From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.51]) by mx.groups.io with SMTP id smtpd.web12.3087.1587169621353073215 for ; Fri, 17 Apr 2020 17:27:01 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=jNItXGWE; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.223.51, mailfrom: ashish.kalra@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VtkHutE9oUPNEp8cqMu1BLN3/cIP+VAIMtbDsld/ygIMgKa4CFqgQ14cxsaj2mdE8Co4ooCeD24R6euaKEHx1UCz8C6M5T36lxocJykRm/6HILTA15f4FgU7uUGBtSXMg16SwDSDkJk7sQ0Mtk/r2hCjg/9MCDaeG0MlYs3OsNFNaUnuqHZV50Drr0/yDOpHXQatEQqDBJU2J3Q1PhV/LO4o3Rg/3mTZ99nhMZESoWt2um4Xs1pgJgHLgmuQ8JLeQ6ujdeZc5ZwbTuCfKRKx3OSb2FqiBRDFSvlstM1ADJn2l642MRENEbKRvREo1FhfV0RNA2aMQUThov55cbHIMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/keySV5UBo0k2FQjvG8yyM+T8uBN+LyyyP3HexUXnJM=; b=BPTUmHviD0YTANta2Yhg+mNlUqtf+YyuRIKwaXWqkrV7OWyECab4I9ytaexfjpLDNZBJHwR6hZGWXtyIOdYu0qJl6razVFFPwmP7Wf+0eqXyF3O0YpPOtTW63Cu6fmaHb9TYVkhcb2b+UojX8nTab1ozZn4yRLtF4xpYvQTF5Y8Zw3aIjNQjROIhr8luWMopbsMZEt/fT2l30a34iRnR3pUi8Pnw3oIpS12h3YDsk3RHmeZrca9XjnKhKx5QVzkWCUkP44YPt/c2heqPlNuGeOleYtmMOd3V4Hw8gVteQQ/oLdE4vArp3ehZgrFUMQ6Cg7nfGttqFAl8QYJZVcGPEA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/keySV5UBo0k2FQjvG8yyM+T8uBN+LyyyP3HexUXnJM=; b=jNItXGWE4lnNdQ8klURl0fhU0IrWfJmYXn+XYXHuDDtSdfRKslqRTsRcvPhoGIIINFm84WBxuYx846X7v5q47Sj7BDh8cozzYZ6kqyWsCfAXOy4Bz8C6SovrCkA5AEQvV0Im3ZrTF2NsJTjdgiBigFPnxXJIMDIpWstBdsEo67E= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ashish.Kalra@amd.com; Received: from DM5PR12MB1386.namprd12.prod.outlook.com (2603:10b6:3:77::9) by DM5PR12MB1241.namprd12.prod.outlook.com (2603:10b6:3:72::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2921.27; Sat, 18 Apr 2020 00:26:58 +0000 Received: from DM5PR12MB1386.namprd12.prod.outlook.com ([fe80::969:3d4e:6f37:c33c]) by DM5PR12MB1386.namprd12.prod.outlook.com ([fe80::969:3d4e:6f37:c33c%12]) with mapi id 15.20.2900.028; Sat, 18 Apr 2020 00:26:58 +0000 Date: Sat, 18 Apr 2020 00:26:53 +0000 From: Ashish Kalra To: devel@edk2.groups.io Cc: brijesh.singh@amd.com, Thomas.Lendacky@amd.com Subject: Re: SEV Live Migration Support in OVMF Message-ID: <20200418002653.GA25977@ashkalra_ubuntu_server> References: <20200417202619.GA4304@ashkalra_ubuntu_server> In-Reply-To: <20200417202619.GA4304@ashkalra_ubuntu_server> User-Agent: Mutt/1.9.4 (2018-02-28) X-ClientProxiedBy: DM3PR03CA0005.namprd03.prod.outlook.com (2603:10b6:0:50::15) To DM5PR12MB1386.namprd12.prod.outlook.com (2603:10b6:3:77::9) Return-Path: ashish.kalra@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from ashkalra_ubuntu_server (165.204.77.1) by DM3PR03CA0005.namprd03.prod.outlook.com (2603:10b6:0:50::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2921.25 via Frontend Transport; Sat, 18 Apr 2020 00:26:57 +0000 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: cfa7899e-cbec-4016-2446-08d7e32f3474 X-MS-TrafficTypeDiagnostic: DM5PR12MB1241:|DM5PR12MB1241: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-Forefront-PRVS: 0377802854 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1386.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(10009020)(4636009)(136003)(39860400002)(346002)(396003)(366004)(376002)(6496006)(52116002)(8676002)(2906002)(8936002)(33716001)(26005)(81156014)(4326008)(316002)(33656002)(956004)(186003)(16526019)(44832011)(9686003)(55016002)(6916009)(66946007)(66476007)(66556008)(1076003)(478600001)(6666004)(5660300002)(86362001);DIR:OUT;SFP:1101; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 4cctEvCHhXAPxdo0dRsAleniuf1Hh9B0+CdQV3SjM552ovVHPBQwuJLnBwo5GiHprKWBKcqy8VEJDtYhikM4Mu3QhpuAnnmTumUW6BUcImccTBRfjEGaN4ZDGtvqJ6guNuy2E9ntHqJ2DmPZjIQ0siHzQrJKOJVjKNNlydTN1JMn37yICiaZtfCIjXQt1mlwkxyNn/v4TNP8jhHRyGJInHj0OLXJfkhGNvjXEAV9zUMjNqmXH3xdJVbRUzPpi8MGlkw250vHUyLOCjYDCT85LzCJ/ZXd96RFl28GJDae9+CPG0gyDrCxMFz4b3wSizXko4MktkOF4/ZJfdvVYsHYC/LExMauGVOMb5/PSllBWS4jy4tTkgXXJEjn9k6rhujspRnizUupVFGeZrQFMTPS3Qu4xgY9VgR8amwTia3/13VJgyPHNsy+24cr4Cxx1POs X-MS-Exchange-AntiSpam-MessageData: RTNY7SmuIRAfbGDggBlc8CEVx4uEFiK61uvvWg4BhZclne6NMtjTmlLl3MmuJj9qgIKUHquAvZETMctfgp2Avjt0WTF9619XneinzB3NZH8+1QZWWg4Nh8kkcIz0A6pslLO3zj95ZJx5FmNLAubJaw== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: cfa7899e-cbec-4016-2446-08d7e32f3474 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Apr 2020 00:26:58.0438 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 6tHUutLyadDboahgh7donUPNEn2Ut0UQItwvPqs28Ag+d7Ln8UqUZRuyg44WV8Ye1+FzQXcmxq8xO8INMv1mmA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1241 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline While testing this i found that the Uefi Variable module is loaded much later after AmdSevDxe module is loaded, hence the SetVariable() runtime service is available much later, so now i am setting this new Uefi variable as part of AmdIoMmuDxe module IoMmuMap() call. Thanks, Ashish On Fri, Apr 17, 2020 at 08:26:19PM +0000, Ashish Kalra wrote: > > This is with reference to adding SEV Live migration support in OVMF, > which basically is adding a hypercall as part of the > MemEncryptSevClearPageEncMask() function. > > We unconditionally make a hypercall and if the hypercall succeeds > then it can sets a new UEFI environment variable > "SevLiveMigrationEnabled" which indicates it supports the feature to the OS. > OS can later query whether feature is supported by OVMF by checking for > this variable using the UEFI runtime services. > > I tried doing this by setting the UEFI variable if the hypercall > succeeds using the UEFI runtime services SetVariable() function, but > it looks like the UEFI runtime services table library is only > available to DXE and UEFI module types. > > As OVMF's BaseMemEncryptLib module (which is doing the hypercall and then > setting the variable) is a PEIM module, hence, it cannot call the > UEFI runtime services and the build fails. > > Now i am returning the hypercall return status up the caller chain, i.e, all the way upto > MemEncryptSevClearPageEncMask() and then set the Uefi variable > in the above function which is running in DXE environment, so i believe that should work. > > Sharing the above on the development list for any feedback, comments or > suggestions on this support and our current approach for the same. > > Thanks, > Ashish