From 24e4ad75546b3c1f334aab7057f6c10309807d8d Mon Sep 17 00:00:00 2001 From: Brijesh Singh Date: Thu, 6 Jul 2017 09:26:45 -0400 Subject: OvmfPkg: Add AmdSevDxe driver When SEV is enabled, the MMIO memory range must be mapped as unencrypted (i.e C-bit cleared). We need to clear the C-bit for MMIO GCD entries in order to cover the ranges that were added during the PEI phase (through memory resource descriptor HOBs). Additionally, the NonExistent ranges are processed in order to cover, in advance, MMIO ranges added later in the DXE phase by various device drivers, via the appropriate DXE memory space services. The approach is not transparent for later addition of system memory ranges to the GCD memory space map. (Such ranges should be encrypted.) OVMF does not do such a thing at the moment, so this approach should be OK. The driver is being added to the APRIORI DXE file so that, we clear the C-bit from MMIO regions before any driver accesses it. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Leo Duran Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.0 Suggested-by: Jiewen Yao Signed-off-by: Brijesh Singh Reviewed-by: Jiewen Yao Reviewed-by: Laszlo Ersek Acked-by: Jordan Justen --- OvmfPkg/OvmfPkgX64.fdf | 2 ++ 1 file changed, 2 insertions(+) (limited to 'OvmfPkg/OvmfPkgX64.fdf') diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf index 4da0b19b94..213db6bedb 100644 --- a/OvmfPkg/OvmfPkgX64.fdf +++ b/OvmfPkg/OvmfPkgX64.fdf @@ -191,6 +191,7 @@ READ_LOCK_STATUS = TRUE APRIORI DXE { INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf + INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf !if $(SMM_REQUIRE) == FALSE INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf !endif @@ -352,6 +353,7 @@ INF RuleOverride=CSM OvmfPkg/Csm/Csm16/Csm16.inf INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf INF OvmfPkg/PlatformDxe/Platform.inf +INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf !if $(SMM_REQUIRE) == TRUE INF OvmfPkg/SmmAccess/SmmAccess2Dxe.inf -- cgit v1.2.3