From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web10.15088.1642294560364281415 for ; Sat, 15 Jan 2022 16:56:00 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=YTOERKzu; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1642294560; x=1673830560; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=qY2yUd/VNvs/QPLqyvPPIVqW58IjP+CVy98GgT0le6Q=; b=YTOERKzu81+lr20J0RQp7LvDf/UuxUHt6Bzrg+B6v1b6yKsjUf3Ty7EK gmtDWJiPorQAZ2qWzN3U303DF99KmouYhY3l6WWkGKdZ6X7cKKL7hXzPN EX9wh0lr5p2/yQBOL0MlNAGmM7RcCkXuqLgWilCrcmBaOdxTD7Y7ZwK42 6jEC80Ad3s0SB5KHzqW95P+vQ64f/bvfDGGt5l02LNgY8JnTREW9gEAUr 7oa9q3zJjI0lisy+XLNme7uPA/Z4KZ1hkY4FSINg5tnYwpaLC9a9/y45s aIdVRcrZaT/Uho03q2vJaFVg+dNWmXE6mVCFeNZYIYJQYQV/Cohb9FHbU A==; X-IronPort-AV: E=McAfee;i="6200,9189,10228"; a="244405633" X-IronPort-AV: E=Sophos;i="5.88,292,1635231600"; d="scan'208";a="244405633" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jan 2022 16:55:59 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,292,1635231600"; d="scan'208";a="577662912" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by fmsmga008.fm.intel.com with ESMTP; 15 Jan 2022 16:55:58 -0800 Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Sat, 15 Jan 2022 16:55:58 -0800 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Sat, 15 Jan 2022 16:55:58 -0800 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Sat, 15 Jan 2022 16:55:58 -0800 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.47) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Sat, 15 Jan 2022 16:55:57 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RBSqfPqOm3VbThqGJUjCVGTEG88UeWo3r3k5ESvPaorH2LnhZsq87WimlquACUCY2EPNUzevHkTFP4kwzBw3L2XkFD1yv+pp1wvzPSXRqWq4sgGFFl/Esmo7TPYT8ANFZTVJynsKwUdFKKUJnUQ7+1esI63DUt9WVtITN7fnG8emH560FqU6Zp7ZgYK/bdMDbqekOZvCqOgGvSrugenzJ2YkxxQXI5tqRQ4w+v7qGsqy/RXdhzyYubL6V8R4btRFNHTd9n3NrdcnDP1yydjAFPMktehOn8WOBiwNA27FZnNkyupqTy65SJf8WcF7X1HitFwLP4lI8iGlZ4h/9/1t9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BResnT2GJn+ZS53bF6KqmED1Ksz5NHPfmzT8D2HY/eo=; b=kxzLifnsYl48k6VozbKBsMM0Uyu5J7ZLk7SKCbE4/ysUkpwR5fjp/DZBDnbDgLuvv3ohLFceiE60sWetf3Neq+nLrFQ1XmUO3DhuAvqunsDuv51w+XwfVq7boxdvyJIMifjunG6GGYV5H28NQCwllyAv9miUDdP+wkLZIDcAovP4CxiAbNLHIvKZeOHNqhwx6aGgEl3o4wEWsK6ZtFg8iwGeTmOfvXuXVCMQf/NJVjfjHICVbEQRIftN7S4HV7a4jPhrM3xSZab+1tEhSB8EBijhddSLunC+Hv9kS/Kzq92lHCIrSNy1OEJmcyE3yZh8NApBxj3l3spmi6JAfZPj1Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by SN6PR11MB3182.namprd11.prod.outlook.com (2603:10b6:805:bf::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.11; Sun, 16 Jan 2022 00:55:56 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::ed65:b010:fc2c:f48c]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::ed65:b010:fc2c:f48c%5]) with mapi id 15.20.4888.013; Sun, 16 Jan 2022 00:55:56 +0000 From: "Min Xu" To: "kraxel@redhat.com" CC: "devel@edk2.groups.io" , "Kinney, Michael D" , Brijesh Singh , "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Thread-Topic: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Thread-Index: AQHX8PBp3T4AYRIE0EySqY5nWcpMV6wzWvSAgAGrRwCAAClsgIAD7/RAgAI0B4CAAsQ50IAS9rgAgAYeU7CABOAhgIABKqRQgACAIACABDy8gIAAbAkAgAKiIyA= Date: Sun, 16 Jan 2022 00:55:55 +0000 Message-ID: References: <20211216142525.pkaxszwaevlpg4ap@sirius.home.kraxel.org> <20211220121145.aiqcqs6vd2hb2sb4@sirius.home.kraxel.org> <20220103080218.ap7tktgh4fuvw6sf@sirius.home.kraxel.org> <20220110075537.2dxghysjlz5rmwhm@sirius.home.kraxel.org> <20220111092304.2n72req6ocdkqfub@sirius.home.kraxel.org> <20220114083210.uwd3umo7lktdvn7a@sirius.home.kraxel.org> In-Reply-To: <20220114083210.uwd3umo7lktdvn7a@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.200.16 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a52f1407-df8c-4c56-b1ca-08d9d88af415 x-ms-traffictypediagnostic: SN6PR11MB3182:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: sntM1TZItkMP4kw2Etuwb0XVRNcdIhenLxaBAcxw0Ap7GmpaEWyuV8ik4+w/luVwF7vNKlSBWW6edvd0KLSc0xmdG6S2r8G6aZOOJecMdPc0Hd/PKs4e/NTA754D/cHlBWdZs1c84lLLDbaDcTtRqj78FN0UHKg2L5wUQadxMBywmwlcz8dEKdzC49FzkB/4reflEk/2gVEeP+nLIGbO7zD/SE1mDz90J7T1BxM6cJcerxw+VVdVyBpUEOcgMuMjciNNEXCjKe9Bedrx+P5MxIAMSllwNBEns/9UoBJIoyZLSL4lMtiNrC3Vcx74eT7hrIhE3lvg8mYm2bgxuXNUMLdlPKdkYGvgDIrTs1DJrvIfe9Lc2T0iSM1rM5PYnn+VQmklQqpmUTtLxEhouGD65Z5h2hWGoWhKdE/ddxY0SGJtJ73KcUpFJFWSMQE75ZEXBTsO78QKDwfxJTzg00UfXmvWWqRyzdgLTxREoXOQ4c9Y0an0cR+fmxQkyrMo47k6QjjLFpSXMRmXUQdvg+UE9AR9Kje04rRK6mPz/l7zMhXTaxXj5xdahHkRuxGnPyfEwGq1w7d3Wawz4223vsp05NwuALwY03To3hRQGcNC2IqbAiuNQoS34lvNa7MjktiZXOPsn4uunufiuuhUh1paQODs2CZ+4aLLTA3H18HKOmJtlDK4TWCz6UwfZSJcBXIdKruYeScFH/g6Xnc2PxnY5A== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(7696005)(83380400001)(508600001)(2906002)(33656002)(54906003)(55016003)(9686003)(38070700005)(6916009)(5660300002)(316002)(8936002)(19627235002)(52536014)(8676002)(38100700002)(122000001)(82960400001)(66946007)(186003)(71200400001)(66556008)(66476007)(76116006)(66446008)(64756008)(86362001)(4326008)(26005)(6506007);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?1Cpcrneim5LFNIJCstSsDRoYwPjfIMFhPgdkGskfb2WdV1VIAisB7yTA9iuU?= =?us-ascii?Q?+g6KCfiRKVWrczRMXf9mgvAosfPI5FQvABzoISvaULUOLXFavKuqEjXOMJJu?= =?us-ascii?Q?dXu9HiV4yGNcYlAFVsNar0n9FNtW1wO/zt+bfMBq/QAY3J0tbx5j2Lye8XTp?= =?us-ascii?Q?X06WR3aKXPrF6LhdWyLkoUnGxQF8MBdIKd2tjXzVHnk87BJTFoRzUkUFLx/7?= =?us-ascii?Q?JX+abkIqSm419zz97hJRfG6TejFSJYxRHlmexyXbdcGb8XEWKdK5dZLvKJPm?= =?us-ascii?Q?3y4k3DAwTXz8knzDZ0q9U9sxBF2fsJsBtrurNS/68y+aIqbYwFuaJ6U/gkmJ?= =?us-ascii?Q?emcMQCo9L5oVoduXocpAw6zTXYXzHNeWkNaV6XbCudqHQVimyl1YqrdeaU2p?= =?us-ascii?Q?Mo5Tzm116VAx6wavoePTiN0WMo+aXAB5tj/KO17HGAN4Iega/YH1b2Uv4Jtx?= =?us-ascii?Q?UU9qFaDaBpG0ZS2cMls3lmT7qeIbChBkGw/sVd5ySCs7/0+lP5xRQcKSa8pD?= =?us-ascii?Q?h+S+fHt0DSj7olMTYGaGz3TO10NFDsRcGED+fylx2+h3JDZw13IsFERaMs1w?= =?us-ascii?Q?HR/Izpv5BS5WqeNUNwDi7zIcY+y0xyxDtleWVndqbHjHpn4OPF6mtjYdpY0j?= =?us-ascii?Q?AspOouy5Jj5w2T96I6JbnZb1P0KDIMohpZPdx9/u5cZERDQoJxnN1EGZ4TJl?= =?us-ascii?Q?9FrLZwmyfhiDGsPXP3NAWJHa7BaKSLbt5DyCXO11YGADamv7JYP6E0bshYW9?= =?us-ascii?Q?KD/z8IghQVxP1lvOQ5a+7GG8MRF/enMkovXzouvsFOeEYlZB6V6MnwpbyDxQ?= =?us-ascii?Q?OL8mrPhr1LZR64nP8F38R5M+3O+PxeshQ1nIuq5yykKerM1K+av7b1+6F/ku?= =?us-ascii?Q?+Dz5XoqtGjxJiBoczSq420TD2X2+ZgB3C1MkcJQ5dNTIDAbaoOEyYNJZGTBs?= =?us-ascii?Q?qWKxOL6VyPytJkwy+bbZhVsMp9MheM7TiisxbH/u6VV5Mrg3yMnt2mhCnTca?= =?us-ascii?Q?1oUPAaZkOfLOHxf2f3nTS2Vo+ALUakZg0hUXAItswakuJsAtdkPvYYVQDsYe?= =?us-ascii?Q?CdjGV8EpmZMHJOuftDHrbu/0/Mivw53v/lz9BO5LDa+QdfceMRTJPPrnmrig?= =?us-ascii?Q?arNEvdX4RNQKuY0f/PF67YGedc8YqUMfkDiRyuBrmrgQaJ3AmHRPQxV0JEfC?= =?us-ascii?Q?VqxqIfTgEqEZrP46gHaxaAI6FG9ZvpiPsZEACPaGXJlJkMh0AU6DU+ptF67F?= =?us-ascii?Q?zNjGQEE45GH26Eky/DjkUkqZ3YBXUZ7NjodlYpYAxsGjtyKiMseBIwS7Ul9P?= =?us-ascii?Q?mUJPrQdwfVtOuBOMxkunM6kqWPpMOezW/fhFPBG/L8ZVYMhqhj+vctqTS1OE?= =?us-ascii?Q?Gkbq41tVJHXmK0/UsFJEpAg4PbHIOSPDYOIg3+9nPpUWqbJSv6omjS7eny6Y?= =?us-ascii?Q?MFw6Y6jxJoLzRmAp2BQMlpFJM0wYnyEtUP/ttRCE8/Kow9OJTtsnZw8yIeBs?= =?us-ascii?Q?2jPpU/QpzpdJaoxGTBtui91ixcqsAEqrQim6P39ZkbbaigNGJ8IHsdSuOFBs?= =?us-ascii?Q?aFdrMpmiQ2Hq3OLBHPhgc9b3ryRBGQbAP4ykkvl2oM+GIU3UCaN8ClQ0wqjw?= =?us-ascii?Q?swKb2Kv4MHRZpJZ2M7usMK4=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a52f1407-df8c-4c56-b1ca-08d9d88af415 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Jan 2022 00:55:56.0378 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: KHHO+xJ1udq/+Vii5xaq5P/hKIa6fWIffQ8GcPiGWc8MXmabWYzbT+py/EcBOMDSNetoebuKeipPZ9tYwuyyrA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB3182 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On January 14, 2022 4:32 PM, Gerd Hoffmann wrote: > > > I don't see that PEI-less boot is required for that. Sure, when > > > stripping down the build and removing all the features which require > > > PEIMs there isn't much left to do for the PEI phase. So it makes > > > sense to look into dropping PEI altogether. But it's more a "nice to= have" > > > than a hard requirement, no? >=20 > > No. I have to say PEI-less boot in Config-B is a hard requirement. >=20 > I'm still wondering why though. I have not yet seen a reason why config-= b > can't use the PEI-based boot flow. Hi, Gerd, I think Jiewen has discussed this (PEI-less boot in Config-B) in = another mail thread. We can continue the discussion there. Let's first focu= s on the PlatformInitLib here. Thanks for your understanding. >=20 > > > > 4. But a basic version of PlatformInitLib is a good start. > > > > > > Yes. Having initially only the functions needed by config-b in > > > PlatformInitLib is perfectly fine, but this should be a code *move* n= ot a > copy. > > > > > > > During the development and community review, we can understand > > > > better what functions should be wrapped into PlatformInitLib. > > > > After that PlatformInitLib can be evolved for OvmfPkg/PlatformPei, > > > > Bhyve/PlatformPei, XenPlatformPei. > > > > > > Yes, most likely there are a number of opportunities to reduce code > > > duplication in the three PlatformPei variants we have by moving code > > > to the > > > (shared) PlatformInitLib. > > > > > > That can be looked at later. > > > > So let me summarize the discussion about PlatformInitLib. >=20 > > 1. PlatformInitLib wraps the common functions in OvmfPkg/PlatformPei. > > These common functions covers the memory detection via fw_cfg, pci > > init, cmos, (MemDetect.c/Platform.c/Cmos.c). >=20 > Yes. Everything needed for PEI-less / config-b boot moves to PlatformIni= tLib. >=20 > PlatformInitLib is added as dependency to OvmfPkg/PlatformPei, so > PlatformPei can call those functions when booting with PEI. >=20 > PEI-less boot will add PlatformInitLib to SEC (and DXE) instead so the sa= me > code can be used then. >=20 > Not sure how to handle cmos best. Not needed for memory detection on > qemu, but cloudhw depends on it so it is back for now. Will cloudhw supp= ort > tdx too btw? Yes, Cloudhw support TDX too. Actually we have some PoC and plan to upstrea= m it later. BTW, cmos is needed in GetSystemMemorySizeBelow4gb which call CmosRead for = 0x34/0x35. >=20 > > And PlatformInitLib will > > not handle the S3/SMM variants. >=20 > At least not initially. Maybe later when we move more code to the lib to > reduce code duplication in xen/bhyve/qemu PlatformPei variants. >=20 > > 2. OvmfPkg/PlatformPei will be refactored with PlatformInitLib. The > > functions not needed by config-b stay in PlatformPei. >=20 > > 3. Config-B support PEI-less boot for both legacy guest and td guest. >=20 > Yes. Thanks Min