[edk2-devel] [PATCH V5 2/2] OvmfPkg/ResetVector: Enable Intel TDX in ResetVector of Ovmf
Yao, Jiewen
jiewen.yao at intel.com
Tue Sep 14 03:54:00 UTC 2021
I think it is OK to always enable 4-level paging at this moment.
5-level paging enabling is NOT super critical for TDX enabling at this moment, as long as we can boot OS kernel. I am fine to enable it later, in a separate patch.
Let's cross the bridge when we come to it.
Thank you
Yao Jiewen
> -----Original Message-----
> From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> Sent: Friday, September 10, 2021 4:20 PM
> To: Xu, Min M <min.m.xu at intel.com>
> Cc: Yao, Jiewen <jiewen.yao at intel.com>; devel at edk2.groups.io; Ard
> Biesheuvel <ardb+tianocore at kernel.org>; Justen, Jordan L
> <jordan.l.justen at intel.com>; Brijesh Singh <brijesh.singh at amd.com>; Erdem
> Aktas <erdemaktas at google.com>; James Bottomley <jejb at linux.ibm.com>;
> Tom Lendacky <thomas.lendacky at amd.com>
> Subject: Re: [edk2-devel] [PATCH V5 2/2] OvmfPkg/ResetVector: Enable Intel
> TDX in ResetVector of Ovmf
>
> Hi,
>
> > > If we can use 4-level paging initially, then we surely should go for option (1)
> > > and simply not touch the reset vectors paging code.
>
> > After PoC I find this option is not a good one. Though the reset
> > vectors is not touched, there are tricky changes in DxeIpl. To set up
> > 5-level paging in an 4-level paging, it should first be switched from
> > 64-bit long mode to 32 protected mode, then turn off the Paging,
> > disable IA32_ERER.LME, then set the Cr4. The tricky thing is that in
> > TDX IA32_EFER is not changeable. MdeModulePkg/.../DxeIpl is widely
> > used and it is high risk to make such changes.
>
> Ok. One more question: Do we have to use 5-level paging at all?
>
> The only reason I could see is accepting memory with a gpa above 4-level
> address space. But with the longer-term plan to support lazy acceptance
> (and passing unaccepted memory ranges to the guest kernel) this reason
> goes away.
>
> So I think we could just leave it to the guest kernel to deal with the
> switch from 4-level to 5-level paging. Or do I miss something?
>
> take care,
> Gerd
>
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80637): https://edk2.groups.io/g/devel/message/80637
Mute This Topic: https://groups.io/mt/85242569/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list