Re: [edk2-devel] [PATCH V7 1/1] OvmfPkg: Enable TDX in ResetVector

Fri, 24 Sep 2021 03:07:37 -0700 

  Hi,

> > The question why TDX_BFV_RAW_DATA_OFFSET and
> > TDX_BFV_RAW_DATA_SIZE are needed and why TDX_BFV_MEMORY_BASE +
> > TDX_BFV_MEMORY_SIZE can't be used is still open.
> Here is a BFV metadata.
>     37                                                           <1> _Bfv:
>     38 00000140 00400800                     <1>   DD TDX_BFV_RAW_DATA_OFFSET
>     39 00000144 00C03700                     <1>   DD TDX_BFV_RAW_DATA_SIZE
>     40 00000148 0040C8FF00000000    <1>   DQ TDX_BFV_MEMORY_BASE
>     41 00000150 00C0370000000000    <1>   DQ TDX_BFV_MEMORY_SIZE
>     42 00000158 00000000                      <1>   DD 
> TDX_METADATA_SECTION_TYPE_BFV
>     43 0000015C 01000000                      <1>   DD 
> TDX_METADATA_ATTRIBUTES_EXTENDMR
> 
> TDX_BFV_RAW_DATA_OFFSET/TDX_BFV_RAW_DATA_SIZE indicates the offset/size of 
> BFV in Ovmf.fd.
> TDX_BFV_MEMORY_BASE/ TDX_BFV_MEMORY_SIZE is the physical memory address which 
> is to be mapped.
> TDX-QEMU use these information to 1) do the measurement of the BFV 2) map the 
> BFV to the physical memory

TDX_BFV_RAW_DATA_SIZE + TDX_BFV_MEMORY_SIZE are identical.  Why do you
need both?  Yes, I know, some entries have RAW_DATA_SIZE=0 because
nothing is loaded for them.  You can also figure that by looking at the
section type.

TDX_BFV_RAW_DATA_OFFSET can be calculated from TDX_BFV_MEMORY_BASE, it's
a fixed offset (depending on firmware size).  At least as long as the
firmware loading uses to the usual x86 workflow (place right below 4G).

Also: When placing the firmware below 4G MEMORY_BASE + MEMORY_SIZE can
be DD.

The attribute field can be added to the ovmf meta data, or we make that
part of the section type.

> *Config-A* enables a minimum functionality in OvmfPkgX64.dsc without
> breaking existing functionality.

> *Config-B* is a separate platform  configuration file can be used to
> provide all the security guarantees that TDX provides.

Why does config-b need a completely different initialization code path
(i.e. skip PEI, see slide 11 of the tdvf design review)?

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#81079): https://edk2.groups.io/g/devel/message/81079
Mute This Topic: https://groups.io/mt/85761661/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to