[edk2-devel] [PATCH V1 1/1] OvmfPkg/PlatformPei: Skip PlatformInitEmuVariableNvStore in SEV guest
Gerd Hoffmann
kraxel at redhat.com
Fri Apr 21 09:18:31 UTC 2023
> > Hmm, good question. Can the guest figure what memory ranges are part
> > of the launch measurement?
> >
> > I have a patch here (attached below) which refines flash detection and
> > can detect whenever varstore flash is writable or not. I suspect that
> > doesn't help much though as flash probing requires mappings already
> > being correct.
>
> Sorry for the delay, but, yeah, doesn't help. SEV and SEV-ES assert and
> SEV-SNP terminates because of accessing a shared page (in the RMP) as a
> private page (we don't support the generated 0x404 error code in the #VC
> handler).
Can you try this?
https://github.com/kraxel/edk2/commits/devel/secure-boot-pcd
It moves the varstore copy from platform init to emu variable driver,
which should be late enough that sev setup should be complete.
take care,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#103398): https://edk2.groups.io/g/devel/message/103398
Mute This Topic: https://groups.io/mt/97922617/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list