From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (NAM04-DM6-obe.outbound.protection.outlook.com [40.107.102.86]) by mx.groups.io with SMTP id smtpd.web12.10451.1619716826812522970 for ; Thu, 29 Apr 2021 10:20:26 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=Kzlq5g86; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.102.86, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O1WKpTuXjYaM13JYjgJKfDI33SNFF1BBpN5+mPtk76PjCphAESfUVFfgP56gTPbOLZg74KBLHEXZAor+VRNgkpmsalhB4Cy4nSjbncDhkBCHyQc3TucoyxXEE3ABCoopV1uB94EusW8XK5pL5OCXeX2CDtcRMbe16pEWEGrMEafF1irWvK1HefFKKu+/A44G0PJ4rwFQv4I6NQGfpGnxEN6X2lWX0dCMJ0HBqSM08ae4wV3LAEJTqHmQnJhjTH88voxkmGFb4CknglL2wh1MGjBaOKnUARr8KkkpcE4L0j/hN3hsKYGhtfkMenS+e0g5lo4ziIet8cQM9tLtQtIbbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lgVj4Zs64svReOjnYjMtYYhlFyt792lswqRYbkgoKPw=; b=GBp8rj1nTzWSbc2GQUNF4F4ff2wC8y6BceRo8jWjx2o4LBJZ6I/dNfw66nPf4Li/sHZv7PnjMICQq2YCNxO10MUYkT0seXhLHvFdxJ6RH0ySBNQQZgYtoXjq54sMS7iaysalh0fNYnQz9AQU7peY1X4HUc0nV0TT4wHkg8k2+SuuvCilf0iFBI1OxlYr7j+NoqKA6kosFKoHXDnZ723eZBmhL8Q1iGJTz3vt4QSjxb7e3/E+VlHsRABhUiMiaNvkLBTjh/GG0+42/orFRpepOusyLZ1uSft7iQSWPCeKmoCVB+i+MoAlLf7t7SZpJuv/wdEAjaJe7XgPaIvoxIWmTw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lgVj4Zs64svReOjnYjMtYYhlFyt792lswqRYbkgoKPw=; b=Kzlq5g86Kh3N8kLz2a+NNvPFUCFTvkIyvgcEUv8FopJNiBVj/gN6D0nbG89uh6FkRnoJyuVzi1lkL+UcdtM6isFLwt+dGeYr7omUiEFrLNhe68w/YsIqoFovwpe0wdekwKQYi029VyTEV6NHKap4KDbZDE66kWPhMtku+DZ6eTk= Authentication-Results: linux.ibm.com; dkim=none (message not signed) header.d=none;linux.ibm.com; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM6PR12MB4092.namprd12.prod.outlook.com (2603:10b6:5:214::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4087.26; Thu, 29 Apr 2021 17:20:25 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::b914:4704:ad6f:aba9%12]) with mapi id 15.20.4065.026; Thu, 29 Apr 2021 17:20:25 +0000 Subject: Re: [PATCH v3 3/5] OvmfPkg: Define a new PPI GUID to signal TPM MMIO accessability From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Joerg Roedel , Borislav Petkov , Laszlo Ersek , Ard Biesheuvel , Jordan Justen , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , =?UTF-8?Q?Marc-Andr=c3=a9_Lureau?= , Stefan Berger References: <03e292339273721724c8b14605cfe9d7bbe45a71.1619716333.git.thomas.lendacky@amd.com> Message-ID: <24ba1ef4-91f5-7fd6-9f74-c3d4c268e5ef@amd.com> Date: Thu, 29 Apr 2021 12:20:23 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 In-Reply-To: <03e292339273721724c8b14605cfe9d7bbe45a71.1619716333.git.thomas.lendacky@amd.com> X-Originating-IP: [67.79.209.213] X-ClientProxiedBy: SA0PR13CA0017.namprd13.prod.outlook.com (2603:10b6:806:130::22) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from office-linux.texastahm.com (67.79.209.213) by SA0PR13CA0017.namprd13.prod.outlook.com (2603:10b6:806:130::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.8 via Frontend Transport; Thu, 29 Apr 2021 17:20:24 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 96e92ae3-4cdb-465b-0407-08d90b33139f X-MS-TrafficTypeDiagnostic: DM6PR12MB4092: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: PPlE6H5RPDTZlP7Skinv8qiXl2EJfMY1LvAdpAkrPYH8YascrEHBZ/d9LXCS0/xhxXqR+J/VXr2I3E2Nw5ZEywlt4nrrc2StllfzwhGoaPWu0mXuzJVVbcp1xjtqJc+FIMexaEi/1uLME0+i1CwahcU0gV0YhawdCgKW9RMRrC16VyP/LUU42FJyWgCzpb59xNIJGudtaGDpsVwnnb7AQRFak/FuVBz2yBwM8pmXivGlEvgM6bBz39BUqrrYWz2P9+RLXHl0zN6e2WQiPliWlozM9uDvJlo3ZWITz21D71igsEBzkUo6QYb3iyNbNQipcOM3+3ceyQgIyOfA++FdXps4ajxfHHX1tr/IVpVjoGruscyQQNkdQR+IW1xoaT92tLWqvWgdHXIJA1ynTTpiWdF7YRH6IEv03YwhOcZxUGitEItRiyVy0siG3G87N+3wVyyQc6eNWJXDOkBte+CKmiJ7HVA1P/4T230BNfjXy1WX8emcRCgZwl4YFPOBE81+WSTo8DVyLcltKUYlnyKIb6eneNYeEvljXHxNm0BIRZD9/gT6hYwQa5kyVzKFv7n4d4i9gNkD11TgkRMfSq9ni29KxmLV4T/bmebVxa8WdbR8fuvjMzlRrMKs3cxQ7O7oHf4pCCIbE9Rhf9zpGRpArKcqLN/J/6Xc61hzW85pmESo4QvlPGqHYdArP9q/0pMg X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(39860400002)(346002)(396003)(366004)(136003)(86362001)(6512007)(8676002)(478600001)(5660300002)(8936002)(31696002)(83380400001)(31686004)(6486002)(38100700002)(316002)(36756003)(7416002)(2906002)(4326008)(6916009)(2616005)(16526019)(956004)(66946007)(26005)(66476007)(54906003)(66556008)(6506007)(186003)(53546011)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?HXf0x1MvAdhNPxkP7K+NQVfP9/W1+2AMHk/jMKlQb0ME+yf+faL8icrwpczP?= =?us-ascii?Q?ekvR1GsBUjRw7cFYUJX04w903PlrVWs5FooPSgmdzqPsD/LNpaOs/qwcQtzw?= =?us-ascii?Q?ad0CqUp9NnSDWOxcOyUOA705HVzwnJA8UTlsRaTLo57UVbgQyB1DCjqtgci3?= =?us-ascii?Q?vVk24SEjUK4pbxn5WcOvGrv3AILeFgfcJ8K9YCSPHkl/K3uZ3edr5KgxnPLV?= =?us-ascii?Q?OMnZhgEFWHXwpVTxz1QHjbQiaLONxy22BxUlnObqUvXn/1P+Ul6NadUIHa4F?= =?us-ascii?Q?lD0V4xsss0x6G5sx33ABMCza8Xlo9FJPnJdiCxdLWnSk0GiSDmXC1IbVE9O7?= =?us-ascii?Q?Aj6ca2tArN80pgmEAGwoN6nTOZOa4DPJ/py7LWrGSRA/SkYaprR9FGQZfvc0?= =?us-ascii?Q?crJFfzRfGf12SpSOw1TmraCFS/juajD+7+IfSRpKbGqVh70B/q3eChvO8Hvz?= =?us-ascii?Q?rqJpjyp+HNTfENG9xlFmsPhzDDYBrA1Pb6EQTCwjIQmdKFOHwAXcJzdi19g2?= =?us-ascii?Q?2ek2xnHYRYQtiGcwsmK80gGM5Xh88B8jmetcCJBKxpxXoZyVvpUpBAKrr2Ib?= =?us-ascii?Q?s5dgiGImNFcDwk62IanLxPTgYwcAEJDiVyWoY2LlYN6Lcxuo/0rRLrKKRJce?= =?us-ascii?Q?nf38hERRv+yAjRG+KRCOo7SHZrOyzPn2QJV07nugcVYSBTBHH19bEQZuaQIu?= =?us-ascii?Q?cG8192yXu8tcPtHkec/z648mPLrh/XSOoeTyhn2D9Jb0B1FGXRxqqkzvmuQ5?= =?us-ascii?Q?8SYj+7e4oqQOJmoIJu5nKc6RX/xqJlU+cOsKxb+JNkLNlz9+cGSXPVPo4aPQ?= =?us-ascii?Q?7GfsWps7qckHeh8QWGsjTKfRFSQflpGPYE6jOG9stkCnrHVN78gx4tdKrUMd?= =?us-ascii?Q?lxj2QvFwTalGGXhrTA7m7ux2f+tPazA7WoLcXbd0vldRUsBlTPuPDmyp3Yet?= =?us-ascii?Q?GRaGF+FN+Jv4t2yDYqSR4Oh9EqrcnrptYljri1JVLo5wd6pZkd85AOg8muIJ?= =?us-ascii?Q?TXguNKouOC/dw3jPP5VYVuUZH4JYak3z+J+y1lHMpWWhOcP3ZHq+vuj7oknE?= =?us-ascii?Q?V34LI60TLsxm/u+kfnMYqKhlr1E5YT0SpsojovhXB/LZfD3Y8TNo1r+iNSel?= =?us-ascii?Q?MMFZpO2dwnSUbVWHzUE2hAYr5dQy0BGIlmp77FIL7vzzU5eNFrm2qskmyamf?= =?us-ascii?Q?KLeJKXZAHMqFgaxG+sRwPuWAFJMy67B9BL8o/q81JSO1hfG0BbCkhe57s4c8?= =?us-ascii?Q?6va9u1emDJRmdHanR9Wwvo4BRou8AI8/9hRuMeFNlo0seRky39AqCUGWP5gu?= =?us-ascii?Q?5LGFIOTS41BtrVFOzFu9l9y1?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 96e92ae3-4cdb-465b-0407-08d90b33139f X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2021 17:20:25.1741 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: f0JGE4DMjZDFob3rnjyIarp/oGsRPmaKMJgz0ZHAtDuUbI0aTsqlPQa0S60jUT7M7FRKzC8zYWkKghddVl8RIQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4092 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 4/29/21 12:12 PM, Tom Lendacky wrote: > Define a new PPI GUID that is to be used as a signal of when it is safe > to access the TPM MMIO range. This is needed so that, when SEV is active, > the MMIO range can be mapped unencrypted before it is accessed. >=20 > Cc: Laszlo Ersek > Cc: Ard Biesheuvel > Cc: Jordan Justen > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: James Bottomley > Cc: Jiewen Yao > Cc: Min Xu > Cc: Marc-Andr=C3=A9 Lureau > Cc: Stefan Berger > Signed-off-by: Tom Lendacky Sorry, Laszlo, I forgot to include your Reviewed-by: on this patch. Tom > --- > OvmfPkg/OvmfPkg.dec | 4 ++++ > 1 file changed, 4 insertions(+) >=20 > diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec > index 9629707020ba..6ae733f6e39f 100644 > --- a/OvmfPkg/OvmfPkg.dec > +++ b/OvmfPkg/OvmfPkg.dec > @@ -128,6 +128,10 @@ [Ppis] > # has been discovered and recorded > gOvmfTpmDiscoveredPpiGuid =3D {0xb9a61ad0, 0x2802, 0x41f3,= {0xb5, 0x13, 0x96, 0x51, 0xce, 0x6b, 0xd5, 0x75}} > =20 > + # This PPI signals that accessing the MMIO range of the TPM is possibl= e in > + # the PEI phase, regardless of memory encryption > + gOvmfTpmMmioAccessiblePpiGuid =3D {0x35c84ff2, 0x7bfe, 0x453d,= {0x84, 0x5f, 0x68, 0x3a, 0x49, 0x2c, 0xf7, 0xb7}} > + > [Protocols] > gVirtioDeviceProtocolGuid =3D {0xfa920010, 0x6785, 0x4941,= {0xb6, 0xec, 0x49, 0x8c, 0x57, 0x9f, 0x16, 0x0a}} > gXenBusProtocolGuid =3D {0x3d3ca290, 0xb9a5, 0x11e3,= {0xb7, 0x5d, 0xb8, 0xac, 0x6f, 0x7d, 0x65, 0xe6}} >=20