From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.55]) by mx.groups.io with SMTP id smtpd.web08.9219.1631789360118307939 for ; Thu, 16 Sep 2021 03:49:20 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=4iu98H0w; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.92.55, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=J865ywutLqDVfdcOUMAQfsR2BE1vzG1OLdggFGih39nR8KjzJq+S2aNxbHzDEptrQjg0KUc3a1n2ThHMzf+wh6rV5meNCRNTzJDaBKEwkxIRa9FQdiU2flMnbpadSo8XTs40A3OhdHNT73aNoKnXEa+hOyJyzagY+71Eevnokwy0LGuPW6HKHl/kvTTtRNrQdQtgxgRLOm5dCJ0UONIEhQL1LkL5PNFdFHLwhssfH+oqbwi4iB45P0XmIm0Ev1ArvIJYVn19Qr/jqz/H/mPPViG9sEJG07unFF3c0GUq8DQ0K1a4upx9rU7HmwJ5rbQLi+kBIzFGJAwijXnQk5FhUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=o2cnIKXISgOGTPbieZYWlmuGyyAbJfPo+NfU4LfwBTI=; b=mExyXNpCCr5boVvDqDJcsdOW/nat/0SwzSTbRid1MBkIBUcqOa/yZTLVg+CzSXGJGleU4dyrW02a6k8uYrOnfPXtZBPiX0woI4ZGUzeafIbJXEolnIfdL73dfMM9nopMizPCP1U9eZdiMQRustV9mhfoMFHNC5FGElR1sWRyXdZVB7t/zyCXLIKKqb9Df9TW9T8hc2AckaCoE+8RvaRY3uYOWkKXkeZxCFPIZPwwPtTUhveI/Xnl4xO3hJoXp7HIiN8y+nA840SLTDRDi6uit7H6268oVbMqPwVIhSTFuh1rbwkcWLp1wKMNl4rRIqEYbe+SRj+rgLORb/ucecF+Dg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o2cnIKXISgOGTPbieZYWlmuGyyAbJfPo+NfU4LfwBTI=; b=4iu98H0w1P04xMMBraNANpTOPgDtgNXB0J/HpmLF/C1XU2YeA6UqDu5ifJ4TS7U18RqKlVjpL5sBZzG2K9G+zQ67M7dR3srTQXZYven9WAUmD+ZJJT+Rd4Gmd+1BqllQMJxVZnC6C27Qu5kWxIwnYPtpnsSaGOcj3EhpN3IDHwc= Authentication-Results: amd.com; dkim=none (message not signed) header.d=none;amd.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2767.namprd12.prod.outlook.com (2603:10b6:805:75::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.18; Thu, 16 Sep 2021 10:49:18 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4500.020; Thu, 16 Sep 2021 10:49:18 +0000 Subject: Re: [edk2-devel] [PATCH v7 06/31] OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase To: devel@edk2.groups.io, kraxel@redhat.com CC: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Michael Roth References: <20210913181941.23405-1-brijesh.singh@amd.com> <20210913181941.23405-7-brijesh.singh@amd.com> <20210916082644.daoyd64fdewfikgz@sirius.home.kraxel.org> From: "Brijesh Singh" Message-ID: <980d2098-5d98-dff9-2760-10953ecb66c8@amd.com> Date: Thu, 16 Sep 2021 05:49:16 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 In-Reply-To: <20210916082644.daoyd64fdewfikgz@sirius.home.kraxel.org> X-ClientProxiedBy: SN1PR12CA0063.namprd12.prod.outlook.com (2603:10b6:802:20::34) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from Brijeshs-MacBook-Pro.local (70.112.153.56) by SN1PR12CA0063.namprd12.prod.outlook.com (2603:10b6:802:20::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14 via Frontend Transport; Thu, 16 Sep 2021 10:49:17 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 78695957-8d29-4ad3-db16-08d978ffa210 X-MS-TrafficTypeDiagnostic: SN6PR12MB2767: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6790; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YYKjYJ3HhMJxqHOvatP+QNHblxYhaxKt6vWTWanRrLUlIi3PGOSXy+LLFUSZAknHKLC8xm1hRDX24NsrtWfnH1hIJB5ts8952sUPFTpFrUERInXV/92AzjEcvinlSyVAAVkpGNsx/Hg/eSnF8jFHzPoQGpg9okk2kciaaNFBbjJUkmqxmhyStaByMqttRPppAjaAfE8DmwlfDCfIa2n+uT60jEfLpyMyiTmHk2eAnXLEFIlau3ko3cX8XiYnDA/oDwZLl1yqzGPrtbRqBWiSTUWxwfGyH8U3TBK7rJqT38pR3wR8nkbySSeFRYqK+GUlbevcQ0i+22jzidN0ErUHbKGswbz7SJq4iSMe9NCvbDf5g++BZjwhHrKUl90tsjDwcRw3ICBXg5Duh+e2vtj/DKCdRRhK7jiiXM6YQtts6NniII+kxn2ds/oYBHX8XVAa+hkLB9RVbe81dzHOjn8Yq3VZInfTZKc+AgrCmkmKn0/uB0k9T7ICrlqaw0NliRIlAp/DsNaZY2mssFBIsO47PpjkaFBftHFrL2E9Abnyh92GBq2reQi8fA9+KE0PJ05yrhfd0ALm1f04htNVVDI438HfHtFAy4Xtdr4KDRSPz+b02EdmitjRypXHRTq6oW7ATzTJo1bqke15UIfDHwAJhqE48/upmmUMG8yfJ6LtxU7rcOk/htPmoJV85iw+qdWRk8HKtDY0IVCqbs4m7YO7wRcJaXcY1e94WwNMGHHOdmAEFe+19M/8uwNMSFXv6KHGSu93A8Uah3ZcV2i9ayqYFw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(376002)(346002)(136003)(396003)(366004)(8676002)(66946007)(956004)(53546011)(66476007)(52116002)(31696002)(8936002)(2616005)(66556008)(186003)(4326008)(54906003)(83380400001)(26005)(86362001)(478600001)(2906002)(6506007)(5660300002)(6486002)(4744005)(38350700002)(38100700002)(15650500001)(44832011)(6512007)(316002)(36756003)(31686004)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?0k/kGDGRak7ROP/OCwPOMjJU+YLts9e3a0fODd3aeJQnUafshPaiKfgttX1y?= =?us-ascii?Q?bLB261PQnlaDQLY5v6XpvXY8SBPPtMBBZfGDAPd85Vs+SlzzxQHHeZ2HkQ//?= =?us-ascii?Q?soBi9FdFO41AchSmTDTAWp73plAnPKLVhCvG8KidS4PnGPaIfp7b+lYe5mFv?= =?us-ascii?Q?vjj1rJ74L3IIrbImp8boGbu6AfK0hrVovKh5PxidLsVNWbAYX18+nU58Aulf?= =?us-ascii?Q?tK9MwJ+h1SXKyUPSTSfRQhDn+FHdFC92fsYAEM0LEpeiPEzAktX7wjEFKe9L?= =?us-ascii?Q?RjUkkK40TYCfxRVxWBNz920Y98FKsxcMGMimZwXx4S3wfI1GPy+Ip1HiFXBq?= =?us-ascii?Q?YCPjLtMgX7Z+Bzf4b3N51CgzRomHzyjs4LpbEg8QK19nBJwOKjSBEM72YhXp?= =?us-ascii?Q?MU2tlFAewUuoVFOOv+q+7Es6dTIgk6TAd1nl73tr6tiH12vb7uJhI30XjSY2?= =?us-ascii?Q?X5JiuD2/uth4+cOujQpbG4Ind/2fCEOiU6otrocteYYlsVKkHmA6Ab+KwYB5?= =?us-ascii?Q?KpJ78gnrT0QIMIWloa7nteDRckXfC6MGIJQfn5T+jWAJQ6ynbYeY90NGtRK0?= =?us-ascii?Q?vOZaKDUKD0sjrfKAZtiHDGBgBeBJB9tBTFOAvLw6SRDSUBdj1f+G+4cSW0Un?= =?us-ascii?Q?uxR49FGb7IGSQMQF7C/xq6gH3NoiRkxSAy5juCSGuW2wVaiIfvI+EcVWbA3q?= =?us-ascii?Q?2m7xYhhe7rPM7zTNhVjTMu3+7kf66uRltFTqOEISOUE5SkzkY9ZaNDuHdUQa?= =?us-ascii?Q?6KsudeMyxMfMSuy311kqAiNZc9jDQpIXRtpp0Gg1OvZQGyLylUjLzyUkpe+E?= =?us-ascii?Q?Zgu6n07fbShbZF8jr7eVf0Q0dudjOjvMKfDjB5i5mBOdegemeDstq30IWbDQ?= =?us-ascii?Q?8dIThRWIJ8v17GIem1odfnkK4u+JlHWHtqrAPVh/IXHmKwkAOYFuI/SBM4Me?= =?us-ascii?Q?KNs3sHiH3zRWMktVaV15+4sZMeVFbRpM9jFEz5pHWKIcRyhooouGFqYLt4rD?= =?us-ascii?Q?76GiIC7JUycybkCJ9yFTvhDTxcWflqIBs6fUEky/ejccK7zBmBRDL9eRInx5?= =?us-ascii?Q?vAwFU/j4E2sFzFqWdHYWgzW2z3sYnkBTEBuBpw4jh0O0Vmw7HFIoZLV3gTbG?= =?us-ascii?Q?OCl9pMI+AyOGfwtHITxG8rgRTr6ewC/mKxZNbLtTnWJSjcM04TFnfKfcmI4C?= =?us-ascii?Q?4Vzmi6ZF0muK3FEVLyD6PVFxT4osUOO+m/aoUihZoTQlB/zqjlzLf0cwiO4s?= =?us-ascii?Q?kNWsyQW9SF1ncdPFzHMrNr5B1VGoFoa72uU0DT6CbilSnyAjM2EmEmxImbTJ?= =?us-ascii?Q?dKWxItJl2L/qahaPIDlhDUo/?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 78695957-8d29-4ad3-db16-08d978ffa210 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Sep 2021 10:49:18.1502 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: nAus3nZovhNAx6HgeFuRwrzMYzIDztoHQqU44EvHwVjsehl+JFXt/Unj+QL6/oEhk0/CaXhsEhrH7UeJgLwf9w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2767 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: en-US On 9/16/21 3:26 AM, Gerd Hoffmann via groups.io wrote: > Hi, > >> +; GHCB page table >> +GhcbPageTable: >> + DD GHCB_PT_ADDR >> + DD GHCB_PT_SIZE >> + DD OVMF_SECTION_TYPE_SEC_MEM > Hmm, TDX will re-use those pages for something else. So as long as TDX > is happy with OVMF_SECTION_TYPE_SEC_MEM everything should work fine and > just mentioning that in the comments will be ok. > > If not we might need a SEV_SECTION_TYPE_SEC_MEM to indicate the entry is > valid for SEV only and Intel can add a separate > TDX_SECTION_TYPE_SOMETHING_ELSE entry for the same address range. Yep, looking at the current TDX patches we see that GHCB is used for the mailbox,=C2=A0 to make integration easy its good idea that we define SEV_SECTION_TYPE_SEC_MEM and use it for those GHCB memory pages. I will add in next version. thanks