From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176])
 by mx.groups.io with SMTP id smtpd.web11.3034.1675370528051897644
 for <devel@edk2.groups.io>;
 Thu, 02 Feb 2023 12:42:08 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@google.com header.s=20210112 header.b=edIzRM8m;
 spf=pass (domain: google.com, ip: 209.85.210.176, mailfrom: dionnaglaze@google.com)
Received: by mail-pf1-f176.google.com with SMTP id n2so2100072pfo.3
        for <devel@edk2.groups.io>; Thu, 02 Feb 2023 12:42:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=yCDWp6gz44PHjFTI1VB0ifoW3WF2wJq392SaeKcWin8=;
        b=edIzRM8mc1702fQK1pPqlAva74yx8gD3tAZOsotPKqyC72Z2DhsAiHY52gQaskFXcc
         f5KRCS0oAMideASux3N4zlfFRPOuAWVBE49rSC6ZhC3JlAq/9CacgUtp44a79kVkrLRq
         /zX4dbCrCpRzyCDzirY1JRiysrd7VHYcPAzlP4rM1ELsi6l5uqnO0oBomAtYyILKBIsY
         Rad1NGgM9M/ti5Ll2dPK1Brc6zmPSKuUBDq/rjgt3m6b2tti29UXKzPYBm7iwTjGrg5k
         ntkzjN9FhWZDvKk056yA2F3m7M5MI9whPo8YBct00wKvzmYKlA1CRPhmYcKwkQ6YjRR6
         XThg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=yCDWp6gz44PHjFTI1VB0ifoW3WF2wJq392SaeKcWin8=;
        b=pD1p9kYY4eSH+t2LoaXcvZr4WeDIbD/B9DYRQlkc3NlQcesT3a80IFbXduLPJlVhTj
         f5/eFrGKAPnaObB/KTjpbcLy19USwrKxoBPtO1A0L9/A8u9IIKay7zVPvNjJYILLkUD8
         /cmVFTNqH0NYOfCZYzWku5te+6EQaVem8rDQFzvGcZwWtQ1vZURlL8/RUVIi2NkHkiVq
         XMmTUEuHZXvtwayd3DU3x5cM2DGJUhe/E7c3ADfSEimhVvf0MoxnKibOkpTofNmgilS0
         7+1mvdn8gkB/sS+96cVDWKDIOUSKZxo/XOkIC9reTAL6xlzlI5R/Q/ASnMWgrgXRpiWN
         /z7A==
X-Gm-Message-State: AO0yUKX5MFHuh/2fkKzDdIHsbwwqOZmnPgjrBIH/Sj2+Zj9J9mnobuyp
	YN5dcVek98s5dXv+gUx17jXXcMFXbDPrPIY2XkCBfg==
X-Google-Smtp-Source: AK7set9iALWhuQ10QAneDYmdMjmiGm7+DGeWM1vkFxa5WzfZMTA3+RE2Oig8Xo2lJyAl1AfqV6ZpLgSBAHkEuMtVIQ0=
X-Received: by 2002:aa7:83c1:0:b0:592:5451:2b57 with SMTP id
 j1-20020aa783c1000000b0059254512b57mr1473256pfn.23.1675370527357; Thu, 02 Feb
 2023 12:42:07 -0800 (PST)
MIME-Version: 1.0
References: <20230131190837.354950-1-dionnaglaze@google.com>
 <CAAH4kHb0GirnyVCaBPdVCSEzHkRrY_fihtpUpdByLuLBz9uP1A@mail.gmail.com> <CAMj1kXHi_Lms8KcXp9KxA5tfvm_AXSrZAGGyJBhP-OxxO-5SzQ@mail.gmail.com>
In-Reply-To: <CAMj1kXHi_Lms8KcXp9KxA5tfvm_AXSrZAGGyJBhP-OxxO-5SzQ@mail.gmail.com>
From: "Dionna Glaze" <dionnaglaze@google.com>
Date: Thu, 2 Feb 2023 12:41:55 -0800
Message-ID: <CAAH4kHbXX-LqLtvZNyEBsP5kCha734ZxrEO_AHT3-VuEvb8iZA@mail.gmail.com>
Subject: Re: [PATCH] OvmfPkg: Fix SevMemoryAcceptance memory attributes
To: Ard Biesheuvel <ardb@kernel.org>
Cc: devel@edk2.groups.io, Ard Biesheuvel <ardb+tianocore@kernel.org>, 
	Erdem Aktas <erdemaktas@google.com>, James Bottomley <jejb@linux.ibm.com>, 
	Jiewen Yao <jiewen.yao@intel.com>, Min Xu <min.m.xu@intel.com>, 
	Tom Lendacky <thomas.lendacky@amd.com>, Michael Roth <michael.roth@amd.com>
Content-Type: text/plain; charset="UTF-8"

> >
> > This change is made given a request from Ard. The CC capability is not
> > applied to other system memory ranges that probably should also have
> > that capability, given that it's encrypted and accepted. I haven't
> > considered carefully where EFI_MEMORY_CPU_CRYPTO should be added to
> > conventional memory, given the acceptance happens before DXE
> > initializes. Perhaps
> > CoreConvertResourceDescriptorHobAttributesToCapabilities? This is more
> > of a question to Ard and Thomas.
> >
>
> It's not clear to me whether the CC attribute applies to the host or
> the guest. From the guest PoV, there is really no distinction, whereas
> on the host, I could imagine that only CC capable memory can be used
> for handing out to VMs.
>

That's a good point. The UEFI spec language is hard to interpret here.
Min or Jiewen, do you have more context on the EFI_MEMORY_CPU_CRYPTO
attribute?


-- 
-Dionna Glaze, PhD (she/her)