> > Hmm, good question. Can the guest figure what memory ranges are part > > of the launch measurement? > > > > I have a patch here (attached below) which refines flash detection and > > can detect whenever varstore flash is writable or not. I suspect that > > doesn't help much though as flash probing requires mappings already > > being correct. > > Sorry for the delay, but, yeah, doesn't help. SEV and SEV-ES assert and > SEV-SNP terminates because of accessing a shared page (in the RMP) as a > private page (we don't support the generated 0x404 error code in the #VC > handler).
Can you try this? https://github.com/kraxel/edk2/commits/devel/secure-boot-pcd It moves the varstore copy from platform init to emu variable driver, which should be late enough that sev setup should be complete. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#103398): https://edk2.groups.io/g/devel/message/103398 Mute This Topic: https://groups.io/mt/97922617/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
