Date   

[edk2 PATCH] MdeModulePkg: Fix typo in error message

Seonghyun Park <shpark.zilla@...>
 

Fix typo in error message in CapsuleApp.

Signed-off-by: Seonghyun Park <shpark1@protonmail.com>
---
MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c b/MdeModul=
ePkg/Application/CapsuleApp/CapsuleOnDisk.c
index dba50b3202..712cf2e1f7 100644
--- a/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c
@@ -509,7 +509,7 @@ GetUpdateFileSystem (
DevicePath =3D DuplicateDevicePath (MappedDevicePath);=0D
Status =3D GetEfiSysPartitionFromDevPath (DevicePath, &FullPath, Fs);=
=0D
if (EFI_ERROR (Status)) {=0D
- Print (L"Error: Cannot get EFI system partiion from '%s' - %r\n", Ma=
p, Status);=0D
+ Print (L"Error: Cannot get EFI system partition from '%s' - %r\n", M=
ap, Status);=0D
return EFI_NOT_FOUND;=0D
}=0D
Print (L"Warning: Cannot find Boot Option on '%s'!\n", Map);=0D
--=20
2.32.0


Re: Proposing a new area of the edk2-test repository

Nelson, Eric <eric.nelson@...>
 

 

Adding ResumeOK.efi tool under /edk2-test/test-tools/TestToolsPkg would be great.

 

Should I propose this in the RFC and DEVEL mailing lists as a next step?

 

Thanks,

__e

 

 

From: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Sent: Friday, July 9, 2021 1:12 PM
To: Bret Barkelew <Bret.Barkelew@...>; devel@edk2.groups.io; Nelson, Eric <eric.nelson@...>; G Edhaya Chandran <Edhaya.Chandran@...>; gaojie@...; Kinney, Michael D <michael.d.kinney@...>
Subject: RE: Proposing a new area of the edk2-test repository

 

Interesting, thanks for sharing Bret. Some of those tests seem to be x64 specific (SMM tests), and some can be more generic like MorLockTestApp

 

Like I said earlier, I am not against adding test tools to edk2-test. That in fact is welcomed, especially if their usefulness in validating the solutions extend beyond specific implementations.

 

What would a good tree structure look like to accommodate misc tools? Today we have

 

/edk2-test/uefi-sct/SctPkg

 

How about something like this?

/edk2-test/test-tools/TestToolsPkg

or /edk2-test/ TestToolsPkg

 

The “ResumeOK” can be placed there

 

Any other ideas?

 

 

From: Bret Barkelew <Bret.Barkelew@...>
Sent: Thursday, June 24, 2021 12:25 AM
To: devel@edk2.groups.io; eric.nelson@...; Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>; G Edhaya Chandran <Edhaya.Chandran@...>; gaojie@...; Kinney, Michael D <michael.d.kinney@...>
Subject: RE: Proposing a new area of the edk2-test repository

 

Fun fact! Mu also has a number of apps and things that we could work on moving to EDK2 if there were a suitable location. Right now, many of them are here:

mu_plus/UefiTestingPkg at release/202102 · microsoft/mu_plus (github.com)

 

- Bret

 

From: Nelson, Eric via groups.io
Sent: Wednesday, June 23, 2021 3:38 PM
To: Samer El-Haj-Mahmoud; G Edhaya Chandran; gaojie@...; devel@edk2.groups.io; Kinney, Michael D
Subject: [EXTERNAL] Re: [edk2-devel] Proposing a new area of the edk2-test repository

 

 

I have created a few other internal apps that build under WinTestPkg, although ResumeOK.efi is the only one I have received permissions to release sources for at this time.

And yes, they are primarily intended for validating Windows requirements.

I had some issues with my apps, needing to use different libraries than MdeModulePkg, and found it easier to create my own package, and use the libs I want.

 

__e

 

 

From: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Sent: Wednesday, June 23, 2021 1:56 PM
To: Nelson, Eric <eric.nelson@...>; G Edhaya Chandran <Edhaya.Chandran@...>; gaojie@...; devel@edk2.groups.io
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Subject: RE: Proposing a new area of the edk2-test repository

 

+edk2 list

 

I am not against adding additional test tools to edk2-test. Just feel like there is a need to organize and have a strategy, rather than just use edk2-test as a dumping group of miscellaneous tools.

 

There is already a place for apps under https://github.com/tianocore/edk2/tree/master/MdeModulePkg/Application

 

We also have a number of EDK2 misc applications that use edk2-libc in https://github.com/tianocore/edk2-libc/tree/master/AppPkg/Applications

 

A couple of questions:

  • Do you expect more apps from WinTestPkg to be contributed to TianoCore? And are they all around testing specific Windows requirements? If so, then having an edk2-test/WinTestPkg makes sense to me, as you will have a collection of useful testing app targeting specific area.
    • But what about other OSes?
  • If this is a one-off test app and other WinTestPkg apps are not going to be contributed, then does it make sense to put this under MdeModulePkg/Application ?

 

 

 

From: Nelson, Eric <eric.nelson@...>
Sent: Wednesday, June 23, 2021 3:10 PM
To: G Edhaya Chandran <Edhaya.Chandran@...>; gaojie@...
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Subject: RE: Proposing a new area of the edk2-test repository

 

 

Hi Edhay,

 

Do you have any more questions?

What do you think of creating another directory in edk2-test, for other test apps, in addition to uefi-sct, such as ResumeOK.efi?

 

Thanks,

__e

 

 

From: Nelson, Eric
Sent: Tuesday, June 15, 2021 12:00 PM
To: G Edhaya Chandran <Edhaya.Chandran@...>; gaojie@...
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Subject: RE: Proposing a new area of the edk2-test repository

 

 

Hi Edhay,

 

ResumeOK.efi is a tool I wrote from the HelloWorld example, that validates Windows resume from S4 requirements, specifically that the memory-map run-time memory regions don’t change, and secondly that PCI devices don’t disappear from the system, both conditions would cause Windows to fail to resume from S4.

 

You install the tool to the root of the ESP, and set it as the default/top entry in the boot manager, and launch it.  (Disable Secure Boot.)

 

It runs warm, cold, and 60s ACPI RTC wake cycles, infinitely looking for errors.

 

ResumeOK.efi writes a file to the root of the ESP, ResumeOK.map, which contains the ACPI Facs->HardwareSignature, a list of the PCI devices in the system, and a copy of its memory map, from the first time it runs.

 

During each test pass, it runs a barrage of tests:

 

  1. Free memory test – does the available memory match the memory map saved in ResumeOK.map
  2. HW signature check – does the system still have the same HW signature as saved in the ResumeOK.map
  3. Allocation test – all the available memory is allocated, and then the memory map is checked if the run-time regions match ResumeOK.map.

 

If any of the tests fail, then the new/missing PCI devices are listed (HW signature fail case), or the memory descriptor that changed, it’s location, and current and previous type and size.

 

I have received permission from Intel to *try* to release the source under Edk2-test.

 

I’ve included a 64-bit binary, if you want to give it a test drive.

 

Make sure Secure Boot is off.

Also, it is required to manually delete any ResumeOK.map on the ESP, before beginning a new test pass.

 

The tool also supports a host of EFI Shell commands:

 

Resumeok.efi MEMMAP – displays Windows coalesced view of the current memory map

ResumeOK.efi ROKMAP – displays Windows coalesced view of the memory saved in ResumeOK.map

ResumeOK.efi RTDATA – displays an analysis of RT_Data pool usage

ResumeOK.efi NORESET – run one test pass, but suppress automatic SX cycling

 

These are the files that build it:

 

Edk2\WinTestPkg\Application

Edk2\WinTestPkg\WinTestPkg.dec

Edk2\WinTestPkg\WinTestPkg.dsc

Edk2\WinTestPkg\Application\ResumeOK

Edk2\WinTestPkg\Application\ResumeOK\AcpiTbl.c

Edk2\WinTestPkg\Application\ResumeOK\AcpiTbl.h

Edk2\WinTestPkg\Application\ResumeOK\AppSupport.c

Edk2\WinTestPkg\Application\ResumeOK\BitMap.c

Edk2\WinTestPkg\Application\ResumeOK\BitMap.h

Edk2\WinTestPkg\Application\ResumeOK\EfiFileLib.c

Edk2\WinTestPkg\Application\ResumeOK\EfiFileLib.h

Edk2\WinTestPkg\Application\ResumeOK\pci.c

Edk2\WinTestPkg\Application\ResumeOK\Pci.h

Edk2\WinTestPkg\Application\ResumeOK\ResumeOK.c

Edk2\WinTestPkg\Application\ResumeOK\ResumeOK.h

Edk2\WinTestPkg\Application\ResumeOK\ResumeOK.inf

Edk2\WinTestPkg\Application\ResumeOK\ResumeOK.uni

Edk2\WinTestPkg\Application\ResumeOK\ResumeOKExtra.uni

Edk2\WinTestPkg\Application\ResumeOK\RtData.c

Edk2\WinTestPkg\Application\ResumeOK\TimeBaseLib.c

 

Thanks,

__e

 

 

From: G Edhaya Chandran <Edhaya.Chandran@...>
Sent: Monday, June 14, 2021 9:36 PM
To: Nelson, Eric <eric.nelson@...>; gaojie@...
Cc: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@...>
Subject: RE: Proposing a new area of the edk2-test repository

 

Hi Eric,

 

    Thanks for reaching out to us.

Can we get more details of the tool?

 

Is this tool already open sourced or could you send us the basic documentation pertaining to it.

 

With Warm Regards,
Edhay

 

 

From: Nelson, Eric <eric.nelson@...>
Sent: 15 June 2021 04:23
To: gaojie@...; G Edhaya Chandran <Edhaya.Chandran@...>
Subject: Proposing a new area of the edk2-test repository

 

 

Hello SCT maintainers,

 

I’m looking to release source to a UEFI validation tool that has been a big hit with platform BIOS validation teams, so it can help other PC vendors.

 

My coworker Michael Kinney suggested I reach out to you directly about the idea of creating a new top level directory in the edk2-test repro for other test apps, and I could be maintainer.

 

What do you think of creating another directory in edk2-test, for other test apps, in addition to uefi-sct?

 

Thanks!

__e

 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

 

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


[PATCH] MdeModulePkg: CapsuleApp: Fix typo

Seonghyun Park <shpark1@...>
 

Fix typo in comment

Signed-off-by: Seonghyun Park <shpark1@protonmail.com>
---
MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c b/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c
index dba50b3202..712cf2e1f7 100644
--- a/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c
+++ b/MdeModulePkg/Application/CapsuleApp/CapsuleOnDisk.c
@@ -509,7 +509,7 @@ GetUpdateFileSystem (
DevicePath = DuplicateDevicePath (MappedDevicePath);
Status = GetEfiSysPartitionFromDevPath (DevicePath, &FullPath, Fs);
if (EFI_ERROR (Status)) {
- Print (L"Error: Cannot get EFI system partiion from '%s' - %r\n", Map, Status);
+ Print (L"Error: Cannot get EFI system partition from '%s' - %r\n", Map, Status);
return EFI_NOT_FOUND;
}
Print (L"Warning: Cannot find Boot Option on '%s'!\n", Map);
--
2.32.0


NetworkPkg: NetRandomInitSeed random seed generation

Arti Gupta <arti.gupta@...>
 

Hello,

While reviewing the code for NetRandomInitSeed in the DDxeNetLib, I see that it uses the time of day for random seed generation instead of something like RDRAND. Is there a reason for NetRandomInitSeed to do it this way? Also, there is no error status checking in the code if GetTime fails.

Thanks,
Arti


Re: [PATCH v2] IntelSiliconPkg/VTd: Fix variables may be used uninitialized

Chaganty, Rangasai V
 

Reviewed-by: Sai Chaganty <rangasai.v.chaganty@intel.com>

-----Original Message-----
From: Hsu, WesleyX <wesleyx.hsu@intel.com>
Sent: Thursday, July 29, 2021 12:23 AM
To: devel@edk2.groups.io
Cc: Hsu, WesleyX <wesleyx.hsu@intel.com>; Chan, Amy <amy.chan@intel.com>; Yeh, HerbX <herbx.yeh@intel.com>; Peng, NickX <nickx.peng@intel.com>; Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com>
Subject: [PATCH v2] IntelSiliconPkg/VTd: Fix variables may be used uninitialized

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3491

Initialize several variables which may be used uninitialized after adding "-ffat-lto-objects" option in GCC5 tool chain.

Change-Id: Ib2684aa70637d449f8bbddb18cf0a458a2742909
Signed-off-by: WesleyX Hsu <wesleyx.hsu@intel.com>
Cc: Amy Chan <amy.chan@intel.com>
Cc: HerbX Yeh <herbx.yeh@intel.com>
Cc: NickX Peng <nickx.peng@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
---
Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDmarPei/TranslationTable.c | 7 ++++++-
Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/TranslationTable.c | 9 +++++++--
2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDmarPei/TranslationTable.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDmarPei/TranslationTable.c
index 341e2beb..6676b2a9 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDmarPei/TranslationTable.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDmarPei/Translat
+++ ionTable.c
@@ -1,6 +1,6 @@
/** @file

- Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2020 - 2021, Intel Corporation. All rights
+ reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -111,6 +111,11 @@ CreateSecondLevelPagingEntryTable (
return EFI_SUCCESS;
}

+ Lvl4PagesStart = 0;
+ Lvl4PagesEnd = 0;
+ Lvl4PtEntry = NULL;
+ Lvl5PtEntry = NULL;
+
BaseAddress = ALIGN_VALUE_LOW (MemoryBase, SIZE_2MB);
EndAddress = ALIGN_VALUE_UP (MemoryLimit, SIZE_2MB);
DEBUG ((DEBUG_INFO, "CreateSecondLevelPagingEntryTable: BaseAddress - 0x%016lx, EndAddress - 0x%016lx\n", BaseAddress, EndAddress)); diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/TranslationTable.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/TranslationTable.c
index d152039f..ca5f65a8 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/TranslationTable.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/TranslationT
+++ able.c
@@ -1,6 +1,6 @@
/** @file

- Copyright (c) 2017 - 2018, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2017 - 2021, Intel Corporation. All rights
+ reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent

**/
@@ -133,7 +133,7 @@ CreateContextEntry (
mVtdUnitInformation[VtdIndex].Is5LevelPaging = TRUE;
if ((mAcpiDmarTable->HostAddressWidth <= 48) &&
((mVtdUnitInformation[VtdIndex].CapReg.Bits.SAGAW & BIT2) != 0)) {
- mVtdUnitInformation[VtdIndex].Is5LevelPaging = FALSE;
+ mVtdUnitInformation[VtdIndex].Is5LevelPaging = FALSE;
}
} else if ((mVtdUnitInformation[VtdIndex].CapReg.Bits.SAGAW & BIT2) == 0) {
DEBUG((DEBUG_ERROR, "!!!! Page-table type is not supported on VTD %d !!!!\n", VtdIndex)); @@ -199,6 +199,11 @@ CreateSecondLevelPagingEntryTable (
return EFI_SUCCESS;
}

+ Lvl4PagesStart = 0;
+ Lvl4PagesEnd = 0;
+ Lvl4PtEntry = NULL;
+ Lvl5PtEntry = NULL;
+
BaseAddress = ALIGN_VALUE_LOW(MemoryBase, SIZE_2MB);
EndAddress = ALIGN_VALUE_UP(MemoryLimit, SIZE_2MB);
DEBUG ((DEBUG_INFO,"CreateSecondLevelPagingEntryTable: BaseAddress - 0x%016lx, EndAddress - 0x%016lx\n", BaseAddress, EndAddress));
--
2.32.0.windows.2


Re: [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in ResetVector

Min Xu
 

On July 29, 2021 8:13 PM, Yao Jiewen wrote:
Hey
I am not sure why Min did not response to my latest email.
I did give suggestion in my previous comment.
Ah, sorry I missed it. There are too many mails.
=====
CcWorkArea.Type = 0;
InitCcWorkAreaSev(); // set Type=1 if SEV InitCcWorkAreaTdx(); // set Type=2 if
TDX =====

That is option 1.

Thank you
Yao Jiewen

-----Original Message-----
From: Xu, Min M <min.m.xu@intel.com>
Sent: Thursday, July 29, 2021 7:54 PM
To: Brijesh Singh <brijesh.singh@amd.com>; Yao, Jiewen
<jiewen.yao@intel.com>; devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Justen, Jordan L
<jordan.l.justen@intel.com>; Erdem Aktas <erdemaktas@google.com>;
James Bottomley <jejb@linux.ibm.com>; Tom Lendacky
<thomas.lendacky@amd.com>
Subject: RE: [edk2-devel] [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in
ResetVector

On July 29, 2021 6:08 PM, Brijesh Singh wrote:
On 7/29/21 1:07 AM, Xu, Min M wrote:
On July 29, 2021 12:29 PM, Brijesh Singh wrote:
On 7/28/21 9:44 PM, Xu, Min M wrote:
Jiewen & Singh

From the discussion I am thinking we have below rules to follow
to the design the structure of TEE_WORK_AREA:
1. Design should be flexible but not too complicated 2. Reuse
the current SEV_ES_WORK_AREA (PcdSevEsWorkAreaBase) as
TEE_WORK_AREA 3.
TEE_WORK_AREA should be initialized to all-0 at the beginning of
ResetVecotr 4. Reduce the changes to exiting code if possible

So I try to make below conclusions below: (Please review) 1.
SEV_ES_WORK_AREA is used as the TEE_WORK_AREA by both TDX and
SEV,
maybe in the future it can be used by other CC technologies.

2. In MEMFD, add below initial value. So that TEE_WORK_AREA is
guaranteed to be cleared in legacy guest. In TDX this memory
region is initialized to be all-0 by host VMM. In SEV the memory
region is
cleared as well.
0x00B000|0x001000
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpa
ce
Guid.PcdSevEsWorkAreaSize
DATA = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}
Hmm, I thought the contents of the data pages are controlled by
the host
VMM.
If the backing pages are not zero filled then there is no
guarantee that memory will be zero.  To verify it:

1. I applied your above change in OvmfPkgX86.fdt. I modified the
DATA values from 0x00 -> 0xCC

2. Modified the SecMain.c to dump the SevEsWorkArea on entry

And dump does not contain the 0xcc.

And to confirm further,  I attached to the qemu with the GDB
before the booting the OVMF, and modified the SevEsWorkArea with
some garbage number  and this time the dump printed garbage value
I put
through the debugger.

In summary, the OVMF to zero the workarea memory on the entry and
we
cannot rely on the DATA={0x00, 0x00...} to zero the CCWorkArea.
So in legacy guest, CCWorkArea is cleared to all-0 without the
DATA={0x00,0x00...}, right?

Okay, maybe I was not able to communicate it correctly.

The run I did is for the legacy guest. For the legacy guest, the
contents of the CCWorkArea may *not* be always zero even when you
use the DATA={0x00, 0x00...}.

Currently, Qemu uses zero filled backing pages, so we will get a
zero filled CCWorkArea; but nothing says that a backing page *must* be
zero.
Another VMM may choose to do things differently. In summary, the
OVMF reset vector code must zero  the CCWorkArea  before calling SEV
or TDX probes.
Ah, I see.
In current CheckSevFeatures, byte[SEV_ES_WORK_AREA] is cleared to0.
Then its values is set based on the result of SEV probe.

There is a bug here. CheckTdxFeatures does the similar work and it
sets the WORK_AREA to 2. If CheckSevFeatures is called after
CheckTdxFeatures, then WORK_AREA is cleared and it is set to 0 because
it is not SEV. The value is override.

I think there are 2 options:
Option 1:
Neither CheckTdxFeatures nor CheckSevFeatures should clear WORK_AREA.
Instead
It should be cleared to 0 outside and before these 2 calls. So in
Main16 after TransitionFromReal16To32BitFlat WORK_AREA is cleared to
0. In Tdx guest this WORK_AREA is initialized to 0 by host VMM.

Option 2:
Another option is to figure out a mechanism that only one
CheckXXXFeatures is called.
Since there are 2 entry point in Main.asm: Main16 and Main32.
In Main16 CheckSevFeatures is called after TransitionFromReal16To32BitFlat.
(eax should
be saved because it is used in SetCr3ForPageTables64) In Main32
CheckTdxFeatures is called after ReloadFlat32.

What's your opinion?


Re: [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in ResetVector

Brijesh Singh
 

On 7/29/21 7:12 AM, Yao, Jiewen wrote:
Hey
I am not sure why Min did not response to my latest email.
I did give suggestion in my previous comment.

=====
CcWorkArea.Type = 0;
InitCcWorkAreaSev(); // set Type=1 if SEV
InitCcWorkAreaTdx(); // set Type=2 if TDX
=====

That is option 1.
Yes that is exactly what we want Jiewen. 

The OvmfPkg reset vector should initialize the type to zero on entry,
and SEV/TDX will update the value (only if the feature is detected).


Thank you
Yao Jiewen

-----Original Message-----
From: Xu, Min M <min.m.xu@intel.com>
Sent: Thursday, July 29, 2021 7:54 PM
To: Brijesh Singh <brijesh.singh@amd.com>; Yao, Jiewen
<jiewen.yao@intel.com>; devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Justen, Jordan L
<jordan.l.justen@intel.com>; Erdem Aktas <erdemaktas@google.com>; James
Bottomley <jejb@linux.ibm.com>; Tom Lendacky <thomas.lendacky@amd.com>
Subject: RE: [edk2-devel] [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in
ResetVector

On July 29, 2021 6:08 PM, Brijesh Singh wrote:
On 7/29/21 1:07 AM, Xu, Min M wrote:
On July 29, 2021 12:29 PM, Brijesh Singh wrote:
On 7/28/21 9:44 PM, Xu, Min M wrote:
Jiewen & Singh

From the discussion I am thinking we have below rules to follow to
the design the structure of TEE_WORK_AREA:
1. Design should be flexible but not too complicated 2. Reuse the
current SEV_ES_WORK_AREA (PcdSevEsWorkAreaBase) as
TEE_WORK_AREA 3.
TEE_WORK_AREA should be initialized to all-0 at the beginning of
ResetVecotr 4. Reduce the changes to exiting code if possible

So I try to make below conclusions below: (Please review) 1.
SEV_ES_WORK_AREA is used as the TEE_WORK_AREA by both TDX and
SEV,
maybe in the future it can be used by other CC technologies.

2. In MEMFD, add below initial value. So that TEE_WORK_AREA is
guaranteed to be cleared in legacy guest. In TDX this memory region
is initialized to be all-0 by host VMM. In SEV the memory region is
cleared as well.
0x00B000|0x001000
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpa
ce
Guid.PcdSevEsWorkAreaSize
DATA = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}
Hmm, I thought the contents of the data pages are controlled by the host
VMM.
If the backing pages are not zero filled then there is no guarantee
that memory will be zero.  To verify it:

1. I applied your above change in OvmfPkgX86.fdt. I modified the DATA
values from 0x00 -> 0xCC

2. Modified the SecMain.c to dump the SevEsWorkArea on entry

And dump does not contain the 0xcc.

And to confirm further,  I attached to the qemu with the GDB before
the booting the OVMF, and modified the SevEsWorkArea with some
garbage number  and this time the dump printed garbage value I put
through the debugger.
In summary, the OVMF to zero the workarea memory on the entry and
we
cannot rely on the DATA={0x00, 0x00...} to zero the CCWorkArea.
So in legacy guest, CCWorkArea is cleared to all-0 without the
DATA={0x00,0x00...}, right?

Okay, maybe I was not able to communicate it correctly.

The run I did is for the legacy guest. For the legacy guest, the contents of the
CCWorkArea may *not* be always zero even when you use the DATA={0x00,
0x00...}.

Currently, Qemu uses zero filled backing pages, so we will get a zero filled
CCWorkArea; but nothing says that a backing page *must* be zero.
Another VMM may choose to do things differently. In summary, the OVMF
reset vector code must zero  the CCWorkArea  before calling SEV or TDX
probes.
Ah, I see.
In current CheckSevFeatures, byte[SEV_ES_WORK_AREA] is cleared to0.
Then its values is set based on the result of SEV probe.

There is a bug here. CheckTdxFeatures does the similar work and it sets the
WORK_AREA to 2. If CheckSevFeatures is called after CheckTdxFeatures, then
WORK_AREA is cleared and it is set to 0 because it is not SEV. The value is
override.

I think there are 2 options:
Option 1:
Neither CheckTdxFeatures nor CheckSevFeatures should clear WORK_AREA.
Instead
It should be cleared to 0 outside and before these 2 calls. So in Main16 after
TransitionFromReal16To32BitFlat WORK_AREA is cleared to 0. In Tdx guest this
WORK_AREA
is initialized to 0 by host VMM.

Option 2:
Another option is to figure out a mechanism that only one CheckXXXFeatures is
called.
Since there are 2 entry point in Main.asm: Main16 and Main32.
In Main16 CheckSevFeatures is called after TransitionFromReal16To32BitFlat.
(eax should
be saved because it is used in SetCr3ForPageTables64)
In Main32 CheckTdxFeatures is called after ReloadFlat32.

What's your opinion?


Re: [EXTERNAL] RE: [edk2-platforms][PATCH V2] PurleyOpenBoardPkg : Support for LINUX Boot

manickavasakam karpagavinayagam
 

Nate :

If you see in this patch, linux.efi/initrd.cpio.xz are dummy files. These dummy files needs to be replaced by building the Linux Kernel.

How to build Linux Kernel is mentioned in the ReadMe document which is part of this patch.

1. Follow directions on http://osresearch.net/Building/ to compile the heads kernel and initrd for qemu-system_x86_64
2. Copy the following built files
(1) initrd.cpio.xz to LinuxBootPkg/LinuxBinaries/initrd.cpio.xz
(2) bzimage to LinuxBootPkg/LinuxBinaries/linux.efi

Thank you

-Manic

-----Original Message-----
From: Desimone, Nathaniel L <nathaniel.l.desimone@intel.com>
Sent: Thursday, July 29, 2021 3:17 AM
To: Manickavasakam Karpagavinayagam <manickavasakamk@ami.com>; devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@intel.com>; Felix Polyudov <Felixp@ami.com>; Harikrishna Doppalapudi <Harikrishnad@ami.com>; Manish Jha <manishj@ami.com>; Zachary Bobroff <zacharyb@ami.com>; Manickavasakam Karpagavinayagam <manickavasakamk@ami.com>
Subject: [EXTERNAL] RE: [edk2-platforms][PATCH V2] PurleyOpenBoardPkg : Support for LINUX Boot


**CAUTION: The e-mail below is from an external source. Please exercise caution before opening attachments, clicking links, or following guidance.**

Hi Manic,

Unfortunately this patch cannot be merged as is. It appears to contain a pre-built binary of the Linux kernel that has been pre-configured for Linuxboot use. While this is very convenient, the Linux kernel is licensed under the GPL and hence we cannot add it to edk2-platforms, which must be kept as BSD only. It might be possible to add this to edk2-non-osi, but even then we would require that you provide a readme file that explains how to get and compile the source code that you used to build this exact Linux image, as required by the GPL.

The easiest and safest option would be to remove the Linux binary all together and provide instructions to the user for how to build their own image and add it to the tree.

Thanks,
Nate

-----Original Message-----
From: manickavasakam karpagavinayagam <manickavasakamk@ami.com>
Sent: Wednesday, June 30, 2021 2:57 PM
To: devel@edk2.groups.io
Cc: Oram, Isaac W <isaac.w.oram@intel.com>; Desimone, Nathaniel L
<nathaniel.l.desimone@intel.com>; Felixp@ami.com; DOPPALAPUDI,
HARIKRISHNA <harikrishnad@ami.com>; Jha, Manish <manishj@ami.com>;
Bobroff, Zachary <zacharyb@ami.com>; KARPAGAVINAYAGAM, MANICKAVASAKAM
<manickavasakamk@ami.com>
Subject: [edk2-platforms][PATCH V2] PurleyOpenBoardPkg : Support for
LINUX Boot

Support for LINUX Boot
To enable/disable feature, PcdLinuxBootEnable can be used
1. Follow directions on https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fosresearch.net%2FBuilding%2F&;data=04%7C01%7Cmanickavasakamk%40ami.com%7C3a64470864e64ee9f28d08d95260d55c%7C27e97857e15f486cb58e86c2b3040f93%7C1%7C0%7C637631398142258756%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=ylzkAVWRzAtPBLq%2FFLqn1i4Y%2Fa0o%2FjR%2B7GpsfWI6OCk%3D&amp;reserved=0 to compile the
heads kernel and initrd for qemu-system_x86_64
2. Copy the following built files
(1) initrd.cpio.xz to
PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/initrd.cpio.xz
(2) bzimage to
PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/linux.efi

Notes:
V2 :
- Rename LinuxBootPkg to LinuxBoot
- Move LinuxBootPkg to PurleyOpenBoardPkg/Features/LinuxBoot
- Follow Coding Standard in LinuxBoot.C and LinuxBoot.h

Signed-off-by: manickavasakam karpagavinayagam
<manickavasakamk@ami.com>
---
.../BoardTiogaPass/CoreDxeInclude.dsc | 5 +-
.../BoardTiogaPass/CoreUefiBootInclude.fdf | 5 +-
.../BoardTiogaPass/OpenBoardPkg.dsc | 7 +
.../BoardTiogaPass/OpenBoardPkg.fdf | 57 ++-
.../BoardTiogaPass/PlatformPkgConfig.dsc | 7 +
.../LinuxBoot/LinuxBinaries/LinuxKernel.inf | 17 +
.../LinuxBoot/LinuxBinaries/initrd.cpio.xz | Bin 0 -> 16 bytes
.../LinuxBoot/LinuxBinaries/linux.efi | Bin 0 -> 16 bytes
.../Features/LinuxBoot/LinuxBoot.c | 412 ++++++++++++++++++
.../Features/LinuxBoot/LinuxBoot.h | 185 ++++++++
.../Features/LinuxBoot/LinuxBoot.inf | 40 ++
.../Features/LinuxBoot/LinuxBootNull.c | 36 ++
.../Features/LinuxBoot/LinuxBootNull.inf | 25 ++
.../Intel/PurleyOpenBoardPkg/OpenBoardPkg.dec | 2 +
.../DxePlatformBootManagerLib/BdsPlatform.c | 9 +
.../DxePlatformBootManagerLib.inf | 2 +
Platform/Intel/Readme.md | 42 ++
17 files changed, 843 insertions(+), 8 deletions(-) create mode
100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/Lin
u
xKernel.inf
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/ini
tr
d.cpio.xz
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/lin
u
x.efi
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.c
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.h
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.inf
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull.c
create mode 100644
Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull.inf

diff --git
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreDxeInclude.dsc
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreDxeInclude.dsc
index b0660d72dd..a17015704b 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreDxeInclude.dsc
+++
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreDxeInclude.ds
+++ c
@@ -83,6 +83,7 @@

$(PLATFORM_BOARD_PACKAGE)/Override/MdeModulePkg/Bus/Pci/PciBus
Dxe/PciBusDxe.inf
#TiogaPass Override END

+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == FALSE
MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
@@ -97,10 +98,11 @@
MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf

MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
FatPkg/EnhancedFatDxe/Fat.inf
-
+!endif

#MdeModulePkg/Universal/Console/GraphicsOutputDxe/GraphicsOutputD
xe.inf

MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleD
xe.inf

+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == FALSE
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf

@@ -124,6 +126,7 @@
<LibraryClasses>
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
}
+!endif

!if gMinPlatformPkgTokenSpaceGuid.PcdBootToShellOnly == FALSE
MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreUefiBootInclud
e.fdf
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreUefiBootInclud
e.fdf
index 141ce5dda3..6cd8ba6626 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreUefiBootInclud
e.fdf
+++
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/CoreUefiBootInclu
+++ de.fdf
@@ -47,6 +47,7 @@ INF PcAtChipsetPkg/HpetTimerDxe/HpetTimerDxe.inf
INF
$(PLATFORM_BOARD_PACKAGE)/Override/MdeModulePkg/Bus/Pci/PciBus
Dxe/PciBusDxe.inf
#TiogaPass Override END

+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == FALSE
INF MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
INF MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
INF MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
@@ -62,10 +63,12 @@ INF
MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
INF MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
INF
MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
INF FatPkg/EnhancedFatDxe/Fat.inf
+!endif

#INF
MdeModulePkg/Universal/Console/GraphicsOutputDxe/GraphicsOutputDx
e.inf
INF
MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleD
xe.inf

+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == FALSE
INF
MdeModulePkg/Universal/Console/ConPlatformDxe/ConPlatformDxe.inf
INF MdeModulePkg/Universal/Console/ConSplitterDxe/ConSplitterDxe.inf

@@ -79,4 +82,4 @@ INF
MdeModulePkg/Universal/DisplayEngineDxe/DisplayEngineDxe.inf

INF MdeModulePkg/Application/UiApp/UiApp.inf
INF
MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuAp
p.inf
-
+!endif
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.dsc
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.dsc
index e4c8e7fbf1..67472a1182 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.dsc
+++
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.dsc
@@ -104,6 +104,13 @@

##########################################################
######################

[LibraryClasses.common]
+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == TRUE
+
+LinuxBootLib|$(PLATFORM_BOARD_PACKAGE)/Features/LinuxBoot/LinuxB
oot.inf
+ LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
+!else
+
+LinuxBootLib|$(PLATFORM_BOARD_PACKAGE)/Features/LinuxBoot/LinuxB
ootNull
+.inf
+!endif
+
!if gPlatformTokenSpaceGuid.PcdFastBoot == FALSE

PlatformBootManagerLib|$(PLATFORM_PACKAGE)/Bds/Library/DxePlatfor
mBootManagerLib/DxePlatformBootManagerLib.inf
!else
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.fdf
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.fdf
index 43cd8d94e1..1623c44cd8 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.fdf
+++
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/OpenBoardPkg.fdf
@@ -19,6 +19,38 @@
# Also all values will have a PCD assigned so that they can be used in the
system, and
# the FlashMap edit tool can be used to change the values here, without
effecting the code.
# This requires all code to only use the PCD tokens to recover the values.
+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == TRUE
+
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvAdvancedOffset =
0x00000000 # Flash addr (0xFF840000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvAdvancedSize =
0x00300000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvSecurityOffset =
0x00300000 # Flash addr (0xFF8A0000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvSecuritySize =
0x00100000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvOsBootOffset =
0x00400000 # Flash addr (0xFF910000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvOsBootSize =
0x00100000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspUOffset =
0x00500000 # Flash addr (0xFFE00000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspUSize =
0x00100000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvUefiBootOffset =
0x00600000 # Flash addr (0xFF9A0000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvUefiBootSize =
0x00600000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashNvStorageVariableOffset =
0x00C00000 # Flash addr (0xFF800000)
+SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
= 0x0007C000 #
+
+!else
+
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvAdvancedOffset =
0x00000000 # Flash addr (0xFF840000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvAdvancedSize =
0x00500000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvSecurityOffset =
0x00500000 # Flash addr (0xFF8A0000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvSecuritySize =
0x00100000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvOsBootOffset =
0x00600000 # Flash addr (0xFF910000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvOsBootSize =
0x00100000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspUOffset =
0x00700000 # Flash addr (0xFFE00000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspUSize =
0x00200000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvUefiBootOffset =
0x00900000 # Flash addr (0xFF9A0000)
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashFvUefiBootSize =
0x00300000 #
+SET gMinPlatformPkgTokenSpaceGuid.PcdFlashNvStorageVariableOffset =
0x00C00000 # Flash addr (0xFF800000)
+SET gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
= 0x0007C000 #
+
+!endif
+

[FD.Platform]
BaseAddress = 0xFF000000 |
gEfiPchTokenSpaceGuid.PcdFlashAreaBaseAddress
@@ -27,27 +59,27 @@ ErasePolarity = 1
BlockSize = 0x10000
NumBlocks = 0x100

-0x00000000|0x00500000
+gMinPlatformPkgTokenSpaceGuid.PcdFlashFvAdvancedOffset|gMinPlatfor
mPkgT
+okenSpaceGuid.PcdFlashFvAdvancedSize

gMinPlatformPkgTokenSpaceGuid.PcdFlashFvAdvancedBase|gMinPlatformP
kgTokenSpaceGuid.PcdFlashFvAdvancedSize
FV = FvAdvanced

-0x00500000|0x00100000
+gMinPlatformPkgTokenSpaceGuid.PcdFlashFvSecurityOffset|gMinPlatform
PkgT
+okenSpaceGuid.PcdFlashFvSecuritySize

gMinPlatformPkgTokenSpaceGuid.PcdFlashFvSecurityBase|gMinPlatformPk
gTokenSpaceGuid.PcdFlashFvSecuritySize
FV = FvSecurity

-0x00600000|0x00100000
+gMinPlatformPkgTokenSpaceGuid.PcdFlashFvOsBootOffset|gMinPlatform
PkgTok
+enSpaceGuid.PcdFlashFvOsBootSize

gMinPlatformPkgTokenSpaceGuid.PcdFlashFvOsBootBase|gMinPlatformPkg
TokenSpaceGuid.PcdFlashFvOsBootSize
FV = FvOsBoot

-0x00700000|0x00200000
+gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspUOffset|gMinPlatformPk
gToken
+SpaceGuid.PcdFlashFvFspUSize

gMinPlatformPkgTokenSpaceGuid.PcdFlashFvFspUBase|gMinPlatformPkgTo
kenSpaceGuid.PcdFlashFvFspUSize
FV = FvLateSiliconCompressed

-0x00900000|0x00300000
+gMinPlatformPkgTokenSpaceGuid.PcdFlashFvUefiBootOffset|gMinPlatfor
mPkgT
+okenSpaceGuid.PcdFlashFvUefiBootSize

gMinPlatformPkgTokenSpaceGuid.PcdFlashFvUefiBootBase|gMinPlatformPk
gTokenSpaceGuid.PcdFlashFvUefiBootSize
FV = FvUefiBoot

-0x00C00000|0x0007C000
+gMinPlatformPkgTokenSpaceGuid.PcdFlashNvStorageVariableOffset|gEfiM
deMo
+dulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize

gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase|gEfiM
deModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
#NV_VARIABLE_STORE
DATA = {
@@ -303,6 +335,19 @@ FILE DRIVER = db90bb7e-e4ba-4f07-96d6-
b7076713bd2c {

INF MdeModulePkg/Bus/Pci/NvmExpressDxe/NvmExpressDxe.inf

+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == TRUE
+
+FILE DRIVER = 81339b04-fa8c-4be0-9ca7-916fc5319eb5 {
+ SECTION DXE_DEPEX_EXP = {FALSE}
+ SECTION PE32 =
+$(PLATFORM_BOARD_PACKAGE)/Features/LinuxBoot/LinuxBinaries/linux.
efi
+}
+
+FILE FREEFORM = 16b60e5d-f1c5-42f0-9b34-08C81C430473 {
+ SECTION RAW =
+$(PLATFORM_BOARD_PACKAGE)/Features/LinuxBoot/LinuxBinaries/initrd.
cpio.
+xz
+}
+
+!endif
+

[FV.FvUefiBoot]
FvAlignment = 16
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/PlatformPkgConfig.d
sc
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/PlatformPkgConfig.
dsc
index 36a29c8d68..ff27252233 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/PlatformPkgConfig.d
sc
+++
b/Platform/Intel/PurleyOpenBoardPkg/BoardTiogaPass/PlatformPkgConfig
+++ .dsc
@@ -51,7 +51,14 @@

gMinPlatformPkgTokenSpaceGuid.PcdPerformanceEnable|TRUE

+ gPlatformTokenSpaceGuid.PcdLinuxBootEnable|FALSE
+
+!if gPlatformTokenSpaceGuid.PcdLinuxBootEnable == TRUE
+ gPlatformTokenSpaceGuid.PcdFastBoot|TRUE
+!else
gPlatformTokenSpaceGuid.PcdFastBoot|FALSE
+!endif
+
!if gPlatformTokenSpaceGuid.PcdFastBoot == TRUE
gIpmiFeaturePkgTokenSpaceGuid.PcdIpmiFeatureEnable|FALSE
gPlatformTokenSpaceGuid.PcdUpdateConsoleInBds|FALSE
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/L
i
nuxKernel.inf
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/L
i
nuxKernel.inf
new file mode 100644
index 0000000000..0e197ecb68
--- /dev/null
+++
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries
+++ /LinuxKernel.inf
@@ -0,0 +1,17 @@
+## @file
+#
+# Copyright (c) 2021, American Megatrends International LLC.<BR> # #
+SPDX-License-Identifier: BSD-2-Clause-Patent # ##
+
+[Defines]
+ INF_VERSION = 1.27
+ BASE_NAME = LinuxKernel
+ FILE_GUID = 81339b04-fa8c-4be0-9ca7-916fc5319eb5
+ MODULE_TYPE = UEFI_DRIVER
+ VERSION_STRING = 1.0
+
+[Binaries.common.AARCH64]
+ PE32|linux.efi|*
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/i
ni
trd.cpio.xz
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/i
n
itrd.cpio.xz
new file mode 100644
index
0000000000000000000000000000000000000000..01d633b27e8ea9b17084fc911
d0c8cc43a4170a9
GIT binary patch
literal 16
KcmZQzKm`B*5C8!H

literal 0
HcmV?d00001

diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/l
in
ux.efi
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBinaries/l
i
nux.efi
new file mode 100644
index
0000000000000000000000000000000000000000..01d633b27e8ea9b17084fc911
d0c8cc43a4170a9
GIT binary patch
literal 16
KcmZQzKm`B*5C8!H

literal 0
HcmV?d00001

diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.c
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.c
new file mode 100644
index 0000000000..682047cef0
--- /dev/null
+++ b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.c
@@ -0,0 +1,412 @@
+/** @file
+
+Copyright (c) 2021, American Megatrends International LLC. All rights
+reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+
+#include <PiDxe.h>
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h> #include
+<Library/UefiBootServicesTableLib.h>
+#include <Guid/DxeServices.h>
+#include <Library/DxeServicesTableLib.h> #include <Library/UefiLib.h>
+#include <Protocol/FirmwareVolume2.h> #include
<Protocol/LoadedImage.h>
+#include <Guid/MemoryTypeInformation.h> #include <Pi/PiDxeCis.h>
+#include <Pi/PiHob.h> #include <Library/PcdLib.h> #include
+<Library/DxeServicesLib.h> #include "LinuxBoot.h"
+
+//16b60e5d-f1c5-42f0-9b34-08C81C430473
+#define LINUX_BOOT_INITRD_GUID \
+ { \
+ 0x16b60e5d, 0xf1c5, 0x42f0, {0x9b, 0x34, 0x08, 0xc8, 0x1c, 0x43,
+0x04, 0x73} \
+ }
+
+#define LINUX_BOOT_KERNEL_GUID \
+ { \
+ 0x81339b04, 0xfa8c, 0x4be0, {0x9c, 0xa7, 0x91, 0x6f, 0xc5, 0x31,
+0x9e, 0xb5} \
+ }
+
+
+EFI_STATUS
+EFIAPI
+LoadLinuxCheckKernelSetup (
+ IN VOID *KernelSetup,
+ IN UINTN KernelSetupSize
+ );
+
+VOID*
+EFIAPI
+LoadLinuxAllocateKernelSetupPages (
+ IN UINTN Pages
+ );
+
+EFI_STATUS
+EFIAPI
+LoadLinuxInitializeKernelSetup (
+ IN VOID *KernelSetup
+ );
+
+VOID*
+EFIAPI
+LoadLinuxAllocateKernelPages (
+ IN VOID *KernelSetup,
+ IN UINTN Pages
+ );
+
+EFI_STATUS
+EFIAPI
+LoadLinuxSetCommandLine (
+ IN OUT VOID *KernelSetup,
+ IN CHAR8 *CommandLine
+ );
+
+EFI_STATUS
+EFIAPI
+LoadLinux (
+ IN VOID *Kernel,
+ IN OUT VOID *KernelSetup
+ );
+
+VOID*
+EFIAPI
+LoadLinuxAllocateInitrdPages (
+ IN VOID *KernelSetup,
+ IN UINTN Pages
+ );
+
+EFI_GUID gLinuxBootInitrdFileGuid = LINUX_BOOT_INITRD_GUID;
+
+EFI_GUID gLinuxBootKernelFileGuid = LINUX_BOOT_KERNEL_GUID;
+
+//-------------------------------------------------------------------
+--
+------
+
+/**
+ Dump some hexadecimal data to the screen.
+
+ @note Function taken from
+ ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.c in EDKII
+
+ @param[in] Indent How many spaces to indent the output.
+ @param[in] Offset The offset of the printing.
+ @param[in] DataSize The size in bytes of UserData.
+ @param[in] UserData The data to print out.
+**/
+static
+VOID
+DumpHex (
+ IN UINTN Indent,
+ IN UINTN Offset,
+ IN UINTN DataSize,
+ IN VOID *UserData
+ )
+{
+ UINT8 *Data;
+ CHAR8 Val[50];
+ CHAR8 Str[20];
+ UINT8 TempByte;
+ UINTN Size;
+ UINTN Index;
+ CHAR8 Hex[] = {
+ '0', '1', '2', '3', '4', '5', '6', '7',
+ '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'
+ };
+
+ DEBUG((DEBUG_INFO, "%*a 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D
0E 0F\n", Indent, ""));
+ DEBUG((DEBUG_INFO, "%*a ------------------------------------------------
\n", Indent, ""));
+
+ Data = UserData;
+ while (DataSize != 0) {
+ Size = 16;
+ if (Size > DataSize) {
+ Size = DataSize;
+ }
+
+ for (Index = 0; Index < Size; Index += 1) {
+ TempByte = Data[Index];
+ Val[Index * 3 + 0] = Hex[TempByte >> 4];
+ Val[Index * 3 + 1] = Hex[TempByte & 0xF];
+ Val[Index * 3 + 2] = (CHAR8) ((Index == 7) ? '-' : ' ');
+ Str[Index] = (CHAR8) ((TempByte < ' ' || TempByte > 'z') ? '.' :
TempByte);
+ }
+
+ Val[Index * 3] = 0;
+ Str[Index] = 0;
+ DEBUG((DEBUG_INFO, "%*a%08X: %-48a %a\n", Indent, "", Offset,
+ Val, Str));
+
+ Data += Size;
+ Offset += Size;
+ DataSize -= Size;
+ }
+}
+
+
+/**
+ * This function completes a minimal amount of the necessary BDS
+functions to prepare
+ * for booting the kernel.
+ *
+ * @param None
+ *
+ * @retval EFI_SUCCESS Successfully completed remaining tasks
+ * @return EFI_ERROR Could not complete BDS tasks
+ */
+EFI_STATUS
+CompleteBdsTasks (
+ VOID
+)
+{
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * This function will load and launch the Linux kernel from a BIOS FV.
+ *
+ * @note This function is not intended to return. Any exiting from this
function indicates
+ * a problem loading or launching the kernel.
+ *
+ * @param None
+ *
+ * @return EFI_ERROR Any error code
+ */
+EFI_STATUS
+LoadAndLaunchKernel (
+ VOID
+)
+{
+ EFI_LOADED_IMAGE_PROTOCOL *LoadedImage = NULL;
+ EFI_STATUS Status;
+ EFI_HANDLE KernelHandle = NULL;
+ VOID *KernelBuffer = NULL;
+ VOID *KernelFfsBuffer = NULL;
+ UINTN KernelFfsSize = 0;
+ VOID *InitrdData = NULL;
+ VOID *InitrdBuffer = NULL;
+ UINTN InitrdSize = 0;
+ struct BootParams *BootParams = NULL;
+ struct BootParams *HandoverParams = NULL;
+ UINT32 StartOffset = 0;
+ UINT32 KernelLength = 0;
+ UINT8 *Temp;
+ UINT8 CmdLine[] = " ";
+
+ DEBUG((DEBUG_INFO, "LoadAndLaunchKernel Entry\n"));
+
+ ///
+ /// Kernel load and preparation
+ ///
+ DEBUG((DEBUG_INFO, "Preparing the kernel...\n"));
+
+ // Retrieve the kernel from the firmware volume
+ Status = GetSectionFromAnyFv(
+ &gLinuxBootKernelFileGuid,
+ EFI_SECTION_PE32,
+ 0,
+ &KernelFfsBuffer,
+ &KernelFfsSize
+ );
+
+ DEBUG((DEBUG_INFO, "Status %r\n",Status));
+ DEBUG((DEBUG_INFO, "KernelFfsBuffer %x\n",KernelFfsBuffer));
+ DEBUG((DEBUG_INFO, "KernelFfsSize %x\n",KernelFfsSize));
+
+ if (EFI_ERROR(Status)) {
+ DEBUG((DEBUG_ERROR, "Could not retrieve kernel; %r.\n", Status));
+ goto FatalError;
+ }
+
+ DEBUG((DEBUG_INFO, "Loaded kernel to buffer at 0x%p with size
0x%X.\n", KernelFfsBuffer, KernelFfsSize));
+ DEBUG((DEBUG_INFO, "Printing first 0x%X bytes:\n",
+ MIN(KernelFfsSize, 0x100)));
+
+ DumpHex(2, 0, MIN(0x100, KernelFfsSize), KernelFfsBuffer);
+
+ // Create a LoadImage protocol for the kernel
+ Status = gBS->LoadImage(TRUE, gImageHandle, NULL,
+ KernelFfsBuffer,
KernelFfsSize, &KernelHandle);
+ if (EFI_ERROR(Status)) {
+ DEBUG((DEBUG_ERROR, "Could not create LoadImage for kernel
+ %r\n",
Status));
+ goto FatalError;
+ }
+
+ // Get the new LoadedImage protocol to retrieve information about
+ the
kernel
+ Status = gBS->HandleProtocol(KernelHandle,
&gEfiLoadedImageProtocolGuid, (VOID **) &LoadedImage);
+ if (EFI_ERROR(Status)) {
+ DEBUG((DEBUG_ERROR, "Could not get kernel LoadedImage
+ protocol;
%r\n", Status));
+ goto FatalError;
+ }
+
+ DEBUG((DEBUG_INFO, "Kernel LoadedImage information:\n"));
+ DEBUG((DEBUG_INFO, " ImageBase = 0x%p\n", LoadedImage-
ImageBase));
+ DEBUG((DEBUG_INFO, " ImageSize = 0x%p\n",
+ LoadedImage->ImageSize));
+
+ // Verify the kernel boot parameters from the LoadedImage and
+ allocate
an initalization buffer once verified
+ BootParams = (struct BootParams*) LoadedImage->ImageBase;
+
+ Status = LoadLinuxCheckKernelSetup((VOID *) BootParams,
+ sizeof(struct
BootParams));
+ if (EFI_ERROR (Status)) {
+ DEBUG((DEBUG_ERROR, "LoadLinuxCheckKernelSetup failed;
+ %r.\n",
Status));
+ goto FatalError;
+ }
+
+ HandoverParams =
LoadLinuxAllocateKernelSetupPages(EFI_SIZE_TO_PAGES(KERNEL_SETUP_SI
ZE));
+ if (HandoverParams == NULL) {
+ DEBUG((DEBUG_ERROR, "Could not allocate memory for kernel
handover parameters.\n"));
+ goto FatalError;
+ }
+ DEBUG((DEBUG_INFO, "Handover parameters allocated at 0x%p\n",
+ HandoverParams));
+
+ gBS->CopyMem(&HandoverParams->Hdr, &BootParams->Hdr,
sizeof(struct
+ SetupHeader));
+
+ Status = LoadLinuxInitializeKernelSetup(HandoverParams);
+ if (EFI_ERROR (Status)) {
+ DEBUG((DEBUG_ERROR, "Unable to initialize the handover
+ parameters;
%r.\n", Status));
+ goto FatalError;
+ }
+
+ // Allocate space for the kernel and copy it into the new buffer
+ KernelBuffer = LoadLinuxAllocateKernelPages(HandoverParams,
EFI_SIZE_TO_PAGES(HandoverParams->Hdr.InitSize));
+ if (KernelBuffer == NULL) {
+ DEBUG((DEBUG_ERROR, "Unable to allocate memory for kernel.\n"));
+ goto FatalError;
+ }
+
+ StartOffset = (HandoverParams->Hdr.SetupSecs + 1) * 512;
+ KernelLength = (UINT32) (KernelFfsSize - StartOffset);
+ Temp = (UINT8 *) LoadedImage->ImageBase;
+
+ DEBUG((DEBUG_INFO, "Kernel starts at offset 0x%X with length
+ 0x%X\n", StartOffset, KernelLength));
+
+ gBS->CopyMem(KernelBuffer, (Temp + StartOffset), KernelLength);
+ DEBUG((DEBUG_INFO, "First 0x%X bytes of new kernel buffer
+ contents:\n", MIN(0x100, KernelLength)));
+
+ DumpHex(2, 0, MIN(0x100, KernelLength), KernelBuffer);
+
+ // Prepare the command line
+ Status = LoadLinuxSetCommandLine(HandoverParams, (UINT8 *)
&CmdLine);
+ if (EFI_ERROR (Status)) {
+ DEBUG((EFI_D_INFO, "Unable to set linux command line; %r.\n",
Status));
+ goto FatalError;
+ }
+
+ HandoverParams->Hdr.Code32Start = (UINT32)(UINTN) KernelBuffer;
+ HandoverParams->Hdr.LoaderId = 0x21;
+
+ DEBUG((DEBUG_INFO, "Kernel loaded.\n"));
+
+ //
+ // Initrd load and preparation
+ //
+ DEBUG((DEBUG_INFO, "Preparing the initrd...\n"));
+
+ // Retrieve the initrd from the firmware volume
+ Status = GetSectionFromAnyFv(
+ &gLinuxBootInitrdFileGuid,
+ EFI_SECTION_RAW,
+ 0,
+ &InitrdBuffer,
+ &InitrdSize
+ );
+
+ if (EFI_ERROR(Status)) {
+ DEBUG((DEBUG_ERROR, "Could not retrieve initrd; %r.\n", Status));
+ goto FatalError;
+ }
+
+ DEBUG((DEBUG_INFO, "Loaded initrd to buffer at 0x%p with size
0x%X.\n", InitrdBuffer, InitrdSize));
+ DEBUG((DEBUG_INFO, "Printing first 0x%X bytes:\n", MIN(0x100,
InitrdSize)));
+ DumpHex(2, 0, MIN(0x100, InitrdSize), InitrdBuffer);
+
+ // Allocate the initrd for the kernel and copy it in
+ InitrdData = LoadLinuxAllocateInitrdPages(HandoverParams,
EFI_SIZE_TO_PAGES(InitrdSize));
+ if (InitrdData == NULL) {
+ DEBUG((DEBUG_ERROR, "Unable to allocate memory for initrd.\n"));
+ goto FatalError;
+ }
+
+ gBS->CopyMem(InitrdData, InitrdBuffer, InitrdSize);
+
+ HandoverParams->Hdr.RamDiskStart = (UINT32)(UINTN) InitrdData;
+ HandoverParams->Hdr.RamDiskLen = (UINT32) InitrdSize;
+
+ DEBUG((DEBUG_INFO, "Initrd loaded.\n"));
+ DEBUG((DEBUG_INFO, "Printing first 0x%X bytes of initrd
+ buffer:\n",
MIN(0x100, InitrdSize)));
+ DumpHex(2, 0, MIN(0x100, InitrdSize), InitrdData);
+
+ // General cleanup before launching the kernel
+ gBS->FreePool(InitrdBuffer);
+ InitrdBuffer = NULL;
+
+ gBS->UnloadImage(KernelHandle);
+ gBS->FreePool(KernelFfsBuffer);
+ KernelFfsBuffer = NULL;
+
+ DEBUG((DEBUG_ERROR, "Launching the kernel\n"));
+
+
+ //
+ // Signal the EFI_EVENT_GROUP_READY_TO_BOOT event.
+ //
+ EfiSignalEventReadyToBoot();
+
+
+ // Launch the kernel
+ Status = LoadLinux(KernelBuffer, HandoverParams);
+
+ ///
+ /// LoadLinux should never return if the kernel boots. Anything
+ past here
is an error scenario
+ ///
+ DEBUG((DEBUG_ERROR, "ERROR: LoadLinux has returned with status;
+ %r.\n", Status));
+
+FatalError:
+ // Free everything
+ if (InitrdData != NULL) gBS->FreePages((EFI_PHYSICAL_ADDRESS)
InitrdData, EFI_SIZE_TO_PAGES(InitrdSize));
+ if (KernelBuffer != NULL) gBS->FreePages((EFI_PHYSICAL_ADDRESS)
KernelBuffer, EFI_SIZE_TO_PAGES(HandoverParams->Hdr.InitSize));
+ if (HandoverParams != NULL) gBS->FreePages((EFI_PHYSICAL_ADDRESS)
HandoverParams, EFI_SIZE_TO_PAGES(KERNEL_SETUP_SIZE));
+ if (InitrdBuffer != NULL) gBS->FreePool(InitrdBuffer);
+ if (KernelHandle != NULL) gBS->UnloadImage(KernelHandle);
+ if (KernelFfsBuffer != NULL) gBS->FreePool(KernelFfsBuffer);
+
+ return EFI_NOT_FOUND;
+}
+
+/**
+ * This is the main function for this feature. This will handle
+finding and launching
+ * the Linux kernel.
+ *
+ * @note In general, this function will never return to BDS. The
LINUXBOOT_ALLOW_RETURN_TO_BDS
+ * token will allow you to return to BDS if the kernel fails to launch for
some reason.
+ *
+ * @param None
+ *
+ * @retval None
+ */
+
+EFI_STATUS
+LinuxBootStart (
+ VOID
+ )
+{
+ EFI_STATUS Status = EFI_SUCCESS;
+
+ // Finish BDS and then try to launch the kernel
+ //Status = CompleteBdsTasks();
+
+ if (!EFI_ERROR(Status)) {
+ LoadAndLaunchKernel();
+ }
+
+ DEBUG((DEBUG_ERROR, "-----------------------------------\n"));
+ DEBUG((DEBUG_ERROR, " ERROR: Kernel failed to launch.\n"));
+ DEBUG((DEBUG_ERROR, "-----------------------------------\n"));
+ return Status;
+}
+
+//-------------------------------------------------------------------
+--
+------
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.h
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.h
new file mode 100644
index 0000000000..ebbcd6bfd8
--- /dev/null
+++
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.h
@@ -0,0 +1,185 @@
+/** @file
+Copyright (c) 2021, American Megatrends International LLC. All rights
+reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent **/
+
+#ifndef __LINUX_BOOT_PRIVATE__H__
+#define __LINUX_BOOT_PRIVATE__H__
+#ifdef __cplusplus
+extern "C" {
+#endif // #ifdef __cplusplus
+
+//-------------------------------------------------------------------
+--
+------
+
+//#include <Token.h>
+
+#define BOOTSIG 0x1FE
+#define SETUP_HDR 0x53726448 /* 0x53726448 == "HdrS" */
+
+#define E820_RAM 1
+#define E820_RESERVED 2
+#define E820_ACPI 3
+#define E820_NVS 4
+#define E820_UNUSABLE 5
+
+#pragma pack(1)
+
+struct SetupHeader {
+ UINT8 SetupSecs; // Sectors for setup code
+ UINT16 Rootflags;
+ UINT32 SysSize;
+ UINT16 RamSize;
+ UINT16 VideoMode;
+ UINT16 RootDev;
+ UINT16 Signature; // Boot signature
+ UINT16 Jump;
+ UINT32 Header;
+ UINT16 Version;
+ UINT16 SuSwitch;
+ UINT16 SetupSeg;
+ UINT16 StartSys;
+ UINT16 KernelVer;
+ UINT8 LoaderId;
+ UINT8 LoadFlags;
+ UINT16 MoveSize;
+ UINT32 Code32Start; // Start of code loaded high
+ UINT32 RamDiskStart; // Start of initial ramdisk
+ UINT32 RamDiskLen; // Length of initial ramdisk
+ UINT32 BootSectkludge;
+ UINT16 HeapEnd;
+ UINT8 ExtLoaderVer; // Extended boot loader version
+ UINT8 ExtLoaderType; // Extended boot loader ID
+ UINT32 CmdLinePtr; // 32-bit pointer to the kernel command line
+ UINT32 RamDiskMax; // Highest legal initrd address
+ UINT32 KernelAlignment; // Physical addr alignment required for
+kernel
+ UINT8 RelocatableKernel; // Whether kernel is relocatable or not
+ UINT8 MinAlignment;
+ UINT16 XloadFlags;
+ UINT32 CmdlineSize;
+ UINT32 HardwareSubarch;
+ UINT64 HardwareSubarchData;
+ UINT32 PayloadOffset;
+ UINT32 PayloadLength;
+ UINT64 SetupData;
+ UINT64 PrefAddress;
+ UINT32 InitSize;
+ UINT32 HandoverOffset;
+};
+
+struct EfiInfo {
+ UINT32 EfiLoaderSignature;
+ UINT32 EfiSystab;
+ UINT32 EfiMemdescSize;
+ UINT32 EfiMemdescVersion;
+ UINT32 EfiMemMap;
+ UINT32 EfiMemMapSize;
+ UINT32 EfiSystabHi;
+ UINT32 EfiMemMapHi;
+};
+
+struct E820Entry {
+ UINT64 Addr; // start of memory segment
+ UINT64 Size; // size of memory segment
+ UINT32 Type; // type of memory segment
+};
+
+struct ScreenInfo {
+ UINT8 OrigX; // 0x00
+ UINT8 OrigY; // 0x01
+ UINT16 ExtMemK; // 0x02
+ UINT16 OrigVideoPage; // 0x04
+ UINT8 OrigVideoMode; // 0x06
+ UINT8 OrigVideoCols; // 0x07
+ UINT8 Flags; // 0x08
+ UINT8 Unused2; // 0x09
+ UINT16 OrigVideoEgaBx;// 0x0a
+ UINT16 Unused3; // 0x0c
+ UINT8 OrigVideoLines; // 0x0e
+ UINT8 OrigVideoIsVGA; // 0x0f
+ UINT16 OrigVideoPoints;// 0x10
+
+ // VESA graphic mode -- linear frame buffer
+ UINT16 LfbWidth; // 0x12
+ UINT16 LfbHeight; // 0x14
+ UINT16 LfbDepth; // 0x16
+ UINT32 LfbBase; // 0x18
+ UINT32 LfbSize; // 0x1c
+ UINT16 ClMagic, ClOffset; // 0x20
+ UINT16 LfbLineLength; // 0x24
+ UINT8 RedSize; // 0x26
+ UINT8 RedPos; // 0x27
+ UINT8 GreenSize; // 0x28
+ UINT8 GreenPos; // 0x29
+ UINT8 BlueSize; // 0x2a
+ UINT8 BluePos; // 0x2b
+ UINT8 RsvdSize; // 0x2c
+ UINT8 RsvdPos; // 0x2d
+ UINT16 VesaPmSeg; // 0x2e
+ UINT16 VesaPmOff; // 0x30
+ UINT16 Pages; // 0x32
+ UINT16 VesaAttributes; // 0x34
+ UINT32 Capabilities; // 0x36
+ UINT8 Reserved[6]; // 0x3a
+};
+
+struct BootParams {
+ struct ScreenInfo ScreenInfo;
+ UINT8 ApmBiosInfo[0x14];
+ UINT8 Pad2[4];
+ UINT64 TbootAddr;
+ UINT8 IstInfo[0x10];
+ UINT8 Pad3[16];
+ UINT8 Hd0Info[16];
+ UINT8 Hd1Info[16];
+ UINT8 SysDescTable[0x10];
+ UINT8 OlpcOfwHeader[0x10];
+ UINT8 Pad4[128];
+ UINT8 EdidInfo[0x80];
+ struct EfiInfo EfiInfo;
+ UINT32 AltMemK;
+ UINT32 Scratch;
+ UINT8 E820Entries;
+ UINT8 EddBufEntries;
+ UINT8 EddMbrSigBufEntries;
+ UINT8 Pad6[6];
+ struct SetupHeader Hdr;
+ UINT8 Pad7[0x290-0x1f1-sizeof(struct SetupHeader)];
+ UINT32 EddMbrSigBuffer[16];
+ struct E820Entry E820Map[128];
+ UINT8 Pad8[48];
+ UINT8 EddBuf[0x1ec];
+ UINT8 Pad9[276];
+};
+#pragma pack ()
+
+//-------------------------------------------------------------------
+--
+------
+
+#ifndef MIN
+#define MIN(x,y) ((x) < (y) ? (x) : (y))
+#endif // #ifndef MIN
+
+#define KERNEL_SETUP_SIZE 16384
+
+//-------------------------------------------------------------------
+--
+------
+
+///
+/// Function prototypes from Bds module /// VOID ConnectEverything();
+VOID RecoverTheMemoryAbove4Gb(); VOID
SignalAllDriversConnectedEvent();
+VOID SignalProtocolEvent(IN EFI_GUID *ProtocolGuid);
+
+#if LINUXBOOT_SIGNAL_EXITPMAUTH == 1
+VOID SignalExitPmAuthProtocolEvent(VOID);
+#endif // #if LINUXBOOT_SIGNAL_EXITPMAUTH == 1
+
+typedef VOID (BDS_CONTROL_FLOW_FUNCTION)();
+
+//-------------------------------------------------------------------
+--
+------
+
+/****** DO NOT WRITE BELOW THIS LINE *******/ #ifdef __cplusplus }
+#endif // #ifdef __cplusplus #endif // #ifndef
+__LINUX_BOOT_PRIVATE__H__
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.inf
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.inf
new file mode 100644
index 0000000000..5c09e5d317
--- /dev/null
+++
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBoot.inf
@@ -0,0 +1,40 @@
+## @file
+#
+# Copyright (c) 2021, American Megatrends International LLC.<BR> # #
+SPDX-License-Identifier: BSD-2-Clause-Patent # ##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ VERSION_STRING = 1.0
+ BASE_NAME = LinuxBoot
+ FILE_GUID = 74a41ddc-fac5-4787-afad-d81ee30a8b63 #
{0x74a41ddc, 0xfac5, 0x4787, {0xaf, 0xad, 0xd8, 0x1e, 0xe3, 0x0a,
0x8b, 0x63}}
+ MODULE_TYPE = DXE_DRIVER
+ LIBRARY_CLASS = LinuxBootLib|DXE_DRIVER
+[Sources]
+ LinuxBoot.c
+ LinuxBoot.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ MinPlatformPkg/MinPlatformPkg.dec
+
+[LibraryClasses]
+ UefiDriverEntryPoint
+ DxeServicesLib
+ BaseMemoryLib
+ DebugLib
+ UefiRuntimeServicesTableLib
+ UefiBootServicesTableLib
+ UefiLib
+ LoadLinuxLib
+
+[Guids]
+
+[Protocols]
+ gEfiLoadedImageProtocolGuid
+
+[Pcd]
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull.c
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull.c
new file mode 100644
index 0000000000..2e5e44db6c
--- /dev/null
+++
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull
+++ .c
@@ -0,0 +1,36 @@
+/** @file
+
+Copyright (c) 2021, American Megatrends International LLC. All rights
+reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+
+#include <PiDxe.h>
+#include <Uefi.h>
+#include <Library/BaseLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+
+
+/**
+ * This is the main function for this feature. This will handle
+finding and launching
+ * the Linux kernel.
+ *
+ * @note In general, this function will never return to BDS. The
LINUXBOOT_ALLOW_RETURN_TO_BDS
+ * token will allow you to return to BDS if the kernel fails to launch for
some reason.
+ *
+ * @param None
+ *
+ * @retval None
+ */
+
+EFI_STATUS
+LinuxBootStart (
+ VOID
+ )
+{
+
+ return EFI_SUCCESS;
+}
+
+
diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull.i
n
f
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull.i
nf
new file mode 100644
index 0000000000..e292be9671
--- /dev/null
+++
b/Platform/Intel/PurleyOpenBoardPkg/Features/LinuxBoot/LinuxBootNull
+++ .inf
@@ -0,0 +1,25 @@
+## @file
+#
+# Copyright (c) 2021, American Megatrends International LLC.<BR> # #
+SPDX-License-Identifier: BSD-2-Clause-Patent # ##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ VERSION_STRING = 1.0
+ BASE_NAME = LinuxBoot
+ FILE_GUID = 0551B6D3-0594-4B02-AF42-5A9C7515CEC8
+ MODULE_TYPE = DXE_DRIVER
+ LIBRARY_CLASS = LinuxBootLib|DXE_DRIVER
+[Sources]
+ LinuxBootNull.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+ UefiDriverEntryPoint
+ DxeServicesLib
\ No newline at end of file
diff --git a/Platform/Intel/PurleyOpenBoardPkg/OpenBoardPkg.dec
b/Platform/Intel/PurleyOpenBoardPkg/OpenBoardPkg.dec
index 4dcec5430b..0c1ab318b8 100644
--- a/Platform/Intel/PurleyOpenBoardPkg/OpenBoardPkg.dec
+++ b/Platform/Intel/PurleyOpenBoardPkg/OpenBoardPkg.dec
@@ -49,6 +49,8 @@

gPlatformTokenSpaceGuid.PcdUpdateConsoleInBds|TRUE|BOOLEAN|0x300
00035 +
gPlatformTokenSpaceGuid.PcdLinuxBootEnable|FALSE|BOOLEAN|0x300000
36+ [PcdsDynamicEx]
gPlatformTokenSpaceGuid.PcdDfxAdvDebugJumper|FALSE|BOOLEAN|0x60
00001D diff --git
a/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatfor
mPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c
b/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatfor
mPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c
index b3b8ceba6f..bd0509ab10 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatfor
mPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c
+++
b/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatf
+++ ormPkg/Bds/Library/DxePlatformBootManagerLib/BdsPlatform.c
@@ -2,6 +2,7 @@
This file include all platform action which can be customized by IBV/OEM.
Copyright (c) 2017, Intel Corporation. All rights
reserved.<BR>+Copyright (c) 2021, American Megatrends International LLC.<BR> SPDX-License-Identifier:
BSD-2-Clause-Patent **/@@ -31,6 +32,12 @@ BOOLEAN
gPPRequireUIConfirm;
extern UINTN mBootMenuOptionNumber;
+EFI_STATUS+LinuxBootStart (+ VOID+ );++
GLOBAL_REMOVE_IF_UNREFERENCED USB_CLASS_FORMAT_DEVICE_PATH
gUsbClassKeyboardDevicePath = { { {@@ -1268,6 +1275,8 @@
PlatformBootManagerAfterConsole (
LocalBootMode = gBootMode; DEBUG ((DEBUG_INFO, "Current local
bootmode - %x\n", LocalBootMode)); + LinuxBootStart();+ // // Go the
different platform policy with different boot mode // Notes: this part code
can be change with the table policydiff --git
a/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatfor
mPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLi
b.inf
b/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatfor
mPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLi
b.inf
index 5790743565..21ac65257c 100644
---
a/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatfor
mPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManagerLi
b.inf
+++
b/Platform/Intel/PurleyOpenBoardPkg/Override/Platform/Intel/MinPlatf
+++
ormPkg/Bds/Library/DxePlatformBootManagerLib/DxePlatformBootManage
rL
+++ ib.inf
@@ -2,6 +2,7 @@
# Component name for module DxePlatformBootManagerLib # # Copyright
(c) 2017 - 2021, Intel Corporation. All rights reserved.<BR>+#
Copyright (c) 2021, American Megatrends International LLC.<BR> # #
SPDX-License-
Identifier: BSD-2-Clause-Patent #@@ -40,6 +41,7 @@
PerformanceLib TimerLib Tcg2PhysicalPresenceLib+ LinuxBootLib
[Packages] MdePkg/MdePkg.decdiff --git a/Platform/Intel/Readme.md
b/Platform/Intel/Readme.md
index 06c5f32b1e..a34784ccb8 100644
--- a/Platform/Intel/Readme.md
+++ b/Platform/Intel/Readme.md
@@ -87,6 +87,11 @@ A UEFI firmware implementation using MinPlatformPkg
is constructed using the fol

----------------------------------------|-----------------------------
---------------|------
------------------------|--------------------| | Mt. Olympus | Purley
| PurleyOpenBoardPkg | BoardMtOlympus | +| Machine Name
| Supported Chipsets | BoardPkg | Board Name |+-
---------------------------------------|--------------------------------------------|--------
----------------------|--------------------|+| TiogaPass | Purley
| PurleyOpenBoardPkg | BoardTiogaPass |++ #### Simics | Machine
Name | Supported Chipsets | BoardPkg |
Board Name |@@ -250,6 +255,12 @@ return back to the minimum
platform caller.
| | | | build settings, environment variables.
| | | |---build_board.py: Optional board-specific pre-build,
| | | build, post-build and clean functions.+ | |
|------PurleyOpenBoardPkg+ | | | |------BoardTiogaPass+ |
| | |---build_config.cfg: BoardTiogaPass specific+ | | |
| build settings, environment variables.+ | | | |---
build_board.py: Optional board-specific pre-build,+ | | |
build, post-build and clean functions. | | | | | |---
---SimicsOpenBoardPkg | | | |------BoardX58Ich10@@ -292,6
+303,18 @@ For PurleyOpenBoardPkg
"bld cache-consume" Consume a cache of binary files from the specified
directory, BINARY_CACHE_PATH is empty, used "BinCache" as default path.
+For PurleyOpenBoardPkg (TiogaPass)+1. Open command window, go to the
workspace directory, e.g. c:\Edk2Workspace.+2. Type "cd edk2-
platforms\Platform\Intel\PurleyOpenBoardPkg\BoardTiogaPass".+3. Type
"GitEdk2MinBoardTiogaPass.bat" to setup GIT environment.+4. Type "bld"
to build Purley BoardTiogaPass board UEFI firmware image, "bld release" for
release build, "bld clean" to+ remove intermediate files."bld cache-
produce" Generate a cache of binary files in the specified directory,+ "bld
cache-consume" Consume a cache of binary files from the specified
directory, BINARY_CACHE_PATH is empty,+ used "BinCache" as default
path. +5. Final BIOS image will be
Build\PurleyOpenBoardPkg\BoardTiagoPass\DEBUG_VS2015x86\FV\PLATFO
RM.fd or +
Build\PurleyOpenBoardPkg\BoardTiagoPass\RELEASE_VS2015x86\FV\PLATF
ORM.fd, depending on bld batch script input.+6. This BIOS image needs to be
merged with SPS FW + ### **Known limitations**
**KabylakeOpenBoardPkg**@@ -307,6 +330,25 @@ For PurleyOpenBoardPkg
2. This firmware project does not build with the GCC compiler. 3. The
validated version of iASL compiler that can build MinPurley is
20180629. Older versions may generate ACPI build errors.
+**PurleyOpenBoardPkg Tioga Pass **+1. This firmware project has only
been tested on the Tioga Pass hardware.+2. This firmware project build
has only been tested using the Microsoft Visual Studio 2015 build
tools.+3. This firmware project does not build with the GCC
compiler.+4. The validated version of iASL compiler that can build
MinPurley is 20180629. Older versions may generate ACPI build errors.+5. Installed and booted to UEFI Windows 2016 on M.2 NVME slot+6.
Installed and booted to UEFI Windows 2019 on M.2 NVME slot and with
SATA HDD.+7. Installed and booted to UEFI RHEL 7.3 on SATA HDD+8.
Installed and booted to Ubuntu 18.04 on M.2 NVME slot.+9. Verified
Mellanox card detection during POST and OS+10. LINUX Boot Support (PcdLinuxBootEnable
needs to be enabled)++1. Follow directions on
https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fosresearch.net%2FBuilding%2F&;data=04%7C01%7Cmanickavasakamk%40ami.com%7C3a64470864e64ee9f28d08d95260d55c%7C27e97857e15f486cb58e86c2b3040f93%7C1%7C0%7C637631398142258756%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=ylzkAVWRzAtPBLq%2FFLqn1i4Y%2Fa0o%2FjR%2B7GpsfWI6OCk%3D&amp;reserved=0 to compile the heads kernel and initrd for
qemu-system_x86_64 +2. Copy the following built files +(1)
initrd.cpio.xz to LinuxBootPkg/LinuxBinaries/initrd.cpio.xz +(2)
bzimage to LinuxBootPkg/LinuxBinaries/linux.efi+++
**SimicsOpenBoardPkg** 1. This firmware project has only been tested
booting to Microsoft Windows 10 x64 and Ubuntu 17.10 with AHCI mode.
--
2.25.0.windows.1


Please consider the environment before printing this email.

The information contained in this message may be confidential and
proprietary to American Megatrends (AMI). This communication is
intended to be read only by the individual or entity to whom it is
addressed or by their designee. If the reader of this message is not
the intended recipient, you are on notice that any distribution of
this message, in any form, is strictly prohibited. Please promptly
notify the sender by reply e-mail or by telephone at 770-246-8600, and
then delete or destroy all copies of the transmission.
-The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission.


Re: [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in ResetVector

Yao, Jiewen
 

Hey
I am not sure why Min did not response to my latest email.
I did give suggestion in my previous comment.

=====
CcWorkArea.Type = 0;
InitCcWorkAreaSev(); // set Type=1 if SEV
InitCcWorkAreaTdx(); // set Type=2 if TDX
=====

That is option 1.

Thank you
Yao Jiewen

-----Original Message-----
From: Xu, Min M <min.m.xu@intel.com>
Sent: Thursday, July 29, 2021 7:54 PM
To: Brijesh Singh <brijesh.singh@amd.com>; Yao, Jiewen
<jiewen.yao@intel.com>; devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>; Justen, Jordan L
<jordan.l.justen@intel.com>; Erdem Aktas <erdemaktas@google.com>; James
Bottomley <jejb@linux.ibm.com>; Tom Lendacky <thomas.lendacky@amd.com>
Subject: RE: [edk2-devel] [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in
ResetVector

On July 29, 2021 6:08 PM, Brijesh Singh wrote:
On 7/29/21 1:07 AM, Xu, Min M wrote:
On July 29, 2021 12:29 PM, Brijesh Singh wrote:
On 7/28/21 9:44 PM, Xu, Min M wrote:
Jiewen & Singh

From the discussion I am thinking we have below rules to follow to
the design the structure of TEE_WORK_AREA:
1. Design should be flexible but not too complicated 2. Reuse the
current SEV_ES_WORK_AREA (PcdSevEsWorkAreaBase) as
TEE_WORK_AREA 3.
TEE_WORK_AREA should be initialized to all-0 at the beginning of
ResetVecotr 4. Reduce the changes to exiting code if possible

So I try to make below conclusions below: (Please review) 1.
SEV_ES_WORK_AREA is used as the TEE_WORK_AREA by both TDX and
SEV,
maybe in the future it can be used by other CC technologies.

2. In MEMFD, add below initial value. So that TEE_WORK_AREA is
guaranteed to be cleared in legacy guest. In TDX this memory region
is initialized to be all-0 by host VMM. In SEV the memory region is
cleared as well.
0x00B000|0x001000
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpa
ce
Guid.PcdSevEsWorkAreaSize
DATA = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}
Hmm, I thought the contents of the data pages are controlled by the host
VMM.
If the backing pages are not zero filled then there is no guarantee
that memory will be zero.  To verify it:

1. I applied your above change in OvmfPkgX86.fdt. I modified the DATA
values from 0x00 -> 0xCC

2. Modified the SecMain.c to dump the SevEsWorkArea on entry

And dump does not contain the 0xcc.

And to confirm further,  I attached to the qemu with the GDB before
the booting the OVMF, and modified the SevEsWorkArea with some
garbage number  and this time the dump printed garbage value I put
through the debugger.

In summary, the OVMF to zero the workarea memory on the entry and
we
cannot rely on the DATA={0x00, 0x00...} to zero the CCWorkArea.
So in legacy guest, CCWorkArea is cleared to all-0 without the
DATA={0x00,0x00...}, right?

Okay, maybe I was not able to communicate it correctly.

The run I did is for the legacy guest. For the legacy guest, the contents of the
CCWorkArea may *not* be always zero even when you use the DATA={0x00,
0x00...}.

Currently, Qemu uses zero filled backing pages, so we will get a zero filled
CCWorkArea; but nothing says that a backing page *must* be zero.
Another VMM may choose to do things differently. In summary, the OVMF
reset vector code must zero  the CCWorkArea  before calling SEV or TDX
probes.
Ah, I see.
In current CheckSevFeatures, byte[SEV_ES_WORK_AREA] is cleared to0.
Then its values is set based on the result of SEV probe.

There is a bug here. CheckTdxFeatures does the similar work and it sets the
WORK_AREA to 2. If CheckSevFeatures is called after CheckTdxFeatures, then
WORK_AREA is cleared and it is set to 0 because it is not SEV. The value is
override.

I think there are 2 options:
Option 1:
Neither CheckTdxFeatures nor CheckSevFeatures should clear WORK_AREA.
Instead
It should be cleared to 0 outside and before these 2 calls. So in Main16 after
TransitionFromReal16To32BitFlat WORK_AREA is cleared to 0. In Tdx guest this
WORK_AREA
is initialized to 0 by host VMM.

Option 2:
Another option is to figure out a mechanism that only one CheckXXXFeatures is
called.
Since there are 2 entry point in Main.asm: Main16 and Main32.
In Main16 CheckSevFeatures is called after TransitionFromReal16To32BitFlat.
(eax should
be saved because it is used in SetCr3ForPageTables64)
In Main32 CheckTdxFeatures is called after ReloadFlat32.

What's your opinion?


Re: [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in ResetVector

Min Xu
 

On July 29, 2021 6:08 PM, Brijesh Singh wrote:
On 7/29/21 1:07 AM, Xu, Min M wrote:
On July 29, 2021 12:29 PM, Brijesh Singh wrote:
On 7/28/21 9:44 PM, Xu, Min M wrote:
Jiewen & Singh

From the discussion I am thinking we have below rules to follow to
the design the structure of TEE_WORK_AREA:
1. Design should be flexible but not too complicated 2. Reuse the
current SEV_ES_WORK_AREA (PcdSevEsWorkAreaBase) as
TEE_WORK_AREA 3.
TEE_WORK_AREA should be initialized to all-0 at the beginning of
ResetVecotr 4. Reduce the changes to exiting code if possible

So I try to make below conclusions below: (Please review) 1.
SEV_ES_WORK_AREA is used as the TEE_WORK_AREA by both TDX and
SEV,
maybe in the future it can be used by other CC technologies.

2. In MEMFD, add below initial value. So that TEE_WORK_AREA is
guaranteed to be cleared in legacy guest. In TDX this memory region
is initialized to be all-0 by host VMM. In SEV the memory region is
cleared as well.
0x00B000|0x001000
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpa
ce
Guid.PcdSevEsWorkAreaSize
DATA = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}
Hmm, I thought the contents of the data pages are controlled by the host
VMM.
If the backing pages are not zero filled then there is no guarantee
that memory will be zero.  To verify it:

1. I applied your above change in OvmfPkgX86.fdt. I modified the DATA
values from 0x00 -> 0xCC

2. Modified the SecMain.c to dump the SevEsWorkArea on entry

And dump does not contain the 0xcc.

And to confirm further,  I attached to the qemu with the GDB before
the booting the OVMF, and modified the SevEsWorkArea with some
garbage number  and this time the dump printed garbage value I put
through the debugger.

In summary, the OVMF to zero the workarea memory on the entry and
we
cannot rely on the DATA={0x00, 0x00...} to zero the CCWorkArea.
So in legacy guest, CCWorkArea is cleared to all-0 without the
DATA={0x00,0x00...}, right?

Okay, maybe I was not able to communicate it correctly.

The run I did is for the legacy guest. For the legacy guest, the contents of the
CCWorkArea may *not* be always zero even when you use the DATA={0x00,
0x00...}.

Currently, Qemu uses zero filled backing pages, so we will get a zero filled
CCWorkArea; but nothing says that a backing page *must* be zero.
Another VMM may choose to do things differently. In summary, the OVMF
reset vector code must zero  the CCWorkArea  before calling SEV or TDX
probes.
Ah, I see.
In current CheckSevFeatures, byte[SEV_ES_WORK_AREA] is cleared to0.
Then its values is set based on the result of SEV probe.

There is a bug here. CheckTdxFeatures does the similar work and it sets the
WORK_AREA to 2. If CheckSevFeatures is called after CheckTdxFeatures, then
WORK_AREA is cleared and it is set to 0 because it is not SEV. The value is override.

I think there are 2 options:
Option 1:
Neither CheckTdxFeatures nor CheckSevFeatures should clear WORK_AREA. Instead
It should be cleared to 0 outside and before these 2 calls. So in Main16 after
TransitionFromReal16To32BitFlat WORK_AREA is cleared to 0. In Tdx guest this WORK_AREA
is initialized to 0 by host VMM.

Option 2:
Another option is to figure out a mechanism that only one CheckXXXFeatures is called.
Since there are 2 entry point in Main.asm: Main16 and Main32.
In Main16 CheckSevFeatures is called after TransitionFromReal16To32BitFlat. (eax should
be saved because it is used in SetCr3ForPageTables64)
In Main32 CheckTdxFeatures is called after ReloadFlat32.

What's your opinion?


Re: AcpiViewApp is for ARM platform

Sami Mujawar
 

Hi Tiger,

 

AcpiViewApp is an extension to the UEFI Shell debug command ‘acpiview’.  I have not tired it on x86 as I have no means of testing this, but the application should work and dump raw table data.

As it stands Acpiview[App] lacks support for detailed parsing and analysis of the x86 specific ACPI table fields. However, the parsing mechanism itself is designed to be generic and it should be possible to add support for parsing x86 specific ACPI table fields.

 

For example, the GICC parsing is done by the following sections of the code:

https://github.com/tianocore/edk2/blob/master/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c#L101..L124

https://github.com/tianocore/edk2/blob/master/ShellPkg/Library/UefiShellAcpiViewCommandLib/Parsers/Madt/MadtParser.c#L292..L302

 

Support for x86 specific MADT substructures can be added in a similar way.  

 

Please do let me know if you have any queries or need any further information.

 

Regards,

 

Sami Mujawar

 

From: <devel@edk2.groups.io> on behalf of "Tiger Liu(BJ-RD) via groups.io" <tigerliu@...>
Reply to: "devel@edk2.groups.io" <devel@edk2.groups.io>, "tigerliu@..." <tigerliu@...>
Date: Thursday, 29 July 2021 at 04:18
To: "devel@edk2.groups.io" <devel@edk2.groups.io>
Subject: [edk2-devel] AcpiViewApp is for ARM platform

 

Hi, All:

I tried to comple ShellPkg\Application\AcpiViewApp

 

I found the default compiled AcpiViewApp version is for ARM platform

For example:

I used it in shell on a x86 platform, found it checked GICC structure.

 

So, Is there a X86 version?

 

Thanks

 

保密声明:

本邮件含有保密或专有信息,仅供指定收件人使用。严禁对本邮件或其内容做任何未经授权的查阅、使用、复制或转发。

CONFIDENTIAL NOTE:

This email contains confidential or legally privileged information and is for the sole use of its intended recipient. Any unauthorized review, use, copying or forwarding of this email or the content of this email is strictly prohibited.


Re: [PATCH] Maintainers.txt: remove Laszlo Ersek's entries

Zeng, Star
 

I'd like to also say thank you Laszlo.

Star

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Laszlo
Ersek
Sent: Friday, July 9, 2021 7:58 PM
To: Ard Biesheuvel <ardb@kernel.org>
Cc: edk2-devel-groups-io <devel@edk2.groups.io>; Andrew Fish
<afish@apple.com>; Ard Biesheuvel <ardb+tianocore@kernel.org>; Dong,
Eric <eric.dong@intel.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
Leif Lindholm <leif@nuviainc.com>; Kinney, Michael D
<michael.d.kinney@intel.com>; Philippe Mathieu-Daudé
<philmd@redhat.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>; Ni, Ray
<ray.ni@intel.com>; Sami Mujawar <sami.mujawar@arm.com>
Subject: Re: [edk2-devel] [PATCH] Maintainers.txt: remove Laszlo Ersek's
entries

On 07/09/21 09:42, Ard Biesheuvel wrote:
On Thu, 8 Jul 2021 at 09:09, Laszlo Ersek <lersek@redhat.com> wrote:

I'm relinquishing all my roles listed in "Maintainers.txt", for
personal reasons.

My email address <lersek@redhat.com> remains functional.

To my understanding, my employer is working to assign others
engineers to the edk2 project (at their discretion).

Cc: Andrew Fish <afish@apple.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Thanks for shaping the Tianocore project as you have done over the
past years. And apologies for my limited involvement as a
co-maintainer - I hope this was not a dominant factor in your
decision.
I want to be very clear about this: there is *zero* blaming others involved in
my retirement from edk2.

Thank you!
Laszlo


Reviewed-by: Ard Biesheuvel <ardb@kernel.org>

With all the Confidential Computing work going on, we need to get your
position filled asap, although it seems unlikely that we will ever
find someone with the same knowledge level in both EDK2 and QEMU\/virt
topics. Recommendations welcome, I will ask around in Google as well.


---
Maintainers.txt | 4 ----
1 file changed, 4 deletions(-)

diff --git a/Maintainers.txt b/Maintainers.txt index
f4e4c72d0628..e9dda5c5ca0c 100644
--- a/Maintainers.txt
+++ b/Maintainers.txt
@@ -69,7 +69,6 @@ Tianocore Stewards
------------------
F: *
M: Andrew Fish <afish@apple.com>
-M: Laszlo Ersek <lersek@redhat.com>
M: Leif Lindholm <leif@nuviainc.com>
M: Michael D Kinney <michael.d.kinney@intel.com>

@@ -143,7 +142,6 @@ M: Ard Biesheuvel <ardb+tianocore@kernel.org>
ArmVirtPkg
F: ArmVirtPkg/
W: https://github.com/tianocore/tianocore.github.io/wiki/ArmVirtPkg
-M: Laszlo Ersek <lersek@redhat.com>
M: Ard Biesheuvel <ardb+tianocore@kernel.org>
R: Leif Lindholm <leif@nuviainc.com>
R: Sami Mujawar <sami.mujawar@arm.com> @@ -421,7 +419,6 @@ R:
Siyuan
Fu <siyuan.fu@intel.com> OvmfPkg
F: OvmfPkg/
W: http://www.tianocore.org/ovmf/
-M: Laszlo Ersek <lersek@redhat.com>
M: Ard Biesheuvel <ardb+tianocore@kernel.org>
R: Jordan Justen <jordan.l.justen@intel.com>
S: Maintained
@@ -567,7 +564,6 @@ F: UefiCpuPkg/
W: https://github.com/tianocore/tianocore.github.io/wiki/UefiCpuPkg
M: Eric Dong <eric.dong@intel.com>
M: Ray Ni <ray.ni@intel.com>
-R: Laszlo Ersek <lersek@redhat.com>
R: Rahul Kumar <rahul1.kumar@intel.com>

UefiCpuPkg: Sec related modules
--
2.19.1.3.g30247aa5d201




Re: [PATCH 1/1] EmbeddedPkg/VirtualRealTimeClockLib : Fix SetTime issues

Ard Biesheuvel
 

On Fri, 23 Jul 2021 at 18:43, Pete Batard <pete@akeo.ie> wrote:

Hi Sunny,

Good catch for both these issues. Thanks for fixing them.

With this:

On 2021.07.23 10:04, Sunny Wang wrote:
This patch fixes two issues below:
1. SCT SetTime_Func failures.
- https://github.com/pftf/RPi4/issues/164
2. Using shell time and date commands to set time can't work.

The problem is that gRT->SetTime always returns EFI_INVALID_PARAMETER
error status.

The root cause is that LibSetTime() sets RtcEpochSeconds variable with
inconsistent attributes. One is without EFI_VARIABLE_NON_VOLATILE,
the other one is with EFI_VARIABLE_NON_VOLATILE. That caused that the
variable driver returns EFI_INVALID_PARAMETER. Per UEFI spec, if a
preexisting variable is rewritten with different attributes,
SetVariable() shall not modify the variable and shall return
EFI_INVALID_PARAMETER.

Therefore, the solution is to add EFI_VARIABLE_NON_VOLATILE attribute
to the first EfiSetVariable() call to make two calls consistent.

By the way, this patch also fix a minor issue with a debug message.

Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@arm.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jeremy Linton <jeremy.linton@arm.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Pete Batard <pete@akeo.ie>
Cc: Leif Lindholm <leif@nuviainc.com>

Signed-off-by: Sunny Wang <sunny.wang@arm.com>
---
.../VirtualRealTimeClockLib/VirtualRealTimeClockLib.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c
index de6fbb40e6..c10c91bc75 100644
--- a/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c
+++ b/EmbeddedPkg/Library/VirtualRealTimeClockLib/VirtualRealTimeClockLib.c
@@ -4,7 +4,7 @@
*
* Coypright (c) 2019, Pete Batard <pete@akeo.ie>
* Copyright (c) 2018, Andrei Warkentin <andrey.warkentin@gmail.com>
- * Copyright (c) 2011-2014, ARM Ltd. All rights reserved.
+ * Copyright (c) 2011-2021, ARM Ltd. All rights reserved.
* Copyright (c) 2008-2010, Apple Inc. All rights reserved.
* Copyright (c) Microsoft Corporation. All rights reserved.
*
@@ -96,7 +96,7 @@ LibGetTime (
EfiSetVariable (
(CHAR16 *)mEpochVariableName,
&gEfiCallerIdGuid,
- EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (EpochSeconds),
&EpochSeconds
);
@@ -324,7 +324,7 @@ LibSetTime (
DEBUG ((
DEBUG_ERROR,
"LibSetTime: Failed to save %s variable to non-volatile storage, Status = %r\n",
- mDaylightVariableName,
+ mEpochVariableName,
Status
));
return Status;
Reviewed-by: Pete Batard <pete@akeo.ie>
Tested-by: Pete Batard <pete@akeo.ie>
Merged, thanks,


Re: [PATCH v2 1/1] ArmVirtPkg: Remove meaningless comment

Ard Biesheuvel
 

On Wed, 21 Jul 2021 at 10:24, Sami Mujawar <Sami.Mujawar@arm.com> wrote:

Hi Philippe,

Thank you for this patch.

Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Merged, thanks.


Regards,

Sami Mujawar

On 21/07/2021, 09:19, "Philippe Mathieu-Daudé" <philmd@redhat.com> wrote:

From: Philippe Mathieu-Daude <philmd@redhat.com>

The "Shell Embedded Boot Loader" description (added in
commit 6f5872b1f401) does not add any value, remove it.

Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Julien Grall <julien@xen.org>
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
---
ArmVirtPkg/ArmVirt.dsc.inc | 3 ---
ArmVirtPkg/ArmVirtKvmTool.fdf | 3 ---
ArmVirtPkg/ArmVirtXen.fdf | 3 ---
ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc | 3 ---
4 files changed, 12 deletions(-)

diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc
index d9abadbe708c..619b5f0b44c0 100644
--- a/ArmVirtPkg/ArmVirt.dsc.inc
+++ b/ArmVirtPkg/ArmVirt.dsc.inc
@@ -375,9 +375,6 @@ [Components.common]
#
MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf

- #
- # UEFI application (Shell Embedded Boot Loader)
- #
ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf {
<PcdsFixedAtBuild>
gEfiShellPkgTokenSpaceGuid.PcdShellLibAutoInitialize|FALSE
diff --git a/ArmVirtPkg/ArmVirtKvmTool.fdf b/ArmVirtPkg/ArmVirtKvmTool.fdf
index 076155199905..152453dc4bb3 100644
--- a/ArmVirtPkg/ArmVirtKvmTool.fdf
+++ b/ArmVirtPkg/ArmVirtKvmTool.fdf
@@ -173,9 +173,6 @@ [FV.FvMain]
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
INF OvmfPkg/VirtioRngDxe/VirtioRng.inf

- #
- # UEFI application (Shell Embedded Boot Loader)
- #
INF ShellPkg/Application/Shell/Shell.inf
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf

diff --git a/ArmVirtPkg/ArmVirtXen.fdf b/ArmVirtPkg/ArmVirtXen.fdf
index 8fbbc2313aff..9597465cf58a 100644
--- a/ArmVirtPkg/ArmVirtXen.fdf
+++ b/ArmVirtPkg/ArmVirtXen.fdf
@@ -177,9 +177,6 @@ [FV.FvMain]
INF MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
INF MdeModulePkg/Universal/Disk/UdfDxe/UdfDxe.inf

- #
- # UEFI application (Shell Embedded Boot Loader)
- #
INF ShellPkg/Application/Shell/Shell.inf
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
diff --git a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
index 5b1d10057545..26f13f6a2115 100644
--- a/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
+++ b/ArmVirtPkg/ArmVirtQemuFvMain.fdf.inc
@@ -99,9 +99,6 @@ [FV.FvMain]
INF OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
INF OvmfPkg/VirtioRngDxe/VirtioRng.inf

- #
- # UEFI application (Shell Embedded Boot Loader)
- #
INF ShellPkg/Application/Shell/Shell.inf
INF ShellPkg/DynamicCommand/TftpDynamicCommand/TftpDynamicCommand.inf
INF ShellPkg/DynamicCommand/HttpDynamicCommand/HttpDynamicCommand.inf
--
2.31.1


Re: [PATCH V3 06/10] OvmfPkg: Add AmdSev.asm in ResetVector

Brijesh Singh
 

On 7/29/21 1:07 AM, Xu, Min M wrote:
On July 29, 2021 12:29 PM, Brijesh Singh wrote:
On 7/28/21 9:44 PM, Xu, Min M wrote:
Jiewen & Singh

From the discussion I am thinking we have below rules to follow to the
design the structure of TEE_WORK_AREA:
1. Design should be flexible but not too complicated 2. Reuse the
current SEV_ES_WORK_AREA (PcdSevEsWorkAreaBase) as TEE_WORK_AREA 3.
TEE_WORK_AREA should be initialized to all-0 at the beginning of
ResetVecotr 4. Reduce the changes to exiting code if possible

So I try to make below conclusions below: (Please review) 1.
SEV_ES_WORK_AREA is used as the TEE_WORK_AREA by both TDX and SEV,
maybe in the future it can be used by other CC technologies.

2. In MEMFD, add below initial value. So that TEE_WORK_AREA is
guaranteed to be cleared in legacy guest. In TDX this memory region is
initialized to be all-0 by host VMM. In SEV the memory region is cleared as well.
0x00B000|0x001000
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpace
Guid.PcdSevEsWorkAreaSize
DATA = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
}
Hmm, I thought the contents of the data pages are controlled by the host VMM.
If the backing pages are not zero filled then there is no guarantee that memory
will be zero.  To verify it:

1. I applied your above change in OvmfPkgX86.fdt. I modified the DATA values
from 0x00 -> 0xCC

2. Modified the SecMain.c to dump the SevEsWorkArea on entry

And dump does not contain the 0xcc.

And to confirm further,  I attached to the qemu with the GDB before the booting
the OVMF, and modified the SevEsWorkArea with some garbage number  and
this time the dump printed garbage value I put through the debugger.

In summary, the OVMF to zero the workarea memory on the entry and we
cannot rely on the DATA={0x00, 0x00...} to zero the CCWorkArea.
So in legacy guest, CCWorkArea is cleared to all-0 without the DATA={0x00,0x00...}, right?
Okay, maybe I was not able to communicate it correctly.

The run I did is for the legacy guest. For the legacy guest, the
contents of the CCWorkArea may *not* be always zero even when you use
the DATA={0x00, 0x00...}.

Currently, Qemu uses zero filled backing pages, so we will get a zero
filled CCWorkArea; but nothing says that a backing page *must* be zero.
Another VMM may choose to do things differently. In summary, the OVMF
reset vector code must zero  the CCWorkArea  before calling SEV or TDX
probes.

thanks



Did I miss something ?


3. The structure of TEE_WORK_AREA
The current SEV_ES_WORK_AREA is defined as below:
typedef struct {
UINT8 SevEsEnabled;
UINT8 Reserved1[7];
[Others...]
} SEC_SEV_ES_WORK_AREA;

So I think the TEE_WORK_AREA can be:
Byte[0] Type:
0: legacy 1: SEV 2: TDX
Byte[1] Subtype:
If Type is 0, then it is 0
If Type is 1, then it is up to SEV's definition
If Type is 2, then it is up to TDX's definition Byte[] other bytes
are defined based on the Type/Subtype
I personally like Yao Jiewen's struct definition, but I can also live with this one as
well :). The only question I had was with his proposal was what if we remove the
Length and Version fields. If the header length was fixed then life would be much
easier in the ASM code.
Yao Jiewen's structure is like below. If the HeaderVersion/HeaderLength are removed
you will find it is just what I am saying. The first 2 bytes are used to distinguish the
legacy/SEV/TDX. The left bytes are up to the first 2 bytes.
typedef struct {
UINT8 HeaderVersion; // 0
UINT8 HeadLength; // 4
UINT8 Type; // 0 - legacy, 1 - SEV, 2 - TDX
UINT8 SubType; // Type specific sub type, if needed.
} CC_COMMON_WORK_AREA_HEADER;

typedef struct {
CC_COMMON_WORK_AREA_HEADER Header;
// reset is valid if Type == 1
UINT8 Reserved1[4];
UINT64 RandomData;
UINT64 EncryptionMask;
} SEC_SEV_ES_WORK_AREA;

typedef struct {
CC_COMMON_WORK_AREA_HEADER Header;
// reset is valid if Type == 2
UINT8 TdxSpecific[]; // TBD
} TDX_WORK_AREA;

I check the code in SecMain.c.
SevEsIsEnabled() need updated to check SevEsWorkarea->SevEsEnabled == 1,
not non-0.
@Brijesh Singh Is there any other code need update?
As noted before, the SevEsWorkAreas is used to pass the information from the
Sec to PEI phase. The workarea gets reused for totally different purpose after
the PEI phase.
So only the above line in SecMain.c/SevEsIsEnabled() need updated, right?
Thanks!
Xu, Min


Re: [edk2-platforms PATCH 2/7] Marvell: Armada7k8k/OcteonTx: Add missing _STA methods in ACPI tables

Ard Biesheuvel
 

On Thu, 29 Jul 2021 at 11:46, Marcin Wojtas <mw@semihalf.com> wrote:

Hi Ard,

pon., 19 lip 2021 o 17:06 Marcin Wojtas <mw@semihalf.com> napisał(a):

Hi Ard,

pon., 19 lip 2021 o 11:54 Ard Biesheuvel <ardb@kernel.org> napisał(a):

On Mon, 19 Jul 2021 at 11:31, Marcin Wojtas <mw@semihalf.com> wrote:

BBR 1.0 spec says that _STA is required for each device in DSDT or SSDT.
Fix that for all platforms with the Marvell SoC's.
Can we fix the BBR instead? If ACPI itself does not require _STA, BBR
should not require it either.

I consulted with ARM on the matter. SBBR has requirements of things
that are otherwise optional in UEFI/ACPI/SMBIOS. Also some OS's may
require that and I can see those methods in most of the other ACPI
source files in the edk2-platfoms tree. I think the BBR requirements
discussions can follow, but it would be great if this change can be
applied, so that no to block other development.
Do you have any feedback to the patchset and the _STA methods concerns?
Yes. I would like to understand why _STA methods are now mandated by BBR.




Signed-off-by: Marcin Wojtas <mw@semihalf.com>
---
Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl | 56 +++++++++++++++
Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl | 76 ++++++++++++++++++++
Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl | 72 +++++++++++++++++++
Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl | 12 ++++
Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl | 56 +++++++++++++++
5 files changed, 272 insertions(+)

diff --git a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl
index 345c1e4dd6..88e38efeeb 100644
--- a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl
+++ b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl
@@ -20,21 +20,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -42,6 +58,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -67,6 +87,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "MRVL0002") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -96,6 +120,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -123,6 +151,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -142,6 +174,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -160,6 +196,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -186,6 +226,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -208,6 +252,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -286,6 +334,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -312,6 +364,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
diff --git a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl
index 91401c74c8..77d3aebaf1 100644
--- a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl
+++ b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl
@@ -20,21 +20,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -42,6 +58,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -67,6 +87,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -92,6 +116,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0002") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -122,6 +150,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -151,6 +183,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -170,6 +206,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -189,6 +229,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x02) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -207,6 +251,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -233,6 +281,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -251,6 +303,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -309,6 +365,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -327,6 +387,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf4000000 , 0x100000)
@@ -385,6 +449,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -405,6 +473,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF4760000, 0x7D)
@@ -431,6 +503,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
diff --git a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl
index d26945d933..1ecbd0309c 100644
--- a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl
+++ b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl
@@ -19,21 +19,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -41,6 +57,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -91,6 +111,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0002") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -122,6 +146,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -150,6 +178,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -169,6 +201,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -188,6 +224,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x02) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -206,6 +246,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -232,6 +276,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -249,6 +297,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0101") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -283,6 +335,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -322,6 +378,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf4000000 , 0x100000)
@@ -400,6 +460,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -420,6 +484,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF4760000, 0x7D)
@@ -446,6 +514,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
diff --git a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl
index 8377b13763..d6619e367b 100644
--- a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl
+++ b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl
@@ -20,6 +20,10 @@ DefinitionBlock ("Cn9131DbASsdt.aml", "SSDT", 2, "MVEBU ", "CN9131", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -45,6 +49,10 @@ DefinitionBlock ("Cn9131DbASsdt.aml", "SSDT", 2, "MVEBU ", "CN9131", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x02) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -63,6 +71,10 @@ DefinitionBlock ("Cn9131DbASsdt.aml", "SSDT", 2, "MVEBU ", "CN9131", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf4000000 , 0x100000)
diff --git a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl
index d76a2a902b..536df8ab4b 100644
--- a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl
+++ b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl
@@ -20,21 +20,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -42,6 +58,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -67,6 +87,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "MRVL0003") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -98,6 +122,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -126,6 +154,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -145,6 +177,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -163,6 +199,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -189,6 +229,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -211,6 +255,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -289,6 +337,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -315,6 +367,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
--
2.29.0


Re: [PATCH v5 00/11] Measured SEV boot with kernel/initrd/cmdline

Ard Biesheuvel
 

On Wed, 28 Jul 2021 at 19:30, Dov Murik <dovmurik@linux.ibm.com> wrote:


On 28/07/2021 19:41, Yao, Jiewen wrote:
For OvmfPkg, reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
For ArmVirtPkg, acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Thanks Jiewen!

Merged as #1843

Note that I needed to add CryptoPkg/CryptoPkg.dec to the list of
acceptable dependencies in OvmfPkg.ci.yaml for the CI checks to be
able to pass.

Thanks all,


Re: [edk2-platforms PATCH 2/7] Marvell: Armada7k8k/OcteonTx: Add missing _STA methods in ACPI tables

Marcin Wojtas
 

Hi Ard,

pon., 19 lip 2021 o 17:06 Marcin Wojtas <mw@semihalf.com> napisał(a):

Hi Ard,

pon., 19 lip 2021 o 11:54 Ard Biesheuvel <ardb@kernel.org> napisał(a):

On Mon, 19 Jul 2021 at 11:31, Marcin Wojtas <mw@semihalf.com> wrote:

BBR 1.0 spec says that _STA is required for each device in DSDT or SSDT.
Fix that for all platforms with the Marvell SoC's.
Can we fix the BBR instead? If ACPI itself does not require _STA, BBR
should not require it either.

I consulted with ARM on the matter. SBBR has requirements of things
that are otherwise optional in UEFI/ACPI/SMBIOS. Also some OS's may
require that and I can see those methods in most of the other ACPI
source files in the edk2-platfoms tree. I think the BBR requirements
discussions can follow, but it would be great if this change can be
applied, so that no to block other development.
Do you have any feedback to the patchset and the _STA methods concerns?

Best regards,
Marcin



Signed-off-by: Marcin Wojtas <mw@semihalf.com>
---
Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl | 56 +++++++++++++++
Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl | 76 ++++++++++++++++++++
Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl | 72 +++++++++++++++++++
Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl | 12 ++++
Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl | 56 +++++++++++++++
5 files changed, 272 insertions(+)

diff --git a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl
index 345c1e4dd6..88e38efeeb 100644
--- a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl
+++ b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada70x0Db/Dsdt.asl
@@ -20,21 +20,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -42,6 +58,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -67,6 +87,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "MRVL0002") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -96,6 +120,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -123,6 +151,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -142,6 +174,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -160,6 +196,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -186,6 +226,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -208,6 +252,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -286,6 +334,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -312,6 +364,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA7K", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
diff --git a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl
index 91401c74c8..77d3aebaf1 100644
--- a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl
+++ b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0Db/Dsdt.asl
@@ -20,21 +20,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -42,6 +58,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -67,6 +87,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -92,6 +116,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0002") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -122,6 +150,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -151,6 +183,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -170,6 +206,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -189,6 +229,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x02) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -207,6 +251,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -233,6 +281,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -251,6 +303,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -309,6 +365,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -327,6 +387,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf4000000 , 0x100000)
@@ -385,6 +449,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -405,6 +473,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF4760000, 0x7D)
@@ -431,6 +503,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
diff --git a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl
index d26945d933..1ecbd0309c 100644
--- a/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl
+++ b/Silicon/Marvell/Armada7k8k/AcpiTables/Armada80x0McBin/Dsdt.asl
@@ -19,21 +19,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -41,6 +57,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -91,6 +111,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0002") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -122,6 +146,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -150,6 +178,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -169,6 +201,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -188,6 +224,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x02) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -206,6 +246,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -232,6 +276,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -249,6 +297,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "MRVL0101") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -283,6 +335,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -322,6 +378,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf4000000 , 0x100000)
@@ -400,6 +460,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -420,6 +484,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF4760000, 0x7D)
@@ -446,6 +514,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "ARMADA8K", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
diff --git a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl
index 8377b13763..d6619e367b 100644
--- a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl
+++ b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn9131DbA/Ssdt.asl
@@ -20,6 +20,10 @@ DefinitionBlock ("Cn9131DbASsdt.aml", "SSDT", 2, "MVEBU ", "CN9131", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -45,6 +49,10 @@ DefinitionBlock ("Cn9131DbASsdt.aml", "SSDT", 2, "MVEBU ", "CN9131", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x02) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -63,6 +71,10 @@ DefinitionBlock ("Cn9131DbASsdt.aml", "SSDT", 2, "MVEBU ", "CN9131", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x01) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf4000000 , 0x100000)
diff --git a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl
index d76a2a902b..536df8ab4b 100644
--- a/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl
+++ b/Silicon/Marvell/OcteonTx/AcpiTables/T91/Cn913xDbA/Dsdt.asl
@@ -20,21 +20,37 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x000) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU1)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x001) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU2)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x100) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}
Device (CPU3)
{
Name (_HID, "ACPI0007" /* Processor Device */) // _HID: Hardware ID
Name (_UID, 0x101) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
}

Device (AHC0)
@@ -42,6 +58,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "LNRO001E") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CLS, Package (0x03) // _CLS: Class Code
{
0x01,
@@ -67,6 +87,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "MRVL0003") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -98,6 +122,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "MRVL0004") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -126,6 +154,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -145,6 +177,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "PNP0D10") // _HID: Hardware ID
Name (_UID, 0x01) // _UID: Unique ID
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }

Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -163,6 +199,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "MRVL0001") // _HID: Hardware ID
Name (_CID, "HISI0031") // _CID: Compatible ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_ADR, FixedPcdGet64(PcdSerialRegisterBase)) // _ADR: Address
Name (_CRS, ResourceTemplate () // _CRS: Current Resource Settings
{
@@ -189,6 +229,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "MRVL0100") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite,
@@ -211,6 +255,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_HID, "MRVL0110") // _HID: Hardware ID
Name (_CCA, 0x01) // Cache-coherent controller
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xf2000000 , 0x100000)
@@ -289,6 +337,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
{
Name (_HID, "PRP0001") // _HID: Hardware ID
Name (_UID, 0x00) // _UID: Unique ID
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_CRS, ResourceTemplate ()
{
Memory32Fixed (ReadWrite, 0xF2760000, 0x7D)
@@ -315,6 +367,10 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, "MVEBU ", "CN9130", 3)
Name (_SEG, 0x00) // _SEG: PCI Segment
Name (_BBN, 0x00) // _BBN: BIOS Bus Number
Name (_CCA, 0x01) // _CCA: Cache Coherency Attribute
+ Method (_STA) // _STA: Device status
+ {
+ Return (0xF)
+ }
Name (_PRT, Package () // _PRT: PCI Routing Table
{
Package () { 0xFFFF, 0x0, 0x0, 0x40 },
--
2.29.0


Re: [PATCH v6 00/11] Secure Boot default keys

Grzegorz Bernacki
 

Hi,

I will make the fixes and send a new version soon.
thanks,
greg

śr., 28 lip 2021 o 13:07 Ard Biesheuvel <ardb@kernel.org> napisał(a):


On Wed, 28 Jul 2021 at 12:39, Ard Biesheuvel <ardb@kernel.org> wrote:

On Wed, 28 Jul 2021 at 09:44, gaoliming <gaoliming@byosoft.com.cn> wrote:

Sunny:
Yes. This patch set is ready to be merged.

Samer:
Would you help merge this patch set?
I can pick it up if you could please create the release notes entry? Thanks.
Submitted here:

https://github.com/tianocore/edk2/pull/1839

and failed with some errors. Could someone please diagnose/fix and submit a v7?


Thanks
Liming
-----邮件原件-----
发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Sunny Wang
发送时间: 2021年7月21日 11:41
收件人: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>;
devel@edk2.groups.io; gjb@semihalf.com; Ard Biesheuvel
<ardb+tianocore@kernel.org>; gaoliming@byosoft.com.cn; ray.ni@intel.com
抄送: leif@nuviainc.com; mw@semihalf.com; upstream@semihalf.com;
jiewen.yao@intel.com; jian.j.wang@intel.com; min.m.xu@intel.com;
lersek@redhat.com; Sami Mujawar <Sami.Mujawar@arm.com>;
afish@apple.com; jordan.l.justen@intel.com; rebecca@bsdio.com;
grehan@freebsd.org; Thomas Abraham <thomas.abraham@arm.com>;
chasel.chiu@intel.com; nathaniel.l.desimone@intel.com;
eric.dong@intel.com; michael.d.kinney@intel.com; zailiang.sun@intel.com;
yi.qian@intel.com; graeme@nuviainc.com; rad@semihalf.com; pete@akeo.ie;
Sunny Wang <Sunny.Wang@arm.com>
主题: Re: [edk2-devel] [PATCH v6 00/11] Secure Boot default keys

Ard, Liming, Ray, Thanks for your review for ArmVirtPkg, ArmPlatformPkg,
and
EmulatorPkg patches.

As for the patch for Intel Platforms below, it is in another series for
edk2-platforms.
- [edk2-platforms PATCH v6 1/4] Intel Platforms: add
SecureBootVariableLib class resolution
https://edk2.groups.io/g/devel/message/77781

Therefore, I think this series already got all the necessary Reviewed-By
and
Acked-By of all parts and is ready to be pushed now.

Best Regards,
Sunny Wang

-----Original Message-----
From: Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>
Sent: Friday, July 16, 2021 8:00 PM
To: devel@edk2.groups.io; gjb@semihalf.com
Cc: leif@nuviainc.com; ardb+tianocore@kernel.org; Sunny Wang
<Sunny.Wang@arm.com>; mw@semihalf.com; upstream@semihalf.com;
jiewen.yao@intel.com; jian.j.wang@intel.com; min.m.xu@intel.com;
lersek@redhat.com; Sami Mujawar <Sami.Mujawar@arm.com>;
afish@apple.com; ray.ni@intel.com; jordan.l.justen@intel.com;
rebecca@bsdio.com; grehan@freebsd.org; Thomas Abraham
<thomas.abraham@arm.com>; chasel.chiu@intel.com;
nathaniel.l.desimone@intel.com; gaoliming@byosoft.com.cn;
eric.dong@intel.com; michael.d.kinney@intel.com; zailiang.sun@intel.com;
yi.qian@intel.com; graeme@nuviainc.com; rad@semihalf.com; pete@akeo.ie;
Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud@arm.com>
Subject: RE: [edk2-devel] [PATCH v6 00/11] Secure Boot default keys

The v6 of this series seems to have all the necessary Reviewed-By (and
some
Tested-By) of all parts, except the following platform specific parts.
Could we
get help from maintainers to review these please?

Much appreciated!

- ArmVirtPkg : https://edk2.groups.io/g/devel/message/77772
- ArmPlatformPkg: https://edk2.groups.io/g/devel/message/77775
- EmulatorPkg: https://edk2.groups.io/g/devel/message/77773
- Intel Platforms (Platform/Intel/QuarkPlatformPkg,
Platform/Intel/MinPlatformPkg, Platform/Intel/Vlv2TbltDevicePkg):
https://edk2.groups.io/g/devel/message/77781

Thanks,
--Samer





-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
Grzegorz Bernacki via groups.io
Sent: Wednesday, July 14, 2021 8:30 AM
To: devel@edk2.groups.io
Cc: leif@nuviainc.com; ardb+tianocore@kernel.org; Samer
El-Haj-Mahmoud
<Samer.El-Haj-Mahmoud@arm.com>; Sunny Wang
<Sunny.Wang@arm.com>; mw@semihalf.com; upstream@semihalf.com;
jiewen.yao@intel.com; jian.j.wang@intel.com; min.m.xu@intel.com;
lersek@redhat.com; Sami Mujawar <Sami.Mujawar@arm.com>;
afish@apple.com; ray.ni@intel.com; jordan.l.justen@intel.com;
rebecca@bsdio.com; grehan@freebsd.org; Thomas Abraham
<thomas.abraham@arm.com>; chasel.chiu@intel.com;
nathaniel.l.desimone@intel.com; gaoliming@byosoft.com.cn;
eric.dong@intel.com; michael.d.kinney@intel.com; zailiang.sun@intel.com;
yi.qian@intel.com; graeme@nuviainc.com; rad@semihalf.com;
pete@akeo.ie; Grzegorz Bernacki <gjb@semihalf.com>
Subject: [edk2-devel] [PATCH v6 00/11] Secure Boot default keys

This patchset adds support for initialization of default
Secure Boot variables based on keys content embedded in
flash binary. This feature is active only if Secure Boot
is enabled and DEFAULT_KEY is defined. The patchset
consist also application to enroll keys from default
variables and secure boot menu change to allow user
to reset key content to default values.
Discussion on design can be found at:
https://edk2.groups.io/g/rfc/topic/82139806#600

Built with:
GCC
- RISC-V (U500, U540) [requires fixes in dsc to build]
- Intel (Vlv2TbltDevicePkg (X64/IA32), Quark, MinPlatformPkg,
EmulatorPkg (X64), Bhyve, OvmfPkg (X64/IA32))
- ARM (Sgi75,SbsaQemu,DeveloperBox, RPi3/RPi4)

RISC-V, Quark, Vlv2TbltDevicePkg, Bhyve requires additional fixes to be
built,
will be post on edk2 maillist later

VS2019
- Intel (OvmfPkgX64)

Test with:
GCC5/RPi4
VS2019/OvmfX64 (requires changes to enable feature)

Tests:
1. Try to enroll key in incorrect format.
2. Enroll with only PKDefault keys specified.
3. Enroll with all keys specified.
4. Enroll when keys are enrolled.
5. Reset keys values.
6. Running signed & unsigned app after enrollment.

Changes since v1:
- change names:
SecBootVariableLib => SecureBootVariableLib
SecBootDefaultKeysDxe => SecureBootDefaultKeysDxe
SecEnrollDefaultKeysApp => EnrollFromDefaultKeysApp
- change name of function CheckSetupMode to GetSetupMode
- remove ShellPkg dependecy from EnrollFromDefaultKeysApp
- rebase to master

Changes since v2:
- fix coding style for functions headers in SecureBootVariableLib.h
- add header to SecureBootDefaultKeys.fdf.inc
- remove empty line spaces in SecureBootDefaultKeysDxe files
- revert FAIL macro in EnrollFromDefaultKeysApp
- remove functions duplicates and add SecureBootVariableLib
to platforms which used it

Changes since v3:
- move SecureBootDefaultKeys.fdf.inc to ArmPlatformPkg
- leave duplicate of CreateTimeBasedPayload in PlatformVarCleanupLib
- fix typo in guid description

Changes since v4:
- reorder patches to make it bisectable
- split commits related to more than one platform
- move edk2-platform commits to separate patchset

Changes since v5:
- split SecureBootVariableLib into SecureBootVariableLib and
SecureBootVariableProvisionLib

Grzegorz Bernacki (11):
SecurityPkg: Create SecureBootVariableLib.
SecurityPkg: Create library for enrolling Secure Boot variables.
ArmVirtPkg: add SecureBootVariableLib class resolution
OvmfPkg: add SecureBootVariableLib class resolution
EmulatorPkg: add SecureBootVariableLib class resolution
SecurityPkg: Remove duplicated functions from SecureBootConfigDxe.
ArmPlatformPkg: Create include file for default key content.
SecurityPkg: Add SecureBootDefaultKeysDxe driver
SecurityPkg: Add EnrollFromDefaultKeys application.
SecurityPkg: Add new modules to Security package.
SecurityPkg: Add option to reset secure boot keys.

SecurityPkg/SecurityPkg.dec
| 14 +
ArmVirtPkg/ArmVirt.dsc.inc
| 2 +
EmulatorPkg/EmulatorPkg.dsc
| 2 +
OvmfPkg/Bhyve/BhyveX64.dsc
| 2 +
OvmfPkg/OvmfPkgIa32.dsc
| 2 +
OvmfPkg/OvmfPkgIa32X64.dsc
| 2 +
OvmfPkg/OvmfPkgX64.dsc
| 2 +
SecurityPkg/SecurityPkg.dsc
| 5 +
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
| 48 ++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
| 80 +++

SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariablePro
visionLib.inf | 80 +++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
gDxe.inf | 3 +

SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBoot
DefaultKeysDxe.inf | 46 ++
SecurityPkg/Include/Library/SecureBootVariableLib.h
| 153
++++++
SecurityPkg/Include/Library/SecureBootVariableProvisionLib.h
| 134 +++++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
gNvData.h | 2 +

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
g.vfr | 6 +
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
| 110 +++++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
| 511 ++++++++++++++++++++

SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariablePro
visionLib.c | 491 +++++++++++++++++++

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
gImpl.c | 344 ++++++-------

SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBoot
DefaultKeysDxe.c | 69 +++
ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc
| 70
+++
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
| 17 +

SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariablePro
visionLib.uni | 16 +

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
gStrings.uni | 4 +

SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBoot
DefaultKeysDxe.uni | 16 +
27 files changed, 2043 insertions(+), 188 deletions(-)
create mode 100644
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf
create mode 100644
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
create mode 100644
SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariablePro
visionLib.inf
create mode 100644
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBoot
DefaultKeysDxe.inf
create mode 100644
SecurityPkg/Include/Library/SecureBootVariableLib.h
create mode 100644
SecurityPkg/Include/Library/SecureBootVariableProvisionLib.h
create mode 100644
SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c
create mode 100644
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c
create mode 100644
SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariablePro
visionLib.c
create mode 100644
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBoot
DefaultKeysDxe.c
create mode 100644 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc
create mode 100644
SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni
create mode 100644
SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariablePro
visionLib.uni
create mode 100644
SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBoot
DefaultKeysDxe.uni

--
2.25.1





IMPORTANT NOTICE: The contents of this email and any attachments are
confidential and may also be privileged. If you are not the intended
recipient,
please notify the sender immediately and do not disclose the contents to
any
other person, use it for any purpose, or store or copy the information in
any
medium. Thank you.










Re: [edk2-rfc] [edk2-devel] RFC: Common Design Proposal on Confidential Computing Support in OVMF

Ard Biesheuvel
 

On Mon, 26 Jul 2021 at 10:59, Yao, Jiewen <jiewen.yao@intel.com> wrote:

Hi

I would like to raise the topic on a confidential computing support in OVMF.



The main target is AMD SEV feature and Intel TDX feature in OVMF package.



The goal is to create a guidance for our future confidential computing work and to better support review and maintenance.
Hello Jiewen,

Thanks for writing this up. As you know, ARM is a bit behind in the
CCA space, and so I will not be able to take part in these discussions
in great detail.

I will leave it to the contributors and other stakeholders to comment
on your proposal below. To me, it looks reasonable.

--
Ard.






[Background]



AMD is adding AMD Secure Encrypted Virtualization (SEV), SEV-Encrypted State (SEV-ES), SEV-Secure Nested Paging (SEV-SNP) features to OVMF package. (https://developer.amd.com/sev/)

Intel is adding Intel Trust Domain Extensions (TDX) features to OVMF package. (https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html)



Both of them support confidential computing use case.



ARM is creating Realm Management Extension (RME). It might be considered in the future. (https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture)



So we need a good Confidential Computing infrastructure for EDKII.





[Problem Statement]



1) Current OVMF package integrated some AMD SEV features. But not all features.

Some basic SEV features are in OvmfPkg and enabled as default build. Some advanced SEV features are in OvmfPkg/AmdSev and only enable in AmdSev build.

However, the criteria is NOT clear.



It also brings problem when we want to add more TDX stuff. Where we should go?

For example, I feel PlatformBootManagerLibGrub should be in OvmfPkg/AmdSev. Why it is not there?

https://github.com/tianocore/edk2/tree/master/OvmfPkg/Library/PlatformBootManagerLibGrub



We need a clear and consistent rule on where the confidential computing module should go, instead of making ad-hoc decision for each features.



2) Ideally, when we integrate SEV feature or TDX feature, there is some level of isolation, such as

A) standalone driver

B) standalone library

C) standalone file, if it has to be in one module

D) standalone function, if it has to be in one file

The preference is from A to D. A is most preferred. D is least preferred.

As such, when people find something wrong, they can just focus on some SEV or TDX specific files.



We do see good examples, such as SecretDxe (BTW: The name should be SevSecretDxe), AmdSevDxe.

However, some code (ResetVector and Sec) mixed SEV support with normal OVMF code together. That makes it extremely hard to review TDX extensions or maintain a non-SEV code.

https://github.com/tianocore/edk2/blob/master/OvmfPkg/ResetVector/Ia32/PageTables64.asm

https://github.com/tianocore/edk2/blob/master/OvmfPkg/Sec/SecMain.c



For latter (such as ResetVector and Sec), I suggest we make a clear isolation. That can help the reviewer to understand better on SEV flow, TDX flow and normal OVMF flow.



3) We may have more problem. For example, how to align the OVMF design between SEV and TDX?

I think, the most SEV OVMF design is good. The TDX OVMF should just follow. For example,

https://github.com/tianocore/edk2/tree/master/OvmfPkg/IoMmuDxe (BTW: the name should be IoMmuSevDxe)

https://github.com/tianocore/edk2/tree/master/OvmfPkg/Library/BaseMemEncryptSevLib

https://github.com/tianocore/edk2/tree/master/OvmfPkg/Library/VmgExitLib





[Proposal]



The current SEV OVMF design is understandable, because when the SEV code was added years ago, it was the first example. We did not know what would be the best way to handle that, and we did not know what TDX would look like.

Today, we have more concrete answer, and let do some refinement step by step.



Confidential computing (CC) == SEV or TDX (it may include RME in the future)



1) CC Feature support (DSC/FDF)



* Try to limit the impact to existing normal OVMF binary.



1.1 - The OVMF packet common DSC/FDF supports OVMF boot in all CC modes or normal mode.



The one OVMF image can boot in normal OVMF mode, SEV mode, or TDX mode.



1.2 - The OVMF packet common DSC/FDF includes *mature* CC feature.



The minimal scope is the image shall boot to OS successfully.

The maximal scope is the feature shall be adopted by OS and will not change for a period of time.



Any immature, under discussion or under review feature shall NOT be put here, such as attestation.



1.3 - The OVMF package CC specific DSC/FDF includes *all* CC feature.



The CC specific DSC/FDF shall be in OvmfPkg/<Cc> (Cc=AmdSev or IntelTdx).



The full feature scope may include any feature excluded in 1.2.



Once we believe it is mature and it is well cross-evaluated with other CC infrastructure, this feature may be added to 1.2 later. (step by step approach)



2) CC feature module location



* Try to balance the situation: put too many modules under one dir v.s. create too many layers



2.1 - If it is CC hardware architecture compliant (irrelevant to OVMF), it may be put to non-OvmfPkg.



For example, https://github.com/tianocore/edk2/tree/master/MdePkg/Library/BaseIoLibIntrinsic



2.2 - If it is a *basic* OVMF CC feature, it shall be put to OvmfPkg directly.



Basic means the OVMF cannot boot without it.



2.3 - If it is an *advanced* OVMF CC feature, it shall be put to OvmfPkg/<Cc> (Cc=AmdSev or IntelTdx).



Advanced means the OVMF may still boot without it, just lose some functionality.



3) CC feature convergence.



* Try to help design review and maintenance.



3.1 - A CC feature should be standalone module (driver or library), if it is possible.



Good example:

https://github.com/tianocore/edk2/tree/master/OvmfPkg/IoMmuDxe (BTW: the name should be IoMmuSevDxe)

https://github.com/tianocore/edk2/tree/master/OvmfPkg/Library/BaseMemEncryptSevLib

https://github.com/tianocore/edk2/tree/master/OvmfPkg/Library/VmgExitLib



3.2 - If we have to merge CC feature to a module, then the CC related code shall be isolated to a file.



The file name could be Xxx<Cc>.{c,asm}



A common pattern can be used:



3.2.A - C function.



3.2.A.1 - If CC function is a hook, then the main function calls CC function directly. The CC function need implement a CC check function (such as IsSev, or IsTdx). For example:

====================

PreFeatureFunctionHookSev ();

PreFeatureFunctionHookTdx ();

FeatureFunction ();

PostFeatureFunctionHookSev ();

PostFeatureFunctionHookTdx ();

====================

3.2.A.2 - If CC function is a replacement for non-CC function. The main function can check current mode and decide to call which function. For example:

====================

if (IsSev()) {

FeatureFunctionSev();

} else if (IsTdx()) {

FeatureFunctionTdx();

} else {

FeatureFunction();

}

====================



3.2.B - ASM function.



3.2.B.1 - If CC function is a hook, then the main function calls CC function directly. The CC function need implement a CC check function (such as IsSev, or IsTdx). For example:

====================

OneTimeCall PreFeatureFunctionHookSev

OneTimeCall PreFeatureFunctionHookTdx

FeatureFunction:

XXXXXX

FeatureFunctionEnd:

OneTimeCall PostMainFunctionHookSev

OneTimeCall PostMainFunctionHookTdx

====================

3.2.B.2 - If CC function is a replacement for non-CC function. The main function can call CC replacement function, then check the return status to decide next step. For example:

====================

OneTimeCallRet FeatureFunctionSev

Jz FeatureFunctionEnd

OneTimeCallRet FeatureFunctionTdx

Jz FeatureFunctionEnd

FeatureFunction:

XXXXXX

FeatureFunctionEnd:

====================





Thank you

Yao Jiewen









7421 - 7440 of 85721