Re: [edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for Confidential Computing related modules

[Yao, Jiewen]

Agree. Just one "confidential computing" can make things simpler.


> -Original Message-
> From: devel@edk2.groups.io  On Behalf Of James
> Bottomley
> Sent: Wednesday, March 10, 2021 11:34 PM
> To: Laszlo Ersek ; Xu, Min M ; Yao,
> Jiewen ; Brijesh Singh ; Tom
> Lendacky 
> Cc: devel@edk2.groups.io; Andrew Fish ; Leif Lindholm
> ; Kinney, Michael D 
> Subject: Re: [edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for
> Confidential Computing related modules
> 
> On Wed, 2021-03-10 at 15:20 +0100, Laszlo Ersek wrote:
> [...]
> > (2) Reviewing this patch makes me realize we've missed some
> > "Maintainers.txt" updates in the past, in relation to SEV and/or
> > confidential computing.
> >
> > Namely, we did not designated any reviewers for the following
> > pathnames:
> >
> >   OvmfPkg/AmdSev/
> >   OvmfPkg/Include/Guid/ConfidentialComputingSecret.h
> >   OvmfPkg/Library/PlatformBootManagerLibGrub/
> >
> > (from <https://bugzilla.tianocore.org/show_bug.cgi?id=3077>;), also
> >
> >   OvmfPkg/ResetVector/
> >
> > (from <https://bugzilla.tianocore.org/show_bug.cgi?id=2198>;).
> >
> > That should be fixed up before adding anything TDX related (I can
> > submit a patch series, but first, the next point needs to be
> > cleared.)
> 
> I'm happy to be added for all of it ... the first three are all me and
> the last one I added something to.
> 
> > (3) After racking my brain for half an hour, I can find no good way
> > to have TDX/SEV separation *plus* a Confidential Computing section in
> > "Maintainers.txt". Whatever I managed to think of requires us to
> > either duplicate email addresses, or duplicate pathnames ("F:"
> > patterns) -- or even both.
> >
> > So... can we simply rename the current SEV subsystem to "Confidential
> > Computing", and keep both TDX and SEV modules under it? We could
> > place a unified email address list there, with Brijesh, James,
> > Jiewen, Min, Tom.
> >
> > I don't think this should cause any confusion, because:
> >
> > - @intel.com emails are clearly closely associated with TDX, and
> > @amd.com emails are clearly closely associated with SEV,
> >
> > - most filenames will (or do already) include "AmdSev" or "Tdx",
> >
> > - future patches should clearly label themselves as "SEV only", "TDX
> > only", or "confidential computing in general" -- this should be clear
> > from the patch subjects.
> 
> That should work ... it's entirely possible that SecretDxe and
> SecretPei can work for Intel as well ... we don't know yet, so they may
> not need a prefix.
> 
> > IOW, there should be no confusion as to who's required to review
> > what, but at the same time we'd have a simple solution for cross-
> > posting all interested parties.
> >
> > Thoughts?
> 
> Works for me ... IBM is interested in both SEV and TDX and having them
> be as similar as posisble.
> 
> James
> 
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72635): https://edk2.groups.io/g/devel/message/72635
Mute This Topic: https://groups.io/mt/81219131/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for Confidential Computing related modules

[Brijesh Singh]

On 3/10/21 9:09 AM, Tom Lendacky wrote:
> On 3/10/21 8:20 AM, Laszlo Ersek wrote:
>> Adding James, Brijesh, Tom; comments below:
>>
>> On 03/10/21 03:55, Min Xu wrote:
>>> Register reviewers for the Confidential Computing related modules in
>>> OvmfPkg.
>>>
>>> Cc: Andrew Fish 
>>> Cc: Laszlo Ersek 
>>> Cc: Leif Lindholm 
>>> Cc: Michael D Kinney 
>>> Cc: Jiewen Yao 
>>> Signed-off-by: Min Xu 
>>> ---
>
> ...
>
>>
>> So... can we simply rename the current SEV subsystem to "Confidential
>> Computing", and keep both TDX and SEV modules under it? We could place a
>> unified email address list there, with Brijesh, James, Jiewen, Min, Tom.
>>
>> I don't think this should cause any confusion, because:
>>
>> - @intel.com emails are clearly closely associated with TDX, and
>> @amd.com emails are clearly closely associated with SEV,
>>
>> - most filenames will (or do already) include "AmdSev" or "Tdx",
>>
>> - future patches should clearly label themselves as "SEV only", "TDX
>> only", or "confidential computing in general" -- this should be clear
>> from the patch subjects.
>>
>> IOW, there should be no confusion as to who's required to review what,
>> but at the same time we'd have a simple solution for cross-posting all
>> interested parties.
>>
>> Thoughts?
>
> Works for me.


Works for me as well.



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72634): https://edk2.groups.io/g/devel/message/72634
Mute This Topic: https://groups.io/mt/81219131/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for Confidential Computing related modules

[James Bottomley]

On Wed, 2021-03-10 at 15:20 +0100, Laszlo Ersek wrote:
[...]
> (2) Reviewing this patch makes me realize we've missed some
> "Maintainers.txt" updates in the past, in relation to SEV and/or
> confidential computing.
> 
> Namely, we did not designated any reviewers for the following
> pathnames:
> 
>   OvmfPkg/AmdSev/
>   OvmfPkg/Include/Guid/ConfidentialComputingSecret.h
>   OvmfPkg/Library/PlatformBootManagerLibGrub/
> 
> (from ;), also
> 
>   OvmfPkg/ResetVector/
> 
> (from ;).
> 
> That should be fixed up before adding anything TDX related (I can
> submit a patch series, but first, the next point needs to be
> cleared.)

I'm happy to be added for all of it ... the first three are all me and
the last one I added something to.

> (3) After racking my brain for half an hour, I can find no good way
> to have TDX/SEV separation *plus* a Confidential Computing section in
> "Maintainers.txt". Whatever I managed to think of requires us to
> either duplicate email addresses, or duplicate pathnames ("F:"
> patterns) -- or even both.
> 
> So... can we simply rename the current SEV subsystem to "Confidential
> Computing", and keep both TDX and SEV modules under it? We could
> place a unified email address list there, with Brijesh, James,
> Jiewen, Min, Tom.
> 
> I don't think this should cause any confusion, because:
> 
> - @intel.com emails are clearly closely associated with TDX, and
> @amd.com emails are clearly closely associated with SEV,
> 
> - most filenames will (or do already) include "AmdSev" or "Tdx",
> 
> - future patches should clearly label themselves as "SEV only", "TDX
> only", or "confidential computing in general" -- this should be clear
> from the patch subjects.

That should work ... it's entirely possible that SecretDxe and
SecretPei can work for Intel as well ... we don't know yet, so they may
not need a prefix.

> IOW, there should be no confusion as to who's required to review
> what, but at the same time we'd have a simple solution for cross-
> posting all interested parties.
> 
> Thoughts?

Works for me ... IBM is interested in both SEV and TDX and having them
be as similar as posisble.

James




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72632): https://edk2.groups.io/g/devel/message/72632
Mute This Topic: https://groups.io/mt/81219131/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for Confidential Computing related modules

[Lendacky, Thomas]

On 3/10/21 8:20 AM, Laszlo Ersek wrote:

Adding James, Brijesh, Tom; comments below:

On 03/10/21 03:55, Min Xu wrote:

Register reviewers for the Confidential Computing related modules in
OvmfPkg.

Cc: Andrew Fish 
Cc: Laszlo Ersek 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Jiewen Yao 
Signed-off-by: Min Xu 
---


...



So... can we simply rename the current SEV subsystem to "Confidential
Computing", and keep both TDX and SEV modules under it? We could place a
unified email address list there, with Brijesh, James, Jiewen, Min, Tom.

I don't think this should cause any confusion, because:

- @intel.com emails are clearly closely associated with TDX, and
@amd.com emails are clearly closely associated with SEV,

- most filenames will (or do already) include "AmdSev" or "Tdx",

- future patches should clearly label themselves as "SEV only", "TDX
only", or "confidential computing in general" -- this should be clear
from the patch subjects.

IOW, there should be no confusion as to who's required to review what,
but at the same time we'd have a simple solution for cross-posting all
interested parties.

Thoughts?


Works for me.

Thanks,
Tom



Thanks,
Laszlo




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72630): https://edk2.groups.io/g/devel/message/72630
Mute This Topic: https://groups.io/mt/81219131/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for Confidential Computing related modules

[Laszlo Ersek]

Adding James, Brijesh, Tom; comments below:

On 03/10/21 03:55, Min Xu wrote:
> Register reviewers for the Confidential Computing related modules in
> OvmfPkg.
>
> Cc: Andrew Fish 
> Cc: Laszlo Ersek 
> Cc: Leif Lindholm 
> Cc: Michael D Kinney 
> Cc: Jiewen Yao 
> Signed-off-by: Min Xu 
> ---
>  Maintainers.txt | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/Maintainers.txt b/Maintainers.txt
> index 7d9fe89d6d28..220af0ee9b80 100644
> --- a/Maintainers.txt
> +++ b/Maintainers.txt
> @@ -469,6 +469,9 @@ OvmfPkg: TDX-related modules
>  R: Jiewen Yao 
>  R: Min Xu 
>
> +OvmfPkg: Confidential Computing related modules
> +R: Jiewen Yao 
> +
>  OvmfPkg: TCG- and TPM2-related modules
>  F: OvmfPkg/Include/IndustryStandard/QemuTpm.h
>  F: OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
>

(1) Same comment as under patch#1 -- please honor the alphabetical
ordering of the subsystem titles.

(2) Reviewing this patch makes me realize we've missed some
"Maintainers.txt" updates in the past, in relation to SEV and/or
confidential computing.

Namely, we did not designated any reviewers for the following pathnames:

  OvmfPkg/AmdSev/
  OvmfPkg/Include/Guid/ConfidentialComputingSecret.h
  OvmfPkg/Library/PlatformBootManagerLibGrub/

(from ), also

  OvmfPkg/ResetVector/

(from ).

That should be fixed up before adding anything TDX related (I can submit
a patch series, but first, the next point needs to be cleared.)

(3) After racking my brain for half an hour, I can find no good way to
have TDX/SEV separation *plus* a Confidential Computing section in
"Maintainers.txt". Whatever I managed to think of requires us to either
duplicate email addresses, or duplicate pathnames ("F:" patterns) -- or
even both.

So... can we simply rename the current SEV subsystem to "Confidential
Computing", and keep both TDX and SEV modules under it? We could place a
unified email address list there, with Brijesh, James, Jiewen, Min, Tom.

I don't think this should cause any confusion, because:

- @intel.com emails are clearly closely associated with TDX, and
@amd.com emails are clearly closely associated with SEV,

- most filenames will (or do already) include "AmdSev" or "Tdx",

- future patches should clearly label themselves as "SEV only", "TDX
only", or "confidential computing in general" -- this should be clear
from the patch subjects.

IOW, there should be no confusion as to who's required to review what,
but at the same time we'd have a simple solution for cross-posting all
interested parties.

Thoughts?

Thanks,
Laszlo



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72628): https://edk2.groups.io/g/devel/message/72628
Mute This Topic: https://groups.io/mt/81219131/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 2/2] Maintainers.txt: Add reviewers for Confidential Computing related modules

[Min Xu]

Register reviewers for the Confidential Computing related modules in
OvmfPkg.

Cc: Andrew Fish 
Cc: Laszlo Ersek 
Cc: Leif Lindholm 
Cc: Michael D Kinney 
Cc: Jiewen Yao 
Signed-off-by: Min Xu 
---
 Maintainers.txt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Maintainers.txt b/Maintainers.txt
index 7d9fe89d6d28..220af0ee9b80 100644
--- a/Maintainers.txt
+++ b/Maintainers.txt
@@ -469,6 +469,9 @@ OvmfPkg: TDX-related modules
 R: Jiewen Yao 
 R: Min Xu 
 
+OvmfPkg: Confidential Computing related modules
+R: Jiewen Yao 
+
 OvmfPkg: TCG- and TPM2-related modules
 F: OvmfPkg/Include/IndustryStandard/QemuTpm.h
 F: OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
-- 
2.29.2.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#72605): https://edk2.groups.io/g/devel/message/72605
Mute This Topic: https://groups.io/mt/81219131/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-