From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (NAM04-DM6-obe.outbound.protection.outlook.com [40.107.102.77]) by mx.groups.io with SMTP id smtpd.web11.2540.1636650471822116157 for ; Thu, 11 Nov 2021 09:07:52 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=zhYrFatb; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.102.77, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GTd04HV35bbJbiWW4jLweRYXSmQn+OZzEGL8L93itpGbydpHxid6NUOQIeyn5bXSL7K39LXfWVW4sy2huuYR+ydErApOuAigd/ZfmfE4nbxpqaeVsGeVKW9pytG5eWjP9b4eNgfrTDWtUgT+vMtw3155WPgB9iNnEO6IF8q+nOWhwdipUA0Q8XRUe9Tev0WoH+or/0C1LyqYVkia7qCwnSfx1J6fQgJQT3KWfX4T7PQMhpOhJw5VOIS1mpo/Q3odj7ZSmndEUhpSrsonaPQzZG3T76wWv6wYr3AFFNJL8DWKeiDNRFBcmI4G/mKZX8Gt7LYEXgpIfRE1dMBbUtKAMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Afx4ouhe68ScjvG0qRPxJrsW8OuvwGp3c+GEGYbHpBI=; b=Mf87J7Jd0iK3alNXp5t03EErFJ3Vgmh0IsZOPbD/zvY4URvOyc9C76+zeeQp/y5dh/hW7GFl4kFp7lpmoWPWELiGMqNNdz5BcJ6CUGiekP476M6rDLgDfnasgyyM5n2sZZmhysKmUBHjqqyoyo886+gBdtpIFBCiK6LF2Ms1wllVYJIWSDsd//+hbdpp6rfp5LbRe3Ux7JVm5lLDArT5VGy6PCSJihLAxUv0dJ/599vupmPkrxyeESGFi1rqWsScsSVGCR7S03rf8TIG/QsyumO3YU7O2KwQHlaGO3DKhS8zlL8yfJiyDjVq60bRhKKxBX/W5FKpiZkBMzwxZXuyBg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Afx4ouhe68ScjvG0qRPxJrsW8OuvwGp3c+GEGYbHpBI=; b=zhYrFatbF5L5vSC9BCLHp75xLinNHLDIHg75eAHp0UJGC4Z2PuF1o2ZeVX51OkrJfW0XG2zfVy/bLoVcKtvKp/ZaII62BV3Nn//o6thT9WjSlWYUMNlNUoW3tTlXYqLPjKUvAr1ugv+w4ISxPmu22/F9SbnuRpgzPaw7tIcaZYk= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4574.namprd12.prod.outlook.com (2603:10b6:806:94::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.15; Thu, 11 Nov 2021 17:07:50 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::e4da:b3ea:a3ec:761c]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::e4da:b3ea:a3ec:761c%7]) with mapi id 15.20.4669.020; Thu, 11 Nov 2021 17:07:50 +0000 Cc: brijesh.singh@amd.com, James Bottomley , "Xu, Min M" , "Yao, Jiewen" , Tom Lendacky , "Justen, Jordan L" , Ard Biesheuvel , Erdem Aktas , Michael Roth , Gerd Hoffmann , "Kinney, Michael D" , Liming Gao , "Liu, Zhiguang" , "Kumar, Rahul1" , "Dong, Eric" Subject: Re: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr To: "Ni, Ray" , "devel@edk2.groups.io" References: <20211110221457.2397234-1-brijesh.singh@amd.com> <20211110221457.2397234-21-brijesh.singh@amd.com> From: "Brijesh Singh" Message-ID: Date: Thu, 11 Nov 2021 11:07:46 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0 In-Reply-To: X-ClientProxiedBy: BL1PR13CA0447.namprd13.prod.outlook.com (2603:10b6:208:2c3::32) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 Received: from [10.236.30.107] (165.204.77.1) by BL1PR13CA0447.namprd13.prod.outlook.com (2603:10b6:208:2c3::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.5 via Frontend Transport; Thu, 11 Nov 2021 17:07:48 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d7e3d7ae-90e4-44dc-0ea3-08d9a535ca73 X-MS-TrafficTypeDiagnostic: SA0PR12MB4574: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: eXWUThPPlidU/Hxdvjn0GZiev8JIzTisafxUjhw5PeW65fY4FYanQT2JdN2q+JyOSIqhiwJ82do4C4oIBpQSp25u35TyL6ch+K9Eb16z17LsCDA4fF90QJwBA8v0jl4zbasWWWD+ibbh4vTd+X0kPzEjAaCGsWc6J3/GTDgETv9yFYPmtysC+al6nGIWGY+u2zbUCARAEum+aWaTTe6zHoj6sfeck4ODasKwIxGteDafi8SD34aWdLfKo7e8RKGNP0Tohb2fJtFgq0IynvSIR8xW1t6xnIjiPMcQ4dZLmPpstKbQfKD+ovVXtvRF9xvavM2BGOatNVoGfExQXRYT771WE54jxzx51oJiYfGmMEj7hF4LJdNPiFo9erkcRX9tOR6DK+sDyndzEyfz+5V/B2ix8Oq3SHhbAyUpzB1suL/MYcs6ltNxzISiqt74qnYfl9WA3LVXsAt/CVJ+TCs9eEx5BFJsFBY9usjmgdmyL4/puf7dBLJwuCJQ5WoielP1lWjwbLJMzK6xZ6a7gQylx6csaOclTQ561RoICfWrQ4WpnhIxn9ddeUv8jcShuQcwtohvFIOPAhcQ6CAWbWGU2SNf3QfY2GuzApaRfCQUX9wfXxC9GXrGe3U+CFKWPbW16J5+s72PJiconpjW89kKfaR34siqcPjF5HMjdG5lJIPctHQkueUN83UL5I3uyCEXBjSSWcfWqUcyANcF9jzrCb25kfNGP2Rfz61xBeYz0sWzBge6Ubib6s7IjT3AF8Tl1XhNCtgFnpR8VZRmdDTV0BOvHMkH0WMZdUKWOUAmceTk7NYY/ovE7620JPaL6dSSo+U2HNf2C/S5B4pjN3a89g== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(4326008)(31696002)(44832011)(54906003)(110136005)(8676002)(8936002)(53546011)(31686004)(16576012)(966005)(316002)(186003)(7416002)(508600001)(66946007)(36756003)(956004)(2616005)(38100700002)(86362001)(5660300002)(26005)(66476007)(66556008)(2906002)(83380400001)(6486002)(45080400002)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?YnpLUHc0SEdpaEhJcVcvdTlLZ1BCcDR5L2tZYU51UHNtRW9NNHdmUVpIR0N1?= =?utf-8?B?d1ZUd0F1V3BjWjBzT0JZdUNvRkhXTVlxMElmT0oyKzhGT2hnQ0lCN2c1eWRP?= =?utf-8?B?bDA4ZGZwRmJtSVg4RTNOUWhqV3dFbEtjaUxlWHZsWnFmSEpFRFNkditwTGRu?= =?utf-8?B?b3l1Q1pKRC9QMElBcTBaaFNtRVlUWWEvZVlRNlJGMTVBaVVjcjV1T0dCdEdO?= =?utf-8?B?eGxIV1ZmVDBNaFVod3J6TGRoYzFlRkQyNDRINDZIU2hwSXV0bXBxcUNNU2VS?= =?utf-8?B?WldmWXhPMVIwaXR3bXVCWWlLZERrQ056RFExSng3eUlDZ0VVaDRPTnFYYkl1?= =?utf-8?B?NnY5NlZwZXI3U0dkd01qNDI2dGZIV0R6aDVxcFN3ZzVDblcyYTZRdUJqL09O?= =?utf-8?B?OHVaMFYrVGs4ZHNCWnFtSkNsbHVkWGZhTjhxNE9VWFZqT005dzdqR2NFUkFV?= =?utf-8?B?dFMvalNpdjBUc1hKNkxCU2RlUHM0bHVVMHhnVUdocHlkZXgrU1FWTHgyaEVN?= =?utf-8?B?ZVVQeEFmZlFoYjNZVG1wQkV1eDlXd0o4MkVNSmNVa0lKL0U4WDdrS3ZrdDZs?= =?utf-8?B?bEFkNTRyb1Z3UGpNSlRMdnJYM1dMM1pmMG10YmpydkhiWkttOEN5NWdhSDVq?= =?utf-8?B?SHo1Z2x3V3VJcnpQVjUwNXh6R1JMWm1JWHZIT0ZYQWJqOGFadVc4OGtoZ0Rh?= =?utf-8?B?dy9EakRCR0RzYUlIZFE0N0VESHdtVlFsZ0M3RkxBS3JoY2V6dWVVSE1XZEgv?= =?utf-8?B?ZVRtN21SM1Rtc2xrWlJkOFpQeXVpcWd6SmtWM3NhcGJmRlBEbGQxZDErWGxi?= =?utf-8?B?YXRtN2hNaFFIaFk3Ujh6bGJnYVQxQ0RONFpVcGtVdkwzc3VIM0JXQ3JCRTJ6?= =?utf-8?B?bm5LemF4aVYxTitKM1FRVFh4cUtqak5kZ1RQR0pOY1RGZjJjWWY0TGdQeXNS?= =?utf-8?B?UUhyTURTNDZxT1ZvK1RTbldkZ01tQ01Oa1gvNHhMcVZzMSt4OWNHZ0g3ZDNM?= =?utf-8?B?VjIyTW51NzlzR2p3cFIvUThXaU5kMVBLc0NuWU84WDJoQnJqeWlNYzR4WFFM?= =?utf-8?B?T0ZiNGV3NXRKQ2paSW9JMW15OFVIQzBXRGxoY2hKWi8yTDZwK21YdC9nUzdS?= =?utf-8?B?bFA5OERuMFRRUEFyN0p6RW4xSm03a25hYkZHbURFeGRCdjk0YjhOREg0bWtE?= =?utf-8?B?MjdjN2t4Q1BMdkdHaURPcjFvRXJ6SHlOemt6SmxOV2YvNS80QUNZOUkyMldj?= =?utf-8?B?OVZVc3FxY0lkM3IrK0k2UjUxWGtqVkZocmZiQTNrN3BIOUMxajFRUnFUZVNE?= =?utf-8?B?eTlKc013eDJxVUxkanpxdGZHS2tnbGFhYVVpai9uenFEUFVPb0IvbmtaQ0tk?= =?utf-8?B?RTVIT21vZUdMOVQ4akUzQk5xdnk1dTdpR3Q3S0xQOVc5Y0gydUdaekV6ZWZH?= =?utf-8?B?cXl4T25rbUREcXB5N1FlSVQ1bDViTXdtajFORjJjMng4RitqNVhTcXp1SGFn?= =?utf-8?B?dm5VRTEvQWd4OHpvNFNuVzBHVmxzY1hMRG54eWNTK0VIRS9TTHpFVGhsRDMr?= =?utf-8?B?TFkya2llbHJ0eWhSN1F3ai9QUkVUWE05bUIxeStFNEgvSzRDbkFwQ0tGb0I0?= =?utf-8?B?a1hRZm9ZYmZGUVNpL1hHWkR3YjlEY1N4Ny93dWhGZDRNbElmTDVJUVhXUWt4?= =?utf-8?B?a1IxeGxxYUVCeGd5ZnVGZUpFcm14MUpKWVVyaE5IZktoZXI0bDV5czFOZFFv?= =?utf-8?B?Q000ZTRCY0FJd0VwNlk0Z3B2S1lpRGNTTXYrNTJDTnNzSmhaR29sMHo3TDh4?= =?utf-8?B?b2pHczQ1TWhOUU1VY1JydUJiQmNmNVBhU3RPeDRVZHMrL0RydHM1MUNtR3Fq?= =?utf-8?B?TDVTL1FYQkpCN0pldy8xbEo4Y1p2UVM3UnhhaGZ6bkVkQVB2UWo1ZmxOUFYr?= =?utf-8?B?eEJLVU1za29uc1dSRzJkRytkNzZCRTRjS1ZBekdoUDJySUk3Q3pVTmp5cXpY?= =?utf-8?B?eHFDQkV5Q1c0dktmMW10Mms5YjI5T3dScmdQZ3lRM3AvN3MyMStlTFhQZERD?= =?utf-8?B?a2NuaGVZL2dvd2g0K1laUDZ4c1NSMUFWaG4wZG5mUkYvWm1UVDU2L245UnlR?= =?utf-8?B?aEFzVFBEcHhQckhOTWsvcHV2dWVPUWtGbVFCYmwxYytpTUNKWDZNQXYxQU01?= =?utf-8?Q?yy2vufDRcylXMS2njPAxGYs=3D?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: d7e3d7ae-90e4-44dc-0ea3-08d9a535ca73 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Nov 2021 17:07:50.1281 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: j6lLvB0HieZryDJd9doDHXV7blRtQTdBy2sww17fNwwW7LXOpM4sSZrLuxj/zgESc13CXbg9RBN96c56QZFbQQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4574 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Hi Ray, On 11/11/21 8:00 AM, Ni, Ray wrote: > I don't prefer to use a dynamic PCD for passing data. > > Because developers don't know when this PCD value is finalized (PCD always has a default value). > > If the value is determined in PEI and consumed in DXE, HOB is a better choice. > If the value is determined in PEI and consumed in PEI, PPI is a better choice. (you can use PPI depex) > If the value is determined in DXE and consumed in DXE, Protocol is a better choice. (You can use Protocol depex) > I wish you had raised your concerns early to avoid going in this PCD direction. The PCD approach was discussed some time back. Both the SEV-SNP and TDX patches are dependent on it. Having said so, if your preference is not to use the PCD, then it can be done after SNP and TDX patches are merged. Jiewen/Min/Gerd thoughts? thanks > -----Original Message----- > From: Brijesh Singh > Sent: Thursday, November 11, 2021 6:15 AM > To: devel@edk2.groups.io > Cc: James Bottomley ; Xu, Min M ; Yao, Jiewen ; Tom Lendacky ; Justen, Jordan L ; Ard Biesheuvel ; Erdem Aktas ; Michael Roth ; Gerd Hoffmann ; Kinney, Michael D ; Liming Gao ; Liu, Zhiguang ; Ni, Ray ; Kumar, Rahul1 ; Dong, Eric ; Brijesh Singh ; Michael Roth > Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr > > BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C40483d937fa84cebe69908d9a51b9afd%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637722360254370524%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=EtT7bzDCZxsMA9sTCqISftp62QbezdoSf4k2eCfZsws%3D&reserved=0 > > While initializing APs, the MpInitLib may need to know whether the guest is running with active AMD SEV or Intel TDX memory encryption. > > Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute. > > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Zhiguang Liu > Cc: Michael Roth > Cc: Ray Ni > Cc: Rahul Kumar > Cc: Eric Dong > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Erdem Aktas > Cc: Gerd Hoffmann > Suggested-by: Jiewen Yao > Acked-by: Gerd Hoffmann > Signed-off-by: Brijesh Singh > --- > MdePkg/MdePkg.dec | 4 +++ > .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ > 2 files changed, 29 insertions(+) > create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h > > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 8b18415b107a..cd903c35d2ff 100644 > --- a/MdePkg/MdePkg.dec > +++ b/MdePkg/MdePkg.dec > @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] > # @Prompt FSB Clock. > gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c > > + ## This dynamic PCD indicates the memory encryption attribute of the guest. > + # @Prompt Memory encryption attribute > + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x > + 0000002e > + > [UserExtensions.TianoCore."ExtraFiles"] > MdePkgExtra.uni > diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h > new file mode 100644 > index 000000000000..495b0df0ac33 > --- /dev/null > +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h > @@ -0,0 +1,25 @@ > +/** @file > +Definitions for Confidential Computing Attribute > + > +Copyright (c) 2021 AMD Inc. All rights reserved.
> +SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ > +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ > + > +typedef enum { > + /* The guest is running with memory encryption disabled. */ > + CCAttrNotEncrypted = 0, > + > + /* The guest is running with AMD SEV memory encryption enabled. */ > + CCAttrAmdSev = 0x100, > + CCAttrAmdSevEs = 0x101, > + CCAttrAmdSevSnp = 0x102, > + > + /* The guest is running with Intel TDX memory encryption enabled. */ > + CCAttrIntelTdx = 0x200, > +} CONFIDENTIAL_COMPUTING_GUEST_ATTR; > + > +#endif > -- > 2.25.1 >