Re: [PATCH V1 1/1] OvmfPkg/PlatformPei: Skip PlatformInitEmuVariableNvStore in SEV guest

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Gerd Hoffmann" <kraxel@redhat.com>
To: Tom Lendacky <thomas.lendacky@amd.com>
Cc: "Xu, Min M" <min.m.xu@intel.com>, joeyli <jlee@suse.com>,
	 "devel@edk2.groups.io" <devel@edk2.groups.io>,
	"Aktas, Erdem" <erdemaktas@google.com>,
	 James Bottomley <jejb@linux.ibm.com>,
	"Yao, Jiewen" <jiewen.yao@intel.com>,
	 Michael Roth <michael.roth@amd.com>
Subject: Re: [PATCH V1 1/1] OvmfPkg/PlatformPei: Skip PlatformInitEmuVariableNvStore in SEV guest
Date: Fri, 28 Apr 2023 10:41:08 +0200	[thread overview]
Message-ID: <vnwkldwyah347ggit36nrghikiqvbwmkn6t3ivzs5u3nlv6ggv@jns7d6psrwhq> (raw)
In-Reply-To: <a702082a-808f-73c4-2d9a-47396030ba9f@amd.com>

  Hi,

> I'd have to dig much deeper to see if there's a way to identify whether a
> VARS file was specified on the Qemu command line. I *think* (please correct
> me if I'm missing something) for SEV and SEV-ES it would be straight forward
> to try and access the memory as shared and check the headers. If they're
> valid, then a VARS file was specified on the command line and should remain
> mapped shared. If they aren't valid, a VARS file wasn't specified and you
> have either the full OVMF.fd file or just the OVMF_CODE.fd with memory
> backing the VARS that, in either case, should be mapped private.

OVMF_CODE.fd + OVMF_VARS.fd is *identical* to just OVMF.fd, i.e. the
guest will see valid varstore headers in both cases.

The split into code part and vars part allows to (a) easily update the
code without screwing up the vars, and (b) map both with different
properties, i.e. code read-only and vars read/write.

Does the patch below help?

take care,
  Gerd

>From 3971f9453ded3032f5918dc9d181ecc0b6f97862 Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 28 Apr 2023 10:34:23 +0200
Subject: [PATCH 1/1] [testing] try setup mmio in QemuFlashBeforeProbe (dxe)

---
 .../QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c
index d57f7ca25ccf..3a6280ab9c3a 100644
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlashDxe.c
@@ -37,9 +37,18 @@ QemuFlashBeforeProbe (
   IN  UINTN                 FdBlockCount
   )
 {
-  //
-  // Do nothing
-  //
+  EFI_STATUS  Status;
+
+  if (MemEncryptSevIsEnabled ()) {
+    Status = MemEncryptSevClearMmioPageEncMask (
+             0,
+             BaseAddress,
+             EFI_SIZE_TO_PAGES (FdBlockSize * FdBlockCount)
+             );
+    if (EFI_ERROR(Status)) {
+      DEBUG ((DEBUG_WARN, "%a: MemEncryptSevClearMmioPageEncMask: %r\n", __func__, Status));
+    }
+  }
 }
 
 /**
-- 
2.40.0

next prev parent reply	other threads:[~2023-04-28  8:41 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-03-29  5:23 [PATCH V1 1/1] OvmfPkg/PlatformPei: Skip PlatformInitEmuVariableNvStore in SEV guest Min Xu
2023-03-30  7:50 ` Gerd Hoffmann
2023-03-31  7:59   ` joeyli
2023-03-31  8:25     ` Gerd Hoffmann
2023-03-31 14:48       ` joeyli
2023-04-03  0:21         ` Min Xu
2023-04-03 11:20           ` Gerd Hoffmann
2023-04-06  1:42             ` Min Xu
2023-04-06 20:28               ` Lendacky, Thomas
2023-04-07  1:56                 ` Min Xu
2023-04-07 14:49                   ` [edk2-devel] " joeyli
2023-04-07 17:00                   ` Lendacky, Thomas
2023-04-11 10:04                     ` Gerd Hoffmann
2023-04-11 18:03                       ` Lendacky, Thomas
2023-04-12  7:24                         ` Gerd Hoffmann
2023-04-12 15:23                           ` Lendacky, Thomas
2023-04-13  6:05                             ` Gerd Hoffmann
2023-04-13 13:58                               ` Lendacky, Thomas
2023-04-14 10:20                                 ` Gerd Hoffmann
2023-04-20 15:16                                   ` Lendacky, Thomas
2023-04-21  9:18                                     ` Gerd Hoffmann
2023-04-21 20:49                                       ` Lendacky, Thomas
2023-04-24  9:45                                         ` Gerd Hoffmann
2023-04-26 20:43                                           ` Lendacky, Thomas
2023-04-28  8:41                                             ` Gerd Hoffmann [this message]
2023-05-01 19:06                                               ` Lendacky, Thomas
2023-04-07  9:41           ` joeyli
2023-04-07 11:54             ` Min Xu

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:d57f7ca25cc dfblob:3a6280ab9c3 )
 OR (
bs:"[testing] try setup mmio in QemuFlashBeforeProbe (dxe)" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=vnwkldwyah347ggit36nrghikiqvbwmkn6t3ivzs5u3nlv6ggv@jns7d6psrwhq \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox