Re: [PATCH v9 29/43] x86/boot: Add Confidential Computing type to setup_data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/4/22 10:21 AM, Borislav Petkov wrote:
> On Fri, Jan 28, 2022 at 11:17:50AM -0600, Brijesh Singh wrote:
>> +/*
>> + * AMD SEV Confidential computing blob structure. The structure is
>> + * defined in OVMF UEFI firmware header:
>> + * https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2%2Fblob%2Fmaster%2FOvmfPkg%2FInclude%2FGuid%2FConfidentialComputingSevSnpBlob.h&data=04%7C01%7Cbrijesh.singh%40amd.com%7C334b7454d7a541f3497d08d9e7fa796c%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637795885258984697%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=XNPvA7re7WHpAgzeuOC%2Buu0ql18P6KOIbP5ZriFsxEY%3D&reserved=0
> So looking at that typedef struct CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION there:
>
> typedef struct {
>   UINT32    Header;
>   UINT16    Version;
>   UINT16    Reserved1;
>   UINT64    SecretsPhysicalAddress;
>   UINT32    SecretsSize;
>   UINT64    CpuidPhysicalAddress;
>   UINT32    CpuidLSize;
> } CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION;
>
>> + */
>> +#define CC_BLOB_SEV_HDR_MAGIC	0x45444d41
>> +struct cc_blob_sev_info {
>> +	u32 magic;
> That's called "Header" there.

I will rename it to keep it consistent with OVMF header.


>> +	u16 version;
>> +	u16 reserved;
>> +	u64 secrets_phys;
>> +	u32 secrets_len;
>> +	u32 rsvd1;
> You've added that member for padding but the fw blob one doesn't have
> it.
>
> But if we get a blob from the firmware and the structure layout differs,
> how is this supposed to even work?
>
>> +	u64 cpuid_phys;
>> +	u32 cpuid_len;
>> +	u32 rsvd2;
> That one too.
>
> Or are you going to change the blob layout in ovmf too, to match?

Yes, that's the plan. I have tested my OVMF with v9 and everything looks
good at the runtime. Will send OVMF patch to match the blob layout.





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux