For the SBSA Qemu bit Reviewed-by: Graeme Gregory <graeme@...>

I found two locations: Silicon\Intel\CoffeelakeSiliconPkg\Cpu\Library\PeiCpuPolicyLib\PeiCpuPolicyLib.c Silicon\Intel\IntelSiliconPkg\Feature\Flash\SpiFvbService\SpiFvbServiceMm.c

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3469 The Self Certification Test (SCT) II Case Specification, 2017 requires in 5.2.1.4.5. that QueryVariableInfo() shall fail for attributes

Universal Payload will consume Hobs from boot loader. Dump all hobs in the Universal Payload entry. Cc: Maurice Ma <maurice.ma@...> Cc: Guo Dong <guo.dong@...> Cc: Benjamin You

Hi Liming, I got my patch ready. Should I test it by creating PR on Github like https://github.com/tianocore/edk2/pull/1735? Or I just send out new patch for review? Thanks, Nickle

Hi, Please ignore this patchset, I was trying to create one patchset with patches from edk2 and edk2-platfrom, but it didn't work too well. Please let me send a new version of patches

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 Now that both the secrets and cpuid pages are reserved in the HOB, extract the location details through fixed PCD and make it available to the

When SEV-SNP is active, the CPUID and Secrets memory range contains the information that is used during the VM boot. The content need to be persist across the kexec boot. Mark the memory range as

From: Tom Lendacky <thomas.lendacky@...> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 Use the SEV-SNP AP Creation NAE event to create and launch APs under SEV-SNP. This capability

The SetMemoryEncDec() is used by the higher level routines to set or clear the page encryption mask for system RAM and Mmio address. When SEV-SNP is active, in addition to set/clear page mask it also

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 The MemEncryptSev{Set,Clear}PageEncMask() functions are used to set or clear the memory encryption attribute in the page table. When SEV-SNP is

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 An SEV-SNP guest requires that the physical address of the GHCB must be registered with the hypervisor before using it. See the

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 Now that OvmfPkg supports version 2 of the GHCB specification, bump the protocol version. Cc: Rahul Kumar <rahul1.kumar@...> Cc: James

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 Version 2 of the GHCB specification added the support to query the hypervisor feature bitmap. The feature bitmap provide information such as

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 The MpInitLib uses the PcdSevSnpIsEnabled to determine whether the SEV-SNP is active. If the SEV-SNP is active, then set the PCD to TRUE. Cc:

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 When SEV-SNP is active, a memory region mapped encrypted in the page table must be validated before access. There are two approaches that can

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 The VMM launch sequence should have pre-validated all the data pages used in the Reset vector. The range does not cover the data pages used

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 The initial page built during the SEC phase is used by the MemEncryptSevSnpValidateSystemRam() for the system RAM validation. The page

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 The MemEncryptSevSnpPreValidateSystemRam() is used for pre-validating the system RAM. As the boot progress, each phase validates a fixed region

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275 Many of the integrity guarantees of SEV-SNP are enforced through the Reverse Map Table (RMP). Each RMP entry contains the GPA at which