MdePkg: Define ConfidentialComputingGuestAttr

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

While initializing APs, the MpInitLib may need to know whether the
guest is running with active AMD SEV or Intel TDX memory encryption.

Add a new ConfidentialComputingGuestAttr PCD that can be used to query
the memory encryption attribute.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Ray Ni <ray.ni@intel.com>
Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>

diff --git a/MdePkg/Include/ConfidentialComputingGuestAttr.h b/MdePkg/Include/ConfidentialComputingGuestAttr.h
new file mode 100644 (file)
index 0000000..6a13018
--- /dev/null
+++ b/MdePkg/Include/ConfidentialComputingGuestAttr.h
@@ -0,0 +1,25 @@
+/** @file\r
+Definitions for Confidential Computing Attribute\r
+\r
+Copyright (c) 2021 AMD Inc. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
+\r
+**/\r
+\r
+#ifndef CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_\r
+#define CONFIDENTIAL_COMPUTING_GUEST_ATTR_H_\r
+\r
+typedef enum {\r
+  /* The guest is running with memory encryption disabled. */\r
+  CCAttrNotEncrypted = 0,\r
+\r
+  /* The guest is running with AMD SEV memory encryption enabled. */\r
+  CCAttrAmdSev    = 0x100,\r
+  CCAttrAmdSevEs  = 0x101,\r
+  CCAttrAmdSevSnp = 0x102,\r
+\r
+  /* The guest is running with Intel TDX memory encryption enabled. */\r
+  CCAttrIntelTdx = 0x200,\r
+} CONFIDENTIAL_COMPUTING_GUEST_ATTR;\r
+\r
+#endif\r

diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec
index 8b18415b107a03b11dc984341bb788cf9cd6e0ea..cd903c35d2ff9edd0fc6c4b5294795e4a885e908 100644 (file)
--- a/MdePkg/MdePkg.dec
+++ b/MdePkg/MdePkg.dec
@@ -2396,5 +2396,9 @@
   # @Prompt FSB Clock.\r
   gEfiMdePkgTokenSpaceGuid.PcdFSBClock|200000000|UINT32|0x0000000c\r
 \r
+  ## This dynamic PCD indicates the memory encryption attribute of the guest.\r
+  # @Prompt Memory encryption attribute\r
+  gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0|UINT64|0x0000002e\r
+\r
 [UserExtensions.TianoCore."ExtraFiles"]\r
   MdePkgExtra.uni\r