Can SEV clear the C-bit in SEC phase? I think that is right way to ensure PCI Express can always be accessed by anyone.
> -----Original Message----- > From: Xu, Min M <min.m...@intel.com> > Sent: Tuesday, April 19, 2022 12:39 PM > To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io > Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem > <erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Tom > Lendacky <thomas.lenda...@amd.com> > Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver > > In AmdSevDxe's entry point it clears the C-bit from PcdPciExpressBaseAddress > and other memory spaces if needed. Please see > https://github.com/tianocore/edk2/blob/master/OvmfPkg/AmdSevDxe/AmdSev > Dxe.c#L81-L95. After that OVMF can use PCI express. > > This broken is caused by the call sequence of TdxDxe driver and AmdSevDxe > driver. Currently TdxDxe driver is loaded before AmdSevDxe, so in SEV-ES guest > the C-bit of PcdPciExpressBaseAddress hasn't been cleared. In this situation > the > access to PciExpressBaseAddress trigger exceptions (lib constructor in > TdxDxe). > > There are 2 options to fix this issue. > 1. Adjust the load sequence of AmdSevDxe and TdxDxe (Load AmdSevDxe before > TdxDxe) > 2. Make TdxDxe to import BasePciLibCf8.inf instead of DxePciLibI440FxQ35.inf > (just like AmdSevDxe) > > Tom and I tested above 2 options in SEV and TDX and all work. > > > -----Original Message----- > > From: Yao, Jiewen <jiewen....@intel.com> > > Sent: Tuesday, April 19, 2022 12:16 PM > > To: Xu, Min M <min.m...@intel.com>; devel@edk2.groups.io > > Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem > > <erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Tom > > Lendacky <thomas.lenda...@amd.com> > > Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe driver > > > > Do you mean, with SEV introduced, OVMF cannot use PCI express any more? > > > > Thank you > > Yao Jiewen > > > > > > > -----Original Message----- > > > From: Xu, Min M <min.m...@intel.com> > > > Sent: Tuesday, April 19, 2022 11:05 AM > > > To: Yao, Jiewen <jiewen....@intel.com>; devel@edk2.groups.io > > > Cc: Brijesh Singh <brijesh.si...@amd.com>; Aktas, Erdem > > > <erdemak...@google.com>; James Bottomley <j...@linux.ibm.com>; Tom > > > Lendacky <thomas.lenda...@amd.com> > > > Subject: RE: [edk2-devel] [PATCH] OvmfPkg: Set PciLib for TdxDxe > > > driver > > > > > > On April 19, 2022 10:54 AM, Yao Jiewen wrote: > > > > > > > > Why does TdxDxe call TdxMailbox in an SEV platform? > > > > Or why does TdxMailbox call SynchronizationLib in an SEV platform? > > > > > > > TdxDxe will not call TdxMailbox/SynchronizationLib in SEV platform. > > > The problem is in the lib constructor. When TdxDxe driver is loaded, > > > before its entry point is called, the lib constructors will be called > > > even in a > > SEV platform. > > > > > > > > There are many places we can do CcProbe to stop action. Why we need > > > > do it in DSC? > > > So we cannot stop the lib constructor with CcProbe in this case. > > > > > > Thanks > > > Min -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89052): https://edk2.groups.io/g/devel/message/89052 Mute This Topic: https://groups.io/mt/90554139/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
