BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275
Previous commit introduced a generic confidential computing PCD that can
determine whether AMD SEV-ES is enabled. Update the MpInitLib to drop the
PcdSevEsIsEnabled in favor of PcdConfidentialComputingAttr.
Cc: Michael Roth
Cc: Ray Ni
Cc: Rahul Kumar
Cc: Eric Dong
Cc: James Bottomley
Cc: Min Xu
Cc: Jiewen Yao
Cc: Tom Lendacky
Cc: Jordan Justen
Cc: Ard Biesheuvel
Cc: Erdem Aktas
Cc: Gerd Hoffmann
Acked-by: Gerd Hoffmann
Suggested-by: Jiewen Yao
Signed-off-by: Brijesh Singh
---
UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf | 2 +-
UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf | 2 +-
UefiCpuPkg/Library/MpInitLib/MpLib.h | 13
UefiCpuPkg/Library/MpInitLib/DxeMpLib.c | 6 +-
UefiCpuPkg/Library/MpInitLib/MpLib.c | 67 ++-
UefiCpuPkg/Library/MpInitLib/PeiMpLib.c | 4 +-
6 files changed, 84 insertions(+), 10 deletions(-)
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
index 6e510aa89120..de705bc54bb4 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf
@@ -73,7 +73,7 @@ [Pcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode ##
CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ##
SOMETIMES_CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdCpuApStatusCheckIntervalInMicroSeconds ##
CONSUMES
- gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled ##
CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ##
SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard ##
CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ##
CONSUMES
+ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ##
CONSUMES
diff --git a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
index 2cbd9b8b8acc..b7e15ee023f0 100644
--- a/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
+++ b/UefiCpuPkg/Library/MpInitLib/PeiMpInitLib.inf
@@ -63,9 +63,9 @@ [Pcd]
gUefiCpuPkgTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize ## CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdCpuApLoopMode ## CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdCpuApTargetCstate ##
SOMETIMES_CONSUMES
- gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled ## CONSUMES
gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase ##
SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase ## CONSUMES
+ gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr ## CONSUMES
[Ppis]
gEdkiiPeiShadowMicrocodePpiGuid## SOMETIMES_CONSUMES
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.h
b/UefiCpuPkg/Library/MpInitLib/MpLib.h
index 3d4446df8ce6..2107f3f705a2 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.h
+++ b/UefiCpuPkg/Library/MpInitLib/MpLib.h
@@ -33,6 +33,7 @@
#include
#include
#include
+#include
#include
#include
@@ -774,5 +775,17 @@ SevEsPlaceApHlt (
CPU_MP_DATA*CpuMpData
);
+/**
+ Check if the specified confidential computing attribute is active.
+
+ @retval TRUE The specified Attr is active.
+ @retval FALSE The specified Attr is not active.
+**/
+BOOLEAN
+EFIAPI
+ConfidentialComputingGuestHas (
+ CONFIDENTIAL_COMPUTING_GUEST_ATTR Attr
+ );
+
#endif
diff --git a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
index 93fc63bf93e3..657a73dca05e 100644
--- a/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
+++ b/UefiCpuPkg/Library/MpInitLib/DxeMpLib.c
@@ -93,7 +93,7 @@ GetWakeupBuffer (
EFI_PHYSICAL_ADDRESSStartAddress;
EFI_MEMORY_TYPE MemoryType;
- if (PcdGetBool (PcdSevEsIsEnabled)) {
+ if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
MemoryType = EfiReservedMemoryType;
} else {
MemoryType = EfiBootServicesData;
@@ -107,7 +107,7 @@ GetWakeupBuffer (
// LagacyBios driver depends on CPU Arch protocol which guarantees below
// allocation runs earlier than LegacyBios driver.
//
- if (PcdGetBool (PcdSevEsIsEnabled)) {
+ if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
//
// SEV-ES Wakeup buffer should be under 0x88000 and under any previous one
//
@@ -124,7 +124,7 @@ GetWakeupBuffer (
ASSERT_EFI_ERROR (Status);
if (EFI_ERROR (Status)) {
StartAddress = (EFI_PHYSICAL_ADDRESS) -1;
- } else if (PcdGetBool (PcdSevEsIsEnabled)) {
+ } else if (ConfidentialComputingGuestHas (CCAttrAmdSevEs)) {
//
// Next SEV-ES wakeup buffer allocation must be below this allocation
//
diff --git a/UefiCpuPkg/Library/MpInitLib/MpLib.c
b/UefiCpuPkg/Library/MpInitLib/MpLib.c
index 890945bc5994..9109607c87a9 100644
--- a/UefiCpuPkg/Library/MpInitLib/MpLib.c
+++ b/UefiCpuPkg/Library/MpI