From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.56]) by mx.groups.io with SMTP id smtpd.web09.8003.1637595770598755432 for ; Mon, 22 Nov 2021 07:42:50 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=3jwfP7Sy; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.94.56, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ErkkVMT+oU32tOD2c+lkB0d/vbwDHYKXl+lLRqs0akCLLKeYohKngRrSfTqnU4jO9/V9j4x1lxzugydH6dqKvNM8PrIa9833DO1CL3n3ExMHLvAAgpuH2MLXSpyuQZwT9pRw+33QhDD9Q7uI6xaOp9aO+wKOq3A0seEGApP9Cd59DBuk6aDvqVNu2jufSYpECL+sVvUkQBrX8DBTRgfxAch/j6uePN9IJtAtt9UKxQoTuvk+p4MI0l6js9tcwHom3L4n3lCIWQj0Y/yla7XZGflfbdTe4JgqCQvECOzeN3qdlsawGMDzXFcAGrHWVN7qA7qxkxCgn44nEVl9NQgrYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=EYkn0pfTZrhE3XutbXMBmpz1JsUSrGjgZtXTdnsbw9I=; b=katJdAJiSSIjWusHCLm80hnGRVrBKXhMeuTL3Yq817RzNNCgnZh3wY7bQVrLfJdHMlJqER9ZKoDyEegj7fYRVW2LJIJE8kZzKFH0zkzb6bTW8KJDX8hcDivSxn6OPRiVurkctTX9b8JHI3MJRUetiygbsPkWDwONIQkswGXKE0FsXRuM8GKGsztDT549+hxGrSa7ZMaMMX18MAMRYgGsW1mS2Hphvd3yNJtuRZo/e3QRqCz519uQJ+fCCfmK26EbD1UFzhkePB4hsI+v9uG0Y2GNYkYJ1bIVlmeMhe6oWY+S4QJfrUrY24NJ6QgA4oIO28VgO5ifcMSyQpNqeyPcKA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EYkn0pfTZrhE3XutbXMBmpz1JsUSrGjgZtXTdnsbw9I=; b=3jwfP7Sy9U/1qlnA9uGpsYWtGjIpOAnlM3E1b+7ojGmKW6rENgKkITcnYLOhmGxM7QMZkLlhVavmKi62lwk8LkBj6OkdJ6vM8Qgl07x9Vf9/N7Qh9/wqrEsjixqpUCkL+IkTaE0qeA9e4smZ7QOXTtsJcSHwXAu9unUtF17NiAE= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2640.namprd12.prod.outlook.com (2603:10b6:805:6c::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4713.22; Mon, 22 Nov 2021 15:42:49 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::e4da:b3ea:a3ec:761c]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::e4da:b3ea:a3ec:761c%7]) with mapi id 15.20.4713.025; Mon, 22 Nov 2021 15:42:48 +0000 Cc: brijesh.singh@amd.com, Ard Biesheuvel , Jordan Justen , Gerd Hoffmann , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , Tom Lendacky , Tobin Feldman-Fitzthum Subject: Re: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved To: Dov Murik , devel@edk2.groups.io References: <20211118113108.641827-1-dovmurik@linux.ibm.com> From: "Brijesh Singh" Message-ID: Date: Mon, 22 Nov 2021 09:42:45 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 In-Reply-To: <20211118113108.641827-1-dovmurik@linux.ibm.com> X-ClientProxiedBy: MN2PR19CA0067.namprd19.prod.outlook.com (2603:10b6:208:19b::44) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from [10.236.30.107] (165.204.77.1) by MN2PR19CA0067.namprd19.prod.outlook.com (2603:10b6:208:19b::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4713.21 via Frontend Transport; Mon, 22 Nov 2021 15:42:47 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1e44dbbc-028d-4f52-6c50-08d9adcebc67 X-MS-TrafficTypeDiagnostic: SN6PR12MB2640: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:525; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: KoJIwUdBWGKa5cs0bzr6zLrm8vXuadZ/FEb6P573XFtAbVck3SK2H9GvopU1Iw5hDiXtpoMn4zewt6gGudk4AEsvPiMbAzQ+vA0xRq/IAhVkq/YqnhTYcHu0fEoGcvkPFXoGeUamhto+k8L0bE3cpOEwK9VWQ/0iA6hUWQc3aVhBnItbRXM7k5IHkhrBosJPAqUmUkl1tWwsx6ufpeM7Pn9V2PWKFumNT7F9r0FldQBPXSfTIQufmEeh1+kGAOZ2MJ0C8drc/BZmR8egbWypsNp5UGFnX8lO7edZkXdeICIebZTa+4l3oCtjr118Yd2rT8WJ38QHlwKRd70nwFfCKZI1yOQHyYqX9Hdgu9CO+UTUSmgU4lDhwnPkXb06wfeX1o3Djuum2JiZxs6UHny4+NHnSCl8pBbYKtZFTUoYyTSwU9EFJXrm49Zq18QWa3j6lYdMvPgLp0Keg14PBB//VgJV0ZvyV3qtxfeo9zt9pLNvLFS5QljM49pc9eaQ5YF5f51XNaZp89q9Cbfy6sA7+gfK9PdwOQ/LrODI3QicBrEWI/lQYhluZ3ceh90oQbIavtFcfJdWfCnP9lpcfgh+w3NfDuB33LLakqE8qm4K+R2pB8klGdTXAOrrW1K49yTjLxRfwo6P57/GdXeRn2H2AGaLn0LaENr+5Hf0qn6tnQWha5a4mVj3iNdbEEE5/yisPUFyalo+3Ahb7p7ZecPBoFNQZpMBTZRvep9kNBnnIDmXdwPEccbR5dNke3scMJJR X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(8936002)(44832011)(66556008)(54906003)(66476007)(956004)(8676002)(7416002)(53546011)(26005)(6486002)(66946007)(83380400001)(316002)(508600001)(31696002)(16576012)(186003)(86362001)(38100700002)(31686004)(2616005)(4326008)(5660300002)(36756003)(2906002)(219293001)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?QWRDV3RTMW9GTWZ5alA2V0xWckxxWEd6Ymw0S1Nlb1ZSTlVsRjZ5VVhJcEFx?= =?utf-8?B?WnA0QUIxWk5KN3hFSVN0QUJMd0xLQUgrd1pNWkxocTI4L0dqcXdGK2k0WE5y?= =?utf-8?B?MG1pQ1VNaGRXY2ZlaXNkSkduV0VmdjNKd09HaUVWR1BXT2kwc1A2WFRmUzNR?= =?utf-8?B?OFRBeXJVS3NrTGlLSHBCc1dyZzc2ZmZNZWRZV0NobW1rOVNZSXVEdXpkQ0t2?= =?utf-8?B?aG1UdXY2aTBCK2loZTFDUlgwQ0ZpazRwMXVXYU9KMncxY2dYS1FQVkJaTDRV?= =?utf-8?B?eXc4QXRWVldFRWRlL3J3VFZYWTNweUJ3RkR6SnQyMnpnU1hZZGxibnlJd1U3?= =?utf-8?B?MHNJalR0S05ENmc3Z1Y1SDRxcjl5ODVGdm16NndVVm9qUm9qVU9CVHpIMzc2?= =?utf-8?B?T25BRC9qOEE0REZIdTlXMEFMOE1jK2pMSHBHY3NxK1pBU1FmYUN0UHJFSUZH?= =?utf-8?B?a0FDZTNiSGdXdnprZFdGUGxsOU1NUkRPVjduSGR6eGJ4MjZkSnpwK3hwUWQz?= =?utf-8?B?dTNMUEtKK0lTWjBiR00ranJXSnVtUUVUZ2VZMlZXWVI1TXFMRlpVVElkcjJz?= =?utf-8?B?SzhlNkNqcnZmMWxkYmxudWxqSm1rckhhY1ZzOWJUUDE2eEVUZjdhdGwrVFlB?= =?utf-8?B?cWxWWWlHUWdiTndLM0ducU1QdEprWm1mbjBnWjFCY05OOTZkSEp2aE5KakJ5?= =?utf-8?B?dEp2VU5yL0hQZ09mN1crM25LQUZmdFR5OE1QU04zSGkxUFJrbHRhQkN6V3Bp?= =?utf-8?B?NHU4VksxMXJFRWxXSWZBTUpEZTcyMVhWZksxK0RVODA5UmdTWnJoajFrRTZn?= =?utf-8?B?NWd2Y2hyUkd6NTZNc1JDakhxdUZPL3RPY01DSlNBb0VTY0xZWTlDU093dEZm?= =?utf-8?B?anVpR2Fzd2E1VDRsRlhMK2pXSkNGdGxVY1JYdFdIbUo4ZHFXcDRmNDcyUjRr?= =?utf-8?B?RU5WbnJ6UHhHdDhuamZCUXdVbkE3Zm5ES2tTNi9PM295ZmMzUnJMTnl1Vlkr?= =?utf-8?B?bHVWeENNeC9EQlBSbjVUQ3gydUJENDdNcDdWbHFJZXhOSXZYYkxSTmZnQnEz?= =?utf-8?B?cEF1anhQdUQxbDRPSVQzeVFTamMybTRFWGs0K2grK3YybGhHRTQzTWdXc0tu?= =?utf-8?B?MUhWcklNdlhqakVYMGVRREpoRTFDMnBvV1hiaWhYTkJoRXhBWnBnQkQ3N3Bv?= =?utf-8?B?QXIybjk2cU13UXNnS2FaVVhrU2hxaTYxTW15anFtT2x5TjA3MEd5NW1Pdm9v?= =?utf-8?B?S093NEFYbE5NT253OGkwd1FzK2N4K09wd0J2cHVBb0tFSUhPRnBISk1mQVR0?= =?utf-8?B?b3l4dkJ1WWl1ZnM3TmVBLzNDdlRlL0FxSXYvNWRXTlZqM1E5b014ZWtkamNz?= =?utf-8?B?UGVpbHM3TTA4L3VjZFFkaG9ZODRnL01ZU1hqbGFBRHN5UW13dmRZb3IxYThW?= =?utf-8?B?bWd5VnlGMXNPY2VDTlQ3ck9uNTZyVVluTUt3Rzh4cDNyS0xQUjMzbjNtanJ1?= =?utf-8?B?M2NiRE1BVTJWK0I1Q2tEWXo0ZTdzVzBVVngwNCtnc0tOYnc0SytEOG96clUy?= =?utf-8?B?b3YxMGcvMjZwQ0JMK0xiSlM2OEU5N0Q4K3lsVnZKdjlERXNTTmpvOCsxOUdt?= =?utf-8?B?WHhYL0pVU25Ic3VYR1BYY2NlTzVKMkdSd0laSUhpdENCbk8rYmVBSnNFMnVk?= =?utf-8?B?UzhpcjBhaEh6bnc1Qlp3WVQ5Smo2WXBFTTV0VmRmbysvcURPWTczR1E4U0wz?= =?utf-8?B?Y3Zod0dwSDQ5S2F2VWZoWU4xV3lMU29PdXlnVG0xcmdpRmVPNFlRaXdUSVVn?= =?utf-8?B?WDFHUlJYMHpUSGRtSHh3aTU5cWZSR0htZnVLMVB4bmluQ3M0OVFlMmp1R0p4?= =?utf-8?B?dFpVY1RNMzlEaDVGZXhkTkFzclk4a2xmd3gvNlVIYVlJZGIxYzQ3ZnpPUWpj?= =?utf-8?B?NkE5WlVhcmtlWnd4TnZXNW5XSStNUFpJa1dIOGVDdVNWajBGVndJNllmU2JE?= =?utf-8?B?QkJhZUNWR0trOGdQYWlMUEVvVUkyS1B1SDZxaDhHbWkvbGJ1MWNtYytXdCtS?= =?utf-8?B?WXVqenNLU1EzdnBuUGQzSEQzaXRPNHovOTdZam1XVnJKeGF5bk5YbFoxNS9y?= =?utf-8?B?MmRVRkZIMDlIUXUwbXhKZU5LUENjRkVydzk5OVBQUHJ0YXBOSHZOdUdSSytu?= =?utf-8?Q?AXimqYeDg0elJdBvf1u/z8M=3D?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1e44dbbc-028d-4f52-6c50-08d9adcebc67 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Nov 2021 15:42:48.8706 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rQMHlCXKn+lEAVt5l3pg2/Uf+Z5TTwsDbvIweoGc7bhofbcXQDLbCjIzLEUX9yok1HVyTld+x2bS943jJ+td/w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2640 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 11/18/21 5:31 AM, Dov Murik wrote: > Mark the SEV launch secret MEMFD area as reserved, which will allow the > guest OS to use it during the lifetime of the OS, without creating > copies of the sensitive content. > > Cc: Ard Biesheuvel > Cc: Jordan Justen > Cc: Gerd Hoffmann > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Min Xu > Cc: Tom Lendacky > Cc: Tobin Feldman-Fitzthum > Signed-off-by: Dov Murik > --- > OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c > index db94c26b54d1..6bf1a55dea64 100644 > --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c > +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c > @@ -19,7 +19,7 @@ InitializeSecretPei ( > BuildMemoryAllocationHob ( > PcdGet32 (PcdSevLaunchSecretBase), > ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE), > - EfiBootServicesData > + EfiReservedMemoryType > ); > > return EFI_SUCCESS; > Reviewed-by: Brijesh Singh thanks