Skip to content

Vmsa ovmf #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 23, 2025
Merged

Vmsa ovmf #10

merged 3 commits into from
Jun 23, 2025

Conversation

jraman567
Copy link
Contributor

No description provided.

@jraman567
Update the VMSA to match latest upstream kernel
81901ab 
The upstream kernel introduced[^1] a new IOCTL called
KVM_SEV_INIT2 which expects some floating point
registers to be set to a value other than zero.
Because of these adjustments, we needed to update
the VMSA structure to match this.

[^1]: [https://lore.kernel.org/kvm/[email protected]/](https://lore.kernel.org/kvm/[email protected]/)
  With KVM_SEV_INIT2, rather than 0, QEMU/KVM will instead begin setting the
  following fields in the VMSA before measurement/encryption:

    VMSA byte offset [1032:1033] = 80 1f (MXCSR, Multimedia Control Status
                                          Register)
    VMSA byte offset [1040:1041] = 7f 03 (FCW, FPU/x86 Control Word)

  Setting FCW (FPU/x86 Control Word) to 0x37f is consistent with 11.5.7 of
  APM Volume 2. MXCSR reset state is not defined for XSAVE, but QEMU's 0x1f80
  value is consistent with machine reset state documented in APM Volume 2
  4.2.2. As such, it is reasonable to begin including these in the VMSA
  measurement calculations.

Based on the following fix: virtee/sev-snp-measure@ae95e59

Signed-off-by: Jagannathan Raman <[email protected]>
@jraman567
Added new OVMF section and updated OVMF binaries and tests
1249d60 
New OVMF changes added section SVSM_CAA to OvmfSevMetadata.

To calculate the measurement with this new section, the new section
has to be added and needs to be treated as zero pages when encountered.

Based on the this commit: virtee/sev-snp-measure@cc93bb0

Signed-off-by: Jagannathan Raman <[email protected]>
@jraman567
Add cpu signature for EPYC-Genoa-v2
f226048 
Signed-off-by: Jagannathan Raman <[email protected]>
@jraman567
Copy link
Contributor Author

@derpsteb Hi Otto, could you please take a look at this PR? Thank you so much!

@jraman567
Copy link
Contributor Author

@derpsteb Did you get a chance to take a look at this? I'm unable to add you as a reviewer to this PR. Thank you!

DGonzalezVillal
DGonzalezVillal approved these changes May 20, 2025
View reviewed changes
Copy link
Member

@DGonzalezVillal DGonzalezVillal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@jraman567
Copy link
Contributor Author

@DGonzalezVillal Thanks for approving the PR! Appreciate it.

Could you please merge it? I don't have the permissions to do it. Thank you!

@jraman567
Copy link
Contributor Author

@DGonzalezVillal Could you please merge this?

@DGonzalezVillal DGonzalezVillal merged commit 74f52d5 into virtee:main Jun 23, 2025
3 checks passed
@DGonzalezVillal
Copy link
Member

My apologies I forgot to merge that one time

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DGonzalezVillal DGonzalezVillal DGonzalezVillal approved these changes

Assignees

@derpsteb derpsteb

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jraman567 @DGonzalezVillal @derpsteb