From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web09.927.1626717507243556760 for ; Mon, 19 Jul 2021 10:58:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=XT/B1ONY; spf=pass (domain: linux.ibm.com, ip: 148.163.158.5, mailfrom: dovmurik@linux.ibm.com) Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 16JHYIPr105846; Mon, 19 Jul 2021 13:58:26 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=subject : to : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=pp1; bh=nO+Q/GFTH3fGHO2zdAgPpMd5ECQ4QXX5wrHW8KDVTcM=; b=XT/B1ONYA0XLaiNAnvLsPWGWYO3SB3uuT20GAJjAa4aRq9UCWRP9nnCQur2y8hm1jE8u 2tWbSzOUwmDrJLGvI9U53txwr1xkqn0yznGPOPONqC+Q3BQ2BK8wPgof7XN2CUFZ7f9n GlEpPmrCfLEptHSLkCfHmW5LEszVZyL4MlAHOneZJoToZaie2c0/IB6Wk6+Pm6XW6knd Mlq9wMW+6PKm5G+dAnsTVNbHIzY3vX1I3RdPxYXa9tHlkskQ1x5rdi4b0hsRh9X+LOBN Y4fzxPGQIB6YMZJyiVSvu5wlZwbCkuGXFjSBa71CC50YxKbJGvkjhGed5Tc/masb57Zl 0w== Received: from ppma05wdc.us.ibm.com (1b.90.2fa9.ip4.static.sl-reverse.com [169.47.144.27]) by mx0a-001b2d01.pphosted.com with ESMTP id 39wcubtxy0-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 19 Jul 2021 13:58:26 -0400 Received: from pps.filterd (ppma05wdc.us.ibm.com [127.0.0.1]) by ppma05wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 16JHlWg9003200; Mon, 19 Jul 2021 17:58:25 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma05wdc.us.ibm.com with ESMTP id 39upuag164-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 19 Jul 2021 17:58:25 +0000 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 16JHwOD031523168 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 19 Jul 2021 17:58:25 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BF29D12405E; Mon, 19 Jul 2021 17:58:24 +0000 (GMT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 42D39124054; Mon, 19 Jul 2021 17:58:24 +0000 (GMT) Received: from [9.65.195.237] (unknown [9.65.195.237]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTP; Mon, 19 Jul 2021 17:58:24 +0000 (GMT) Subject: Re: [edk2-devel] [PATCH v2 03/11] OvmfPkg: PlatformBootManagerLibGrub: Allow executing kernel via fw_cfg To: Christoph Willing , devel@edk2.groups.io References: <23418.1626699362007911011@groups.io> From: "Dov Murik" Message-ID: <98ca559a-edb9-8182-1de7-4a492762103c@linux.ibm.com> Date: Mon, 19 Jul 2021 20:58:22 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0 MIME-Version: 1.0 In-Reply-To: <23418.1626699362007911011@groups.io> X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 8vV2N556VEzv4mRbSt20Q05ZgPuBJn1w X-Proofpoint-GUID: 8vV2N556VEzv4mRbSt20Q05ZgPuBJn1w X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.790 definitions=2021-07-19_09:2021-07-19,2021-07-19 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 priorityscore=1501 malwarescore=0 bulkscore=0 impostorscore=0 mlxscore=0 adultscore=0 clxscore=1015 mlxlogscore=999 lowpriorityscore=0 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104190000 definitions=main-2107190101 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 19/07/2021 15:56, Christoph Willing wrote: > Thanks for the clarification Dov. > > I've been trying with just "normal" VMs, not SEV. I did already find and try the confidential-containers-demo sev-hashes-v2 branch but it didn't help - not surprising if it's not relevant to normal VMs. > > Do you know whether this functionality (-kernel, -initrd, -append options) is actually supposed to work in normal VMs at the moment? The only conditions under which it works here with qemu-6.0.0 is with vUDK2017 & 2018 and an old ovmf binary package from kraxel.og dated 2017. Anything built from the edk2 master branch has failed when using those qemu options, although all the same builds work perfectly using the VMs' internal kernels & initrds. I've also extracted OVMF files from the current kraxel.org package as well as Ubuntu's (hirsute) package and these also fail the same way i.e. kernel boots and initrd works (loads modules) but then the VM filesystem doesn't seem to be found (no /dev/sdX exists to mount the filesystem root). > > I guess this could be a qemu problem but since it works with some (old) udk/edk2 versions, I thought I'd look here first. > Can you please try with edk2 commit d1fc3d7ef3cb - just before we did some changes around this QEMU-interop code in OVMF? Thanks, Dov > Thanks for any help or pointers, > chris >