From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web10.9190.1624369132889874777 for ; Tue, 22 Jun 2021 06:38:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=E5Vsusbv; spf=pass (domain: redhat.com, ip: 170.10.133.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1624369132; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=tLJt6aw9J2bNx6LBQYxmo/XKiDuF+6b35mRRkKL2e6A=; b=E5Vsusbv+ToKa/nE8GpZqSG8IyKiSU0QA6WwZoYQbzuZcBD4sZiOc1EYI9GtweylhcT6gC ebeS18FQiPWEQ36iq2vopuglXdZDiU2O78cXnrsGnw+Huoo8kzQOkbs//AflfTl7Pww8ol L+y8coT7N2qEhayl9pQXXi3T2aTlkLM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-584-XKWunc_hPqq9TPJu9TMVxg-1; Tue, 22 Jun 2021 09:38:50 -0400 X-MC-Unique: XKWunc_hPqq9TPJu9TMVxg-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1D633800D62; Tue, 22 Jun 2021 13:38:49 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-115-52.ams2.redhat.com [10.36.115.52]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BF66B19C46; Tue, 22 Jun 2021 13:38:40 +0000 (UTC) Subject: Re: [edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF From: "Laszlo Ersek" To: "Xu, Min M" , "devel@edk2.groups.io" , "Yao, Jiewen" , "rfc@edk2.groups.io" Cc: "jejb@linux.ibm.com" , Brijesh Singh , Tom Lendacky , "erdemaktas@google.com" , "cho@microsoft.com" , "bret.barkelew@microsoft.com" , Jon Lange , Karen Noel , Paolo Bonzini , Nathaniel McCallum , "Dr. David Alan Gilbert" , "Ademar de Souza Reis Jr." References: <168759329436FBCF.5845@groups.io> <4d0fc023-6520-43f6-0b0e-9db7bf15a85c@redhat.com> Message-ID: <41a0be8f-4f8e-a62f-ea63-665c1cafd877@redhat.com> Date: Tue, 22 Jun 2021 15:38:39 +0200 MIME-Version: 1.0 In-Reply-To: <4d0fc023-6520-43f6-0b0e-9db7bf15a85c@redhat.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit On 06/22/21 15:34, Laszlo Ersek wrote: > Hi, > > On 06/11/21 08:37, Xu, Min M wrote: >> In today's TianoCore Design Meeting we reviewed the Overview Section (from slide 1 to 20). Thanks much for the valuable feedbacks and comments. The meeting minutes will be sent out soon. >> >> To address the concerns of the *one binary* solution in previous discussion, we propose 2 Configurations for TDVF to upstream. (slide 6 - 8) >> >> >> >> Config-A: >> >> * Merge the *basic* TDVF feature to existing OvmfX64Pkg.dsc. (Align with existing SEV) >> * Threat model: VMM is NOT out of TCB. (We don't make things worse.) >> * The OvmfX64Pkg.dsc includes SEV/TDX/normal OVMF basic boot capability. The final binary can run on SEV/TDX/normal OVMF >> * No changes to existing OvmfPkgX64 image layout. >> * No need to add additional security features if they do not exist today >> * No need to remove features if they exist today. >> * RTMR is not supported >> * PEI phase is NOT skipped in either Td or Non-Td > > (so this is "Config-A / Option B", per slide 9 in the v0.9 slide deck) > >> >> >> >> Config-B: >> >> * Add a standalone IntelTdx.dsc to a TDX specific directory for a *full* feature TDVF. (Align with existing SEV) >> * Threat model: VMM is out of TCB. (We need necessary change to prevent attack from VMM) >> * IntelTdx.dsc includes TDX/normal OVMF basic boot capability. The final binary can run on TDX/normal OVMF >> * It might eventually merge with AmdSev.dsc, but NOT at this point of time. And we don't know when it will happen. We need sync with AMD in the community, after both of us think the solutions are mature to merge. >> * Need to add necessary security feature as mandatory requirement, such as RTMR based Trusted Boot support >> * Need to remove unnecessary attack surfaces, such as network stack. > > After reading the above, and checking slides 6 through 10 of the v0.9 > slide deck: > > - I prefer Config-B (IntelTdx.dsc). I should clarify: the relevant part of my preference is not that "IntelTdx.dsc" contain the *complete* TDVF feature set. The relevant part (for me) is that "OvmfPkgX64.dsc" *not* be over-complicated for the sake of TDX, even considering only the "basic" TDVF feature set. It's fine to implement TDX in two stages ("basic" and "complete"); my point is that even "basic" should not over-complicate "OvmfPkgX64.dsc". Thanks Laszlo > > This is in accordance with what I wrote earlier about "OvmfPkgX64.dsc" > maintainability and regressions. > > Additionally (given that a full-featured TDVF is the ultimate goal), I > see the advance from "Config-A / option B" to "Config-B" a lot less > *incremental* than the step from "OvmfPkgX64.dsc" to "AmdSev.dsc" was. > > Put differently, I think that any TDX work targeted at "OvmfPkgX64.dsc" > is going to prove less useful for the final "IntelTdx.dsc" than how > reusable SEV work from "OvmfPkgX64.dsc" did for "AmdSev.dsc". > > Put yet differently, I'm concerned that a part of the TDX work for > "OvmfPkgX64.dsc" might be a waste, with an eye towards the ultimate TDVF > feature set ("IntelTdx.dsc"). > > > - I could (very cautiously) live with "Config-A / option B" as the > initial approach. However, we'de have to be ready to make the full split > (the switch-over to "IntelTdx.dsc") at *any point* during development, > in case something turns out to be too intrusive. (And yes, "too > intrusive" is subjective.) > > By this I mean that any particular patch towards "Config-A / option B" > could cause me to ask, "please create IntelTdx.dsc now". Note that the > later we make the switch the more painful it could be (= the more > invested in "OvmfPkgX64.dsc" we could be, at that point). > > For example, as I stated earlier, "OvmfPkg/AcpiPlatformDxe" is a driver > where I'd like to see zero changes, for either SEV or TDX. If the TD > Mailbox location has to be reported to the OS via the MADT, and QEMU > cannot (or must not) populate that field in the MADT, then a separate, > TDX-specific edk2 driver should locate the MADT (installed technically > by "OvmfPkg/AcpiPlatformDxe", earlier), and update the field. > > Thanks, > Laszlo > >> From: devel@edk2.groups.io On Behalf Of Min Xu >> Sent: Friday, June 11, 2021 6:30 AM >> To: devel@edk2.groups.io; Yao, Jiewen ; rfc@edk2.groups.io >> Cc: jejb@linux.ibm.com; Laszlo Ersek ; Brijesh Singh ; Tom Lendacky ; erdemaktas@google.com; cho@microsoft.com; bret.barkelew@microsoft.com; Jon Lange ; Karen Noel ; Paolo Bonzini ; Nathaniel McCallum ; Dr. David Alan Gilbert ; Ademar de Souza Reis Jr. >> Subject: Re: [edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF >> >> Hi, All >> Thanks much for the valuable comments and discussion about the design. >> We have updated the slides (v0.9) in below link. If some comments or concerns are not answered/addressed in the new slides, please don't hesitate to tell us. We do want to answer/address all the comments/concerns. But to be honest it is a rather complicated one and we appreciate your feedbacks. >> https://edk2.groups.io/g/devel/files/Designs/2021/0611/TDVF_Design_Review%28v0.9%29.pptx >> >> Thanks much! >> >> Xu Min >> >> >> From: devel@edk2.groups.io > On Behalf Of Yao, Jiewen >> Sent: Thursday, June 3, 2021 9:51 PM >> To: rfc@edk2.groups.io; devel@edk2.groups.io >> Cc: jejb@linux.ibm.com; Laszlo Ersek >; Brijesh Singh >; Tom Lendacky >; erdemaktas@google.com; cho@microsoft.com; bret.barkelew@microsoft.com; Jon Lange >; Karen Noel >; Paolo Bonzini >; Nathaniel McCallum >; Dr. David Alan Gilbert >; Ademar de Souza Reis Jr. > >> Subject: [edk2-rfc] [edk2-devel] RFC: design review for TDVF in OVMF >> >> Hi, All >> We plan to do a design review for TDVF in OVMF package. >> >> >> The TDVF Design slides for TinaoCore Design Review Meeting (Jun 11) is now available in blow link: https://edk2.groups.io/g/devel/files/Designs/2021/0611. >> >> The Bugzilla is https://bugzilla.tianocore.org/show_bug.cgi?id=3429 >> >> >> >> You can have an offline review first. You comments will be warmly welcomed and we will continuously update the slides based on the feedbacks. >> >> >> >> Thank you >> >> Yao Jiewen >> >> >> >> >> >> >> >