From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by mx.groups.io with SMTP id smtpd.web11.5144.1632215054504606636
 for <devel@edk2.groups.io>;
 Tue, 21 Sep 2021 02:04:14 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=Zbsq+aUZ;
 spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: min.m.xu@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10113"; a="210549991"
X-IronPort-AV: E=Sophos;i="5.85,310,1624345200"; 
   d="scan'208";a="210549991"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Sep 2021 02:04:13 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.85,310,1624345200"; 
   d="scan'208";a="549407353"
Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14])
  by FMSMGA003.fm.intel.com with ESMTP; 21 Sep 2021 02:04:13 -0700
Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by
 ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.12; Tue, 21 Sep 2021 02:04:12 -0700
Received: from orsmsx602.amr.corp.intel.com (10.22.229.15) by
 ORSMSX610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.12; Tue, 21 Sep 2021 02:04:12 -0700
Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by
 orsmsx602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.12 via Frontend Transport; Tue, 21 Sep 2021 02:04:12 -0700
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.177)
 by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2242.12; Tue, 21 Sep 2021 02:04:11 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=OymdiTu0LfIrZgU+tgu+lDlcTqTFrWh4mdXh+Ko/f/fObN8IuYOvCcX8VsFcSj8YU4QtJr7JKEP+W1H1E0kFu1NNDraHM9zKtKf/aVV0PfO8VKtsfCdmeHs+El00nBZnolI1/EHHAhDsaZWEi6bNklogsH5lBgMSiawXFEFQsPMqFNa6xS4h/1LZ/5XNhTJk46wMPPC6hNaGT+RPYZshGBnQ/gjSxUWof+VEeF0lTiRck5DlR9PmUgVIg8wj/JE9CAygPqCH6y0WzY3BAHYmu4fPydnPl6wUKJaW9SKa13OZiG2ixjqbNxAMBCMxe521BruhZH5KaLPLbXOlE97ypQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=GfmDffLsZs/0oQiUmvGXMqng5+IWz0OXr0Tu+5Rp2Ws=;
 b=n7/FB4UuVKpEvPYB5XspcABeFI/rzFf+rL8LGp5uaynljoNsbFPvTHiW78KTTL5snPL4Tm765U7ZfcSHkesikZ1tevsjjK9wxRsFik0QNzXFM+ezir2qflKWZ3c2k4b+U2Ioh6i5YKqATslWlUr7+R0v7HrAGKpA3UbrgLFM64afzIUtw5OwjgF+JVXIMTagrPtBSvTUfQhAVSwJbiI/FjLvQAsIzgCxi75NhErPAO5ftN56/Ym5Rd+9KgABvNRZ101qBoGbzD7qakW4Nu+dnOFvpl6DOg87P4y8ez4NdPnbf/DQkzR4eRka0yjFMKzHmLz9t1ChgWtxS1dcwgNubQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=GfmDffLsZs/0oQiUmvGXMqng5+IWz0OXr0Tu+5Rp2Ws=;
 b=Zbsq+aUZvUEcUvp5SXn0ZzCM4hpHL/N4qCcptmYdEHalGnxrKBAedF1Z/qijy0y4JHyEVzkqKOVNrE3AjukdAj0Dg/u+/1EfT9KNumkTkpYK0i7B6vAFjnvm5cRfN/TyvChMZVMShsMPCj72r+ygfjdcuSfVLBQZGdht2EKfWkU=
Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15)
 by PH0PR11MB4775.namprd11.prod.outlook.com (2603:10b6:510:34::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.16; Tue, 21 Sep
 2021 09:04:10 +0000
Received: from PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b]) by PH0PR11MB5064.namprd11.prod.outlook.com
 ([fe80::c93:200e:5aeb:e11b%3]) with mapi id 15.20.4415.029; Tue, 21 Sep 2021
 09:04:10 +0000
From: "Min Xu" <min.m.xu@intel.com>
To: Gerd Hoffmann <kraxel@redhat.com>
CC: "devel@edk2.groups.io" <devel@edk2.groups.io>, Ard Biesheuvel
	<ardb+tianocore@kernel.org>, "Justen, Jordan L" <jordan.l.justen@intel.com>,
	Brijesh Singh <brijesh.singh@amd.com>, Erdem Aktas <erdemaktas@google.com>,
	James Bottomley <jejb@linux.ibm.com>, "Yao, Jiewen" <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector
Thread-Topic: [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector
Thread-Index: AQHXqUWVKGnjdIxMkUC5t80PA95r5qumTbwAgAZmoeCAAUifAIAAGbPg
Date: Tue, 21 Sep 2021 09:04:10 +0000
Message-ID: <PH0PR11MB5064716FDAFCA01F3010D961C5A19@PH0PR11MB5064.namprd11.prod.outlook.com>
References: <cover.1631608384.git.min.m.xu@intel.com>
 <c84dd6146c1d80e7cf3c90153635b2cf6e55c67b.1631608384.git.min.m.xu@intel.com>
 <20210916075456.ymddpwrguipziq2f@sirius.home.kraxel.org>
 <PH0PR11MB5064EFD6FD594C458BACBE06C5A09@PH0PR11MB5064.namprd11.prod.outlook.com>
 <20210921051600.q73rd2bq2zj2juc3@sirius.home.kraxel.org>
In-Reply-To: <20210921051600.q73rd2bq2zj2juc3@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-reaction: no-action
dlp-version: 11.6.200.16
authentication-results: redhat.com; dkim=none (message not signed)
 header.d=none;redhat.com; dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 91de30e3-bcf8-40af-b2ab-08d97cdec654
x-ms-traffictypediagnostic: PH0PR11MB4775:
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <PH0PR11MB477574D98C14CD7D0EDAB386C5A19@PH0PR11MB4775.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6790;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: NlqLfoarmmNNsFSKbmyzkTlks0ToUT4w+zzq2+J5/iIFWZN+RGNox6SAPl44pFYFbDzc5zsxsiDFubJ1bQqUxkXUnUTaP9DIlhZy+q68l9XfAuEbwuiGNHJnggwkkDrmmTXTv177644Tc6yXwN/IQ4H/X0Vpift6plLQ1fA+A6oBH0Y74YILDEMu7LmsYEpZfCC0gPDradVkMYo9vUz49nkj1EF9dLhqDJQraY32SdzETbGVrgxbgf/+TrSFKecsBY/vbiXzmsHrIWp7TikMx0SUNiSgH5HZYHvVaXak7JB0VfT5wBwh6B+1GdLvyP/jkfy5O9mc0+4ypebkmhIXHd8wSRb6vYWf/84aPD7CMz8CNUgimIA3UGoO0ARJjFqbMX3Jt3pRkilp5KEU16xvaNUL0tisw2BcDPWFVf+IR2/pZzvdf7RYGkiOC6dug3I5jBJ0OU3N39s9C3EsNQNGlzLpRHJuRAt/6btyoISLx/w3SM9cxlP/Qn9Ay+hYX2ZW/v+k0cqGvN9BBWya4PHPZqrrHPIkRaK4GQGrE/bPlCXMSfPWATx/lW9lpURQ7r2l/a3EsKaFA8VKi9j6Lwyp6DcQ4BBKHdu7KyfEk8vEpv7Bj3288WVk7uGNqcSDdzttp85K9WzkmM9pbdExW2VB4apLUu4GQCU/fj9RpGIDdEN7wZNQ+H7qCoITEG9iG6TPK1DaFrPZXB7J8Wk2w6ziZw==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(52536014)(5660300002)(66476007)(6916009)(64756008)(66446008)(71200400001)(83380400001)(8936002)(66556008)(76116006)(66946007)(2906002)(33656002)(9686003)(508600001)(38070700005)(38100700002)(122000001)(4326008)(55016002)(54906003)(8676002)(86362001)(26005)(186003)(7696005)(316002)(6506007);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?RpZkF2Gctu3GggyaZuRVZjFKB4S0gARaAY+k0xkWjihVpfkpSWzH2GkHE11j?=
 =?us-ascii?Q?rFKzT6WQbLBY9glbpmahScrDO2BxmDVOHfT+acXrThqk9n1AttACOE/sNA1E?=
 =?us-ascii?Q?B1hUuw+qdbCeZoDi2xLRzgRvqqPJWy+pOdfa8FGBMuZilnDjfBXLAetjO4Wc?=
 =?us-ascii?Q?dM+HaVd9EpMvCIlUYHxbSWJPU6j8G9pTAq3/dFovAJoswiE4NdPFFxcQnNFF?=
 =?us-ascii?Q?2/lMdJ7Ynws9Q2Ch6GkdsVo/gz78vU8HOy5XVN92sR2TxNXI//mfD94etWd4?=
 =?us-ascii?Q?9wz0Z3JqIBCBQKgMe6LTV2M7A+7U1TJbtMHbbg5rBfRVL57QLtev8ipCMil5?=
 =?us-ascii?Q?vS25vweMvnU7VZRmu/77HmanudDA/tPUA56jdr6M55tdW5FFSaLF6926K6Hp?=
 =?us-ascii?Q?xwvEOOoTdGY62EuvxQpm3M9hTNKm4C0vWU/6UukxUerJCKWLqhbR4alm9EGQ?=
 =?us-ascii?Q?95Cq0vJ8VlI4MRNlma8HEbyFKnPxN2a5gfn6LeShYd2KfGyNB9iBTrSzaFnN?=
 =?us-ascii?Q?xZXKwbNOZ5Fm6jKk5mRiThPYXHqEJXlR4js7F+G3egv+LC7ds8YjA0lMFl+2?=
 =?us-ascii?Q?KU/xMQiP9jF99l7nBfPpwL5EwIQGp5lB3XSuJ2AQ97eU9FDBMcLbNMJtATqk?=
 =?us-ascii?Q?tFCRRV/cg2h6+HgC+Ety0wPHRMRuPWT61246OCgulG5TFRAsp/TWfiM0KiT4?=
 =?us-ascii?Q?6rFUStiyKyyuwaT38Wm/e6KdFUNN6OkJvaypFOUAa8I/KQClhjn4trpC5xEI?=
 =?us-ascii?Q?Ro7XGLpKTLLF2yUkqaRV+Kjj/ay4mx2oWO2YE2NHgUs1lMKQlK96wihu9wTl?=
 =?us-ascii?Q?rms76SYw1EBuQPPA2R5DRbBFhr0Af0rHC4o9TNzOtdrMYxZLiRl6fAmmZaNw?=
 =?us-ascii?Q?mr7xDUtVqDUn9nNV76ztEKmNCrIP5aFco7HqzWv/DF9SIiGuZ9Jx+SyMqNfa?=
 =?us-ascii?Q?T7XEJgDuAdMdrL6YBNJGjnHwWelri3+vDWaU03oAvkKRva29DsUpdo9R0gug?=
 =?us-ascii?Q?IvCVpjGG5p8uKBrUXmjwH1HrkLRei6l74KjKt/F5hm0O8Xsh8hatOJu733io?=
 =?us-ascii?Q?y2Igly5qOesPnlJmXoAkoLO+/709RApK1xmwnMq8aksaEMQc0YtAgaigEPsF?=
 =?us-ascii?Q?rIWTawGDyLbqoK0KxbDW8JXky/JheYaPpb0F+gsAwEWvHeTsERwvRDy9nJCC?=
 =?us-ascii?Q?/ys0VqhPz+/3NSx2Rw3U9Rfq/rYac4KyqqZGBbl5d6FwAqklXoa8IksMjeoF?=
 =?us-ascii?Q?eGcdXrKn+K+8uLWLiqP5RkUaKLBbJwmDATbTI7dtGBkEBw51bVokOznEaUay?=
 =?us-ascii?Q?EnFYZikLSmaJguWzALe3Jrp5?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 91de30e3-bcf8-40af-b2ab-08d97cdec654
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Sep 2021 09:04:10.0862
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: OVOZVgDbfDASEhqu86QpnGEBvzvjPdoi39R2if7Kf/ldZRzVUFX9ezml7yJ+HPYZxhNgOI3nSlfzoOQty8rrTw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4775
Return-Path: min.m.xu@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

On September 21, 2021 1:16 PM, Gerd Hoffmann wrote:
> > +
> gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64
> > + |0
> > + x60000017
>=20
> > +typedef enum {
> > +  /* The guest is running with memory encryption disabled. */
> > +  CCAttrNotEncrypted =3D 0,
> > +
> > +  /* The guest is running with AMD SEV memory encryption enabled. */
> > +  CCAttrAmdSev      =3D 0x100,
> > +  CCAttrAmdSevEs    =3D 0x101,
> > +  CCAttrAmdSevSnp   =3D 0x102,
> > +
> > +  /* The guest is running with Intel TDX memory encryption enabled. */
> > +  CCAttrIntelTdx    =3D 0x200,
> > +} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
>=20
> > ConfidentialComputingGuestAttr is a 64-bit PCD, the byte[1] indicates t=
he
> Guest type, byte[0] seems the sub type of the guest.
> >
> > And in the current definition of
> CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER:
> > typedef struct _CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER {
> >    UINT8                   GuestType;
> >   UINT8                   Reserved1[3];
> > } CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER;
> > Byte[0] is the Guest type.
> >
> > I am not sure what you mean:
> > > we should use the same approach (and the same enum) we are planing
> > > to use for the ConfidentialComputing PCD (see discussion in the other
> patch series).
> >
> > Shall we update CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER so that
> byte[0] is sub type, and byte[1] indicates the Guest type?
>=20
> The idea is to make GuestType larger (UINT16 is probably enough), then us=
e
> the CONFIDENTIAL_COMPUTING_GUEST_ATTR enum for GuestType too, so we
> don't have two different confidential computing guest type enumeration
> systems in edk2.
>=20
> So, yes, effectively that would make byte[1] the type (sev/tdx/none) and
> byte[0] the sub-type thanks to little endian byte ordering.
>
I see. But such change may impact the existing SEV code in SecMain.c. Maybe=
 there are more existing codes impacted.
I will not change the definition of CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER=
 this time. Maybe in the future this change is needed.
>=20
Thanks!
Min