OvmfPkg: Reserve and init EmuVariableNvStore in Pei-less Startup

EmuVariableNvStore is reserved and init with below 2 functions defined in
PlatformInitLib:
 - PlatformReserveEmuVariableNvStore
 - PlatformInitEmuVariableNvStore

PlatformInitEmuVariableNvStore works when secure boot feature is enabled.
This is because secure boot needs the EFI variables (PK/KEK/DB/DBX, etc)
and EmuVariableNvStore is cleared when OVMF is launched with -bios
parameter.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

1 files changed, 7 insertions, 0 deletions

diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
index 7502ec4466..380e715972 100644
--- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
+++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
@@ -42,6 +42,7 @@ InitializePlatform (
   )

 {

   UINT32  LowerMemorySize;

+  VOID    *VariableStore;

 

   DEBUG ((DEBUG_INFO, "InitializePlatform in Pei-less boot\n"));

   PlatformDebugDumpCmos ();

@@ -79,6 +80,12 @@ InitializePlatform (
     LowerMemorySize

     ));

 

+  VariableStore                                  = PlatformReserveEmuVariableNvStore ();

+  PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore;

+ #ifdef SECURE_BOOT_FEATURE_ENABLED

+  PlatformInitEmuVariableNvStore (VariableStore);

+ #endif

+

   if (TdIsEnabled ()) {

     PlatformTdxPublishRamRegions ();

   } else {