From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web08.44290.1635772975415423575 for ; Mon, 01 Nov 2021 06:23:11 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: min.m.xu@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10154"; a="254617589" X-IronPort-AV: E=Sophos;i="5.87,199,1631602800"; d="scan'208";a="254617589" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2021 06:17:14 -0700 X-IronPort-AV: E=Sophos;i="5.87,199,1631602800"; d="scan'208";a="500035549" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.29.216]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Nov 2021 06:17:10 -0700 From: "Min Xu" To: devel@edk2.groups.io Cc: "Brijesh Singh via groups.io" , Michael Roth , Ray Ni , Rahul Kumar , Eric Dong , James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Gerd Hoffmann , Brijesh Singh Subject: [PATCH V3 12/29] UefiCpuPkg: Define ConfidentialComputingGuestAttr Date: Mon, 1 Nov 2021 21:16:01 +0800 Message-Id: <86b78e9bc63b228fcb160c884dc9a14af13a2da4.1635769996.git.min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: "Brijesh Singh via groups.io" BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 While initializing APs, the MpInitLib may need to know whether the guest is running with active AMD SEV or Intel TDX memory encryption. Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute. Cc: Michael Roth Cc: Ray Ni Cc: Rahul Kumar Cc: Eric Dong Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Suggested-by: Jiewen Yao Acked-by: Gerd Hoffmann Signed-off-by: Brijesh Singh --- .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ MdePkg/MdePkg.dec | 4 +++ 2 files changed, 29 insertions(+) create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h new file mode 100644 index 000000000000..495b0df0ac33 --- /dev/null +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h @@ -0,0 +1,25 @@ +/** @file +Definitions for Confidential Computing Attribute + +Copyright (c) 2021 AMD Inc. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ + +typedef enum { + /* The guest is running with memory encryption disabled. */ + CCAttrNotEncrypted = 0, + + /* The guest is running with AMD SEV memory encryption enabled. */ + CCAttrAmdSev = 0x100, + CCAttrAmdSevEs = 0x101, + CCAttrAmdSevSnp = 0x102, + + /* The guest is running with Intel TDX memory encryption enabled. */ + CCAttrIntelTdx = 0x200, +} CONFIDENTIAL_COMPUTING_GUEST_ATTR; + +#endif diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 321a14fbaa0a..679a13d2ab1d 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -2399,5 +2399,9 @@ # @Prompt FSB Clock. gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c + ## This dynamic PCD indicates the memory encryption attribute of the guest. + # @Prompt Memory encryption attribute + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x0000002e + [UserExtensions.TianoCore."ExtraFiles"] MdePkgExtra.uni -- 2.29.2.windows.2