From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126])
 by mx.groups.io with SMTP id smtpd.web09.5016.1655885668562485230
 for <devel@edk2.groups.io>;
 Wed, 22 Jun 2022 01:14:29 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=Ktknzo0B;
 spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: min.m.xu@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1655885668; x=1687421668;
  h=from:to:cc:subject:date:message-id:references:
   in-reply-to:content-transfer-encoding:mime-version;
  bh=EIe8bltyOI9dmUt4wfXn9fYcPA36SWGrKHpntXfKows=;
  b=Ktknzo0Bz0TfXjR7hv2jiOdCAhwfr2lTC6Tr8Mww3lMnnf4EpCQXT2wq
   xSIchBxdSKOsTzmhmdA6ou3yPtM/LBBNlelOvUZjCKhE3OUwKWXgkLX9+
   FZjdm78q2YmIESnLOUzbpT3FFMEU+vzbMTfXwAH80lj/FR/xwRfVmDDAC
   QO1Yn/W76hyxzdDnkSio+W8Rq34cue8eU51Q+lO1ZXkuX9zqsHCgbBOV/
   fEc8e9pFIBinZ4DKvgR5IK1TqQ3ZI9jfjYxsxhtTUe0enuIN4MVf6E4WY
   eI6rxtGMVMv0SJ6lmhlU+Pf2ue54q5Oo0nYEM93T7rHHEX8akIaXfyU19
   w==;
X-IronPort-AV: E=McAfee;i="6400,9594,10385"; a="263384806"
X-IronPort-AV: E=Sophos;i="5.92,212,1650956400"; 
   d="scan'208";a="263384806"
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
  by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Jun 2022 01:14:27 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.92,212,1650956400"; 
   d="scan'208";a="690374842"
Received: from fmsmsx605.amr.corp.intel.com ([10.18.126.85])
  by fmsmga002.fm.intel.com with ESMTP; 22 Jun 2022 01:14:27 -0700
Received: from fmsmsx607.amr.corp.intel.com (10.18.126.87) by
 fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.27; Wed, 22 Jun 2022 01:14:27 -0700
Received: from fmsmsx606.amr.corp.intel.com (10.18.126.86) by
 fmsmsx607.amr.corp.intel.com (10.18.126.87) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.27; Wed, 22 Jun 2022 01:14:26 -0700
Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.27 via Frontend Transport; Wed, 22 Jun 2022 01:14:26 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.175)
 by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2308.27; Wed, 22 Jun 2022 01:14:26 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=PSQp4F6Mwj+xCEudUdXKOxq8dN/aLxSDRbz7bRoU7kKQDh51uX/UxieFaZQdP9A+itABd+LrX1OZ/1nZSfrUCP0Rux521StfqFS+9iPFraNiZeTYzoV8QC7AXVrM2auB+t7q1U5Oe+5oQvLjLPAw28U98M9x9OwCuGHcPGCutkuEREeMzji7cj1aRZsHatNAQkbc7V5cCI9k2Yp7Z7WzZET2VjoDSkEiZ9hHErKkJvcplOfedpfErIx4uijzLOUvBvpLS7ZUrlDAoUbRntpLYjRF8saFHyoOJ9Fu7eLzKelAOMPYO5O5kdx1R4Fph3nVeWZJdmJAC78lxS+Ogz1YUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=UZvolt21qDkTfBzN4Jp27M11TKXlKYdi7FBM2XS69M4=;
 b=kzb3/SRNNhNngO6Cv9sQ+kwHhWEmpMYf1VSScUcQ2ZnEXtFFswIO0A5xyj8GJve5mFKeaqMt//c6Sl39/KU8z3JP9OU0r2RMw25ldzPHvJX4KPVGfGcsDSH08klY70VE9TN8T537b2QVSiVciUMQcNNnvwom/kV+eeDejap+8xk+1WtYiGN8/wnG/ToufLLhOr1qRm3OTBQP96lMIgGO0I5mi3aONoBZZptUVsS1ZxgTktkv+YA/PysAos/GT3rTPSUjPYL52xQ15ZEB4Fk5ToVET99iKvcRcQiTbvzUAzCtZxX1uno7teVwhi//agUixHv77wKc1xyjBvY39lq3iA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15)
 by PH0PR11MB5627.namprd11.prod.outlook.com (2603:10b6:510:e4::9) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.15; Wed, 22 Jun
 2022 08:14:24 +0000
Received: from PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::a0ea:2e53:9c0e:9148]) by PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::a0ea:2e53:9c0e:9148%5]) with mapi id 15.20.5353.022; Wed, 22 Jun 2022
 08:14:24 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: Gerd Hoffmann <kraxel@redhat.com>
CC: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Aktas, Erdem"
	<erdemaktas@google.com>, James Bottomley <jejb@linux.ibm.com>, "Yao, Jiewen"
	<jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, "Xu, Min M"
	<min.m.xu@intel.com>
Subject: Re: [PATCH 3/3] OvmfPkg: Initialize NvVarStore with Configuration FV in Td guest
Thread-Topic: [PATCH 3/3] OvmfPkg: Initialize NvVarStore with Configuration FV
 in Td guest
Thread-Index: AQHYgrunQTagdJr+U0Cd3PQwnRDZh61YJLIAgADbbpCAAgYxgIAAA6oA
Date: Wed, 22 Jun 2022 08:14:24 +0000
Message-ID: <PH0PR11MB5064F942BD68490119E668F1C5B29@PH0PR11MB5064.namprd11.prod.outlook.com>
References: <cover.1655518585.git.min.m.xu@intel.com>
 <b0125a87568f6ab9ae681dcf806e910dd0c41fbd.1655518585.git.min.m.xu@intel.com>
 <20220620110124.s4sutzqnsvlmvdg5@sirius.home.kraxel.org>
 <PH0PR11MB506414BF55D3BF3AB07B362AC5B29@PH0PR11MB5064.namprd11.prod.outlook.com>
 <20220622070127.toheatopvja6lrhd@sirius.home.kraxel.org>
In-Reply-To: <20220622070127.toheatopvja6lrhd@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.6.500.17
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: a8834c90-8f71-41c6-54ba-08da542737a9
x-ms-traffictypediagnostic: PH0PR11MB5627:EE_
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-microsoft-antispam-prvs: <PH0PR11MB562773C6668A1C0AF3260E7DC5B29@PH0PR11MB5627.namprd11.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: k8Q2ZJh0QjUSYHFDEyM6tp4pVvOatfPs4g6Re7hPX2QoGX5M1dP11aN6fuQuB+yDexKb7Oi+23VS3KuEwE4JDvLCw4mCLsIoRHNlGJv1CGO78quctpWWyqclB6DbMq9IDhO9Q4yee/xPUYEulCjOgf8JR4btvFGqEuPurmNZZI+JjgwyXkSREu3942PVh1j3Lyj0/i7Rhh72u+K9/SM7j5dTVg7CXWNUlG/8BQqwUfYaPSR87VXT4JiC/gOY5clEULvr7SRi06mKiiF+1UhYny35Xcdmqz+P4Yl1s8atRNZOozgHwPZw/WRCET0wkreSS+XokYvuy7/k+6TDPh//awQZm+uSw32kfSwSGa2/nilU/XDLrt532BSwxH/KArehteWzE4HYnOnVqj0AFC7ZgUo3tarAzIfIBQDEOM5gc2YQR3rXAy9Ifh3jeh0u38l2PxCjHJJSoDvCZ17h8ezTWCY/gS/kcicLtOkD4DCkRAUmOJVqt9Q1KJZQciK6e1n9pBD2l5V0D7RjYuXmxbNKzGNIlJ9/6lXw/I2W9E2Bj3rsdmTdNi8ZacGdhOfb+yie+JCVRSUqYaGrausR48DcCRlTcIDovYxPhz55CnRj7vV46cCXR1xKg3LELuaIY5N8YeFxiFb/2BOPUz9qRqI48XKTlPlXJdB7culLeDopvXMEHE01RuPUbGpGULkmCK6aoFIU8pr0qhFlrxkJl1QsGj45oUcHl7i1DRTnA/tAVEBoFyD63kzB6vKQylukmDHR1bKyul6a+2Ecb7y6cbxzrw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(6029001)(39860400002)(346002)(136003)(366004)(376002)(396003)(8936002)(52536014)(33656002)(186003)(478600001)(83380400001)(55016003)(7696005)(5660300002)(41300700001)(38070700005)(9686003)(6506007)(71200400001)(38100700002)(26005)(4326008)(54906003)(66946007)(8676002)(2906002)(82960400001)(76116006)(6916009)(86362001)(107886003)(66556008)(66476007)(122000001)(66446008)(316002)(64756008);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?OOTD9IJgSB09wuvlxrBlIXGBT+S5qjI4OXA2BKH8Nj53abox/OZRXnQyn2gl?=
 =?us-ascii?Q?DnuKQWDTiLVHjadoD/v8K2wn3hM2Q5QqzCfMWKrxallzYPf71XvfUBm16dek?=
 =?us-ascii?Q?s+V8COmOfXbyoN5wJtW1vVEDjsr4EzE5ojMG2O19zXuWEbxbEJHb+fWIvbaj?=
 =?us-ascii?Q?HGQASARKAh0H4iwV6UigqVeWs67rvxjvdaGlcFcTe71a3fNpiWBr2ewhqliL?=
 =?us-ascii?Q?Pq6K/hl440mX1iIKuew3Rx8wdQs6mAludqJqHwcdp+SCbQNfUY7Q9Atz+Aj+?=
 =?us-ascii?Q?HqIx6g2rItFXG2YD7J+X11AUyg50RSS5P/o9f9DT4BVNyzf511vAA7HvcA6Y?=
 =?us-ascii?Q?LZCm4J0zjh4HoG3L5BmYcAY0lA85nHR7Q4cqddgugNlAm6XxMazbn4zhwUhx?=
 =?us-ascii?Q?y9E8KzmItVaVXxfw2TnYzX2dHKQeujx3KhNEJIK3N9cmz6tXb411b4cu3EyO?=
 =?us-ascii?Q?5JMyA1Y/RlhyM5A3UR/5oO3waKjhbTfj9GGDpaogIwKK0VfIDKsaJCBYXSBT?=
 =?us-ascii?Q?z3Hh3NSGK/K1/dJI6dQEZRnuXEeujFM2BVKjvbLi290YvyIfbcH6vuIFWmam?=
 =?us-ascii?Q?gliZWdF4RXCML5xPQSuON0yMkMzsrzO5wJsac9eYBqecyCjg95FCphjFLyAK?=
 =?us-ascii?Q?bbREEDsM86WDkIYHWVgPNkhkRX6LqgGk10wn+btiQUb79+4ffIGva1Zx5nDS?=
 =?us-ascii?Q?/ZBRGDNq3+Hah0nTrocUfPdEc7/Q7gJIJaoRWii5fqH03WxSR3iY7tqYu1vA?=
 =?us-ascii?Q?Xzb4+k71iOdP8/Z7InTkRCZ5h4lVfkqkEhpkS/vi28Gw+Bxf82Vys2rYNZVe?=
 =?us-ascii?Q?SBpFkF2fVEg5dk+aFPRxFaJb9I/lxd4ip7mo8MsQ8K1jGx2TljTfB4DB2eIr?=
 =?us-ascii?Q?CAyikQVrp8URzs8oGZluK6WvtA5QVItjp3BYaZPkKAMWFaze1HhwOOOfTk+i?=
 =?us-ascii?Q?nlOry95ndDw5Ub3d4OoE7dH9WPYDTwkFVjsfkCMdxjUUxD8up2Y48pE5LWMM?=
 =?us-ascii?Q?hV/wUdZ7dDbrQ0ESpz/1jkit8cn2ybYiqtFPaJ0Qs243B37GIoeLEGu4RTon?=
 =?us-ascii?Q?WKHjJFGDvfqXOQ9Y33Jwenzha69Sd9bG9EIUgtOtSw0MBokEzq826kQ2IC4L?=
 =?us-ascii?Q?nmpyldo1YAVv85KCX92YYh/2/xwjEkEhXVaw06YeG0SJXIKZ9LkU6q28rf7Y?=
 =?us-ascii?Q?pRLuAUKuaH0HyMf6Jm7SqJbMy/Yh57QEtIUVT2QvB2X0dfWx8T8V7jMv1hdk?=
 =?us-ascii?Q?OdzNg5s94kgWY0IX2mwdmw07dWlhbE//gzOMg/40hbcwc4/sZNKJFOjYXURN?=
 =?us-ascii?Q?CVHxarwcmjMM5XXp6tcsShVD02uBADvbW7o9WgnHfP4HakvOz99trLqSxVWk?=
 =?us-ascii?Q?+J/vBEjde+sZLL31eBU61ZzpZ5LPOX4uYh5l3Kof+Lf+RIFhc9nYEPkd4llB?=
 =?us-ascii?Q?hjNPyUUKXTS2G6j1FzaOQNP6tTQX1lBawqDx5M4FTsrd34LNw4C0dtupaf0f?=
 =?us-ascii?Q?NU3M3nKRI5uH/GKJiX+ffE7uKkTTEhh/5d98ppRaCJgiy+rHm2SGnDTnGBYN?=
 =?us-ascii?Q?KLqL8goW6Cavr/d+IJijxFiVly6C/ySfaxEwLi2pXlCiSRcypcUzHvgzLbdo?=
 =?us-ascii?Q?E7pVOZl4rADnBaVg2wMtADtKMH2+v2Ty8HQ47j/8Anixbq0AkBG7G4jPui2N?=
 =?us-ascii?Q?8ErasK26dCvTe+TwG969f4K7cfxMeIzbG+YFa4DwqYjAqk7t6Bu0bWFZVACu?=
 =?us-ascii?Q?Io3yOSZFFg=3D=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: a8834c90-8f71-41c6-54ba-08da542737a9
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Jun 2022 08:14:24.0335
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: LCwILhxlz8PZTmPKexf6cgmiI+HQvsQqIAFqhfZurFKO2/OP6IbDGgq4nVXGonagDf4ZISxcyFL+idNramt+aQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5627
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On June 22, 2022 3:01 PM, Gerd Hoffmann wrote:
> On Wed, Jun 22, 2022 at 02:02:00AM +0000, Xu, Min M wrote:
> > On June 20, 2022 7:01 PM, Gerd Hoffman wrote:
> > >
> > > There is PcdEmuVariableNvStoreReserved for that.  How about just
> > > copying the store to ram, then set PcdEmuVariableNvStoreReserved to
> > > the location and let the existing logic handle it?
>=20
> > There is ReserveEmuVariableNvStore in PlatformPei/Platform.c. This
> > function is called to allocate storage for NV Variables.
> > PcdEmuVariableNvStoreReserved is set in that function too. So we can
> > copy the content to that reserved storage if it is tdx guest. Then we
> > let the exiting logic to handle it. So I would like to extract
> > ReserveEmuVariableNvStore to PlatformReserveEmuVariableNvStore (in
> > PlatformInitLib) and call it in both PlatformPei/Platform.c and
> > PeilesssStartup.c.
>=20
> Moving the ReserveEmuVariableNvStore() function to PlatformInitLib make
> sense.  Will be a bit more than pure code motion though, we probably need
> a new variable in the platforminfo struct because PeilesssStartup.c can't=
 set
> PCDs.
I check the current PlatformInfoHob and PcdEmuVariableNvStoreReserved has a=
lready been defined.
>=20
> Copying over the content in PlatformInitLib makes sense too, probably bes=
t
> as separate function.
Yes, PlatformReserveEmuVariableNvStore() will be a separated function and i=
t returns the pointer of the allocated storage. Then this pointer can be se=
t to either the PCD (PlatformPei) or in PlatformInfoHob (PeilessStartupLib)=
.
>=20
> > > Also why limit this to tdx?
> > Because I am not sure if other platforms need such operation. So in
> > current stage it is limit to tdx.
>=20
> I think the code should copy over the varstore in case the
> SECURE_BOOT_ENABLE option is set.  That is the actual use case and it
> makes sense without TDX too.
Then we need add a build-flag in *.dsc. Do you think OvmfPkgX64.dsc and Int=
elTdxX64.dsc are enough?

Thanks
Min