From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: "Gerd Hoffmann" <kraxel@redhat.com>,
"Philippe Mathieu-Daudé" <philippe.mathieu.daude@gmail.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Michael S. Tsirkin" <mst@redhat.com>,
"Marcel Apfelbaum" <marcel.apfelbaum@gmail.com>,
"Cornelia Huck" <cohuck@redhat.com>,
"Marcelo Tosatti" <mtosatti@redhat.com>,
"Laszlo Ersek" <lersek@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Connor Kuehl" <ckuehl@redhat.com>,
isaku.yamahata@intel.com, erdemaktas@google.com,
kvm@vger.kernel.org, qemu-devel@nongnu.org, seanjc@google.com
Subject: Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF
Date: Thu, 24 Mar 2022 08:52:39 +0000 [thread overview]
Message-ID: <YjwxV6++RxdpXt6M@redhat.com> (raw)
In-Reply-To: <e7fb2eab-b2b1-dd0e-4821-4cca40751d15@intel.com>
On Thu, Mar 24, 2022 at 02:13:53PM +0800, Xiaoyao Li wrote:
> On 3/22/2022 5:29 PM, Daniel P. Berrangé wrote:
> > On Tue, Mar 22, 2022 at 10:21:41AM +0100, Gerd Hoffmann wrote:
> > > Hi,
> > >
> > > > > If you don't need a pflash device, don't use it: simply map your nvram
> > > > > region as ram in your machine. No need to clutter the pflash model like
> > > > > that.
> > >
> > > Using the pflash device for something which isn't actually flash looks a
> > > bit silly indeed.
> > >
> > > >
> > > > I know it's dirty to hack the pflash device. The purpose is to make the user
> > > > interface unchanged that people can still use
> > > >
> > > > -drive if=pflash,format=raw,unit=0,file=/path/to/OVMF_CODE.fd
> > > > -drive if=pflash,format=raw,unit=1,file=/path/to/OVMF_VARS.fd
> > > >
> > > > to create TD guest.
> > >
> > > Well, if persistent vars are not supported anyway there is little reason
> > > to split the firmware into CODE and VARS files. You can use just use
> > > OVMF.fd with a single pflash device. libvirt recently got support for
> > > that.
> >
> > Agreed.
>
> The purpose of using split firmware is that people can share the same
> code.fd while using different vars.fd
That's fine for firmware that writes to vars.fd, but it was said earlier
that changes aren't written with TDX (nor are they written with SEV),
so a separate vars.fd serves no pupose in these cases.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
WARNING: multiple messages have this Message-ID (diff)
From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: isaku.yamahata@intel.com, "Marcelo Tosatti" <mtosatti@redhat.com>,
kvm@vger.kernel.org, "Michael S. Tsirkin" <mst@redhat.com>,
"Connor Kuehl" <ckuehl@redhat.com>,
"Eric Blake" <eblake@redhat.com>,
"Cornelia Huck" <cohuck@redhat.com>,
"Richard Henderson" <richard.henderson@linaro.org>,
"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
qemu-devel@nongnu.org,
"Philippe Mathieu-Daudé" <philippe.mathieu.daude@gmail.com>,
"Gerd Hoffmann" <kraxel@redhat.com>,
seanjc@google.com, erdemaktas@google.com,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Laszlo Ersek" <lersek@redhat.com>
Subject: Re: [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF
Date: Thu, 24 Mar 2022 08:52:39 +0000 [thread overview]
Message-ID: <YjwxV6++RxdpXt6M@redhat.com> (raw)
In-Reply-To: <e7fb2eab-b2b1-dd0e-4821-4cca40751d15@intel.com>
On Thu, Mar 24, 2022 at 02:13:53PM +0800, Xiaoyao Li wrote:
> On 3/22/2022 5:29 PM, Daniel P. Berrangé wrote:
> > On Tue, Mar 22, 2022 at 10:21:41AM +0100, Gerd Hoffmann wrote:
> > > Hi,
> > >
> > > > > If you don't need a pflash device, don't use it: simply map your nvram
> > > > > region as ram in your machine. No need to clutter the pflash model like
> > > > > that.
> > >
> > > Using the pflash device for something which isn't actually flash looks a
> > > bit silly indeed.
> > >
> > > >
> > > > I know it's dirty to hack the pflash device. The purpose is to make the user
> > > > interface unchanged that people can still use
> > > >
> > > > -drive if=pflash,format=raw,unit=0,file=/path/to/OVMF_CODE.fd
> > > > -drive if=pflash,format=raw,unit=1,file=/path/to/OVMF_VARS.fd
> > > >
> > > > to create TD guest.
> > >
> > > Well, if persistent vars are not supported anyway there is little reason
> > > to split the firmware into CODE and VARS files. You can use just use
> > > OVMF.fd with a single pflash device. libvirt recently got support for
> > > that.
> >
> > Agreed.
>
> The purpose of using split firmware is that people can share the same
> code.fd while using different vars.fd
That's fine for firmware that writes to vars.fd, but it was said earlier
that changes aren't written with TDX (nor are they written with SEV),
so a separate vars.fd serves no pupose in these cases.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2022-03-24 8:53 UTC|newest]
Thread overview: 154+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-17 13:58 [RFC PATCH v3 00/36] TDX QEMU support Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 01/36] *** HACK *** linux-headers: Update headers to pull in TDX API changes Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 02/36] i386: Introduce tdx-guest object Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 03/36] target/i386: Implement mc->kvm_type() to get VM type Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 04/36] target/i386: Introduce kvm_confidential_guest_init() Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 05/36] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 2:07 ` Isaku Yamahata
2022-03-18 2:07 ` Isaku Yamahata
2022-03-21 5:35 ` Xiaoyao Li
2022-03-21 5:35 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 06/36] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 2:08 ` Isaku Yamahata
2022-03-18 2:08 ` Isaku Yamahata
2022-03-21 6:56 ` Xiaoyao Li
2022-03-21 6:56 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 07/36] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 08/36] i386/tdx: Adjust get_supported_cpuid() for TDX VM Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 16:55 ` Isaku Yamahata
2022-03-18 16:55 ` Isaku Yamahata
2022-03-21 5:37 ` Xiaoyao Li
2022-03-21 5:37 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 09/36] KVM: Introduce kvm_arch_pre_create_vcpu() Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 16:56 ` Isaku Yamahata
2022-03-18 16:56 ` Isaku Yamahata
2022-03-21 7:02 ` Xiaoyao Li
2022-03-21 7:02 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 10/36] i386/kvm: Move architectural CPUID leaf generation to separate helper Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 11/36] i386/tdx: Initialize TDX before creating TD vcpus Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 12/36] i386/tdx: Add property sept-ve-disable for tdx-guest object Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-22 9:02 ` Gerd Hoffmann
2022-03-22 9:02 ` Gerd Hoffmann
2022-03-24 6:52 ` Xiaoyao Li
2022-03-24 6:52 ` Xiaoyao Li
2022-03-24 7:57 ` Gerd Hoffmann
2022-03-24 7:57 ` Gerd Hoffmann
2022-03-24 8:08 ` Xiaoyao Li
2022-03-24 8:08 ` Xiaoyao Li
2022-03-24 9:37 ` Gerd Hoffmann
2022-03-24 9:37 ` Gerd Hoffmann
2022-03-24 14:36 ` Xiaoyao Li
2022-03-24 14:36 ` Xiaoyao Li
2022-03-25 1:35 ` Isaku Yamahata
2022-03-25 1:35 ` Isaku Yamahata
2022-03-17 13:58 ` [RFC PATCH v3 13/36] i386/tdx: Wire CPU features up with attributes of TD guest Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 14/36] i386/tdx: Validate TD attributes Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 15/36] i386/tdx: Implement user specified tsc frequency Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 16/36] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 17:11 ` Isaku Yamahata
2022-03-18 17:11 ` Isaku Yamahata
2022-03-21 8:15 ` Xiaoyao Li
2022-03-21 8:15 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 17/36] pflash_cfi01/tdx: Introduce ram_mode of pflash for TDVF Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 14:07 ` Philippe Mathieu-Daudé
2022-03-18 14:07 ` Philippe Mathieu-Daudé
2022-03-21 8:54 ` Xiaoyao Li
2022-03-21 8:54 ` Xiaoyao Li
2022-03-21 22:06 ` Isaku Yamahata
2022-03-21 22:06 ` Isaku Yamahata
2022-03-22 9:21 ` Gerd Hoffmann
2022-03-22 9:21 ` Gerd Hoffmann
2022-03-22 9:29 ` Daniel P. Berrangé
2022-03-22 9:29 ` Daniel P. Berrangé
2022-03-22 10:35 ` Gerd Hoffmann
2022-03-22 10:35 ` Gerd Hoffmann
2022-03-22 10:51 ` Daniel P. Berrangé
2022-03-22 10:51 ` Daniel P. Berrangé
2022-03-22 12:20 ` Gerd Hoffmann
2022-03-22 12:20 ` Gerd Hoffmann
2022-03-24 8:35 ` Gerd Hoffmann
2022-03-24 8:35 ` Gerd Hoffmann
2022-03-31 6:57 ` Xiaoyao Li
2022-03-31 6:57 ` Xiaoyao Li
2022-03-24 6:13 ` Xiaoyao Li
2022-03-24 6:13 ` Xiaoyao Li
2022-03-24 7:58 ` Gerd Hoffmann
2022-03-24 7:58 ` Gerd Hoffmann
2022-03-24 8:18 ` Xiaoyao Li
2022-03-24 8:18 ` Xiaoyao Li
2022-03-24 8:52 ` Daniel P. Berrangé [this message]
2022-03-24 8:52 ` Daniel P. Berrangé
2022-03-22 9:27 ` Daniel P. Berrangé
2022-03-22 9:27 ` Daniel P. Berrangé
2022-03-31 8:51 ` Xiaoyao Li
2022-03-31 8:51 ` Xiaoyao Li
2022-03-31 9:00 ` Daniel P. Berrangé
2022-03-31 9:00 ` Daniel P. Berrangé
2022-03-31 14:50 ` Xiaoyao Li
2022-03-31 14:50 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 18/36] i386/tdvf: Introduce function to parse TDVF metadata Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-18 17:19 ` Isaku Yamahata
2022-03-18 17:19 ` Isaku Yamahata
2022-03-21 6:11 ` Xiaoyao Li
2022-03-21 6:11 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 19/36] i386/tdx: Parse TDVF metadata for TDX VM Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 20/36] i386/tdx: Get and store the mem_ptr of TDVF firmware Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 21/36] i386/tdx: Track mem_ptr for each firmware entry of TDVF Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:58 ` [RFC PATCH v3 22/36] i386/tdx: Track RAM entries for TDX VM Xiaoyao Li
2022-03-17 13:58 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 23/36] i386/tdx: Create the TD HOB list upon machine init done Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 24/36] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 25/36] i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 26/36] i386/tdx: Finalize TDX VM Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 27/36] i386/tdx: Disable SMM for TDX VMs Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-21 6:51 ` Xiaoyao Li
2022-03-21 6:51 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 28/36] i386/tdx: Disable PIC " Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 29/36] i386/tdx: Don't allow system reset " Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 30/36] hw/i386: add eoi_intercept_unsupported member to X86MachineState Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 31/36] hw/i386: add option to forcibly report edge trigger in acpi tables Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 32/36] i386/tdx: Don't synchronize guest tsc for TDs Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 33/36] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() " Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-18 17:31 ` Isaku Yamahata
2022-03-18 17:31 ` Isaku Yamahata
2022-03-21 6:08 ` Xiaoyao Li
2022-03-21 6:08 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 34/36] i386/tdx: Skip kvm_put_apicbase() " Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 35/36] i386/tdx: Don't get/put guest state for TDX VMs Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
2022-03-17 13:59 ` [RFC PATCH v3 36/36] docs: Add TDX documentation Xiaoyao Li
2022-03-17 13:59 ` Xiaoyao Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YjwxV6++RxdpXt6M@redhat.com \
--to=berrange@redhat.com \
--cc=ckuehl@redhat.com \
--cc=cohuck@redhat.com \
--cc=eblake@redhat.com \
--cc=erdemaktas@google.com \
--cc=f4bug@amsat.org \
--cc=isaku.yamahata@intel.com \
--cc=kraxel@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=lersek@redhat.com \
--cc=marcel.apfelbaum@gmail.com \
--cc=mst@redhat.com \
--cc=mtosatti@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philippe.mathieu.daude@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=seanjc@google.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.