From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id CB5EF941FD4 for ; Tue, 22 Apr 2025 21:25:22 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=zzWTefwF/haNq/1jBcNvaN9PZX4TIeRzi+Ty+ZGKSGc=; c=relaxed/simple; d=groups.io; h=Received-SPF:Message-ID:Date:MIME-Version:User-Agent:To:CC:From:Subject:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240830; t=1745357122; v=1; x=1745616321; b=dn5CWMTlNUGooEx8Ci7UScM8RQitE5TugxTI4ofZ3EBBZ04648Nj02ZAwl3Z8vkNxLqzWy9r tbOfx32znGB8Md+dz6MLE9WinpOhywLi9VX9QrAj72RZSOzpf+cLPHe7KJmmdXZKA0fQr9AttO4 tbD7Dq9IYuxxTkVofBwH6Ng0CKeR1XuRNKKhldHN07lN4+L8B5oNfalZdscZb8boklqtHf6vBVn 94aTZBas5Pt04hLNFOPe5ZH70xolfAQtRgrb7/c8Acu2E0/Lq9HwyBbT7ZABL8Qa9SMVkAzvcWS OyU2iSRMNxBYwiWHx+4XlME7t3318pCwphDzH1AEejXtg== X-Received: by 127.0.0.2 with SMTP id KmPfYY7687511xpqZo3dlQ74; Tue, 22 Apr 2025 14:25:21 -0700 X-Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.87]) by mx.groups.io with SMTP id smtpd.web10.45084.1745340275638554403 for ; Tue, 22 Apr 2025 09:44:35 -0700 X-Received: from MW4PR03CA0254.namprd03.prod.outlook.com (2603:10b6:303:b4::19) by CY8PR12MB8298.namprd12.prod.outlook.com (2603:10b6:930:7c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8655.36; Tue, 22 Apr 2025 16:44:32 +0000 X-Received: from SJ1PEPF000023D0.namprd02.prod.outlook.com (2603:10b6:303:b4:cafe::11) by MW4PR03CA0254.outlook.office365.com (2603:10b6:303:b4::19) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8655.35 via Frontend Transport; Tue, 22 Apr 2025 16:44:32 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ1PEPF000023D0.mail.protection.outlook.com (10.167.244.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8655.12 via Frontend Transport; Tue, 22 Apr 2025 16:44:32 +0000 X-Received: from [10.23.197.96] (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Tue, 22 Apr 2025 11:44:28 -0500 Message-ID: <78983d77-8c0d-41b7-98c0-bcf8117bf55e@amd.com> Date: Tue, 22 Apr 2025 09:44:25 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: "devel@edk2.groups.io" CC: "Lendacky, Thomas" , Ard Biesheuvel , Jiewen Yao , Gerd Hoffmann , Erdem Aktas , Min Xu , "Roth, Michael" , Ray Ni , Jiaxin Wu , Zhiguang Liu , Dun Tan , Rahul Kumar , Star Zeng From: "Melody (Huibo) Wang via groups.io" Subject: [edk2-devel] Move X2APIC enablement from Pei to Sec phase X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ1PEPF000023D0:EE_|CY8PR12MB8298:EE_ X-MS-Office365-Filtering-Correlation-Id: 4e4d8774-d997-4e8c-d92c-08dd81bcf513 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: =?utf-8?B?UEVKZ3dCSkp6SlBZRHJleHIyUkdOU016N085U3c3U2x5RHVPWlJGaW4wa0d1?= =?utf-8?B?ZFMyZ010dUdpTUJvay9meWJ5Y2tQWEc1VzZUUG9wQ3JhVWZFSmwyamJSS0k2?= =?utf-8?B?aThzODlKTzZKeUhYVFdnc29OTEwzVHFkdnNIMXloL3U0Vzh4YUlTUXVXMzlq?= =?utf-8?B?WHc0T0ZETDlCR2lLM0I1ZmxuazM3VnFvVXRnREcwcGpoUFl6c3BDK3pqWTFl?= =?utf-8?B?K3FqZlNiK0ZRTUgza3BxMC9TUkhvLzVGc3ppT1F1VEJzMXhaYXk5MjN5aldi?= =?utf-8?B?OWVWWkRkdmZVS0JDT0lYZnE3em5mdDBDSHhnbm5BY2c4ZUU3eGpRS2xaZitL?= =?utf-8?B?aCtXU21FWHFOK3h3dCtoUHNXNElVYmNpSEpkVmV4aUFzdnJFQ3lyaitZSXZa?= =?utf-8?B?Tmh2Vk9waVhRelkybWVnMXZHS0ZkVG9rQk9YdytYWkQ2YzBvM1UxbFFjTFhV?= =?utf-8?B?R0JsN3BzaFlKaFE0MjE3dVJOQTdDTFpaYU1zZWZtTVp0NnFEYVNjaU9ySmkz?= =?utf-8?B?SGMvQThGbzZIUCs1WnJSZ244NGE2Z08zdlNlMmtsTnJucHF2UVVRV0p4MG5v?= =?utf-8?B?aDZkdU0xMUx3ajBXQVF3ZGJ6MnRKaVpYNVpob095RUJYQW9LVlZiS2Vrdlg2?= =?utf-8?B?MllVdUkwTkhMSUhiYnpIT0xTZzN2MEhySVJ6Ni80bHNSNWZDaFU1c1dFejZM?= =?utf-8?B?M29LQ1ZtZFoxcDNBcjdWaUNKbnl5SEtFcVlweEJVeVlva2dsQUJtL01LSm9k?= =?utf-8?B?MjNaUHI0NlJpZHQ0MlhnUG5ET3dnMUU0VVovN0loSUJ2VlFEQVhsRVJ5enkr?= =?utf-8?B?YU9IYldVSExvQW9uc1JNa01DM1gra2F5cm8xVHdSYzVQRDhYYmRYRFc5SER4?= =?utf-8?B?YWxyVFlhNWY2MExhSmVLK0U1NFRGeEUzMUtiMlJ2K3dlNTVCd01XaGVoYUtO?= =?utf-8?B?c1FMMHVibjFYbW5JaU91ZjJsUy9FRnZZamxWWTMwQy9Ed1BKOXVCbVk4b0tr?= =?utf-8?B?Q09URVZDazV2SGxEZHhFc3VIRDlOYi9ET2tXZkdpc0JDYndmbk90eFpTUFEz?= =?utf-8?B?V2xtSklSL3B1dW41SnB3dFVxWWhmSUJRaGRCcmpIcmlrUDdrbVpHNDRralc3?= =?utf-8?B?ckNUbTJUc1dKb1pqV213clJPWXlRUnFqa3ZEM2gwQzR0R2MzeUpYRkdqMDl4?= =?utf-8?B?Vzk5aDFQdkp3MDZ3R2xOa3JaYXBDbElkMDQ2S0Yvc055YzRLajdFT2N6Mk8z?= =?utf-8?B?Vmoxb3RBQ2ErVlNWdGh5TFZvSURTZW9aamwxdHJhcEpCSzhoTStoRjNVU0R2?= =?utf-8?B?UVBiTWtFTC93V0hJRFR3NjNxNVZZN0VpNCtMelgraDFEV252OVByWHhmYXdx?= =?utf-8?B?czhzV0ozYTQ5cTJuU0FVMWVGbXNDL2VMdjZVVjRtZmQvY3Bhbkg1Wkw4MWhu?= =?utf-8?B?LzVzelRGcXd0eWFMWmRwbEo3SXMzTmd2Z3VaTU9mT3QwNEJvUksvYUM5YWpW?= =?utf-8?B?MDFLdG1lOTZPSnREZnpxUXo2Zmd2M2NHZXlnZ3RnNDQ1R1RIb3RySzFtRWp5?= =?utf-8?B?WmFyWFZMaElZV2prNWhWQXZDOUhVVnQzUlFXd2xQUlBrU21oTlNxTE9zUjlJ?= =?utf-8?B?T1picW54YlJyc1BnTWtUSDNkSVFhVGpHRUUwdk5ndmZya1Vpd09RL09mNisw?= =?utf-8?B?Z0hrRjhqV2hkK29wdjkyNkFJL2x1TlRYazFKNEowemk0OGQrcXlRN3oxN1Q2?= =?utf-8?B?MXNJb0RUMmxnMzVLemN5VXF5TmNtUS92U1Z0eXNyUUVVd0hHaTlKV0grSXh1?= =?utf-8?B?QURnRm56RkFSL1hlNWhRN0NOUnFRdjRyUXBFNlMzSm81b2Y2OWtuTStyb2w5?= =?utf-8?B?KzBxbzdZTC8ycWlIZmFudlpPWTNBUjJNNUJCa2JWcjJXYVRlcUtjRk1adEZp?= =?utf-8?B?SjErSU8rcmt2YnlqT3E2Z2NTenEvQ3E3R1B0cENzeENPMUMrc0M2UVFNcTRH?= =?utf-8?B?UlNyRHNJZzYxMVlVKzRwRzAxWCthTUtkWDFaZ0hmbUpGbWp0eWYxRE5tTkJq?= =?utf-8?Q?NzMCwy?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Apr 2025 16:44:32.0568 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4e4d8774-d997-4e8c-d92c-08dd81bcf513 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ1PEPF000023D0.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8298 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Tue, 22 Apr 2025 14:25:20 -0700 Resent-From: huibo.wang@amd.com Reply-To: devel@edk2.groups.io,huibo.wang@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: S74nueIbQ06z0qZJaDWfZCTux7686176AA= Content-Language: en-US Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240830 header.b=dn5CWMTl; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io Hi, I am currently working on enabling Alternate Injection for AMD SEV-SNP gues= ts and have encountered a design issue. The Alternate Injection specification, which is still preliminary, defines = a so-called SVSM APIC protocol through a subset=20 of X2APIC MSRs while timer support is configurable.=20 [ This means, if timer functionality is not supported, the guest must rely = on the hypervisor to emulate timer=20 support through use of the #HV Timer GHCB protocol. ] When the OVMF firmware starts, it is in XAPIC mode by default and then, lat= er, during the init phase it switches the guest to X2APIC.=20 However, with Alternate Injection enabled, the OVMF in its very first phase= - SEC - does XAPIC accesses. The SVSM, however, which is part of the guest, uses the so-called SVSM APIC= protocol which uses a subset of the X2APIC MSRs. The OVMF, however, assumes it starts off in XAPIC memory-mapped mode and th= us there's a protocol mismatch of sorts=20 because with Alternate Injection already enabled in the SEC phase, it manda= tes X2APIC MSR accesses. The registers (timer registers) when not handled by SVSM will get routed to= the hypervisor (KVM) which at that point is operating the guest in XAPIC mode until the PEI phase switches to X2APIC. If X2APIC enablement is moved from the PEI to the SEC phase, the problem ca= n be resolved. I have tested it and it works.=20 However, I dont know if there is any concern or potential design issues wit= h that move. Do folks think this is ok to do - i.e., move the X2APIC enablement to the S= EC phase? Or do you have any suggestions for a better solution? Please feel free to ask questions if some concepts are unclear and I'll gla= dly expand on them. I am new to this, sorry If I have CCed too many people. Thanks, Melody -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#121284): https://edk2.groups.io/g/devel/message/121284 Mute This Topic: https://groups.io/mt/112386836/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-