OvmfPkg/Sec: Add #VC exception handling for Sec phase

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 An SEV-ES guest will generate a #VC exception when it encounters a non-automatic exit (NAE) event. It is expected that the #VC exception handler will communicate with the hypervisor using the GHCB to handle the NAE event. NAE events can occur during the Sec phase, so initialize exception handling early in the OVMF Sec support. Before establishing the exception handling, validate that the supported version of the SEV-ES protocol in OVMF is supported by the hypervisor. Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
2020-08-12 15:21:41 -05:00
parent 8a2732186a
commit 13e5492bfd
2 changed files with 173 additions and 13 deletions
--- a/OvmfPkg/Sec/SecMain.inf
+++ b/OvmfPkg/Sec/SecMain.inf
@@ -50,15 +50,19 @@
  PeCoffExtraActionLib
  ExtractGuidedSectionLib
  LocalApicLib
+  CpuExceptionHandlerLib

 [Ppis]
  gEfiTemporaryRamSupportPpiGuid                # PPI ALWAYS_PRODUCED

 [Pcd]
+  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvSize
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbSize
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize