diff options
Diffstat (limited to 'OvmfPkg/ResetVector')
| -rw-r--r-- | OvmfPkg/ResetVector/ResetVector.inf | 1 | ||||
| -rw-r--r-- | OvmfPkg/ResetVector/ResetVector.nasmb | 13 | ||||
| -rw-r--r-- | OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm | 15 |
3 files changed, 29 insertions, 0 deletions
diff --git a/OvmfPkg/ResetVector/ResetVector.inf b/OvmfPkg/ResetVector/ResetVector.inf index 1c5d84184e..a4154ca90c 100644 --- a/OvmfPkg/ResetVector/ResetVector.inf +++ b/OvmfPkg/ResetVector/ResetVector.inf @@ -57,6 +57,7 @@ [FixedPcd]
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase
gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize
gUefiOvmfPkgTokenSpaceGuid.PcdQemuHashTableBase
diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb index fbaeab5f51..cc364748b5 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -107,6 +107,19 @@ %define SEV_SNP_SECRETS_SIZE (FixedPcdGet32 (PcdOvmfSnpSecretsSize))
%define CPUID_BASE (FixedPcdGet32 (PcdOvmfCpuidBase))
%define CPUID_SIZE (FixedPcdGet32 (PcdOvmfCpuidSize))
+ %define SNP_SEC_MEM_BASE_DESC_1 (FixedPcdGet32 (PcdOvmfSecPageTablesBase))
+ %define SNP_SEC_MEM_SIZE_DESC_1 (FixedPcdGet32 (PcdOvmfSecGhcbBase) - SNP_SEC_MEM_BASE_DESC_1)
+ ;
+ ; The PcdOvmfSecGhcbBase reserves two GHCB pages. The first page is used
+ ; as GHCB shared page and second is used for bookkeeping to support the
+ ; nested GHCB in SEC phase. The bookkeeping page is mapped private. The VMM
+ ; does not need to validate the shared page but it need to validate the
+ ; bookkeeping page.
+ ;
+ %define SNP_SEC_MEM_BASE_DESC_2 (GHCB_BASE + 0x1000)
+ %define SNP_SEC_MEM_SIZE_DESC_2 (SEV_SNP_SECRETS_BASE - SNP_SEC_MEM_BASE_DESC_2)
+ %define SNP_SEC_MEM_BASE_DESC_3 (CPUID_BASE + CPUID_SIZE)
+ %define SNP_SEC_MEM_SIZE_DESC_3 (FixedPcdGet32 (PcdOvmfPeiMemFvBase) - SNP_SEC_MEM_BASE_DESC_3)
%include "X64/IntelTdxMetadata.asm"
%include "Ia32/Flat32ToFlat64.asm"
diff --git a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm index 0cc12ad347..d03fc6d451 100644 --- a/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm +++ b/OvmfPkg/ResetVector/X64/OvmfSevMetadata.asm @@ -43,6 +43,16 @@ _DescriptorSev: DD OVMF_SEV_METADATA_VERSION ; Version
DD (OvmfSevGuidedStructureEnd - _DescriptorSev - 16) / 12 ; Number of sections
+; Region need to be pre-validated by the hypervisor
+PreValidate1:
+ DD SNP_SEC_MEM_BASE_DESC_1
+ DD SNP_SEC_MEM_SIZE_DESC_1
+ DD OVMF_SECTION_TYPE_SNP_SEC_MEM
+PreValidate2:
+ DD SNP_SEC_MEM_BASE_DESC_2
+ DD SNP_SEC_MEM_SIZE_DESC_2
+ DD OVMF_SECTION_TYPE_SNP_SEC_MEM
+
; SEV-SNP Secrets page
SevSnpSecrets:
DD SEV_SNP_SECRETS_BASE
@@ -55,5 +65,10 @@ CpuidSec: DD CPUID_SIZE
DD OVMF_SECTION_TYPE_CPUID
+; Region need to be pre-validated by the hypervisor
+PreValidate3:
+ DD SNP_SEC_MEM_BASE_DESC_3
+ DD SNP_SEC_MEM_SIZE_DESC_3
+ DD OVMF_SECTION_TYPE_SNP_SEC_MEM
OvmfSevGuidedStructureEnd:
ALIGN 16
|