On 10/14/21 10:26 PM, Gerd Hoffmann wrote: > On Thu, Oct 14, 2021 at 05:11:22PM -0500, Brijesh Singh wrote: >> On 10/14/21 1:58 AM, Gerd Hoffmann wrote: >>> On Wed, Oct 13, 2021 at 11:57:11AM -0500, Brijesh Singh wrote: >>>> When SEV-SNP is active, the CPUID and Secrets memory range contains the >>>> information that is used during the VM boot. The content need to be persist >>>> across the kexec boot. Mark the memory range as Reserved in the EFI map >>>> so that guest OS or firmware does not use the range as a system RAM. >>> Why is this needed? Isn't the complete firmware memory tagged as >>> reserved anyway? >> PlatformPei detects all the guest memory and marks it as a SYSTEM_RAM >> unless its an MMIO or added as reserved in e820 map file. Since the >> Secrets and CPUID pages are part of system RAM so we need to explicitly >> exclude these region. > secret and cpuid are in memfd which in turn is part of the firmware > image mapping which is reserved in the e820 map: > > kraxel@rhel8 ~# dmesg | grep -i e820 > [ ... some lines snipped ... ] > [ 0.000000] BIOS-e820: [mem 0x000000007ff7c000-0x000000007fffffff] reserved > [ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved > [ 0.000000] BIOS-e820: [mem 0x00000000ffc00000-0x00000000ffffffff] > reserved <= here > [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000027fffffff] usable > > I think they should be covered already ...
The MEMFD range is outside of the firmware image map, MEMFD begins with 0x800000 [1] and in my boots I don't see it reserved in e820. Here is the snippet. [ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009ffff] usable [ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000007fffff] usable [ 0.000000] BIOS-e820: [mem 0x0000000000800000-0x0000000000807fff] ACPI NVS [ 0.000000] BIOS-e820: [mem 0x0000000000808000-0x000000000080afff] usable [ 0.000000] BIOS-e820: [mem 0x000000000080b000-0x000000000080bfff] ACPI NVS [ 0.000000] BIOS-e820: [mem 0x000000000080c000-0x000000000080ffff] usable [ 0.000000] BIOS-e820: [mem 0x0000000000810000-0x00000000008fffff] ACPI NVS [ 0.000000] BIOS-e820: [mem 0x0000000000900000-0x000000007f4eefff] usable [ 0.000000] BIOS-e820: [mem 0x000000007f4ef000-0x000000007f76efff] reserved [ 0.000000] BIOS-e820: [mem 0x000000007f76f000-0x000000007f77efff] ACPI data [ 0.000000] BIOS-e820: [mem 0x000000007f77f000-0x000000007f7fefff] ACPI NVS [ 0.000000] BIOS-e820: [mem 0x000000007f7ff000-0x000000007fcfbfff] usable [ 0.000000] BIOS-e820: [mem 0x000000007fcfc000-0x000000007fd7ffff] reserved [ 0.000000] BIOS-e820: [mem 0x000000007fd80000-0x000000007fffffff] ACPI NVS [ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved [ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000017fffffff] usable [1] https://github.com/tianocore/edk2/blob/master/OvmfPkg/OvmfPkgDefines.fdf.inc#L97 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82143): https://edk2.groups.io/g/devel/message/82143 Mute This Topic: https://groups.io/mt/86292921/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
