From nobody Fri Dec 19 08:21:29 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80079+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80079+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1630513060792927.3838538372526; Wed, 1 Sep 2021 09:17:40 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id BPItYY1788612xRxpXCL8pLM; Wed, 01 Sep 2021 09:17:40 -0700 X-Received: from NAM02-SN1-obe.outbound.protection.outlook.com (NAM02-SN1-obe.outbound.protection.outlook.com [40.107.96.79]) by mx.groups.io with SMTP id smtpd.web08.180.1630513058900363660 for ; Wed, 01 Sep 2021 09:17:39 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=i4KMjUauVeonBFaQIvNKWC1hc9YFVYXW1kxeDmz+yti/XpyLHgNO8FRYZ2mpvUy7apOCUr1eIqTBKezrI4DRlgjCMMtgfz99DffF4pVlbb5BqkclVHsSx9QgXZqbEb6FJevROUwmiEIeUWV4unFz0fBmlLe2xFmEj+YdqpXTFuQJTxafIbbjtrpFWuBzPlmlpQnRZkIZKy1ubaR48dPzPK8u4CB0ArL9bHuz7X4z+1iVP45wSm13Vf20nT1js9l1yfc6Bt85iCtqFzNZNzzd2cXxPxsglzCNmhIQoqHunQ2s4KVrvCBS9xd+O9nWQjgjV9bt9qO0X/yoMEi7+aqsVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Ox7HDwxe3Sq/LSNdk9PE5eDiVOJB1ad2DW9PV3FQGmQ=; b=Y8MEDfL2a3MaXwHWTgz7p2INWMP/yaetaPFkXl1sbpspozrCxe9McOD7/2Ie1NJkr1wGGVlKwPVvNtBn5a1CGnnvL9CZyTjzCupY+p+eyT1FAf1tMxS7cB+e+U6aNKiwS8r3/sz6MWEJ0Mna8XP/PG4V/i+FPMIE4WqiPw09J+QK23MzoBifS0BukBuCfcTwkaMmw59fhYtCPwwaTXW5nb0k/Bs/BTsVFAx4qDZTijlh1dvfyj87mCvaQpHyrx4O59RC0rs3xtrsreY/y5fq7UDMLKRwuUmOfD0junsCpL6gkB8emuq5U6AnQpzvfn56YctJLnW+n/fg96z3mzO6Hg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SA0PR12MB4525.namprd12.prod.outlook.com (2603:10b6:806:92::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.19; Wed, 1 Sep 2021 16:17:37 +0000 X-Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4457.025; Wed, 1 Sep 2021 16:17:36 +0000 From: "Brijesh Singh via groups.io" To: devel@edk2.groups.io CC: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Ard Biesheuvel , Erdem Aktas , Michael Roth , Gerd Hoffmann , Brijesh Singh , Michael Roth Subject: [edk2-devel] [PATCH v6 03/29] OvmfPkg/ResetVector: introduce SEV-SNP boot block GUID Date: Wed, 1 Sep 2021 11:16:20 -0500 Message-ID: <20210901161646.24763-4-brijesh.singh@amd.com> In-Reply-To: <20210901161646.24763-1-brijesh.singh@amd.com> References: <20210901161646.24763-1-brijesh.singh@amd.com> X-ClientProxiedBy: SN4PR0501CA0062.namprd05.prod.outlook.com (2603:10b6:803:41::39) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0501CA0062.namprd05.prod.outlook.com (2603:10b6:803:41::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.12 via Frontend Transport; Wed, 1 Sep 2021 16:17:35 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: c2a02224-390d-4333-7688-08d96d6402d7 X-MS-TrafficTypeDiagnostic: SA0PR12MB4525: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:626; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: n06CfxrFmYYcGqGXvKON658t0+llid3vRKuPJJVIeRCpyidq5FGjnWi9JYND6dTxI6QTBOKSoxxL7PZsWLznvhy0es9nbTi8o8SCAPgTnSrIC+7gOTHWKelB01vQrx8fRbydqqUWd17j3+hRRmrKYZkx1q/mV0d8TmWdpt1VTiYtCGvDXliT0v3no8eqvT5lKWNQyfA/3hjnDK50U9tzCztn2wok/uRt2peEYlFRNDDVcCfFJ//W7okwegSGrTDP37djQnBov90tWb/V7pn/rwtY8CJAZDKnXjGP2Kz3awDhympkwa80LNdYg68RLmLoVZdWQ939JpLDUMHFSMjfJqPRM0r00zo2rXx+3A8+OOsbk3HHTo7/+x+2mYoOo8IlWxfrg1yyvZXzHD/LH8JjBMjdmlSXAdh1r9m+NDpqQ89+lfjXnMsRpIs4L3b6lUZIMA/Y73j0OAa2eNC1F/kioWFeLT345do45F3DPy9VBqwOuykO+8Urm1Qt7MHL0AmBeMixvd0BUHhLbAS1z+XvMCyvvslDGkZ/8om713JyRzfTXsMx1SXfLGgT9pd+GeCC5vJBRHMwBtWKJ0vWnlxivvjJkkd5+jzXl1ieoGRTJR2RtQHC64P5yAatbsmTPjTpm2iNPoFvwAx/DorwDeeShtwzBEgCyDCOuHL6paAxf0Ko9klg+zpnfPpQfYEffL7LqstBTzMyyMoaM7j6mmDh4SQbvbPBs2hrKEmmZiQMLKddgBx7TCs9PhGO3mAUCjJSkvj9OyZsAkXS0izPCcEJ0LcGHcO1Z+iKU4+jhnyFyjE= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?qIPXeSL5NNkiMaXFc15tLf3BvzwowLDnV25VpIfwZnsUTahuH1xpnHl1fFE1?= =?us-ascii?Q?o41OBFVxX7WV3Oe+C6z5xgDY2Wq/94TkO1WUEYwk66SovUSu2M7JinXaMzb0?= =?us-ascii?Q?Qc4JbQrbWkUmec92KkO4IJ3LOe1gS02cgEJ2Gl6PR8mf/0CmGbS/KxxIkrDZ?= =?us-ascii?Q?NWQziedN1rlR/sN/G95Rd4chufzU5YvJYbke9DlDepIJ44asNFdYcyRDNjcP?= =?us-ascii?Q?RVaJ7dKQ4NEJmFYCBUjYlgxUolfCZDxZnLdFDv6b5DQdzfzw8NdSBkn7Jja5?= =?us-ascii?Q?D67cmvsu5PHlv8AwX9Vb+36UxHP5CpKbh71r40Aqv8Wm/LK7/P+ORZmVCE4O?= =?us-ascii?Q?0RkNNGWxLuxaEUsdLUjZ1VqA1/MXEUf9lFiebwqRbC/6589Jp7HVjGIro4PD?= =?us-ascii?Q?HQ73Lk2bbSFk6H0U3xbF0etwLGEqx0NYFOg2cQm2LPy49EGL88BCgRDUQUoX?= =?us-ascii?Q?cnslXMpPYBCf7GhlrqRWZOS7c9mTdg2z81iTD6zuCyXS1FZ7A+OGp8sHfa1z?= =?us-ascii?Q?WudKIqKjR0B1FqyD2BK+166qAkvJJJ45VLX+qRfQGKwQGCwR0XXnQu/wKRn8?= =?us-ascii?Q?XoXfos/G9R10c+Prt1R6R/bZ8Qxb9FqpRa9QcMZoKxxH4LIXj9N4rfO4Zpl1?= =?us-ascii?Q?zpajvyg2sp0MnrMkuP224HsO16StL3Ex5gHIWe+Ogvtt0KrSg7QdBXC+IYq4?= =?us-ascii?Q?yFYAsFybQajUZd+k/6Ft0Lt7D63mRfnKLCRA1Ylhpl3Z//W59XNzMKoWI971?= =?us-ascii?Q?z/Ebnr53LDX56jCbRFOSx83gsGf6kb+qb2cC84ArUgZiMFFGxjJiafDn/2UO?= =?us-ascii?Q?ERvpy/qQRRix0IKccNNX759tfuT4ntuAtXE72YZzy0j2wQxix6N3XbhCaQ7P?= =?us-ascii?Q?e17IF2LqW6iiyDBKNmzGSIep8uYVB5USG4WMBHqLIwpZXwW3RLBKwsub0jKn?= =?us-ascii?Q?xn7rPyZM69z61O3J3c6ZJWrKszSvtR845RhhSrGymbNihJRZMUx4m0Of2g1T?= =?us-ascii?Q?Wg3xs8dKlRNnBf4mHCZIHokMElRQNDV5qjGKlbHh/pUyKg+iuaxDHlr4XEOu?= =?us-ascii?Q?p+qgG4W16euWlcXKUDQw0NQ+3Zle//vvxH/fH3f3cTQygQPhqmbpNdfCicjh?= =?us-ascii?Q?R7DBjzoaMeSKeqeKCYA5WjK63wQ3K5Tzf95eGJsNEK2CQ3LPWkYRFHkJoJxy?= =?us-ascii?Q?DkWvpphztzvHV9yGPZ3fW7739gpq/+JJq1O0VP25iV+ZbwSUcjhinxX1iGjY?= =?us-ascii?Q?Yxoj5oZ27zNHMiyYq+7Pl3WmYhLZl9NhxN3uYHSosTwOM6JyOpgwaLmb5/lI?= =?us-ascii?Q?X/U/FOsgIJISROL/KbllxLsC?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: c2a02224-390d-4333-7688-08d96d6402d7 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Sep 2021 16:17:36.2937 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: MiCWsJK3tYNt839J3dLHBvCeXq1waCMvdkS3K7QOBmO9hqeqEEIGDYQ9b4nsuNKHPSUNj01Z7wn0w6fWGVquxg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4525 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com X-Gm-Message-State: Rrlj7IzyZOYHMS4YPzZ0uF2nx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1630513060; bh=WEr5SATqZoyEJIFIongZT4Ayh3WQ4FCacO5rtGgmsHs=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=usFa+IMMp7Ktkuxvmua2Aim/eQkRHLF5SjfFEQvSCHEAe+QPhdsDsS1VcIiphJtwh/G Lg87WERpHvdJk/Zi86XUux9tlQLuNU7NsA6TTXMfxrFtpJMVBy7Avp7rJ/ahLBwQD9XK0 /FgCLxmVLW8bLu8Th3ohXcHCRdz0Nnito2o= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1630513062190100011 Content-Type: text/plain; charset="utf-8" BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 Introduce a new SEV-SNP boot-specific GUID block. The block is used to communicate the secrets and cpuid memory area reserved by the guest BIOS. When SEV-SNP is enabled, the hypervisor will locate the SEV-SNP boot block to get the location of the Secrets and CPUID page and call the PSP firmware command to populate those memory areas. Cc: Michael Roth Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Erdem Aktas Signed-off-by: Brijesh Singh --- OvmfPkg/ResetVector/ResetVector.inf | 4 ++++ OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm | 23 ++++++++++++++++++++ OvmfPkg/ResetVector/ResetVector.nasmb | 4 ++++ 3 files changed, 31 insertions(+) diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/Rese= tVector.inf index a2520dde5508..34d843de62c4 100644 --- a/OvmfPkg/ResetVector/ResetVector.inf +++ b/OvmfPkg/ResetVector/ResetVector.inf @@ -50,3 +50,7 @@ [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidBase + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpCpuidSize diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVe= ctor/Ia16/ResetVectorVtf0.asm index 7ec3c6e980c3..71e1484cf4e4 100644 --- a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm +++ b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm @@ -47,6 +47,29 @@ TIMES (15 - ((guidedStructureEnd - guidedStructureStart = + 15) % 16)) DB 0 ; guidedStructureStart: =20 +%ifdef ARCH_X64 +; SEV-SNP boot support +; +; sevSnpBlock: +; For the initial boot of SEV-SNP guest, a CPUID and Secrets page must +; be reserved by the BIOS at a RAM area defined by SNP_CPUID_BASE and +; SNP_SECRETS_BASE. A hypervisor will locate this information using the +; SEV-SNP boot block GUID and provide the GPA to the PSP to populate +; the memory area with the required information.. +; +; GUID (SEV-SNP boot block): bd39c0c2-2f8e-4243-83e8-1b74cebcb7d9 +; +sevSnpBootBlockStart: + DD SNP_SECRETS_BASE + DD SNP_SECRETS_SIZE + DD SNP_CPUID_BASE + DD SNP_CPUID_SIZE + DW sevSnpBootBlockEnd - sevSnpBootBlockStart + DB 0xC2, 0xC0, 0x39, 0xBD, 0x8e, 0x2F, 0x43, 0x42 + DB 0x83, 0xE8, 0x1B, 0x74, 0xCE, 0xBC, 0xB7, 0xD9 +sevSnpBootBlockEnd: +%endif + ; SEV Hash Table Block ; ; This describes the guest ram area where the hypervisor should diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re= setVector.nasmb index d1d800c56745..9be963206989 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -77,6 +77,10 @@ %define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + = 8) %define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) = + 16) %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase)= + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize)) + %define SNP_CPUID_BASE FixedPcdGet32 (PcdOvmfSnpCpuidBase) + %define SNP_CPUID_SIZE FixedPcdGet32 (PcdOvmfSnpCpuidSize) + %define SNP_SECRETS_BASE FixedPcdGet32 (PcdOvmfSnpSecretsBase) + %define SNP_SECRETS_SIZE FixedPcdGet32 (PcdOvmfSnpSecretsSize) %include "Ia32/Flat32ToFlat64.asm" %include "Ia32/AmdSev.asm" %include "Ia32/PageTables64.asm" --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80079): https://edk2.groups.io/g/devel/message/80079 Mute This Topic: https://groups.io/mt/85306656/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-