From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) by mx.groups.io with SMTP id smtpd.web11.2250.1666746483511466391 for ; Tue, 25 Oct 2022 18:08:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@google.com header.s=20210112 header.b=jxVhkpYU; spf=pass (domain: google.com, ip: 209.85.208.50, mailfrom: dionnaglaze@google.com) Received: by mail-ed1-f50.google.com with SMTP id i21so18026390edj.10 for ; Tue, 25 Oct 2022 18:08:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=+Cp9GItDA85c4Y2b+p1Z0FVQeOP5N0xMv6wiyrM2vX8=; b=jxVhkpYU1A171HW1z5hegCsJmtg2uVjDZDvEgfhZ4IN2jQ9tx2E0SRSdemFo/sV8KZ +leNVYGYKEDDP9ru4FEusqMfCRjtISjhIKtGFHcB9GA4IbuFes4rqm/GJAshd3SqLkG5 xGoy5vY5JTtC/JKG4//7KdBJU9KMchmAkTzpACuviI4d6cvRkjVBq+0Wf9wyf61loU4R xP9HLaDhUNuk/7Q6It9SI2Y3rdS6yhTpJI5CqdbqF0ANgE+E73mxcymocgUk//onYi4R 80/RVD31/3togTW1HtiN6lSjVdK/3Y5W0NxKCjHTQsnDTnZ2bTfWh/rO4YMWAygqrNqs NRCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=+Cp9GItDA85c4Y2b+p1Z0FVQeOP5N0xMv6wiyrM2vX8=; b=leklqxQ8a2//0+w7KchCcW5M3fmPTPg316BRIBE0S0Pajv3QNJ4zWLlbD0YppE2CjA U7XoVZ9j/P5C3UmNMAmqWNJ+6s9bxQF3JsUDTb2pBQ8wRorxXLgCwP8JsupbEKkkfl9f kncxqTnmcxTbFYAxWD1Mb2vcXTmWrb1nLyr/T5wxcL5mX8jyfjn8qHuzSOdOefwgd3sO KpnBM4vRDFGKl91HuwRxc+QHXkFLz2mh1NfTEy0vQLirCc18IKP4be9FIPzCHI3cLqgP b1+E3TyYqTO4/2EHqqHQMjORZ3VB+6rqnP+kOIIoQwocT0RaJhHG0rpsLsld+GKk8WZu X6cA== X-Gm-Message-State: ACrzQf1XUPiz/nkDPvt+XuFr+Jh9eeyG5BjxO1/GxxIPiz3IC4WfikLr ApHOiGPjY0G4jKTDhQSXXahSJMT9dOTnCoTixfhapg== X-Google-Smtp-Source: AMsMyM4skf04czH6oW9/UvlRZwEJ3r4hFPxuL1zpigQl7NqeJmBt7jrbK6Gfvc9BGZw+erGAT5/YRrWnm/TowDaSgwk= X-Received: by 2002:a05:6402:268a:b0:45c:c38d:ed70 with SMTP id w10-20020a056402268a00b0045cc38ded70mr38154608edd.62.1666746481661; Tue, 25 Oct 2022 18:08:01 -0700 (PDT) MIME-Version: 1.0 References: <20221005203329.469866-1-dionnaglaze@google.com> <15176.1666600440031530451@groups.io> In-Reply-To: From: "Dionna Glaze" Date: Tue, 25 Oct 2022 18:07:50 -0700 Message-ID: Subject: Re: [edk2-devel] [PATCH v7 0/7] Add safe unaccepted memory behavior To: Alexey Kardashevskiy Cc: devel@edk2.groups.io Content-Type: text/plain; charset="UTF-8" On Tue, Oct 25, 2022 at 5:23 PM Alexey Kardashevskiy wrote: > > Hi Dionna, > > Thanks for updating the tree, builds nicely now! However the VM's kernel > does not boot - the guest kernel reports > > EFI stub: ERROR: exit_boot() failed! > > and hangs. I am not quite sure how it is supposed to work (still > learning) but "Accepting all memory" happens twice (should it?) and the > actual reason for the CoreExitBootService() failure is that MapKey != > mMemoryMapKey in CoreTerminateMemoryMap(), these are 0x7AD7 vs 0x7AD9 > or 0x7AE1 vs 0x7AE3 (the diff is always 2). > "Accepting all memory" may happen twice, but it's idempotent. The debug_info log happening twice might be confusing, so I can change that if you'd like. The first accept will remove all unaccepted memory regions from the address space map. CoreExitBootService should fail the first time since the first accept will change the memory map. That failure means that the caller should GetMemoryMap again and try CoreExitBootService again. > How do you test it exactly, is there any command line change needed in > addition to enabling SNP? > > My guest kernel uses > https://patchew.org/linux/cover.1664298261.git.thomas.lendacky@amd.com/ > with the TDX prerequisite. Thanks, > It's a few name changes behind, but this branch of Linux is what I've been using: https://github.com/deeglaze/amdese-linux/tree/v12unacceptedv7v5-enableum Specific enablement patch here https://github.com/AMDESE/linux/commit/5a708081d58d773e767b11735ee1fd17ef5e5f61 I incorporate Kirill's patch set v7 for basic unaccepted memory support, Tom Lendacky's v5 patch set for SEV-SNP support of unaccepted memory, and I have a single patch that calls the protocol. This branch doesn't have Kirill's TDX patches. I've run it with a regular SEV-SNP enabled guest kernel too. At this point all the tests have used kernel injection rather than having the kernels all baked into the image. -- -Dionna Glaze, PhD (she/her)