On 04/22/21 21:10, Tom Lendacky wrote: > On 4/22/21 3:39 AM, Laszlo Ersek wrote: >> On 04/22/21 09:34, Laszlo Ersek wrote: >> >>> The new InternalTpmDecryptAddressRange() function should be called >>> from Tcg2ConfigPeimEntryPoint(), before the latter calls >>> InternalTpm12Detect(). Regarding error checking... if >>> InternalTpmDecryptAddressRange() fails, I think we can log an error >>> message, and hang with CpuDeadLoop(). >> > > Unfortunately, this method doesn't work. The OVMF Tcg2ConfigPei.inf file > uses the SecurityPkg Tpm2DeviceLib library. The SecurityPkg Tpm2DeviceLib > library's constructor is called before the OVMF Tcg2ConfigPei constructor. > The Tpm2DeviceLib constructor performs MMIO to the TPM base address and > fails because the pages haven't been marked unencrypted yet by OVMF > Tcg2ConfigPei. Some debug output: > > Loading PEIM at 0x0007F793000 EntryPoint=0x0007F794E4F Tcg2ConfigPei.efi > *** DEBUG: InternalTpm2DeviceLibDTpmCommonConstructor:55 > *** DEBUG: Tpm2GetPtpInterface:425 > *** DEBUG: Tpm2IsPtpPresence:51 > MMIO using encrypted memory: FED40000 > !!!! X64 Exception Type - 0D(#GP - General Protection) CPU Apic ID - > 00000000 !!!!
Thank you for checking this approach. Let me re-review this patch from scratch. Thanks Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74388): https://edk2.groups.io/g/devel/message/74388 Mute This Topic: https://groups.io/mt/82248382/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
