sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

OvmfPkg/IncompatiblePciDeviceSupportDxe: Ignore OptionRom in Td guest

Browse Source 
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Host VMM may inject OptionRom which is untrusted in Td guest. So PCI
OptionRom needs to be ignored if it is Td guest. According to
"Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage"
PI spec 1.7, type-specific flags can be set to 0 when Address
Translation Offset == 6 to skip device option ROM.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
This commit is contained in:
Min Xu
2022-03-08 16:07:16 +08:00
committed by mergify[bot]
parent 149ed8e421
commit c477b2783f
1 changed files with 46 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c
View File

@@ -71,6 +71,40 @@ STATIC CONST EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR mMmio64Configuration = {
// use probed BAR size // use probed BAR size
}; };
//
// mOptionRomConfiguration is present only in Td guest.
// Host VMM can inject option ROM which is untrusted in Td guest,
// so PCI option ROM needs to be ignored.
// According to "Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage"
// PI spec 1.7, type-specific flags can be set to 0 when
// Address Translation Offset == 6 to skip device option ROM.
//
STATIC CONST EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR mOptionRomConfiguration = {
ACPI_ADDRESS_SPACE_DESCRIPTOR, // Desc
(UINT16)( // Len
sizeof (EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR) -
OFFSET_OF (
EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR,
ResType
)
),
ACPI_ADDRESS_SPACE_TYPE_MEM, // ResType
0, // GenFlag
0, // Disable option roms SpecificFlag
64, // AddrSpaceGranularity:
// aperture selection hint
// for BAR allocation
MAX_UINT64, // AddrRangeMin
MAX_UINT64, // AddrRangeMax:
// no special alignment
// for affected BARs
6, // AddrTranslationOffset:
// hint covers all
// eligible BARs
0 // AddrLen:
// use probed BAR size
};
STATIC CONST EFI_ACPI_END_TAG_DESCRIPTOR mEndDesc = { STATIC CONST EFI_ACPI_END_TAG_DESCRIPTOR mEndDesc = {
ACPI_END_TAG_DESCRIPTOR, // Desc ACPI_END_TAG_DESCRIPTOR, // Desc
0 // Checksum: to be ignored 0 // Checksum: to be ignored
@@ -227,6 +261,13 @@ CheckDevice (
// //
Length = sizeof mMmio64Configuration + sizeof mEndDesc; Length = sizeof mMmio64Configuration + sizeof mEndDesc;
//
// In Td guest OptionRom is not allowed.
//
if (TdIsEnabled ()) {
Length += sizeof mOptionRomConfiguration;
}
*Configuration = AllocateZeroPool (Length); *Configuration = AllocateZeroPool (Length);
if (*Configuration == NULL) { if (*Configuration == NULL) {
@@ -245,6 +286,11 @@ CheckDevice (
CopyMem (Ptr, &mMmio64Configuration, sizeof mMmio64Configuration); CopyMem (Ptr, &mMmio64Configuration, sizeof mMmio64Configuration);
Length = sizeof mMmio64Configuration; Length = sizeof mMmio64Configuration;
if (TdIsEnabled ()) {
CopyMem (Ptr + Length, &mOptionRomConfiguration, sizeof mOptionRomConfiguration);
Length += sizeof mOptionRomConfiguration;
}
CopyMem (Ptr + Length, &mEndDesc, sizeof mEndDesc); CopyMem (Ptr + Length, &mEndDesc, sizeof mEndDesc);
return EFI_SUCCESS; return EFI_SUCCESS;