Hi, Hmm, tdx must handle this too. So maybe we should drop the "Snp" from the name here ... ... and store the range which needs validation in another, not snp-specific block? Jiewen? Min? take

Is the format of the page documented somewhere? Is this snp-specific? Or could this also be used without snp? thanks, Gerd

Agree. In the current patch a page (defined by PcdOvmfSecGhcbPageTableBase) reserved in MEMFD is used as the 5-level page directory. Now One new page will be reserved in MEMFD to hold the level 5 page

Hi, Well, the page table setup should be in common code not tdx code as 5-level paging isn't something tdx-specific. I'd suggest to add this to OvmfPkg/ResetVector/Ia32/PageTables64.asm. Reserve one

Thanks a lot! Thanks, Dun

I upload it again. Now, it has been merged. Thanks Liming

I apologize that you see this 3 times now. I thought something went wrong with the smtp delivery since the messages didn't appear as fast as expected, but obviously that wasn't the case and now it

Hi Liming, I have seen the link to push my commits to master of edk2. The result shows that the Ci test failed in ArmPlatformPkg. But I think my commits will not affect the ArmPlatformPkg. Here is

My understanding is that we should first add 5-level paging support in OVMF, right? I am planning to add 5-level paging in OvmfPkgX64.dsc. Any comments?

Use the newly added function to disable the TPM2 platform hierarchy. Signed-off-by: Stefan Berger <stefanb@...> --- ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c | 6 ++++++

Add a NULL implementation of the library class TpmPlatformHierarchyLib Signed-off-by: Stefan Berger <stefanb@...> --- .../PeiDxeTpmPlatformHierarchyLib.c | 19 ++++++++++++

Compile the added TPM related code now. Signed-off-by: Stefan Berger <stefanb@...> --- OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++ OvmfPkg/Bhyve/BhyveX64.dsc

Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms. Signed-off-by: Stefan Berger <stefanb@...> --- .../Include/Library/TpmPlatformHierarchyLib.h | 27 ++

Signed-off-by: Stefan Berger <stefanb@...> --- ArmVirtPkg/ArmVirtCloudHv.dsc | 1 + ArmVirtPkg/ArmVirtQemu.dsc | 3 +++

Use the newly added function to disable the TPM2 platform hierarchy. Signed-off-by: Stefan Berger <stefanb@...> --- OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c | 6 ++++++

This series imports code from the edk2-platforms project related to disabling the TPM2 platform hierarchy in Ovmf and ArmVirtPkg. It addresses the Ovmf aspects of the following

Fix some bugs in the original PeiDxeTpmPlatformHierarchyLib.c. Signed-off-by: Stefan Berger <stefanb@...> --- .../PeiDxeTpmPlatformHierarchyLib.c | 23 +++++-------------- 1 file

Introduce the new PCD gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy. Signed-off-by: Stefan Berger <stefanb@...> --- .../PeiDxeTpmPlatformHierarchyLib.inf

Use the newly added function to disable the TPM2 platform hierarchy. Signed-off-by: Stefan Berger <stefanb@...> --- ArmVirtPkg/Library/PlatformBootManagerLib/PlatformBm.c | 6 ++++++

Signed-off-by: Stefan Berger <stefanb@...> --- ArmVirtPkg/ArmVirtCloudHv.dsc | 1 + ArmVirtPkg/ArmVirtQemu.dsc | 3 +++