On 10/25/21 2:22 AM, Xu, Min M wrote: > On October 23, 2021 12:14 PM, Brijesh Singh wrote: >> BZ: >> https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C96cac3cfbb5b4eec64a808d997883593%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637707433532691196%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=JuBNNapc9%2B9xbbiCXbWKy4rYSzO%2BnYeLZ6cmxF7FNwo%3D&reserved=0 >> >> While initializing APs, the MpInitLib may need to know whether the guest is >> running with active AMD SEV or Intel TDX memory encryption. >> >> Add a new ConfidentialComputingGuestAttr PCD that can be used to query the >> memory encryption attribute. >> >> --- >> MdePkg/MdePkg.dec | 4 +++ >> .../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++ >> 2 files changed, 29 insertions(+) >> create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h >> >> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index >> 8b18415b107a..cd903c35d2ff 100644 >> --- a/MdePkg/MdePkg.dec >> +++ b/MdePkg/MdePkg.dec >> @@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, >> PcdsDynamic, PcdsDynamicEx] >> # @Prompt FSB Clock. >> gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c >> >> + ## This dynamic PCD indicates the memory encryption attribute of the >> guest. >> + # @Prompt Memory encryption attribute >> + >> gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x >> + 0000002e >> + > This PCD is defined in MdePkg, but the title is " UefiCpuPkg: Define > ConfidentialComputingGuestAttr". A typo ? Yes, initially I defined in UefiCpuPkg but later based on the feedback moved to MdePkg but missed updating the header. > > BTW, can you add below macro in the ConfidentialComputingGuestAttr.h, such as: > #define CC_GUEST_IS_TDX(x) ((x) == CCAttrIntelTdx) > #define CC_GUEST_IS_SEV(x) ((x) == CCAttrAmdSev || (x) == CCAttrAmdSevEs || > (x) == CCAttrAmdSevSnp)
For SEV case, we need to distinguish between the ES and SNP, so above macro does not help. Patch#22 adds a ConfidentialComputingGuesthas() that does a comprehensive check for the SEV. For TDX, if you find that other modules or libraries need to use this PCD check then you can move it to a common header or library. > > Thanks. > Min -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#82650): https://edk2.groups.io/g/devel/message/82650 Mute This Topic: https://groups.io/mt/86530733/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
