[pve-devel] [PATCH edk2-firmware 3/4] Add SCSI in NCCFV for TD guest

[Anton Iacobaeus <anton.iacobaeus@canarybit.eu>]

From: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>

The FV in `IntelTdx/IntelTdxX64.fdf` was split into two FVs, one for a
TD guest and one for non-cc guest. The SCSI driver was moved to the
non-cc NCCFV. In order for PVE to use an image with SCSI include the
SCSI driver in the FV for TD guest.

Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
Signed-off-by: Anton Iacobaeus <anton.iacobaeus@canarybit.eu>
---
 .../patches/Enable_SCSI_IntelTdx_DXEFV.patch  | 52 +++++++++++++++++++
 debian/patches/series                         |  1 +
 2 files changed, 53 insertions(+)
 create mode 100644 debian/patches/Enable_SCSI_IntelTdx_DXEFV.patch

diff --git a/debian/patches/Enable_SCSI_IntelTdx_DXEFV.patch b/debian/patches/Enable_SCSI_IntelTdx_DXEFV.patch
new file mode 100644
index 0000000..5f9c40d
--- /dev/null
+++ b/debian/patches/Enable_SCSI_IntelTdx_DXEFV.patch
@@ -0,0 +1,52 @@
+diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.fdf b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
+index c05761ab..02807c37 100644
+--- a/OvmfPkg/IntelTdx/IntelTdxX64.fdf
++++ b/OvmfPkg/IntelTdx/IntelTdxX64.fdf
+@@ -204,6 +204,16 @@ INF  PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
+ INF  OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf
+ INF  OvmfPkg/Virtio10Dxe/Virtio10.inf
+ INF  OvmfPkg/VirtioBlkDxe/VirtioBlk.inf
++INF  OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
++!if $(PVSCSI_ENABLE) == TRUE
++INF  OvmfPkg/PvScsiDxe/PvScsiDxe.inf
++!endif
++!if $(MPT_SCSI_ENABLE) == TRUE
++INF  OvmfPkg/MptScsiDxe/MptScsiDxe.inf
++!endif
++!if $(LSI_SCSI_ENABLE) == TRUE
++INF  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
++!endif
+ 
+ !if $(SECURE_BOOT_ENABLE) == TRUE
+   INF  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+@@ -223,6 +233,8 @@ INF  MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
+ INF  MdeModulePkg/Universal/Disk/DiskIoDxe/DiskIoDxe.inf
+ INF  MdeModulePkg/Universal/Disk/PartitionDxe/PartitionDxe.inf
+ INF  MdeModulePkg/Universal/Disk/UnicodeCollation/EnglishDxe/EnglishDxe.inf
++INF  MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
++INF  MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+ INF  MdeModulePkg/Bus/Pci/SataControllerDxe/SataControllerDxe.inf
+ INF  MdeModulePkg/Bus/Ata/AtaAtapiPassThru/AtaAtapiPassThru.inf
+ INF  MdeModulePkg/Bus/Ata/AtaBusDxe/AtaBusDxe.inf
+@@ -290,21 +302,9 @@ READ_LOCK_STATUS   = TRUE
+ # DXE Phase modules
+ #
+ INF  MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
+-INF  OvmfPkg/VirtioScsiDxe/VirtioScsi.inf
+-!if $(PVSCSI_ENABLE) == TRUE
+-INF  OvmfPkg/PvScsiDxe/PvScsiDxe.inf
+-!endif
+-!if $(MPT_SCSI_ENABLE) == TRUE
+-INF  OvmfPkg/MptScsiDxe/MptScsiDxe.inf
+-!endif
+-!if $(LSI_SCSI_ENABLE) == TRUE
+-INF  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
+-!endif
+ INF  MdeModulePkg/Universal/Console/GraphicsConsoleDxe/GraphicsConsoleDxe.inf
+ INF  MdeModulePkg/Universal/DriverHealthManagerDxe/DriverHealthManagerDxe.inf
+ INF  MdeModulePkg/Universal/Disk/RamDiskDxe/RamDiskDxe.inf
+-INF  MdeModulePkg/Bus/Scsi/ScsiBusDxe/ScsiBusDxe.inf
+-INF  MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf
+ INF  MdeModulePkg/Bus/Isa/Ps2KeyboardDxe/Ps2KeyboardDxe.inf
+ INF  MdeModulePkg/Universal/Acpi/S3SaveStateDxe/S3SaveStateDxe.inf
+ INF  MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
diff --git a/debian/patches/series b/debian/patches/series
index f9e3582..c0155a2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,3 +5,4 @@ Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch
 ArmVirtPkg-disable-the-EFI_MEMORY_ATTRIBUTE-protocol.patch
 Revert-UefiCpuPkg-Produce-EFI-memory-attributes-prot.patch
 UefiCpuPkg-MpInitLib-Fix-split-lock-violation-from-M.patch
+Enable_SCSI_IntelTdx_DXEFV.patch
-- 
2.43.0


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel