summaryrefslogtreecommitdiffstats
path: root/IntelFspPkg/FspDxeIpl
diff options
context:
space:
mode:
authorBrijesh Singh <brijesh.singh@amd.com>2017-07-06 09:21:11 -0400
committerJordan Justen <jordan.l.justen@intel.com>2017-07-10 21:17:27 -0700
commite60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa (patch)
treebcff1b5a67821af75426bff0a811670752e4dd6f /IntelFspPkg/FspDxeIpl
parent9750503a116be3c246b249b1e7d7d9c51aae2a03 (diff)
downloadedk2-e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa.tar.gz
edk2-e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa.tar.bz2
edk2-e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa.zip
OvmfPkg/ResetVector: Set C-bit when building initial page table
SEV guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. The C-bit in PTE indicate whether the page is private or shared. The C-bit position for the PTE can be obtained from CPUID Fn8000_001F[EBX]. When SEV is active, the BIOS is encrypted by the Qemu launch sequence, we must set the C-bit when building the page table. Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Tom Lendacky <Thomas.Lendacky@amd.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Diffstat (limited to 'IntelFspPkg/FspDxeIpl')
0 files changed, 0 insertions, 0 deletions