[edk2-devel] [PATCH ovmf v2 0/5] Enable AMD SEV-ES DebugSwap

[edk2-devel] [PATCH ovmf v2 0/5] Enable AMD SEV-ES DebugSwap

[Alexey Kardashevskiy via groups.io]

This is to prevent #DB interception on SEV-ES VM with
enabled DebugSwap feature, more details in 3/5.

The corresponding Linux change (HV and VM) went upstream
long time ago:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e221804dad4e
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1f85fbe836e

And then I dropped the ball, sorry.

The previous conversation (more than a year ago) is here:
https://edk2.groups.io/g/devel/message/96808

This failed CI though (figuring out this not-that-trivial Uncrustify guy now):
https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=123642&view=logs&j=ec42d809-3c3b-54a9-276c-e54a8b9aaee9&t=bd91c6c3-6d75-5ede-7b63-5767cf827334

This is based on sha1
6780b3aba086 Abner Chang "Maintainers: AMD as SPI driver stack maintainer".

Please comment. Thanks.



Alexey Kardashevskiy (5):
  MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER
  MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr
  OvmfPkg: Add AMD SEV-ES DebugSwap feature support
  UefiCpuPkg: Add AMD SEV-ES features support
  OvmfPkf: Enable AMD SEV-ES DebugSwap for DXE

 MdePkg/Include/ConfidentialComputingGuestAttr.h                    | 16 +++++-
 MdePkg/Include/Register/Amd/Fam17Msr.h                             | 57 +++++++++++++++++++-
 OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 +++++
 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 25 +++++++--
 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 +++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 20 +++++++
 OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 +++
 OvmfPkg/PlatformPei/AmdSev.c                                       | 13 +++--
 UefiCpuPkg/Library/MpInitLib/MpLib.c                               | 10 ++--
 9 files changed, 168 insertions(+), 12 deletions(-)

-- 
2.41.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118088): https://edk2.groups.io/g/devel/message/118088
Mute This Topic: https://groups.io/mt/105668050/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v2 1/5] MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER

[Alexey Kardashevskiy via groups.io]

We need DebugSwap for now but others likely to be needed too.

Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 MdePkg/Include/Register/Amd/Fam17Msr.h | 57 +++++++++++++++++++-
 1 file changed, 56 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Include/Register/Amd/Fam17Msr.h b/MdePkg/Include/Register/Amd/Fam17Msr.h
index f2d5ccb39dc7..943329ea7688 100644
--- a/MdePkg/Include/Register/Amd/Fam17Msr.h
+++ b/MdePkg/Include/Register/Amd/Fam17Msr.h
@@ -138,7 +138,62 @@ typedef union {
     ///
     UINT32    SevSnpBit : 1;
 
-    UINT32    Reserved2 : 29;
+    ///
+    /// [Bit 3] The guest was run with the Virtual TOM feature enabled in SEV_FEATURES[1]
+    ///
+    UINT32    vTOM_Enabled : 1;
+
+    ///
+    /// [Bit 4] The guest was run with the ReflectVC feature enabled in SEV_FEATURES[2]
+    ///
+    UINT32    ReflectVC : 1;
+
+    ///
+    /// [Bit 5] The guest was run with the Restricted Injection feature enabled in SEV_FEATURES[3]
+    ///
+    UINT32    RestrictedInjection : 1;
+
+    ///
+    /// [Bit 6] The guest was run with the Alternate Injection feature enabled in SEV_FEATURES[4]
+    ///
+    UINT32    AlternateInjection : 1;
+
+    ///
+    /// [Bit 7] This guest was run with debug register swapping enabled in SEV_FEATURES[5]
+    ///
+    UINT32    DebugSwap : 1;
+
+    ///
+    /// [Bit 8]  This guest was run with the PreventHostIBS feature enabled in SEV_FEATURES[6]
+    ///
+    UINT32    PreventHostIBS : 1;
+
+    ///
+    /// [Bit 9] The guest was run with the BTB isolation feature enabled in SEV_FEATURES[7]
+    ///
+    UINT32    SNPBTBIsolation : 1;
+
+    ///
+    /// [Bit 10]
+    ///
+    UINT32    Reserved0 : 1;
+
+    ///
+    /// [Bit 11] The guest was run with the Secure TSC feature enabled in SEV_FEATURES[9]
+    ///
+    UINT32    SecureTsc : 1;
+
+    ///
+    /// [Bits 12 13 14 15]
+    ///
+    UINT32    Reserved1 : 4;
+
+    ///
+    /// [Bit 16] The guest was run with the VMSA Register Protection feature enabled in SEV_FEATURES[14]
+    ///
+    UINT32    VmsaRegProt_Enabled : 1;
+
+    UINT32    Reserved2 : 15;
   } Bits;
   ///
   /// All bit fields as a 32-bit value
-- 
2.41.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118089): https://edk2.groups.io/g/devel/message/118089
Mute This Topic: https://groups.io/mt/105668051/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v2 2/5] MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr

[Alexey Kardashevskiy via groups.io]

PcdConfidentialComputingGuestAttr so far only contained an SEV mode bit
but there are more other features which do not translate to levels
such as DebugSwap or SecureTsc.

This adds the features mask and the DebugSwap feature bit to a PCD.

Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v2:
* expanded features mask
* added type mask
---
 MdePkg/Include/ConfidentialComputingGuestAttr.h | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
index 44e6df800207..5f706a8f7320 100644
--- a/MdePkg/Include/ConfidentialComputingGuestAttr.h
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -29,9 +29,21 @@ typedef enum {
 
   /* The guest is running with Intel TDX memory encryption enabled. */
   CCAttrIntelTdx = 0x200,
+
+  CCAttrTypeMask = 0x000000000000ffff,
+
+  /* Features */
+
+  /* The AMD SEV-ES DebugSwap feature is enabled in SEV_STATUS */
+  CCAttrFeatureAmdSevDebugSwap = 0x0000000000010000,
+
+  CCAttrFeatureMask            = 0xffffffffffff0000,
+
 } CONFIDENTIAL_COMPUTING_GUEST_ATTR;
 
-#define CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
-#define CC_GUEST_IS_SEV(x)  ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || (x) == CCAttrAmdSevSnp)
+#define _CC_GUEST_IS_TDX(x)  ((x) == CCAttrIntelTdx)
+#define CC_GUEST_IS_TDX(x)  _CC_GUEST_IS_TDX((x) & CCAttrTypeMask)
+#define _CC_GUEST_IS_SEV(x) ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || (x) == CCAttrAmdSevSnp)
+#define CC_GUEST_IS_SEV(x)  _CC_GUEST_IS_SEV((x) & CCAttrTypeMask)
 
 #endif
-- 
2.41.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118090): https://edk2.groups.io/g/devel/message/118090
Mute This Topic: https://groups.io/mt/105668057/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v2 3/5] OvmfPkg: Add AMD SEV-ES DebugSwap feature support

[Alexey Kardashevskiy via groups.io]

The SEV-ES DebugSwap feature enables type B swaping of debug registers
on #VMEXIT and makes #DB and DR7 intercepts unnecessary and unwanted.

When DebugSwap is enabled, this stops booting if #VC for #DB or
DB7 read/write occurs as this signals unwanted interaction from the HV.

This adds new API which uses SEV-ES working area in PEI and SEC.

This does not change the existing behavour for DXE just yet but soon.

Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 ++++++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 25 +++++++++++++++++---
 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 +++++++++++++++
 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 20 ++++++++++++++++
 OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 +++++++
 5 files changed, 81 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
index 4fa9c0d70083..0fa86aecc38c 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -166,6 +166,18 @@ MemEncryptSevGetEncryptionMask (
   VOID
   );
 
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  );
+
 /**
   Returns the encryption state of the specified virtual address range.
 
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 4aba0075b9e2..79449096a388 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -40,19 +40,23 @@ AmdMemEncryptionAttrCheck (
   IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR  Attr
   )
 {
+  UINT64 CurrentLevel = CurrentAttr & CCAttrTypeMask;
+
   switch (Attr) {
     case CCAttrAmdSev:
       //
       // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSev;
+      return CurrentLevel >= CCAttrAmdSev;
     case CCAttrAmdSevEs:
       //
       // SEV-ES is automatically enabled if SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSevEs;
+      return CurrentLevel >= CCAttrAmdSevEs;
     case CCAttrAmdSevSnp:
-      return CurrentAttr == CCAttrAmdSevSnp;
+      return CurrentLevel == CCAttrAmdSevSnp;
+    case CCAttrFeatureAmdSevDebugSwap:
+      return !!(CurrentAttr & CCAttrFeatureAmdSevDebugSwap);
     default:
       return FALSE;
   }
@@ -159,3 +163,18 @@ MemEncryptSevGetEncryptionMask (
 
   return mSevEncryptionMask;
 }
+
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  )
+{
+  return ConfidentialComputingGuestHas (CCAttrFeatureAmdSevDebugSwap);
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index 41d1246a5b31..e2ebc8afcaee 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -141,3 +141,22 @@ MemEncryptSevGetEncryptionMask (
 
   return SevEsWorkArea->EncryptionMask;
 }
+
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER  Msr;
+
+  Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.DebugSwap ? TRUE : FALSE;
+}
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 27148c7e337a..974be9555296 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -142,6 +142,26 @@ MemEncryptSevGetEncryptionMask (
   return SevEsWorkArea->EncryptionMask;
 }
 
+
+/**
+  Returns a boolean to indicate whether DebugSwap is enabled.
+
+  @retval TRUE           DebugSwap is enabled
+  @retval FALSE          DebugSwap is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevEsDebugSwapIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER  Msr;
+
+  Msr.Uint32 = InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.DebugSwap ? TRUE : FALSE;
+}
+
 /**
   Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
   Save State Map.
diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
index 0b61d28f8b94..9567c257217f 100644
--- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
+++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c
@@ -1625,6 +1625,10 @@ Dr7WriteExit (
   UINT64                     *Register;
   UINT64                     Status;
 
+  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+
   Ext       = &InstructionData->Ext;
   SevEsData = (SEV_ES_PER_CPU_DATA *)(Ghcb + 1);
 
@@ -1677,6 +1681,10 @@ Dr7ReadExit (
   SEV_ES_PER_CPU_DATA        *SevEsData;
   UINT64                     *Register;
 
+  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
+    return UnsupportedExit (Ghcb, Regs, InstructionData);
+  }
+
   Ext       = &InstructionData->Ext;
   SevEsData = (SEV_ES_PER_CPU_DATA *)(Ghcb + 1);
 
-- 
2.41.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118091): https://edk2.groups.io/g/devel/message/118091
Mute This Topic: https://groups.io/mt/105668062/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v2 4/5] UefiCpuPkg: Add AMD SEV-ES features support

[Alexey Kardashevskiy via groups.io]

CONFIDENTIAL_COMPUTING_GUEST_ATTR is not a simple SEV level anymore
and includes a feature mask since a previous commit.

This fixes AmdMemEncryptionAttrCheck to check the level and feature
correctly and adds DebugSwap support.

Since the actual feature flag is not set yet, this should cause
no behavioral change.

Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 UefiCpuPkg/Library/MpInitLib/MpLib.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index d7244565029d..5904dc69121b 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
@@ -3178,19 +3178,23 @@ AmdMemEncryptionAttrCheck (
   IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR  Attr
   )
 {
+  UINT64 CurrentLevel = CurrentAttr & CCAttrTypeMask;
+
   switch (Attr) {
     case CCAttrAmdSev:
       //
       // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSev;
+      return CurrentLevel >= CCAttrAmdSev;
     case CCAttrAmdSevEs:
       //
       // SEV-ES is automatically enabled if SEV-SNP is active.
       //
-      return CurrentAttr >= CCAttrAmdSevEs;
+      return CurrentLevel >= CCAttrAmdSevEs;
     case CCAttrAmdSevSnp:
-      return CurrentAttr == CCAttrAmdSevSnp;
+      return CurrentLevel == CCAttrAmdSevSnp;
+    case CCAttrFeatureAmdSevDebugSwap:
+      return !!(CurrentAttr & CCAttrFeatureAmdSevDebugSwap);
     default:
       return FALSE;
   }
-- 
2.41.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118092): https://edk2.groups.io/g/devel/message/118092
Mute This Topic: https://groups.io/mt/105668065/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH ovmf v2 5/5] OvmfPkf: Enable AMD SEV-ES DebugSwap for DXE

[Alexey Kardashevskiy via groups.io]

This writes the feature bit into PcdConfidentialComputingGuestAttr
and enables DebugSwap for the DXE stage too.

Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
 OvmfPkg/PlatformPei/AmdSev.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e6724cf493a7..785872537728 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -434,6 +434,7 @@ AmdSevInitialize (
   )
 {
   UINT64         EncryptionMask;
+  UINT64         CCGuestAttr;
   RETURN_STATUS  PcdStatus;
 
   //
@@ -517,13 +518,19 @@ AmdSevInitialize (
   // technology is active.
   //
   if (MemEncryptSevSnpIsEnabled ()) {
-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevSnp);
+    CCGuestAttr = CCAttrAmdSevSnp;
   } else if (MemEncryptSevEsIsEnabled ()) {
-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevEs);
+    CCGuestAttr = CCAttrAmdSevEs;
   } else {
-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSev);
+    CCGuestAttr = CCAttrAmdSev;
   }
 
+  if (MemEncryptSevEsDebugSwapIsEnabled ()) {
+    CCGuestAttr |= CCAttrFeatureAmdSevDebugSwap;
+  }
+
+  PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCGuestAttr);
+
   ASSERT_RETURN_ERROR (PcdStatus);
 }
 
-- 
2.41.0



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118093): https://edk2.groups.io/g/devel/message/118093
Mute This Topic: https://groups.io/mt/105668073/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v2 0/5] Enable AMD SEV-ES DebugSwap

[Alexey Kardashevskiy via groups.io]

On 22/4/24 22:16, Alexey Kardashevskiy wrote:
> This is to prevent #DB interception on SEV-ES VM with
> enabled DebugSwap feature, more details in 3/5.
> 
> The corresponding Linux change (HV and VM) went upstream
> long time ago:
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e221804dad4e
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1f85fbe836e
> 
> And then I dropped the ball, sorry.
> 
> The previous conversation (more than a year ago) is here:
> https://edk2.groups.io/g/devel/message/96808
> 
> This failed CI though (figuring out this not-that-trivial Uncrustify guy now):
> https://dev.azure.com/tianocore/edk2-ci/_build/results?buildId=123642&view=logs&j=ec42d809-3c3b-54a9-276c-e54a8b9aaee9&t=bd91c6c3-6d75-5ede-7b63-5767cf827334


I finally got CI happy, here is the pull request:
github.com/tianocore/edk2/pull/5594

How do I proceed from here? Repost patches here or that pull request 
will do? I did not change anything besides spaces and CCs. Thanks,



> This is based on sha1
> 6780b3aba086 Abner Chang "Maintainers: AMD as SPI driver stack maintainer".
> 
> Please comment. Thanks.
> 
> 
> 
> Alexey Kardashevskiy (5):
>    MdePkg/Register/Amd: Define all bits from MSR_SEV_STATUS_REGISTER
>    MdePkg: Add AMD SEV features to PcdConfidentialComputingGuestAttr
>    OvmfPkg: Add AMD SEV-ES DebugSwap feature support
>    UefiCpuPkg: Add AMD SEV-ES features support
>    OvmfPkf: Enable AMD SEV-ES DebugSwap for DXE
> 
>   MdePkg/Include/ConfidentialComputingGuestAttr.h                    | 16 +++++-
>   MdePkg/Include/Register/Amd/Fam17Msr.h                             | 57 +++++++++++++++++++-
>   OvmfPkg/Include/Library/MemEncryptSevLib.h                         | 12 +++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 25 +++++++--
>   OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 19 +++++++
>   OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 20 +++++++
>   OvmfPkg/Library/CcExitLib/CcExitVcHandler.c                        |  8 +++
>   OvmfPkg/PlatformPei/AmdSev.c                                       | 13 +++--
>   UefiCpuPkg/Library/MpInitLib/MpLib.c                               | 10 ++--
>   9 files changed, 168 insertions(+), 12 deletions(-)
> 

-- 
Alexey



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118432): https://edk2.groups.io/g/devel/message/118432
Mute This Topic: https://groups.io/mt/105668050/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH ovmf v2 0/5] Enable AMD SEV-ES DebugSwap

[Gerd Hoffmann]

  Hi,

> How do I proceed from here? Repost patches here or that pull request will
> do? I did not change anything besides spaces and CCs. Thanks,

Patch review happens on the mailing list, so please post v3 series.

thanks,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118501): https://edk2.groups.io/g/devel/message/118501
Mute This Topic: https://groups.io/mt/105668050/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-