[edk2-devel] [PATCH V6 1/1] OvmfPkg: Enable TDX in ResetVector
Min Xu
min.m.xu at intel.com
Tue Sep 21 09:04:10 UTC 2021
On September 21, 2021 1:16 PM, Gerd Hoffmann wrote:
> > +
> gUefiCpuPkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64
> > + |0
> > + x60000017
>
> > +typedef enum {
> > + /* The guest is running with memory encryption disabled. */
> > + CCAttrNotEncrypted = 0,
> > +
> > + /* The guest is running with AMD SEV memory encryption enabled. */
> > + CCAttrAmdSev = 0x100,
> > + CCAttrAmdSevEs = 0x101,
> > + CCAttrAmdSevSnp = 0x102,
> > +
> > + /* The guest is running with Intel TDX memory encryption enabled. */
> > + CCAttrIntelTdx = 0x200,
> > +} CONFIDENTIAL_COMPUTING_GUEST_ATTR;
>
> > ConfidentialComputingGuestAttr is a 64-bit PCD, the byte[1] indicates the
> Guest type, byte[0] seems the sub type of the guest.
> >
> > And in the current definition of
> CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER:
> > typedef struct _CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER {
> > UINT8 GuestType;
> > UINT8 Reserved1[3];
> > } CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER;
> > Byte[0] is the Guest type.
> >
> > I am not sure what you mean:
> > > we should use the same approach (and the same enum) we are planing
> > > to use for the ConfidentialComputing PCD (see discussion in the other
> patch series).
> >
> > Shall we update CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER so that
> byte[0] is sub type, and byte[1] indicates the Guest type?
>
> The idea is to make GuestType larger (UINT16 is probably enough), then use
> the CONFIDENTIAL_COMPUTING_GUEST_ATTR enum for GuestType too, so we
> don't have two different confidential computing guest type enumeration
> systems in edk2.
>
> So, yes, effectively that would make byte[1] the type (sev/tdx/none) and
> byte[0] the sub-type thanks to little endian byte ordering.
>
I see. But such change may impact the existing SEV code in SecMain.c. Maybe there are more existing codes impacted.
I will not change the definition of CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER this time. Maybe in the future this change is needed.
>
Thanks!
Min
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80926): https://edk2.groups.io/g/devel/message/80926
Mute This Topic: https://groups.io/mt/85597386/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list