From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.47])
 by mx.groups.io with SMTP id smtpd.web11.5550.1625057651281656886
 for <devel@edk2.groups.io>;
 Wed, 30 Jun 2021 05:54:11 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=OqkNxej0;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.47, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=CcPDwF6Mmcsxi2p7i8hKve9pkpucR4mNBGGiBUgBgz5JI8hX8DPlhiy7/PGIvwkYGuQzHy9pyuYw3SMad19hqPfYNzNdusDYlYPno1nfCsgJbAyWWwfIZ0iQVAB65+njN4X+Wpgu/beW9CwxCuxeuqppIXmElF8DXGhw9Cy2PqEBTi9OD+14AZL/FPUN6mHqbH7YjFgcFBImpv+6APUHX8qBGqD/IZ0x76n2Pil4dJuaPhnecTLsQAgq3rkyBKFpbs1TX3m9WQrCurt3bRbvjCLHPt/JqIMcbMhmoI4AYiT/x1H/py/E1XzEPap032GEPOVBNc0W6kaqJHMKrbKzNg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=XMZgBd3Jh+HxouexIvwCfYStIy9Rx+WpDBJ4osztmWI=;
 b=BDZCKVs5MKDwnnPyKJZ5i7zH5IeqsfAqC3Dd0je/3EmjYgN1IVZ7+dHt0uNO495ilMTG0pNvef7SJPLvW3NkMXM4YrdQsitZWMf9+BCYjS3ZnXnMV7VfEy1KhPqD3rwIbS5wGJsyNT2wuMMwf7sLpFGjCc5XDLAIB8oYMwQGkjMKHVZuqJf7PEEk+T6W+/JVH/Re0sQQxGCEVdqAeT2rwSGhNdVOn++1d2OMl760F1h7iqbQlJWO/OYP6fFu1DFfXfuXs4nU5q2hlmKSqvOAtKHzuObyLoftjQPSO5AODKMI+jTg2+9CgDgCSuLkuVwawBwk173TphBKt2iitT9S4A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=XMZgBd3Jh+HxouexIvwCfYStIy9Rx+WpDBJ4osztmWI=;
 b=OqkNxej08flTEPTEAGALqJt21vXWg8ZdDcmQMvdP0AfhgcDaoSL2JeYqSky0ly7wpRV2/eJMfjgonTF1fMPVc8lE9h5YdJDxxzYQJVjJFlCiSIDtLUyxKZoC8SlfeQJ6cfkWHfRVQThs6KL4DXaCliRbv8a2L8dF55EclFTGsGs=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from DM6PR12MB2714.namprd12.prod.outlook.com (2603:10b6:5:42::18) by
 DM5PR1201MB0076.namprd12.prod.outlook.com (2603:10b6:4:55::14) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.4264.20; Wed, 30 Jun 2021 12:54:09 +0000
Received: from DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b]) by DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b%5]) with mapi id 15.20.4264.026; Wed, 30 Jun 2021
 12:54:09 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Laszlo Ersek <lersek@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [RFC PATCH v5 06/28] OvmfPkg/ResetVector: introduce SEV-SNP boot block GUID
Date: Wed, 30 Jun 2021 07:52:59 -0500
Message-ID: <20210630125321.30278-7-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210630125321.30278-1-brijesh.singh@amd.com>
References: <20210630125321.30278-1-brijesh.singh@amd.com>
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: SA9PR13CA0018.namprd13.prod.outlook.com
 (2603:10b6:806:21::23) To DM6PR12MB2714.namprd12.prod.outlook.com
 (2603:10b6:5:42::18)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9PR13CA0018.namprd13.prod.outlook.com (2603:10b6:806:21::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4287.14 via Frontend Transport; Wed, 30 Jun 2021 12:54:08 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 413250f4-a432-4c4b-baa3-08d93bc626c3
X-MS-TrafficTypeDiagnostic: DM5PR1201MB0076:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM5PR1201MB00767508158CB7CD9A21EF0EE5019@DM5PR1201MB0076.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:1728;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	ZpVA6nBBEPyCf1ZJO3PAwskcJhXdokvaq/hb0ytuZ5w3rOCt9eCV2lVJVXzgd7nFnQRte7z/PkPYfHaYDG3Uw93WYP7tugB1cnrxCQCYNm+fSOvunQmrqmEbVWLcE9Jl9cTLVxFivo7xBbmkTIofmxHg0e5Y5dDObb95qn1IVMe8P8wTpkVLb4gp8BdKke6I8zvIiu4MbT2b90Az4wn42f/BQeHCLeRCbfgSp5CUpUqJYdasknb99glrN7VLcKeYtgFtHbAs/mgpRaXb2Wm3cocN7sjrg+QE9+L9dux07N74x+g167LFaUcFfBb7qygl5ClVBvDECdEJyrDP4bHhz+g1qhySdacBzyC+Et3+oXH6IG4YKLsfuWjUtQHbxf9U6jiTW/V7d6Mlsg2i7sRJUDdCeDHKbBdkn489AARR//rmhpdAuXjSfIKgXRcWWNRGrIXBiOR5gLcEiv6qPtWs3nq8Mdre8j9vFWWOsYdjdLwJYmkonBM1tklx9Tba0znkiXN1leWVprSUn0jePk5mEPH+MR+J1CXH73ljaPgDFKcTIpDRbYvw7OxHmTT2GCymDaHS5vgdOH/6Z4eojkcIrBAIIeGrfYKtHjvIl6wR4Qn25YnTTsgkML+fc9O2dY05iB5kYnrZw/9NiYDwQ41j1HqD5oax98MmEORsvRb2G6pmykcW55li605M0Kzvj0tHweWzrsAjN2g6xMSau17i/aLUl2iNMOXfZYs2e9S7KxUqVsG5roz4d2kZuP+G5fhLzT7BjmM9BARnljWYIJELpOBwvKvqYYFKb76VqsKfxQK/9aXJUlIa6sQ+tyOFGmWjpo529BK5YC7kpRmmY+2JIg==
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR12MB2714.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(366004)(346002)(39860400002)(396003)(7696005)(1076003)(8676002)(16526019)(8936002)(6666004)(2616005)(4326008)(956004)(38350700002)(38100700002)(478600001)(186003)(6486002)(19627235002)(66556008)(66476007)(26005)(7416002)(316002)(966005)(86362001)(66946007)(52116002)(36756003)(54906003)(5660300002)(2906002)(6916009)(44832011)(83380400001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?nFeTWEnc44ulSLyDcUKe5lCb5zxeLdsvH8A8n0TrJzK68dcEA6E+kVWrdjMr?=
 =?us-ascii?Q?1VEPBPOIdak4d+H8PQcR5k51Kg5KSdaiLNdZicH+D8J8uqYzOxWOudZyffxY?=
 =?us-ascii?Q?utOP2tTzRU+Se4Ntg94war93JVbEQorfIsPRJenKVjaXjKqAv9QL0FC8yLHk?=
 =?us-ascii?Q?P7fGkyFIZ+XTPfhTK2iauRAIO7YwyHhWoTG6F2ZpifPMQDOMH3Q3PXs2eGp7?=
 =?us-ascii?Q?bry1E3DsOHCdBod2QZxK3d4JdZyrSg+cgkrOw8pFP51ptS9IOZOwcTcBViaK?=
 =?us-ascii?Q?JSnqNbVq5ZLWHkJ2qvYweZ5cte3kLki+eV8Sf57BFmHANXS7RTNsrf7n7NHQ?=
 =?us-ascii?Q?nf33/GO9hJwreWYJ75Xiy8WHPL0wIa9+SFFf3idrdSXVd/zh1y2syQND27NS?=
 =?us-ascii?Q?d/IanQgBGmJ8K1P/F5KMDKASMfvQ+1d7jigwwchmz/jp64JbmKvh+9TC7Nui?=
 =?us-ascii?Q?3VfRz24K3cpAkssD6sR04eS4RriE9NEO1E5DVsjpwBdsxeTYUvc94V50Ycn0?=
 =?us-ascii?Q?knnK9rN/TqZW54vD8R8QI5fKknQFjm561tr5G8Y/JiQc+D5tqowEjQFh/BEq?=
 =?us-ascii?Q?gFH09PZOZQLHFjEuPSznfGWQYEHs+D4LGiZztCxLV4rVMck5/2U+IGkdWOFN?=
 =?us-ascii?Q?ln4L5KYrdiS2kkTszWkTLV6l5TbPHkwwr0Z0bJT5+hI8M/bu6r36txITnbbC?=
 =?us-ascii?Q?7ECl/rA95HMLHVtw9Pagcmzv04vHrXbVk0ZQepfPsVjSxfxHci9YczahSmfF?=
 =?us-ascii?Q?qBZsNdzH6Tq0G0xxPf+9cQSTzWYYwmOFRWenGr4/saHzHuAJhRd3RePNTpVZ?=
 =?us-ascii?Q?k4CBqYqoxckBdP+5yVESNXWEVuA+ZiGpPvfHavC4UpXSULPT+yuwykY3/8wd?=
 =?us-ascii?Q?NQQgFOx8hlvmdUoY9HTtEWLWpzJcPuUFlMh2fRP6BsTL6svxLRhNw3q2MXfu?=
 =?us-ascii?Q?3kRxNO2ec9fhmlMEVlowX4nbCijUhi8E8aOcZVrr7/CjrwuNJBXYVbdXhkB6?=
 =?us-ascii?Q?dqzKydKpCxCcs/x8jLqgSl05CT4nhODN6bF6hP/6WVHNZ1Rj0amRMTQTI0+w?=
 =?us-ascii?Q?h+I5DBBbO2Ba88n9DAgqE9IetfUWgQkLlWm1ACeArppzYT4DYa/BtFrqNbZY?=
 =?us-ascii?Q?vjxV1dsKvK8m3AIqxa3hgv9tf7wKQ/SXmbzAS2JeqqsXJnAkH8ImKBk5sbYh?=
 =?us-ascii?Q?jUkM17kEKkfZaxE7rn1utUHUUJGXefqPoJal2NcIyd0WuLcFyrfACO0zBmjZ?=
 =?us-ascii?Q?l8g7KPomeA8w32XvYy9SnVd2nk+6iz/5zjwSUAHKVaRSfvPvvtpzAtqMzt0h?=
 =?us-ascii?Q?wyTYyz4anrfvVFhrzTWzrk36?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 413250f4-a432-4c4b-baa3-08d93bc626c3
X-MS-Exchange-CrossTenant-AuthSource: DM6PR12MB2714.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jun 2021 12:54:09.1859
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 9rPnK5EPEKKfSgvvMblji7ySgrGiLMLh1kQ4+bLKaULcqqRG+qHwuIv1W+XJzGQy8lRTY9nwVi3sY6UQkfjZfQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1201MB0076
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Introduce a new SEV-SNP boot-specific GUID block. The block is used to
communicate the secrets and cpuid memory area reserved by the guest BIOS.
When SEV-SNP is enabled, the hypervisor will locate the SEV-SNP boot
block to get the location of the Secrets and CPUID page and call the
PSP firmware command to populate those memory areas.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/ResetVector/ResetVector.inf          |  4 ++++
 OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 22 ++++++++++++++++++++
 OvmfPkg/ResetVector/ResetVector.nasmb        |  4 ++++
 3 files changed, 30 insertions(+)

diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese=
tVector.inf
index dc38f68919cd..9a95d8687345 100644
--- a/OvmfPkg/ResetVector/ResetVector.inf
+++ b/OvmfPkg/ResetVector/ResetVector.inf
@@ -47,3 +47,7 @@ [Pcd]
 [FixedPcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
   gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidSize
diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVe=
ctor/Ia16/ResetVectorVtf0.asm
index 9c0b5853a46f..ecf1dbcc2caf 100644
--- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
+++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm
@@ -47,6 +47,28 @@ TIMES (15 - ((guidedStructureEnd - guidedStructureStart =
+ 15) % 16)) DB 0
 ;
 guidedStructureStart:
=20
+;
+; SEV-SNP boot support
+;
+; sevSnpBlock:
+;   For the initial boot of SEV-SNP guest, a CPUID and Secrets page must
+;   be reserved by the BIOS at a RAM area defined by SNP_CPUID_BASE and
+;   SNP_SECRETS_BASE. A hypervisor will locate this information using the
+;   SEV-SNP boot block GUID and provide the GPA to the PSP to populate
+;   the memory area with the required information..
+;
+; GUID (SEV-SNP boot block): bd39c0c2-2f8e-4243-83e8-1b74cebcb7d9
+;
+sevSnpBootBlockStart:
+    DD      SNP_SECRETS_BASE
+    DD      SNP_SECRETS_SIZE
+    DD      SNP_CPUID_BASE
+    DD      SNP_CPUID_SIZE
+    DW      sevSnpBootBlockEnd - sevSnpBootBlockStart
+    DB      0xC2, 0xC0, 0x39, 0xBD, 0x8e, 0x2F, 0x43, 0x42
+    DB      0x83, 0xE8, 0x1B, 0x74, 0xCE, 0xBC, 0xB7, 0xD9
+sevSnpBootBlockEnd:
+
 ;
 ; SEV Secret block
 ;
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re=
setVector.nasmb
index 8a3269cfc212..247f4eb0dc5e 100644
--- a/OvmfPkg/ResetVector/ResetVector.nasmb
+++ b/OvmfPkg/ResetVector/ResetVector.nasmb
@@ -89,5 +89,9 @@
   %define SEV_ES_AP_RESET_IP  FixedPcdGet32 (PcdSevEsWorkAreaBase)
   %define SEV_LAUNCH_SECRET_BASE  FixedPcdGet32 (PcdSevLaunchSecretBase)
   %define SEV_LAUNCH_SECRET_SIZE  FixedPcdGet32 (PcdSevLaunchSecretSize)
+  %define SNP_CPUID_BASE  FixedPcdGet32 (PcdOvmfSnpCpuidBase)
+  %define SNP_CPUID_SIZE  FixedPcdGet32 (PcdOvmfSnpCpuidSize)
+  %define SNP_SECRETS_BASE  FixedPcdGet32 (PcdOvmfSnpSecretsBase)
+  %define SNP_SECRETS_SIZE  FixedPcdGet32 (PcdOvmfSnpSecretsSize)
 %include "Ia16/ResetVectorVtf0.asm"
=20
--=20
2.17.1