From: "James Bottomley" <jejb@linux.ibm.com>
To: Laszlo Ersek <lersek@redhat.com>,
devel@edk2.groups.io, Bret Barkelew <brbarkel@microsoft.com>,
"Liming Gao (Byosoft address)" <gaoliming@byosoft.com.cn>
Cc: dovmurik@linux.vnet.ibm.com, Dov.Murik1@il.ibm.com,
ashish.kalra@amd.com, brijesh.singh@amd.com, tobin@ibm.com,
david.kaplan@amd.com, jon.grimm@amd.com, thomas.lendacky@amd.com,
frankeh@us.ibm.com,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
"Ard Biesheuvel (ARM address)" <ard.biesheuvel@arm.com>
Subject: Re: [edk2-devel] [PATCH v2 2/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package
Date: Wed, 25 Nov 2020 09:09:28 -0800 [thread overview]
Message-ID: <1064db1d53315987bf8bb478894a07bda8d90a96.camel@linux.ibm.com> (raw)
In-Reply-To: <5b9b21c3eb37ba7024c1cb85ead267867b323c7d.camel@linux.ibm.com>
On Wed, 2020-11-25 at 08:02 -0800, James Bottomley wrote:
> On Wed, 2020-11-25 at 15:01 +0100, Laszlo Ersek wrote:
> > This upgrade gave me kernel 5.8.18-100.fc31.x86_64 in the guest --
> > and this one does *not* crash. From your boot log below, I see your
> > guest kernel is 5.5.0; I suggest upgrading it.
>
> Heh, that's easier said than done ... I always make my encrypted
> images too small to upgrade a kernel easily. Anyway, after doing the
> remove and add stuff dance, I finally got it upgraded to the latest
> debian testing linux-image-5.8.0-3 it's still crashing although with
> a slightly different traceback. It looks like there might be
> something additional in the fedora 5.8 kernel that fixes this. I'm
> going to try out upstream kernels next.
I've got the upstream kernel booting through OVMF with a qemu -kernel
command line. I also have a fix: it's not to delete the dummy variable
which was part of the ancient x86 anti bricking code (which is also why
arm64 doesn't have the problem).
If you remove the set variable in arch/x86/platform/efi/quirks.c:
/*
* Deleting the dummy variable which kicks off garbage collection
*/
void efi_delete_dummy_variable(void)
{
efi.set_variable_nonblocking((efi_char16_t *)efi_dummy_name,
&EFI_DUMMY_GUID,
EFI_VARIABLE_NON_VOLATILE |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_RUNTIME_ACCESS, 0, NULL);
}
The kernel will boot. I'm not sure why we have this deletion
unconditionally in efi_enter_virtual_mode, but removing the call with
the patch below allows the kernel to boot.
However, once the kernel has booted, any attempt to write to an EFI
variable results in this:
[ 975.440240] [Firmware Bug]: Page fault caused by firmware at PA: 0x7e450020
And then the efi runtime gets disabled.
James
---
diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index 8a26e705cb06..dfae61f07196 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -844,7 +844,7 @@ static void __init __efi_enter_virtual_mode(void)
efi_runtime_update_mappings();
/* clean DUMMY object */
- efi_delete_dummy_variable();
+ //efi_delete_dummy_variable();
return;
err:
next prev parent reply other threads:[~2020-11-25 17:09 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-20 18:45 [PATCH v2 0/6] SEV Encrypted Boot for Ovmf James Bottomley
2020-11-20 18:45 ` [PATCH v2 1/6] OvmfPkg/Amdsev: Base commit to build encrypted boot specific OVMF James Bottomley
2020-11-23 18:01 ` Laszlo Ersek
2020-11-23 23:25 ` James Bottomley
2020-11-23 23:43 ` Laszlo Ersek
2020-11-20 18:45 ` [PATCH v2 2/6] OvmfPkg/AmdSev: add Grub Firmware Volume Package James Bottomley
2020-11-23 21:08 ` Laszlo Ersek
2020-11-24 6:38 ` James Bottomley
2020-11-24 8:23 ` Laszlo Ersek
2020-11-24 14:54 ` Laszlo Ersek
2020-11-24 15:58 ` Laszlo Ersek
2020-11-24 16:22 ` [edk2-devel] " James Bottomley
2020-11-24 23:22 ` Laszlo Ersek
2020-11-24 23:42 ` James Bottomley
2020-11-25 1:27 ` James Bottomley
2020-11-25 14:01 ` Laszlo Ersek
2020-11-25 16:02 ` James Bottomley
2020-11-25 17:09 ` James Bottomley [this message]
2020-11-25 18:17 ` James Bottomley
2020-11-25 19:20 ` Laszlo Ersek
2020-11-25 20:11 ` James Bottomley
2020-11-25 18:35 ` Laszlo Ersek
2020-11-25 19:08 ` Laszlo Ersek
2020-11-25 19:14 ` Laszlo Ersek
2020-11-20 18:45 ` [PATCH v2 3/6] OvmfPkg: convert ES Reset Block structure to be guided James Bottomley
2020-11-23 22:16 ` Laszlo Ersek
2020-11-24 14:57 ` Lendacky, Thomas
2020-11-24 19:07 ` James Bottomley
2020-11-24 23:19 ` Laszlo Ersek
2020-11-24 19:05 ` James Bottomley
2020-11-24 23:15 ` Laszlo Ersek
2020-11-20 18:45 ` [PATCH v2 4/6] OvmfPkg: create a SEV secret area in the AmdSev memfd James Bottomley
2020-11-23 22:28 ` Laszlo Ersek
2020-11-20 18:45 ` [PATCH v2 5/6] OvmfPkg/AmdSev: assign and protect the Sev Secret area James Bottomley
2020-11-23 22:38 ` Laszlo Ersek
2020-11-20 18:45 ` [PATCH v2 6/6] OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table James Bottomley
2020-11-23 22:56 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1064db1d53315987bf8bb478894a07bda8d90a96.camel@linux.ibm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox