Reviewed-by: Jian J Wang <[email protected]>
Regards, Jian > -----Original Message----- > From: Xu, Min M <[email protected]> > Sent: Saturday, March 12, 2022 9:54 AM > To: [email protected] > Cc: Xu, Min M <[email protected]>; Wang, Jian J <[email protected]>; > Wu, Hao A <[email protected]>; Brijesh Singh <[email protected]>; > Aktas, Erdem <[email protected]>; James Bottomley > <[email protected]>; Yao, Jiewen <[email protected]>; Tom Lendacky > <[email protected]>; Gerd Hoffmann <[email protected]> > Subject: [PATCH V8 36/47] MdeModulePkg: Add PcdTdxSharedBitMask > > RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429 > > Guest Physical Address (GPA) space in Td guest is divided into private > and shared sub-spaces, determined by the SHARED bit of GPA. This PCD > holds the shared bit mask. Its default value is 0 and it will be set > in PlatformPei driver if it is of Td guest. > > Cc: Jian J Wang <[email protected]> > Cc: Hao A Wu <[email protected]> > Cc: Brijesh Singh <[email protected]> > Cc: Erdem Aktas <[email protected]> > Cc: James Bottomley <[email protected]> > Cc: Jiewen Yao <[email protected]> > Cc: Tom Lendacky <[email protected]> > Cc: Gerd Hoffmann <[email protected]> > Acked-by: Gerd Hoffmann <[email protected]> > Signed-off-by: Min Xu <[email protected]> > --- > MdeModulePkg/MdeModulePkg.dec | 4 ++++ > OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++ > OvmfPkg/Bhyve/BhyveX64.dsc | 3 +++ > OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++ > OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++ > OvmfPkg/OvmfPkgIa32.dsc | 3 +++ > OvmfPkg/OvmfPkgIa32X64.dsc | 1 + > OvmfPkg/OvmfPkgX64.dsc | 3 +++ > OvmfPkg/OvmfXen.dsc | 3 +++ > 9 files changed, 26 insertions(+) > > diff --git a/MdeModulePkg/MdeModulePkg.dec > b/MdeModulePkg/MdeModulePkg.dec > index 463e889e9a68..1a2425974f44 100644 > --- a/MdeModulePkg/MdeModulePkg.dec > +++ b/MdeModulePkg/MdeModulePkg.dec > @@ -2079,6 +2079,10 @@ > # @Prompt Enable PCIe Resizable BAR Capability support. > > gEfiMdeModulePkgTokenSpaceGuid.PcdPcieResizableBarSupport|FALSE|BOOLE > AN|0x10000024 > > + ## This PCD holds the shared bit mask for page table entries when Tdx is > enabled. > + # @Prompt The shared bit mask when Intel Tdx is enabled. > + > gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x100 > 00025 > + > [PcdsPatchableInModule] > ## Specify memory size with page number for PEI code when > # Loading Module at Fixed Address feature is enabled. > diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc > b/OvmfPkg/AmdSev/AmdSevX64.dsc > index c173a72134f4..dda98aa43bdb 100644 > --- a/OvmfPkg/AmdSev/AmdSevX64.dsc > +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc > @@ -558,6 +558,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc > index 656e407473bb..0daae82d6705 100644 > --- a/OvmfPkg/Bhyve/BhyveX64.dsc > +++ b/OvmfPkg/Bhyve/BhyveX64.dsc > @@ -550,6 +550,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 > > # MdeModulePkg resolution sets up the system display resolution > diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc > b/OvmfPkg/CloudHv/CloudHvX64.dsc > index c307f1cc7550..1732f281b435 100644 > --- a/OvmfPkg/CloudHv/CloudHvX64.dsc > +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc > @@ -603,6 +603,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc > b/OvmfPkg/Microvm/MicrovmX64.dsc > index 0eac0c02c630..cde90f523520 100644 > --- a/OvmfPkg/Microvm/MicrovmX64.dsc > +++ b/OvmfPkg/Microvm/MicrovmX64.dsc > @@ -592,6 +592,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index 8f02dca63869..01a26c234a88 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -618,6 +618,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index 98a6748c62dd..bf08e893e053 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -631,6 +631,7 @@ > > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index 2df5b2999610..3092036bb7f6 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -642,6 +642,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > # Set SEV-ES defaults > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 > gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 > diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc > index aa27e2256ae9..470c8cfe4d23 100644 > --- a/OvmfPkg/OvmfXen.dsc > +++ b/OvmfPkg/OvmfXen.dsc > @@ -495,6 +495,9 @@ > # Set memory encryption mask > > gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask| > 0x0 > > + # Set Tdx shared bit mask > + gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0 > + > gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 > > > ################################################################# > ############### > -- > 2.29.2.windows.2 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#87561): https://edk2.groups.io/g/devel/message/87561 Mute This Topic: https://groups.io/mt/89725437/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
