From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id E3240AC1450 for ; Wed, 24 Apr 2024 16:27:05 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=kEpDMr2BuE8nSQLtqi1DBuUnXSve/qy5p4qsgpUIEck=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240206; t=1713976024; v=1; b=UpfUxszcr3aVhkhBUXe3yq4Vu7dsbq5A6XffyRnaiX9V4DjL+8KKzyHZ4YCoq3AtNHFnpUdF wVjcFTbj/u/iuNK+P2duUHyonlEzjAjt2hkbdjJHusaFh7HJYQ0w6D37Wej1FSQmDMt34zugS57 Zr8Bp/sIdjTNWjjUYb42vChDDtJBa0F3YrkL8brVOUpgLkXuLNsZqON8LqUGgywjCU6aGv3pLcM N8TwZ4x8cknAQhypQPvnRUvxbnhB33g/cVLly7a2mIKlysqh60/7gUvbq+p//PFD9T0mFbDcPGY Ki0Zc37hZ12qjvu46QuMMH+ChswcuYvQ7qsF5FM0kKdIA== X-Received: by 127.0.0.2 with SMTP id QyA3YY7687511xZJCkUGJZP9; Wed, 24 Apr 2024 09:27:04 -0700 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.1123.1713976018843205538 for ; Wed, 24 Apr 2024 09:26:58 -0700 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 0FC2061BA2 for ; Wed, 24 Apr 2024 16:26:58 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id ACDCBC113CD for ; Wed, 24 Apr 2024 16:26:57 +0000 (UTC) X-Received: by mail-lf1-f53.google.com with SMTP id 2adb3069b0e04-5196fe87775so8077588e87.3 for ; Wed, 24 Apr 2024 09:26:57 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCXdmcqc/fyIWY19IAu7dRYXaf9aRckDQKXCyJFZvyB5nLlW4qugMcmU0ngiBuNou3h3MdWeSanrOibKZwpy/clYojaDGw== X-Gm-Message-State: hXcxRN5FyDl6NoRoMN4danMOx7686176AA= X-Google-Smtp-Source: AGHT+IE8T2Hu+QoWO03icfV041c0lgf6sjwEySmlxHP4Sc4LLfXtsfm0DljNGC+FGWG+jNobj+QXv/j5r2aLprfohyA= X-Received: by 2002:a05:6512:312e:b0:51b:aa42:67bc with SMTP id p14-20020a056512312e00b0051baa4267bcmr2203045lfd.57.1713976016110; Wed, 24 Apr 2024 09:26:56 -0700 (PDT) MIME-Version: 1.0 References: <20240424060029.1330637-1-kraxel@redhat.com> In-Reply-To: From: "Ard Biesheuvel" Date: Wed, 24 Apr 2024 18:26:45 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [edk2-devel] [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load driver in confidential guests To: "Yao, Jiewen" Cc: Gerd Hoffmann , "devel@edk2.groups.io" , Oliver Steffen , Ard Biesheuvel , Srikanth Aithal Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 24 Apr 2024 09:26:59 -0700 Resent-From: ardb@kernel.org Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=UpfUxszc; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=kernel.org (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On Wed, 24 Apr 2024 at 08:45, Yao, Jiewen wrote: > > Reviewed-by: Jiewen Yao > Thanks, I've queued this up. > > -----Original Message----- > > From: Gerd Hoffmann > > Sent: Wednesday, April 24, 2024 2:00 PM > > To: devel@edk2.groups.io > > Cc: Oliver Steffen ; Gerd Hoffmann > > ; Ard Biesheuvel ; Yao, Jiewen > > ; Srikanth Aithal > > Subject: [PATCH v4 1/1] OvmfPkg/VirtHstiDxe: do not load driver in confidential > > guests > > > > The VirtHstiDxe does not work in confidential guests. There also isn't > > anything we can reasonably test, neither flash storage nor SMM mode will > > be used in that case. So just skip driver load when running in a > > confidential guest. > > > > Cc: Ard Biesheuvel > > Cc: Jiewen Yao > > Fixes: 506740982bba ("OvmfPkg/VirtHstiDxe: add code flash check") > > Signed-off-by: Gerd Hoffmann > > Tested-by: Srikanth Aithal > > --- > > OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf | 1 + > > OvmfPkg/VirtHstiDxe/VirtHstiDxe.c | 6 ++++++ > > 2 files changed, 7 insertions(+) > > > > diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf > > b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf > > index 9514933011e8..b5c237288766 100644 > > --- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf > > +++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.inf > > @@ -49,6 +49,7 @@ [FeaturePcd] > > gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire > > > > [Pcd] > > + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr > > gUefiOvmfPkgTokenSpaceGuid.PcdBfvBase > > gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageVariableBase > > > > diff --git a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c > > b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c > > index b6e53a1219d1..efaff0d1f3cb 100644 > > --- a/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c > > +++ b/OvmfPkg/VirtHstiDxe/VirtHstiDxe.c > > @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > > #include > > #include > > #include > > +#include > > #include > > > > #include > > @@ -140,6 +141,11 @@ VirtHstiDxeEntrypoint ( > > EFI_STATUS Status; > > EFI_EVENT Event; > > > > + if (PcdGet64 (PcdConfidentialComputingGuestAttr)) { > > + DEBUG ((DEBUG_INFO, "%a: confidential guest\n", __func__)); > > + return EFI_UNSUPPORTED; > > + } > > + > > DevId = VirtHstiGetHostBridgeDevId (); > > switch (DevId) { > > case INTEL_82441_DEVICE_ID: > > -- > > 2.44.0 > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118220): https://edk2.groups.io/g/devel/message/118220 Mute This Topic: https://groups.io/mt/105705705/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-