[PATCH] OvmfPkg/OvmfPkgX64: Use different CcProbeLib when SMM is on or off


Min Xu
 

CcProbeLib is designed to check the vm guest type. The OvmfPkg/CcProbeLib
reads the OvmfWorkArea (0x80B000) to get the vm guest type which is
written by each guest (SEV or TDX guest). But in SMM drivers the access
to OvmfWorkArea is illegal. PiSmmCpuDxeSmm.inf is an example. It uses
IoLib which in OvmfPkgX64 BaseIoLibIntrinsicSev.inf is included. The
IoLib probes if the working guest is td guest by calling CcProbe().

So CcProbeLibNull will be included when SMM_REQUIRE is set. Currently
only TDVF uses CcProbe to check the guest type, and TDVF doesn't
support SMM, so this fix has no side-effect.

Cc: dann frazier <dann.frazier@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Min Xu <min.m.xu@...>
---
OvmfPkg/OvmfPkgX64.dsc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 71526bba31..db7f4def7a 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -171,7 +171,6 @@
PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
- CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
@@ -198,6 +197,9 @@

!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
+!else
+ CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
!endif
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
--
2.29.2.windows.2


Yao, Jiewen
 

Question: Does this patch need catch release 202205 release?

-----Original Message-----
From: Xu, Min M <min.m.xu@...>
Sent: Tuesday, May 17, 2022 8:43 PM
To: devel@edk2.groups.io
Cc: Xu, Min M <min.m.xu@...>; dann frazier
<dann.frazier@...>; Aktas, Erdem <erdemaktas@...>;
James Bottomley <jejb@...>; Yao, Jiewen <jiewen.yao@...>;
Tom Lendacky <thomas.lendacky@...>
Subject: [PATCH] OvmfPkg/OvmfPkgX64: Use different CcProbeLib when SMM is
on or off

CcProbeLib is designed to check the vm guest type. The OvmfPkg/CcProbeLib
reads the OvmfWorkArea (0x80B000) to get the vm guest type which is
written by each guest (SEV or TDX guest). But in SMM drivers the access
to OvmfWorkArea is illegal. PiSmmCpuDxeSmm.inf is an example. It uses
IoLib which in OvmfPkgX64 BaseIoLibIntrinsicSev.inf is included. The
IoLib probes if the working guest is td guest by calling CcProbe().

So CcProbeLibNull will be included when SMM_REQUIRE is set. Currently
only TDVF uses CcProbe to check the guest type, and TDVF doesn't
support SMM, so this fix has no side-effect.

Cc: dann frazier <dann.frazier@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Min Xu <min.m.xu@...>
---
OvmfPkg/OvmfPkgX64.dsc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 71526bba31..db7f4def7a 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -171,7 +171,6 @@
PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf

PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapP
ciSegmentLib.inf
PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
- CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf

OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/
OemHookStatusCodeLibNull.inf
SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
@@ -198,6 +197,9 @@

!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
+!else
+ CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
!endif

CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize
dDisplayLib.inf

FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLi
b.inf
--
2.29.2.windows.2


dann frazier
 

On Tue, May 17, 2022 at 08:43:14PM +0800, Min Xu wrote:
CcProbeLib is designed to check the vm guest type. The OvmfPkg/CcProbeLib
reads the OvmfWorkArea (0x80B000) to get the vm guest type which is
written by each guest (SEV or TDX guest). But in SMM drivers the access
to OvmfWorkArea is illegal. PiSmmCpuDxeSmm.inf is an example. It uses
IoLib which in OvmfPkgX64 BaseIoLibIntrinsicSev.inf is included. The
IoLib probes if the working guest is td guest by calling CcProbe().

So CcProbeLibNull will be included when SMM_REQUIRE is set. Currently
only TDVF uses CcProbe to check the guest type, and TDVF doesn't
support SMM, so this fix has no side-effect.
This is confirmed to fix the issue I reported, thanks!

Tested-by: dann frazier <dann.frazier@...>

-dann

Cc: dann frazier <dann.frazier@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Min Xu <min.m.xu@...>
---
OvmfPkg/OvmfPkgX64.dsc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 71526bba31..db7f4def7a 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -171,7 +171,6 @@
PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf
PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapPciSegmentLib.inf
PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
- CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
@@ -198,6 +197,9 @@

!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
+!else
+ CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
!endif
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf


dann frazier
 

On Tue, May 17, 2022 at 12:47:21PM +0000, Yao, Jiewen wrote:
Question: Does this patch need catch release 202205 release?
It does fix a regression since 202202, so I'd hope so :)

-dann



-----Original Message-----
From: Xu, Min M <min.m.xu@...>
Sent: Tuesday, May 17, 2022 8:43 PM
To: devel@edk2.groups.io
Cc: Xu, Min M <min.m.xu@...>; dann frazier
<dann.frazier@...>; Aktas, Erdem <erdemaktas@...>;
James Bottomley <jejb@...>; Yao, Jiewen <jiewen.yao@...>;
Tom Lendacky <thomas.lendacky@...>
Subject: [PATCH] OvmfPkg/OvmfPkgX64: Use different CcProbeLib when SMM is
on or off

CcProbeLib is designed to check the vm guest type. The OvmfPkg/CcProbeLib
reads the OvmfWorkArea (0x80B000) to get the vm guest type which is
written by each guest (SEV or TDX guest). But in SMM drivers the access
to OvmfWorkArea is illegal. PiSmmCpuDxeSmm.inf is an example. It uses
IoLib which in OvmfPkgX64 BaseIoLibIntrinsicSev.inf is included. The
IoLib probes if the working guest is td guest by calling CcProbe().

So CcProbeLibNull will be included when SMM_REQUIRE is set. Currently
only TDVF uses CcProbe to check the guest type, and TDVF doesn't
support SMM, so this fix has no side-effect.

Cc: dann frazier <dann.frazier@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Min Xu <min.m.xu@...>
---
OvmfPkg/OvmfPkgX64.dsc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 71526bba31..db7f4def7a 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -171,7 +171,6 @@
PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf

PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapP
ciSegmentLib.inf
PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
- CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf

OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/
OemHookStatusCodeLibNull.inf
SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
@@ -198,6 +197,9 @@

!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
+!else
+ CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
!endif

CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize
dDisplayLib.inf

FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLi
b.inf


Yao, Jiewen
 

Thanks.
Acked-by: Jiewen Yao <Jiewen.yao@...>

Hi Min
Please follow hard free process to proceed.

Reviewed-by: Jiewen Yao <Jiewen.yao@...>

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of dann frazier
Sent: Tuesday, May 17, 2022 11:22 PM
To: Yao, Jiewen <jiewen.yao@...>
Cc: Xu, Min M <min.m.xu@...>; devel@edk2.groups.io; Aktas, Erdem
<erdemaktas@...>; James Bottomley <jejb@...>; Tom
Lendacky <thomas.lendacky@...>
Subject: Re: [edk2-devel] [PATCH] OvmfPkg/OvmfPkgX64: Use different
CcProbeLib when SMM is on or off

On Tue, May 17, 2022 at 12:47:21PM +0000, Yao, Jiewen wrote:
Question: Does this patch need catch release 202205 release?
It does fix a regression since 202202, so I'd hope so :)

-dann



-----Original Message-----
From: Xu, Min M <min.m.xu@...>
Sent: Tuesday, May 17, 2022 8:43 PM
To: devel@edk2.groups.io
Cc: Xu, Min M <min.m.xu@...>; dann frazier
<dann.frazier@...>; Aktas, Erdem <erdemaktas@...>;
James Bottomley <jejb@...>; Yao, Jiewen
<jiewen.yao@...>;
Tom Lendacky <thomas.lendacky@...>
Subject: [PATCH] OvmfPkg/OvmfPkgX64: Use different CcProbeLib when
SMM is
on or off

CcProbeLib is designed to check the vm guest type. The OvmfPkg/CcProbeLib
reads the OvmfWorkArea (0x80B000) to get the vm guest type which is
written by each guest (SEV or TDX guest). But in SMM drivers the access
to OvmfWorkArea is illegal. PiSmmCpuDxeSmm.inf is an example. It uses
IoLib which in OvmfPkgX64 BaseIoLibIntrinsicSev.inf is included. The
IoLib probes if the working guest is td guest by calling CcProbe().

So CcProbeLibNull will be included when SMM_REQUIRE is set. Currently
only TDVF uses CcProbe to check the guest type, and TDVF doesn't
support SMM, so this fix has no side-effect.

Cc: dann frazier <dann.frazier@...>
Cc: Erdem Aktas <erdemaktas@...>
Cc: James Bottomley <jejb@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Tom Lendacky <thomas.lendacky@...>
Signed-off-by: Min Xu <min.m.xu@...>
---
OvmfPkg/OvmfPkgX64.dsc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 71526bba31..db7f4def7a 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -171,7 +171,6 @@
PciCapLib|OvmfPkg/Library/BasePciCapLib/BasePciCapLib.inf

PciCapPciSegmentLib|OvmfPkg/Library/BasePciCapPciSegmentLib/BasePciCapP
ciSegmentLib.inf
PciCapPciIoLib|OvmfPkg/Library/UefiPciCapPciIoLib/UefiPciCapPciIoLib.inf
- CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsicSev.inf

OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/
OemHookStatusCodeLibNull.inf
SerialPortLib|PcAtChipsetPkg/Library/SerialIoLib/SerialIoLib.inf
@@ -198,6 +197,9 @@

!if $(SMM_REQUIRE) == FALSE
LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
+ CcProbeLib|OvmfPkg/Library/CcProbeLib/CcProbeLib.inf
+!else
+ CcProbeLib|MdePkg/Library/CcProbeLibNull/CcProbeLibNull.inf
!endif

CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/Customize
dDisplayLib.inf

FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLi
b.inf