[AMD Official Use Only]


Hi Min,

I am good with Gerd suggestion. Now that we have workarea containing the guest type, I can sure summit a patch to simplify the checks greatly. I am waiting for the UefiCpuPkg maintainers to ack our SNP series so that I can start building/cleaning other stuff.

Thanks
Brijesh


From: Xu, Min M <min.m.xu@intel.com>
Sent: Wednesday, November 3, 2021 8:35 AM
To: Gerd Hoffmann <kraxel@redhat.com>; Singh, Brijesh <brijesh.singh@amd.com>
Cc: devel@edk2.groups.io <devel@edk2.groups.io>; Ard Biesheuvel <ardb+tianocore@kernel.org>; Justen, Jordan L <jordan.l.justen@intel.com>; Singh, Brijesh <brijesh.singh@amd.com>; Erdem Aktas <erdemaktas@google.com>; James Bottomley <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Lendacky, Thomas <Thomas.Lendacky@amd.com>
Subject: RE: [PATCH V3 20/29] OvmfPkg: Check Tdx in QemuFwCfgPei to avoid DMA operation
 
On November 3, 2021 2:51 PM, Gerd Hoffmann wrote:
> > +/**
> > +  Check if it is Tdx guest
> > +
> > +  @retval    TRUE   It is Tdx guest
> > +  @retval    FALSE  It is not Tdx guest
> > +**/
> > +BOOLEAN
> > +QemuFwCfgIsTdxGuest (
>
> QemuFwCfgIsCC()
>
> > +  return (CcWorkAreaHeader != NULL && CcWorkAreaHeader-
> >GuestType == GUEST_TYPE_INTEL_TDX);
>
> GuestType != GUEST_TYPE_NON_ENCRYPTED
>
> >      if (MemEncryptSevIsEnabled ()) {
> >        DEBUG ((DEBUG_INFO, "SEV: QemuFwCfg fallback to IO Port
> interface.\n"));
> > +    } else if (QemuFwCfgIsTdxGuest ()) {
>
> if (QemuFwCfgIsCC()
>
Hi, Gerd
I re-check the MemEncryptSevIsEnabled() and it doesn't simply check the GuestType. Instead it does more checking.
See https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftianocore%2Fedk2%2Fblob%2Fmaster%2FOvmfPkg%2FLibrary%2FBaseMemEncryptSevLib%2FPeiMemEncryptSevLibInternal.c%23L34-L88&amp;data=04%7C01%7Cbrijesh.singh%40amd.com%7Ce9ff44a121444737aa8d08d99ecedcd6%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637715433574095127%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=h2q2P79zm%2FfF44q35%2FGFmVI%2BOShQGwdNIUEZZSToM%2FQ%3D&amp;reserved=0

Brijesh, what's your thought about Gerd's suggestion?

Thanks
Min