From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.46])
 by mx.groups.io with SMTP id smtpd.web11.24947.1676316805212691305
 for <devel@edk2.groups.io>;
 Mon, 13 Feb 2023 11:33:25 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amd.com header.s=selector1 header.b=1RrQIKt9;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.46, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=UxoJENhaRakJoBDVC7oLjkM2OcVqv+bfo7LwkvDMz2rXYbqdBkKmQysgm8lnWdZj/9g9laS16kl7qmT1NGmAyFMp38hmskpQgb4pLlxhOZs10szTt400Cu6hNUG4ViNaeiBm/QbkFsSZKvJSA/MONE3B5baO+HWuQVUCK1vNTbBO+nacmKEuHZYRoX7mUWpc9WKsJA/id9TdFNqnzp2LLBwdMQp2oXs0dFTkkmfhnp413GlxCCPOQE9FRM2kPVHLGFP/mtHs9qv8GkRdQLZY66J2gpuvMb5HxzMYUFB6syv2PC1UIeeNlGwG0XXAT2SKvtDxnZXMoEL5gDkBhi2L5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=TV6d/FE1/rHcwgaIuQ7fDPfh04iqn+HKoiMOALPoAPk=;
 b=nnnjX5FT2NRxSZsiHxUJewdiQM8/KFZj/cxCvuogMJeuEH+eFVKCc22r1SSCo+f5pQHqD6e8YXlLs0UFTnYSX6N/kTLbmu7ozfviKTtZ3DUvYFOjPjzAlIZM6XGGtINYogFwbpDBrklQ5UgTKhIy7XXvADchMwZ351GKbChoxVPNU2wFKagDIhwCDyVyA1XOeCrf0b1UJhnTQvPUEeJf9NQYO6yekivefgkgUjtBbZyd5D5kRg9BqrImWHTyO8hBXZcupGNlz8p4p06t13u77+uGsxF4jEoAzNgbbnwzr7BWXWezjmWBk66WZNZe1MKFqLDuPI4rj00zWAtfA8Uh2w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=TV6d/FE1/rHcwgaIuQ7fDPfh04iqn+HKoiMOALPoAPk=;
 b=1RrQIKt9zLuHjX/+834CzyLa/d+Ft1Fk0zjmjaRpFas8R+PWHvB/5KX1LxLJxYGX6tVpW55xFl+Lgt4lk2tweIqwSD6TiNheVBSKputKYUNZLxiVby5OmmcGEnhkchffG3xIHgBn/wln4t7yTXJyH7ox+q8cq3PoQyL305LLfJo=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=amd.com;
Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12)
 by PH8PR12MB7445.namprd12.prod.outlook.com (2603:10b6:510:217::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6086.24; Mon, 13 Feb
 2023 19:33:22 +0000
Received: from DM4PR12MB5229.namprd12.prod.outlook.com
 ([fe80::6cc0:9c7a:bd00:441c]) by DM4PR12MB5229.namprd12.prod.outlook.com
 ([fe80::6cc0:9c7a:bd00:441c%4]) with mapi id 15.20.6086.024; Mon, 13 Feb 2023
 19:33:22 +0000
Message-ID: <407f44d7-b603-df04-4147-bc3060949677@amd.com>
Date: Mon, 13 Feb 2023 13:33:20 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.7.1
Subject: Re: [edk2-devel] [PATCH v10 1/4] OvmfPkg: Add memory acceptance event in AmdSevDxe
To: Dionna Amalie Glaze <dionnaglaze@google.com>,
 "Gupta, Pankaj" <pankaj.gupta@amd.com>
Cc: devel@edk2.groups.io, Gerd Hoffmann <kraxel@redhat.com>,
 James Bottomley <jejb@linux.ibm.com>, Jiewen Yao <jiewen.yao@intel.com>,
 Ard Biesheuvel <ardb@kernel.org>, "Min M. Xu" <min.m.xu@intel.com>,
 Andrew Fish <afish@apple.com>, "Michael D. Kinney"
 <michael.d.kinney@intel.com>
References: <20230126005647.3019225-1-dionnaglaze@google.com>
 <20230126005647.3019225-2-dionnaglaze@google.com>
 <0d8f2b0b-1d62-3db6-34c9-e9ce39838bce@amd.com>
 <CAAH4kHbPokhucNLas1J4SVMBQ_brj7GSkFjGHc5JQk6t=qdQmg@mail.gmail.com>
 <CAAH4kHb2CH-wHoL_1PumCXK-be+p0AD9EHcasaDycmraiv3kQg@mail.gmail.com>
 <a301b0ec-5d6b-afe3-c082-0e53d0059f8c@amd.com>
 <CAAH4kHa8B+zFSRTDt=-r2i3GgHms7fAOgehEb0KAevHFPos4sw@mail.gmail.com>
 <9ea61013-e2c1-30a4-3be7-feed537c035a@amd.com>
 <CAAH4kHbZ8WcL9oxXUzTO=fNRU8=S2_y58+OV6-gxJXmwYv-75w@mail.gmail.com>
 <52c7d139-3763-b4f2-ab5c-a0a925a1a3ff@amd.com>
 <CAAH4kHaJFL6Dro4TusYiA72OxWvM1Q7y99Kx9Sg34H_Nb=AYLQ@mail.gmail.com>
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
In-Reply-To: <CAAH4kHaJFL6Dro4TusYiA72OxWvM1Q7y99Kx9Sg34H_Nb=AYLQ@mail.gmail.com>
X-ClientProxiedBy: CH0P221CA0028.NAMP221.PROD.OUTLOOK.COM
 (2603:10b6:610:11d::10) To DM4PR12MB5229.namprd12.prod.outlook.com
 (2603:10b6:5:398::12)
Return-Path: Thomas.Lendacky@amd.com
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DM4PR12MB5229:EE_|PH8PR12MB7445:EE_
X-MS-Office365-Filtering-Correlation-Id: 9538fd33-c4fc-414f-5dae-08db0df92b10
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	dyfRQ3f4PvyVZQt40E8f1zDVA0bIOlKlSMAFtguBqOeDC88UtJgOg2ssO0oZRjIAfvM0elmiZ9Ducm+AGskbrre9cnoC7Y+5waIwEOveCMME1gAaK1Et3UMrqYgvVvZdk9LL3uo08L79h4K5sEpyKfk6djRAv9Mbj+fc4lTvuCGJO3bfCbEFah5KIGhhVZ0leZ0Fxg9CjirRauIztlpghJZmef5MdSNEwjgQ+yMowK6gph144ZZbAAcNSI6XwPjjkluGAzm23BfxVUex7LuQQlSg7ScZFF5DQ7+VlJkHLCKIircZQKwLpq0dIyKYpiwLLNWHaw0Jm5UOVvuxszD062PHvXMzARznKJa8vVKAJ7ThNoEblGwsxXKuUYrWVSo7u2cQoSNZ61bpwAioxK/GafAMVcxGoibq4P/W/BiFJw0yq/ci9pRjjoHEM6eaX9CHxZ5+Sukd1ZQZZ+9uufYheUme/PTKlD95TuSTqIkyLORdMpeQkIBk3U1ftF/3Zmqtqhhkx9KmCMQdHrS/VxWSNqaY1TGsbcSz3U4Ewo9uZk2DsiTPajHu7QjU7n6iSYyeYAUCMPviTvXn9LYgJtb7CtD2V0FcgDUY8Sny05uDDKudDsu69G8zcb8RiTiOjQi/Ae7gLTIlckMKwui/1Pe+yFXDPo5yZUU8zOm7ik+cdPmFc008rMJhiBdO0iVsHUsA7JFpAPI4oG2a2c5XW5BbU+B2lzGj5Gyaf79jDQo1My4=
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(136003)(346002)(39860400002)(396003)(376002)(366004)(451199018)(66899018)(83380400001)(31686004)(38100700002)(2616005)(110136005)(6636002)(5660300002)(54906003)(31696002)(86362001)(36756003)(2906002)(186003)(478600001)(66946007)(66476007)(66556008)(4326008)(8676002)(316002)(6506007)(26005)(6512007)(41300700001)(53546011)(8936002)(6486002)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?utf-8?B?dDFuL0R6dFoydVFDWVMzVjVPK0huWnU0OVVBRXU4RWJKTEVyME1pVFRMTk1t?=
 =?utf-8?B?OE1zL21kSVltTEdrUHNEWmNtamxWM3JaN3ZpcGx2RkRabjJsSmN3ODdyYWgv?=
 =?utf-8?B?NXZmbTl3SEN3SmxCUU54WEZQQVp5cjhIUEZROW8xVklYSzNYRkx0WGZoNFZF?=
 =?utf-8?B?Kyttc2NsM21oMHp1NDdiNWJ4MFRzQjdnOGJkUlhjUXFaSjh1Z3J4OE10QVps?=
 =?utf-8?B?ZTJUY3ovVUxkalVsTkpIK0FxNm5lZEFzSjgzZHk3bHFOSmp3VXIrYjQwU1d0?=
 =?utf-8?B?Mmh2Y25BclpZTEIwOGpGckFwdXN1V2dJL0ZlOEF3Ync0VWFBdFBJVmNEcnNV?=
 =?utf-8?B?SkFKdk5pczNCYmN2L0dtME80d0RjVGsxNGlSUU56STlHYjBmWmcweHBXc245?=
 =?utf-8?B?NEFFTC9KK2dnTTZTY0I2aUtEK05NbHhVRHZsbXRvU2h0b2pBY1o2Y1pjeHB2?=
 =?utf-8?B?WUVpZGxhOGxWODdKaWlQU3R6MFRoN0pLSTJwOUt0QVpGSEIrNC9EYUw1Yk42?=
 =?utf-8?B?MVU5L2NiWlpVc0tteTdjRldSY1djQzRuMjJLelZkNTBxKzliUjNON2I5Y0kw?=
 =?utf-8?B?R2hmRlZSUTFwc1lsMkhpREJaUk00bVVhNTRYcGNjUEsva2EwaEdxRUdkTk4y?=
 =?utf-8?B?SUNOajFqSkxhT1h5d1UrYWJKZEx5aHIvSXNWY2RxbVlXVzVpWmxXdkpmTE81?=
 =?utf-8?B?am12V2JBOGt5eGROOTd5UFdiakh5TWxMN2x6eVU4cHVDei93N1pOanZQaE9M?=
 =?utf-8?B?TTVqZDIrcTJzcXhoT094b0pYT003cTBJSU1YMmFCN3VqakZ6QXhpQW5EYmU5?=
 =?utf-8?B?cFBaWEVRVzk1Y3hiWUNOMklnZlpEY21Tc3RBWnlRSStFbG5JRGJQejdIR2Fy?=
 =?utf-8?B?RksvU1hWV1dIamRWdGxkV3FZa2ovSElqcHpuNXU4dGwrVlo4L0VNS2E4b0tO?=
 =?utf-8?B?ZEhseGQzdmQ1dDVFbW9SUXJwOW5mcVNnQjgzRnFoT2I5bURjdGhrdkxlRDh5?=
 =?utf-8?B?SXJ1Ni9HQVhkSjVXN001dVY2Qzk2UEVyaGpYNTFVNUMxTVZyTWRVa1NPbVBp?=
 =?utf-8?B?dmZpbWVOTkRId29DK2tORmp5UUh4dGloNnFIMElnc3ZHbFNEbWNiSWRjbmZs?=
 =?utf-8?B?dDNKRmFvUThEMXl2cXBSUGVBbmpFNG5Cb0xZbk13QUFkci90VEdpZUJ3SFRQ?=
 =?utf-8?B?QWZqUFZvQ1YwQjdRMVBKS3IzKzFXMlJKU1lLQkRhbHFnSjhldU5wZ1dRd25D?=
 =?utf-8?B?SFdWK2VRaFpvbkxUUVpkNHVoWEc0SmovRTJkb2VreVVXaFNVNm5wc1JtMnFW?=
 =?utf-8?B?NmY2SUNGUGN6QitBMERkb2dPVTYraGpVRXBRYUFpOUhVWnBaY3k4TkJQY3Rw?=
 =?utf-8?B?OC9pRVorQ1JNZEdYb2U5c2lsa1pyN0s2Mm9GNGtJOWRSU0RYblFOOHZvRVA0?=
 =?utf-8?B?WHkydnVGTDkyTEpObTcxUU4rYUoweURWY1NDaXV6Q21hK05hSHVsNDkzYlZ2?=
 =?utf-8?B?SkpLRVQ0Q0pieWFiSFFJcWJlQVk1MXRmenRMZjBSNWxpN1k5WGpRVUVoUjQ4?=
 =?utf-8?B?OVVsY2lKbWdROGFBUkVtV1VTYmNFaWhDQ0hCMDdtZXVXSHU3UzlWT3ovOTl5?=
 =?utf-8?B?VVgyOUhBb0lWSVhjb0N4d25UMmNyYmoyTEVkYjUzYkNOQ3V2M0pWRkZJQnhV?=
 =?utf-8?B?alFTNUV5d3ZEWVJRK1pkdWtvUzZ6S0RoWVBUeWRrT2ovL0k0M2ZKT0ZoV1BY?=
 =?utf-8?B?RnVLZVhURnVCckVtaFpaU05oWlJkUDNnQ1VRLzc0elUyMnYzREdZMFgySGlh?=
 =?utf-8?B?SkxnVm82T3czRklsMzZqVjM5cEN3azRmeXI3OUEyRGEwMGMxdUpEOVlJSUhL?=
 =?utf-8?B?ZzlKWkwwMFljUnByOVlzak4vcTZXSmtpS0pQcnlFanhiaUNMUjNRNW5jT0Na?=
 =?utf-8?B?eUdtQ3hDeGM4OEtaNTVjY1hRakhYZEEzNVNzZ0JYRXErWlJoYmdscWtQMnAr?=
 =?utf-8?B?R2k3Njg2RFdQcUlObE5BUXErbXRjb0R0QmwxeDQrTE9GbEhwaDJuU3MrbHEx?=
 =?utf-8?B?Q1RpbW9LVGd1eE5JdjE2NDMxK05ianBOQVFmRHJHR2sydU5FZkZsVUhrZjdK?=
 =?utf-8?Q?F7fswxe06T8zBUC0CxaaVH9U4?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9538fd33-c4fc-414f-5dae-08db0df92b10
X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Feb 2023 19:33:22.5286
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 0Eo4Rs8E1OI7Qs4PJ7Yt2BAeVqfG/wn2mG7mgVuE9QfAoyNbX4yFrTHTngLej5hQ+ttc2ETLXjcGUK7Ny6GWEw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7445
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit

On 2/13/23 12:31, Dionna Amalie Glaze wrote:
> I'm rather confused at the moment how our internal testing succeeds
> given the premise of the protocol is to use the specified behavior
> that the OS must call get_memory_map again if ebs fails with
> efi_invalid_parameter, but upstream does not appear to do this.
> If you're able to make progress by applying this patch to your linux
> build, then we might be back at square one, since the protocol's whole
> purpose is to work with older SEV-SNP kernels.
> 
> diff --git a/drivers/firmware/efi/libstub/x86-stub.c
> b/drivers/firmware/efi/libstub/x86-stub.c
> index a0bfd31358ba..795db2315f35 100644
> --- a/drivers/firmware/efi/libstub/x86-stub.c
> +++ b/drivers/firmware/efi/libstub/x86-stub.c
> @@ -747,6 +747,18 @@ static efi_status_t exit_boot(struct boot_params
> *boot_params, void *handle)
> 
>          /* Might as well exit boot services now */
>          status = efi_exit_boot_services(handle, &priv, exit_boot_func);
> +       /*
> +        * EBS may fail once with INVALID_PARAMETER, which means the
> OS must call
> +        * get_memory_map again and try EBS one more time.
> +        */
> +       if (status == EFI_INVALID_PARAMETER) {
> +               status = allocate_e820(boot_params, &e820ext, &e820ext_size);
> +               if (status != EFI_SUCCESS)
> +                       return status;
> +
> +               status = efi_exit_boot_services(handle, &priv, exit_boot_func);
> +       }
> +

As far as I can tell this logic is present in the efi_exit_boot_services() 
function, so this shouldn't be needed.

Thanks,
Tom

>          if (status != EFI_SUCCESS)
>                  return status;
> 
> On Mon, Feb 13, 2023 at 9:56 AM Gupta, Pankaj <pankaj.gupta@amd.com> wrote:
>>
>>
>>>> - If no memory is getting accepted at all, should guest boot fail with
>>>>      below errors?
>>>
>>> No, the guest should not error. EBS should return success on the
>>> second call and permit progress.
>>>
>>>> - Why unaccepted memory not being set in my setup but works fine for
>>>>      you? Does it require any other change?
>>>>
>>>
>>> We have an internal fork of EDK2 that we regularly rebase on top of
>>> upstream, and we have our own hypervisor called Vanadium. So there's a
>>> lot different. We don't have an easy way to test with upstream EDK2
>>> and Qemu.
>>> A recent import found incompatibilities with measured boot only in
>>> SEV-SNP that we have disabled, but that's related to NVdata, which we
>>> deal with differently in GCE due to the cloud IVARS service and our
>>> allergy to SMM emulation. Should be unrelated.
>>>
>>> I've looked over our OvmfPkg.patch that we maintain after every rebase
>>> and most everything is related to our paravirtualized UEFI package
>>> that eschews SMM to talk to Vanadium directly through either shared
>>> memory or port I/O depending on whether the guest OS owns cr3 or not.
>>>
>>> You've added a log for the if != unaccepted memory, but will you log
>>> what status the function ultimately returns? And both the MapKey what
>>> status CoreTerminateMemoryMap returns in DxeMain.c's
>>> CoreExitBootServices? I'm wondering if maybe the EFI stub calling EBS
>>> isn't calling GetMemoryMap to update the MapKey after the
>>> invalid_param result that this semantics depends on. If the stub is
>>> the Linux kernel's own stub, then it should be doing the right
>>> thing...
>>
>> CoreTerminateMemoryMap::MapKey::18033 ^M
>> CoreTerminateMemoryMap::Status::2
>> ....
>> CoreTerminateMemoryMap::MapKey::18035 ^M
>> CoreTerminateMemoryMap::Status::2 ^M
>>
>> Thanks,
>> Pankaj
>>
>>
>>
> 
>