diff options
| author | Tom Lendacky <thomas.lendacky@amd.com> | 2024-03-08 07:32:16 -0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-04-17 20:04:41 +0000 |
| commit | 5a67a2efa7f0542f5afc7eb70f75bc8f6a6c4d24 (patch) | |
| tree | cb89d8cf91ba776abf7373f3135e76404d59500f /OvmfPkg/ResetVector | |
| parent | f6bf37c1711c07709b0817a996c5b5a97f263bdd (diff) | |
| download | edk2-5a67a2efa7f0542f5afc7eb70f75bc8f6a6c4d24.tar.gz edk2-5a67a2efa7f0542f5afc7eb70f75bc8f6a6c4d24.tar.bz2 edk2-5a67a2efa7f0542f5afc7eb70f75bc8f6a6c4d24.zip | |
OvmfPkg: Create a calling area used to communicate with the SVSM
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4654
An SVSM requires a calling area page whose address (CAA) is used by the
SVSM to communicate and process the SVSM request.
Add a pre-defined page area to the OvmfPkg and AmdSev packages and define
corresponding PCDs used to communicate the location and size of the area.
Keep the AmdSev package in sync with the OvmfPkg and adjust the AmdSev
launch and hash area memory locations.
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Diffstat (limited to 'OvmfPkg/ResetVector')
| -rw-r--r-- | OvmfPkg/ResetVector/ResetVector.inf | 2 | ||||
| -rw-r--r-- | OvmfPkg/ResetVector/ResetVector.nasmb | 6 | ||||
| -rw-r--r-- | OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm | 11 |
3 files changed, 16 insertions, 3 deletions
diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf index 65f71b05a0..7bd517e63a 100644 --- a/OvmfPkg/ResetVector/ResetVector.inf +++ b/OvmfPkg/ResetVector/ResetVector.inf @@ -62,6 +62,8 @@ gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableSize
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaBase
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecSvsmCaaSize
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize
gEfiMdeModulePkgTokenSpaceGuid.PcdUse5LevelPageTable
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb index 2bd80149e5..7279ac64b1 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -3,7 +3,7 @@ ; This file includes all other code files to assemble the reset vector code
;
; Copyright (c) 2008 - 2013, Intel Corporation. All rights reserved.<BR>
-; Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
+; Copyright (c) 2020 - 2024, Advanced Micro Devices, Inc. All rights reserved.<BR>
; SPDX-License-Identifier: BSD-2-Clause-Patent
;
;------------------------------------------------------------------------------
@@ -69,6 +69,8 @@ %define SEV_SNP_SECRETS_SIZE (FixedPcdGet32 (PcdOvmfSnpSecretsSize))
%define CPUID_BASE (FixedPcdGet32 (PcdOvmfCpuidBase))
%define CPUID_SIZE (FixedPcdGet32 (PcdOvmfCpuidSize))
+%define SVSM_CAA_BASE (FixedPcdGet32 (PcdOvmfSecSvsmCaaBase))
+%define SVSM_CAA_SIZE (FixedPcdGet32 (PcdOvmfSecSvsmCaaSize))
%if (FixedPcdGet32 (PcdSevLaunchSecretBase) > 0)
; There's a reserved page for SEV secrets and hashes; the VMM will fill and
; validate the page, or mark it as a zero page.
@@ -89,7 +91,7 @@ ;
%define SNP_SEC_MEM_BASE_DESC_2 (GHCB_BASE + 0x1000)
%define SNP_SEC_MEM_SIZE_DESC_2 (SEV_SNP_SECRETS_BASE - SNP_SEC_MEM_BASE_DESC_2)
-%define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE + CPUID_SIZE + SEV_SNP_KERNEL_HASHES_SIZE)
+%define SNP_SEC_MEM_BASE_DESC_3 (SVSM_CAA_BASE + SVSM_CAA_SIZE + SEV_SNP_KERNEL_HASHES_SIZE)
%define SNP_SEC_MEM_SIZE_DESC_3 (FixedPcdGet32 (PcdOvmfPeiMemFvBase) - SNP_SEC_MEM_BASE_DESC_3)
%ifdef ARCH_X64
diff --git a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm index 8aa77d8701..2511073a46 100644 --- a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm +++ b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm @@ -2,7 +2,7 @@ ; @file
; OVMF metadata for the AMD SEV confidential computing guests
;
-; Copyright (c) 2021, AMD Inc. All rights reserved.<BR>
+; Copyright (c) 2021 - 2024, AMD Inc. All rights reserved.<BR>
;
; SPDX-License-Identifier: BSD-2-Clause-Patent
;-----------------------------------------------------------------------------
@@ -26,6 +26,9 @@ BITS 64 ;
%define OVMF_SECTION_TYPE_CPUID 0x3
+; The SVSM Calling Area Address (CAA)
+%define OVMF_SECTION_TYPE_SVSM_CAA 0x4
+
; Kernel hashes section for measured direct boot
%define OVMF_SECTION_TYPE_KERNEL_HASHES 0x10
@@ -67,6 +70,12 @@ CpuidSec: DD CPUID_SIZE
DD OVMF_SECTION_TYPE_CPUID
+; SVSM CAA page
+SvsmCaa:
+ DD SVSM_CAA_BASE
+ DD SVSM_CAA_SIZE
+ DD OVMF_SECTION_TYPE_SVSM_CAA
+
%if (SEV_SNP_KERNEL_HASHES_BASE > 0)
; Kernel hashes for measured direct boot, or zero page if
; there are no kernel hashes / SEV secrets
|