From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.68]) by mx.groups.io with SMTP id smtpd.web09.35651.1631021246725237055 for ; Tue, 07 Sep 2021 06:27:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=WgEMBdH/; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.68, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bN62z4pmG7ozQbO1Q9+7gn+2695poo6AaqMPfU1QSvECH9evoRMokJMI0BGSjv2a3nZBBOs+CK5TnqDXPtnz/Om9oQ63qutJmH33ux31DKhRUoHDL1f3c9C7VkTfM7mS9FfVyw/Ja+KajDYw6ZJ1qoXQ0Gt2bWY2WzYMJkCMYKNhvthAblC4XTz8KWORaZqy12KcT5oXXNUaVAnnsCkh5z0tAf03gPP6ylDFEny7ilyv5h71hMHUWPa5Gs1mBf+RXhDu3K1/bRELXf7SvY+C2o2+ZfddL9iW8yHr6CDBNkVSZhodbwYYyEzbyep1YWN9r+u9PA8vI4no0LeseRR02g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=pgyb0ZJMcnzn4qKDzGicyx7pfo7Hc2RAzYJcExIBHBg=; b=PQ0pmsIEdTbEuG2MzpszbW0hgHj8s5c3ah0RIumYzEwGr6UgvVcgbdXQDsYUwuwqPJjtoSDmLbph2L8uw4+tEDhN0aj/NQl5kVTWOfl3ic0yM+vkFS4hgC3qjKKQeIMcGygqC5EJrv0tPsSwZ1sQv0ygaaRhfD2qBKuKACjyMTU5Lwbqg770ylZuJYj0Td1cOBsmX60ueDxpj/FpxmcFA1MjYSyHWLn13Aec30HbE0KJAxt5ULUwLi3vgzbegSKWSbtjvC9e8OCpaY9dFKAK5TL5cg4B1FSXRhfRZnvfELA3hD09rbQUadxUXgzt9vOY2+YoKdov6KdSaJ7B3PYBgg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pgyb0ZJMcnzn4qKDzGicyx7pfo7Hc2RAzYJcExIBHBg=; b=WgEMBdH/1qmYcHmAUeyvzs2gEHF+KeCmao54urFT4QjuDvMWlt2V8Z9Py+prkXFZxCy29haUeTQIM9SeP0FlfqYcE+cZzyBjjhqcouoBZgZ/JMh10z5lWJu326cXJjCSNbjLU0pueS4eTpmaumO1z6hBwTdZcvjm0bDo34NqMfg= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2415.namprd12.prod.outlook.com (2603:10b6:802:26::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.19; Tue, 7 Sep 2021 13:27:24 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4478.025; Tue, 7 Sep 2021 13:27:24 +0000 Cc: brijesh.singh@amd.com, "devel@edk2.groups.io" , James Bottomley , "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel , Erdem Aktas , Michael Roth Subject: Re: [edk2-devel] [PATCH v6 06/29] OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase To: "kraxel@redhat.com" , "Xu, Min M" References: <20210901161646.24763-1-brijesh.singh@amd.com> <20210901161646.24763-7-brijesh.singh@amd.com> <20210902082029.tfdt4s5s76qknpiq@sirius.home.kraxel.org> <20210906121650.vwgt5y5hdwxfugvh@sirius.home.kraxel.org> <20210907070732.xcokfdn5iw3wyqbu@sirius.home.kraxel.org> From: "Brijesh Singh" Message-ID: <1811902d-de4a-7a7c-ea21-4ae2374e9214@amd.com> Date: Tue, 7 Sep 2021 08:27:22 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: <20210907070732.xcokfdn5iw3wyqbu@sirius.home.kraxel.org> X-ClientProxiedBy: SN7PR04CA0089.namprd04.prod.outlook.com (2603:10b6:806:121::34) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from [10.236.31.95] (165.204.77.1) by SN7PR04CA0089.namprd04.prod.outlook.com (2603:10b6:806:121::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Tue, 7 Sep 2021 13:27:23 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 2050d999-195b-4abb-e74d-08d972033a39 X-MS-TrafficTypeDiagnostic: SN1PR12MB2415: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: W+zq7NqXhRzaWoFkF71hRes6RUEChw3zW/p6uBfl4ReJG9Zb9nyzAavAvL3YHsb4GUBmQiBNclcs5BYsHbAbozpG6Y9pbledhcr/qUlCrLTKJknfgJxMRSz9gqF0wIvPW8ajJ/dSsK3Kj/eLqF/dTrkZLC/mOP2c+BNecd8cOgb5MaqsLcVxMvbaW0OkosAFldY7QyPiQFC4nNMZUodGWr7AowXg1qNaLV90FJFDt/GCbuWlPjKUSHng7ckP+j28Wop9H+zSf9gjVMcTty8Ehk98Ym/244hfE5TWsjsBu0tgWnoYTCszVULa4vKmzy0wLriRUqDxgWt+gD/9TRDZLjsTXXDGF1z3z4YcRjRVTjObm9R2iNzGvnhHFIMZpSNByXMq1Nym1ZJ5beFfEoNSpn5ZJ5GrevSzFjUj1GEoDJ8iPVG4NT0Yqj+9IEDWoA6nqn8ER14it4AFBRs3623eEwqIz9ctfLb/FqMGXuvL1EsqtTsWhjc5EzDVag4jO/TDnDMn9ohIJuj5Frd78ac2dqKpSsDdhGWgZiaJMqhblOFR+6Mu0KOs7AEjj5G5G8VTBvwpf+WV4KjpPQhnpF1/VMIAUuoyhqLUFDsUeBtP9+qWardfnkbuRgKi8tGcx7jcGzPA90n3lijdaIbK3tK6qcl4MuFiD+lIExOkWO5xtX0XHh64wad+jhsnLd4Zmn1unmif3JjaGEsSFBb145bYp2eOAEVFafIikWs7amBfF+HFPCgSvD2ShoMGR7hJoO5D5FdrWpjfN9ezc2aQsVWokcjRWuCP0vpG3XJ8dIGJ8OuorZ9IO4f/U7ioiKnX1hhZPP6qI6KaqysygF3i3p02vA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(31696002)(8936002)(26005)(53546011)(38100700002)(66556008)(66476007)(5660300002)(186003)(52116002)(508600001)(316002)(86362001)(16576012)(83380400001)(966005)(8676002)(31686004)(6486002)(54906003)(4326008)(38350700002)(110136005)(15650500001)(45080400002)(956004)(44832011)(2906002)(2616005)(66946007)(36756003)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?cnNJL0lYSlBZeGIvVGdIR1NVTkYzMjFJRnRvMGN4dzJkQ1BzbWsvMk5iKzVp?= =?utf-8?B?ZUFjdHkyeldLakdnblRrSWVUOG5KZFBaTEROaU5UK1FkeEhqdFhNRTMwZHVQ?= =?utf-8?B?eFBFMDBMMGhzbXdSZzZHa01tSGNUNXgwa2FWcVFlakM0RTJyT0tpZFJnTDF2?= =?utf-8?B?WmY4RWFnNFRPdVN1V3M2UWlqOC9sekNmRDNPbkdJVFNSRTZrMGIyY1lDTHJj?= =?utf-8?B?ejFhVmZLZ2YrQ1k5ZlNHYVRjbG9oUzZlcGhrWXRDR2I4QVlWazM4d0wrTnJX?= =?utf-8?B?RWFUZHBQaTdHaFRlUHB0enhBRkpZb1lnREJWL1dnZmlXNU1TSHdCWURJclpU?= =?utf-8?B?Q2ErZ3BJaFZsZWhHZWpvQzdhMkFLREtEK3U4VThpSVd5Q3gzWGprVzdiMUFz?= =?utf-8?B?cFpvaklxSXlZUHR6K2htVEZ3VUloc2xiOU9hM21FTHNsR3hxUzJEK0YyMHlB?= =?utf-8?B?dVNlUnd1VUNvZlpCTzZkUlBuTG9WL3p4SU94ZCtod1oxU01hb0ZRNmdqRndP?= =?utf-8?B?b016UFlkUlJZdGdiRWorRitXRnVZMlZ6K1paSWtjbFpHYjB2NTJWb2dPSGJq?= =?utf-8?B?aS82aTRJeGR3dUNmVFljdGgrUXRaVWFlQU81dXZjMys5NWt2Yjd6c2JxRUJO?= =?utf-8?B?R2VqcFdUbTc3Tk53VTBaVDREL0xRMG9pc01XNTI4UXA4dCtNeUEyOTJ2a3d5?= =?utf-8?B?bFpFNXZGUFlJSGxQbkJkbDlTZlBIbUtISjg4VUNtL3MySjhmRFZXL0l4Y1JF?= =?utf-8?B?bkxWUFFvQWhxeVU5d0N2WlI2WUtkeTBFTGNtb0wyaDY3ZzZDMVI3R3UvbitH?= =?utf-8?B?ODdVY0xZcmJ4N05uYk4rdG9FTGw4RnRYbEtJVGt6VU5SdTRYVlJpY0N4b3M1?= =?utf-8?B?U2V3aFg5ZEZkd0RXbWY5VklLQ1dYdU5qM1oxdDgzSXFvMGh6VUtHbW5XRzho?= =?utf-8?B?WUdHZ3BOYUpzTXdMcjE4SDdTbjk2allKcUFSMENScys2UFBEckxGb2ZFOFI0?= =?utf-8?B?cjMwY0VrS3FKaktyb255OWN3TTVTa210dU1JdnRMM0tUSG5WOWRCcWxZMUp5?= =?utf-8?B?MnFvL0t3Ukd2aUVWekFIN1RhN0cxY3VLczJvMnVlSXF3TVhkMW5aZVlnQ1pK?= =?utf-8?B?Qmp2MjdjcjJFV2QyOFJXQW9Ea1k2b3l3L3JCMGlkUXJOMGJXVUs2cC9jYktt?= =?utf-8?B?NmhOM043eUZISnBPeDJHMHhPYVlQNTlxOG1YNTkxd1YrbGxLUi9SdllpNnBt?= =?utf-8?B?VHhiaThWOFg2djBUZWxud1lkRHVIdGtjd0taWVBxZnozMGp2dk9xdDBLSUhy?= =?utf-8?B?SHYrcGRHUnFXNXZub3M2MGVXQ1dnZkNNSjJpelhNZ1JNYk1wbGNqY0hwY0wx?= =?utf-8?B?aFRabzFBWkNjREwyajdSc0ZlYW9jZGVzMzBqdDRibnhXMW10TXluMWNKR0VQ?= =?utf-8?B?eEtia3RLSkhlVW1pdWUvM0JWejdPdS9Sa0JuUjRqeWFsZnR2eU04UnlNN3c0?= =?utf-8?B?S2JMdEpVQ3puSElHSCs3MWlQL2JQU2FiVEdRVWdEdXh6eHYyd0xjNFBDTWxv?= =?utf-8?B?TkhheHZyUFdCODF3aC9qL1dKQWk0UmdwUStzQ2hjV2RLRVMwWTdsUzl4eGVD?= =?utf-8?B?SUVvRzVzQmFDMElwM1NsdmZRTlhQV3g2RW1Rbjd4L2xXaG9weHhuZG0wYkpJ?= =?utf-8?B?MW9ORE9OcnJ6bWdua3JsdWQwb05YNVlQKzVpYlVhSnJFd1BjcHMrdURJODNH?= =?utf-8?Q?IsyeI6qZz80vaeyHF6hvsBBB/CMDgSp4Bof5iyx?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2050d999-195b-4abb-e74d-08d972033a39 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Sep 2021 13:27:23.9765 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: qS4pTqgfc2MZGT9hIVEyvFgbQjQwNDJXJglNuNHjJfRRZJxruFRw15XniMOeangBJkoJ5q19LybA+A7fFKOSFg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2415 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 9/7/21 2:07 AM, kraxel@redhat.com wrote: > Hi, > >>> [ Looking at https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.mail-%2F&data=04%7C01%7Cbrijesh.singh%40amd.com%7Cb2dfcc7e0f934cacdce408d971ce2f5a%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637665952633333113%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WsSaU8kFvw1NWES%2BYOw7xENZr9cpPgQvBjsXWkc8nkg%3D&reserved=0 >>> archive.com/devel@edk2.groups.io/msg33605.html ] >>> >>> So, there isn't much tdx-specific in tdx-metadata. Most ranges are >>> TDX_METADATA_SECTION_TYPE_TEMP_MEM which I think basically means >>> these ranges should be accepted by the hypervisor, which is pretty much the >>> same issue snp tries to solve with this pre-validation range. Then there are >>> the ranges for code (aka bfv), for vars (aka cfv) and td_hob. >>> >>> td_hob is the only tdx-specific item there, and even that concept (pass >>> memory ranges as hob list from hypervisor to guest) might be useful outside >>> tdx. >> Mailbox is tdx-specific too. But Stack/Heap/OvmfWorkarea/OvmfPageTable are >> common. BFV/CFV are common too. > > Mailbox is tagged "TDX_METADATA_SECTION_TYPE_TEMP_MEM", so nothing > special to do when loading the firmware, right? > >>> I'd suggest we generalize the tdx-metadata idea and define both generic and >>> vmm-specific section types: >>> >>> enum { >>> OVMF_SECTION_TYPE_UNDEFINED = 0; >>> >>> /* generic */ >>> OVMF_SECTION_TYPE_CODE = 0x100, >>> OVMF_SECTION_TYPE_VARS >>> OVMF_SECTION_TYPE_SEC_MEM /* vmm should accept/validate this */ >>> >>> /* sev */ >>> OVMF_SECTION_TYPE_SEV_SECRETS = 0x200, >>> OVMF_SECTION_TYPE_SEV_CPUID /* or move to generic? */ >>> >>> /* tdx */ >>> OVMV_SECTION_TYPE_TDX_TD_HOB = 0x300, >>> }; >>> >>> Comments? >> TDX has similar section type. > > Yes. Both TDX and SNP have simliar requirements, they want store memory > ranges in the firmware binary in a way that allows qemu finding them and > using them when initializing the guest. > > SNP stores the ranges directly in the GUID-chained block in the reset > vector. The range types are implicit (first is pre-validate area, > second is cpuid page, ...). > > TDX stores a pointer to tdx-metadata in the GUID-chained block, then the > tdx-metadata has a list of ranges. The ranges are explicitly typed > (section type field). > > The indirection used by TDX keeps the reset vector small. Also the > explicit typing of the ranges makes it easier to extend later on if > needed. > > IMHO SEV should at minimum add explicit types to the memory ranges in > the boot block, but I'd very much prefer it if SEV and TDX can agree > on a way to store the memory ranges. > >> But I am not sure if SEV can use this metadata mechanism. >> Need SEV's comments. > > Brijesh? > We should be able to make use of the metadata approach for the SEV-SNP. I will update the SNP patches to use the metadata approach in next rev. thanks