MdeModulePkg: Add PcdTdxSharedBitMask

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Guest Physical Address (GPA) space in Td guest is divided into private
and shared sub-spaces, determined by the SHARED bit of GPA. This PCD
holds the shared bit mask. Its default value is 0 and it will be set
in PlatformPei driver if it is of Td guest.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
This commit is contained in:
Min Xu 2021-12-08 20:54:26 +08:00 committed by mergify[bot]
parent bec9104201
commit fd306d1dbc
9 changed files with 26 additions and 0 deletions

View File

@ -2083,6 +2083,10 @@
# @Prompt Enable PCIe Resizable BAR Capability support. # @Prompt Enable PCIe Resizable BAR Capability support.
gEfiMdeModulePkgTokenSpaceGuid.PcdPcieResizableBarSupport|FALSE|BOOLEAN|0x10000024 gEfiMdeModulePkgTokenSpaceGuid.PcdPcieResizableBarSupport|FALSE|BOOLEAN|0x10000024
## This PCD holds the shared bit mask for page table entries when Tdx is enabled.
# @Prompt The shared bit mask when Intel Tdx is enabled.
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0|UINT64|0x10000025
[PcdsPatchableInModule] [PcdsPatchableInModule]
## Specify memory size with page number for PEI code when ## Specify memory size with page number for PEI code when
# Loading Module at Fixed Address feature is enabled. # Loading Module at Fixed Address feature is enabled.

View File

@ -558,6 +558,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
# Set SEV-ES defaults # Set SEV-ES defaults
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0

View File

@ -550,6 +550,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
# MdeModulePkg resolution sets up the system display resolution # MdeModulePkg resolution sets up the system display resolution

View File

@ -603,6 +603,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
# Set SEV-ES defaults # Set SEV-ES defaults
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0

View File

@ -592,6 +592,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
# Set SEV-ES defaults # Set SEV-ES defaults
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0

View File

@ -618,6 +618,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
# Set SEV-ES defaults # Set SEV-ES defaults
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0

View File

@ -631,6 +631,7 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
# Set SEV-ES defaults # Set SEV-ES defaults
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0

View File

@ -642,6 +642,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
# Set SEV-ES defaults # Set SEV-ES defaults
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbBase|0
gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0 gEfiMdeModulePkgTokenSpaceGuid.PcdGhcbSize|0

View File

@ -495,6 +495,9 @@
# Set memory encryption mask # Set memory encryption mask
gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0
# Set Tdx shared bit mask
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask|0x0
gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00
################################################################################ ################################################################################