Re: [PATCH v1 1/2] Implemented AMD SEV discovery and enabling.

[Vaishali Thakkar <vaishali.thakkar@xxxxxxxxxx>]

On 4/12/24 5:07 PM, Andrew Cooper wrote:
> On 12/04/2024 3:38 pm, Vaishali Thakkar wrote:
> > On 4/12/24 4:06 PM, Andrei Semenov wrote:
> > > On 4/11/24 20:32, Andrew Cooper wrote:
> > > > On 10/04/2024 4:36 pm, Andrei Semenov wrote:
> > > > > +    }
> > > > > +
> > > > > +    if (!(cpu_has_sme || cpu_has_sev))
> > > > > +        return;
> > > > > +
> > > > > +    if (!smp_processor_id()) {
> > > > > +        if (cpu_has_sev)
> > > > > +            printk(XENLOG_INFO "SEV: ASID range [0x%x - 0x%x]\n",
> > > > > +            min_sev_asid, max_sev_asid);
> > > > Why do we have a min as well as a max?  Isn't min always 1?
> > In the case of SEV, it's not true. Some BIOS allow to set the
> > min_asid. So yeah Xen will also need to adapted for the same.
> > I've a WIP patch for allowing dynamic generation of asid in such
> > a case.
> I also got an answer to this out of a contact of mine at AMD.
>
> The ASID space is divided, 1->$N for SEV-ES/SNP guest, and $N->$M for
> SEV guests.
>
> It is a security issue to start a guest as ES/SNP, then "migrate" it to
> being SEV-only, so the different types are tracked explicitly.
Aha, yeah that seems like a better explanation. Thanks for checking with
the AMD person.

> ~Andrew