From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web08.12763.1663684212618206459 for ; Tue, 20 Sep 2022 07:30:12 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=aO0e5MHU; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: ken.lu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1663684212; x=1695220212; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=7da+WnVHPq034/bnLUFAkvUF5sqt05Sdj+OuBR2Phtg=; b=aO0e5MHUMKKnTnyZLNx/4Aay36uMQFDml5KWbMo9QLQUmv5lk60z6/Dd IaXHlkXqF6z9PmlLGpbb+wf1kyRvN5rwGNbkH9LOhJ6z1i/LJmvE439iu vs9LTd9GDu89OTltOAFBWzM2UoFIQUCpduP6KO6bUbqhydgdm/BkHI/a3 suT4zE44aM7EYTB9lAtg0GQm2+S+zkzLxHFqeko3kvtfCSNPBMqriZfs9 zdrnDd48jtEyuoTOIaX/l5OjA+IXf6Wl6rpkPvT2OfkomWKkymZu+RswZ GkSFH8l6nhCmy+ivDjilNvG5LcA9FF5KW1w5yEsTtaoHKJZsJ9Stw0v8C Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10476"; a="282738219" X-IronPort-AV: E=Sophos;i="5.93,330,1654585200"; d="scan'208";a="282738219" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Sep 2022 07:30:11 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,330,1654585200"; d="scan'208";a="947692240" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmsmga005.fm.intel.com with ESMTP; 20 Sep 2022 07:30:11 -0700 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Tue, 20 Sep 2022 07:30:10 -0700 Received: from orsmsx609.amr.corp.intel.com (10.22.229.22) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Tue, 20 Sep 2022 07:30:10 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx609.amr.corp.intel.com (10.22.229.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Tue, 20 Sep 2022 07:30:10 -0700 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.108) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Tue, 20 Sep 2022 07:30:10 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AXKuZt1eBd25THbpvG4hSEoHg7y8c3lHincf5DiCqVp6Ia4WHH0dNGu7Ngh0w10LZR39HqgiUYrgzkzhYX1D7k76Fh1KQDD/LPFhHUuVxjHWCc/S6CYkeITZAEhcgVs+CT285IKlxb8xDHS5dgTk4tIQvtRc7ve+ow5N6cDXwNez7i5bU6kFo3vv6QKgUbOwe5ID2l1Vgrtki6NKZiDByTu7iF67JbCuu9Fhral/aDJ2jJDOWwqkxy1Rp1rodaOGni6NZ6//wJduwhBYqzYPfUo9rXBhz3ZZAEwTj8SP+eKTSumEAPnxfdEIO8oyrMMNj0LN8N6P5tNc17R5lURELQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0kZ/bmB+GqN9KtEg14id6E9slY2tEatxaGWmcEhacPE=; b=ZjDouR/UAg4x3D1D/2v3GEyu0yvVebprf3iE2P5Bc3+7DwkLs0TsWpIqtG4Xa6/3bXhXYRiwx83cCRRc9sSS4YURxZHeTLLiy+DRz5qaAhbWLqC1AyG27Mvk6wIh+XjHTPaNzyfIzy5S3lEujI/pX6B5/MwbFxQWg+f5y/q8nThtmooLg6vDhE951FO01R6se1BWRaIjeHM/t8Au8lk92d37bVROxPm4gKaSDiW8J50F3SRyv7TNy07yZsYJadgWZl31wXjKeWIv1TNx3tNEZtYUwgBcNX7aIxAXbuGQkE+2RiHeSPEf9GMItk6mlDLJeTbMw4FKvzuNPSWrinDfMQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from DM6PR11MB3674.namprd11.prod.outlook.com (2603:10b6:5:13d::11) by SN7PR11MB6603.namprd11.prod.outlook.com (2603:10b6:806:271::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5632.21; Tue, 20 Sep 2022 14:30:02 +0000 Received: from DM6PR11MB3674.namprd11.prod.outlook.com ([fe80::a18a:f55b:72b:c4a3]) by DM6PR11MB3674.namprd11.prod.outlook.com ([fe80::a18a:f55b:72b:c4a3%5]) with mapi id 15.20.5632.021; Tue, 20 Sep 2022 14:30:02 +0000 From: "Lu, Ken" To: Gerd Hoffmann CC: Ard Biesheuvel , "Xu, Min M" , "Daniel Kiper" , "devel@edk2.groups.io" , Ard Biesheuvel , "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" Subject: Re: [edk2-devel] measurement to command-line/initrd for loading kernel via -kernel option Thread-Topic: [edk2-devel] measurement to command-line/initrd for loading kernel via -kernel option Thread-Index: AdjKQCUJCucPSYUVRCu0arGCE/7NLwBHVXAAABlq2EAADIUjAAA+F5kQAAGJnIAAAHgAMAABjfaAAAARiTA= Date: Tue, 20 Sep 2022 14:30:01 +0000 Message-ID: References: <20220920132027.y4yz4ugghpilqplx@sirius.home.kraxel.org> <20220920141823.byhnbirfnl777jql@sirius.home.kraxel.org> In-Reply-To: <20220920141823.byhnbirfnl777jql@sirius.home.kraxel.org> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.500.17 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: DM6PR11MB3674:EE_|SN7PR11MB6603:EE_ x-ms-office365-filtering-correlation-id: 35d439d8-1f0d-49f0-4fd6-08da9b149ac5 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 3M7WRMM8G+pXFSS4Cg6IvvonOiSs1s0UJhUdHVzsGT5wmVt3qsh5iAF2g+M6O9JewWDm8Q1SilC52lv9YTu6JzQJrcmtz3uDt5ZysCsEQy2jwPOMXyB3pDozFrEPa7PK0vqEvRN9dJeF6CenVpbDB++y/A29gVIW8ly8D3N54+YeS3MYXNSZ7H+jFiiu5/CVuye9vRnYiBRm5eaF57ddrxBjWtBLkDqW0yO1yakSfrrSj7uaNd9hlPjAz8EvC2uY8AHOKLNLAucwoFPLv/pa5WmyySPMywFsDUPglxol2TSzKnTfWmXALY/4YirftEhdJZKpp1fCl+aMCSrrnN1wmFzUG5dJnBwf3HJxmvmnCCocUNRyy+HwXniVy4Pa9NQC/SJgVC7yEI8mftzGhG5apN3mKSW2Z3S9lKiyfYhWIJ7N5d5LVR7U4m8QGjc/5Tr1gL3qksHyzoqersRpExWm6wWtgaLO11i9Q+/HOOXRUBlx5Jup/UlYnPMtfTgVb9iSAwi+S+UZ1+dZrvIN+397P/MH9CjvytstEuM7bJUBoJzBa7hSwUgYns1fp9mbR/x5JqvLgcJyMvDkBdRGi925gz1HMyqqN8Wt3cTFg48H09rCpPahXwLEieQ+hQBJ57FR7GBF/4HXJ9qp73SrYpZ7EqB7nE+yLwE/GxWSRJ9kYNZUal86KFy2UTDk2mSc0tSe7wdlw518HlOo/SctrRLXjF8kCH2LW6QUexMHPReE4JIgxFW+Kqq0E3mAQ8zIp/hkJ9X+tiB6B2CxNDOVL8q14A== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB3674.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(39860400002)(376002)(396003)(346002)(366004)(136003)(451199015)(26005)(9686003)(7696005)(6506007)(8676002)(38070700005)(82960400001)(66946007)(478600001)(5660300002)(38100700002)(2906002)(71200400001)(122000001)(66476007)(33656002)(186003)(107886003)(55016003)(41300700001)(4326008)(64756008)(66446008)(86362001)(66556008)(6916009)(19627235002)(316002)(54906003)(76116006)(8936002)(52536014);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?y/ddU/oBVnnYRbCjtQvMQYh6NcbsMSv5YXa3owWN1umR30Xdiq7mh53/4H3W?= =?us-ascii?Q?AWqOzjQvGgPoUCLztqXd8E8yh4LLcrzalW59FsGml4MgDNcjOjEasx2VF3LK?= =?us-ascii?Q?3hXTuZFzthZx9gPCTsyo9yaaDwAl4dtPBNh5zuRhPPjamwojyTrdAAtHmTYA?= =?us-ascii?Q?RGDeH4Gt2pwHHQf3W97imdHL469iK3GmOKQQDezCVHaaqQQijh1nuCuw2BSM?= =?us-ascii?Q?KCx2E5ApshiHYvKXuUy4xrLP4giP5cySXymcL+SzdDd1hNGxAop7Dgus4N0Z?= =?us-ascii?Q?lKGpd7uYpg8uZ5vr0WJ8vRxaKIHaTE40QbUycz5w6hJ+GYTO8NSjKNv4gpMq?= =?us-ascii?Q?wpqJt33ZBw+/PX+WHOQ5r6nodfVkxeKLjTGtuVaADI6bnNAO1XsHOViRfg9M?= =?us-ascii?Q?GPFZXrmhXFSYW8e/oI8SCie8kywYjFwama+hPM0glbFuTjYjcMxllSAzSEvt?= =?us-ascii?Q?m3onUkaEgD5kKEays7zkCWvdZDo+139/ZsrA5SZoiLlbAsYP1w8FJYY4L6eK?= =?us-ascii?Q?egitPBoa3MTHeOAysSFUY9k/2zIRnLslEa+/U8P/pKwPgbmrC9Khd9k9PtZz?= =?us-ascii?Q?IVw/P96eeKfBAaOx8SR8vb/fVGR1ZSyqbOdI6cT34ADe/LONWFHlTNDUIQOQ?= =?us-ascii?Q?O+NiCPgpS6VmGYH4wpLdtq4pBwSl82DcFbvNVIdf00ccbNxyDJ7bcdeZyWXw?= =?us-ascii?Q?F8Hr9Rrqjd7ezFMIdYTwBY2BAikWt2hZVkvzWLKaPAOgup4SK08vM2D3KE97?= =?us-ascii?Q?VjJhU8QhMAEDzWFVQ1jI4DWJ6r2gZqloNHHCTjZIEJ6djkgdBlZVNJfkC6i5?= =?us-ascii?Q?M8CTBpaUuQQCmI1DU4or2DS0KOhP93amUSBwHKIasUjff0B+ayZb46E7wdhj?= =?us-ascii?Q?9Rx6IS3x6JEfnPeZofp60cuSowMOVoltGnbceFULLAXU7yeERbj4VnupTBZA?= =?us-ascii?Q?C58UlZfgEQxFq4PbUDmx8+5RWXvOzB2syMfsyhO5cQzepD42JQfQ40NS33hD?= =?us-ascii?Q?nDJt9wyw0voSydFqJP3FJwSBGAc0lTlAdN+RQmI/9Avo5AvsomfA88NL6Zq2?= =?us-ascii?Q?WuI/rH9nxDv6Vo7vOvkglpwYWvaiRQTboqMZ6hc7aATDL8Od2pkPBXN+dhbL?= =?us-ascii?Q?gmY0eyKiUYU0JeSiI4YaR/fBDEEfpg3MRk2RLniaVlvuF7+9r60f0a5di6uv?= =?us-ascii?Q?epujk+jwyeXFQ24Z7loxgYISdW7N67QoYrcDRoHI3rK48g1/qHDWKdPO8Ojj?= =?us-ascii?Q?xONUOP1VnOCP9uAKUwLBWPEbk1KOt0dGPY/sg29WdbzqJOmtwLx90QEkOSip?= =?us-ascii?Q?dYgzG9MkWVZ+NZ2XyHg4smHyZASyBUsC8iL7PC8j98+ZDOajuvGKBiEO0XsF?= =?us-ascii?Q?6yDH8XAcRTsUrDgUlR2rXt/MZ78NBomnaY9OqdqQcjjyeAm0VsiunsAMUXEI?= =?us-ascii?Q?NqspkwkrZnvKKxmQLsEdf+6kziyTnUcCrq7byfGpYUnm8uUCUWJzxol/KJSI?= =?us-ascii?Q?Z993ccYCyW+uM0RdCtmlARllExvaGHSdXW+lKCzSLX/jJGqax7Ni5y7/XdoA?= =?us-ascii?Q?tcmigp0RQsW7dfwDpgjWuro4efEpQx4OUXCJ13jg?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB3674.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 35d439d8-1f0d-49f0-4fd6-08da9b149ac5 X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Sep 2022 14:30:02.0401 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: aX1CTxC3Myh+dmusc6VfQ++F45luSusvOMAyit2Ib8h9cQ4y2W3lGTcv1t3m/JuxTaou/kbybdjnfj6dJQ0VuA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR11MB6603 Return-Path: ken.lu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > > So there are two types loaders: > > 1. QemuKernelLoaderFsDxe - this way just put kernel/initrd blob into= a FS > for any future's usage, may be continue boot or not. > > 2. QemuLoadKernelImage, - this is consumed by TryRunningQemuKerne= l() > - standard Qemu direct boot path >=20 > Nope. QemuLoadKernelImage loads the linux kernel from the virtual filesy= stem > created by QemuKernelLoaderFsDxe. And for the initrd it'll just pass > 'inittd=3Dinitrd' and the stub loads it. >=20 > We have two variants: > GenericQemuLoadImageLib - supports efi stub only > X86QemuLoadImageLib - has fallback code paths for the legacy > pre-efi-stub boot protocol (guess that > is the one grub has deprecated for 2.06). >=20 > So, yes, with the legacy protocol there is no stub which can measure thin= gs, but > for the snake of confidential computing we can completely ignore that. K= ernels > which are *that* old certainly will not have support for SEV / TDX ... >=20 Thanks Hoffman. Hmm.. GenericQemuLoadImageLib sound like is used by ArmVirt= Qemu.dsc, OvmfXen.dsc, AmdSevX64.dsc,..... But X86QemuLoadImageLib is used by OvmfPkgX64.dsc and Intel TDX~~ Headache.... do you want use GenericQemuLoadImageLib to replace X86 one for= OvmfPkgX64.dsc also? But either in GenericQemuLoadImageLib, it can do measurement for command li= ne and initrd, correct? > take care, > Gerd