a92c51d39e
- kvm-target-i386-Make-invtsc-migratable-when-user-sets-ts.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-Enable-fdp-excptn-only-and-zero-fcs-fds.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-kvm-i386-make-kvm_filter_msr-and-related-definitions.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-kvm-remove-unnecessary-ifdef.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-crypto-Define-macros-for-hash-algorithm-digest-lengt.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Drop-the-check-of-phys_bits-in-host_cpu_rea.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Extract-a-common-fucntion-to-setup-value-of.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Drop-the-variable-smp_cores-and-smp_threads.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Drop-cores_per_pkg-in-cpu_x86_cpuid.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-topology-Update-the-comment-of-x86_apicid_from_.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-topology-Introduce-helpers-for-various-topology.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Track-a-X86CPUTopoInfo-directly-in-CPUX86St.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Hoist-check-of-CPUID_EXT3_TOPOEXT-against-t.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-cpu-Remove-nr_cores-from-struct-CPUState.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Set-up-CPUID_HT-in-x86_cpu_expand_features-.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Set-and-track-CPUID_EXT3_CMP_LEG-in-env-fea.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-Remove-unused-parameter-uint32_t-bit-in-feature.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-Print-CPUID-subleaf-info-for-unsupported.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-sev-Reduce-system-specific-declarations.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-physmem-replace-assertion-with-error.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-redhat-target-i386-add-CPUID-and-MSR-bits-from-Clear.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-qom-reverse-order-of-instance_post_init-calls.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-Remove-AccelCPUClass-cpu_class_init-need.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Consolidate-the-helper-to-get-Host-s-vendor.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-rocker-do-not-pollute-the-namespace.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-linux-headers-Update-to-Linux-v6.14-rc3.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-linux-headers-Update-to-Linux-v6.15-rc3.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-linux-headers-update-from-6.15-kvm-next.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-update-Linux-headers-to-v6.16-rc3.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-update-Linux-headers-to-KVM-tree-master.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-Introduce-tdx-guest-object.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Implement-tdx_kvm_type-for-TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Implement-tdx_kvm_init-to-initialize-TDX-VM.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Get-tdx_capabilities-via-KVM_TDX_CAPABILITI.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Introduce-is_tdx_vm-helper-and-cache-tdx_gu.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-kvm-Introduce-kvm_arch_pre_create_vcpu.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Initialize-TDX-before-creating-TD-vcpus.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Add-property-sept-ve-disable-for-tdx-guest-.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Make-sept_ve_disable-set-by-default.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Wire-CPU-features-up-with-attributes-of-TD-.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Validate-TD-attributes.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Support-user-configurable-mrconfigid-mrowne.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Set-APIC-bus-rate-to-match-with-what-TDX-mo.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Implement-user-specified-tsc-frequency.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-load-TDVF-for-TD-guest.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdvf-Introduce-function-to-parse-TDVF-metadata.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Parse-TDVF-metadata-for-TDX-VM.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Don-t-initialize-pc.rom-for-TDX-VMs.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Track-mem_ptr-for-each-firmware-entry-of-TD.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Track-RAM-entries-for-TDX-VM.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-headers-Add-definitions-from-UEFI-spec-for-volumes-r.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Setup-the-TD-HOB-list.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Add-TDVF-memory-via-KVM_TDX_INIT_MEM_REGION.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Call-KVM_TDX_INIT_VCPU-to-initialize-TDX-vc.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Finalize-TDX-VM.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Enable-user-exit-on-KVM_HC_MAP_GPA_RANGE.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Handle-KVM_SYSTEM_EVENT_TDX_FATAL.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Wire-TDX_REPORT_FATAL_ERROR-with-GuestPanic.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-kvm-Check-KVM_CAP_MAX_VCPUS-at-vm-level.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-introduce-x86_confidential_guest_cpu_instan.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-implement-tdx_cpu_instance_init.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Introduce-enable_cpuid_0x1f-to-force-exposi.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Force-exposing-CPUID-0x1f.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Set-kvm_readonly_mem_enabled-to-false-for-T.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Disable-SMM-for-TDX-VMs.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Disable-PIC-for-TDX-VMs.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Set-and-check-kernel_irqchip-mode-for-TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Don-t-synchronize-guest-tsc-for-TDs.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Only-configure-MSR_IA32_UCODE_REV-in-kvm_in.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-apic-Skip-kvm_apic_put-for-TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-cpu-Don-t-set-vcpu_dirty-when-guest_state_protected.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cgs-Rename-mask_cpuid_features-to-adjust_cpuid_.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Implement-adjust_cpuid_features-for-TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Add-TDX-fixed1-bits-to-supported-CPUIDs.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Add-supported-CPUID-bits-related-to-TD-Attr.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Add-supported-CPUID-bits-relates-to-XFAM.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Add-XFD-to-supported-bit-of-TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Define-supported-KVM-features-for-TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cgs-Introduce-x86_confidential_guest_check_feat.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Fetch-and-validate-CPUID-of-TD-guest.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Don-t-treat-SYSCALL-as-unavailable.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Make-invtsc-default-on.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Validate-phys_bits-against-host-value.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-docs-Add-TDX-documentation.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Fix-build-on-32-bit-host.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdvf-Fix-build-on-32-bit-host.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Move-adjustment-of-CPUID_EXT_PDCM-before-fe.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Error-and-exit-when-named-cpu-model-is-requ.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Rename-enable_cpuid_0x1f-to-force_cpuid_0x1.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Fix-the-typo-of-the-comment-of-struct-TdxGu.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Clarify-the-error-message-of-mrconfigid-mro.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-handle-TDG.VP.VMCALL-GetTdVmCallInfo.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-handle-TDG.VP.VMCALL-GetQuote.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-move-max_features-to-class.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-nvmm-whpx-add-accel-CPU-class-that-sets-.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-allow-reordering-max_x86_cpu_initfn-vs-a.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-move-accel_cpu_instance_init-to-.instanc.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-merge-host_cpu_instance_init-and-host_cp.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Remove-enumeration-of-GetQuote-in-tdx_handl.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Set-value-of-GetTdVmCallInfo-based-on-capab.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-handle-TDVMCALL_SETUP_EVENT_NOTIFY_INTERRUP.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Fix-the-report-of-gpa-in-QAPI.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Remove-task-watch-only-when-it-s-valid.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Don-t-mask-off-CPUID_EXT_PDCM.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Move-x86_ext_save_areas-initialization-to-..patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-target-i386-tdx-fix-locking-for-interrupt-injection.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-cpu-Cleanup-host_cpu_max_instance_init.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-i386-tdx-Remove-the-redundant-qemu_mutex_init-tdx-lo.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-redhat-enable-CONFIG_TDX.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-redhat-allow-5-level-paging-for-TDX-VMs.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-memory-Export-a-helper-to-get-intersection-of-a-Memo.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-memory-Change-memory_region_set_ram_discard_manager-.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-memory-Unify-the-definiton-of-ReplayRamPopulate-and-.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-ram-block-attributes-Introduce-RamBlockAttributes-to.patch [RHEL-15710 RHEL-20798 RHEL-49728] - kvm-physmem-Support-coordinated-discarding-of-RAM-with-g.patch [RHEL-15710 RHEL-20798 RHEL-49728] - Resolves: RHEL-15710 ([Intel 9.7 FEAT] TDX: QEMU Support) - Resolves: RHEL-20798 ([Intel 9.6 FEAT] TDX: host: Virt-QEMU: Add safe device pass-through for TD) - Resolves: RHEL-49728 ([Intel 9.7 FEAT] Virt-QEMU: TDX: Allow to configure apic bus clock)
265 lines
8.4 KiB
Diff
265 lines
8.4 KiB
Diff
From 2e545a2564bcece4b3f1e2baa18e93d81a94b20d Mon Sep 17 00:00:00 2001
|
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
|
Date: Fri, 18 Jul 2025 18:03:46 +0200
|
|
Subject: [PATCH 052/115] i386/tdx: Setup the TD HOB list
|
|
|
|
RH-Author: Paolo Bonzini <pbonzini@redhat.com>
|
|
RH-MergeRequest: 391: TDX support, including attestation and device assignment
|
|
RH-Jira: RHEL-15710 RHEL-20798 RHEL-49728
|
|
RH-Acked-by: Yash Mankad <None>
|
|
RH-Acked-by: Peter Xu <peterx@redhat.com>
|
|
RH-Acked-by: David Hildenbrand <david@redhat.com>
|
|
RH-Commit: [52/115] 789ad8477ccd49c1977e874d30963ebf9ac7f8b3 (bonzini/rhel-qemu-kvm)
|
|
|
|
The TD HOB list is used to pass the information from VMM to TDVF. The TD
|
|
HOB must include PHIT HOB and Resource Descriptor HOB. More details can
|
|
be found in TDVF specification and PI specification.
|
|
|
|
Build the TD HOB in TDX's machine_init_done callback.
|
|
|
|
Co-developed-by: Isaku Yamahata <isaku.yamahata@intel.com>
|
|
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
|
|
Co-developed-by: Sean Christopherson <sean.j.christopherson@intel.com>
|
|
Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com>
|
|
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
|
|
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Reviewed-by: Zhao Liu <zhao1.liu@intel.com>
|
|
Link: https://lore.kernel.org/r/20250508150002.689633-24-xiaoyao.li@intel.com
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
(cherry picked from commit a731425980a4d3f8bb96fc41893b6437672875ee)
|
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
|
---
|
|
hw/i386/meson.build | 2 +-
|
|
hw/i386/tdvf-hob.c | 130 ++++++++++++++++++++++++++++++++++++++++++
|
|
hw/i386/tdvf-hob.h | 26 +++++++++
|
|
target/i386/kvm/tdx.c | 16 ++++++
|
|
4 files changed, 173 insertions(+), 1 deletion(-)
|
|
create mode 100644 hw/i386/tdvf-hob.c
|
|
create mode 100644 hw/i386/tdvf-hob.h
|
|
|
|
diff --git a/hw/i386/meson.build b/hw/i386/meson.build
|
|
index d6d8023664..cbac982039 100644
|
|
--- a/hw/i386/meson.build
|
|
+++ b/hw/i386/meson.build
|
|
@@ -31,7 +31,7 @@ i386_ss.add(when: 'CONFIG_PC', if_true: files(
|
|
'port92.c'))
|
|
i386_ss.add(when: 'CONFIG_X86_FW_OVMF', if_true: files('pc_sysfw_ovmf.c'),
|
|
if_false: files('pc_sysfw_ovmf-stubs.c'))
|
|
-i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c'))
|
|
+i386_ss.add(when: 'CONFIG_TDX', if_true: files('tdvf.c', 'tdvf-hob.c'))
|
|
|
|
subdir('kvm')
|
|
subdir('xen')
|
|
diff --git a/hw/i386/tdvf-hob.c b/hw/i386/tdvf-hob.c
|
|
new file mode 100644
|
|
index 0000000000..782b3d1578
|
|
--- /dev/null
|
|
+++ b/hw/i386/tdvf-hob.c
|
|
@@ -0,0 +1,130 @@
|
|
+/*
|
|
+ * Copyright (c) 2025 Intel Corporation
|
|
+ * Author: Isaku Yamahata <isaku.yamahata at gmail.com>
|
|
+ * <isaku.yamahata at intel.com>
|
|
+ * Xiaoyao Li <xiaoyao.li@intel.com>
|
|
+ *
|
|
+ * SPDX-License-Identifier: GPL-2.0-or-later
|
|
+ */
|
|
+
|
|
+#include "qemu/osdep.h"
|
|
+#include "qemu/error-report.h"
|
|
+#include "standard-headers/uefi/uefi.h"
|
|
+#include "hw/pci/pcie_host.h"
|
|
+#include "tdvf-hob.h"
|
|
+
|
|
+typedef struct TdvfHob {
|
|
+ hwaddr hob_addr;
|
|
+ void *ptr;
|
|
+ int size;
|
|
+
|
|
+ /* working area */
|
|
+ void *current;
|
|
+ void *end;
|
|
+} TdvfHob;
|
|
+
|
|
+static uint64_t tdvf_current_guest_addr(const TdvfHob *hob)
|
|
+{
|
|
+ return hob->hob_addr + (hob->current - hob->ptr);
|
|
+}
|
|
+
|
|
+static void tdvf_align(TdvfHob *hob, size_t align)
|
|
+{
|
|
+ hob->current = QEMU_ALIGN_PTR_UP(hob->current, align);
|
|
+}
|
|
+
|
|
+static void *tdvf_get_area(TdvfHob *hob, uint64_t size)
|
|
+{
|
|
+ void *ret;
|
|
+
|
|
+ if (hob->current + size > hob->end) {
|
|
+ error_report("TD_HOB overrun, size = 0x%" PRIx64, size);
|
|
+ exit(1);
|
|
+ }
|
|
+
|
|
+ ret = hob->current;
|
|
+ hob->current += size;
|
|
+ tdvf_align(hob, 8);
|
|
+ return ret;
|
|
+}
|
|
+
|
|
+static void tdvf_hob_add_memory_resources(TdxGuest *tdx, TdvfHob *hob)
|
|
+{
|
|
+ EFI_HOB_RESOURCE_DESCRIPTOR *region;
|
|
+ EFI_RESOURCE_ATTRIBUTE_TYPE attr;
|
|
+ EFI_RESOURCE_TYPE resource_type;
|
|
+
|
|
+ TdxRamEntry *e;
|
|
+ int i;
|
|
+
|
|
+ for (i = 0; i < tdx->nr_ram_entries; i++) {
|
|
+ e = &tdx->ram_entries[i];
|
|
+
|
|
+ if (e->type == TDX_RAM_UNACCEPTED) {
|
|
+ resource_type = EFI_RESOURCE_MEMORY_UNACCEPTED;
|
|
+ attr = EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED;
|
|
+ } else if (e->type == TDX_RAM_ADDED) {
|
|
+ resource_type = EFI_RESOURCE_SYSTEM_MEMORY;
|
|
+ attr = EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE;
|
|
+ } else {
|
|
+ error_report("unknown TDX_RAM_ENTRY type %d", e->type);
|
|
+ exit(1);
|
|
+ }
|
|
+
|
|
+ region = tdvf_get_area(hob, sizeof(*region));
|
|
+ *region = (EFI_HOB_RESOURCE_DESCRIPTOR) {
|
|
+ .Header = {
|
|
+ .HobType = EFI_HOB_TYPE_RESOURCE_DESCRIPTOR,
|
|
+ .HobLength = cpu_to_le16(sizeof(*region)),
|
|
+ .Reserved = cpu_to_le32(0),
|
|
+ },
|
|
+ .Owner = EFI_HOB_OWNER_ZERO,
|
|
+ .ResourceType = cpu_to_le32(resource_type),
|
|
+ .ResourceAttribute = cpu_to_le32(attr),
|
|
+ .PhysicalStart = cpu_to_le64(e->address),
|
|
+ .ResourceLength = cpu_to_le64(e->length),
|
|
+ };
|
|
+ }
|
|
+}
|
|
+
|
|
+void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *td_hob)
|
|
+{
|
|
+ TdvfHob hob = {
|
|
+ .hob_addr = td_hob->address,
|
|
+ .size = td_hob->size,
|
|
+ .ptr = td_hob->mem_ptr,
|
|
+
|
|
+ .current = td_hob->mem_ptr,
|
|
+ .end = td_hob->mem_ptr + td_hob->size,
|
|
+ };
|
|
+
|
|
+ EFI_HOB_GENERIC_HEADER *last_hob;
|
|
+ EFI_HOB_HANDOFF_INFO_TABLE *hit;
|
|
+
|
|
+ /* Note, Efi{Free}Memory{Bottom,Top} are ignored, leave 'em zeroed. */
|
|
+ hit = tdvf_get_area(&hob, sizeof(*hit));
|
|
+ *hit = (EFI_HOB_HANDOFF_INFO_TABLE) {
|
|
+ .Header = {
|
|
+ .HobType = EFI_HOB_TYPE_HANDOFF,
|
|
+ .HobLength = cpu_to_le16(sizeof(*hit)),
|
|
+ .Reserved = cpu_to_le32(0),
|
|
+ },
|
|
+ .Version = cpu_to_le32(EFI_HOB_HANDOFF_TABLE_VERSION),
|
|
+ .BootMode = cpu_to_le32(0),
|
|
+ .EfiMemoryTop = cpu_to_le64(0),
|
|
+ .EfiMemoryBottom = cpu_to_le64(0),
|
|
+ .EfiFreeMemoryTop = cpu_to_le64(0),
|
|
+ .EfiFreeMemoryBottom = cpu_to_le64(0),
|
|
+ .EfiEndOfHobList = cpu_to_le64(0), /* initialized later */
|
|
+ };
|
|
+
|
|
+ tdvf_hob_add_memory_resources(tdx, &hob);
|
|
+
|
|
+ last_hob = tdvf_get_area(&hob, sizeof(*last_hob));
|
|
+ *last_hob = (EFI_HOB_GENERIC_HEADER) {
|
|
+ .HobType = EFI_HOB_TYPE_END_OF_HOB_LIST,
|
|
+ .HobLength = cpu_to_le16(sizeof(*last_hob)),
|
|
+ .Reserved = cpu_to_le32(0),
|
|
+ };
|
|
+ hit->EfiEndOfHobList = tdvf_current_guest_addr(&hob);
|
|
+}
|
|
diff --git a/hw/i386/tdvf-hob.h b/hw/i386/tdvf-hob.h
|
|
new file mode 100644
|
|
index 0000000000..4fc6a3740a
|
|
--- /dev/null
|
|
+++ b/hw/i386/tdvf-hob.h
|
|
@@ -0,0 +1,26 @@
|
|
+/* SPDX-License-Identifier: GPL-2.0-or-later */
|
|
+
|
|
+#ifndef HW_I386_TD_HOB_H
|
|
+#define HW_I386_TD_HOB_H
|
|
+
|
|
+#include "hw/i386/tdvf.h"
|
|
+#include "target/i386/kvm/tdx.h"
|
|
+
|
|
+void tdvf_hob_create(TdxGuest *tdx, TdxFirmwareEntry *td_hob);
|
|
+
|
|
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_PRIVATE \
|
|
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
|
|
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
|
|
+ EFI_RESOURCE_ATTRIBUTE_TESTED)
|
|
+
|
|
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_UNACCEPTED \
|
|
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
|
|
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
|
|
+ EFI_RESOURCE_ATTRIBUTE_TESTED)
|
|
+
|
|
+#define EFI_RESOURCE_ATTRIBUTE_TDVF_MMIO \
|
|
+ (EFI_RESOURCE_ATTRIBUTE_PRESENT | \
|
|
+ EFI_RESOURCE_ATTRIBUTE_INITIALIZED | \
|
|
+ EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE)
|
|
+
|
|
+#endif
|
|
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
|
|
index d1c7821347..db5d58b600 100644
|
|
--- a/target/i386/kvm/tdx.c
|
|
+++ b/target/i386/kvm/tdx.c
|
|
@@ -21,6 +21,7 @@
|
|
#include "hw/i386/e820_memory_layout.h"
|
|
#include "hw/i386/tdvf.h"
|
|
#include "hw/i386/x86.h"
|
|
+#include "hw/i386/tdvf-hob.h"
|
|
#include "kvm_i386.h"
|
|
#include "tdx.h"
|
|
|
|
@@ -147,6 +148,19 @@ void tdx_set_tdvf_region(MemoryRegion *tdvf_mr)
|
|
tdx_guest->tdvf_mr = tdvf_mr;
|
|
}
|
|
|
|
+static TdxFirmwareEntry *tdx_get_hob_entry(TdxGuest *tdx)
|
|
+{
|
|
+ TdxFirmwareEntry *entry;
|
|
+
|
|
+ for_each_tdx_fw_entry(&tdx->tdvf, entry) {
|
|
+ if (entry->type == TDVF_SECTION_TYPE_TD_HOB) {
|
|
+ return entry;
|
|
+ }
|
|
+ }
|
|
+ error_report("TDVF metadata doesn't specify TD_HOB location.");
|
|
+ exit(1);
|
|
+}
|
|
+
|
|
static void tdx_add_ram_entry(uint64_t address, uint64_t length,
|
|
enum TdxRamType type)
|
|
{
|
|
@@ -281,6 +295,8 @@ static void tdx_finalize_vm(Notifier *notifier, void *unused)
|
|
|
|
qsort(tdx_guest->ram_entries, tdx_guest->nr_ram_entries,
|
|
sizeof(TdxRamEntry), &tdx_ram_entry_compare);
|
|
+
|
|
+ tdvf_hob_create(tdx_guest, tdx_get_hob_entry(tdx_guest));
|
|
}
|
|
|
|
static Notifier tdx_machine_done_notify = {
|
|
--
|
|
2.50.1
|
|
|