From nobody Tue Feb 10 13:16:33 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+83721+1787277+3901457@groups.io;
	arc=fail (BodyHash is different from the expected one);
	dmarc=pass(p=none dis=none)  header.from=groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1636738837882123.32829778960331;
 Fri, 12 Nov 2021 09:40:37 -0800 (PST)
Return-Path: <bounce+27952+83721+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id CvAGYY1788612xpwbVgNCgM4;
 Fri, 12 Nov 2021 09:40:37 -0800
X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com
 (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.80])
 by mx.groups.io with SMTP id smtpd.web08.393.1636738836576736236
 for <devel@edk2.groups.io>;
 Fri, 12 Nov 2021 09:40:36 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=FDpcC+IE/8nDCt1BVt78yKxbvuq1y56x/vxLC61j9MPV9wJmnUF3UDTV7jlKkgD+RCr+knsg//SKpgTfVBON8+xebgQ9ZyRsvaSV0z26hAHb5noDmU0RIGQ2vK7DJY7r84eHDixtwCrokSLK+A05CvY5NYNXNTuturzV8J93sDOMFQjYyAU8KCIci0JcK2wjdAUmy6CJhnj4sVqd76HZgcDLXqcT4UuiObkUgk2bND0DjWCdW5+QjhmuUBDpji7PHvRZDA8XTF7VA3rZkvGS7Pb7/oyjobsj1oZrKaerHJzjsLh7/Edq117DH2rykLSh2KFfwv7UHh70mUUlDHLe0w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=KpZ7sq77kWIpB1FvdT0PZrmXQc0A5H3Zed7kNavMpag=;
 b=MO4dSM0I4f9mkV7YDKEH2YIV05w6LRssaQQORIA2AkniLmLb9nIA1Z2MGL4QHPiUBR2qxWA8UBNbTUnnRjPLhj/zoiCTsO2owwkLzLXysvMyUj61+NF8u91RB49hzwUu4gn46dvNuBHHV1tUS8xIV0GGE6cgg3gi6LPy02ZsFB8DWkJTRu8SJNYPHlHoOG9+QNSe7VPrpQV3KhhkeE9zhxiPS5Wr3ibUoU8k3IbOaRzP82mTukp2YaUiRL4roTPpDUdCjZ/2eBzjD/6AEQWVu5FbeBx0OCHzeSLGMFITotwXwMBkWZdzmcacdaAv18uZJ4dTOtb9hLZMCVdh6VfClQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com;
 dmarc=pass (p=quarantine sp=quarantine pct=100) action=none
 header.from=amd.com; dkim=none (message not signed); arc=none
X-Received: from BN0PR03CA0022.namprd03.prod.outlook.com
 (2603:10b6:408:e6::27)
 by DM6PR12MB4451.namprd12.prod.outlook.com (2603:10b6:5:2ab::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4690.15; Fri, 12 Nov
 2021 17:40:34 +0000
X-Received: from BN8NAM11FT042.eop-nam11.prod.protection.outlook.com
 (2603:10b6:408:e6:cafe::aa) by BN0PR03CA0022.outlook.office365.com
 (2603:10b6:408:e6::27) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4669.11 via Frontend
 Transport; Fri, 12 Nov 2021 17:40:34 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17)
 smtp.mailfrom=amd.com; dkim=none (message not signed)
 header.d=none;dmarc=pass action=none header.from=amd.com;
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+83721+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com;
X-Received: from SATLEXMB04.amd.com (165.204.84.17) by
 BN8NAM11FT042.mail.protection.outlook.com (10.13.177.85) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.20.4690.15 via Frontend Transport; Fri, 12 Nov 2021 17:40:34 +0000
X-Received: from sbrijesh-desktop.amd.com (10.180.168.240) by
 SATLEXMB04.amd.com
 (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.17; Fri, 12 Nov
 2021 11:40:33 -0600
From: "Brijesh Singh via groups.io" <brijesh.singh=amd.com@groups.io>
To: <devel@edk2.groups.io>
CC: James Bottomley <jejb@linux.ibm.com>, Min Xu <min.m.xu@intel.com>, "Jiewen
 Yao" <jiewen.yao@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, "Jordan
 Justen" <jordan.l.justen@intel.com>, Ard Biesheuvel
	<ardb+tianocore@kernel.org>, Erdem Aktas <erdemaktas@google.com>, "Michael
 Roth" <Michael.Roth@amd.com>, Gerd Hoffmann <kraxel@redhat.com>, "Michael D
 Kinney" <michael.d.kinney@intel.com>, Liming Gao <gaoliming@byosoft.com.cn>,
	Zhiguang Liu <zhiguang.liu@intel.com>, Ray Ni <ray.ni@intel.com>, Rahul Kumar
	<rahul1.kumar@intel.com>, Eric Dong <eric.dong@intel.com>, Brijesh Singh
	<brijesh.singh@amd.com>, Michael Roth <michael.roth@amd.com>
Subject: [edk2-devel] [PATCH v13 21/32] OvmfPkg/PlatformPei: set
 PcdConfidentialComputingAttr when SEV is active
Date: Fri, 12 Nov 2021 11:39:48 -0600
Message-ID: <20211112173959.2505972-22-brijesh.singh@amd.com>
In-Reply-To: <20211112173959.2505972-1-brijesh.singh@amd.com>
References: <20211112173959.2505972-1-brijesh.singh@amd.com>
MIME-Version: 1.0
X-Originating-IP: [10.180.168.240]
X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com
 (10.181.40.145)
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 003009c5-6d29-4c45-f0a9-08d9a60387ee
X-MS-TrafficTypeDiagnostic: DM6PR12MB4451:
X-Microsoft-Antispam-PRVS: 
 <DM6PR12MB44519EED635CD541B600E1F1E5959@DM6PR12MB4451.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:5797;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Message-Info: 
 T/G3PRMIcpl/zheSLG21jEcv6YNV8EgR+0UiXwRMqdG1nUtSrk7l/jQqNvgO/MxqZfSvmASxcyHLjMYcehDBglKCGH8xVmm6TCommQVoyz4otdCQlVKmr+knfWSMYB/5b6ce0uukgr2gSSO/Xm41cxRBRnQxtptMaGH8mPeTATG94FO+q0KcGt1lPeI505pA5LCE55LYy5wij1f0KjFWs4akRgU0fJSGL+iqfWwmEYDXv/xQsgi2KQTSaZZwO2nQ2w+x4KcDNOp+CieEu2Z1vbmfFKbNMD74q/5PudZXqGQxIUtB77fO2iNDI6MllbzI2XVuLxjfBSWxzophAcUJCBKVWqsaShhTfkQHKP8MgBM07nA7yBjXDzU2zL5pWIDNBJCWRzru3P55ANFnIW7Ax8drA9+RpYneSUZPM2CzT7TnBb9zHb6lSti/+BwQwsAo2mgMjOHaQP6f26p15t4zBcWXivp+p3GmwfQpfht/pd88u/r87jmDj1rUMJ9riZsc7J3sLu1sRUdHO8uOi9uYUhtl81krbyOPUXPuby1SRoTUEeNwsgfMCCeH+N8zyFsgNR10EqHKk7tLfEdemeVFxU6l7KW14XQ769Or3oMx2lLUGDoFUQJA9MuQk3l9ZH3L+l6/1srh55S7EoqCuAZiA6rVjFcpIvCLUnqcxZKrS9hjHXnPT02ad854/+lqC71rMgBJ3QxqnHBgcOM/xe6fBlebdHqhZ7jYVK6enNRGjFjy3GDdHCOuMOaBw5wa+E8bK+fIjR0REf4xXZpKM9FXGe7eU1xDGvD5vc995GGGan4h1DpGCtQTxX6smy7FPWV+
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Nov 2021 17:40:34.4892
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 003009c5-6d29-4c45-f0a9-08d9a60387ee
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 BN8NAM11FT042.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4451
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,brijesh.singh@amd.com
X-Gm-Message-State: N970xyClNflPuz8cZHJKBe08x1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1636738837;
 bh=gxsgO2keXMGED9BLDZly2CXfkYbO9SatpDEo7n/84FY=;
 h=CC:Content-Type:Date:From:Reply-To:Subject:To;
 b=wRpT22kmzWpGlpI/dn4NAJL+xws6v5C3lQjNQ+s8W8bkVJf5tWr9zuL2WjwbxnobjM8
 55+cr1szF25OSB1o6ySovij2co2UFVxbPNcTGwvJa02QeSd0XeEc5ftqFBgR9gJ9xWi4U
 oVw2zdPHnWOpiEpmwGUV480MEqmnjZFaYc0=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1636738839168100036
Content-Type: text/plain; charset="utf-8"

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

The MpInitLib uses the ConfidentialComputingAttr PCD to determine whether
AMD SEV is active so that it can use the VMGEXITs defined in the GHCB
specification to create APs.

Cc: Michael Roth <michael.roth@amd.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/AmdSev/AmdSevX64.dsc        |  3 +++
 OvmfPkg/OvmfPkgIa32.dsc             |  3 +++
 OvmfPkg/OvmfPkgIa32X64.dsc          |  3 +++
 OvmfPkg/OvmfPkgX64.dsc              |  3 +++
 OvmfPkg/PlatformPei/PlatformPei.inf |  1 +
 OvmfPkg/PlatformPei/AmdSev.c        | 15 +++++++++++++++
 6 files changed, 28 insertions(+)

diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index 2997929faa05..8f5876341e26 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -575,6 +575,9 @@ [PcdsDynamicDefault]
=20
   gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
=20
+  # Set ConfidentialComputing defaults
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+
 !if $(TPM_ENABLE) =3D=3D TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00=
, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
 !endif
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 1dc069e42420..dbcfa5ab52ce 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -651,6 +651,9 @@ [PcdsDynamicDefault]
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01
=20
+  # Set ConfidentialComputing defaults
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+
 [PcdsDynamicHii]
 !if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_=
VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index a766457e6bc6..e4597e7f03da 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -659,6 +659,9 @@ [PcdsDynamicDefault]
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00=
, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
 !endif
=20
+  # Set ConfidentialComputing defaults
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+
 [PcdsDynamicDefault.X64]
   # IPv4 and IPv6 PXE Boot support.
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 97b7cb40ff88..08837bf8ec97 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -662,6 +662,9 @@ [PcdsDynamicDefault]
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv4PXESupport|0x01
   gEfiNetworkPkgTokenSpaceGuid.PcdIPv6PXESupport|0x01
=20
+  # Set ConfidentialComputing defaults
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+
 [PcdsDynamicHii]
 !if $(TPM_ENABLE) =3D=3D TRUE && $(TPM_CONFIG_ENABLE) =3D=3D TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_=
VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat=
formPei.inf
index 67eb7aa7166b..bada5ea14439 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -106,6 +106,7 @@ [Pcd]
   gUefiCpuPkgTokenSpaceGuid.PcdCpuBootLogicalProcessorNumber
   gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize
   gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr
=20
 [FixedPcd]
   gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e1504831bec0..c447753075b1 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -20,6 +20,7 @@
 #include <Register/Amd/Msr.h>
 #include <Register/Intel/SmramSaveStateMap.h>
 #include <Library/VmgExitLib.h>
+#include <ConfidentialComputingGuestAttr.h>
=20
 #include "Platform.h"
=20
@@ -338,4 +339,18 @@ AmdSevInitialize (
   // Check and perform SEV-ES initialization if required.
   //
   AmdSevEsInitialize ();
+
+  //
+  // Set the Confidential computing attr PCD to communicate which SEV
+  // technology is active.
+  //
+  if (MemEncryptSevSnpIsEnabled ()) {
+    PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS=
evSnp);
+  } else if (MemEncryptSevEsIsEnabled ()) {
+    PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS=
evEs);
+  } else {
+    PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS=
ev);
+  }
+  ASSERT_RETURN_ERROR (PcdStatus);
+
 }
--=20
2.25.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83721): https://edk2.groups.io/g/devel/message/83721
Mute This Topic: https://groups.io/mt/87011891/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-