[edk2-devel] [PATCH v15 34/46] OvmfPkg: Reserve a page in memory for the SEV-ES usage

Lendacky, Thomas thomas.lendacky at amd.com
Thu Aug 13 13:23:21 UTC 2020 

From: Tom Lendacky <thomas.lendacky at amd.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198

Reserve a fixed area of memory for SEV-ES use and set a fixed PCD,
PcdSevEsWorkAreaBase, to this value.

This area will be used by SEV-ES support for two purposes:
  1. Communicating the SEV-ES status during BSP boot to SEC:
     Using a byte of memory from the page, the BSP reset vector code can
     communicate the SEV-ES status to SEC for use before exception
     handling can be enabled in SEC. After SEC, this field is no longer
     valid and the standard way of determine if SEV-ES is active should
     be used.

  2. Establishing an area of memory for AP boot support:
     A hypervisor is not allowed to update an SEV-ES guest's register
     state, so when booting an SEV-ES guest AP, the hypervisor is not
     allowed to set the RIP to the guest requested value. Instead an
     SEV-ES AP must be re-directed from within the guest to the actual
     requested staring location as specified in the INIT-SIPI-SIPI
     sequence.

     Use this memory for reset vector code that can be programmed to have
     the AP jump to the desired RIP location after starting the AP. This
     is required for only the very first AP reset.

Cc: Jordan Justen <jordan.l.justen at intel.com>
Cc: Laszlo Ersek <lersek at redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel at arm.com>
Reviewed-by: Laszlo Ersek <lersek at redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky at amd.com>
---
 OvmfPkg/OvmfPkgX64.fdf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index edb03b5464d4..8da59037e5f0 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -82,6 +82,9 @@ [FD.MEMFD]
 0x009000|0x002000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
 
+0x00B000|0x001000
+gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
+
 0x010000|0x010000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
 
-- 
2.28.0


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#64210): https://edk2.groups.io/g/devel/message/64210
Mute This Topic: https://groups.io/mt/76167039/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list