Tdvf One Binary

ArmVirtPkg/ArmVirt.dsc.inc

@@ -290,7 +290,7 @@
 [PcdsFixedAtBuild.common]
   gEfiMdePkgTokenSpaceGuid.PcdMaximumUnicodeStringLength|1000000
   gEfiMdePkgTokenSpaceGuid.PcdMaximumAsciiStringLength|1000000
-  gEfiMdePkgTokenSpaceGuid.PcdMaximumLinkedListLength|1000000
+  gEfiMdePkgTokenSpaceGuid.PcdMaximumLinkedListLength|0
   gEfiMdePkgTokenSpaceGuid.PcdSpinLockTimeout|10000000
   gEfiMdePkgTokenSpaceGuid.PcdUefiLibMaxPrintBufferSize|320
 

CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf

@@ -0,0 +1,68 @@
+## @file
+#  Cryptographic Library Instance for SEC.
+#
+#  Caution: This module requires additional review when modified.
+#  This library will have external input - signature.
+#  This external input must be validated carefully to avoid security issues such as
+#  buffer overflow or integer overflow.
+#
+#  Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = SecCryptLib
+  MODULE_UNI_FILE                = SecCryptLib.uni
+  FILE_GUID                      = 3689D343-0D32-4284-8053-BF10537990E8
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = BaseCryptLib|SEC
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = X64
+#
+
+[Sources]
+  InternalCryptLib.h
+  Hash/CryptSha512.c
+
+  SysCall/CrtWrapper.c
+  SysCall/ConstantTimeClock.c
+  SysCall/BaseMemAllocation.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  MemoryAllocationLib
+  DebugLib
+  OpensslLib
+  IntrinsicLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+  #
+  # suppress the following warnings so we do not break the build with warnings-as-errors:
+  # C4090: 'function' : different 'const' qualifiers
+  # C4718: 'function call' : recursive call has no side effects, deleting
+  #
+  MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718
+
+  # -JCryptoPkg/Include : To disable the use of the system includes provided by RVCT
+  # --diag_remark=1     : Reduce severity of "#1-D: last line of file ends without a newline"
+  RVCT:*_*_ARM_CC_FLAGS = -JCryptoPkg/Include --diag_remark=1
+
+  GCC:*_CLANG35_*_CC_FLAGS = -std=c99
+  GCC:*_CLANG38_*_CC_FLAGS = -std=c99
+  GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types
+
+  XCODE:*_*_*_CC_FLAGS = -std=c99

CryptoPkg/Library/BaseCryptLib/SecCryptLib.uni

@@ -0,0 +1,25 @@
+// /** @file
+// Cryptographic Library Instance for PEIM.
+//
+// Caution: This module requires additional review when modified.
+// This library will have external input - signature.
+// This external input must be validated carefully to avoid security issues such as
+// buffer overflow or integer overflow.
+//
+// Note: AES
+// functions, RSA external functions, PKCS#7 SignedData sign functions,
+// Diffie-Hellman functions, X.509 certificate handler functions, authenticode
+// signature verification functions, PEM handler functions, and pseudorandom number
+// generator functions are not supported in this instance.
+//
+// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "Cryptographic Library Instance for PEIM"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: AES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
+

MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf

@@ -73,6 +73,7 @@
   BaseLib
   UefiDriverEntryPoint
   DebugLib
+  TdxProbeLib
 
 [Protocols]
   gEfiPciHotPlugRequestProtocolGuid               ## SOMETIMES_PRODUCES

MdeModulePkg/Bus/Pci/PciBusDxe/PciEnumerator.c

@@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include "PciBus.h"
 
+#include <Library/TdxProbeLib.h>
+
 /**
   This routine is used to enumerate entire pci bus system
   in a given platform.
@@ -533,6 +535,9 @@ GetMaxOptionRomSize (
   UINT32          TempOptionRomSize;
 
   MaxOptionRomSize = 0;
+  if(ProbeTdGuest()) {
+    return 0;
+  }
 
   //
   // Go through bridges to reach all devices

MdeModulePkg/Core/Dxe/DxeMain.h

@@ -289,6 +289,8 @@ extern EFI_RUNTIME_ARCH_PROTOCOL                gRuntimeTemplate;
 
 extern EFI_LOAD_FIXED_ADDRESS_CONFIGURATION_TABLE    gLoadModuleAtFixAddressConfigurationTable;
 extern BOOLEAN                                       gLoadFixedAddressCodeMemoryReady;
+
+extern BOOLEAN                                       gTdGuest;
 //
 // Service Initialization Functions
 //

MdeModulePkg/Core/Dxe/DxeMain.inf

@@ -94,6 +94,7 @@
   DebugAgentLib
   CpuExceptionHandlerLib
   PcdLib
+  TdxProbeLib
 
 [Guids]
   gEfiEventMemoryMapChangeGuid                  ## PRODUCES             ## Event

MdeModulePkg/Core/Dxe/DxeMain/DxeMain.c

@@ -7,6 +7,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
 
 #include "DxeMain.h"
+#include <Library/TdxProbeLib.h>
+
+BOOLEAN gTdGuest = FALSE;
 
 //
 // DXE Core Global Variables for Protocols from PEI
@@ -244,6 +247,11 @@ DxeMain (
   EFI_VECTOR_HANDOFF_INFO       *VectorInfo;
   VOID                          *EntryPoint;
 
+  //
+  // Check whether it is of Td guest
+  //
+  gTdGuest = ProbeTdGuest();
+
   //
   // Setup the default exception handlers
   //

MdeModulePkg/Core/Dxe/FwVol/FwVolRead.c

@@ -1,7 +1,7 @@
 /** @file
   Implements functions to read firmware file
 
-Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2021, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -128,6 +128,7 @@ FvGetNextFile (
   UINTN                                       *KeyValue;
   LIST_ENTRY                                  *Link;
   FFS_FILE_LIST_ENTRY                         *FfsFileEntry;
+  UINTN                                       MaxFileType;
 
   FvDevice = FV_DEVICE_FROM_THIS (This);
 
@@ -143,7 +144,16 @@ FvGetNextFile (
     return EFI_ACCESS_DENIED;
   }
 
-  if (*FileType > EFI_FV_FILETYPE_MM_CORE_STANDALONE) {
+  //
+  // Td guest doesn't support SMM
+  //
+  if(gTdGuest) {
+    MaxFileType = EFI_FV_FILETYPE_SMM_CORE;
+  } else {
+    MaxFileType = EFI_FV_FILETYPE_MM_CORE_STANDALONE;
+  }
+
+  if (*FileType > MaxFileType) {
     //
     // File type needs to be in 0 - 0x0F
     //

MdeModulePkg/Core/Dxe/Gcd/Gcd.c

@@ -35,6 +35,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #define PRESENT_MEMORY_ATTRIBUTES     (EFI_RESOURCE_ATTRIBUTE_PRESENT)
 
+// TDX
+#define EXCLUSIVE_MEMORY_ATTRIBUTES   (EFI_MEMORY_UC | EFI_MEMORY_WC | \
+                                       EFI_MEMORY_WT | EFI_MEMORY_WB | \
+                                       EFI_MEMORY_WP | EFI_MEMORY_UCE)
+
+#define NONEXCLUSIVE_MEMORY_ATTRIBUTES (EFI_MEMORY_XP | EFI_MEMORY_RP | \
+                                        EFI_MEMORY_RO)
+
 //
 // Module Variables
 //
@@ -74,6 +82,9 @@ EFI_GCD_MAP_ENTRY mGcdIoSpaceMapEntryTemplate = {
   NULL,
   NULL
 };
+// TD
+#define EFI_RESOURCE_ATTRIBUTE_ENCRYPTED            0x04000000
+
 
 GCD_ATTRIBUTE_CONVERSION_ENTRY mAttributeConversionTable[] = {
   { EFI_RESOURCE_ATTRIBUTE_UNCACHEABLE,             EFI_MEMORY_UC,              TRUE  },
@@ -90,6 +101,7 @@ GCD_ATTRIBUTE_CONVERSION_ENTRY mAttributeConversionTable[] = {
   { EFI_RESOURCE_ATTRIBUTE_TESTED,                  EFI_MEMORY_TESTED,          FALSE },
   { EFI_RESOURCE_ATTRIBUTE_PERSISTABLE,             EFI_MEMORY_NV,              TRUE  },
   { EFI_RESOURCE_ATTRIBUTE_MORE_RELIABLE,           EFI_MEMORY_MORE_RELIABLE,   TRUE  },
+  { EFI_RESOURCE_ATTRIBUTE_ENCRYPTED,               EFI_MEMORY_CPU_CRYPTO,      TRUE  }, // TDX
   { 0,                                              0,                          FALSE }
 };
 
@@ -658,7 +670,11 @@ ConverToCpuArchAttributes (
 {
   UINT64      CpuArchAttributes;
 
-  CpuArchAttributes = Attributes & EFI_MEMORY_ATTRIBUTE_MASK;
+  if(gTdGuest) {
+    CpuArchAttributes = Attributes & NONEXCLUSIVE_MEMORY_ATTRIBUTES;
+  } else {
+    CpuArchAttributes = Attributes & EFI_MEMORY_ATTRIBUTE_MASK;
+  }
 
   if ( (Attributes & EFI_MEMORY_UC) == EFI_MEMORY_UC) {
     CpuArchAttributes |= EFI_MEMORY_UC;
@@ -944,7 +960,11 @@ CoreConvertSpace (
         // Keep original CPU arch attributes when caller just calls
         // SetMemorySpaceAttributes() with none CPU arch attributes (for example, RUNTIME).
         //
-        Attributes |= (Entry->Attributes & (EFI_CACHE_ATTRIBUTE_MASK | EFI_MEMORY_ATTRIBUTE_MASK));
+        if(gTdGuest) {
+          Attributes |= (Entry->Attributes & (EXCLUSIVE_MEMORY_ATTRIBUTES | NONEXCLUSIVE_MEMORY_ATTRIBUTES));
+        } else {
+          Attributes |= (Entry->Attributes & (EFI_CACHE_ATTRIBUTE_MASK | EFI_MEMORY_ATTRIBUTE_MASK));
+        }
       }
       Entry->Attributes = Attributes;
       break;
@@ -2289,7 +2309,9 @@ CoreInitializeMemoryServices (
     Attributes  = PhitResourceHob->ResourceAttribute;
     BaseAddress = PageAlignAddress (PhitHob->EfiMemoryTop);
     Length      = PageAlignLength  (ResourceHob->PhysicalStart + ResourceHob->ResourceLength - BaseAddress);
-    FindLargestFreeRegion (&BaseAddress, &Length, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
+    if(!gTdGuest) {
+      FindLargestFreeRegion (&BaseAddress, &Length, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
+    }
     if (Length < MinimalMemorySizeNeeded) {
       //
       // If that range is not large enough to intialize the DXE Core, then
@@ -2305,7 +2327,9 @@ CoreInitializeMemoryServices (
         //
         BaseAddress = PageAlignAddress (ResourceHob->PhysicalStart);
         Length      = PageAlignLength  ((UINT64)((UINTN)*HobStart - BaseAddress));
-        FindLargestFreeRegion (&BaseAddress, &Length, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
+        if(!gTdGuest) {
+          FindLargestFreeRegion (&BaseAddress, &Length, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
+        }
       }
     }
     break;
@@ -2369,7 +2393,9 @@ CoreInitializeMemoryServices (
       //
       TestedMemoryBaseAddress = PageAlignAddress (ResourceHob->PhysicalStart);
       TestedMemoryLength      = PageAlignLength  (ResourceHob->PhysicalStart + ResourceHob->ResourceLength - TestedMemoryBaseAddress);
-      FindLargestFreeRegion (&TestedMemoryBaseAddress, &TestedMemoryLength, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
+      if(!gTdGuest) {
+        FindLargestFreeRegion (&TestedMemoryBaseAddress, &TestedMemoryLength, (EFI_HOB_MEMORY_ALLOCATION *)GetFirstHob (EFI_HOB_TYPE_MEMORY_ALLOCATION));
+      }
       if (TestedMemoryLength < MinimalMemorySizeNeeded) {
         continue;
       }

MdeModulePkg/Core/Dxe/Mem/Page.c

@@ -1856,8 +1856,14 @@ CoreGetMemoryMap (
       MemoryMap->PhysicalStart = MergeGcdMapEntry.BaseAddress;
       MemoryMap->VirtualStart  = 0;
       MemoryMap->NumberOfPages = RShiftU64 ((MergeGcdMapEntry.EndAddress - MergeGcdMapEntry.BaseAddress + 1), EFI_PAGE_SHIFT);
-      MemoryMap->Attribute     = (MergeGcdMapEntry.Attributes & ~EFI_MEMORY_PORT_IO) |
+      if(gTdGuest) {
+        MemoryMap->Attribute   = (MergeGcdMapEntry.Attributes & ~EFI_MEMORY_PORT_IO) |
+                                (MergeGcdMapEntry.Capabilities & (EFI_MEMORY_RP | EFI_MEMORY_WP | EFI_MEMORY_XP | EFI_MEMORY_RO |
+                                EFI_MEMORY_UC | EFI_MEMORY_UCE | EFI_MEMORY_WC | EFI_MEMORY_WT | EFI_MEMORY_WB));
+      } else {
+        MemoryMap->Attribute   = (MergeGcdMapEntry.Attributes & ~EFI_MEMORY_PORT_IO) |
                                 (MergeGcdMapEntry.Capabilities & (EFI_CACHE_ATTRIBUTE_MASK | EFI_MEMORY_ATTRIBUTE_MASK));
+      }
 
       if (MergeGcdMapEntry.GcdMemoryType == EfiGcdMemoryTypeReserved) {
         MemoryMap->Type = EfiReservedMemoryType;
@@ -1890,8 +1896,14 @@ CoreGetMemoryMap (
       MemoryMap->PhysicalStart = MergeGcdMapEntry.BaseAddress;
       MemoryMap->VirtualStart  = 0;
       MemoryMap->NumberOfPages = RShiftU64 ((MergeGcdMapEntry.EndAddress - MergeGcdMapEntry.BaseAddress + 1), EFI_PAGE_SHIFT);
-      MemoryMap->Attribute     = MergeGcdMapEntry.Attributes | EFI_MEMORY_NV |
+      if(gTdGuest) {
+        MemoryMap->Attribute   = MergeGcdMapEntry.Attributes | EFI_MEMORY_NV |
+                                (MergeGcdMapEntry.Capabilities & (EFI_MEMORY_RP | EFI_MEMORY_WP | EFI_MEMORY_XP | EFI_MEMORY_RO |
+                                EFI_MEMORY_UC | EFI_MEMORY_UCE | EFI_MEMORY_WC | EFI_MEMORY_WT | EFI_MEMORY_WB));
+      } else {
+        MemoryMap->Attribute   = MergeGcdMapEntry.Attributes | EFI_MEMORY_NV |
                                 (MergeGcdMapEntry.Capabilities & (EFI_CACHE_ATTRIBUTE_MASK | EFI_MEMORY_ATTRIBUTE_MASK));
+      }
       MemoryMap->Type          = EfiPersistentMemory;
 
       //
@@ -1933,7 +1945,12 @@ CoreGetMemoryMap (
   MemoryMapEnd = MemoryMap;
   MemoryMap = MemoryMapStart;
   while (MemoryMap < MemoryMapEnd) {
-    MemoryMap->Attribute &= ~(UINT64)EFI_MEMORY_ACCESS_MASK;
+    if(gTdGuest) {
+      MemoryMap->Attribute &= ~(UINT64)(EFI_MEMORY_RP | EFI_MEMORY_RO |
+                                      EFI_MEMORY_XP);
+    } else {
+      MemoryMap->Attribute &= ~(UINT64)EFI_MEMORY_ACCESS_MASK;
+    }
     MemoryMap = NEXT_MEMORY_DESCRIPTOR (MemoryMap, Size);
   }
   MergeMemoryMap (MemoryMapStart, &BufferSize, Size);

MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c

@@ -42,6 +42,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "DxeMain.h"
 #include "Mem/HeapGuard.h"
 
+// TD
+#define CACHE_ATTRIBUTE_MASK   (EFI_MEMORY_UC | EFI_MEMORY_WC | EFI_MEMORY_WT | EFI_MEMORY_WB | EFI_MEMORY_UCE | EFI_MEMORY_WP)
+#define MEMORY_ATTRIBUTE_MASK  (EFI_MEMORY_RP | EFI_MEMORY_XP | EFI_MEMORY_RO)
+
 //
 // Image type definitions
 //
@@ -218,7 +222,11 @@ SetUefiImageMemoryAttributes (
   Status = CoreGetMemorySpaceDescriptor(BaseAddress, &Descriptor);
   ASSERT_EFI_ERROR(Status);
 
-  FinalAttributes = (Descriptor.Attributes & EFI_CACHE_ATTRIBUTE_MASK) | (Attributes & EFI_MEMORY_ATTRIBUTE_MASK);
+  if(gTdGuest) {
+    FinalAttributes = (Descriptor.Attributes & CACHE_ATTRIBUTE_MASK) | (Attributes & MEMORY_ATTRIBUTE_MASK);
+  } else {
+    FinalAttributes = (Descriptor.Attributes & EFI_CACHE_ATTRIBUTE_MASK) | (Attributes & EFI_MEMORY_ATTRIBUTE_MASK);
+  }
 
   DEBUG ((DEBUG_INFO, "SetUefiImageMemoryAttributes - 0x%016lx - 0x%016lx (0x%016lx)\n", BaseAddress, Length, FinalAttributes));
 
@@ -920,8 +928,13 @@ InitializeDxeNxMemoryProtectionPolicy (
           (Entry->Capabilities & (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED | EFI_MEMORY_TESTED)) ==
             (EFI_MEMORY_PRESENT | EFI_MEMORY_INITIALIZED)) {
 
-        Attributes = GetPermissionAttributeForMemoryType (EfiConventionalMemory) |
+        if(gTdGuest) {
+          Attributes = GetPermissionAttributeForMemoryType (EfiConventionalMemory) |
+                     (Entry->Attributes & CACHE_ATTRIBUTE_MASK);
+        } else {
+          Attributes = GetPermissionAttributeForMemoryType (EfiConventionalMemory) |
                      (Entry->Attributes & EFI_CACHE_ATTRIBUTE_MASK);
+        }
 
         DEBUG ((DEBUG_INFO,
           "Untested GCD memory space region: - 0x%016lx - 0x%016lx (0x%016lx)\n",