From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 9AC99740032 for ; Wed, 5 Jun 2024 18:47:30 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=bUtoL2QI4C0FFb4WHXgLozNKfVip6LbCvvDgpTGhCBw=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:User-Agent:Subject:To:Cc:References:From:In-Reply-To:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1717613250; v=1; b=DkGv2iOrT1bcr/SmWEg44pF/6aq+HvQ7wfLR0ems2QaqpLkXxFxU0rw+cCG18/9JeZsonuxz OtQElclSGXkAyb3+VUucm7CMVD6GEcb1zyOsPSdeeBdUeDv1WpmLerm05Tl4jqyygjeHz5krolC ryyjvu9L3qg4uDySrLlyMT7fgrDjVsyHAdz0ZNVFNhHZUqC/ebwmbogNUZLqilYITfxhdbktHRq /ZB/V46VpuPJF+MMjjjC2WsB4XThAjYwnpfPQDz/DXI7RlrwmOzAAHa49K4fW4G/C4/vEeIG1fe tFXUhJIwVUDq8dfVoxXLvo2Yt2354c/SvHYbsy4hhTsGw== X-Received: by 127.0.0.2 with SMTP id xiUUYY7687511xpRE4v63QCq; Wed, 05 Jun 2024 11:47:29 -0700 X-Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.43]) by mx.groups.io with SMTP id smtpd.web11.2086.1717613248217381433 for ; Wed, 05 Jun 2024 11:47:28 -0700 X-Received: from BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) by SA3PR12MB7924.namprd12.prod.outlook.com (2603:10b6:806:313::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.24; Wed, 5 Jun 2024 18:47:25 +0000 X-Received: from BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::bf0:d462:345b:dc52]) by BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::bf0:d462:345b:dc52%7]) with mapi id 15.20.7633.021; Wed, 5 Jun 2024 18:47:25 +0000 Message-ID: <4f0b219d-4190-99b7-28bb-0c646913bad8@amd.com> Date: Wed, 5 Jun 2024 13:47:23 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [edk2-devel] [PATCH ovmf v4 3/5] OvmfPkg: Add AMD SEV-ES DebugVirtualization feature support To: Alexey Kardashevskiy , devel@edk2.groups.io Cc: Liming Gao , Michael D Kinney , Zhiguang Liu , Ard Biesheuvel , Erdem Aktas , Gerd Hoffmann , Jiewen Yao , Michael Roth , Min Xu References: <20240605020946.1224515-1-aik@amd.com> <20240605020946.1224515-4-aik@amd.com> From: "Lendacky, Thomas via groups.io" In-Reply-To: <20240605020946.1224515-4-aik@amd.com> X-ClientProxiedBy: SN7PR04CA0073.namprd04.prod.outlook.com (2603:10b6:806:121::18) To BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR12MB5732:EE_|SA3PR12MB7924:EE_ X-MS-Office365-Filtering-Correlation-Id: c718b68d-4582-4cfc-245f-08dc858ff143 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: =?utf-8?B?blVzRTdmR21nWHZOTzROZTdXd2tWSjJTcVdTczhLNTdCNlVUYmM3K25qWGRu?= =?utf-8?B?a2h2cERiT090OFZUS21QbWFaSDZxNnM1MnF2d2lxd2JBbXdDYm0xbDRUUWFB?= =?utf-8?B?SS9jU0xSU3pOK1Y5cTI5eDVWVE82am9QbzZpai9yMWllZHBac0hzcHd3VE9V?= =?utf-8?B?a2JWVWF1WmhkTHc4VWVmM2tLd3NuQXRscHZ1Umw0S21GbW5jUUNGN2hTV0tr?= =?utf-8?B?d3ZFOFJqWmJjOGNqZW1VNTNXVnBFbmNBMEhra09MV093NDlSWXcrSmxhNVoy?= =?utf-8?B?QzZ4QW1WeUVmRk9JbXRxUHFUa2tVZjRMR0F4TnJoMU5LNmxFMDc0TGJzbGpw?= =?utf-8?B?SkJudkNtbkp4UXF3a2w2TlF4VDJ4bC81R1plZTZCc2hlRDdLK1lLc0s1ZFVn?= =?utf-8?B?d2Fid1F6M3BIdEJZdnV4bTJSMzFEcWtNZHd3dHRud2NOamwrZXdZNThkd2lm?= =?utf-8?B?Vm9aYmRPZWNXc3lNVTZMSzlBeGUrS01Wam1sSUE0VVNaRndKOTVndWY4elov?= =?utf-8?B?N2pYbHJpSHBmTUN1VkZCTVZGT291UUZDbmNlb2JMNnFwVGkxT2tsamVwZmox?= =?utf-8?B?Q2t5MzlVR0RqUEhaMjd5TEJpK3dKaVFoWkgzWkdoUGVnaWpQWG9tT2RseWxE?= =?utf-8?B?Q01XWTg4VDBHVmszSlJaVFZ5M2FEVjhJLzBzM0xxSUNtbHJSODRZeHJ4Vk9O?= =?utf-8?B?VWRhZE40d3hBQVZDUFNuMTFjQ2owUHpWYjdtZ1IxUGc2cDNZcnZkbVRLWnhk?= =?utf-8?B?c0l5M1dHM2NoVTZVeU40R1ZJZjRyNXJKKzJmajNpN2JTTFlFVTdHT2lzVmpm?= =?utf-8?B?TTZrVDN5VEw1MTM0cDR6OXQ2dWVUK0dzZFIxMUV3SVVnU1ptVzcraDJxUCtX?= =?utf-8?B?UGU5YnkyYkQvam9RMGtSaEZCYjhuRGR3N2VKUGpuWlZLWGUzUVQyNlRrN1E4?= =?utf-8?B?cEFVd2lodTJnK0E4VEUyYU1TLzRzbWQxYnhsZUNmRUF2cXpPZmYrM3R0YlFC?= =?utf-8?B?dGlucXo5RkZmRFVkK2Y2RzVqRjB5SWp2RnozNXpiYUdjVjNjMEtxM3NqYzd5?= =?utf-8?B?QklDbWwyZmFycXlCVlRUaXZGbUhUdUFXOVFjK2RqMlJHTkVJUlU4ek5SdTlq?= =?utf-8?B?Q2R2TXBOWTZKdjBseldnWVF6UWtrVDRYWmJyVzZRM2ZZazlNajhkSE4vMEg2?= =?utf-8?B?WWxJMUc1ZitFM1lzeDZpZXhSYklJTzNOZlM3QkI4WlRRakErK2QyUlZneDRF?= =?utf-8?B?ZkNRWXFwVTdCVmFjOWFybDRERlY5L050THZkQ3lidStyNE5jam9zejgxYTFM?= =?utf-8?B?bDBsSGRVNnBsZXdReG5pVHNZL3Z2TkJIQVRNdE5ZNUF5WGhuYTFqMno2Mzk3?= =?utf-8?B?Ym12enVaeGdYTWtEcXlPK2pyMHRzVXlRVkUxQUFUaUt4d0FpclRYSi9yUDJ2?= =?utf-8?B?NlNHUng0UmZzSGZkb0ZYd1VDcEFWWlVPaGIxWjNMdEs3QXQrQWtRc3UxZjJ0?= =?utf-8?B?TFNqZitWTXlRTHcvbVlYOVQ2V2JJSzFoTU5Qb3NKZSsxQ0c5VVdTQTkyUkNB?= =?utf-8?B?QTBTSWx3ZHF6WGZ3TEl1Z29ZZDl6VTY2cE9XdDcyNTJMRUNvd2NoaDJMRUZT?= =?utf-8?B?S0VyaUsyRGUyL2JsOG1jTFFYNnZLZkg3Y0hwYkhER0R0Mk1ISDJzUmVtVFEy?= =?utf-8?B?QUM0OXpVWk5kWDR2OUtTM3lEMzBkWUtNQWZQZGpLK01VbFVBUmI3aU9nPT0=?= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bFdrV1IzejNXQ0IvTkU2QmZKRmpZNyszQUxLeDBybVYySW05OXdKNXZZMkVw?= =?utf-8?B?Zmo0NmY0aDR1d2xCaGlmVWFpRmVFVDI1alJ0L2tpTHp3Tmt1RkFtOU5BU1pu?= =?utf-8?B?YThOMG9WelF3TVVuVFRnQWZnVE5sak5heWpzRlljOU1MTDkxZ1piSFRNWlNM?= =?utf-8?B?cHJNcXFORE5lM0Z5QVZETVZlTlZzZ0ZSdXNSa2RJUjhITEZKY0JyR256dFlz?= =?utf-8?B?c0NTUW4vR254TjR2QUVWVW1Ra2dZMDdSVmZRUFIxbXN2WnNtbC9BTVU1NDFo?= =?utf-8?B?eUg1OGJBVGVvcERIUzJhUGFicEd4aWErYncxYW5GK1pHNEpjalhoSjJGaW1a?= =?utf-8?B?TzlaU2pYQkVYK29VWk9kODVxblE0VzFvQ3BjOHpVYk9CdG5HN2Z6MjM4QkFO?= =?utf-8?B?QVlFSW80NWxGUkRhTmR4dS94cW1BbHpzb1crVURybENmWDY5WnJnZnU2QjVm?= =?utf-8?B?L2F2T09ROXA0aFZWSXZBRkJySXZWTnJnbTBURjlKdm5mUUpPb3JKL2pETnYw?= =?utf-8?B?SWZEZEdZdTZsNDBNYTh1UVpMMTVKZVhyNW8zQlNHQlVVUUIrbmdsU2ViNlli?= =?utf-8?B?WHB1Z0xBdE9nd0ZYTVo4dlJnRDg1QUczWEZNWDVMd0xoUjZtZk1IUE1CSTJQ?= =?utf-8?B?S1FvV2ovMDVGbWk5cWFTcHdNd3RoTjZ6Qk82Ny8vRjZJZXI1UzlTblVWanZ4?= =?utf-8?B?dFVkQi85Y0R2N2hyZkpXMXhQclI5UG1kcXBURU5SbEd5ZEo4QTkzYXkyTDh4?= =?utf-8?B?MEV4aEh1eFdVTDd6Uk80cE1XMmxaWjQ3aFVLaE9mNS9URzFTZDhDNHJlSTFy?= =?utf-8?B?Qkl2SWtKWm1EbXBxdXUrdjdqdzdmUzV1WkpBOXhBeWNFR3hKTVRub1hVVWoy?= =?utf-8?B?N0tpYng3eUgwZno3TnNBL2dBNHpuSzE5RHA3cGxJTGJXdXE0VGRtL0s2N3kr?= =?utf-8?B?VWNpOFJrelJFa2NmZEkwU1loVHVOVjV5all0a3VZUXZuN20yV2poclNkQkxh?= =?utf-8?B?dWV4QkVGNG93WTJwcExHenU0WmVOMGV6WjhZRGROdkJsV2pLT0M1Vk5YRkZp?= =?utf-8?B?S0NXMi9lNjRzK25uZVpMc09QcS9vbVhhaEcxZGdZWHhub2hnRGV0ZXhuTHNU?= =?utf-8?B?TUZwQkxzUzk4UWZaYnUxT0pmYS9GYVFsSDRQNVdIR0gzdW54NnpMQm8wT0wr?= =?utf-8?B?UlVTYmJsY2JDeHlPSWxGOHFteEpWaHV2RXB4bEJnOTZzU3VKcHVEUDRHQ1hs?= =?utf-8?B?WG9GMklsZ0xDTUhEY2lTcVdsOE5kWlRiR2RySEJhTVNpbE1qbk1TK3dTZVkv?= =?utf-8?B?UUIyUHhLbWRkbVcyRzdIR2FESHRkL0dnanhEUDVQbmQyamxxWFdDNHlzYUd5?= =?utf-8?B?dERzK2NOMUlUNWxacCtWYjVFaXB6eWFJWG9jcFAvUDJRalZOWVJxU296RWRk?= =?utf-8?B?V1oyS25tYjdhT2lNSk0yZG5maWxXdFkvUEFsWHpYdkNTd2taVzlucEJUY1pE?= =?utf-8?B?NDc2Q1c2T0JNVzNDK1g4TVRGN0NTYldyWFVRMnBuMm9ZS3Zvd28vNEp2TWQ5?= =?utf-8?B?YVJyYU1oaVliSlgyZGFzdXB4TmNBWGlGQmlBSDh4aHRSRWttdit2cVpoQmZv?= =?utf-8?B?KzVWYzlNOVpaQk9xUjhkN3htS2VabnJldVNHZjdtZXZoVjQ3eWh4emI3ckw4?= =?utf-8?B?Z00zb0l0N1RyRS9Qb1l0RTRYT2JXS2NXQXdsaXZUYjJDeHZCVGRQdGIxY3lZ?= =?utf-8?B?aG0wRy8yL2xMUXR3TytpY2xkcFEzK012Q0NJRXRRSTJvczRQdTdPWVVRUkhv?= =?utf-8?B?NzNnQkZiZ2VnOXZHUk5kYVlXcHIrYVpVbk9PUThubXpqRE5oOXJMazU3V0FU?= =?utf-8?B?a1VEcmJzOW5JTUVCZUl3ZExETWZ1MFdTZENrdi9FMHRuVzl0ZHhmZkZyZkdM?= =?utf-8?B?NlFidFpFVVcxT1NKVGdlYUhlYVV6alF6a1BxQ1VRRGRTU0puOFZPRFhTK0d0?= =?utf-8?B?TGRjUEpWNWQzT3BUcHFLamhDdVQ0K0dndnRJRDJzQzlDYkdtdUdFc1F2eXpI?= =?utf-8?B?QWJrRExBeHlOcmM5S21vUDRrZ25CMzVoNk1Zb0dVMTYyaHpMdHFxeGk1UmFY?= =?utf-8?Q?dAa5ynvaFS5XrLPMJrrWaJYBx?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c718b68d-4582-4cfc-245f-08dc858ff143 X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5732.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jun 2024 18:47:25.6096 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: K3gco0z6vaeekxhvGeHxFKn1/g1LtXUMbsKfkYskYxbPa5fw+/jdrgvgkbkAOrJuqZM6PcTI4IqfcUiMniBdow== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB7924 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 05 Jun 2024 11:47:28 -0700 Resent-From: thomas.lendacky@amd.com Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: HsQulNqi4GJhNfs9WST0gAvix7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=DkGv2iOr; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io On 6/4/24 21:09, Alexey Kardashevskiy wrote: > The SEV-ES DebugVirtualization feature enables type B swapping of > debug registers on #VMEXIT and makes #DB and DR7 intercepts > unnecessary and unwanted. >=20 > When DebugVirtualization is enabled, this stops booting if > #VC for #DB or DB7 read/write occurs as this signals unwanted > interaction from the HV. >=20 > Add new API to PEI, SEC, DXE. >=20 > This does not change the existing behaviour yet. >=20 > Cc: Ard Biesheuvel > Cc: Erdem Aktas > Cc: Gerd Hoffmann > Cc: Jiewen Yao > Cc: Michael Roth > Cc: Min Xu > Cc: Tom Lendacky > Signed-off-by: Alexey Kardashevskiy Reviewed-by: Tom Lendacky > --- > Changes: > v4: > * s/DebugSwap/DebugVirtualization/ > --- > OvmfPkg/Include/Library/MemEncryptSevLib.h | 12= +++++++++ > OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c | 27= +++++++++++++++++--- > OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c | 15= +++++++++++ > OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c | 15= +++++++++++ > OvmfPkg/Library/CcExitLib/CcExitVcHandler.c | 8= ++++++ > 5 files changed, 74 insertions(+), 3 deletions(-) >=20 > diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include= /Library/MemEncryptSevLib.h > index 4fa9c0d70083..c5653539d8d8 100644 > --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h > +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h > @@ -166,6 +166,18 @@ MemEncryptSevGetEncryptionMask ( > VOID > ); > =20 > +/** > + Returns a boolean to indicate whether DebugVirtualization is enabled. > + > + @retval TRUE DebugVirtualization is enabled > + @retval FALSE DebugVirtualization is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevEsDebugVirtualizationIsEnabled ( > + VOID > + ); > + > /** > Returns the encryption state of the specified virtual address range. > =20 > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInte= rnal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c > index 4aba0075b9e2..9947d663deae 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c > @@ -40,19 +40,25 @@ AmdMemEncryptionAttrCheck ( > IN CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr > ) > { > + UINT64 CurrentLevel; > + > + CurrentLevel =3D CurrentAttr & CCAttrTypeMask; > + > switch (Attr) { > case CCAttrAmdSev: > // > // SEV is automatically enabled if SEV-ES or SEV-SNP is active. > // > - return CurrentAttr >=3D CCAttrAmdSev; > + return CurrentLevel >=3D CCAttrAmdSev; > case CCAttrAmdSevEs: > // > // SEV-ES is automatically enabled if SEV-SNP is active. > // > - return CurrentAttr >=3D CCAttrAmdSevEs; > + return CurrentLevel >=3D CCAttrAmdSevEs; > case CCAttrAmdSevSnp: > - return CurrentAttr =3D=3D CCAttrAmdSevSnp; > + return CurrentLevel =3D=3D CCAttrAmdSevSnp; > + case CCAttrFeatureAmdSevEsDebugVirtualization: > + return !!(CurrentAttr & CCAttrFeatureAmdSevEsDebugVirtualization); > default: > return FALSE; > } > @@ -159,3 +165,18 @@ MemEncryptSevGetEncryptionMask ( > =20 > return mSevEncryptionMask; > } > + > +/** > + Returns a boolean to indicate whether DebugVirtualization is enabled. > + > + @retval TRUE DebugVirtualization is enabled > + @retval FALSE DebugVirtualization is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevEsDebugVirtualizationIsEnabled ( > + VOID > + ) > +{ > + return ConfidentialComputingGuestHas (CCAttrFeatureAmdSevEsDebugVirtua= lization); > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInte= rnal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c > index 41d1246a5b31..7d823ad639f4 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c > @@ -141,3 +141,18 @@ MemEncryptSevGetEncryptionMask ( > =20 > return SevEsWorkArea->EncryptionMask; > } > + > +/** > + Returns a boolean to indicate whether DebugVirtualization is enabled. > + > + @retval TRUE DebugVirtualization is enabled > + @retval FALSE DebugVirtualization is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevEsDebugVirtualizationIsEnabled ( > + VOID > + ) > +{ > + return FALSE; > +} > diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInte= rnal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c > index 27148c7e337a..33a326ac1571 100644 > --- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c > +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c > @@ -142,6 +142,21 @@ MemEncryptSevGetEncryptionMask ( > return SevEsWorkArea->EncryptionMask; > } > =20 > +/** > + Returns a boolean to indicate whether DebugVirtualization is enabled. > + > + @retval TRUE DebugVirtualization is enabled > + @retval FALSE DebugVirtualization is not enabled > +**/ > +BOOLEAN > +EFIAPI > +MemEncryptSevEsDebugVirtualizationIsEnabled ( > + VOID > + ) > +{ > + return FALSE; > +} > + > /** > Locate the page range that covers the initial (pre-SMBASE-relocation)= SMRAM > Save State Map. > diff --git a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c b/OvmfPkg/Librar= y/CcExitLib/CcExitVcHandler.c > index da8f1e5db9fa..2031fa9e22e6 100644 > --- a/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c > +++ b/OvmfPkg/Library/CcExitLib/CcExitVcHandler.c > @@ -1609,6 +1609,10 @@ Dr7WriteExit ( > UINT64 *Register; > UINT64 Status; > =20 > + if (MemEncryptSevEsDebugVirtualizationIsEnabled ()) { > + return UnsupportedExit (Ghcb, Regs, InstructionData); > + } > + > Ext =3D &InstructionData->Ext; > SevEsData =3D (SEV_ES_PER_CPU_DATA *)(Ghcb + 1); > =20 > @@ -1659,6 +1663,10 @@ Dr7ReadExit ( > SEV_ES_PER_CPU_DATA *SevEsData; > UINT64 *Register; > =20 > + if (MemEncryptSevEsDebugVirtualizationIsEnabled ()) { > + return UnsupportedExit (Ghcb, Regs, InstructionData); > + } > + > Ext =3D &InstructionData->Ext; > SevEsData =3D (SEV_ES_PER_CPU_DATA *)(Ghcb + 1); > =20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119482): https://edk2.groups.io/g/devel/message/119482 Mute This Topic: https://groups.io/mt/106496085/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-