[edk2-devel] [PATCH v6 02/29] OvmfPkg: reserve CPUID page for SEV-SNP
Brijesh Singh via groups.io
brijesh.singh=amd.com at groups.io
Thu Sep 2 12:28:25 UTC 2021
Hi Gerd,
On 9/2/21 3:04 AM, Gerd Hoffmann wrote:
> On Wed, Sep 01, 2021 at 11:16:19AM -0500, Brijesh Singh wrote:
>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C13c81a39aa2e4f22430e08d96de85a69%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637661666978547521%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4b22Sv6xoUGQ3xutPYdsqb4cNh1SS9Z8MOQG7dHiqYU%3D&reserved=0
>>
>> Platform features and capabilities are traditionally discovered via the
>> CPUID instruction. Hypervisors typically trap and emulate the CPUID
>> instruction for a variety of reasons. There are some cases where incorrect
>> CPUID information can potentially lead to a security issue. The SEV-SNP
>> firmware provides a feature to filter the CPUID results through the PSP.
>> The filtered CPUID values are saved on a special page for the guest to
>> consume. Reserve a page in MEMFD that will contain the results of
>> filtered CPUID values.
> Is the format of the page documented somewhere?
Yes, it is documented in the SEV-SNP spec [1] section 7.1 and the checks
performed by the SEV-SNP firmware are documented in the PPR [2] section
2.1.5.3. I will document these link in the commit message.
[1] https://www.amd.com/system/files/TechDocs/56860.pdf
[2]
https://www.amd.com/en/support/tech-docs/processor-programming-reference-ppr-for-amd-family-19h-model-01h-revision-b1
> Is this snp-specific? Or could this also be used without snp?
This is SNP specific format and cannot be used without SNP.
thanks
Brijesh
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80156): https://edk2.groups.io/g/devel/message/80156
Mute This Topic: https://groups.io/mt/85306655/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list