diff options
| author | Tom Lendacky <thomas.lendacky@amd.com> | 2024-03-08 07:31:11 -0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-04-17 18:30:03 +0000 |
| commit | 2b330b57dbe8014c5fa9f10d4cf4ae5923e3b143 (patch) | |
| tree | cf8d1035e378162ffb69ee62672e6920b5662a07 /OvmfPkg/Include | |
| parent | f40c1f2a30fc58835cb28efc73c40d52c29363fd (diff) | |
| download | edk2-2b330b57dbe8014c5fa9f10d4cf4ae5923e3b143.tar.gz edk2-2b330b57dbe8014c5fa9f10d4cf4ae5923e3b143.tar.bz2 edk2-2b330b57dbe8014c5fa9f10d4cf4ae5923e3b143.zip | |
OvmfPkg/BaseMemEncryptSevLib: Re-organize page state change support
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
In preparation for running under an SVSM at VMPL1 or higher (higher
numerically, lower privilege), re-organize the way a page state change
is performed in order to free up the GHCB for use by the SVSM support.
Currently, the page state change logic directly uses the GHCB shared
buffer to build the page state change structures. However, this will be
in conflict with the use of the GHCB should an SVSM call be required.
Instead, use a separate buffer (an area in the workarea during SEC and
an allocated page during PEI/DXE) to hold the page state change request
and only update the GHCB shared buffer as needed.
Since the information is copied to, and operated on, in the GHCB shared
buffer this has the added benefit of not requiring to save the start and
end entries for use when validating the memory during the page state
change sequence.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Diffstat (limited to 'OvmfPkg/Include')
| -rw-r--r-- | OvmfPkg/Include/WorkArea.h | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/OvmfPkg/Include/WorkArea.h b/OvmfPkg/Include/WorkArea.h index b1c7045ce1..e3b415db2c 100644 --- a/OvmfPkg/Include/WorkArea.h +++ b/OvmfPkg/Include/WorkArea.h @@ -2,7 +2,7 @@ Work Area structure definition
- Copyright (c) 2021, AMD Inc.
+ Copyright (c) 2021 - 2024, AMD Inc.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -54,6 +54,13 @@ typedef struct _SEC_SEV_ES_WORK_AREA { // detection in OvmfPkg/ResetVector/Ia32/AmdSev.c
//
UINT8 ReceivedVc;
+ UINT8 Reserved[7];
+
+ // Used by SEC to generate Page State Change requests. This should be
+ // sized less than an equal to the GHCB shared buffer area to allow a
+ // single call to the hypervisor.
+ //
+ UINT8 WorkBuffer[1024];
} SEC_SEV_ES_WORK_AREA;
//
|