From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.53]) by mx.groups.io with SMTP id smtpd.web08.2738.1648668909323750680 for ; Wed, 30 Mar 2022 12:35:09 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=VBXek1RG; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.220.53, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BI17qwWxfyZmHcf7/AnW3UKl65X9Sgwq5KQGQhRpmCUAxncOZx85nz9OUrJaXN7KGbkJyxEfczI3ccJoBADYRitlaFrk5cBvMBpNyNgpeMgWDfhyBke9M95Gxdd/ktY4j/o85bDmH+c8fWUduT+6zagPB4n/Ngq/ny0eQJSP/m/Ibx9cebq0pRUzq37NW81aR/vC3wleGRWEix1hNRS24TT8/iWlaP7ov57h7ZBl9E6loqpxWdtTdo1iA31n2Nbm0nBVOLTEsjZzb9EgDW2YpKzY7SrXl/CFMpbAYMbi2qVLgvRM1qmSr+ABZNq9mLuf8xmuW65+VpvePLumcJJfmQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=r6wO/P3xXtfPTUKRaShDgcq1iIp0MHEM5+kHIM1avsY=; b=nTyJG5LQBnKE0TaJhzR+9RbtlKDbYLEYkqlPRG9t7cfyZJyFIKKHIn2mDDlKv4IwVgiOtzRrGHBcyJbcSKMi8g/gBEBievnKV+aC+Do8Hubtlvc/MfannJqLnGEGEvO2wSo3uazmqTK3egROS/zMizrf3ET7JgFwO0IR3vNRkQWEtaOMSOXiZb4P9EsRUCav5cc/HVeJmWnLNkxDVf/DXuMAEXB5lYtGSxk+n+uCWm9BYQI2+LwtA875MhZNB5X3Kc/WR+ADzPzg5woXlslza9Srmy4+P7k5/5CF70xYyJFxjMs4itfXy0eOH6+zhAkVzQBo16J3mr2AZJTY/+/shA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r6wO/P3xXtfPTUKRaShDgcq1iIp0MHEM5+kHIM1avsY=; b=VBXek1RGXFVrBqIPPqWTPSHaUSXdQsh8GF+s2MXQbiPOz5lkrckZ/vTmWUvvvZkYzoiv8pglPu2BLSrlsg1X/rqrRwawKmgL/G/KDuRSkPJsskKY86L9cvdB3VipZfcfkxnQTzhbDl8vDMDDxB/7R39CeoGL0gGh6ME3MNxn3Ws= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by MN2PR12MB4502.namprd12.prod.outlook.com (2603:10b6:208:263::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5123.16; Wed, 30 Mar 2022 19:35:06 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::41d:eda:4fc2:2052]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::41d:eda:4fc2:2052%2]) with mapi id 15.20.5102.025; Wed, 30 Mar 2022 19:35:06 +0000 Message-ID: <4fdbb522-e7e5-a0a8-ee1b-003e3f80c9c6@amd.com> Date: Wed, 30 Mar 2022 14:35:02 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 CC: brijesh.singh@amd.com, devel@edk2.groups.io, Ard Biesheuvel , Jiewen Yao , Jordan Justen , Erdem Aktas , James Bottomley , Min Xu , Tom Lendacky , Tobin Feldman-Fitzthum Subject: Re: [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation To: Dov Murik , Gerd Hoffmann References: <20220328184530.86797-1-dovmurik@linux.ibm.com> <20220328184530.86797-3-dovmurik@linux.ibm.com> <20220330052029.4fuzbca2364nm7fg@sirius.home.kraxel.org> <7585badc-63d5-4195-760c-3cc3665795e4@linux.ibm.com> <7ea76edb-fad8-b06e-e715-0868de1f1261@amd.com> <5a8dfc50-d9e8-447e-6328-302d8a519c79@linux.ibm.com> From: "Brijesh Singh" In-Reply-To: <5a8dfc50-d9e8-447e-6328-302d8a519c79@linux.ibm.com> X-ClientProxiedBy: MN2PR22CA0017.namprd22.prod.outlook.com (2603:10b6:208:238::22) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 35c1d98e-84e6-41e2-72e8-08da1284649c X-MS-TrafficTypeDiagnostic: MN2PR12MB4502:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qDuKHLzc7XiBVeLwNFqpfrZHNBl4iFD1vE7bqa+IXJIjSTicMWXSzZzXJxNFyQbODLQXp2XfqPez7g2qE2sH5n2Dg3KpyjmjDs+LyjxLluKuGn/9jytmjfEdz3iYcO0TaEiQulgqFe3BIEh5qf80mfzf/8H2Kqv23fOQKTmGDWVtBxCwge824htQF3gl4Yoc/RSNbMUEBpdUD7rQkZ3yEDouK6tMrODRjPrOwImX44UmbJfQkhOW/hA0/4HZQ4OdA+4lqthHf1eBZH1eXYMM8FKz9WfOfjb4uJnbTmY6tVAN4D3kQ40ZO1T9l749DOOWOfzN473myBiEmddMA7ZYGqLVRbY+BtF1LmQUgWC/qqcL7keec12K6lwp3/m55YRHLoVQlK1pELx2cDcf7T6cfP0mEXJ9vtDxgFkN3uaNkYqc2xaLJdN2cjV4snVuzMtoNB9bZgfTMnaOq1hy0y2BCQLIWTtsVEyVeXz1H+LzuvPfPJy9eLw7atL42eHu397PX118p+93DbqwIt1OQ8oRF1W4QiFC1euiSgzRYMh8cBFwU6ywiV8fhNND2DuITFM9XDlQGBNHugL7Y4zObkjL/ZsHp6j2zrxBZ+qk7051f8XeDwn9vklC5e8+3luSzFWdv4Lye9R0w8Ys/1MicpDamnBo8RsbU92yOOiW2abqYsT6NJabueqqfobhsqKsHFdp5E0hWRdlFzWYmXyPNrhKISt70gSNKCKWoFCwWtaESOh1kkUlv2LbUGzCqOpMOfWv X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(2616005)(26005)(186003)(83380400001)(7416002)(8936002)(44832011)(36756003)(5660300002)(31686004)(38100700002)(31696002)(6486002)(66556008)(66946007)(66476007)(508600001)(6506007)(6512007)(6666004)(110136005)(316002)(4326008)(8676002)(54906003)(53546011)(86362001)(2906002)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?vFDAkpbo8Pu9o5cbOPtC3ussMxdgvMc8yP3Q6NxchlbgXUWIIYLh8ptrChUB?= =?us-ascii?Q?njkg/qApkjKCjVcUvQt5qeXgQ4HduNOX4dPkv9r1qrc2OyPNH1BT/fVIrQyU?= =?us-ascii?Q?rDjX3zfdCLIra74C5PR2wxt7Mxp+ajt3ywfJgqY6ekK05SJshVMKlgGeBkSB?= =?us-ascii?Q?fhF2OIZl2HZ8aVh1T7ySvmxhirjn0rZZ/5x8dcEzCccbWOJkb5VAGm/z5Am9?= =?us-ascii?Q?qdGmEctqPPEtsILCV2u6yCRjFxdWLEk9Qlhcj+bx8pYaLC0qLhNmHspcDQC0?= =?us-ascii?Q?Ut9v/9MmjnbAvp5TiV0GES9/IJwiwG8LrY1WCnR/Biw05J+8GYf8LO3o5k85?= =?us-ascii?Q?F60FF+mCjj5LQH8n2prhP2NcDgJpkv7i70NzKEjpfqHi0qRP6aEvqRyXzx1A?= =?us-ascii?Q?3uoLDClcI55KclCgM31d9lcn+KEbkfVPE2kVZCv1FSdfTupcuASWOhlG+wUK?= =?us-ascii?Q?5Pi1f0rgTMFW380xejrrpuNcBgjLzRSPhuRO6+UCSxR3w0g7keYX8mOcvP3T?= =?us-ascii?Q?62Rpzeb1upUeQtEexopilJBcIjy16Djf72FPCMzOzfF5+3VGIe3KwFzk8J4G?= =?us-ascii?Q?sQOzYE7vBSlx/subzRS67Fz3DxwoTC6xATfCboSO+aNFSuHfncMEB4RMP8yF?= =?us-ascii?Q?IuacyPGpjHhz+6qmfV6i3ERdpsFR4iGlmrXKXpSKT/3UQN0g1shy74quGip2?= =?us-ascii?Q?3ORo+x9wSgQ2Wgs/ZRqKnGOW8gz1TRhn6A6W4kWMTIaYUhldcf9U2Ab+JJmB?= =?us-ascii?Q?01OLthEI+b1MTjF2AaeHV6Ry8XyrkvfoJP3h4AK93ktMOKiUdylJOvKl47Y4?= =?us-ascii?Q?jf6GHdwGzmVCABXzSioYPkXiS/6alNL52JgRHDwUeX3Hacs9ivOA10wX4DB2?= =?us-ascii?Q?OQ6COGzXhLp04ap1O7sr00ZuCBk6AYma31N42xFzBxB2oJKBiZ+l+SkEVr5w?= =?us-ascii?Q?1XOdseHRXFnt5b4VGS3ojvvyfhTJLVlDrvKh0Vq/9STzwfh2mjBZFxpcfJ+K?= =?us-ascii?Q?oBAZ4w8IMLKN4DBBYvqNRylgb3BQf7GMIV/0EuDIrXcTvW10Gq77PTHtJRdt?= =?us-ascii?Q?zvWKHTo+w5WJxQ8t/Uzfosc/O+pHmVw0Y07IjVsNplc4hdvMxw+NbSS9x4kl?= =?us-ascii?Q?t3hz0BPgTefBQ5XTqE2a4D/gPFYg5plX1aWyD0SfA95IJ+AESgvUlft2uqLS?= =?us-ascii?Q?x3gdNC6I1XuCWtC3PJmU7bCem33VIxkZNy6bX51UoC6A3jKbEtnBDRG1bXLD?= =?us-ascii?Q?akF16xoPCDqAjKoqIQ1JHeNhHoTb9lWUW5zb1MVkVD12XeYA8ncui7IBo+L2?= =?us-ascii?Q?6zmhD79Hg+uw6fYzo89DZmcT+TOw0T0e8HTMrIfDY8sYP7xXIlbWxPKOwr7q?= =?us-ascii?Q?ObR5Hd0atGaxxGzPlmTuVQTxQJyn624exlBRwSQrOtugLHtUGsxZq964utGE?= =?us-ascii?Q?Itp3KH1Rju6FVKeyXYzsObtI4Y4qVPDIl2Qls6ZQIZlzk6drodsZth96xLcT?= =?us-ascii?Q?hZSEjFuTIKT0XtfJ4nPzn/89qb+LEgaTTjL1IwQH5rBJCH8S7uSkTgq7v63l?= =?us-ascii?Q?zaehEA41MY3FI7CYsAtx6xiG+XjZD8XOmjmJfs7R09vZGmjc7JZnUbk3msM8?= =?us-ascii?Q?F/mxZL3NZGZfGUJNs72XE8XJ2T96E9eLA6HZXxtn72Btq5W8fCP7BKGBbM5q?= =?us-ascii?Q?w+gQJTk2FEaUfq3fjtxCn2t9d3dEnZGO5rlP64RzQbOgKTUUPMMI/ny9gywv?= =?us-ascii?Q?IqJw/iVp9Q=3D=3D?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 35c1d98e-84e6-41e2-72e8-08da1284649c X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Mar 2022 19:35:06.2428 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: +8tDcQ9kp7PNiNB3N8IOuvXqWFLE/kqTt6VXApRfi6dlM2A9A5gjkYLBkpu3NfZpQI6vrNTtcnUdYX8stocJrA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4502 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable On 3/30/22 14:31, Dov Murik wrote: >=20 >=20 > On 30/03/2022 22:27, Brijesh Singh wrote: >> >> >> On 3/30/22 01:04, Dov Murik wrote: >>> >>> >>> On 30/03/2022 8:20, Gerd Hoffmann wrote: >>>> =C2=A0=C2=A0 Hi, >>>> >>>>> Check if that page is defined; if it is, skip it in the metadata list= . >>>>> In such case, VMM should fill the page with the hashes content, or >>>>> explicitly update it as a zero page (if kernel hashes are not used). >>>> >>>> Is it an option to just skip the page unconditionally? >>>> >>>> I think in the OvmfPkgX64 build the page is not used, so it probably >>>> doesn't matter whenever it is included or not, and it would make thing= s >>>> a bit less confusing ... >>>> >>> >>> >>> Brijesh, >>> >>> What would happen if we change this: >>> >>> =C2=A0=C2=A0=C2=A0=C2=A0 %define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE += CPUID_SIZE) >>> >>> to: >>> >>> =C2=A0=C2=A0=C2=A0=C2=A0 %define SNP_SEC_MEM_BASE_DESC_3 (FixedPcdGet3= 2 >>> (PcdOvmfSecPeiTempRamBase)) >>> >>> in OvmfPkg/ResetVector/ResetVector.nasmb ? >>> >>> It means that the page starting at MEMFD_BASE_ADDRESS+0x00F000 (that >>> is, the page >>> that follows the SNP CPUID page) will not be pre-validated by QEMU. >>> >> >> Lets look at the OvmfPkgX64.fdf is >> >> ... >> >> 0x00E000|0x001000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase|gUefiOvmfPkgTokenSpaceGuid.P= cdOvmfCpuidSize >> >> >> 0x010000|0x010000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpa= ceGuid.PcdOvmfSecPeiTempRamSize >> >> >> 0x020000|0x0E0000 >> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase|gUefiOvmfPkgTokenSpaceGui= d.PcdOvmfPeiMemFvSize >> >> >> ... >> >> If you change SNP_SEC_MEM_BASE_DESC_3 to start from PcdOvmfPeiMemFvBase >> then who will validate the range for=C2=A0 PcdOvmfSecPeiTempRamBase - >> PcdOvmfPeiMemFvBase ? The SEC phase (Sec/X64/SecEntry.nasm) uses the >> PcdOvmfSecPeiTempRamBase. If the memory is not validated prior to use >> then it will result in #VC (page-not-validated) and crash the guest BIOS >> boot. >> >=20 > Gerd actually wants to change SNP_SEC_MEM_BASE_DESC_3 to start from > PcdOvmfSecPeiTempRamBase, which is 0x010000. >=20 > Supposedly no one uses the single page at 0x00F000 . Yes, that should be alright as long as the SNP_SEC_MEM_BASE_DESC_3 start=20 from PcdOvmfSecPeiTempRamBase. In PEI phase, we validate all the=20 unvalidated range. So, as long as SEC phase is not using 800F000 -=20 8010000 we should be good. The PEI will validate that page. thanks