From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.83])
 by mx.groups.io with SMTP id smtpd.web11.14798.1624902209456317478
 for <devel@edk2.groups.io>;
 Mon, 28 Jun 2021 10:43:29 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=J21hcujj;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.93.83, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=PjPWT0jeJUsmxzDM6U0fIg2gk4GQMMrol6FwyyM0Ta9AfRUCl02jicbhTuq/ixklkVpierRtNu1YPR+mhItmbGVrMYiVeAlTsgx0AvCNEQa59g9T7GjItzIGZpG7PJO2VUrPAuGQPwWiXxIjeWhE/J08wOWML6XSsXHE/osFC09DvSF09ffSG1vYYYjYTDnXCqzkQoExB/sk7vQXiUnaSQ/XW/CkdiiVfB5QNyeQMrHr49Vm9aPVEifTuTJDGOUojAz2OfEU8THHfc3ucDCrpXveqEZPi9ZYXCuL1G2ATMbI7bqPLGNTdj+ov4wikrcagJpG7Tj7RzFFIk+598RHTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=XMZgBd3Jh+HxouexIvwCfYStIy9Rx+WpDBJ4osztmWI=;
 b=LhOzMfGa4vogM6mMT/Z/HMX6lVO7eTkqe9b9RtoAyL6UbjhZQyPHERHtIM766wLg8pqd1eSaioZxh8Fv5NMerOpbzRWUs7d6xwGURkG9wKBUCWl7bBqyo+4CTCQHEmka0B5/6mLt020P0Gpzmg76y6zeJz3NKT1V2UuSPluBPDQEiqpE7htFWC+0PGFeBuU0v2ZHSJ8PRXuvTeDefT5jvCRWfwL3NjPn4mzM7ugFYWkTWShs1njpl+gK4aceHkv75+qcIpaIxQ1n9fesO8/8dAtGejt3mVyTgG70M7/Aq92siRN0r5VacPw8x1OhvnDHyiems2eGFzGBnFNGLesg9w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=XMZgBd3Jh+HxouexIvwCfYStIy9Rx+WpDBJ4osztmWI=;
 b=J21hcujjgEiERUjQDNa9pNo/OFRXuZgCQw4hRKnHOCXrc2LnO868Ybxw1C0VQE8HHNGRw6TtIM6jxbOQ4Fg45UFCMuwcDaoFWjtXJBmRSQnRfwpX6gz9GFl6LdmEgKg5eBLAy0eZUXDpPDdEJYNI3QLimlSm5NWGz77gFS5+1b4=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from DM6PR12MB2714.namprd12.prod.outlook.com (2603:10b6:5:42::18) by
 DM6PR12MB4371.namprd12.prod.outlook.com (2603:10b6:5:2a3::23) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.4264.18; Mon, 28 Jun 2021 17:43:28 +0000
Received: from DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b]) by DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b%5]) with mapi id 15.20.4264.026; Mon, 28 Jun 2021
 17:43:28 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Laszlo Ersek <lersek@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [RFC PATCH v4 06/27] OvmfPkg/ResetVector: introduce SEV-SNP boot block GUID
Date: Mon, 28 Jun 2021 12:42:02 -0500
Message-ID: <20210628174223.1302-7-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210628174223.1302-1-brijesh.singh@amd.com>
References: <20210628174223.1302-1-brijesh.singh@amd.com>
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: SN4PR0601CA0020.namprd06.prod.outlook.com
 (2603:10b6:803:2f::30) To DM6PR12MB2714.namprd12.prod.outlook.com
 (2603:10b6:5:42::18)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0601CA0020.namprd06.prod.outlook.com (2603:10b6:803:2f::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.19 via Frontend Transport; Mon, 28 Jun 2021 17:43:27 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: ddd5b0f7-f55d-4419-36e9-08d93a5c3caf
X-MS-TrafficTypeDiagnostic: DM6PR12MB4371:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM6PR12MB4371D1B83936B38FB464E089E5039@DM6PR12MB4371.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:1728;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	ZScQtCxnP0SiqsSKlNvVgDg4td/7MhedfvfAqsfjjeB4oPno0y7QS9r/izGFSBL2UHVxmJQuz3RA7AIRNBZQc2Z5EPBef64cAi9tSwaKfKI5qgTUHkfh0fWLi/6THSnUSIGVBYVa/0JYCW7p85obi+UxTvwDHIxAbUadXykKOP19l2zNAJn2AA86YMQtQBsPHtMb/Y96oGn6nWFaQ81Jyr5LtcyuPIRA12vbd1bEKhvIcJZvES0Pa/oDn4u2A0miZs2/dX3EfXO9b82lFJ1bHvnd5pMI8hHxUVG5bD8XwG3zVjzFZorbuFrONtIi5BQnS8JJW6+U/JCgn2rpjS9FM5r5lTzVWwNavavwyuITYuMOqB10azsYhIhmqLijvWDwFsLKTDR0sOjXNztazQTI9xP8ksPt3s+G1EZGDf5X6zRaQCRwmlsBFiVRn2BHT9YrSAKjSglH7DU4Nni8m4xNCPWFyYye3XdvCsXUebU/vxmlrRkHUW45wIsMGvpwzrW9B/iJ1aFVQGd6bbp69tGZoWmsi5dwuqlFEHleoMme0JXVA642rrNje+YKLNUELyOuGtBJ3UUaCP9Qym6x4dO7svv2YT9BcXz9gdch0XrcLV2Sorx6gJ+I2lDAnMqtkYKNatHp6vjHqsnrMfvxe6np+CSm7OdrFFkPzACIszNa0OdxvhcXSQKK7bobwG/sJHftD/SMn8uzTUxP/td81d/j+zQPHO6hAf+Um1bVSooxqc/0NDX+uS7bkeZ4hIrFcBPcn52NbmiFlvSaVYl5nH4J7i8wOXhUd93ldYrsDCXE7qlmvbp4uEYZ6Frir6G0rjaXloFE8Dv3qYLRtrKyfG+Tgg==
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR12MB2714.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(136003)(376002)(396003)(346002)(366004)(8676002)(8936002)(83380400001)(7416002)(66946007)(1076003)(36756003)(478600001)(7696005)(19627235002)(38100700002)(186003)(38350700002)(2906002)(26005)(44832011)(52116002)(16526019)(966005)(6666004)(6916009)(4326008)(54906003)(86362001)(5660300002)(2616005)(66556008)(956004)(66476007)(6486002)(316002);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?sALah0tjxewZl6Ceo+UMswne3eM3BFzF/dax0goyeUvzDwNaVtOcdOkFHAbq?=
 =?us-ascii?Q?PsWqL5QCi4uJAnna+cnrEBimYFx7a6RdHaobGlb9L+jrQcVYimAeJbb7afBQ?=
 =?us-ascii?Q?RVj1k86Ggl0m0Hd8CSaVuNflg51zArnXyEvglWJSlrkC6dYB3GBrczysRt0w?=
 =?us-ascii?Q?msA7hBngx1HNXPH7ckjbPi8ZiUlDa8i4/f/mkCR1xdF7LBx4xY948bP5MH+d?=
 =?us-ascii?Q?ieBIJBsAb6lKoFmElt4x2+WBbgBiKQhOSt5GklK31g2iVY1m0m9UO5WbdJ3/?=
 =?us-ascii?Q?aIfRs23ptHFYqO82ZMc5Pn9yf+7KWd7aqxTNu2ldupXUpIpUJwvjXj8Ii8nn?=
 =?us-ascii?Q?hHaPEgpckyYb40Y0PELcvGYuICPY2lT5if4ySdVLtfYM6/RfuOn/D+OXUmON?=
 =?us-ascii?Q?fisnYemecVOcwZwHALCAbLNplfrunnwuoJnw+wsCe/HgmxBg64wWRv9yYx58?=
 =?us-ascii?Q?SOKvwfT3BBDLBAPGNyWg2uIhUrbU1ZEPP2vM5DU7yFCET+ylHsAl6zdZUqTX?=
 =?us-ascii?Q?TU2IL2wGn5+D8MXSZlS1A2zK3xFDg1pDPAFGSSVKNaWHsp5X8geNmB77UsLb?=
 =?us-ascii?Q?gXoQibcOejUTiUHJGiKzNAZyKKmoh4wyWRiPKQd8XayGwN0+H70cdqwcn75S?=
 =?us-ascii?Q?W+omOP4tllniiqkB2jxZttUwP1fnKZo39EsUUJO1jzCvnF4RQqxN7RoxyvNe?=
 =?us-ascii?Q?9nkozo7h8wVpRlqrfvQb9a227k3mgQZPSgKkzv015switguOsRq4Dk5ZI9AE?=
 =?us-ascii?Q?i2b01JSOWfL3GlZEzAC8645gbsinNqiJ01e7dHzKhp+zS7QzahDmnKcIt6HE?=
 =?us-ascii?Q?u5udLiuLW753M+7lIWjvu45CPcnq7HMS0lOFhlgwrxzXDuE2CjX1dk8/8/uC?=
 =?us-ascii?Q?UxkogedR/g6M37uwOCPVBwiVuHxyaNRDJRNAZMLGdi/be7B2YrFUwEgd4R8Z?=
 =?us-ascii?Q?Stcyx7GaovG99g+GRhKDZjEow39E38CJI2hWtpCmivGc+mPr/+14rwbI6QQq?=
 =?us-ascii?Q?MWDHX7OYPBaJ8GbSZJ0dU6y68Jpf1Rwcp8ICu83C/fwh9Idf37SOpzUR7SzM?=
 =?us-ascii?Q?W+zH0MJO4vkplmgKNHbFjt7zykZ6W2NaL4PNUcGgWRLnwUBSLxkZbsqJzt/T?=
 =?us-ascii?Q?vsSAAy64rhzdwTEMg6qfdNxv4W+5xZ336LxB1WvaECVmkc8jZYk8i8Ltyw5O?=
 =?us-ascii?Q?oXxEietPJHEJAmTd53nE+tV8vMbeuu6r+q1yd+06VYiGH9YFAmWEpXFZEU9w?=
 =?us-ascii?Q?hx/ArBwWe06QgeXteV0xzkTq/VbL270wWUcQrFgyJe49+f15lcl5S1YAD1PJ?=
 =?us-ascii?Q?CSvP9lEMPUV+f59vHjeRYjnO?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ddd5b0f7-f55d-4419-36e9-08d93a5c3caf
X-MS-Exchange-CrossTenant-AuthSource: DM6PR12MB2714.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jun 2021 17:43:28.0503
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: cxhq84xQhWzHSGIDIqVMzGqSJ1fP+SGOmntzX8OYjGkv/XUJOkTyFU+SKBK/+y2c1wXM22twFPe+MoOSHyUMXQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4371
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Introduce a new SEV-SNP boot-specific GUID block. The block is used to
communicate the secrets and cpuid memory area reserved by the guest BIOS.
When SEV-SNP is enabled, the hypervisor will locate the SEV-SNP boot
block to get the location of the Secrets and CPUID page and call the
PSP firmware command to populate those memory areas.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/ResetVector/ResetVector.inf          |  4 ++++
 OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 22 ++++++++++++++++++++
 OvmfPkg/ResetVector/ResetVector.nasmb        |  4 ++++
 3 files changed, 30 insertions(+)

diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese=
tVector.inf
index dc38f68919cd..9a95d8687345 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -47,3 +47,7 @@ [Pcd]
 [FixedPcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidSize
diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVe=
ctor/Ia16/ResetVectorVtf0.asm
index 9c0b5853a46f..ecf1dbcc2caf 100644
--- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
+++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
@@ -47,6 +47,28 @@ TIMES (15 - ((guidedStructureEnd - guidedStructureStart =
+ 15) % 16)) DB 0
 ;
 guidedStructureStart:
=20
+;
+; SEV-SNP boot support
+;
+; sevSnpBlock:
+;   For the initial boot of SEV-SNP guest, a CPUID and Secrets page must
+;   be reserved by the BIOS at a RAM area defined by SNP_CPUID_BASE and
+;   SNP_SECRETS_BASE. A hypervisor will locate this information using the
+;   SEV-SNP boot block GUID and provide the GPA to the PSP to populate
+;   the memory area with the required information..
+;
+; GUID (SEV-SNP boot block): bd39c0c2-2f8e-4243-83e8-1b74cebcb7d9
+;
+sevSnpBootBlockStart:
+    DD      SNP_SECRETS_BASE
+    DD      SNP_SECRETS_SIZE
+    DD      SNP_CPUID_BASE
+    DD      SNP_CPUID_SIZE
+    DW      sevSnpBootBlockEnd - sevSnpBootBlockStart
+    DB      0xC2, 0xC0, 0x39, 0xBD, 0x8e, 0x2F, 0x43, 0x42
+    DB      0x83, 0xE8, 0x1B, 0x74, 0xCE, 0xBC, 0xB7, 0xD9
+sevSnpBootBlockEnd:
+
 ;
 ; SEV Secret block
 ;
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re=
setVector.nasmb
index 8a3269cfc212..247f4eb0dc5e 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -89,5 +89,9 @@
   %define SEV_ES_AP_RESET_IP  FixedPcdGet32 (PcdSevEsWorkAreaBase)
   %define SEV_LAUNCH_SECRET_BASE  FixedPcdGet32 (PcdSevLaunchSecretBase)
   %define SEV_LAUNCH_SECRET_SIZE  FixedPcdGet32 (PcdSevLaunchSecretSize)
+  %define SNP_CPUID_BASE  FixedPcdGet32 (PcdOvmfSnpCpuidBase)
+  %define SNP_CPUID_SIZE  FixedPcdGet32 (PcdOvmfSnpCpuidSize)
+  %define SNP_SECRETS_BASE  FixedPcdGet32 (PcdOvmfSnpSecretsBase)
+  %define SNP_SECRETS_SIZE  FixedPcdGet32 (PcdOvmfSnpSecretsSize)
 %include "Ia16/ResetVectorVtf0.asm"
=20
--=20
2.17.1