[PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

* [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
@ 2022-01-04  7:16 Dov Murik
  2022-01-04  9:00 ` [edk2-devel] " Yao, Jiewen
  0 siblings, 1 reply; 3+ messages in thread
From: Dov Murik @ 2022-01-04  7:16 UTC (permalink / raw)
  To: devel
  Cc: Dov Murik, Ard Biesheuvel, Jordan Justen, Gerd Hoffmann,
	Brijesh Singh, Erdem Aktas, James Bottomley, Jiewen Yao, Min Xu,
	Tom Lendacky, Tobin Feldman-Fitzthum, Jiewen Yao

Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>

---

Resending with Acked-by and Reviewed-by tags.
Please let me know if there's anything else missing.
Thanks,
-Dov

---
 OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54d1..6bf1a55dea64 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
   BuildMemoryAllocationHob (
     PcdGet32 (PcdSevLaunchSecretBase),
     ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
-    EfiBootServicesData
+    EfiReservedMemoryType
     );
 
   return EFI_SUCCESS;
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [edk2-devel] [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
  2022-01-04  7:16 [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved Dov Murik
@ 2022-01-04  9:00 ` Yao, Jiewen
  2022-01-04  9:15   ` Dov Murik
  0 siblings, 1 reply; 3+ messages in thread
From: Yao, Jiewen @ 2022-01-04  9:00 UTC (permalink / raw)
  To: devel@edk2.groups.io, dovmurik@linux.ibm.com
  Cc: Ard Biesheuvel, Justen, Jordan L, Gerd Hoffmann, Brijesh Singh,
	Aktas, Erdem, James Bottomley, Xu, Min M, Tom Lendacky,
	Tobin Feldman-Fitzthum

Merged: https://github.com/tianocore/edk2/commit/079a58276b98dc97ca363e3bc8b35cc7baa56d76

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Dov Murik
> Sent: Tuesday, January 4, 2022 3:17 PM
> To: devel@edk2.groups.io
> Cc: Dov Murik <dovmurik@linux.ibm.com>; Ard Biesheuvel
> <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>;
> Gerd Hoffmann <kraxel@redhat.com>; Brijesh Singh <brijesh.singh@amd.com>;
> Aktas, Erdem <erdemaktas@google.com>; James Bottomley
> <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu, Min M
> <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Tobin
> Feldman-Fitzthum <tobin@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: [edk2-devel] [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV
> launch secret area as reserved
> 
> Mark the SEV launch secret MEMFD area as reserved, which will allow the
> guest OS to use it during the lifetime of the OS, without creating
> copies of the sensitive content.
> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Brijesh Singh <brijesh.singh@amd.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
> Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
> 
> ---
> 
> Resending with Acked-by and Reviewed-by tags.
> Please let me know if there's anything else missing.
> Thanks,
> -Dov
> 
> ---
>  OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> index db94c26b54d1..6bf1a55dea64 100644
> --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> @@ -19,7 +19,7 @@ InitializeSecretPei (
>    BuildMemoryAllocationHob (
> 
>      PcdGet32 (PcdSevLaunchSecretBase),
> 
>      ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
> 
> -    EfiBootServicesData
> 
> +    EfiReservedMemoryType
> 
>      );
> 
> 
> 
>    return EFI_SUCCESS;
> 
> --
> 2.25.1
> 
> 
> 
> -=-=-=-=-=-=
> Groups.io Links: You receive all messages sent to this group.
> View/Reply Online (#85273): https://edk2.groups.io/g/devel/message/85273
> Mute This Topic: https://groups.io/mt/88186113/1772286
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com]
> -=-=-=-=-=-=
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [edk2-devel] [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
  2022-01-04  9:00 ` [edk2-devel] " Yao, Jiewen
@ 2022-01-04  9:15   ` Dov Murik
  0 siblings, 0 replies; 3+ messages in thread
From: Dov Murik @ 2022-01-04  9:15 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io
  Cc: Ard Biesheuvel, Justen, Jordan L, Gerd Hoffmann, Brijesh Singh,
	Aktas, Erdem, James Bottomley, Xu, Min M, Tom Lendacky,
	Tobin Feldman-Fitzthum, Dov Murik



On 04/01/2022 11:00, Yao, Jiewen wrote:
> Merged: https://github.com/tianocore/edk2/commit/079a58276b98dc97ca363e3bc8b35cc7baa56d76
> 

Thanks!
-Dov


>> -----Original Message-----
>> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Dov Murik
>> Sent: Tuesday, January 4, 2022 3:17 PM
>> To: devel@edk2.groups.io
>> Cc: Dov Murik <dovmurik@linux.ibm.com>; Ard Biesheuvel
>> <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>;
>> Gerd Hoffmann <kraxel@redhat.com>; Brijesh Singh <brijesh.singh@amd.com>;
>> Aktas, Erdem <erdemaktas@google.com>; James Bottomley
>> <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu, Min M
>> <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Tobin
>> Feldman-Fitzthum <tobin@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>
>> Subject: [edk2-devel] [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV
>> launch secret area as reserved
>>
>> Mark the SEV launch secret MEMFD area as reserved, which will allow the
>> guest OS to use it during the lifetime of the OS, without creating
>> copies of the sensitive content.
>>
>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>> Cc: Brijesh Singh <brijesh.singh@amd.com>
>> Cc: Erdem Aktas <erdemaktas@google.com>
>> Cc: James Bottomley <jejb@linux.ibm.com>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Min Xu <min.m.xu@intel.com>
>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>> Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
>> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
>> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
>> Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
>> Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
>>
>> ---
>>
>> Resending with Acked-by and Reviewed-by tags.
>> Please let me know if there's anything else missing.
>> Thanks,
>> -Dov
>>
>> ---
>>  OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
>> b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
>> index db94c26b54d1..6bf1a55dea64 100644
>> --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
>> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
>> @@ -19,7 +19,7 @@ InitializeSecretPei (
>>    BuildMemoryAllocationHob (
>>
>>      PcdGet32 (PcdSevLaunchSecretBase),
>>
>>      ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
>>
>> -    EfiBootServicesData
>>
>> +    EfiReservedMemoryType
>>
>>      );
>>
>>
>>
>>    return EFI_SUCCESS;
>>
>> --
>> 2.25.1
>>
>>
>>
>> -=-=-=-=-=-=
>> Groups.io Links: You receive all messages sent to this group.
>> View/Reply Online (#85273): https://edk2.groups.io/g/devel/message/85273
>> Mute This Topic: https://groups.io/mt/88186113/1772286
>> Group Owner: devel+owner@edk2.groups.io
>> Unsubscribe: https://edk2.groups.io/g/devel/unsub [jiewen.yao@intel.com]
>> -=-=-=-=-=-=
>>
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2022-01-04  9:15 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-01-04  7:16 [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved Dov Murik
2022-01-04  9:00 ` [edk2-devel] " Yao, Jiewen
2022-01-04  9:15   ` Dov Murik

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox