From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 27777D80591 for ; Tue, 26 Mar 2024 18:35:04 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=VONvlRQ7M46ApjOUFCyBVcVxyM6inl3k/DBi9+0Ljbc=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:User-Agent:Subject:From:To:CC:References:Autocrypt:In-Reply-To:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1711478102; v=1; b=DDcD22eC49kOSR13+sWkWYiK00/2ben2MU24tj22NSaHepdqcfsigWCgW5BmkCFD9mwv4rCw hoUP8JFjMNrdJ1c0+0KS6CyQv/qpXBir6VyJfAcf0aTvcGIcmO06qBP+KIkwoPV9tR/TKibiYU1 3SUIz9hb2qqDtYLAb1zlyCcjBpe0AsD6gGWHzkP4op5sCz9sEXiylap/CDSbzTHv9n2fX/hIXd6 zXfwEePEFRAQKprElzM37WkfN2jLQ/hJntFtpe4zD0YQ3PGEYc7Z/GRkhVD3Sz5ioOC8+YT2hUO MA0RjunojycpfRts2zr6+41DgCKvi9fOh0m3npvBtC/HQ== X-Received: by 127.0.0.2 with SMTP id nT6xYY7687511xtjjwXu1Oaf; Tue, 26 Mar 2024 11:35:02 -0700 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.116]) by mx.groups.io with SMTP id smtpd.web10.18335.1711478101542698518 for ; Tue, 26 Mar 2024 11:35:01 -0700 X-Received: from BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) by SA1PR12MB7248.namprd12.prod.outlook.com (2603:10b6:806:2be::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.32; Tue, 26 Mar 2024 18:34:52 +0000 X-Received: from BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::1032:4da5:7572:508]) by BL1PR12MB5732.namprd12.prod.outlook.com ([fe80::1032:4da5:7572:508%6]) with mapi id 15.20.7409.031; Tue, 26 Mar 2024 18:34:52 +0000 Message-ID: Date: Tue, 26 Mar 2024 13:34:48 -0500 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [PATCH v3 00/24] Provide SEV-SNP support for running under an SVSM From: "Lendacky, Thomas via groups.io" To: devel@edk2.groups.io CC: Ard Biesheuvel , Erdem Aktas , Gerd Hoffmann , Jiewen Yao , Liming Gao , Michael D Kinney , Min Xu , Zhiguang Liu , Rahul Kumar , Ray Ni , Michael Roth , Anatol Belski , Anthony Perard , =?UTF-8?Q?Corvin_K=C3=B6hne?= , Gua Guo , Guo Dong , James Lu , Jianyong Wu , Rebecca Cran , Sean Rhodes References: Autocrypt: addr=thomas.lendacky@amd.com; keydata= xsFNBFaNZYkBEADxg5OW/ajpUG7zgnUQPsMqWPjeAxtu4YH3lCUjWWcbUgc2qDGAijsLTFv1 kEbaJdblwYs28z3chM7QkfCGMSM29JWR1fSwPH18WyAA84YtxfPD8bfb1Exwo0CRw1RLRScn 6aJhsZJFLKyVeaPO1eequEsFQurRhLyAfgaH9iazmOVZZmxsGiNRJkQv4YnM2rZYi+4vWnxN 1ebHf4S1puN0xzQsULhG3rUyV2uIsqBFtlxZ8/r9MwOJ2mvyTXHzHdJBViOalZAUo7VFt3Fb aNkR5OR65eTL0ViQiRgFfPDBgkFCSlaxZvc7qSOcrhol160bK87qn0SbYLfplwiXZY/b/+ez 0zBtIt+uhZJ38HnOLWdda/8kuLX3qhGL5aNz1AeqcE5TW4D8v9ndYeAXFhQI7kbOhr0ruUpA udREH98EmVJsADuq0RBcIEkojnme4wVDoFt1EG93YOnqMuif76YGEl3iv9tYcESEeLNruDN6 LDbE8blkR3151tdg8IkgREJ+dK+q0p9UsGfdd+H7pni6Jjcxz8mjKCx6wAuzvArA0Ciq+Scg hfIgoiYQegZjh2vF2lCUzWWatXJoy7IzeAB5LDl/E9vz72cVD8CwQZoEx4PCsHslVpW6A/6U NRAz6ShU77jkoYoI4hoGC7qZcwy84mmJqRygFnb8dOjHI1KxqQARAQABzSZUb20gTGVuZGFj a3kgPHRob21hcy5sZW5kYWNreUBhbWQuY29tPsLBmQQTAQoAQwIbIwcLCQgHAwIBBhUIAgkK CwQWAgMBAh4BAheAAhkBFiEE3Vil58OMFCw3iBv13v+a5E8wTVMFAmWDAegFCRKq1F8ACgkQ 3v+a5E8wTVOG3xAAlLuT7f6oj+Wud8dbYCeZhEX6OLfyXpZgvFoxDu62OLGxwVGX3j5SMk0w IXiJRjde3pW+Rf1QWi/rbHoaIjbjmSGXvwGw3Gikj/FWb02cqTIOxSdqf7fYJGVzl2dfsAuj aW1Aqt61VhuKEoHzIj8hAanlwg2PW+MpB2iQ9F8Z6UShjx1PZ1rVsDAZ6JdJiG1G/UBJGHmV kS1G70ZqrqhA/HZ+nHgDoUXNqtZEBc9cZA9OGNWGuP9ao9b+bkyBqnn5Nj+n4jizT0gNMwVQ h5ZYwW/T6MjA9cchOEWXxYlcsaBstW7H7RZCjz4vlH4HgGRRIpmgz29Ezg78ffBj2q+eBe01 7AuNwla7igb0mk2GdwbygunAH1lGA6CTPBlvt4JMBrtretK1a4guruUL9EiFV2xt6ls7/YXP 3/LJl9iPk8eP44RlNHudPS9sp7BiqdrzkrG1CCMBE67mf1QWaRFTUDPiIIhrazpmEtEjFLqP r0P7OC7mH/yWQHvBc1S8n+WoiPjM/HPKRQ4qGX1T2IKW6VJ/f+cccDTzjsrIXTUdW5OSKvCG 6p1EFFxSHqxTuk3CQ8TSzs0ShaSZnqO1LBU7bMMB1blHy9msrzx7QCLTw6zBfP+TpPANmfVJ mHJcT3FRPk+9MrnvCMYmlJ95/5EIuA1nlqezimrwCdc5Y5qGBbbOwU0EVo1liQEQAL7ybY01 hvEg6pOh2G1Q+/ZWmyii8xhQ0sPjvEXWb5MWvIh7RxD9V5Zv144EtbIABtR0Tws7xDObe7bb r9nlSxZPur+JDsFmtywgkd778G0nDt3i7szqzcQPOcR03U7XPDTBJXDpNwVV+L8xvx5gsr2I bhiBQd9iX8kap5k3I6wfBSZm1ZgWGQb2mbiuqODPzfzNdKr/MCtxWEsWOAf/ClFcyr+c/Eh2 +gXgC5Keh2ZIb/xO+1CrTC3Sg9l9Hs5DG3CplCbVKWmaL1y7mdCiSt2b/dXE0K1nJR9ZyRGO lfwZw1aFPHT+Ay5p6rZGzadvu7ypBoTwp62R1o456js7CyIg81O61ojiDXLUGxZN/BEYNDC9 n9q1PyfMrD42LtvOP6ZRtBeSPEH5G/5pIt4FVit0Y4wTrpG7mjBM06kHd6V+pflB8GRxTq5M 7mzLFjILUl9/BJjzYBzesspbeoT/G7e5JqbiLWXFYOeg6XJ/iOCMLdd9RL46JXYJsBZnjZD8 Rn6KVO7pqs5J9K/nJDVyCdf8JnYD5Rq6OOmgP/zDnbSUSOZWrHQWQ8v3Ef665jpoXNq+Zyob pfbeihuWfBhprWUk0P/m+cnR2qeE4yXYl4qCcWAkRyGRu2zgIwXAOXCHTqy9TW10LGq1+04+ LmJHwpAABSLtr7Jgh4erWXi9mFoRABEBAAHCwXwEGAEKACYCGwwWIQTdWKXnw4wULDeIG/Xe /5rkTzBNUwUCZYMCBQUJEqrUfAAKCRDe/5rkTzBNU7pAD/9MUrEGaaiZkyPSs/5Ax6PNmolD h0+Q8Sl4Hwve42Kjky2GYXTjxW8vP9pxtk+OAN5wrbktZb3HE61TyyniPQ5V37jto8mgdslC zZsMMm2WIm9hvNEvTk/GW+hEvKmgUS5J6z+R5mXOeP/vX8IJNpiWsc7X1NlJghFq3A6Qas49 CT81ua7/EujW17odx5XPXyTfpPs+/dq/3eR3tJ06DNxnQfh7FdyveWWpxb/S2IhWRTI+eGVD ah54YVJcD6lUdyYB/D4Byu4HVrDtvVGUS1diRUOtDP2dBJybc7sZWaIXotfkUkZDzIM2m95K oczeBoBdOQtoHTJsFRqOfC9x4S+zd0hXklViBNQb97ZXoHtOyrGSiUCNXTHmG+4Rs7Oo0Dh1 UUlukWFxh5vFKSjr4uVuYk7mcx80rAheB9sz7zRWyBfTqCinTrgqG6HndNa0oTcqNI9mDjJr NdQdtvYxECabwtPaShqnRIE7HhQPu8Xr9adirnDw1Wruafmyxnn5W3rhJy06etmP0pzL6frN y46PmDPicLjX/srgemvLtHoeVRplL9ATAkmQ7yxXc6wBSwf1BYs9gAiwXbU1vMod0AXXRBym 0qhojoaSdRP5XTShfvOYdDozraaKx5Wx8X+oZvvjbbHhHGPL2seq97fp3nZ9h8TIQXRhO+aY vFkWitqCJg== In-Reply-To: X-ClientProxiedBy: SN7PR04CA0195.namprd04.prod.outlook.com (2603:10b6:806:126::20) To BL1PR12MB5732.namprd12.prod.outlook.com (2603:10b6:208:387::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL1PR12MB5732:EE_|SA1PR12MB7248:EE_ X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: TnxBQ99ZFNJdIZJbL6arZ2sFhRqWn0AEy7BYqegWnDOAxEzrxaOi2OrJBJAAxdWfnjBpfJWouMnCRbX1XqyRSFP8/3iA1v2rnCtWRtDuzISlQXOD/sROtvZiKe/X6SADlSCUMKZkleeV587l6PCQi0UEKE1Ugb590kVw/6kUVkuxQYOk01wQnjSNu84WV8ZB9IXYZxj1Vwz3t1vPG2IgC/Be9dMAxyjqmIJlw+T49WtRG+bmpBF9+hvcM5b4q5t4QcCL7VD/S+UQZZb7YLAA+pZ5ML822Q3nhbOTLAJV4grJuLdtNBRcIzW0DvXi/hbL6zgFZTX/txM4Ej+qHs5pseE1J5omJaYyIBMa9gnb1U3ln4yUBFvHtmoA4jIWq9/BUdidBj7G14czB6d/HMMbdHWqGpfucRhnxUrYOMaLxjKjFHmX2Z2lrrXbF7Z63VJbSvbdX8PVXptsrDzH/NZ2MLf8KlYFVsrSzNU50p0df+znxk81iUDtj8sodU6npA4WBdrOHXAU0n0ztOkS6GHJCHteNh2OPqdJKg+pTneV3MhvFK+k9T91BxfMwchfDrLLFR5WqZasIqAkfAbaoaQ6sxIgbUSBdR5qXyPw2mqkc6iNLhFE4kZDTvzdTjJjnVD1 X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?rj6jwwzeVIeeBdmGidtqQZlzpoxQQU1rg9wQt/kjyqgWN7b348/kBVihY6mm?= =?us-ascii?Q?2NBUonroVPcocWPB0vkwTk4TOM88EGfSx267AqI9qyzt/SJEUj4LLyn9+At6?= =?us-ascii?Q?wiokTLjsX4sQI9wRtF7Q1n2tS/R62JPWfKOdk2//JUtB9LTY6QCdaIcaJG9B?= =?us-ascii?Q?gWXjUP+/wTRe88u8p3RSht+TuWAmVbGPzFLZJi+CXL+V0ONlwdHPsDeEknob?= =?us-ascii?Q?Qda9OHpK5bALl1AS8AJFj9fpQQcUnXTPILy6KxX5SaLB2y+kFFoKmjshUqZS?= =?us-ascii?Q?OfK4jhEW2Y86IuhdGpIin8pUNKTN6qarn91JVIjS8qRCHTZ29XM/5pq9XgHP?= =?us-ascii?Q?DBpM4heF8wbx97Hemx4i7k7DD75PStE3czVE46zE6qn37nrL1xPnZiry0ENo?= =?us-ascii?Q?AM3rI++lNndIBvMw4HmjF/tVh4wXk9R1CFpk6Ui6323cgn+Dopa0Kh+/tSSy?= =?us-ascii?Q?gpel9N1Y08kdLbYJ29x8ZqECiX5xfbrLSdXBiOUSRNs+izh88Nhs88Ls1gsy?= =?us-ascii?Q?MJJQAL4JTLnY5BlrfPTt3QINj9FonwoTe5yJyiObWRFRPCfWOMCnWDNsOh9k?= =?us-ascii?Q?RqO8pD1oQG2l7A3ufwAXoc/sPiM+RTl+m4IqLkEAU+yCLUULUVdZ9NAa8Cwv?= =?us-ascii?Q?7BNcik1J+l+SpmtN95mXQdpznzz+vECel1NhMGIQQZhxznOer4+fjOpM8qut?= =?us-ascii?Q?2OTvtNGAgNz31K6XxKXvrUVkkPSfXHb94pBwcNln0A/Ty0WS0wPTkU6b6Rv2?= =?us-ascii?Q?CjzuQK1FgJC3qlD928sRQj9KWRMyM4PfD8zgh42z3W+P+dRtbjVmENxlHNbz?= =?us-ascii?Q?p4v6X54UFfKI4FHTV/QSni44yG7BX9fgRBg8lZ5FtyQ+KHbuduemoea6OUuj?= =?us-ascii?Q?SFmysqnpMRNiryl1YKn7qhVW+u5AuD9x+omLOMOcgj6xkOx1pLs1x2CFXM4B?= =?us-ascii?Q?BcrIi9w9mC6vwCIUecrne6E2CGerzjaZ7Q1S+J0X2mt2wJXTONKzl520Ij85?= =?us-ascii?Q?7hm3D0vtBKAkIlkLS2T/rBbca7Lh6wSSMN1LKcRCXdeI8lPJeH6bPOxxoLrY?= =?us-ascii?Q?AtYJcht/sCYWIO1wN1YC3KQXENumOKNAMaTUCPkojf3a5hpewq+8KyclJpUW?= =?us-ascii?Q?NmOqxZB0unvP7eZtiHr8PPfgtgVZY465SPlUysTA10l1lfU9xvRibFueaXeS?= =?us-ascii?Q?3Ih4Q4oGtiQWZNoL2esM/WP8447E+99yGRofEu3MLg2vSpwYNqyKzDhPozHI?= =?us-ascii?Q?6Jk/3PoClZhnlLBmQPoieAyq2n4crdRE39Yx+3fDQwjcPioL0VF1Y2QiLHiF?= =?us-ascii?Q?e6AHyPp3Qxgqo0rIvmgpLN/haR2sbezk4hp75PTSMmX+AsVuOL7pk8FhHIs6?= =?us-ascii?Q?5+60TqRPT2JY4pDPvoyACZwTW3vUWWdKvlqM32a0MMoVcIbbsyLZgU0T/sE/?= =?us-ascii?Q?Q2dJh1TbS4MwGyWiWbmtA3Cxzz0RwnnDU6Sqm4vZVJ3tENt6/1hlhFETua0W?= =?us-ascii?Q?SdNPgvTiTV9r7ekKJkrM/PbKid4e44YvZsCKpxhV5zcOdSUveFKOhWLaDAmi?= =?us-ascii?Q?s9BA2dNvlbybtzeI6CJgNvMJX6dmjrVslo54LKDC?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 15d54464-7365-41f6-7c46-08dc4dc36d1d X-MS-Exchange-CrossTenant-AuthSource: BL1PR12MB5732.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Mar 2024 18:34:52.5646 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: iqZhN4IMBjyzUvIqVaUZd0RIRxNsHRwhfvIrdhiYi17Hrj427oksxF7tNhltCRLNKDusmmY6dmW/OUBjDpPMwQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7248 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Tue, 26 Mar 2024 11:35:01 -0700 Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Qq9AiZ4xlUXhGo0WcUMPX2dIx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=DDcD22eC; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=pass (policy=none) header.from=groups.io Any issues with this version of the series? Still looking for=20 Reviewed-by's for the MdePkg, UefiCpuPkg and UefiPayloadPkg related patches= . Once I get those, I'll submit the edk2-platform patches to support the new= =20 library as a response to these patches for a quick review. Thanks, Tom On 3/8/24 09:29, Tom Lendacky wrote: >=20 > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4654 >=20 > This series adds SEV-SNP support for running OVMF under an Secure VM > Service Module (SVSM) at a less privileged VM Privilege Level (VMPL). > By running at a less priviledged VMPL, the SVSM can be used to provide > services, e.g. a virtual TPM, for the guest OS within the SEV-SNP > confidential VM (CVM) rather than trust such services from the hypervisor= . >=20 > Currently, OVMF expects to run at the highest VMPL, VMPL0, and there are > certain SNP related operations that require that VMPL level. Specifically= , > the PVALIDATE instruction and the RMPADJUST instruction when setting the > the VMSA attribute of a page (used when starting APs). >=20 > If OVMF is to run at a less privileged VMPL, e.g. VMPL2, then it must > use an SVSM (which is running at VMPL0) to perform the operations that > it is no longer able to perform. >=20 > When running under an SVSM, OVMF must know the APIC IDs of the vCPUs that > it will be starting. As a result, the GHCB APIC ID retrieval action must > be performed. Since this service can also work with SEV-SNP running at > VMPL0, the patches to make use of this feature are near the beginning of > the series. >=20 > How OVMF interacts with and uses the SVSM is documented in the SVSM > specification [1] and the GHCB specification [2]. >=20 > This support creates a new AmdSvsmLib library that is used by MpInitLib. > The edk2-platforms repo requires updates/patches to add the new library > requirement. To accomodate that, this series could be split between: >=20 > patch number 12: > UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an SVS= M >=20 > and patch number 13: > UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library >=20 > The updates to edk2-platforms can be applied at the split. >=20 > This series introduces support to run OVMF under an SVSM. It consists > of: > - Retrieving the list of vCPU APIC IDs and starting up all APs without > performing a broadcast SIPI > - Reorganizing the page state change support to not directly use the > GHCB buffer since an SVSM will use the calling area buffer, instead > - Detecting the presence of an SVSM > - When not running at VMPL0, invoking the SVSM for page validation and > VMSA page creation/deletion > - Detecting and allowing OVMF to run in a VMPL other than 0 when an > SVSM is present >=20 > The series is based off of commit: >=20 > e60529df58e4 ("UefiPayloadPkg: Make Dsc accomodative of other archs") >=20 > [1] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/= specifications/58019.pdf > [2] https://www.amd.com/content/dam/amd/en/documents/epyc-technical-docs/= specifications/56421.pdf >=20 > Cc: Anatol Belski > Cc: Anthony Perard > Cc: Ard Biesheuvel > Cc: Corvin K=C3=B6hne > Cc: Erdem Aktas > Cc: Gerd Hoffmann > Cc: Gua Guo > Cc: Guo Dong > Cc: James Lu > Cc: Jianyong Wu > Cc: Jiewen Yao > Cc: Laszlo Ersek > Cc: Liming Gao > Cc: Michael D Kinney > Cc: Michael Roth > Cc: Min Xu > Cc: Rahul Kumar > Cc: Ray Ni > Cc: Rebecca Cran > Cc: Sean Rhodes > Cc: Zhiguang Liu >=20 > --- >=20 > Changes in v3: > - Renamed CcSvsmLib to a more AMD-specific AmdSvsmLib with corresponding > function name changes > - Moved the GHCB APIC ID list GUID definition from MdePkg to UefiCpuPkg > and change the name from gEfiApicIdsGuid to gGhcbApicIdsGuid > - Separated the OvmfPkg changes for the AmdSvsmLib into two patches: > - First patch adds usage of the AmdSvsmLib NULL library > - Second patch adds the OVMF AmdSvsmLib implementation > - Updated the commit message for the OVMF AmdSvsmLib implementation to > indicate that the base functionality for PVALIDATE and RMPADJUST was > copied from the original locations in prep for converting those sites > to using the library API. >=20 > Changes in v2: > - Move the APIC IDs retrieval support to the beginning of the patch serie= s > - Use a GUIDed HOB to hold the APIC ID list instead of a PCD > - Split up Page State Change reorganization into multiple patches > - Created CcSvsmLib library instead of extending CcExitLib > - This will require a corresponding update to edk2-platform DSC file= s > - Removed Ray Ni's Acked-by since it is not a minor change > - Variable name changes and other misc changes >=20 > Tom Lendacky (24): > OvmfPkg/BaseMemEncryptLib: Fix error check from AsmRmpAdjust() > MdePkg: GHCB APIC ID retrieval support definitions > UefiCpuPkg/MpInitLib: Always use AP Create if GhcbApicIds HOB is > present > OvmfPkg/PlatformPei: Retrieve APIC IDs from the hypervisor > OvmfPkg/BaseMemEncryptSevLib: Fix uncrustify errors > OvmfPkg/BaseMemEncryptSevLib: Calculate memory size for Page State > Change > MdePkg: Avoid hardcoded value for number of Page State Change entries > OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support > OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency > MdePkg/Register/Amd: Define the SVSM related information > MdePkg/BaseLib: Add a new VMGEXIT instruction invocation for SVSM > UefiCpuPkg/AmdSvsmLib: Create the AmdSvsmLib library to support an > SVSM > UefiPayloadPkg: Prepare UefiPayloadPkg to use the AmdSvsmLib library > Ovmfpkg: Prepare OvmfPkg to use the AmdSvsmLib library > Ovmfpkg/AmdSvsmLib: Create AmdSvsmLib to handle SVSM related services > UefiCpuPkg/MpInitLib: Use AmdSvsmSnpVmsaRmpAdjust() to set/clear VMSA > OvmfPkg/BaseMemEncryptSevLib: Use AmdSvsmSnpPvalidate() to validate > pages > OvmfPkg: Create a calling area used to communicate with the SVSM > OvmfPkg/AmdSvsmLib: Add support for the SVSM_CORE_PVALIDATE call > OvmfPkg/BaseMemEncryptSevLib: Maximize Page State Change efficiency > OvmfPkg/AmdSvsmLib: Add support for the SVSM create/delete vCPU calls > UefiCpuPkg/MpInitLib: AP creation support under an SVSM > Ovmfpkg/CcExitLib: Provide SVSM discovery support > OvmfPkg/BaseMemEncryptLib: Check for presence of an SVSM when not at > VMPL0 >=20 > OvmfPkg/OvmfPkg.dec |= 4 + > UefiCpuPkg/UefiCpuPkg.dec |= 8 +- > OvmfPkg/AmdSev/AmdSevX64.dsc |= 1 + > OvmfPkg/Bhyve/BhyveX64.dsc |= 1 + > OvmfPkg/CloudHv/CloudHvX64.dsc |= 1 + > OvmfPkg/IntelTdx/IntelTdxX64.dsc |= 1 + > OvmfPkg/Microvm/MicrovmX64.dsc |= 1 + > OvmfPkg/OvmfPkgIa32.dsc |= 1 + > OvmfPkg/OvmfPkgIa32X64.dsc |= 3 +- > OvmfPkg/OvmfPkgX64.dsc |= 1 + > OvmfPkg/OvmfXen.dsc |= 1 + > UefiCpuPkg/UefiCpuPkg.dsc |= 4 +- > UefiPayloadPkg/UefiPayloadPkg.dsc |= 1 + > OvmfPkg/AmdSev/AmdSevX64.fdf |= 9 +- > OvmfPkg/OvmfPkgX64.fdf |= 3 + > MdePkg/Library/BaseLib/BaseLib.inf |= 2 + > OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf |= 38 ++ > OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf |= 3 +- > OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf |= 3 +- > OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf |= 3 +- > OvmfPkg/Library/CcExitLib/CcExitLib.inf |= 3 +- > OvmfPkg/Library/CcExitLib/SecCcExitLib.inf |= 3 +- > OvmfPkg/PlatformPei/PlatformPei.inf |= 3 + > OvmfPkg/ResetVector/ResetVector.inf |= 2 + > UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf |= 27 ++ > UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf |= 2 + > UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf |= 2 + > MdePkg/Include/Library/BaseLib.h |= 39 ++ > MdePkg/Include/Register/Amd/Fam17Msr.h |= 19 +- > MdePkg/Include/Register/Amd/Ghcb.h |= 19 +- > MdePkg/Include/Register/Amd/Msr.h |= 3 +- > MdePkg/Include/Register/Amd/Svsm.h |= 101 ++++ > MdePkg/Include/Register/Amd/SvsmMsr.h |= 35 ++ > OvmfPkg/Include/WorkArea.h |= 9 +- > OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h |= 6 +- > UefiCpuPkg/Include/Guid/GhcbApicIds.h |= 17 + > UefiCpuPkg/Include/Library/AmdSvsmLib.h |= 101 ++++ > UefiCpuPkg/Library/MpInitLib/MpLib.h |= 29 +- > OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c |= 500 ++++++++++++++++++++ > OvmfPkg/Library/BaseMemEncryptSevLib/X64/DxeSnpSystemRamValidate.c |= 11 +- > OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c |= 27 +- > OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiSnpSystemRamValidate.c |= 22 +- > OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c |= 31 +- > OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c |= 206 ++++---- > OvmfPkg/Library/CcExitLib/CcExitVcHandler.c |= 29 +- > OvmfPkg/PlatformPei/AmdSev.c |= 103 +++- > UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c |= 108 +++++ > UefiCpuPkg/Library/MpInitLib/Ia32/AmdSev.c |= 21 +- > UefiCpuPkg/Library/MpInitLib/MpLib.c |= 9 +- > UefiCpuPkg/Library/MpInitLib/X64/AmdSev.c |= 134 ++++-- > MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm |= 39 ++ > MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm |= 94 ++++ > OvmfPkg/ResetVector/ResetVector.nasmb |= 6 +- > OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm |= 11 +- > UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni |= 13 + > 55 files changed, 1641 insertions(+), 232 deletions(-) > create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.inf > create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.inf > create mode 100644 MdePkg/Include/Register/Amd/Svsm.h > create mode 100644 MdePkg/Include/Register/Amd/SvsmMsr.h > create mode 100644 UefiCpuPkg/Include/Guid/GhcbApicIds.h > create mode 100644 UefiCpuPkg/Include/Library/AmdSvsmLib.h > create mode 100644 OvmfPkg/Library/AmdSvsmLib/AmdSvsmLib.c > create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.c > create mode 100644 MdePkg/Library/BaseLib/Ia32/VmgExitSvsm.nasm > create mode 100644 MdePkg/Library/BaseLib/X64/VmgExitSvsm.nasm > create mode 100644 UefiCpuPkg/Library/AmdSvsmLibNull/AmdSvsmLibNull.uni >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117137): https://edk2.groups.io/g/devel/message/117137 Mute This Topic: https://groups.io/mt/104810672/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-