Re: [PATCH V7 1/1] OvmfPkg: Enable TDX in ResetVector


Gerd Hoffmann
 

On Fri, Sep 24, 2021 at 07:32:33AM +0000, Yao, Jiewen wrote:
Hi Gerd
Having config-a and config-b is proposed by original RedHat rep in EDKII - Laszlo.
We reach the agreement to separate those 2 configuration and AMD SEV is taking same approach.

Are you saying you want to reset the high level plan and unify config-a and config-b into one binary?
There isn't that much of a difference between the normal and amd sev
build. It has additional drivers and the grub boot loader added, smm
support turned off, network stack removed.

The differences between config-a and config-b are much larger according
to the design document. config-b has a completely different
initialization code path, skipping the PEI phase. I see that as a
major problem when it comes to long-term maintenance, and so far nobody
could explain the reason for this.

I'll go read the links to old discussions sent by Min, maybe I find
something there.

Having a config-b with network stack disabled, driver for RTMR trusted
boot added, maybe some other little tweaks but otherwise a boot workflow
identical to config-a is reasonable in my eyes. Merging it with AmdSev
should also be relatively easy then.

take care,
Gerd

Join devel@edk2.groups.io to automatically receive all group messages.