From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web12.7030.1617801758676299732 for ; Wed, 07 Apr 2021 06:22:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=avFuZOIe; spf=pass (domain: redhat.com, ip: 170.10.133.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1617801757; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Pp6DeXBcEkFwF7CWUUoKMb5P6EpZXjjw4QTPs95TCsA=; b=avFuZOIesH3jhAeYNzGjfj54gOpBCCR2aoHsmlIeLK2x4FlJZ7bPsgwuFVs0yIba3ABOON 9d+mU4RMQo4eRGFqTTlybkVHDpxsyKTddoSsapu3n6dYRBLMbU+mMJdiBb+q05+JqE65Vx vgqK1PJoBZSCB1ladHE80HIjFmzivQg= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-350-Sm8AWKeJOaW8LvnRkaUUcA-1; Wed, 07 Apr 2021 09:22:36 -0400 X-MC-Unique: Sm8AWKeJOaW8LvnRkaUUcA-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A68F2881D79; Wed, 7 Apr 2021 13:22:34 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-38.ams2.redhat.com [10.36.112.38]) by smtp.corp.redhat.com (Postfix) with ESMTP id CB5115D743; Wed, 7 Apr 2021 13:22:32 +0000 (UTC) Subject: Re: [RFC PATCH 01/19] OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest To: "Xu, Min M" , Brijesh Singh , "devel@edk2.groups.io" Cc: James Bottomley , "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel References: <20210324153215.17971-1-brijesh.singh@amd.com> <20210324153215.17971-2-brijesh.singh@amd.com> From: "Laszlo Ersek" Message-ID: <47bf3b5a-dde6-0807-ee54-704870326ef9@redhat.com> Date: Wed, 7 Apr 2021 15:22:31 +0200 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 04/07/21 02:21, Xu, Min M wrote: > Intel TDX also has metadata which is consumed by QEMU. We put the metadata > in a single file (TdxMetadata.asm) and put it at the end of ResetVectorVtf0. > Then a pointer is placed in a known location in ResetVector.nasm. In this way > QEMU can easily read the Metadata by the pointer. > ------------------------------------------------------------------ > ALIGN 8 > ; > ; TDX Virtual Firmware injects metadata in VTF0. > ; The address of the metadata is injected in this location (0xffffffe8) > ; > DD (OVMF_IMAGE_SIZE_IN_KB * 1024 - (fourGigabytes - TdxMetadataGuid - 16)) > ; > ; The VTF signature > ; > ; VTF-0 means that the VTF (Volume Top File) code does not require > ; any fixups. > ; > vtfSignature: > DB 'V', 'T', 'F', 0 > ------------------------------------------------------------------ > > The space in ResetVector is very precious and we all want a known location so that QEMU > can find the metadata easily. Putting the metadata in a single file give the developers > more flexible (They can put anything they want). So I think a pointer (point to a metadata > file) in a known location maybe a better solution. Assuming a QEMU version has been released that looks for the chain of GUID-ed structs already, then I think such a change would break compatibility with that QEMU version. If we definitely need a separate spot to include more information in the flash, for QEMU's parsing, then please introduce a new GUIDed structure, which contains nothing but a pointer to that spot. Thanks Laszlo