From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.60]) by mx.groups.io with SMTP id smtpd.web08.501.1642611828295632657 for ; Wed, 19 Jan 2022 09:03:48 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=uw4eDktF; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.92.60, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oU794ioaZi0NHzwspVM0s754cE0grZ+2ziyMAW9WX1cdIPHWkTNjgcUCzpHvPgUyvU0kvU5ugMH95HCuDIxixO2jZrPw5uu3xh44ApW2sOGyvNF93Mn65aXUWW6kKcYQu/d1BcG3YIkwr0XHB7eKCoQpWLdB0n1xlnLVdRZoCx6Nv3j8b8E2RXPQNiNQt+IwgNZ4y5XLsHY0tgPlYPv6H3g1xTel/JhrtnQKdHcqiC+IOWzu67giwiI6lpKB9+mfjwYU0Tefv7GN4CaX/QHhko9yyt6gB/fGaqrEX3xNn4TPAhOdsh/7sXdsxIzit/9T8WsNWIYV4KuskMA1vid9EQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KfOf21xHEkqlorYAHQIqOdmJwcnAdi3iXQ5rN1mzN2I=; b=BktE1iXdnB3W/LpthVAkIujor1OKTfxJfBYI/0IhvA/qGqB3/LL0QI5PBxDjabScB0cpvL+KQkwgKYG92nJQYxSX6L80YqSYVmPVxOtZ647N9TgcvQJjWTLz4tcwGbOxS26v56zC2ECF2xoDz6AZjQiRBrOvAJl6sCBbWy3MKbzJ3kX3kgbqNjK0ud+yTM/Xtl0VAgoKxlFvqDckZhJOnrB5ErFFtc875zGsoK/9e8NEeW7FEHptw0LWub6ut4B0xcXn1NQ4rleiTLGFMqt3Sn6v1ilbGWoKEnKzY+/iDamFKW4EwTgg04JmP1MDHje2FpquD4gRcD03kIIKPaGh8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KfOf21xHEkqlorYAHQIqOdmJwcnAdi3iXQ5rN1mzN2I=; b=uw4eDktFq8ymQqul9JHdRrFbfjgsf+K8Y6Raafh7W2lVnNUyo5L9bHQbhF1Q6/fsse8Ilw+vxy7Oo9eFtFtWQwJ1aeyrtT1st/OiAKilQ48k7XDk+ml4ayJZdpwtxngfXFoTnr9yJqch8pn2wvagGsabTTCuR9Q1VIG31e0frcA= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) by CH2PR12MB4296.namprd12.prod.outlook.com (2603:10b6:610:af::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4888.11; Wed, 19 Jan 2022 17:03:46 +0000 Received: from DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ccd7:e520:c726:d0b]) by DM4PR12MB5229.namprd12.prod.outlook.com ([fe80::ccd7:e520:c726:d0b%8]) with mapi id 15.20.4888.014; Wed, 19 Jan 2022 17:03:46 +0000 Subject: Re: [PATCH v2] OvmfPkg/ResetVector: Removing SEV-ES CPUID bit check To: Peter Gonda , devel@edk2.groups.io Cc: James Bottomley , Min Xu , Jiewen Yao , Jordan Justen , Ard Biesheuvel , Laszlo Ersek , Erdem Aktas , Brijesh Singh , Marc Orr References: From: "Lendacky, Thomas" Message-ID: Date: Wed, 19 Jan 2022 11:03:43 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0 In-Reply-To: X-ClientProxiedBy: CH0P220CA0002.NAMP220.PROD.OUTLOOK.COM (2603:10b6:610:ef::14) To DM4PR12MB5229.namprd12.prod.outlook.com (2603:10b6:5:398::12) Return-Path: Thomas.Lendacky@amd.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 0919f5f4-8823-46f8-79fa-08d9db6da793 X-MS-TrafficTypeDiagnostic: CH2PR12MB4296:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:4941; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: epyn8b8b5HpS6b01L4Z5Wfa+U/0qZ2r0iK6NX8y46svudJnxZIP28n9pV8gBKTi1JMQuslzoVVeIlbiZC+FKMPwcUZmn/Z+SZXOeDamFDYzgw2H9FbvXL8jJtLgcxRiUOzn8ySw2P47w9Aty/PwfWCyqfQJCKAPu9+oi0WRDpG1278jOh5Zd8HXkOBcbIOsvCmwwLW3c0V2P+in2/+lmUN8vsGLrVBkZt1ltx9arQdtgY1EwUCOWJchOyGFRV6FbjkHejx+ez6u9Nlgr9cOXrAI4Ep3aEQcAXbx7gI6nDY+Cs5ck6Nk8sVuVCBdThxiamlFJDUQOUDt3BkM2bwpnJ8QgXYyHHn8S6Gj7jUG48m+ApV1IKsJE2cuggYZ49eXKZh0icw15Fw7105BxxQZlHJb4+ydmvfCMSe0IcZfP6LBKAb7EYgxCFOiaBvRx3/b1pqfEse2bpEVbR/haoyxTVTAUwXiY+4Rq9mR+FdtTPjfzW1rtBZRMt93LM176BAL0PCZ3ksikVSJHVIWleta/ZmuJyBrOyFQ9SSziDPCTPUeNe/bUce9VYjvHEgTR2ynsWa7bhMME2WsBcO2rpvtqC7+HEpgAohMKnOCUH0FqKYAzOR4EnBoU4z90gK9bB7GpJJcqDm1CduzGZq0Xj0svmpOfu6/9caQR24lXA75JFBFS9gb07haYa0CUZBbaUJWX0v+GeE3lXCkK0uf2bIoM2V7mVOKKS6C1ot86oP27QgXc9SGAKenF1km+zU9mH6F+ X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR12MB5229.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(36756003)(7416002)(6512007)(4326008)(66476007)(186003)(508600001)(19627235002)(38100700002)(31696002)(53546011)(6506007)(6666004)(8676002)(66946007)(6486002)(54906003)(5660300002)(8936002)(66556008)(2616005)(86362001)(83380400001)(316002)(31686004)(26005)(2906002)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?WGRpVTJJL25rcWQzWUZ3ejZaclpyOWtOdXZ2QXF6Y1FFbytBMHZDc2VQRllp?= =?utf-8?B?ekR1NmNLaGl4T0xpamFZUGx6TEtzRmpwR2gxd0NRU2RaQ1hIMFU3OUdnU3Ja?= =?utf-8?B?V014bnU5MmdoNHFlM3hPVVIvUlMrNXN5NEVOUTc3RHdnNEtxY1BialZXYWFk?= =?utf-8?B?YnBydHBmaWZnSFExM0lyMjhVcW81Mlo3TG43ZmF0QXByTDhPSGh1TVorbGQ4?= =?utf-8?B?ZzJINVlNNW5UZ1VYWG9uQ0hFWS9LYyt5cU5ETEdtcjE5Ym4xaXJoQkJEWDhX?= =?utf-8?B?dThibGhTNnNta2R6QnBqVE5hMFBTa0czOFV6dzZrcFFLSXlhWnBxb21EamVQ?= =?utf-8?B?YU0zSGR0OWZHNmIwWE5TN3hTU3h0V1BBVEduTzQxVUdBWE9lVXhXK0t0cTkv?= =?utf-8?B?K3hYTUNVZCtiN2dMbjBOdVZlOE5CaGFPb0FXMkYrNjZOTjgwMXpvbDV3UDZY?= =?utf-8?B?YUdjZkNJbmJGYlF4SlhXNTNLbVFTZHo3c0tMaldBN3A2MDgvNTZlbXY5WUU5?= =?utf-8?B?VGN5RGZOSEI4eGZ4V0FFbllwY25LV1lvVTBCL0QyNnd2MTkyb3JFWXkwaTJI?= =?utf-8?B?bGRZcTZScDErM1d5SmdYR2U5NDllM0RMV2VUYTdqVEczRjJnbTRHRWxUN1lx?= =?utf-8?B?elI2NVR2bzhDM2ZORU00Y3FmSldDRFBlRjdNWVhZY3poWlBKYUVTUlN0ZU9P?= =?utf-8?B?UmVwQ0N0bzdpNzRXNzRsdWZVbDBpK1NiVFlENnRidlBHc3RwRklsZkFrRXly?= =?utf-8?B?TlRpcFF4U0NycEJ3RE9qTTJLWUp2RFY2L2RpRDcwc3luOWY1eGNLSE1PT2Mz?= =?utf-8?B?ZUZjZy9tV0NWUUhnZ0JySi9xSFFmK1R3b1NmbjRGWUN3Um5XVU9WSWRsTWFh?= =?utf-8?B?cThsd0Q1azdYUWd1VGRWWGJXZUxhT1AxcUNwYzNMSkYxVEhwMFZpbnYvU1Jr?= =?utf-8?B?RnVuZHR3OGFyYzR3UXBsYkhxMlRKWXlCTVRsdXQxcE5oWVZteUd4RzNLQ1kw?= =?utf-8?B?Q1pWUFFJTmtySXpNT1hZU0tOUWMxOHZrRXdjaXo1UitUYzNqK2xHY1pwL0NY?= =?utf-8?B?RkNrbGdUV2VaYVJBYkRJOElGKzFuLzFaWEFKOThqNmhMSDB3dXVXKzFTUW9p?= =?utf-8?B?a01JY2gxUWlMTlI4aUdMcUFXd1RaUHQ3MnQxZ3RZb08yVlVwZ0FOK1JHY2d3?= =?utf-8?B?OTdaMHVEQ2MxbkVsWlJpcHc3TktjREhkWjdzQ3hSM3IzU3VpdEpxN0JrOXg1?= =?utf-8?B?Nk1IaDcxbGdqNjZiS2duZlpXQ0xaYnJPZTJNdXhMN092UGM5S1ZWbEtYS2p5?= =?utf-8?B?QU9wZEhiQmdUSmg0dzYyQVpUbU1hTGJEd21mMXVXWm8wSTU0U09zVStoSmRp?= =?utf-8?B?a0NZWWVJdVBKbjNZUWlrWEsxQ3ZKNUtqRndOMXdrc2tiZmswUVR6MXZyQ2Rl?= =?utf-8?B?QUFsM2tzRkJJbTV2VFljQWZFNTNRaUlCT1RFU3hIcUVmTUxuRlRNOG9tRUcw?= =?utf-8?B?ZStMaDcweElwVE9waU9UTC9GMkxEQU5pUGtNUVhLTmRsR0IwVWJxVEprZHpQ?= =?utf-8?B?UEEyODA2MmRUMFl4N0YzQUJjMkZRTXpCZ1BBZEdLMG51QTNVRlZMdi9xdk1t?= =?utf-8?B?bGowVUl1eXlmaDdwVVJHK00wakhsMDJoY3NSVG5IN1FnY3ZMUzFFeTVTTUtz?= =?utf-8?B?M205eDRrQlBDR3MwV2ZENEdENlNTS3loNlBPOUgwRmV4ZnJKYW9aVUdCbTBN?= =?utf-8?B?dGN6Y2ZISHBpQVRBbXM2akp1VEFEMExjMHFpVlhacW5vTzlwQlJMN3BkdW5T?= =?utf-8?B?TUtob0Vmbi9hcTEzYmMySDloSGVBYjlvSjZCTDBnZFBsZ2JxaFViSUlJaWpv?= =?utf-8?B?MVA1ODAwVW5ZVzRhamxYQVd1N1NvN0RBRWxBalRidUl0VWU1dWc0TVg2Q2I0?= =?utf-8?B?OFdxeTBjYzNVVTZlNTJyMnc3MXBNOXFvWTd2b0V5MklWcXFndXlOVGZBZEJN?= =?utf-8?B?OFZyVHRtUTkwVnp0QjBLZUg5NGQyVS81TGFqSnlYU0NKNFltWUpwRW9tVUlp?= =?utf-8?B?OFUrdjk5bzBhOHVsbTdwU1JqMGZ2aU85NFVUMi9jRWY0c05zd21VS3pYUDI5?= =?utf-8?B?TDBmaWp0NXNKVHlFWjZWeXp6MEkvMzI1MEVxVDhIRnU3SVBiVmRJU2V4S2Ez?= =?utf-8?Q?4Wb11+QoefrCAmkrjxDTCFI=3D?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0919f5f4-8823-46f8-79fa-08d9db6da793 X-MS-Exchange-CrossTenant-AuthSource: DM4PR12MB5229.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Jan 2022 17:03:46.1201 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: tWd+VUjxU7gDna2/0tf9dz/eL0vuZ7d8JDs4IQY+bB8TkYnWFTfeNN2r6N99QN1//AD9DhQg18gEX3SZaJaXIw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4296 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit On 1/13/22 10:30 AM, Peter Gonda wrote: > The SEV-ES bit of Fn800-001F[EAX] - Bit 3 is used for a host to > determine support for running SEV-ES guests. It should not be checked by > a guest to determine if it is running under SEV-ES. The guest should use > the SEV_STATUS MSR Bit 1 to determine if SEV-ES is enabled. This check > was not part of the original SEV-ES support and was added in > a91b700e38. Removing the check makes this code consistent with the > Linux kernel > > Fixes: a91b700e38 (Ovmf/ResetVector: Simplify and consolidate the SEV features checks) > Cc: James Bottomley > Cc: Min Xu > Cc: Jiewen Yao > Cc: Tom Lendacky > Cc: Jordan Justen > Cc: Ard Biesheuvel > Cc: Laszlo Ersek > Cc: Erdem Aktas > Cc: Brijesh Singh > Cc: Erdem Aktas > Cc: Marc Orr > Signed-off-by: Peter Gonda Acked-by: Tom Lendacky > --- > OvmfPkg/ResetVector/Ia32/AmdSev.asm | 8 -------- > 1 file changed, 8 deletions(-) > > diff --git a/OvmfPkg/ResetVector/Ia32/AmdSev.asm b/OvmfPkg/ResetVector/Ia32/AmdSev.asm > index 1f827da3b9..77692db27e 100644 > --- a/OvmfPkg/ResetVector/Ia32/AmdSev.asm > +++ b/OvmfPkg/ResetVector/Ia32/AmdSev.asm > @@ -265,14 +265,6 @@ CheckSevFeatures: > ; Set the work area header to indicate that the SEV is enabled > mov byte[WORK_AREA_GUEST_TYPE], 1 > > - ; Check for SEV-ES memory encryption feature: > - ; CPUID Fn8000_001F[EAX] - Bit 3 > - ; CPUID raises a #VC exception if running as an SEV-ES guest > - mov eax, 0x8000001f > - cpuid > - bt eax, 3 > - jnc GetSevEncBit > - > ; Check if SEV-ES is enabled > ; MSR_0xC0010131 - Bit 1 (SEV-ES enabled) > mov ecx, SEV_STATUS_MSR >