mirror of https://github.com/acidanthera/audk.git
2b80269d98
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 There are below major changes in this commit. 1. SecEntry.nasm In TDX BSP and APs goes to the same entry point in SecEntry.nasm. BSP initialize the temporary stack and then jumps to SecMain, just as legacy Ovmf does. APs spin in a modified mailbox loop using initial mailbox structure. Its structure defition is in OvmfPkg/Include/IndustryStandard/IntelTdx.h. APs wait for command to see if the command is for me. If so execute the command. 2. Sec/SecMain.c When host VMM create the Td guest, the system memory informations are stored in TdHob, which is a memory region described in Tdx metadata. The system memory region in TdHob should be accepted before it can be accessed. So the major task of this patch is to process the TdHobList to accept the memory. After that TDVF follow the standard OVMF flow and jump to PEI phase. PcdUse1GPageTable is set to FALSE by default in OvmfPkgX64.dsc. It gives no chance for Intel TDX to support 1G page table. To support 1G page table this PCD is set to TRUE in OvmfPkgX64.dsc. TDX_GUEST_SUPPORTED is defined in OvmfPkgX64.dsc. This macro wraps the Tdx specific code. TDX only works on X64, so the code is only valid in X64 arch. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> |
||
|---|---|---|
| .. | ||
| MicrovmX64.dsc | ||
| MicrovmX64.fdf | ||
| README | ||
README
This is an *experimental* port of OVMF for the QEMU microvm machine type. microvm background info ----------------------- microvm is designed for modern, virtio-based workloads. Most legacy lpc/isa devices like pit and pic can be turned off. virtio-mmio (i.e. '-device virtio-{blk,net,scsi,...}-device') is used for storage/network/etc. Optional pcie support is available and any pcie device supported by QEMU can be plugged in (including virtio-pci if you prefer that over virtio-mmio). https://qemu.readthedocs.io/en/latest/system/i386/microvm.html https://www.kraxel.org/blog/2020/10/qemu-microvm-acpi/ design issues ------------- Not fully clear yet how to do hardware detection best. Right now using device tree to find virtio-mmio devices and pcie host bridge, can reuse existing ArmVirtPkg code that way. Needs patched QEMU. features -------- [working] serial console [working] direct kernel boot [working] virtio-mmio support [in progress] pcie support known limitations ----------------- * rtc=on is required for now. * can't use separate code/vars (actually an microvm limitation, there is no pflash support). * transitional virtio-pci devices do not work. microvm doesn't support ioports on pcie, and ovmf doesn't initialize pcie devices with ioports if there is no address space for them (even though pcie devices are required to be functional without ioports). usage ----- qemu-system-x86_64 \ -nographic \ -machine microvm,acpi=on,pit=off,pic=off,rtc=on \ -bios /path/to/MICROVM.fd \ [ ... more args here ... ]