From bff2811c6d99c1e41a4cbb81b30cc4b5cb8e4f20 Mon Sep 17 00:00:00 2001 From: James Bottomley Date: Mon, 30 Nov 2020 12:28:18 -0800 Subject: OvmfPkg/AmdSev: assign and reserve the Sev Secret area Create a one page secret area in the MEMFD and reserve the area with a boot time HOB. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3077 Signed-off-by: James Bottomley Reviewed-by: Laszlo Ersek Message-Id: <20201130202819.3910-6-jejb@linux.ibm.com> Acked-by: Ard Biesheuvel [lersek@redhat.com: s/protect/reserve/g in the commit message, at Ard's and James's suggestion] --- OvmfPkg/AmdSev/SecretPei/SecretPei.c | 25 ++++++++++++++++++++++++ OvmfPkg/AmdSev/SecretPei/SecretPei.inf | 35 ++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.c create mode 100644 OvmfPkg/AmdSev/SecretPei/SecretPei.inf (limited to 'OvmfPkg/AmdSev/SecretPei') diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c new file mode 100644 index 0000000000..ad491515dd --- /dev/null +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c @@ -0,0 +1,25 @@ +/** @file + SEV Secret boot time HOB placement + + Copyright (C) 2020 James Bottomley, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ +#include +#include +#include + +EFI_STATUS +EFIAPI +InitializeSecretPei ( + IN EFI_PEI_FILE_HANDLE FileHandle, + IN CONST EFI_PEI_SERVICES **PeiServices + ) +{ + BuildMemoryAllocationHob ( + PcdGet32 (PcdSevLaunchSecretBase), + PcdGet32 (PcdSevLaunchSecretSize), + EfiBootServicesData + ); + + return EFI_SUCCESS; +} diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf new file mode 100644 index 0000000000..08be156c4b --- /dev/null +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf @@ -0,0 +1,35 @@ +## @file +# PEI support for SEV Secrets +# +# Copyright (C) 2020 James Bottomley, IBM Corporation. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = SecretPei + FILE_GUID = 45260dde-0c3c-4b41-a226-ef3803fac7d4 + MODULE_TYPE = PEIM + VERSION_STRING = 1.0 + ENTRY_POINT = InitializeSecretPei + +[Sources] + SecretPei.c + +[Packages] + OvmfPkg/OvmfPkg.dec + MdePkg/MdePkg.dec + +[LibraryClasses] + HobLib + PeimEntryPoint + PcdLib + +[FixedPcd] + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize + +[Depex] + TRUE -- cgit v1.2.3