From nobody Sat Feb 7 04:47:09 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+81493+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+81493+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1633405269; cv=none; d=zohomail.com; s=zohoarc; b=EewXNW10e6IiG5OHOxNEDXbCNr2y7xLNTywkt7nxJLdMvfLCL7/YFscygFZ5MqUs3DPKs2NXI3UhMX7hW4mCJOtbZqGAIAxcTy2cmMretqhRSRm7unHR5x31xSBf+i4Zqu2j0GKZPw0r6ao+moYWmff+Aj/03Tw/5hidblxLEQU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1633405269; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Rj5lW6vb5mCbLNjAetJRcj7vtHz8kYKbgsN39y9JBvE=; b=mUJgaFQsdPt1lwCBgjnnsFGf6ODFy3+bsyYFhN1ZAwp/D1+qI3RxWZ6yOsC3C/6zGICaJWGLImWAYA8or/oIsv6LHbcOOy60PRjFd+zhqAeC9tWJBgvH2Z3qoOXTsSLfkx9LGWBt8y8aoUOBfBzsvPk/ustRS7P5kMOAn12c3+s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+81493+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1633405269041853.4039852971937; Mon, 4 Oct 2021 20:41:09 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id orcgYY1788612x61eE6WU27L; Mon, 04 Oct 2021 20:41:08 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.20673.1633405264221469310 for ; Mon, 04 Oct 2021 20:41:06 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10127"; a="225958240" X-IronPort-AV: E=Sophos;i="5.85,347,1624345200"; d="scan'208";a="225958240" X-Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Oct 2021 20:40:55 -0700 X-IronPort-AV: E=Sophos;i="5.85,347,1624345200"; d="scan'208";a="487828775" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.255.29.239]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Oct 2021 20:40:54 -0700 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Brijesh Singh Subject: [edk2-devel] [PATCH V2 22/28] UefiCpuPkg: Define ConfidentialComputingGuestAttr (Temp) Date: Tue, 5 Oct 2021 11:39:33 +0800 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,min.m.xu@intel.com X-Gm-Message-State: WkHliBBMRcIToTos6zgqFd4Yx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1633405268; bh=nz/1PnVv1+DDcYDF+k/5CWzgqi/L2rkndYZeeRAmcr0=; h=Cc:Date:From:Reply-To:Subject:To; b=h4R+NozafF7Sp0Lqy06/cqSGWXaDWFf61GFz3hZxjwgN+NUWkQaFvUb0gJ63QkFXqO9 VO6CMfh4ekIBqul3Mz0VAY13DGai0V7wwIjutaNRSUCSQFFBIMKJDrtUncrQaRphdYY25 HnAlS6zP6H3V3UBxrh/Jg8i7ugjVHzOEnpw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1633405270865100029 Content-Type: text/plain; charset="utf-8" Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute. (This is AMD's patch) Signed-off-by: Brijesh Singh --- OvmfPkg/PlatformPei/IntelTdx.c | 8 ++---- OvmfPkg/PlatformPei/PlatformPei.inf | 2 +- .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ UefiCpuPkg/UefiCpuPkg.dec | 4 +++ 4 files changed, 32 insertions(+), 7 deletions(-) create mode 100644 UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h diff --git a/OvmfPkg/PlatformPei/IntelTdx.c b/OvmfPkg/PlatformPei/IntelTdx.c index 684907179c10..5256740376b8 100644 --- a/OvmfPkg/PlatformPei/IntelTdx.c +++ b/OvmfPkg/PlatformPei/IntelTdx.c @@ -20,6 +20,7 @@ #include #include #include +#include #include "Platform.h" =20 /** @@ -263,17 +264,12 @@ IntelTdxInitialize ( { EFI_HOB_PLATFORM_INFO PlatformInfoHob; RETURN_STATUS PcdStatus; - UINT32 ConfidentialComputingCategory; - CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER *CcWorkAreaHeader; =20 if (!PlatformPeiIsTdxGuest ()) { return; } =20 - CcWorkAreaHeader =3D (CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER *) FixedPc= dGet32 (PcdOvmfWorkAreaBase); - ConfidentialComputingCategory =3D *((UINT32 *)CcWorkAreaHeader); - - PcdStatus =3D PcdSet32S (PcdConfidentialComputingCategory, ConfidentialC= omputingCategory); + PcdStatus =3D PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrIntelT= dx); ASSERT_RETURN_ERROR (PcdStatus); =20 PcdStatus =3D PcdSetBoolS (PcdIa32EferChangeAllowed, FALSE); diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index eec1bb3d9c38..91a35f77a81f 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -118,7 +118,7 @@ gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled gEfiMdeModulePkgTokenSpaceGuid.PcdIa32EferChangeAllowed - gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingCategory + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr =20 [FixedPcd] gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress diff --git a/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h b/UefiCpuP= kg/Include/ConfidentialComputingGuestAttr.h new file mode 100644 index 000000000000..495b0df0ac33 --- /dev/null +++ b/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h @@ -0,0 +1,25 @@ +/** @file +Definitions for Confidential Computing Attribute + +Copyright (c) 2021 AMD Inc. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ + +typedef enum { + /* The guest is running with memory encryption disabled. */ + CCAttrNotEncrypted =3D 0, + + /* The guest is running with AMD SEV memory encryption enabled. */ + CCAttrAmdSev =3D 0x100, + CCAttrAmdSevEs =3D 0x101, + CCAttrAmdSevSnp =3D 0x102, + + /* The guest is running with Intel TDX memory encryption enabled. */ + CCAttrIntelTdx =3D 0x200, +} CONFIDENTIAL_COMPUTING_GUEST_ATTR; + +#endif diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 439bfc86a112..f270bbb990f6 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -399,5 +399,9 @@ # @Prompt SEV-ES Status gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|FALSE|BOOLEAN|0x60000016 =20 + ## This dynamic PCD indicates the memory encryption attribute of the gue= st. + # @Prompt Memory encryption attribute + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x6= 0000017 + [UserExtensions.TianoCore."ExtraFiles"] UefiCpuPkgExtra.uni --=20 2.29.2.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#81493): https://edk2.groups.io/g/devel/message/81493 Mute This Topic: https://groups.io/mt/86085762/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-