From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.84]) by mx.groups.io with SMTP id smtpd.web08.699.1641596062153983215 for ; Fri, 07 Jan 2022 14:54:22 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=BMn7eNOw; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.93.84, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n6gaA5HomdBtQETx/jiHgr8DdrKlgH0F1nSvQc7EeKoeOlQ5pud778sCw5HGrJLYNO3DCvLbHmkTLAK/t6+vT8cbvaEaGlnDqDxvuMpgbXuIirOK89DLdrfxdP9FQxu1UQm+FRVnzSG1etHCGem33xr75IvkIRL+lknwOqUU3YZ/ozP3Cy8Dp6sWkexflHh4OteZLcpGJJNujzrF+kyaZ5W1p6fBigGW/gKFhJ7lAqfw7fs846Xw90u3H3oSQq9b/dJsXciuCvXgL1vZ6r9rO4OwVEOcMBeUDTAYVdc4S1fF6WePmcCtJZf9aQbDCvd4nEbpzJEuengYn9n08p/q9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xUCBWTrgW0s6vo+nKOxOhLDNXpbiLHnjxIPjnOlX8wQ=; b=MsOCGrjLQKRJnjgOWjtkMbQ6TJE6k/TqV5g2i8aJHYtAjoh7bIAIZcZerL07tA3nd0jtMctdvjDBiRBd76+ePLInCSKnM5aKXiWMr5zXfXJe/HqHxOQtwP7XiuWUA7UUQNb5F0RMu/Bb4toJi4FVHYkxRr4w6t8Dxgj4llfbSuAQNtXzuiBkpvLJmXsYjZPb26M3+DcZjVwW4YtZxXvqZ4GZPo7f2fNZvem8NYYX6IBgwtYsOv+YFYr0wutqcjF7Fusjw1FPL02sUBWV0qqA4pyG82nITTUqopcl+5AOgv+LpVOHGAeKXmow190WlpoGwaTFL/TfOB5QUve5wcmAMA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xUCBWTrgW0s6vo+nKOxOhLDNXpbiLHnjxIPjnOlX8wQ=; b=BMn7eNOwUxe+pCzXUfhYe2VPYWvEgaTxDRPfUsprlPI0a+QFNuUgakG7Ehlk85qHj/utTxSu3+bW0776SY186hiFB9mcUU0e1/pE/u5RLVzbqya2FbtSKaK2NHlcr4+wHFAE9v4l/kpYRrduiWO+V2U2NyqNn45Hl49CB652tAU= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by DM8PR12MB5493.namprd12.prod.outlook.com (2603:10b6:8:3d::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4867.7; Fri, 7 Jan 2022 22:54:18 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ccd7:e520:c726:d0b]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ccd7:e520:c726:d0b%5]) with mapi id 15.20.4867.011; Fri, 7 Jan 2022 22:54:18 +0000 Subject: Re: [PATCH] OvmfPkg/ResetVector: Removing SEV-ES CPUID bit check To: Peter Gonda , devel@edk2.groups.io Cc: James Bottomley , Min Xu , Jiewen Yao , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas , Marc Orr , Brijesh Singh , Jim Mattson References: From: "Lendacky, Thomas" Message-ID: <8ff105d6-0bbe-35cd-22fb-151b6fb076c8@amd.com> Date: Fri, 7 Jan 2022 16:54:16 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 In-Reply-To: X-ClientProxiedBy: SN4PR0701CA0018.namprd07.prod.outlook.com (2603:10b6:803:28::28) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 293f1be9-3846-47a8-f967-08d9d230a2e4 X-MS-TrafficTypeDiagnostic: DM8PR12MB5493:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:565; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: P6tF84EWCZd4UPU6COqo3jyRbQkWSG+0qnssWXFny/lXCJbtIohtPsz0Qjmm1ToP4QQPTGAg2lQ8Hm8Lw2plXnjw8zxfX9sjfcXPxUA/mVk1vvGsR6+H6ArP3Sn/sfazupNOL5LnkCqjqVBlDfwGMqzwe3hZjJEAsTm2c/551krYVb6ldevCFkHiUMag20dXsf3ul/HwcbfJHt1ebk6FE1cRu/4eySxNk86QjtQQHXMmBwru6yhjGD8axyJ9xU0sgJrhOWhZrznZkIEXScQl9pysQ3zE4kyP16lojaJfD5xEuauXqn7jjpOclJnu2+CWXXVGR7fONLJZCAhPT6i3xjfevFLL5hb/9pExMuSBKBjG7MAC6pzhJmheFmCeqCln1RCd6grNLe16wGuEVvT+R3vtOBZsruC8NjQeX3SJ4aS8TxwxF5n+5TodkCHC2jKNhdouZnlCtgDrez98c3ZvlbXt4w8utsGtP9QpdCYXw9jt0J5ZCOmqMxRczawNZFkGbDURr92vlmN7f+SUvu3P1jaWraoTqD+suLdS+0oBqCsk0eRC07LH1qeERG7IL3+BiculjRP7D4Of3fvuLpZ+rlejeMIdCy+oLZ2hQrP1eg/SgvJzPlE8bDD9oMPhLmgYB5co0rBav3LU7pxwSmVbBQSRp6m2Dy2Zner7CyKeADewrDIzHwkezakp3YDYywwIR6SwdlRDuDvWXno8M+BbAeKrZD8fd43wVa1m1fH4LkmhcFAIntGmE1FkagimiU2h X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(31686004)(6486002)(31696002)(6512007)(316002)(2616005)(83380400001)(86362001)(5660300002)(4326008)(508600001)(186003)(2906002)(54906003)(66946007)(38100700002)(8936002)(26005)(66556008)(66476007)(19627235002)(8676002)(7416002)(6506007)(53546011)(36756003)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?a1hndnhTYzFlNXEwRmgyeE1ldnlaREFwdEpnWmIyL3FJYWlJa0lKMk80TWZC?= =?utf-8?B?N0tpejVwdVdRWFh1Q0xnR0J3Q0xGWjFGbHdVRDBiaE9kY2loTWpQbkRHdHly?= =?utf-8?B?T2dhYW41VzJ1R0M3aWVWZmRpb1J5L1o3Ui9lQXhORXlOMlA2NnpKMTNnaFA5?= =?utf-8?B?bHB1bkpHSmtaeFVhRkQvZ2l2Q1NHdHRzVGtUQWJoYm81dVBrU2wzMWszQ0xi?= =?utf-8?B?REdVMUtWeEJPdThqUm4wbXRVRy90Uyt6U0dBb0tVNVRnNTlKa1RhdUpPblpp?= =?utf-8?B?Sjc1aURKSGFyb3dPUmdBaEowUU45Z1lPelZleUg3eEdYa2VSMitRN1AvSWZw?= =?utf-8?B?QnZjekZ3bUFJblg1YVNsTXQ5V01mWm5sVUlweHZJMlRuM3NCdXcrbCtrT2Zi?= =?utf-8?B?a2wxbXg2NndIdElsN2tTR1RQd29qS3RzYnlNeFNJMWxlMEVBWkYzSDdvVVpp?= =?utf-8?B?MjdwMTNaWmxIckdPZ0dsS0NTcFp6ZXNyQ21yRi9aeUlFQmJiTmRqYlFuNzBM?= =?utf-8?B?eFdzaGQ5aEJRYkxxaGJUa2ZwaVIySVJYSWdCcGNPZXlucGphSUxzRm43L3Jq?= =?utf-8?B?ZkNqWWxycVc4aUpXK3dJVlVIUm1GeDJITElueGtZMUxHTFhFbW5ieEhhamsv?= =?utf-8?B?T0IxeDdPRFhlY0h0NFluQ2thc0kwWDhjYjZudDVmek9BWDBxOWxKK25teE42?= =?utf-8?B?YS8zM3pPSXl0S0FyMFc1OUNBbmhJRndUMFF5Y2R5MXZWYzJYSmpjbEJTdHB3?= =?utf-8?B?b3ZQSG16THVuSTQvRWgwUEtwUzh6YW9uQjVueVZLM3FEY3c3Sm1GZjh4NURX?= =?utf-8?B?UXo4TjZjV2RLR1U1eW9RMFRVRDAveldpSVExK2ZkTTVpeWU3NHg1TENMejBs?= =?utf-8?B?RHo5bmNVaTJzMWN2Z2h3TlB1WnFmYWlTakNDWWxpUVcwcU1LOUNBK255aWlI?= =?utf-8?B?TDY0Y092YVBkZGxuS1A4TmxxYmNQQVUybjBPb0JLZU5RS1dLM1kxdzJjUE0y?= =?utf-8?B?RGRRSEJyajZ1Mm1iNVpJdHVSbVMxK0FwdUc3YXVvditsRUNBUW02RURzUUFp?= =?utf-8?B?TzFucEJ6bVpMMjdNYm8wVWt0UWdhQVdiaWdia0h1Q1VJUXJhQVdzTzVzMW5I?= =?utf-8?B?YmxnL1k3OGtiaTNpQ01mU29MYThoaU94eWtDRVF4NUFUcmdMNkh5NW03c2lS?= =?utf-8?B?Smw2cGRIVG41WkIzTmJMaUpKTk94MTVVK2pLZStyUUNDbVk2dTh5RXJTOFll?= =?utf-8?B?K0tCaDJxcjQ5Mm1wbXgzc0VMb1lIMHpFcUF6eWIrSlVZaG9TcDZmQWcxazRx?= =?utf-8?B?cEplQlNWeDNwVmhydXU4VHlpSnMwaHF0dFBnRG1xYm0vVy91eTIvL2pUUWlU?= =?utf-8?B?aVMwTlIwM0tCWFdhV3pQUFJjK3ByL2gvMVRHT3NWSDZ6RmtueDhla3FmRzN0?= =?utf-8?B?QUdHR09vcU9RMTNvdmN3MERQYnY2MWx2NG5Wa1dWZ0t5QWphVk1XTFovVGla?= =?utf-8?B?Rjk0Q21tYSs5clVxQjI4OW9JQ1M2amo1L0ZRdVlmRWcrRms2MkhqbXJHbmNB?= =?utf-8?B?SXR0K0w1Mk1RRTZqRmxpR1AvOWVNZ3p4VjFrUFIyOHRUejYrVVpHYmRWcWxv?= =?utf-8?B?SzV4anZld3dralduQVhrWGdFWTdubEFqL1kwU2RrcElQSXdKZmtOdDF5ZWxJ?= =?utf-8?B?YkJiNjdybUExQjFiTFRvdFBuaThaZ2oxWVJaYkdZM01OMmd3SXNFc1JNZ2d5?= =?utf-8?B?djRxREVWTGE2ZkVVenVIVEJjRkR0dzJ5TmtMeFkvNzM0UVhhMlV1RzdvKzJi?= =?utf-8?B?Mi9DVnJkVzN1YTVwTlYzcTNaQWdxNWw4Y2ZyT3FuMER6TU01UUlReStubEJs?= =?utf-8?B?MmlMZE1WM1UvTjVqWGZ5WkhOWENZcEc3TldQVUFVRXpaVUlVM1R4bmFEeWkr?= =?utf-8?B?UXY0aVk1SEhtaTAzQ2FYRVA5NUlQN2xCOGZxeTU2RGdEZklyU0hlR3ZGREx6?= =?utf-8?B?TXNxYzFCME1KL1pxYUhsZUVSVTZ0bVEwelpxdzZIN2tuRUdYVm52MEd0SHpq?= =?utf-8?B?dXhJUDdBdjg1MG04bWVXTEFXT3lqWEJjbkVUM2wrRSt4ZW92bkxJY0d6V0lB?= =?utf-8?B?d3REcnIyaGp3Q2NrRVVUNFhsclVaRmxPd29RVHVVeU1HM2FSUVZOVllFcWJM?= =?utf-8?Q?q8MRO6kthwVfU/RyBCd8twg=3D?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 293f1be9-3846-47a8-f967-08d9d230a2e4 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2022 22:54:18.4845 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bRXtUQcn5AEbtNqVvhzsnQPzWpMvRRo9FRUgUxdzAOyQTfgsRrIzD/pfd56iX/9YCd5UHEZfje78yrPuB0NQ/Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR12MB5493 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 1/7/22 11:04 AM, Peter Gonda wrote: > The SEV-ES bit of Fn800-001F[EAX] - Bit 3 is used for a host to > determine support for running SEV-ES guests. It should not be checked by > a guest to determine if it is running under SEV-ES. The guest should use > the SEV_STATUS MSR Bit 1 to determine if SEV-ES is enabled. Worth mentioning in the commit message that this check wasn't part of the original SEV-ES support (Fixes: a91b700e385e7484ab7286b3ba7ea2efbd59480e tag?), so this is really a compatibility thing, and that this makes the check consistent with the Linux kernel. Thanks, Tom > > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Erdem Aktas > Cc: Marc Orr > Cc: Brijesh Singh > Cc: Jim Mattson > Signed-off-by: Peter Gonda > --- > OvmfPkg/ResetVector/Ia32/AmdSev.asm | 8 -------- > 1 file changed, 8 deletions(-) > > diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm b/OvmfPkg/ResetVector/Ia32/AmdSev.asm > index 1f827da3b9..77692db27e 100644 > --- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm > +++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm > @@ -265,14 +265,6 @@ CheckSevFeatures: > ; Set the work area header to indicate that the SEV is enabled > mov byte[WORK_AREA_GUEST_TYPE], 1 > > - ; Check for SEV-ES memory encryption feature: > - ; CPUID Fn8000_001F[EAX] - Bit 3 > - ; CPUID raises a #VC exception if running as an SEV-ES guest > - mov eax, 0x8000001f > - cpuid > - bt eax, 3 > - jnc GetSevEncBit > - > ; Check if SEV-ES is enabled > ; MSR_0xC0010131 - Bit 1 (SEV-ES enabled) > mov ecx, SEV_STATUS_MSR >