From nobody Sat May 18 20:36:59 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+89946+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1653267772588416.8445049391315; Sun, 22 May 2022 18:02:52 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 1LEeYY1788612xT0ooyp78KS; Sun, 22 May 2022 18:02:52 -0700 X-Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.80]) by mx.groups.io with SMTP id smtpd.web09.232.1653060521280863670 for ; Fri, 20 May 2022 08:28:41 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HFx4gtqFaE2QZDckTlg3xJCb2AWsgG5EgoddL2S6TW/JmBzAv9mkBKbrv56c63P4AP/Seru03qJGU8twQwkFliZL+FptJO8+q48SWqZXXjtIaCNlHrvYoT2nmwhAHH2kWjITk5bwEw0cFjc6AU3G+ceJc2/4o0JhVlmN79NkGYjY4Z9qd+ZM3dd2IXvyr36bNkQpEcmhacXR0h2+QKm+iA6Tug373tPgwSOCbSyWpQmL2NtHtdwx1ZUmS9FjtjN3K0MYmQrtE4QMPpG/5RWk6h4pzq1Al7shXdMcYmW+TJ7USB+jNfOHqnf2uK2IRGmBRZugNtrAr5rYyli53/viRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JJ1OpqByW1A5MC0EqxJGNsE8oaEFvMgEOaN29akKLCU=; b=Ns7G7t5wY/aT0S0wROVF7vzqwzbOjdf4/FPP4PLH81t2mDZlpnAgGXzR1Lwk0SuY6R0L/HkZLm/zEu2Z4JmohkD4vwU9YJHUEmT7gL8Bz069Db0KiCxhqXqZr0Wv9FUAKppehkCrueTfBio2xFdngGci4GkHqyfxeDn9QY7PkARWn0YVfX3kOO9dtpzbLTDzal62hGdU1ctVw/uDiUotHglerVooDq6OA+Sp+Mu5WsndZ/eKOBWSxEbiRUzIqJ7lLa1u96IUWhXmmfShFjGAFs1jlxzzs8DKDg2aW2tCchC9QkubYF6/D1RW7bVykLXTScowl3Kv8Tj3emkrbKJMIQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DM6PR04CA0012.namprd04.prod.outlook.com (2603:10b6:5:334::17) by DM4PR12MB5102.namprd12.prod.outlook.com (2603:10b6:5:391::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.15; Fri, 20 May 2022 15:28:39 +0000 X-Received: from DM6NAM11FT004.eop-nam11.prod.protection.outlook.com (2603:10b6:5:334:cafe::31) by DM6PR04CA0012.outlook.office365.com (2603:10b6:5:334::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.13 via Frontend Transport; Fri, 20 May 2022 15:28:39 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+89946+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT004.mail.protection.outlook.com (10.13.172.217) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5273.14 via Frontend Transport; Fri, 20 May 2022 15:28:39 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 20 May 2022 10:28:38 -0500 From: "Michael Roth via groups.io" To: CC: Tom Lendacky , "Ni, Ray" Subject: [edk2-devel] [PATCH v3 1/4] MdePkg: Add header for SEV-SNP secrets page struct Date: Fri, 20 May 2022 10:27:27 -0500 Message-ID: <20220520152730.7924-2-michael.roth@amd.com> In-Reply-To: <20220520152730.7924-1-michael.roth@amd.com> References: <20220520152730.7924-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: f1fa5241-9b8b-4ffc-4896-08da3a756a30 X-MS-TrafficTypeDiagnostic: DM4PR12MB5102:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: 9l4QV9AhuvhjEbXlkBRrdhOb0CSUhTh25vKt+QUxmgM2QMmLohrMPW5b+yYhmrM7DQYeNn9CscvZZzMfOGVzXOxLQEuaWmic7VjE2Y/aDwXje+tWln5ZlygR61ZdvTCIxHwHd+xDbng31ArzLchsD81jWcqlYFxYTe5PwyEB8nW5YSvg+Bs2pZEyPzv+zxcfPJa1S1CvpiNO/ZpYgK30QgdsKs6spLO4mvQTdVzPw4uEqnzRXflN0XCL8Ubh2eQEGvZHlYUXGKCZhE32vWS/zeoUqwJ/SWfM0+bZ8KTo31OgSeeCL+4/8N85gU6pW0Ex3ZS+bKfHR9N0nalbAA0tX3LtjNZpYB68Fvp9pC/BM+UQZ/7/8HsJbTosrfawjN+wXUE8ttf8U8uVtAStlf4xoo5AjCfIIoPw4E/woYG+Fg2+aQzhTvomZaif59RopZmI3zRYGHtspkMnOIpsXDiUYbBr5WAD1fysR8UU4QbyMxMA9O1K1wnYbF4MQPLEEhmL+vgP4xMnzkRF26HBMFKQj0CdAHVCjxnk1G6dXYYIrOYd2lc87DXdBEisawSGokcsIkUmW7S0qoivLt7mv/H7+Jf+CoL5h41gdUeNbnORk73FXQ2DhuAu77iOV+7s1cPttQcTYyVx4f9+Cp9CWEE9ua91SbdQRNGXMWnCfAQhNfV9ZBAytw1VtqRlXZEiUq9s9E4crEG/43Sp00cNVHE1jQ== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 May 2022 15:28:39.2386 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f1fa5241-9b8b-4ffc-4896-08da3a756a30 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT004.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5102 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.roth@amd.com X-Gm-Message-State: gbBKMEwrM8otXEmKNUcWdP95x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1653267772; bh=XrrFfDnPVELk8G4kGBy+A83lpAlJS6KMa5rK2fINq9w=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=lM0sSO5OyyfGDePx9t2ECBvUViVWx3LQiJQ8J+15W7d+J5Eop1Lq0fSsJipdnymD2jm 0XwrR2gheZ68cHfK0oDlEZO1sm3Zp05bZR+xR5M2aP6N8CNG+Bngkc599v7f80aB7ZGGR ehBGsD36BveHRdXBEZhHSeI/oaDEtSnHn44= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1653267773579100001 Content-Type: text/plain; charset="utf-8" This will be needed so that the AP Jump Table address can be stored for use by the operating system later, and possibly for other things in the future. Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky --- MdePkg/Include/Register/Amd/SnpSecretsPage.h | 56 ++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 MdePkg/Include/Register/Amd/SnpSecretsPage.h diff --git a/MdePkg/Include/Register/Amd/SnpSecretsPage.h b/MdePkg/Include/= Register/Amd/SnpSecretsPage.h new file mode 100644 index 0000000000..3188459150 --- /dev/null +++ b/MdePkg/Include/Register/Amd/SnpSecretsPage.h @@ -0,0 +1,56 @@ +/** @file +Definitions for AMD SEV-SNP Secrets Page + +Copyright (c) 2022 AMD Inc. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef SNP_SECRETS_PAGE_H_ +#define SNP_SECRETS_PAGE_H_ + +// +// OS-defined area of secrets page +// +// As defined by "SEV-ES Guest-Hypervisor Communication Block Standardizat= ion", +// revision 2.01, section 2.7, "SEV-SNP Secrets Page". +// +typedef PACKED struct _SNP_SECRETS_OS_AREA { + UINT32 Vmpl0MsgSeqNumLo; + UINT32 Vmpl1MsgSeqNumLo; + UINT32 Vmpl2MsgSeqNumLo; + UINT32 Vmpl3MsgSeqNumLo; + UINT64 ApJumpTablePa; + UINT32 Vmpl0MsgSeqNumHi; + UINT32 Vmpl1MsgSeqNumHi; + UINT32 Vmpl2MsgSeqNumHi; + UINT32 Vmpl3MsgSeqNumHi; + UINT8 Reserved2[22]; + UINT16 Version; + UINT8 GuestUsage[32]; +} SNP_SECRETS_OS_AREA; + +#define VMPCK_KEY_LEN 32 + +// +// SEV-SNP Secrets page +// +// As defined by "SEV-SNP Firmware ABI", revision 1.51, section 8.17.2.5, +// "PAGE_TYPE_SECRETS". +// +typedef PACKED struct _SNP_SECRETS_PAGE { + UINT32 Version; + UINT32 ImiEn : 1, + Reserved : 31; + UINT32 Fms; + UINT32 Reserved2; + UINT8 Gosvw[16]; + UINT8 Vmpck0[VMPCK_KEY_LEN]; + UINT8 Vmpck1[VMPCK_KEY_LEN]; + UINT8 Vmpck2[VMPCK_KEY_LEN]; + UINT8 Vmpck3[VMPCK_KEY_LEN]; + SNP_SECRETS_OS_AREA OsArea; + UINT8 Reserved3[3840]; +} SNP_SECRETS_PAGE; + +#endif --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89946): https://edk2.groups.io/g/devel/message/89946 Mute This Topic: https://groups.io/mt/91279451/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 20:36:59 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+89947+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1653267773655692.8421433673498; Sun, 22 May 2022 18:02:53 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id m1S8YY1788612x14H8P7FNhb; Sun, 22 May 2022 18:02:53 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.75]) by mx.groups.io with SMTP id smtpd.web12.281.1653060543447322907 for ; Fri, 20 May 2022 08:29:03 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Myq25JNweC3u6sdBhB9f+riVkVDHc59OdgSzElkeU8iYOSz/6/Dd+3xSgIR0fsO3OWK90WBipuVQHbjIQtaiX89PBKdGsB2qhIv5B9+MRcXkRNFSJW3mQWeZ/qU+dq/WD3/zb/kWU8EP1c+mifffna39UOf74cxhsBDz2aubwZAgx90UHyRLYcHv0g6xcYoGvu7hKEmgFcMbxMnm16GDOg816SBjQGhupYpMiHzHBDZGeW9vaN4qj31PdWkLt2+XQPXj/8vc+y/wBFMwZ2ZwOsqWtJ8UV3YAgQhT9mxsTI+R8CEh/WFSJXKZtQPphI/wWV/mQS60UitEPmn3Vo+Fxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3EUNxT7xIq2Bz7gefekEbPgoFiNHfV59OUza671SL30=; b=UjTyJ9jLrOWF899rbeNIY/NhIAqxhU/yedlMXNJdCyHdOJd1IkrL6MuT7KJ4QN3rlDYuGkH3knI9K3LmnqxuO6glfVhVudp9Ue4CtFSEWD38r+p3Q+6fgxQl82t34wijmPB+3CKKzzmwzD4C4L8/FHBQ1eDagGSVsmWVSB9Q+uvhrDm9eKBQgoBA3H5lUwW+3Oj9BPbHimz+bJBw8eiphGRb6L/koWJzDRB57lOujnHtrDs5MSCnnfUInoKw2ORwAmCCjGtYmu3lFQNVz6mRTqVjx7ulPqIJPOAHYyLdgnm87NuKYAZhlqUlXCogjNO0N3bc20VM/YZReo7C//xdTw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DM5PR12CA0019.namprd12.prod.outlook.com (2603:10b6:4:1::29) by MW3PR12MB4380.namprd12.prod.outlook.com (2603:10b6:303:5a::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.16; Fri, 20 May 2022 15:29:00 +0000 X-Received: from DM6NAM11FT066.eop-nam11.prod.protection.outlook.com (2603:10b6:4:1:cafe::a6) by DM5PR12CA0019.outlook.office365.com (2603:10b6:4:1::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.28 via Frontend Transport; Fri, 20 May 2022 15:29:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+89947+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT066.mail.protection.outlook.com (10.13.173.179) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5273.14 via Frontend Transport; Fri, 20 May 2022 15:29:00 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 20 May 2022 10:28:59 -0500 From: "Michael Roth via groups.io" To: CC: Tom Lendacky , "Ni, Ray" Subject: [edk2-devel] [PATCH v3 2/4] MdePkg: Add PcdSevSnpSecretsAddress to export SEV-SNP secrets page Date: Fri, 20 May 2022 10:27:28 -0500 Message-ID: <20220520152730.7924-3-michael.roth@amd.com> In-Reply-To: <20220520152730.7924-1-michael.roth@amd.com> References: <20220520152730.7924-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 433c9262-8573-4244-c946-08da3a7576c5 X-MS-TrafficTypeDiagnostic: MW3PR12MB4380:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: uSh8i8CYD0Pve7dShz+Qt5g+0W1+BgIXSj7Irfw4yxFolQ2vbPmbIZJYOXboy4w93BQLsbEirmWnyNtCn2Odr5KQmIr43T41aTiMtkLLIl7VgRGOtEL5IQ4ReYFRi9xvdz0yavltQFvlO+s0CwL+dFG1a756hL4J1nmsduk2FeAJUCBETaDFMcIQWoyLXX9M4OLH+oNOWiNTbTZ13BxhzkeV8+4CVLou0KZjs7xLibTDTFl6eUK6mymbWWju6DtoKbargqiQd67yE61QZtnyA4SyLLhZCe8xkpq3gy6Owqda+xGZTnOGs3uQG/pLROHjOB4ha0YwOAjDcK2B9R77ZdKxh5+PUMnkFeSPEkIEzVhsBi+vKF/g5wCXuvYkFYaciSMtsPGPKOCHeyFi5FnH+J5FKwB7oi05plC9q3qBx/1mD7ueOYrfuacBj0GStLxJTQL2bXMkrV693i9CtFzZyhYjwf2jba1LLssgScFWMWpdvGBaGAkF5xda8TlZKfun3m8mYBZD+ETWjQ+F7gjtgXqXRIoTv96m0oIu9eqwtXU0be+v7HzHY16NizAgkkrNb4+OrRjALid755H1WUdDKfl6bLKr4pFx2zlc+eAqCOTmkUHOLjCrV8XCT3ZXvzNktchDO0AwjdOEu9wy+icP88imurcz2SYvotEmc3qGk2+nkFEmwht8BJjseUtaORTVVR2p0VE08kNx/eJCgoTA613Di5oMTcPErKz+PaPrposB72WALThKYnQxaw80Te5k X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 May 2022 15:29:00.3511 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 433c9262-8573-4244-c946-08da3a7576c5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT066.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4380 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.roth@amd.com X-Gm-Message-State: Qr3k2IMmrighzFQDEbJPOvXqx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1653267773; bh=6j12phuJVdDHP+ETCpujnPgHhfYQsbz2qyc7jUKCHgA=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=cvSruHmu/9xxlR1nNmdZptZ+8/CGzThnkfLkhvHuVSm6x+p+lZi4MWJdvc4YKXf7yBG ZfF6C5Cp9+/YhMP9ugS1BI+Y1X45IF7Ig8rOMs74tOvA3MPXlPqAHWMYbxkUm+xVgO+/4 JnXkR0hbsOqn7R/S1wGCKL3JOTZWGSbS0Fs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1653267775488100014 Content-Type: text/plain; charset="utf-8" OvmfPkg will initially use this to hand off the secrets page address to UefiCpuPkg, which will need this PCD to access the SEV-SNP secrets page address. Define this as an MdePkg PCD so it can be accessed by other packages alongside the secrets page struct defined in MdePkg/Include. Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky --- MdePkg/MdePkg.dec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index f1ebf9e251..a365bfcfe8 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -2417,5 +2417,9 @@ # @Prompt Memory encryption attribute gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x00= 00002e =20 + ## This dynamic PCD indicates the location of the SEV-SNP secrets page. + # @Prompt SEV-SNP secrets page address + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0|UINT64|0x0000002f + [UserExtensions.TianoCore."ExtraFiles"] MdePkgExtra.uni --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89947): https://edk2.groups.io/g/devel/message/89947 Mute This Topic: https://groups.io/mt/91279452/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 20:36:59 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+89948+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1653267773377994.5039560917128; Sun, 22 May 2022 18:02:53 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id WqqNYY1788612x7mO6POoe3n; Sun, 22 May 2022 18:02:53 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (NAM11-DM6-obe.outbound.protection.outlook.com [40.107.223.41]) by mx.groups.io with SMTP id smtpd.web12.288.1653060563251388879 for ; Fri, 20 May 2022 08:29:23 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k1vID3+lPPQHjaEFsL+Z8UcGkKsd9BL8EOG7qVBhDW6wZ7uv60QI++Ed7PLDwej5rSpEJ2r/2GXB/WRpCx4ORRzTzJxLuECMaVESSVN+PTiKaOLlZY2aJPSSEYMPoyewiJpVDm79sRcip0UvwPgu5dAD+fIUOJod0nHqOndquyTkEVLUhOFU30D5L31GW6vI6cOTjRLQmbE0f3OqL3L7ZVjEvNXDr9IZt/ICE4GICH5bqWXoO5ojx1AVpwIdVcDVkd4CyUHlgC5XAjMoLkwdT3rYIIRX8pKP2YEbUuiqHBjJaNtmiOpf846BTdGhGZACIjH/U19qxABJ7qJkcSvgOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yaUi0LuDwX01sbQw5cqEJCK45GSPvqlB/lGSnu02mY8=; b=LJL62rvPBUycjldxSqOg+XrDfKtUnKYT/cBjNezuUHS8+6EH4I8BgdVXoi6eDIzxZ2Xrilh+hXHkrMxcByh4VYbAJRD7GRmkICgaDKHeKTKMOkBwAB7FZAagK+dZyj9c/IreLDIchK1T6uV8ouXB53i4NSmjFwJpnegJXkwsMsJikyGApObB20GsaDC1JgqZ55YT75ZWvggm7CsO+S3u2a/YInHFT6rncA7IALcIGrmqP+Tu3Vf/5RmkvH89BOfxOYtI3ilsBRwY/VnqcfqsNmRSsusrzHm2P39PpAkqohqzmIx+K1g9NaPw7eQjTVKD/TvhzgHVAJcWhsI6549BcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DM6PR13CA0065.namprd13.prod.outlook.com (2603:10b6:5:134::42) by DM4PR12MB5102.namprd12.prod.outlook.com (2603:10b6:5:391::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.15; Fri, 20 May 2022 15:29:21 +0000 X-Received: from DM6NAM11FT034.eop-nam11.prod.protection.outlook.com (2603:10b6:5:134:cafe::e4) by DM6PR13CA0065.outlook.office365.com (2603:10b6:5:134::42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.7 via Frontend Transport; Fri, 20 May 2022 15:29:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+89948+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT034.mail.protection.outlook.com (10.13.173.47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5273.14 via Frontend Transport; Fri, 20 May 2022 15:29:21 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 20 May 2022 10:29:20 -0500 From: "Michael Roth via groups.io" To: CC: Tom Lendacky , "Ni, Ray" Subject: [edk2-devel] [PATCH v3 3/4] OvmfPkg: Initialize the PcdSevSnpSecretsAddress PCD during PEI phase Date: Fri, 20 May 2022 10:27:29 -0500 Message-ID: <20220520152730.7924-4-michael.roth@amd.com> In-Reply-To: <20220520152730.7924-1-michael.roth@amd.com> References: <20220520152730.7924-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4719671b-f240-421f-7cf7-08da3a75835b X-MS-TrafficTypeDiagnostic: DM4PR12MB5102:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: pZdnTJJnqLUD6hOGD8odtsa0bXJMMCUId/1qXzwCux2SQa+ifPmu5xluKXC93Vay0DorFORvvldoxICLbdJoq9aXRoDIpejujY1LeMRkEI1/ozAWmv033jrL2eYVKFRMKWwhtmxcITTVq8BZ0aYbFSayWQUkESOhnr60nTCORBcTAPgxnRZwrIW1/O8/Vs331u2X8m+DTihQ0L1tPYGXMT3fTezBE79lvYgTqsJKGtTr0oCRya+ZCjrL9aAToHZb8wygGCjfOjBIvqUaUoP51JGsu6BnLSookP296Cb9GQYsPcJziU1hWi3VmKyKzijlmqkBqgt2C4hoGKG4js7oo/0Vs/PaUEyqBvyxp/XpNs0/Cbyi7CERz8e/dC70dSdgaFIHWc88ROu+Pz5kacFO87sA96FQvjDoeDdWekbzy3DTki6YxtYmJwtnEBGJk6qO9vT17f+v6177DELAlvbjMP7R2sKpqUt707Dz454C5gJVFsXh34L+cl27iHtffd4G02Q6Wr3YB7gcTvP3FG6LoI1HzaqvLerhvHW7AXUJgdwV3Ee7i0AVyw1AAyvh/PymjgVEiXL1k6Kc3oIjZb6hakseVPIS/HkZOI3GoKHLn0PzCXWC2dAv7Tk4pYXXQ/buJdWITnZEs0rJHFdfchklnTmIo01utiiKznpGcrUQcCZZzl72BpnPW490bq+2FYerGFwpxOX62KRQzI9XfhOkyWJbk3lB0NAjHaxVq349d8+AFMlvWsWO7NskpDJICfKj X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 May 2022 15:29:21.4648 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4719671b-f240-421f-7cf7-08da3a75835b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT034.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5102 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.roth@amd.com X-Gm-Message-State: Y3PW0CLH33HuoB9cU4nWuUkLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1653267773; bh=x5/CSNax19rK1pRXcqdBowHEXv6Wr0sGar6VKCgpLdQ=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=eTLH8gEUo3y5tTDOh8TwVD1/XGmryNI8UJtvtRqOvb11w83/Gy2aNCR9a5AnQDfvwrD oDa7AdYRrnkqdGasq9soj3P3mLR5yIjO/Bx5ZcsBdvNYSAGH4oadJ5ot0yGQUF6Bz/cGj CzyR63Gqz2p26Ep5GauSnH9u0HBAlcFwEII= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1653267775483100013 Content-Type: text/plain; charset="utf-8" This needs to be set so that UefiCpuPkg can locate the SEV-SNP secrets page later to set the AP Jump Table address. Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++ OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +++ OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++ OvmfPkg/OvmfPkgIa32.dsc | 3 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ OvmfPkg/OvmfPkgX64.dsc | 3 +++ OvmfPkg/PlatformPei/AmdSev.c | 5 +++++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + 9 files changed, 27 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index bead9722ea..c0a3548f22 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -576,6 +576,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !include OvmfPkg/OvmfTpmPcds.dsc.inc =20 gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index 92664f319b..ba4c14dd02 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -631,6 +631,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + [PcdsDynamicHii] !include OvmfPkg/OvmfTpmPcdsHii.dsc.inc =20 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index 00bc1255bc..c069bd9d1e 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -513,6 +513,9 @@ =20 gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + ##########################################################################= ###### # # Components Section - list of all EDK II Modules needed by this Platform. diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index f8fc977cb2..774e5e2ca9 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -614,6 +614,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + ##########################################################################= ###### # # Components Section - list of all EDK II Modules needed by this Platform. diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index c16a840fff..a531fcd070 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -650,6 +650,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !if $(CSM_ENABLE) =3D=3D FALSE gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index d3a80cb568..cd579246f8 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -658,6 +658,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !if $(CSM_ENABLE) =3D=3D FALSE gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 7b3d48aac4..a026706279 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -683,6 +683,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !if $(CSM_ENABLE) =3D=3D FALSE gEfiMdePkgTokenSpaceGuid.PcdFSBClock|100000000 !endif diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 385562b44c..70352ca43b 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -408,6 +408,11 @@ AmdSevInitialize ( // if (MemEncryptSevSnpIsEnabled ()) { PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS= evSnp); + ASSERT_RETURN_ERROR (PcdStatus); + PcdStatus =3D PcdSet64S ( + PcdSevSnpSecretsAddress, + (UINT64)(UINTN)PcdGet32 (PcdOvmfSnpSecretsBase) + ); } else if (MemEncryptSevEsIsEnabled ()) { PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS= evEs); } else { diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index 00372fa0eb..c688e4ee24 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -114,6 +114,7 @@ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress =20 [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89948): https://edk2.groups.io/g/devel/message/89948 Mute This Topic: https://groups.io/mt/91279453/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 20:36:59 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+89949+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1653267774095705.9392122401109; Sun, 22 May 2022 18:02:54 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id RfLfYY1788612xLbHn3tXc8X; Sun, 22 May 2022 18:02:53 -0700 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.86]) by mx.groups.io with SMTP id smtpd.web11.255.1653060585259134509 for ; Fri, 20 May 2022 08:29:45 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I6vftifo5FDJpuZ8V6XeUMl0RA+dM2cj/C+7okAqmNqjFsydIDVx7zSvood0ZEjAHAbzNrf+r7p6VWb8sgDL3FCWrr0wTXf5P5BfO2v4tzdxRYIvHvteTnIen5e0BTumUQRScKuZBSsWsPo18NCs1vxOYsPRGLgB0sjBHm0gCrNRxvDEy31PYLcUByR0t2FhC24YjsVmwx1rbFG2HjObE8TC5oYQok3BXjIKkEd/ccZg8YnDDdv2Oehfyh0ANu2Ftk0gNAmLZMDTBFxiaIjp8ceIBJ20djM1xNK0p4q89zZGISpIEqMl2IBSGHweVtIWza9RKDv5sJLuLZDskBKISg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BLnVx/bOSV/VG+Rdhs8Q75YZIyxGRC/r1zDTrzLjTtc=; b=nI2v7gdVjESkTYa3AFcHjXJ7ZCxVZuWdshTi6ADQltASbF6x3k1iU2Lcd4ApVLLsD7E1e6PdzKuReY5cbjR1J3ahe8KRg+qZj60Vj7/2Vk0fOGa+1jnYFOJn1VrbXMUJR2MiqnMe/7hi18DkyYwWm+s41lXlA8WbBjvUuqBbLEv39zMTGEE5NTxeXyMkgWXqGwABuWNYBQDC3pPru7VnNxziUCSok4B3bP1VcTg9/v34wiz9qqplCLvf0XIWpsUIBFHk0ELE5+OgtwJd684WTqJsp+UU5DKD2g5J1+Kh9haH0PL71GXw3BNFCkwVUIiJ31RvfOEx0WAwUZn2Knwl/Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DM5PR18CA0078.namprd18.prod.outlook.com (2603:10b6:3:3::16) by DM6PR12MB3708.namprd12.prod.outlook.com (2603:10b6:5:1c5::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.13; Fri, 20 May 2022 15:29:42 +0000 X-Received: from DM6NAM11FT027.eop-nam11.prod.protection.outlook.com (2603:10b6:3:3:cafe::16) by DM5PR18CA0078.outlook.office365.com (2603:10b6:3:3::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5144.22 via Frontend Transport; Fri, 20 May 2022 15:29:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+89949+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT027.mail.protection.outlook.com (10.13.172.205) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5273.14 via Frontend Transport; Fri, 20 May 2022 15:29:42 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Fri, 20 May 2022 10:29:41 -0500 From: "Michael Roth via groups.io" To: CC: Tom Lendacky , "Ni, Ray" Subject: [edk2-devel] [PATCH v3 4/4] UefiCpuPkg: Store SEV-SNP AP jump table in the secrets page Date: Fri, 20 May 2022 10:27:30 -0500 Message-ID: <20220520152730.7924-5-michael.roth@amd.com> In-Reply-To: <20220520152730.7924-1-michael.roth@amd.com> References: <20220520152730.7924-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7d94aeb6-024c-4e00-db60-08da3a758ff6 X-MS-TrafficTypeDiagnostic: DM6PR12MB3708:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: 30L89snJrFdVlqaOod2Hvca8J4yNJwsz+bWUnZz9uR/ErVFgAlhCTapkG8D6JxDUT+7dR794He6WVCRmO/u/N0KuCllBcxVHYgSb4Wj3L2h/HeNH13vPeDOVHoHsmhgDiALCL38CLyTzaSBMDlAmTg5HCmmr7dn7pGJrX69bEik1NKqV+A7iTEPwiSjJ1gqnJY5Ay4YszdFaSD7IDus41ld1ObCz6aF8elWudqUiH5YCX+tHKvDbLt3PZMsVwsz0pwCln8RPfuEcahlAbVpxgeP/OAyra8V4KbtodIke5BDjinik8syepCj/7qLLX5bP9UIPnJ+NKlh2vYYcQNNIFb5+7mdaCS2Ckjb8HByYJltP/MYmEj+CcHYHNHjCu081joJQOUjKezMoGzUmclbK3hMcrVz7RuVLbDzDk/cR9TQB0V3JXsHHtpBQHSzBTwKVPzAH30vkxhFu2DxUXqh836uJjNnBnH9uH/7Y7n81HFr586f4+Nz5MQctyZwLLFFu9cwf03ZqoTiTjxu9F9OwQksh8mfcQsc707rNSu+DLwzGxnoa0WURvEjSH/ARFBWyKFgxCECJvXYV5d5dDP83uVN1v+NK4sFcyPs6zTqolfm3Q/6a1BiCIOq6fK56y4FBXE5d+rog1zQjkLA8gBPB8w4WUSI+EawKl6bWgIMEgovNw25FpoEdIn17gq35xPSUcPEvn5NUygsgQxgTWd8/Tg== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 May 2022 15:29:42.6157 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7d94aeb6-024c-4e00-db60-08da3a758ff6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT027.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3708 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.roth@amd.com X-Gm-Message-State: 5HV1uN8Q3TmYFqBbKFsAVb2nx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1653267773; bh=tzG81FNTnqBJfp6Fg4lDPhKxZaBu3L8hS+WSA+3P9GA=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=I8Mg8Ra/0ndB1L9iKSSYbm3c/niW96gI6ZQ4fyxq9SUkdyIYrx9FOcPX9YKqYgb3l0T 9GNBnRIfNOcORq8cugPp+9somkDfSEfONfQr8JpCgV95f1o6KV856tgxxxQt53Rs3oIAk TIxZ6jJqO3uSoMVmT82PIGJd+xUxs3r0iGc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1653267775498100015 Content-Type: text/plain; charset="utf-8" A full-featured SEV-SNP guest will not rely on the AP jump table, and will instead use the AP Creation interface defined by the GHCB. However, a guest is still allowed to use the AP jump table if desired. However, unlike with SEV-ES guests, SEV-SNP guests should not store/retrieve the jump table address via GHCB requests to the hypervisor, they should instead store/retrieve it via the SEV-SNP secrets page. Implement the store side of this for OVMF. Suggested-by: Tom Lendacky Signed-off-by: Michael Roth Reviewed-by: Tom Lendacky --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index e1cd0b3500..d8cfddcd82 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -80,3 +80,4 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## = CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## = CONSUMES gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## = CONSUMES + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress ## = CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M= pInitLib/DxeMpLib.c index 60d14a5a0e..4d6f7643db 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c @@ -15,6 +15,7 @@ #include #include #include +#include =20 #include =20 @@ -216,6 +217,15 @@ GetSevEsAPMemory ( =20 DEBUG ((DEBUG_INFO, "Dxe: SevEsAPMemory =3D %lx\n", (UINTN)StartAddress)= ); =20 + if (ConfidentialComputingGuestHas (CCAttrAmdSevSnp)) { + SNP_SECRETS_PAGE *Secrets; + + Secrets =3D (SNP_SECRETS_PAGE *)(INTN)PcdGet64 (= PcdSevSnpSecretsAddress); + Secrets->OsArea.ApJumpTablePa =3D (UINT64)(UINTN)StartAddress; + + return (UINTN)StartAddress; + } + // // Save the SevEsAPMemory as the AP jump table. // --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#89949): https://edk2.groups.io/g/devel/message/89949 Mute This Topic: https://groups.io/mt/91279454/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-