From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM04-SN1-obe.outbound.protection.outlook.com (NAM04-SN1-obe.outbound.protection.outlook.com [40.107.70.55]) by mx.groups.io with SMTP id smtpd.web10.2448.1576185714508961531 for ; Thu, 12 Dec 2019 13:21:54 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=UhRc1upd; spf=none, err=SPF record not found (domain: amd.com, ip: 40.107.70.55, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NyhaOcI9XqCnMeBUugqbRcbUROoGEbtRoUpRoYCjZ8y5D52C1p30rq83m5KLDJYu6ZU53pM5cN5nRUdtbOkuUjkHSONOHomGGHn/+nDcppeznxh9FUMVQT0z7HCIEvCMcKxW3/emEBcntmlqCcsWlJBEPT1KlE0ocmGZk0q/IJ/2NY9ylcHsC9nmnf/2516mvinfLoNPBE76MLJq8cBd4vBCEGI7MPitQrEf8nZ/fR0pD8GcsxA2WGJsP0v3HfvqZL9j5XCryWKOdwpgOqJhl/HU8xdON9mXAxD7JfnlHPks1Ywp67GaYCT8YkKFHtVv/oImtJ5Lhjq/W59L/Pfjmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=USe6HjUL9xx4MsYgYkBeym2b7dBFNyqpJdlFh5+n0Uk=; b=QRKThHvqDaFprK7Ii1A8GDhuewyk/+j9ZsWch8aIS6lLHGm8eqDlmLkNLuXBgRo41QI/rfz+ufyF4RtWj/1G/GGPH7Ia/lKZeMuYYegbLzyWnchazujGNCaIbPjLUbV4MGrHkI8p2jg3AwVFl9Ueu2l4G0zjBiNDoKfiPJ00d1qrpU2pCUAixP8AfvFHALDhP+BkXoAX3xNTtWdJADEX6q2guHItRTu+vjNoPda/56M03oC99yGtcwg3Tlh+Q7mLru3ZHqRCgdkHXPTN7ajVPvgkQICe3tRcBhl9s4xQYjdhLuKEvHqdkuDeQjP/c/nVmIK/6HRjI97HP06I5lGx4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=USe6HjUL9xx4MsYgYkBeym2b7dBFNyqpJdlFh5+n0Uk=; b=UhRc1updxIHvjHUKVTFbp0DRWiY2OoSNGFyq8a/+ov44ZEjumvBvRTb6WRcuV7fXArkr1FEkZSR7UanTyCaJ4rGifmxgZA0uiih0Ebg0zKCpwEawNmy2syCrNtxKFS0DECUje+UhfUZPfkXJHtS/oCTkWzN2OP/KjCO2NzBv5FA= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Thomas.Lendacky@amd.com; Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.71.154) by DM6PR12MB4265.namprd12.prod.outlook.com (10.141.184.78) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2516.12; Thu, 12 Dec 2019 21:21:53 +0000 Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::c16f:b437:4266:dbc1]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::c16f:b437:4266:dbc1%4]) with mapi id 15.20.2516.020; Thu, 12 Dec 2019 21:21:53 +0000 Subject: Re: [RFC PATCH v3 35/43] UefiCpuPkg/MpInitLib: Add a CPU MP data flag to indicate if SEV-ES is enabled To: "Ni, Ray" , "devel@edk2.groups.io" Cc: "Justen, Jordan L" , Laszlo Ersek , Ard Biesheuvel , "Kinney, Michael D" , "Gao, Liming" , "Dong, Eric" , Brijesh Singh References: <195851106387c3b63780c6c1b04e14438d6032a5.1574280425.git.thomas.lendacky@amd.com> <734D49CCEBEEF84792F5B80ED585239D5C399A9D@SHSMSX104.ccr.corp.intel.com> From: "Lendacky, Thomas" Message-ID: Date: Thu, 12 Dec 2019 15:21:51 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 In-Reply-To: <734D49CCEBEEF84792F5B80ED585239D5C399A9D@SHSMSX104.ccr.corp.intel.com> X-ClientProxiedBy: SN1PR12CA0095.namprd12.prod.outlook.com (2603:10b6:802:21::30) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:15e::26) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 52fb7093-dd74-44b0-9039-08d77f494f17 X-MS-TrafficTypeDiagnostic: DM6PR12MB4265:|DM6PR12MB4265: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:7219; X-Forefront-PRVS: 0249EFCB0B X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6029001)(4636009)(346002)(39850400004)(396003)(136003)(366004)(376002)(189003)(199004)(13464003)(53546011)(4326008)(54906003)(52116002)(6506007)(31696002)(8936002)(478600001)(45080400002)(966005)(316002)(31686004)(110136005)(6512007)(5660300002)(81156014)(81166006)(8676002)(66556008)(26005)(6486002)(66476007)(66946007)(86362001)(2906002)(19627235002)(36756003)(2616005)(186003);DIR:OUT;SFP:1101;SCL:1;SRVR:DM6PR12MB4265;H:DM6PR12MB3163.namprd12.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; Received-SPF: None (protection.outlook.com: amd.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6hIDOYOXWdKq43FZ9iL5dVgoxpzz4Z2pCCpmcO2vc4MJW5gWfCIlZQpWMZEpOozphaL+pYDaTz49XNJjHLdkSWSnYwsof4CgtrUaujD5fknlqUwMNsLsinZbJSxk5ZUUj3MiWW3H8hAstYFg19bsldOD9JLlqXYhl46ThNdeGyMXSULRJwlq1QiitbJu7EtNaoosilfJ88/NXb51kJc/E88+sZi03z/Fijm/wA+LP5jGY/Igr7u0fpEvKKUXYOui+UUy7ViEcoYsbgGj9LqKiW/7yARe+DaATdP0wt7H42sFDImvns/BNfhPwZUnTCODrA9kTzzX59kYlnySWrZUYP80E7vBPlkpFkQo80mTQ+F1w3zXKWcpauAdSZ9L4MyQNSOiOV/zKSxvn0iZ8ISLq6dKQKHiKol0lQGIPTgr6OuXwjqf8KabEi2krHT+d8t+aZ9oPkVvI+mE+fv+fCzeabZ2dLYb5J/bdIF5NZ6827EE8J8G/MSWDeCyxBGFSQn3zdM1tgKmFUsAM0y1mQgjPDqVAvsAJtLD61Xy/M54OdQ= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 52fb7093-dd74-44b0-9039-08d77f494f17 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Dec 2019 21:21:53.4747 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: EC+Q4396EdcYnurs/0gXfq0r3pS8zDxu4s4lewYHY7zXYEKKKBrqz0hkrPff/QqkdpWu3PcnLk3h3k2TRCiQ8g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4265 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 12/12/19 1:01 AM, Ni, Ray wrote: > OK I see now the Enable PCD is defined in MdeModulePkg, produced in platform and consumed in MpInitLib. > > Is there a way to easily detect whether SEV-ES is enabled? (without triggering CPUID as what SEC does) No, I would need to read an MSR and I really should be certain the MSR is valid before trying to do that - and that requires checking CPUID. > > If no, can you define the PCD in UefiCpuPkg? I should be able to do that. Let me give it a try. Thanks, Tom > > >> -----Original Message----- >> From: Tom Lendacky >> Sent: Thursday, November 21, 2019 4:07 AM >> To: devel@edk2.groups.io >> Cc: Justen, Jordan L ; Laszlo Ersek ; Ard Biesheuvel >> ; Kinney, Michael D ; Gao, Liming ; Dong, >> Eric ; Ni, Ray ; Brijesh Singh >> Subject: [RFC PATCH v3 35/43] UefiCpuPkg/MpInitLib: Add a CPU MP data flag to indicate if SEV-ES is enabled >> >> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2198&data=02%7C01%7Cthomas.lendacky%40amd.com%7C8541911e903d4d05cb4708d77ed10ec4%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637117308681418556&sdata=Vt3vjZ7afbFWT59nR%2F332FMHm%2F%2FBkq62%2BN6oKEfiraE%3D&reserved=0 >> >> When starting APs in an SMP configuration, the AP needs to know if it is >> running as an SEV-ES guest in order to assign a GHCB page. >> >> Add a field to the CPU_MP_DATA structure that will indicate if SEV-ES is >> enabled. This new field is set during MP library initialization with the >> PCD value PcdSevEsIsEnabled. This flag can then be used to determine if >> SEV-ES is enabled. >> >> Cc: Eric Dong >> Cc: Ray Ni >> Cc: Laszlo Ersek >> Signed-off-by: Tom Lendacky >> --- >> UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + >> UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 1 + >> UefiCpuPkg/Library/MpInitLib/MpLib.h | 2 ++ >> UefiCpuPkg/Library/MpInitLib/MpLib.c | 1 + >> 4 files changed, 5 insertions(+) >> >> diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf >> index cd912ab0c5ee..f84dbb09ae49 100644 >> --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf >> +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf >> @@ -69,4 +69,5 @@ [Pcd] >> gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode ## CONSUMES >> gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ## SOMETIMES_CONSUMES >> gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## CONSUMES >> + gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsIsEnabled ## CONSUMES >> >> diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf >> index 1538185ef99a..9c1215ec75d0 100644 >> --- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf >> +++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf >> @@ -60,6 +60,7 @@ [Pcd] >> gUefiCpuPkgTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize ## CONSUMES >> gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode ## CONSUMES >> gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ## SOMETIMES_CONSUMES >> + gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsIsEnabled ## CONSUMES >> >> [Guids] >> gEdkiiS3SmmInitDoneGuid >> diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h b/UefiCpuPkg/Library/MpInitLib/MpLib.h >> index 8fa07b12c5e1..c10fe894cf9b 100644 >> --- a/UefiCpuPkg/Library/MpInitLib/MpLib.h >> +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h >> @@ -259,6 +259,8 @@ struct _CPU_MP_DATA { >> // driver. >> // >> BOOLEAN WakeUpByInitSipiSipi; >> + >> + BOOLEAN SevEsIsEnabled; >> }; >> >> extern EFI_GUID mCpuInitMpLibHobGuid; >> diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c >> index 49be5d5385d9..aa25bf9b3671 100644 >> --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c >> +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c >> @@ -1708,6 +1708,7 @@ MpInitLibInitialize ( >> CpuMpData->MicrocodePatchAddress = OldCpuMpData->MicrocodePatchAddress; >> } >> InitializeSpinLock(&CpuMpData->MpLock); >> + CpuMpData->SevEsIsEnabled = PcdGetBool (PcdSevEsIsEnabled); >> >> // >> // Make sure no memory usage outside of the allocated buffer. >> -- >> 2.17.1 >