diff options
| author | Gerd Hoffmann <kraxel@redhat.com> | 2024-03-01 08:44:00 +0100 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-03-01 18:47:27 +0000 |
| commit | 275d0a39c42ad73a6e4929822f56f5d8c16ede96 (patch) | |
| tree | 1a8d18e00468ad91372b8f270c6fd464a9097338 | |
| parent | 318b0d714a7ef184ceb445d16f63c9687e89b10e (diff) | |
| download | edk2-275d0a39c42ad73a6e4929822f56f5d8c16ede96.tar.gz | |
OvmfPkg/ResetVector: wire up 5-level paging for TDX
BSP workflow is quite simliar to the non-coco case.
TDX_WORK_AREA_PGTBL_READY is used to record the paging mode:
1 == 4-level paging
2 == 5-level paging
APs will look at TDX_WORK_AREA_PGTBL_READY to figure whenever
they should enable 5-level paging or not.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-Id: <20240301074402.98625-9-kraxel@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
[lersek@redhat.com: move "CheckForSev:" label into "%if PG_5_LEVEL" scope,
as discussed with Gerd]
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Oliver Steffen <osteffen@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
[lersek@redhat.com: turn the "Cc:" message headers from Gerd's on-list
posting into "Cc:" tags in the commit message, in order to pacify
"PatchCheck.py"]
| -rw-r--r-- | OvmfPkg/ResetVector/Ia32/IntelTdx.asm | 13 | ||||
| -rw-r--r-- | OvmfPkg/ResetVector/Ia32/PageTables64.asm | 16 |
2 files changed, 28 insertions, 1 deletions
diff --git a/OvmfPkg/ResetVector/Ia32/IntelTdx.asm b/OvmfPkg/ResetVector/Ia32/IntelTdx.asm index c6b86019df..7d775591a0 100644 --- a/OvmfPkg/ResetVector/Ia32/IntelTdx.asm +++ b/OvmfPkg/ResetVector/Ia32/IntelTdx.asm @@ -179,7 +179,7 @@ InitTdx: ;
; Modified: EAX, EDX
;
-; 0-NonTdx, 1-TdxBsp, 2-TdxAps
+; 0-NonTdx, 1-TdxBsp, 2-TdxAps, 3-TdxAps5Level
;
CheckTdxFeaturesBeforeBuildPagetables:
xor eax, eax
@@ -200,6 +200,17 @@ TdxPostBuildPageTables: mov byte[TDX_WORK_AREA_PGTBL_READY], 1
OneTimeCallRet TdxPostBuildPageTables
+%if PG_5_LEVEL
+
+;
+; Set byte[TDX_WORK_AREA_PGTBL_READY] to 2
+;
+TdxPostBuildPageTables5Level:
+ mov byte[TDX_WORK_AREA_PGTBL_READY], 2
+ OneTimeCallRet TdxPostBuildPageTables5Level
+
+%endif
+
;
; Check if TDX is enabled
;
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm index e15945da04..474d22dbfa 100644 --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm @@ -44,6 +44,7 @@ BITS 32 %define TDX_BSP 1
%define TDX_AP 2
+%define TDX_AP_5_LEVEL 3
;
; For OVMF, build some initial page tables at
@@ -214,6 +215,13 @@ SetCr3ForPageTables64: je TdxBspInit
cmp eax, TDX_AP
je SetCr3
+%if PG_5_LEVEL
+ cmp eax, TDX_AP_5_LEVEL
+ jne CheckForSev
+ Enable5LevelPaging
+ jmp SetCr3
+CheckForSev:
+%endif
; Check whether the SEV is active and populate the SevEsWorkArea
OneTimeCall CheckSevFeatures
@@ -253,6 +261,14 @@ TdxBspInit: ; TDX BSP workflow
;
ClearOvmfPageTables
+%if PG_5_LEVEL
+ Check5LevelPaging Tdx4Level
+ CreatePageTables5Level 0
+ OneTimeCall TdxPostBuildPageTables5Level
+ Enable5LevelPaging
+ jmp SetCr3
+Tdx4Level:
+%endif
CreatePageTables4Level 0
OneTimeCall TdxPostBuildPageTables
jmp SetCr3
|