From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id BB21ED8118F for ; Tue, 29 Apr 2025 06:27:15 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=6YXUtrWNkJjL0x/a1mKeGJZzdtemFVuJJJTONwwstw8=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240830; t=1745908035; v=1; x=1746167233; b=ALSAQ3BaXc11EnBJdcNhhTeWFuHx4zylef4Jo9jjyp5sOjI5iNNfT6gUYNhbm0zfaz1e90bS WbRlVQXiyz89yCHnogEA4fcnqBOREN8BBzir7NRZv9fc0pP/KhcMqXZpqHDVxwmmum0U0Lio1rp M1PDbBSQ1R9yNwMoyifzbZkiUJodF7TcnZ4wesX6EWnrmcZCafp6jvGKA7gi/6Uec2sg5Nf8aRQ OmL5uwfvoNZd3ASD/LpTrxg9U+n7ufkaC/g13ihTIaYEZo0gbjGghpE8tLBSt9vj5+oLf6bBx89 hf2AszVnDW5ymqKaSqeWrLk51ZWkEbtWCA0l5xsPNV7ZQ== X-Received: by 127.0.0.2 with SMTP id WAJhYY7687511xqOkxEvQWOG; Mon, 28 Apr 2025 23:27:13 -0700 X-Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by mx.groups.io with SMTP id smtpd.web11.10582.1745908033073681552 for ; Mon, 28 Apr 2025 23:27:13 -0700 X-Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 534FA5C4AE2 for ; Tue, 29 Apr 2025 06:24:55 +0000 (UTC) X-Received: by smtp.kernel.org (Postfix) with ESMTPSA id 279C8C4CEED for ; Tue, 29 Apr 2025 06:27:12 +0000 (UTC) X-Received: by mail-lf1-f46.google.com with SMTP id 2adb3069b0e04-54d65cb6e8aso7222202e87.1 for ; Mon, 28 Apr 2025 23:27:12 -0700 (PDT) X-Gm-Message-State: HVMyIXquVUcnqAgKuug0rX4Sx7686176AA= X-Google-Smtp-Source: AGHT+IHKb61Hy20lZXDNUhxaH+y8dcq7RNj83od/mJFxcPYYWWmz95OoL2RftUZqYBQgIbgMLUbf42Inn3I4G1YSgM4= X-Received: by 2002:a05:651c:1512:b0:30d:b31e:262d with SMTP id 38308e7fff4ca-31d5ab44700mr5643261fa.8.1745908030500; Mon, 28 Apr 2025 23:27:10 -0700 (PDT) MIME-Version: 1.0 References: <78983d77-8c0d-41b7-98c0-bcf8117bf55e@amd.com> In-Reply-To: <78983d77-8c0d-41b7-98c0-bcf8117bf55e@amd.com> From: "Ard Biesheuvel via groups.io" Date: Tue, 29 Apr 2025 08:26:59 +0200 X-Gmail-Original-Message-ID: X-Gm-Features: ATxdqUFvHzbajhekm0XdVnNqZNxa1yv0w_EjJjXVJ75CzUzBsX-MzIFRfk4VVFE Message-ID: Subject: Re: [edk2-devel] Move X2APIC enablement from Pei to Sec phase To: "Melody (Huibo) Wang" Cc: "devel@edk2.groups.io" , "Lendacky, Thomas" , Ard Biesheuvel , Jiewen Yao , Gerd Hoffmann , Erdem Aktas , Min Xu , "Roth, Michael" , Ray Ni , Jiaxin Wu , Zhiguang Liu , Dun Tan , Rahul Kumar , Star Zeng Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 28 Apr 2025 23:27:13 -0700 Resent-From: ardb@kernel.org Reply-To: devel@edk2.groups.io,ardb@kernel.org List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240830 header.b=ALSAQ3Ba; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=pass (policy=none) header.from=groups.io Hello Melody, On Tue, 22 Apr 2025 at 18:44, Melody (Huibo) Wang wrote: > > Hi, > > I am currently working on enabling Alternate Injection for AMD SEV-SNP guests and have encountered a design issue. > > The Alternate Injection specification, which is still preliminary, defines a so-called SVSM APIC protocol through a subset > of X2APIC MSRs while timer support is configurable. > [ This means, if timer functionality is not supported, the guest must rely on the hypervisor to emulate timer > support through use of the #HV Timer GHCB protocol. ] > > When the OVMF firmware starts, it is in XAPIC mode by default and then, later, during the init phase it switches the guest to X2APIC. > However, with Alternate Injection enabled, the OVMF in its very first phase - SEC - does XAPIC accesses. > > The SVSM, however, which is part of the guest, uses the so-called SVSM APIC protocol which uses a subset of the X2APIC MSRs. > > The OVMF, however, assumes it starts off in XAPIC memory-mapped mode and thus there's a protocol mismatch of sorts > because with Alternate Injection already enabled in the SEC phase, it mandates X2APIC MSR accesses. > > The registers (timer registers) when not handled by SVSM will get routed to the hypervisor (KVM) which at that point is operating the guest > in XAPIC mode until the PEI phase switches to X2APIC. > > If X2APIC enablement is moved from the PEI to the SEC phase, the problem can be resolved. I have tested it and it works. > However, I dont know if there is any concern or potential design issues with that move. > > Do folks think this is ok to do - i.e., move the X2APIC enablement to the SEC phase? > > Or do you have any suggestions for a better solution? > Please implement your proposed changes as a Github PR against the tianocore/edk2 project. The relevant maintainers will automatically be cc'ed and we can continue the discussion there. (Presenting a concrete solution is usually more effective in eliciting responses, positive or otherwise) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#121291): https://edk2.groups.io/g/devel/message/121291 Mute This Topic: https://groups.io/mt/112386836/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-