-----Original Message-----
From: Paolo Bonzini [mailto:pbonzini@...]
Sent: Thursday, August 22, 2019 4:12 PM
To: Kinney, Michael D <michael.d.kinney@...>;
Laszlo Ersek <lersek@...>; rfc@edk2.groups.io;
Yao, Jiewen <jiewen.yao@...>
Cc: Alex Williamson <alex.williamson@...>;
devel@edk2.groups.io; qemu devel list <qemu-
devel@...>; Igor Mammedov <imammedo@...>;
Chen, Yingwen <yingwen.chen@...>; Nakajima, Jun
<jun.nakajima@...>; Boris Ostrovsky
<boris.ostrovsky@...>; Joao Marcal Lemos Martins
<joao.m.martins@...>; Phillip Goerl
<phillip.goerl@...>
Subject: Re: [edk2-rfc] [edk2-devel] CPU hotplug using
SMM with QEMU+OVMF

On 23/08/19 00:32, Kinney, Michael D wrote:

Paolo,

It is my understanding that real HW hot plug uses the

SDM defined

methods. Meaning the initial SMI is to 3000:8000 and

they rebase to

TSEG in the first SMI. They must have chipset specific

methods to

protect 3000:8000 from DMA.

It would be great if you could check.

Can we add a chipset feature to prevent DMA to 64KB

range from

0x30000-0x3FFFF and the UEFI Memory Map and ACPI

content can be

updated so the Guest OS knows to not use that range for

DMA?

If real hardware does it at the chipset level, we will
probably use Igor's suggestion of aliasing A-seg to
3000:0000. Before starting the new CPU, the SMI handler
can prepare the SMBASE relocation trampoline at
A000:8000 and the hot-plugged CPU will find it at
3000:8000 when it receives the initial SMI. Because this
is backed by RAM at 0xA0000-0xAFFFF, DMA cannot access it
and would still go through to RAM at 0x30000.

Paolo