CONFIDENTIAL_COMPUTING_GUEST_ATTR is not a simple SEV level anymore and includes a feature mask since the previous commit.
Fix AmdMemEncryptionAttrCheck to check the level and feature correctly and add DebugVirtualization support. Since the actual feature flag is not set yet, this should cause no behavioural change. Cc: Gerd Hoffmann <[email protected]> Cc: Jiaxin Wu <[email protected]> Cc: Rahul Kumar <[email protected]> Cc: Ray Ni <[email protected]> Cc: Tom Lendacky <[email protected]> Signed-off-by: Alexey Kardashevskiy <[email protected]> --- UefiCpuPkg/Library/MpInitLib/MpLib.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c b/UefiCpuPkg/Library/MpInitLib/MpLib.c index f97298887f96..444df2abdc1d 100644 --- a/UefiCpuPkg/Library/MpInitLib/MpLib.c +++ b/UefiCpuPkg/Library/MpInitLib/MpLib.c @@ -3196,19 +3196,25 @@ AmdMemEncryptionAttrCheck ( IN CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr ) { + UINT64 CurrentLevel; + + CurrentLevel = CurrentAttr & CCAttrTypeMask; + switch (Attr) { case CCAttrAmdSev: // // SEV is automatically enabled if SEV-ES or SEV-SNP is active. // - return CurrentAttr >= CCAttrAmdSev; + return CurrentLevel >= CCAttrAmdSev; case CCAttrAmdSevEs: // // SEV-ES is automatically enabled if SEV-SNP is active. // - return CurrentAttr >= CCAttrAmdSevEs; + return CurrentLevel >= CCAttrAmdSevEs; case CCAttrAmdSevSnp: - return CurrentAttr == CCAttrAmdSevSnp; + return CurrentLevel == CCAttrAmdSevSnp; + case CCAttrFeatureAmdSevEsDebugVirtualization: + return !!(CurrentAttr & CCAttrFeatureAmdSevEsDebugVirtualization); default: return FALSE; } -- 2.44.0 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119462): https://edk2.groups.io/g/devel/message/119462 Mute This Topic: https://groups.io/mt/106496089/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
