diff options
author | Brijesh Singh <brijesh.singh@amd.com> | 2017-07-06 09:26:45 -0400 |
---|---|---|
committer | Jordan Justen <jordan.l.justen@intel.com> | 2017-07-10 21:17:27 -0700 |
commit | 24e4ad75546b3c1f334aab7057f6c10309807d8d (patch) | |
tree | 75307e8ef3cd8bc27ec16f32d5ad7da9197b05cc /OvmfPkg/AmdSevDxe/AmdSevDxe.inf | |
parent | 13b5d743c87a22dfcd94e8475d943dee5712b62d (diff) | |
download | edk2-24e4ad75546b3c1f334aab7057f6c10309807d8d.tar.gz edk2-24e4ad75546b3c1f334aab7057f6c10309807d8d.tar.bz2 edk2-24e4ad75546b3c1f334aab7057f6c10309807d8d.zip |
OvmfPkg: Add AmdSevDxe driver
When SEV is enabled, the MMIO memory range must be mapped as unencrypted
(i.e C-bit cleared).
We need to clear the C-bit for MMIO GCD entries in order to cover the
ranges that were added during the PEI phase (through memory resource
descriptor HOBs). Additionally, the NonExistent ranges are processed
in order to cover, in advance, MMIO ranges added later in the DXE phase
by various device drivers, via the appropriate DXE memory space services.
The approach is not transparent for later addition of system memory ranges
to the GCD memory space map. (Such ranges should be encrypted.) OVMF does
not do such a thing at the moment, so this approach should be OK.
The driver is being added to the APRIORI DXE file so that, we clear the
C-bit from MMIO regions before any driver accesses it.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Leo Duran <leo.duran@amd.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Suggested-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Jordan Justen <jordan.l.justen@intel.com>
Diffstat (limited to 'OvmfPkg/AmdSevDxe/AmdSevDxe.inf')
-rw-r--r-- | OvmfPkg/AmdSevDxe/AmdSevDxe.inf | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/OvmfPkg/AmdSevDxe/AmdSevDxe.inf b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf new file mode 100644 index 0000000000..41635a57a4 --- /dev/null +++ b/OvmfPkg/AmdSevDxe/AmdSevDxe.inf @@ -0,0 +1,43 @@ +#/** @file
+#
+# Driver clears the encryption attribute from MMIO regions when SEV is enabled
+#
+# Copyright (c) 2017, AMD Inc. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD
+# License which accompanies this distribution. The full text of the license may
+# be found at http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#**/
+
+[Defines]
+ INF_VERSION = 1.25
+ BASE_NAME = AmdSevDxe
+ FILE_GUID = 2ec9da37-ee35-4de9-86c5-6d9a81dc38a7
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = AmdSevDxeEntryPoint
+
+[Sources]
+ AmdSevDxe.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ OvmfPkg/OvmfPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ UefiLib
+ UefiDriverEntryPoint
+ UefiBootServicesTableLib
+ DxeServicesTableLib
+ DebugLib
+ MemEncryptSevLib
+
+[Depex]
+ TRUE
|