From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 0428422492755 for ; Fri, 2 Mar 2018 03:47:43 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D14EE40FB659; Fri, 2 Mar 2018 11:53:51 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-104.rdu2.redhat.com [10.10.120.104]) by smtp.corp.redhat.com (Postfix) with ESMTP id D0FDE9C073; Fri, 2 Mar 2018 11:53:50 +0000 (UTC) To: Brijesh Singh , edk2-devel-01 Cc: Ard Biesheuvel , Jordan Justen References: <20180302000408.14201-1-lersek@redhat.com> <2d6e37a5-fdfa-330d-d7ef-51e0350afdad@amd.com> From: Laszlo Ersek Message-ID: <6be3c2e4-0269-7743-d14d-4cf1f2935342@redhat.com> Date: Fri, 2 Mar 2018 12:53:49 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <2d6e37a5-fdfa-330d-d7ef-51e0350afdad@amd.com> X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Fri, 02 Mar 2018 11:53:51 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Fri, 02 Mar 2018 11:53:51 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:'' Subject: Re: [PATCH 00/20] OvmfPkg: SEV: decrypt the initial SMRAM save state map for SMBASE relocation X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Mar 2018 11:47:43 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 03/02/18 02:16, Brijesh Singh wrote: > > > On 3/1/18 6:03 PM, Laszlo Ersek wrote: >> I also tried to test the series with SEV guests (again with Brijesh's v2 >> 2/2 patch applied on top). Unfortunately, I didn't get good results with >> or without SMM. Without SMM, the guest OS boots to a point, but then it >> gets stuck with the CPU spinning. With SMM, OVMF gets stuck in SMBASE >> relocation. > > To boot the SEV guest with SMM support we need this KVM patch, without > this we will get either #UD or some undefined behavior. > > https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=7607b7174405aec7441ff6c970833c463114040a Looks like a very recent commit. What tree (and at what commit) do you recommend that I build a new host kernel? > It's strange that you are having trouble booting SEV guest without SMM > support. It's possible that we might have some mismatch kernel kvm + > qemu + ovmf patches. Wait, the details matter: I wrote "the guest OS boots to a point". There are no problems with the firmware, or the initial OS boot progress. The issue happens fairly later (but certainly before I reach a login prompt or similar). Maybe this is nothing new relative to last November; I don't remember. >> Until then, Brijesh, can you please test this series? Thank you! > > > Sure, I will try the series tomorrow morning. thank you so much for the > cleanup and remaining SMM work. Thanks! Do you have (maybe updated) instructions for setting up the SEV host? What are the latest bits that are expected to work together? Thanks! Laszlo