From: "Gerd Hoffmann" <kraxel@redhat.com>
To: devel@edk2.groups.io, min.m.xu@intel.com
Cc: Brijesh Singh <brijesh.singh@amd.com>,
Eric Dong <eric.dong@intel.com>,
Erdem Aktas <erdemaktas@google.com>,
Hao A Wu <hao.a.wu@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
James Bottomley <jejb@linux.ibm.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Michael D Kinney <michael.d.kinney@intel.com>,
Ray Ni <ray.ni@intel.com>, Rahul Kumar <rahul1.kumar@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Zhiguang Liu <zhiguang.liu@intel.com>
Subject: Re: [edk2-devel] [PATCH 00/23] Enable Intel TDX in OvmfPkg (SEC/PEI)
Date: Tue, 31 Aug 2021 12:45:40 +0200 [thread overview]
Message-ID: <20210831104540.4um7x5zz4aq3oaq6@sirius.home.kraxel.org> (raw)
In-Reply-To: <cover.1628767741.git.min.m.xu@intel.com>
Hi,
> [TDX]: https://software.intel.com/content/dam/develop/external/us/en/
> documents/tdx-whitepaper-final9-17.pdf
So, coming back to this after reading through a bunch of docs and
patches with some high-level questions. The whitepaper lists two
ovmf configs:
(1) config-a, supporting normal/sev/tdx with basic features.
(2) config-b, supporting normal/tdx with more features.
What of this is implemented by this patch series?
config-a? completely? parts of it?
The whitepaper also doesn't explain very well why we have two
configurations in the first place. It describes *what* are the
differences but not *why* they are there.
Apparently some of the additional features supported by config-b
are either more difficult or impossible to implement in config-a.
Is that correct? Is that explained in more detail somewhere?
thanks,
Gerd
next prev parent reply other threads:[~2021-08-31 10:45 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-12 11:56 [PATCH 00/23] Enable Intel TDX in OvmfPkg (SEC/PEI) Min Xu
2021-08-12 11:56 ` [PATCH 01/23] OvmfPkg: Add Tdx BFV/CFV PCDs and PcdOvmfImageSizeInKb Min Xu
2021-08-12 11:56 ` [PATCH 02/23] OvmfPkg/Sec: Update the check logic in SevEsIsEnabled Min Xu
2021-09-11 1:13 ` Erdem Aktas
2021-09-13 3:04 ` Min Xu
2021-08-12 11:56 ` [PATCH 03/23] OvmfPkg/ResetVector: Enable Intel TDX in ResetVector of Ovmf Min Xu
2021-09-11 1:14 ` Erdem Aktas
2021-09-13 6:06 ` Min Xu
2021-09-14 2:16 ` Erdem Aktas
2021-08-12 11:56 ` [PATCH 04/23] MdePkg: Add Tdx.h Min Xu
2021-08-12 20:52 ` Michael D Kinney
2021-08-12 22:57 ` Min Xu
2021-08-12 11:56 ` [PATCH 05/23] MdePkg: Add TdxProbeLib to probe Intel Tdx Min Xu
2021-08-16 9:43 ` [edk2-devel] " Gerd Hoffmann
2021-08-17 0:14 ` Min Xu
2021-08-17 8:20 ` Gerd Hoffmann
2021-08-17 8:43 ` Min Xu
2021-08-17 8:58 ` Gerd Hoffmann
2021-09-11 1:14 ` Erdem Aktas
2021-09-13 6:11 ` [edk2-devel] " Min Xu
2021-08-12 11:56 ` [PATCH 06/23] MdePkg: Add TdxLib to wrap Tdx operations Min Xu
2021-09-11 1:15 ` Erdem Aktas
2021-08-12 11:56 ` [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Min Xu
2021-08-17 8:38 ` [edk2-devel] " Gerd Hoffmann
2021-08-18 5:54 ` Min Xu
2021-08-19 6:30 ` Gerd Hoffmann
2021-08-19 13:12 ` Min Xu
2021-08-20 6:41 ` Gerd Hoffmann
2021-09-11 1:15 ` Erdem Aktas
2021-09-28 8:33 ` [edk2-devel] " Min Xu
2021-08-12 11:56 ` [PATCH 08/23] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib Min Xu
2021-08-12 11:56 ` [PATCH 09/23] UefiCpuPkg: Add VmTdExitLibNull Min Xu
2021-08-12 11:56 ` [PATCH 10/23] OvmfPkg: Prepare OvmfPkg to use the VmTdExitLib library Min Xu
2021-08-12 11:56 ` [PATCH 11/23] OvmfPkg: Implement library support for VmTdExitLib in Ovmf Min Xu
2021-08-12 11:56 ` [PATCH 12/23] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception Min Xu
2021-08-12 11:56 ` [PATCH 13/23] UefiCpuPkg: Enable Tdx support in MpInitLib Min Xu
2021-08-12 11:56 ` [PATCH 14/23] OvmfPkg: Update SecEntry.nasm to support Tdx Min Xu
2021-08-12 11:56 ` [PATCH 15/23] OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard Min Xu
2021-08-12 11:56 ` [PATCH 16/23] OvmfPkg: Add TdxMailboxLib Min Xu
2021-08-12 11:56 ` [PATCH 17/23] MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h Min Xu
2021-08-12 11:56 ` [PATCH 18/23] OvmfPkg: Enable Tdx in SecMain.c Min Xu
2021-08-19 6:49 ` [edk2-devel] " Gerd Hoffmann
2021-08-19 14:27 ` Min Xu
2021-08-20 7:22 ` Gerd Hoffmann
2021-08-24 12:07 ` Min Xu
2021-08-24 12:55 ` Ard Biesheuvel
2021-08-25 6:10 ` Yao, Jiewen
2021-08-25 7:52 ` Gerd Hoffmann
2021-08-25 9:07 ` Yao, Jiewen
2021-08-25 14:51 ` Gerd Hoffmann
2021-08-25 16:28 ` Yao, Jiewen
2021-08-26 8:31 ` Gerd Hoffmann
2021-08-26 16:58 ` Yao, Jiewen
2021-08-25 6:22 ` Gerd Hoffmann
2021-08-12 11:56 ` [PATCH 19/23] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation Min Xu
2021-08-12 11:56 ` [PATCH 20/23] MdePkg: Add AllocatePagesWithMemoryType support in PeiMemoryAllocationLib Min Xu
2021-08-12 20:43 ` Michael D Kinney
2021-08-15 2:51 ` Min Xu
2021-08-12 11:57 ` [PATCH 21/23] OvmfPkg: Add PcdUse1GPageTable support for TDX Min Xu
2021-08-12 11:57 ` [PATCH 22/23] MdeModulePkg: EFER should not be changed in TDX Min Xu
2021-08-12 11:57 ` [PATCH 23/23] OvmfPkg: Update PlatformPei to support TDX Min Xu
2021-08-31 10:45 ` Gerd Hoffmann [this message]
2021-09-01 5:41 ` [edk2-devel] [PATCH 00/23] Enable Intel TDX in OvmfPkg (SEC/PEI) Min Xu
2021-09-01 6:25 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210831104540.4um7x5zz4aq3oaq6@sirius.home.kraxel.org \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox