[edk2-devel] [PATCH v4 30/40] OvmfPkg: Reserve a page in memory for the SEV-ES usage

Laszlo Ersek lersek at redhat.com
Thu Feb 6 08:43:47 UTC 2020 

On 02/05/20 00:01, Lendacky, Thomas wrote:
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198
> 
> Reserve a fixed area of memory for SEV-ES use and set a fixed PCD,
> PcdSevEsWorkAreaBase, to this value.
> 
> This area will be used by SEV-ES support for two purposes:
>   1. Communicating the SEV-ES status during BSP boot to SEC:
>      Using a byte of memory from the page, the BSP reset vector code can
>      communicate the SEV-ES status to SEC for use before exception
>      handling can be enabled in SEC. After SEC, this field is no longer
>      valid and the standard way of determine if SEV-ES is active should
>      be used.
> 
>   2. Establishing an area of memory for AP boot support:
>      A hypervisor is not allowed to update an SEV-ES guest's register
>      state, so when booting an SEV-ES guest AP, the hypervisor is not
>      allowed to set the RIP to the guest requested value. Instead an
>      SEV-ES AP must be re-directed from within the guest to the actual
>      requested staring location as specified in the INIT-SIPI-SIPI
>      sequence.
> 
>      Use this memory for reset vector code that can be programmed to have
>      the AP jump to the desired RIP location after starting the AP. This
>      is required for only the very first AP reset.
> 
> Cc: Jordan Justen <jordan.l.justen at intel.com>
> Cc: Laszlo Ersek <lersek at redhat.com>
> Cc: Ard Biesheuvel <ard.biesheuvel at linaro.org>
> Signed-off-by: Tom Lendacky <thomas.lendacky at amd.com>
> ---
>  OvmfPkg/OvmfPkgX64.fdf | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
> index f541481dc95c..3504aa35dc37 100644
> --- a/OvmfPkg/OvmfPkgX64.fdf
> +++ b/OvmfPkg/OvmfPkgX64.fdf
> @@ -82,6 +82,9 @@ [FD.MEMFD]
>  0x009000|0x002000
>  gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbBase|gUefiCpuPkgTokenSpaceGuid.PcdSecGhcbSize
>  
> +0x00B000|0x001000
> +gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize
> +
>  0x010000|0x010000
>  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
>  
> 

Reviewed-by: Laszlo Ersek <lersek at redhat.com>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#53847): https://edk2.groups.io/g/devel/message/53847
Mute This Topic: https://groups.io/mt/70984999/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list