render / rpms / edk2

Forked from rpms/edk2 3 months ago
Clone
Blob Blame History Raw
From c4096f74a41bde4fc62576222e0c9622152d7701 Mon Sep 17 00:00:00 2001
From: Pawel Polawski <ppolawsk@redhat.com>
Date: Tue, 4 Jan 2022 15:16:40 +0800
Subject: [PATCH 2/2] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as
 reserved

RH-Author: Pawel Polawski <ppolawsk@redhat.com>
RH-MergeRequest: 10: OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
RH-Commit: [1/1] a8f099d508e2e7b39697945acaa767c43577b1e6 (elkoniu/edk2)
RH-Bugzilla: 2041754
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
RH-Acked-by: Gerd Hoffmann <kraxel@redhat.com>

Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54..6bf1a55dea 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
   BuildMemoryAllocationHob (
     PcdGet32 (PcdSevLaunchSecretBase),
     ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
-    EfiBootServicesData
+    EfiReservedMemoryType
     );
 
   return EFI_SUCCESS;
-- 
2.27.0