1. Patchew
  2. EDK2
  3. [edk2-devel] [PATCH v12 00/32] Add AMD Secure Nested Paging (SEV-SNP) support
  4. View patch

[edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr

Brijesh Singh via groups.io posted 32 patches 4 years, 1 month ago
There is a newer version of this series
[edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
Posted by Brijesh Singh via groups.io 4 years, 1 month ago 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

While initializing APs, the MpInitLib may need to know whether the
guest is running with active AMD SEV or Intel TDX memory encryption.

Add a new ConfidentialComputingGuestAttr PCD that can be used to query
the memory encryption attribute.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 MdePkg/MdePkg.dec                             |  4 +++
 .../Include/ConfidentialComputingGuestAttr.h  | 25 +++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h

diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 8b18415b107a..cd903c35d2ff 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   # @Prompt FSB Clock.
   gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
 
+  ## This dynamic PCD indicates the memory encryption attribute of the guest.
+  # @Prompt Memory encryption attribute
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x0000002e
+
 [UserExtensions.TianoCore."ExtraFiles"]
   MdePkgExtra.uni
diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
new file mode 100644
index 000000000000..495b0df0ac33
--- /dev/null
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -0,0 +1,25 @@
+/** @file
+Definitions for Confidential Computing Attribute
+
+Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
+#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
+
+typedef enum {
+  /* The guest is running with memory encryption disabled. */
+  CCAttrNotEncrypted = 0,
+
+  /* The guest is running with AMD SEV memory encryption enabled. */
+  CCAttrAmdSev      = 0x100,
+  CCAttrAmdSevEs    = 0x101,
+  CCAttrAmdSevSnp   = 0x102,
+
+  /* The guest is running with Intel TDX memory encryption enabled. */
+  CCAttrIntelTdx    = 0x200,
+} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
+
+#endif
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83594): https://edk2.groups.io/g/devel/message/83594
Mute This Topic: https://groups.io/mt/86969144/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
Posted by Ni, Ray 4 years, 1 month ago 
I don't prefer to use a dynamic PCD for passing data.

Because developers don't know when this PCD value is finalized (PCD always has a default value).

If the value is determined in PEI and consumed in DXE, HOB is a better choice.
If the value is determined in PEI and consumed in PEI, PPI is a better choice. (you can use PPI depex)
If the value is determined in DXE and consumed in DXE, Protocol is a better choice. (You can use Protocol depex)

-----Original Message-----
From: Brijesh Singh <brijesh.singh@amd.com> 
Sent: Thursday, November 11, 2021 6:15 AM
To: devel@edk2.groups.io
Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd Hoffmann <kraxel@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>; Ni, Ray <ray.ni@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>; Dong, Eric <eric.dong@intel.com>; Brijesh Singh <brijesh.singh@amd.com>; Michael Roth <michael.roth@amd.com>
Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

While initializing APs, the MpInitLib may need to know whether the guest is running with active AMD SEV or Intel TDX memory encryption.

Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 MdePkg/MdePkg.dec                             |  4 +++
 .../Include/ConfidentialComputingGuestAttr.h  | 25 +++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h

diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 8b18415b107a..cd903c35d2ff 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
   # @Prompt FSB Clock.
   gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
 
+  ## This dynamic PCD indicates the memory encryption attribute of the guest.
+  # @Prompt Memory encryption attribute  
+ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x
+ 0000002e
+
 [UserExtensions.TianoCore."ExtraFiles"]
   MdePkgExtra.uni
diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
new file mode 100644
index 000000000000..495b0df0ac33
--- /dev/null
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -0,0 +1,25 @@
+/** @file
+Definitions for Confidential Computing Attribute
+
+Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
+#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
+
+typedef enum {
+  /* The guest is running with memory encryption disabled. */
+  CCAttrNotEncrypted = 0,
+
+  /* The guest is running with AMD SEV memory encryption enabled. */
+  CCAttrAmdSev      = 0x100,
+  CCAttrAmdSevEs    = 0x101,
+  CCAttrAmdSevSnp   = 0x102,
+
+  /* The guest is running with Intel TDX memory encryption enabled. */
+  CCAttrIntelTdx    = 0x200,
+} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
+
+#endif
--
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83649): https://edk2.groups.io/g/devel/message/83649
Mute This Topic: https://groups.io/mt/86969144/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
Posted by Brijesh Singh via groups.io 4 years, 1 month ago 
Hi Ray,

On 11/11/21 8:00 AM, Ni, Ray wrote:
> I don't prefer to use a dynamic PCD for passing data.
> 
> Because developers don't know when this PCD value is finalized (PCD always has a default value).
> 
> If the value is determined in PEI and consumed in DXE, HOB is a better choice.
> If the value is determined in PEI and consumed in PEI, PPI is a better choice. (you can use PPI depex)
> If the value is determined in DXE and consumed in DXE, Protocol is a better choice. (You can use Protocol depex)
> 

I wish you had raised your concerns early to avoid going in this PCD 
direction. The PCD approach was discussed some time back. Both the 
SEV-SNP and TDX patches are dependent on it.

Having said so, if your preference is not to use the PCD, then it can be 
done after SNP and TDX patches are merged.

Jiewen/Min/Gerd thoughts?

thanks

> -----Original Message-----
> From: Brijesh Singh <brijesh.singh@amd.com>
> Sent: Thursday, November 11, 2021 6:15 AM
> To: devel@edk2.groups.io
> Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd Hoffmann <kraxel@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>; Ni, Ray <ray.ni@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>; Dong, Eric <eric.dong@intel.com>; Brijesh Singh <brijesh.singh@amd.com>; Michael Roth <michael.roth@amd.com>
> Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
> 
> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&amp;data=04%7C01%7Cbrijesh.singh%40amd.com%7C40483d937fa84cebe69908d9a51b9afd%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637722360254370524%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=EtT7bzDCZxsMA9sTCqISftp62QbezdoSf4k2eCfZsws%3D&amp;reserved=0
> 
> While initializing APs, the MpInitLib may need to know whether the guest is running with active AMD SEV or Intel TDX memory encryption.
> 
> Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute.
> 
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Rahul Kumar <rahul1.kumar@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> ---
>   MdePkg/MdePkg.dec                             |  4 +++
>   .../Include/ConfidentialComputingGuestAttr.h  | 25 +++++++++++++++++++
>   2 files changed, 29 insertions(+)
>   create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h
> 
> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index 8b18415b107a..cd903c35d2ff 100644
> --- a/MdePkg/MdePkg.dec
> +++ b/MdePkg/MdePkg.dec
> @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
>     # @Prompt FSB Clock.
>     gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
>   
> +  ## This dynamic PCD indicates the memory encryption attribute of the guest.
> +  # @Prompt Memory encryption attribute
> + gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x
> + 0000002e
> +
>   [UserExtensions.TianoCore."ExtraFiles"]
>     MdePkgExtra.uni
> diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> new file mode 100644
> index 000000000000..495b0df0ac33
> --- /dev/null
> +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> @@ -0,0 +1,25 @@
> +/** @file
> +Definitions for Confidential Computing Attribute
> +
> +Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
> +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
> +
> +typedef enum {
> +  /* The guest is running with memory encryption disabled. */
> +  CCAttrNotEncrypted = 0,
> +
> +  /* The guest is running with AMD SEV memory encryption enabled. */
> +  CCAttrAmdSev      = 0x100,
> +  CCAttrAmdSevEs    = 0x101,
> +  CCAttrAmdSevSnp   = 0x102,
> +
> +  /* The guest is running with Intel TDX memory encryption enabled. */
> +  CCAttrIntelTdx    = 0x200,
> +} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
> +
> +#endif
> --
> 2.25.1
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83656): https://edk2.groups.io/g/devel/message/83656
Mute This Topic: https://groups.io/mt/86969144/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
Posted by Yao, Jiewen 4 years, 1 month ago 
Brijesh and Ray
I don’t disagree the disadvantage of dynamic PCD.
However, dynamic PCD is widely used in today's solution.

If developers know clearly when this PCD value is finalized, then it won't be a problem.

Otherwise, I prefer we drop the dynamic PCD support in EDKII infrastructure. That would be a huge change!!!

Please note this is already *version 12*. We really need move forward.
I suggest we keep it as is and check in.
If we find problem later, we can resolve the specific issue.

Thank you
Yao Jiewen


> -----Original Message-----
> From: Brijesh Singh <brijesh.singh@amd.com>
> Sent: Friday, November 12, 2021 1:08 AM
> To: Ni, Ray <ray.ni@intel.com>; devel@edk2.groups.io
> Cc: brijesh.singh@amd.com; James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
> Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas
> <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
> Hoffmann <kraxel@redhat.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu,
> Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>;
> Dong, Eric <eric.dong@intel.com>
> Subject: Re: [PATCH v12 20/32] MdePkg: Define
> ConfidentialComputingGuestAttr
> 
> Hi Ray,
> 
> On 11/11/21 8:00 AM, Ni, Ray wrote:
> > I don't prefer to use a dynamic PCD for passing data.
> >
> > Because developers don't know when this PCD value is finalized (PCD always
> has a default value).
> >
> > If the value is determined in PEI and consumed in DXE, HOB is a better choice.
> > If the value is determined in PEI and consumed in PEI, PPI is a better choice.
> (you can use PPI depex)
> > If the value is determined in DXE and consumed in DXE, Protocol is a better
> choice. (You can use Protocol depex)
> >
> 
> I wish you had raised your concerns early to avoid going in this PCD
> direction. The PCD approach was discussed some time back. Both the
> SEV-SNP and TDX patches are dependent on it.
> 
> Having said so, if your preference is not to use the PCD, then it can be
> done after SNP and TDX patches are merged.
> 
> Jiewen/Min/Gerd thoughts?
> 
> thanks
> 
> > -----Original Message-----
> > From: Brijesh Singh <brijesh.singh@amd.com>
> > Sent: Thursday, November 11, 2021 6:15 AM
> > To: devel@edk2.groups.io
> > Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
> Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas
> <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
> Hoffmann <kraxel@redhat.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu,
> Zhiguang <zhiguang.liu@intel.com>; Ni, Ray <ray.ni@intel.com>; Kumar, Rahul1
> <rahul1.kumar@intel.com>; Dong, Eric <eric.dong@intel.com>; Brijesh Singh
> <brijesh.singh@amd.com>; Michael Roth <michael.roth@amd.com>
> > Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
> >
> > BZ:
> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.
> tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&amp;data=04%7C01%7Cbrijesh.
> singh%40amd.com%7C40483d937fa84cebe69908d9a51b9afd%7C3dd8961fe488
> 4e608e11a82d994e183d%7C0%7C0%7C637722360254370524%7CUnknown%7
> CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ
> XVCI6Mn0%3D%7C1000&amp;sdata=EtT7bzDCZxsMA9sTCqISftp62QbezdoSf4k2
> eCfZsws%3D&amp;reserved=0
> >
> > While initializing APs, the MpInitLib may need to know whether the guest is
> running with active AMD SEV or Intel TDX memory encryption.
> >
> > Add a new ConfidentialComputingGuestAttr PCD that can be used to query the
> memory encryption attribute.
> >
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> > Cc: Michael Roth <michael.roth@amd.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Rahul Kumar <rahul1.kumar@intel.com>
> > Cc: Eric Dong <eric.dong@intel.com>
> > Cc: James Bottomley <jejb@linux.ibm.com>
> > Cc: Min Xu <min.m.xu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> > Cc: Erdem Aktas <erdemaktas@google.com>
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
> > Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> > ---
> >   MdePkg/MdePkg.dec                             |  4 +++
> >   .../Include/ConfidentialComputingGuestAttr.h  | 25 +++++++++++++++++++
> >   2 files changed, 29 insertions(+)
> >   create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h
> >
> > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> 8b18415b107a..cd903c35d2ff 100644
> > --- a/MdePkg/MdePkg.dec
> > +++ b/MdePkg/MdePkg.dec
> > @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule,
> PcdsDynamic, PcdsDynamicEx]
> >     # @Prompt FSB Clock.
> >     gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
> >
> > +  ## This dynamic PCD indicates the memory encryption attribute of the guest.
> > +  # @Prompt Memory encryption attribute
> > +
> gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x
> > + 0000002e
> > +
> >   [UserExtensions.TianoCore."ExtraFiles"]
> >     MdePkgExtra.uni
> > diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h
> b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> > new file mode 100644
> > index 000000000000..495b0df0ac33
> > --- /dev/null
> > +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> > @@ -0,0 +1,25 @@
> > +/** @file
> > +Definitions for Confidential Computing Attribute
> > +
> > +Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
> > +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
> > +
> > +typedef enum {
> > +  /* The guest is running with memory encryption disabled. */
> > +  CCAttrNotEncrypted = 0,
> > +
> > +  /* The guest is running with AMD SEV memory encryption enabled. */
> > +  CCAttrAmdSev      = 0x100,
> > +  CCAttrAmdSevEs    = 0x101,
> > +  CCAttrAmdSevSnp   = 0x102,
> > +
> > +  /* The guest is running with Intel TDX memory encryption enabled. */
> > +  CCAttrIntelTdx    = 0x200,
> > +} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
> > +
> > +#endif
> > --
> > 2.25.1
> >


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83674): https://edk2.groups.io/g/devel/message/83674
Mute This Topic: https://groups.io/mt/86969144/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
Posted by Ni, Ray 4 years, 1 month ago 
Jiewen,
Sure. I am ok with this.
Acked-by: Ray Ni <ray.ni@intel.com>
It doesn't make the code worse. Dynamic PCD was there already.

Thanks,
Ray



> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Friday, November 12, 2021 10:29 AM
> To: Brijesh Singh <brijesh.singh@amd.com>; Ni, Ray <ray.ni@intel.com>; devel@edk2.groups.io
> Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M <min.m.xu@intel.com>; Tom Lendacky
> <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel
> <ardb+tianocore@kernel.org>; Erdem Aktas <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
> Hoffmann <kraxel@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>; Dong,
> Eric <eric.dong@intel.com>
> Subject: RE: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
> 
> Brijesh and Ray
> I don’t disagree the disadvantage of dynamic PCD.
> However, dynamic PCD is widely used in today's solution.
> 
> If developers know clearly when this PCD value is finalized, then it won't be a problem.
> 
> Otherwise, I prefer we drop the dynamic PCD support in EDKII infrastructure. That would be a huge change!!!
> 
> Please note this is already *version 12*. We really need move forward.
> I suggest we keep it as is and check in.
> If we find problem later, we can resolve the specific issue.
> 
> Thank you
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: Brijesh Singh <brijesh.singh@amd.com>
> > Sent: Friday, November 12, 2021 1:08 AM
> > To: Ni, Ray <ray.ni@intel.com>; devel@edk2.groups.io
> > Cc: brijesh.singh@amd.com; James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> > <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> > <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
> > Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas
> > <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
> > Hoffmann <kraxel@redhat.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu,
> > Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>;
> > Dong, Eric <eric.dong@intel.com>
> > Subject: Re: [PATCH v12 20/32] MdePkg: Define
> > ConfidentialComputingGuestAttr
> >
> > Hi Ray,
> >
> > On 11/11/21 8:00 AM, Ni, Ray wrote:
> > > I don't prefer to use a dynamic PCD for passing data.
> > >
> > > Because developers don't know when this PCD value is finalized (PCD always
> > has a default value).
> > >
> > > If the value is determined in PEI and consumed in DXE, HOB is a better choice.
> > > If the value is determined in PEI and consumed in PEI, PPI is a better choice.
> > (you can use PPI depex)
> > > If the value is determined in DXE and consumed in DXE, Protocol is a better
> > choice. (You can use Protocol depex)
> > >
> >
> > I wish you had raised your concerns early to avoid going in this PCD
> > direction. The PCD approach was discussed some time back. Both the
> > SEV-SNP and TDX patches are dependent on it.
> >
> > Having said so, if your preference is not to use the PCD, then it can be
> > done after SNP and TDX patches are merged.
> >
> > Jiewen/Min/Gerd thoughts?
> >
> > thanks
> >
> > > -----Original Message-----
> > > From: Brijesh Singh <brijesh.singh@amd.com>
> > > Sent: Thursday, November 11, 2021 6:15 AM
> > > To: devel@edk2.groups.io
> > > Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M
> > <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
> > <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
> > Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas
> > <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
> > Hoffmann <kraxel@redhat.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu,
> > Zhiguang <zhiguang.liu@intel.com>; Ni, Ray <ray.ni@intel.com>; Kumar, Rahul1
> > <rahul1.kumar@intel.com>; Dong, Eric <eric.dong@intel.com>; Brijesh Singh
> > <brijesh.singh@amd.com>; Michael Roth <michael.roth@amd.com>
> > > Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
> > >
> > > BZ:
> > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.
> > tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&amp;data=04%7C01%7Cbrijesh.
> > singh%40amd.com%7C40483d937fa84cebe69908d9a51b9afd%7C3dd8961fe488
> > 4e608e11a82d994e183d%7C0%7C0%7C637722360254370524%7CUnknown%7
> > CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ
> > XVCI6Mn0%3D%7C1000&amp;sdata=EtT7bzDCZxsMA9sTCqISftp62QbezdoSf4k2
> > eCfZsws%3D&amp;reserved=0
> > >
> > > While initializing APs, the MpInitLib may need to know whether the guest is
> > running with active AMD SEV or Intel TDX memory encryption.
> > >
> > > Add a new ConfidentialComputingGuestAttr PCD that can be used to query the
> > memory encryption attribute.
> > >
> > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > > Cc: Zhiguang Liu <zhiguang.liu@intel.com>
> > > Cc: Michael Roth <michael.roth@amd.com>
> > > Cc: Ray Ni <ray.ni@intel.com>
> > > Cc: Rahul Kumar <rahul1.kumar@intel.com>
> > > Cc: Eric Dong <eric.dong@intel.com>
> > > Cc: James Bottomley <jejb@linux.ibm.com>
> > > Cc: Min Xu <min.m.xu@intel.com>
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> > > Cc: Erdem Aktas <erdemaktas@google.com>
> > > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > > Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
> > > Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> > > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
> > > ---
> > >   MdePkg/MdePkg.dec                             |  4 +++
> > >   .../Include/ConfidentialComputingGuestAttr.h  | 25 +++++++++++++++++++
> > >   2 files changed, 29 insertions(+)
> > >   create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h
> > >
> > > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
> > 8b18415b107a..cd903c35d2ff 100644
> > > --- a/MdePkg/MdePkg.dec
> > > +++ b/MdePkg/MdePkg.dec
> > > @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule,
> > PcdsDynamic, PcdsDynamicEx]
> > >     # @Prompt FSB Clock.
> > >     gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
> > >
> > > +  ## This dynamic PCD indicates the memory encryption attribute of the guest.
> > > +  # @Prompt Memory encryption attribute
> > > +
> > gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x
> > > + 0000002e
> > > +
> > >   [UserExtensions.TianoCore."ExtraFiles"]
> > >     MdePkgExtra.uni
> > > diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h
> > b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> > > new file mode 100644
> > > index 000000000000..495b0df0ac33
> > > --- /dev/null
> > > +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
> > > @@ -0,0 +1,25 @@
> > > +/** @file
> > > +Definitions for Confidential Computing Attribute
> > > +
> > > +Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > +
> > > +**/
> > > +
> > > +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
> > > +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
> > > +
> > > +typedef enum {
> > > +  /* The guest is running with memory encryption disabled. */
> > > +  CCAttrNotEncrypted = 0,
> > > +
> > > +  /* The guest is running with AMD SEV memory encryption enabled. */
> > > +  CCAttrAmdSev      = 0x100,
> > > +  CCAttrAmdSevEs    = 0x101,
> > > +  CCAttrAmdSevSnp   = 0x102,
> > > +
> > > +  /* The guest is running with Intel TDX memory encryption enabled. */
> > > +  CCAttrIntelTdx    = 0x200,
> > > +} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
> > > +
> > > +#endif
> > > --
> > > 2.25.1
> > >


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83677): https://edk2.groups.io/g/devel/message/83677
Mute This Topic: https://groups.io/mt/86969144/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
Posted by Yao, Jiewen 4 years, 1 month ago 
thank you, Ray!

thank you!
Yao, Jiewen


> 在 2021年11月12日,上午11:19,Ni, Ray <ray.ni@intel.com> 写道:
> 
> Jiewen,
> Sure. I am ok with this.
> Acked-by: Ray Ni <ray.ni@intel.com>
> It doesn't make the code worse. Dynamic PCD was there already.
> 
> Thanks,
> Ray
> 
> 
> 
>> -----Original Message-----
>> From: Yao, Jiewen <jiewen.yao@intel.com>
>> Sent: Friday, November 12, 2021 10:29 AM
>> To: Brijesh Singh <brijesh.singh@amd.com>; Ni, Ray <ray.ni@intel.com>; devel@edk2.groups.io
>> Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M <min.m.xu@intel.com>; Tom Lendacky
>> <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>; Ard Biesheuvel
>> <ardb+tianocore@kernel.org>; Erdem Aktas <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
>> Hoffmann <kraxel@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
>> <gaoliming@byosoft.com.cn>; Liu, Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>; Dong,
>> Eric <eric.dong@intel.com>
>> Subject: RE: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
>> 
>> Brijesh and Ray
>> I don’t disagree the disadvantage of dynamic PCD.
>> However, dynamic PCD is widely used in today's solution.
>> 
>> If developers know clearly when this PCD value is finalized, then it won't be a problem.
>> 
>> Otherwise, I prefer we drop the dynamic PCD support in EDKII infrastructure. That would be a huge change!!!
>> 
>> Please note this is already *version 12*. We really need move forward.
>> I suggest we keep it as is and check in.
>> If we find problem later, we can resolve the specific issue.
>> 
>> Thank you
>> Yao Jiewen
>> 
>> 
>>> -----Original Message-----
>>> From: Brijesh Singh <brijesh.singh@amd.com>
>>> Sent: Friday, November 12, 2021 1:08 AM
>>> To: Ni, Ray <ray.ni@intel.com>; devel@edk2.groups.io
>>> Cc: brijesh.singh@amd.com; James Bottomley <jejb@linux.ibm.com>; Xu, Min M
>>> <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
>>> <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
>>> Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas
>>> <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
>>> Hoffmann <kraxel@redhat.com>; Kinney, Michael D
>>> <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu,
>>> Zhiguang <zhiguang.liu@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>;
>>> Dong, Eric <eric.dong@intel.com>
>>> Subject: Re: [PATCH v12 20/32] MdePkg: Define
>>> ConfidentialComputingGuestAttr
>>> 
>>> Hi Ray,
>>> 
>>>> On 11/11/21 8:00 AM, Ni, Ray wrote:
>>>>> I don't prefer to use a dynamic PCD for passing data.
>>>>> 
>>>>> Because developers don't know when this PCD value is finalized (PCD always
>>> has a default value).
>>>> 
>>>> If the value is determined in PEI and consumed in DXE, HOB is a better choice.
>>>> If the value is determined in PEI and consumed in PEI, PPI is a better choice.
>>> (you can use PPI depex)
>>>> If the value is determined in DXE and consumed in DXE, Protocol is a better
>>> choice. (You can use Protocol depex)
>>>> 
>>> 
>>> I wish you had raised your concerns early to avoid going in this PCD
>>> direction. The PCD approach was discussed some time back. Both the
>>> SEV-SNP and TDX patches are dependent on it.
>>> 
>>> Having said so, if your preference is not to use the PCD, then it can be
>>> done after SNP and TDX patches are merged.
>>> 
>>> Jiewen/Min/Gerd thoughts?
>>> 
>>> thanks
>>> 
>>>> -----Original Message-----
>>>> From: Brijesh Singh <brijesh.singh@amd.com>
>>>> Sent: Thursday, November 11, 2021 6:15 AM
>>>> To: devel@edk2.groups.io
>>>> Cc: James Bottomley <jejb@linux.ibm.com>; Xu, Min M
>>> <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Tom Lendacky
>>> <thomas.lendacky@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
>>> Ard Biesheuvel <ardb+tianocore@kernel.org>; Erdem Aktas
>>> <erdemaktas@google.com>; Michael Roth <Michael.Roth@amd.com>; Gerd
>>> Hoffmann <kraxel@redhat.com>; Kinney, Michael D
>>> <michael.d.kinney@intel.com>; Liming Gao <gaoliming@byosoft.com.cn>; Liu,
>>> Zhiguang <zhiguang.liu@intel.com>; Ni, Ray <ray.ni@intel.com>; Kumar, Rahul1
>>> <rahul1.kumar@intel.com>; Dong, Eric <eric.dong@intel.com>; Brijesh Singh
>>> <brijesh.singh@amd.com>; Michael Roth <michael.roth@amd.com>
>>>> Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
>>>> 
>>>> BZ:
>>> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.
>>> tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&amp;data=04%7C01%7Cbrijesh.
>>> singh%40amd.com%7C40483d937fa84cebe69908d9a51b9afd%7C3dd8961fe488
>>> 4e608e11a82d994e183d%7C0%7C0%7C637722360254370524%7CUnknown%7
>>> CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ
>>> XVCI6Mn0%3D%7C1000&amp;sdata=EtT7bzDCZxsMA9sTCqISftp62QbezdoSf4k2
>>> eCfZsws%3D&amp;reserved=0
>>>> 
>>>> While initializing APs, the MpInitLib may need to know whether the guest is
>>> running with active AMD SEV or Intel TDX memory encryption.
>>>> 
>>>> Add a new ConfidentialComputingGuestAttr PCD that can be used to query the
>>> memory encryption attribute.
>>>> 
>>>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>>>> Cc: Liming Gao <gaoliming@byosoft.com.cn>
>>>> Cc: Zhiguang Liu <zhiguang.liu@intel.com>
>>>> Cc: Michael Roth <michael.roth@amd.com>
>>>> Cc: Ray Ni <ray.ni@intel.com>
>>>> Cc: Rahul Kumar <rahul1.kumar@intel.com>
>>>> Cc: Eric Dong <eric.dong@intel.com>
>>>> Cc: James Bottomley <jejb@linux.ibm.com>
>>>> Cc: Min Xu <min.m.xu@intel.com>
>>>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>>>> Cc: Tom Lendacky <thomas.lendacky@amd.com>
>>>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>>>> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
>>>> Cc: Erdem Aktas <erdemaktas@google.com>
>>>> Cc: Gerd Hoffmann <kraxel@redhat.com>
>>>> Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
>>>> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
>>>> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
>>>> ---
>>>>  MdePkg/MdePkg.dec                             |  4 +++
>>>>  .../Include/ConfidentialComputingGuestAttr.h  | 25 +++++++++++++++++++
>>>>  2 files changed, 29 insertions(+)
>>>>  create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h
>>>> 
>>>> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
>>> 8b18415b107a..cd903c35d2ff 100644
>>>> --- a/MdePkg/MdePkg.dec
>>>> +++ b/MdePkg/MdePkg.dec
>>>> @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule,
>>> PcdsDynamic, PcdsDynamicEx]
>>>>    # @Prompt FSB Clock.
>>>>    gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
>>>> 
>>>> +  ## This dynamic PCD indicates the memory encryption attribute of the guest.
>>>> +  # @Prompt Memory encryption attribute
>>>> +
>>> gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x
>>>> + 0000002e
>>>> +
>>>>  [UserExtensions.TianoCore."ExtraFiles"]
>>>>    MdePkgExtra.uni
>>>> diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h
>>> b/MdePkg/Include/ConfidentialComputingGuestAttr.h
>>>> new file mode 100644
>>>> index 000000000000..495b0df0ac33
>>>> --- /dev/null
>>>> +++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
>>>> @@ -0,0 +1,25 @@
>>>> +/** @file
>>>> +Definitions for Confidential Computing Attribute
>>>> +
>>>> +Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
>>>> +SPDX-License-Identifier: BSD-2-Clause-Patent
>>>> +
>>>> +**/
>>>> +
>>>> +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
>>>> +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
>>>> +
>>>> +typedef enum {
>>>> +  /* The guest is running with memory encryption disabled. */
>>>> +  CCAttrNotEncrypted = 0,
>>>> +
>>>> +  /* The guest is running with AMD SEV memory encryption enabled. */
>>>> +  CCAttrAmdSev      = 0x100,
>>>> +  CCAttrAmdSevEs    = 0x101,
>>>> +  CCAttrAmdSevSnp   = 0x102,
>>>> +
>>>> +  /* The guest is running with Intel TDX memory encryption enabled. */
>>>> +  CCAttrIntelTdx    = 0x200,
>>>> +} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
>>>> +
>>>> +#endif
>>>> --
>>>> 2.25.1
>>>> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83680): https://edk2.groups.io/g/devel/message/83680
Mute This Topic: https://groups.io/mt/86969144/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.