From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 8858AAC1801 for ; Thu, 1 Feb 2024 16:33:57 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=/6RVB+hQN8G1GalsboTbp8X6mc5bzo0CTuXzqYluBLk=; c=relaxed/simple; d=groups.io; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Disposition; s=20140610; t=1706805236; v=1; b=Rkm2kApK8ckEiEuh+6/EiY0/wU7I63LhluSQxSiTcy7d3Lg9VQx4GRBIPhRkc2YjFfsetlaT vZY8tBJq3AlvNQsoFJMgnL9v73wfsix3broIrxoPkayv3j935SOYHvjXbdTvQy7GZhg8MCW5HFb m09dGUvcpwfFOpHHPngcz+4Q= X-Received: by 127.0.0.2 with SMTP id cnAnYY7687511xt7ZBfKTgOt; Thu, 01 Feb 2024 08:33:56 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.20002.1706805235405327672 for ; Thu, 01 Feb 2024 08:33:55 -0800 X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-508-qScQ2k1eNNags78o51NExw-1; Thu, 01 Feb 2024 11:33:50 -0500 X-MC-Unique: qScQ2k1eNNags78o51NExw-1 X-Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id D56A03C0BE44; Thu, 1 Feb 2024 16:33:49 +0000 (UTC) X-Received: from sirius.home.kraxel.org (unknown [10.39.193.17]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4841DC0FDEF; Thu, 1 Feb 2024 16:33:49 +0000 (UTC) X-Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 452111800908; Thu, 1 Feb 2024 17:33:44 +0100 (CET) Date: Thu, 1 Feb 2024 17:33:44 +0100 From: "Gerd Hoffmann" To: Tom Lendacky Cc: devel@edk2.groups.io, Erdem Aktas , Oliver Steffen , Jiewen Yao , Ard Biesheuvel , Min Xu , Michael Roth , Liming Gao , Laszlo Ersek Subject: Re: [edk2-devel] [PATCH v2 4/5] OvmfPkg/ResetVector: add 5-level paging support Message-ID: References: <20240130123204.764453-1-kraxel@redhat.com> <20240130123204.764453-5-kraxel@redhat.com> MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,kraxel@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: D4Hfy9NbkmgaWsUbidapYrwKx7686176AA= Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=Rkm2kApK; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Hi, > Because of these CPUID instructions, this won't work for SEV-ES / SEV-SNP. > To use these we'll need to have a (special 32-bit) #VC handler in place. > Currently that is done in only in OvmfPkg/ResetVector/Ia32/AmdSev.asm for > the CheckSevFeatures function, where the #VC handler is established at the > beginning of the function, but it is removed when leaving the function. Noted. Uninstalling the exception handler later (probably just before entering long mode) should be possible I think. > The SEV support in general needs looking into in order to support 5-level > paging. At the time the SEV support was developed, there wasn't a page table > library and so there is some 4-level page table manipulation support in the > BaseMemEncryptSevLib that really needs to be converted to use the page table > library. Right, I remember, and I think TDX has the same problem. > I don't have an objection to the series, as long as PcdUse5LevelPageTable is > not set to TRUE by default for the Ovmf packages. The patch series does not add it to the Ovmf*.dsc files, and MdeModulePkg/MdeModulePkg.dec declares with with default being FALSE, so yes, it is disabled by default. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#114951): https://edk2.groups.io/g/devel/message/114951 Mute This Topic: https://groups.io/mt/104052208/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-