Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: 5c63e22a9fe268bdfa18d49419cbf43d4ec65b93
https://github.com/tianocore/edk2/commit/5c63e22a9fe268bdfa18d49419cbf43d4ec65b93
Author: Dionna Glaze <dionnagl...@google.com>
Date: 2024-08-31 (Sat, 31 Aug 2024)
Changed paths:
M OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm
Log Message:
-----------
OvmfPkg: Move kernel hashes section to end
When launching a SEV-SNP VM, the ROM is not all that must be measured.
The OvmfSevMetadata sections describe ranges of memory that must be
measured with different types than PAGE_TYPE_NORMAL, except one. The
SevSnpKernelHashes page is also PAGE_TYPE_NORMAL, but is populated by
the VMM from configuration data that is separate from the OVMF build
itself. To more compactly provide reference values for the measurement
of the firmware separately from the kernel hashes, it's advantageous to
measure as much known information as possible first.
Whereas VMMs are permitted to measure these sections in any order they
prefer, the normative order of how they appear in the .fd is easiest to
follow. This change is semantics-preserving. Measurement calculation
tools that do not follow the normative ordering would need updating to
accommodate, but I don't know of any. The accounting for EC2 moving the
CPUID page to the end of measurement would be unchanged.
This change is to improve performance of a proposed launch update event
log to separate responsibility for initially measured data before VM
launch, application/vnd.amd.sevsnp.launch-updates+cbor:
https://github.com/deeglaze/draft-deeglaze-amd-sev-snp-corim-profile
Signed-off-by: Dionna Glaze <dionnagl...@google.com>
To unsubscribe from these emails, change your notification settings at
https://github.com/tianocore/edk2/settings/notifications
_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits
