Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

On September 21, 2021 1:16 PM, Gerd Hoffmann wrote: > > + > gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64 > > + |0 > > + x6017 > > > +typedef enum { > > + /* The guest is running with memory encryption disabled. */ > > + CCAttrNotEncrypted = 0, > > + > > + /* The

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

> + gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0 > + x6017 > +typedef enum { > + /* The guest is running with memory encryption disabled. */ > + CCAttrNotEncrypted = 0, > + > + /* The guest is running with AMD SEV memory encryption enabled. */ > + CCAttrAmdSev

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

On 9/18/21 10:14 PM, Xu, Min M wrote: Hi, Brijesh On September 18, 2021 7:30 PM, Brijesh Singh wrote: Hi Min, On 9/18/21 12:16 AM, Xu, Min M wrote: Hi, Brijesh On September 17, 2021 11:52 PM, Brijesh Singh wrote: Hi Min, On 9/17/21 7:55 AM, Xu, Min M wrote: ... As I mentioned in my

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

On September 16, 2021 3:55 PM, Gerd Hoffman wrote: > > > typedef struct _CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER { > >UINT8 GuestType; > > - UINT8 Reserved1[3]; > > + UINT8 SubType; > > + UINT8 Reserved1[2]; > > }

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

On Sat, 2021-09-18 at 06:30 -0500, Brijesh Singh wrote: > On 9/18/21 12:16 AM, Xu, Min M wrote: [...] > > I usually do the development in windows and build the OVMF image > > with VS2019. > > If the new feature works, then I cherry-pick the patch-sets to code > > base in ubuntu 18.04 and

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

Hi Min, On 9/18/21 12:16 AM, Xu, Min M wrote: > Hi, Brijesh > > On September 17, 2021 11:52 PM, Brijesh Singh wrote: >> Hi Min, >> >> On 9/17/21 7:55 AM, Xu, Min M wrote: >> ... >> >>> As I mentioned in my last mail, in the beginning I missed the limitation of >> smsw. >>> So I update the code

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

Hi Min, On 9/17/21 7:55 AM, Xu, Min M wrote: ... As I mentioned in my last mail, in the beginning I missed the limitation of smsw. So I update the code (ResetVectorVtf0.asm) as below using mov CRx. <1> BITS 16 176 0800 0F20C0

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

On September 15, 2021 3:53 AM, Brijesh Singh wrote: > > Hi Vishal, > > On 9/14/21 2:00 PM, Vishal Annapurve wrote: > > Hi Min, Brijesh, > > > > Regarding: > >> diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > >> b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > >> ... > >> +%ifdef

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

> typedef struct _CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER { >UINT8 GuestType; > - UINT8 Reserved1[3]; > + UINT8 SubType; > + UINT8 Reserved1[2]; > } CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER; I think we should use the

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

groups.io > Sent: Wednesday, September 15, 2021 3:53 AM > To: Vishal Annapurve ; devel@edk2.groups.io; Xu, > Min M > Cc: brijesh.si...@amd.com; Ard Biesheuvel ; > Justen, Jordan L ; Gerd Hoffmann > ; Erdem Aktas ; James > Bottomley ; Yao, Jiewen ; Tom > Lendacky > Subject: Re:

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

On September 14, 2021 7:25 PM, Brijesh Singh wrote: > > Hi Min, > > A quick question below. > > On 9/14/21 3:50 AM, Min Xu wrote: > > RFC： > > > > 1. Definition of BFV & CFV > > Tdx Virtual Firmware (TDVF) includes one Firmware Volume (FV) known as > > the Boot Firmware Volume (BFV). The FV

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

Hi Min, Brijesh, Regarding: > diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm > ... > +%ifdef ARCH_IA32 > nop > nop > jmp EarlyBspInitReal16 > >+%else >+ >+smswax We are having intermittent VM crashes with running

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

Hi Vishal, On 9/14/21 2:00 PM, Vishal Annapurve wrote: Hi Min, Brijesh, Regarding: diff --git a/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm b/OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm ... +%ifdef ARCH_IA32      nop      nop      jmp     EarlyBspInitReal16 +%else + +smsw    ax We

Re: [edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

Hi Min, A quick question below. On 9/14/21 3:50 AM, Min Xu wrote: > RFC： >

[edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector

RFC： https://bugzilla.tianocore.org/show_bug.cgi?id=3429 Intel's Trust Domain Extensions (Intel TDX) refers to an Intel technology that extends Virtual Machines Extensions (VMX) and Multi-Key Total Memory Encryption (MKTME) with a new kind of virutal machines guest called a Trust Domain (TD). A