From nobody Wed Oct 1 20:41:29 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+47637+1787277+3901457@groups.io; arc=fail (BodyHash is different from the expected one) Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1568922751426171.60473300809565; Thu, 19 Sep 2019 12:52:31 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id sLOaYY1788612xkSg0e0Ij2u; Thu, 19 Sep 2019 12:52:30 -0700 X-Received: from NAM02-CY1-obe.outbound.protection.outlook.com (NAM02-CY1-obe.outbound.protection.outlook.com [40.107.76.83]) by groups.io with SMTP; Thu, 19 Sep 2019 12:52:30 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fRGQJm/0x7ioUkYdZiRGgOi2mciT0MSJDsXhnH/M8uPymQXsRILv0vDFGrXqY/A3nPHwSzCA/Rm7LH4Zo7hAFzwCB83jRYGtD1j5jq6+wkO56PGiph0dOcsChdotDcfXYlHSGzp24REDFAu3PKkR2qlfujQsCWei3qS73ogjnOrhc38qJwvrVDvvkun7/7+O0NeIEZ5og3ksMKxMKVa0aINlR1kE0lYOvOxNMQd6w1SggtRWGfat1gjnUzz0hx7eFfM9T5Ue5+5En3zzVYCGYJGrcBI+2UygEIelWvjWPM3bl6BjbZUDDn5YFqi/Mls+Z/TihpEy0ID2gt8ReZpylw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vBG8QOl5rwGKLTp1ykBp80xyCO0cFXmEhdPgnvi7u7U=; b=hSwJkm80GhY5CJ228+vtU24nmFfJoiR9wZdyYvWBfhzMsR6Qestw3dATNIeQ65RZJtCUzpmARGmh0//ILMPUGh3ljZHmfMGBboCPw3qQut4GBs1cTegvwleVBDuY9hZmzoIfeAKc94MDquer4beMAzQUxNsm7m0YED3U1W32eYNscgmWjq4y93JfDJ7HoW5V0TJvYwfoIb996SVfwxFt+0KR0dXeU4uqygQ0cXojCQnA5fxbcqdiYiRcvo3KpSQWuEwJ/axjpawUvrMgb/oYVxk8vCMOhg+ouw0YawALkboiAOQ87jmxFlckLI8/T3JqpVtsoepX3ailQvHYly//Sg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com (20.179.104.150) by DM6PR12MB3228.namprd12.prod.outlook.com (20.179.105.96) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2263.13; Thu, 19 Sep 2019 19:52:28 +0000 X-Received: from DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::400e:f0c3:7ca:2fcc]) by DM6PR12MB3163.namprd12.prod.outlook.com ([fe80::400e:f0c3:7ca:2fcc%6]) with mapi id 15.20.2284.009; Thu, 19 Sep 2019 19:52:28 +0000 From: "Lendacky, Thomas" To: "devel@edk2.groups.io" CC: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Michael D Kinney , Liming Gao , Eric Dong , Ray Ni , "Singh, Brijesh" Subject: [edk2-devel] [RFC PATCH v2 03/44] OvmfPkg: Add support to perform SEV-ES initialization Thread-Topic: [RFC PATCH v2 03/44] OvmfPkg: Add support to perform SEV-ES initialization Thread-Index: AQHVbyPDnwCe71ks/E2JwQ+3zy/eQQ== Date: Thu, 19 Sep 2019 19:52:27 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: SN4PR0501CA0146.namprd05.prod.outlook.com (2603:10b6:803:2c::24) To DM6PR12MB3163.namprd12.prod.outlook.com (2603:10b6:5:182::22) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [165.204.78.1] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 0755ee6a-f104-4311-7534-08d73d3ae62d x-ms-office365-filtering-ht: Tenant x-ms-traffictypediagnostic: DM6PR12MB3228: x-ms-exchange-purlcount: 1 x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4941; Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+47637+1787277+3901457@groups.io; helo=web01.groups.io; received-spf: None (protection.outlook.com: amd.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: eCE/KY5eSQ+0rHvsERMGJnDwS0MTPuGh/MZ0P746rYPszeXgWywh/6al1ftjDai3bwD0uyp9q3Fxoo+0uN3JxMqsI5r10lDnTsimsL6b5AqhfpdgqL2N6jrI5TJMD/n4SRrl0FiGMLXWECFu2mDPRDF0yU8YuwbnlhFFFJ9QOjBAs3oPNAePrbgWFcnKuwQgEkiQyY3dMlDVkhk2evkfDYowiZeAqgkgT8Bz/ED/kJ6BA2I6Qc3fvIXJUyDJzfKyv3Hm4AmUF+VyLHlvl8+/DhAcEHMb55nxgnib8cxXODWb87if8b/aor4gbVZDld8W8sG6YPtZmbXQGJlnfbYHBh7t9wgb0tuWzNyKktjjcKvq3e+TPuFW06gFrxJMygoruNYTKAvzZ9ZPsLv4scUQbv1zsxnrYqhQbupQ+0jNJlQ= MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0755ee6a-f104-4311-7534-08d73d3ae62d X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Sep 2019 19:52:27.9228 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: dshoJ0iZkedJoZNJ8ugBDtRBLbOtSSP/tGWv7IMsm+b0iqXSslxPa3LHmCNfyQyuounohPuFN+rZROlYxuHvZg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3228 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,thomas.lendacky@amd.com X-Gm-Message-State: peaJvHNKiwIsh2ueY40EUkvFx1787277AA= Content-Language: en-US Content-ID: Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1568922750; bh=j1KiBCGke8CqN7hVwPCobn+zs+ISRI1dz2GBLSBuRzA=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=w4UK+SN7kLc4AhPSdr+zjFoOl/opFjkV73VaCGWFb6BQKFmx/AXtjrEvRzgzeV0uyQ7 ZZ9bQ5qUMy1i7GZ5Qj+HlQ9ZBf1dpAoAEg8tCeUfkLg1FPkV631HZcHSLCExhJxw6V8oV v2UzZF6KJuDlz3dP6/V+EbnzhlcWiy941VI= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2198 When SEV-ES is active, then SEV is also active. Add support to the SEV initialization function to also check for SEV-ES being active. If SEV-ES is active, set the SEV-ES active PCD (PcdSevEsActive). Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Signed-off-by: Tom Lendacky Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 3 +++ OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++ OvmfPkg/OvmfPkgX64.dsc | 3 +++ OvmfPkg/PlatformPei/PlatformPei.inf | 1 + OvmfPkg/PlatformPei/AmdSev.c | 26 ++++++++++++++++++++++++++ 5 files changed, 36 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 6ab730018694..0ce5c01722ef 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -558,6 +558,9 @@ [PcdsDynamicDefault] # Set memory encryption mask gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 + # Set SEV-ES defaults + gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive|0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index f163aa267132..e7455e35a55d 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -570,6 +570,9 @@ [PcdsDynamicDefault] # Set memory encryption mask gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 + # Set SEV-ES defaults + gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive|0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index fa98f16a3fb3..0b8305cd10a2 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -569,6 +569,9 @@ [PcdsDynamicDefault] # Set memory encryption mask gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 =20 + # Set SEV-ES defaults + gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive|0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiOvmfPkgTokenSpaceGuid.PcdQ35TsegMbytes|8 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index d9fd9c8f05b3..2736347a2e03 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -100,6 +100,7 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize + gEfiMdeModulePkgTokenSpaceGuid.PcdSevEsActive =20 [FixedPcd] gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 2ae8126ccf8a..7ae2f26a2ba7 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -19,6 +19,27 @@ =20 #include "Platform.h" =20 +/** + + Initialize SEV-ES support if running an SEV-ES guest. + + **/ +STATIC +VOID +AmdSevEsInitialize ( + VOID + ) +{ + RETURN_STATUS PcdStatus; + + if (!MemEncryptSevEsIsEnabled ()) { + return; + } + + PcdStatus =3D PcdSetBoolS (PcdSevEsActive, 1); + ASSERT_RETURN_ERROR (PcdStatus); +} + /** =20 Function checks if SEV support is available, if present then it sets @@ -89,4 +110,9 @@ AmdSevInitialize ( EfiBootServicesData // MemoryType ); } + + // + // Check and perform SEV-ES initialization if required. + // + AmdSevEsInitialize (); } --=20 2.17.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#47637): https://edk2.groups.io/g/devel/message/47637 Mute This Topic: https://groups.io/mt/34203538/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-