Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

[vannapurve@google.com]

[-- Attachment #1: Type: text/plain, Size: 3456 bytes --]

Hi Min, Brijesh,

Regarding:
> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
> ...
> +%ifdef ARCH_IA32
>     nop
>     nop
>     jmp     EarlyBspInitReal16
>
>+%else
>+
>+    smsw    ax

We are having intermittent VM crashes with running this code in AMD-SEV
enabled VMs. As per the AMD64 manual
<https://www.amd.com/system/files/TechDocs/24593.pdf> section 15.8.1,
executing "smsw" instruction doesn't result in bit 63 being set in
EXITINFO1 and KVM ends up emulating "smsw" instruction by trying to read
encrypted guest VM memory as per the code
<https://git.kernel.org/pub/scm/virt/kvm/kvm.git/tree/arch/x86/kvm/svm/svm.c#n2495>.
Since KVM tries to make sense of different random cipher texts in different
boots, it seems to intermittently result in visible issues.

Is this expected behavior or do we miss some configuration or patches that
are recommended by AMD?

Regards,
Vishal

On Tue, Sep 14, 2021 at 4:54 PM Brijesh Singh via groups.io <brijesh.singh=
amd.com@groups.io> wrote:

> Hi Min,
>
> A quick question below.
>
> On 9/14/21 3:50 AM, Min Xu wrote:
> > RFC：
> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3429&amp;data=04%7C01%7Cbrijesh.singh%40amd.com%7C2cca2f0a7fb44084da2b08d9775cb220%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637672062275443867%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=4zfuIDvTGDNCt%2BD3u7uUR0n6hHDzv%2FI8NkqoUJhsx8Y%3D&amp;reserved=0
> >
> > Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology
> > that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory
> > Encryption (MKTME) with a new kind of virutal machines guest called a
> > Trust Domain (TD). A TD is desinged to run in a CPU mode that protects
> the
> > confidentiality of TD memory contents and the TD's CPU state from other
> > software, including the hosting Virtual-Machine Monitor (VMM), unless
> > explicitly shared by the TD itself.
> >
> > Note: Intel TDX is only available on X64, so the Tdx related changes are
> > in X64 path. In IA32 path, there may be null stub to make the build
> > success.
> >
> > This patch includes below major changes.
> >
> > 1. Definition of BFV & CFV
> > Tdx Virtual Firmware (TDVF) includes one Firmware Volume (FV) known
> > as the Boot Firmware Volume (BFV). The FV format is defined in the
> > UEFI Platform Initialization (PI) spec. BFV includes all TDVF components
> > required during boot.
> >
> > TDVF also include a configuration firmware volume (CFV) that is separated
> > from the BFV. The reason is because the CFV is measured in RTMR, while
> > the BFV is measured in MRTD.
> >
> > In practice BFV is the code part of Ovmf image (OVMF_CODE.fd). CFV is the
> > vars part of Ovmf image (OVMF_VARS.fd).
> >
> > 2. PcdOvmfImageSizeInKb
> > PcdOvmfImageSizeInKb indicates the size of Ovmf image. It is used to
> > calculate the offset of TdxMetadata in ResetVectorVtf0.asm.
>
> In SEV-SNP v7 series, I implemented the metadata support. I did not see
> a need for the PcdOvmfImageSizeInKB. Why do you need it? I think your
> calculation below will not work if someone is using the OVMF_CODE.fd
> instead of OVMF.fd. Have you tried booting with OVMF_CODE.fd ?
>
> thanks
>
>
>
>
> 
>
>
>

[-- Attachment #2: Type: text/html, Size: 5021 bytes --]