File ovmf-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ig... of Package ovmf.28857

Overview Repositories Revisions Requests Users Attributes Meta

File ovmf-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ignore-Optio.patch of Package ovmf.28857

From c477b2783f6d95b62266f4fff9b0c286ac1d7bb8 Mon Sep 17 00:00:00 2001
From: Min Xu <min.m.xu@intel.com>
Date: Tue, 8 Mar 2022 16:07:16 +0800
Subject: [PATCH] OvmfPkg/IncompatiblePciDeviceSupportDxe: Ignore OptionRom in
 Td guest

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Host VMM may inject OptionRom which is untrusted in Td guest. So PCI
OptionRom needs to be ignored if it is Td guest. According to
"Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage"
PI spec 1.7, type-specific flags can be set to 0 when Address
Translation Offset == 6 to skip device option ROM.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 .../IncompatiblePciDeviceSupport.c            | 46 +++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c b/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c
index f5c03bdf6d..2d385d26ef 100644
--- a/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c
+++ b/OvmfPkg/IncompatiblePciDeviceSupportDxe/IncompatiblePciDeviceSupport.c
@@ -71,6 +71,40 @@ STATIC CONST EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR  mMmio64Configuration = {
                                                    //   use probed BAR size
 };
 
+//
+// mOptionRomConfiguration is present only in Td guest.
+// Host VMM can inject option ROM which is untrusted in Td guest,
+// so PCI option ROM needs to be ignored.
+// According to "Table 20. ACPI 2.0 & 3.0 QWORD Address Space Descriptor Usage"
+// PI spec 1.7, type-specific flags can be set to 0 when
+// Address Translation Offset == 6 to skip device option ROM.
+//
+STATIC CONST EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR  mOptionRomConfiguration =   {
+  ACPI_ADDRESS_SPACE_DESCRIPTOR,                   // Desc
+  (UINT16)(                                        // Len
+                                                   sizeof (EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR) -
+                                                   OFFSET_OF (
+                                                     EFI_ACPI_ADDRESS_SPACE_DESCRIPTOR,
+                                                     ResType
+                                                     )
+                                                   ),
+  ACPI_ADDRESS_SPACE_TYPE_MEM,                     // ResType
+  0,                                               // GenFlag
+  0,                                               // Disable option roms SpecificFlag
+  64,                                              // AddrSpaceGranularity:
+                                                   //   aperture selection hint
+                                                   //   for BAR allocation
+  MAX_UINT64,                                      // AddrRangeMin
+  MAX_UINT64,                                      // AddrRangeMax:
+                                                   //   no special alignment
+                                                   //   for affected BARs
+  6,                                               // AddrTranslationOffset:
+                                                   //   hint covers all
+                                                   //   eligible BARs
+  0                                                // AddrLen:
+                                                   //   use probed BAR size
+};
+
 STATIC CONST EFI_ACPI_END_TAG_DESCRIPTOR  mEndDesc = {
   ACPI_END_TAG_DESCRIPTOR,                         // Desc
   0                                                // Checksum: to be ignored
@@ -227,6 +261,13 @@ CheckDevice (
   //
   Length = sizeof mMmio64Configuration + sizeof mEndDesc;
 
+  //
+  // In Td guest OptionRom is not allowed.
+  //
+  if (TdIsEnabled ()) {
+    Length += sizeof mOptionRomConfiguration;
+  }
+
   *Configuration = AllocateZeroPool (Length);
 
   if (*Configuration == NULL) {
@@ -245,6 +286,11 @@ CheckDevice (
   CopyMem (Ptr, &mMmio64Configuration, sizeof mMmio64Configuration);
   Length = sizeof mMmio64Configuration;
 
+  if (TdIsEnabled ()) {
+    CopyMem (Ptr + Length, &mOptionRomConfiguration, sizeof mOptionRomConfiguration);
+    Length += sizeof mOptionRomConfiguration;
+  }
+
   CopyMem (Ptr + Length, &mEndDesc, sizeof mEndDesc);
 
   return EFI_SUCCESS;
-- 
2.35.3

Places

File ovmf-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ignore-Optio.patch of Package ovmf.28857

Places