Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-31 Thread Gerd Hoffmann
Hi, > >> Check if that page is defined; if it is, skip it in the metadata > >> list. > >> In such case, VMM should fill the page with the hashes content, or > >> explicitly update it as a zero page (if kernel hashes are not used). > > > > Is it an option to just skip the

Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-30 Thread Dov Murik
On 30/03/2022 22:35, Brijesh Singh wrote: > > > On 3/30/22 14:31, Dov Murik wrote: >> >> >> On 30/03/2022 22:27, Brijesh Singh wrote: >>> >>> >>> On 3/30/22 01:04, Dov Murik wrote: On 30/03/2022 8:20, Gerd Hoffmann wrote: >     Hi, > >> Check if that page is

Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-30 Thread Brijesh Singh via groups.io
On 3/30/22 14:31, Dov Murik wrote: On 30/03/2022 22:27, Brijesh Singh wrote: On 3/30/22 01:04, Dov Murik wrote: On 30/03/2022 8:20, Gerd Hoffmann wrote:    Hi, Check if that page is defined; if it is, skip it in the metadata list. In such case, VMM should fill the page with the

Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-30 Thread Dov Murik
On 30/03/2022 22:27, Brijesh Singh wrote: > > > On 3/30/22 01:04, Dov Murik wrote: >> >> >> On 30/03/2022 8:20, Gerd Hoffmann wrote: >>>    Hi, >>> Check if that page is defined; if it is, skip it in the metadata list. In such case, VMM should fill the page with the hashes content,

Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-30 Thread Brijesh Singh via groups.io
On 3/30/22 01:04, Dov Murik wrote: On 30/03/2022 8:20, Gerd Hoffmann wrote: Hi, Check if that page is defined; if it is, skip it in the metadata list. In such case, VMM should fill the page with the hashes content, or explicitly update it as a zero page (if kernel hashes are not

Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-30 Thread Dov Murik
On 30/03/2022 8:20, Gerd Hoffmann wrote: > Hi, > >> Check if that page is defined; if it is, skip it in the metadata list. >> In such case, VMM should fill the page with the hashes content, or >> explicitly update it as a zero page (if kernel hashes are not used). > > Is it an option to

Re: [edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-29 Thread Gerd Hoffmann
Hi, > Check if that page is defined; if it is, skip it in the metadata list. > In such case, VMM should fill the page with the hashes content, or > explicitly update it as a zero page (if kernel hashes are not used). Is it an option to just skip the page unconditionally? I think in the

[edk2-devel] [PATCH 2/2] OvmfPkg/ResetVector: Exclude SEV launch secrets page from pre-validation

2022-03-28 Thread Dov Murik
In order to allow the VMM (such as QEMU) to add a page with hashes of kernel/initrd/cmdline for measured direct boot on SNP, this page must not be part of the SNP metadata list reported to the VMM. Check if that page is defined; if it is, skip it in the metadata list. In such case, VMM should