mirror of https://github.com/acidanthera/audk.git
b22ac35b75
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 When host VMM create the Td guest, the system memory informations are stored in TdHob, which is a memory region described in Tdx metadata. The system memory region in TdHob should be accepted before it can be accessed. So the newly added function (ProcessTdxHobList) is to process the TdHobList to accept the memory. Because TdHobList is provided by host VMM which is not trusted, so its content should be checked before it is consumed by TDVF. Because ProcessTdxHobList is to be called in SEC phase, so PlatformInitLib.inf is updated to support SEC. Note: In this patch it is BSP which accepts the pages. So there maybe boot performance issue. There are some mitigations to this issue, such as lazy accept, 2M accept page size, etc. We will re-visit here in the future. EFI_RESOURCE_MEMORY_UNACCEPTED is a new ResourceType in EFI_HOB_RESOURCE_DESCRIPTOR. It is defined for the unaccepted memory passed from Host VMM. This is proposed in microsoft/mu_basecore#66 files#diff-b20a11152d1ce9249c691be5690b4baf52069efadf2e2546cdd2eb663d80c9 e4R237 according to UEFI-Code-First. The proposal was approved in 2021 in UEFI Mantis, and will be added to the new PI.next specification. Per the MdePkg reviewer's comments, before this new ResourceType is added in the PI spec, it should not be in MdePkg. So it is now defined as an internal implementation and will be moved to MdePkg/Include/Pi/PiHob.h after it is added in PI spec. See https://edk2.groups.io/g/devel/message/87641 PcdTdxAcceptPageSize is added for page accepting. Currently TDX supports 4K and 2M accept page size. The default value is 2M. Tdx guest is only supported in X64. So for IA32 ProcessTdxHobList just returns EFI_UNSUPPORTED. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> |
||
|---|---|---|
| .. | ||
| AcpiTimerLib | ||
| BaseCachingPciExpressLib | ||
| BaseMemEncryptSevLib | ||
| BasePciCapLib | ||
| BasePciCapPciSegmentLib | ||
| BhyveFwCtlLib | ||
| BlobVerifierLibNull | ||
| DxePciLibI440FxQ35 | ||
| EmuVariableFvbLib | ||
| GenericQemuLoadImageLib | ||
| LoadLinuxLib | ||
| LockBoxLib | ||
| NvVarsFileLib | ||
| PciHostBridgeLib | ||
| PciHostBridgeLibScan | ||
| PciHostBridgeUtilityLib | ||
| PlatformBmPrintScLib | ||
| PlatformBootManagerLib | ||
| PlatformBootManagerLibBhyve | ||
| PlatformBootManagerLibGrub | ||
| PlatformDebugLibIoPort | ||
| PlatformFvbLibNull | ||
| PlatformHasIoMmuLib | ||
| PlatformInitLib | ||
| PlatformSecureLib | ||
| PxeBcPcdProducerLib | ||
| QemuBootOrderLib | ||
| QemuFwCfgLib | ||
| QemuFwCfgS3Lib | ||
| QemuFwCfgSimpleParserLib | ||
| ResetSystemLib | ||
| SerializeVariablesLib | ||
| SmbiosVersionLib | ||
| SmmCpuFeaturesLib | ||
| SmmCpuPlatformHookLibQemu | ||
| Tcg2PhysicalPresenceLibNull | ||
| Tcg2PhysicalPresenceLibQemu | ||
| TdxMailboxLib | ||
| TlsAuthConfigLib | ||
| UefiPciCapPciIoLib | ||
| VirtioLib | ||
| VirtioMmioDeviceLib | ||
| VmgExitLib | ||
| X86QemuLoadImageLib | ||
| XenConsoleSerialPortLib | ||
| XenHypercallLib | ||
| XenIoMmioLib | ||
| XenPlatformLib | ||
| XenRealTimeClockLib | ||