Hi Ray,
On 11/11/21 8:00 AM, Ni, Ray wrote:
I don't prefer to use a dynamic PCD for passing data.
Because developers don't know when this PCD value is finalized (PCD always has
a default value).
If the value is determined in PEI and consumed in DXE, HOB is a better choice.
If the value is determined in PEI and consumed in PEI, PPI is a better choice.
(you can use PPI depex)
If the value is determined in DXE and consumed in DXE, Protocol is a better
choice. (You can use Protocol depex)
I wish you had raised your concerns early to avoid going in this PCD
direction. The PCD approach was discussed some time back. Both the
SEV-SNP and TDX patches are dependent on it.
Having said so, if your preference is not to use the PCD, then it can be
done after SNP and TDX patches are merged.
Jiewen/Min/Gerd thoughts?
thanks
-----Original Message-----
From: Brijesh Singh <brijesh.si...@amd.com>
Sent: Thursday, November 11, 2021 6:15 AM
To: devel@edk2.groups.io
Cc: James Bottomley <j...@linux.ibm.com>; Xu, Min M <min.m...@intel.com>; Yao, Jiewen <jiewen....@intel.com>; Tom Lendacky <thomas.lenda...@amd.com>; Justen,
Jordan L <jordan.l.jus...@intel.com>; Ard Biesheuvel <ardb+tianoc...@kernel.org>; Erdem Aktas <erdemak...@google.com>; Michael Roth <michael.r...@amd.com>;
Gerd Hoffmann <kra...@redhat.com>; Kinney, Michael D <michael.d.kin...@intel.com>; Liming Gao <gaolim...@byosoft.com.cn>; Liu, Zhiguang
<zhiguang....@intel.com>; Ni, Ray <ray...@intel.com>; Kumar, Rahul1 <rahul1.ku...@intel.com>; Dong, Eric <eric.d...@intel.com>; Brijesh Singh
<brijesh.si...@amd.com>; Michael Roth <michael.r...@amd.com>
Subject: [PATCH v12 20/32] MdePkg: Define ConfidentialComputingGuestAttr
BZ:
https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3275&data=04%7C01%7Cbrijesh.singh%40amd.com%7C40483d937fa84cebe69908d9a51b9afd%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637722360254370524%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=EtT7bzDCZxsMA9sTCqISftp62QbezdoSf4k2eCfZsws%3D&reserved=0
While initializing APs, the MpInitLib may need to know whether the guest is
running with active AMD SEV or Intel TDX memory encryption.
Add a new ConfidentialComputingGuestAttr PCD that can be used to query the
memory encryption attribute.
Cc: Michael D Kinney <michael.d.kin...@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang....@intel.com>
Cc: Michael Roth <michael.r...@amd.com>
Cc: Ray Ni <ray...@intel.com>
Cc: Rahul Kumar <rahul1.ku...@intel.com>
Cc: Eric Dong <eric.d...@intel.com>
Cc: James Bottomley <j...@linux.ibm.com>
Cc: Min Xu <min.m...@intel.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Tom Lendacky <thomas.lenda...@amd.com>
Cc: Jordan Justen <jordan.l.jus...@intel.com>
Cc: Ard Biesheuvel <ardb+tianoc...@kernel.org>
Cc: Erdem Aktas <erdemak...@google.com>
Cc: Gerd Hoffmann <kra...@redhat.com>
Suggested-by: Jiewen Yao <jiewen....@intel.com>
Acked-by: Gerd Hoffmann <kra...@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.si...@amd.com>
---
MdePkg/MdePkg.dec | 4 +++
.../Include/ConfidentialComputingGuestAttr.h | 25 +++++++++++++++++++
2 files changed, 29 insertions(+)
create mode 100644 MdePkg/Include/ConfidentialComputingGuestAttr.h
diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec index
8b18415b107a..cd903c35d2ff 100644
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -2396,5 +2396,9 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic,
PcdsDynamicEx]
# @Prompt FSB Clock.
gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c
+ ## This dynamic PCD indicates the memory encryption attribute of the guest.
+ # @Prompt Memory encryption attribute
+ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x
+ 0000002e
+
[UserExtensions.TianoCore."ExtraFiles"]
MdePkgExtra.uni
diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h
b/MdePkg/Include/ConfidentialComputingGuestAttr.h
new file mode 100644
index 000000000000..495b0df0ac33
--- /dev/null
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -0,0 +1,25 @@
+/** @file
+Definitions for Confidential Computing Attribute
+
+Copyright (c) 2021 AMD Inc. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
+#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_
+
+typedef enum {
+ /* The guest is running with memory encryption disabled. */
+ CCAttrNotEncrypted = 0,
+
+ /* The guest is running with AMD SEV memory encryption enabled. */
+ CCAttrAmdSev = 0x100,
+ CCAttrAmdSevEs = 0x101,
+ CCAttrAmdSevSnp = 0x102,
+
+ /* The guest is running with Intel TDX memory encryption enabled. */
+ CCAttrIntelTdx = 0x200,
+} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
+
+#endif
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83656): https://edk2.groups.io/g/devel/message/83656
Mute This Topic: https://groups.io/mt/86969144/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
