From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
 by mx.groups.io with SMTP id smtpd.web09.69149.1629378731986311302
 for <devel@edk2.groups.io>;
 Thu, 19 Aug 2021 06:12:12 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=pahJDwGE;
 spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: min.m.xu@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10080"; a="214704631"
X-IronPort-AV: E=Sophos;i="5.84,334,1620716400"; 
   d="scan'208";a="214704631"
Received: from fmsmga001.fm.intel.com ([10.253.24.23])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Aug 2021 06:12:10 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.84,334,1620716400"; 
   d="scan'208";a="594423430"
Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81])
  by fmsmga001.fm.intel.com with ESMTP; 19 Aug 2021 06:12:10 -0700
Received: from fmsmsx606.amr.corp.intel.com (10.18.126.86) by
 fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10; Thu, 19 Aug 2021 06:12:09 -0700
Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by
 fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10 via Frontend Transport; Thu, 19 Aug 2021 06:12:09 -0700
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (104.47.74.48) by
 edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2242.10; Thu, 19 Aug 2021 06:12:09 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=QTO9+eJajr3VMUx6PSFkaGYTG5+xWydNpA2XHhqsWMgj1rwUYqwtJrFy5+RrmjSRz1R9vCrDnfUr7JbcpFCqkNngUAspWDosbW28pL4LDqh4q5jIjTIFfPcnq6XnVEGm/XaRWMtej0GLdkqsowSOUGcQDIYe6Zgzpy5P4dQl7VcWlbqlCZGktqqqgUBK4GJqklPmgxzX9q0O1UFUZdYWTy7Z3lNpOODdpj/6LecVurSuC11/cbQFOOuG7uKFHsYonRA61wi2tQCw6UwIRsXVq+H6STD1LcjRsptPwxrE8FdyylIdCH8b4C9SgFhgTEhAbl4Z0hddlMhx2vqhqBDvyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=mhPkadZ2+ag6iAyFRhqfHkB1TQotEUeuOi3JU/4lYFI=;
 b=TZh4s0sJTksk+n4L3EgQWSeSLDY29o+bnNlhKlaanp4ZdeBXnZczyZGhSu1BwY98fE/plrCQNVLvHd3petpwHg+g/selUMiql+pbO3vV4xna7fGInFAX+UWfdacflmt0bvRpzA//Ko7uibkOLB864kAMYeO+5Ou7wkUQVaDH/LLxPUsZYPZCA+DgPq5ffv9NftvDu8cFFDBcTAxrZGH4pgf9YhWKdeZiZAQiE+om3bCrvi5BAWuK2ooLzre1PxuwECfTILR6LfcRHglF6hi+SpDS1kFXfH05eHLYQq3CvgJiykrf7HITqL5X7ob49ukGboX+eG87czl+J9OBBb4EVw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=mhPkadZ2+ag6iAyFRhqfHkB1TQotEUeuOi3JU/4lYFI=;
 b=pahJDwGErFYnfIFR3hDnYz6rRIkLKjHB/anrVjpiT/aFL8HQArakqDVOowhg5A43GKtCJeUHmfOxoO9tVSxCIpAn1bX2m1IvRIGLHhGoeZ4JzLhrNZDD7OmPCSQCe+1v2k//apzxdiqIVsX3hKF81GK6w6qsEpz8EfsZT7k3AAA=
Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15)
 by PH0PR11MB5048.namprd11.prod.outlook.com (2603:10b6:510:3d::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.21; Thu, 19 Aug
 2021 13:12:08 +0000
Received: from PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b]) by PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b%3]) with mapi id 15.20.4415.024; Thu, 19 Aug 2021
 13:12:08 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: Gerd Hoffmann <kraxel@redhat.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Kinney, Michael D" <michael.d.kinney@intel.com>, Liming Gao
	<gaoliming@byosoft.com.cn>, "Liu, Zhiguang" <zhiguang.liu@intel.com>, Brijesh
 Singh <brijesh.singh@amd.com>, Erdem Aktas <erdemaktas@google.com>, James
 Bottomley <jejb@linux.ibm.com>, "Yao, Jiewen" <jiewen.yao@intel.com>, Tom
 Lendacky <thomas.lendacky@amd.com>
Subject: Re: [edk2-devel] [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev to support Tdx
Thread-Topic: [edk2-devel] [PATCH 07/23] MdePkg: Update BaseIoLibIntrinsicSev
 to support Tdx
Thread-Index: AQHXj3FG2qCELoaR5kuNNBD2Jm4z+qt3Z5YAgAFhJVCAAZ/ugIAAXbNw
Date: Thu, 19 Aug 2021 13:12:08 +0000
Message-ID: <PH0PR11MB50643B37BD89C7E642E225EBC5C09@PH0PR11MB5064.namprd11.prod.outlook.com>
References: <cover.1628767741.git.min.m.xu@intel.com>
 <8f56e6f50477bf00d5121e6515388fe68525b1e2.1628767741.git.min.m.xu@intel.com>
 <20210817083822.vx2ts6twmm2fspqc@sirius.home.kraxel.org>
 <PH0PR11MB50649523F1E3DB5D8BC9FEC2C5FF9@PH0PR11MB5064.namprd11.prod.outlook.com>
 <20210819063059.rabr2aoajtffftqq@sirius.home.kraxel.org>
In-Reply-To: <20210819063059.rabr2aoajtffftqq@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.5.1.3
authentication-results: redhat.com; dkim=none (message not signed)
 header.d=none;redhat.com; dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dbae1121-dc8e-4069-4810-08d96312f2fb
x-ms-traffictypediagnostic: PH0PR11MB5048:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <PH0PR11MB50487D901DB12A7B3D6245AEC5C09@PH0PR11MB5048.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: V5cykqlX8TVQElwSkaC94J5DwrlAQgD+MH4azBNafDNB20eZwV7DRxdTKMHQX0m9nRq7Yf8mTsHMDci1JHaadw8pwCy5r/Nn6KtUuRGAzXd+fG4uOMVKDTVM7ddXLUBQZA9rk6xshecz//L2yr+SiNIOsXXogjuBVTd5LLpDCCjrBI6JVVM4B2kK4kulmOuzocvbjNoLboh1azQ5hDIotv59hNQQX/gDlo/9ek5g96Hjc4ByoI1IhdaL4AMF7aGIaWr3dtpPxehcrQn2cM3qMrpIWI5I3/ozD6gr6hDAMEWmsYLv2sj27Narwaw0r+SM5/uWUWaduWVVXbrIfeU1I4dkK9yBpPoNYXNV4TT7EB20qQrlGPPZfrdMR6t8dkAi9FFYID6rw2SmFLFY3IuxwJB84i7L3cz4hDbDiFEaudng6v6U/uVaiSves5eHHa8+jh3cRmxxTaeWUNOPvXw2nMnQIQrSgA/X/gI8ZrnGRvxCm7PJM/hwbEmLI2f/CTGJtyJBcXMsa9T42CERNhBUVLg2yR4zIi16I3847PNP6LfGfgiwdleU44V/qFzdMIUE+KZW0ZZHEgn/ilGA4OovM9GeWDBTj9wX8l1+KKbwA9feETc0NIIMYWQkHKoWd4NiQ/VLM+1Bw7CTHmsM/mG5V9uadj9Ttmwxv3HWpHvNtahzR5AwAsYBz4Iw3drq6QBaxfClCWaWTi1eFxqFrhh4FEv15JcvVnaHwfRZP3528F6w1N3K46HcvS9tHnXZuOQWsWkAcQGeSZuefyMO3CAbCV8Bnyvtvb2DWhey5+LWA1o=
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(376002)(39860400002)(136003)(396003)(346002)(366004)(66446008)(7696005)(4326008)(71200400001)(55016002)(66476007)(316002)(2906002)(478600001)(110136005)(66946007)(186003)(26005)(38070700005)(6506007)(76116006)(15650500001)(66556008)(54906003)(64756008)(33656002)(8936002)(9686003)(52536014)(8676002)(966005)(5660300002)(38100700002)(86362001)(83380400001)(122000001);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?1rXIMS2sMz4c/XvhfwPh6/Ho0IGfzgWB/id08ZquqlcSIDkV5OdfxSNnoAR4?=
 =?us-ascii?Q?UnGieubONM+2uWUtsP04K/cpNrCUVLUtnrS4kNuOJdNdETKe0HOt3A0XP6dU?=
 =?us-ascii?Q?AR5RUWIH1ZY+M2Vc86BQ6k4ryocfUc4ZqhorixICKSa+qxus4vaxdNnkAabT?=
 =?us-ascii?Q?bgvLppuBposvZHDE4l8DzYB4wv15cytxgBF0OVQ0QqUBQa+3bQrAU54etbrL?=
 =?us-ascii?Q?n7MzsalkioO7DuXY705AqmgrvCKJY6h/kMElybohcmknsuhie8DSaV98Bn38?=
 =?us-ascii?Q?ucSrhlv6qsZVQzaUAtE4R1AttSr/QtIlVpFVj6+F/VU/a/ICoyD+VaLglx4u?=
 =?us-ascii?Q?3vH42ChaBYZ8/2g692jLklFX9fav+d/l/4nGJU48V0fHFhkLj4jcTUmsUyj7?=
 =?us-ascii?Q?tE8F/JTq5g6Y0Qku8Sp2GbvTchTJD69smcQZcvRiUDOdjZCby3YEIBFCFgPh?=
 =?us-ascii?Q?LphL+Ece7tascUVU2/9h9DMsa891U4xtvRlBiwx7SLBulHbmRlaxNH4RKm2E?=
 =?us-ascii?Q?V58mE00pEa8CvCjWjr3zyd4bSITvdTqwoMCJ3nQAo2L51FjXUXEQjlJ07S8j?=
 =?us-ascii?Q?3ckAL8ml0d3q38LpNTtbncgMEsrd+WH1zJKzIOgUWnioUwbPCdEqYIZc4RO7?=
 =?us-ascii?Q?qgH4dIl0/bb+uRXM4gfQj+3RxFrPazI6wS+YeM2srJVQdiTbppZQPEsPBi/w?=
 =?us-ascii?Q?UtOqyozywf97pfx2N9V5AiVcpRp4znqKDbCTLcLf5xsWxAP32PR+HasHoiIA?=
 =?us-ascii?Q?ynTf+YyHNZK2CPVag5o0+MPujFTcOD5ehHnjr9njEkDXbUiuT/BdXkcBg2cT?=
 =?us-ascii?Q?QIoAoN4vDummKh0aqo/yEUbbU+5wnI5mw7J52b5/E59DvY7irDBwvBxtKpn2?=
 =?us-ascii?Q?90tIXYoV3BPk4xdvYJXVNBjr4r0jwyRIe7KgpDJl95Jc8N6w2Ci/T9r6B+J9?=
 =?us-ascii?Q?AY4n86VcOpxxXfVm1KB8m1gFNY4659u97LBjUL3tYbX3dq2oFTm7QTVM4FBH?=
 =?us-ascii?Q?x8zmJz0JEv2C7EllGfBta1GvYiG6NV/CWLyZbEM1oBp5sIQ5Pv1QQAgTo7vL?=
 =?us-ascii?Q?gVV94u4dbuF/c1I5xlu64bkBYywuwnDNNvruT/DlztTVLS0tNP17O0TuENeB?=
 =?us-ascii?Q?owm/zh+GE4KJOU2mw9MMJpI+fek1HyOKIsDVOQ7l5q9FYF0mJeuKPoZ/qgZN?=
 =?us-ascii?Q?u8vNJxavQ3u/xPLBmuVFVcXsiAvS32+5yslYe0KNgWXNrvcXIlm7pDgso3Yw?=
 =?us-ascii?Q?PTDbEJAwYvIYZhsaEPI8CZM2qBBgKbNHShZb13T+7+qMFs/8nLsLeha4F5Eo?=
 =?us-ascii?Q?cojNDG/+17CCVFWt0n6ISZpb?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: dbae1121-dc8e-4069-4810-08d96312f2fb
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Aug 2021 13:12:08.5018
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: yiYzQQdlygggAJNkoyxm/k450kisZ9DPGR8B4GgbYeg38ocI+cC+MZH0ycAnU+Rs+wDq26dCqut2C/01OtoZJg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5048
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On August 19, 2021 2:31 PM, Gerd Hoffmann wrote:
> > > IIRC some of the TDX features require a separate firmware binary.
> > > So, if we need a separate binary anyway at some point in the future,
> > > isn't it simpler then to use a separate firmware binary right from th=
e start?
> > >
> > > You can simply add a Tdx-specific variant of the library
> > > (BaseIoLibIntrinsicTdx.inf) and switch at compile time instead of
> > > having runtime switches all over the place.
> > >
> > TDVF has 2 Config for upstream. See
> > https://edk2.groups.io/g/devel/message/76367
> > Config-A merge the *basic* TDVF features to existing OvmfX64Pkg.dsc.
> (Align with existing SEV).
>=20
> Hmm, so we'll have two variants with two feature sets.
>=20
> One more question:  How does this align with the WorkArea changes posted
> yesterday?  The WorkArea gets a mode field for SEV / TDX / normal, so I t=
hink
> you should be able to use that instead of invoking cpuid each time you ne=
ed
> to know whenever tdx is active or not.
We don't want to make the TdxProbeLib depend on the WorkArea. CPUID(0x21)
makes TdxProbeLib less dependency.  For Intel TDX the WorkArea is designed =
to
be used in ResetVector phase.
>=20
Thanks!
Min