From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: Dov Murik <dovmurik@linux.ibm.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"Michael.Roth@amd.com" <Michael.Roth@amd.com>,
"Tom Lendacky" <thomas.lendacky@amd.com>,
"Ni, Ray" <ray.ni@intel.com>
Subject: Re: [edk2-devel] [PATCH 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory
Date: Thu, 12 Jan 2023 10:15:27 +0000 [thread overview]
Message-ID: <MW4PR11MB5872C25DB950A6BD0DFCE79F8CFD9@MW4PR11MB5872.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CAMj1kXE+i2E75HCRH5phxJ5ioMotnRJNiWVR_OpZp53r8pMAnw@mail.gmail.com>
Never mind. I don’t have concern for SEV code.
You may merge it, if you think it is OK.
> -----Original Message-----
> From: Ard Biesheuvel <ardb@kernel.org>
> Sent: Sunday, January 8, 2023 12:53 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>
> Cc: Dov Murik <dovmurik@linux.ibm.com>; devel@edk2.groups.io;
> Michael.Roth@amd.com; Tom Lendacky <thomas.lendacky@amd.com>; Ni,
> Ray <ray.ni@intel.com>
> Subject: Re: [edk2-devel] [PATCH 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-
> SNP CC blob as EfiACPIReclaimMemory
>
> On Sat, 7 Jan 2023 at 03:01, Yao, Jiewen <jiewen.yao@intel.com> wrote:
> >
> > Hi Dov/Ard
> > Please allow me to clarify:
> >
> > EfiACPIReclaimMemory in UEFI spec means: OS may use the memory, after
> it copies the ACPI table to its own location. It is also called
> "AddressRangeACPI" in ACPI spec.
> >
> > [2]
> https://uefi.org/specs/ACPI/6.5/15_System_Address_Map_Interfaces.html,
> search AddressRangeACPI.
> > [3] https://uefi.org/specs/UEFI/2.10/07_Services_Boot_Services.html,
> search EfiACPIReclaimMemory.
> >
> > However, in the description, you mentioned "The SEV-SNP Confidential
> Computing blob contains metadata that should remain accessible for the life
> of the guest."
> > That requirement conflicts with the definition of ACPIReclaim memory.
> >
> > I would like to suggest either of below, to meet the need "that should
> remain accessible for the life of the guest."
> > a) EfiACPIMemoryNVS in UEFI, also known as AddressRangeNVS in ACPI (or)
> > b) EfiReservedMemoryType in UEFI, also knowns as AddressRangeReserved
> in ACPI.
> >
> > Please double confirm that.
> >
>
> If EfiACPIMemoryNVS is considered more appropriate, I don't have any
> issues with that.
>
> But the patch is correct in the sense that it should not use
> statically allocated objects. And EfiRuntimeServicesData should be
> avoided as well (athough it is often used for cases like this) as it
> will end up getting mapped into the firmware page tables for no
> reason.
>
> EfiReservedMemory is not suitable for this - Linux on ARM must omit
> this from all its mappings of system memory, because the OS does not
> know *why* it is reserved and with which attributes it is being
> mapped, and the architecture does not tolerate duplicate mappings with
> mismatched attributes.
>
> The semantics of EfiAcpiReclaimMemory are also suitable for cases
> where the contents of the region is only relevant to the OS, and not
> to the firmware itself, and it is really up to the OS to decided
> whether or not it will reclaim the region in question. So for passing
> tables in memory that are similar in purpose to ACPI tables (i.e.,
> describe the platform to the OS), EfiAcpiReclaimMemory is suitable
> imho.
next prev parent reply other threads:[~2023-01-12 10:15 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-21 16:06 [PATCH 0/4] Fixes for SEV-SNP CC blob and CPUID table handling Roth, Michael
2022-12-21 16:06 ` [PATCH 1/4] OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory Roth, Michael
2022-12-21 16:48 ` Lendacky, Thomas
2022-12-21 21:26 ` Dov Murik
2023-01-06 9:18 ` [edk2-devel] " Yao, Jiewen
2023-01-06 20:25 ` Dov Murik
2023-01-07 2:01 ` Yao, Jiewen
2023-01-07 16:52 ` Ard Biesheuvel
2023-01-12 10:15 ` Yao, Jiewen [this message]
2022-12-21 16:06 ` [PATCH 2/4] OvmfPkg/AmdSevDxe: Update ConfidentialComputing blob struct definition Roth, Michael
2023-01-06 9:14 ` [edk2-devel] " Yao, Jiewen
2022-12-21 16:06 ` [PATCH 3/4] OvmfPkg/CcExitLib: Fix SEV-SNP XSave area size calculation Roth, Michael
2022-12-21 16:52 ` Lendacky, Thomas
2023-01-06 8:53 ` [edk2-devel] " Yao, Jiewen
2022-12-21 16:06 ` [PATCH 4/4] OvmfPkg/CcExitLib: Use documented XSave area base size for SEV-SNP Roth, Michael
2022-12-21 16:59 ` Lendacky, Thomas
2023-01-06 8:53 ` [edk2-devel] " Yao, Jiewen
2022-12-21 17:41 ` [PATCH 0/4] Fixes for SEV-SNP CC blob and CPUID table handling Roth, Michael
2023-01-18 3:57 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MW4PR11MB5872C25DB950A6BD0DFCE79F8CFD9@MW4PR11MB5872.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox