OvmfPkg: Update TdxDxe to set TDX PCDs

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 TDX_PEI_LESS_BOOT indicates the boot without PEI phase. In this case settings in EFI_HOB_PLATFORM_INFO should be set to its according PCDs. TdxDxe driver is workable for both Legacy guest and Tdx guest. It is because for Legacy guest (in PEI-less boot) there should be a place to set the PCDs based on EFI_HOB_PLATFORM_INFO hob. TdxDxe driver is the right place to do this work. Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
2022-01-24 21:03:58 +08:00 · 2022-01-24 21:03:58 +08:00 · 55fda68a80
parent 1f29de4d20
commit 55fda68a80
2 changed files with 69 additions and 1 deletions
--- a/OvmfPkg/TdxDxe/TdxDxe.c
+++ b/OvmfPkg/TdxDxe/TdxDxe.c
@ -24,12 +24,65 @@
 #include <Library/HobLib.h>
 #include <Protocol/Cpu.h>
 #include <Library/UefiBootServicesTableLib.h>
+#include <ConfidentialComputingGuestAttr.h>
 #include <IndustryStandard/Tdx.h>
 #include <Library/PlatformInitLib.h>
 #include <Library/TdxLib.h>
 #include <TdxAcpiTable.h>
 #include <Library/MemEncryptTdxLib.h>

+VOID
+SetPcdSettings (
+  EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  RETURN_STATUS  PcdStatus;
+
+  PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, PlatformInfoHob->PcdConfidentialComputingGuestAttr);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus = PcdSetBoolS (PcdSetNxForStack, PlatformInfoHob->PcdSetNxForStack);
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  DEBUG ((
+    DEBUG_INFO,
+    "HostBridgeDevId=0x%x, CCAttr=0x%x, SetNxForStack=%x\n",
+    PlatformInfoHob->HostBridgeDevId,
+    PlatformInfoHob->PcdConfidentialComputingGuestAttr,
+    PlatformInfoHob->PcdSetNxForStack
+    ));
+
+  PcdStatus = PcdSet32S (PcdCpuBootLogicalProcessorNumber, PlatformInfoHob->PcdCpuBootLogicalProcessorNumber);
+  ASSERT_RETURN_ERROR (PcdStatus);
+  PcdStatus = PcdSet32S (PcdCpuMaxLogicalProcessorNumber, PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber);
+  ASSERT_RETURN_ERROR (PcdStatus);
+
+  DEBUG ((
+    DEBUG_INFO,
+    "MaxCpuCount=0x%x, BootCpuCount=0x%x\n",
+    PlatformInfoHob->PcdCpuMaxLogicalProcessorNumber,
+    PlatformInfoHob->PcdCpuBootLogicalProcessorNumber
+    ));
+
+  if (TdIsEnabled ()) {
+    PcdStatus = PcdSet64S (PcdTdxSharedBitMask, TdSharedPageMask ());
+    ASSERT_RETURN_ERROR (PcdStatus);
+    DEBUG ((DEBUG_INFO, "TdxSharedBitMask=0x%llx\n", PcdGet64 (PcdTdxSharedBitMask)));
+  } else {
+    PcdStatus = PcdSet64S (PcdPciMmio64Base, PlatformInfoHob->PcdPciMmio64Base);
+    ASSERT_RETURN_ERROR (PcdStatus);
+    PcdStatus = PcdSet64S (PcdPciMmio64Size, PlatformInfoHob->PcdPciMmio64Size);
+    ASSERT_RETURN_ERROR (PcdStatus);
+    PcdStatus = PcdSet64S (PcdPciMmio32Base, PlatformInfoHob->PcdPciMmio32Base);
+    ASSERT_RETURN_ERROR (PcdStatus);
+    PcdStatus = PcdSet64S (PcdPciMmio32Size, PlatformInfoHob->PcdPciMmio32Size);
+    ASSERT_RETURN_ERROR (PcdStatus);
+    PcdStatus = PcdSet64S (PcdPciIoBase, PlatformInfoHob->PcdPciIoBase);
+    ASSERT_RETURN_ERROR (PcdStatus);
+    PcdStatus = PcdSet64S (PcdPciIoSize, PlatformInfoHob->PcdPciIoSize);
+    ASSERT_RETURN_ERROR (PcdStatus);
+  }
+}
+
 /**
  Location of resource hob matching type and starting address

@ -187,8 +240,19 @@ TdxDxeEntryPoint (
  PcdStatus = PcdSet16S (PcdOvmfHostBridgePciDevId, PlatformInfo->HostBridgeDevId);
  ASSERT_RETURN_ERROR (PcdStatus);

+ #ifdef TDX_PEI_LESS_BOOT
+  //
+  // For Pei-less boot, PlatformInfo contains more information and
+  // need to set PCDs based on these information.
+  //
+  SetPcdSettings (PlatformInfo);
+ #endif
+
  if (!TdIsEnabled ()) {
-    return EFI_UNSUPPORTED;
+    //
+    // If it is Non-Td guest, we're done.
+    //
+    return EFI_SUCCESS;
  }

  SetMmioSharedBit ();
--- a/OvmfPkg/TdxDxe/TdxDxe.inf
+++ b/OvmfPkg/TdxDxe/TdxDxe.inf
@ -60,5 +60,9 @@
  gUefiOvmfPkgTokenSpaceGuid.PcdPciMmio64Size
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId
  gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber
+  gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
  gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr
+  gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask
+  gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack