diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 9d7fedf4df..c362e5f115 100644
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -78,6 +78,8 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwSpareBase|0x0|UINT32|0xd
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashNvStorageFtwWorkingBase|0x0|UINT32|0xe
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFdBaseAddress|0x0|UINT32|0xf
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|0x0|UINT32|0x11
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize|0x0|UINT32|0x12
 
 [PcdsDynamic, PcdsDynamicEx]
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2
diff --git a/OvmfPkg/OvmfPkgIa32.fdf b/OvmfPkg/OvmfPkgIa32.fdf
index 1c5c74664d..483ad85e64 100644
--- a/OvmfPkg/OvmfPkgIa32.fdf
+++ b/OvmfPkg/OvmfPkgIa32.fdf
@@ -135,6 +135,9 @@ ErasePolarity = 1
 BlockSize     = 0x10000
 NumBlocks     = 0x80
 
+0x000000|0x006000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+
 0x020000|0x7E0000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvSize
 FV = MAINFV
diff --git a/OvmfPkg/OvmfPkgIa32X64.fdf b/OvmfPkg/OvmfPkgIa32X64.fdf
index 25d36107c0..9a0008066f 100644
--- a/OvmfPkg/OvmfPkgIa32X64.fdf
+++ b/OvmfPkg/OvmfPkgIa32X64.fdf
@@ -135,6 +135,9 @@ ErasePolarity = 1
 BlockSize     = 0x10000
 NumBlocks     = 0x80
 
+0x000000|0x006000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+
 0x020000|0x7E0000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvSize
 FV = MAINFV
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index a97b2c26a7..09a91c1476 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -135,6 +135,9 @@ ErasePolarity = 1
 BlockSize     = 0x10000
 NumBlocks     = 0x80
 
+0x000000|0x006000
+gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesSize
+
 0x020000|0x7E0000
 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvSize
 FV = MAINFV
diff --git a/OvmfPkg/ResetVector/Bin/ResetVector.x64.raw b/OvmfPkg/ResetVector/Bin/ResetVector.x64.raw
index 237d08a293..a3fc97c93e 100644
Binary files a/OvmfPkg/ResetVector/Bin/ResetVector.x64.raw and b/OvmfPkg/ResetVector/Bin/ResetVector.x64.raw differ
diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
index 8280e8f140..b5a4cf8d71 100644
--- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
+++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
@@ -44,8 +44,10 @@ BITS    32
 SetCr3ForPageTables64:
 
     ;
-    ; For OVMF, build some initial page tables at 0x80000. This is just
-    ; after the early stack/temp RAM.
+    ; For OVMF, build some initial page tables at 0x800000-0x806000.
+    ;
+    ; This range should match with PcdOvmfSecPageTablesBase and
+    ; PcdOvmfSecPageTablesSize which are declared in the FDF files.
     ;
     ; At the end of PEI, the pages tables will be rebuilt into a
     ; more permanent location by DxeIpl.
@@ -54,21 +56,21 @@ SetCr3ForPageTables64:
     mov     ecx, 6 * 0x1000 / 4
     xor     eax, eax
 clearPageTablesMemoryLoop:
-    mov     dword[ecx * 4 + 0x80000 - 4], eax
+    mov     dword[ecx * 4 + 0x800000 - 4], eax
     loop    clearPageTablesMemoryLoop
 
     ;
     ; Top level Page Directory Pointers (1 * 512GB entry)
     ;
-    mov     dword[0x80000], 0x81000 + PAGE_PDP_ATTR
+    mov     dword[0x800000], 0x801000 + PAGE_PDP_ATTR
 
     ;
     ; Next level Page Directory Pointers (4 * 1GB entries => 4GB)
     ;
-    mov     dword[0x81000], 0x82000 + PAGE_PDP_ATTR
-    mov     dword[0x81008], 0x83000 + PAGE_PDP_ATTR
-    mov     dword[0x81010], 0x84000 + PAGE_PDP_ATTR
-    mov     dword[0x81018], 0x85000 + PAGE_PDP_ATTR
+    mov     dword[0x801000], 0x802000 + PAGE_PDP_ATTR
+    mov     dword[0x801008], 0x803000 + PAGE_PDP_ATTR
+    mov     dword[0x801010], 0x804000 + PAGE_PDP_ATTR
+    mov     dword[0x801018], 0x805000 + PAGE_PDP_ATTR
 
     ;
     ; Page Table Entries (2048 * 2MB entries => 4GB)
@@ -79,13 +81,13 @@ pageTableEntriesLoop:
     dec     eax
     shl     eax, 21
     add     eax, PAGE_2M_PDE_ATTR
-    mov     [ecx * 8 + 0x82000 - 8], eax
+    mov     [ecx * 8 + 0x802000 - 8], eax
     loop    pageTableEntriesLoop
 
     ;
     ; Set CR3 now that the paging structures are available
     ;
-    mov     eax, 0x80000
+    mov     eax, 0x800000
     mov     cr3, eax
 
     OneTimeCallRet SetCr3ForPageTables64
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index e235b964a8..ece1c9b517 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -615,6 +615,14 @@ SecCoreStartupWithStack (
 
   AsmWriteIdtr (&IdtDescriptor);
 
+#if defined (MDE_CPU_X64)
+  //
+  // ASSERT that the Page Tables were set by the reset vector code to
+  // the address we expect.
+  //
+  ASSERT (AsmReadCr3 () == (UINTN) PcdGet32 (PcdOvmfSecPageTablesBase));
+#endif
+
   //
   // |-------------|       <-- TopOfCurrentStack
   // |   Stack     | 32k
diff --git a/OvmfPkg/Sec/SecMain.inf b/OvmfPkg/Sec/SecMain.inf
index 91d0a4469f..68dfeaaa4b 100644
--- a/OvmfPkg/Sec/SecMain.inf
+++ b/OvmfPkg/Sec/SecMain.inf
@@ -66,3 +66,4 @@
 [Pcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfMemFvSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase