From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by mx.groups.io with SMTP id smtpd.web09.8057.1627370780290515098
 for <devel@edk2.groups.io>;
 Tue, 27 Jul 2021 00:26:20 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=Oik4hWwF;
 spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: min.m.xu@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10057"; a="191983454"
X-IronPort-AV: E=Sophos;i="5.84,272,1620716400"; 
   d="scan'208";a="191983454"
Received: from orsmga007.jf.intel.com ([10.7.209.58])
  by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Jul 2021 00:26:18 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.84,272,1620716400"; 
   d="scan'208";a="456013770"
Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84])
  by orsmga007.jf.intel.com with ESMTP; 27 Jul 2021 00:26:17 -0700
Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by
 fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10; Tue, 27 Jul 2021 00:26:17 -0700
Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by
 fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10; Tue, 27 Jul 2021 00:26:16 -0700
Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by
 fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10 via Frontend Transport; Tue, 27 Jul 2021 00:26:16 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.100)
 by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2242.10; Tue, 27 Jul 2021 00:26:16 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Hyy/7286KnTN+9oRjYHZIwxI/ISewPvRpSbF51q5vSJXsfqQipxfpP7TNtUQEARhlmNitYjJdQO3SF/WwIpfuMm6JBrm3L1eUfhW4XGQF69esi1jxqYF/KptBLYbrag2/0ksO7pAGXWTn/kiY6w7a/KotrB2ZbGYFoOoIhDqfdQP9GOHI9oAsrmLcb7QqiZ4CidwW5lVGBjurUs8dYIZxhrwCdiARNuloHa5DpAcX7Ch6Tq74f8hJLq/1zcrzmIDlJNb47S9Z3W89/xCqODigHWg3I795VB3AbkbGcdQ1Wr3CraGdkug6zCg4FxH5z8adb7Ppl0QcDL2a0jmhug+rg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=MetNXpVtGKlLZ6hNaVDhuUpEUBntTzIUqxCui5oIKKA=;
 b=mcBqGazvggubCy83/5mfdac8Ket8j0nwkGdeqZ7gzQim/eeYGGw+mrAmiN+L84Knq8tMM38YLk1DUGocfR8xe7Yz9rIfWyoBifX5NR96JYY7kck3Lif8ChepzyaFdQcg7A4TcY3Ac3sBnDw6KV0f88JzbG96B4w2NjB/ELpVNx1AOJF+xpT8wbHfQQFi+9sxdalYrnvDdLiwb43++Ao3jtzMkGDjld5H8NQ3XHeUQ4vPkUapKn4gXjPhwvOhY+SaQl7bJQZMsHcZ5QSwtJVPDLTPnyWXQugTd5GOxzWfLO8LMlfYS0ynmoCRhx+bcfZM2XiKl5nm6eBwMiDvDIDxRQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=MetNXpVtGKlLZ6hNaVDhuUpEUBntTzIUqxCui5oIKKA=;
 b=Oik4hWwFhhsCabvEAAIDOfTlRstv+EyiSCD4MzhSu5g3VzXec92kHFEjxa4Qd85dxe7U/aCgN75odEPZGKpAcs49kLDqxmrygbdc69Z72wQmiG1obYYgXsl2eWVatVQx6mixTtoyO5168GpOcw05OF7/ryaPxYzskp+ZaIUgJRA=
Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15)
 by PH0PR11MB4839.namprd11.prod.outlook.com (2603:10b6:510:42::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.29; Tue, 27 Jul
 2021 07:26:14 +0000
Received: from PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::b4be:3994:dd4d:7b9d]) by PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::b4be:3994:dd4d:7b9d%7]) with mapi id 15.20.4331.035; Tue, 27 Jul 2021
 07:26:13 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: Ard Biesheuvel <ardb+tianocore@kernel.org>, "Justen, Jordan L"
	<jordan.l.justen@intel.com>, Brijesh Singh <brijesh.singh@amd.com>, "Erdem
 Aktas" <erdemaktas@google.com>, James Bottomley <jejb@linux.ibm.com>, "Tom
 Lendacky" <thomas.lendacky@amd.com>
Subject: Re: [edk2-devel] [PATCH V3 00/10] Add Intel TDX support in OvmfPkg/ResetVector
Thread-Topic: [edk2-devel] [PATCH V3 00/10] Add Intel TDX support in
 OvmfPkg/ResetVector
Thread-Index: AQHXgqpA62yGhZJMVU6KppGgiymStqtWaVsAgAABUKA=
Date: Tue, 27 Jul 2021 07:26:13 +0000
Message-ID: <PH0PR11MB5064BB7AC4887468AC12C0FDC5E99@PH0PR11MB5064.namprd11.prod.outlook.com>
References: <cover.1627353779.git.min.m.xu@intel.com>
 <PH0PR11MB4885164EAB0F544E7BD8BF8C8CE99@PH0PR11MB4885.namprd11.prod.outlook.com>
In-Reply-To: <PH0PR11MB4885164EAB0F544E7BD8BF8C8CE99@PH0PR11MB4885.namprd11.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.5.1.3
authentication-results: intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 79fa425d-2578-40cd-4267-08d950cfd0b5
x-ms-traffictypediagnostic: PH0PR11MB4839:
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <PH0PR11MB4839747BFA9EDB4666A285B8C5E99@PH0PR11MB4839.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: WCmHYiLlsksrqorJdFoxhr9wbq0hQulZeeq5x91gITnDDqfJskTgs166QUwgUMIP0uTTdKr7jxpi8MiAQwz4Yt3CBVgiPNhgvRqgoGOzXaSucrGOV14KpVhfUVO3PC3TYSvXEc1KV/P2hGe9ZkqIN6bkuvkzcVIdSAC8iktIvk7nzu+jaBmiRzdMP7OgfUm3VPaNqpdhlXz44U1Z69UUSaWlLdqIkyoHnAvg2Xe+yIBFv2Bv30yASvfM+aA0E9zycxFYg46v9HJG2jrholbeVUM+Q7mvLlFUSzCaRuCXswtkpJBXD/IcCmi+5xQTCk1k24KD90xfHeuh0Bf+dvx5dHSKQrZOp7+hswCnCN3FfVrtGwC6Rbc6rm+gEEnYIq0DZ7d2pAneGaYNiaJvGuvVYRWFvZ8vqpx6/rUaNgMVmCaHpXcDWRrJIBIOpEtqCy2+rgLprOQ9yLEwL9O82bqcWuCU5v/CLTz8jgo0tZ0cuvKwjxu8EkBLwReQuhcAtNIfZVicBmAfdqftHHzVMu4BE+tMVMlYKVQuTSwb1n7gd0MdKdviWqJAtRtzv0p9COjCyrRGvs0jGInypAckbtH/V9xHUjDr+ZduW+ZwcUBVEsnSh1GdHHcH8pAZGpOQ5WRhykI43JmVjurKJl877hSAN7E1HoFbkwBPTJNLJx0JPF3qFlXY7BLgfPNqf5AoncqxlUYMtbk4eNd9Fecbk8SpHw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(396003)(39860400002)(376002)(366004)(346002)(110136005)(6506007)(26005)(76116006)(186003)(86362001)(54906003)(66556008)(64756008)(66476007)(66446008)(7696005)(33656002)(478600001)(71200400001)(52536014)(8936002)(4326008)(122000001)(9686003)(8676002)(19627235002)(2906002)(5660300002)(316002)(83380400001)(66946007)(38100700002)(55016002)(38070700004);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?jt26ob3gNC+eht/iZtGinXUvUYT4EPcTMZ/GCWjJp4a+pVCt7mDh/Hca/uco?=
 =?us-ascii?Q?ds9MNSnDftfTJVpg09ZBNY23jPMG5Gqv0oO+oA8GmuiP44S/byz+cQNuvRmT?=
 =?us-ascii?Q?OyXRcCmDmq98DhBRiLgVBalOs1MRaQ/1hAYCkUNgUKXk6o0K29eabPcdv93u?=
 =?us-ascii?Q?v5AbIJmGcl/dDvxzhAWIPvVtq9KAjiAW9ylsuzDLhDPHv8PJyWacrM7o2KRF?=
 =?us-ascii?Q?B2TBXpBBfiSALLY+EIouKkqlFaDFAkuLnlW7QQQW7/wFZaAkh377JcWf5SCY?=
 =?us-ascii?Q?jKLEYRVaFJCcWfVOYNMdyfkAl9u93+eD4W7Haf1hgVPwKhu2mdftbUVLweHL?=
 =?us-ascii?Q?n8/XG6u0tdonJvtZzguPOVhTwN6O+dibaku2dPYc9e7AS9DFwzqXMyAncuQJ?=
 =?us-ascii?Q?Fq+79v2ir048gT4qPZaGwXnO5RYsPPkKXIdGb7pM+Vf9o2YysNfN1B6mBi6F?=
 =?us-ascii?Q?o/qDHuMXwC7N8bYcjQGKotHFisNfVmd+j1dUcMiH8uUoOxMpWAQzF3hu6znL?=
 =?us-ascii?Q?i+Axi2ugRyUdCQ4two/HITFtzGQ347ddDReXpTSnbTczV1FTgx8MTHZdq7GN?=
 =?us-ascii?Q?nL/+GBb51XRSoYW516ABpUA/w1DX+bg46vHbk7ljvZfskhOAjeFlta78PU9N?=
 =?us-ascii?Q?bOk0h97ZDiBSJirFetuxezSpq1MLYldK3QALJ5Om55ZO3/JULOxazSfNN+J1?=
 =?us-ascii?Q?pCmdJZRQ5ftq9RJ1HIQPRo73e7e51nDiQEaqdmi5LTqXXB6Td9pPblvS1ew6?=
 =?us-ascii?Q?ELSNZFN+aPdPErTKv0JBYhtoYRERnXJgQzKfeu1mFNH2FPYbIfKiBmS1AHFA?=
 =?us-ascii?Q?1//FVobhJF4JnKFAAsevvLbz/+CTXGD0TyrDUkJN22VBr2o7daiaV0V2W5wQ?=
 =?us-ascii?Q?e5oGUJ3chsf+/GgKHGpNwo5pXSix/CbvQ1jCHVGZvlsbwAsd+rTMDC6pTCuu?=
 =?us-ascii?Q?qRWA6EhUgD+AHdHtXXb7AZ1muyFYA+630FWe310wJc9UuoyUw02zc4ZJ/Aw1?=
 =?us-ascii?Q?ikClVKCIuFhsjBLWwekvlPUAq6lHaxMvanjTcGIyWIXckFqfK/lP1HmUl8Ro?=
 =?us-ascii?Q?4DyjxHDfgYoz0HH0u6SOZw9fOTTAiMHyPfnRXPOCOwkZzZkAuMJyhXIjopbJ?=
 =?us-ascii?Q?MNBpbW3aSmGfHa3fPQmD8JOY9q7xevIL1JfpbcZFy9guFUacur1BvglBP14Y?=
 =?us-ascii?Q?QBCu9ql1reCdwKOLIT7Ww+qxJuavC929hSLc3PFCL/rzpaJ8SKqP3fHTJ5jO?=
 =?us-ascii?Q?VThRSpsJaJRlPAzXP+9wOCqGMfh1R17lzoHjwVp3ny1kniHe6vt9i0wYwX6X?=
 =?us-ascii?Q?W8delIXV7OV6l5iil032/rpo?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 79fa425d-2578-40cd-4267-08d950cfd0b5
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 07:26:13.8702
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gTKxNIyoOi+sV7tY2RoXHgQbwa5E7fOpJFgKV6e8Im00RFaezMLIa1eHiJhkHK44pkC9+ruF4oIMEEzwQo+pNw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4839
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On July 27, 2021 3:17 PM, Yao, Jiewen wrote:
> Thanks Min.
> Many thanks for splitting SEV stuff to a standalone file. That is very go=
od start.
>=20
> Some other comments for your consideration:
>=20
> 1) There is no need to create a standalone Init32.asm and ReloadFlat32.as=
m.
> They are only needed in TDX so far. Please keep it in TDX.
Agree. Will move them to IntelTdx.asm in the next version.
>=20
> 2) I do not see the absolute need to create multiple patches for
> ResetVector.nasm/ResetVectorVtf0.asm to add TDX stuff one by one. That
> always makes me feel you miss something in the beginning. Since all the p=
atches
> are adding TDX support, I think we can add them one time.
Agree. Will update it in next version.
>=20
> 3) The strategy I take to review the patch is to compare the ResetVector =
in
> UefiCpuPkg and OvmfPkg.
> If they are similar, I am at ease. If they are different, I would ask why=
.
>=20
> For example, OVMF version Flat32ToFlat64.asm missing the
> CR4/CR0/EFER_MSR handling in normal mode. I am not sure why. A potential
> bug? We had better make them consistent.
They are in SEV's code. I will extract them out in the next version.
>=20
> 4) I can understand difference in PageTables64.asm. UefiCpuPkg uses ROM p=
age
> table, while OVMF uses runtime crated page table. That is OK.
>=20
> However, it is hard for me to understand how SEV/TDX hack the build page =
table.
>=20
> I still recommend we move SEV hook to SEV file, and TDX hook to TDX file.
> If we can use below patter, that can help me a lot to understand the logi=
c.
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> SetCr3ForPageTables64:
>=20
>     xor     edx, edx
>=20
>     PreBuildPageTableHookSev
>     PreBuildPageTableHookTdx
>=20
> BuildPageTables:
>=20
>     XXXXXX
>=20
>     PostBuildPageTableHookSev
>     PostBuildPageTableHookTdx
>=20
> SetCr3:
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Agree. Will update it in next version.
>=20
> 5) There are too many noise in ResetVectorVtf0.asm.
> Can we move SEV and TDX related GUID definition to a standalone SevVtf0.a=
sm
> and TdxVtf0.asm?
Sure. I will do it in the next version.
>=20
Thank you very much for the comments.

Xu, Min=20