Hi, [ /me reading through a bunch of old threads .... ]
> Many of the integrity guarantees of SEV-SNP are enforced through a new > structure called the Reverse Map Table (RMP). Adding a new page to SEV-SNP > VM requires a 2-step process. First, the hypervisor assigns a page to the > guest using the new RMPUPDATE instruction. This transitions the page to > guest-invalid. Second, the guest validates the page using the new PVALIDATE > instruction. Intel TDX names this "accepting pages", but it is basically the same concept, correct? If so I see opportunities to share code here. The problem of tracking which pages are validated/accepted and which are not should be the same for both TDX and SEV-SNP. The overall workflow (which phase validates/accepts which pages etc.) should be identical too. > At this time we only support the pre-validation. OVMF detects all the > available > system RAM in the PEI phase. When SEV-SNP is enabled, the memory is validated > before it is made available to the EDK2 core. How do you detect memory? Intel wants pass a hob with a memory map (and possibly more config info) to the early boot code, and I'm wondering why TDX needs that while SEV-SNP apparently doesn't (at least I havn't noticed anything similar while going over the patches quickly). thanks, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79883): https://edk2.groups.io/g/devel/message/79883 Mute This Topic: https://groups.io/mt/83891508/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
