Date   

[PATCH v2 3/4] OvmfPkg: Enable physical presence interface for TPM 1.2

Stefan Berger
 

Enable the physical presence interface for TPM 1.2. It is required for the
TPM 1.2 menu to work.

The changes to DxeTcgPhysicalPresenceLib.c are due to the device we are using
in QEMU for presenting the supported PPI commands and results to the OS via
ACPI as well as to store the PPI opcode to execute.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Gerd Hoffmann <kraxel@...>
Cc: Marc-André Lureau <marcandre.lureau@...>
Signed-off-by: Stefan Berger <stefanb@...>
---
.../PlatformBootManagerLib/BdsPlatform.c | 2 +
.../PlatformBootManagerLib.inf | 1 +
.../DxeTcgPhysicalPresenceLib.c | 22 +
.../DxeTcgPhysicalPresenceLib.inf | 27 +
.../DxeTcgPhysicalPresenceLib.c | 466 +++++++++---------
.../DxeTcgPhysicalPresenceLib.inf | 14 +-
OvmfPkg/OvmfTpmLibs.dsc.inc | 4 +
.../Include/Library/TcgPhysicalPresenceLib.h | 39 ++
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf | 1 +
9 files changed, 343 insertions(+), 233 deletions(-)
create mode 100644 OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.c
create mode 100644 OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.inf

diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
index 9b21ba2bd6..f56aff2ec5 100644
--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
@@ -12,6 +12,7 @@
#include <Protocol/FirmwareVolume2.h>
#include <Library/PlatformBmPrintScLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
+#include <Library/TcgPhysicalPresenceLib.h>
#include <Library/XenPlatformLib.h>


@@ -396,6 +397,7 @@ PlatformBootManagerBeforeConsole (
//
// Process TPM PPI request; this may require keyboard input
//
+ TcgPhysicalPresenceLibProcessRequest ();
Tcg2PhysicalPresenceLibProcessRequest (NULL);

//
diff --git a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index c249a3cf1e..f12975d065 100644
--- a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -54,6 +54,7 @@
ReportStatusCodeLib
UefiLib
PlatformBmPrintScLib
+ TcgPhysicalPresenceLib
Tcg2PhysicalPresenceLib
XenPlatformLib

diff --git a/OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.c b/OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.c
new file mode 100644
index 0000000000..d434175717
--- /dev/null
+++ b/OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.c
@@ -0,0 +1,22 @@
+/** @file
+ NULL TcgPhysicalPresenceLib library instance
+
+ Copyright (C) 2021, IBM Corporation
+ Copyright (c) 2018, Red Hat, Inc.
+ Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/TcgPhysicalPresenceLib.h>
+
+VOID
+EFIAPI
+TcgPhysicalPresenceLibProcessRequest (
+ VOID
+ )
+{
+ //
+ // do nothing
+ //
+}
diff --git a/OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.inf b/OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.inf
new file mode 100644
index 0000000000..4421c6c5b0
--- /dev/null
+++ b/OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.inf
@@ -0,0 +1,27 @@
+# NULL TcgPhysicalPresenceLib library instance
+#
+# Under SecurityPkg, the corresponding library instance will check and
+# execute TPM 1.2 request from OS or BIOS; the request may ask for user
+# confirmation before execution. This Null instance implements a no-op
+# Tcg2PhysicalPresenceLibProcessRequest(), without user interaction.
+#
+# Copyright (C) 2018, Red Hat, Inc.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = DxeTcgPhysicalPresenceLibNull
+ FILE_GUID = B648575C-ED00-4C0D-BD7F-B705B9B0CC93
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER
+
+[Sources]
+ DxeTcgPhysicalPresenceLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ SecurityPkg/SecurityPkg.dec
diff --git a/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.c b/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.c
index 8a3ae95012..9e489623c3 100644
--- a/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.c
+++ b/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.c
@@ -15,18 +15,24 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

#include <PiDxe.h>

+#include <IndustryStandard/QemuTpm.h>
+#include <IndustryStandard/TcgPhysicalPresence.h>
+
#include <Protocol/TcgService.h>
#include <Protocol/VariableLock.h>
+#include <Library/HobLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
+#include <Library/DxeServicesTableLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiDriverEntryPoint.h>
#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiBootManagerLib.h>
#include <Library/UefiLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PrintLib.h>
+#include <Library/QemuFwCfgLib.h>
#include <Library/HiiLib.h>
-#include <Guid/EventGroup.h>
#include <Guid/PhysicalPresenceData.h>
#include <Library/TcgPpVendorLib.h>

@@ -34,6 +40,168 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

EFI_HII_HANDLE mPpStringPackHandle;

+STATIC volatile QEMU_TPM_PPI *mPpi;
+
+#define TPM_PPI_PROVISION_FLAGS(PpiFlags) \
+ ((PpiFlags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) \
+ ? QEMU_TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ \
+ : QEMU_TPM_PPI_FUNC_ALLOWED_USR_REQ
+
+#define TPM_PPI_CLEAR_FLAGS(PpiFlags) \
+ ((PpiFlags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) \
+ ? QEMU_TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ \
+ : QEMU_TPM_PPI_FUNC_ALLOWED_USR_REQ
+
+#define TPM_PPI_CLEAR_MAINT_FLAGS(PpiFlags) \
+ ((PpiFlags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && \
+ (PpiFlags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) \
+ ? QEMU_TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ \
+ : QEMU_TPM_PPI_FUNC_ALLOWED_USR_REQ
+
+/**
+ Reads QEMU PPI config from fw_cfg.
+
+ @param[out] The Config structure to read to.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_PROTOCOL_ERROR Invalid fw_cfg entry size.
+**/
+STATIC
+EFI_STATUS
+QemuTpmReadConfig (
+ OUT QEMU_FWCFG_TPM_CONFIG *Config
+ )
+{
+ EFI_STATUS Status;
+ FIRMWARE_CONFIG_ITEM FwCfgItem;
+ UINTN FwCfgSize;
+
+ Status = QemuFwCfgFindFile ("etc/tpm/config", &FwCfgItem, &FwCfgSize);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (FwCfgSize != sizeof (*Config)) {
+ return EFI_PROTOCOL_ERROR;
+ }
+
+ QemuFwCfgSelectItem (FwCfgItem);
+ QemuFwCfgReadBytes (sizeof (*Config), Config);
+ return EFI_SUCCESS;
+}
+
+
+/**
+ Initilalize the QEMU PPI memory region's function array
+**/
+STATIC
+VOID
+QemuTpmInitPPIFunc(
+ EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
+ )
+{
+ ZeroMem ((void *)mPpi->Func, sizeof(mPpi->Func));
+
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ENABLE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_DISABLE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ACTIVATE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_DEACTIVATE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_CLEAR] = TPM_PPI_CLEAR_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ENABLE_ACTIVATE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_DEACTIVATE_DISABLE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_OPERATOR_AUTH] = TPM_PPI_PROVISION_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE] = TPM_PPI_CLEAR_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE] = QEMU_TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ;
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE] = QEMU_TPM_PPI_FUNC_ALLOWED_USR_REQ;
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE] = QEMU_TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ;
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE] = QEMU_TPM_PPI_FUNC_ALLOWED_USR_REQ;
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE] = QEMU_TPM_PPI_FUNC_ALLOWED_USR_NOT_REQ;
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE] = QEMU_TPM_PPI_FUNC_ALLOWED_USR_REQ;
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR] = TPM_PPI_CLEAR_MAINT_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE] = TPM_PPI_CLEAR_MAINT_FLAGS(PpiFlags);
+ mPpi->Func[TCG_PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR] = TPM_PPI_CLEAR_MAINT_FLAGS(PpiFlags);
+}
+
+
+/**
+ Initializes QEMU PPI memory region.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_PROTOCOL_ERROR PPI address is invalid.
+**/
+STATIC
+EFI_STATUS
+QemuTpmInitPPI (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ QEMU_FWCFG_TPM_CONFIG Config;
+ EFI_PHYSICAL_ADDRESS PpiAddress64;
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR Descriptor;
+ EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
+
+ if (mPpi != NULL) {
+ return EFI_SUCCESS;
+ }
+
+ Status = QemuTpmReadConfig (&Config);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (Config.TpmVersion != QEMU_TPM_VERSION_1_2) {
+ DEBUG ((DEBUG_ERROR, "[TPM] Not setting up PPI. This is not a TPM 1.2.\n"));
+ return EFI_PROTOCOL_ERROR;
+ }
+
+ mPpi = (QEMU_TPM_PPI *)(UINTN)Config.PpiAddress;
+ if (mPpi == NULL) {
+ return EFI_PROTOCOL_ERROR;
+ }
+
+ DEBUG ((DEBUG_INFO, "[TPM] mPpi=%p version=%d\n", mPpi, Config.TpmVersion));
+
+ PpiAddress64 = (UINTN)mPpi;
+ if ((PpiAddress64 & ~(UINT64)EFI_PAGE_MASK) !=
+ ((PpiAddress64 + sizeof *mPpi - 1) & ~(UINT64)EFI_PAGE_MASK)) {
+ DEBUG ((DEBUG_ERROR, "[TPM] mPpi crosses a page boundary\n"));
+ goto InvalidPpiAddress;
+ }
+
+ Status = gDS->GetMemorySpaceDescriptor (PpiAddress64, &Descriptor);
+ if (EFI_ERROR (Status) && Status != EFI_NOT_FOUND) {
+ ASSERT_EFI_ERROR (Status);
+ goto InvalidPpiAddress;
+ }
+ if (!EFI_ERROR (Status) &&
+ (Descriptor.GcdMemoryType != EfiGcdMemoryTypeMemoryMappedIo &&
+ Descriptor.GcdMemoryType != EfiGcdMemoryTypeNonExistent)) {
+ DEBUG ((DEBUG_ERROR, "[TPM] mPpi has an invalid memory type\n"));
+ goto InvalidPpiAddress;
+ }
+
+ PpiFlags.PPFlags = 0;
+ QemuTpmInitPPIFunc(PpiFlags);
+
+ if (mPpi->In == 0) {
+ mPpi->In = 1;
+ mPpi->Request = PHYSICAL_PRESENCE_NO_ACTION;
+ mPpi->LastRequest = PHYSICAL_PRESENCE_NO_ACTION;
+ mPpi->NextStep = PHYSICAL_PRESENCE_NO_ACTION;
+ }
+
+ return EFI_SUCCESS;
+
+InvalidPpiAddress:
+ mPpi = NULL;
+ return EFI_PROTOCOL_ERROR;
+}
+
/**
Get string by string id from HII Interface.

@@ -506,7 +674,7 @@ TcgPhysicalPresenceLibConstructor (
IN EFI_SYSTEM_TABLE *SystemTable
)
{
- mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, DxeTcgPhysicalPresenceLibStrings, NULL);
+ mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, TcgPhysicalPresenceLibQemuStrings, NULL);
ASSERT (mPpStringPackHandle != NULL);

return EFI_SUCCESS;
@@ -875,6 +1043,10 @@ UserConfirm (
return FALSE;
}

+ // Console for user interaction
+ // We need to connect all trusted consoles for TCG PP. Here we treat all consoles in OVMF to be trusted consoles.
+ EfiBootManagerConnectAllDefaultConsoles ();
+
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);
@@ -975,7 +1147,7 @@ HaveValidTpmRequest (

default:
if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
- IsRequestValid = TcgPpVendorLibHasValidRequest (TcgPpData->PPRequest, Flags.PPFlags, RequestConfirmed);
+ IsRequestValid = FALSE; // vendor-specifc commands are not supported
if (!IsRequestValid) {
return FALSE;
} else {
@@ -1015,60 +1187,47 @@ HaveValidTpmRequest (
@param[in] Flags The physical presence interface flags.

**/
+STATIC
VOID
ExecutePendingTpmRequest (
IN EFI_TCG_PROTOCOL *TcgProtocol,
- IN EFI_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
)
{
EFI_STATUS Status;
- UINTN DataSize;
BOOLEAN RequestConfirmed;
+ EFI_PHYSICAL_PRESENCE TcgPpData;
EFI_PHYSICAL_PRESENCE_FLAGS NewFlags;
- BOOLEAN ResetRequired;
- UINT32 NewPPFlags;

- if (!HaveValidTpmRequest(TcgPpData, Flags, &RequestConfirmed)) {
+ DEBUG ((DEBUG_INFO, "[TPM] Flags=%x, PPRequest=%x\n", Flags.PPFlags, mPpi->Request));
+
+ TcgPpData.PPRequest = (UINT8)mPpi->Request;
+
+ if (!HaveValidTpmRequest(&TcgPpData, Flags, &RequestConfirmed)) {
//
// Invalid operation request.
//
- TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
- TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- TcgPpData
- );
+ mPpi->Response = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
+ mPpi->LastRequest = mPpi->Request;
+ mPpi->Request = TCG_PHYSICAL_PRESENCE_NO_ACTION;
+ mPpi->RequestParameter = 0;
return;
}

- ResetRequired = FALSE;
- if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
- NewFlags = Flags;
- NewPPFlags = NewFlags.PPFlags;
- TcgPpData->PPResponse = TcgPpVendorLibExecutePendingRequest (TcgPpData->PPRequest, &NewPPFlags, &ResetRequired);
- NewFlags.PPFlags = (UINT8)NewPPFlags;
- } else {
- if (!RequestConfirmed) {
- //
- // Print confirm text and wait for approval.
- //
- RequestConfirmed = UserConfirm (TcgPpData->PPRequest);
- }
-
+ if (!RequestConfirmed) {
//
- // Execute requested physical presence command
+ // Print confirm text and wait for approval.
//
- TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_USER_ABORT;
- NewFlags = Flags;
- if (RequestConfirmed) {
- TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &NewFlags);
- }
+ RequestConfirmed = UserConfirm (mPpi->Request);
+ }
+
+ //
+ // Execute requested physical presence command
+ //
+ mPpi->Response = TCG_PP_OPERATION_RESPONSE_USER_ABORT;
+ NewFlags = Flags;
+ if (RequestConfirmed) {
+ mPpi->Response = ExecutePhysicalPresence (TcgProtocol, mPpi->Request, &NewFlags);
}

//
@@ -1085,39 +1244,32 @@ ExecutePendingTpmRequest (
if (EFI_ERROR (Status)) {
return;
}
+
+ //
+ // Update the flags for the commands following PPFlags changes
+ //
+ QemuTpmInitPPIFunc(NewFlags);
+
+ DEBUG ((DEBUG_INFO, "[TPM] New PPFlags = %x\n", NewFlags.PPFlags));
}

//
// Clear request
//
if ((NewFlags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
- TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
+ mPpi->LastRequest = mPpi->Request;
+ mPpi->Request = PHYSICAL_PRESENCE_NO_ACTION;
+ mPpi->RequestParameter = 0;
}

- //
- // Save changes
- //
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- TcgPpData
- );
- if (EFI_ERROR (Status)) {
- return;
- }
-
- if (TcgPpData->PPResponse == TCG_PP_OPERATION_RESPONSE_USER_ABORT) {
+ if (mPpi->Response == TCG_PP_OPERATION_RESPONSE_USER_ABORT) {
return;
}

//
// Reset system to make new TPM settings in effect
//
- switch (TcgPpData->LastPPRequest) {
+ switch (mPpi->LastRequest) {
case PHYSICAL_PRESENCE_ACTIVATE:
case PHYSICAL_PRESENCE_DEACTIVATE:
case PHYSICAL_PRESENCE_CLEAR:
@@ -1131,17 +1283,10 @@ ExecutePendingTpmRequest (
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
break;
default:
- if (TcgPpData->LastPPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
- if (ResetRequired) {
- break;
- } else {
- return ;
- }
- }
- if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {
- break;
- }
- return;
+ if (mPpi->Request != TCG_PHYSICAL_PRESENCE_NO_ACTION) {
+ break;
+ }
+ return;
}

Print (L"Rebooting system to make TPM settings in effect\n");
@@ -1172,11 +1317,25 @@ TcgPhysicalPresenceLibProcessRequest (
BOOLEAN LifetimeLock;
BOOLEAN CmdEnable;
UINTN DataSize;
- EFI_PHYSICAL_PRESENCE TcgPpData;
EFI_TCG_PROTOCOL *TcgProtocol;
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
+// EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;

+ Status = QemuTpmInitPPI ();
+ if (EFI_ERROR (Status)) {
+ return ;
+ }
+
+ DEBUG ((DEBUG_INFO, "[TPM] Detected a TPM 1.2\n"));
+
+ //
+ // Check S4 resume
+ //
+ if (GetBootModeHob () == BOOT_ON_S4_RESUME) {
+ DEBUG ((DEBUG_INFO, "S4 Resume, Skip TPM PP process!\n"));
+ return ;
+ }
+
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
return ;
@@ -1213,6 +1372,7 @@ TcgPhysicalPresenceLibProcessRequest (
// This flags variable controls whether physical presence is required for TPM command.
// It should be protected from malicious software. We set it as read-only variable here.
//
+#if 0
Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);
if (!EFI_ERROR (Status)) {
Status = VariableLockProtocol->RequestToLock (
@@ -1225,37 +1385,13 @@ TcgPhysicalPresenceLibProcessRequest (
ASSERT_EFI_ERROR (Status);
}
}
+#endif

- //
- // Initialize physical presence variable.
- //
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &TcgPpData
- );
- if (EFI_ERROR (Status)) {
- ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &TcgPpData
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "[TPM] Set physical presence variable failed, Status = %r\n", Status));
- return;
- }
- }
+ QemuTpmInitPPIFunc(PpiFlags);

- DEBUG ((DEBUG_INFO, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags.PPFlags, TcgPpData.PPRequest));
+ DEBUG ((DEBUG_INFO, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags.PPFlags, mPpi->Request));

- if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {
+ if (mPpi->Request == PHYSICAL_PRESENCE_NO_ACTION) {
//
// No operation request
//
@@ -1291,8 +1427,8 @@ TcgPhysicalPresenceLibProcessRequest (
//
// Execute pending TPM request.
//
- ExecutePendingTpmRequest (TcgProtocol, &TcgPpData, PpiFlags);
- DEBUG ((DEBUG_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));
+ ExecutePendingTpmRequest (TcgProtocol, PpiFlags);
+ DEBUG ((DEBUG_INFO, "[TPM] PPResponse = %x\n", mPpi->Response));

//
// Lock physical presence.
@@ -1300,104 +1436,6 @@ TcgPhysicalPresenceLibProcessRequest (
TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);
}

-/**
- Check if the pending TPM request needs user input to confirm.
-
- The TPM request may come from OS. This API will check if TPM request exists and need user
- input to confirmation.
-
- @retval TRUE TPM needs input to confirm user physical presence.
- @retval FALSE TPM doesn't need input to confirm user physical presence.
-
-**/
-BOOLEAN
-EFIAPI
-TcgPhysicalPresenceLibNeedUserConfirm(
- VOID
- )
-{
- EFI_STATUS Status;
- EFI_PHYSICAL_PRESENCE TcgPpData;
- UINTN DataSize;
- BOOLEAN RequestConfirmed;
- BOOLEAN LifetimeLock;
- BOOLEAN CmdEnable;
- EFI_TCG_PROTOCOL *TcgProtocol;
- EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
-
- Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
- if (EFI_ERROR (Status)) {
- return FALSE;
- }
-
- //
- // Check Tpm requests
- //
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &TcgPpData
- );
- if (EFI_ERROR (Status)) {
- return FALSE;
- }
-
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
- if (EFI_ERROR (Status)) {
- return FALSE;
- }
-
- if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {
- //
- // No operation request
- //
- return FALSE;
- }
-
- if (!HaveValidTpmRequest(&TcgPpData, PpiFlags, &RequestConfirmed)) {
- //
- // Invalid operation request.
- //
- return FALSE;
- }
-
- //
- // Check Tpm Capability
- //
- Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);
- if (EFI_ERROR (Status)) {
- return FALSE;
- }
-
- if (!CmdEnable) {
- if (LifetimeLock) {
- //
- // physicalPresenceCMDEnable is locked, can't execute physical presence command.
- //
- return FALSE;
- }
- }
-
- if (!RequestConfirmed) {
- //
- // Need UI to confirm
- //
- return TRUE;
- }
-
- return FALSE;
-}
-
/**
The handler for TPM physical presence function:
Submit TPM Operation Request to Pre-OS Environment and
@@ -1416,40 +1454,16 @@ TcgPhysicalPresenceLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest
)
{
- EFI_STATUS Status;
- UINTN DataSize;
- EFI_PHYSICAL_PRESENCE PpData;
+ EFI_STATUS Status;

DEBUG ((DEBUG_INFO, "[TPM] SubmitRequestToPreOSFunction, Request = %x\n", OperationRequest));

- //
- // Get the Physical Presence variable
- //
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
+ Status = QemuTpmInitPPI ();
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
}

- PpData.PPRequest = (UINT8)OperationRequest;
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &PpData
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "[TPM] Set PP variable failure! Status = %r\n", Status));
- return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
- }
+ mPpi->Request = OperationRequest;

return TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;
}
diff --git a/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.inf b/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.inf
index cfe14f20ca..a7f76d5918 100644
--- a/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.inf
+++ b/OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.inf
@@ -16,9 +16,8 @@

[Defines]
INF_VERSION = 0x00010005
- BASE_NAME = DxeTcgPhysicalPresenceLib
- MODULE_UNI_FILE = DxeTcgPhysicalPresenceLib.uni
- FILE_GUID = EBC43A46-34AC-4F07-A7F5-A5394619361C
+ BASE_NAME = TcgPhysicalPresenceLibQemu
+ FILE_GUID = DA5A2055-ACD6-49A1-8277-857f3A47BB0C
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER
@@ -37,19 +36,22 @@
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ OvmfPkg/OvmfPkg.dec
SecurityPkg/SecurityPkg.dec

[LibraryClasses]
MemoryAllocationLib
+ DxeServicesTableLib
+ HobLib
+ QemuFwCfgLib
+ UefiBootManagerLib
UefiLib
UefiBootServicesTableLib
- UefiDriverEntryPoint
UefiRuntimeServicesTableLib
BaseMemoryLib
DebugLib
PrintLib
HiiLib
- TcgPpVendorLib

[Protocols]
gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES
@@ -57,8 +59,6 @@

[Guids]
## SOMETIMES_CONSUMES ## HII
- ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
- ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresenceFlags"
## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
gEfiPhysicalPresenceGuid
diff --git a/OvmfPkg/OvmfTpmLibs.dsc.inc b/OvmfPkg/OvmfTpmLibs.dsc.inc
index 418747b134..24b54861ed 100644
--- a/OvmfPkg/OvmfTpmLibs.dsc.inc
+++ b/OvmfPkg/OvmfTpmLibs.dsc.inc
@@ -5,6 +5,9 @@
!if $(TPM2_ENABLE) == TRUE
!if $(TPM1_ENABLE) == TRUE
Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
+ TcgPhysicalPresenceLib|OvmfPkg/Library/TcgPhysicalPresenceLibQemu/DxeTcgPhysicalPresenceLib.inf
+!else
+ TcgPhysicalPresenceLib|OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.inf
!endif
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLib.inf
@@ -13,4 +16,5 @@
!else
Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
+ TcgPhysicalPresenceLib|OvmfPkg/Library/TcgPhysicalPresenceLibNull/DxeTcgPhysicalPresenceLib.inf
!endif
diff --git a/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h b/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h
index 9826a79742..6877c08e74 100644
--- a/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h
+++ b/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h
@@ -45,4 +45,43 @@ TcgPhysicalPresenceLibNeedUserConfirm(
VOID
);

+/**
+ The handler for TPM physical presence function:
+ Return TPM Operation Response to OS Environment.
+
+ This API should be invoked in OS runtime phase to interface with ACPI method.
+
+ @param[out] MostRecentRequest Most recent operation request.
+ @param[out] Response Response to the most recent operation request.
+
+ @return Return Code for Return TPM Operation Response to OS Environment.
+**/
+UINT32
+EFIAPI
+Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
+ OUT UINT32 *MostRecentRequest,
+ OUT UINT32 *Response
+ );
+
+/**
+ The handler for TPM physical presence function:
+ Submit TPM Operation Request to Pre-OS Environment and
+ Submit TPM Operation Request to Pre-OS Environment 2.
+
+ This API should be invoked in OS runtime phase to interface with ACPI method.
+
+ Caution: This function may receive untrusted input.
+
+ @param[in] OperationRequest TPM physical presence operation request.
+ @param[in] RequestParameter TPM physical presence operation request parameter.
+
+ @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
+ Submit TPM Operation Request to Pre-OS Environment 2.
+**/
+UINT32
+EFIAPI
+TcgPhysicalPresenceLibSubmitRequestToPreOSFunction (
+ IN UINT32 OperationRequest
+ );
+
#endif
diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
index 24428e050c..b2f36fdbb2 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
@@ -47,6 +47,7 @@
HiiLib
PcdLib
PrintLib
+ TcgPhysicalPresenceLib
Tpm12DeviceLib

[Guids]
--
2.31.1


[PATCH v2 1/4] SecurityPkg: Store physical presence code by submitting to PreOS func

Stefan Berger
 

Modify SavePpRequest to look like its TPM 2 equivalent SaveTcg2PpRequest
and have it submit the physical presence opcode to the PreOS function so
that we can choose our own method for how to store it.

Move the existing code into DxeTcgPhysicalPresenceLib.c and adapt the
return codes.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Marc-André Lureau <marcandre.lureau@...>
Signed-off-by: Stefan Berger <stefanb@...>
---
.../DxeTcgPhysicalPresenceLib.c | 55 +++++++++++++++++++
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c | 41 +++++---------
2 files changed, 70 insertions(+), 26 deletions(-)

diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
index ba1abe9e08..aa0031dd77 100644
--- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
@@ -1398,3 +1398,58 @@ TcgPhysicalPresenceLibNeedUserConfirm(
return FALSE;
}

+/**
+ The handler for TPM physical presence function:
+ Submit TPM Operation Request to Pre-OS Environment and
+ Submit TPM Operation Request to Pre-OS Environment 2.
+
+ Caution: This function may receive untrusted input.
+
+ @param[in] OperationRequest TPM physical presence operation request.
+
+ @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
+ Submit TPM Operation Request to Pre-OS Environment 2.
+**/
+UINT32
+EFIAPI
+TcgPhysicalPresenceLibSubmitRequestToPreOSFunction (
+ IN UINT32 OperationRequest
+ )
+{
+ EFI_STATUS Status;
+ UINTN DataSize;
+ EFI_PHYSICAL_PRESENCE PpData;
+
+ DEBUG ((DEBUG_INFO, "[TPM] SubmitRequestToPreOSFunction, Request = %x\n", OperationRequest));
+
+ //
+ // Get the Physical Presence variable
+ //
+ DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
+ Status = gRT->GetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
+ return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
+ }
+
+ PpData.PPRequest = (UINT8)OperationRequest;
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ &PpData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "[TPM] Set PP variable failure! Status = %r\n", Status));
+ return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
+ }
+
+ return TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;
+}
diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
index 68cd62307c..61c072d1a3 100644
--- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
+++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
@@ -8,6 +8,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

#include "TcgConfigImpl.h"

+#include <IndustryStandard/TcgPhysicalPresence.h>
+#include <Library/TcgPhysicalPresenceLib.h>
+
CHAR16 mTcgStorageName[] = L"TCG_CONFIGURATION";

TCG_CONFIG_PRIVATE_DATA mTcgConfigPrivateDateTemplate = {
@@ -299,37 +302,23 @@ SavePpRequest (
)
{
EFI_STATUS Status;
- UINTN DataSize;
- EFI_PHYSICAL_PRESENCE PpData;
+ UINT32 ReturnCode;

//
- // Save TPM command to variable.
+ // Submit TPM command to PreOS fuction
//
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- PpData.PPRequest = PpRequest;
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &PpData
- );
- if (EFI_ERROR(Status)) {
- return Status;
+ ReturnCode = TcgPhysicalPresenceLibSubmitRequestToPreOSFunction (PpRequest);
+ if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
+ Status = EFI_SUCCESS;
+ } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
+ Status = EFI_OUT_OF_RESOURCES;
+ } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
+ Status = EFI_UNSUPPORTED;
+ } else {
+ Status = EFI_DEVICE_ERROR;
}

- return EFI_SUCCESS;
+ return Status;
}

/**
--
2.31.1


Re: About how to submit a new architecture called LoongArch

Andrew Fish
 

Chao,

This is probably a little out of date, but in case it helps http://vzimmer.blogspot.com/2014/11/porting-to-new-architecture.html?m=1


On Nov 2, 2021, at 7:32 AM, gaoliming <gaoliming@...> wrote:

Chao:
 Can you follow Mike's suggestion to share the your code change in your personal GitHub repo as the first step?

Thanks
Liming
-----邮件原件-----
发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Michael D
Kinney
发送时间: 2021年10月29日 13:19
收件人: devel@edk2.groups.io; kilaterlee@...; Kinney, Michael D
<michael.d.kinney@...>
主题: Re: [edk2-devel] About how to submit a new architecture called
LoongArch

LI Chao,

The best way to share your source code changes with the TianoCore
community
with a fork of the edk2 repository in your personal GitHub.  Create a branch
with the proposed changes and send an email with the link to the branch for
the community to review.

The edk2-staging repository would be a good second step if the new
architecture is approved for the EDK II project.

Best regards,

Mike

-----Original Message-----
From: Kinney, Michael D <michael.d.kinney@...>
Sent: Thursday, October 28, 2021 10:13 PM
To: devel@edk2.groups.io; kilaterlee@...; Kinney, Michael D
<michael.d.kinney@...>
Subject: RE: [edk2-devel] About how to submit a new architecture called
LoongArch

Hi LI Chao,

Can you provide a brief description of LoongArch and perhaps provide links
to
documentation and overview materials?

Thanks,

Mike


==============================================================
==================

From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
kilaterlee@...
Sent: Wednesday, October 27, 2021 2:41 AM
To: devel@edk2.groups.io
Subject: [edk2-devel] About how to submit a new architecture called
LoongArch

Dear All:
   I want to submit a new architecture called LoongArch on EDK2 and
the USWG recommands us do "code first" because the
UEFI specifitcation will easily accpet our arch.
   What can we do? Do I submit the part 1 code for new architecture on
the "staging" branch? Hop you reply. :)
________________________________________
Thanks,
LI Chao














Re: [PATCH V3 13/29] MdePkg: Add macro to check SEV/TDX guest

Gerd Hoffmann
 

On Mon, Nov 01, 2021 at 09:16:02PM +0800, Min Xu wrote:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Add macros CC_GUEST_IS_TDX/CC_GUEST_IS_SEV to check SEV/TDX guest.

Cc: Michael Roth <michael.roth@...>
Cc: Ray Ni <ray.ni@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Cc: Eric Dong <eric.dong@...>
Cc: James Bottomley <jejb@...>
Cc: Min Xu <min.m.xu@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Jordan Justen <jordan.l.justen@...>
Cc: Ard Biesheuvel <ardb+tianocore@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Min Xu <min.m.xu@intel>
Acked-by: Gerd Hoffmann <kraxel@...>

take care,
Gerd


Re: [PATCH V3 12/29] UefiCpuPkg: Define ConfidentialComputingGuestAttr

Gerd Hoffmann
 

Hi,

.../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++
MdePkg/MdePkg.dec | 4 +++
Subject doesn't match patch (UefiCpuPkg vs MdePkg).

take care,
Gerd


Re: [PATCH V3 11/29] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib

Gerd Hoffmann
 

On Mon, Nov 01, 2021 at 09:16:00PM +0800, Min Xu wrote:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

MSR is accessed in BaseXApicX2ApicLib. In TDX some MSRs are accessed
directly from/to CPU. Some should be accessed via explicit requests
from the host VMM using TDCALL(TDG.VP.VMCALL). This is done by the
help of TdxLib.

Please refer to [TDX] Section 18.1
TDX: https://software.intel.com/content/dam/develop/external/us/en/
documents/tdx-module-1.0-public-spec-v0.931.pdf

Cc: Eric Dong <eric.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Min Xu <min.m.xu@...>
Acked-by: Gerd Hoffmann <kraxel@...>


Re: [PATCH V3 10/29] UefiPayloadPkg: PreparePrepare UefiPayloadPkg to use TdxLib

Gerd Hoffmann
 

On Mon, Nov 01, 2021 at 09:15:59PM +0800, Min Xu wrote:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

TdxLib is included in BaseXApicX2ApicLib. To prevent any build
breakage, update the UefiPayloadPkg.dsc to include the TdxLib
library.

Cc: Guo Dong <guo.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Maurice Ma <maurice.ma@...>
Cc: Benjamin You <benjamin.you@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Min Xu <min.m.xu@...>
Acked-by: Gerd Hoffmann <kraxel@...>


回复: [edk2-devel] About how to submit a new architecture called LoongArch

gaoliming
 

Chao:
Can you follow Mike's suggestion to share the your code change in your personal GitHub repo as the first step?

Thanks
Liming

-----邮件原件-----
发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Michael D
Kinney
发送时间: 2021年10月29日 13:19
收件人: devel@edk2.groups.io; kilaterlee@...; Kinney, Michael D
<michael.d.kinney@...>
主题: Re: [edk2-devel] About how to submit a new architecture called
LoongArch

LI Chao,

The best way to share your source code changes with the TianoCore
community
with a fork of the edk2 repository in your personal GitHub. Create a branch
with the proposed changes and send an email with the link to the branch for
the community to review.

The edk2-staging repository would be a good second step if the new
architecture is approved for the EDK II project.

Best regards,

Mike

-----Original Message-----
From: Kinney, Michael D <michael.d.kinney@...>
Sent: Thursday, October 28, 2021 10:13 PM
To: devel@edk2.groups.io; kilaterlee@...; Kinney, Michael D
<michael.d.kinney@...>
Subject: RE: [edk2-devel] About how to submit a new architecture called
LoongArch

Hi LI Chao,

Can you provide a brief description of LoongArch and perhaps provide links
to
documentation and overview materials?

Thanks,

Mike

==============================================================
==================

From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
kilaterlee@...
Sent: Wednesday, October 27, 2021 2:41 AM
To: devel@edk2.groups.io
Subject: [edk2-devel] About how to submit a new architecture called
LoongArch

Dear All:
I want to submit a new architecture called LoongArch on EDK2 and
the USWG recommands us do "code first" because the
UEFI specifitcation will easily accpet our arch.
What can we do? Do I submit the part 1 code for new architecture on
the "staging" branch? Hop you reply. :)
________________________________________
Thanks,
LI Chao



Re: [PATCH V3 05/29] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception #ve

Gerd Hoffmann
 

On Mon, Nov 01, 2021 at 09:15:54PM +0800, Min Xu wrote:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Add base support to handle #VE exceptions. Update the common exception
handlers to invoke the VmTdExitHandleVe () function of the VmgExitLib
library when a #VE is encountered. A non-zero return code will propagate
to the targeted exception handler.

Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Eric Dong <eric.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Min Xu <min.m.xu@...>
Acked-by: Gerd Hoffmann <kraxel@...>


Re: [PATCH V3 04/29] OvmfPkg: Extend VmgExitLib to handle #VE exception #ve

Gerd Hoffmann
 

Hi,

+MmioExit (
+ IN OUT EFI_SYSTEM_CONTEXT_X64 *Regs,
+ IN TDCALL_VEINFO_RETURN_DATA *Veinfo
+ )
+{
+ do {
+ OpCode = *Rip++;
+ if (OpCode == 0x66) {
+ OpSize = 2;
Oh, wow. So the VE exit data doesn't provide the information which
io/mmio access actually triggered the exception, so you have to go
decode the instruction which trapped?

+ switch (ReturnData.VeInfo.ExitReason) {
+ case EXIT_REASON_CPUID:
+ Status = CpuIdExit (Regs, &ReturnData.VeInfo);
Indention is strange (switch + case should be the same).
Otherwise looks sane to me.

take care,
Gerd


Re: [PATCH V3 03/29] UefiCpuPkg: Extend VmgExitLibNull to handle #VE exception #ve

Gerd Hoffmann
 

On Mon, Nov 01, 2021 at 09:15:52PM +0800, Min Xu wrote:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

VmgExitLib performs the necessary processing to handle a #VC exception.
VmgExitLibNull is a NULL instance of VmgExitLib which provides a
default limited interface. In this commit VmgExitLibNull is extended to
handle a #VE exception with a default limited interface. A full feature
version of #VE handler will be created later.

Cc: Brijesh Singh <brijesh.singh@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Cc: Eric Dong <eric.dong@...>
Cc: Ray Ni <ray.ni@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Cc: Gerd Hoffmann <kraxel@...>
Signed-off-by: Min Xu <min.m.xu@...>
Acked-by: Gerd Hoffmann <kraxel@...>


Re: [PATCH 1/2] OvmfPkg/OvmfPkgX64: Add SEV launch secret and hashes table areas to MEMFD

Lendacky, Thomas
 

On 11/2/21 8:53 AM, Dov Murik wrote:
On 02/11/2021 15:29, Gerd Hoffmann wrote:
Hi,

I'm wondering whenever you actually tried to boot a sev guest
in microvm?
No I haven't tried. Do you want Microvm to be able to boot SEV guests,
or do you intentionally want to keep functionality out so it stays small?
Need to look at it on a case by case base. It is clearly not a
priority, but if it makes sense we can discuss adding it.

microvm has no support for SMM mode, and that is unlikely to change,
so anything requiring SMM mode is not going to work, thats why I dropped
SMM + secure boot + TPM bits for the initial patch series.

Having support for tpm makes sense even without secure boot, so we might
bring that back, but it'll also require some (small) changes on the host
side so qemu allows creating a tpm, generates acpi tables for the tpm etc.

Does SEV need and/or use SMM mode? Looking through AmdSevX64.dsc
doesn't give a clear answer, on one hand there is a
LibraryClasses.common.SMM_CORE section, but on the other hand it uses
the non-SMM variable driver stack.
I think SEV doesn't work with SMM. James - can you please give a more
definitive answer here?
SEV works with SMM, but SEV-ES (and likely SEV-SNP) doesn't work with SMM because of the fact that the hypervisor wants to change the guest register state to enter SMM, which isn't allowed and results in a VMRUN failure.

It might be possible to get SMM to work by having separate VMSAs for the SMM state, but it is not anything that really has been investigated too deeply.

Thanks,
Tom

-Dov


Re: [PATCH V3 02/29] MdePkg: Add TdxLib to wrap Tdx operations

Gerd Hoffmann
 

Hi,

+UINT64 mTdSharedPageMask = 0;
+UINT32 mTdMaxVCpuNum = 0;
+UINT32 mTdVCpuNum = 0;
+UINT64
+EFIAPI
+TdSharedPageMask (
+ VOID
+ )
+{
+ UINT64 Status;
+ UINT8 Gpaw;
+ TD_RETURN_DATA TdReturnData;
+
+ if (mTdSharedPageMask != 0) {
+ return mTdSharedPageMask;
+ }
Small possible optimization: you can cache the whole TD_RETURN_DATA
struct instead of the three extracted values, then ...

+ Status = TdCall (TDCALL_TDINFO, 0, 0, 0, &TdReturnData);
+ ASSERT (Status == TDX_EXIT_REASON_SUCCESS);
... you need a single TDCALL_TDINFO call only.

+ tdcall
+
+ ; Panic if TDCALL reports failure.
+ test rax, rax
+ jnz .no_return_data
+.panic:
+ ud2
Comment doesn't match code. jnz .panic ?

take care,
Gerd


Re: [PATCH 1/2] OvmfPkg/OvmfPkgX64: Add SEV launch secret and hashes table areas to MEMFD

Dov Murik
 

On 02/11/2021 15:29, Gerd Hoffmann wrote:
Hi,

I'm wondering whenever you actually tried to boot a sev guest
in microvm?
No I haven't tried. Do you want Microvm to be able to boot SEV guests,
or do you intentionally want to keep functionality out so it stays small?
Need to look at it on a case by case base. It is clearly not a
priority, but if it makes sense we can discuss adding it.

microvm has no support for SMM mode, and that is unlikely to change,
so anything requiring SMM mode is not going to work, thats why I dropped
SMM + secure boot + TPM bits for the initial patch series.

Having support for tpm makes sense even without secure boot, so we might
bring that back, but it'll also require some (small) changes on the host
side so qemu allows creating a tpm, generates acpi tables for the tpm etc.

Does SEV need and/or use SMM mode? Looking through AmdSevX64.dsc
doesn't give a clear answer, on one hand there is a
LibraryClasses.common.SMM_CORE section, but on the other hand it uses
the non-SMM variable driver stack.
I think SEV doesn't work with SMM. James - can you please give a more
definitive answer here?

-Dov


Re: [PATCH v3] MdeModulePkg/DxeCapsuleLibFmp: Use new Variable Lock interface

Pedro Falcato
 

It looks like you have a typo in "LockVaraible". It might be a good idea to fix that.

Best regards,
Pedro


On Tue, 2 Nov 2021, 06:38 Yang Jie, <jie.yang@...> wrote:
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3699
The code in MdeModulePkg\Library\DxeCapsuleLibFmp call the deprecated
interface VariableLockRequestToLock.c. So I changed the code in
FmpDevicePkg using RegisterBasicVariablePolicy, instead of the
deprecated interface.

Signed-off-by: Yang Jie <jie.yang@...>
Cc: Guomin Jiang <guomin.jiang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Jian J Wang <jian.j.wang@...>
---
 .../DxeCapsuleLibFmp/DxeCapsuleLib.inf        |  5 +-
 .../DxeCapsuleLibFmp/DxeCapsuleReportLib.c    | 87 +++++++++++++------
 2 files changed, 62 insertions(+), 30 deletions(-)

diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
index 05de4299fb..9212c81d68 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
@@ -3,7 +3,7 @@
 #
 #  Capsule library instance for DXE_DRIVER module types.
 #
-#  Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2016 - 2021, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -51,6 +51,7 @@
   DisplayUpdateProgressLib
   FileHandleLib
   UefiBootManagerLib
+  VariablePolicyHelperLib

 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax                               ## CONSUMES
@@ -71,11 +72,11 @@
 [Protocols]
   gEsrtManagementProtocolGuid                   ## CONSUMES
   gEfiFirmwareManagementProtocolGuid            ## CONSUMES
-  gEdkiiVariableLockProtocolGuid                ## SOMETIMES_CONSUMES
   gEdkiiFirmwareManagementProgressProtocolGuid  ## SOMETIMES_CONSUMES
   gEfiSimpleFileSystemProtocolGuid              ## SOMETIMES_CONSUMES
   gEfiBlockIoProtocolGuid                       ## CONSUMES
   gEfiDiskIoProtocolGuid                        ## CONSUMES
+  gEdkiiVariablePolicyProtocolGuid              ## CONSUMES

 [Guids]
   gEfiFmpCapsuleGuid                      ## SOMETIMES_CONSUMES ## GUID
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
index 0ec5f20676..4536141781 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
@@ -1,14 +1,13 @@
 /** @file
   DXE capsule report related function.

-  Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2016 - 2021, Intel Corporation. All rights reserved.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent

 **/

 #include <PiDxe.h>
 #include <Protocol/FirmwareManagement.h>
-#include <Protocol/VariableLock.h>
 #include <Guid/CapsuleReport.h>
 #include <Guid/FmpCapsule.h>
 #include <Guid/CapsuleVendor.h>
@@ -26,6 +25,7 @@
 #include <Library/ReportStatusCodeLib.h>
 #include <Library/DevicePathLib.h>
 #include <Library/CapsuleLib.h>
+#include <Library/VariablePolicyHelperLib.h>

 #include <IndustryStandard/WindowsUxCapsule.h>

@@ -94,6 +94,39 @@ GetNewCapsuleResultIndex (
   return CurrentIndex + 1;
 }

+/**
+  Lock Variable by variable policy
+
+  @param[in] VariableGuid         The Guid of the variable to be locked
+  @param[in] VariableName         The name of the variable to be locked
+  @param[in] VariablePolicy       The pointer of variable lock policy
+**/
+VOID LockVaraible (
+  IN CONST  EFI_GUID                 VariableGuid,
+  IN CHAR16                          *VariableName,
+  IN EDKII_VARIABLE_POLICY_PROTOCOL  *VariablePolicy
+  )
+{
+  EFI_STATUS                       Status;
+
+  // Set the policies to protect the target variables
+  Status = RegisterBasicVariablePolicy (VariablePolicy,
+                                        &VariableGuid,
+                                        VariableName,
+                                        VARIABLE_POLICY_NO_MIN_SIZE,
+                                        VARIABLE_POLICY_NO_MAX_SIZE,
+                                        VARIABLE_POLICY_NO_MUST_ATTR,
+                                        VARIABLE_POLICY_NO_CANT_ATTR,
+                                        VARIABLE_POLICY_TYPE_LOCK_NOW);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "DxeCapsuleLibFmp: Failed to lock variable %g %s.  Status = %r\n",
+            &VariableGuid,
+            VariableName,
+            Status));
+    ASSERT_EFI_ERROR (Status);
+  }
+}
+
 /**
   Write a new capsule status variable.

@@ -269,16 +302,17 @@ RecordFmpCapsuleStatusVariable (

 /**
   Initialize CapsuleMax variables.
+
+  @param[in] VariablePolicy       The pointer of variable lock policy
 **/
 VOID
 InitCapsuleMaxVariable (
-  VOID
+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy
   )
 {
   EFI_STATUS                       Status;
   UINTN                            Size;
   CHAR16                           CapsuleMaxStr[sizeof("Capsule####")];
-  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;

   UnicodeSPrint(
     CapsuleMaxStr,
@@ -297,25 +331,22 @@ InitCapsuleMaxVariable (
                   );
   if (!EFI_ERROR(Status)) {
     // Lock it per UEFI spec.
-    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLock);
-    if (!EFI_ERROR(Status)) {
-      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleMax", &gEfiCapsuleReportGuid);
-      ASSERT_EFI_ERROR(Status);
-    }
+    LockVaraible (gEfiCapsuleReportGuid, L"CapsuleMax", VariablePolicy);
   }
 }

 /**
   Initialize CapsuleLast variables.
+
+  @param[in] VariablePolicy       The pointer of variable lock policy
 **/
 VOID
 InitCapsuleLastVariable (
-  VOID
+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy
   )
 {
   EFI_STATUS                       Status;
   EFI_BOOT_MODE                    BootMode;
-  EDKII_VARIABLE_LOCK_PROTOCOL     *VariableLock;
   VOID                             *CapsuleResult;
   UINTN                            Size;
   CHAR16                           CapsuleLastStr[sizeof("Capsule####")];
@@ -372,11 +403,7 @@ InitCapsuleLastVariable (
     }

     // Lock it in normal boot path per UEFI spec.
-    Status = gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLock);
-    if (!EFI_ERROR(Status)) {
-      Status = VariableLock->RequestToLock(VariableLock, L"CapsuleLast", &gEfiCapsuleReportGuid);
-      ASSERT_EFI_ERROR(Status);
-    }
+    LockVaraible (gEfiCapsuleReportGuid, L"CapsuleLast", VariablePolicy);
   }
 }

@@ -430,26 +457,21 @@ InitCapsuleUpdateVariable (

 /**
   Initialize capsule relocation info variable.
+
+  @param[in] VariablePolicy       The pointer of variable lock policy
 **/
 VOID
 InitCapsuleRelocationInfo (
-  VOID
+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy
   )
 {
-  EFI_STATUS                   Status;
-  EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;
-
   CoDClearCapsuleRelocationInfo();

   //
   // Unlock Capsule On Disk relocation Info variable only when Capsule On Disk flag is enabled
   //
   if (!CoDCheckCapsuleOnDiskFlag()) {
-    Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **) &VariableLock);
-    if (!EFI_ERROR (Status)) {
-      Status = VariableLock->RequestToLock (VariableLock, COD_RELOCATION_INFO_VAR_NAME, &gEfiCapsuleVendorGuid);
-      ASSERT_EFI_ERROR (Status);
-    }
+    LockVaraible (gEfiCapsuleVendorGuid, COD_RELOCATION_INFO_VAR_NAME, VariablePolicy);
   }
 }

@@ -461,10 +483,19 @@ InitCapsuleVariable (
   VOID
   )
 {
+  EFI_STATUS                       Status;
+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy;
+
+  // Locate the VariablePolicy protocol
+  Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "DxeCapsuleReportLib %a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status));
+    ASSERT_EFI_ERROR (Status);
+  }
   InitCapsuleUpdateVariable();
-  InitCapsuleMaxVariable();
-  InitCapsuleLastVariable();
-  InitCapsuleRelocationInfo();
+  InitCapsuleMaxVariable (VariablePolicy);
+  InitCapsuleLastVariable (VariablePolicy);
+  InitCapsuleRelocationInfo (VariablePolicy);

   //
   // No need to clear L"Capsule####", because OS/APP should refer L"CapsuleLast"
--
2.26.2.windows.1



------------
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83094): https://edk2.groups.io/g/devel/message/83094
Mute This Topic: https://groups.io/mt/86760760/5946980
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [pedro.falcato@...]
------------



Re: The arm virtual machine displays problems in QXL during the UEFI phase

Gerd Hoffmann
 

On Tue, Nov 02, 2021 at 08:55:39PM +0800, Lange Tang wrote:
Hi everyone:


In order to support QXL display during the UEFI phase of the arm64 virtual machine,
Not going to fly. Use virtio-gpu instead.

Anything with a virtual pci memory bar is going to have cache attribute
problems on arm.

take care,
Gerd


Re: [PATCH 1/2] OvmfPkg/OvmfPkgX64: Add SEV launch secret and hashes table areas to MEMFD

Gerd Hoffmann
 

Hi,

I'm wondering whenever you actually tried to boot a sev guest
in microvm?
No I haven't tried. Do you want Microvm to be able to boot SEV guests,
or do you intentionally want to keep functionality out so it stays small?
Need to look at it on a case by case base. It is clearly not a
priority, but if it makes sense we can discuss adding it.

microvm has no support for SMM mode, and that is unlikely to change,
so anything requiring SMM mode is not going to work, thats why I dropped
SMM + secure boot + TPM bits for the initial patch series.

Having support for tpm makes sense even without secure boot, so we might
bring that back, but it'll also require some (small) changes on the host
side so qemu allows creating a tpm, generates acpi tables for the tpm etc.

Does SEV need and/or use SMM mode? Looking through AmdSevX64.dsc
doesn't give a clear answer, on one hand there is a
LibraryClasses.common.SMM_CORE section, but on the other hand it uses
the non-SMM variable driver stack.

take care,
Gerd


The arm virtual machine displays problems in QXL during the UEFI phase

Lange Tang
 

Hi everyone:

In order to support QXL display during the UEFI phase of the arm64 virtual machine, the modified code is as follows (based on master branch, commit id:17143c4837393d42c484b42d1789b85b2cff1aaf):

diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
index 7ef5e7297b..d73cf6aba0 100644
--- a/ArmVirtPkg/ArmVirtQemu.dsc
+++ b/ArmVirtPkg/ArmVirtQemu.dsc
@@ -501,6 +501,7 @@
   OvmfPkg/QemuRamfbDxe/QemuRamfbDxe.inf
   OvmfPkg/VirtioGpuDxe/VirtioGpu.inf
   OvmfPkg/PlatformDxe/Platform.inf
+  OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
 
   #
   # USB Support
diff --git a/ArmVirtPkg/ArmVirtQemu.fdf b/ArmVirtPkg/ArmVirtQemu.fdf
index b5e2253295..289d0c580b 100644
--- a/ArmVirtPkg/ArmVirtQemu.fdf
+++ b/ArmVirtPkg/ArmVirtQemu.fdf
@@ -126,3 +126,8 @@ READ_LOCK_STATUS   = TRUE
   }
 
 !include ArmVirtRules.fdf.inc
+
+#
+# VGA Module
+#
+# INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf

Compiled it and generate QEMU_EFI.fd, Create virtual machines by qemu, as follows:

./qemu-6.0.0/build/qemu-system-aarch64 \
-machine virt,accel=kvm,usb=off,dump-guest-core=off,gic-version=3 \
-cpu host \
-m 8192 \
-smp 16 \
-bios QEMU_EFI.fd \
-vnc 127.0.0.1:19 \
-device pcie-root-port,port=0x8,chassis=1,id=pci.1,bus=pcie.0,multifunction=on,addr=0x1 \
-device pcie-root-port,port=0x9,chassis=2,id=pci.2,bus=pcie.0,addr=0x1.0x1 \
-device pcie-root-port,port=0xa,chassis=3,id=pci.3,bus=pcie.0,addr=0x1.0x2 \
-device pcie-root-port,port=0xb,chassis=4,id=pci.4,bus=pcie.0,addr=0x1.0x3 \
-device pcie-root-port,port=0xc,chassis=5,id=pci.5,bus=pcie.0,addr=0x1.0x4 \
-device pcie-root-port,port=0xd,chassis=6,id=pci.6,bus=pcie.0,addr=0x1.0x5 \
-device pcie-root-port,port=0xe,chassis=7,id=pci.7,bus=pcie.0,addr=0x1.0x6 \
-device pcie-root-port,port=0xf,chassis=8,id=pci.8,bus=pcie.0,addr=0x1.0x7 \
-device pcie-pci-bridge,id=pci.9,bus=pci.6,addr=0x0 \
-netdev user,id=hostnet0 \
-device virtio-net-pci,id=hostnet0,mac=52:54:00:14:72:20,bus=pci.1,addr=0x0 \
-drive file=/var/lib/libvirt/images/tlj-kylin.qcow2,format=qcow2,if=none,id=drive-virtio-disk0 \
-device virtio-blk-pci,scsi=off,bus=pcie.0,addr=0x6,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 \
-device qxl-vga,id=video0,bus=pci.7,addr=0x0

The test results are as follows:
1. When the QXL device hangs on the bus=pci.9, addr=0x1 or bus=pci.7, addr=0x0, there is no display during the UEFI phase, and the following error is found by debug UEFI firmware log:
  QemuVideo: BochsID mismatch (got 0x0). From the OgmfPkg/QemuVideoDxe/Driver .c
2. When the qxl device hangs in the bus=pci.8, addr=0x0, it can be displayed normally during the UEFI phase. BochsID=0xb0c5

The way to read BochsID is PIO, and ARM does not support PIO commands, should it be changed to MMIO? Or others?
Hope to receive your suggestions or comments. Thank you!

Best regards




 


Re: [PATCH 1/2] OvmfPkg/OvmfPkgX64: Add SEV launch secret and hashes table areas to MEMFD

Dov Murik
 

Hi Gerd,

(I assume your comments are for patch 2/2)

On 02/11/2021 12:03, Gerd Hoffmann wrote:
On Tue, Nov 02, 2021 at 07:34:21AM +0000, Dov Murik wrote:
The SEV launch secret area and the QEMU hashes table area were specified
in the OvmfPkg/AmdSev/AmdSevX64 MEMFD but not in OvmfPkg/OvmfPkgX64.

Add them in OvmfPkgX64.fdf.

After this change the two MEMFD descriptions are identical:

$ sed -n -e '/FD.MEMFD/,/FV.SECFV/p' OvmfPkg/OvmfPkgX64.fdf | sha1sum
6ff89173952413fbdb7ffbbf42f8bc389c928500 -
$ sed -n -e '/FD.MEMFD/,/FV.SECFV/p' OvmfPkg/AmdSev/AmdSevX64.fdf | sha1sum
6ff89173952413fbdb7ffbbf42f8bc389c928500 -
I'm wondering whenever you actually tried to boot a sev guest
in microvm?
No I haven't tried. Do you want Microvm to be able to boot SEV guests,
or do you intentionally want to keep functionality out so it stays small?

I suspect it'll need more changes to actually work.
I saw MicrovmX64.fdf already has some SEV-related entries (like
PcdOvmfSecGhcbBackupBase), so I just added these so that its MEMFD will
be identical to AmdSevX64 and OvmfPkgX64.

-Dov


Re: [PATCH] Reallocate TPM Active PCRs based on platform support.

Gerd Hoffmann
 

Hi,

You can see no reallocation is triggered; the unsupported PCR banks are left active and no extend operations occur on them, thus leaving them uncapped.
I have seen this effect too the compiling OVMF with SHA1 support
disabled, the firmware left the SHA1 bank active then ...

take care,
Gerd

7901 - 7920 of 90962