From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by mx.groups.io with SMTP id smtpd.web08.74885.1638270624647546101
 for <devel@edk2.groups.io>;
 Tue, 30 Nov 2021 03:10:25 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=PmBMLNPv;
 spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: ray.ni@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10183"; a="260149322"
X-IronPort-AV: E=Sophos;i="5.87,275,1631602800"; 
   d="scan'208";a="260149322"
Received: from orsmga004.jf.intel.com ([10.7.209.38])
  by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Nov 2021 03:10:23 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.87,275,1631602800"; 
   d="scan'208";a="609093114"
Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14])
  by orsmga004.jf.intel.com with ESMTP; 30 Nov 2021 03:10:23 -0800
Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by
 ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.20; Tue, 30 Nov 2021 03:10:23 -0800
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by
 orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.20 via Frontend Transport; Tue, 30 Nov 2021 03:10:23 -0800
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.105)
 by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2308.20; Tue, 30 Nov 2021 03:10:23 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Oj+uTV0Ccdbsv0OXWpUkXAcrKDmu04Y7PMbFyYkAz8Sk8S2WDYgckhtFR+PY2aEbvA994prAjLv0jamMm9jz1wr23UPVx0Vib6QyyFh04rh+uwpCxYoTRVcx0V4Uz2UAO9k/VSu5OTIR+a91wadUjhb8+RhHNKV398kyt7NrKaq29pOwxQ8vig+kEgvqIj4PUHWr7Ybgx9RUAwjFim9fEzII5hoJVe7FYwxus/bK6sK9IHN0YaaS0PYd4a2Vv+Wi1yUcXSI0jqqNJNTS6VLFKhczFU4F5s80f3BKqJjzXsLhle2OjKPtbFH7kzebaaDUl3g8ad7OBx+B4ZV00pKzZw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=iHaSaiipvnyTnGbzl3EbqDSK9Knw7abcTOcXV9+7roA=;
 b=MeQtO8RUzkToB0TEMVI5OvyjNAb5Q8UvguXgMXrc5Si3xG0JhOO6P/txXXKdX9XPiZF5DJcDUuVLCNvphgzurR728/ELAmcdq+qcUUEDWZhBx39yoPJfW4vzqG1YsAkYdoeTU94lz4dkfIoOOPBC0ByfQluVlOyimLGiHFaSQnOjbJ5FLKtGaD7LcEY2tOsMXzAMoOiP8KKGUpE3S0tfNo1ZRwBOg+hz+CyDaEr32F3rH2j5DPixEBl+bXwiynZH5YODpIK/XHexMu46Fo2r67x6KQqLBk94h3XOLqj/yreexXdzb8U/goD21193uZPK858GbHujGJ1jcheN2sHRgg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=iHaSaiipvnyTnGbzl3EbqDSK9Knw7abcTOcXV9+7roA=;
 b=PmBMLNPvunU3kQ1bl6J6hx3jAzLCD2wdJPNq2FuoDGqb5f5BicBQqUw+n+WXp0/qFUuMqV9oBEw+watlOYwFKy0Imet+s8KX202SOHa694Ta4SlhMl3hVyG4HbNnhFgmpiLqLm53Cc8NeWulIVjkVeyQyz1yjBU4LLxYNTtf1DM=
Received: from BN0PR11MB5696.namprd11.prod.outlook.com (2603:10b6:408:14b::11)
 by BN6PR11MB0001.namprd11.prod.outlook.com (2603:10b6:405:69::23) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4734.22; Tue, 30 Nov
 2021 11:10:21 +0000
Received: from BN0PR11MB5696.namprd11.prod.outlook.com
 ([fe80::49dc:7490:201e:9fc9]) by BN0PR11MB5696.namprd11.prod.outlook.com
 ([fe80::49dc:7490:201e:9fc9%7]) with mapi id 15.20.4690.029; Tue, 30 Nov 2021
 11:10:21 +0000
From: "Ni, Ray" <ray.ni@intel.com>
To: Brijesh Singh <brijesh.singh@amd.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: James Bottomley <jejb@linux.ibm.com>, "Xu, Min M" <min.m.xu@intel.com>,
	"Yao, Jiewen" <jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>,
	"Justen, Jordan L" <jordan.l.justen@intel.com>, Ard Biesheuvel
	<ardb+tianocore@kernel.org>, Erdem Aktas <erdemaktas@google.com>, "Michael
 Roth" <Michael.Roth@amd.com>, Gerd Hoffmann <kraxel@redhat.com>, "Kinney,
 Michael D" <michael.d.kinney@intel.com>, Liming Gao
	<gaoliming@byosoft.com.cn>, "Liu, Zhiguang" <zhiguang.liu@intel.com>, "Kumar,
 Rahul1" <rahul1.kumar@intel.com>, "Dong, Eric" <eric.dong@intel.com>, Michael
 Roth <michael.roth@amd.com>
Subject: Re: [PATCH v13 22/32] UefiCpuPkg/MpInitLib: use PcdConfidentialComputingAttr to check SEV status
Thread-Topic: [PATCH v13 22/32] UefiCpuPkg/MpInitLib: use
 PcdConfidentialComputingAttr to check SEV status
Thread-Index: AQHX1+yHWh7XRZHaHUO9KstycLQTRawcBcXw
Date: Tue, 30 Nov 2021 11:10:13 +0000
Message-ID: <BN0PR11MB56963E36888DD79696BB4A698C679@BN0PR11MB5696.namprd11.prod.outlook.com>
References: <20211112173959.2505972-1-brijesh.singh@amd.com>
 <20211112173959.2505972-23-brijesh.singh@amd.com>
In-Reply-To: <20211112173959.2505972-23-brijesh.singh@amd.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2b7645ed-bda6-4dc7-e5d7-08d9b3f20042
x-ms-traffictypediagnostic: BN6PR11MB0001:
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-microsoft-antispam-prvs: <BN6PR11MB00010F5B86D254C1E46623A38C679@BN6PR11MB0001.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:514;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ji+fouVydoBzRPeLLTp7yZUd1hqwXVVMNEBvwJ6yfoRqlx7lzs9ZxG3pPHXK1ZI4L06aTKRZsf4MWqdTJb5HVSqE/dko2axTI+w/zxVU5m2lSajT3WuHqgJj223WrNpVwLyYW5xXpffLmSR6I3B1LdgSExE97N+oCaaUPjeV3SMtcJniZ0V0hkLz3MqyZKe3R2tl623sWjAm5j+l2GO3o9/71Xt08Hwt1xq5fs+3E546k22F6u0RoIrVu6IBGrM380GeRXgS05cLHpVOmwKaUMSU2pjcll81p/rr4IF6YHWv5CYYYAhcXoMcYJ5aq/E8DDngV0gBAU102GclHFmxhZeK0i5WwzG7eDAFqZMWhfaIUjW5yld2/L+/BOI7XmM2W2PdRPpeiW0JaD3c2XazpvPGRPUwp7ptFX+J3oe6KwsSBoI1VBRMs/iNj2WELx5EkjQid/+qkGH3zqufmSk92I7/M61yocIlNxRGWleUKteTq8Hiie2zE2L9jHky9wusLEyQhJjX6ZvLTK8gbNZeo3DHmE6w/1MiOoQHBtxeV7ibx/CZz8rozp5a3IH/UfrluxFDjAiqufPBnQ64G6UxkelGdGv7kZzcCboiTmTY5W059WOmc6Td1RrWb1jBsxzp2U2cz1en/G9+fvYRuEe9GTYIzI2TaFRCzaPism0DKFuoBjdWS1TAubEERzmjKc3s2/0SrEazXbJAy3ttJFOK1NNnTuo7RqdDj0ofsIJq9bdioeNcrIDFI1DjPID1QcA9slDHQwG0W9EiGKaAY86Eitk6P8sMQKM0QaO/T+gavGE=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN0PR11MB5696.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(366004)(86362001)(26005)(508600001)(966005)(2906002)(9686003)(4326008)(55016003)(8936002)(186003)(110136005)(64756008)(66446008)(33656002)(38100700002)(52536014)(53546011)(76116006)(6506007)(82960400001)(7696005)(38070700005)(316002)(6666004)(122000001)(54906003)(83380400001)(66946007)(5660300002)(71200400001)(66476007)(66556008)(8676002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?kSoJvYhnzRQ5PCr7178Aw1mgpVCpstGx9pWDWqef7YSlp0LH3OZ9cpjs3Ye4?=
 =?us-ascii?Q?4y7ZB9jJ+q5hnNjBaL3dWjgvQ4SOyQwVSHYyWwP9f+iQDufO6/rPQH9DhMyp?=
 =?us-ascii?Q?eyB7BBP6jZh+QAhuY77RXxMpX4+8Ie526X+9Q5ZNTjtYfTPJG/XMGLUb3ndO?=
 =?us-ascii?Q?yKEC5qJyvswzXV20dUECyO2UwgOuuAFhD2zZ99a97oESwzf/l9ovGgf3epTz?=
 =?us-ascii?Q?PjbVpJo+M91py8dvZfD58LSG0GfglqBJBM3BVnLLOSLe/Y0Mvf07DILoSbOr?=
 =?us-ascii?Q?nS8uX+/Jt7W2aFa+3Ojd1b6dfWoY+so9jIhWML7YgteG4WGoVgPZM6ls+pNX?=
 =?us-ascii?Q?PGmtqsSREN/L5/S+DFlKIEqoV3sHXMQPcacWjOHBv66gjlZY0JdG7ySREp06?=
 =?us-ascii?Q?jSO2jqvMStD0GbawtwiBMZ272x2zgKGfNyHH5m0SSeCbKphzf6McqoVdJlXI?=
 =?us-ascii?Q?EU5qxqHoO4sQfcFmZ7bFYxdukrqcjl99eQg1m/rjHxkbTjQOx3SAVmZyTBBK?=
 =?us-ascii?Q?v8Qnbz77/4mtSMo7k2wOG8aXnTuyoznmXGw02oOg0dGJxyXFgzmZRykUE1DW?=
 =?us-ascii?Q?6H4obQoAsBuHnE7zsguPJHcw2dMZ6C0q0T/VdpYRDZoIhbJ8NrhZ066c2lLs?=
 =?us-ascii?Q?37LU/eBPDyZDtYLY4JpD5HFvm4XgxV+cQK16b+Ul/xrCrhXq3s0IJ0CLlXpE?=
 =?us-ascii?Q?eQGbIpaTXBCdJ6s/VobuRbsAKNnzshgxB1kBUCw/oG4PIIdhCMGNqWYX9Vxq?=
 =?us-ascii?Q?3RFxA17mur7g2j3tMEE5kzb+cQnB09krDb9t1WxeKggz4Ff07XYVL2Q6Qaxs?=
 =?us-ascii?Q?QPoD7i+6u/VMUmzMSblwxyojgq2tIz8H7qFfHgBLqglUBRKo/MSlkyCPy7UF?=
 =?us-ascii?Q?5a2vri3m9QY9eg7mIWdUdWKckDjG5RFBGWVv8K5nOTQHLEBcR+cJ48r0dLfb?=
 =?us-ascii?Q?c0LIV15Sd17NGXinNGxIO3sk42+NNlapjfrhIQlt77r9heAaoSk19Xl8O5L+?=
 =?us-ascii?Q?Hix6ASL2/8MlbyQHWx+W6kLURViNv3S94mfZX5QCX2S6TuhfDkNFN9XnvAuL?=
 =?us-ascii?Q?Vso3NyIZsVxfEmWyY6H4omwmHdjIwAnYKStfZGUFIG18ECgf+7W3RJQUuZ90?=
 =?us-ascii?Q?nr0bfYUv4Oe6NqFykGa12HAH+6/bNgL+Lt30dyk8XSJKgvTaih5E3yBU7vMY?=
 =?us-ascii?Q?OqjYekLzICGW7RygYMNne9RV9KEyDVjmsUI+Jbcdafy8zf18tI3fzgg6w2Cl?=
 =?us-ascii?Q?kFTquDTYPJ0Uwr5PMBOuQrsaR9e5nHYT/BgUwfqqfArtDaWSbkqaSo1Bk2mz?=
 =?us-ascii?Q?B5bWwDA/j63NDDokgQWhncsW/uAT7zY+Ih/uBeF2FRrgXk4RlzidQvr00zcI?=
 =?us-ascii?Q?zpRzKI3mhuul6UwPrmj8ckE/m3vyMjcpMo/41ahH1DEZEXZueO3gzfiG7MKL?=
 =?us-ascii?Q?Fxelz8MuMRn3vdsXn9HY1Bn21ZWFt6vSyTM8C5iNAmNXBBXaofLC3pOgVPrW?=
 =?us-ascii?Q?kX+WWjMOln8te90z0AFUfpCHe9A0adtGP9XQVv2CVmxDd6d+lG9oZ50jvCuA?=
 =?us-ascii?Q?UIVtFOfq9NO0+h96z/P0X7ND039lAVgh0zaB++DaZCHyEC61wb8ypBnzvq1t?=
 =?us-ascii?Q?UAxEIRLsSGYlKcH50L6GgxA=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN0PR11MB5696.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2b7645ed-bda6-4dc7-e5d7-08d9b3f20042
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Nov 2021 11:10:13.8026
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: v8reypi5qeoK5Tb/ttm2xWHzdgLlgB8UzPjM/NT0jnbX7CH9J137TXSgUPDszdGS6tEwXGS9qJFnGs0ruoSvGQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR11MB0001
Return-Path: ray.ni@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Acked-by: Ray Ni <ray.ni@intel.com>

> -----Original Message-----
> From: Brijesh Singh <brijesh.singh@amd.com>
> Sent: Saturday, November 13, 2021 1:40 AM
> To: devel@edk2.groups.io
> Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M <min.m.xu@intel.com>;=
 Yao, Jiewen <jiewen.yao@intel.com>; Tom
> Lendacky <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@int=
el.com>; Ard Biesheuvel
> <ardb+tianocore@kernel.org>; Erdem Aktas <erdemaktas@google.com>; Michael=
 Roth <Michael.Roth@amd.com>; Gerd
> Hoffmann <kraxel@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.c=
om>; Liming Gao <gaoliming@byosoft.com.cn>;
> Liu, Zhiguang <zhiguang.liu@intel.com>; Ni, Ray <ray.ni@intel.com>; Kumar=
, Rahul1 <rahul1.kumar@intel.com>; Dong, Eric
> <eric.dong@intel.com>; Brijesh Singh <brijesh.singh@amd.com>; Michael Rot=
h <michael.roth@amd.com>
> Subject: [PATCH v13 22/32] UefiCpuPkg/MpInitLib: use PcdConfidentialCompu=
tingAttr to check SEV status
>=20
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275
>=20
> Previous commit introduced a generic confidential computing PCD that can
> determine whether AMD SEV-ES is enabled. Update the MpInitLib to drop the
> PcdSevEsIsEnabled in favor of PcdConfidentialComputingAttr.
>=20
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Rahul Kumar <rahul1.kumar@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
>  UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |  2 +-
>  UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |  2 +-
>  UefiCpuPkg/Library/MpInitLib/MpLib.h          | 13 ++++
>  UefiCpuPkg/Library/MpInitLib/DxeMpLib.c       |  6 +-
>  UefiCpuPkg/Library/MpInitLib/MpLib.c          | 73 ++++++++++++++++++-
>  UefiCpuPkg/Library/MpInitLib/PeiMpLib.c       |  4 +-
>  6 files changed, 90 insertions(+), 10 deletions(-)
>=20
> diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/L=
ibrary/MpInitLib/DxeMpInitLib.inf
> index 6e510aa89120..de705bc54bb4 100644
> --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
> +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
> @@ -73,7 +73,7 @@ [Pcd]
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode                           #=
# CONSUMES
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate                       #=
# SOMETIMES_CONSUMES
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuApStatusCheckIntervalInMicroSeconds  #=
# CONSUMES
> -  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled                          #=
# CONSUMES
>    gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase                       #=
# SOMETIMES_CONSUMES
>    gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard                      #=
# CONSUMES
>    gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase                           #=
# CONSUMES
> +  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr           #=
# CONSUMES
> diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/L=
ibrary/MpInitLib/PeiMpInitLib.inf
> index 2cbd9b8b8acc..b7e15ee023f0 100644
> --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
> +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
> @@ -63,9 +63,9 @@ [Pcd]
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize         ## CO=
NSUMES
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode                       ## CO=
NSUMES
>    gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate                   ## SO=
METIMES_CONSUMES
> -  gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled                      ## CO=
NSUMES
>    gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase                   ## SO=
METIMES_CONSUMES
>    gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase                       ## CO=
NSUMES
> +  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr       ## CO=
NSUMES
>=20
>  [Ppis]
>    gEdkiiPeiShadowMicrocodePpiGuid        ## SOMETIMES_CONSUMES
> diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/Mp=
InitLib/MpLib.h
> index 3d4446df8ce6..2107f3f705a2 100644
> --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
> +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
> @@ -33,6 +33,7 @@
>  #include <Library/HobLib.h>
>  #include <Library/PcdLib.h>
>  #include <Library/MicrocodeLib.h>
> +#include <ConfidentialComputingGuestAttr.h>
>=20
>  #include <Register/Amd/Fam17Msr.h>
>  #include <Register/Amd/Ghcb.h>
> @@ -774,5 +775,17 @@ SevEsPlaceApHlt (
>    CPU_MP_DATA                *CpuMpData
>    );
>=20
> +/**
> + Check if the specified confidential computing attribute is active.
> +
> + @retval TRUE   The specified Attr is active.
> + @retval FALSE  The specified Attr is not active.
> +**/
> +BOOLEAN
> +EFIAPI
> +ConfidentialComputingGuestHas (
> +  CONFIDENTIAL_COMPUTING_GUEST_ATTR     Attr
> +  );
> +
>  #endif
>=20
> diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library=
/MpInitLib/DxeMpLib.c
> index 93fc63bf93e3..657a73dca05e 100644
> --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
> +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
> @@ -93,7 +93,7 @@ GetWakeupBuffer (
>    EFI_PHYSICAL_ADDRESS    StartAddress;
>    EFI_MEMORY_TYPE         MemoryType;
>=20
> -  if (PcdGetBool (PcdSevEsIsEnabled)) {
> +  if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
>      MemoryType =3D EfiReservedMemoryType;
>    } else {
>      MemoryType =3D EfiBootServicesData;
> @@ -107,7 +107,7 @@ GetWakeupBuffer (
>    // LagacyBios driver depends on CPU Arch protocol which guarantees bel=
ow
>    // allocation runs earlier than LegacyBios driver.
>    //
> -  if (PcdGetBool (PcdSevEsIsEnabled)) {
> +  if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
>      //
>      // SEV-ES Wakeup buffer should be under 0x88000 and under any previo=
us one
>      //
> @@ -124,7 +124,7 @@ GetWakeupBuffer (
>    ASSERT_EFI_ERROR (Status);
>    if (EFI_ERROR (Status)) {
>      StartAddress =3D (EFI_PHYSICAL_ADDRESS) -1;
> -  } else if (PcdGetBool (PcdSevEsIsEnabled)) {
> +  } else if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
>      //
>      // Next SEV-ES wakeup buffer allocation must be below this allocatio=
n
>      //
> diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/Mp=
InitLib/MpLib.c
> index 890945bc5994..b6c8a1a04d9f 100644
> --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
> +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c
> @@ -295,7 +295,7 @@ GetApLoopMode (
>        ApLoopMode =3D ApInHltLoop;
>      }
>=20
> -    if (PcdGetBool (PcdSevEsIsEnabled)) {
> +    if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
>        //
>        // For SEV-ES, force AP in Hlt-loop mode in order to use the GHCB
>        // protocol for starting APs
> @@ -1046,7 +1046,7 @@ AllocateResetVector (
>      // The AP reset stack is only used by SEV-ES guests. Do not allocate=
 it
>      // if SEV-ES is not enabled.
>      //
> -    if (PcdGetBool (PcdSevEsIsEnabled)) {
> +    if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
>        //
>        // Stack location is based on ProcessorNumber, so use the total nu=
mber
>        // of processors for calculating the total stack area.
> @@ -1816,7 +1816,7 @@ MpInitLibInitialize (
>    CpuMpData->CpuData          =3D (CPU_AP_DATA *) (CpuMpData + 1);
>    CpuMpData->CpuInfoInHob     =3D (UINT64) (UINTN) (CpuMpData->CpuData +=
 MaxLogicalProcessorNumber);
>    InitializeSpinLock(&CpuMpData->MpLock);
> -  CpuMpData->SevEsIsEnabled =3D PcdGetBool (PcdSevEsIsEnabled);
> +  CpuMpData->SevEsIsEnabled =3D ConfidentialComputingGuestHas (CCAttrAmd=
SevEs);
>    CpuMpData->SevEsAPBuffer  =3D (UINTN) -1;
>    CpuMpData->GhcbBase       =3D PcdGet64 (PcdGhcbBase);
>=20
> @@ -2706,3 +2706,70 @@ MpInitLibStartupAllCPUs (
>             NULL
>             );
>  }
> +
> +/**
> +  The function check if the specified Attr is set.
> +
> +  @param[in]  CurrentAttr   The current attribute.
> +  @param[in]  Attr          The attribute to check.
> +
> +  @retval  TRUE      The specified Attr is set.
> +  @retval  FALSE     The specified Attr is not set.
> +
> +**/
> +STATIC
> +BOOLEAN
> +AmdMemEncryptionAttrCheck (
> +  IN  UINT64                                CurrentAttr,
> +  IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR     Attr
> +  )
> +{
> +  switch (Attr) {
> +    case CCAttrAmdSev:
> +      //
> +      // SEV is automatically enabled if SEV-ES or SEV-SNP is active.
> +      //
> +      return CurrentAttr >=3D CCAttrAmdSev;
> +    case CCAttrAmdSevEs:
> +      //
> +      // SEV-ES is automatically enabled if SEV-SNP is active.
> +      //
> +      return CurrentAttr >=3D CCAttrAmdSevEs;
> +    case CCAttrAmdSevSnp:
> +      return CurrentAttr =3D=3D CCAttrAmdSevSnp;
> +    default:
> +      return FALSE;
> +  }
> +}
> +
> +/**
> +  Check if the specified confidential computing attribute is active.
> +
> +  @param[in]  Attr          The attribute to check.
> +
> +  @retval TRUE   The specified Attr is active.
> +  @retval FALSE  The specified Attr is not active.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +ConfidentialComputingGuestHas (
> +  IN  CONFIDENTIAL_COMPUTING_GUEST_ATTR     Attr
> +  )
> +{
> +  UINT64    CurrentAttr;
> +
> +  //
> +  // Get the current CC attribute.
> +  //
> +  CurrentAttr =3D PcdGet64 (PcdConfidentialComputingGuestAttr);
> +
> +  //
> +  // If attr is for the AMD group then call AMD specific checks.
> +  //
> +  if (((RShiftU64 (CurrentAttr, 8)) & 0xff) =3D=3D 1) {
> +    return AmdMemEncryptionAttrCheck (CurrentAttr, Attr);
> +  }
> +
> +  return (CurrentAttr =3D=3D Attr);
> +}
> diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c b/UefiCpuPkg/Library=
/MpInitLib/PeiMpLib.c
> index 90015c650c68..2f333a00460a 100644
> --- a/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
> +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpLib.c
> @@ -222,7 +222,7 @@ GetWakeupBuffer (
>          // Need memory under 1MB to be collected here
>          //
>          WakeupBufferEnd =3D Hob.ResourceDescriptor->PhysicalStart + Hob.=
ResourceDescriptor->ResourceLength;
> -        if (PcdGetBool (PcdSevEsIsEnabled) &&
> +        if (ConfidentialComputingGuestHas (CCAttrAmdSevEs) &&
>              WakeupBufferEnd > mSevEsPeiWakeupBuffer) {
>            //
>            // SEV-ES Wakeup buffer should be under 1MB and under any prev=
ious one
> @@ -253,7 +253,7 @@ GetWakeupBuffer (
>            DEBUG ((DEBUG_INFO, "WakeupBufferStart =3D %x, WakeupBufferSiz=
e =3D %x\n",
>                                 WakeupBufferStart, WakeupBufferSize));
>=20
> -          if (PcdGetBool (PcdSevEsIsEnabled)) {
> +          if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
>              //
>              // Next SEV-ES wakeup buffer allocation must be below this
>              // allocation
> --
> 2.25.1