From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (NAM04-BN8-obe.outbound.protection.outlook.com [40.107.100.80]) by mx.groups.io with SMTP id smtpd.web09.6841.1632482979770075693 for ; Fri, 24 Sep 2021 04:29:40 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=GQARH3td; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.100.80, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dI/I5sZvnXil+aY2QXsyad9xPfAW8OaIkGtHEIAqQd+yR4rEt6tQtOjjxLrZjmCCvAMxG/6Uj6hWx51UJS2YPU5Hbs9txXcw0G2wqxeylPuc3V8UmKqs7gbGGKjWkvDvzzzPfHFdyLhamXJFj+cy4QnqU5C9JMQl9gmWALCNZt5YiEEFzqCiCE2PlNhmef4yxOXrQ6orrG3NOqX91bPQ01GQgckrR7E5qkySmouFun+jJ/hKTt3d+GHFr1WtPCgLxnkXtw+4Btqb44JqbbuiioxT1iUIAW9UfY9NDRHVdPrgYc8Nn4rv4cIZ4i8u3O+xbsdD9Iuq1ZZANNKscIVJMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=2A56hH7UcxwO5/W5rHZDr50R09uO03lvKEIkaXqu+GE=; b=k8g92EUZ2j2tZ/fNKm1lTt8VWMjWIGFQvnCyvy4Zx+BNumgr2bciPOmkg1dA+UFG972CXtEUcS1qn1kv7fRmJrwPPEx3YIi84ejcSyc0DBp+wCP8SJDImLwpbaMPrssU5aiuWQ8mP2jUEYMXc4hk1J6Ez3GzCDv3WcmVgTeSE22+1E4tG2tkifb8MmeY1o3qoOkrh3Sj8FSUNcZNS35D4SN+QwiE94be/hWCBSp2PWOafyuupt5WkM+twNfCDm+/W2arVl4G9dLExDNJo3tMHf8N7Kpnfqs+99ZBSue8Jaik8MoqpAsN3u6CF3dVEUNL/ZFjpLMXgnq1DJAcXnmQWg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2A56hH7UcxwO5/W5rHZDr50R09uO03lvKEIkaXqu+GE=; b=GQARH3tdU4pnDXtCKnIhzpwYsbiwZxikHxgDrHMNB7HQKVN9v/07wxYuedjJCiCBcpugSx+ec0SJ7waWquJshUNvQkYpQxJRjjSqauf7RyOnxiWZLOp6RyMlPPNqCk8XYKkAquMALbpkviQDO7xWokz2yb/fkGfcRS5YOeVLOKU= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2510.namprd12.prod.outlook.com (2603:10b6:802:28::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.14; Fri, 24 Sep 2021 11:29:37 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4523.022; Fri, 24 Sep 2021 11:29:36 +0000 Subject: Re: [edk2-devel] [PATCH V7 1/1] OvmfPkg: Enable TDX in ResetVector To: devel@edk2.groups.io, kraxel@redhat.com Cc: "Yao, Jiewen" , "Xu, Min M" , Ard Biesheuvel , "Justen, Jordan L" , Erdem Aktas , James Bottomley , Tom Lendacky References: <20210923084821.yxizus3loa2p6hms@sirius.home.kraxel.org> <7c9aeb95-5c33-bd8d-4f0c-40133f4c7c3d@amd.com> <20210924045416.3vb7qxcetgtdggbs@sirius.home.kraxel.org> <20210924093420.xu7kmfnygy4lx7um@sirius.home.kraxel.org> <694ad227-bf3b-fd37-716d-f715df8ab9ba@amd.com> <20210924111752.pnrwuzlocmbfn6ic@sirius.home.kraxel.org> From: "Brijesh Singh" Message-ID: <6a271c91-ba8d-5aed-ea52-ba2c67247de5@amd.com> Date: Fri, 24 Sep 2021 06:29:34 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 In-Reply-To: <20210924111752.pnrwuzlocmbfn6ic@sirius.home.kraxel.org> X-ClientProxiedBy: SA0PR11CA0077.namprd11.prod.outlook.com (2603:10b6:806:d2::22) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from Brijeshs-MacBook-Pro.local (70.112.153.56) by SA0PR11CA0077.namprd11.prod.outlook.com (2603:10b6:806:d2::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4544.13 via Frontend Transport; Fri, 24 Sep 2021 11:29:36 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4af36608-1261-4387-bed6-08d97f4e96ed X-MS-TrafficTypeDiagnostic: SN1PR12MB2510: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6108; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 5nyNJol7toD9+HpPmPHcLYHLuf35nLcomcl0XyPoisavxTt25ULUl73ImR7RPsU1QAaTmJDMgq4D2w/dOqPteb0bIS4baoTMeLYQeAqHFZ9+TXGEt8kKAmCZiVwcVUzHK8kVUYa/pPQe6cMvO9FtlWGpTE8dmVxq31JS9fBigI0msT2z++wv8NrRvRhZUu/E8jpPVBoTpjZo7CV66DHaPkQis0l+JRkr3SdLdiw3QZIOjrtNDaH/BJB8fBlamStpCj6v9qmKKfjcO1VxUQcr0H+a9l9TguRGpQh3uTB+lFh3pjyTYS4UYGXZlfd/Tm9GY4GbPZ08x77UBynxocw39fXt38Q7ixaoeanc8DrNfquEjEtrLzCpN86W6iakinW3yAyt0g6uK50pUjUz07010Vt/BlqNYdJQCaEUWeHv3O1YcAyRMKkKMNE8e58pywsZxEN36khfzFVLdV3geR7Lxu9Q/jOfQhM0rTuScl1DmTjmhEEovbxVXvBLptwIIggLxW/SoLrtDpe4m7hquqg3C/RUB27kLMkiVM/CoeEglskJshJdR/KZSYFQifTjmtquBSaqBcQwtLzyQKPXz0simYWu2PcbFjdOQ9F1XAaIcAOqoOaQcC9DI7U8xXSjK8c2uN5KlFwhmBbh1+OYU89uB0EtI8Zar0bRMIzp9OHyQIWF2t1sdLA6rSwuVLc5iu0JUesf8ZPVsreKzfrJ4rflk9qrDOZxrAHtJzBsGvKV+NatzlOh8MQggsyxlpOPbuS81lKWvnVa66Vv4JLAg2St83Kt/sAbxqTxHdOVNVOO8+QPl0sJThuLY3yqpZlP+14nNEIk1jHvYyVeJk0+1Ft2zgAEnBcntcfQvyxwH2NVF/0B9JTNhnX4c2PpllQ4b2+iYZrmJO2/zMegwcseQqt2Bg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(36756003)(66946007)(5660300002)(44832011)(54906003)(45080400002)(6512007)(83380400001)(4326008)(66556008)(66476007)(8676002)(6486002)(31686004)(52116002)(316002)(38100700002)(53546011)(38350700002)(8936002)(186003)(31696002)(86362001)(26005)(6506007)(966005)(2616005)(956004)(2906002)(508600001)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?K1poZ0JMMXdTTk91ZUVMcW1xVmV5cEtXK1RZWHBweFg2UXZhWmR0dTdwNllq?= =?utf-8?B?Rk9BazJ0WUN5eFJicnZ4MTdzSnpNb3BlbzcxejJlNiszOEVKUkFvV0M0b3JU?= =?utf-8?B?ekRvbVdNa0cwUUdPb1pHdzB4ZUkzOWhqcU5RamQ2OXM3YXhUSW90NWtLTElW?= =?utf-8?B?QjA4Q2JmcHRLMTlZN3V6RGo4bExGVnNoQ280bmxFdFhyVXFqZkFDV0xkWDYv?= =?utf-8?B?aU5zbG1SRFdvamUvUWd6STdxSTMwRlA4TWFXdXFFc3ZxM3lBczJLNnlTaGR6?= =?utf-8?B?c0FyU09GbHNQeEhCMnFVTEg4aHhETU5pNVlhd0JldFRUaGR5YzFKMUs4MjR1?= =?utf-8?B?aTFQN095Zk1KR2VYMk1reStiaTZXVW5IWkVsVlNkcTBiTjhHL1ZGRG9zNGp6?= =?utf-8?B?dWJWRFJUTDF3TDE1bXZKdXdCRHB3bDZFTEFrWWd1TE9NUTFlYnpmYmduUko4?= =?utf-8?B?LzN2Qi9jRVpCeWNNRzArMkxXQUIwK0w4a05kNUgwTk5Pb3lzQVlPTzdwNjNB?= =?utf-8?B?QUlrTmpqSlZJdTZ5bGJRcTlZNlE0SlQwSWcycG5FWGo4WnA4UnBpTS8yM3Yw?= =?utf-8?B?dlVmMFVNVjNJTzhsUFYwQjBYdEdYU01OeXhDVjEraWJscFlNM1J5OHV0ZzJ4?= =?utf-8?B?M254NmJJb2QxNGhzWDZVNXF4S3V4ODhnNVJsUjRIZlBicXlZWHNqeWZnS09S?= =?utf-8?B?QXcycHUrTUt4ak9mOXc4Y1N1QUJXTThXdXl2eWJpWTBFLzZIc0lYZjY5OVJy?= =?utf-8?B?MGhJNG9USzJTN0JDdk1xaEtuVEtFcGJaMGJwUXdTRFdSeXVhVmxHY0wyZ0gy?= =?utf-8?B?VzFweEtBejRQdENlcXpMbWo3cnIvbjZtWGFtQzhhVlRuL3Q4K2lGTUFpVzcz?= =?utf-8?B?V1k2cTluZFBNM2tZTzNpc3dnOXd1S3RoWndnOGVFa1pkdnQ2RDhlTEVnVVNR?= =?utf-8?B?ZmZlbHdWZjZvb24veGh1Uy9mb3d2MHF0MDBieGRISE5oQytqcW5MdG9FRmNh?= =?utf-8?B?WFM0ZFpidEFaTU11S3pENmdKMnRON3VlckdIeFhpamU0MmFaVFltK256RGtN?= =?utf-8?B?Vk43alFqcGhQV0pCdlh6VUxIR1I1U1ErY0FZNXRzZHc1cWx0TUFhSjdTd1g1?= =?utf-8?B?RlZaMllqSUdNakE2U2FuMTdOb0lHVzVjNTdhQUxzVFIra0djVkJjK3hmOWI0?= =?utf-8?B?TkxHcDRzQ0p5bWk4S0EwcWpmaGpGNDFBald0OUFEbDR0SklPR1RkTnVaMnBn?= =?utf-8?B?MU4xYjRmSVNqNXpqbmg4UDZ4VTF4NWYySzlSOG5ETkMrWm5qd1BnendZNUN0?= =?utf-8?B?eE5yNUFIQzNIZFFhTGxuRVJtcTF0eTN5azlVYzRrSFQ2Tm9FV2kxeGtUR1pp?= =?utf-8?B?ZGNKKzJYSmFjV3hxWDhCWGo2WE1RUlJaSWg4Z2dWNXp6aEU4MUxFaHdXaytu?= =?utf-8?B?ODR5Rjl2cEtubW9jMGxFRTNoaTRoQXJWeFo0U2VLZG1xcGo0SUpJMUJHb2ZG?= =?utf-8?B?bitaRGtPLzV6NEU0ZThURGk1S2o5WU0ycG9JOGJxa0pua0xuNWlkK0cvUkxF?= =?utf-8?B?R1U1ZEoxVFFSeENEd0RXQ1dHbE03dnBpMlZrZVpRWkg2b3BUMDVhTGFhYXdH?= =?utf-8?B?bXZwSGlDNkNJNlhVSFA5czkrV2JZWk5aNG1pQmZXQWRYdWt3dnA4T043ZEtW?= =?utf-8?B?MzUwMjZiUG9qbW5TSVJBOE1ja3JxSVorZklEUnRuU0JEYzJzZlNuVjNKSyta?= =?utf-8?Q?8Fxd3ZQDuEgNobWvm/57TW8BJlRvU9apYOx0WZ4?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4af36608-1261-4387-bed6-08d97f4e96ed X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Sep 2021 11:29:36.7684 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 13aP2d3tNigz2MuyOCROdAXCI1hrJzONKVN5KOS4f0cTI+Dp1Ib1Y9tDsK17x5XQtSvVJTi7N8suhyCjzOZ6HA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2510 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Content-Language: en-US On 9/24/21 6:17 AM, Gerd Hoffmann via groups.io wrote: > On Fri, Sep 24, 2021 at 05:38:21AM -0500, Brijesh Singh wrote: >> On 9/24/21 5:11 AM, Yao, Jiewen wrote: >>> You are right. My statement for page table is wrong. Both TDX and SEV need them. >>> >>> That is NOT our original design. But I can understand why it is changed today. >>> >>> I compare https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2-staging%2Fblob%2FTDVF%2FOvmfPkg%2FResetVector%2FX64%2FTdxMetadata.asm&data=04%7C01%7Cbrijesh.singh%40amd.com%7C7c131e7f76de43f01ae808d97f4cfb01%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637680790883761087%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=1nG6d2htqsRuvsnzlFTsGazh1f57WzAGG6pxn6sj90w%3D&reserved=0 and https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAMDESE%2Fovmf%2Fblob%2Fsnp-v8%2FOvmfPkg%2FResetVector%2FX64%2FOvmfMetadata.asm&data=04%7C01%7Cbrijesh.singh%40amd.com%7C7c131e7f76de43f01ae808d97f4cfb01%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637680790883761087%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=TNcIqgCGnXn3Hl7QTrbePcuWmjtAH9DWUs9c6SENywY%3D&reserved=0. >>> >>> There are 8 entries in TDX, and 10 entries in SEV. >>> 2 of them are same, page table and TEMP RAM. >>> 6 entries are TDX unique. 8 entries are SEV unique. >> In the SEV patches you are seeing more sections because I tried to keep >> it in sync with the MEMFD [1] so that its much more readable. > We could add just a single range for stack + heap + pagetables (+more?) > and comments saying which MEMFD areas are covered by that range, to keep > the table small. Sure, that is not an issue at all. As a matter of fact I had only one section in my original SNP_BOOT_BLOCK GUID to cover the MEMFD region ;) I think we can live with just 2 to 3 sections common to cover a large amount of MEMFD, and still keep the code readable. Section 1: Page table + lockBox + GuidedExtractHandler (0x0 - 0x8000) Section 2: WorkArea + Ghcbbackup + TempRam (0xb000 - 0x20000) The region 0x8000 - 0xa000 can be platform specific. > take care, > Gerd > > > > > >