From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.83])
 by mx.groups.io with SMTP id smtpd.web08.10622.1634654184295562075
 for <devel@edk2.groups.io>;
 Tue, 19 Oct 2021 07:36:24 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=wDZBCoIn;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.83, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=RS7mnX5Zwl7Mh7fqn7RQ21GpfmYBbM0owXBfluKog5VKsWWxdRi4XISymsHPqLUTpD7vGG0qc9SmBDCjB8ICpDghIarNkwFCTCQEaQQvnWPHnXr8JR787Hr/gZaFHItZJbdenYcJgtccj0AxgyEZlofftDSMaFVYugsmqi/6DIuhWFlZmnh810wztMFjhMkUstGCEEWdOYSEnNHwkizI6ajfCXWNq2LB3/w1qAMyd7MmVj4vbwi4K22ZmeAJGuGZm6ZYN1GEJil92P/lzJ7sD9wJMUB89coumUpk27ZHQKmJFYZFZ4ynNXnilbtwXNDT6DsmCzrdJbBgsbRbUDVf/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=olQs5s3RAP3uxXJ1o2eGL6oHONbb2twBrwpMxl7gC0E=;
 b=duV/yVvRTT500RaHzzOz1JsdpHY5Vfq2bx0aNJt1gRJAb40wt9QPxOGnhwxNk0V8ZRZ6j4OWECKuBEp0Fb9FnX8dh6IJouHzuyBvbKWSGs9n0Q+aQusT4/20S2u+RuAJesj8QhwsRdVdK5ObDfr/wyn/XLaV42Hhxe7sFgJs12rZ7xBDXd713U6fuKTm+vI+zWlunxT5JG3AftiPpKh/c9VscCHtqJppLk2aY7oWtoxFX0s7kaU1/DFYBqq1FsqVnHIhJaAkzEi6MH7U3LLgQdIX1L0B0PC1GQS/MuUMh9ixMvyozcHfEOTxBJuOeuK4unhacwA7qOOqepN2UH4vAw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=olQs5s3RAP3uxXJ1o2eGL6oHONbb2twBrwpMxl7gC0E=;
 b=wDZBCoInfPlsAFu++YCAHDp4ZafPsLxUgnSSgs2/cZHNe1vVGNrE9Yi/IfYbJ3OhtGR7QZ4NDpoOguH3CEXrKcECo1UwE3lsbF+NJlIPIz+7nS8LoaIH7nSOZCV9YPrqbgNaqg/jxGH72w6slGNm43yaWXNaigdFpAJDKq8JkwI=
Authentication-Results: redhat.com; dkim=none (message not signed)
 header.d=none;redhat.com; dmarc=none action=none header.from=amd.com;
Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22)
 by SA0PR12MB4575.namprd12.prod.outlook.com (2603:10b6:806:73::19) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4608.16; Tue, 19 Oct
 2021 14:36:22 +0000
Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::e4da:b3ea:a3ec:761c]) by SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::e4da:b3ea:a3ec:761c%7]) with mapi id 15.20.4608.018; Tue, 19 Oct 2021
 14:36:22 +0000
Message-ID: <01ffc274-edec-3cda-7801-a3451dc081e2@amd.com>
Date: Tue, 19 Oct 2021 09:36:20 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
 Gecko/20100101 Thunderbird/91.2.0
CC: brijesh.singh@amd.com, devel@edk2.groups.io,
 James Bottomley <jejb@linux.ibm.com>, Min Xu <min.m.xu@intel.com>,
 Jiewen Yao <jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>,
 Jordan Justen <jordan.l.justen@intel.com>,
 Ard Biesheuvel <ardb+tianocore@kernel.org>,
 Erdem Aktas <erdemaktas@google.com>, Michael Roth <Michael.Roth@amd.com>
Subject: Re: [PATCH v9 30/32] OvmfPkg/PlatformPei: mark cpuid and secrets memory reserved in EFI map
To: Gerd Hoffmann <kraxel@redhat.com>
References: <20211013165713.727815-1-brijesh.singh@amd.com>
 <20211013165713.727815-31-brijesh.singh@amd.com>
 <20211014085851.e5xtspfcyz75lgog@sirius.home.kraxel.org>
 <6bb1abde-3795-1917-92b1-6659ac98846d@amd.com>
 <20211015052648.rcr55juuhoit4efh@sirius.home.kraxel.org>
 <8689d369-b5a3-07ee-5df5-981637224fcd@amd.com>
 <20211018060105.dbmomij5xcft6jpn@sirius.home.kraxel.org>
From: "Brijesh Singh" <brijesh.singh@amd.com>
In-Reply-To: <20211018060105.dbmomij5xcft6jpn@sirius.home.kraxel.org>
X-ClientProxiedBy: SA9PR13CA0033.namprd13.prod.outlook.com
 (2603:10b6:806:22::8) To SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
Received: from [10.0.0.5] (70.112.153.56) by SA9PR13CA0033.namprd13.prod.outlook.com (2603:10b6:806:22::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4628.9 via Frontend Transport; Tue, 19 Oct 2021 14:36:21 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 6e82caad-c19f-4cd8-99fa-08d9930dd271
X-MS-TrafficTypeDiagnostic: SA0PR12MB4575:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<SA0PR12MB45759C881872C6B46D337BC7E5BD9@SA0PR12MB4575.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8273;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	hcZdJb/mRlv+ccYVBysm6G1O9/9ozMQRBuky1t4QVWayKh0YSlKv5C0qDYaDIRhQozz5MWMkmMXgYP+Boe385TAgRFjTMD2vZEO3WuJ9bKUAqGIXfItiYuHkx7C2lDENkio0tUKqurBcVHm4xopKcig/L8PqdjFMgnNIh7Qn0h5dTOp4OAEKKuL38VCVER4oe9fIKSaiy5gpAIKNenHxB52sYxutS5avOIUna18+8xx5Gg9IjGbdjZ61x3wcZy4LmPV5U00gpKM2UTopf9+2KhqZ0mnNmMRWSZrB5cSTZyhVyOXgpfIeDyNSloyXYfwTG+GgTh7mdjW74cQt2ispeazFLUgdqN5lNkkPBib1vrfIQo9Pg6xUsJsduDga4Q3819s6baY8uL0ctiO3YdqlV3zwELS+IltYviefhLv9aZdWwnSM+NiiGVk/Wf7FU1Tvqj0qUFWXT3j94jMfHUqXYjEGO+quaKgjGIKrIGFnNnlRo/ZDPScNcGFhBpCF6WnSkIe2+UEfWgcFGXMFmgNgwcpLm9KWP7ljpxiEmkWFjWdma7b1u2IZ+DPi9w1+JmimokwVQ0f9rYU6OO1AwHDdblqzQalMjdWu1uDqBYIQs3pqCkpWO7g1yxZoSAZBqVYvAgyQqph4AvKgYkP1MhfuV/GNUl5sg3XxXTOrbBcK8mXS/mWpWrOV+3/3Rhjoa1JuESW6OiQR1qnK1GQ52Xl+rrBcg67J8sDGuW+Y3EAgFtsHG+PLwSytOSS30IGZ0LLd
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(31696002)(2906002)(4326008)(38100700002)(44832011)(8676002)(54906003)(16576012)(8936002)(36756003)(6486002)(956004)(2616005)(5660300002)(26005)(6916009)(316002)(31686004)(86362001)(508600001)(83380400001)(53546011)(186003)(66476007)(66556008)(66946007)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?zZjcoqSseV0evAauA0jR6Xw5Y4j18ldqaf340M0wyrhTLq77uq6/IwtXLsMW?=
 =?us-ascii?Q?rt0YF/jHQJUzpF2k2DNTzp/JM6/c5CqONC9+4KI/7MgMKg112MsA/cRTZrLC?=
 =?us-ascii?Q?iOgWTDGJpXh3JAmEnVbSY/p4Mu4X9DyqDKef+JdJc96lu9CnLsHVcJwL6MYg?=
 =?us-ascii?Q?ERE0o6HRyK3Z7oHzxGO8sdtnlvkRZhcjmzU2gBC9bSzkA10GBg/yyDz7OJjy?=
 =?us-ascii?Q?ufK03fs2AfBgOnRyF4fbXsOfXQPhV7/EMnP/MeWns6edqotfP1jgVJ+P6woP?=
 =?us-ascii?Q?VH6GDq5XtWN/Tk97ki1l3xqHm0srKmwFwLuSEAyS7S2qm4pUJZjAAoMkyIW1?=
 =?us-ascii?Q?kruhDCfNyokRQHFpu+a+5OVGcqXqz4asNJKXb9MRVVBx7W18wV/lSdxSi95k?=
 =?us-ascii?Q?pFlPMTccAmk9JmJZhpUiq0udJ6PyQ49SgFyC/Yo6zKEZ0VwZf0Uy6p6aDW8r?=
 =?us-ascii?Q?2+FVBckIxMbFIeJjim/4jHfBkbYMvuxMcDL+mWIgj0AsFOd5aMEdNeYeXNAs?=
 =?us-ascii?Q?rkK3qmzZRT5pouiU7SaCYwwkJsod2qCKvoTsIqVgcxkPtFuLmnyOhjgdGMnY?=
 =?us-ascii?Q?iGh4/h49T7g1fjEhEqSpCZCSw5sZVW9Lxgvgcci4pwSaY2udYr6wdZUei9CU?=
 =?us-ascii?Q?T8Q7RX5V4pVlrEM/Ztw4e+ZWtSopbnAtFNTQC58IpelZRKSI0MoVgmeELw4l?=
 =?us-ascii?Q?MoQgDV3ugeZzQ00RS/tIpEaZpoF/wKikcUZGDCSIC07JB9b/5cJD8OqC0aRB?=
 =?us-ascii?Q?xvYArGT0gyE5+lQnGt3mlI9wBxBL1rtvbKt81w7l5sL7op17xBkAB46DHtjF?=
 =?us-ascii?Q?Watj402Syc/bCC7roZrrncJFbFJB8WToaNdCq6bTvAfAF/lkHu6Be0RzABwr?=
 =?us-ascii?Q?DHggVtz+xRZbKcFO0Co9MZmfEYgBRc0NRl/bQa4vZbrBMmRkGSfX1NHu8IW0?=
 =?us-ascii?Q?qKxBW8ZiwVieQh/NRQOrVzcN++W30+z53tJCEJIwEw1CkNyNrgwqumrDeCsh?=
 =?us-ascii?Q?iDRLd+EVN87S6Ar2Oqahr8fnQSaPGHJ/3/LRnRVqvW1l52niV5OsuPR+nI5G?=
 =?us-ascii?Q?h9AaE82shijEcIkFPZUNh7wDikW05/id0SExvVZBOBSn1oUw7jzpUYDbB/jn?=
 =?us-ascii?Q?xBgHPkedyLak0l4VZUhkNBvC9cEWx6xcoRWaAdPW+NNoqO8Lm2qrXDQqHmfB?=
 =?us-ascii?Q?/iJQSarAIz36o69TkFK9SDoXY7utvGB/cid3LyQoWT34IEtdw9Z4U9B5aRxE?=
 =?us-ascii?Q?M5Psu5ESSrZA3VRtdb6uiEIfD9gme1KPnHsF//fI3bKQ6uFQwZk0QopAzmKY?=
 =?us-ascii?Q?ahwGAGgTGqscN+qOQDw+1tqp?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6e82caad-c19f-4cd8-99fa-08d9930dd271
X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Oct 2021 14:36:22.6342
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: V187Mg5+pJw9mslRH6/iGXRTlqRDnxO0RLRviutoa6R6TbBJ5JDsjHdxBP72cMN76MYFEKf3/kdlWookF82hkA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4575
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable


On 10/18/21 1:01 AM, Gerd Hoffmann wrote:
>   Hi,
>
>> The MEMFD range is outside of the firmware image map,=C2=A0 MEMFD begins=
 with
>> 0x800000 [1] and in my boots I don't see it reserved in e820.
> Ah, ok.
>
>> Here is the snippet.
>>
>> [ ... ]
>> [=C2=A0=C2=A0=C2=A0 0.000000] BIOS-e820: [mem 0x0000000000800000-0x00000=
00000807fff] ACPI NVS
>> [=C2=A0=C2=A0=C2=A0 0.000000] BIOS-e820: [mem 0x0000000000808000-0x00000=
0000080afff] usable
>> [=C2=A0=C2=A0=C2=A0 0.000000] BIOS-e820: [mem 0x000000000080b000-0x00000=
0000080bfff] ACPI NVS
>> [=C2=A0=C2=A0=C2=A0 0.000000] BIOS-e820: [mem 0x000000000080c000-0x00000=
0000080ffff] usable
>> [=C2=A0=C2=A0=C2=A0 0.000000] BIOS-e820: [mem 0x0000000000810000-0x00000=
000008fffff] ACPI NVS
>> [ ... ]
> Hmm.  Confused.  memfd size is 0xD00000, so should the block from 800000
> to 8cffff be reserved?  Why does it end at 8fffff instead?

There is no strong reason for block all of the MEMFD. What I see in the
current code is some selective pages gets marked reserved or other
memory type. As system boots some pages may get released as a system RAM.


> The first hole is this:
>
>     0x008000|0x001000
>     gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbPageTableBase|gUefiOvmfPkgTo=
kenSpaceGuid.PcdOvmfSecGhcbPageTableSize
>     0x009000|0x002000
>     gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceG=
uid.PcdOvmfSecGhcbSize
>
> The second hole is this (git master) ...
>
>     0x00C000|0x001000
>     gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase|gUefiOvmfPkgToken=
SpaceGuid.PcdOvmfSecGhcbBackupSize
>
> And IIRC the cpuid + secrets pages are added there.
>
> So, yes, they must be reserved indeed.  What about the other pages?
> Shouldn't they be reserved too?  Or will they not be used any more
> at runtime?

As I indicated above, the other part of the code (such MemDetect.c)
makes the pages reserved as system boot. Some page can be may not be
used at all during the runtime and thus gets released.

thanks