From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 by mx.groups.io with SMTP id smtpd.web08.16829.1630890641171805023
 for <devel@edk2.groups.io>;
 Sun, 05 Sep 2021 18:10:42 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=ZiABKG71;
 spf=pass (domain: intel.com, ip: 134.134.136.100, mailfrom: min.m.xu@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10098"; a="283563260"
X-IronPort-AV: E=Sophos;i="5.85,271,1624345200"; 
   d="scan'208";a="283563260"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Sep 2021 18:10:40 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.85,271,1624345200"; 
   d="scan'208";a="536301265"
Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15])
  by FMSMGA003.fm.intel.com with ESMTP; 05 Sep 2021 18:10:39 -0700
Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by
 ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.12; Sun, 5 Sep 2021 18:10:39 -0700
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by
 orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.12 via Frontend Transport; Sun, 5 Sep 2021 18:10:39 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.173)
 by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2242.10; Sun, 5 Sep 2021 18:10:38 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=anbVLkvuuFELkPQu9Bp+tX0VO1HGP/Ttx3BnVJg90sCNUu8JDkCm5e5O3O+U6prvn9Nvg5772xybJ+nwPlyiXEc8D9fGszOmjLt4URw1+n0qXwXi5exP6jDlvKWRtmFvKWlrjliOfvw7w46jomUtHByIWok9T3sFhC36r5ch8AofTkvbBQyTwTjImbedmWygHHNbwnq2l2PphVm8JO0pFc+MufMOMqz6m4FpREqIu18ohjDcwOY9Brybgtf05kmQdOOIXQcCteobLo8G5B2AGeXPMyj6UKl6qZLLktnC3kguD8NrrqQDw4pHukWa+hcUODo29n8i0HfYPxgGAI1gWg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=NNJ8CR0mfqfK1ni0DtNdMMDiFOVMg2FTi7MPauHq8A0=;
 b=oYkNzYCXWy1MjTM6II5kyN5pbbIPglnMdSrO32vDeFZmA74MsdrsFFIQTBPVrOmV/S/Mgh+EvMOMK6Kanf/tRu3XEcmeg8Tw+O51t3erNSOBbEAfzxBDLGnCtnD0qPyoYF96l1E/Pc23O39//ketTI8QzCJlKf9Ii/+UBX9Zw8Q+jMuhgAvGifBuqQK24esS0UdHuXtyHSCt7maOlPeyF2j58p7v4kWjC+eMxljacPOBSHDeD3nOsq+0Ui4nNDXvhoosnn73k1Vjy4yzPxmMBjKurk2QIMjBJjyvGysGRSMqH970xrjVo4QasHTR4GgFBiFckAfZwRtyePRl4jCCdg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NNJ8CR0mfqfK1ni0DtNdMMDiFOVMg2FTi7MPauHq8A0=;
 b=ZiABKG71lwVtWK+yLxS2h2T9/VsyVYr9bKliOaLLJ5qDbzKbQwREu7TmcG5H9YBh4VOMLPvELOWXPmraImyGiudtSLGdpO5wE9YhDPare6wqZWlgibuqVUXK1nspBq/dpadSvnvDqKmW46hEF0sbvuY5FXpN26DmfcMM83e7ck8=
Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15)
 by PH0PR11MB5160.namprd11.prod.outlook.com (2603:10b6:510:3e::8) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.20; Mon, 6 Sep
 2021 01:10:37 +0000
Received: from PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b]) by PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b%3]) with mapi id 15.20.4415.029; Mon, 6 Sep 2021
 01:10:37 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "kraxel@redhat.com"
	<kraxel@redhat.com>, Brijesh Singh <brijesh.singh@amd.com>
CC: James Bottomley <jejb@linux.ibm.com>, "Yao, Jiewen"
	<jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, "Justen,
 Jordan L" <jordan.l.justen@intel.com>, Ard Biesheuvel
	<ardb+tianocore@kernel.org>, Erdem Aktas <erdemaktas@google.com>, "Michael
 Roth" <Michael.Roth@amd.com>
Subject: Re: [edk2-devel] [PATCH v6 06/29] OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase
Thread-Topic: [edk2-devel] [PATCH v6 06/29] OvmfPkg/ResetVector: pre-validate
 the data pages used in SEC phase
Thread-Index: AQHXn00W6QuqZq+6Nk2OMswtuOsvnquQaC2AgAXNomA=
Date: Mon, 6 Sep 2021 01:10:36 +0000
Message-ID: <PH0PR11MB506419F10AC4EFC485C541C8C5D29@PH0PR11MB5064.namprd11.prod.outlook.com>
References: <20210901161646.24763-1-brijesh.singh@amd.com>
 <20210901161646.24763-7-brijesh.singh@amd.com>
 <20210902082029.tfdt4s5s76qknpiq@sirius.home.kraxel.org>
In-Reply-To: <20210902082029.tfdt4s5s76qknpiq@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.5.1.3
authentication-results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 306f267a-ead1-49a4-731d-08d970d3229c
x-ms-traffictypediagnostic: PH0PR11MB5160:
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <PH0PR11MB516024B5A06BA449FC0F4CC4C5D29@PH0PR11MB5160.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BoALGxhIRcXanbkNlDO69pt/fvYtz1IkSaWw3+rHRNQi0IZLMjvFaD3Opn5KDZ93Q/felyEmnAkqZS8Xhdx6ngvchYAlcbOuQUlfqGfaUgOr+cQtVJ+SdYlc0hFuVW+gBIptX0v5Z8EQq0UixYknDRxj737BTTwb2yFNZRdGk09MZRXmo6KhL+ioE4nVTapnppke2MTx3jMNr9/wVG4h6VEtIVNmKAjH9odFoD7HOrjMQRLt4W+0dMbEVUVxqB/D2ak34sFrK9tgsgP7DmiTpOPpWvIQbFe3UZS69AByJkyLmP5wNsxa+p/rCiAPtHljKk733ycA5NQ/+PK32XcPrSQlSqlZSsJZDbB/32c0LIE5uY3an2idN8o+uBYP/XW9e87IsDmsyKwLhf12evccyYVxds97DvdZ8jaMermHzn59ZAxDq6rHdbzPqwAJvpLsk0qZ+4mTgQPJQaWPY5QWgxPLKkta7Pd1tsNMbxO0DzI+vxrqW5IcxKhOKzyGA5weajFBVBjHbf327C7wjhBn83XVcrX3m8ONLaJ14MI+GfYSp0Xe6u2XXjcNSFE65Wdl3fBbtP9tgIndn/kcNFT6b8pGslEDHeKMXtdO9v+5Ehj8oOkA0Bj8JeB+Ph1Rmwog9p+7FDNibyffBMo+aG7jmjP7kD0gDVkKPZ3Gqr9m+pj2rlQ4TRkhKRN4amELj3obtPf3zUWN1Ie8zwvQZB0xhQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(346002)(366004)(396003)(376002)(39860400002)(136003)(8936002)(38070700005)(19627235002)(8676002)(4326008)(66476007)(9686003)(38100700002)(15650500001)(2906002)(66556008)(66446008)(316002)(54906003)(86362001)(110136005)(6506007)(478600001)(66946007)(7696005)(5660300002)(64756008)(76116006)(26005)(122000001)(186003)(83380400001)(52536014)(71200400001)(55016002)(33656002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?aI7QsmoCo56qxjOcNSn59TGw+EZiQf8x3XCaP1Efy1viiC3L6V1NR6YEGqWC?=
 =?us-ascii?Q?Ok9mf41xRYPEoCbcJdSgxzYZQG/Q+VWVrR1HHrQnmtZeMM7foCwjoWEbnJ8d?=
 =?us-ascii?Q?bVXJjZR515fMtl34MpEu8xY67SpGY1tMDPvC5OUdL5JSb9RjrdStWTtAVQFI?=
 =?us-ascii?Q?+rLWqyy3ZF1U+jP9icGxqcl9s9JOQP3Kl1YTSoah+OxRj6VWyRVDy2q9Ibjp?=
 =?us-ascii?Q?mw01s0O6aV7pGRpvD1sbifj1b2F3WUrX3iqFMF3AgorfTh6Qog4ohj6RyJJs?=
 =?us-ascii?Q?gChHyb6lAr3Bdcr8DuW2kZj07QzpspW1TUMSNABmFMygH3gs5bCspLadVK+P?=
 =?us-ascii?Q?gfn1hXKehWIK1X8TjWWX/VKfKilc1uXupeuyaRd3LS6SJo3MDlCsfK2UA5yH?=
 =?us-ascii?Q?9njTBZk6SrvE87LkD5s1VnkuA7GDHNvh2stGn8U+hC5/8Kscv2KALc8v1sxl?=
 =?us-ascii?Q?CVFwpxE6uSJx3XbiFH/GoSNmGy4bRm+nk+2dZ3/qrYqMFtkyApNp0Rd/Dfc7?=
 =?us-ascii?Q?F7baiFlSBwIhiShTW1GVTMLLcCCx7/5L9p1atUgMyM2XUmYPIbmOPe5n8rBJ?=
 =?us-ascii?Q?DGTm6pHkGjr5Y9AMvoWYmgIGkhZ4hTO8JUgty3BCeuVQLyB68IEdWhxFHxgK?=
 =?us-ascii?Q?RlTMZxsIxlHsZfJquFeZdOHBpoqQ6eSWozxjgEg+vwVrmZIVtlnGtzDLPd91?=
 =?us-ascii?Q?xks4T5wuqfkc5TyUv8NAlB9c8dWf6qFoC0ZxYtMNqO/99onFjVC4qHHsbQtL?=
 =?us-ascii?Q?oJtDQTy0hp9YfwYAj8b21ySFOE5LHtY9gY4fZFsK0Geos784tjS1ubnxkoSl?=
 =?us-ascii?Q?xE3g/bDZvdsiQI8kbGUItASsgVPtzUHkYn/8GgMAscx1fnLqdneUUKy7mswl?=
 =?us-ascii?Q?tlxvgWG1j5oqfabBER+cbHO8mBC01qaawqcUiR9i56/Wy3hWdnet5scvdAdl?=
 =?us-ascii?Q?PQWMaYqi2F8HmFYAm7hezZgJPW3IP93kY+5bZfMkRnmVcE2cpbAyO6WAqIvx?=
 =?us-ascii?Q?+n1pNqN1X0O7gw7KE6w+lI+AkHkBTPrg09oiHznkwTv8TZJNaX/4kOE13djW?=
 =?us-ascii?Q?6j+rCnqaHNm1RbnVERw2O7sDBHK2ofx9UC2zsFu+7ZdRyMrWYC9adOLMzGSR?=
 =?us-ascii?Q?hEJ5GTVK0Ypu/ophPoJ/bjZZAsjcbN54dxNNuhTh2LX8b2AAEaw8YwtQnjQF?=
 =?us-ascii?Q?w06GGX/etuYSACZcNeyyeFfHD6paiC8DOgEXAX/jvgIGZbF3gWVxAOdlMexS?=
 =?us-ascii?Q?s0ABJgJQegYbw/o5XS0sh1qKC24QLdT3sLmrgMPf726wRJXCHTjtJFAupyiO?=
 =?us-ascii?Q?qQYbU10KH/iGKjH9pBR6hhu8?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 306f267a-ead1-49a4-731d-08d970d3229c
X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Sep 2021 01:10:36.9858
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: uE8SvKBvbUfZEB9wGs3MOF0JFGsnQgVBzgBE9Hd1Jwvd9C7Timlk7sdztI5BmNPhA5vkrUP2FOrwztujhfLYLA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5160
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On September 2, 2021 4:20 PM, Gerd Hoffmann wrote:
>   Hi,
>=20
> > During the guest creation time, the VMM encrypts the OVMF_CODE.fd
> > using the SEV-SNP firmware provided LAUNCH_UPDATE_DATA command. In
> > addition to encrypting the content, the command also validates the
> memory region.
> > This allows us to execute the code without going through the
> > validation sequence.
>=20
> Hmm, tdx must handle this too.
>=20
> > +
> > +
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpHypervisorPreValidatedStart|0x0
> > + |UINT32|0x56
> > +
> > +
> gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpHypervisorPreValidatedEnd|0x0|
> U
> > + INT32|0x57
>=20
> So maybe we should drop the "Snp" from the name here ...
>=20
> >  ; GUID (SEV-SNP boot block): bd39c0c2-2f8e-4243-83e8-1b74cebcb7d9
> >  ;
> >  sevSnpBootBlockStart:
> > +    DD      SNP_HV_VALIDATED_START
> > +    DD      SNP_HV_VALIDATED_END
>=20
> ... and store the range which needs validation in another, not snp-specif=
ic
> block?
>=20
> Jiewen? Min?
We pack all the Tdx information into  a blob (TdxMetadata). These tdx infor=
mation
Includes the BFV(i.e. OVMF_CODE.fd), the CFV(i.e. OVMF_VARS.fd), TdMailbox,=
 etc.
The offset to the TdxMetadata is in the GUIDed chain in ResetVectorVtf0.asm=
.
;
; GUID : e47a6535-984a-4798-865e-4685a7bf8ec2
;
tdxMetadataOffsetStart:
    DD      (OVMF_IMAGE_SIZE_IN_KB * 1024 - (fourGigabytes - TdxMetadataGui=
d - 16))
    DW      tdxMetadataOffsetEnd - tdxMetadataOffsetStart
    DB      0x35, 0x65, 0x7a, 0xe4, 0x4a, 0x98, 0x98, 0x47
    DB      0x86, 0x5e, 0x46, 0x85, 0xa7, 0xbf, 0x8e, 0xc2
tdxMetadataOffsetEnd:

In the future new metadata can be added into the TdxMetadata without change=
s
in ResetVectorVtf0.asm.

Thanks!
Min