TDX VM needs to boot with Trust Domain Virtual Firmware (TDVF). Unlike
that OVMF is mapped as rom device, TDVF needs to be mapped as private
memory. This is because TDX architecture doesn't provide read-only
capability for VMM, and it doesn't support instruction emulation due
to guest memory and registers are not accessible for VMM.
On the other hand, OVMF can work as TDVF, which is usually configured
as pflash device in QEMU. To keep the same usage (QEMU parameter),
introduce ram_mode to pflash for TDVF. When it's creating a TDX VM,
ram_mode will be enabled automatically that map the firmware as RAM.
Note, this implies two things:
1. TDVF (OVMF) is not read-only (write-protected).
2. It doesn't support non-volatile UEFI variables as what pflash
supports that the change to non-volatile UEFI variables won't get
synced back to backend vars.fd file.
Signed-off-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
---
hw/block/pflash_cfi01.c | 25 ++++++++++++++++++-------
hw/i386/pc_sysfw.c | 14 +++++++++++---
2 files changed, 29 insertions(+), 10 deletions(-)
diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c
index 74c7190302bd..55e8bb2bd5ee 100644
--- a/hw/block/pflash_cfi01.c
+++ b/hw/block/pflash_cfi01.c
@@ -87,6 +87,7 @@ struct PFlashCFI01 {
void *storage;
VMChangeStateEntry *vmstate;
bool old_multiple_chip_handling;
+ bool ram_mode; /* if 1, the flash is mapped as RAM */
};
static int pflash_post_load(void *opaque, int version_id);
@@ -818,17 +819,24 @@ static void pflash_cfi01_realize(DeviceState *dev, Error **errp)
total_len = pfl->sector_len * pfl->nb_blocs;
- memory_region_init_rom_device(
- &pfl->mem, OBJECT(dev),
- &pflash_cfi01_ops,
- pfl,
- pfl->name, total_len, errp);
+ if (pfl->ram_mode) {
+ memory_region_init_ram(&pfl->mem, OBJECT(dev),pfl->name, total_len, errp);
+ } else {
+ memory_region_init_rom_device(
+ &pfl->mem, OBJECT(dev),
+ &pflash_cfi01_ops,
+ pfl,
+ pfl->name, total_len, errp);
+ }
if (*errp) {
return;
}
pfl->storage = memory_region_get_ram_ptr(&pfl->mem);
- sysbus_init_mmio(SYS_BUS_DEVICE(dev), &pfl->mem);
+
+ if (!pfl->ram_mode) {
+ sysbus_init_mmio(SYS_BUS_DEVICE(dev), &pfl->mem);
+ }
if (pfl->blk) {
uint64_t perm;
@@ -879,7 +887,9 @@ static void pflash_cfi01_system_reset(DeviceState *dev)
*/
pfl->cmd = 0x00;
pfl->wcycle = 0;
- memory_region_rom_device_set_romd(&pfl->mem, true);
+ if (!pfl->ram_mode) {
+ memory_region_rom_device_set_romd(&pfl->mem, true);
+ }
/*
* The WSM ready timer occurs at most 150ns after system reset.
* This model deliberately ignores this delay.
@@ -924,6 +934,7 @@ static Property pflash_cfi01_properties[] = {
DEFINE_PROP_STRING("name", PFlashCFI01, name),
DEFINE_PROP_BOOL("old-multiple-chip-handling", PFlashCFI01,
old_multiple_chip_handling, false),
+ DEFINE_PROP_BOOL("ram-mode", PFlashCFI01, ram_mode, false),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/hw/i386/pc_sysfw.c b/hw/i386/pc_sysfw.c
index 75b34d02cb4f..03c84b5aaa32 100644
--- a/hw/i386/pc_sysfw.c
+++ b/hw/i386/pc_sysfw.c
@@ -38,6 +38,7 @@
#include "hw/block/flash.h"
#include "sysemu/kvm.h"
#include "sev.h"
+#include "kvm/tdx.h"
#define FLASH_SECTOR_SIZE 4096
@@ -184,12 +185,19 @@ static void pc_system_flash_map(PCMachineState *pcms,
total_size += size;
qdev_prop_set_uint32(DEVICE(system_flash), "num-blocks",
size / FLASH_SECTOR_SIZE);
+ qdev_prop_set_bit(DEVICE(system_flash), "ram-mode", is_tdx_vm());
sysbus_realize_and_unref(SYS_BUS_DEVICE(system_flash), &error_fatal);
- sysbus_mmio_map(SYS_BUS_DEVICE(system_flash), 0,
- 0x100000000ULL - total_size);
+ flash_mem = pflash_cfi01_get_memory(system_flash);
+ if (is_tdx_vm()) {
+ memory_region_add_subregion(get_system_memory(),
+ 0x100000000ULL - total_size,
+ flash_mem);
+ } else {
+ sysbus_mmio_map(SYS_BUS_DEVICE(system_flash), 0,
+ 0x100000000ULL - total_size);
+ }
if (i == 0) {
- flash_mem = pflash_cfi01_get_memory(system_flash);
pc_isa_bios_init(rom_memory, flash_mem, size);
/* Encrypt the pflash boot ROM */
--
2.27.0
