From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web10.5353.1676534830666157699 for ; Thu, 16 Feb 2023 00:07:10 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=F+qn+vMK; spf=pass (domain: linux.ibm.com, ip: 148.163.158.5, mailfrom: dovmurik@linux.ibm.com) Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 31G7B4A9028003; Thu, 16 Feb 2023 08:07:08 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : content-transfer-encoding : mime-version; s=pp1; bh=UtPRX1GGOgm9h8Xh846GEtm0t6HyeFDUbAo0YiZMZfE=; b=F+qn+vMKmh/CecVGxXdtX71KOOmP+BuklW1j6FM3OdoKa9YXjicYEBuZxNqsw5oO7yAo De1Go7YTeupAEUW8VeymxMx4YT955EAQfTza3LDoyO/tU6lC3tHyrA2lQDxfQ7bWYvTA GvfOe10vajyItpmCZDgT4a5Th7DR/2x1NQk5ISZmgu4XuHGWj+nV6VvFaN7VhfwOuVa5 7BVbboalk0YbExLtm5M6dW2sy5dvO+bmJkKZrzoLm7Dz5zBZecZ2aNMu/Dcc34JGBm/L GD0NG7kWzmXn5Ff25ieg6ak9ZyA/gi4xowLSj/ky7RdAKLJfbW8b9AHJA9q78yePTBoM 6A== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3nsfmnhk6f-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Feb 2023 08:07:07 +0000 Received: from m0127361.ppops.net (m0127361.ppops.net [127.0.0.1]) by pps.reinject (8.17.1.5/8.17.1.5) with ESMTP id 31G7x677029388; Thu, 16 Feb 2023 08:07:07 GMT Received: from ppma03dal.us.ibm.com (b.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.11]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3nsfmnhk63-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Feb 2023 08:07:07 +0000 Received: from pps.filterd (ppma03dal.us.ibm.com [127.0.0.1]) by ppma03dal.us.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 31G7cL9p007439; Thu, 16 Feb 2023 08:07:06 GMT Received: from smtprelay05.dal12v.mail.ibm.com ([9.208.130.101]) by ppma03dal.us.ibm.com (PPS) with ESMTPS id 3np2n7fsm6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 16 Feb 2023 08:07:06 +0000 Received: from smtpav02.wdc07v.mail.ibm.com (smtpav02.wdc07v.mail.ibm.com [10.39.53.229]) by smtprelay05.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 31G8743h50200904 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 16 Feb 2023 08:07:05 GMT Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9786B58059; Thu, 16 Feb 2023 08:07:04 +0000 (GMT) Received: from smtpav02.wdc07v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4C95B5805F; Thu, 16 Feb 2023 08:07:03 +0000 (GMT) Received: from amdmilan1.watson.ibm.com (unknown [9.2.130.16]) by smtpav02.wdc07v.mail.ibm.com (Postfix) with ESMTP; Thu, 16 Feb 2023 08:07:03 +0000 (GMT) From: "Dov Murik" To: devel@edk2.groups.io Cc: Dov Murik , Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Erdem Aktas , James Bottomley , Min Xu , Tom Lendacky , Michael Roth , Ashish Kalra , Mario Smarduch , Tobin Feldman-Fitzthum Subject: [PATCH v2 0/2] OvmfPkg: Enable measured direct boot on AMD SEV-SNP Date: Thu, 16 Feb 2023 08:06:55 +0000 Message-Id: <20230216080657.2120213-1-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: IojPuiavUjGSYLtd4sfRpuXvUaBRIv-e X-Proofpoint-ORIG-GUID: mx8InUZGrtoUGlYouvTf16AIYhu5D6pW X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.170.22 definitions=2023-02-16_06,2023-02-15_01,2023-02-09_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 bulkscore=0 impostorscore=0 mlxlogscore=625 suspectscore=0 lowpriorityscore=0 adultscore=0 spamscore=0 priorityscore=1501 clxscore=1011 malwarescore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2302160068 Content-Transfer-Encoding: 8bit (Note: This is a new version of this one-year-old patch series; the v1 series [1] got a few Acked-by but it's been so long that I don't consider them relevant anymore.) AMD SEV and SEV-ES support measured direct boot with kernel/initrd/cmdline hashes injected by QEMU and verified by OVMF during boot. To enable the same approach for AMD SEV-SNP we make sure the page in which QEMU inserts the hashes of kernel/initrd/cmdline is not already pre-validated, as SNP doesn't allow validating a page twice. The first patch rearranges the pages in AmdSevX64's MEMFD so they are in the same order both as in the main target (OvmfPkgX64), with the exception of the SEV Launch Secret page which isn't defined in OvmfPkgX64. The second patch modifies the SNP metadata structure such that on AmdSev target the SEV Launch Secret page is not included in the ranges that are pre-validated (zero pages) by the VMM; instead the VMM will insert content into this page (the hashes table), or mark it explicitly as a zero page if no hashes are added. A corresponding RFC patch to QEMU will be published soon in qemu-devel. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Erdem Aktas Cc: James Bottomley Cc: Min Xu Cc: Tom Lendacky Cc: Michael Roth Cc: Ashish Kalra Cc: Mario Smarduch Cc: Tobin Feldman-Fitzthum --- v2 changes: * Rebased on master * Updated AmdSev MEMFD size to match OvmfX64 v1: [1] https://edk2.groups.io/g/devel/message/88137 Dov Murik (2): OvmfPkg/AmdSev: Reorder MEMFD pages to match the order in OvmfPkgX64.fdf OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation OvmfPkg/AmdSev/AmdSevX64.fdf | 27 ++++++++++---------- OvmfPkg/ResetVector/ResetVector.nasmb | 14 +++++++++- 2 files changed, 27 insertions(+), 14 deletions(-) -- 2.25.1