From: "Dov Murik" <dovmurik@linux.ibm.com>
To: edk2-devel-groups-io <devel@edk2.groups.io>
Cc: Dov Murik <dovmurik@linux.ibm.com>,
Tobin Feldman-Fitzthum <tobin@linux.ibm.com>,
James Bottomley <jejb@linux.ibm.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Min Xu <min.m.xu@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: Error when launching SEV-ES guest with OvmfPkg/AmdSev build
Date: Wed, 13 Oct 2021 12:35:25 +0300 [thread overview]
Message-ID: <25b6f2b1-0903-e39a-665f-e3d20ff16261@linux.ibm.com> (raw)
Hello,
I encountered the following problem when trying to launch SEV-ES
(policy=0x5) guests with the OvmfPkg/AmdSev/AmdSevX64 package build:
$ sudo /home/dmurik/git/qemu/build/qemu-system-x86_64 -enable-kvm
-machine q35 -smp 1 -m 2G -machine confidential-guest-support=sev0
-object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=1,policy=0x5
-drive
if=pflash,format=raw,unit=0,file=/home/dmurik/git/edk2/Build/AmdSev/DEBUG_GCC5/FV/OVMF.fd,readonly=on
-nographic -global isa-debugcon.iobase=0x402 -debugcon file:ovmf-1.log
-monitor pty
char device redirected to /dev/pts/6 (label compat_monitor0)
error: kvm run failed Invalid argument
EAX=0000000a EBX=0000006f ECX=00000000 EDX=00000000
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=0000fff0 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 00000000 00000000
CS =0000 00000000 00000000 00000000
SS =0000 00000000 00000000 00000000
DS =0000 00000000 00000000 00000000
FS =0000 00000000 00000000 00000000
GS =0000 00000000 00000000 00000000
LDT=0000 00000000 00000000 00000000
TR =0000 00000000 00000000 00000000
GDT= 00000000 00000000
IDT= 00000000 00000000
CR0=c0000033 CR2=00000000 CR3=00000000 CR4=00000660
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000
DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000100
Code=?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? <??> ??
?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ?? ??
?? ?? ?? ??
ovmf-1.log is empty (even though OVMF is compiled with debug flags).
Plain SEV (no -ES) guests work OK.
The error is "kvm run failed Invalid argument", so I first tried
switching kernels, but 5.11.0, 5.13.0, and 5.14.0 all gave the same result.
Then I tried an older OVMF release (edk2-stable202108) -- and it worked
OK. So I started a git bisect session and found this first bad commit:
commit ab77b6031b03733c28fa5f477d802fd67b3f3ee0
Author: Brijesh Singh <brijesh.singh@amd.com>
Date: Tue Aug 17 21:46:50 2021 +0800
OvmfPkg/ResetVector: update SEV support to use new work area format
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
Update the SEV support to switch to using the newer work area format.
I wonder if any change in this series should have also touched files in
OvmfPkg/AmdSev and missed them.
Any other ideas on how to debug this are welcome.
Let me know if this should be reported/discussed somewhere else.
Thanks,
-Dov
next reply other threads:[~2021-10-13 9:35 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-13 9:35 Dov Murik [this message]
2021-10-13 19:41 ` Error when launching SEV-ES guest with OvmfPkg/AmdSev build Brijesh Singh
2021-10-13 19:47 ` Dov Murik
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=25b6f2b1-0903-e39a-665f-e3d20ff16261@linux.ibm.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox