OvmfPkg/AmdSev: Expose the Sev Secret area using a configuration table

Now that the secret area is protected by a boot time HOB, extract its
location details into a configuration table referenced by
gSevLaunchSecretGuid so the boot loader or OS can locate it before a
call to ExitBootServices().

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077
Signed-off-by: James Bottomley <jejb@linux.ibm.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20201130202819.3910-7-jejb@linux.ibm.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
[lersek@redhat.com: fix indentation of InstallConfigurationTable() args]

1 files changed, 28 insertions, 0 deletions

diff --git a/OvmfPkg/Include/Guid/SevLaunchSecret.h b/OvmfPkg/Include/Guid/SevLaunchSecret.h
new file mode 100644
index 0000000000..fa5f3830bc
--- /dev/null
+++ b/OvmfPkg/Include/Guid/SevLaunchSecret.h
@@ -0,0 +1,28 @@
+ /** @file

+   UEFI Configuration Table for exposing the SEV Launch Secret location to UEFI

+   applications (boot loaders).

+

+   Copyright (C) 2020 James Bottomley, IBM Corporation.

+   SPDX-License-Identifier: BSD-2-Clause-Patent

+ **/

+

+#ifndef SEV_LAUNCH_SECRET_H_

+#define SEV_LAUNCH_SECRET_H_

+

+#include <Uefi/UefiBaseType.h>

+

+#define SEV_LAUNCH_SECRET_GUID                          \

+  { 0xadf956ad,                                         \

+    0xe98c,                                             \

+    0x484c,                                             \

+    { 0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47 }, \

+  }

+

+typedef struct {

+  UINT32 Base;

+  UINT32 Size;

+} SEV_LAUNCH_SECRET_LOCATION;

+

+extern EFI_GUID gSevLaunchSecretGuid;

+

+#endif // SEV_LAUNCH_SECRET_H_