Hi, > > The design idea is to reuse the request serialization protocol edk2 uses > > for communication between SMM and non-SMM code, so large chunks of the > > edk2 variable driver stack can be used unmodified. Only the driver > > which traps into SMM mode must be replaced by a driver which talks to > > qemu instead. > > In the coconut-svsm project there's a likely need for coconut to > provide a UEFI variable store, since we can't store plain text > variables in host context for confidential VMs. > > Am I right in thinking that this design approach could be reused > in coconut context with coconut providing the equivalent backend > service, and EDK2 using the same driver to talk to either QEMU > or Coconut's service ?
Yes, that is the idea. Right now the edk2 driver has two modes, one talking to the isa device and one talking to the sysbus device. Adding a third mode which uses a svsm protocol should be easy. Writing the efi variable service for coconut is the more challenging item here. /me plans to look into that later this year. take care, Gerd
