From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.158.5]) by mx.groups.io with SMTP id smtpd.web08.434.1617755515699107684 for ; Tue, 06 Apr 2021 17:31:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=d50/UPWy; spf=pass (domain: linux.ibm.com, ip: 148.163.158.5, mailfrom: jejb@linux.ibm.com) Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 13703KqS119814; Tue, 6 Apr 2021 20:31:53 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : subject : from : reply-to : to : cc : date : in-reply-to : references : content-type : content-transfer-encoding : mime-version; s=pp1; bh=5IaoP50RXz/l4BgJCKdkI7xH/WMpnt80YOr/D0xxx58=; b=d50/UPWyb6Essd6xa3U5gjGM6En1QWfRKu49HaD6m79I4dmwFbCl5yi0zfbzvta3EMHP HXmf1vvHdQ64w5UKQFDdVV9I9RmIYmFnJEteiw/FuPtHDPT1N7Q39pF668Aad9kskyi9 71tR4ZLOEiOdIMbiaSj+4jeMAFsRZDgN3xXPYQWoDysrAsX/42QrI/NM9E96LvezDnrn 42mq/dqgkmAsyMmpkOY9R3oxg+Y9t3/wWGOJNptte3tgMICP4cp8YBPKOrqI4YGzIa1W OG62zZRt1UX2EggiKYJQ3BGK6PC85FmjIm/xna2cjfWFZ+MQ8tLUX5tfx/FEUt03p/3M tw== Received: from pps.reinject (localhost [127.0.0.1]) by mx0b-001b2d01.pphosted.com with ESMTP id 37rvm40dvh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 06 Apr 2021 20:31:53 -0400 Received: from m0098420.ppops.net (m0098420.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 13703aCJ120785; Tue, 6 Apr 2021 20:31:53 -0400 Received: from ppma02dal.us.ibm.com (a.bd.3ea9.ip4.static.sl-reverse.com [169.62.189.10]) by mx0b-001b2d01.pphosted.com with ESMTP id 37rvm40dv6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 06 Apr 2021 20:31:53 -0400 Received: from pps.filterd (ppma02dal.us.ibm.com [127.0.0.1]) by ppma02dal.us.ibm.com (8.16.0.43/8.16.0.43) with SMTP id 1370Vfrh016053; Wed, 7 Apr 2021 00:31:52 GMT Received: from b03cxnp07028.gho.boulder.ibm.com (b03cxnp07028.gho.boulder.ibm.com [9.17.130.15]) by ppma02dal.us.ibm.com with ESMTP id 37rw2p266h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 07 Apr 2021 00:31:52 +0000 Received: from b03ledav004.gho.boulder.ibm.com (b03ledav004.gho.boulder.ibm.com [9.17.130.235]) by b03cxnp07028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1370VpH412845440 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 7 Apr 2021 00:31:51 GMT Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E7D707805C; Wed, 7 Apr 2021 00:31:50 +0000 (GMT) Received: from b03ledav004.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D45D078063; Wed, 7 Apr 2021 00:31:48 +0000 (GMT) Received: from jarvis.int.hansenpartnership.com (unknown [9.85.189.52]) by b03ledav004.gho.boulder.ibm.com (Postfix) with ESMTP; Wed, 7 Apr 2021 00:31:48 +0000 (GMT) Message-ID: Subject: Re: [RFC PATCH 01/19] OvmfPkg: Reserve the Secrets and Cpuid page for the SEV-SNP guest From: "James Bottomley" Reply-To: jejb@linux.ibm.com To: Laszlo Ersek , "Xu, Min M" , Brijesh Singh , "devel@edk2.groups.io" Cc: "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel Date: Tue, 06 Apr 2021 17:31:47 -0700 In-Reply-To: References: <20210324153215.17971-1-brijesh.singh@amd.com> <20210324153215.17971-2-brijesh.singh@amd.com> User-Agent: Evolution 3.34.4 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: SekbkbZOmPPHx5C2tJwHyPldG1_8p50v X-Proofpoint-ORIG-GUID: TJwgvkfCG8ZElHsrgStS3QnazpEkPtjf X-Proofpoint-UnRewURL: 0 URL was un-rewritten MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369,18.0.761 definitions=2021-04-06_09:2021-04-06,2021-04-06 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 malwarescore=0 suspectscore=0 spamscore=0 phishscore=0 adultscore=0 mlxscore=0 clxscore=1011 impostorscore=0 priorityscore=1501 mlxlogscore=999 bulkscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2104060000 definitions=main-2104060166 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit On Tue, 2021-04-06 at 14:16 +0200, Laszlo Ersek wrote: > On 04/06/21 10:11, Xu, Min M wrote: > > Hi, Singh > > I have a concern about the sevSnpBlock in ResetVectorVtf0.asm. > > Actually > > SEV has inserted 3 blocks in ResetVectorVtf0.asm and the total > > bytes are > > (26 + 22 + 20 = 68 bytes). If sevSnpBlock is added, then the total > > bytes > > will be (68 +26 = 94 bytes). > > > > I am not sure whether there will be more blocks added in > > ResetVectorVtf0.asm in the future. But I don't think > > ResetVectorVtf0.asm > > is a good place to add these data blobs. Can these data be packed > > into a > > single file, for example, SevMetadata.asm, then a pointer is > > inserted in > > ResetVectorVtf0.asm which then points to the SevMetadata. In this > > way we > > can keep ResetVectorVtf0.asm clean, small and straight forward. > > > > Another reason is that I am working on the Intel TDX which will > > update the ResetVectorVtf0.asm as well. My change depends on the > > assumption that the distance between ResetVector(0xfffffff0) and > > EarlyBspInitReal16 is less than 128 bytes. The blocks in > > ResetVectorVtf0.asm make it impossible. Why? I think the short jump can cover 32k as an offset. > That's a problem. These info blocks are placed in the reset vector > because then they can be found by QEMU easily -- they are not > compressed, and they appear at a known location in the guest physical > address space. (More precisely, a GUID-ed structure chain starts at a > known location, and then QEMU can traverse the chain of structures, > for learning various bits of information about the firmware.) > > Do we absolutely need a short jump? Yes, I explained this before: https://listman.redhat.com/archives/edk2-devel-archive/2020-November/msg01063.html Sorry, it's buried in the middle about why we can only have 32k worth of entries. However, the restriction is 32k not 128 bytes unless Intel is doing something strange. James