diff options
author | Brijesh Singh <brijesh.singh@amd.com> | 2017-07-06 09:21:11 -0400 |
---|---|---|
committer | Jordan Justen <jordan.l.justen@intel.com> | 2017-07-10 21:17:27 -0700 |
commit | e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa (patch) | |
tree | bcff1b5a67821af75426bff0a811670752e4dd6f /IntelFspPkg | |
parent | 9750503a116be3c246b249b1e7d7d9c51aae2a03 (diff) | |
download | edk2-e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa.tar.gz edk2-e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa.tar.bz2 edk2-e60af8a1ebb15bfcbf2ecc4afb6cf35084c847aa.zip |
OvmfPkg/ResetVector: Set C-bit when building initial page table
SEV guest VMs have the concept of private and shared memory. Private
memory is encrypted with the guest-specific key, while shared memory
may be encrypted with hypervisor key. Certain types of memory (namely
instruction pages and guest page tables) are always treated as private
memory by the hardware. The C-bit in PTE indicate whether the page is
private or shared. The C-bit position for the PTE can be obtained from
CPUID Fn8000_001F[EBX].
When SEV is active, the BIOS is encrypted by the Qemu launch sequence,
we must set the C-bit when building the page table.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Tom Lendacky <Thomas.Lendacky@amd.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Diffstat (limited to 'IntelFspPkg')
0 files changed, 0 insertions, 0 deletions