideoVerticalResolution) != Height) {
+ ++Display->MaxMode;
+ }
+
+ Display->CurrentMode = DISPLAY_MODE_INVALID;
+ Display->FrameBufferBltConfigure = NULL;
+ Display->FrameBufferBltConfigureSize = 0;
+
+ // Linear must start at 256K, stride align at 64
+ Display->WidthBytes = Display->Width * Display->Bpp;
+ Display->StrideBytes = ALIGN_VALUE (Display->WidthBytes, 64);
+ Display->FbSize = Display->StrideBytes * Display->Height;
+ Display->Pages = EFI_SIZE_TO_PAGES (Display->FbSize);
+
+ Display->FbGMAddr = VirtualGpu->GpuMemAddr + VirtualGpu->VisibleOffset;
+ Display->FbGMAddr = ALIGN_VALUE (Display->FbGMAddr, SIZE_256KB);
+
+ Status = gBS->AllocatePages (
+ AllocateAnyPages,
+ EfiReservedMemoryType,
+ Display->Pages,
+ &Display->FbPhysicalAddr
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePages failed for display FB, pages %d, size %lx, status %d\n",
+ Display->Pages, Display->FbSize, Status
+ );
+ return Status;
+ }
+
+ Status = UpdateGGTT (Private,
+ Display->FbGMAddr,
+ Display->FbPhysicalAddr,
+ Display->Pages
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to Update GGTT for display, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ OriginalTPL = gBS->RaiseTPL (TPL_NOTIFY);
+ Status = IntelVirtualGpuBltVideoFill (
+ Display,
+ (EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION){{0, 0, 0, 0}},
+ (BLT_RECTANGLE){0, 0, Display->Width, Display->Height});
+ gBS->RestoreTPL (OriginalTPL);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to clear rectangle at [%d, %d] size %dx%d with color 0x%08x, status %d\n",
+ (BLT_RECTANGLE){0, 0, Display->Width, Display->Height}.X,
+ (BLT_RECTANGLE){0, 0, Display->Width, Display->Height}.Y,
+ (BLT_RECTANGLE){0, 0, Display->Width, Display->Height}.Width,
+ (BLT_RECTANGLE){0, 0, Display->Width, Display->Height}.Height,
+ (EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION){{0, 0, 0, 0}}.Raw,
+ Status
+ );
+ goto Done;
+ }
+
+ Status = gBS->AllocatePool (
+ EfiBootServicesData,
+ sizeof (EFI_GRAPHICS_OUTPUT_MODE_INFORMATION) * Display->MaxMode,
+ (VOID **)&Display->ModeList
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePool failed for display mode list, size %d, status %d\n",
+ sizeof (EFI_GRAPHICS_OUTPUT_MODE_INFORMATION) * Display->MaxMode,
+ Status
+ );
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+
+ for (ModeNumber = 0; ModeNumber < Display->MaxMode; ModeNumber++) {
+ Display->ModeList[ModeNumber].Version = 0;
+ Display->ModeList[ModeNumber].HorizontalResolution = Display->Width;
+ Display->ModeList[ModeNumber].VerticalResolution = Display->Height;
+ Display->ModeList[ModeNumber].PixelFormat = Display->Format;
+ Display->ModeList[ModeNumber].PixelsPerScanLine = Display->Width;
+ }
+ if (Display->MaxMode > 1) {
+ Display->ModeList[1].HorizontalResolution = PcdGet32 (PcdVideoHorizontalResolution);
+ Display->ModeList[1].VerticalResolution = PcdGet32 (PcdVideoVerticalResolution);
+ Display->ModeList[1].PixelsPerScanLine = PcdGet32 (PcdVideoHorizontalResolution);
+ }
+
+ Private->GraphicsOutputProtocol.QueryMode = IntelVirtualGpuQueryMode;
+ Private->GraphicsOutputProtocol.SetMode = IntelVirtualGpuSetMode;
+ Private->GraphicsOutputProtocol.Blt = IntelVirtualGpuBlt;
+ Private->GraphicsOutputProtocol.Mode->MaxMode = Display->MaxMode;
+ Private->GraphicsOutputProtocol.Mode->Mode = Display->CurrentMode;
+ Private->GraphicsOutputProtocol.Mode->SizeOfInfo =
+ sizeof(EFI_GRAPHICS_OUTPUT_MODE_INFORMATION) * Display->MaxMode;
+
+ Status = gBS->AllocatePool (
+ EfiBootServicesData,
+ Private->GraphicsOutputProtocol.Mode->SizeOfInfo,
+ (VOID **)&Private->GraphicsOutputProtocol.Mode->Info
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePool failed for display mode info, size %d, status %d\n",
+ Private->GraphicsOutputProtocol.Mode->SizeOfInfo, Status
+ );
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+
+ CopyMem (
+ Private->GraphicsOutputProtocol.Mode->Info,
+ Display->ModeList,
+ sizeof (EFI_GRAPHICS_OUTPUT_MODE_INFORMATION) * Display->MaxMode
+ );
+
+ Private->GraphicsOutputProtocol.Mode->FrameBufferBase = Display->FbGMAddr;
+ Private->GraphicsOutputProtocol.Mode->FrameBufferSize = Display->FbSize;
+
+ InstallVbeShim (L"GVT-g VBIOS", Display->FbGMAddr);
+
+ GVT_DEBUG (EFI_D_INFO,
+ "modes %d, max %dx%d, OVMF default %dx%d\n",
+ Display->MaxMode,
+ Display->Width, Display->Height,
+ PcdGet32 (PcdVideoHorizontalResolution),
+ PcdGet32 (PcdVideoVerticalResolution)
+ );
+ for (ModeNumber = 0; ModeNumber < Display->MaxMode; ModeNumber++) {
+ GVT_DEBUG (EFI_D_INFO,
+ " mode %d: %dx%d BGRX, stride %d\n",
+ ModeNumber,
+ Display->ModeList[ModeNumber].HorizontalResolution,
+ Display->ModeList[ModeNumber].VerticalResolution,
+ ALIGN_VALUE (Display->ModeList[ModeNumber].HorizontalResolution * Display->Bpp, 64)
+ );
+ }
+ GVT_DEBUG (EFI_D_INFO,
+ "FrameBuffer: GMADR %lx, PADDR %lx, size %lx, pages %d, INTERNAL_BLT %d\n",
+ Display->FbGMAddr, Display->FbPhysicalAddr, Display->FbSize, Display->Pages,
+ DISPLAY_USE_INTERNAL_BLT
+ );
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+
+}
+
+EFI_STATUS
+IntelVirtualGpuDisplayClean (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ PINTEL_VIRTUAL_GPU_DISPLAY Display;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+ Display = &VirtualGpu->Display;
+
+ if (Private->GraphicsOutputProtocol.Mode->Info) {
+ Status = gBS->FreePool (Private->GraphicsOutputProtocol.Mode->Info);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "FreePool failed for display mode info, size %d, status %d\n",
+ Private->GraphicsOutputProtocol.Mode->SizeOfInfo, Status
+ );
+ goto Done;
+ }
+ Private->GraphicsOutputProtocol.Mode->SizeOfInfo = 0;
+ Private->GraphicsOutputProtocol.Mode->Info = NULL;
+ }
+ Private->GraphicsOutputProtocol.Mode->MaxMode = 0;
+ Private->GraphicsOutputProtocol.Mode->Mode = DISPLAY_MODE_INVALID;
+
+ if (Display->FbPhysicalAddr) {
+ Status = gBS->FreePages (Display->FbPhysicalAddr, Display->Pages);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "FreePages failed for display FB, pages %d, size %lx, status %d\n",
+ Display->Pages, Display->FbSize, Status
+ );
+ goto Done;
+ }
+ Display->FbPhysicalAddr = 0;
+ Display->Pages = 0;
+ Display->FbSize = 0;
+ }
+
+ Status = EFI_SUCCESS;
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+EFIAPI
+IntelVirtualGpuQueryMode (
+ IN EFI_GRAPHICS_OUTPUT_PROTOCOL *This,
+ IN UINT32 ModeNumber,
+ OUT UINTN *SizeOfInfo,
+ OUT EFI_GRAPHICS_OUTPUT_MODE_INFORMATION **Info
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+ GVT_GOP_PRIVATE_DATA *GvtGopPrivate = NULL;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ PINTEL_VIRTUAL_GPU_DISPLAY Display;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ GvtGopPrivate = GVT_GOP_PRIVATE_DATA_FROM_THIS (This);
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)GvtGopPrivate->VirtualGpu;
+ Display = &VirtualGpu->Display;
+
+ if (ModeNumber >= Display->MaxMode) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Invalid ModeNumber, request %d, max %d, status %d\n",
+ ModeNumber, Display->MaxMode, Status
+ );
+ Status = EFI_INVALID_PARAMETER;
+ goto Done;
+ }
+
+ Status = gBS->AllocatePool (
+ EfiBootServicesData,
+ sizeof(EFI_GRAPHICS_OUTPUT_MODE_INFORMATION),
+ (VOID **)Info
+ );
+ if (EFI_ERROR (Status) || *Info == NULL) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePool failed for queried mode info, size %d, status %d\n",
+ sizeof(EFI_GRAPHICS_OUTPUT_MODE_INFORMATION), Status
+ );
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+
+ *SizeOfInfo = sizeof (EFI_GRAPHICS_OUTPUT_MODE_INFORMATION);
+ CopyMem (
+ *Info,
+ &Display->ModeList[ModeNumber],
+ sizeof (EFI_GRAPHICS_OUTPUT_MODE_INFORMATION)
+ );
+
+ Status = EFI_SUCCESS;
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+EFIAPI
+IntelVirtualGpuSetMode (
+ IN EFI_GRAPHICS_OUTPUT_PROTOCOL *This,
+ IN UINT32 ModeNumber
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+ GVT_GOP_PRIVATE_DATA *GvtGopPrivate = NULL;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ PINTEL_VIRTUAL_GPU_DISPLAY Display;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ GvtGopPrivate = GVT_GOP_PRIVATE_DATA_FROM_THIS (This);
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)GvtGopPrivate->VirtualGpu;
+ Display = &VirtualGpu->Display;
+
+ if (ModeNumber >= Display->MaxMode) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Invalid ModeNumber, request %d, max %d, status %d\n",
+ ModeNumber, Display->MaxMode, Status
+ );
+ Status = EFI_INVALID_PARAMETER;
+ goto Done;
+ }
+
+#if (DISPLAY_USE_INTERNAL_BLT == 1)
+ Status = IntelVirtualGpuBltVideoFill (
+ Display,
+ (EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION){{0, 0, 0, 0}},
+ (BLT_RECTANGLE){0, 0, This->Mode->Info->HorizontalResolution, This->Mode->Info->VerticalResolution});
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "IntelVirtualGpuBltVideoFill failed for mode %d, status %d\n",
+ ModeNumber,
+ Status
+ );
+ }
+#else
+ Status = FrameBufferBltConfigure (
+ (VOID*) (UINTN) This->Mode->FrameBufferBase,
+ This->Mode->Info,
+ Display->FrameBufferBltConfigure,
+ &Display->FrameBufferBltConfigureSize
+ );
+ if (Status == RETURN_BUFFER_TOO_SMALL) {
+ if (Display->FrameBufferBltConfigure != NULL) {
+ Status = gBS->FreePool (Display->FrameBufferBltConfigure);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "FreePool failed for FrameBufferBltConfigure, status %d\n",
+ Status
+ );
+ goto Done;
+ }
+ }
+ Status = gBS->AllocatePool (
+ EfiBootServicesData,
+ Display->FrameBufferBltConfigureSize,
+ (VOID **)&Display->FrameBufferBltConfigure
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePool failed for FrameBufferBltConfigure, size %d, status %d\n",
+ Display->FrameBufferBltConfigureSize,
+ Status
+ );
+ goto Done;
+ }
+
+ Status = FrameBufferBltConfigure (
+ (VOID*) (UINTN) This->Mode->FrameBufferBase,
+ This->Mode->Info,
+ Display->FrameBufferBltConfigure,
+ &Display->FrameBufferBltConfigureSize
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "FrameBufferBltConfigure failed for mode %d, status %d\n",
+ ModeNumber,
+ Status
+ );
+ goto Done;
+ }
+ }
+
+ Status = FrameBufferBlt (
+ Display->FrameBufferBltConfigure,
+ &(EFI_GRAPHICS_OUTPUT_BLT_PIXEL){0, 0, 0, 0},
+ EfiBltVideoFill,
+ 0, 0,
+ 0, 0,
+ This->Mode->Info->HorizontalResolution,
+ This->Mode->Info->VerticalResolution,
+ 0
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "FrameBufferBlt BltOperation %d failed for mode %d, color 0x%08x, status %d\n",
+ EfiBltVideoFill,
+ ModeNumber,
+ (EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION){{0, 0, 0, 0}}.Raw,
+ Status
+ );
+ }
+#endif
+
+ Status = IntelVirtualGpuEnableDisplay (
+ GvtGopPrivate,
+ ModeNumber,
+ FALSE
+ );
+
+ Status = IntelVirtualGpuEnableDisplay (
+ GvtGopPrivate,
+ ModeNumber,
+ TRUE
+ );
+
+ // Set current mode info in GOP
+ This->Mode->Mode = ModeNumber;
+ CopyMem (
+ This->Mode->Info,
+ &Display->ModeList[ModeNumber],
+ sizeof (EFI_GRAPHICS_OUTPUT_MODE_INFORMATION)
+ );
+
+ GVT_DEBUG (EFI_D_INFO, "Set mode %d, %dx%d, status %d\n",
+ ModeNumber,
+ Display->ModeList[ModeNumber].HorizontalResolution,
+ Display->ModeList[ModeNumber].VerticalResolution,
+ Status
+ );
+
+Done:
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+EFIAPI
+IntelVirtualGpuBlt (
+ IN EFI_GRAPHICS_OUTPUT_PROTOCOL *This,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer, OPTIONAL
+ IN EFI_GRAPHICS_OUTPUT_BLT_OPERATION BltOperation,
+ IN UINTN SourceX,
+ IN UINTN SourceY,
+ IN UINTN DestinationX,
+ IN UINTN DestinationY,
+ IN UINTN Width,
+ IN UINTN Height,
+ IN UINTN Delta OPTIONAL
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+ GVT_GOP_PRIVATE_DATA *GvtGopPrivate = NULL;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ PINTEL_VIRTUAL_GPU_DISPLAY Display;
+ EFI_TPL OriginalTPL;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ GvtGopPrivate = GVT_GOP_PRIVATE_DATA_FROM_THIS (This);
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)GvtGopPrivate->VirtualGpu;
+ Display = &VirtualGpu->Display;
+
+ OriginalTPL = gBS->RaiseTPL (TPL_NOTIFY);
+
+#if (DISPLAY_USE_INTERNAL_BLT == 1)
+ switch (BltOperation) {
+ case EfiBltVideoFill:
+ Status = IntelVirtualGpuBltVideoFill (
+ Display,
+ (EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION)(*BltBuffer),
+ (BLT_RECTANGLE){DestinationX, DestinationY, Width, Height});
+ RegWrite32 (GvtGopPrivate,
+ PLANE_SURF(PIPE_A, PLANE_PRIMARY),
+ Display->FbGMAddr
+ );
+ break;
+ case EfiBltVideoToBltBuffer:
+ Status = IntelVirtualGpuBltVideoToBuffer (
+ Display,
+ BltBuffer,
+ (BLT_RECTANGLE){SourceX, SourceY, Width, Height},
+ (BLT_RECTANGLE){DestinationX, DestinationY, Width, Height},
+ Delta
+ );
+ break;
+ case EfiBltBufferToVideo:
+ Status = IntelVirtualGpuBltVideoFromBuffer (
+ Display,
+ BltBuffer,
+ (BLT_RECTANGLE){SourceX, SourceY, Width, Height},
+ (BLT_RECTANGLE){DestinationX, DestinationY, Width, Height},
+ Delta
+ );
+ RegWrite32 (GvtGopPrivate,
+ PLANE_SURF(PIPE_A, PLANE_PRIMARY),
+ Display->FbGMAddr
+ );
+ break;
+ case EfiBltVideoToVideo:
+ Status = IntelVirtualGpuBltVideoToVideo (
+ Display,
+ (BLT_RECTANGLE){SourceX, SourceY, Width, Height},
+ (BLT_RECTANGLE){DestinationX, DestinationY, Width, Height}
+ );
+ RegWrite32 (GvtGopPrivate,
+ PLANE_SURF(PIPE_A, PLANE_PRIMARY),
+ Display->FbGMAddr
+ );
+ break;
+ default:
+ GVT_DEBUG (EFI_D_INFO, "Unsupported EFI_GRAPHICS_OUTPUT_BLT_OPERATION %d\n", BltOperation);
+ Status = EFI_UNSUPPORTED;
+ break;
+ }
+#else
+ switch (BltOperation) {
+ case EfiBltVideoToBltBuffer:
+ case EfiBltVideoFill:
+ case EfiBltBufferToVideo:
+ case EfiBltVideoToVideo:
+ Status = FrameBufferBlt (
+ Display->FrameBufferBltConfigure,
+ BltBuffer,
+ BltOperation,
+ SourceX,
+ SourceY,
+ DestinationX,
+ DestinationY,
+ Width,
+ Height,
+ Delta
+ );
+ if (BltOperation != EfiBltVideoToBltBuffer) {
+ RegWrite32 (GvtGopPrivate,
+ PLANE_SURF(PIPE_A, PLANE_PRIMARY),
+ Display->FbGMAddr
+ );
+ }
+ break;
+ default:
+ GVT_DEBUG (EFI_D_INFO, "Unsupported EFI_GRAPHICS_OUTPUT_BLT_OPERATION %d\n", BltOperation);
+ Status = EFI_UNSUPPORTED;
+ break;
+ }
+#endif
+
+ gBS->RestoreTPL (OriginalTPL);
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuEnableDisplay (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT32 ModeNumber,
+ IN BOOLEAN Enable
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ PINTEL_VIRTUAL_GPU_DISPLAY Display;
+ UINT32 Width, Height, Val32;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+ Display = &VirtualGpu->Display;
+
+ if (ModeNumber >= Display->MaxMode) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Invalid ModeNumber, request %d, max %d, status %d\n",
+ ModeNumber, Display->MaxMode, Status
+ );
+ Status = EFI_INVALID_PARAMETER;
+ goto Done;
+ }
+
+ Width = Display->ModeList[ModeNumber].HorizontalResolution;
+ Height = Display->ModeList[ModeNumber].VerticalResolution;
+
+ if (Enable) {
+ Display->CurrentMode = ModeNumber;
+
+ Val32 = (Display->HActive - 1) << 16;
+ Val32 |= Display->VActive;
+ RegWrite32 (Private, PIPESRC(PIPE_A), Val32);
+
+ RegRead32 (Private, PIPE_CONF(PIPE_A), &Val32);
+ Val32 |= PIPE_CONF_ENABLE;
+ RegWrite32 (Private, PIPE_CONF(PIPE_A), Val32);
+
+ Val32 = (Width - 1) & 0xFFF;
+ Val32 |= ((Height - 1) & 0xFFF) << 16;
+ RegWrite32 (Private, PLANE_SIZE(PIPE_A, PLANE_PRIMARY), Val32);
+ RegWrite32 (Private, PLANE_POS(PIPE_A, PLANE_PRIMARY), 0);
+
+ // Convert mode with to stride in chunks of 64 bytes as required by PLANE_STRIDE
+ Val32 = Display->ModeList[ModeNumber].HorizontalResolution * Display->Bpp;
+ Val32 = ALIGN_VALUE (Val32, 64);
+ Val32 = (Val32 / 64) & PLANE_STRIDE_MASK;
+ RegWrite32 (Private, PLANE_STRIDE(PIPE_A, PLANE_PRIMARY), Val32);
+
+ RegWrite32 (Private, PLANE_SURF(PIPE_A, PLANE_PRIMARY), Display->FbGMAddr);
+
+ // Stretch to fullscreen if current mode is smaller than H/V active.
+ if (Display->HActive != Width ||
+ Display->VActive != Height) {
+ RegWrite32 (Private, PS_WIN_POS(PIPE_A, 0), 0);
+ RegWrite32 (Private,
+ PS_WIN_SZ(PIPE_A, 0),
+ Display->HActive << 16 | Display->VActive
+ );
+ RegRead32 (Private, PS_CTRL(PIPE_A, 0), &Val32);
+ Val32 |= PS_CTRL_SCALER_EN;
+ Val32 &= ~PS_CTRL_SCALER_MODE_MASK;
+ Val32 |= PS_CTRL_SCALER_MODE_DYN;
+ Val32 &= ~PS_CTRL_SCALER_BINDING_MASK;
+ Val32 |= PS_CTRL_PLANE_SEL(PLANE_PRIMARY);
+ Val32 &= ~PS_CTRL_SCALER_FILTER_MASK;
+ Val32 |= PS_CTRL_SCALER_FILTER_MEDIUM;
+ RegWrite32 (Private, PS_CTRL(PIPE_A, 0), Val32);
+ }
+
+ RegRead32 (Private, PLANE_CTL(PIPE_A, PLANE_PRIMARY), &Val32);
+ Val32 |= PLANE_CTL_ENABLE;
+ Val32 &= ~PLANE_CTL_PIPE_GAMMA_ENABLE;
+ Val32 &= ~PLANE_CTL_FORMAT_MASK;
+ Val32 |= PLANE_CTL_FORMAT_XRGB_8888;
+ Val32 &= ~PLANE_CTL_PIPE_CSC_ENABLE;
+ Val32 &= ~PLANE_CTL_KEY_ENABLE_MASK;
+ Val32 &= ~PLANE_CTL_ORDER_RGBX;
+ if (Display->ModeList[ModeNumber].PixelFormat == PixelRedGreenBlueReserved8BitPerColor) {
+ Val32 |= PLANE_CTL_ORDER_RGBX;
+ }
+ Val32 &= ~PLANE_CTL_RENDER_DECOMPRESSION_ENABLE;
+ Val32 |= PLANE_CTL_PLANE_GAMMA_DISABLE;
+ Val32 &= ~PLANE_CTL_TILED_MASK;
+ Val32 |= PLANE_CTL_TILED_LINEAR;
+ Val32 &= ~PLANE_CTL_ASYNC_FLIP;
+ Val32 &= ~PLANE_CTL_ALPHA_MASK;
+ Val32 |= PLANE_CTL_ALPHA_DISABLE;
+ Val32 &= ~PLANE_CTL_ROTATE_MASK;
+ Val32 |= PLANE_CTL_ROTATE_0;
+ RegWrite32 (Private, PLANE_CTL(PIPE_A, PLANE_PRIMARY), Val32);
+ } else {
+ Display->CurrentMode = DISPLAY_MODE_INVALID;
+
+ RegRead32 (Private, PLANE_CTL(PIPE_A, PLANE_PRIMARY), &Val32);
+ Val32 &= ~PLANE_CTL_ENABLE;
+ RegWrite32 (Private, PLANE_CTL(PIPE_A, PLANE_PRIMARY), Val32);
+ RegWrite32 (Private, PLANE_SURF(PIPE_A, PLANE_PRIMARY), 0);
+
+ RegRead32 (Private, PS_CTRL(PIPE_A, 0), &Val32);
+ Val32 &= ~PS_CTRL_SCALER_EN;
+ RegWrite32 (Private, PS_CTRL(PIPE_A, 0), Val32);
+ RegWrite32 (Private, PS_WIN_POS(PIPE_A, 0), 0);
+ RegWrite32 (Private, PS_WIN_SZ(PIPE_A, 0), 0);
+
+ RegRead32 (Private, PIPE_CONF(PIPE_A), &Val32);
+ Val32 &= ~PIPE_CONF_ENABLE;
+ RegWrite32 (Private, PIPE_CONF(PIPE_A), Val32);
+ }
+
+ Status = EFI_SUCCESS;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: %a mode %dx%d 0x%x, scaling %a\n",
+ __FUNCTION__,
+ Enable ? "Enable" : "Disable",
+ Width,
+ Height,
+ Display->FbGMAddr,
+ (Display->HActive != Width ||
+ Display->VActive != Height) ? "On" : "Off");
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuNotifyDisplayReady (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN BOOLEAN Ready
+ )
+{
+ return RegWrite32 (
+ Private,
+ vgtif_reg(display_ready),
+ Ready ? VGT_DRV_DISPLAY_READY : VGT_DRV_DISPLAY_NOT_READY
+ );
+}
+
+EFI_STATUS
+IntelVirtualGpuBltVideoFill (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION BltPixel,
+ IN BLT_RECTANGLE Destination
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ VOID *DestAddr;
+ UINTN DestBytes, ModeStrideBytes, Line;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ if (Destination.Width == 0 || Destination.Height == 0) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoFill invalid destination rectangle [%d, %d] \n",
+ Destination.Width, Destination.Height
+ );
+ goto Done;
+ }
+
+ if ((Destination.X + Destination.Width > Display->Width) ||
+ (Destination.Y + Destination.Height > Display->Height)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoFill destination [%d, %d] to [%d, %d] ouf of range [%d, %d]\n",
+ Destination.X, Destination.Y,
+ Destination.X + Destination.Width, Destination.Y + Destination.Height,
+ Display->Width, Display->Height
+ );
+ goto Done;
+ }
+
+ if (Display->CurrentMode == DISPLAY_MODE_INVALID) {
+ ModeStrideBytes = Display->Width;
+ } else {
+ ModeStrideBytes = Display->ModeList[Display->CurrentMode].HorizontalResolution;
+ }
+ ModeStrideBytes = ALIGN_VALUE (ModeStrideBytes * Display->Bpp, 64);
+
+ if (Destination.Width * Display->Bpp == ModeStrideBytes) {
+ DestAddr = (UINT8*)Display->FbGMAddr + Destination.Y * ModeStrideBytes;
+ DestBytes = Destination.Width * Display->Bpp * Destination.Height;
+ SetMem32 ((VOID*)DestAddr, DestBytes, BltPixel.Raw);
+ } else {
+
+ for (Line = 0; Line < Destination.Height; Line++) {
+ DestAddr = (UINT8*)Display->FbGMAddr +
+ (Line + Destination.Y) * ModeStrideBytes +
+ Destination.X * Display->Bpp;
+ DestBytes = Destination.Width * Display->Bpp;
+
+ SetMem32 (DestAddr, DestBytes, BltPixel.Raw);
+ }
+ }
+
+ Status = EFI_SUCCESS;
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuBltVideoToBuffer (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer,
+ IN BLT_RECTANGLE Source,
+ IN BLT_RECTANGLE Destination,
+ IN UINTN Delta
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ VOID *SourceAddr, *DestAddr;
+ UINTN DestStride, CopyBytes, ModeStrideBytes, Line;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ if (Source.Width == 0 || Source.Height == 0) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToBltBuffer invalid source rectangle [%d, %d] \n",
+ Source.Width, Source.Height
+ );
+ goto Done;
+ }
+
+ if (Source.Width != Destination.Width ||
+ Source.Height != Destination.Height) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToBltBuffer size mismatch: source %dx%d, destination %dx%d\n",
+ Source.Width, Source.Height, Destination.Width, Destination.Height
+ );
+ goto Done;
+ }
+
+ if ((Source.X + Source.Width > Display->Width) ||
+ (Source.Y + Source.Height > Display->Height)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToBltBuffer source [%d, %d] to [%d, %d] ouf of range [%d, %d]\n",
+ Source.X, Source.Y,
+ Source.X + Source.Width, Source.Y + Source.Height,
+ Display->Width, Display->Height
+ );
+ goto Done;
+ }
+
+ if (Destination.X != 0 || Destination.Y != 0) {
+ DestStride = Delta;
+ } else {
+ DestStride = Destination.Width * Display->Bpp;
+ }
+
+ if (Display->CurrentMode == DISPLAY_MODE_INVALID) {
+ ModeStrideBytes = Display->Width;
+ } else {
+ ModeStrideBytes = Display->ModeList[Display->CurrentMode].HorizontalResolution;
+ }
+ ModeStrideBytes = ALIGN_VALUE (ModeStrideBytes * Display->Bpp, 64);
+
+ for (Line = 0; Line < Source.Height; Line++) {
+ SourceAddr = (UINT8*)Display->FbGMAddr +
+ (Source.Y + Line) * ModeStrideBytes +
+ Source.X * Display->Bpp;
+ DestAddr = (UINT8*)BltBuffer + (Destination.Y + Line) * DestStride;
+ DestAddr = (UINT8*)DestAddr + Destination.X * Display->Bpp;
+ CopyBytes = Source.Width * Display->Bpp;
+ CopyMem (DestAddr, SourceAddr, CopyBytes);
+ }
+
+ GVT_DEBUG (EFI_D_VERBOSE,
+ "EfiBltVideoToBltBuffer [%d, %d] >> [%d, %d] size [%d, %d] Delta %d\n",
+ Source.X, Source.Y,
+ Destination.X, Destination.Y,
+ Source.Width, Source.Height,
+ Delta
+ );
+
+ Status = EFI_SUCCESS;
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuBltVideoFromBuffer (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer,
+ IN BLT_RECTANGLE Source,
+ IN BLT_RECTANGLE Destination,
+ IN UINTN Delta
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ VOID *SourceAddr, *DestAddr;
+ UINTN SourceStride, CopyBytes, ModeStrideBytes, Line;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ if (Source.Width == 0 || Source.Height == 0) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltBufferToVideo invalid source rectangle [%d, %d] \n",
+ Source.Width, Source.Height
+ );
+ goto Done;
+ }
+
+ if (Source.Width != Destination.Width || Source.Height != Destination.Height) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltBufferToVideo size mismatch: source %dx%d, destination %dx%d\n",
+ Source.Width, Source.Height, Destination.Width, Destination.Height
+ );
+ goto Done;
+ }
+
+ if ((Destination.X + Destination.Width > Display->Width) ||
+ (Destination.Y + Destination.Height > Display->Height)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltBufferToVideo destination [%d, %d] to [%d, %d] ouf of range [%d, %d]\n",
+ Destination.X, Destination.Y,
+ Destination.X + Destination.Width, Destination.Y + Destination.Height,
+ Display->Width, Display->Height
+ );
+ goto Done;
+ }
+
+ if (Source.X != 0 || Source.Y != 0) {
+ SourceStride = Delta;
+ } else {
+ SourceStride = Source.Width * Display->Bpp;
+ }
+
+ if (Display->CurrentMode == DISPLAY_MODE_INVALID) {
+ ModeStrideBytes = Display->Width;
+ } else {
+ ModeStrideBytes = Display->ModeList[Display->CurrentMode].HorizontalResolution;
+ }
+ ModeStrideBytes = ALIGN_VALUE (ModeStrideBytes * Display->Bpp, 64);
+
+ for (Line = 0; Line < Source.Height; Line++) {
+ SourceAddr = (UINT8*)BltBuffer +
+ (Source.Y + Line) * SourceStride +
+ Source.X * Display->Bpp;
+ DestAddr = (UINT8*)Display->FbGMAddr +
+ (Destination.Y + Line) * ModeStrideBytes +
+ Destination.X * Display->Bpp;
+ CopyBytes = Source.Width * Display->Bpp;
+ CopyMem (DestAddr, SourceAddr, CopyBytes);
+ }
+
+ GVT_DEBUG (EFI_D_VERBOSE, "EfiBltBufferToVideo [%d, %d] >> [%d, %d] size [%d, %d] Delta %d\n",
+ Source.X, Source.Y,
+ Destination.X, Destination.Y,
+ Source.Width, Source.Height,
+ Delta
+ );
+
+ Status = EFI_SUCCESS;
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuBltVideoToVideo (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN BLT_RECTANGLE Source,
+ IN BLT_RECTANGLE Destination
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ VOID *SourceAddr, *DestAddr;
+ UINTN CopyBytes, ModeStrideBytes, Line;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ if (Source.Width == 0 || Source.Height == 0) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToVideo invalid source rectangle [%d, %d] \n",
+ Source.Width, Source.Height
+ );
+ goto Done;
+ }
+
+ if (Source.Width != Destination.Width || Source.Height != Destination.Height) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToVideo size mismatch: source %dx%d, destination %dx%d\n",
+ Source.Width, Source.Height, Destination.Width, Destination.Height
+ );
+ goto Done;
+ }
+
+ if ((Source.X + Source.Width > Display->Width) ||
+ (Source.Y + Source.Height > Display->Height)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToVideo source [%d, %d] to [%d, %d] ouf of range [%d, %d]\n",
+ Source.X, Source.Y,
+ Source.X + Source.Width, Source.Y + Source.Height,
+ Display->Width, Display->Height
+ );
+ goto Done;
+ }
+
+ if ((Destination.X + Destination.Width > Display->Width) ||
+ (Destination.Y + Destination.Height > Display->Height)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "EfiBltVideoToVideo destination [%d, %d] to [%d, %d] ouf of range [%d, %d]\n",
+ Destination.X, Destination.Y,
+ Destination.X + Destination.Width, Destination.Y + Destination.Height,
+ Display->Width, Display->Height
+ );
+ goto Done;
+ }
+
+ if (Display->CurrentMode == DISPLAY_MODE_INVALID) {
+ ModeStrideBytes = Display->Width;
+ } else {
+ ModeStrideBytes = Display->ModeList[Display->CurrentMode].HorizontalResolution;
+ }
+ ModeStrideBytes = ALIGN_VALUE (ModeStrideBytes * Display->Bpp, 64);
+
+ for (Line = 0; Line < Source.Height; Line++) {
+ SourceAddr = (UINT8*)Display->FbGMAddr +
+ (Source.Y + Line) * ModeStrideBytes +
+ Source.X * Display->Bpp;
+ DestAddr = (UINT8*)Display->FbGMAddr +
+ (Destination.Y + Line)* ModeStrideBytes +
+ Destination.X * Display->Bpp;
+ CopyBytes = Source.Width * Display->Bpp;
+ //
+ // Overlap could corrupt source content:
+ // src <----|---->
+ // dst <----|---->
+ //
+ if (DestAddr > SourceAddr && DestAddr < (SourceAddr + CopyBytes)) {
+ CopyMem (
+ SourceAddr + CopyBytes,
+ DestAddr,
+ SourceAddr + CopyBytes - DestAddr
+ );
+ CopyMem (DestAddr, SourceAddr, DestAddr - SourceAddr);
+ //
+ // Overlap won't corrupt source content:
+ // src <----|---->
+ // dst <----|---->
+ //
+ // No overlap
+ // src <--------->
+ // dst <--------->
+ //
+ } else {
+ CopyMem (DestAddr, SourceAddr, CopyBytes);
+ }
+ }
+
+ Status = EFI_SUCCESS;
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
diff --git a/OvmfPkg/IntelGvtGopDxe/Display.h b/OvmfPkg/IntelGvtGopDxe/Display.h
new file mode 100644
index 000000000000..19e4d64f3b12
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Display.h
@@ -0,0 +1,141 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __DISPLAY_H_
+#define __DISPLAY_H_
+
+#include <Library/FrameBufferBltLib.h>
+
+typedef struct _BLT_RECTANGLE {
+ UINTN X;
+ UINTN Y;
+ UINTN Width;
+ UINTN Height;
+} BLT_RECTANGLE, *PBLT_RECTANGLE;
+
+#define DISPLAY_WIDTH_MAX 1920
+#define DISPLAY_HEIGHT_MAX 1080
+#define DISPLAY_WIDTH_DEFAULT 1024
+#define DISPLAY_HEIGHT_DEFAULT 768
+#define DISPLAY_MODE_INVALID 0xFFFF
+
+#define DISPLAY_USE_INTERNAL_BLT 1
+
+typedef struct _INTEL_VIRTUAL_GPU_DISPLAY {
+ UINTN HActive;
+ UINTN VActive;
+ UINTN Width;
+ UINTN Height;
+ UINTN WidthBytes;
+ UINTN StrideBytes;
+ EFI_GRAPHICS_PIXEL_FORMAT Format;
+ UINTN Bpp;
+ UINTN MaxMode;
+ UINTN CurrentMode;
+ UINTN FbSize;
+ UINTN Pages;
+ EFI_PHYSICAL_ADDRESS FbGMAddr;
+ EFI_PHYSICAL_ADDRESS FbPhysicalAddr;
+ EFI_GRAPHICS_OUTPUT_MODE_INFORMATION *ModeList;
+ FRAME_BUFFER_CONFIGURE *FrameBufferBltConfigure;
+ UINTN FrameBufferBltConfigureSize;
+} INTEL_VIRTUAL_GPU_DISPLAY, *PINTEL_VIRTUAL_GPU_DISPLAY;
+
+EFI_STATUS
+IntelVirtualGpuDisplayInit (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ );
+
+EFI_STATUS
+IntelVirtualGpuDisplayClean (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ );
+
+EFI_STATUS
+EFIAPI
+IntelVirtualGpuQueryMode (
+ IN EFI_GRAPHICS_OUTPUT_PROTOCOL *This,
+ IN UINT32 ModeNumber,
+ OUT UINTN *SizeOfInfo,
+ OUT EFI_GRAPHICS_OUTPUT_MODE_INFORMATION **Info
+ );
+
+EFI_STATUS
+EFIAPI
+IntelVirtualGpuSetMode (
+ IN EFI_GRAPHICS_OUTPUT_PROTOCOL *This,
+ IN UINT32 ModeNumber
+ );
+
+EFI_STATUS
+EFIAPI
+IntelVirtualGpuBlt (
+ IN EFI_GRAPHICS_OUTPUT_PROTOCOL *This,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer, OPTIONAL
+ IN EFI_GRAPHICS_OUTPUT_BLT_OPERATION BltOperation,
+ IN UINTN SourceX,
+ IN UINTN SourceY,
+ IN UINTN DestinationX,
+ IN UINTN DestinationY,
+ IN UINTN Width,
+ IN UINTN Height,
+ IN UINTN Delta OPTIONAL
+ );
+
+EFI_STATUS
+IntelVirtualGpuEnableDisplay (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT32 ModeNumber,
+ IN BOOLEAN Enable
+ );
+
+EFI_STATUS
+IntelVirtualGpuNotifyDisplayReady (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN BOOLEAN Ready
+ );
+
+EFI_STATUS
+IntelVirtualGpuBltVideoFill (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL_UNION BltPixel,
+ IN BLT_RECTANGLE Destination
+ );
+
+EFI_STATUS
+IntelVirtualGpuBltVideoToBuffer (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer,
+ IN BLT_RECTANGLE Source,
+ IN BLT_RECTANGLE Destination,
+ IN UINTN Delta
+ );
+
+EFI_STATUS
+IntelVirtualGpuBltVideoFromBuffer (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN EFI_GRAPHICS_OUTPUT_BLT_PIXEL *BltBuffer,
+ IN BLT_RECTANGLE Source,
+ IN BLT_RECTANGLE Destination,
+ IN UINTN Delta
+ );
+
+EFI_STATUS
+IntelVirtualGpuBltVideoToVideo (
+ IN PINTEL_VIRTUAL_GPU_DISPLAY Display,
+ IN BLT_RECTANGLE Source,
+ IN BLT_RECTANGLE Destination
+ );
+VOID
+InstallVbeShim (
+ IN CONST CHAR16 *CardName,
+ IN EFI_PHYSICAL_ADDRESS FrameBufferBase
+ );
+
+#endif //__DISPLAY_H_
diff --git a/OvmfPkg/IntelGvtGopDxe/GopDriver.c b/OvmfPkg/IntelGvtGopDxe/GopDriver.c
new file mode 100644
index 000000000000..396e5cf4447c
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/GopDriver.c
@@ -0,0 +1,478 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "Common.h"
+#include "VirtualGpu.h"
+
+EFI_STATUS
+EFIAPI
+GvtGopComponentNameGetDriverName (
+ IN EFI_COMPONENT_NAME_PROTOCOL *This,
+ IN CHAR8 *Language,
+ OUT CHAR16 **DriverName
+ );
+
+EFI_STATUS
+EFIAPI
+GvtGopComponentNameGetControllerName (
+ IN EFI_COMPONENT_NAME_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_HANDLE ChildHandle OPTIONAL,
+ IN CHAR8 *Language,
+ OUT CHAR16 **ControllerName
+ );
+
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_COMPONENT_NAME_PROTOCOL gGvtGopDriverComponentName = {
+ GvtGopComponentNameGetDriverName,
+ GvtGopComponentNameGetControllerName,
+ "eng"
+};
+
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_COMPONENT_NAME2_PROTOCOL gGvtGopDriverComponentName2 = {
+ (EFI_COMPONENT_NAME2_GET_DRIVER_NAME) GvtGopComponentNameGetDriverName,
+ (EFI_COMPONENT_NAME2_GET_CONTROLLER_NAME) GvtGopComponentNameGetControllerName,
+ "en"
+};
+
+
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_UNICODE_STRING_TABLE gGvtGopDriverNameTable[] = {
+ { "eng;en", L"Intel GVT-g GOP Driver" },
+ { NULL , NULL }
+};
+
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_UNICODE_STRING_TABLE gGvtGopControllerNameTable[] = {
+ { "eng;en", L"Intel GVT-g Virtual GPU PCI Adapter" },
+ { NULL , NULL }
+};
+
+STATIC
+EFI_STATUS
+EFIAPI
+GvtGopBindingSupported (
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL
+ )
+{
+ EFI_STATUS Status;
+ EFI_PCI_IO_PROTOCOL *PciIo;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ Status = gBS->OpenProtocol (
+ ControllerHandle,
+ &gEfiPciIoProtocolGuid,
+ (VOID **) &PciIo,
+ This->DriverBindingHandle,
+ ControllerHandle,
+ EFI_OPEN_PROTOCOL_BY_DRIVER
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_VERBOSE,
+ "OpenProtocol gEfiPciIoProtocolGuid failed with %d\n", Status
+ );
+ goto Done;
+ }
+
+ Status = IntelVirtualGpuActive (PciIo);
+
+ gBS->CloseProtocol (
+ ControllerHandle,
+ &gEfiPciIoProtocolGuid,
+ This->DriverBindingHandle,
+ ControllerHandle
+ );
+
+Done:
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+ return Status;
+}
+
+
+STATIC
+EFI_STATUS
+EFIAPI
+GvtGopBindingStart (
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL
+ )
+{
+ EFI_STATUS Status;
+ EFI_TPL OriginalTPL;
+ GVT_GOP_PRIVATE_DATA *GvtGopPrivate = NULL;
+ UINT64 PciAttr;
+ EFI_DEVICE_PATH_PROTOCOL *ParentDevicePath;
+ ACPI_ADR_DEVICE_PATH AcpiDeviceNode;
+ EFI_PCI_IO_PROTOCOL *ChildPciIo;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ OriginalTPL = gBS->RaiseTPL (TPL_CALLBACK);
+
+ Status = gBS->AllocatePool (
+ EfiBootServicesData,
+ sizeof(GVT_GOP_PRIVATE_DATA),
+ (VOID **)&GvtGopPrivate
+ );
+ if (EFI_ERROR (Status) || GvtGopPrivate == NULL) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePool failed for GVT_GOP_PRIVATE_DATA, size %d, status %d\n",
+ sizeof(GVT_GOP_PRIVATE_DATA), Status
+ );
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+
+ ZeroMem (GvtGopPrivate, sizeof(GVT_GOP_PRIVATE_DATA));
+ GvtGopPrivate->Signature = GVT_GOP_MAGIC;
+
+ Status = gBS->AllocatePool (
+ EfiBootServicesData,
+ sizeof(INTEL_VIRTUAL_GPU),
+ &GvtGopPrivate->VirtualGpu
+ );
+ if (EFI_ERROR (Status) || GvtGopPrivate->VirtualGpu == NULL) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "AllocatePool failed for INTEL_VIRTUAL_GPU, size %d, status %d\n",
+ sizeof(INTEL_VIRTUAL_GPU), Status
+ );
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Free;
+ }
+ ZeroMem (GvtGopPrivate->VirtualGpu, sizeof(INTEL_VIRTUAL_GPU));
+
+ Status = gBS->OpenProtocol (
+ ControllerHandle,
+ &gEfiPciIoProtocolGuid,
+ (VOID **) &GvtGopPrivate->PciIo,
+ This->DriverBindingHandle,
+ ControllerHandle,
+ EFI_OPEN_PROTOCOL_BY_DRIVER
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't open protocol gEfiPciIoProtocolGuid, status %d\n", Status
+ );
+ goto Free;
+ }
+
+ Status = GvtGopPrivate->PciIo->Attributes (
+ GvtGopPrivate->PciIo,
+ EfiPciIoAttributeOperationGet,
+ 0,
+ &GvtGopPrivate->OriginalPciAttr
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Failed EfiPciIoAttributeOperationGet, status %d\n", Status
+ );
+ goto Free;
+ }
+
+ PciAttr = EFI_PCI_DEVICE_ENABLE;
+ Status = GvtGopPrivate->PciIo->Attributes (
+ GvtGopPrivate->PciIo,
+ EfiPciIoAttributeOperationEnable,
+ PciAttr,
+ NULL);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Failed EfiPciIoAttributeOperationEnable %llx, status %d\n", PciAttr,
+ Status
+ );
+ goto Free;
+ }
+
+ Status = IntelVirtualGpuInit (GvtGopPrivate);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "Failed IntelVirtualGpuInit, status %d\n", Status);
+ goto Free;
+ }
+
+ Status = gBS->HandleProtocol (
+ ControllerHandle,
+ &gEfiDevicePathProtocolGuid,
+ (VOID **) &ParentDevicePath
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "Fail gEfiDevicePathProtocolGuid, status %d\n",
+ Status
+ );
+ goto Free;
+ }
+
+ ZeroMem (&AcpiDeviceNode, sizeof (ACPI_ADR_DEVICE_PATH));
+ AcpiDeviceNode.Header.Type = ACPI_DEVICE_PATH;
+ AcpiDeviceNode.Header.SubType = ACPI_ADR_DP;
+ AcpiDeviceNode.ADR = ACPI_DISPLAY_ADR (1, 0, 0, 1, 0, ACPI_ADR_DISPLAY_TYPE_EXTERNAL_DIGITAL, 0, 0);
+ SetDevicePathNodeLength (&AcpiDeviceNode.Header, sizeof (ACPI_ADR_DEVICE_PATH));
+ GvtGopPrivate->GopDevPath = AppendDevicePathNode (
+ ParentDevicePath,
+ (EFI_DEVICE_PATH_PROTOCOL *) &AcpiDeviceNode
+ );
+ if (GvtGopPrivate->GopDevPath == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ GVT_DEBUG (EFI_D_ERROR, "Fail AppendDevicePathNode, status %d\n", Status);
+ goto Free;
+ }
+
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &GvtGopPrivate->Handle,
+ &gEfiDevicePathProtocolGuid,
+ GvtGopPrivate->GopDevPath,
+ NULL
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't install protocol gEfiDevicePathProtocolGuid, status %d\n",
+ Status
+ );
+ goto Free;
+ }
+
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &GvtGopPrivate->Handle,
+ &gEfiGraphicsOutputProtocolGuid,
+ &GvtGopPrivate->GraphicsOutputProtocol,
+ NULL
+ );
+
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't install protocol gEfiGraphicsOutputProtocolGuid, status %d\n",
+ Status
+ );
+ goto Free;
+ }
+
+ Status = gBS->OpenProtocol (
+ ControllerHandle,
+ &gEfiPciIoProtocolGuid,
+ (VOID **) &ChildPciIo,
+ This->DriverBindingHandle,
+ GvtGopPrivate->Handle,
+ EFI_OPEN_PROTOCOL_BY_CHILD_CONTROLLER
+ );
+ if (EFI_ERROR (Status)) {
+ goto Free;
+ }
+
+ goto Done;
+
+Free:
+ if (GvtGopPrivate->PciIo) {
+ if (GvtGopPrivate->OriginalPciAttr) {
+ GvtGopPrivate->PciIo->Attributes (
+ GvtGopPrivate->PciIo,
+ EfiPciIoAttributeOperationEnable,
+ GvtGopPrivate->OriginalPciAttr,
+ NULL
+ );
+ }
+ gBS->CloseProtocol (
+ ControllerHandle,
+ &gEfiPciIoProtocolGuid,
+ This->DriverBindingHandle,
+ ControllerHandle
+ );
+ GvtGopPrivate->PciIo = NULL;
+ }
+
+ if (GvtGopPrivate->VirtualGpu) {
+ gBS->FreePool (GvtGopPrivate->VirtualGpu);
+ GvtGopPrivate->VirtualGpu = NULL;
+ }
+
+ if (GvtGopPrivate) {
+ gBS->FreePool (GvtGopPrivate);
+ }
+
+ if (GvtGopPrivate->GopDevPath) {
+ FreePool (GvtGopPrivate->GopDevPath);
+ GvtGopPrivate->GopDevPath = NULL;
+ }
+
+Done:
+
+ gBS->RestoreTPL (OriginalTPL);
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+
+STATIC
+EFI_STATUS
+EFIAPI
+GvtGopBindingStop (
+ IN EFI_DRIVER_BINDING_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN UINTN NumberOfChildren,
+ IN EFI_HANDLE *ChildHandleBuffer OPTIONAL
+ )
+{
+ EFI_GRAPHICS_OUTPUT_PROTOCOL *GraphicsOutputProtocol;
+ EFI_STATUS Status;
+ GVT_GOP_PRIVATE_DATA *GvtGopPrivate = NULL;
+
+ GVT_DEBUG (EFI_D_INFO, "%a: >>>\n", __FUNCTION__);
+
+ Status = gBS->OpenProtocol (
+ ControllerHandle,
+ &gEfiGraphicsOutputProtocolGuid,
+ (VOID **)&GraphicsOutputProtocol,
+ This->DriverBindingHandle,
+ ControllerHandle,
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL
+ );
+ if (EFI_ERROR (Status)) {
+ Status = EFI_NOT_STARTED;
+ goto Done;
+ }
+
+ GvtGopPrivate = GVT_GOP_PRIVATE_DATA_FROM_THIS (GraphicsOutputProtocol);
+ if (!GvtGopPrivate) {
+ Status = EFI_NOT_STARTED;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Intel GVT-g GOP isn't started, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ gBS->UninstallMultipleProtocolInterfaces (
+ GvtGopPrivate->Handle,
+ &gEfiGraphicsOutputProtocolGuid,
+ &GvtGopPrivate->GraphicsOutputProtocol,
+ NULL
+ );
+
+ if (GvtGopPrivate->PciIo) {
+ gBS->CloseProtocol (
+ ControllerHandle,
+ &gEfiPciIoProtocolGuid,
+ This->DriverBindingHandle,
+ ControllerHandle
+ );
+ GvtGopPrivate->PciIo = NULL;
+ }
+
+ Status = IntelVirtualGpuClean (GvtGopPrivate);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "Fail to clean virtual GPU, status %d\n", Status);
+ goto Done;
+ }
+
+ if (GvtGopPrivate->VirtualGpu) {
+ gBS->FreePool (GvtGopPrivate->VirtualGpu);
+ GvtGopPrivate->VirtualGpu = NULL;
+ }
+
+ if (GvtGopPrivate) {
+ gBS->FreePool (GvtGopPrivate);
+ }
+
+Done:
+
+ GVT_DEBUG (EFI_D_INFO, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+STATIC EFI_DRIVER_BINDING_PROTOCOL gGvtGopDriverBinding = {
+ GvtGopBindingSupported,
+ GvtGopBindingStart,
+ GvtGopBindingStop,
+ 0x10,
+ NULL,
+ NULL
+};
+
+EFI_STATUS
+EFIAPI
+GvtGopComponentNameGetDriverName (
+ IN EFI_COMPONENT_NAME_PROTOCOL *This,
+ IN CHAR8 *Language,
+ OUT CHAR16 **DriverName
+ )
+{
+ return LookupUnicodeString2 (
+ Language,
+ This->SupportedLanguages,
+ gGvtGopDriverNameTable,
+ DriverName,
+ (BOOLEAN)(This == &gGvtGopDriverComponentName)
+ );
+}
+
+EFI_STATUS
+EFIAPI
+GvtGopComponentNameGetControllerName (
+ IN EFI_COMPONENT_NAME_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_HANDLE ChildHandle OPTIONAL,
+ IN CHAR8 *Language,
+ OUT CHAR16 **ControllerName
+ )
+{
+ EFI_STATUS Status;
+
+ if (ChildHandle != NULL) {
+ return EFI_UNSUPPORTED;
+ }
+
+ Status = EfiTestManagedDevice (
+ ControllerHandle,
+ gGvtGopDriverBinding.DriverBindingHandle,
+ &gEfiPciIoProtocolGuid
+ );
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ return LookupUnicodeString2 (
+ Language,
+ This->SupportedLanguages,
+ gGvtGopControllerNameTable,
+ ControllerName,
+ (BOOLEAN)(This == &gGvtGopDriverComponentName)
+ );
+}
+
+EFI_STATUS
+EFIAPI
+GvtGopEntryPoint (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ Status = EfiLibInstallDriverBindingComponentName2 (
+ ImageHandle,
+ SystemTable,
+ &gGvtGopDriverBinding,
+ ImageHandle,
+ &gGvtGopDriverComponentName,
+ &gGvtGopDriverComponentName2);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "Failed to install driver %d : %d\n", Status);
+ }
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
diff --git a/OvmfPkg/IntelGvtGopDxe/GpuReg.c b/OvmfPkg/IntelGvtGopDxe/GpuReg.c
new file mode 100644
index 000000000000..778c09d5198c
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/GpuReg.c
@@ -0,0 +1,91 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "GpuReg.h"
+
+EFI_STATUS
+RegRead32 (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT32 Offset,
+ OUT UINT32 *ValuePtr
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+
+ if (Offset < MMIO_SIZE && ValuePtr != NULL) {
+ Status = Private->PciIo->Mem.Read (
+ Private->PciIo,
+ EfiPciIoWidthUint32,
+ PCI_BAR_IDX0,
+ Offset,
+ 1,
+ ValuePtr
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "%a reg %x, value %x, status %d\n",
+ __FUNCTION__, Offset, *ValuePtr, Status
+ );
+ } else {
+ Status = EFI_SUCCESS;
+ GVT_DEBUG (EFI_D_VERBOSE, "%a reg %x, value %x, status %d\n",
+ __FUNCTION__, Offset, *ValuePtr, Status
+ );
+ }
+ } else {
+ Status = EFI_INVALID_PARAMETER;
+ GVT_DEBUG (EFI_D_ERROR,
+ "%a invalid reg %x or ValuePtr %p, status %d\n",
+ __FUNCTION__, Offset, ValuePtr, Status
+ );
+ goto Done;
+ }
+
+Done:
+ return Status;
+}
+
+EFI_STATUS
+RegWrite32 (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT32 Offset,
+ IN UINT32 Value
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+
+ if (Offset < MMIO_SIZE) {
+ Status = Private->PciIo->Mem.Write (
+ Private->PciIo,
+ EfiPciIoWidthUint32,
+ PCI_BAR_IDX0,
+ Offset,
+ 1,
+ &Value
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "%a reg %x, value %x, status %d\n",
+ __FUNCTION__, Offset, Value, Status
+ );
+ } else {
+ Status = EFI_SUCCESS;
+ GVT_DEBUG (EFI_D_VERBOSE, "%a reg %x, value %x, status %d\n",
+ __FUNCTION__, Offset, Value, Status
+ );
+ }
+ } else {
+ Status = EFI_INVALID_PARAMETER;
+ GVT_DEBUG (EFI_D_ERROR, "%a invalid reg %x, status %d\n",
+ __FUNCTION__, Offset, Status
+ );
+ goto Done;
+ }
+
+Done:
+ return Status;
+}
diff --git a/OvmfPkg/IntelGvtGopDxe/GpuReg.h b/OvmfPkg/IntelGvtGopDxe/GpuReg.h
new file mode 100644
index 000000000000..f46f4cef9cd4
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/GpuReg.h
@@ -0,0 +1,175 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __GPUREG_H_
+#define __GPUREG_H_
+
+#include "Common.h"
+
+#define MMIO_SIZE 0x200000
+
+#define VGT_PVINFO_PAGE 0x78000
+#define VGT_PVINFO_SIZE 0x1000
+
+#define VGT_MAGIC 0x4776544776544776ULL /* 'vGTvGTvG' */
+#define VGT_VERSION_MAJOR 1
+#define VGT_VERSION_MINOR 0
+
+#define VGT_DRV_DISPLAY_NOT_READY 0
+#define VGT_DRV_DISPLAY_READY 1
+
+struct vgt_if {
+ UINT64 magic; /* VGT_MAGIC */
+ UINT16 version_major;
+ UINT16 version_minor;
+ UINT32 vgt_id; /* ID of vGT instance */
+ UINT32 vgt_caps; /* VGT capabilities */
+ UINT32 rsv1[11]; /* pad to offset 0x40 */
+ /*
+ * Data structure to describe the balooning info of resources.
+ * Each VM can only have one portion of continuous area for now.
+ * (May support scattered resource in future)
+ * (starting from offset 0x40)
+ */
+ struct {
+ /* Aperture register balooning */
+ struct {
+ UINT32 base;
+ UINT32 size;
+ } mappable_gmadr; /* aperture */
+ /* GMADR register balooning */
+ struct {
+ UINT32 base;
+ UINT32 size;
+ } nonmappable_gmadr; /* non aperture */
+ /* allowed fence registers */
+ UINT32 fence_num;
+ UINT32 rsv2[3];
+ } avail_rs; /* available/assigned resource */
+ UINT32 rsv3[0x200 - 24]; /* pad to half page */
+ /*
+ * The bottom half page is for response from Gfx driver to hypervisor.
+ */
+ UINT32 rsv4;
+ UINT32 display_ready; /* ready for display owner switch */
+
+ UINT32 rsv5[4];
+
+ UINT32 g2v_notify;
+ UINT32 rsv6[5];
+
+ UINT32 cursor_x_hot;
+ UINT32 cursor_y_hot;
+
+ struct {
+ UINT32 lo;
+ UINT32 hi;
+ } pdp[4];
+
+ UINT32 execlist_context_descriptor_lo;
+ UINT32 execlist_context_descriptor_hi;
+
+ UINT32 rsv7[0x200 - 24]; /* pad to one page */
+} PACKED;
+
+#define vgtif_offset(x) (OFFSET_OF(struct vgt_if, x))
+#define vgtif_reg(x) (VGT_PVINFO_PAGE + vgtif_offset(x))
+
+typedef enum _GPU_DISPLAY_PIPE {
+ PIPE_INVALID = -1,
+ PIPE_A = 0,
+ PIPE_B,
+ PIPE_C,
+ PIPE_MAX = PIPE_C
+} GPU_DISPLAY_PIPE;
+
+typedef enum _GPU_DISPLAY_PLANE {
+ PLANE_PRIMARY = 0,
+ PLANE_SPRITE0,
+ PLANE_SPRITE1,
+ PLANE_MAX,
+} GPU_DISPLAY_PLANE;
+
+#define _TRANS_HTOTAL_A 0x60000
+#define _TRANS_VTOTAL_A 0x6000C
+#define _TRANS_REG_OFFSET(trans) (trans * 0x1000)
+
+#define _PS_WIN_POS_1_A 0x68170
+#define _PS_WIN_SZ_1_A 0x68174
+#define _PS_CTRL_1_A 0x68180
+#define _PS_REG_OFFSET(pipe, id) (pipe * 0x800 + id * 0x100)
+#define PS_WIN_POS(pipe, id) (_PS_WIN_POS_1_A + _PS_REG_OFFSET(pipe, id))
+#define PS_WIN_SZ(pipe, id) (_PS_WIN_SZ_1_A + _PS_REG_OFFSET(pipe, id))
+#define PS_CTRL(pipe, id) (_PS_CTRL_1_A + _PS_REG_OFFSET(pipe, id))
+#define PS_CTRL_SCALER_EN (1 << 31)
+#define PS_CTRL_SCALER_MODE_MASK (0x3 << 28)
+#define PS_CTRL_SCALER_MODE_DYN (0 << 28)
+#define PS_CTRL_SCALER_MODE_HQ (1 << 28)
+#define PS_CTRL_SCALER_BINDING_MASK (0x7 << 25)
+#define PS_CTRL_SCALER_BINDING_PIPE (0 << 25)
+#define PS_CTRL_PLANE_SEL(plane) (((plane) + 1) << 25)
+#define PS_CTRL_SCALER_FILTER_MASK (3 << 23)
+#define PS_CTRL_SCALER_FILTER_MEDIUM (0 << 23)
+
+#define PIPE_REG_OFFSET(pipe) (pipe * 0x1000)
+#define _PIPE_CONF_A 0x70008
+#define PIPE_CONF_ENABLE (1 << 31)
+#define _PIPE_SRCSZ_A 0x6001C
+#define PIPE_CONF(pipe) (_PIPE_CONF_A + PIPE_REG_OFFSET(pipe))
+#define PIPESRC(pipe) (_PIPE_SRCSZ_A + PIPE_REG_OFFSET(pipe))
+
+#define _PLANE_CTL_1_A 0x70180
+#define PLANE_CTL_ENABLE (1 << 31)
+#define PLANE_CTL_PIPE_GAMMA_ENABLE (1 << 30)
+#define PLANE_CTL_FORMAT_MASK (0xF << 24)
+#define PLANE_CTL_FORMAT_XRGB_8888 (0x4 << 24)
+#define PLANE_CTL_PIPE_CSC_ENABLE (1 << 23)
+#define PLANE_CTL_KEY_ENABLE_MASK (0x3 << 21)
+#define PLANE_CTL_ORDER_RGBX (1 << 20)
+#define PLANE_CTL_RENDER_DECOMPRESSION_ENABLE (1 << 15)
+#define PLANE_CTL_PLANE_GAMMA_DISABLE (1 << 13)
+#define PLANE_CTL_TILED_MASK (0x7 << 10)
+#define PLANE_CTL_TILED_LINEAR (0 << 10)
+#define PLANE_CTL_ASYNC_FLIP (1 << 9)
+#define PLANE_CTL_ALPHA_MASK (0x3 << 4)
+#define PLANE_CTL_ALPHA_DISABLE (0 << 4)
+#define PLANE_CTL_ROTATE_MASK (0x3 << 0)
+#define PLANE_CTL_ROTATE_0 (0x0 << 0)
+
+#define _PLANE_STRIDE_1_A 0x70188
+#define PLANE_STRIDE_MASK 0x1FF
+#define _PLANE_POS_1_A 0x7018C
+#define _PLANE_SIZE_1_A 0x70190
+#define _PLANE_SURF_1_A 0x7019C
+#define _PLANE_REG_OFFSET(pipe, plane) (pipe * 0x1000 + plane * 0x100)
+
+#define HTOTAL(trans) (_TRANS_HTOTAL_A + _TRANS_REG_OFFSET(trans))
+#define VTOTAL(trans) (_TRANS_VTOTAL_A + _TRANS_REG_OFFSET(trans))
+
+#define PLANE_CTL(pipe, plane) (_PLANE_CTL_1_A + _PLANE_REG_OFFSET(pipe, plane))
+#define PLANE_STRIDE(pipe, plane) (_PLANE_STRIDE_1_A + _PLANE_REG_OFFSET(pipe, plane))
+#define PLANE_POS(pipe, plane) (_PLANE_POS_1_A + _PLANE_REG_OFFSET(pipe, plane))
+#define PLANE_SIZE(pipe, plane) (_PLANE_SIZE_1_A + _PLANE_REG_OFFSET(pipe, plane))
+#define PLANE_SURF(pipe, plane) (_PLANE_SURF_1_A + _PLANE_REG_OFFSET(pipe, plane))
+
+EFI_STATUS
+RegRead32 (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT32 Offset,
+ OUT UINT32 *ValuePtr
+ );
+
+EFI_STATUS
+RegWrite32 (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT32 Offset,
+ IN UINT32 Value
+ );
+
+#endif //__GPUREG_H_
diff --git a/OvmfPkg/IntelGvtGopDxe/Gtt.c b/OvmfPkg/IntelGvtGopDxe/Gtt.c
new file mode 100644
index 000000000000..12782eb5afaa
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Gtt.c
@@ -0,0 +1,162 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "Common.h"
+#include "Gtt.h"
+#include "VirtualGpu.h"
+
+EFI_STATUS
+GGTTGetEntry (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT64 Index,
+ OUT GTT_PTE_ENTRY *Entry
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ EFI_PCI_IO_PROTOCOL *PciIo;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+
+ if (Entry == NULL) {
+ Status = EFI_INVALID_PARAMETER;
+ GVT_DEBUG (EFI_D_ERROR,
+ "%a invalid GGTT entry ptr %p at Index %x, status %d\n",
+ __FUNCTION__, Entry, Index, Status
+ );
+ goto Done;
+ }
+
+ PciIo = Private->PciIo;
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+
+ if (Index >= VirtualGpu->VisibleGGTTOffset &&
+ Index < VirtualGpu->VisibleGGTTOffset + VirtualGpu->VisibleGGTTSize) {
+ Status = PciIo->Mem.Read (
+ PciIo,
+ EfiPciIoWidthUint64,
+ PCI_BAR_IDX0,
+ GTT_OFFSET + Index * GTT_ENTRY_SIZE,
+ 1,
+ Entry
+ );
+ if (EFI_ERROR (Status)) {
+ Entry = 0;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Failed to Get GGTT Entry index %lx, status %d\n", Index, Status
+ );
+ }
+ } else if (Index >= VirtualGpu->InvisibleGGTTOffset &&
+ Index < VirtualGpu->InvisibleGGTTOffset + VirtualGpu->InvisibleGGTTSize) {
+ Status = EFI_UNSUPPORTED;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Skip get GGTT index %lx for invisible GMADR\n", Index
+ );
+ } else {
+ Status = EFI_OUT_OF_RESOURCES;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Skip get GGTT index %lx out-of-range, balloon unsupported\n",
+ Index
+ );
+ }
+
+ GVT_DEBUG (EFI_D_VERBOSE, "Get GGTT Entry %lx at index %lx\n", *Entry, Index);
+
+Done:
+
+ return Status;
+}
+
+EFI_STATUS
+GGTTSetEntry (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT64 Index,
+ IN GTT_PTE_ENTRY Entry
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ EFI_PCI_IO_PROTOCOL *PciIo;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+
+ PciIo = Private->PciIo;
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+
+ if (Index >= VirtualGpu->VisibleGGTTOffset &&
+ Index < VirtualGpu->VisibleGGTTOffset + VirtualGpu->VisibleGGTTSize) {
+ Status = PciIo->Mem.Write (
+ PciIo,
+ EfiPciIoWidthUint64,
+ PCI_BAR_IDX0,
+ GTT_OFFSET + Index * GTT_ENTRY_SIZE,
+ 1,
+ &Entry
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Failed to Set GGTT Entry %lx at index %lx, status %d\n",
+ Entry, Index, Status
+ );
+ }
+ } else if (Index >= VirtualGpu->InvisibleGGTTOffset &&
+ Index < VirtualGpu->InvisibleGGTTOffset + VirtualGpu->InvisibleGGTTSize) {
+ Status = EFI_UNSUPPORTED;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Skip set GGTT index %lx for invisible GMADR\n", Index
+ );
+ } else {
+ Status = EFI_OUT_OF_RESOURCES;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Skip set GGTT index %lx out-of-range, balloon unsupported\n", Index
+ );
+ }
+
+ GVT_DEBUG (EFI_D_VERBOSE, "Set GGTT Entry %lx at index %lx\n", Entry, Index);
+
+ return Status;
+}
+
+EFI_STATUS
+UpdateGGTT (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN EFI_PHYSICAL_ADDRESS GMAddr,
+ IN EFI_PHYSICAL_ADDRESS SysAddr,
+ IN UINTN Pages
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ UINTN GttOffset, Index;
+ GTT_PTE_ENTRY Entry;
+
+ if (!IS_ALIGNED(SysAddr, GTT_PAGE_SIZE)) {
+ Status = EFI_INVALID_PARAMETER;
+ GVT_DEBUG (EFI_D_ERROR,
+ "Failed to update GGTT GMADR %lx, SysAddr %lx isn't aligned to 0x%lx, status %d\n",
+ GMAddr, SysAddr, GTT_PAGE_SIZE, Status
+ );
+ goto Done;
+ }
+
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+ GttOffset = (GMAddr - VirtualGpu->GpuMemAddr) >> GTT_PAGE_SHIFT;
+
+ GVT_DEBUG (EFI_D_VERBOSE,
+ "Update GGTT GMADR %lx, SysAddr %lx, Pages 0x%lx\n",
+ GMAddr, SysAddr, Pages
+ );
+ for (Index = 0; Index < Pages; Index++) {
+ Entry = SysAddr + Index * GTT_PAGE_SIZE;
+ Entry |= (GTT_PAGE_PRESENT | GTT_PAGE_READ_WRITE);
+ Entry |= (GTT_PAGE_PWT | GTT_PAGE_PCD);
+ GGTTSetEntry (Private, GttOffset + Index, Entry);
+ }
+
+ Status = EFI_SUCCESS;
+
+Done:
+ return Status;
+}
diff --git a/OvmfPkg/IntelGvtGopDxe/Gtt.h b/OvmfPkg/IntelGvtGopDxe/Gtt.h
new file mode 100644
index 000000000000..fc91b7a84a0a
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/Gtt.h
@@ -0,0 +1,51 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __GTT_H_
+#define __GTT_H_
+
+#include "Common.h"
+
+typedef UINT64 GTT_PTE_ENTRY;
+
+#define GTT_OFFSET 0x800000
+#define GTT_SIZE 0x800000
+#define GTT_ENTRY_SIZE sizeof(GTT_PTE_ENTRY)
+#define GTT_ENTRY_NUM (GTT_SIZE / GTT_ENTRY_SIZE)
+#define GTT_PAGE_SHIFT 12
+#define GTT_PAGE_SIZE (1UL << GTT_PAGE_SHIFT)
+#define GTT_PAGE_MASK (~(GTT_PAGE_SIZE-1))
+#define GTT_PAGE_PRESENT 0x01
+#define GTT_PAGE_READ_WRITE 0x02
+#define GTT_PAGE_PWT 0x08
+#define GTT_PAGE_PCD 0x10
+
+EFI_STATUS
+GGTTGetEntry (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT64 Index,
+ OUT GTT_PTE_ENTRY *Entry
+ );
+
+EFI_STATUS
+GGTTSetEntry (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN UINT64 Index,
+ IN GTT_PTE_ENTRY Entry
+ );
+
+EFI_STATUS
+UpdateGGTT (
+ IN GVT_GOP_PRIVATE_DATA *Private,
+ IN EFI_PHYSICAL_ADDRESS GMAddr,
+ IN EFI_PHYSICAL_ADDRESS SysAddr,
+ IN UINTN Pages
+ );
+
+#endif //__GTT_H_
diff --git a/OvmfPkg/IntelGvtGopDxe/IntelGvtGopDxe.inf b/OvmfPkg/IntelGvtGopDxe/IntelGvtGopDxe.inf
new file mode 100644
index 000000000000..c6e1751e1a22
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/IntelGvtGopDxe.inf
@@ -0,0 +1,59 @@
+## @file
+# Intel GVT-g Graphics Output Protocol driver
+#
+# Copyright (C) 2021 Intel Corporation. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-2-Clause
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = GvtGopDxe
+ FILE_GUID = 7c2a0c14-2a63-4d08-9c7f-d55691e1cedb
+ MODULE_TYPE = UEFI_DRIVER
+ VERSION_STRING = 2.0
+ ENTRY_POINT = GvtGopEntryPoint
+
+[Sources]
+ Common.h
+ DebugHelper.h
+ Display.c
+ Display.h
+ GopDriver.c
+ GpuReg.c
+ GpuReg.h
+ Gtt.c
+ Gtt.h
+ VirtualGpu.h
+ VirtualGpu.c
+ VbeShim.c
+ VbeShim.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ BaseMemoryLib
+ FrameBufferBltLib
+ DebugLib
+ DevicePathLib
+ MemoryAllocationLib
+ PrintLib
+ UefiBootServicesTableLib
+ UefiDriverEntryPoint
+ UefiLib
+ PcdLib
+ PciLib
+ QemuFwCfgLib
+
+[Protocols]
+ gEfiGraphicsOutputProtocolGuid
+ gEfiPciIoProtocolGuid
+ gEfiDevicePathProtocolGuid
+
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVideoHorizontalResolution
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVideoVerticalResolution
diff --git a/OvmfPkg/IntelGvtGopDxe/VbeShim.asm b/OvmfPkg/IntelGvtGopDxe/VbeShim.asm
new file mode 100644
index 000000000000..43a44362b794
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/VbeShim.asm
@@ -0,0 +1,343 @@
+;------------------------------------------------------------------------------
+; @file
+; A minimal Int10h stub that allows the Windows 2008 R2 SP1 UEFI guest's buggy,
+; default VGA driver to switch to 1024x768x32.
+;
+; Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+; Copyright (C) 2020, Rebecca Cran <rebecca@bsdio.com>
+; Copyright (C) 2015, Nahanni Systems, Inc.
+; Copyright (C) 2014, Red Hat, Inc.
+; Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+;
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+;------------------------------------------------------------------------------
+
+; enable this macro for debug messages
+%define DEBUG
+
+%macro DebugLog 1
+%ifdef DEBUG
+ push si
+ mov si, %1
+ call PrintStringSi
+ pop si
+%endif
+%endmacro
+
+
+BITS 16
+ORG 0
+
+VbeInfo:
+TIMES 256 nop
+
+VbeModeInfo:
+VbeMode1:
+TIMES 50 nop
+VbeMode2:
+TIMES 50 nop
+VbeMode3:
+TIMES 50 nop
+VbeMode4:
+TIMES 50 nop
+TIMES 56 nop ; filler for 256 bytes
+
+Handler:
+ cmp ax, 0x4f00
+ je GetInfo
+ cmp ax, 0x4f01
+ je GetModeInfo
+ cmp ax, 0x4f02
+ je SetMode
+ cmp ax, 0x4f03
+ je GetMode
+ cmp ax, 0x4f10
+ je GetPmCapabilities
+ cmp ax, 0x4f15
+ je ReadEdid
+ cmp ah, 0x00
+ je SetModeLegacy
+ DebugLog StrUnkownFunction
+Hang:
+ jmp Hang
+
+
+GetInfo:
+ push es
+ push di
+ push ds
+ push si
+ push cx
+
+ DebugLog StrEnterGetInfo
+
+ ; target (es:di) set on input
+ push cs
+ pop ds
+ mov si, VbeInfo
+ ; source (ds:si) set now
+
+ mov cx, 256
+ cld
+ rep movsb
+
+ pop cx
+ pop si
+ pop ds
+ pop di
+ pop es
+ jmp Success
+
+
+GetModeInfo:
+ push es
+ push di
+ push ds
+ push si
+ push cx
+
+ DebugLog StrEnterGetModeInfo
+
+ and cx, ~0x4000 ; clear potentially set LFB bit in mode number
+
+ cmp cx, 0x013f
+ je gKnownMode1
+ cmp cx, 0x0140
+ je gKnownMode2
+ cmp cx, 0x0141
+ je gKnownMode3
+
+ DebugLog StrUnkownMode
+ jmp Hang
+gKnownMode1:
+ DebugLog StrMode1
+ mov si, VbeMode1
+ jmp CopyModeInfo
+gKnownMode2:
+ DebugLog StrMode2
+ mov si, VbeMode2
+ jmp CopyModeInfo
+gKnownMode3:
+ DebugLog StrMode3
+ mov si, VbeMode3
+ jmp CopyModeInfo
+gKnownMode4:
+ DebugLog StrMode4
+ mov si, VbeMode4
+ jmp CopyModeInfo
+
+CopyModeInfo:
+ ; target (es:di) set on input
+ push cs
+ pop ds
+ ;mov si, VbeModeInfo
+ ; source (ds:si) set now
+
+ ;mov cx, 256
+ mov cx, 50
+ cld
+ rep movsb
+
+ pop cx
+ pop si
+ pop ds
+ pop di
+ pop es
+ jmp Success
+
+
+SetMode:
+ push dx
+ push ax
+
+ DebugLog StrEnterSetMode
+
+ and bx, ~0x4000 ; clear potentially set LFB bit in mode number
+ cmp bx, 0x013f
+ je KnownMode1
+ cmp bx, 0x0140
+ je KnownMode2
+ cmp bx, 0x0141
+ je KnownMode3
+ DebugLog StrUnkownMode
+ jmp Hang
+KnownMode1:
+ DebugLog StrMode1
+ jmp SetModeDone
+KnownMode2:
+ DebugLog StrMode2
+ jmp SetModeDone
+KnownMode3:
+ DebugLog StrMode3
+ jmp SetModeDone
+KnownMode4:
+ DebugLog StrMode4
+
+SetModeDone:
+ mov [CurMode], bl
+ mov [CurMode+1], bh
+ pop ax
+ pop dx
+ jmp Success
+
+
+GetMode:
+ DebugLog StrEnterGetMode
+ mov bl, [CurMode]
+ mov bh, [CurMode+1]
+ jmp Success
+
+
+GetPmCapabilities:
+ DebugLog StrGetPmCapabilities
+ mov bx, 0x0080
+ jmp Success
+
+
+ReadEdid:
+ push es
+ push di
+ push ds
+ push si
+ push cx
+
+ DebugLog StrReadEdid
+
+ ; target (es:di) set on input
+ push cs
+ pop ds
+ mov si, Edid
+ ; source (ds:si) set now
+
+ mov cx, 128
+ cld
+ rep movsb
+
+ pop cx
+ pop si
+ pop ds
+ pop di
+ pop es
+ jmp Success
+
+
+SetModeLegacy:
+ DebugLog StrEnterSetModeLegacy
+
+ cmp al, 0x03
+ je sKnownMode3
+ cmp al, 0x12
+ je sKnownMode4
+ DebugLog StrUnkownMode
+ jmp Hang
+sKnownMode3:
+ DebugLog StrLegacyMode3
+ mov al, 0 ; 0x30
+ jmp SetModeLegacyDone
+sKnownMode4:
+ mov al, 0 ;0x20
+SetModeLegacyDone:
+ DebugLog StrExitSuccess
+ iret
+
+
+Success:
+ DebugLog StrExitSuccess
+ mov ax, 0x004f
+ iret
+
+
+Unsupported:
+ DebugLog StrExitUnsupported
+ mov ax, 0x024f
+ iret
+
+
+%ifdef DEBUG
+PrintStringSi:
+ pusha
+ push ds ; save original
+ push cs
+ pop ds
+ mov dx, 0x220 ; bhyve debug cons port
+ mov ax, 0
+PrintStringSiLoop:
+ lodsb
+ cmp al, 0
+ je PrintStringSiDone
+ out dx, al
+ jmp PrintStringSiLoop
+PrintStringSiDone:
+ pop ds ; restore original
+ popa
+ ret
+
+
+StrExitSuccess:
+ db 'vOk', 0x0d, 0x0a, 0
+
+StrExitUnsupported:
+ db 'vUnsupported', 0x0d, 0x0a, 0
+
+StrUnkownFunction:
+ db 'vUnknown Function', 0x0d, 0x0a, 0
+
+StrEnterGetInfo:
+ db 'vGetInfo', 0x0d, 0x0a, 0
+
+StrEnterGetModeInfo:
+ db 'vGetModeInfo', 0x0d, 0x0a, 0
+
+StrEnterGetMode:
+ db 'vGetMode', 0x0d, 0x0a, 0
+
+StrEnterSetMode:
+ db 'vSetMode', 0x0d, 0x0a, 0
+
+StrEnterSetModeLegacy:
+ db 'vSetModeLegacy', 0x0d, 0x0a, 0
+
+StrUnkownMode:
+ db 'vUnkown Mode', 0x0d, 0x0a, 0
+
+StrGetPmCapabilities:
+ db 'vGetPmCapabilities', 0x0d, 0x0a, 0
+
+StrReadEdid:
+ db 'vReadEdid', 0x0d, 0x0a, 0
+
+StrLegacyMode3:
+ db 'vLegacyMode3', 0x0d, 0x0a, 0
+
+
+StrMode1:
+ db 'mode_640x480x32', 0x0d, 0x0a, 0
+StrMode2:
+ db 'mode_800x600x32', 0x0d, 0x0a, 0
+StrMode3:
+ db 'mode_1024x768x32', 0x0d, 0x0a, 0
+StrMode4:
+ db 'mode_unused', 0x0d, 0x0a, 0
+%endif
+
+CurMode:
+ db 0x00, 0x00
+
+;
+; EDID stores monitor information. For now, just send back an null item.
+;
+Edid:
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ db 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
diff --git a/OvmfPkg/IntelGvtGopDxe/VbeShim.c b/OvmfPkg/IntelGvtGopDxe/VbeShim.c
new file mode 100644
index 000000000000..8063224d53b4
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/VbeShim.c
@@ -0,0 +1,258 @@
+/** @file
+ Install a fake VGABIOS service handler (real mode Int10h) for the buggy
+ Windows 2008 R2 SP1 UEFI guest.
+
+ The handler is never meant to be directly executed by a VCPU; it's there for
+ the internal real mode emulator of Windows 2008 R2 SP1.
+
+ The code is based on Ralf Brown's Interrupt List:
+ <http://www.cs.cmu.edu/~ralf/files.html>
+ <http://www.ctyme.com/rbrown.htm>
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+ Copyright (C) 2020, Rebecca Cran <rebecca@bsdio.com>
+ Copyright (C) 2015, Nahanni Systems, Inc.
+ Copyright (C) 2014, Red Hat, Inc.
+ Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "Common.h"
+#include <IndustryStandard/LegacyVgaBios.h>
+#include <Library/PciLib.h>
+#include <Library/PrintLib.h>
+#include "VbeShim.h"
+
+#pragma pack (1)
+typedef struct {
+ UINT16 Offset;
+ UINT16 Segment;
+} IVT_ENTRY;
+#pragma pack ()
+
+//
+// This string is displayed by Windows 2008 R2 SP1 in the Screen Resolution,
+// Advanced Settings dialog. It should be short.
+//
+STATIC CONST CHAR8 mProductRevision[] = "2.0";
+
+#define NUM_VBE_MODES 3
+STATIC CONST UINT16 vbeModeIds[] = {
+ 0x13f, // 640x480x32
+ 0x140, // 800x600x32
+ 0x141 // 1024x768x32
+};
+
+// Modes can be toggled with bit-0
+#define VBE_MODE_ENABLED 0x00BB
+#define VBE_MODE_DISABLED 0x00BA
+
+STATIC VBE2_MODE_INFO vbeModes[] = {
+ { // 0x13f 640x480x32
+
+ // ModeAttr - BytesPerScanLine
+ VBE_MODE_DISABLED, 0x07, 0x00, 0x40, 0x40, 0xA000, 0x00, 0x0000, 640*4,
+ // Width, Height..., Vbe3
+ 640, 480, 16, 8, 1, 32, 1, 0x06, 0, 0, 1,
+ // Masks
+ 0x08, 0x10, 0x08, 0x08, 0x08, 0x00, 0x08, 0x18, 0x00,
+ // Framebuffer
+ 0xdeadbeef, 0x0000, 0x0000
+ },
+ { // 0x140 800x600x32
+
+ // ModeAttr - BytesPerScanLine
+ VBE_MODE_DISABLED, 0x07, 0x00, 0x40, 0x40, 0xA000, 0x00, 0x0000, 800*4,
+ // Width, Height..., Vbe3
+ 800, 600, 16, 8, 1, 32, 1, 0x06, 0, 0, 1,
+ // Masks
+ 0x08, 0x10, 0x08, 0x08, 0x08, 0x00, 0x08, 0x18, 0x00,
+ // Framebuffer
+ 0xdeadbeef, 0x0000, 0x0000
+ },
+ { // 0x141 1024x768x32
+
+ // ModeAttr - BytesPerScanLine
+ VBE_MODE_ENABLED, 0x07, 0x00, 0x40, 0x40, 0xA000, 0x00, 0x0000, 1024*4,
+ // Width, Height..., Vbe3
+ 1024, 768, 16, 8, 1, 32, 1, 0x06, 0, 0, 1,
+ // Masks
+ 0x08, 0x10, 0x08, 0x08, 0x08, 0x00, 0x08, 0x18, 0x00,
+ // Framebuffer
+ 0xdeadbeef, 0x0000, 0x0000
+ }
+};
+
+/**
+ Install the VBE Info and VBE Mode Info structures, and the VBE service
+ handler routine in the C segment. Point the real-mode Int10h interrupt vector
+ to the handler. The only advertised mode is 1024x768x32.
+
+ @param[in] CardName Name of the video card to be exposed in the
+ Product Name field of the VBE Info structure.
+ @param[in] FrameBufferBase Guest-physical base address of the video card's
+ frame buffer.
+**/
+VOID
+InstallVbeShim (
+ IN CONST CHAR16 *CardName,
+ IN EFI_PHYSICAL_ADDRESS FrameBufferBase
+ )
+{
+ EFI_PHYSICAL_ADDRESS Segment0, SegmentC, SegmentF;
+ UINTN Segment0Pages;
+ IVT_ENTRY *Int0x10;
+ EFI_STATUS Status;
+ UINTN Pam1Address;
+ UINT8 Pam1;
+ UINTN SegmentCPages;
+ VBE_INFO *VbeInfoFull;
+ VBE_INFO_BASE *VbeInfo;
+ UINT8 *Ptr;
+ UINTN Printed;
+ VBE_MODE_INFO *VbeModeInfo;
+ UINTN i;
+
+ Segment0 = 0x00000;
+ SegmentC = 0xC0000;
+ SegmentF = 0xF0000;
+
+ //
+ // Attempt to cover the real mode IVT with an allocation. This is a UEFI
+ // driver, hence the arch protocols have been installed previously. Among
+ // those, the CPU arch protocol has configured the IDT, so we can overwrite
+ // the IVT used in real mode.
+ //
+ // The allocation request may fail, eg. if LegacyBiosDxe has already run.
+ //
+ Segment0Pages = 1;
+ Int0x10 = (IVT_ENTRY *)(UINTN)Segment0 + 0x10;
+ Status = gBS->AllocatePages (AllocateAddress, EfiBootServicesCode,
+ Segment0Pages, &Segment0);
+
+ if (EFI_ERROR (Status)) {
+ EFI_PHYSICAL_ADDRESS Handler;
+
+ //
+ // Check if a video BIOS handler has been installed previously -- we
+ // shouldn't override a real video BIOS with our shim, nor our own shim if
+ // it's already present.
+ //
+ Handler = (Int0x10->Segment << 4) + Int0x10->Offset;
+ if (Handler >= SegmentC && Handler < SegmentF) {
+ DEBUG ((DEBUG_VERBOSE, "%a: Video BIOS handler found at %04x:%04x\n",
+ __FUNCTION__, Int0x10->Segment, Int0x10->Offset));
+ return;
+ }
+
+ //
+ // Otherwise we'll overwrite the Int10h vector, even though we may not own
+ // the page at zero.
+ //
+ DEBUG ((DEBUG_VERBOSE, "%a: failed to allocate page at zero: %r\n",
+ __FUNCTION__, Status));
+ } else {
+ //
+ // We managed to allocate the page at zero. SVN r14218 guarantees that it
+ // is NUL-filled.
+ //
+ ASSERT (Int0x10->Segment == 0x0000);
+ ASSERT (Int0x10->Offset == 0x0000);
+ }
+
+ //
+ // Put the shim in place first.
+ //
+ Pam1Address = PCI_LIB_ADDRESS (0, 0, 0, 0x5A);
+ //
+ // low nibble covers 0xC0000 to 0xC3FFF
+ // high nibble covers 0xC4000 to 0xC7FFF
+ // bit1 in each nibble is Write Enable
+ // bit0 in each nibble is Read Enable
+ //
+ Pam1 = PciRead8 (Pam1Address);
+ PciWrite8 (Pam1Address, Pam1 | (BIT1 | BIT0));
+
+ //
+ // We never added memory space durig PEI or DXE for the C segment, so we
+ // don't need to (and can't) allocate from there. Also, guest operating
+ // systems will see a hole in the UEFI memory map there.
+ //
+ SegmentCPages = 4;
+
+ ASSERT (sizeof gVbeShim <= EFI_PAGES_TO_SIZE (SegmentCPages));
+ CopyMem ((VOID *)(UINTN)SegmentC, gVbeShim, sizeof gVbeShim);
+
+ //
+ // Fill in the VBE INFO structure.
+ //
+ VbeInfoFull = (VBE_INFO *)(UINTN)SegmentC;
+ VbeInfo = &VbeInfoFull->Base;
+ Ptr = VbeInfoFull->Buffer;
+
+ CopyMem (VbeInfo->Signature, "VESA", 4);
+ VbeInfo->VesaVersion = 0x0200;
+
+ VbeInfo->OemNameAddress = (UINT32)SegmentC << 12 | (UINT16)((UINTN)Ptr-SegmentC);
+ CopyMem (Ptr, "FBSD", 5);
+ Ptr += 5;
+
+ VbeInfo->Capabilities = BIT1 | BIT0; // DAC can be switched into 8-bit mode
+
+ VbeInfo->ModeListAddress = (UINT32)SegmentC << 12 | (UINT16)((UINTN)Ptr-SegmentC);
+ for (i = 0; i < NUM_VBE_MODES; i ++) {
+ *(UINT16*)Ptr = vbeModeIds[i]; // mode number
+ Ptr += 2;
+ }
+ *(UINT16*)Ptr = 0xFFFF; // mode list terminator
+ Ptr += 2;
+
+ VbeInfo->VideoMem64K = (UINT16)((1024 * 768 * 4 + 65535) / 65536);
+ VbeInfo->OemSoftwareVersion = 0x0200;
+
+ VbeInfo->VendorNameAddress = (UINT32)SegmentC << 12 | (UINT16)((UINTN)Ptr-SegmentC);
+ CopyMem (Ptr, "FBSD", 5);
+ Ptr += 5;
+
+ VbeInfo->ProductNameAddress = (UINT32)SegmentC << 12 | (UINT16)((UINTN)Ptr-SegmentC);
+ Printed = AsciiSPrint ((CHAR8 *)Ptr,
+ sizeof VbeInfoFull->Buffer - (Ptr - VbeInfoFull->Buffer), "%s",
+ CardName);
+ Ptr += Printed + 1;
+
+ VbeInfo->ProductRevAddress = (UINT32)SegmentC << 12 | (UINT16)((UINTN)Ptr-SegmentC);
+ CopyMem (Ptr, mProductRevision, sizeof mProductRevision);
+ Ptr += sizeof mProductRevision;
+
+ ASSERT (sizeof VbeInfoFull->Buffer >= Ptr - VbeInfoFull->Buffer);
+ ZeroMem (Ptr, sizeof VbeInfoFull->Buffer - (Ptr - VbeInfoFull->Buffer));
+
+ //
+ // Fill in the VBE MODE INFO structure list
+ //
+ VbeModeInfo = (VBE_MODE_INFO *)(VbeInfoFull + 1);
+ Ptr = (UINT8 *)VbeModeInfo;
+ for (i = 0; i < NUM_VBE_MODES; i++) {
+ vbeModes[i].LfbAddress = (UINT32)FrameBufferBase;
+ CopyMem (Ptr, &vbeModes[i], 0x32);
+ Ptr += 0x32;
+ }
+
+ ZeroMem (Ptr, 56); // Clear remaining bytes
+
+ //
+ // Clear Write Enable (bit1), keep Read Enable (bit0) set
+ //
+ PciWrite8 (Pam1Address, (Pam1 & ~BIT1) | BIT0);
+
+ //
+ // Second, point the Int10h vector at the shim.
+ //
+ Int0x10->Segment = (UINT16) ((UINT32)SegmentC >> 4);
+ Int0x10->Offset = (UINT16) ((UINTN) (VbeModeInfo + 1) - SegmentC);
+
+ DEBUG ((DEBUG_INFO, "%a: VBE shim installed to %x:%x\n",
+ __FUNCTION__, Int0x10->Segment, Int0x10->Offset));
+}
diff --git a/OvmfPkg/IntelGvtGopDxe/VbeShim.h b/OvmfPkg/IntelGvtGopDxe/VbeShim.h
new file mode 100644
index 000000000000..601b1465cbe5
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/VbeShim.h
@@ -0,0 +1,912 @@
+//
+// THIS FILE WAS GENERATED BY "VbeShim.sh". DO NOT EDIT.
+//
+#ifndef _VBE_SHIM_H_
+#define _VBE_SHIM_H_
+STATIC CONST UINT8 gVbeShim[] = {
+ /* 00000000 nop */ 0x90,
+ /* 00000001 nop */ 0x90,
+ /* 00000002 nop */ 0x90,
+ /* 00000003 nop */ 0x90,
+ /* 00000004 nop */ 0x90,
+ /* 00000005 nop */ 0x90,
+ /* 00000006 nop */ 0x90,
+ /* 00000007 nop */ 0x90,
+ /* 00000008 nop */ 0x90,
+ /* 00000009 nop */ 0x90,
+ /* 0000000A nop */ 0x90,
+ /* 0000000B nop */ 0x90,
+ /* 0000000C nop */ 0x90,
+ /* 0000000D nop */ 0x90,
+ /* 0000000E nop */ 0x90,
+ /* 0000000F nop */ 0x90,
+ /* 00000010 nop */ 0x90,
+ /* 00000011 nop */ 0x90,
+ /* 00000012 nop */ 0x90,
+ /* 00000013 nop */ 0x90,
+ /* 00000014 nop */ 0x90,
+ /* 00000015 nop */ 0x90,
+ /* 00000016 nop */ 0x90,
+ /* 00000017 nop */ 0x90,
+ /* 00000018 nop */ 0x90,
+ /* 00000019 nop */ 0x90,
+ /* 0000001A nop */ 0x90,
+ /* 0000001B nop */ 0x90,
+ /* 0000001C nop */ 0x90,
+ /* 0000001D nop */ 0x90,
+ /* 0000001E nop */ 0x90,
+ /* 0000001F nop */ 0x90,
+ /* 00000020 nop */ 0x90,
+ /* 00000021 nop */ 0x90,
+ /* 00000022 nop */ 0x90,
+ /* 00000023 nop */ 0x90,
+ /* 00000024 nop */ 0x90,
+ /* 00000025 nop */ 0x90,
+ /* 00000026 nop */ 0x90,
+ /* 00000027 nop */ 0x90,
+ /* 00000028 nop */ 0x90,
+ /* 00000029 nop */ 0x90,
+ /* 0000002A nop */ 0x90,
+ /* 0000002B nop */ 0x90,
+ /* 0000002C nop */ 0x90,
+ /* 0000002D nop */ 0x90,
+ /* 0000002E nop */ 0x90,
+ /* 0000002F nop */ 0x90,
+ /* 00000030 nop */ 0x90,
+ /* 00000031 nop */ 0x90,
+ /* 00000032 nop */ 0x90,
+ /* 00000033 nop */ 0x90,
+ /* 00000034 nop */ 0x90,
+ /* 00000035 nop */ 0x90,
+ /* 00000036 nop */ 0x90,
+ /* 00000037 nop */ 0x90,
+ /* 00000038 nop */ 0x90,
+ /* 00000039 nop */ 0x90,
+ /* 0000003A nop */ 0x90,
+ /* 0000003B nop */ 0x90,
+ /* 0000003C nop */ 0x90,
+ /* 0000003D nop */ 0x90,
+ /* 0000003E nop */ 0x90,
+ /* 0000003F nop */ 0x90,
+ /* 00000040 nop */ 0x90,
+ /* 00000041 nop */ 0x90,
+ /* 00000042 nop */ 0x90,
+ /* 00000043 nop */ 0x90,
+ /* 00000044 nop */ 0x90,
+ /* 00000045 nop */ 0x90,
+ /* 00000046 nop */ 0x90,
+ /* 00000047 nop */ 0x90,
+ /* 00000048 nop */ 0x90,
+ /* 00000049 nop */ 0x90,
+ /* 0000004A nop */ 0x90,
+ /* 0000004B nop */ 0x90,
+ /* 0000004C nop */ 0x90,
+ /* 0000004D nop */ 0x90,
+ /* 0000004E nop */ 0x90,
+ /* 0000004F nop */ 0x90,
+ /* 00000050 nop */ 0x90,
+ /* 00000051 nop */ 0x90,
+ /* 00000052 nop */ 0x90,
+ /* 00000053 nop */ 0x90,
+ /* 00000054 nop */ 0x90,
+ /* 00000055 nop */ 0x90,
+ /* 00000056 nop */ 0x90,
+ /* 00000057 nop */ 0x90,
+ /* 00000058 nop */ 0x90,
+ /* 00000059 nop */ 0x90,
+ /* 0000005A nop */ 0x90,
+ /* 0000005B nop */ 0x90,
+ /* 0000005C nop */ 0x90,
+ /* 0000005D nop */ 0x90,
+ /* 0000005E nop */ 0x90,
+ /* 0000005F nop */ 0x90,
+ /* 00000060 nop */ 0x90,
+ /* 00000061 nop */ 0x90,
+ /* 00000062 nop */ 0x90,
+ /* 00000063 nop */ 0x90,
+ /* 00000064 nop */ 0x90,
+ /* 00000065 nop */ 0x90,
+ /* 00000066 nop */ 0x90,
+ /* 00000067 nop */ 0x90,
+ /* 00000068 nop */ 0x90,
+ /* 00000069 nop */ 0x90,
+ /* 0000006A nop */ 0x90,
+ /* 0000006B nop */ 0x90,
+ /* 0000006C nop */ 0x90,
+ /* 0000006D nop */ 0x90,
+ /* 0000006E nop */ 0x90,
+ /* 0000006F nop */ 0x90,
+ /* 00000070 nop */ 0x90,
+ /* 00000071 nop */ 0x90,
+ /* 00000072 nop */ 0x90,
+ /* 00000073 nop */ 0x90,
+ /* 00000074 nop */ 0x90,
+ /* 00000075 nop */ 0x90,
+ /* 00000076 nop */ 0x90,
+ /* 00000077 nop */ 0x90,
+ /* 00000078 nop */ 0x90,
+ /* 00000079 nop */ 0x90,
+ /* 0000007A nop */ 0x90,
+ /* 0000007B nop */ 0x90,
+ /* 0000007C nop */ 0x90,
+ /* 0000007D nop */ 0x90,
+ /* 0000007E nop */ 0x90,
+ /* 0000007F nop */ 0x90,
+ /* 00000080 nop */ 0x90,
+ /* 00000081 nop */ 0x90,
+ /* 00000082 nop */ 0x90,
+ /* 00000083 nop */ 0x90,
+ /* 00000084 nop */ 0x90,
+ /* 00000085 nop */ 0x90,
+ /* 00000086 nop */ 0x90,
+ /* 00000087 nop */ 0x90,
+ /* 00000088 nop */ 0x90,
+ /* 00000089 nop */ 0x90,
+ /* 0000008A nop */ 0x90,
+ /* 0000008B nop */ 0x90,
+ /* 0000008C nop */ 0x90,
+ /* 0000008D nop */ 0x90,
+ /* 0000008E nop */ 0x90,
+ /* 0000008F nop */ 0x90,
+ /* 00000090 nop */ 0x90,
+ /* 00000091 nop */ 0x90,
+ /* 00000092 nop */ 0x90,
+ /* 00000093 nop */ 0x90,
+ /* 00000094 nop */ 0x90,
+ /* 00000095 nop */ 0x90,
+ /* 00000096 nop */ 0x90,
+ /* 00000097 nop */ 0x90,
+ /* 00000098 nop */ 0x90,
+ /* 00000099 nop */ 0x90,
+ /* 0000009A nop */ 0x90,
+ /* 0000009B nop */ 0x90,
+ /* 0000009C nop */ 0x90,
+ /* 0000009D nop */ 0x90,
+ /* 0000009E nop */ 0x90,
+ /* 0000009F nop */ 0x90,
+ /* 000000A0 nop */ 0x90,
+ /* 000000A1 nop */ 0x90,
+ /* 000000A2 nop */ 0x90,
+ /* 000000A3 nop */ 0x90,
+ /* 000000A4 nop */ 0x90,
+ /* 000000A5 nop */ 0x90,
+ /* 000000A6 nop */ 0x90,
+ /* 000000A7 nop */ 0x90,
+ /* 000000A8 nop */ 0x90,
+ /* 000000A9 nop */ 0x90,
+ /* 000000AA nop */ 0x90,
+ /* 000000AB nop */ 0x90,
+ /* 000000AC nop */ 0x90,
+ /* 000000AD nop */ 0x90,
+ /* 000000AE nop */ 0x90,
+ /* 000000AF nop */ 0x90,
+ /* 000000B0 nop */ 0x90,
+ /* 000000B1 nop */ 0x90,
+ /* 000000B2 nop */ 0x90,
+ /* 000000B3 nop */ 0x90,
+ /* 000000B4 nop */ 0x90,
+ /* 000000B5 nop */ 0x90,
+ /* 000000B6 nop */ 0x90,
+ /* 000000B7 nop */ 0x90,
+ /* 000000B8 nop */ 0x90,
+ /* 000000B9 nop */ 0x90,
+ /* 000000BA nop */ 0x90,
+ /* 000000BB nop */ 0x90,
+ /* 000000BC nop */ 0x90,
+ /* 000000BD nop */ 0x90,
+ /* 000000BE nop */ 0x90,
+ /* 000000BF nop */ 0x90,
+ /* 000000C0 nop */ 0x90,
+ /* 000000C1 nop */ 0x90,
+ /* 000000C2 nop */ 0x90,
+ /* 000000C3 nop */ 0x90,
+ /* 000000C4 nop */ 0x90,
+ /* 000000C5 nop */ 0x90,
+ /* 000000C6 nop */ 0x90,
+ /* 000000C7 nop */ 0x90,
+ /* 000000C8 nop */ 0x90,
+ /* 000000C9 nop */ 0x90,
+ /* 000000CA nop */ 0x90,
+ /* 000000CB nop */ 0x90,
+ /* 000000CC nop */ 0x90,
+ /* 000000CD nop */ 0x90,
+ /* 000000CE nop */ 0x90,
+ /* 000000CF nop */ 0x90,
+ /* 000000D0 nop */ 0x90,
+ /* 000000D1 nop */ 0x90,
+ /* 000000D2 nop */ 0x90,
+ /* 000000D3 nop */ 0x90,
+ /* 000000D4 nop */ 0x90,
+ /* 000000D5 nop */ 0x90,
+ /* 000000D6 nop */ 0x90,
+ /* 000000D7 nop */ 0x90,
+ /* 000000D8 nop */ 0x90,
+ /* 000000D9 nop */ 0x90,
+ /* 000000DA nop */ 0x90,
+ /* 000000DB nop */ 0x90,
+ /* 000000DC nop */ 0x90,
+ /* 000000DD nop */ 0x90,
+ /* 000000DE nop */ 0x90,
+ /* 000000DF nop */ 0x90,
+ /* 000000E0 nop */ 0x90,
+ /* 000000E1 nop */ 0x90,
+ /* 000000E2 nop */ 0x90,
+ /* 000000E3 nop */ 0x90,
+ /* 000000E4 nop */ 0x90,
+ /* 000000E5 nop */ 0x90,
+ /* 000000E6 nop */ 0x90,
+ /* 000000E7 nop */ 0x90,
+ /* 000000E8 nop */ 0x90,
+ /* 000000E9 nop */ 0x90,
+ /* 000000EA nop */ 0x90,
+ /* 000000EB nop */ 0x90,
+ /* 000000EC nop */ 0x90,
+ /* 000000ED nop */ 0x90,
+ /* 000000EE nop */ 0x90,
+ /* 000000EF nop */ 0x90,
+ /* 000000F0 nop */ 0x90,
+ /* 000000F1 nop */ 0x90,
+ /* 000000F2 nop */ 0x90,
+ /* 000000F3 nop */ 0x90,
+ /* 000000F4 nop */ 0x90,
+ /* 000000F5 nop */ 0x90,
+ /* 000000F6 nop */ 0x90,
+ /* 000000F7 nop */ 0x90,
+ /* 000000F8 nop */ 0x90,
+ /* 000000F9 nop */ 0x90,
+ /* 000000FA nop */ 0x90,
+ /* 000000FB nop */ 0x90,
+ /* 000000FC nop */ 0x90,
+ /* 000000FD nop */ 0x90,
+ /* 000000FE nop */ 0x90,
+ /* 000000FF nop */ 0x90,
+ /* 00000100 nop */ 0x90,
+ /* 00000101 nop */ 0x90,
+ /* 00000102 nop */ 0x90,
+ /* 00000103 nop */ 0x90,
+ /* 00000104 nop */ 0x90,
+ /* 00000105 nop */ 0x90,
+ /* 00000106 nop */ 0x90,
+ /* 00000107 nop */ 0x90,
+ /* 00000108 nop */ 0x90,
+ /* 00000109 nop */ 0x90,
+ /* 0000010A nop */ 0x90,
+ /* 0000010B nop */ 0x90,
+ /* 0000010C nop */ 0x90,
+ /* 0000010D nop */ 0x90,
+ /* 0000010E nop */ 0x90,
+ /* 0000010F nop */ 0x90,
+ /* 00000110 nop */ 0x90,
+ /* 00000111 nop */ 0x90,
+ /* 00000112 nop */ 0x90,
+ /* 00000113 nop */ 0x90,
+ /* 00000114 nop */ 0x90,
+ /* 00000115 nop */ 0x90,
+ /* 00000116 nop */ 0x90,
+ /* 00000117 nop */ 0x90,
+ /* 00000118 nop */ 0x90,
+ /* 00000119 nop */ 0x90,
+ /* 0000011A nop */ 0x90,
+ /* 0000011B nop */ 0x90,
+ /* 0000011C nop */ 0x90,
+ /* 0000011D nop */ 0x90,
+ /* 0000011E nop */ 0x90,
+ /* 0000011F nop */ 0x90,
+ /* 00000120 nop */ 0x90,
+ /* 00000121 nop */ 0x90,
+ /* 00000122 nop */ 0x90,
+ /* 00000123 nop */ 0x90,
+ /* 00000124 nop */ 0x90,
+ /* 00000125 nop */ 0x90,
+ /* 00000126 nop */ 0x90,
+ /* 00000127 nop */ 0x90,
+ /* 00000128 nop */ 0x90,
+ /* 00000129 nop */ 0x90,
+ /* 0000012A nop */ 0x90,
+ /* 0000012B nop */ 0x90,
+ /* 0000012C nop */ 0x90,
+ /* 0000012D nop */ 0x90,
+ /* 0000012E nop */ 0x90,
+ /* 0000012F nop */ 0x90,
+ /* 00000130 nop */ 0x90,
+ /* 00000131 nop */ 0x90,
+ /* 00000132 nop */ 0x90,
+ /* 00000133 nop */ 0x90,
+ /* 00000134 nop */ 0x90,
+ /* 00000135 nop */ 0x90,
+ /* 00000136 nop */ 0x90,
+ /* 00000137 nop */ 0x90,
+ /* 00000138 nop */ 0x90,
+ /* 00000139 nop */ 0x90,
+ /* 0000013A nop */ 0x90,
+ /* 0000013B nop */ 0x90,
+ /* 0000013C nop */ 0x90,
+ /* 0000013D nop */ 0x90,
+ /* 0000013E nop */ 0x90,
+ /* 0000013F nop */ 0x90,
+ /* 00000140 nop */ 0x90,
+ /* 00000141 nop */ 0x90,
+ /* 00000142 nop */ 0x90,
+ /* 00000143 nop */ 0x90,
+ /* 00000144 nop */ 0x90,
+ /* 00000145 nop */ 0x90,
+ /* 00000146 nop */ 0x90,
+ /* 00000147 nop */ 0x90,
+ /* 00000148 nop */ 0x90,
+ /* 00000149 nop */ 0x90,
+ /* 0000014A nop */ 0x90,
+ /* 0000014B nop */ 0x90,
+ /* 0000014C nop */ 0x90,
+ /* 0000014D nop */ 0x90,
+ /* 0000014E nop */ 0x90,
+ /* 0000014F nop */ 0x90,
+ /* 00000150 nop */ 0x90,
+ /* 00000151 nop */ 0x90,
+ /* 00000152 nop */ 0x90,
+ /* 00000153 nop */ 0x90,
+ /* 00000154 nop */ 0x90,
+ /* 00000155 nop */ 0x90,
+ /* 00000156 nop */ 0x90,
+ /* 00000157 nop */ 0x90,
+ /* 00000158 nop */ 0x90,
+ /* 00000159 nop */ 0x90,
+ /* 0000015A nop */ 0x90,
+ /* 0000015B nop */ 0x90,
+ /* 0000015C nop */ 0x90,
+ /* 0000015D nop */ 0x90,
+ /* 0000015E nop */ 0x90,
+ /* 0000015F nop */ 0x90,
+ /* 00000160 nop */ 0x90,
+ /* 00000161 nop */ 0x90,
+ /* 00000162 nop */ 0x90,
+ /* 00000163 nop */ 0x90,
+ /* 00000164 nop */ 0x90,
+ /* 00000165 nop */ 0x90,
+ /* 00000166 nop */ 0x90,
+ /* 00000167 nop */ 0x90,
+ /* 00000168 nop */ 0x90,
+ /* 00000169 nop */ 0x90,
+ /* 0000016A nop */ 0x90,
+ /* 0000016B nop */ 0x90,
+ /* 0000016C nop */ 0x90,
+ /* 0000016D nop */ 0x90,
+ /* 0000016E nop */ 0x90,
+ /* 0000016F nop */ 0x90,
+ /* 00000170 nop */ 0x90,
+ /* 00000171 nop */ 0x90,
+ /* 00000172 nop */ 0x90,
+ /* 00000173 nop */ 0x90,
+ /* 00000174 nop */ 0x90,
+ /* 00000175 nop */ 0x90,
+ /* 00000176 nop */ 0x90,
+ /* 00000177 nop */ 0x90,
+ /* 00000178 nop */ 0x90,
+ /* 00000179 nop */ 0x90,
+ /* 0000017A nop */ 0x90,
+ /* 0000017B nop */ 0x90,
+ /* 0000017C nop */ 0x90,
+ /* 0000017D nop */ 0x90,
+ /* 0000017E nop */ 0x90,
+ /* 0000017F nop */ 0x90,
+ /* 00000180 nop */ 0x90,
+ /* 00000181 nop */ 0x90,
+ /* 00000182 nop */ 0x90,
+ /* 00000183 nop */ 0x90,
+ /* 00000184 nop */ 0x90,
+ /* 00000185 nop */ 0x90,
+ /* 00000186 nop */ 0x90,
+ /* 00000187 nop */ 0x90,
+ /* 00000188 nop */ 0x90,
+ /* 00000189 nop */ 0x90,
+ /* 0000018A nop */ 0x90,
+ /* 0000018B nop */ 0x90,
+ /* 0000018C nop */ 0x90,
+ /* 0000018D nop */ 0x90,
+ /* 0000018E nop */ 0x90,
+ /* 0000018F nop */ 0x90,
+ /* 00000190 nop */ 0x90,
+ /* 00000191 nop */ 0x90,
+ /* 00000192 nop */ 0x90,
+ /* 00000193 nop */ 0x90,
+ /* 00000194 nop */ 0x90,
+ /* 00000195 nop */ 0x90,
+ /* 00000196 nop */ 0x90,
+ /* 00000197 nop */ 0x90,
+ /* 00000198 nop */ 0x90,
+ /* 00000199 nop */ 0x90,
+ /* 0000019A nop */ 0x90,
+ /* 0000019B nop */ 0x90,
+ /* 0000019C nop */ 0x90,
+ /* 0000019D nop */ 0x90,
+ /* 0000019E nop */ 0x90,
+ /* 0000019F nop */ 0x90,
+ /* 000001A0 nop */ 0x90,
+ /* 000001A1 nop */ 0x90,
+ /* 000001A2 nop */ 0x90,
+ /* 000001A3 nop */ 0x90,
+ /* 000001A4 nop */ 0x90,
+ /* 000001A5 nop */ 0x90,
+ /* 000001A6 nop */ 0x90,
+ /* 000001A7 nop */ 0x90,
+ /* 000001A8 nop */ 0x90,
+ /* 000001A9 nop */ 0x90,
+ /* 000001AA nop */ 0x90,
+ /* 000001AB nop */ 0x90,
+ /* 000001AC nop */ 0x90,
+ /* 000001AD nop */ 0x90,
+ /* 000001AE nop */ 0x90,
+ /* 000001AF nop */ 0x90,
+ /* 000001B0 nop */ 0x90,
+ /* 000001B1 nop */ 0x90,
+ /* 000001B2 nop */ 0x90,
+ /* 000001B3 nop */ 0x90,
+ /* 000001B4 nop */ 0x90,
+ /* 000001B5 nop */ 0x90,
+ /* 000001B6 nop */ 0x90,
+ /* 000001B7 nop */ 0x90,
+ /* 000001B8 nop */ 0x90,
+ /* 000001B9 nop */ 0x90,
+ /* 000001BA nop */ 0x90,
+ /* 000001BB nop */ 0x90,
+ /* 000001BC nop */ 0x90,
+ /* 000001BD nop */ 0x90,
+ /* 000001BE nop */ 0x90,
+ /* 000001BF nop */ 0x90,
+ /* 000001C0 nop */ 0x90,
+ /* 000001C1 nop */ 0x90,
+ /* 000001C2 nop */ 0x90,
+ /* 000001C3 nop */ 0x90,
+ /* 000001C4 nop */ 0x90,
+ /* 000001C5 nop */ 0x90,
+ /* 000001C6 nop */ 0x90,
+ /* 000001C7 nop */ 0x90,
+ /* 000001C8 nop */ 0x90,
+ /* 000001C9 nop */ 0x90,
+ /* 000001CA nop */ 0x90,
+ /* 000001CB nop */ 0x90,
+ /* 000001CC nop */ 0x90,
+ /* 000001CD nop */ 0x90,
+ /* 000001CE nop */ 0x90,
+ /* 000001CF nop */ 0x90,
+ /* 000001D0 nop */ 0x90,
+ /* 000001D1 nop */ 0x90,
+ /* 000001D2 nop */ 0x90,
+ /* 000001D3 nop */ 0x90,
+ /* 000001D4 nop */ 0x90,
+ /* 000001D5 nop */ 0x90,
+ /* 000001D6 nop */ 0x90,
+ /* 000001D7 nop */ 0x90,
+ /* 000001D8 nop */ 0x90,
+ /* 000001D9 nop */ 0x90,
+ /* 000001DA nop */ 0x90,
+ /* 000001DB nop */ 0x90,
+ /* 000001DC nop */ 0x90,
+ /* 000001DD nop */ 0x90,
+ /* 000001DE nop */ 0x90,
+ /* 000001DF nop */ 0x90,
+ /* 000001E0 nop */ 0x90,
+ /* 000001E1 nop */ 0x90,
+ /* 000001E2 nop */ 0x90,
+ /* 000001E3 nop */ 0x90,
+ /* 000001E4 nop */ 0x90,
+ /* 000001E5 nop */ 0x90,
+ /* 000001E6 nop */ 0x90,
+ /* 000001E7 nop */ 0x90,
+ /* 000001E8 nop */ 0x90,
+ /* 000001E9 nop */ 0x90,
+ /* 000001EA nop */ 0x90,
+ /* 000001EB nop */ 0x90,
+ /* 000001EC nop */ 0x90,
+ /* 000001ED nop */ 0x90,
+ /* 000001EE nop */ 0x90,
+ /* 000001EF nop */ 0x90,
+ /* 000001F0 nop */ 0x90,
+ /* 000001F1 nop */ 0x90,
+ /* 000001F2 nop */ 0x90,
+ /* 000001F3 nop */ 0x90,
+ /* 000001F4 nop */ 0x90,
+ /* 000001F5 nop */ 0x90,
+ /* 000001F6 nop */ 0x90,
+ /* 000001F7 nop */ 0x90,
+ /* 000001F8 nop */ 0x90,
+ /* 000001F9 nop */ 0x90,
+ /* 000001FA nop */ 0x90,
+ /* 000001FB nop */ 0x90,
+ /* 000001FC nop */ 0x90,
+ /* 000001FD nop */ 0x90,
+ /* 000001FE nop */ 0x90,
+ /* 000001FF nop */ 0x90,
+ /* 00000200 cmp ax,0x4f00 */ 0x3D, 0x00, 0x4F,
+ /* 00000203 jz 0x237 */ 0x74, 0x32,
+ /* 00000205 cmp ax,0x4f01 */ 0x3D, 0x01, 0x4F,
+ /* 00000208 jz 0x257 */ 0x74, 0x4D,
+ /* 0000020A cmp ax,0x4f02 */ 0x3D, 0x02, 0x4F,
+ /* 0000020D jz near 0x2c8 */ 0x0F, 0x84, 0xB7, 0x00,
+ /* 00000211 cmp ax,0x4f03 */ 0x3D, 0x03, 0x4F,
+ /* 00000214 jz near 0x325 */ 0x0F, 0x84, 0x0D, 0x01,
+ /* 00000218 cmp ax,0x4f10 */ 0x3D, 0x10, 0x4F,
+ /* 0000021B jz near 0x337 */ 0x0F, 0x84, 0x18, 0x01,
+ /* 0000021F cmp ax,0x4f15 */ 0x3D, 0x15, 0x4F,
+ /* 00000222 jz near 0x344 */ 0x0F, 0x84, 0x1E, 0x01,
+ /* 00000226 cmp ah,0x0 */ 0x80, 0xFC, 0x00,
+ /* 00000229 jz near 0x363 */ 0x0F, 0x84, 0x36, 0x01,
+ /* 0000022D push si */ 0x56,
+ /* 0000022E mov si,0x3d7 */ 0xBE, 0xD7, 0x03,
+ /* 00000231 call 0x3ad */ 0xE8, 0x79, 0x01,
+ /* 00000234 pop si */ 0x5E,
+ /* 00000235 jmp short 0x235 */ 0xEB, 0xFE,
+ /* 00000237 push es */ 0x06,
+ /* 00000238 push di */ 0x57,
+ /* 00000239 push ds */ 0x1E,
+ /* 0000023A push si */ 0x56,
+ /* 0000023B push cx */ 0x51,
+ /* 0000023C push si */ 0x56,
+ /* 0000023D mov si,0x3eb */ 0xBE, 0xEB, 0x03,
+ /* 00000240 call 0x3ad */ 0xE8, 0x6A, 0x01,
+ /* 00000243 pop si */ 0x5E,
+ /* 00000244 push cs */ 0x0E,
+ /* 00000245 pop ds */ 0x1F,
+ /* 00000246 mov si,0x0 */ 0xBE, 0x00, 0x00,
+ /* 00000249 mov cx,0x100 */ 0xB9, 0x00, 0x01,
+ /* 0000024C cld */ 0xFC,
+ /* 0000024D rep movsb */ 0xF3, 0xA4,
+ /* 0000024F pop cx */ 0x59,
+ /* 00000250 pop si */ 0x5E,
+ /* 00000251 pop ds */ 0x1F,
+ /* 00000252 pop di */ 0x5F,
+ /* 00000253 pop es */ 0x07,
+ /* 00000254 jmp 0x395 */ 0xE9, 0x3E, 0x01,
+ /* 00000257 push es */ 0x06,
+ /* 00000258 push di */ 0x57,
+ /* 00000259 push ds */ 0x1E,
+ /* 0000025A push si */ 0x56,
+ /* 0000025B push cx */ 0x51,
+ /* 0000025C push si */ 0x56,
+ /* 0000025D mov si,0x3f6 */ 0xBE, 0xF6, 0x03,
+ /* 00000260 call 0x3ad */ 0xE8, 0x4A, 0x01,
+ /* 00000263 pop si */ 0x5E,
+ /* 00000264 and cx,0xbfff */ 0x81, 0xE1, 0xFF, 0xBF,
+ /* 00000268 cmp cx,0x13f */ 0x81, 0xF9, 0x3F, 0x01,
+ /* 0000026C jz 0x284 */ 0x74, 0x16,
+ /* 0000026E cmp cx,0x140 */ 0x81, 0xF9, 0x40, 0x01,
+ /* 00000272 jz 0x291 */ 0x74, 0x1D,
+ /* 00000274 cmp cx,0x141 */ 0x81, 0xF9, 0x41, 0x01,
+ /* 00000278 jz 0x29e */ 0x74, 0x24,
+ /* 0000027A push si */ 0x56,
+ /* 0000027B mov si,0x42c */ 0xBE, 0x2C, 0x04,
+ /* 0000027E call 0x3ad */ 0xE8, 0x2C, 0x01,
+ /* 00000281 pop si */ 0x5E,
+ /* 00000282 jmp short 0x235 */ 0xEB, 0xB1,
+ /* 00000284 push si */ 0x56,
+ /* 00000285 mov si,0x46b */ 0xBE, 0x6B, 0x04,
+ /* 00000288 call 0x3ad */ 0xE8, 0x22, 0x01,
+ /* 0000028B pop si */ 0x5E,
+ /* 0000028C mov si,0x100 */ 0xBE, 0x00, 0x01,
+ /* 0000028F jmp short 0x2b8 */ 0xEB, 0x27,
+ /* 00000291 push si */ 0x56,
+ /* 00000292 mov si,0x47d */ 0xBE, 0x7D, 0x04,
+ /* 00000295 call 0x3ad */ 0xE8, 0x15, 0x01,
+ /* 00000298 pop si */ 0x5E,
+ /* 00000299 mov si,0x132 */ 0xBE, 0x32, 0x01,
+ /* 0000029C jmp short 0x2b8 */ 0xEB, 0x1A,
+ /* 0000029E push si */ 0x56,
+ /* 0000029F mov si,0x48f */ 0xBE, 0x8F, 0x04,
+ /* 000002A2 call 0x3ad */ 0xE8, 0x08, 0x01,
+ /* 000002A5 pop si */ 0x5E,
+ /* 000002A6 mov si,0x164 */ 0xBE, 0x64, 0x01,
+ /* 000002A9 jmp short 0x2b8 */ 0xEB, 0x0D,
+ /* 000002AB push si */ 0x56,
+ /* 000002AC mov si,0x4a2 */ 0xBE, 0xA2, 0x04,
+ /* 000002AF call 0x3ad */ 0xE8, 0xFB, 0x00,
+ /* 000002B2 pop si */ 0x5E,
+ /* 000002B3 mov si,0x196 */ 0xBE, 0x96, 0x01,
+ /* 000002B6 jmp short 0x2b8 */ 0xEB, 0x00,
+ /* 000002B8 push cs */ 0x0E,
+ /* 000002B9 pop ds */ 0x1F,
+ /* 000002BA mov cx,0x32 */ 0xB9, 0x32, 0x00,
+ /* 000002BD cld */ 0xFC,
+ /* 000002BE rep movsb */ 0xF3, 0xA4,
+ /* 000002C0 pop cx */ 0x59,
+ /* 000002C1 pop si */ 0x5E,
+ /* 000002C2 pop ds */ 0x1F,
+ /* 000002C3 pop di */ 0x5F,
+ /* 000002C4 pop es */ 0x07,
+ /* 000002C5 jmp 0x395 */ 0xE9, 0xCD, 0x00,
+ /* 000002C8 push dx */ 0x52,
+ /* 000002C9 push ax */ 0x50,
+ /* 000002CA push si */ 0x56,
+ /* 000002CB mov si,0x410 */ 0xBE, 0x10, 0x04,
+ /* 000002CE call 0x3ad */ 0xE8, 0xDC, 0x00,
+ /* 000002D1 pop si */ 0x5E,
+ /* 000002D2 and bx,0xbfff */ 0x81, 0xE3, 0xFF, 0xBF,
+ /* 000002D6 cmp bx,0x13f */ 0x81, 0xFB, 0x3F, 0x01,
+ /* 000002DA jz 0x2f3 */ 0x74, 0x17,
+ /* 000002DC cmp bx,0x140 */ 0x81, 0xFB, 0x40, 0x01,
+ /* 000002E0 jz 0x2fd */ 0x74, 0x1B,
+ /* 000002E2 cmp bx,0x141 */ 0x81, 0xFB, 0x41, 0x01,
+ /* 000002E6 jz 0x307 */ 0x74, 0x1F,
+ /* 000002E8 push si */ 0x56,
+ /* 000002E9 mov si,0x42c */ 0xBE, 0x2C, 0x04,
+ /* 000002EC call 0x3ad */ 0xE8, 0xBE, 0x00,
+ /* 000002EF pop si */ 0x5E,
+ /* 000002F0 jmp 0x235 */ 0xE9, 0x42, 0xFF,
+ /* 000002F3 push si */ 0x56,
+ /* 000002F4 mov si,0x46b */ 0xBE, 0x6B, 0x04,
+ /* 000002F7 call 0x3ad */ 0xE8, 0xB3, 0x00,
+ /* 000002FA pop si */ 0x5E,
+ /* 000002FB jmp short 0x319 */ 0xEB, 0x1C,
+ /* 000002FD push si */ 0x56,
+ /* 000002FE mov si,0x47d */ 0xBE, 0x7D, 0x04,
+ /* 00000301 call 0x3ad */ 0xE8, 0xA9, 0x00,
+ /* 00000304 pop si */ 0x5E,
+ /* 00000305 jmp short 0x319 */ 0xEB, 0x12,
+ /* 00000307 push si */ 0x56,
+ /* 00000308 mov si,0x48f */ 0xBE, 0x8F, 0x04,
+ /* 0000030B call 0x3ad */ 0xE8, 0x9F, 0x00,
+ /* 0000030E pop si */ 0x5E,
+ /* 0000030F jmp short 0x319 */ 0xEB, 0x08,
+ /* 00000311 push si */ 0x56,
+ /* 00000312 mov si,0x4a2 */ 0xBE, 0xA2, 0x04,
+ /* 00000315 call 0x3ad */ 0xE8, 0x95, 0x00,
+ /* 00000318 pop si */ 0x5E,
+ /* 00000319 mov [0x4b0],bl */ 0x88, 0x1E, 0xB0, 0x04,
+ /* 0000031D mov [0x4b1],bh */ 0x88, 0x3E, 0xB1, 0x04,
+ /* 00000321 pop ax */ 0x58,
+ /* 00000322 pop dx */ 0x5A,
+ /* 00000323 jmp short 0x395 */ 0xEB, 0x70,
+ /* 00000325 push si */ 0x56,
+ /* 00000326 mov si,0x405 */ 0xBE, 0x05, 0x04,
+ /* 00000329 call 0x3ad */ 0xE8, 0x81, 0x00,
+ /* 0000032C pop si */ 0x5E,
+ /* 0000032D mov bl,[0x4b0] */ 0x8A, 0x1E, 0xB0, 0x04,
+ /* 00000331 mov bh,[0x4b1] */ 0x8A, 0x3E, 0xB1, 0x04,
+ /* 00000335 jmp short 0x395 */ 0xEB, 0x5E,
+ /* 00000337 push si */ 0x56,
+ /* 00000338 mov si,0x43b */ 0xBE, 0x3B, 0x04,
+ /* 0000033B call 0x3ad */ 0xE8, 0x6F, 0x00,
+ /* 0000033E pop si */ 0x5E,
+ /* 0000033F mov bx,0x80 */ 0xBB, 0x80, 0x00,
+ /* 00000342 jmp short 0x395 */ 0xEB, 0x51,
+ /* 00000344 push es */ 0x06,
+ /* 00000345 push di */ 0x57,
+ /* 00000346 push ds */ 0x1E,
+ /* 00000347 push si */ 0x56,
+ /* 00000348 push cx */ 0x51,
+ /* 00000349 push si */ 0x56,
+ /* 0000034A mov si,0x450 */ 0xBE, 0x50, 0x04,
+ /* 0000034D call 0x3ad */ 0xE8, 0x5D, 0x00,
+ /* 00000350 pop si */ 0x5E,
+ /* 00000351 push cs */ 0x0E,
+ /* 00000352 pop ds */ 0x1F,
+ /* 00000353 mov si,0x4b2 */ 0xBE, 0xB2, 0x04,
+ /* 00000356 mov cx,0x80 */ 0xB9, 0x80, 0x00,
+ /* 00000359 cld */ 0xFC,
+ /* 0000035A rep movsb */ 0xF3, 0xA4,
+ /* 0000035C pop cx */ 0x59,
+ /* 0000035D pop si */ 0x5E,
+ /* 0000035E pop ds */ 0x1F,
+ /* 0000035F pop di */ 0x5F,
+ /* 00000360 pop es */ 0x07,
+ /* 00000361 jmp short 0x395 */ 0xEB, 0x32,
+ /* 00000363 push si */ 0x56,
+ /* 00000364 mov si,0x41b */ 0xBE, 0x1B, 0x04,
+ /* 00000367 call 0x3ad */ 0xE8, 0x43, 0x00,
+ /* 0000036A pop si */ 0x5E,
+ /* 0000036B cmp al,0x3 */ 0x3C, 0x03,
+ /* 0000036D jz 0x37e */ 0x74, 0x0F,
+ /* 0000036F cmp al,0x12 */ 0x3C, 0x12,
+ /* 00000371 jz 0x38a */ 0x74, 0x17,
+ /* 00000373 push si */ 0x56,
+ /* 00000374 mov si,0x42c */ 0xBE, 0x2C, 0x04,
+ /* 00000377 call 0x3ad */ 0xE8, 0x33, 0x00,
+ /* 0000037A pop si */ 0x5E,
+ /* 0000037B jmp 0x235 */ 0xE9, 0xB7, 0xFE,
+ /* 0000037E push si */ 0x56,
+ /* 0000037F mov si,0x45c */ 0xBE, 0x5C, 0x04,
+ /* 00000382 call 0x3ad */ 0xE8, 0x28, 0x00,
+ /* 00000385 pop si */ 0x5E,
+ /* 00000386 mov al,0x0 */ 0xB0, 0x00,
+ /* 00000388 jmp short 0x38c */ 0xEB, 0x02,
+ /* 0000038A mov al,0x0 */ 0xB0, 0x00,
+ /* 0000038C push si */ 0x56,
+ /* 0000038D mov si,0x3c2 */ 0xBE, 0xC2, 0x03,
+ /* 00000390 call 0x3ad */ 0xE8, 0x1A, 0x00,
+ /* 00000393 pop si */ 0x5E,
+ /* 00000394 iret */ 0xCF,
+ /* 00000395 push si */ 0x56,
+ /* 00000396 mov si,0x3c2 */ 0xBE, 0xC2, 0x03,
+ /* 00000399 call 0x3ad */ 0xE8, 0x11, 0x00,
+ /* 0000039C pop si */ 0x5E,
+ /* 0000039D mov ax,0x4f */ 0xB8, 0x4F, 0x00,
+ /* 000003A0 iret */ 0xCF,
+ /* 000003A1 push si */ 0x56,
+ /* 000003A2 mov si,0x3c8 */ 0xBE, 0xC8, 0x03,
+ /* 000003A5 call 0x3ad */ 0xE8, 0x05, 0x00,
+ /* 000003A8 pop si */ 0x5E,
+ /* 000003A9 mov ax,0x24f */ 0xB8, 0x4F, 0x02,
+ /* 000003AC iret */ 0xCF,
+ /* 000003AD pusha */ 0x60,
+ /* 000003AE push ds */ 0x1E,
+ /* 000003AF push cs */ 0x0E,
+ /* 000003B0 pop ds */ 0x1F,
+ /* 000003B1 mov dx,0x220 */ 0xBA, 0x20, 0x02,
+ /* 000003B4 mov ax,0x0 */ 0xB8, 0x00, 0x00,
+ /* 000003B7 lodsb */ 0xAC,
+ /* 000003B8 cmp al,0x0 */ 0x3C, 0x00,
+ /* 000003BA jz 0x3bf */ 0x74, 0x03,
+ /* 000003BC out dx,al */ 0xEE,
+ /* 000003BD jmp short 0x3b7 */ 0xEB, 0xF8,
+ /* 000003BF pop ds */ 0x1F,
+ /* 000003C0 popa */ 0x61,
+ /* 000003C1 ret */ 0xC3,
+ /* 000003C2 jna 0x413 */ 0x76, 0x4F,
+ /* 000003C4 imul cx,[di],byte +0xa */ 0x6B, 0x0D, 0x0A,
+ /* 000003C7 add [bp+0x55],dh */ 0x00, 0x76, 0x55,
+ /* 000003CA outsb */ 0x6E,
+ /* 000003CB jnc 0x442 */ 0x73, 0x75,
+ /* 000003CD jo 0x43f */ 0x70, 0x70,
+ /* 000003CF outsw */ 0x6F,
+ /* 000003D0 jc 0x446 */ 0x72, 0x74,
+ /* 000003D2 fs or ax,0xa */ 0x65, 0x64, 0x0D, 0x0A, 0x00,
+ /* 000003D7 jna 0x42e */ 0x76, 0x55,
+ /* 000003D9 outsb */ 0x6E,
+ /* 000003DA imul bp,[bp+0x6f],byte +0x77 */ 0x6B, 0x6E, 0x6F, 0x77,
+ /* 000003DE outsb */ 0x6E,
+ /* 000003DF and [bp+0x75],al */ 0x20, 0x46, 0x75,
+ /* 000003E2 outsb */ 0x6E,
+ /* 000003E3 arpl [si+0x69],si */ 0x63, 0x74, 0x69,
+ /* 000003E6 outsw */ 0x6F,
+ /* 000003E7 outsb */ 0x6E,
+ /* 000003E8 or ax,0xa */ 0x0D, 0x0A, 0x00,
+ /* 000003EB jna 0x434 */ 0x76, 0x47,
+ /* 000003ED gs jz 0x439 */ 0x65, 0x74, 0x49,
+ /* 000003F0 outsb */ 0x6E,
+ /* 000003F1 outsd */ 0x66, 0x6F,
+ /* 000003F3 or ax,0xa */ 0x0D, 0x0A, 0x00,
+ /* 000003F6 jna 0x43f */ 0x76, 0x47,
+ /* 000003F8 gs jz 0x448 */ 0x65, 0x74, 0x4D,
+ /* 000003FB outsw */ 0x6F,
+ /* 000003FC gs dec cx */ 0x64, 0x65, 0x49,
+ /* 000003FF outsb */ 0x6E,
+ /* 00000400 outsd */ 0x66, 0x6F,
+ /* 00000402 or ax,0xa */ 0x0D, 0x0A, 0x00,
+ /* 00000405 jna 0x44e */ 0x76, 0x47,
+ /* 00000407 gs jz 0x457 */ 0x65, 0x74, 0x4D,
+ /* 0000040A outsw */ 0x6F,
+ /* 0000040B gs or ax,0xa */ 0x64, 0x65, 0x0D, 0x0A, 0x00,
+ /* 00000410 jna 0x465 */ 0x76, 0x53,
+ /* 00000412 gs jz 0x462 */ 0x65, 0x74, 0x4D,
+ /* 00000415 outsw */ 0x6F,
+ /* 00000416 gs or ax,0xa */ 0x64, 0x65, 0x0D, 0x0A, 0x00,
+ /* 0000041B jna 0x470 */ 0x76, 0x53,
+ /* 0000041D gs jz 0x46d */ 0x65, 0x74, 0x4D,
+ /* 00000420 outsw */ 0x6F,
+ /* 00000421 gs dec sp */ 0x64, 0x65, 0x4C,
+ /* 00000424 gs a32 popa */ 0x65, 0x67, 0x61,
+ /* 00000427 arpl [bx+di+0xd],di */ 0x63, 0x79, 0x0D,
+ /* 0000042A or al,[bx+si] */ 0x0A, 0x00,
+ /* 0000042C jna 0x483 */ 0x76, 0x55,
+ /* 0000042E outsb */ 0x6E,
+ /* 0000042F imul bp,[bx+0x77],byte +0x6e */ 0x6B, 0x6F, 0x77, 0x6E,
+ /* 00000433 and [di+0x6f],cl */ 0x20, 0x4D, 0x6F,
+ /* 00000436 gs or ax,0xa */ 0x64, 0x65, 0x0D, 0x0A, 0x00,
+ /* 0000043B jna 0x484 */ 0x76, 0x47,
+ /* 0000043D gs jz 0x490 */ 0x65, 0x74, 0x50,
+ /* 00000440 insw */ 0x6D,
+ /* 00000441 inc bx */ 0x43,
+ /* 00000442 popa */ 0x61,
+ /* 00000443 jo 0x4a6 */ 0x70, 0x61,
+ /* 00000445 bound bp,[bx+di+0x6c] */ 0x62, 0x69, 0x6C,
+ /* 00000448 imul si,[si+0x69],word 0x7365 */ 0x69, 0x74, 0x69, 0x65, 0x73,
+ /* 0000044D or ax,0xa */ 0x0D, 0x0A, 0x00,
+ /* 00000450 jna 0x4a4 */ 0x76, 0x52,
+ /* 00000452 gs popa */ 0x65, 0x61,
+ /* 00000454 fs inc bp */ 0x64, 0x45,
+ /* 00000456 imul sp,[fs:si+0xd],word 0xa */ 0x64, 0x69, 0x64, 0x0D, 0x0A, 0x00,
+ /* 0000045C jna 0x4aa */ 0x76, 0x4C,
+ /* 0000045E gs a32 popa */ 0x65, 0x67, 0x61,
+ /* 00000461 arpl [bx+di+0x4d],di */ 0x63, 0x79, 0x4D,
+ /* 00000464 outsw */ 0x6F,
+ /* 00000465 xor cx,[gs:di] */ 0x64, 0x65, 0x33, 0x0D,
+ /* 00000469 or al,[bx+si] */ 0x0A, 0x00,
+ /* 0000046B insw */ 0x6D,
+ /* 0000046C outsw */ 0x6F,
+ /* 0000046D gs pop di */ 0x64, 0x65, 0x5F,
+ /* 00000470 ss xor al,0x30 */ 0x36, 0x34, 0x30,
+ /* 00000473 js 0x4a9 */ 0x78, 0x34,
+ /* 00000475 cmp [bx+si],dh */ 0x38, 0x30,
+ /* 00000477 js 0x4ac */ 0x78, 0x33,
+ /* 00000479 xor cl,[di] */ 0x32, 0x0D,
+ /* 0000047B or al,[bx+si] */ 0x0A, 0x00,
+ /* 0000047D insw */ 0x6D,
+ /* 0000047E outsw */ 0x6F,
+ /* 0000047F gs pop di */ 0x64, 0x65, 0x5F,
+ /* 00000482 cmp [bx+si],dh */ 0x38, 0x30,
+ /* 00000484 xor [bx+si+0x36],bh */ 0x30, 0x78, 0x36,
+ /* 00000487 xor [bx+si],dh */ 0x30, 0x30,
+ /* 00000489 js 0x4be */ 0x78, 0x33,
+ /* 0000048B xor cl,[di] */ 0x32, 0x0D,
+ /* 0000048D or al,[bx+si] */ 0x0A, 0x00,
+ /* 0000048F insw */ 0x6D,
+ /* 00000490 outsw */ 0x6F,
+ /* 00000491 gs pop di */ 0x64, 0x65, 0x5F,
+ /* 00000494 xor [bx+si],si */ 0x31, 0x30,
+ /* 00000496 xor dh,[si] */ 0x32, 0x34,
+ /* 00000498 js 0x4d1 */ 0x78, 0x37,
+ /* 0000049A cmp [ss:bx+si+0x33],bh */ 0x36, 0x38, 0x78, 0x33,
+ /* 0000049E xor cl,[di] */ 0x32, 0x0D,
+ /* 000004A0 or al,[bx+si] */ 0x0A, 0x00,
+ /* 000004A2 insw */ 0x6D,
+ /* 000004A3 outsw */ 0x6F,
+ /* 000004A4 gs pop di */ 0x64, 0x65, 0x5F,
+ /* 000004A7 jnz 0x517 */ 0x75, 0x6E,
+ /* 000004A9 jnz 0x51e */ 0x75, 0x73,
+ /* 000004AB fs or ax,0xa */ 0x65, 0x64, 0x0D, 0x0A, 0x00,
+ /* 000004B0 add [bx+si],al */ 0x00, 0x00,
+ /* 000004B2 add [bx+si],al */ 0x00, 0x00,
+ /* 000004B4 add [bx+si],al */ 0x00, 0x00,
+ /* 000004B6 add [bx+si],al */ 0x00, 0x00,
+ /* 000004B8 add [bx+si],al */ 0x00, 0x00,
+ /* 000004BA add [bx+si],al */ 0x00, 0x00,
+ /* 000004BC add [bx+si],al */ 0x00, 0x00,
+ /* 000004BE add [bx+si],al */ 0x00, 0x00,
+ /* 000004C0 add [bx+si],al */ 0x00, 0x00,
+ /* 000004C2 add [bx+si],al */ 0x00, 0x00,
+ /* 000004C4 add [bx+si],al */ 0x00, 0x00,
+ /* 000004C6 add [bx+si],al */ 0x00, 0x00,
+ /* 000004C8 add [bx+si],al */ 0x00, 0x00,
+ /* 000004CA add [bx+si],al */ 0x00, 0x00,
+ /* 000004CC add [bx+si],al */ 0x00, 0x00,
+ /* 000004CE add [bx+si],al */ 0x00, 0x00,
+ /* 000004D0 add [bx+si],al */ 0x00, 0x00,
+ /* 000004D2 add [bx+si],al */ 0x00, 0x00,
+ /* 000004D4 add [bx+si],al */ 0x00, 0x00,
+ /* 000004D6 add [bx+si],al */ 0x00, 0x00,
+ /* 000004D8 add [bx+si],al */ 0x00, 0x00,
+ /* 000004DA add [bx+si],al */ 0x00, 0x00,
+ /* 000004DC add [bx+si],al */ 0x00, 0x00,
+ /* 000004DE add [bx+si],al */ 0x00, 0x00,
+ /* 000004E0 add [bx+si],al */ 0x00, 0x00,
+ /* 000004E2 add [bx+si],al */ 0x00, 0x00,
+ /* 000004E4 add [bx+si],al */ 0x00, 0x00,
+ /* 000004E6 add [bx+si],al */ 0x00, 0x00,
+ /* 000004E8 add [bx+si],al */ 0x00, 0x00,
+ /* 000004EA add [bx+si],al */ 0x00, 0x00,
+ /* 000004EC add [bx+si],al */ 0x00, 0x00,
+ /* 000004EE add [bx+si],al */ 0x00, 0x00,
+ /* 000004F0 add [bx+si],al */ 0x00, 0x00,
+ /* 000004F2 add [bx+si],al */ 0x00, 0x00,
+ /* 000004F4 add [bx+si],al */ 0x00, 0x00,
+ /* 000004F6 add [bx+si],al */ 0x00, 0x00,
+ /* 000004F8 add [bx+si],al */ 0x00, 0x00,
+ /* 000004FA add [bx+si],al */ 0x00, 0x00,
+ /* 000004FC add [bx+si],al */ 0x00, 0x00,
+ /* 000004FE add [bx+si],al */ 0x00, 0x00,
+ /* 00000500 add [bx+si],al */ 0x00, 0x00,
+ /* 00000502 add [bx+si],al */ 0x00, 0x00,
+ /* 00000504 add [bx+si],al */ 0x00, 0x00,
+ /* 00000506 add [bx+si],al */ 0x00, 0x00,
+ /* 00000508 add [bx+si],al */ 0x00, 0x00,
+ /* 0000050A add [bx+si],al */ 0x00, 0x00,
+ /* 0000050C add [bx+si],al */ 0x00, 0x00,
+ /* 0000050E add [bx+si],al */ 0x00, 0x00,
+ /* 00000510 add [bx+si],al */ 0x00, 0x00,
+ /* 00000512 add [bx+si],al */ 0x00, 0x00,
+ /* 00000514 add [bx+si],al */ 0x00, 0x00,
+ /* 00000516 add [bx+si],al */ 0x00, 0x00,
+ /* 00000518 add [bx+si],al */ 0x00, 0x00,
+ /* 0000051A add [bx+si],al */ 0x00, 0x00,
+ /* 0000051C add [bx+si],al */ 0x00, 0x00,
+ /* 0000051E add [bx+si],al */ 0x00, 0x00,
+ /* 00000520 add [bx+si],al */ 0x00, 0x00,
+ /* 00000522 add [bx+si],al */ 0x00, 0x00,
+ /* 00000524 add [bx+si],al */ 0x00, 0x00,
+ /* 00000526 add [bx+si],al */ 0x00, 0x00,
+ /* 00000528 add [bx+si],al */ 0x00, 0x00,
+ /* 0000052A add [bx+si],al */ 0x00, 0x00,
+ /* 0000052C add [bx+si],al */ 0x00, 0x00,
+ /* 0000052E add [bx+si],al */ 0x00, 0x00,
+ /* 00000530 add [bx+si],al */ 0x00, 0x00,
+ /* 00000532 add [bx+si],al */ 0x00, 0x00,
+};
+#endif
diff --git a/OvmfPkg/IntelGvtGopDxe/VbeShim.sh b/OvmfPkg/IntelGvtGopDxe/VbeShim.sh
new file mode 100755
index 000000000000..4f61e5220b01
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/VbeShim.sh
@@ -0,0 +1,81 @@
+#!/bin/sh
+###
+# @file
+# Shell script to assemble and dump the fake Int10h handler from NASM source to
+# a C array.
+#
+# Copyright (C) 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (C) 2020, Rebecca Cran <rebecca@bsdio.com>
+# Copyright (C) 2014, Red Hat, Inc.
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+###
+
+set -e -u
+
+STEM=$(dirname -- "$0")/$(basename -- "$0" .sh)
+
+#
+# Install exit handler -- remove temporary files.
+#
+exit_handler()
+{
+ rm -f -- "$STEM".bin "$STEM".disasm "$STEM".offsets "$STEM".insns \
+ "$STEM".bytes
+}
+trap exit_handler EXIT
+
+#
+# Assemble the source file.
+#
+nasm -o "$STEM".bin "$STEM".asm
+
+#
+# Disassemble it, in order to get a binary dump associated with the source.
+# (ndisasm doesn't recognize the "--" end-of-options delimiter.)
+#
+ndisasm "$STEM".bin >"$STEM".disasm
+
+#
+# Create three files, each with one column of the disassembly.
+#
+# The first column contains the offsets, and it starts the comment.
+#
+cut -c 1-8 -- "$STEM".disasm \
+| sed -e 's,^, /* ,' >"$STEM".offsets
+
+#
+# The second column contains the assembly-language instructions, and it closes
+# the comment. We first pad it to 30 characters.
+#
+cut -c 29- -- "$STEM".disasm \
+| sed -e 's,$, ,' \
+ -e 's,^\(.\{30\}\).*$,\1 */,' >"$STEM".insns
+
+#
+# The third column contains the bytes corresponding to the instruction,
+# represented as C integer constants. First strip trailing whitespace from the
+# middle column of the input disassembly, then process pairs of nibbles.
+#
+cut -c 11-28 -- "$STEM".disasm \
+| sed -e 's, \+$,,' -e 's/\(..\)/ 0x\1,/g' | sed 's/0x ,//g' >"$STEM".bytes
+
+#
+# Write the output file, recombining the columns. The output should have CRLF
+# line endings.
+#
+{
+ printf '//\n'
+ printf '// THIS FILE WAS GENERATED BY "%s". DO NOT EDIT.\n' \
+ "$(basename -- "$0")"
+ printf '//\n'
+ printf '#ifndef _VBE_SHIM_H_\n'
+ printf '#define _VBE_SHIM_H_\n'
+ printf 'STATIC CONST UINT8 gVbeShim[] = {\n'
+ paste -d ' ' -- "$STEM".offsets "$STEM".insns "$STEM".bytes
+ printf '};\n'
+ printf '#endif\n'
+} \
+| unix2dos >"$STEM".h
diff --git a/OvmfPkg/IntelGvtGopDxe/VirtualGpu.c b/OvmfPkg/IntelGvtGopDxe/VirtualGpu.c
new file mode 100644
index 000000000000..dc2c23706c8b
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/VirtualGpu.c
@@ -0,0 +1,400 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "Common.h"
+#include "VirtualGpu.h"
+#include "GpuReg.h"
+#include "Gtt.h"
+#include "Display.h"
+#include <Library/QemuFwCfgLib.h>
+
+EFI_STATUS
+IntelVirtualGpuActive (
+ IN EFI_PCI_IO_PROTOCOL *PciIo
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+ PCI_TYPE00 PciHdr = {0};
+ UINT64 Magic = 0;
+ UINT32 Version = 0;
+ UINT16 VerMajor = 0, VerMinor = 0;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ Status = PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint32,
+ 0,
+ sizeof (PciHdr) / sizeof (UINT32),
+ &PciHdr
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't read PCI config header, status %d\n", Status
+ );
+ Status = EFI_UNSUPPORTED;
+ goto Done;
+ }
+
+ if (!IS_PCI_DISPLAY (&PciHdr) || PciHdr.Hdr.VendorId != 0x8086) {
+ GVT_DEBUG (EFI_D_VERBOSE,
+ "Skip non Intel PCI Display [%04x:%04x] class:%x\n",
+ PciHdr.Hdr.VendorId, PciHdr.Hdr.DeviceId, PciHdr.Hdr.ClassCode[2]
+ );
+ Status = EFI_UNSUPPORTED;
+ goto Done;
+ }
+
+ Status = PciIo->Mem.Read (
+ PciIo,
+ EfiPciIoWidthUint64,
+ PCI_BAR_IDX0,
+ vgtif_reg(magic),
+ 1,
+ &Magic
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't read GVT magic from [%04x:%04x], status %d\n",
+ PciHdr.Hdr.VendorId, PciHdr.Hdr.DeviceId, Status
+ );
+ Status = EFI_UNSUPPORTED;
+ goto Done;
+ }
+
+ if (Magic != VGT_MAGIC) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Read magic from [%04x:%04x], get %x expect %x\n",
+ PciHdr.Hdr.VendorId, PciHdr.Hdr.DeviceId, Magic, VGT_MAGIC
+ );
+ Status = EFI_UNSUPPORTED;
+ goto Done;
+ }
+
+ Status = PciIo->Mem.Read (
+ PciIo,
+ EfiPciIoWidthUint32,
+ PCI_BAR_IDX0,
+ vgtif_reg(version_major),
+ 1,
+ &Version
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't read GVT version from [%04x:%04x], status %d\n",
+ PciHdr.Hdr.VendorId, PciHdr.Hdr.DeviceId, Status
+ );
+ Status = EFI_UNSUPPORTED;
+ goto Done;
+ }
+
+ VerMajor = Version & 0xFFFF;
+ VerMinor = (Version & 0xFFFF) >> 16;
+ if (VerMajor < VGT_VERSION_MAJOR) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Check VGT interface version of [%04x:%04x], got %x.%x, expect %x.*\n",
+ PciHdr.Hdr.VendorId, PciHdr.Hdr.DeviceId,
+ VerMajor, VerMinor, VGT_VERSION_MAJOR
+ );
+ Status = EFI_UNSUPPORTED;
+ goto Done;
+ }
+
+ GVT_DEBUG (EFI_D_INFO,
+ "Intel GVT-g virtual GPU [%04x:%04x] detected, version %x.%x\n",
+ PciHdr.Hdr.VendorId, PciHdr.Hdr.DeviceId, VerMajor, VerMinor
+ );
+ Status = EFI_SUCCESS;
+
+Done:
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuInit (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ )
+{
+ EFI_STATUS Status = EFI_UNSUPPORTED;
+ EFI_PCI_IO_PROTOCOL *PciIo;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+ FIRMWARE_CONFIG_ITEM FwCfgItem;
+ UINTN FwCfgSize;
+ UINT8 Val8;
+ UINT64 Val64;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ PciIo = Private->PciIo;
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+ Status = PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint16,
+ PCI_VENDOR_ID_OFFSET,
+ 1,
+ &VirtualGpu->VendorId
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't read PCI_VENDOR_ID_OFFSET, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ Status = PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint16,
+ PCI_DEVICE_ID_OFFSET,
+ 1,
+ &VirtualGpu->DeviceId
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't read PCI_DEVICE_ID_OFFSET, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ Status = PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint64,
+ PCI_BASE_ADDRESSREG_OFFSET + PCI_BAR_IDX2 * 4,
+ 1,
+ &Val64
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "Can't get GMADR from BAR2, status %d\n", Status);
+ goto Done;
+ }
+
+ if (Val64 & 0x1) {
+ Status = EFI_OUT_OF_RESOURCES;
+ GVT_DEBUG (EFI_D_ERROR, "BAR2 isn't memory space, status %d\n", Status);
+ goto Done;
+ }
+
+ switch (Val64 >> 1 & 0x3) {
+ case 0:
+ VirtualGpu->GpuMemAddr = Val64 & 0xFFFFFFF0;
+ GVT_DEBUG (EFI_D_VERBOSE, "BAR2 has 32-bit access space\n");
+ break;
+ case 2:
+ VirtualGpu->GpuMemAddr = Val64 & ~0xF;
+ GVT_DEBUG (EFI_D_VERBOSE, "BAR2 has 64-bit access space\n");
+ break;
+ default:
+ Status = EFI_OUT_OF_RESOURCES;
+ GVT_DEBUG (EFI_D_ERROR,
+ "BAR2 has unknown access space, status %d\n", Status
+ );
+ goto Done;
+ break;
+ }
+
+ Status = PciIo->Pci.Read (
+ PciIo,
+ EfiPciIoWidthUint8,
+ PCI_REG_MSAC,
+ 1,
+ &Val8
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Can't get MSAC from %x, status %d\n", PCI_REG_MSAC, Status
+ );
+ goto Done;
+ }
+
+ Val8 &= 0x1F;
+ if (Val8 & 0x10) {
+ VirtualGpu->GpuMemSizeM = 4096;
+ } else {
+ Val8 &= 0xF;
+ if (Val8 & 0x8) {
+ VirtualGpu->GpuMemSizeM = 2048;
+ } else {
+ Val8 &= 0x7;
+ if (Val8 & 0x4) {
+ VirtualGpu->GpuMemSizeM = 1024;
+ } else {
+ Val8 &= 0x3;
+ if (Val8 & 0x2) {
+ VirtualGpu->GpuMemSizeM = 512;
+ } else {
+ if (Val8 & 0x1) {
+ VirtualGpu->GpuMemSizeM = 256;
+ } else {
+ VirtualGpu->GpuMemSizeM = 128;
+ }
+ }
+ }
+ }
+ }
+
+ Status = QemuFwCfgFindFile ("etc/igd-opregion", &FwCfgItem, &FwCfgSize);
(1) This feature still relies on "etc/igd-opregion".

And so, while this driver "poses" as a UEFI_DRIVER module for a PCI
device, it remains a platform driver.

That's still a deal-breaker -- please refer to
<https://bugzilla.tianocore.org/show_bug.cgi?id=935>, specifically
comment 15.

Has there been any improvement regarding the requirement that the
opregion come from QEMU via fw_cfg, for the Windows guest driver's sake?

(I really wish you had first asked about this feature, before authoring
a driver with 4000+ lines!)
Sorry for the confusion. Yes I understand the history in the case of IGD passthrough. Maybe it's better if I've added an RFC in the subject. I'm not intended to sell the patch directly, instead to have a patch first so that have more details to receive valuable comments. Either UEFI_DRIVER or platform driver should follow OVMF requirement for sure, there is no doubt for that.
The current igd-opregion indeed block us finding better solution to get rid of it due to the dependency of guest driver implementation. So for this part there is nothing can do but follow the driver behavior.

However there is still use case to boot a UEFI guest with only one GPU (Intel GVT-g vGPU) but there is no screen output duing non-OS stage, this is the exact problem this patch tries to resolve.

Unlike the patch you mentioned, the majority of this patch consists of two parts: GOP and mdev device emulation. I thought feedback on them are still valuable, thus sent out as a single patch first.

(2) If the fw_cfg file in question is not found, the patch simply
ignores it. We log a debug message about it (not even an error message),
but then proceed with the rest of the code as if everything was OK.

Is that intentional?
It's absolutely OK doing in this way. etc/igd-opregion is indeed not clear for OVMF. Assume future guest driver decouple itself with igd-opregion, which some guest driver doesn't rely on it already, the intention of this patch is to have a common solution for Intel GVT-g vGPU.

Again the intention is not push the patch into EDK2, but RFC and find out accepable part into upstream, either EDK2 or EDK2-platform. Sorry for not making it clear at first time.


(3) There's a whole lot of style issues in the code, and I absolutely
don't see myself identifying every single one of those for you, in a
4000+ line driver.

(EFI_D_xxx macro usage, line wrapping issues with multi-line function
calls, comment style problems, an assumption of varargs support with
function-like macros on all edk2 toolchains, building the driver only
for X64, ...)
Style issues are mainly due to I looked all around EDK2 and found different components have very different styles so just follow what I saw. I'll review them again and make sure there are fixed. I'll also double check and make sure all other compling toolchains won't be broken.
It'll be great if you cound suggest a good-style reference so that I can strictly follow it.


I'd much prefer if you maintained this driver outside of OvmfPkg
(perhaps somewhere in edk2-platforms, possibly under
Drivers/OptionRomPkg/), and then, given a UEFI driver binary, you passed
it to QEMU via the device's ROM BAR, per
<https://bugzilla.tianocore.org/show_bug.cgi?id=935#c17>.

This is acceptable. In device pass through case, UEFI driver passed as ROM BAR are commonly used so it can meet the using scenario.

I'd be *somewhat* open to accepting this driver into OvmfPkg if:

- you formally assume on-going reviewership for the driver
(Maintainers.txt),
Since it's tight to Intel GVT-g, I'll discuss with GVT-g maintainer and keep a on-going reviewship in the list so that it can be actively mainained as GVT-g.
- you set the feature test macro in the DSC files to FALSE by default,
Consider it done. It won't be a problem.
- you fix all the style issues with the help of other Intel contributors,
I'll revise and update.
- you explicitly document somewhere that the fw_cfg access is a design
bug in a UEFI driver (especially for an assigned device) -- it remains a
platform driver, contrary to the semblance, for the sake of the arguably
broken Windows guest driver,
Sure.
- you make the driver 32-bit clean and include it in the IA32 and
IA32X64 DSC files too.
Sure.

I won't even mention how unreviewable a "patch bomb" like this is; such
a driver should be constructed (erected) gradually over 10-20 patches at
the minimum, isolating the UEFI driver model code from the device
initialization from the various GOP member functions. I won't mention
that because I don't intend to review this driver in depth anyway.
Not be a problem. I'll find a way to split the patch to a reviewable series.

I might be willing to accept it as an optional (disabled by default)
"code dump", as long as you ensure the bare minimum of edk2 style and
build requirements, and take full responsibility for the driver in the
future.
... Honestly, the fact that you never asked about this feature on any
edk2 list, and that you (apparently) never searched the TianoCore
bugzilla tracker for potentially related BZs (such as #935), doesn't
really boost my confidence in this feature.
It's my negligence. I do realized the existence of #935, which is always referenced in some down-upstream project. The situation here is we have a user experience problem at first and need resolve it asap so the off-tree
patch is crafted first. Then we are looking for re-using the implemenation in up-stream so that it can benefits more open source users. Since the draft patch is done, it feels like reasonly to send to community as an opening so that experts can direclty suggest an acceptable way to re-use some of the implmentation to craft an upstream version. igd-opregion is a dirty part but is not the foundation or dependency of this GOP driver.


In summary if my understanding is correct, this driver is closer to a platform driver (due to it's dependecy to vfio) than a full simulated device driver. Maybe there is tiny chance it can be accepted in OvmfPkg, but Drivers/OptionRomPkg is the more proper place it should sit.

I'll send the revised version to Drivers/OptionRomPkg with all review comments (now & future) considered. igd-opregion maybe completely removed from the driver, or could be kept in code but disabled by default, the reason and explanation will be documented somewhere in case some very specific sceaniro requires.


"There's always a first step in everything". Please accept my apollogy if this first step had an impact on the technical discussion. As developer I payed more attention to the implemenation and re-usability, but could lack big picture thinking and overall considerations. Thus your and other maintainers' comments are very valuable to drive to the right direction.

Laszlo

+ if (Status == EFI_SUCCESS && FwCfgSize == OPREGION_SIZE) {
+ // OpRegion must sit below 4 GB
+ VirtualGpu->OpRegion = SIZE_4GB - 1;
+ Status = gBS->AllocatePages (
+ AllocateMaxAddress,
+ EfiReservedMemoryType,
+ EFI_SIZE_TO_PAGES (OPREGION_SIZE),
+ &VirtualGpu->OpRegion
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to allocate %d pages size %lx for OpRegion, status %d\n",
+ EFI_SIZE_TO_PAGES (OPREGION_SIZE), OPREGION_SIZE, Status
+ );
+ goto Done;
+ }
+ QemuFwCfgSelectItem (FwCfgItem);
+ QemuFwCfgReadBytes (FwCfgSize, (VOID*)VirtualGpu->OpRegion);
+ Status = PciIo->Pci.Write (
+ PciIo,
+ EfiPciIoWidthUint32,
+ PCI_REG_ASLS,
+ 1,
+ (UINT32*)&VirtualGpu->OpRegion
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to write OpRegion %p to PCI config offset 0x%x, status %d\n",
+ VirtualGpu->OpRegion, PCI_REG_ASLS, Status
+ );
+ goto Done;
+ } else {
+ GVT_DEBUG (EFI_D_INFO,
+ "OpRegion %p is set to PCI config offset 0x%x\n",
+ VirtualGpu->OpRegion, PCI_REG_ASLS
+ );
+ }
+ } else {
+ GVT_DEBUG (EFI_D_VERBOSE,
+ "Not igd-opregion found in QEMU firmware config\n"
+ );
+ }
+
+ RegRead32 (Private,
+ vgtif_reg(avail_rs.mappable_gmadr.base), &VirtualGpu->VisibleOffset);
+ RegRead32 (Private,
+ vgtif_reg(avail_rs.mappable_gmadr.size), &VirtualGpu->VisibleSize);
+ RegRead32 (Private,
+ vgtif_reg(avail_rs.nonmappable_gmadr.base), &VirtualGpu->InvisibleOffset);
+ RegRead32 (Private,
+ vgtif_reg(avail_rs.nonmappable_gmadr.size), &VirtualGpu->InvisibleSize);
+ VirtualGpu->VisibleGGTTOffset = VirtualGpu->VisibleOffset >> GTT_PAGE_SHIFT;
+ VirtualGpu->VisibleGGTTSize = VirtualGpu->VisibleSize >> GTT_PAGE_SHIFT;
+ VirtualGpu->InvisibleGGTTOffset = VirtualGpu->InvisibleOffset >> GTT_PAGE_SHIFT;
+ VirtualGpu->InvisibleGGTTSize = VirtualGpu->InvisibleSize >> GTT_PAGE_SHIFT;
+
+ GVT_DEBUG (
+ EFI_D_INFO,
+ "GMADR [0x%lx - 0x%lx], size %d MB\n",
+ VirtualGpu->GpuMemAddr,
+ VirtualGpu->GpuMemAddr + VirtualGpu->GpuMemSizeM * 0x100000,
+ VirtualGpu->GpuMemSizeM
+ );
+ GVT_DEBUG (
+ EFI_D_INFO,
+ "visible offset [0x%x - 0x%x] size %d KB, GGTT range [%x - %x]\n",
+ VirtualGpu->VisibleOffset,
+ VirtualGpu->VisibleOffset + VirtualGpu->VisibleSize,
+ VirtualGpu->VisibleSize / 0x400,
+ VirtualGpu->VisibleGGTTOffset,
+ VirtualGpu->VisibleGGTTOffset + VirtualGpu->VisibleGGTTSize
+ );
+ GVT_DEBUG (
+ EFI_D_INFO,
+ "invisible offset [0x%x - 0x%x] size %d KB, GGTT range [%x - %x]\n",
+ VirtualGpu->InvisibleOffset,
+ VirtualGpu->InvisibleOffset + VirtualGpu->InvisibleSize,
+ VirtualGpu->InvisibleSize / 0x400,
+ VirtualGpu->InvisibleGGTTOffset,
+ VirtualGpu->InvisibleGGTTOffset + VirtualGpu->InvisibleGGTTSize
+ );
+
+ Status = IntelVirtualGpuDisplayInit (Private);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to initialize display, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ Status = IntelVirtualGpuSetMode (&Private->GraphicsOutputProtocol, 0);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to set init display mode, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ Status = IntelVirtualGpuNotifyDisplayReady (Private, TRUE);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "Fail to notify display ready, status %d\n", Status
+ );
+ goto Done;
+ }
+
+ // Flush all reg after DisplayReady
+ Status = IntelVirtualGpuEnableDisplay (
+ Private,
+ 0,
+ TRUE
+ );
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
+
+EFI_STATUS
+IntelVirtualGpuClean (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ )
+{
+ EFI_STATUS Status = EFI_INVALID_PARAMETER;
+ PINTEL_VIRTUAL_GPU VirtualGpu;
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: >>>\n", __FUNCTION__);
+
+ Status = IntelVirtualGpuDisplayClean (Private);
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR, "Fail to clean display, status %d\n", Status);
+ goto Done;
+ }
+
+ VirtualGpu = (PINTEL_VIRTUAL_GPU)Private->VirtualGpu;
+ if (VirtualGpu->OpRegion) {
+ Status = gBS->FreePages (
+ VirtualGpu->OpRegion,
+ EFI_SIZE_TO_PAGES (OPREGION_SIZE)
+ );
+ if (EFI_ERROR (Status)) {
+ GVT_DEBUG (EFI_D_ERROR,
+ "FreePages failed for OpRegion, pages %d, size %d, status %d\n",
+ EFI_SIZE_TO_PAGES (OPREGION_SIZE), OPREGION_SIZE, Status
+ );
+ goto Done;
+ }
+ Status = EFI_SUCCESS;
+ }
+
+Done:
+
+ GVT_DEBUG (EFI_D_VERBOSE, "%a: <<<\n", __FUNCTION__);
+
+ return Status;
+}
diff --git a/OvmfPkg/IntelGvtGopDxe/VirtualGpu.h b/OvmfPkg/IntelGvtGopDxe/VirtualGpu.h
new file mode 100644
index 000000000000..60d80eadb3ac
--- /dev/null
+++ b/OvmfPkg/IntelGvtGopDxe/VirtualGpu.h
@@ -0,0 +1,52 @@
+/** @file
+ Component name for the QEMU video controller.
+
+ Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __VIRTUALGPU_H_
+#define __VIRTUALGPU_H_
+
+#include <Display.h>
+
+#define PCI_REG_MSAC 0x62
+#define PCI_REG_ASLS 0xFC
+
+#define OPREGION_SIZE SIZE_8KB
+
+typedef struct _INTEL_VIRTUAL_GPU {
+ UINT16 VendorId;
+ UINT16 DeviceId;
+ EFI_PHYSICAL_ADDRESS OpRegion;
+ EFI_PHYSICAL_ADDRESS GpuMemAddr;
+ UINT32 GpuMemSizeM;
+ UINT32 VisibleOffset;
+ UINT32 VisibleSize;
+ UINT32 VisibleGGTTOffset;
+ UINT32 VisibleGGTTSize;
+ UINT32 InvisibleOffset;
+ UINT32 InvisibleSize;
+ UINT32 InvisibleGGTTOffset;
+ UINT32 InvisibleGGTTSize;
+ INTEL_VIRTUAL_GPU_DISPLAY Display;
+} INTEL_VIRTUAL_GPU, *PINTEL_VIRTUAL_GPU;
+
+EFI_STATUS
+IntelVirtualGpuActive (
+ IN EFI_PCI_IO_PROTOCOL *PciIo
+ );
+
+EFI_STATUS
+IntelVirtualGpuInit (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ );
+
+EFI_STATUS
+IntelVirtualGpuClean (
+ IN OUT GVT_GOP_PRIVATE_DATA *Private
+ );
+
+#endif //__VIRTUALGPU_H_





Re: Conflicting virtual addresses causing Runtime Services issues

Jon Nettleton
 

On Thu, Mar 11, 2021 at 11:39 PM Ard Biesheuvel <ardb@kernel.org> wrote:

On Thu, 11 Mar 2021 at 23:25, Laszlo Ersek <lersek@redhat.com> wrote:

Adding Ard and Leif, comments below:

On 03/11/21 15:50, Laszlo Ersek wrote:
On 03/11/21 10:48, Jon Nettleton wrote:
[...]

And this is where the pointer gets remapped again and into the MMIO
space of the nor flash. If I remove the calls to ConvertPointer for
the FvbProtocol I am still seeing those addresses getting remapped
but only once and runtime works as expected.

I am seeing that in
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
&mVariableModuleGlobal->FvbInstance->* are all being converted. It
is possible this is a long standing bug and it just so happens that
our configuration has caused a conflict and exposed it.
Yes, this is curious, I noticed it too yesterday, trying to see where
the FVB protocol member function pointers were converted. I found that
OVMF's flash driver (OvmfPkg/QemuFlashFvbServicesRuntimeDxe) didn't do
it, but MdeModulePkg/Universal/Variable/RuntimeDxe did. That was
certainly strange, as the variable driver is a consumer of the
protocol (not the producer thereof), so I'd say it has no business
poking new values into the protocol interface structure.
[...]

... Strangely, the other flash (FVB) driver in edk2,
ArmPlatformPkg/Drivers/NorFlashDxe, *does* perform the conversion
itself! See NorFlashVirtualNotifyEvent().

I don't understand that. Is it possible that, with
"ArmPlatformPkg/Drivers/NorFlashDxe" too, the conversion happens
*twice*, but (at least) one of those mappings is "identity"?
Confirmed.

I had to write some elaborate debug patches for determining this,
because in ArmVirtQemu, I cannot produce DEBUG output from the
SetVirtualAddressMap() notification functions. So here's the approach I
took:

(1) Introduce a new GUID-ed HOB structure in MdeModulePkg. The structure
itself lives in reserved memory, but its address is exposed in a GUID-ed
HOB. The structure is named FVB_ADDRESS_LIST, and it has the following
fields:

- signature ("FVBADRLS" -- FVB Address List)
- 16 entries of:
- owner signature [what driver set this entry]
- address
- number of entries used (aka next entry to fill)

(2) In PlatformPei, allocate and initialize this structure (in reserved
memory), and expose its address via the GUID-ed HOB. Furthermore,
produce a log message with the allocation address.

(3) In NorFlashDxe, look up the structure via the GUID-ed HOB, in the
entry point function; remember the address in a global variable. In the
SetVirtualAddressMap() handler function, treat the conversion of the
"GetPhysicalAddress" FVB member function specially: via the global
variable pointer to FVB_ADDRESS_LIST in reserved memory, save both the
physical (original) and the virtual (converted) address of the
"GetPhysicalAddress" FVB member function, in new entries. As owner
signature in both entries, use "NORFLASH".

(4) In the runtime DXE variable driver, do the exact same thing, just
use a different "owner signature" -- "VARIABLE".

(5) Once the guest is up and running, run "efibootmgr --delete-timeout"
at a root prompt in the guest, deleting the existent "Timeout" UEFI
non-volatile variable, for verifying that the runtime variable (write)
service is functional.

(6) Using the log message from point (2):

PlatformPeim: FvbAddressList @ 13FEC9000
hexdump the guest memory containing the FVB_ADDRESS_LIST, as follows:

$ virsh qemu-monitor-command aavmf.rhel7.registered --hmp xp /268cb 0x13FEC9000
Ccomments to the right of the hexdump:

000000013fec9000: 'F' 'V' 'B' 'A' 'D' 'R' 'L' 'S' <- structure signature: FVBADRLS
000000013fec9008: 'N' 'O' 'R' 'F' 'L' 'A' 'S' 'H' <- entry[0], signature: NORFLASH
000000013fec9010: 'T' ' ' '\xc6' ';' '\x01' '\x00' '\x00' '\x00' <- entry[0], GetPhysicalAddress *physical*: 0x000000013bc62054
000000013fec9018: 'N' 'O' 'R' 'F' 'L' 'A' 'S' 'H' <- entry[1], signature: NORFLASH
000000013fec9020: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[1], GetPhysicalAddress *virtual*: 0x00000000244e2054
000000013fec9028: 'V' 'A' 'R' 'I' 'A' 'B' 'L' 'E' <- entry[2], signature: VARIABLE
000000013fec9030: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[2], GetPhysicalAddress *physical*: 0x00000000244e2054
000000013fec9038: 'V' 'A' 'R' 'I' 'A' 'B' 'L' 'E' <- entry[3], signature: VARIABLE
000000013fec9040: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[3], GetPhysicalAddress *virtual*: 0x00000000244e2054
000000013fec9048: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9050: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9058: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9060: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9068: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9070: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9078: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9080: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9088: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9090: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9098: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90a0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90a8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90b0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90b8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90c0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90c8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90d0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90d8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90e0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90e8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90f0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90f8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9100: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9108: '\x04' '\x00' '\x00' '\x00' <- number of entries used: 4
This shows the following:

- both NorFlashDxe and the runtime DXE variable driver converted the
FVB.GetPhysicalAddress member function,

- the NorFlashDxe driver acted first, the runtime DXE variable driver
acted second,

- when the runtime DXE variable driver "converted" the "physical"
address to virtual address, there was no change (and no crash!),
because the virtual address map passed in by the Linux kernel
apparently identity maps this area -- just as I guessed.

So we definitely have a bug (only Linux's page tables save us from the
crash); now the question is:

Which driver is wrong to even attempt the conversion of the FVB member
functions?

The answer must be documented somewhere highly visible.

Debug patches attached, for the record (based on commit edd46cd407ea).
Thanks for inviting me to this party!

So the tl;dr here is that some points get converted twice, which
usually is not a problem because the virtual address resulting from
the conversion is rarely mistaken for a physical address living in a
EFI_MEMORY_RUNTIME region.

So I agree with Laszlo's assertion that the consumer of a protocol has
no business updating its protocol pointers, so this should definitely
be fixed in the core VariableRuntime driver. However, given the
typical nature of the variable stack, i.e., a platform specfic NOR
flash driver combined with the generic FTW and variable drivers, doing
so would likely break many out of tree platforms where the NOR flash
driver does not bother to update its pointers at all.
Not ideal, but we could add a flag to Runtime Services and let the platform
specify if it is remapping the FVB. This would allow us to not break legacy
drivers, but still easily let properly designed platforms bypass this
behaviour. As time progressed this could be used to for a deprecation
warning, until it became the default handling of FVB pointer conversion.


[PATCH] [edk2-staging] BaseTools/Fmmt: Fix rebuild FFS will lost dependency section.

GregX Yeh
 

Dependency section data will lost when rebuild FFS.
Add pei dxe smm dependency section to FFS and Encap_INFO_DATA structure.
Restore dependency section when build FFS.

Cc: Bob Feng <bob.c.feng@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>

Signed-off-by: GregX Yeh <gregx.yeh@intel.com>
---
BaseTools/Source/C/FMMT/FirmwareModuleManagement.h | 28 +-
BaseTools/Source/C/FMMT/FmmtLib.c | 330 ++++++++++++++++-----
2 files changed, 271 insertions(+), 87 deletions(-)

diff --git a/BaseTools/Source/C/FMMT/FirmwareModuleManagement.h b/BaseTools/Source/C/FMMT/FirmwareModuleManagement.h
index 9d09c9160a..84ccfaed1d 100644
--- a/BaseTools/Source/C/FMMT/FirmwareModuleManagement.h
+++ b/BaseTools/Source/C/FMMT/FirmwareModuleManagement.h
@@ -2,7 +2,7 @@

Structures and functions declaration.

- Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -195,7 +195,7 @@ typedef struct {
// UI Name for this FFS file, if has.
//
CHAR16 UiName[_MAX_PATH];
- UINT32 UiNameSize;
+ UINT32 UiNameSize;
//
// Total section number in this FFS.
//
@@ -223,8 +223,12 @@ typedef struct {
UINT32 Offset;
UINT8 FvLevel;
EFI_GUID GuidName;
- UINT8 *Depex;
- UINT32 DepexLen;
+ UINT8 *PeiDepex;
+ UINT32 PeiDepexLen;
+ UINT8 *DxeDepex;
+ UINT32 DxeDepexLen;
+ UINT8 *SmmDepex;
+ UINT32 SmmDepexLen;
BOOLEAN IsHandle;
BOOLEAN IsFvStart;
BOOLEAN IsFvEnd;
@@ -259,8 +263,12 @@ typedef struct __ENCAP_INFO_DATA{

CHAR16 UiName[_MAX_PATH];
UINT32 UiNameSize;
- UINT8 *Depex;
- UINT32 DepexLen;
+ UINT8 *PeiDepex;
+ UINT32 PeiDepexLen;
+ UINT8 *DxeDepex;
+ UINT32 DxeDepexLen;
+ UINT8 *SmmDepex;
+ UINT32 SmmDepexLen;

//
// Next node.
@@ -281,8 +289,12 @@ typedef struct _FFS_INFOMATION{
BOOLEAN IsFFS;
CHAR16 UiName[_MAX_PATH];
UINT32 UiNameSize;
- UINT8 *Depex;
- UINT32 DepexLen;
+ UINT8 *PeiDepex;
+ UINT32 PeiDepexLen;
+ UINT8 *DxeDepex;
+ UINT32 DxeDepexLen;
+ UINT8 *SmmDepex;
+ UINT32 SmmDepexLen;
BOOLEAN FfsFoundFlag;
struct _FFS_INFOMATION *Next;
} FFS_INFORMATION;
diff --git a/BaseTools/Source/C/FMMT/FmmtLib.c b/BaseTools/Source/C/FMMT/FmmtLib.c
index b945e9b63d..23eafa3892 100644
--- a/BaseTools/Source/C/FMMT/FmmtLib.c
+++ b/BaseTools/Source/C/FMMT/FmmtLib.c
@@ -2,7 +2,7 @@

Library to parse and generate FV image.

- Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -164,8 +164,12 @@ LibInitializeFvStruct (
Fv->FfsAttuibutes[Index].IsLeaf = TRUE;
Fv->FfsAttuibutes[Index].Level = 0xFF;
Fv->FfsAttuibutes[Index].TotalSectionNum = 0;
- Fv->FfsAttuibutes[Index].Depex = NULL;
- Fv->FfsAttuibutes[Index].DepexLen = 0;
+ Fv->FfsAttuibutes[Index].PeiDepex = NULL;
+ Fv->FfsAttuibutes[Index].PeiDepexLen = 0;
+ Fv->FfsAttuibutes[Index].DxeDepex = NULL;
+ Fv->FfsAttuibutes[Index].DxeDepexLen = 0;
+ Fv->FfsAttuibutes[Index].SmmDepex = NULL;
+ Fv->FfsAttuibutes[Index].SmmDepexLen = 0;
Fv->FfsAttuibutes[Index].IsHandle = FALSE;
Fv->FfsAttuibutes[Index].IsFvStart = FALSE;
Fv->FfsAttuibutes[Index].IsFvEnd = FALSE;
@@ -944,9 +948,13 @@ LibParseSection (
LocalEncapData->Data = NULL;
LocalEncapData->FvExtHeader = NULL;
LocalEncapData->NextNode = NULL;
- LocalEncapData->RightNode = NULL;
- LocalEncapData->Depex = NULL;
- LocalEncapData->DepexLen = 0;
+ LocalEncapData->RightNode = NULL;
+ LocalEncapData->PeiDepex = NULL;
+ LocalEncapData->PeiDepexLen = 0;
+ LocalEncapData->DxeDepex = NULL;
+ LocalEncapData->DxeDepexLen = 0;
+ LocalEncapData->SmmDepex = NULL;
+ LocalEncapData->SmmDepexLen = 0;
LocalEncapData->UiNameSize = 0;
LocalEncapData->FvId = *FvCount;
}
@@ -971,13 +979,19 @@ LibParseSection (
if ((memcmp(&CurrentFv->FfsAttuibutes[*FfsCount - 1].GuidName, &(LocalEncapDataTemp->FvExtHeader->FvName), sizeof(EFI_GUID)) == 0)) {
memcpy(LocalEncapDataTemp->UiName, CurrentFv->FfsAttuibutes[*FfsCount - 1].UiName, _MAX_PATH);
LocalEncapDataTemp->UiNameSize = CurrentFv->FfsAttuibutes[*FfsCount - 1].UiNameSize;
- LocalEncapDataTemp->DepexLen = CurrentFv->FfsAttuibutes[*FfsCount - 1].DepexLen;
- LocalEncapDataTemp->Depex = malloc (LocalEncapDataTemp->DepexLen);
- if (LocalEncapDataTemp->Depex == NULL) {
+ LocalEncapDataTemp->PeiDepexLen = CurrentFv->FfsAttuibutes[*FfsCount - 1].PeiDepexLen;
+ LocalEncapDataTemp->PeiDepex = malloc (LocalEncapDataTemp->PeiDepexLen);
+ LocalEncapDataTemp->DxeDepexLen = CurrentFv->FfsAttuibutes[*FfsCount - 1].DxeDepexLen;
+ LocalEncapDataTemp->DxeDepex = malloc (LocalEncapDataTemp->DxeDepexLen);
+ LocalEncapDataTemp->SmmDepexLen = CurrentFv->FfsAttuibutes[*FfsCount - 1].SmmDepexLen;
+ LocalEncapDataTemp->SmmDepex = malloc (LocalEncapDataTemp->SmmDepexLen);
+ if ((LocalEncapDataTemp->SmmDepex == NULL) || (LocalEncapDataTemp->SmmDepex == NULL) || (LocalEncapDataTemp->SmmDepex == NULL)){
Error(NULL, 0, 4001, "Resource: Memory can't be allocated", NULL);
return EFI_ABORTED;
}
- memcpy(LocalEncapDataTemp->Depex, CurrentFv->FfsAttuibutes[*FfsCount - 1].Depex, LocalEncapDataTemp->DepexLen);
+ memcpy(LocalEncapDataTemp->PeiDepex, CurrentFv->FfsAttuibutes[*FfsCount - 1].PeiDepex, LocalEncapDataTemp->PeiDepexLen);
+ memcpy(LocalEncapDataTemp->DxeDepex, CurrentFv->FfsAttuibutes[*FfsCount - 1].DxeDepex, LocalEncapDataTemp->DxeDepexLen);
+ memcpy(LocalEncapDataTemp->SmmDepex, CurrentFv->FfsAttuibutes[*FfsCount - 1].SmmDepex, LocalEncapDataTemp->SmmDepexLen);
}
}
}
@@ -1245,8 +1259,12 @@ LibParseSection (

LocalEncapData->Level = Level;
LocalEncapData->Type = FMMT_ENCAP_TREE_GUIDED_SECTION;
- LocalEncapData->Depex = NULL;
- LocalEncapData->DepexLen = 0;
+ LocalEncapData->PeiDepex = NULL;
+ LocalEncapData->PeiDepexLen = 0;
+ LocalEncapData->DxeDepex = NULL;
+ LocalEncapData->DxeDepexLen = 0;
+ LocalEncapData->SmmDepex = NULL;
+ LocalEncapData->SmmDepexLen = 0;
LocalEncapData->UiNameSize = 0;
LocalEncapData->FvId = *FvCount;
//
@@ -1278,8 +1296,12 @@ LibParseSection (
LocalEncapData = LocalEncapData->RightNode;
LocalEncapData->Level = Level;
LocalEncapData->Type = FMMT_ENCAP_TREE_GUIDED_SECTION;
- LocalEncapData->Depex = NULL;
- LocalEncapData->DepexLen = 0;
+ LocalEncapData->PeiDepex = NULL;
+ LocalEncapData->PeiDepexLen = 0;
+ LocalEncapData->DxeDepex = NULL;
+ LocalEncapData->DxeDepexLen = 0;
+ LocalEncapData->SmmDepex = NULL;
+ LocalEncapData->SmmDepexLen = 0;
LocalEncapData->UiNameSize = 0;
LocalEncapData->FvId = *FvCount;
//
@@ -1594,25 +1616,25 @@ LibParseSection (
NumberOfSections ++;
CurrentFv->FfsAttuibutes[*FfsCount].Level = Level;
HasDepexSection = TRUE;
- CurrentFv->FfsAttuibutes[*FfsCount].Depex = malloc (SectionLength);
- memcpy(CurrentFv->FfsAttuibutes[*FfsCount].Depex, Ptr, SectionLength);
- CurrentFv->FfsAttuibutes[*FfsCount].DepexLen = SectionLength;
+ CurrentFv->FfsAttuibutes[*FfsCount].PeiDepex = malloc (SectionLength);
+ memcpy(CurrentFv->FfsAttuibutes[*FfsCount].PeiDepex, Ptr, SectionLength);
+ CurrentFv->FfsAttuibutes[*FfsCount].PeiDepexLen = SectionLength;
break;
case EFI_SECTION_DXE_DEPEX:
NumberOfSections ++;
CurrentFv->FfsAttuibutes[*FfsCount].Level = Level;
HasDepexSection = TRUE;
- CurrentFv->FfsAttuibutes[*FfsCount].Depex = malloc (SectionLength);
- memcpy(CurrentFv->FfsAttuibutes[*FfsCount].Depex, Ptr, SectionLength);
- CurrentFv->FfsAttuibutes[*FfsCount].DepexLen = SectionLength;
+ CurrentFv->FfsAttuibutes[*FfsCount].DxeDepex = malloc (SectionLength);
+ memcpy(CurrentFv->FfsAttuibutes[*FfsCount].DxeDepex, Ptr, SectionLength);
+ CurrentFv->FfsAttuibutes[*FfsCount].DxeDepexLen = SectionLength;
break;
case EFI_SECTION_SMM_DEPEX:
NumberOfSections ++;
CurrentFv->FfsAttuibutes[*FfsCount].Level = Level;
HasDepexSection = TRUE;
- CurrentFv->FfsAttuibutes[*FfsCount].Depex = malloc (SectionLength);
- memcpy(CurrentFv->FfsAttuibutes[*FfsCount].Depex, Ptr, SectionLength);
- CurrentFv->FfsAttuibutes[*FfsCount].DepexLen = SectionLength;
+ CurrentFv->FfsAttuibutes[*FfsCount].SmmDepex = malloc (SectionLength);
+ memcpy(CurrentFv->FfsAttuibutes[*FfsCount].SmmDepex, Ptr, SectionLength);
+ CurrentFv->FfsAttuibutes[*FfsCount].SmmDepexLen = SectionLength;
break;

case EFI_SECTION_USER_INTERFACE:
@@ -1969,8 +1991,12 @@ LibGetFileInfo (
LocalEncapData->Level = Level;
LocalEncapData->Type = FMMT_ENCAP_TREE_FFS;
LocalEncapData->FvExtHeader = NULL;
- LocalEncapData->Depex = NULL;
- LocalEncapData->DepexLen = 0;
+ LocalEncapData->PeiDepex = NULL;
+ LocalEncapData->PeiDepexLen = 0;
+ LocalEncapData->DxeDepex = NULL;
+ LocalEncapData->DxeDepexLen = 0;
+ LocalEncapData->SmmDepex = NULL;
+ LocalEncapData->SmmDepexLen = 0;
LocalEncapData->UiNameSize = 0;
LocalEncapData->FvId = *FvCount;
//
@@ -2016,9 +2042,13 @@ LibGetFileInfo (

LocalEncapData->Level = Level;
LocalEncapData->Type = FMMT_ENCAP_TREE_FFS;
- LocalEncapData->FvExtHeader = NULL;
- LocalEncapData->Depex = NULL;
- LocalEncapData->DepexLen = 0;
+ LocalEncapData->FvExtHeader = NULL;
+ LocalEncapData->PeiDepex = NULL;
+ LocalEncapData->PeiDepexLen = 0;
+ LocalEncapData->DxeDepex = NULL;
+ LocalEncapData->DxeDepexLen = 0;
+ LocalEncapData->SmmDepex = NULL;
+ LocalEncapData->SmmDepexLen = 0;
LocalEncapData->UiNameSize = 0;
LocalEncapData->FvId = *FvCount;
//
@@ -2220,8 +2250,12 @@ LibGetFvInfo (
}

CurrentFv->EncapData->FvExtHeader = NULL;
- CurrentFv->EncapData->Depex = NULL;
- CurrentFv->EncapData->DepexLen = 0;
+ CurrentFv->EncapData->PeiDepex = NULL;
+ CurrentFv->EncapData->PeiDepexLen = 0;
+ CurrentFv->EncapData->DxeDepex = NULL;
+ CurrentFv->EncapData->DxeDepexLen = 0;
+ CurrentFv->EncapData->SmmDepex = NULL;
+ CurrentFv->EncapData->SmmDepexLen = 0;
CurrentFv->EncapData->UiNameSize = 0;
CurrentFv->EncapData->Level = Level;
CurrentFv->EncapData->Type = FMMT_ENCAP_TREE_FV;
@@ -2277,8 +2311,12 @@ LibGetFvInfo (
LocalEncapData->Type = FMMT_ENCAP_TREE_FV;
LocalEncapData->Data = (EFI_FIRMWARE_VOLUME_HEADER *) malloc (sizeof (EFI_FIRMWARE_VOLUME_HEADER));
LocalEncapData->FvExtHeader = NULL;
- LocalEncapData->Depex = NULL;
- LocalEncapData->DepexLen = 0;
+ LocalEncapData->PeiDepex = NULL;
+ LocalEncapData->PeiDepexLen = 0;
+ LocalEncapData->DxeDepex = NULL;
+ LocalEncapData->DxeDepexLen = 0;
+ LocalEncapData->SmmDepex = NULL;
+ LocalEncapData->SmmDepexLen = 0;
LocalEncapData->UiNameSize = 0;
LocalEncapData->FvId = *FvCount;
if (LocalEncapData->Data == NULL) {
@@ -4237,8 +4275,12 @@ LibEncapNewFvFile(
OutputFileNameList->ParentLevel = 0;
OutputFileNameList->Next = NULL;
OutputFileNameList->UiNameSize = 0;
- OutputFileNameList->Depex = NULL;
- OutputFileNameList->DepexLen = 0;
+ OutputFileNameList->PeiDepex = NULL;
+ OutputFileNameList->PeiDepexLen = 0;
+ OutputFileNameList->DxeDepex = NULL;
+ OutputFileNameList->DxeDepexLen = 0;
+ OutputFileNameList->SmmDepex = NULL;
+ OutputFileNameList->SmmDepexLen = 0;
OutputFileNameList->FfsFoundFlag = FALSE;

ChildFileNameList = (FFS_INFORMATION *)malloc(sizeof(FFS_INFORMATION));
@@ -4252,8 +4294,12 @@ LibEncapNewFvFile(
ChildFileNameList->Next = NULL;
ChildFileNameList->IsFFS = FALSE;
ChildFileNameList->UiNameSize = 0;
- ChildFileNameList->Depex = NULL;
- ChildFileNameList->DepexLen = 0;
+ ChildFileNameList->PeiDepex = NULL;
+ ChildFileNameList->PeiDepexLen = 0;
+ ChildFileNameList->DxeDepex = NULL;
+ ChildFileNameList->DxeDepexLen = 0;
+ ChildFileNameList->SmmDepex = NULL;
+ ChildFileNameList->SmmDepexLen = 0;
ChildFileNameList->FfsFoundFlag = FALSE;
//
// Encapsulate from the lowest FFS file level.
@@ -4642,8 +4688,12 @@ LibEncapNewFvFile(
if (EncapFvIndex > 0) {
memcpy(OutputFileNameList->UiName,FvInFd->FfsAttuibutes[EncapFvIndex - 1].UiName, FvInFd->FfsAttuibutes[EncapFvIndex - 1].UiNameSize);
OutputFileNameList->UiNameSize = FvInFd->FfsAttuibutes[EncapFvIndex - 1].UiNameSize;
- OutputFileNameList->Depex = FvInFd->FfsAttuibutes[EncapFvIndex - 1].Depex;
- OutputFileNameList->DepexLen = FvInFd->FfsAttuibutes[EncapFvIndex - 1].DepexLen;
+ OutputFileNameList->PeiDepex = FvInFd->FfsAttuibutes[EncapFvIndex - 1].PeiDepex;
+ OutputFileNameList->PeiDepexLen = FvInFd->FfsAttuibutes[EncapFvIndex - 1].PeiDepexLen;
+ OutputFileNameList->DxeDepex = FvInFd->FfsAttuibutes[EncapFvIndex - 1].DxeDepex;
+ OutputFileNameList->DxeDepexLen = FvInFd->FfsAttuibutes[EncapFvIndex - 1].DxeDepexLen;
+ OutputFileNameList->SmmDepex = FvInFd->FfsAttuibutes[EncapFvIndex - 1].SmmDepex;
+ OutputFileNameList->SmmDepexLen = FvInFd->FfsAttuibutes[EncapFvIndex - 1].SmmDepexLen;
OutputFileNameList->FfsFoundFlag = FfsFoundFlag;
OutputFileNameList->FvId = FvInFd->FfsAttuibutes[EncapFvIndex - 1].FvId;
OutputFileNameList->ParentLevel = ParentLevel - 1;
@@ -4680,6 +4730,28 @@ LibEncapNewFvFile(
return EFI_ABORTED;
}

+ for (Id = 0; Id <= FvInFd->FfsNumbers; Id++) {
+ if ((memcmp(&FvInFd->FfsAttuibutes[Id].GuidName, &(LocalEncapData->FvExtHeader->FvName), sizeof(EFI_GUID)) == 0)){
+ printf("Found FFS file\n");
+ if (&FvInFd->FfsAttuibutes[Id].UiNameSize > 0){
+ OutputFileNameList->UiNameSize = FvInFd->FfsAttuibutes[Id].UiNameSize;
+ memcpy(OutputFileNameList->UiName, FvInFd->FfsAttuibutes[Id].UiName, FvInFd->FfsAttuibutes[Id].UiNameSize);
+ }
+ if (&FvInFd->FfsAttuibutes[Id].PeiDepexLen > 0){
+ OutputFileNameList->PeiDepexLen = FvInFd->FfsAttuibutes[Id].PeiDepexLen;
+ OutputFileNameList->PeiDepex = FvInFd->FfsAttuibutes[Id].PeiDepex;
+ }
+ if (&FvInFd->FfsAttuibutes[Id].DxeDepexLen > 0){
+ OutputFileNameList->DxeDepexLen = FvInFd->FfsAttuibutes[Id].DxeDepexLen;
+ OutputFileNameList->DxeDepex = FvInFd->FfsAttuibutes[Id].DxeDepex;
+ }
+ if (&FvInFd->FfsAttuibutes[Id].SmmDepexLen > 0){
+ OutputFileNameList->SmmDepexLen = FvInFd->FfsAttuibutes[Id].SmmDepexLen;
+ OutputFileNameList->SmmDepex = FvInFd->FfsAttuibutes[Id].SmmDepex;
+ }
+ }
+ }
+
if (OutputFileNameList->UiNameSize > 0) {
TmpFileName = LibFilenameStrExtended(strrchr(GenTempFile (), OS_SEP), TemDir, "tmp");
TmpFile = fopen(TmpFileName, "wb+");
@@ -4727,53 +4799,149 @@ LibEncapNewFvFile(
fclose(InputFile);
InputFileName = TmpFileName;
}
- if (OutputFileNameList->DepexLen > 0) {
- TmpFileName = LibFilenameStrExtended(strrchr(GenTempFile (), OS_SEP), TemDir, "tmp");
- TmpFile = fopen(TmpFileName, "wb+");
- if (TmpFile == NULL) {
- Error("FMMT", 0, 0004, "Could not open tmp file %s to store Depex section information! \n", "");
- free (OutputFileNameList);
- free (ChildFileNameList);
- return EFI_ABORTED;
+ if (OutputFileNameList->DxeDepexLen > 0) {
+ TmpFileName = LibFilenameStrExtended(strrchr(GenTempFile (), OS_SEP), TemDir, "tmp");
+ TmpFile = fopen(TmpFileName, "wb+");
+ if (TmpFile == NULL) {
+ Error("FMMT", 0, 0004, "Could not open tmp file %s to store Depex section information! \n", "");
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ InputFile = fopen(InputFileName, "rb+");
+ if (InputFile == NULL) {
+ Error("FMMT", 0, 0004, "Could not open input file %s! \n", "");
+ fclose(TmpFile);
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ fseek(InputFile, 0, SEEK_SET);
+ fseek(InputFile, 0, SEEK_END);
+ InputFileSize = ftell(InputFile);
+ fseek(InputFile, 0, SEEK_SET);
+ //
+ // make sure the section is 4 byte align
+ //
+ if (OutputFileNameList->DxeDepexLen % 4 != 0) {
+ AlignN = 4 - OutputFileNameList->DxeDepexLen % 4;
+ }
+ Buffer = malloc(InputFileSize + OutputFileNameList->DxeDepexLen + AlignN);
+ memcpy(Buffer, OutputFileNameList->DxeDepex, OutputFileNameList->DxeDepexLen);
+ if (AlignN != 0) {
+ for (Index = 0; Index < AlignN; Index ++) {
+ memcpy(Buffer + OutputFileNameList->DxeDepexLen + Index, AlignV, 1);
}
- InputFile = fopen(InputFileName, "rb+");
- if (InputFile == NULL) {
- Error("FMMT", 0, 0004, "Could not open input file %s! \n", "");
- fclose(TmpFile);
+ }
+ if (fread(Buffer + OutputFileNameList->DxeDepexLen + AlignN, 1, InputFileSize, InputFile) != InputFileSize) {
+ Error("FMMT", 0, 0004, "Could not open sec file %s to add Depex section information! \n", "");
+ fclose(TmpFile);
+ fclose(InputFile);
+ free(Buffer);
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ fwrite(Buffer, 1, InputFileSize + OutputFileNameList->DxeDepexLen + AlignN, TmpFile);
+ free(Buffer);
+ fclose(TmpFile);
+ fclose(InputFile);
+ InputFileName = TmpFileName;
+ }
+ if (OutputFileNameList->PeiDepexLen > 0) {
+ TmpFileName = LibFilenameStrExtended(strrchr(GenTempFile (), OS_SEP), TemDir, "tmp");
+ TmpFile = fopen(TmpFileName, "wb+");
+ if (TmpFile == NULL) {
+ Error("FMMT", 0, 0004, "Could not open tmp file %s to store Depex section information! \n", "");
free (OutputFileNameList);
free (ChildFileNameList);
return EFI_ABORTED;
+ }
+ InputFile = fopen(InputFileName, "rb+");
+ if (InputFile == NULL) {
+ Error("FMMT", 0, 0004, "Could not open input file %s! \n", "");
+ fclose(TmpFile);
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ fseek(InputFile, 0, SEEK_SET);
+ fseek(InputFile, 0, SEEK_END);
+ InputFileSize = ftell(InputFile);
+ fseek(InputFile, 0, SEEK_SET);
+ // make sure the section is 4 byte align
+ if (OutputFileNameList->PeiDepexLen % 4 != 0) {
+ AlignN = 4 - OutputFileNameList->PeiDepexLen % 4;
+ }
+ Buffer = malloc(InputFileSize + OutputFileNameList->PeiDepexLen + AlignN);
+ memcpy(Buffer, OutputFileNameList->PeiDepex, OutputFileNameList->PeiDepexLen);
+ if (AlignN != 0) {
+ for (Index = 0; Index < AlignN; Index ++) {
+ memcpy(Buffer + OutputFileNameList->PeiDepexLen + Index, AlignV, 1);
}
- fseek(InputFile, 0, SEEK_SET);
- fseek(InputFile, 0, SEEK_END);
- InputFileSize = ftell(InputFile);
- fseek(InputFile, 0, SEEK_SET);
- // make sure the section is 4 byte align
- if (OutputFileNameList->DepexLen % 4 != 0) {
- AlignN = 4 - OutputFileNameList->DepexLen % 4;
- }
- Buffer = malloc(InputFileSize + OutputFileNameList->DepexLen + AlignN);
- memcpy(Buffer, OutputFileNameList->Depex, OutputFileNameList->DepexLen);
- if (AlignN != 0) {
- for (Index = 0; Index < AlignN; Index ++) {
- memcpy(Buffer + OutputFileNameList->DepexLen + Index, AlignV, 1);
- }
- }
- if (fread(Buffer + OutputFileNameList->DepexLen + AlignN, 1, InputFileSize, InputFile) != InputFileSize) {
- Error("FMMT", 0, 0004, "Could not open sec file %s to add Depex section information! \n", "");
- fclose(TmpFile);
- fclose(InputFile);
- free(Buffer);
- free (OutputFileNameList);
- free (ChildFileNameList);
- return EFI_ABORTED;
- }
- fwrite(Buffer, 1, InputFileSize + OutputFileNameList->DepexLen + AlignN, TmpFile);
+ }
+ if (fread(Buffer + OutputFileNameList->PeiDepexLen + AlignN, 1, InputFileSize, InputFile) != InputFileSize) {
+ Error("FMMT", 0, 0004, "Could not open sec file %s to add Depex section information! \n", "");
+ fclose(TmpFile);
+ fclose(InputFile);
free(Buffer);
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ fwrite(Buffer, 1, InputFileSize + OutputFileNameList->PeiDepexLen + AlignN, TmpFile);
+ free(Buffer);
+ fclose(TmpFile);
+ fclose(InputFile);
+ InputFileName = TmpFileName;
+ }
+ if (OutputFileNameList->SmmDepexLen > 0) {
+ TmpFileName = LibFilenameStrExtended(strrchr(GenTempFile (), OS_SEP), TemDir, "tmp");
+ TmpFile = fopen(TmpFileName, "wb+");
+ if (TmpFile == NULL) {
+ Error("FMMT", 0, 0004, "Could not open tmp file %s to store Depex section information! \n", "");
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ InputFile = fopen(InputFileName, "rb+");
+ if (InputFile == NULL) {
+ Error("FMMT", 0, 0004, "Could not open input file %s! \n", "");
+ fclose(TmpFile);
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ fseek(InputFile, 0, SEEK_SET);
+ fseek(InputFile, 0, SEEK_END);
+ InputFileSize = ftell(InputFile);
+ fseek(InputFile, 0, SEEK_SET);
+ // make sure the section is 4 byte align
+ if (OutputFileNameList->SmmDepexLen % 4 != 0) {
+ AlignN = 4 - OutputFileNameList->SmmDepexLen % 4;
+ }
+ Buffer = malloc(InputFileSize + OutputFileNameList->SmmDepexLen + AlignN);
+ memcpy(Buffer, OutputFileNameList->SmmDepex, OutputFileNameList->SmmDepexLen);
+ if (AlignN != 0) {
+ for (Index = 0; Index < AlignN; Index ++) {
+ memcpy(Buffer + OutputFileNameList->SmmDepexLen + Index, AlignV, 1);
+ }
+ }
+ if (fread(Buffer + OutputFileNameList->SmmDepexLen + AlignN, 1, InputFileSize, InputFile) != InputFileSize) {
+ Error("FMMT", 0, 0004, "Could not open sec file %s to add Depex section information! \n", "");
fclose(TmpFile);
fclose(InputFile);
- InputFileName = TmpFileName;
- }
+ free(Buffer);
+ free (OutputFileNameList);
+ free (ChildFileNameList);
+ return EFI_ABORTED;
+ }
+ fwrite(Buffer, 1, InputFileSize + OutputFileNameList->SmmDepexLen + AlignN, TmpFile);
+ free(Buffer);
+ fclose(TmpFile);
+ fclose(InputFile);
+ InputFileName = TmpFileName;
+ }
for (Id = FvInFd->FfsNumbers; Id <= FvInFd->FfsNumbers; Id--) {
if ((memcmp(&FvInFd->FfsAttuibutes[Id].GuidName, &(LocalEncapData->FvExtHeader->FvName), sizeof(EFI_GUID)) == 0)){
if (access(FvInFd->FfsAttuibutes[Id].FfsName, 0) != -1) {
@@ -5061,8 +5229,12 @@ LibEncapNewFvFile(
memcpy(OutputFileNameList->UiName, FvInFd->FfsAttuibutes[Id].UiName, FvInFd->FfsAttuibutes[Id].UiNameSize);
OutputFileNameList->UiNameSize = FvInFd->FfsAttuibutes[Id].UiNameSize;
OutputFileNameList->FFSName = FvInFd->FfsAttuibutes[Id].FfsName;
- OutputFileNameList->Depex = FvInFd->FfsAttuibutes[Id].Depex;
- OutputFileNameList->DepexLen = FvInFd->FfsAttuibutes[Id].DepexLen;
+ OutputFileNameList->PeiDepex = FvInFd->FfsAttuibutes[Id].PeiDepex;
+ OutputFileNameList->PeiDepexLen = FvInFd->FfsAttuibutes[Id].PeiDepexLen;
+ OutputFileNameList->DxeDepex = FvInFd->FfsAttuibutes[Id].DxeDepex;
+ OutputFileNameList->DxeDepexLen = FvInFd->FfsAttuibutes[Id].DxeDepexLen;
+ OutputFileNameList->SmmDepex = FvInFd->FfsAttuibutes[Id].SmmDepex;
+ OutputFileNameList->SmmDepexLen = FvInFd->FfsAttuibutes[Id].SmmDepexLen;
OutputFileNameList->FfsFoundFlag = TRUE;
OutputFileNameList->IsFFS = TRUE;
OutputFileNameList->InFvId = Id;
--
2.16.2.windows.1


Re: [PATCH v1] ArmPkg/ArmPkg.dec: New pcd defined for GICv3 ITS

Shashi Mallela
 

Hi Ard,

Thanks for your comments.
Please ignore this edk2 patch as i have now localised the new pcd
creation and reference within SbsaQemu of edk2-platform.
The edk2-platform patchset has been updated accordingly.

Shashi

On Thu, 2021-03-11 at 22:12 +0100, Ard Biesheuvel wrote:
Hello Shashi,

On Thu, 11 Mar 2021 at 21:20, Shashi Mallela <
shashi.mallela@linaro.org> wrote:
To enable detection of GICv3 Interrupt Translation Service
capability
in the ACPI MADT,a new pcd setting has been created in edk2.This
pcd
setting would be referenced by edk2-platform code to advertise the
ITS
physical base address within GIC ITS structure of MADT.
This does not explain why the PCD in question should be defined in
ArmPkg. UEFI itself does not use interrupts other than the timer one
in the first place, so ITS, LPI, MSI etc are also irrelevant to it.

I think it would be better to find a home for this PCD in edk2-
platforms itself.


Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org>
---
ArmPkg/ArmPkg.dec | 1 +
1 file changed, 1 insertion(+)

diff --git a/ArmPkg/ArmPkg.dec b/ArmPkg/ArmPkg.dec
index a8a22c649f..c22b7d0c42 100644
--- a/ArmPkg/ArmPkg.dec
+++ b/ArmPkg/ArmPkg.dec
@@ -266,6 +266,7 @@
# Base address for the GIC Redistributor region that contains
the boot CPU
gArmTokenSpaceGuid.PcdGicRedistributorsBase|0|UINT64|0x0000000E
gArmTokenSpaceGuid.PcdGicInterruptInterfaceBase|0|UINT64|0x00000
00D
+ gArmTokenSpaceGuid.PcdGicItsBase|0|UINT64|0x0000000F
gArmTokenSpaceGuid.PcdGicSgiIntId|0|UINT32|0x00000025

#
--
2.27.0


[PATCH v1 2/2] Silicon/Qemu: Update MADT with GICv3 ITS info

Shashi Mallela
 

For Qemu sbsa-ref platforms,to enable detection of GICv3 Interrupt
Translation Service capability in the ACPI MADT,the GIC ITS structure
is created with the relevant values for each of its fields.The
existing MADT functionality is extended to include GIC ITS structure
presence as well.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Graeme Gregory <graeme@nuviainc.com>
Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org>
---
Silicon/Qemu/SbsaQemu/SbsaQemu.dec | 3 +++
Silicon/Qemu/SbsaQemu/AcpiTables/AcpiTables.inf | 2 ++
Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.inf | 2 ++
Silicon/Qemu/SbsaQemu/Include/IndustryStandard/SbsaQemuAcpi.h | 10 ++++++++++
Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.c | 10 +++++++++-
5 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/Silicon/Qemu/SbsaQemu/SbsaQemu.dec b/Silicon/Qemu/SbsaQemu/SbsaQemu.dec
index 9448852967b6..8654cc7c858c 100644
--- a/Silicon/Qemu/SbsaQemu/SbsaQemu.dec
+++ b/Silicon/Qemu/SbsaQemu/SbsaQemu.dec
@@ -36,6 +36,9 @@ [PcdsFixedAtBuild.common]
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPlatformEhciSize|0x10000|UINT32|0x00000004
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdDeviceTreeBaseAddress|0x10000000000|UINT64|0x00000005

+ # ARM Generic Interrupt Controller ITS
+ gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdGicItsBase|0|UINT64|0x0000000F
+
# PCDs complementing PCIe layout pulled into ACPI tables
# Limit = Base + Size - 1
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPciIoLimit|0x0000ffff|UINT32|0x00000006
diff --git a/Silicon/Qemu/SbsaQemu/AcpiTables/AcpiTables.inf b/Silicon/Qemu/SbsaQemu/AcpiTables/AcpiTables.inf
index 9be34488eb7a..5616b73178ff 100644
--- a/Silicon/Qemu/SbsaQemu/AcpiTables/AcpiTables.inf
+++ b/Silicon/Qemu/SbsaQemu/AcpiTables/AcpiTables.inf
@@ -74,3 +74,5 @@ [FixedPcd]
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPlatformAhciSize
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPlatformEhciBase
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPlatformEhciSize
+
+ gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdGicItsBase
diff --git a/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.inf b/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.inf
index c6de685bd2c4..2eb6577fd077 100644
--- a/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.inf
+++ b/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.inf
@@ -65,3 +65,5 @@ [FixedPcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision
+
+ gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdGicItsBase
diff --git a/Silicon/Qemu/SbsaQemu/Include/IndustryStandard/SbsaQemuAcpi.h b/Silicon/Qemu/SbsaQemu/Include/IndustryStandard/SbsaQemuAcpi.h
index 4d5b05ba17c6..5f9e9477bf6a 100644
--- a/Silicon/Qemu/SbsaQemu/Include/IndustryStandard/SbsaQemuAcpi.h
+++ b/Silicon/Qemu/SbsaQemu/Include/IndustryStandard/SbsaQemuAcpi.h
@@ -37,6 +37,16 @@
SBSAQEMU_MADT_GICR_SIZE /* DiscoveryRangeLength */ \
}

+// Macro for MADT GIC ITS Structure
+#define SBSAQEMU_MADT_GIC_ITS_INIT() { \
+ EFI_ACPI_6_0_GIC_ITS, /* Type */ \
+ sizeof (EFI_ACPI_6_0_GIC_ITS_STRUCTURE), /* Length */ \
+ EFI_ACPI_RESERVED_WORD, /* Reserved */ \
+ 0, /* GicItsId */ \
+ FixedPcdGet64 (PcdGicItsBase), /* PhysicalBaseAddress */ \
+ EFI_ACPI_RESERVED_DWORD /* Reserved */ \
+ }
+
#define SBSAQEMU_ACPI_SCOPE_OP_MAX_LENGTH 5

#define SBSAQEMU_ACPI_SCOPE_NAME { '_', 'S', 'B', '_' }
diff --git a/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.c b/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.c
index b8901030ecd0..4e0d24ed6608 100644
--- a/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.c
+++ b/Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.c
@@ -91,6 +91,9 @@ AddMadtTable (
// Initialize GIC Redistributor Structure
EFI_ACPI_6_0_GICR_STRUCTURE Gicr = SBSAQEMU_MADT_GICR_INIT();

+ // Initialize GIC ITS Structure
+ EFI_ACPI_6_0_GIC_ITS_STRUCTURE Gic_Its = SBSAQEMU_MADT_GIC_ITS_INIT();
+
// Get CoreCount which was determined eariler after parsing device tree
NumCores = PcdGet32 (PcdCoreCount);

@@ -98,7 +101,8 @@ AddMadtTable (
TableSize = sizeof (EFI_ACPI_6_0_MULTIPLE_APIC_DESCRIPTION_TABLE_HEADER) +
(sizeof (EFI_ACPI_6_0_GIC_STRUCTURE) * NumCores) +
sizeof (EFI_ACPI_6_0_GIC_DISTRIBUTOR_STRUCTURE) +
- sizeof (EFI_ACPI_6_0_GICR_STRUCTURE);
+ sizeof (EFI_ACPI_6_0_GICR_STRUCTURE) +
+ sizeof (EFI_ACPI_6_0_GIC_ITS_STRUCTURE);

Status = gBS->AllocatePages (
AllocateAnyPages,
@@ -138,6 +142,10 @@ AddMadtTable (
CopyMem (New, &Gicr, sizeof (EFI_ACPI_6_0_GICR_STRUCTURE));
New += sizeof (EFI_ACPI_6_0_GICR_STRUCTURE);

+ // GIC ITS Structure
+ CopyMem (New, &Gic_Its, sizeof (EFI_ACPI_6_0_GIC_ITS_STRUCTURE));
+ New += sizeof (EFI_ACPI_6_0_GIC_ITS_STRUCTURE);
+
AcpiPlatformChecksum ((UINT8*) PageAddress, TableSize);

Status = AcpiTable->InstallAcpiTable (
--
2.27.0


[PATCH v1 1/2] Platform/Qemu/SbsaQemu/SbsaQemu.dsc: define GICv3 ITS base address

Shashi Mallela
 

Define new pcd setting for specifying the base address of GICv3
Interrupt Translation Service.For Qemu sbsa-ref platforms,this
enables the detection of GIC ITS capability within the GIC ITS
structure of ACPI MADT.

Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Graeme Gregory <graeme@nuviainc.com>
Signed-off-by: Shashi Mallela <shashi.mallela@linaro.org>
---
Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 3 +++
1 file changed, 3 insertions(+)

diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
index c1f8a4696560..92e5c4a2916c 100644
--- a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
+++ b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
@@ -434,6 +434,9 @@ [PcdsFixedAtBuild.common]
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPlatformEhciBase|0x60110000
gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdPlatformEhciSize|0x00010000

+ # GIC ITS
+ gArmVirtSbsaQemuPlatformTokenSpaceGuid.PcdGicItsBase|0x44090000
+
# PL011 - Serial Terminal
gEfiMdeModulePkgTokenSpaceGuid.PcdSerialRegisterBase|0x60000000

--
2.27.0


[PATCH v1 0/2] Add GIC ITS entry to MADT

Shashi Mallela
 

This patchset implements ACPI MADT functionality extension to include
the GICv3 ITS functionality. This enables devices to use message
signalled LPI interrupts in addition to SPIs,PPIs supported on ARM
SBSA reference qemu platforms.

Shashi Mallela (2):
Platform/Qemu/SbsaQemu/SbsaQemu.dsc: define GICv3 ITS base address
Silicon/Qemu: Update MADT with GICv3 ITS info

Silicon/Qemu/SbsaQemu/SbsaQemu.dec | 3 +++
Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 3 +++
Silicon/Qemu/SbsaQemu/AcpiTables/AcpiTables.inf | 2 ++
Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.inf | 2 ++
Silicon/Qemu/SbsaQemu/Include/IndustryStandard/SbsaQemuAcpi.h | 10 ++++++++++
Silicon/Qemu/SbsaQemu/Drivers/SbsaQemuAcpiDxe/SbsaQemuAcpiDxe.c | 10 +++++++++-
6 files changed, 29 insertions(+), 1 deletion(-)

--
2.27.0


[edk2-platforms][PATCH 1/1] Silicon/Broadcom/Bcm27xx: Allow more than one device on pcie busses >1

RenΓ© Treffer <treffer+groups.io@...>
 

There is only a single pcie port on the bcm2711 so limiting the number of
devices to 1 worked as long as there is no way to add a pcie switch.

On the compute module 4 it is possible to add a pcie switch (tested with
asm1184e) which adds 5 new pcie busses.

In the current state the pci enumeration fails for the pcie switch
internal bus (usually bus 2, device 1,3,5,7). The root port gets
configured with
subordniate=0x2 after enumeration. That blocks e.g. linux from discovering
devices behind the switch.

Devices behind the switch work after lifting the device limit on busses
other than 0 and 1.
---
Β .../Library/Bcm2711PciSegmentLib/PciSegmentLib.cΒ Β  | 14 +++++++-------
Β 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git
a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
index 44ce3b4b99..4af9374d23 100644
--- a/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
+++ b/Silicon/Broadcom/Bcm27xx/Library/Bcm2711PciSegmentLib/PciSegmentLib.c
@@ -78,6 +78,7 @@ PciSegmentLibGetConfigBase (
Β Β  UINT64Β Β Β Β Β Β Β  Base;
Β Β  UINT64Β Β Β Β Β Β Β  Offset;
Β Β  UINT32Β Β Β Β Β Β Β  Dev;
+Β  UINT32Β Β Β Β Β Β Β  Bus;
Β 
Β Β  Base = PCIE_REG_BASE;
Β Β  Offset = Address & 0xFFF;Β Β Β Β Β Β Β Β  /* Pick off the 4k register offset */
@@ -89,17 +90,16 @@ PciSegmentLibGetConfigBase (
Β Β Β Β  Base += PCIE_EXT_CFG_DATA;
Β Β Β Β  if (mPciSegmentLastAccess != Address) {
Β Β Β Β Β Β  Dev = EFI_PCI_ADDR_DEV (Address);
+Β Β Β Β Β  Bus = EFI_PCI_ADDR_BUS (Address);
Β Β Β Β Β Β  /*
-Β Β Β Β Β Β  * Scan things out directly rather than translating the "bus" to
a device, etc..
-Β Β Β Β Β Β  * only we need to limit each bus to a single device.
+Β Β Β Β Β Β  * There can only be a single device on bus 1 (downstream of root).
+Β Β Β Β Β Β  * Subsequent busses (behind a PCIe switch) could have more.
Β Β Β Β Β Β Β  */
-Β Β Β Β Β  if (Dev < 1) {
-Β Β Β Β Β Β Β Β Β  MmioWrite32 (PCIE_REG_BASE + PCIE_EXT_CFG_INDEX, Address);
-Β Β Β Β Β Β Β Β Β  mPciSegmentLastAccess = Address;
-Β Β Β Β Β  } else {
-Β Β Β Β Β Β Β Β Β  mPciSegmentLastAccess = 0;
+Β Β Β Β Β  if (Dev > 0 && (Bus == 1 || Bus == 0)) {
Β Β Β Β Β Β Β Β Β Β  return 0xFFFFFFFF;
Β Β Β Β Β Β  }
+Β Β Β Β Β  MmioWrite32 (PCIE_REG_BASE + PCIE_EXT_CFG_INDEX, Address);
+Β Β Β Β Β  mPciSegmentLastAccess = Address;
Β Β Β Β  }
Β Β  }
Β Β  return Base + Offset;
--
2.27.0


Re: Conflicting virtual addresses causing Runtime Services issues

Ard Biesheuvel
 

On Thu, 11 Mar 2021 at 23:25, Laszlo Ersek <lersek@redhat.com> wrote:

Adding Ard and Leif, comments below:

On 03/11/21 15:50, Laszlo Ersek wrote:
On 03/11/21 10:48, Jon Nettleton wrote:
[...]

And this is where the pointer gets remapped again and into the MMIO
space of the nor flash. If I remove the calls to ConvertPointer for
the FvbProtocol I am still seeing those addresses getting remapped
but only once and runtime works as expected.

I am seeing that in
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
&mVariableModuleGlobal->FvbInstance->* are all being converted. It
is possible this is a long standing bug and it just so happens that
our configuration has caused a conflict and exposed it.
Yes, this is curious, I noticed it too yesterday, trying to see where
the FVB protocol member function pointers were converted. I found that
OVMF's flash driver (OvmfPkg/QemuFlashFvbServicesRuntimeDxe) didn't do
it, but MdeModulePkg/Universal/Variable/RuntimeDxe did. That was
certainly strange, as the variable driver is a consumer of the
protocol (not the producer thereof), so I'd say it has no business
poking new values into the protocol interface structure.
[...]

... Strangely, the other flash (FVB) driver in edk2,
ArmPlatformPkg/Drivers/NorFlashDxe, *does* perform the conversion
itself! See NorFlashVirtualNotifyEvent().

I don't understand that. Is it possible that, with
"ArmPlatformPkg/Drivers/NorFlashDxe" too, the conversion happens
*twice*, but (at least) one of those mappings is "identity"?
Confirmed.

I had to write some elaborate debug patches for determining this,
because in ArmVirtQemu, I cannot produce DEBUG output from the
SetVirtualAddressMap() notification functions. So here's the approach I
took:

(1) Introduce a new GUID-ed HOB structure in MdeModulePkg. The structure
itself lives in reserved memory, but its address is exposed in a GUID-ed
HOB. The structure is named FVB_ADDRESS_LIST, and it has the following
fields:

- signature ("FVBADRLS" -- FVB Address List)
- 16 entries of:
- owner signature [what driver set this entry]
- address
- number of entries used (aka next entry to fill)

(2) In PlatformPei, allocate and initialize this structure (in reserved
memory), and expose its address via the GUID-ed HOB. Furthermore,
produce a log message with the allocation address.

(3) In NorFlashDxe, look up the structure via the GUID-ed HOB, in the
entry point function; remember the address in a global variable. In the
SetVirtualAddressMap() handler function, treat the conversion of the
"GetPhysicalAddress" FVB member function specially: via the global
variable pointer to FVB_ADDRESS_LIST in reserved memory, save both the
physical (original) and the virtual (converted) address of the
"GetPhysicalAddress" FVB member function, in new entries. As owner
signature in both entries, use "NORFLASH".

(4) In the runtime DXE variable driver, do the exact same thing, just
use a different "owner signature" -- "VARIABLE".

(5) Once the guest is up and running, run "efibootmgr --delete-timeout"
at a root prompt in the guest, deleting the existent "Timeout" UEFI
non-volatile variable, for verifying that the runtime variable (write)
service is functional.

(6) Using the log message from point (2):

PlatformPeim: FvbAddressList @ 13FEC9000
hexdump the guest memory containing the FVB_ADDRESS_LIST, as follows:

$ virsh qemu-monitor-command aavmf.rhel7.registered --hmp xp /268cb 0x13FEC9000
Ccomments to the right of the hexdump:

000000013fec9000: 'F' 'V' 'B' 'A' 'D' 'R' 'L' 'S' <- structure signature: FVBADRLS
000000013fec9008: 'N' 'O' 'R' 'F' 'L' 'A' 'S' 'H' <- entry[0], signature: NORFLASH
000000013fec9010: 'T' ' ' '\xc6' ';' '\x01' '\x00' '\x00' '\x00' <- entry[0], GetPhysicalAddress *physical*: 0x000000013bc62054
000000013fec9018: 'N' 'O' 'R' 'F' 'L' 'A' 'S' 'H' <- entry[1], signature: NORFLASH
000000013fec9020: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[1], GetPhysicalAddress *virtual*: 0x00000000244e2054
000000013fec9028: 'V' 'A' 'R' 'I' 'A' 'B' 'L' 'E' <- entry[2], signature: VARIABLE
000000013fec9030: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[2], GetPhysicalAddress *physical*: 0x00000000244e2054
000000013fec9038: 'V' 'A' 'R' 'I' 'A' 'B' 'L' 'E' <- entry[3], signature: VARIABLE
000000013fec9040: 'T' ' ' 'N' '$' '\x00' '\x00' '\x00' '\x00' <- entry[3], GetPhysicalAddress *virtual*: 0x00000000244e2054
000000013fec9048: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9050: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9058: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9060: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9068: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9070: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9078: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9080: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9088: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9090: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9098: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90a0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90a8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90b0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90b8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90c0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90c8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90d0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90d8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90e0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90e8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90f0: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec90f8: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9100: '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00' '\x00'
000000013fec9108: '\x04' '\x00' '\x00' '\x00' <- number of entries used: 4
This shows the following:

- both NorFlashDxe and the runtime DXE variable driver converted the
FVB.GetPhysicalAddress member function,

- the NorFlashDxe driver acted first, the runtime DXE variable driver
acted second,

- when the runtime DXE variable driver "converted" the "physical"
address to virtual address, there was no change (and no crash!),
because the virtual address map passed in by the Linux kernel
apparently identity maps this area -- just as I guessed.

So we definitely have a bug (only Linux's page tables save us from the
crash); now the question is:

Which driver is wrong to even attempt the conversion of the FVB member
functions?

The answer must be documented somewhere highly visible.

Debug patches attached, for the record (based on commit edd46cd407ea).
Thanks for inviting me to this party!

So the tl;dr here is that some points get converted twice, which
usually is not a problem because the virtual address resulting from
the conversion is rarely mistaken for a physical address living in a
EFI_MEMORY_RUNTIME region.

So I agree with Laszlo's assertion that the consumer of a protocol has
no business updating its protocol pointers, so this should definitely
be fixed in the core VariableRuntime driver. However, given the
typical nature of the variable stack, i.e., a platform specfic NOR
flash driver combined with the generic FTW and variable drivers, doing
so would likely break many out of tree platforms where the NOR flash
driver does not bother to update its pointers at all.

11401 - 11420 of 84035