From nobody Mon Feb  9 15:11:27 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+77192+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+77192+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 162490221933928.957203084693333;
 Mon, 28 Jun 2021 10:43:39 -0700 (PDT)
Return-Path: <bounce+27952+77192+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id Uo5NYY1788612xxcVG8mpB3x;
 Mon, 28 Jun 2021 10:43:39 -0700
X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com
 (NAM11-CO1-obe.outbound.protection.outlook.com [])
 by mx.groups.io with SMTP id smtpd.web08.14865.1624902207325323447
 for <devel@edk2.groups.io>;
 Mon, 28 Jun 2021 10:43:29 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=HFV+1AxwICiGgikwxZLVLu51/FoXceICVHXBBNmk2cgDJPfyLVOfUr/P89tF1+tKqlt75qwJD2Nh+2eN86NtFoc0rsYDN1wT9CgdLnmOtJQW4GNQpddTPCi14N3T8wPp1UGBbr0ZTfpMvFHPKKGTuKDdhGo6QJErOORFo9WNJthsSV4/50qT63rd/dqw02rCUO+y4VvoIWCUf4t7v3pwPgy6JIlyYUDJyDBl3dq3bfBVk8ms7vwhXQ/ERPoj5+dNDyIot8G/WzGcmtnE97vgmd4nLe+W0S5VYc+WpmG+SQEE875cKnC3PP5Vy+XYo0ggq7Y40+dI58NdjvKRgUKrtg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=xVPCjq8ZN6ppI7DW/FpyKan0V0ikfo5VLzIJjxBKN2A=;
 b=E2zaVXtj2HviR0FHvNWMZ/46TzYaaHMLKQl+kHMmK7UwipGa3SruKKUAAY1PpCTpEmv9ppODwtYO3zOhfwgjtVcVeg5LOAQdc1rjiBtRqrH1nM7oUVOB/YS28sMxJDjgu3I6Z5J2xHTEgFOftGEZKNDIPPThY2S6cnnATuml/puZoQML5hypWFGonn3TLvTJIgV3UscPq5CVc2un2I1pXJ8oNuS8dGXV+tPiFVGf6FNHQhV6cdcszsp0vJJz2bi4Dc8MpeQJpeqGK62BCiyRJGQfc8VK786QB6okNF/Sora5Dcl5lxSOQbEtUmNKarrCaEqd5C0jADCjX48wpVL76Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
X-Received: from DM6PR12MB2714.namprd12.prod.outlook.com (2603:10b6:5:42::18)
 by
 DM6PR12MB4172.namprd12.prod.outlook.com (2603:10b6:5:212::9) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.4264.19; Mon, 28 Jun 2021 17:43:27 +0000
X-Received: from DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b]) by DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b%5]) with mapi id 15.20.4264.026; Mon, 28 Jun 2021
 17:43:26 +0000
From: "Brijesh Singh via groups.io" <brijesh.singh=amd.com@groups.io>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Laszlo Ersek <lersek@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [edk2-devel] [RFC PATCH v4 05/27] OvmfPkg: reserve CPUID page for
 SEV-SNP
Date: Mon, 28 Jun 2021 12:42:01 -0500
Message-ID: <20210628174223.1302-6-brijesh.singh@amd.com>
In-Reply-To: <20210628174223.1302-1-brijesh.singh@amd.com>
References: <20210628174223.1302-1-brijesh.singh@amd.com>
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: SN4PR0601CA0020.namprd06.prod.outlook.com
 (2603:10b6:803:2f::30) To DM6PR12MB2714.namprd12.prod.outlook.com
 (2603:10b6:5:42::18)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-Received: from sbrijesh-desktop.amd.com (165.204.77.1) by
 SN4PR0601CA0020.namprd06.prod.outlook.com (2603:10b6:803:2f::30) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.19 via Frontend
 Transport; Mon, 28 Jun 2021 17:43:25 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 29143d42-1099-4a86-76a1-08d93a5c3bfe
X-MS-TrafficTypeDiagnostic: DM6PR12MB4172:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB41727565C031CEA82FC526BBE5039@DM6PR12MB4172.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7219;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Message-Info: 
 cCbNUcq9qD5iKiOYBIySCa480VZnku67nnzSrNuY+EoDfdfhImQVfd+M2HJL5KQsV+Nd4hSZAhZOZeAA8ytwHYUR+KcWlgy6gjXCcrMsMo7235xelgu7vIUDxw3x/oQw6nh9UpodU8UaqpGc7+naVnUc0+TT2gGsTk9YPQPVNNcP+5kFcFtKbj8159wH3lk9qzem4xle8JHydGk/mMA4opaC73YP4/s/pi02ELK3+qD+oSV8XcixsQzeOlY59zLeCpjdlpsmKcI+ckD4MgJoiB/W+26wdrJyx7KVZrifnAia53nrnqyDuYdCRZu/pPvtjLL0BzTgrVyolgHyZGuzhOUZ3FzBwB6siMwTRu8oke2EcxZ1l0gstJKxvPBcOL+k+xijBvlFNFMYxjuEgnwA2ZMx4ehM31IdR0mhd80RmcD6Kry18EMxz6UBJfi8reNxLVMbNGajhDiJxhE3bsR/QchUAx9h0tFGK1/XBSLTQO5qMI3DtTh4B/ITSdXPDvBfuw11cxt5Cjsfb7uLMRPLPmelpv01qRTP3yFRaJde9itGTmupZDExtko4FVJLFJjRa0EEiEERQFu0p4h6aFK99kfLVuigQpWJpZGbF2awyelyogQ7iuhkcnOlAFeqrZa+PYI1Ojp7toGyTAMSTATo7NS+XARrkMfezfbeMtuOl7JzpS1lKyAvn5eb/kJle/nDmVltVKCQ9lBWLD3nZovShTePtbwvwz0B/18KeHoqfcPWz1MPoPSGq9t21xIqZfrKXTm0XnPGFLzEEnjAa/hM7gsh5S8D+6U6+toqdlVfYO70gaoEB6Lrz7aJRlcXCT2vls6WEdeVw+p8oaLHZCgvig==
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 =?us-ascii?Q?8Ix+Ksy+VY4HxdmVGuoQKSmAe79H9lKS3YbphAaTxY9XJoejr75/KVqgag4V?=
 =?us-ascii?Q?Jw7yFzroPI3RI4s3JNnFbjiELxO+FfWPG6YHxiYmKw7aV9EDgN+bCP7EbBSO?=
 =?us-ascii?Q?JIp2O+LgR5UubHsQUKdSc+SPkcZzqQSlfDLw9aJC4Dt+koGmfh98Vwo+W1QV?=
 =?us-ascii?Q?EuVPHXl1A1cgXRewkCXEZw11+NxO74eX5MI9OG5NM68zu7P0SjAPeFTR0nf7?=
 =?us-ascii?Q?sPw34aDuhZr7HKGmHNjHZY9/GbiG92HWmGf7lOtzuzCUOqM78dWAwd9ltyFx?=
 =?us-ascii?Q?A1X2nsSF+8cnCfGdpJGX738+axmXq9UTRHlcQ4WJKkBAg5eROZuvdbdnRsmo?=
 =?us-ascii?Q?/gyMdp2xZgERAVjGX9nEQPHEbTu+A61tW6bHdEXD0HlJlkbeJfglxIceIYhY?=
 =?us-ascii?Q?3oYFKzC0uOLblmjqhUM1P6mtwAz54bjfOQdHiaN8dKabzBYNyMx6a/hroOkB?=
 =?us-ascii?Q?UaB/feZ0BsWsxSj4Vr9KnZJcuaq1Wvjk24UM18CfBYglya6sijHh/FnIjmQk?=
 =?us-ascii?Q?Nfzlvr0pZpbbP66oQtl0Y+rTIAertV0M/3Nujo2eWwHGgqI6fvd2tST95x40?=
 =?us-ascii?Q?HbeDgrbuNB6OOwmKJvXkNSgWGyf+yJM1NbkbHkpdGPr9iIBgDoF/7r9scZow?=
 =?us-ascii?Q?oXz6zElKCFiP0fNkWGKFih7sU2xVu3FOBcFeZuD2BjwIdVc9fFxhiHj8rfCB?=
 =?us-ascii?Q?hoNcVUsVBhPHt3syQZ6nmQ2uB8AzqQauDeajZFMNCsT+ZuYkS4/zDWHKVMhe?=
 =?us-ascii?Q?69itfOGw48Dbrf5NUZETNSIhKeN8waZkoPUFYRAcxEpb+8Wo1uusqDtqp+hB?=
 =?us-ascii?Q?/uXuPN+KvlqxEY9U6ARhTACmUbL8I6YIW7JDuFZfjuqCuNjDYbLnEf51HG4s?=
 =?us-ascii?Q?yHmguo5/OBNZW4uZaKj0zRPiRgZpbAGVeSpkA9WRbjNENhbFqWkfjtQ0ZRp9?=
 =?us-ascii?Q?sks/S5j3B5eVqOlQEZ8J+gZpw2eG1a8Lw/Thdd/QEPW/HvZ8s6yTlgn1Tif1?=
 =?us-ascii?Q?XnR8l0cciBuKTxQv88Jfjm6yy7Etl/D9TkW1aTKfABK8kbXH3RjJcpGjAQHe?=
 =?us-ascii?Q?G0iCr8Co/+lBRQuTU5G1ghtzl8DJARsqzhBH0JNAWAoJCPsbk0Ulpg4UnxKV?=
 =?us-ascii?Q?1mzE1A3wMnL3CojBdR33tLh3VA9+7UjUGxzLmymYawX2LfrGXnTm2KkRykA1?=
 =?us-ascii?Q?ryQSd7ZGYV8+r7XQJAMjfZVIMqRvS9ksM0aSayo96DihuShZ40JQ7QRwwoAd?=
 =?us-ascii?Q?1vcGdf7Dkx0ycINcurpSgLyiI6uEf7pA0mid7qiTYZujqjyb9ou/SJQuZ41E?=
 =?us-ascii?Q?Y9kLZ9DaaUZlJj8rpHntdwoj?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 29143d42-1099-4a86-76a1-08d93a5c3bfe
X-MS-Exchange-CrossTenant-AuthSource: DM6PR12MB2714.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jun 2021 17:43:26.8909
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 R9k8V6dvpYN9R+bXzz3ctHN9ubfv0MeDfcLx+Eb2vDfsu5cewLqw9CH+3S5UuacXEIKsSlqmDBnpGEEWDNg7bw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4172
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com
X-Gm-Message-State: xMJFAFVNC29gDbW5cl6pubGLx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1624902219;
 bh=2D/xHC8295RqH8euhcOo6ZVpRkotb/bk4L//KSdzNmc=;
 h=CC:Content-Type:Date:From:Reply-To:Subject:To;
 b=oHHzfA3ti9MiCI8zSaKrVKU3cfeZ1rTQq3TeahmmwPRN42rqUzU6BX6yk2Jg5dTo/MT
 vPQJIbfuG0tPSbbMO0iNRbvrcvQjB7GCs/6EKvWiJa60d/hRteZ3Ntl+Ns0d7T68FgPjS
 d2aztrqjJep0BHfUPso0ur3Ta62CH+1SPpw=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Platform features and capabilities are traditionally discovered via the
CPUID instruction. Hypervisors typically trap and emulate the CPUID
instruction for a variety of reasons. There are some cases where incorrect
CPUID information can potentially lead to a security issue. The SEV-SNP
firmware provides a feature to filter the CPUID results through the PSP.
The filtered CPUID values are saved on a special page for the guest to
consume. Reserve a page in MEMFD that will contain the results of
filtered CPUID values.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/OvmfPkg.dec    | 6 ++++++
 OvmfPkg/OvmfPkgX64.fdf | 3 +++
 2 files changed, 9 insertions(+)

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 106a368ec975..93f759534ade 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -328,6 +328,12 @@ [PcdsFixedAtBuild]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase|0|UINT32|0x47
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize|0|UINT32|0x48
=20
+  ## The base address and size of the SEV-SNP CPUID Area that contains
+  #  the PSP filtered CPUID results. If this is set in the .fdf, the
+  #  platform is responsible to reserve this area from DXE phase overwrite=
s.
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidBase|0|UINT32|0x49
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidSize|0|UINT32|0x50
+
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 902c6a4e9ea1..3e257aaf72bd 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -91,6 +91,9 @@ [FD.MEMFD]
 0x00D000|0x001000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase|gUefiOvmfPkgTokenSpaceGui=
d.PcdOvmfSnpSecretsSize
=20
+0x00E000|0x001000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidBase|gUefiOvmfPkgTokenSpaceGuid.=
PcdOvmfSnpCpuidSize
+
 0x010000|0x010000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpace=
Guid.PcdOvmfSecPeiTempRamSize
=20
--=20
2.17.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#77192): https://edk2.groups.io/g/devel/message/77192
Mute This Topic: https://groups.io/mt/83850702/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-