On Wed, Jun 30, 2021 at 5:54 AM Brijesh Singh <brijesh.si...@amd.com> wrote: > > a) Enhance the OVMF reset vector code to validate the pages as described > above (go through step 2 - 3). > OR > b) Validate the pages during the guest creation time. The SEV firmware > provides a command which can be used by the VMM to validate the pages > without affecting the measurement of the launch.
Are you referring to the PAGE_TYPE_UNMEASURED? Does it not affect the measurement , PAGE_INFO will be still measured, right? > Approach #b seems much simpler; it does not require any changes to the > OVMF reset vector code. I am worried about verifying the measurement. I understand the secret page and cpuid page being part of measurement because both of them are mentioned in the AMD SNP SPEC but now we are introducing a new parameters (all the 4KB page addresses between SNP_HV_VALIDATED_START and SNP_HV_VALIDATED_END) that VM owner needs to know to calculate the measurement and verify the attestation. Sorry if I am overthinking or missing something here. -Erdem -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#78464): https://edk2.groups.io/g/devel/message/78464 Mute This Topic: https://groups.io/mt/83891520/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
