From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.41]) by mx.groups.io with SMTP id smtpd.web09.8577.1652449957862231192 for ; Fri, 13 May 2022 06:52:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=CQw9/j9t; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.236.41, mailfrom: michael.roth@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MA+BBcpEJIAqRKSHVwhNgvWPa5jPTNXFOTFxdUJig51vZmurBRYeLw8rLFA2leHHuXLJ6m9opzXP7iL9dVfioTiEFHrUAQSsq/fu0l0DFPwmX+fk0zRddD0B5UfIfnPLUbK/teUCQtW1jrVzxtXsFjqdaztJTnAeIXq2gfgl+HKvBhmGad3ikUG2ut9Jcd0Zq01trLY3Ub/6BoPXInwUS+lfjaLMXB6+U5UzZek5cMbRzlbuGSewG2NzZz8YshsjIYQigLkxDo7Z2iGTwBgwIylqLFgwf7qJbRZoCTNJQIGGS8r1gS3M/ANSWy2DkoyAcsHe3BrVqcfC6lWGwkFLkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=a2QpsAhVypr8tac+2ZuuSNe2au6tcvf3AJYo+Zqp7so=; b=Dz9KyVSyJFGP/e76KmHMCLmjTMktDyOQQU2l8yTdi1HquapHug8K3lvbxJiONdhRV8VIhgWsH5GxqCmD9QE2AMorcvpEkSN4Bj2YP4aipThaBKT0rqmuaV+JCykC/UBJob4cJS2pBtZQrnJpO2baJilAZbJnrlfg6jf9uYhYs1m+vm4pwA2T7MvvRksW2nmizN/5PbJal4BGMBqBdqQYpcKKiLPXkWO42prXR5fBBO78GB0yvhsQOiUT6zw/ODrxjzwKhJzHeOYpQKySYTdVn+tbf62W/DtLgNyNntZqXeE86NMgEOZI3LGhhjNfP2pUC3it5M1lgeTGiWmCPtxAvQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=a2QpsAhVypr8tac+2ZuuSNe2au6tcvf3AJYo+Zqp7so=; b=CQw9/j9tnaQVEVkpgLXbim+F5ul9RLW7pAwIzWV5RNRMTU2ELmRpFPg/ZBMiNxysKw8ZeoD83TclK4hb9h+FG4m5wjhlOHyL1StEEul/+Ee/N0UxE56uPr4/ITb/aAzx8pWtVhdFZZeTDjn75porh12OV3xBgnMx5C1Asu/PVNo= Received: from BN0PR07CA0009.namprd07.prod.outlook.com (2603:10b6:408:141::8) by BYAPR12MB4631.namprd12.prod.outlook.com (2603:10b6:a03:10d::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.14; Fri, 13 May 2022 13:52:35 +0000 Received: from BN8NAM11FT042.eop-nam11.prod.protection.outlook.com (2603:10b6:408:141:cafe::89) by BN0PR07CA0009.outlook.office365.com (2603:10b6:408:141::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5250.14 via Frontend Transport; Fri, 13 May 2022 13:52:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT042.mail.protection.outlook.com (10.13.177.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5250.13 via Frontend Transport; Fri, 13 May 2022 13:52:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 13 May 2022 08:52:34 -0500 Date: Fri, 13 May 2022 08:52:14 -0500 From: Michael Roth To: Tom Lendacky CC: Subject: Re: [PATCH] OvmfPkg/AmdSevDxe: Update ConfidentialComputing blob struct definition Message-ID: <20220513135214.zaax6pmhwuoxqiqf@amd.com> References: <20220513132224.397601-1-michael.roth@amd.com> <14a3ed39-163c-d7a4-d4c4-04afa522f742@amd.com> MIME-Version: 1.0 In-Reply-To: <14a3ed39-163c-d7a4-d4c4-04afa522f742@amd.com> Return-Path: Michael.Roth@amd.com X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 3fdd18d9-2e17-4d24-8f82-08da34e7d5b5 X-MS-TrafficTypeDiagnostic: BYAPR12MB4631:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: lbZCbpOrrgfRYo3aKFg4XvICRRUWJpgyoB5Pm0oNES62Wr2OCePwLHb+tri9hmduZKmCVY607KFLgfNBOqjBR36squXRseLmivONjeV755JZ69jwNsqMTea+y+b/RwwnBTIHej0MPdMsq33BrmOIIuQdaKphVPirCb5S3UVkB47vvsO63MCbSWnRGA/JuZPI0VKsAZRTuYiVjzk3EWdawc9pNm/TYqd3gxAfJ8MNgL9A+Pg2raybAwhpq1TlsrsbvwAM0kBIJ4NTPBcjOvlOhOp+NYyA3vD8QzmtQekvCkKje2ADzVv/ij/buqk5x9u0r9XnCPvWvBZRgBhsk5xC9ViC0ce1tjQOiAVM3BM6NDQbkRg8hFwACwnC6x9t2WnyvK/PItEWGD7DiczXd422Di1cErJNdeTinj4HHCcMr1iQU/BVVxuK9rgHtjwLA/R1RwE9ecLOxeIdgk7LlkLDJ8SJQa4uQG+M8FcA40QQ6/yip7ytVNriRyT5qkJCoU+oqvaUznBgtApuYHDdt6c+oX7iyX7qGaAvp63lMiLpXlQIBkYaYyTK+BjeipmOTqmbnIyYL+AN+TY11vmAHWb01nIoahgtmQE9N4FXLqCnyQLkbRhPK9lUf1aisfyhh3pZm+raJfGzCow4mJsrW7chECSNfwguXCqF02NKt/U1tEVE0qIVbzGcOevxYiiVRRfRrN/+rVrtUJK9wONsauujTw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230001)(4636009)(46966006)(40470700004)(36840700001)(6636002)(316002)(508600001)(37006003)(6666004)(81166007)(36860700001)(5660300002)(2906002)(16526019)(44832011)(15650500001)(1076003)(8936002)(426003)(336012)(2616005)(186003)(36756003)(47076005)(82310400005)(70206006)(70586007)(53546011)(8676002)(6862004)(4326008)(86362001)(40460700003)(356005)(26005)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 May 2022 13:52:35.3257 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3fdd18d9-2e17-4d24-8f82-08da34e7d5b5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT042.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR12MB4631 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline On Fri, May 13, 2022 at 08:32:38AM -0500, Tom Lendacky wrote: > On 5/13/22 08:22, Michael Roth wrote: > > The Confidential Computing blob defined here is intended to match the > > definition defined by linux guest kernel. Previously, both definitions > > relied on natural alignment, but that relies on both OVMF and kernel > > being compiled as 64-bit. While there aren't currently any plans to > > enable SNP support for 32-bit compilations, the kernel definition has > > since been updated to use explicit padding/reserved fields to avoid > > this dependency. Update OVMF to match that definition. > > > > No functional changes (for currently-supported environments, at least). > > > > Signed-off-by: Michael Roth > > Minor nit comment below that can be ignored if desired. > > Reviewed-by: Tom Lendacky > > > --- > > OvmfPkg/AmdSevDxe/AmdSevDxe.c | 2 ++ > > OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h | 6 ++++-- > > 2 files changed, 6 insertions(+), 2 deletions(-) > > > > diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.c b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > > index 662d3c4ccb..ee6d2528d9 100644 > > --- a/OvmfPkg/AmdSevDxe/AmdSevDxe.c > > +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.c > > @@ -27,8 +27,10 @@ STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = { > > 0, > > (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase), > > FixedPcdGet32 (PcdOvmfSnpSecretsSize), > > + 0, > > (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase), > > FixedPcdGet32 (PcdOvmfCpuidSize), > > + 0, > > }; > > EFI_STATUS > > diff --git a/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h b/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h > > index b328310fd0..83620e31b8 100644 > > --- a/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h > > +++ b/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h > > @@ -18,14 +18,16 @@ > > { 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42 }, \ > > } > > -typedef struct { > > +typedef PACKED struct { > > UINT32 Header; > > UINT16 Version; > > - UINT16 Reserved1; > > + UINT16 Reserved; > > Not to be picky, but I would have left this as Reserved1 and then made the > below entries Reserved2 and Reserved3. Hi Tom, I updated those to match how the reserved fields are numbered in the kernel since it seemed like it could cause confusion otherwise. I should have noted that in the commit log though as it's a somewhat unrelated change. Thanks! -Mike > > Thanks, > Tom > > > UINT64 SecretsPhysicalAddress; > > UINT32 SecretsSize; > > + UINT32 Reserved1; > > UINT64 CpuidPhysicalAddress; > > UINT32 CpuidLSize; > > + UINT32 Reserved2; > > } CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION; > > extern EFI_GUID gConfidentialComputingSevSnpBlobGuid;