[edk2-devel] [PATCH v4 3/4] OvmfPkg: Initialize the PcdSevSnpSecretsAddress PCD during PEI phase
Roth, Michael via groups.io
Michael.Roth=amd.com at groups.io
Wed Dec 21 15:50:46 UTC 2022
This needs to be set so that UefiCpuPkg can locate the SEV-SNP secrets
page later to set the AP Jump Table address.
Reviewed-by: Tom Lendacky <thomas.lendacky at amd.com>
Signed-off-by: Michael Roth <michael.roth at amd.com>
---
OvmfPkg/AmdSev/AmdSevX64.dsc | 3 +++
OvmfPkg/CloudHv/CloudHvX64.dsc | 3 +++
OvmfPkg/IntelTdx/IntelTdxX64.dsc | 3 +++
OvmfPkg/Microvm/MicrovmX64.dsc | 3 +++
OvmfPkg/OvmfPkgIa32.dsc | 3 +++
OvmfPkg/OvmfPkgIa32X64.dsc | 3 +++
OvmfPkg/OvmfPkgX64.dsc | 3 +++
OvmfPkg/PlatformPei/AmdSev.c | 5 +++++
OvmfPkg/PlatformPei/PlatformPei.inf | 1 +
9 files changed, 27 insertions(+)
diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
index bb91e8c734..6c3b78d424 100644
--- a/OvmfPkg/AmdSev/AmdSevX64.dsc
+++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
@@ -528,6 +528,9 @@
# Set ConfidentialComputing defaults
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
!include OvmfPkg/Include/Dsc/OvmfTpmPcds.dsc.inc
gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc
index 4d7107fd19..2cc73981b2 100644
--- a/OvmfPkg/CloudHv/CloudHvX64.dsc
+++ b/OvmfPkg/CloudHv/CloudHvX64.dsc
@@ -640,6 +640,9 @@
# Set ConfidentialComputing defaults
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
[PcdsDynamicHii]
!include OvmfPkg/Include/Dsc/OvmfTpmPcdsHii.dsc.inc
diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
index ea538fd783..b264eb9fc3 100644
--- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc
+++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc
@@ -527,6 +527,9 @@
gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
################################################################################
#
# Components Section - list of all EDK II Modules needed by this Platform.
diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc
index 285ba50671..b2eaa11a85 100644
--- a/OvmfPkg/Microvm/MicrovmX64.dsc
+++ b/OvmfPkg/Microvm/MicrovmX64.dsc
@@ -644,6 +644,9 @@
# Set ConfidentialComputing defaults
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
################################################################################
#
# Components Section - list of all EDK II Modules needed by this Platform.
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index dcf46d207d..2e04a3f8b1 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -666,6 +666,9 @@
# Set ConfidentialComputing defaults
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
!if $(CSM_ENABLE) == FALSE
gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000
!endif
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index d0746cb72b..4ebf2aff34 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -675,6 +675,9 @@
# Set ConfidentialComputing defaults
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
!if $(CSM_ENABLE) == FALSE
gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000
!endif
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 2caa4d2ecc..6f8f368977 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -703,6 +703,9 @@
# Set ConfidentialComputing defaults
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr|0
+ # Set SEV-SNP Secrets page address default
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress|0
+
!if $(CSM_ENABLE) == FALSE
gEfiMdePkgTokenSpaceGuid.PcdFSBClock|1000000000
!endif
diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index e4e7b72e67..fa88c9ebd8 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -422,6 +422,11 @@ AmdSevInitialize (
//
if (MemEncryptSevSnpIsEnabled ()) {
PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevSnp);
+ ASSERT_RETURN_ERROR (PcdStatus);
+ PcdStatus = PcdSet64S (
+ PcdSevSnpSecretsAddress,
+ (UINT64)(UINTN)PcdGet32 (PcdOvmfSnpSecretsBase)
+ );
} else if (MemEncryptSevEsIsEnabled ()) {
PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevEs);
} else {
diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/PlatformPei.inf
index 1fadadeb55..851af81248 100644
--- a/OvmfPkg/PlatformPei/PlatformPei.inf
+++ b/OvmfPkg/PlatformPei/PlatformPei.inf
@@ -115,6 +115,7 @@
gEfiMdePkgTokenSpaceGuid.PcdConfidentialComputingGuestAttr
gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures
gEfiMdeModulePkgTokenSpaceGuid.PcdTdxSharedBitMask
+ gEfiMdePkgTokenSpaceGuid.PcdSevSnpSecretsAddress
[FixedPcd]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#97699): https://edk2.groups.io/g/devel/message/97699
Mute This Topic: https://groups.io/mt/95815537/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list