From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web10.2046.1642126676927763422 for ; Thu, 13 Jan 2022 18:17:57 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=UGT463g7; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1642126676; x=1673662676; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=KXv2c3ah6p+nf217l0lNb8XxiHuCKEkG2y6imZs9EqQ=; b=UGT463g7WKSZgm0IIv1dHNJmwjljh+1dINtN6krLpvDNezQwEdEte3Ge tCvBmVFOeKipahUPAJJmle7S12VErhsFA61gn6CXG1iyA6cNbEkSuT43z ir8EzApa+rlaa2/S2IgZ/1qDAMscIjpvmF+TATuI/J5mXKBZpX6VMgD4W bJzVbiZ1sHc0Md0KX3S0rgMA5qhvpZMe3vm1/XWCl8FTfmqh4HEE5nWRW ohUVJPyiWmUFX/BfdPl7C7m9aBg6tbbh4p0WsobZLZYwvMMv5Rx4XeRtv +vXEZrYTCVRaNU6kOqW+QmxsVDij4dgPggPVT+ZIgd35I7G9svLwJgZor Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10226"; a="224149249" X-IronPort-AV: E=Sophos;i="5.88,287,1635231600"; d="scan'208";a="224149249" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jan 2022 18:17:55 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,287,1635231600"; d="scan'208";a="516188345" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orsmga007.jf.intel.com with ESMTP; 13 Jan 2022 18:17:54 -0800 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Thu, 13 Jan 2022 18:17:54 -0800 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Thu, 13 Jan 2022 18:17:54 -0800 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Thu, 13 Jan 2022 18:17:54 -0800 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (104.47.73.172) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Thu, 13 Jan 2022 18:17:53 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MhCy/Be5YbLNmVq+O/vGqvDKbc7s8uYCCo/Do5FwB9J6iBl97h1YX8wYcSbOLK2DJI9NR7HQQ9fi1F1rP+qwE3IKFXLdCGLLj9xzhseIZuDgjuteeb+BbuWCouC6Rm8eytetoFvQqdTnozR/cavexk9c6/yRHfl2gO3BS8SqazweY2L+L5L82luYSvQIbUTX08r+jBMu0VGfq17cWdhS+Vt2c1ekXAogYkcGNYHBNIcIZPBM8QQgdgxj9+73bxVz5IJyEZf1z765v/0Jr8DBudlTzsHGwzr4L4w6uXTNaLOTLf777UmmhPTxJ+lVwEXUJuqy8pdbshvoPIoAaep56w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=aYrdmvh1O70OZOTaPHva1ftyhMKiIFk4DYi6ujJASzM=; b=QkKA3joOHwlx1QoqTa6WqKRy4K6B7eXUp583IhGbvLpj0MpPbW77FcfxXCsraQETAzP4TrJ44dFKcgbxtn9R3R+6a7CyhRvj2ZmTlkWkznFVVLndm3bjLpaTWJWYy5PFsrrAqI6M8Wjkm8BK6A4UejbLuIwh27pC3lhJTqUw5a/lGTjV6WYkwuX9pVq3mXQ7NHiPjWsHeWhgceVM+qDyNfIEhMrcyNbfXbPQNrl/agiygLsmONZXsauMGtYp7x5bw3L4Hdvcb+tqOjX0H6TFKhthjROKCIoFkviPiCDakzameMZHqaJUrxrDVa5IaxTELJ7Nb6YQHiLsHp+0DMQvwA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by MN2PR11MB3583.namprd11.prod.outlook.com (2603:10b6:208:ea::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.11; Fri, 14 Jan 2022 02:17:50 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::ed65:b010:fc2c:f48c]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::ed65:b010:fc2c:f48c%5]) with mapi id 15.20.4888.011; Fri, 14 Jan 2022 02:17:50 +0000 From: "Min Xu" To: "kraxel@redhat.com" CC: "devel@edk2.groups.io" , "Kinney, Michael D" , Brijesh Singh , "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Thread-Topic: [edk2-devel] [PATCH 08/10] OvmfPkg: Update Sec to support Tdvf Config-B Thread-Index: AQHX8PBp3T4AYRIE0EySqY5nWcpMV6wzWvSAgAGrRwCAAClsgIAD7/RAgAI0B4CAAsQ50IAS9rgAgAYeU7CABOAhgIABKqRQgACAIACABDy8gA== Date: Fri, 14 Jan 2022 02:17:49 +0000 Message-ID: References: <20211215102753.m4bp56bdxzgmdzkr@sirius.home.kraxel.org> <20211216142525.pkaxszwaevlpg4ap@sirius.home.kraxel.org> <20211220121145.aiqcqs6vd2hb2sb4@sirius.home.kraxel.org> <20220103080218.ap7tktgh4fuvw6sf@sirius.home.kraxel.org> <20220110075537.2dxghysjlz5rmwhm@sirius.home.kraxel.org> <20220111092304.2n72req6ocdkqfub@sirius.home.kraxel.org> In-Reply-To: <20220111092304.2n72req6ocdkqfub@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.200.16 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: e1376d02-986f-43c2-0de0-08d9d7041027 x-ms-traffictypediagnostic: MN2PR11MB3583:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: kBLmj3SiiBtVjusDzEnOp5SLLdMeSpTlqkwjhYLf4PRQCzj0+DA0KfPaollwxWTRoTSZHbHJrJSJyjCWCABIa4Mtn7dF/PG9IL8jOL+9ui3T+RKEGMu3mQwopTXT9NfahgHeu5XJl/TjhHpPV+Z79/oNQz7i6Ifh6scf363TAShFaC1T8jwsHB6YYJmH8WARdQZJ+KVit3F6JFhJ8UX99era8BzFURUDEy2yRoC6Z48QyRbTN9tYQ6BbtkLR80mW/FkVUM5b1OO6K34dByPoNRBikwRbyrj7KRP7Phi+DIhhE+zJ+fGrm5TZhos6qj8Vvfj+c+nD8FONBlrOkXEwxn+vklQKi8eLSNlBc+Pdn2otF6Nl1MWlz4doG2BkoLSma7ygNO3/gTNN/6can+l3utlh1e4+B587GQWe2rZKcsQ0Ko86FoK+yzVdF8FH08AJzRwU9gT9CxfinQtkdYzHjG9RCrjQc3KoKdvlgh9lavwbuDyulOhrKWIkcguAQOcunH2DSOOti9qii+9p3zcxHZghAnNJjCwp/6XSvl/vsptXwUcbKeaZ80B8bE2hLWhZ09yBG4Vz27jxk/bkgZ9Ay6D4k1MkM1k6hpTgsBJ3blU0CDCPBP7K34OOXHz65V2BeLaAmjtlqtO+m53kpD8pbLsbgyIz7Mf4iawHj+T/7TfYJtwWZXsTbNvKbQG8DgGN56Y//Op6oz4xDppnhH2COw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(5660300002)(508600001)(9686003)(4326008)(66476007)(66946007)(66446008)(64756008)(76116006)(15650500001)(52536014)(66556008)(8936002)(55016003)(7696005)(122000001)(26005)(186003)(71200400001)(83380400001)(54906003)(2906002)(38100700002)(8676002)(82960400001)(33656002)(86362001)(38070700005)(6506007)(316002)(6916009);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?jyTabxQo9ie5tOB9OX3rSPErBPVeDv5DIbaufmG5lkns40Gg+m13ee01aL0Z?= =?us-ascii?Q?ve+quUzCndVFLrIqXKY6QNUIEYWTCzEinlfnSHcJzpstbdp6eHLzv/aUJiVo?= =?us-ascii?Q?VM3lyGeLEvwicj8LeeB7zNLv+ixCEdtaE4tNZkwu4G0IpNM7huEDNuc8nRA5?= =?us-ascii?Q?z/4wKFOmJnYPPXXPgP+YIIzLI6lB8mxP/yeHcygaL52jc863NvwJlOTWQ3m4?= =?us-ascii?Q?Vthx6rJCEr0csqY9vo5oDG2ihbp60a9D+1792LMOp4O8Nq9KQMXGJLM6bNTG?= =?us-ascii?Q?+JhyUNenB7UtpHeWJU1jb9ltKksxuEwm1Ai7euhZzkXzSjfbCTGDzyP0ayTu?= =?us-ascii?Q?eZ49MNGtoh4a3xo7YRt3E6qn12kK+SCjqIiN07wc03LgLNDM4lp3vtONK/mJ?= =?us-ascii?Q?/943ttxcNGd3OHH0GzW8QTho6jG0YclC/aSInMLGg4wmS4UajB/3OelrUiI4?= =?us-ascii?Q?cde5LmFoCyI5STAbxSmYu5QgMq/z4/v9c8uNHPMSpwFdIEpfvswUTFANM0/N?= =?us-ascii?Q?KpN6A6zDLyNYWk39aPzxCGEzIZpIVS2tdPFfLTAuSD8MnQxq9et1AHd1iyUh?= =?us-ascii?Q?7dcvEq28SV4Ch10P8hqfHxfhOHe+vraqjTnY/pAzysXkCFsh5CefeZRtlfH4?= =?us-ascii?Q?eeznctKTLs5fu5s3UrFhXocoFrvT3dxhl3xMp2bG9znAa8b8YZQ09C48OpqF?= =?us-ascii?Q?7DhIzpGnpL3SyTaPJPaQjCDzpGCfjCd6vVnZMk/fmMWYxpmaJ023FlZIx6WV?= =?us-ascii?Q?DzHXq/fV1EI12CHejcEWIt30SFYzCji85OqUfHp5P9g94txutvY4qb2ZGTAB?= =?us-ascii?Q?OYl87Gp4xRRFGyT/hPYRbT0LyhHY+EWCcO57jdK8Y5yseoZ0pqdQuh+uUQvO?= =?us-ascii?Q?MwqtpoWd2r5UyiZ1ar6Uw0ivG9l4JwRy53Cec8EsNTZs6/+4c9dQkgPEq9iy?= =?us-ascii?Q?1a/4EqNJ1Mt2tf1hIsDkiheJGrT6j+MLZupgbBLKCEPZcI7I2e1nGZ/deVRw?= =?us-ascii?Q?5SvZwJkporw8+FanBewhjk49xk2Mj/UPHv9U4qKrAXA0MWNsqcNEZ0nnBbVJ?= =?us-ascii?Q?4KDhutN8Wtk1Tr1W7E3kt2zDtto/bqUsz8rxghOgY/V/ZRazaOE9771+fUo8?= =?us-ascii?Q?BN6nmNgIWUe5P04am7JONXSSEpw66vPSfzgaQ5+Hw4KWLPa8Zm78LkApC9YA?= =?us-ascii?Q?/NPwQn9DcylB4YrTKbOAVG+szQ7SIfjFcxqx16h3dQPbXXFNY5ytxFC4ImqJ?= =?us-ascii?Q?bM3f59gJcZIVhksxu4jPN5brE6oOygZ4JfivhQxYIOHscpIvdMtpfibQvht1?= =?us-ascii?Q?MPMTiuHrTrKFlFwWwYEZtxmXjfwcPCJy6UhCPA6xAXkOOh+sBJZOHx6aq2q/?= =?us-ascii?Q?ra2mcPljzbqO1KWRB63ybM7WVtZerh3MP4abX7cSgFk4JQ5sbPbakBq/vo1W?= =?us-ascii?Q?ugasCWnnqzBLoCJiRjTr5M+huOFCb5MMWcgVDz35fQ4NLRZJjCkxyUR77bOK?= =?us-ascii?Q?N0a7Q4zmcYdAkszc+0eMEwphk9The9FWnZGGQnBR63/G+q3ALnCbDXXzo8Zk?= =?us-ascii?Q?GugRzhb7Paa7lhphGLJSy0HBu/ij6ZeTggW8KQdBP/vMRQdWTIC0W5WNP2QA?= =?us-ascii?Q?HIM90IwLqHHnlIreq4xZPZM=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: e1376d02-986f-43c2-0de0-08d9d7041027 X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Jan 2022 02:17:49.9690 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: vDahe183u5HgEt+xKakYZf10JQAV3ZGI4aJ8bmLFNJlWrUcPYPxLSB5EUZw8zzb/pAf5MYHiLQjDkfWdxBLaHw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB3583 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On January 11, 2022 5:23 PM, Gerd Hoffmann wrote: >=20 > > > Well, if you want avoid the refactoring because of the risk there is > > > still the option to have tdx config-b use the normal PEI boot flow. > > > Then revisit refactoring and adding support for PEI-less boot later. > > > > > I think it still makes sense (Adding a basic PlatformInitLib which > > brings up tdx guest and legacy guest in Pei-less boot, but not touch > > PlatformPei). >=20 > > 1. The goal of TDVF-Config-B is to bring up tdx guest and legacy guest > > without PEI. So that attack surface can be reduced. >=20 > Hmm? Isn't the main goal of config-b to support the advanced tdx feature= s > (attestation etc)? PEI-less boot is one of the main goal of Config-B. Actually PEI-less boot i= s in the original design of TDVF. RTMR-based measurement and measure boot a= re another important goals. >=20 > I don't see that PEI-less boot is required for that. Sure, when strippin= g down > the build and removing all the features which require PEIMs there isn't m= uch > left to do for the PEI phase. So it makes sense to look into dropping PE= I > altogether. But it's more a "nice to have" > than a hard requirement, no? No. I have to say PEI-less boot in Config-B is a hard requirement. >=20 > > 2. There are common functions when bring up tdx guest and legacy guest > > in Config-B. So PlatformInitLib is necessary. >=20 > Sure. >=20 > > 3. As I explained there are many if-else checks in PlatformPei and the > > logics are rather complicated (because PlatformPei serves > > S3/SMM/SEV/TDX/Legacy/Microvm/CloudHypervisor, etc). To be honest I > > have not so much confidence to abstract PlatformPei's common function > > to PlatformInitLib. >=20 > What is the problem with moving code? After some preparing steps (add > platform info hob, move global variables to the hob) it should be possibl= e to > move the code needed by config-b (memory detection via fw_cfg or tdx hob, > pci init, ...) from PlatformPei to PlatformInitLib and (also) use it in t= he SEC > phase. Likewise for code which runs in DXE in PEI-less mode (setting PCD= s). >=20 > The code not needed by config-b (smm, s3, ...) can stay in PlatformPei. Yes, PlatformPei can be refactored in this way. >=20 > > 4. But a basic version of PlatformInitLib is a good start. >=20 > Yes. Having initially only the functions needed by config-b in PlatformI= nitLib > is perfectly fine, but this should be a code *move* not a copy. >=20 > > During the development and community review, we can understand better > > what functions should be wrapped into PlatformInitLib. After that > > PlatformInitLib can be evolved for OvmfPkg/PlatformPei, > > Bhyve/PlatformPei, XenPlatformPei. >=20 > Yes, most likely there are a number of opportunities to reduce code > duplication in the three PlatformPei variants we have by moving code to t= he > (shared) PlatformInitLib. >=20 > That can be looked at later. So let me summarize the discussion about PlatformInitLib. 1. PlatformInitLib wraps the common functions in OvmfPkg/PlatformPei. These= common functions covers the memory detection via fw_cfg, pci init, cmos, (= MemDetect.c/Platform.c/Cmos.c). And PlatformInitLib will not handle the S3/= SMM variants. 2. OvmfPkg/PlatformPei will be refactored with PlatformInitLib. The functio= ns not needed by config-b stay in PlatformPei. 3. Config-B support PEI-less boot for both legacy guest and td guest. If you agree, then I will update the patch-sets based on above discussions. Thanks Min