From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.2014.1655944808714731395 for ; Wed, 22 Jun 2022 17:40:08 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=hG1q86Ls; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1655944808; x=1687480808; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=hZg8i2WLRJ7yJKMQ6WpCNXWkzkNhq0W/ABwmyyRB7gk=; b=hG1q86LsQWgPrwGGtXkPRy75VrcvINWbg6Dtssn+PYLYY1UPCxgeamBD 1dDi7MhxfccKh03gBzQkGdgbABEDohczrTrF3zmZsMXQxiCfcyYPvH6Sk EQZfmBmWH6mYEwMVwipBHe19IPor3Gs1cde5uJ++pK3vXlg+WfOBi7Ilb S6pAl7Gi54fA4rMooWKzS+I/ZmsnHN0M2Wm5QGYN2aC7S6o5NwaEUAexe wb3a8InjBaWhQAhH0ZMYvIQ/yDNqn0y5zFxTrS17VJ/Po2g8p+8u/A+z8 rEYONq1OiNysbvapNR2rgr/QrQxmpRniXR9e7UB1tsjsJ/k5ajf+fX3vv Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10386"; a="269308005" X-IronPort-AV: E=Sophos;i="5.92,215,1650956400"; d="scan'208";a="269308005" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Jun 2022 17:40:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,215,1650956400"; d="scan'208";a="644467562" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by fmsmga008.fm.intel.com with ESMTP; 22 Jun 2022 17:40:06 -0700 Received: from fmsmsx607.amr.corp.intel.com (10.18.126.87) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Wed, 22 Jun 2022 17:40:06 -0700 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx607.amr.corp.intel.com (10.18.126.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Wed, 22 Jun 2022 17:40:06 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Wed, 22 Jun 2022 17:40:05 -0700 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.168) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Wed, 22 Jun 2022 17:40:05 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a+kftMQ10s0OK7PQLbfJhwnp/WEO2A7Lg/9bVFAqtBeqEFhIZYH1PyCuB6OwY/9MbeUcdzL/KJF6xkPUPrzdQj+SZ0CN2FhXcgsaYcGxgq4efl106ZZLXULHjWOhpux0F0fNo7yv9Me6pGhUIsSIdbh23qJMF3/L8YZHfX0WZjulj5AOTijsoWZHrp4CwykdS/Nuyh03jMVGF3tUKHg0eHosuKdjoeDdN4edlaNq5rmXxOBRmK8inV24n1gWnzLXG5Pd/uIPEkHSsTWHcpuyLDUrswoW/e9IHjvxoUCfrlw+aLLvP3hwIa/DjBrgBLpAN/GPacl5LQh+mFcfPu7hNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VCcNxnZAjgP33JKrFlvHJNfT0s/VK1uSCseSa3/QdVY=; b=ZGO1Xt8yJnn8pNjPjuDuAiRyd/e2pQwDZWeyH5G1wwNoWuRjTdqLeb2+pqJI1ESMUJxvZU4SvoxsRAfnca+WgyqfPx3sOtKYyBfQPWaCfBcn0j8JJCbcEUnBRqYxz+0ZNDDFYekaispjFPLVfJbkFT27Yua8xhYYPHo7URmM4OJ6ZFxEKKuktig5MH6APBKu7EzmpTyxlHItNlVspAYbBooUv4vbzyJgluKfEFDoc78kAmuR4PuT9GFQzftNXBpUi+fY1jN9Vehzc1HIFdd3P3t49xlsRyeOO/dyWrOZXsae+zYckZKKFp4ZQPJ+oogxc64A0WgSeBPkFqcfUq6r+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by MN0PR11MB6183.namprd11.prod.outlook.com (2603:10b6:208:3c5::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5373.15; Thu, 23 Jun 2022 00:40:03 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::a0ea:2e53:9c0e:9148]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::a0ea:2e53:9c0e:9148%5]) with mapi id 15.20.5373.015; Thu, 23 Jun 2022 00:40:03 +0000 From: "Min Xu" To: Gerd Hoffmann CC: "devel@edk2.groups.io" , "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [PATCH 3/3] OvmfPkg: Initialize NvVarStore with Configuration FV in Td guest Thread-Topic: [PATCH 3/3] OvmfPkg: Initialize NvVarStore with Configuration FV in Td guest Thread-Index: AQHYgrunQTagdJr+U0Cd3PQwnRDZh61YJLIAgADbbpCAAgYxgIAAA6oAgAAjwoCAAPdmsA== Date: Thu, 23 Jun 2022 00:40:03 +0000 Message-ID: References: <20220620110124.s4sutzqnsvlmvdg5@sirius.home.kraxel.org> <20220622070127.toheatopvja6lrhd@sirius.home.kraxel.org> <20220622092233.qnalik3mu4uishmh@sirius.home.kraxel.org> In-Reply-To: <20220622092233.qnalik3mu4uishmh@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.500.17 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f6268669-9177-4002-bb7a-08da54b0e94d x-ms-traffictypediagnostic: MN0PR11MB6183:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: S83DHhSR/n4pLuXf2QROFPfAfq09bB2TQEqLRHBM4eXAGhziitIgj2Y5ID5oWpE9JKrjbTNcdv8xmhdC7kGO+urTQ6x7t8I82OUnDRArxISPllv4mVuHzqC0wgqtmSHPrO7ufh1OZyvrR1QT6sSA7zkyAM0Y69TUPxUBrbJ5BEZWYkxGgVLgwaA/Pdcg7Hlukuj20c96xLwUafJrjijPrbjNJGEbi5rw6N+Kk/gN4I6+0vuGcyYMNv6422FpXkW45WTDpZPrzuynuupJ6pisrekmzdH3Py6omdwKF1IYfhsKDrg9p2+JJrzF7/LDpEbw+fHRmSsumvGrkXpSbGvrN/8NEzZetu7YTziemSTUXQjtv55yYSWpLYakuzaOCuGWV6QJRHrlSnDm0Dch+NuTHQDjOi/vAMo6r0Uzzu2CU5RMCEZmjKBtUCv4bzocBLvIPmbJ65j24+zoI0VBahHdbFaNxyDnCfmj9IVsokBjiZYctpw2LHxo6oM7ar1laFuLkD4o8lJDTuDtbnTm9h61tY6f+5T81LMtM3B0IB0kEUraGZP2RrlffYuWbsTseUJZFrombw4cD0WoGQxcYEtE0N4mKNEQ3bdHbJyaUUN1PEPf0aQJDrlIFG7H4pS+QlYKyKKvONeNaoj9ExVmuB+sQYf/jDaXekRvzFsELRtZ1bae4ROqab2HzA6/5z41ijXiqx5t20m7Rh/5IDONq0LoZNWXsyoAfilFOjBaffwiVpgbBUAwQPU3/RMfNHhIKxXWzenEpjU5wb3anAgjygcIbg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(6029001)(376002)(39860400002)(366004)(346002)(396003)(136003)(76116006)(82960400001)(66446008)(41300700001)(66556008)(66946007)(4326008)(8676002)(64756008)(66476007)(83380400001)(2906002)(19627235002)(316002)(122000001)(6916009)(71200400001)(54906003)(38070700005)(38100700002)(55016003)(5660300002)(186003)(7696005)(6506007)(52536014)(8936002)(478600001)(86362001)(33656002)(26005)(9686003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?qBXFarOKao6MK1dFCLX/j20j+9d+T5777dTuh3gGgbefj1K7wQjLQcvnFL9A?= =?us-ascii?Q?wwG53qzliAEgNtBSwoDb6M8HGrdURl01NA33863WVdzalJ4TYOuvMtp61A/Q?= =?us-ascii?Q?kQPdnKbqaRVOoa1Uk+Sa3pvqU4JwTvq5clzBhtBLk1GOSj3bUiZO/vZZTYH4?= =?us-ascii?Q?rx5e1uIM1Kpbpg5zRu3yjjckU6m2bP00CI/F3qyKxvmdXKQb0P3Q6RFlh19d?= =?us-ascii?Q?46TpAm1u87Snh0XZjiroZiQvjahB3m06LksXRqHUUKRFZVJ8QCs7Jk9cc3Ju?= =?us-ascii?Q?N5DcswtXw7TAivtUU0mRBCPEe2V0oPjM4HJFBfTt58SnAdINzaFhi75/M6FO?= =?us-ascii?Q?AMwaOcRS6L06xNIxAgQOCDFkW5WA/dIlotoVxWI3ZY1w6gJgTwu/wnamRqUV?= =?us-ascii?Q?vHjYhXf1JjxgWRvDNfqu7ciRIae0HWwZQPvIapo5H4Gb2RR41xGn37ufRRrs?= =?us-ascii?Q?HDRttspXsf3j6Qevg51telD4yv51eqc9oUGhLDoUnVwOgywgH9cnQtMFILdv?= =?us-ascii?Q?p5vyhVeA59nkX6K9jzmEzY3CuWvIb8JZTcEtOi3l3+6D20NkXq7wqb4t8BHq?= =?us-ascii?Q?6e1nWMdVrnY7up5NPc3xFfbh797oaoYZ4lu8oaRo5rTWgzmLGO0HPibpwyDh?= =?us-ascii?Q?lfWFgmrusgcO14G1Vyg1cc6+EVLkX1vFtxgJlw/PGrBRe+P5L9iMKY7tlgng?= =?us-ascii?Q?Vj4IKYWAA+tqveouqNw7RcxBsyHgFCBenP4cbmbh8VoG/UQ+Sn+LdNJhE7nj?= =?us-ascii?Q?qlyIIF7mhomNp0N8gUz68PQ29v7sOLYj4V4hXJIOqEScbo8jWVnxOMAMy4qi?= =?us-ascii?Q?GMS01k24cQLocy8bE36UOLgp4CDjPPOuTLpFxoGK9YkLokj5nEXxFR5V5l0t?= =?us-ascii?Q?L3OVgFDTX5kiz71wLeg4M7P02ykvwHDXHsipsyKuputIvs551CFaoC66UF18?= =?us-ascii?Q?8DS0HVtHlVcd4uWCytiOXK/4CljiIkTAuBF5FEZlQeyEJi5r1gJ/pSe9aqf4?= =?us-ascii?Q?KiTOA0UVFbqvc8jT4K4U6LpkM9ReQO8urZks+p/wUeh63LdrPB+GwztkvGEr?= =?us-ascii?Q?4c/izOTox0CvZp7LV3iFRd0j3CIvBrGeS1iviFugzdp4xj6zHykAbxkr3fE6?= =?us-ascii?Q?rMgXIhuG4DSxxioKRNzv9zXrUCATo6QQs0AzU9zsgL2bNXyEpQKKhdkxTwJe?= =?us-ascii?Q?clj5qY7FYzX+5X9/+n9Lw34lFYWh0HX3+TMd5p4Jgaf5OlPtoGyhM5QbJHcZ?= =?us-ascii?Q?Yoefe4LuCxpDOx/u97NwP62Q4k4SxsxcupxqVs3kE4y4Qbudh/AxG6aKRQKy?= =?us-ascii?Q?M1Rm82EPEdc/+R/38j2gy0wuLk37pr6K3pTDcOFgEfXhcGzHBIsoYSCf7j2O?= =?us-ascii?Q?LXtEn/ihZUTTR5bPZNI2FSW0j815CjBxB3iWaymPGF8WXsvv1PnhicV9PN+x?= =?us-ascii?Q?IkiQ2WlyNm87yedZmi+9/Qac9fnSEfR2DG8JwTtp+XAy6LvigsbwI8VpGvNY?= =?us-ascii?Q?lT3c0FCtOJLE2IAgMyflvYtsRrWZjfvlfiHB18c8drcMSObOLWvE9bXCoaE3?= =?us-ascii?Q?0A4F2lPtQ3iKaG74XCrlqBw/yHBhI9VbImYzOALi?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f6268669-9177-4002-bb7a-08da54b0e94d X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jun 2022 00:40:03.1196 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Y/AAi1C0ry/jK6a99GRNduBSdq5sB2MGGLr6pPuyRgcSioCl4FQibop2kR3s94VLBZMQyEOsMF8kYz/W7W2GRg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR11MB6183 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On June 22, 2022 5:23 PM, Gerd Hoffmann wrote: >=20 > > Yes, PlatformReserveEmuVariableNvStore() will be a separated function > > and it returns the pointer of the allocated storage. Then this pointer > > can be set to either the PCD (PlatformPei) or in PlatformInfoHob > > (PeilessStartupLib). >=20 > I mean copying over should be a separate function too, so it is up to the > caller not the library itself to decide whenever the copying should happe= n or > not. I see. I will do that. >=20 > > > > > Also why limit this to tdx? > > > > Because I am not sure if other platforms need such operation. So > > > > in current stage it is limit to tdx. > > > > > > I think the code should copy over the varstore in case the > > > SECURE_BOOT_ENABLE option is set. That is the actual use case and > > > it makes sense without TDX too. > > Then we need add a build-flag in *.dsc. Do you think OvmfPkgX64.dsc and > IntelTdxX64.dsc are enough? >=20 > The flag is already there ;) SECURE_BOOT_ENABLE is not a build-flag. It can only works in .dsc files.=20 The build-flag(SECURE_BOOT_FEATURE_ENABLED) would be defined in .dsc: [BuildOptions] !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE MSFT:*_*_*_CC_FLAGS =3D /D SECURE_BOOT_FEATURE_ENABLED INTEL:*_*_*_CC_FLAGS =3D /D SECURE_BOOT_FEATURE_ENABLED GCC:*_*_*_CC_FLAGS =3D -D SECURE_BOOT_FEATURE_ENABLED !endif Then it will be used like: #ifdef SECURE_BOOT_FEATURE_ENABLED CopyOverVarStoreContent() #endif In this way, there are totally 7 dsc in OvmfPkg need updated. - IntelTdx/IntelTdxX64.dsc - CloudHv/CloudHvX64.dsc - Bhyve/BhyveX64.dsc - Microvm/MicrovmX64.dsc - OvmfPkgIa32.dsc=20 - OvmfPkgX64.dsc - OvmfPkgIa32X64.dsc Thanks Min