From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by mx.groups.io with SMTP id smtpd.web09.6180.1639361213341198432
 for <devel@edk2.groups.io>;
 Sun, 12 Dec 2021 18:06:53 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.com header.s=intel header.b=QcwC4pcZ;
 spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: min.m.xu@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1639361213; x=1670897213;
  h=from:to:cc:subject:date:message-id:references:
   in-reply-to:content-transfer-encoding:mime-version;
  bh=kEbb6b+c+Bji8adChObIm/tvTUQmrhML8/jWxGRoiIY=;
  b=QcwC4pcZzezl2Dh58pz0lQqumNUa9kz8zgVcDT8c/t3fATe4XcZYd+SK
   xMlN+qrH8oojfjwQdZQUNcqR+rQCb1UERe29GRfmlIqGlqArQmUsl+inw
   s0dfMAtCPNa/zDd26E0/R6374A4Ubdk8gPV+EQGsfTkQQV0RO/Nyp3LFL
   k2DOHDgl1UZtfGoiSdr/Y55KVMvfRepBg4K1ibAn+rVcFJnSbC2hu0nxm
   w5Qrp07xznmXJL8D8EAnFge0DDwEed2pcet9zzhuySZSLet9ME9C4lWpK
   32Vb9fhJyfu/ergbZs5Zj4tPFsTN3BFvBpCpZwNc2DYUq5H27iVZnWdjm
   A==;
X-IronPort-AV: E=McAfee;i="6200,9189,10196"; a="225923932"
X-IronPort-AV: E=Sophos;i="5.88,201,1635231600"; 
   d="scan'208";a="225923932"
Received: from orsmga007.jf.intel.com ([10.7.209.58])
  by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Dec 2021 18:06:52 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.88,201,1635231600"; 
   d="scan'208";a="504715040"
Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82])
  by orsmga007.jf.intel.com with ESMTP; 12 Dec 2021 18:06:52 -0800
Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by
 fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.20; Sun, 12 Dec 2021 18:06:51 -0800
Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2308.20 via Frontend Transport; Sun, 12 Dec 2021 18:06:51 -0800
Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.102)
 by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2308.20; Sun, 12 Dec 2021 18:06:51 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=WqnenPeGVDdZiZj+hMdEV2uOWN7m1tKheNPN4+pRuDBqVVv3URKvDd1JHDHVpJTw2xEVuBmbggAZi9/s2zflcY7pGX0L5mVeryyBuBr3gpOuMhYX+W3habArjnRUAhdESSpPz5T1ogoVyD05FUjXah5iWSlWDPiv/1aGMlf42PLJsIdrqjr1EFQNB22wWKfcN4j6DM+0nsDMVeV4TIsC8DM/8OQSJYZganDrXr4e2sXDUUUxlEdHxA8no1cI/0fSNbq7Yo6zOACzMNJ0sy68YjVWb0XrvmOFALdJ5Tfh9hLvt1d3M6F4/j6BGcFgJ57PzbKe/5V4VJSSt3TqRqz76g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=2H18N2wTFj+4veDhK4+NZrsrsxbUsQX2ea3EuSzzFQw=;
 b=ah42bkXTH+9YOnVAZ3eSxioyjyGJKAijFQqbv8KikXCfmkhshVx8hU5STguQu6GVVk0B85MMAg6vyIpCNwPss9j2Ln0HNAjbIL9M8GWbDh6xecwLQr1qS1bLV1x5v77TK8KbZ8B9tlaCtDNCOMsOb5RgTgvY1y3ZBJDEpCxKLHCccStMyfmIQ6n4JgWqUyUxDlvsY47pWM1B/h/CCOhzCgaW4ueAORNS1rLhkw01srg+1mcm5vYHXlbg/7ocl7lpUB4rJNxmJRc8ZjENzZkLV7OBQZ5V1slupeiFzL20U8wtKTCYiiwJcJoK2DudZ7FMj0j8EXSFrmdSX1IpxWnUTg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=2H18N2wTFj+4veDhK4+NZrsrsxbUsQX2ea3EuSzzFQw=;
 b=flgq+4DZiS7SLOQd6ge22zhKqF5J57w5ZGrvvFHG6xX/C2nTePzLxeRHioQ4SKoBbbcbkT7N/tIo5HMl25FkysO7uYRmO08qiLz2t2PWbvfbyhCroHIa8mOB2mosHpgn8X0MjKHRANx4XVK5J6mdQay0MNGIInCwi0jZxB4nbSo=
Received: from CO1PR11MB5058.namprd11.prod.outlook.com (2603:10b6:303:99::17)
 by MWHPR1101MB2237.namprd11.prod.outlook.com (2603:10b6:301:57::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.21; Mon, 13 Dec
 2021 02:06:48 +0000
Received: from CO1PR11MB5058.namprd11.prod.outlook.com
 ([fe80::14a8:d84e:f761:8ea0]) by CO1PR11MB5058.namprd11.prod.outlook.com
 ([fe80::14a8:d84e:f761:8ea0%7]) with mapi id 15.20.4778.017; Mon, 13 Dec 2021
 02:06:48 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: Gerd Hoffmann <kraxel@redhat.com>
CC: "devel@edk2.groups.io" <devel@edk2.groups.io>, Ard Biesheuvel
	<ardb+tianocore@kernel.org>, "Justen, Jordan L" <jordan.l.justen@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>, "Aktas, Erdem"
	<erdemaktas@google.com>, James Bottomley <jejb@linux.ibm.com>, "Yao, Jiewen"
	<jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [PATCH V3 28/29] OvmfPkg/QemuFwCfgLib: Support Tdx in QemuFwCfgDxe
Thread-Topic: [PATCH V3 28/29] OvmfPkg/QemuFwCfgLib: Support Tdx in
 QemuFwCfgDxe
Thread-Index: AQHXzyMJBGlu6/t1RkqRPaHt5YXDMKvxZh4AgD6FWlA=
Date: Mon, 13 Dec 2021 02:06:48 +0000
Message-ID: <CO1PR11MB505832ADA73DEFE8E52E47CFC5749@CO1PR11MB5058.namprd11.prod.outlook.com>
References: <cover.1635769996.git.min.m.xu@intel.com>
 <8e1c23a097576afbdebaffc6ca5f28c608e1b526.1635769996.git.min.m.xu@intel.com>
 <20211103071244.f2z76en5lybvax7a@sirius.home.kraxel.org>
In-Reply-To: <20211103071244.f2z76en5lybvax7a@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.6.200.16
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: f9daa93b-9d78-45c4-8e94-08d9bddd38b3
x-ms-traffictypediagnostic: MWHPR1101MB2237:EE_
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-microsoft-antispam-prvs: <MWHPR1101MB2237FB1DB13BB74E725C1BBEC5749@MWHPR1101MB2237.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: MvyxI/aBCSLYmc1HSWVhbzW7yghzqEZMlCMCuM4pxhL+8wR52llPiE6BWDGYx2rmPghUsyXJMwr2DY8kzcP+WOUAOvSfmTn4mUxv7TRJhMOaE4ZPj7Z9ns/1viqv5rd1BRWL9tZ4XWsiaiRfLhOdALAYHd38zLvyhENjOKHSAvC1inmTIrLrKL2x7nRJKaGUcPmcNqbvhkpjhIp8lRxT+RCS8Rd8LY5L+c0IYTF3dFnf7EbzZG2fbnS2/icHmbmajy3bcgzcaNLa8UAEMlet9AHOCQ6TSd1vW2P8jjoQBD7Vj5IfAaOHK34NURKNRs59ysfTZrOmcS3G0V1vyS4BsX1awaJL3j3Ih4LnuO1CNXIhitfzemI0pqwOossgF++ycWGfpjErBbY6NSyDvq/zxWVfbBSx7axTaaHpU3BjfDZCu8jGR7Y685z8KBHtr5/sOnRU24subd7DYmUvJLqTgVTvU9FuclNYy6eAAj1gQ2ba36r8V0DHmbd90LBaA4dNGttTeQ5ICHDmJxzlrwWnBYW0E6zE/nNlgoAu+xQJEb+Ve4ScokqfjuxkjIzCP7EFzCbbHW4rgFbSCBGPAqLhY2jjoE/I/Cz0vq2xG5VoQat/XD9oGflHgnR5uQiHy/O6GI7Ub0ISNzn5KNh5A2EYJUx5IdgypJnbkYffUvmYmoq7q7790mme4Yl1mn8yq178OLI8bSHv9bgRn8lUKfaGfOcvPRs2k0nl3gOTNC7JklY=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO1PR11MB5058.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(366004)(4326008)(9686003)(6506007)(508600001)(26005)(82960400001)(7696005)(186003)(2906002)(86362001)(55016003)(54906003)(316002)(66446008)(8676002)(38100700002)(64756008)(6916009)(33656002)(8936002)(5660300002)(76116006)(52536014)(71200400001)(38070700005)(66556008)(66946007)(66476007)(122000001)(156123004);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?B8uklXL60R6Xx51e0hqf2HpyjXNIO7CKSA96znG2CJL00qYRxgFmDlQEuJha?=
 =?us-ascii?Q?BOveZBt16+rcGaSITbpXLqakb3wa40sDczO1OUlj39tcfVr3Nkh7nW3rzpfF?=
 =?us-ascii?Q?bfaQ0dzPTgGyMWU23lOcJrC82+n9J+sPq50TeQEW2U0j1bAYnEst2SiIznvb?=
 =?us-ascii?Q?MWijxzPh/5gFt4HlcYcGQni6sOviu25Y7m1fJ43FMSzA0GByDO5xBF1l05on?=
 =?us-ascii?Q?eE7OfSGtbeKaf+hdsK8MYgXS8JF10FqKUC1d7XuHhlTCWSGrs5BB5aSGs698?=
 =?us-ascii?Q?bdaIJZkOzF3Zb0dNjFcu/dBLzfb+MK8gcd3EPdp6zSHyO6uVA7kZ/HPdfl94?=
 =?us-ascii?Q?dSh93ceznjsKVzFjeIiWjotakmmyGRMrktHSvtMNlEraSj6YUGRakgdJJ8AA?=
 =?us-ascii?Q?pwFgPh0VsFHNGOszLVO5sfcWmwoEt7jWichlSZWui6jPOF/cOmORDgbJyNEK?=
 =?us-ascii?Q?qIdlOtAQ5wZE2aXic+o6DQ7YltN/ztXd8wVs4Phf+pWrtPOxWJcycDd11ola?=
 =?us-ascii?Q?rvxPhZJXdopcVH4v309h7G+Hj4joiYj4WLk7MFKX3+p9J8gI16TKod8958Pr?=
 =?us-ascii?Q?PAA0SgZxS9D4yHbByRIkZPdCdPk75yl1u/MxDkn+9r6kvBblHa071fQ/SMdE?=
 =?us-ascii?Q?1xbYzFOn9ZdHWI7D0cjpO3BMl7KIyVjuXkpJO2s0kUbDZkA9trL23j6j6r97?=
 =?us-ascii?Q?dSjIMp+CZDpuOOwW+cTPORXRtpmsoZDU9kopPpBMtRR1FiIPTHQzbxFXBvMB?=
 =?us-ascii?Q?GZswhVRdCRZuPIkiPSUzZz6+XS7BMXEPHyMBVW0IpolJuXN/OSeIPwg4U8Fc?=
 =?us-ascii?Q?bMdIsigNpRFnh7KbGWfGehrBHfCo13QgVnq11sKv6iaa8KqXRHn6n4mexuz/?=
 =?us-ascii?Q?N0L9Kn9VedII1TT1V/4x5YoIeDzs2NIWVpB5gAN5mNqt9ft0p0wJz/PnzQxB?=
 =?us-ascii?Q?z6gCTZxy+RJpXggVb2AM0eMFvXZZKfBbVFn4B2lviPLqBXSJhXrk1Sk/zzS7?=
 =?us-ascii?Q?6jXneZ3SCBajK68M42A+TZDy0obIi6LisWEqj+D0XB2x2NKKtlZVME+JID+H?=
 =?us-ascii?Q?d8cEooAPtD/WymynHx2011XFk9fV6cW0AAfFANfOq4JefXlnNLy5YZxZXgkG?=
 =?us-ascii?Q?/nciyDeTSy/KckEVspLSTqz9Oke2aH+H4dD/cj/GGwahXotbVqLSWPcDIF/5?=
 =?us-ascii?Q?BLTjHUW14kIf8ExpNO4+w42t1mIz/wmE89ss3GzSI1fxuU8rpH25HY0Ncnge?=
 =?us-ascii?Q?eK/FE+tYKLJhbq3Mo9fbqM1aSGJ4/QKISsc3sdvEJfPYorwGVGxtW+e/Sm2M?=
 =?us-ascii?Q?cyQswHBPpSYmeZn88c5EI9He3kOQS0zRgE7SD3cMzEB1v5hqZrpPQBa4JQO3?=
 =?us-ascii?Q?Nc8JVSCU2OXzRMSNGTTA7tZ+8fuPMeEegabfSK8MQjRUxpy9Avxlt+6l+A60?=
 =?us-ascii?Q?Y6RkL4geMbxRmwup78pTfw1OoDgzJ0555o2E4fkfRVN9U7u7rAEUrJ/6brW8?=
 =?us-ascii?Q?TbBEfg3p9SDmNRS398t3/QO5LZ8LxHqPyImZG/JN9TQYixmor+xNICqxIGxF?=
 =?us-ascii?Q?U+2RqTTb+FUpPSsJTVKoOCfqpUxkONo0+1jAIaLO4Zpj0055erHx+vkECOHn?=
 =?us-ascii?Q?Jw=3D=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB5058.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f9daa93b-9d78-45c4-8e94-08d9bddd38b3
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Dec 2021 02:06:48.5065
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: AOqVUva0pBLIGPCVjzHhTnf63xGe3WNuEyp78YAJTV3V/WdbX4SAVM7grfBcsg4fw/MAVCtBs1MG7wIO0zqMtg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR1101MB2237
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi,

> > diff --git a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
> > b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
> > index 0182c9235cac..7a60b3e82863 100644
> > --- a/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
> > +++ b/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c
> > @@ -19,6 +19,7 @@
> >  #include <Library/DebugLib.h>
> >  #include <Library/QemuFwCfgLib.h>
> >  #include <Library/UefiBootServicesTableLib.h>
> > +#include <Library/MemEncryptTdxLib.h>
> >  #include <Library/MemEncryptSevLib.h>
> >
> >  #include "QemuFwCfgLibInternal.h"
> > @@ -85,7 +86,7 @@ QemuFwCfgInitialize (
> >      DEBUG ((DEBUG_INFO, "QemuFwCfg interface (DMA) is supported.\n"));
> >    }
> >
> > -  if (mQemuFwCfgDmaSupported && MemEncryptSevIsEnabled ()) {
> > +  if (mQemuFwCfgDmaSupported && (MemEncryptSevIsEnabled () ||
> > + (MemEncryptTdxIsEnabled ()))) {
> >      EFI_STATUS   Status;
>=20
> Should be possible to just check the ConfidentialComputing PCD here.
>=20
MemEncryptTdxIsEnabled() is checking the ConfidentialComputing PCD.
MemEncryptSevIsEnabled () has 3 implementations in SEC/PEI/DXE. In SEC/PEI =
phase the ConfidentialComputing PCD has not been ready and it just checks t=
he Msr.Bits.SevBit.=20

Another consideration is that as the first step we make the least change so=
 that it will not break the existing feature. After that we revisit here an=
d refine the code if possible.

Thanks
Min