Re: [PATCH v8 17/32] OvmfPkg/MemEncryptSevLib: add support to validate > 4GB memory in PEI phase

Gerd Hoffmann

On Mon, Sep 20, 2021 at 01:45:49PM -0500, Brijesh Singh wrote:

The initial page built during the SEC phase is used by the
MemEncryptSevSnpValidateSystemRam() for the system RAM validation. The
page validation process requires using the PVALIDATE instruction; the
instruction accepts a virtual address of the memory region that needs
to be validated. If hardware encounters a page table walk failure (due
to page-not-present) then it raises #GP.

The initial page table built in SEC phase address up to 4GB. Add an
internal function to extend the page table to cover > 4GB. The function
builds 1GB entries in the page table for access > 4GB. This will provide
the support to call PVALIDATE instruction for the virtual address >
4GB in PEI phase.
Hmm, well, playing with page tables like that in sev-specific code
instead of having memory core handle this properly is quite hackish.

What is the long-term plan with this? I assume once support for lazy
acceptance/validation is merged we can simply delete this?

Assuming this is only a temporary solution I think we can tolerate the

take care,

Join to automatically receive all group messages.