From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.54]) by mx.groups.io with SMTP id smtpd.web12.1425.1632163598742374726 for ; Mon, 20 Sep 2021 11:46:38 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=G4oha5yW; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.223.54, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZHHXNiGntObBqLB5mjJ96AJIBQR5+3YgdurT02hHiqnlzVcgRlMgv0YeD5zfEKo2okTUekU2E5Uxnzg776pzziDuMGRuog3o1MjALOd3Sem+OwMJrXgB8bMxIBg51eFHvPf3gGhW+zERQ1OOTwpU5jktYmZzS+EKo1unIBpQ101zs2Ul2kW4N++aQ3lf1aG/nUe41aotH6/egzTaAYwFBsQv364SBmy10fiDZ6sMKkylQ3MR7b4NM32mNL+tAri3xZ/hvuR+f0qy/K+tJa+BKZ/QCouLUmMhLS83jktgBYD7RrWYAuOIC8OTkpzgs5QqSk6JjJnIRWnBuaQtHMw3ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=UCYdHqoboS7AS6piSucL0AOvihL1LH2filk7OdyeodA=; b=ZrSkHyMKM4Fy2U5ZcQGiFWYpYLgAbKohQEetFEuzxGup7JW/jMRQLoXilzdSpBK8XyMeRBdVnQXZCNZoaEY+ALg2gWi/2O8V2hVE65KEaVa9QxHyG5VgZhhq0zEJcvhAi+46EuDZNvPF0uIB/KwBj4hZZ5U16zyABsP37CvxSLl3UeWIqqckTb6AmCr+7ShxrkK+Po9rUFwfJ+6JCGb2qvQNqZ/4NxZ3IJd4/7DbpgvG5HQ9pxCkylfcdpklTyo+FSku2dXMJKdZJiqTfypvMDJ7ZPN+SRANb8trOFeatLseS+myVgp1FZS0j4rqD0a6ekXbNLgTa9paGi8J9CAZgg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UCYdHqoboS7AS6piSucL0AOvihL1LH2filk7OdyeodA=; b=G4oha5yWEAK9Qt3IjFNY7Bp/Rp4Npb+O4YFdlnqvmTt3u8wf6xnPJswmX6l00iSJb/N6bAVOVQDyr9lfeuvKnSgYMmyW3Zx3Rk0IIk8edHYJsQQrFeTbJ/qJbu2eI271BU+KzBDJmg4Z57ziVoLZAVXHWoC4nnXR3lCwkJYOb/4= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4575.namprd12.prod.outlook.com (2603:10b6:806:73::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14; Mon, 20 Sep 2021 18:46:37 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4523.018; Mon, 20 Sep 2021 18:46:37 +0000 From: "Brijesh Singh" To: devel@edk2.groups.io CC: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Michael Roth , Gerd Hoffmann , Brijesh Singh , Michael Roth , Ray Ni , Rahul Kumar , Eric Dong Subject: [PATCH v8 22/32] UefiCpuPkg/MpInitLib: use PcdConfidentialComputingAttr to check SEV status Date: Mon, 20 Sep 2021 13:45:54 -0500 Message-ID: <20210920184604.31590-23-brijesh.singh@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210920184604.31590-1-brijesh.singh@amd.com> References: <20210920184604.31590-1-brijesh.singh@amd.com> X-ClientProxiedBy: SN4PR0201CA0034.namprd02.prod.outlook.com (2603:10b6:803:2e::20) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0201CA0034.namprd02.prod.outlook.com (2603:10b6:803:2e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14 via Frontend Transport; Mon, 20 Sep 2021 18:46:36 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 6527be6c-4beb-42e5-bf66-08d97c66f9ee X-MS-TrafficTypeDiagnostic: SA0PR12MB4575: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:1468; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: cbZjrG3oTFJ7lcKfh43IhJoX0K3/yb5B2EmxZ1HbRWLVTjxhwvJn7x/pjcoGoQwV7Twk/w6kNx8hwYOAkNHI2j8l9CraeapoiLzIXW4TldD89ZqrTuYwbbkoFDp8nafHRInZlsu9ETjKIT3rhjVU+ElkcEQKYKxs8wb8Io+qn8xppIMIKNnaoZRRd6AzywSGuA+HumIWq9/JVS9jbNmpGuSURCURGwhLp9Qmch4usEueIXj4k1vXTL+5FrINYpzAKrhi3CEExlMXUvB6j75u4RuaqQQHup8BsSu3EC3oBupU3SlVNGkXLt6+q+b9eqTfavn1xP1s69HePhrmtrJnanjZ2p8Foa5pnbaU5stW8+L+0j1YF/b3ajavpQFyyTvHvJVvfuyriLIfsD8l3013w/iyTdxMoZ9pYZyHKndeBVJe7ePfq2sz5gB8AZEkeh4OPUDkzxwz8HRhS6aAZgSw6+d8wKDdhMlneEiKmbfDP86zj30hZJTIQ4FHkkUkecAKubVyHpk0+nvO2XtGwhoAXUHHoys39VesXrNPJiODPTtWCp6jFNzuNGuvRouh7Sl8RfcTSPG8U+JEbKMvl2FLJIe5Hz01sdLOa6zW4h/3yk4nPH9WEq35jMYZe17R3GJCkMGiDvFltgCdCpz1JvV2d/VIvcgDui4Pnk/qZq5CRcixbYMF6KDAhxN2Nesz5KBFIsh3gIrGmNqn/UT7tW/p3S/FMA1L0GTvypT0jhYqhcYspOFxkYLjiT+lz6xr2YXfjy1bszAE7cZDR8hjmKssHw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(366004)(38350700002)(44832011)(5660300002)(36756003)(83380400001)(38100700002)(8936002)(66946007)(508600001)(6916009)(7696005)(52116002)(1076003)(6666004)(956004)(8676002)(186003)(54906003)(2616005)(7416002)(2906002)(6486002)(26005)(316002)(66556008)(66476007)(966005)(86362001)(4326008);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?auZc9MNkuiZURjxlF1LesloDKNqlnuBdAuqqjJacEXF7xC0Ax5yBGWp+slBW?= =?us-ascii?Q?f6qCCPq2ovmGFwOys9JMMQf+PXfUTf6QzOtI5rOJirDHD6ffMzB9BtvzIzyA?= =?us-ascii?Q?XMYiFQ9S1b2wp04JMJ9Pqcw7mFvO6tR0lGOpKfIBNlTYPlni7B/UOHTLBhwh?= =?us-ascii?Q?81tZUlinaTBHNKXrC5AMCyD3XHF9cwtj9UEt7ZO8yIJwwt3qnZjxQNGeTjoc?= =?us-ascii?Q?YJLPA+VLgcvxJCiF3RsFOH6QalP5x2iUKXazvzu2qQ8egcoV5iKQAFoBsV0o?= =?us-ascii?Q?D/SnsG1PsXOLIfR/0Z2o2uwf74jZzwaMRu3GpB9WL4mbvivWUJ8/y5wNTGO/?= =?us-ascii?Q?T7owNFF5VQL8+21ogHchYH6gcf4YXKTNcV1y/aN0VbnDG8HcQzf1Hs/mYG7t?= =?us-ascii?Q?pKOA2WTYcOCzWiMZieR2uJvS/K5hzj9ZTVdrhD4/vu2wilFilyfIks+yz1Wc?= =?us-ascii?Q?XDjwNYKFIYj3rf9J9HdIsOUxnnEnRubV2oPkwvW8EOa1uyVeEtvsNvFzTRNt?= =?us-ascii?Q?K/SUmOTxRJC/0lT8bew9W96wJWlXhLyc+mnWLNUFGdgZbkyPucLbY3rj+dzH?= =?us-ascii?Q?pyjy13XaJEQezLs8/9pZJBlaTcDpFIgpozZyZUA6o2/18vUaIYktCozoafKG?= =?us-ascii?Q?0eHqyxn1mdbf03MeHw76eXSAX988JJn9XHrXJxG9D8Uc7XUpXI+X8s4TC3rz?= =?us-ascii?Q?7dzvm4TuQ/56WET7x0s6kzGltc9m4iMAUiXBdQszzSJYDO7zTtAVcPasiMBO?= =?us-ascii?Q?2avi64wO5BnaqfV3sIZlLj4vZlsqAk2DShrrcB4G+9m4LdHlMtvDAVSH3HoV?= =?us-ascii?Q?YKUxuDmCwafz6Ku3ssmiFayrqJihJdD88I75Lh6dXCdcwB5JlKOEJGiBelNS?= =?us-ascii?Q?TDDBro/O01bZGnntLJO4b5ksVZq2IHOrKWFzbyhkuA22kc9ybWbCM5v2ppW+?= =?us-ascii?Q?bK3mTBt5GuiO+qsdX9eGX8iHLAFFhXH4Xw2mpFZmyC2WkWjqMs2quD5nm5AL?= =?us-ascii?Q?f5tf76F/7uAuj5G1t9Wqd6Ah0ged9AstgUCFPC9bI4LCHbsjHUdmg7XL2qQh?= =?us-ascii?Q?PdMJNWUvKnLsED5oQp4ebSRr1f9nurWP8QjucrYpZ9Qriko8fUYJtA7ZuTap?= =?us-ascii?Q?qY9Nmk6tj1ll0IqDuBM9CEiGHBCehAWH4FeQN78ToJpTdO31/VG+WLVIDEyA?= =?us-ascii?Q?RzTIN2x3XdGQDM9KqUihBERD4ZY/eLGAsNHW0spdJsnw93UKXLAO6Nw9gIpM?= =?us-ascii?Q?WhvNuP6WoJo5o7MdZOwnVH3OGxlKi1c15Gn6EXTDgZo8iCsdqI36E83Y+l1E?= =?us-ascii?Q?xL+YsLpH6J3srj4GGCYyJtW6?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6527be6c-4beb-42e5-bf66-08d97c66f9ee X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Sep 2021 18:46:37.2946 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: JTdKFIfVR0EDEv4I9IPAhLB2xV3IhUAp8LJs/ObPSeBU2Bsy5SBtvlr0Wkcmuc+i7kFBVdWypzoDTnMABPH8tw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4575 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 Previous commit introduced a generic confidential computing PCD that can determine whether AMD SEV-ES is enabled. Update the MpInitLib to drop the PcdSevEsIsEnabled in favor of PcdConfidentialComputingAttr. Cc: Michael Roth Cc: Ray Ni Cc: Rahul Kumar Cc: Eric Dong Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Suggested-by: Jiewen Yao Signed-off-by: Brijesh Singh --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 2 +- UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 2 +- UefiCpuPkg/Library/MpInitLib/MpLib.h | 13 ++++ UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 6 +- UefiCpuPkg/Library/MpInitLib/MpLib.c | 60 ++++++++++++++++++- UefiCpuPkg/Library/MpInitLib/PeiMpLib.c | 4 +- 6 files changed, 77 insertions(+), 10 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index 6e510aa89120..28764418d7c1 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -73,7 +73,7 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode ## = CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ## = SOMETIMES_CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApStatusCheckIntervalInMicroSeconds ## = CONSUMES - gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled ## = CONSUMES gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ## = SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## = CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## = CONSUMES + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## = CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/PeiMpInitLib.inf index 2cbd9b8b8acc..cbc3c1460423 100644 --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf @@ -63,9 +63,9 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize ## CONS= UMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode ## CONS= UMES gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ## SOME= TIMES_CONSUMES - gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled ## CONS= UMES gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ## SOME= TIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONS= UMES + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## CONS= UMES =20 [Ppis] gEdkiiPeiShadowMicrocodePpiGuid ## SOMETIMES_CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpIn= itLib/MpLib.h index 3d4446df8ce6..2107f3f705a2 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h @@ -33,6 +33,7 @@ #include #include #include +#include =20 #include #include @@ -774,5 +775,17 @@ SevEsPlaceApHlt ( CPU_MP_DATA *CpuMpData ); =20 +/** + Check if the specified confidential computing attribute is active. + + @retval TRUE The specified Attr is active. + @retval FALSE The specified Attr is not active. +**/ +BOOLEAN +EFIAPI +ConfidentialComputingGuestHas ( + CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr + ); + #endif =20 diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M= pInitLib/DxeMpLib.c index 93fc63bf93e3..657a73dca05e 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c @@ -93,7 +93,7 @@ GetWakeupBuffer ( EFI_PHYSICAL_ADDRESS StartAddress; EFI_MEMORY_TYPE MemoryType; =20 - if (PcdGetBool (PcdSevEsIsEnabled)) { + if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) { MemoryType =3D EfiReservedMemoryType; } else { MemoryType =3D EfiBootServicesData; @@ -107,7 +107,7 @@ GetWakeupBuffer ( // LagacyBios driver depends on CPU Arch protocol which guarantees below // allocation runs earlier than LegacyBios driver. // - if (PcdGetBool (PcdSevEsIsEnabled)) { + if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) { // // SEV-ES Wakeup buffer should be under 0x88000 and under any previous= one // @@ -124,7 +124,7 @@ GetWakeupBuffer ( ASSERT_EFI_ERROR (Status); if (EFI_ERROR (Status)) { StartAddress =3D (EFI_PHYSICAL_ADDRESS) -1; - } else if (PcdGetBool (PcdSevEsIsEnabled)) { + } else if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) { // // Next SEV-ES wakeup buffer allocation must be below this allocation // diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpIn= itLib/MpLib.c index 890945bc5994..ad71724d29f3 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c @@ -295,7 +295,7 @@ GetApLoopMode ( ApLoopMode =3D ApInHltLoop; } =20 - if (PcdGetBool (PcdSevEsIsEnabled)) { + if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) { // // For SEV-ES, force AP in Hlt-loop mode in order to use the GHCB // protocol for starting APs @@ -1046,7 +1046,7 @@ AllocateResetVector ( // The AP reset stack is only used by SEV-ES guests. Do not allocate i= t // if SEV-ES is not enabled. // - if (PcdGetBool (PcdSevEsIsEnabled)) { + if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) { // // Stack location is based on ProcessorNumber, so use the total numb= er // of processors for calculating the total stack area. @@ -1816,7 +1816,7 @@ MpInitLibInitialize ( CpuMpData->CpuData =3D (CPU_AP_DATA *) (CpuMpData + 1); CpuMpData->CpuInfoInHob =3D (UINT64) (UINTN) (CpuMpData->CpuData + M= axLogicalProcessorNumber); InitializeSpinLock(&CpuMpData->MpLock); - CpuMpData->SevEsIsEnabled =3D PcdGetBool (PcdSevEsIsEnabled); + CpuMpData->SevEsIsEnabled =3D ConfidentialComputingGuestHas (CCAttrAmdSe= vEs); CpuMpData->SevEsAPBuffer =3D (UINTN) -1; CpuMpData->GhcbBase =3D PcdGet64 (PcdGhcbBase); =20 @@ -2706,3 +2706,57 @@ MpInitLibStartupAllCPUs ( NULL ); } + +/** + The function check if the specified Attr is set in the CurrentAttr. + + @retval TRUE The specified Attr is set. + @retval FALSE The specified Attr is not set. + **/ +STATIC +BOOLEAN +AmdMemEncryptionAttrCheck ( + UINT64 CurrentAttr, + CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr + ) +{ + switch (Attr) { + case CCAttrAmdSev: + return CurrentAttr >=3D CCAttrAmdSev; + case CCAttrAmdSevEs: + return CurrentAttr >=3D CCAttrAmdSevEs; + case CCAttrAmdSevSnp: + return CurrentAttr =3D=3D CCAttrAmdSevSnp; + default: + return FALSE; + } +} + +/** + Check if the specified confidential computing attribute is active. + + @retval TRUE The specified Attr is active. + @retval FALSE The specified Attr is not active. +**/ +BOOLEAN +EFIAPI +ConfidentialComputingGuestHas ( + CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr + ) +{ + UINT64 CurrentAttr; + + // + // Get the current CC attribute. + // + CurrentAttr =3D PcdGet64 (PcdConfidentialComputingGuestAttr); + + // + // If attr is for the AMD group then call AMD specific checks. + // + if (((CurrentAttr >> 8) & 0xff) =3D=3D 1) { + return AmdMemEncryptionAttrCheck (CurrentAttr, Attr); + } + + return (CurrentAttr =3D=3D Attr); +} diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c b/UefiCpuPkg/Library/M= pInitLib/PeiMpLib.c index 90015c650c68..2f333a00460a 100644 --- a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c @@ -222,7 +222,7 @@ GetWakeupBuffer ( // Need memory under 1MB to be collected here // WakeupBufferEnd =3D Hob.ResourceDescriptor->PhysicalStart + Hob.Re= sourceDescriptor->ResourceLength; - if (PcdGetBool (PcdSevEsIsEnabled) && + if (ConfidentialComputingGuestHas (CCAttrAmdSevEs) && WakeupBufferEnd > mSevEsPeiWakeupBuffer) { // // SEV-ES Wakeup buffer should be under 1MB and under any previo= us one @@ -253,7 +253,7 @@ GetWakeupBuffer ( DEBUG ((DEBUG_INFO, "WakeupBufferStart =3D %x, WakeupBufferSize = =3D %x\n", WakeupBufferStart, WakeupBufferSize)); =20 - if (PcdGetBool (PcdSevEsIsEnabled)) { + if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) { // // Next SEV-ES wakeup buffer allocation must be below this // allocation --=20 2.25.1