Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Brijesh Singh <brijesh.singh@xxxxxxx>
Subject: Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
From: Borislav Petkov <bp@xxxxxxxxx>
Date: Fri, 25 Jun 2021 19:01:54 +0200
Cc: Michael Roth <michael.roth@xxxxxxx>, "Kuppuswamy, Sathyanarayanan" <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxx>, x86@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, linux-efi@xxxxxxxxxxxxxxx, platform-driver-x86@xxxxxxxxxxxxxxx, linux-coco@xxxxxxxxxxxxxxx, linux-mm@xxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Joerg Roedel <jroedel@xxxxxxx>, Tom Lendacky <thomas.lendacky@xxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Ard Biesheuvel <ardb@xxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Sean Christopherson <seanjc@xxxxxxxxxx>, Vitaly Kuznetsov <vkuznets@xxxxxxxxxx>, Wanpeng Li <wanpengli@xxxxxxxxxxx>, Jim Mattson <jmattson@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Sergio Lopez <slp@xxxxxxxxxx>, Peter Gonda <pgonda@xxxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Srinivas Pandruvada <srinivas.pandruvada@xxxxxxxxxxxxxxx>, David Rientjes <rientjes@xxxxxxxxxx>, tony.luck@xxxxxxxxx, npmccallum@xxxxxxxxxx
In-reply-to: <8faad91a-f229-dee3-0e1f-0b613596db17@amd.com>
References: <YMy2OGwsRzrR5bwD@zn.tnic> <162442264313.98837.16983159316116149849@amd.com> <YNMLX6fbB3PQwSpv@zn.tnic> <20210624031911.eznpkbgjt4e445xj@amd.com> <YNQz7ZxEaSWjcjO2@zn.tnic> <20210624123447.zbfkohbtdusey66w@amd.com> <YNSAlJnXMjigpqu1@zn.tnic> <20210624141111.pzvb6gk5lzfelx26@amd.com> <YNXs1XRu31dFiR2Z@zn.tnic> <8faad91a-f229-dee3-0e1f-0b613596db17@amd.com>

On Fri, Jun 25, 2021 at 10:24:01AM -0500, Brijesh Singh wrote:
> In the case of EFI, the CC blob structure is dynamically allocated
> and passed through the EFI configuration table. The grub will not
> know what value to pass in the cmdline unless we improve it to read
> the EFI configuration table and rebuild the cmdline.

Or simply parse the EFI table.

To repeat my question: why do you need the CC blob in the boot kernel?

Then, how does it work then in the !EFI case?

The script glue that starts the lightweight container goes and
"prepares" that blob and passes it to guest kernel? In which case
setup_data should do the job, methinks.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Follow-Ups:
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Michael Roth

References:
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Borislav Petkov
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Michael Roth
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Borislav Petkov
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Michael Roth
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Borislav Petkov
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Michael Roth
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Borislav Petkov
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Michael Roth
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Borislav Petkov
- Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
  - From: Brijesh Singh

Prev by Date: Re: linux-mm@xxxxxxxxx - limping on a backup
Next by Date: Re: linux-mm@xxxxxxxxx - limping on a backup
Previous by thread: Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
Next by thread: Re: [PATCH Part1 RFC v3 20/22] x86/boot: Add Confidential Computing address to setup_header
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]