From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.groups.io with SMTP id smtpd.web12.66443.1629354669823789237 for ; Wed, 18 Aug 2021 23:31:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=TqD9p4S0; spf=pass (domain: redhat.com, ip: 216.205.24.124, mailfrom: kraxel@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1629354667; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=Ti0v1Xzc0Oq8VmzryC5a/FAK3mpUjKdAO42+YEOPAd4=; b=TqD9p4S0Vovk+dt1HTIxFldDykmRT0xK2B5eGFzfUh1eXpiY/4zim0S1fIv5qRB5pJBWry 4DEMqKPLAu2KAoqYKthNOvx0UdeKefKIslWmD27Dp1FVZZYNTeP4+1Z3MrRYLc10QyaDFO kPrDhLJSlbuJH92B5L+sBSYYwMS9RFM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-593-3r2WdO-JOOGkLy4kkKStTQ-1; Thu, 19 Aug 2021 02:31:04 -0400 X-MC-Unique: 3r2WdO-JOOGkLy4kkKStTQ-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 65EED107ACF5; Thu, 19 Aug 2021 06:31:02 +0000 (UTC) Received: from sirius.home.kraxel.org (unknown [10.39.193.216]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E428510190AA; Thu, 19 Aug 2021 06:31:00 +0000 (UTC) Received: by sirius.home.kraxel.org (Postfix, from userid 1000) id 2EE591800385; Thu, 19 Aug 2021 08:30:59 +0200 (CEST) Date: Thu, 19 Aug 2021 08:30:59 +0200 From: "Gerd Hoffmann" To: devel@edk2.groups.io, min.m.xu@intel.com Cc: "Kinney, Michael D" , Liming Gao , "Liu, Zhiguang" , Brijesh Singh , Erdem Aktas , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [edk2-devel] [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx Message-ID: <20210819063059.rabr2aoajtffftqq@sirius.home.kraxel.org> References: <8f56e6f50477bf00d5121e6515388fe68525b1e2.1628767741.git.min.m.xu@intel.com> <20210817083822.vx2ts6twmm2fspqc@sirius.home.kraxel.org> MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=kraxel@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, > > IIRC some of the TDX features require a separate firmware binary. So, if we > > need a separate binary anyway at some point in the future, isn't it simpler then > > to use a separate firmware binary right from the start? > > > > You can simply add a Tdx-specific variant of the library > > (BaseIoLibIntrinsicTdx.inf) and switch at compile time instead of having runtime > > switches all over the place. > > > TDVF has 2 Config for upstream. See https://edk2.groups.io/g/devel/message/76367 > Config-A merge the *basic* TDVF features to existing OvmfX64Pkg.dsc. (Align with existing SEV). Hmm, so we'll have two variants with two feature sets. One more question: How does this align with the WorkArea changes posted yesterday? The WorkArea gets a mode field for SEV / TDX / normal, so I think you should be able to use that instead of invoking cpuid each time you need to know whenever tdx is active or not. take care, Gerd