Re: [PATCH RFC v2 11/28] OvmfPkg: Reserve Secrets page in MEMFD


James Bottomley
 

On Wed, 2021-05-05 at 21:33 +0200, Laszlo Ersek wrote:
On 05/05/21 15:11, Brijesh Singh wrote:
On 5/5/21 1:42 AM, Dov Murik wrote:
[...]
Would it make sense to always use EfiACPIMemoryNVS for the
injected secret area, even for regular SEV (non-SNP)?
Ideally yes. Maybe James had some reasons for choosing the
EfiBootServicesData. If I had to guess, it was mainly because there
no guest kernel support which consumes the SEV secrets page.
git-blame fingers commit bff2811c6d99 ("OvmfPkg/AmdSev: assign and
reserve the Sev Secret area", 2020-12-14).

Commit bff2811c6d99 makes it clear that the area in question lives in
MEMFD.

We're populating the area in the PEI phase. We don't want anything in
DXE to overwrite it.

Once the bootloader (and/or perhaps the kernel's EFI stub) fetched
the secret from that particular location, there is no need to prevent
later parts of the OS (the actual kernel) from repurposing that area.
That's why EfiBootServicesData was used.
That's right: originally the design was not to have the boot secrets
survive boot because they should already be copied into their correct,
and presumably protected, locations by the time exit boot services
comes. The grub code actually shreds the secret in the page once it
consumes it, so the area for a simple disk secret should be empty
anyway.

James

Join devel@edk2.groups.io to automatically receive all group messages.