From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web08.21959.1630934372685370386 for ; Mon, 06 Sep 2021 06:19:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=pdpXUQSz; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: min.m.xu@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10098"; a="207084101" X-IronPort-AV: E=Sophos;i="5.85,272,1624345200"; d="scan'208";a="207084101" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Sep 2021 06:19:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,272,1624345200"; d="scan'208";a="537037643" Received: from orsmsx604.amr.corp.intel.com ([10.22.229.17]) by FMSMGA003.fm.intel.com with ESMTP; 06 Sep 2021 06:19:31 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Mon, 6 Sep 2021 06:19:30 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Mon, 6 Sep 2021 06:19:30 -0700 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.175) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Mon, 6 Sep 2021 06:19:30 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ImTi3+KL/wzlIMB85TOxkrLaePKm4a2CfKZ6L4/DJiu+Jc7X2rhRb3LF4/66jHFmTcPBsAd1dzN1R4PgV+6Cru+f2FQP62+Z78B2dtUyHtkgScB++k872r+n5KA8vy1hrLWK4jpviXU2ewwp4gdd8WWWOztAOKT1p+b9uXpoJCXwRN/suwjGZ364HM/ficL6x2R4OJT66gizSFSrhIi2wnFy+uadcfGeZ/gael9gb885vZQJnnXYsfkemcm9A22sciwrj80VvUjvMs95mtxvY6Ti3+BpcbdGaBY+Ox4eAJ6WOo+2niYONMPOSnyqbMuRQDyfE5/xkQVo1YK2yl+bxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4/9A1iCs9st8OA0FmLV3iRntGrQuNmNcMzOBYqRoVl8=; b=PGGTZ3Fu7TgQerUz3UWSTeim3AclUoz7utKNmw33QIW12BANiy8EuC+tUdsYo+/7gk3bR8BZv9D7u2YKiNmPg+pVMYnNaH535TPemz1utlEt1c6d0AaQLITna5VliozYTW5O+QYryjYQqIW8Mz+rKHjMAWrd+uWqUfLZbXvlesenTEqusoghd6lHNcLR8cspQqzDCP5+Be/uyyNzUnkKeiRdVsXvM6BN0tP6a39f0kWBQG+XNjiKRjFwEPQsag4qIbQWE2MbHxCKrZBk6/H1g0rZ7QLGZG5P5k6jmN2TNOnDP1AXLq8UVqH371KpTHfKS7QVxktjnf6gqPvUXhXg/w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4/9A1iCs9st8OA0FmLV3iRntGrQuNmNcMzOBYqRoVl8=; b=pdpXUQSzOQr4euOcH3dKLtkHWLJNqu2cr0EzwqvC4oV8cMKpdtL3Vi/fC7uPbVZ26T/QrZZj5x8Tj84jnC4ryj1EduBs8gp25QBfYESrQ2sbTUT6zUzy+wMlQu2XyJ+tZ+GQfFl7Sj8oQ+32XaNaCcXUiK1cCrqn5j+hCyAppn0= Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by PH0PR11MB4903.namprd11.prod.outlook.com (2603:10b6:510:36::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4457.18; Mon, 6 Sep 2021 13:19:28 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::c93:200e:5aeb:e11b]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::c93:200e:5aeb:e11b%3]) with mapi id 15.20.4415.029; Mon, 6 Sep 2021 13:19:28 +0000 From: "Min Xu" To: "kraxel@redhat.com" CC: "devel@edk2.groups.io" , Brijesh Singh , James Bottomley , "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel , Erdem Aktas , "Michael Roth" Subject: Re: [edk2-devel] [PATCH v6 06/29] OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase Thread-Topic: [edk2-devel] [PATCH v6 06/29] OvmfPkg/ResetVector: pre-validate the data pages used in SEC phase Thread-Index: AQHXn00W6QuqZq+6Nk2OMswtuOsvnquQaC2AgAXNomCAAL26AIAACwgA Date: Mon, 6 Sep 2021 13:19:28 +0000 Message-ID: References: <20210901161646.24763-1-brijesh.singh@amd.com> <20210901161646.24763-7-brijesh.singh@amd.com> <20210902082029.tfdt4s5s76qknpiq@sirius.home.kraxel.org> <20210906121650.vwgt5y5hdwxfugvh@sirius.home.kraxel.org> In-Reply-To: <20210906121650.vwgt5y5hdwxfugvh@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.5.1.3 authentication-results: redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 637037e0-1f18-4ca8-52a5-08d97138f479 x-ms-traffictypediagnostic: PH0PR11MB4903: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: NUDWo22y04f5zFEXF1eaJNMMI6VN4shuztQLy6GE99OVgY7HTMjZrdvu/o3RLX9o0Ec0CPs9m/bokIKWoFAi2pIKuMvmCMtSqoIdHJT6W3vSKEFtXD0LUC9hws/qutfQIkfGxkWPXiOdJ7SFjfr5FbHG9otgUdpfY7tQVt+dMDQ8grkcn6A/9DzHzTlcnG1jT0fD0iaPYTyid6YZkST/ol4Wu/2rPgkqAZMZetk+Sr6v/Qj3CfGfFhU85wOXRnv4SrHUuhbrusDqcfAN7+rDYklfGxhB0g71fSH0BmunUrw0xIL+DLveM2L7YjCbBHqihz0PUMUH+KpnlGwgKSR7bxohpvp3fUZN8T0WJ0AyC1njtW9SUgI6U+AcpXz3D7CMcunbkMCCd319tZdRcsA+erSRx4p31vIojb3+Qvq/noELOjAA33RcCfPk9f9aa3txwf0fNjpPV/tGgoaa6HqEWtyhC2NPjg384O6nNlXNTFJtWq3vPpUWVUdR5noQ09cEVzRVQdJZpZAEAAyay+n7wjlAJpZIFJRqoADVAw50mWzlhIVeIcQnD6w3GnSs7mznBxzxqFaHd1YDcrVvdSGHGjNiJlanugxznHNAy/llLz3TUR9Pha/l4AdO0oVZx2LBrnpswGK4F0FN8s28mzehamVL25IkM6osmT7lsdRG/XtHF0e1Ph1XngJwszdLnmnzUbbecMgtHZrI5bHoKsOIjD9iFdJZGgIjxcHeoer64zfs2y5yu4BqFHH/ChP5rLzBZlsmX6dxppfPkPdN2cZf9DEbyqtok2LRIKAt+XfIIXg= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(346002)(396003)(39860400002)(136003)(366004)(4326008)(66556008)(316002)(66476007)(71200400001)(19627235002)(33656002)(7696005)(6506007)(64756008)(38100700002)(6916009)(5660300002)(9686003)(8936002)(86362001)(15650500001)(186003)(26005)(83380400001)(122000001)(2906002)(54906003)(76116006)(8676002)(38070700005)(966005)(66946007)(55016002)(478600001)(52536014)(66446008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?mWhI9tWBTVTnPNtiOvb4NDMY2C5PYYk0VzlT8GgX0/Gc6q6WE0S4izyMUmGP?= =?us-ascii?Q?fqgztoPFX/1qjPq8qFOgwEbnVYpESz5xhV+cYB8PcCi4q5dkxri/UxmytMYI?= =?us-ascii?Q?pRwfx9V/Dq9pYzGjuSIp3HObxYvBi2zAgsII1mCf+1Mq7ZDIB07h0LDLwf39?= =?us-ascii?Q?rtL0LC1DhOWqrs8bM6FZ4WO1jLTVKCq5KIQ3WwXrLymWbeaSqr1ZZJL2XTx1?= =?us-ascii?Q?Pv14VDTznGhuh4AhYdwNREnyrjU/96MnDZJB4WLe9nWvatlcx7It+QdL+UaQ?= =?us-ascii?Q?56yNOb/LBfOHRCYTqTthvJRfXYAKg2TkUso+iqS+jsRKXLUR/1UReMo576uW?= =?us-ascii?Q?oUhA4Pv+Z+xy+cwZhxxURS35zeVtK8LfIfOsA/tEqNleuB+Yaf4RC8DwOqAf?= =?us-ascii?Q?t/Srqr4KX44dufij6gq1OsKF7FxE7KeczGYuSdm8Or+cEzHwyINcoPqVv2BB?= =?us-ascii?Q?6ow1eLX0Hgs85zVRLp6alW1FWResmwYc5Cp0NzT7Rcj9oQfsSbhAcmQW9mli?= =?us-ascii?Q?lCzMB8TXcMrQqOY6ZDgIexDtnB9ISeM2k/as2AHkhC9TtsY3kcABqYzFSKd1?= =?us-ascii?Q?AWuY8vJGbC/imtANLRNaChhxf++8sY+TX/N1Kx/3lbFYHsxgh40FYVV7Pvdd?= =?us-ascii?Q?3i7fM6w2aCYkWI6CBDhbLk1R46bSvDLT5i2iUqum8SokYizI0mW4rOad02Q7?= =?us-ascii?Q?UNj6dQr2eXVRVY5FuHkskJMdQxQfi0tc9AKAK6dUNRIXrRrG55s9VCPs0HwJ?= =?us-ascii?Q?kKzP/8EAcRoz+rg0+ao9J0pBDCm9u0EWmdtu3/6oi2XKtxEi2TqiApm8GEx3?= =?us-ascii?Q?uVa9EOzmbNq+BVxVBqIWHcKO6bZ2SvBrO3kwnTQnbLD5sGlciJlwHc5qWiOM?= =?us-ascii?Q?kQJd1mGyh1k5oYbY40afOcbR/k6Jud5qbTyJjlkWIOSgi6ieguE3t/pF3zRn?= =?us-ascii?Q?MSIi8mSxYuWnUWzexAyXJ17VbERIcfq/6XD57UizVLq3WinwcyXzHgEVRUQP?= =?us-ascii?Q?1/vriPjp7vSrqiEiCDCHzMMms4/XigQrnTL3ItM3vMOzkC09WSR/CpD+1D7M?= =?us-ascii?Q?oBvFy3t+lqgO7TalLjw/wGUy5AWhZyCbguO6YrJ0vlkMWDAZNvawNJlW2UaW?= =?us-ascii?Q?OZAi2purDsN/J9oHrOmYPwcYWfwDUrC9VtXRNwnuDohTJRDOrnkXcdKM9a20?= =?us-ascii?Q?ZiLAdsocxJMG5zNzRabQMKR843o/sPyDuqBos4vIgMvBArF7GXnHCWxZmCGh?= =?us-ascii?Q?XTUw1VJeYKI1ibg2OHnqpO552nGAMSVX7hTfIZeaG5pD1z9m9/2v5HiYUq18?= =?us-ascii?Q?QmtEjkAcuoDbywW7KwTpbAJN?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 637037e0-1f18-4ca8-52a5-08d97138f479 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Sep 2021 13:19:28.2140 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: XKJEnJ0qIEakE1ZL5b88dkB4/5t+R5rjQe8WsBqCLvSoTTM17j12vM3Ap4Mmoy9J9qAPDBmcBRHhEWfTdOTXOw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4903 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On September 6, 2021 8:17 PM, Gerd Hoffman wrote: > Hi, >=20 > > > > sevSnpBootBlockStart: > > > > + DD SNP_HV_VALIDATED_START > > > > + DD SNP_HV_VALIDATED_END >=20 > > We pack all the Tdx information into a blob (TdxMetadata). These tdx > > information Includes the BFV(i.e. OVMF_CODE.fd), the CFV(i.e. > OVMF_VARS.fd), TdMailbox, etc. > > The offset to the TdxMetadata is in the GUIDed chain in > ResetVectorVtf0.asm. >=20 > > In the future new metadata can be added into the TdxMetadata without > > changes in ResetVectorVtf0.asm. >=20 > [ Looking at https://www.mail- > archive.com/devel@edk2.groups.io/msg33605.html ] >=20 > So, there isn't much tdx-specific in tdx-metadata. Most ranges are > TDX_METADATA_SECTION_TYPE_TEMP_MEM which I think basically means > these ranges should be accepted by the hypervisor, which is pretty much t= he > same issue snp tries to solve with this pre-validation range. Then there= are > the ranges for code (aka bfv), for vars (aka cfv) and td_hob. >=20 > td_hob is the only tdx-specific item there, and even that concept (pass > memory ranges as hob list from hypervisor to guest) might be useful outsi= de > tdx. Mailbox is tdx-specific too. But Stack/Heap/OvmfWorkarea/OvmfPageTable are common. BFV/CFV are common too. >=20 > So, can we settle on one approach for this please? I think the tdx-metad= ata > style approach is more flexible and future-proof. It can easily be exten= ded > without changing data structures, we only need new section types. I expe= ct > this will work better long-term when it comes to backward-compatibility. >=20 > I'd suggest we generalize the tdx-metadata idea and define both generic a= nd > vmm-specific section types: >=20 > enum { > OVMF_SECTION_TYPE_UNDEFINED =3D 0; >=20 > /* generic */ > OVMF_SECTION_TYPE_CODE =3D 0x100, > OVMF_SECTION_TYPE_VARS > OVMF_SECTION_TYPE_SEC_MEM /* vmm should accept/validate this */ >=20 > /* sev */ > OVMF_SECTION_TYPE_SEV_SECRETS =3D 0x200, > OVMF_SECTION_TYPE_SEV_CPUID /* or move to generic? */ >=20 > /* tdx */ > OVMV_SECTION_TYPE_TDX_TD_HOB =3D 0x300, > }; >=20 > Comments? TDX has similar section type. But I am not sure if SEV can use this metadata mechanism. Need SEV's comments. >=20 > Looking at tdx-metadata I have a few questions: >=20 > +_Bfv: > + DD TDX_BFV_RAW_DATA_OFFSET > + DD TDX_BFV_RAW_DATA_SIZE >=20 > What is this and why is it needed? Host VMM need to measure the code part (BFV) to MRTD register (which is similar to TPM PCRs). >=20 > + DQ TDX_BFV_MEMORY_BASE > + DQ TDX_BFV_MEMORY_SIZE >=20 > Why "DQ"? TDX is defined to start in 32bit mode, so you can hardly have > addresses here which do not fit into "DD", correct? Those are the memory. TDX is running in long mode. So it is DQ. >=20 > + DD TDX_METADATA_SECTION_TYPE_BFV > + DD TDX_METADATA_ATTRIBUTES_EXTENDMR >=20 > What does this attribute mean? It indicates if the host VMM should use TDCALL[TDH.MR.EXTEND] for this sect= ion. https://software.intel.com/content/dam/develop/external/us/en/documents/tdx= -virtual-firmware-design-guide-rev-1.pdf Please refer to Section 11 TDVF Metadata for more detailed information. Note: this Section will be updated according to the comments from the commu= nity. >=20 Thanks! Min