From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.76]) by mx.groups.io with SMTP id smtpd.web11.857.1631557215831976873 for ; Mon, 13 Sep 2021 11:20:16 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=ZfvsmU3q; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.76, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WGYl1zbqvD9oWz3cD7tjHzcnmLbqUQHEupey5/VbhIpKq45MxhQe3jKhiYuY0gJ/Uy78Z/Qvv3BzslbHG+ImA5iss/r/7TW0AQIN9MNzjqr1UAcQYDGPF53UVykKhJ3fsX2hG77w1jg7nsHqKLG+3tBVqsfZCk7tffgBj06vvQD0dzcwXdIF/AlgX1Wc8T7ZSYi6MxFPbVvQylbT0YPti4amdQb/MknVJ5AdsGCd1ufVWEYx+R50xnNpnVdb5e9CAeiHaCw7MY0oKxgGeSHikhLCmXYO8LvH43COR8X8IF0/AKqvktH0um6YqeDB8Mxg+AYTzg7zWIsVdKrNf3XhcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=EywgK271M7ieYPGaoth59YTs6XW6DFfZybbwVQGZATM=; b=ebKpeCkxPZTUv8PBqTs+BMJANiTnt7XynxFwG43pbl9d1WQq0qE345mNgPYiQfY/18sfVZO1YyND85AU/iqVt665LXRNLmmByIHLmQse7DtxBmPhY192+t0Y6Js7jni+tpNrB4nYzbi07sPtKgpeyjF+akDSUMXVjiG0I2BoIY17IpnYcsZJQEJ6AOMgna06ax3PTQkWvFVxS+b0Dp9HFH4A3IyvrP+9+7lchOCtsnQNPK9EASb7Ffqjlg/20gSjIqwny7AmkZMBSTH+HF6h10p6yd/ldogghPWXS0BFu4M+UF1SsCW4LqAwU9oG3g1jQVGDdjgBzfJoDD+oJJKM9Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=EywgK271M7ieYPGaoth59YTs6XW6DFfZybbwVQGZATM=; b=ZfvsmU3q/Xt5iVr26mkILOH0NK/LcK/kg/huZzruzDdWI44AHBINWciVdAgUlG2xBbaVciFSWmToqL4BE2/fnU18HHCEQwu1aA39F5cWLxnzCCld5g40fFHLIR2IaUoIMOy5QuQ+salIqwdSRx5EVAcqaQbBE9MmO/ghf7WK7ws= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN1PR12MB2512.namprd12.prod.outlook.com (2603:10b6:802:31::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Mon, 13 Sep 2021 18:20:13 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4500.019; Mon, 13 Sep 2021 18:20:13 +0000 From: "Brijesh Singh" To: devel@edk2.groups.io CC: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Michael Roth , Gerd Hoffmann , Brijesh Singh , Michael Roth , Ray Ni , Rahul Kumar , Eric Dong Subject: [PATCH v7 19/31] UefiCpuPkg: Define ConfidentialComputingGuestAttr Date: Mon, 13 Sep 2021 13:19:29 -0500 Message-ID: <20210913181941.23405-20-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210913181941.23405-1-brijesh.singh@amd.com> References: <20210913181941.23405-1-brijesh.singh@amd.com> X-ClientProxiedBy: SA9P221CA0012.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::17) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P221CA0012.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Mon, 13 Sep 2021 18:20:13 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: de8a0d3c-20e2-4e9c-f2da-08d976e32129 X-MS-TrafficTypeDiagnostic: SN1PR12MB2512: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:6108; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: zXofDtGaJYtbNAE709n4Asxrx//3YjZRqZellSA9rovVqWhEwXzrP3G0CnNIdIhnUArtJxzSmmbIohIjdYuesLtn9QFbEplasBd7gdyxocs/19olUje8VIfVyVsGaI8loeO1aq9JfxiiC52HsP6PdfPO4BFmRKn8LHwmCMCHmv4V2LXqaR0NgjzxaFl7XKu9kPcMWCRhZtPi1bRfZwVMhrQdDvY2TRQyDa7WhmvojM6cGMlCrb6hnLO2rlxkpKXYyy7MkofvBpZY1vkH4Ix1vuBXc4ZF383keTaW2xwomW/U+pe/VJeqjv8giJzjgEjjSrBy5v4iTkUN+2CgJBZiLFx8vNMyd8z66VuEkaLimOyvl40EcYb8A56BC6GgxLXuR9FyaGaVhefCqZy6P7OLXvnK6H3bNE4yS/aCJMes5WT1zNJJx3O2FFvWODoeg1Au4eTTkCSVhY9J7rMC142ucusvUH1SccnhaJ5qKKEvYiEok6gZA2pQ8lEHyoTXmi2xU/9d/8ND49skz72KhUicLerbiH5uoGAQ5WgX7de+L5H2w9htfkjidJs4KJmGrgdUUqLuEMmIgZa8F46ESPMzeNcgp1bF8h929YnMb5rvyyuWoYoevsBbkxQLBh+erzrlt/fEbo7Lv/KWub7rJWi7OY+FUGYuBWGbQOOv/NI2EYEKFlTQwKhadCi9+b+9wqJEJcwmiz74DkT/2Uv79TyW4Rvobh7Ett6KcOdivuQCgxWgV0z5xelaj4Krqd4hl56NMe/HG58cEVmtwUlD56Bum+AyQ+R397Ze/8HEPrJUolA= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(346002)(39860400002)(366004)(376002)(136003)(83380400001)(478600001)(86362001)(8936002)(966005)(6486002)(8676002)(186003)(6916009)(2906002)(38350700002)(38100700002)(26005)(36756003)(956004)(2616005)(66946007)(6666004)(66556008)(54906003)(5660300002)(52116002)(44832011)(66476007)(316002)(4326008)(1076003)(7416002)(7696005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?ETMGYW94mtwWDe9Xl3vZT0Ojgrj4hQIM/4PuOPOWHYinsWKqnUy7c4rvHYmH?= =?us-ascii?Q?a/NwsqcMg5gs2HG6WGkiqHl1F61Wf6frTjzjdFDyO9/lu8Rlyxq4Ff3+DObi?= =?us-ascii?Q?rs2G3Rk3edMQyXK8fov/tEdIMYaL8nHPDGmcPRASdrF38EjB9JdiI6w4MwcQ?= =?us-ascii?Q?ffFAsM/r9eVhOW0bCKOckswuYzCbktoqfu+uwg7h4lgWlqbvSuFqhAU/p+bS?= =?us-ascii?Q?uxrVKKw74ysbBklyrXOBxZ+MLAXor98mAR292hIBWZdCwQSHLw8n6bktnyin?= =?us-ascii?Q?7A8pNpxXYnpDMwiCUYFE9BPMicTb3D9REJBtRIWquQtY7FL/Kb+At4vqZX0n?= =?us-ascii?Q?mmDnkbrGcCIK0TYH/Z5qxOIlvZnMkW0vs91+Gtq4mILdsp3GwQF9nCpdzGaW?= =?us-ascii?Q?lYvOFkkc9RL0S+t7zblfzVU2qo5ulGTZNwJ5VEi8lq/ibAkqwdd8m0JbC6SI?= =?us-ascii?Q?S+PbRcS5GiKQu4fiI6wEKygyXk6YysUNPn+lxYZLAkRLZMO2uSQxu8csP0i1?= =?us-ascii?Q?7xPqcjoVlHnBpCZOrp3AMA4z990Nlq0WmVVloFlZ33fXpcuchwQtsbiXgwS9?= =?us-ascii?Q?esTbcEHUnhnQ9PAh8njuAf+5rHlrfNCvp60R6Au3XA0D9b9Y9WilR5w5YUpr?= =?us-ascii?Q?5L7gQ8f9m4AaZe5zAi1NBV42foXOr+DJU+uImBvEojv0j4NoYvcqVfQih+AJ?= =?us-ascii?Q?VEBzDyJdhxwWGzgPSR4Gs6nRUWS4vLVEEruCeTgVH/rxs9lX6FzDgSZizmSn?= =?us-ascii?Q?oHgex0xwsw4cUTzvkNrEV0TOwoaCPhAxES95rfZ+gUpnD+fjboqmTrmi+Dv9?= =?us-ascii?Q?AhgD/QZZDjj+NAifZ5kzOtN33uq4PbW11U+IglK/j+nA8O7Q2dATsByWPZkX?= =?us-ascii?Q?cHGJG9ynXnaRKEtfA8xpR9N68MZhTaD1BAyvnU83xfiI+cu2M52oxa+4r4Qm?= =?us-ascii?Q?VuZUWj9krhQ1dcxAuW6bcHfmMWzWw3ev6f8xy4UuKl75m3MHFjoV4TUysr7P?= =?us-ascii?Q?UMBq+WGZ6hIgHE/1Zj0+nR5TnBnnuFePTykxXcQcSXDmbLEYHeLhxb1XoThp?= =?us-ascii?Q?4rFIsvz2hVRMY1mEKW40mJYFkL94VarS3GCgRJJ9DewpFFb0KQGknyoJfPSh?= =?us-ascii?Q?v0/2GQW+7JWngT2Lt/brteO/t4k+5IAOP98Valhk0mKx/u65dnLoH+HglFZg?= =?us-ascii?Q?+KePlzmXw9+nUs9j2sle6nyDqqUUTf6cS7HiS74i9i/SMgANbMe8J7p9G0Mx?= =?us-ascii?Q?Q2LBmMUD4cMTm1viz5Yh1Iwa7BjECupu2Jc3M1BqSGWUlNXY56xfWZHizQCl?= =?us-ascii?Q?TQld5UertGyPA2xGmpZTNfSN?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: de8a0d3c-20e2-4e9c-f2da-08d976e32129 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Sep 2021 18:20:13.8255 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: vhzx/hEYZUV2Qd34DxQOEHGBTHhcpzfROuwd0oru6+vrpAP5y5m8G+tkKjXikrF+niCJ+d0zDztp4cgxtKuR9Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2512 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 While initializing APs, the MpInitLib may need to know whether the guest is running with active AMD SEV or Intel TDX memory encryption. Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute. Cc: Michael Roth Cc: Ray Ni Cc: Rahul Kumar Cc: Eric Dong Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Suggested-by: Jiewen Yao Signed-off-by: Brijesh Singh --- UefiCpuPkg/UefiCpuPkg.dec | 4 +++ .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 62acb291f309..9dbaa407c399 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -396,5 +396,9 @@ [PcdsDynamic, PcdsDynamicEx] # @Prompt SEV-ES Status gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|FALSE|BOOLEAN|0x60000016 =20 + ## This dynamic PCD indicates the memory encryption attribute of the gue= st. + # @Prompt Memory encryption attribute + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x6= 0000017 + [UserExtensions.TianoCore."ExtraFiles"] UefiCpuPkgExtra.uni diff --git a/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h b/UefiCpuP= kg/Include/ConfidentialComputingGuestAttr.h new file mode 100644 index 000000000000..495b0df0ac33 --- /dev/null +++ b/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h @@ -0,0 +1,25 @@ +/** @file +Definitions for Confidential Computing Attribute + +Copyright (c) 2021 AMD Inc. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ + +typedef enum { + /* The guest is running with memory encryption disabled. */ + CCAttrNotEncrypted =3D 0, + + /* The guest is running with AMD SEV memory encryption enabled. */ + CCAttrAmdSev =3D 0x100, + CCAttrAmdSevEs =3D 0x101, + CCAttrAmdSevSnp =3D 0x102, + + /* The guest is running with Intel TDX memory encryption enabled. */ + CCAttrIntelTdx =3D 0x200, +} CONFIDENTIAL_COMPUTING_GUEST_ATTR; + +#endif --=20 2.17.1