[edk2-devel] [PATCH 0/2] Update SevSecret API to work for TDX

Laszlo Ersek lersek at redhat.com
Thu Dec 17 18:43:45 UTC 2020 

+Mike

On 12/16/20 02:41, James Bottomley wrote:
> This patch series changes the EFI configuration table information
> which is queried by the bootloader to make it more compatible with
> Intel TDX.  The first patch changes the ABI to make the table contain
> two 64 bit integers instead of two 32 bit ones.  The second patch is a
> cosmetic one to change the names of the GUIDs and tables to have a
> confidential computing prefix instead of a SEV Launch one.
> 
> The first patch *must* be applied before the next stable tag to avoid
> ABI breakage.  The second is purely cosmetic and doesn't change the
> code output.
> 
> Ultimately there will still need to be a TDX collector for the secret,
> which would feed the value into the SecretDxe, but these changes
> should ensure that no further changes would be required by the secret
> consumers.
> 
> James
> 
> ---
> 
> James Bottomley (2):
>   OvmfPkg: Change SEV Launch Secret API to be UINT64 for base and size
>   OvmfPkg/AmdSev/SecretDxe: make secret location naming generic
> 
>  OvmfPkg/OvmfPkg.dec                                |  2 +-
>  OvmfPkg/AmdSev/SecretDxe/SecretDxe.inf             |  2 +-
>  ...aunchSecret.h => ConfidentialComputingSecret.h} | 14 +++++++-------
>  OvmfPkg/AmdSev/SecretDxe/SecretDxe.c               |  6 +++---
>  4 files changed, 12 insertions(+), 12 deletions(-)
>  rename OvmfPkg/Include/Guid/{SevLaunchSecret.h => ConfidentialComputingSecret.h} (65%)
> 

series
Reviewed-by: Laszlo Ersek <lersek at redhat.com>

I tried merging this:

https://github.com/tianocore/edk2/pull/1235

but the Ubuntu builds all failed. I've checked two logs:

https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=16967&view=logs&j=cf2d8b26-a21c-5c68-abf4-b944c123e462&t=5ffbbe5c-1d3a-55f5-5ef3-8a0ef80d76a1&l=184
https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=16968&view=logs&j=47cf355a-6eb4-51a8-46a8-ff4028bfcac0&t=beedef5d-00d0-5a8c-fa35-57d7319988c2&l=182

They say,

INFO - /bin/sh: 1: qemu-system-aarch64: not found
INFO - /bin/sh: 1: qemu-system-x86_64: not found

I guess I won't be merging the three patch sets that I had planned for
this evening...

Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#69148): https://edk2.groups.io/g/devel/message/69148
Mute This Topic: https://groups.io/mt/78991600/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list