[edk2-devel] [PATCH RFC v2 21/28] OvmfPkg/MemEncryptSevLib: Add support to validate system RAM

Brijesh Singh brijesh.singh at amd.com
Mon May 3 18:56:25 UTC 2021 

On 5/3/21 9:04 AM, Erdem Aktas wrote:
>> +    //
>> +    // If the request page state change is shared then invalidate the pages before
>> +    // adding the page in the RMP table.
>> +    //
>> +    if (State == SevSnpPagePrivate) {
>> +      PvalidateRange (Info, 0, i, TRUE);
>> +    }
> Looks like some copy-paste mistake in the comment.

Ah, thanks for pointing. Yes its copy-paste error.


> Also, it checks the  if hypervisor failed to process all the entries
> for shared pages, but I do not see that it is checked if for the
> private pages. Is there any reason for that?

Sorry, I am not able to follow, can you please expand your review
comment. In the current patch the approach is:

- If page change request is shared then invalidate the range before
requesting the page state change in the RMP.

- Issue the page state change request. Make sure all the entries are
processed by the hypervisor.

- If the page change request is private then validate the range after
its added in the RMP table.


>
>
>> +    VmgDone (Ghcb, InterruptState);
>> +  }
>> +}
>> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
>> index f9355172d6..1c1e911bd0 100644
>> --- a/OvmfPkg/OvmfPkgIa32.dsc
>> +++ b/OvmfPkg/OvmfPkgIa32.dsc
>> @@ -267,6 +267,7 @@
>>  !else
>>    CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
>>  !endif
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>>
>>  [LibraryClasses.common.PEI_CORE]
>>    HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
>> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
>> index 3f27d7b90d..804f5d62be 100644
>> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
>> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
>> @@ -271,6 +271,7 @@
>>  !else
>>    CpuExceptionHandlerLib|UefiCpuPkg/Library/CpuExceptionHandlerLib/SecPeiCpuExceptionHandlerLib.inf
>>  !endif
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf
>>
>>  [LibraryClasses.common.PEI_CORE]
>>    HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
>> --
>> 2.17.1
>>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#74712): https://edk2.groups.io/g/devel/message/74712
Mute This Topic: https://groups.io/mt/82479072/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list