system76-edk2

Author	SHA1	Message	Date
Michael Roth	f0ed194236	OvmfPkg: Don't make APIC MMIO accesses with encryption bit set For the most part, OVMF will clear the encryption bit for MMIO regions, but there is currently one known exception during SEC when the APIC base address is accessed via MMIO with the encryption bit set for SEV-ES/SEV-SNP guests. In the case of SEV-SNP, this requires special handling on the hypervisor side which may not be available in the future[1], so make the necessary changes in the SEC-configured page table to clear the encryption bit for 4K region containing the APIC base address. [1] https://lore.kernel.org/lkml/20240208002420.34mvemnzrwwsaesw@amd.com/#t Suggested-by: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ard Biesheuvel <ardb@kernel.org> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Jianyong Wu <jianyong.wu@arm.com> Cc: Anatol Belski <anbelski@linux.microsoft.com> Signed-off-by: Michael Roth <michael.roth@amd.com> Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>	2024-05-02 12:43:50 +00:00
Gerd Hoffmann	8d7c48e0e7	OvmfPkg: switch MicrovmX64 to new shell include files Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com> Message-Id: <20240222101358.67818-11-kraxel@redhat.com>	2024-02-25 17:38:07 +00:00
Laszlo Ersek	528ae029ad	OvmfPkg: remove Rule.Common.USER_DEFINED.CSM from all FDF files We no longer have INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf lines in any of the OVMF platform FDF files; remove the CSM rules themselves. (Note that some of the more recent platforms had cargo-culted this rule from the original ones, without ever referencing the rule with RuleOverride=CSM. Remove those rules as well.) Cc: Anatol Belski <anbelski@linux.microsoft.com> Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Corvin Köhne <corvink@freebsd.org> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Jianyong Wu <jianyong.wu@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Rebecca Cran <rebecca@bsdio.com> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=4588 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20231110235820.644381-30-lersek@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Corvin Köhne <corvink@FreeBSD.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>	2023-12-07 18:04:57 +00:00
Laszlo Ersek	d7e41ce340	OvmfPkg: exclude NullMemoryTestDxe driver NullMemoryTestDxe was included in the OVMF platforms in historical commit `999a815e9f` ("OvmfPkg: Add NullMemoryTestDxe driver", 2011-01-21). It produces gEfiGenericMemTestProtocolGuid. With LegacyBiosDxe gone, the only consumer of this protocol in all of edk2 is "EmulatorPkg/Library/PlatformBmLib/PlatformBmMemoryTest.c". Thus, exclude NullMemoryTestDxe from all OVMF platforms. (Notably, ArmVirtPkg platforms don't include NullMemoryTestDxe either.) Cc: Anatol Belski <anbelski@linux.microsoft.com> Cc: Andrei Warkentin <andrei.warkentin@intel.com> Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Corvin Köhne <corvink@freebsd.org> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Jianyong Wu <jianyong.wu@arm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Michael Roth <michael.roth@amd.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Rebecca Cran <rebecca@bsdio.com> Cc: Sunil V L <sunilvl@ventanamicro.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=4588 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Message-Id: <20231110235820.644381-17-lersek@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Corvin Köhne <corvink@FreeBSD.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>	2023-12-07 18:04:57 +00:00
Pedro Falcato	bc59ede170	OvmfPkg/Microvm: Replace the OVMF-specific SataControllerDxe Replace the OVMF-specific SataControllerDxe (to be later removed) with the generic, MdeModulePkg one, for the Microvm platform. Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Gerd Hoffmann <kraxel@redhat.com>	2023-06-01 18:08:33 +00:00
Gerd Hoffmann	c6c4362051	OvmfPkg/VirtioSerialDxe: wire up in OvmfPkg* Add the driver to the ovmf builds. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>	2023-05-04 14:26:58 +00:00
Gerd Hoffmann	1ef86f1201	mv OvmfPkg: move fdf include snippets to Include/Fdf Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>	2022-12-09 14:07:21 +00:00
Gerd Hoffmann	3361336607	Revert "OvmfPkg/Microvm: no secure boot" This reverts commit `60d55c4156`. Now that we have stateless secure boot support (which doesn't need SMM) in OVMF we can enable the build option for MicroVM. Bring it back by reverting the commit removing it. Also add the new PlatformPKProtectionLib. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Ard Biesheuvel <ardb@kernel.org>	2022-10-07 18:14:05 +00:00
Gerd Hoffmann	0223898f3e	OvmfPkg/Microvm: drop CODE and VARS files microvm doesn't support pflash and loads the firmware via -bios, so we can't use the separate CODE and VARS files. Remove them. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2022-06-03 08:14:27 +00:00
Min Xu	c2e7be4055	OvmfPkg: Rename XenTimerDxe to LocalApicTimerDxe BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3711 XenTimerDxe is a local Apic timer driver and it has nothing to do with Xen. So rename it to LocalApicTimerDxe. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Anthony Perard <anthony.perard@citrix.com> Cc: Julien Grall <julien@xen.org> Acked-by: Anthony PERARD <anthony.perard@citrix.com Acked-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>	2022-04-02 08:15:12 +00:00
Gerd Hoffmann	2a68abf6ee	OvmfPkg/Microvm/virtio: add virtio-mmio support Add virtio-mmio support (VirtioMmioDeviceLib and VirtioFdtDxe). With this patch added and a new enough qemu version (6.2+) edk2 will detect virtio-mmio devices, so it is possible to boot from storage (virtio-blk, virtio-scsi) or network (virtio-net). Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3689 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>	2021-12-13 12:16:32 +00:00
Gerd Hoffmann	64ef0dd1d3	OvmfPkg/Microvm/fdt: add device tree support Add fdt parser from EmbeddedPkg (FdtLib and FdtClientDxe) to MicrovmX64. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3689 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>	2021-12-13 12:16:32 +00:00
Sebastien Boeuf	66bce05f6d	OvmfPkg: Generalize AcpiPlatformDxe Don't make the package Qemu centric so that we can introduce some alternative support for other VMMs not using the fw_cfg mechanism. This patch is purely about renaming existing files with no functional change. Reviewed-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>	2021-12-11 14:26:05 +00:00
Philippe Mathieu-Daude	0f1d7477c0	OvmfPkg: Remove unused print service driver (PrintDxe) PrintDxe produces gEfiPrint2ProtocolGuid and gEfiPrint2SProtocolGuid, and those are consumed by the following PrintLib instance: MdeModulePkg/Library/DxePrintLibPrint2Protocol/DxePrintLibPrint2Protocol.inf However, none of the OVMF DSC files contain such a PrintLib class resolution, so none of the OVMF platforms need PrintDxe. Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Suggested-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3744 Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>	2021-12-10 10:02:08 +00:00
Gerd Hoffmann	55f47d2299	OvmfPkg/Microvm: wire up serial console, drop super-io Microvm has no LPC bridge, so drop the PciSioSerialDxe driver. Use SerialDxe instead, with ioport hardcoded to 0x3f8 aka com1 aka ttyS0. With this tianocore boots to uefi shell prompt on the serial console. Direct kernel boot can be used too. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	76602f45dc	OvmfPkg/Microvm: use XenTimerDxe (lapic timer) Microvm has no acpi timer, so go use XenTimerDxe which uses the local apic instead. Set PcdFSBClock to 1000 MHz, which is the lapic timer frequency used by KVM. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	b9dd64b80e	OvmfPkg/Microvm: no emulated scsi Microvm focus is virtio, so go drop support for emulated scsi host adapters. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	6073bf6cd8	OvmfPkg/Microvm: no csm Guests depending on BIOS will probably not work that well with microvm due to legacy hardware being not available. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	06fa1f1931	OvmfPkg/Microvm: no sev Microvm has no SEV support. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	0569c52b15	OvmfPkg/Microvm: no tpm Microvm has no TPM support. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	60d55c4156	OvmfPkg/Microvm: no secure boot Without SMM secure boot isn't actually secure, so drop it too. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	2a49c19b9e	OvmfPkg/Microvm: no smm Microvm has no SMM support. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	4932f05a00	OvmfPkg/Microvm: rename output files, fix includes Rename the firmware volume files (s/OVMF/MICROVM/). Fix includes so they work with microvm config being in a subdirectory. With this patch applied the build works. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00
Gerd Hoffmann	606340fba3	OvmfPkg/Microvm: copy OvmfPkgX64 files as-is Create Microvm subdirectory. Copy OvmfPkgX64 .dsc and .fdf files unmodified as starting point for MicrovmX64. Changes come as separate patches, to simplify patch review and rebases. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3599 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Jiewen Yao <Jiewen.yao@intel.com>	2021-10-05 10:55:39 +00:00

24 Commits