[edk2-devel] [PATCH v9 30/32] OvmfPkg/PlatformPei: mark cpuid and secrets memory reserved in EFI map
Brijesh Singh via groups.io
brijesh.singh=amd.com at groups.io
Fri Oct 15 15:46:36 UTC 2021
On 10/14/21 10:26 PM, Gerd Hoffmann wrote:
> On Thu, Oct 14, 2021 at 05:11:22PM -0500, Brijesh Singh wrote:
>> On 10/14/21 1:58 AM, Gerd Hoffmann wrote:
>>> On Wed, Oct 13, 2021 at 11:57:11AM -0500, Brijesh Singh wrote:
>>>> When SEV-SNP is active, the CPUID and Secrets memory range contains the
>>>> information that is used during the VM boot. The content need to be persist
>>>> across the kexec boot. Mark the memory range as Reserved in the EFI map
>>>> so that guest OS or firmware does not use the range as a system RAM.
>>> Why is this needed? Isn't the complete firmware memory tagged as
>>> reserved anyway?
>> PlatformPei detects all the guest memory and marks it as a SYSTEM_RAM
>> unless its an MMIO or added as reserved in e820 map file. Since the
>> Secrets and CPUID pages are part of system RAM so we need to explicitly
>> exclude these region.
> secret and cpuid are in memfd which in turn is part of the firmware
> image mapping which is reserved in the e820 map:
>
> kraxel at rhel8 ~# dmesg | grep -i e820
> [ ... some lines snipped ... ]
> [ 0.000000] BIOS-e820: [mem 0x000000007ff7c000-0x000000007fffffff] reserved
> [ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved
> [ 0.000000] BIOS-e820: [mem 0x00000000ffc00000-0x00000000ffffffff] reserved <= here
> [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000027fffffff] usable
>
> I think they should be covered already ...
The MEMFD range is outside of the firmware image map, MEMFD begins with
0x800000 [1] and in my boots I don't see it reserved in e820. Here is
the snippet.
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000007fffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000000800000-0x0000000000807fff]
ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x0000000000808000-0x000000000080afff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000080b000-0x000000000080bfff]
ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x000000000080c000-0x000000000080ffff] usable
[ 0.000000] BIOS-e820: [mem 0x0000000000810000-0x00000000008fffff]
ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x0000000000900000-0x000000007f4eefff] usable
[ 0.000000] BIOS-e820: [mem 0x000000007f4ef000-0x000000007f76efff]
reserved
[ 0.000000] BIOS-e820: [mem 0x000000007f76f000-0x000000007f77efff]
ACPI data
[ 0.000000] BIOS-e820: [mem 0x000000007f77f000-0x000000007f7fefff]
ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x000000007f7ff000-0x000000007fcfbfff] usable
[ 0.000000] BIOS-e820: [mem 0x000000007fcfc000-0x000000007fd7ffff]
reserved
[ 0.000000] BIOS-e820: [mem 0x000000007fd80000-0x000000007fffffff]
ACPI NVS
[ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff]
reserved
[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000017fffffff] usable
[1]
https://github.com/tianocore/edk2/blob/master/OvmfPkg/OvmfPkgDefines.fdf.inc#L97
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#82143): https://edk2.groups.io/g/devel/message/82143
Mute This Topic: https://groups.io/mt/86292921/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list