On Thu, Oct 14, 2021 at 05:11:22PM -0500, Brijesh Singh wrote: > > On 10/14/21 1:58 AM, Gerd Hoffmann wrote: > > On Wed, Oct 13, 2021 at 11:57:11AM -0500, Brijesh Singh wrote: > >> When SEV-SNP is active, the CPUID and Secrets memory range contains the > >> information that is used during the VM boot. The content need to be persist > >> across the kexec boot. Mark the memory range as Reserved in the EFI map > >> so that guest OS or firmware does not use the range as a system RAM. > > Why is this needed? Isn't the complete firmware memory tagged as > > reserved anyway? > > PlatformPei detects all the guest memory and marks it as a SYSTEM_RAM > unless its an MMIO or added as reserved in e820 map file. Since the > Secrets and CPUID pages are part of system RAM so we need to explicitly > exclude these region.
secret and cpuid are in memfd which in turn is part of the firmware image mapping which is reserved in the e820 map: kraxel@rhel8 ~# dmesg | grep -i e820 [ ... some lines snipped ... ] [ 0.000000] BIOS-e820: [mem 0x000000007ff7c000-0x000000007fffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved [ 0.000000] BIOS-e820: [mem 0x00000000ffc00000-0x00000000ffffffff] reserved <= here [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000027fffffff] usable I think they should be covered already ... take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82089): https://edk2.groups.io/g/devel/message/82089 Mute This Topic: https://groups.io/mt/86292921/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
