From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
"kraxel@redhat.com" <kraxel@redhat.com>
Cc: "Xu, Min M" <min.m.xu@intel.com>,
Ard Biesheuvel <ardb+tianocore@kernel.org>,
"Justen, Jordan L" <jordan.l.justen@intel.com>,
Brijesh Singh <brijesh.singh@amd.com>,
Erdem Aktas <erdemaktas@google.com>,
James Bottomley <jejb@linux.ibm.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [edk2-devel] [PATCH V2 21/28] OvmfPkg: Update PlatformPei to support TDX
Date: Fri, 15 Oct 2021 06:41:49 +0000 [thread overview]
Message-ID: <PH0PR11MB4885782085683FF122E4FA528CB99@PH0PR11MB4885.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20211015054557.qwh6qalq5uql4smq@sirius.home.kraxel.org>
Ok. Please allow me to clarify my description.
"high memory" in this context means the memory region just below the less than 4GiB DRAM limit. In a platform BIOS, it means the memory just below TOLUD (Top of Low Usable DRAM).
Usually, the BIOS will reserve a chunk of memory just below TOLUD, including ReservedMemory, ACPI-NVS, ACPI-Reclaim, RuntimeData, RuntimeCode. As such the OS can use the reset memory as a continuous memory region.
"low memory" in this context means the memory region below the "high memory" defined above. From OS perspective, there will be a hole in the continuous memory region. Technically, OS shall handle that. But the best practice told us we should avoid that as much as possible. We have experience that if we put too many holes, some OSes will refuse to boot. From OS perspective, the BIOS should put all BIOS-reserved memory together.
Here, the initial mailbox is in "low memory", because we cannot predict how many virtual-DRAM the VMM will allocate for the OVMF. We cannot predict where is the TOLUD.
And we have to put the final mailbox (reserved) to "high memory" to avoid creating a hole for OS.
If you look at the whole firmware code, relocation is quite usual design pattern in firmware. For example, PEI HOB, SMM init, CPU AP Loop, ACPI table, BootScript, etc.
Thank you
Yao Jiewen
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> Sent: Friday, October 15, 2021 1:46 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>
> Cc: devel@edk2.groups.io; Xu, Min M <min.m.xu@intel.com>; Ard Biesheuvel
> <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>;
> Brijesh Singh <brijesh.singh@amd.com>; Erdem Aktas
> <erdemaktas@google.com>; James Bottomley <jejb@linux.ibm.com>; Tom
> Lendacky <thomas.lendacky@amd.com>
> Subject: Re: [edk2-devel] [PATCH V2 21/28] OvmfPkg: Update PlatformPei to
> support TDX
>
> Hi,
>
> > The original mailbox location is in low memory. If we do not relocate
> > to high memory, then the OS will see a hole in low memory.
>
> Well, both low and high memory to be exact. qemu maps the whole
> firmware image below 4G, and mirrors the topmost 128k (including
> memfd + reset vector) below 1M.
>
> Given that TDX starts the processor in 32bit mode, so it doesn't need
> the 16bit entry @ f000:fff0, I assumed TDX completely ignores the low
> memory mapping and uses only the high memory mapping.
>
> So you are telling me this is not the case?
>
> take care,
> Gerd
>
>
>
>
>
next prev parent reply other threads:[~2021-10-15 6:42 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-05 3:39 [PATCH V2 00/28] Enable Intel TDX in OvmfPkg (Config-A) Min Xu
2021-10-05 3:39 ` [PATCH V2 01/28] OvmfPkg: Copy Main.asm from UefiCpuPkg to OvmfPkg's ResetVector Min Xu
2021-10-05 3:39 ` [PATCH V2 02/28] OvmfPkg: Enable TDX in ResetVector Min Xu
2021-10-05 3:39 ` [PATCH V2 03/28] OvmfPkg: Merge TEMP_MEM entries in Tdx metadata Min Xu
2021-10-05 3:39 ` [PATCH V2 04/28] MdePkg: Add Tdx.h Min Xu
2021-10-12 7:48 ` [edk2-devel] " Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 05/28] MdePkg: Add TdxLib to wrap Tdx operations Min Xu
2021-10-12 8:22 ` [edk2-devel] " Gerd Hoffmann
2021-10-13 12:13 ` Min Xu
2021-10-14 5:30 ` Gerd Hoffmann
2021-10-22 2:06 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 06/28] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Min Xu
2021-10-12 10:05 ` [edk2-devel] " Gerd Hoffmann
2021-10-13 13:40 ` Min Xu
2021-10-14 5:37 ` Gerd Hoffmann
2021-10-14 6:24 ` Min Xu
2021-10-14 9:03 ` Gerd Hoffmann
2021-10-22 5:23 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 07/28] UefiCpuPkg: Support TDX in BaseXApicX2ApicLib Min Xu
2021-10-12 10:15 ` [edk2-devel] " Gerd Hoffmann
2021-10-13 14:06 ` Min Xu
2021-10-13 5:30 ` Ni, Ray
2021-10-14 7:58 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 08/28] UefiCpuPkg: Add VmTdExitLibNull Min Xu
2021-10-05 3:39 ` [PATCH V2 09/28] UefiPayloadPkg: Prepare UefiPayloadPkg to use the VmTdExitLib library Min Xu
2021-10-05 3:39 ` [PATCH V2 10/28] OvmfPkg: Prepare OvmfPkg " Min Xu
2021-10-05 3:39 ` [PATCH V2 11/28] OvmfPkg: Implement library support for VmTdExitLib in Ovmf Min Xu
2021-10-05 3:39 ` [PATCH V2 12/28] UefiCpuPkg/CpuExceptionHandler: Add base support for the #VE exception Min Xu
2021-10-12 10:27 ` [edk2-devel] " Gerd Hoffmann
2021-10-26 5:06 ` Min Xu
2021-10-26 6:11 ` Gerd Hoffmann
2021-10-26 8:23 ` Min Xu
2021-10-26 10:24 ` Gerd Hoffmann
2021-10-26 12:09 ` Min Xu
2021-10-27 7:19 ` Gerd Hoffmann
2021-10-28 1:59 ` Yao, Jiewen
2021-10-28 15:35 ` Brijesh Singh
2021-10-28 15:52 ` Yao, Jiewen
2021-10-28 18:28 ` Lendacky, Thomas
2021-10-29 0:17 ` Yao, Jiewen
2021-10-29 4:52 ` Gerd Hoffmann
2021-10-29 7:51 ` Min Xu
2021-10-29 11:40 ` Gerd Hoffmann
2021-11-01 13:54 ` Sami Mujawar
2021-11-01 13:57 ` Yao, Jiewen
[not found] ` <16B2583BF2C9DB9C.5572@groups.io>
2021-10-29 0:20 ` Yao, Jiewen
2021-10-29 0:25 ` Brijesh Singh
[not found] ` <16B20F4407499229.28171@groups.io>
2021-10-28 2:07 ` Yao, Jiewen
2021-10-28 8:24 ` Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 13/28] UefiCpuPkg: Enable Tdx support in MpInitLib Min Xu
2021-10-12 10:31 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 0:27 ` Min Xu
2021-10-14 6:04 ` Gerd Hoffmann
2021-10-14 6:31 ` Min Xu
2021-10-14 6:56 ` Gerd Hoffmann
2021-10-13 6:01 ` Ni, Ray
2021-10-14 8:22 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 14/28] OvmfPkg: Update SecEntry.nasm to support Tdx Min Xu
2021-10-12 10:38 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 0:55 ` Min Xu
2021-10-14 6:51 ` Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 15/28] OvmfPkg: Add IntelTdx.h in OvmfPkg/Include/IndustryStandard Min Xu
2021-10-05 3:39 ` [PATCH V2 16/28] OvmfPkg: Add TdxMailboxLib Min Xu
2021-10-05 3:39 ` [PATCH V2 17/28] MdePkg: Add EFI_RESOURCE_ATTRIBUTE_ENCRYPTED in PiHob.h Min Xu
2021-10-05 3:39 ` [PATCH V2 18/28] OvmfPkg: Enable Tdx in SecMain.c Min Xu
2021-10-05 3:39 ` [PATCH V2 19/28] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation Min Xu
2021-10-05 3:39 ` [PATCH V2 20/28] MdeModulePkg: EFER should not be changed in TDX Min Xu
2021-10-05 3:39 ` [PATCH V2 21/28] OvmfPkg: Update PlatformPei to support TDX Min Xu
2021-10-13 4:49 ` [edk2-devel] " Gerd Hoffmann
2021-10-15 1:31 ` Yao, Jiewen
2021-10-15 5:45 ` Gerd Hoffmann
2021-10-15 6:41 ` Yao, Jiewen [this message]
2021-10-05 3:39 ` [PATCH V2 22/28] UefiCpuPkg: Define ConfidentialComputingGuestAttr (Temp) Min Xu
2021-10-05 3:39 ` [PATCH V2 23/28] OvmfPkg: Update AcpiPlatformDxe to alter MADT table Min Xu
2021-10-05 3:39 ` [PATCH V2 24/28] OvmfPkg: Add TdxDxe driver Min Xu
2021-10-12 11:50 ` [edk2-devel] " Gerd Hoffmann
2021-10-18 8:38 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 25/28] OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper library Min Xu
2021-10-12 12:13 ` [edk2-devel] " Gerd Hoffmann
2021-10-05 3:39 ` [PATCH V2 26/28] OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxe Min Xu
2021-10-05 3:39 ` [PATCH V2 27/28] OvmfPkg: Update IoMmuDxe to support TDX Min Xu
2021-10-12 12:15 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 2:11 ` Min Xu
2021-10-05 3:39 ` [PATCH V2 28/28] OvmfPkg: Add LocalApicTimerDxe Min Xu
2021-10-12 13:02 ` [edk2-devel] " Gerd Hoffmann
2021-10-14 5:20 ` Min Xu
2021-10-15 1:21 ` Yao, Jiewen
2021-10-25 7:37 ` Min Xu
2021-10-25 11:27 ` Gerd Hoffmann
2021-10-26 1:29 ` Min Xu
2021-10-26 5:50 ` Gerd Hoffmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR11MB4885782085683FF122E4FA528CB99@PH0PR11MB4885.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox