diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc index 18707725b3..e9c522beda 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.dsc +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc @@ -613,6 +613,7 @@ OvmfPkg/PlatformPei/PlatformPei.inf UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf UefiCpuPkg/CpuMpPei/CpuMpPei.inf + OvmfPkg/AmdSev/SecretPei/SecretPei.inf !if $(TPM_ENABLE) == TRUE OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf index 1aa9582638..b2656a1cf6 100644 --- a/OvmfPkg/AmdSev/AmdSevX64.fdf +++ b/OvmfPkg/AmdSev/AmdSevX64.fdf @@ -59,6 +59,9 @@ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmf 0x00B000|0x001000 gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase|gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaSize +0x00C000|0x001000 +gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase|gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize + 0x010000|0x010000 gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize @@ -138,6 +141,7 @@ INF OvmfPkg/PlatformPei/PlatformPei.inf INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf INF UefiCpuPkg/Universal/Acpi/S3Resume2Pei/S3Resume2Pei.inf INF UefiCpuPkg/CpuMpPei/CpuMpPei.inf +INF OvmfPkg/AmdSev/SecretPei/SecretPei.inf !if $(TPM_ENABLE) == TRUE INF OvmfPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c new file mode 100644 index 0000000000..ad491515dd --- /dev/null +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c @@ -0,0 +1,25 @@ +/** @file + SEV Secret boot time HOB placement + + Copyright (C) 2020 James Bottomley, IBM Corporation. + SPDX-License-Identifier: BSD-2-Clause-Patent +**/ +#include +#include +#include + +EFI_STATUS +EFIAPI +InitializeSecretPei ( + IN EFI_PEI_FILE_HANDLE FileHandle, + IN CONST EFI_PEI_SERVICES **PeiServices + ) +{ + BuildMemoryAllocationHob ( + PcdGet32 (PcdSevLaunchSecretBase), + PcdGet32 (PcdSevLaunchSecretSize), + EfiBootServicesData + ); + + return EFI_SUCCESS; +} diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.inf b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf new file mode 100644 index 0000000000..08be156c4b --- /dev/null +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.inf @@ -0,0 +1,35 @@ +## @file +# PEI support for SEV Secrets +# +# Copyright (C) 2020 James Bottomley, IBM Corporation. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = SecretPei + FILE_GUID = 45260dde-0c3c-4b41-a226-ef3803fac7d4 + MODULE_TYPE = PEIM + VERSION_STRING = 1.0 + ENTRY_POINT = InitializeSecretPei + +[Sources] + SecretPei.c + +[Packages] + OvmfPkg/OvmfPkg.dec + MdePkg/MdePkg.dec + +[LibraryClasses] + HobLib + PeimEntryPoint + PcdLib + +[FixedPcd] + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretBase + gUefiOvmfPkgTokenSpaceGuid.PcdSevLaunchSecretSize + +[Depex] + TRUE