diff options
author | Brijesh Singh <brijesh.singh@amd.com> | 2018-07-06 10:00:42 -0500 |
---|---|---|
committer | Laszlo Ersek <lersek@redhat.com> | 2018-07-06 20:08:24 +0200 |
commit | 75b7aa9528bdd05a7ecf4e64a6beb478d31b402c (patch) | |
tree | 8e2bd3ffe30fe6032b86c9d20d8ef74cbc4681a9 /OvmfPkg | |
parent | 3b3d016b7b867d7e4782af9a6b54e110d155a1b3 (diff) | |
download | edk2-75b7aa9528bdd05a7ecf4e64a6beb478d31b402c.tar.gz edk2-75b7aa9528bdd05a7ecf4e64a6beb478d31b402c.tar.bz2 edk2-75b7aa9528bdd05a7ecf4e64a6beb478d31b402c.zip |
OvmfPkg/QemuFlashFvbServicesRuntimeDxe: Restore C-bit when SEV is active
AmdSevDxe maps the flash memory range with C=0, but
SetMemorySpaceAttributes() unconditionally resets the C-bit to '1'. Lets
restore the mapping back to C=0.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien.grall@linaro.org>
Cc: Justen Jordan L <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Diffstat (limited to 'OvmfPkg')
-rw-r--r-- | OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf | 1 | ||||
-rw-r--r-- | OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c | 17 |
2 files changed, 18 insertions, 0 deletions
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf index d7b4ec06c4..86b244a009 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf @@ -53,6 +53,7 @@ DebugLib
DevicePathLib
DxeServicesTableLib
+ MemEncryptSevLib
MemoryAllocationLib
PcdLib
UefiBootServicesTableLib
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c index 37deece363..1fbe1342a5 100644 --- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c +++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c @@ -18,6 +18,7 @@ #include <Library/DebugLib.h>
#include <Library/DevicePathLib.h>
#include <Library/DxeServicesTableLib.h>
+#include <Library/MemEncryptSevLib.h>
#include <Library/PcdLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeLib.h>
@@ -203,5 +204,21 @@ MarkIoMemoryRangeForRuntimeAccess ( );
ASSERT_EFI_ERROR (Status);
+ //
+ // When SEV is active, AmdSevDxe mapped the BaseAddress with C=0 but
+ // SetMemorySpaceAttributes() remaps the range with C=1. Let's restore
+ // the mapping so that both guest and hyervisor can access the flash
+ // memory range.
+ //
+ if (MemEncryptSevIsEnabled ()) {
+ Status = MemEncryptSevClearPageEncMask (
+ 0,
+ BaseAddress,
+ EFI_SIZE_TO_PAGES (Length),
+ FALSE
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
+
return Status;
}
|