BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
While initializing APs, the MpInitLib may need to know whether the guest is running with active AMD SEV or Intel TDX memory encryption. Add a new ConfidentialComputingGuestAttr PCD that can be used to query the memory encryption attribute. Cc: Michael Roth <[email protected]> Cc: Ray Ni <[email protected]> Cc: Rahul Kumar <[email protected]> Cc: Eric Dong <[email protected]> Cc: James Bottomley <[email protected]> Cc: Min Xu <[email protected]> Cc: Jiewen Yao <[email protected]> Cc: Tom Lendacky <[email protected]> Cc: Jordan Justen <[email protected]> Cc: Ard Biesheuvel <[email protected]> Cc: Erdem Aktas <[email protected]> Cc: Gerd Hoffmann <[email protected]> Suggested-by: Jiewen Yao <[email protected]> Signed-off-by: Brijesh Singh <[email protected]> --- UefiCpuPkg/UefiCpuPkg.dec | 4 +++ .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h diff --git a/UefiCpuPkg/UefiCpuPkg.dec b/UefiCpuPkg/UefiCpuPkg.dec index 62acb291f309..9dbaa407c399 100644 --- a/UefiCpuPkg/UefiCpuPkg.dec +++ b/UefiCpuPkg/UefiCpuPkg.dec @@ -396,5 +396,9 @@ [PcdsDynamic, PcdsDynamicEx] # @Prompt SEV-ES Status gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled|FALSE|BOOLEAN|0x60000016 + ## This dynamic PCD indicates the memory encryption attribute of the guest. + # @Prompt Memory encryption attribute + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x60000017 + [UserExtensions.TianoCore."ExtraFiles"] UefiCpuPkgExtra.uni diff --git a/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h b/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h new file mode 100644 index 000000000000..495b0df0ac33 --- /dev/null +++ b/UefiCpuPkg/Include/ConfidentialComputingGuestAttr.h @@ -0,0 +1,25 @@ +/** @file +Definitions for Confidential Computing Attribute + +Copyright (c) 2021 AMD Inc. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ +#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_ + +typedef enum { + /* The guest is running with memory encryption disabled. */ + CCAttrNotEncrypted = 0, + + /* The guest is running with AMD SEV memory encryption enabled. */ + CCAttrAmdSev = 0x100, + CCAttrAmdSevEs = 0x101, + CCAttrAmdSevSnp = 0x102, + + /* The guest is running with Intel TDX memory encryption enabled. */ + CCAttrIntelTdx = 0x200, +} CONFIDENTIAL_COMPUTING_GUEST_ATTR; + +#endif -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80904): https://edk2.groups.io/g/devel/message/80904 Mute This Topic: https://groups.io/mt/85749038/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
