From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web10.10968.1636639223371560166 for ; Thu, 11 Nov 2021 06:00:23 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=KUWbycA4; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: ray.ni@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10164"; a="293736953" X-IronPort-AV: E=Sophos;i="5.87,226,1631602800"; d="scan'208";a="293736953" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2021 06:00:22 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,226,1631602800"; d="scan'208";a="670250653" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orsmga005.jf.intel.com with ESMTP; 11 Nov 2021 06:00:21 -0800 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Thu, 11 Nov 2021 06:00:20 -0800 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Thu, 11 Nov 2021 06:00:20 -0800 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.177) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Thu, 11 Nov 2021 06:00:20 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QwsdImhuAGUIZFvyneLwMHyT3hLuOTEC5LOOGvhnV6x0liNCUlrwrZ0tswPwG0A0jGeVLcm4qya5S2z0JdfzYfY7g9VLDakgBX+qoGYQVJ1XUMG+ZjGJ4vBsftt7QwJMWkJwOR2FbNhSOuditXbUw/R2k/NE6nby8vP1q/9daauGb1MLCqjDlDvw75KXv3WV6gUSvdjw4cqv16TDfw+yu0XZ0vucy44AITijiPJNPGymUi1IL5BimTd/lGqVplH2AL5AF0NXWJuGS6NWZN1cz0ai7BPDNZ5eIQQSzQwts2BCa7Ua1LFeJsfIdIza6Q/JFRfqpR97irezvXDq5bgtNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Np3RmgrYV0rSOBwNa99yccww1erACDbYjMW3WlumxUg=; b=XzC++ScKp+vimwm5w9quFmoK9o74zwYE3qlDd/Yte6VjRP2FONRAeBjOeLH2VcCbcLVZW4Ynemvc6nWPlveymfx6vRXY4oGaFkv6BjKN4WQVqSgtIvqiTOsTNjl0NgOPpeez9GBU64roEy4eUH2RxmTSR7FPiwoTQMHEp98fUBdcEb2bA1InHnJjELl4JloKQojuYuYpAM5u5cBoPxrAgYaljpRPMJtaVjlI3xfyLLWsEoFcrFXfoGdQpoBSWtqq27CtMuvb0//36GYGFISQoiSEEU31CdTF7kP8H8d0fCRPzTqSIVuvuKXExzkpu/vEmJQX42TEA/0cbjUW2YmP4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Np3RmgrYV0rSOBwNa99yccww1erACDbYjMW3WlumxUg=; b=KUWbycA4WsAsv6EKKu8XVlRwaClbapPJuWRVioGp5PLzkZBt2+wn5gegT8P7DfIYDsyAMGQc+cec2HLsCPLwtJASCHya2OvuoPfjg0m3z2a6/f+uJgrnUt49QHuEjurKIl2ZhxoU3iwquW6dfH6v8LBmNVWgBCpxXA5Te9n90BA= Received: from BN0PR11MB5696.namprd11.prod.outlook.com (2603:10b6:408:14b::11) by BN8PR11MB3587.namprd11.prod.outlook.com (2603:10b6:408:8e::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.17; Thu, 11 Nov 2021 14:00:19 +0000 Received: from BN0PR11MB5696.namprd11.prod.outlook.com ([fe80::317e:de35:e920:7778]) by BN0PR11MB5696.namprd11.prod.outlook.com ([fe80::317e:de35:e920:7778%3]) with mapi id 15.20.4669.013; Thu, 11 Nov 2021 14:00:19 +0000 From: "Ni, Ray" To: Brijesh Singh , "devel@edk2.groups.io" CC: James Bottomley , "Xu, Min M" , "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel , Erdem Aktas , "Michael Roth" , Gerd Hoffmann , "Kinney, Michael D" , Liming Gao , "Liu, Zhiguang" , "Kumar, Rahul1" , "Dong, Eric" , Michael Roth Subject: Re: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr Thread-Topic: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr Thread-Index: AQHX1oCOM5Xz8fCPj0qPs+ua1bDK0Kv+WiCQ Date: Thu, 11 Nov 2021 14:00:18 +0000 Message-ID: References: <20211110221457.2397234-1-brijesh.singh@amd.com> <20211110221457.2397234-21-brijesh.singh@amd.com> In-Reply-To: <20211110221457.2397234-21-brijesh.singh@amd.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 58cc5b64-49c7-4521-a06b-08d9a51b9883 x-ms-traffictypediagnostic: BN8PR11MB3587: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:3173; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: a+sBwOHLHPMBJi2ut5BxH5zATCZbtSBL9o+3XmxE+KCbTCUHJ6rdXSKON0fk0pfqqAnJBANDa7OxWc1LUjV1iIFaHZHNcYfPFrokg7yj821OuABamQJlGwGbNvYG53C7nSnw4QTtxoZDHdxZ1iwlt3pCJq9/0dsy4sqEPvFnInyWZSMIIGuR2/vsvigW9E0hJL2uIfBl5+W030JGQTcDzrku3N1ux8CA3a1Rp240KMXo1MRLNfybGbF8Bt1jjyLnzQ3UR/DvyOR371KuVmRWRTAzCOQOdOJ6mjsSZZUsNolmNEaOZfJTx6HwDK7ttpQ26Q5eiPmrEUHrBMaJXnZf9McfqeHeRZ6G9f/BHyc4zxTiWrGCnxyGasEXWh6Mo9HVDzj6MdDsD2RPvnDTx+sTCsHYG6KDQy/fcCXWt+TWa5mGStmakBOcJirlED08i088i1pA2MiIpvjJ+TU4GjgvJVK4RzDlkPPQbUZos0dNmCLvO4e/9EI1CCai8YYiFFzJWMKYnJUuP1XDUD13K+3uBV27U+31qA9zN1J2L3AVFzRmp1h3Us3lbXho0mB9rD7UAaZpNgiXDwa/anoxCI9YHIvWRhc/IO/dX4qI/xa2zVtY1qH0PZ460LMissKXQ6JXCyHz+RnROyttLbmD7T9ECkpYagUkoqAivDUs3bYIfkQos3N2B1fCSYqQLAQGkGSqer/SnT3hnoc+pT6XTOglOGZSVfEq9soMI0T4pBw29/xSFXBtFHYxRtYG9SOSHYORzCh1oV1LXER6RqjeeIhSbk3sPi9ynScTICij/S/L8j0= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN0PR11MB5696.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(83380400001)(52536014)(76116006)(186003)(71200400001)(38100700002)(26005)(82960400001)(4326008)(122000001)(86362001)(5660300002)(8936002)(2906002)(53546011)(6506007)(55016002)(966005)(316002)(66476007)(66556008)(64756008)(54906003)(110136005)(7696005)(66446008)(8676002)(66946007)(38070700005)(9686003)(508600001)(33656002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?eIEoHS/0S1zOF/zALP+UacRwi0Yzz66ZD5hYq7wYPlAi7fK+lOL1HsVWbuge?= =?us-ascii?Q?4gPYH3K9xoskDgddLlWR+69KwWGzBvQD+vpFKcCLjKLW7zEtxrC1V9yFmqhH?= =?us-ascii?Q?xhU1JxSxW8+Zv/dhx/3HW67BxTdQQh/CD3DIjf/n+29lM6XW6a/DYIgIixPB?= =?us-ascii?Q?t4jLzrQ26xJOCWVuTxbyCdIvRxOp1YJXKGJQFNjWOmaDYht6OLXQNRMXAnC1?= =?us-ascii?Q?Vsyqveq5ldNQXE1MPjlIXkdRY6FgrHsbEa9C7SzeTUrjug2OkF1Uw61sW9Gh?= =?us-ascii?Q?AtO/eTbuO3HJsv+kV7eYiYSYZDbNU3h6cakKcOZ6RDL7kYNwfzSe2xBpFDoR?= =?us-ascii?Q?30UL9zKKj83bD7SoVb08DaMW9yAC4dz6VZ6/BmPV/xEYlqhSq12DD2L4SoTx?= =?us-ascii?Q?kBpBkVs03e0VhX68ja2bNxlU2g2/zhg+yFKdnkk2XepNc33OCxR8CANxpsvT?= =?us-ascii?Q?x11x58vJPXl37GajD2cPt7WMqVRAt+wLEQbvN2DM+i703eOsj0psWBgX+yhe?= =?us-ascii?Q?k/qWqb/kjhERXAWTWYzSkhWCEzRGVWj1JzmVMFbwlu1tQtQ4Nf5/4SE0SpjY?= =?us-ascii?Q?Ujz/KmUCHHlRcvwUcEQ3I6/wbiBOphxfrMQsp1Lfvh0EBQhUKOUK2j/hsQEj?= =?us-ascii?Q?GQEqvm3itoRNtqNKc7wNfC883GU6P9w4Y+jK4zOBCQrzek87KLftoXCFWInB?= =?us-ascii?Q?6JIKIIlmQMM/+LlhE2NHMwgiz2bM4+CBgLxHaI4nBbi78sFIuCIYBsfbAZj4?= =?us-ascii?Q?vm6qMXGl6CEWnMbCRTDpOOAvu3O44sFHlUBFlwTcq+qNIUIZRLgrzsKlaUdN?= =?us-ascii?Q?IOMnjTC/EQ2Ze4UnYv0COjt/P10tQJ31Ifpuc4x3NTxe7koH+Pee/5R3EHY0?= =?us-ascii?Q?WvM9a63MDQ2HKD8XUyFfUHT6ASw3R0w6X7nAqZk1jd37aRzO6NRErwo7CZiP?= =?us-ascii?Q?cY4ngwFWrUsiRD/0gEujD+udOc27+2BSlAHFNu2z3M3uTrVeZD+rKU/25hqu?= =?us-ascii?Q?P/jUjSHjF1DJfWzGY6RDRayAl31/+ht8sO1jNJ8/V4IyFRtY8rw2xj/U734z?= =?us-ascii?Q?hgKgQYqMfZhUGBhSUvQHujRGzNV/hMusIIxe1ba1gJRiOJaGImF0Rjlkuivy?= =?us-ascii?Q?1Tigc0txn3Zdpre7VCgGbEiF1Hg/FsrqDA1UzBUc0pPSouXd+Nya99mOL1Im?= =?us-ascii?Q?68IVPbeATsaeDt0cGnAGqp7q7d5yXTNYCSmgpTbqYPTC80lO1hE8u8AyzW03?= =?us-ascii?Q?S59rwelN1aQFG5cXCHOG1Rr0At9G6GE5rUF5Tss+Mr3Wgb5fhk+R7d9dRd9Y?= =?us-ascii?Q?jQM8JWVwyOogYFWlXwnRklUWkkUAsnElhE5tuXZcr0uzADjALaMKbdqhoDHU?= =?us-ascii?Q?K1Or3B1S+cm/e8aNX+jsOtuWK1JRjkUb2ncfOBIKvm70ruFX5JlFQnS1hjqW?= =?us-ascii?Q?954HRl/IA2okFhRj2pLgPy0BVd/U5p5c7wndCQEXbmGpjsLfHv0ci4HbLVV6?= =?us-ascii?Q?oQOL7daPRCCye/AeO/zXhAJdX9wVlCb/oHwVgVNpLssivVR/wWkhDu8TmiGh?= =?us-ascii?Q?j40Xg4GvH2J4KmL82xS9xbE6GzMA82OflzDJ5kaePrZ+19YIFtf+Vmem5eEs?= =?us-ascii?Q?jw0NkzPV8gTQ8mEv+/iem00=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN0PR11MB5696.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 58cc5b64-49c7-4521-a06b-08d9a51b9883 X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Nov 2021 14:00:18.9645 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 8FdhYeU72b87w2oY19OHDCvwJ8XMejpdN1wgA3FjzGx2G2uZonZ3m3EoqD6fFu4UM6I49D6U5JlFm6Ob28IYdw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3587 Return-Path: ray.ni@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I don't prefer to use a dynamic PCD for passing data. Because developers don't know when this PCD value is finalized (PCD always = has a default value). If the value is determined in PEI and consumed in DXE, HOB is a better choi= ce. If the value is determined in PEI and consumed in PEI, PPI is a better choi= ce. (you can use PPI depex) If the value is determined in DXE and consumed in DXE, Protocol is a better= choice. (You can use Protocol depex) -----Original Message----- From: Brijesh Singh =20 Sent: Thursday, November 11, 2021 6:15 AM To: devel@edk2.groups.io Cc: James Bottomley ; Xu, Min M ; Y= ao, Jiewen ; Tom Lendacky ; = Justen, Jordan L ; Ard Biesheuvel ; Erdem Aktas ; Michael Roth ; Gerd Hoffmann ; Kinney, Michael D ; Liming Gao ; Liu, Zhiguang = ; Ni, Ray ; Kumar, Rahul1 ; Dong, Eric ; Brijesh Singh ; Michael Roth Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 While initializing APs, the MpInitLib may need to know whether the guest is= running with active AMD SEV or Intel TDX memory encryption. Add a new ConfidentialComputingGuestAttr PCD that can be used to query the = memory encryption attribute. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Michael Roth Cc: Ray Ni Cc: Rahul Kumar Cc: Eric Dong Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Erdem Aktas Cc: Gerd Hoffmann Suggested-by: Jiewen Yao Acked-by: Gerd Hoffmann Signed-off-by: Brijesh Singh --- MdePkg/MdePkg.dec | 4 +++ .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 8b18415b107a..cd90= 3c35d2ff 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic= , PcdsDynamicEx] # @Prompt FSB Clock. gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c =20 + ## This dynamic PCD indicates the memory encryption attribute of the gue= st. + # @Prompt Memory encryption attribute =20 + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x + 0000002e + [UserExtensions.TianoCore."ExtraFiles"] MdePkgExtra.uni diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Inclu= de/ConfidentialComputingGuestAttr.h new file mode 100644 index 000000000000..495b0df0ac33 --- /dev/null +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h @@ -0,0 +1,25 @@ +/** @file +Definitions for Confidential Computing Attribute + +Copyright (c) 2021 AMD Inc. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ + +typedef enum { + /* The guest is running with memory encryption disabled. */ + CCAttrNotEncrypted =3D 0, + + /* The guest is running with AMD SEV memory encryption enabled. */ + CCAttrAmdSev =3D 0x100, + CCAttrAmdSevEs =3D 0x101, + CCAttrAmdSevSnp =3D 0x102, + + /* The guest is running with Intel TDX memory encryption enabled. */ + CCAttrIntelTdx =3D 0x200, +} CONFIDENTIAL_COMPUTING_GUEST_ATTR; + +#endif -- 2.25.1