From nobody Mon May 6 23:31:06 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97697+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657790594702.0112890004813; Wed, 21 Dec 2022 13:23:10 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id TDBPYY1788612xRuEAVX3PoY; Wed, 21 Dec 2022 13:23:10 -0800 X-Received: from NAM02-DM3-obe.outbound.protection.outlook.com (NAM02-DM3-obe.outbound.protection.outlook.com [40.107.95.80]) by mx.groups.io with SMTP id smtpd.web10.22113.1671637898232207283 for ; Wed, 21 Dec 2022 07:51:38 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QR10UE34qsu3WV6Yq3quHJvpADHNjY7OPYIzKSwqlqa7ZXRsDB1qXMNPRMEzM+lmD77U2OpN8fSewsoTcnHYHR5caU3iW9756sin/jBHhTmFoFvztRCIGUuMCdDD9letaM0beX79+smtAs1hMoYssKmoqXxNbuubDL9i9gF/dTsiTfBb1ewGr+F7jXDXpQmqC54uMcn54UsAecRRcGNwSsiYKJEIKtZ+783I8PPFBaDgGRBGHNZ3seT4iiQy6Hda10FS990cWAolJg1NYHVArb981BvXZuj34BPiJKjfLWvKOEI0UIQDi5lMlEbxXMtET0sl8Xw2Qijd72ZxTroVzg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7WO3SlKmCGCEQe/OPJs7lcj4VGzJ/NSoLpbXdkwsbio=; b=DLaOTobVAjMJcv+qDcNbR9CXezPaRp91WFJgChoY3AmnH0g1qmmTthqdXif3QoSVTpiu+rh0v6lwH16hBC6HiMVEN5cY32WXaSKvEvSuAVH4s50jNGImwoaVTT8/E6ls3l6fMD8hTxx7/aUo+Cch9+TxXsgzjJbfdr8S1yM3G3UTl2VLSW9SlwKlIwjdTnWsQDObGaLllggCs/8HOB4phDpxlgPudpqJjkPDpsJbLHRqhoNdJfiJsR8uELu3YocVBD/jqu5ydj7rtzqH4oXfvHZtYlYmssBHLcyRFcipjRKUXS6t7VAuMhpzIzypOT6YgLp84KovS5ZrqpBfzxtM8w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DM6PR06CA0049.namprd06.prod.outlook.com (2603:10b6:5:54::26) by DM4PR12MB5963.namprd12.prod.outlook.com (2603:10b6:8:6a::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 15:51:36 +0000 X-Received: from DM6NAM11FT084.eop-nam11.prod.protection.outlook.com (2603:10b6:5:54:cafe::e3) by DM6PR06CA0049.outlook.office365.com (2603:10b6:5:54::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 15:51:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97697+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT084.mail.protection.outlook.com (10.13.172.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 15:51:36 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 09:51:35 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , Subject: [edk2-devel] [PATCH v4 1/4] MdePkg: Add header for SEV-SNP secrets page struct Date: Wed, 21 Dec 2022 09:50:44 -0600 Message-ID: <20221221155047.180912-2-michael.roth@amd.com> In-Reply-To: <20221221155047.180912-1-michael.roth@amd.com> References: <20221221155047.180912-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT084:EE_|DM4PR12MB5963:EE_ X-MS-Office365-Filtering-Correlation-Id: 30d5a528-613d-4a84-cbb7-08dae36b3dbd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: j4FzODiTmXjFtfcPcTOuBCSeu4v6QfM1rNEp2QGRoBCDZhepXZM8H+8+1z9fMjtTtHA5DtOOldYO6KsGLxgKjoh7W97uONYkAqhL3IduTIbQtlhcVfcvNFANf/1gQ19CphRu4Hs4b0m017NZJViEAt2v739CsTEmYaBAzqKeQzHzpYGXwaVk2Og139FwHWu629P6TGqVZZxrWWHDavTxDF/l0UErmsKHbxrIt78HfCKZFRURdCWY3se41Er+RYeNGFMWzC7MDq+soaGoBJmXQ0zkqaJPYCX6HaX504byg60jQ4c+Q+F9b1clDduqMnU9S2ukwKn1U1ONG2EriqwRm2PiLvutGw7KP5Ftje1hmM2apaBd7dkkuSJq/+1cNrEnBeighUg3GJl3CYv1x0sEL9YbfoDZJbM2qSo0h3JNNBFjzk1xy+bX01ZZOnWulI44FNWEafbH3D030fdpVk1s8509xHLUfpNhTKevHHspEioYH5ymwfj0xIcIacBNUo4e9R3lrjEVkLYIUhAGmPZ16Agad7Yo+jRq7Jj16MlrVjQ7CrbFIZ4WDdo563zVwnr8xHIbiG15/GimYEfr9hTOo7MuQ+iZctjSqQpIIhQt8AbmEaS40o8JXi+Se6LCC1kudQIrD9cHAyTu1RNsRxuh7Um/Y9lSt8ibAv5ZWwGfzOOHIpNorwuPqCVUfXL3yKRmCnVFQCLzU3yNFMVNTKWdbApnkjY+f9/aHZc5bWX7keI= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 15:51:36.2263 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 30d5a528-613d-4a84-cbb7-08dae36b3dbd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT084.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5963 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: LJAnYtBFsv8K9JONbKRqt5FCx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657790; bh=y47K+07UXrNOiSlAaYf7ZtGU0wwJw3gozwHt9mLqY/o=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=aQaIA9gbNUdjxEBw6NvLYBrciomQVQRhy81gJbb1Q4yuPW+mLza1iVpFtcLpw6RDAE9 /bHhh5v8HonsOWScygZSI4HcSrM/n2c5wo1XcLokJBKTlak90sCvuan5b863D++jze9bL KBdk7EpmR8oxMZkBwr0opdkFxl1x2t4oQtE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657791595100016 Content-Type: text/plain; charset="utf-8" This will be needed so that the AP Jump Table address can be stored for use by the operating system later, and possibly for other things in the future. Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth --- MdePkg/Include/Register/Amd/SnpSecretsPage.h | 56 ++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 MdePkg/Include/Register/Amd/SnpSecretsPage.h diff --git a/MdePkg/Include/Register/Amd/SnpSecretsPage.h b/MdePkg/Include/= Register/Amd/SnpSecretsPage.h new file mode 100644 index 0000000000..3188459150 --- /dev/null +++ b/MdePkg/Include/Register/Amd/SnpSecretsPage.h @@ -0,0 +1,56 @@ +/** @file +Definitions for AMD SEV-SNP Secrets Page + +Copyright (c) 2022 AMD Inc. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef SNP_SECRETS_PAGE_H_ +#define SNP_SECRETS_PAGE_H_ + +// +// OS-defined area of secrets page +// +// As defined by "SEV-ES Guest-Hypervisor Communication Block Standardizat= ion", +// revision 2.01, section 2.7, "SEV-SNP Secrets Page". +// +typedef PACKED struct _SNP_SECRETS_OS_AREA { + UINT32 Vmpl0MsgSeqNumLo; + UINT32 Vmpl1MsgSeqNumLo; + UINT32 Vmpl2MsgSeqNumLo; + UINT32 Vmpl3MsgSeqNumLo; + UINT64 ApJumpTablePa; + UINT32 Vmpl0MsgSeqNumHi; + UINT32 Vmpl1MsgSeqNumHi; + UINT32 Vmpl2MsgSeqNumHi; + UINT32 Vmpl3MsgSeqNumHi; + UINT8 Reserved2[22]; + UINT16 Version; + UINT8 GuestUsage[32]; +} SNP_SECRETS_OS_AREA; + +#define VMPCK_KEY_LEN 32 + +// +// SEV-SNP Secrets page +// +// As defined by "SEV-SNP Firmware ABI", revision 1.51, section 8.17.2.5, +// "PAGE_TYPE_SECRETS". +// +typedef PACKED struct _SNP_SECRETS_PAGE { + UINT32 Version; + UINT32 ImiEn : 1, + Reserved : 31; + UINT32 Fms; + UINT32 Reserved2; + UINT8 Gosvw[16]; + UINT8 Vmpck0[VMPCK_KEY_LEN]; + UINT8 Vmpck1[VMPCK_KEY_LEN]; + UINT8 Vmpck2[VMPCK_KEY_LEN]; + UINT8 Vmpck3[VMPCK_KEY_LEN]; + SNP_SECRETS_OS_AREA OsArea; + UINT8 Reserved3[3840]; +} SNP_SECRETS_PAGE; + +#endif --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97697): https://edk2.groups.io/g/devel/message/97697 Mute This Topic: https://groups.io/mt/95815535/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 23:31:06 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97698+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657790621821.5741169185571; Wed, 21 Dec 2022 13:23:10 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id yhSDYY1788612xedMXRSmxMT; Wed, 21 Dec 2022 13:23:10 -0800 X-Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.87]) by mx.groups.io with SMTP id smtpd.web11.21962.1671637919490351831 for ; Wed, 21 Dec 2022 07:51:59 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FjUj49L59GyLWwzTa8Qat4R75EH6O29TdjKKXoYFqsNjjaAcRMoBA3sF9nL/aNVDg9QB9IwInom46xtYqBOCY+ZDZD/mUtySO28R10OWGsbNskTQei/uibhx278wA3jOygn1M1WyAM9gCUePMSCI6c1+AN+FB/4mrAKpycN0p8vkiK9UF6QsTDQKWaNllhDUgPQNaouLZ3a5HuiU+yYPsFos3n9HVVeey4+mEjxPxSrS3CjPKcAwZaMoDCF7e+80RizUUPBtAG2bpe1MYrr3JlW8JOwNyxuajROt/UVWoTbQXgaYmVFEisQ/JYUxasnDex27yMyF1PWpzNsg3J/GeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vNHNUwahPjqXhlwx/fzkKrluIYYozCNmAfVHWI1Lkws=; b=T08M7EyKQMTJAfdZOWp3Q5v4hPS/3U+D+pCEQy5ZikbVsTTK4cgAcKcpiygWHLla9YcY/IYbhg0LExW2DveUMhyIQaGzP8FGMeN/BQsoNutCuAOxYT+nfBim1V/GRlJbV3UxHctSL9H/0lrYFy6mVWkvWzWC5voUXGMoc/elmNokkwWiwj//BwRIQSGFD+RL4GPe66NiWxerqmKA/QuD6OY/5hFn0Sr3CEK70Ei5JBvrG0cKP4O7W7FkE3UKH24l8r1JoADfaG70osr2YnFaF7h5rnxGVAj5ToCSbllX+sG2JnUvbouc4FSCodgYKhcfS39YgOttMFtbAEdF89krUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DM6PR11CA0028.namprd11.prod.outlook.com (2603:10b6:5:190::41) by IA1PR12MB6651.namprd12.prod.outlook.com (2603:10b6:208:3a0::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 15:51:57 +0000 X-Received: from DM6NAM11FT095.eop-nam11.prod.protection.outlook.com (2603:10b6:5:190:cafe::a8) by DM6PR11CA0028.outlook.office365.com (2603:10b6:5:190::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 15:51:57 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97698+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT095.mail.protection.outlook.com (10.13.172.180) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 15:51:57 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 09:51:56 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , Subject: [edk2-devel] [PATCH v4 2/4] MdePkg: Add PcdSevSnpSecretsAddress to export SEV-SNP secrets page Date: Wed, 21 Dec 2022 09:50:45 -0600 Message-ID: <20221221155047.180912-3-michael.roth@amd.com> In-Reply-To: <20221221155047.180912-1-michael.roth@amd.com> References: <20221221155047.180912-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT095:EE_|IA1PR12MB6651:EE_ X-MS-Office365-Filtering-Correlation-Id: 7d5dce26-c4cc-4c64-87ae-08dae36b4a35 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: UgQW/+sDtNYnx5eMF8jrlGjLxTo7uocNrxAbRKqNSTicEasSNvXaZ24Bu6mCTtJcWuPyvkeXc8XwiBBIPIenlWxJtWorJWj7UKa0x47oxKToAkswQTw8wy80HJFCzlVUq8HhBxnS3qnJ0PwCDtfz5WraOPJNDYjadbmF90/loBweQ8f1Wc5b6ml/ns8xfvTJRIm2wRPQoKadGLGr9jRu2KolxEnoU0LR3J0grrFmX15iBmErYQqfl5vz1Po/5pwPdrTu6yJNIBVmpdTObmehZ0+VM+1nGgjc5Nre4htPBBT7y2t3LGq8Y1dCyYIaI17vRRxq+u3Cf9pLY9MAccgqOAunpaweJmaHPszZm3x+xpY5J8gtrfqkfnLFT5TGT9Oa3pXClCjFsu4192B1tZbE5eDqM3cyK//gT2RdqlVcWZfslvnC6UXk1DF5xrH1QwsO3l656ShT+34C5LiACsXdWKDr9kt/GmHVvJsbxb2W5amMOyvF6r7q0ozndu4SJp3LLznjLgAkfFKRWFXrjtyJ1LeW1mQbYPzApvI5rmqRs5FKfZ2I9hf6AGTIat5mm+2VjvkEX+UP8YjtAKAGrnE3VvC9BpwaJVwituls7E8ICd0LYqA0h5h0MQo/bN+Z/VLRrhfquCveUXNmO7BbJhlS7TCr3fCk4iRdtFF3Cv1Xb1P9PYH0JJI6Dc2jdYx5Iz+pNnqtmxbzJuoglv5/84H6yRQRbQ1VI0PMhscVXWa9I6YZO3BlYtO+ruNBfsRm/Jutld/tdAv3KmWhpO8kcx8RVg== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 15:51:57.1593 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7d5dce26-c4cc-4c64-87ae-08dae36b4a35 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT095.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB6651 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: pM1LXH3MrHUaLpjvdAkX4FQrx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657790; bh=UIhL9zcmuJBMuX1Cb6lf4qD+cOPedhHrecb68LpNwZE=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=qB/T3WFM5lsJz5bYCa20afjpkMroCr3I10UX6GbX+2gZrWhQMoqvbDm0lvWYbhZcZGQ 2w05fSYjC+e526eoO7DkoYqczdNCFx2BuJ0ZWuOHetEHqr7ZL5jsAnQ0WFv6/Y0evMfl8 eu2wp6pzPuNd7uF5ARzNh9o1h8b7EA0rxs0= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657791598100019 Content-Type: text/plain; charset="utf-8" OvmfPkg will initially use this to hand off the secrets page address to UefiCpuPkg, which will need this PCD to access the SEV-SNP secrets page address. Define this as an MdePkg PCD so it can be accessed by other packages alongside the secrets page struct defined in MdePkg/Include. Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth --- MdePkg/MdePkg.dec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index e49b2d5b5f..a233a318ba 100644 --- a/MdePkg/MdePkg.dec +++ b/MdePkg/MdePkg.dec @@ -2429,5 +2429,9 @@ # @Prompt Memory encryption attribute gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x00= 00002e =20 + ## This dynamic PCD indicates the location of the SEV-SNP secrets page. + # @Prompt SEV-SNP secrets page address + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0|UINT64|0x0000002f + [UserExtensions.TianoCore."ExtraFiles"] MdePkgExtra.uni --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97698): https://edk2.groups.io/g/devel/message/97698 Mute This Topic: https://groups.io/mt/95815536/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 23:31:06 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97699+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657789139690.9216931293205; Wed, 21 Dec 2022 13:23:09 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id vV4wYY1788612x6KixRYDrWn; Wed, 21 Dec 2022 13:23:08 -0800 X-Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.41]) by mx.groups.io with SMTP id smtpd.web11.21983.1671637947065673544 for ; Wed, 21 Dec 2022 07:52:27 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YEfP3IHVfX+R1klrjdNVReznJyfUGIybPegYfbC2ZKTwRnk/fnGIC2Pbtz5JEFvjblIL2Wh62nTWC+gyEkoHA3mPyh9XQ+L35XoB0x5PCxajP/J6xy3kKp1PVfE5lZxxHIVYguNL4gPFNv4XOxtMTGIBG+yL4+ZdblL/JwZpN3qU5vJgo/f/uOKGVYHFcuu2H9r+JaDjGAUIe5DsIROi+Y2kqx6yOSCaIwtqJU5XHnPvGxGTKNAbAX/ro2XHoP4vV/qu+N5j5uDVP2X59SgyhCSJMyOjihqXTUwFkUKOBuStEseoA7bnDLBChOA/FPgCrzO5JPrI7B+npjl2QlGppA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=P6zS5hj8JPZJdZZ9ySQA8PTP9H5ndBOPtYHzd3X0dFc=; b=KmcWA8a6w3ZGzqb0F9pB7SI4x0Pos+Vc3gvW+xSRLgtfBuTpTDYIU/PnYBIKwzavtNeSavaIN5wlAG8wziKybEksc5j/uBGmKT4ciHYz/d+FYicd70frIHM53mWKmnNgMbwsYx9L8TL/qqIG/pZqAHQ+OxF6JgNRfUiRklRf4kiN5aZEEBcnLBahLz62a2PSZ2XV2SeMQOUAOcHO8PcctwWQYJk4WtHtEy7fuTqie6SxicWLi8EuCwI9vlAiEBY4dgxsswxDrniEKJQy0bvUYHmdKMXLwSVmJRvT2UmaVk8CdcS5nzMkYprhsqG/5tF7O1T+DpRE+miCl8nQi91spA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from DS7PR05CA0017.namprd05.prod.outlook.com (2603:10b6:5:3b9::22) by DS0PR12MB8528.namprd12.prod.outlook.com (2603:10b6:8:160::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 15:52:18 +0000 X-Received: from DM6NAM11FT027.eop-nam11.prod.protection.outlook.com (2603:10b6:5:3b9:cafe::e4) by DS7PR05CA0017.outlook.office365.com (2603:10b6:5:3b9::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.5 via Frontend Transport; Wed, 21 Dec 2022 15:52:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97699+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DM6NAM11FT027.mail.protection.outlook.com (10.13.172.205) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 15:52:18 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 09:52:17 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , Subject: [edk2-devel] [PATCH v4 3/4] OvmfPkg: Initialize the PcdSevSnpSecretsAddress PCD during PEI phase Date: Wed, 21 Dec 2022 09:50:46 -0600 Message-ID: <20221221155047.180912-4-michael.roth@amd.com> In-Reply-To: <20221221155047.180912-1-michael.roth@amd.com> References: <20221221155047.180912-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DM6NAM11FT027:EE_|DS0PR12MB8528:EE_ X-MS-Office365-Filtering-Correlation-Id: c81ff0b6-9714-47b2-4153-08dae36b56cd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: v/4he0yxMxt/Kz0b36A7zT+/Dw1HfFW1bQNjB7KlzPEuD8Pl+pXZ52TknrORWruotX0u33Zkldv6VZGgPyButC3iiwDakuqDS0KcLDTbgmnyk44MAgsgZnYFJ0gLKdIQyqlX29GOv1U/80rqJZgm1D/TuPD+08YRhuP43LMmiZzahh7se4+Kr7nS10OnhULKSG0UZeYehTuGOlMz4RbSJenGpyWU9vZEY0J+hHCm/gnKBF8LZZ0zLiWeC7pGrc7MXIdF7rRQNquwd8XIXBU9LpCRClPVkFko1oUOIRGYMS+KJ5jjyX3LuDX0ddq1dkxPpVP/TfII5CQPM9Q2ibjJKZQV8CA4wWRvWXpz3JA+IgNHkLSj1i+reYAUIlxuS1RT9POS1Ubkug+vqslVGM9TRsORMkHvl7A7f1p6IhrJHZutN34044RW8V7OjHs7IHfmbyOC8Ozd6VHn2SMCGKne17JIHgrSt63qZ62Ghpzz9HkfsT914Lg3G8qOgpC1eyOwZjH8laWp+0SqjO6Z+XgCw78D2zaSuJfkBQa+T+G8CGywrj9BBo28aP+YTGpwAcRtOoqW8crAhUdLtB+N76XF/pL00xG6xtBkm8tiSK8dCaaRkFsXWLiqMQNSyof9gB1ydaAWVSjCVS4LLgD4fCwrgQ5tivYdEamKq87fxvO0DeufHw+rWNRtsY7dh1aQYXn/+jdWN7DK1gOfxpU/VYAX6XlkwKAkp+mjNosSvoGo1fu4VJ8KMZPba9Lc5gsCb9aH8HJfC2SZGceqbSKvmE8ELQ== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 15:52:18.2863 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c81ff0b6-9714-47b2-4153-08dae36b56cd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT027.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8528 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: SLYjyAVfn4yH6oyRqukFI4zvx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657788; bh=lpzqt3zk+Bp6eqP5fyLOSrMrFKtJ0+WUTKh2W1xFvKw=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=G6j+uq46Y1m03dLn1H3B2m+oHAFQKzrOIWf/fELAlcAolIF9rMQMHIrYNM3iYyOluuV 7NDJ3Rgcmu5wFUvlieMxWvxtK2iz2WN+5GiBj9N7XH8wN0r6OGp6ilbhTO6PlVmkbwGpu EnIcigotiYkPgiAry4NeGgR9XPxoY/q10Nc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657789596100002 Content-Type: text/plain; charset="utf-8" This needs to be set so that UefiCpuPkg can locate the SEV-SNP secrets page later to set the AP Jump Table address. Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth Acked-by: Jiewen Yao --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++ OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++ OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +++ OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++ OvmfPkg/OvmfPkgIa32.dsc | 3 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ OvmfPkg/OvmfPkgX64.dsc | 3 +++ OvmfPkg/PlatformPei/AmdSev.c | 5 +++++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + 9 files changed, 27 insertions(+) diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index bb91e8c734..6c3b78d424 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -528,6 +528,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !include OvmfPkg/Include/Dsc/OvmfTpmPcds.dsc.inc =20 gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000 diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index 4d7107fd19..2cc73981b2 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -640,6 +640,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + [PcdsDynamicHii] !include OvmfPkg/Include/Dsc/OvmfTpmPcdsHii.dsc.inc =20 diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX6= 4.dsc index ea538fd783..b264eb9fc3 100644 --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc @@ -527,6 +527,9 @@ =20 gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + ##########################################################################= ###### # # Components Section - list of all EDK II Modules needed by this Platform. diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc index 285ba50671..b2eaa11a85 100644 --- a/OvmfPkg/Microvm/MicrovmX64.dsc +++ b/OvmfPkg/Microvm/MicrovmX64.dsc @@ -644,6 +644,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + ##########################################################################= ###### # # Components Section - list of all EDK II Modules needed by this Platform. diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index dcf46d207d..2e04a3f8b1 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -666,6 +666,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !if $(CSM_ENABLE) =3D=3D FALSE gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000 !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index d0746cb72b..4ebf2aff34 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -675,6 +675,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !if $(CSM_ENABLE) =3D=3D FALSE gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000 !endif diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 2caa4d2ecc..6f8f368977 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -703,6 +703,9 @@ # Set ConfidentialComputing defaults gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0 =20 + # Set SEV-SNP Secrets page address default + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0 + !if $(CSM_ENABLE) =3D=3D FALSE gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000 !endif diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index e4e7b72e67..fa88c9ebd8 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -422,6 +422,11 @@ AmdSevInitialize ( // if (MemEncryptSevSnpIsEnabled ()) { PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS= evSnp); + ASSERT_RETURN_ERROR (PcdStatus); + PcdStatus =3D PcdSet64S ( + PcdSevSnpSecretsAddress, + (UINT64)(UINTN)PcdGet32 (PcdOvmfSnpSecretsBase) + ); } else if (MemEncryptSevEsIsEnabled ()) { PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdS= evEs); } else { diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index 1fadadeb55..851af81248 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -115,6 +115,7 @@ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress =20 [FixedPcd] gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97699): https://edk2.groups.io/g/devel/message/97699 Mute This Topic: https://groups.io/mt/95815537/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 23:31:06 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+97700+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1671657789612348.4176174869558; Wed, 21 Dec 2022 13:23:09 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 4PaUYY1788612xj1ViyCjwEl; Wed, 21 Dec 2022 13:23:09 -0800 X-Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.83]) by mx.groups.io with SMTP id smtpd.web10.22142.1671637961489917972 for ; Wed, 21 Dec 2022 07:52:41 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nByVStqSH7SSzbm5WrJK4AH3XuK6aylaxnQtS/e2K2AKVP/N4UTnGd4ocv3D9U9ApSaEXRRuYTdyFs9lcN2ChJzuImcLM/wcPw5v7AReZ838Dd/Enrh/aTlO9rGK/mqMf3YZSHjYVYJlgIKOSyxk+lWO7w6xlGm1rOK7uHslZEVJCtQQDzQtxSdCS+a0jOmBQNxGItF95LA8LvckzFaJCdwrjMlnKznU/vYnB2lHlVwfCB/MoGOlxPYKo3jeHvfNe+pc6HkIPnzDC5LUuCf7anOZkorrZReekkap45xqU/hX66upCKrP1OP1fJM2/fkv57RkNMBEpLHT7LkGI0mybw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8gz2v30kuj9XUaZ2Cr4ju9MkRsYagoUDRTmDO02i6IU=; b=N4dKB/ZyceVamjHcTuZELgHUnee9SZ2HRS5h1Nh++zfBSiJGwHMW+zM2EbN8cU9T9uOyEHTQalI6WwyPPqg7jQAmtAXQDBf/qXEgx4LHrSZXuAmop61HB7bNnJrWzk3xQ4FgcpdrHR3d0YrkU7vi5Rrg4uk7SzKfj5H0+zV1JRJHS231nK8UsDDk0U/bxEbtXzVOAAOCEgaSFWx4AVVogAT3VYwT5PUCdRbKdck+eJqTj+KxZFhj3pkJwpRBc1ZDz8MtwiCIUdOiufVbxBioHvrHTa82dyqhKEysGhHkuGlRozRxwo4drGvTLfO6iLauyl4DXb0ftOdmUYH45pd0RQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none X-Received: from BN9P223CA0019.NAMP223.PROD.OUTLOOK.COM (2603:10b6:408:10b::24) by DM4PR12MB6158.namprd12.prod.outlook.com (2603:10b6:8:a9::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.16; Wed, 21 Dec 2022 15:52:39 +0000 X-Received: from BN8NAM11FT061.eop-nam11.prod.protection.outlook.com (2603:10b6:408:10b:cafe::e6) by BN9P223CA0019.outlook.office365.com (2603:10b6:408:10b::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5924.21 via Frontend Transport; Wed, 21 Dec 2022 15:52:39 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+97700+1787277+3901457@groups.io; helo=mail02.groups.io; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by BN8NAM11FT061.mail.protection.outlook.com (10.13.177.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5944.10 via Frontend Transport; Wed, 21 Dec 2022 15:52:39 +0000 X-Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Wed, 21 Dec 2022 09:52:38 -0600 From: "Roth, Michael via groups.io" To: CC: Tom Lendacky , Subject: [edk2-devel] [PATCH v4 4/4] UefiCpuPkg: Store SEV-SNP AP jump table in the secrets page Date: Wed, 21 Dec 2022 09:50:47 -0600 Message-ID: <20221221155047.180912-5-michael.roth@amd.com> In-Reply-To: <20221221155047.180912-1-michael.roth@amd.com> References: <20221221155047.180912-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8NAM11FT061:EE_|DM4PR12MB6158:EE_ X-MS-Office365-Filtering-Correlation-Id: 52545b2e-7dbd-4e83-4348-08dae36b634e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: TwK3gAN51nOx4HvorcIveDX2Pk9sOWxooCYzx7+dLeOfzDgGrpfl8/iME1nmwo8OQTsoP7QJfOpHAM7J3wOSOJA4vEFln+VV/El0HJuxj0W5TZr2jSCKqV6YJE6zPjnW0JkmmXILX1K8OEK2iE4/EBstpnAuqtytFQSZT9qI3TADGaYiAmgsjboCmK5PnsOwq64Z6Wl7XvE8+D3PwKiHznmAp8yT+LOQ3ivGq2oS55Vbv5GAl3Dg/RV4XBm7ybkJ2owi+dUxYYJWXLZehOSHCNDcAY5KSj+OASn9uEh7fHfUgOHtML5c2DEUEcXQpE/i/eIDV4VFSttLnHawaiCqXCdQAYVABTX7r3z56ORLp5w8OcFOncZN+44Yp9T/dUVebDw3yS3rISg5PXi4Ib2wppfdRjPCG+D6S1VqAPuIbJ8QzpUP0tLrjj7/onNtcS6WVI7ELz2RdEAJD8Eqzr2ba8Fb/bgKD71BqrYyE/MOitOtvr03K4gr3ss8sd5uM1SRY55N+OV3wIQ6okDLmrPE86vbYBSP1XC7P9iaIdnLhhHbhB6iUU7PSGfOrLiKuEIRwzYhaLSSkap7IGtnB6YZPfiFmv1pfa3RMWUSlwelv4/Yr2U1XFi7mtsEkrXBM5jJj451SLzqY6pRI5xfZoYx1ZmoQz0CLlvriL6ZMWvP0vs4VvRPSRkORiZ9AFPdq481aOmInf51QyoPUPsdolKfbgYgCuE+sbJ5wMDufebdnPU= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Dec 2022 15:52:39.2957 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 52545b2e-7dbd-4e83-4348-08dae36b634e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT061.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6158 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,Michael.Roth@amd.com X-Gm-Message-State: hPznGoLJ0c44acuHmc2essDUx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1671657789; bh=vwnqL1AJw3Y6gzO3c1nZ1skBR+184BP08WRnl6rjUfk=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=tuPxpl4DXAGjASEuuHNiVckoSMNndDzfu/u+wZzz8Cv7TY8iFFRVK59yaKA38RfB6xB ViWSZ4v2fwiigFHSN1VNms6fXiSPnrSKmma+mJCyXr98+xy5C0D5E1ukiSM2OzPCYzvAs RNr3XdaavT5p0WFO4+EPwyvZqox6n9iKqro= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1671657791608100022 Content-Type: text/plain; charset="utf-8" A full-featured SEV-SNP guest will not rely on the AP jump table, and will instead use the AP Creation interface defined by the GHCB. However, a guest is still allowed to use the AP jump table if desired. However, unlike with SEV-ES guests, SEV-SNP guests should not store/retrieve the jump table address via GHCB requests to the hypervisor, they should instead store/retrieve it via the SEV-SNP secrets page. Implement the store side of this for OVMF. Suggested-by: Tom Lendacky Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth --- UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 1 + UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf b/UefiCpuPkg/Lib= rary/MpInitLib/DxeMpInitLib.inf index 8c8b81d933..0c36538d59 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf @@ -85,3 +85,4 @@ gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ## = CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## = CONSUMES gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## = CONSUMES + gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress ## = CONSUMES diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c b/UefiCpuPkg/Library/M= pInitLib/DxeMpLib.c index beab06a5b1..8edc612772 100644 --- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c @@ -15,6 +15,7 @@ #include #include #include +#include =20 #include =20 @@ -217,6 +218,15 @@ GetSevEsAPMemory ( =20 DEBUG ((DEBUG_INFO, "Dxe: SevEsAPMemory =3D %lx\n", (UINTN)StartAddress)= ); =20 + if (ConfidentialComputingGuestHas (CCAttrAmdSevSnp)) { + SNP_SECRETS_PAGE *Secrets; + + Secrets =3D (SNP_SECRETS_PAGE *)(INTN)PcdGet64 (= PcdSevSnpSecretsAddress); + Secrets->OsArea.ApJumpTablePa =3D (UINT64)(UINTN)StartAddress; + + return (UINTN)StartAddress; + } + // // Save the SevEsAPMemory as the AP jump table. // --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#97700): https://edk2.groups.io/g/devel/message/97700 Mute This Topic: https://groups.io/mt/95815538/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-