Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the resu

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the resu

From:	Xiaoyao Li
Subject:	Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState
Date:	Tue, 25 Jan 2022 16:22:38 +0800
User-agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0 Thunderbird/91.5.0

On 1/25/2022 3:42 PM, Gerd Hoffmann wrote:

Regarding what interface should be used to load TDVF, there are three
options:

   1) pflash: the same as how we load OVMF.

   Suppose TDVF support will finally get into OVMF, using this
   interface, it's full compatible with normal VMs. No change required
   to QEMU command line and TDVF binary is mapped to the GPA address
   right below 4G, but they are actually mapped as RAM.

   Of course, we need several hacks (special handling) in QEMU.


What kind if "hack"?

For example, several pflash codes require the support of read-onlymemslot from KVM. We need to absolve it for TDX guest.

And the pflash won't work as a flash device that no write inducedKVM_EXIT_MMIO will go to its callback.

   Of course, they don't work as flash, the change made to it doesn't
   persist.

   2) -bios

   exploit "-bios" parameter to load TDVF. But again, read-only is not
   supported. TDVF is mapped as RAM.

   3) generic loader

   Just like what this series does. Implement specific parser in generic
   loader to load and parse TDVF as private RAM.

I'm nor sure if 1) is acceptable from your side. If not, we will go with
option 3, since 2) doesn't make too much sense.


Yep, Daniel (Cc'ed) tried (2) recently for SEV.  Didn't work due to
differences in -bios and -pflash reset handling.  So that option is
out I guess.

SEV uses (1), and there is some support code which you should be able to
reuse (walker for the list of guid-sections with meta-data in the ovmf
reset vector for example).

So TDX going for (1) too is probably the best option.


Yes. With option 1), it's friendly to user that no command change.

And also compatible for future TDX/TDVF when non-volatile variable issupported.

Next version of this series will go with option 1). Let's wait and seeif the real implementation is acceptable or not.

take care,
   Gerd

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Xiaoyao Li, 2022/01/04
- Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Laszlo Ersek, 2022/01/06
  - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Xiaoyao Li, 2022/01/07
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Gerd Hoffmann, 2022/01/10
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Xiaoyao Li, 2022/01/10
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Laszlo Ersek, 2022/01/11
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Laszlo Ersek, 2022/01/11
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Xiaoyao Li, 2022/01/24
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Gerd Hoffmann, 2022/01/25
    - Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState, Xiaoyao Li <=

Prev by Date: Re: [PATCH v2 08/14] target/ppc: 405: System call exception cleanup
Next by Date: Re: [PATCH 3/3] hw/display/artist: rewrite vram access mode handling
Previous by thread: Re: [RFC PATCH v2 20/44] i386/tdx: Parse tdx metadata and store the result into TdxGuestState
Next by thread: Re: [PATCH] vl: Add -set options to device opts dict when using JSON syntax for -device
Index(es):
- Date
- Thread