From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.86]) by mx.groups.io with SMTP id smtpd.web10.40.1622070704029626349 for ; Wed, 26 May 2021 16:11:45 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=rmvm1OEZ; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.86, mailfrom: brijesh.singh@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LzFTo5d7F0Uw+2KLF3H5lipfTaflhlpYOsGPArFZcmcuGC7nffC9+5l+PfJ+GrWlvPv65TEhY25nOqepbbvwpiXW+SeQicBOpQnBoOyWNng5pzYOa6nryzh2vly8o87o3xGXb3z0yX6cDfEIGivuqlLS0mn8XXdbnfz6IchbdsVhGYRljnj6dnId/2RLAaP+kjVGHFx+0zXVbAb2JG4sEPaN2gVDVbr7MaCSjHMJX1EoCswmdmUP+EZerX6HVFkgmXeC42CIUqH5wtjoyNgW4TElSAvhpGWQc6Nkkcw1+TIRTRHwG59St54MI0CBy7VjBoB5S9TY5Rb+u7usQbpe+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QsEHEEmCZOehGwvAJ8nS5BJisyxJH7YMi8RTTXkdRlE=; b=lUMmLNeS5fwdRnsA/9DEORw8w8NaLaJF0w4sbDdhtk44wMYg/Qg2RVxkLRMr+uptgKqitt6HFIb4FgYAv72hdfrMHps6DZcoBPp3dor6ifIODP1V5rWO7T2GbkcNQmturc0R0ebfYMLTbHadU1ehJnNqyzFwCTFCArwtMW0DQcFkw90N//Zy01oRYBpODRPfJDyGa/NfQtRnxgKg0WugLyMWMjEQu4TN/Col8c/o/rf5IIpdi0d1kecY2keEsOGdNw/Yp3fTsjbPiliycHWjFE5XcK2V5rLu3qpinOwpbc4GArzlXO5qZqQncyuGc6bsT7yojyw7Swq18i8TJMtrFA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QsEHEEmCZOehGwvAJ8nS5BJisyxJH7YMi8RTTXkdRlE=; b=rmvm1OEZ900l/5XS1WS8fye4zVjO6CfxPkGjRzTz/ujs4xQ3UQhLNo9e9a9fM5LICJBiH4eRLJ/mVTTbi5JcBweUwidHTfmR0Xvkduf5e56ELG8G2EbiOoZ7rYkjKVYrgZ/j51glv3psAhDXLHkW6EZntlG17//wv1pNGRYmDAM= Authentication-Results: linux.ibm.com; dkim=none (message not signed) header.d=none;linux.ibm.com; dmarc=none action=none header.from=amd.com; Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) by SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4150.23; Wed, 26 May 2021 23:11:41 +0000 Received: from SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94]) by SN6PR12MB2718.namprd12.prod.outlook.com ([fe80::9898:5b48:a062:db94%6]) with mapi id 15.20.4150.023; Wed, 26 May 2021 23:11:39 +0000 From: "Brijesh Singh" To: James Bottomley , Min Xu , Jiewen Yao , Tom Lendacky , Jordan Justen , Laszlo Ersek , Erdem Aktas , Eric Dong , Ray Ni , Rahul Kumar , devel@edk2.groups.io CC: Brijesh Singh , Ard Biesheuvel Subject: [PATCH RFC v3 04/22] OvmfPkg/MemEncryptSevLib: extend Es Workarea to include hv features Date: Wed, 26 May 2021 18:11:00 -0500 Message-ID: <20210526231118.12946-5-brijesh.singh@amd.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210526231118.12946-1-brijesh.singh@amd.com> References: <20210526231118.12946-1-brijesh.singh@amd.com> X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SA0PR11CA0202.namprd11.prod.outlook.com (2603:10b6:806:1bc::27) To SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22) Return-Path: brijesh.singh@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA0PR11CA0202.namprd11.prod.outlook.com (2603:10b6:806:1bc::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4173.21 via Frontend Transport; Wed, 26 May 2021 23:11:38 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 97d05875-8b5c-4762-700d-08d9209b9de0 X-MS-TrafficTypeDiagnostic: SN6PR12MB2718: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:5236; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3UHk9nOJHophOFEMQQf98j2AWfiI1yhqiuJHZp70SRZfCMg4wDJdDUri7yJtX9AMa1n2QKsCKlvCLtGfBH8S2mk0mkhsr6ewf1Mq+VWIJ0A3POO1XKlsdrZGnE/P1cVuax2yTkPR3vP/I3AlL9eeyYZIwCUIW0jbK695z5v93imD2EKebCylV2CBujPirfNc9APd+o/NY3CJ/1/Syeb11TmrTBC9q3TPFZJElw16LymfV3zTioc4+YmjksIhpDezg27LOFeiYD3dG4WTceowNz/SwvHRJJbIevxQYaaWk26I9Am8Hwn4LqEgJK7KyomnbnCFnH2kgQqTFCfKL8EgcGMfCjC1AN5Bc2rNHr91b/7FfX6iMUtS32Z/4MvR3i/A1NWdtFwsSIVbCZqN3Cx6TEN0wIedQPhy4fziGotnuXznLyPO3QIrUQLIESpGSS2yHe4f8/JAV06hhh9YDBztlPQRB0AzjLCsa7VHwRnzEsovUpGhJaAqcv5rNiFSaoAlJu5tHgkE83YiAkukSMb1Tc0fIhJaiFOppC6xmmf7LTXdQdylQML8etzG3I4GzD3yih67dR0gkeCohco2Zh5c4R7Z+uekFwpcUxwhoGRwE2SaCbbfFYxOsQe17+aXzGKIjwpIObxWBvFrNKNmQCdNuhRF9ez2UbRxMGeOzVUYuQqEUNVP2DHfbAcMlDX7j7wkbeHvP1wQAa7Byh3dwuGc0yKlnsKxhlFzs9J5EUwcZIOAN5nULFF4AmR3LQ4R+j7Nk/nNRgo5fnXGR1ibXCGJq7LwcOYxELYpE9lgqtZkUbM= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(136003)(366004)(346002)(396003)(376002)(6486002)(26005)(2616005)(6666004)(478600001)(956004)(66476007)(36756003)(1076003)(8676002)(7696005)(52116002)(8936002)(44832011)(86362001)(38100700002)(38350700002)(83380400001)(54906003)(2906002)(921005)(4326008)(186003)(66946007)(7416002)(5660300002)(316002)(19627235002)(66556008)(966005)(110136005)(16526019);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?9h5ccJcuY7gfmPgyXzLMvUE9UdbwlPbeiYnwxhUK7Gi/wE43MTlfWbzAoQs2?= =?us-ascii?Q?H7c+caotlOJ+RZEql05zwRLg+bA0SiNEhdIOesQuLOlPFm18TKdiRBTQ9jzf?= =?us-ascii?Q?pK+53WJVx1rXOF+qOcbtLJ8VoYx84AuVnETWOGm+QZPeqQS1pBK5NjGgcNoT?= =?us-ascii?Q?6UEC69c2WFmXa9XA7MTLp2G2S3N9zGqU9Jp9L0xDWJPo2S41GrIkzr7hzyxW?= =?us-ascii?Q?Taa7KOA6rvbgbF+pgtKus+F9mV516K6wKeJQqBIAxEgMz8oKVNcQD3V2hEEG?= =?us-ascii?Q?WdKnK5Wx9Ufh+WGa81jDAGCs9arE9Gvle2MKc5WtPYAy2KUbk/jv+/BJx9RL?= =?us-ascii?Q?tSP4XnyitpABRWkeV4WAB9emQfAPMb3v+O52swfYw/hu0ujAqFIo63vT8iEU?= =?us-ascii?Q?KpHa8DWcZbKlB/7e1dOCnPc9twtFW5aDUw9iwayY5LhBkyLY4jMPKYdDTBsY?= =?us-ascii?Q?CWpgrvWcF3T3QiiqXZJRIDcmSNXQuC7Al34jx+JrfPSJvUMFG1J1shGk9H5k?= =?us-ascii?Q?1+eMeGuiC4pZzXq1kYaKO/GJWq3/KEM7o61dExvx4/IaVn7ks+Py/8aL9RcZ?= =?us-ascii?Q?cevh856fuirkAHyntnVYflayy3R6VbExUk7piAOnPjY/A78mkrJ0HaO0aoC/?= =?us-ascii?Q?wvrsM/YL90RAtur4Hf72d4wy/uZ9bg/z0jrZN2/WfhiLjoDO017oW6UjGDK8?= =?us-ascii?Q?K9X1RTcb48fXj0+gItUGQw7/AOszNg7EHahItDsF+BvvSCC5klife3H69Ci3?= =?us-ascii?Q?D6nXGG7Vc9J7sQmoSaJIv4JLamz1aiV7suVviHrChPe+WuvbAjV1AoT0z5x9?= =?us-ascii?Q?t4eRKO/U0XvcefZN2/2ikWrc/Cm3wSYzsdhpIHZ7bKL9EVdMzbkTzfb50IEd?= =?us-ascii?Q?scRkuo0pz8MVNTdDyJnCPX/kfFA2klccHapx2/SN1uxv5f26nMbR6d7jaM7f?= =?us-ascii?Q?nT2njyoR4weGjnPgTdIB7a9YKACj21IIrmJVFSly64oo1NXHsrkJkjmj9Ixy?= =?us-ascii?Q?79qDIUJzpFSY8urTIbOewMBlnhfI0+byuOZxPIrnyP5MixS9XdQJpxtYHRzD?= =?us-ascii?Q?3trFxBf6dWxQDmlM1sKGcfxVyn4rjBVvbVu6usbUPepjTt7SfOYJykAEKTb4?= =?us-ascii?Q?Nu9Ze0+AEoF4CrY6B2XgIsFh2L0q7oq7K/+RD1ZuSJgshVXgWlLwnz/W6b4U?= =?us-ascii?Q?mwuosyT+t32iv4xC5mHuxmvu0s9SV9nm+Vj8a775Z8QMrvC4cOffpKe47D9+?= =?us-ascii?Q?YQgTeOpDdCvGn8yG+qiNTwXT0pgRfr81vxRvZi50Ycgn+xE7MtmVxuD4Sq+B?= =?us-ascii?Q?AGk1JmF3sJOWgjsSsk34hakl?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 97d05875-8b5c-4762-700d-08d9209b9de0 X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 May 2021 23:11:39.3715 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: TEsQVKvJvpC/HMRkRN/+P+3v5Wvus51JU0O49tyBHv9kgKIuclfA17APbCfjW4Zsuzs+bEHtBy6eaXs55wbjBQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR12MB2718 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275 The GHCB Version 2 introduces advertisement of features that are supported by the hypervisor. The features value is saved in the SevEs workarea. Save the value in the PCD for the later use. Cc: James Bottomley Cc: Min Xu Cc: Jiewen Yao Cc: Tom Lendacky Cc: Jordan Justen Cc: Ard Biesheuvel Cc: Laszlo Ersek Cc: Erdem Aktas Signed-off-by: Brijesh Singh --- OvmfPkg/PlatformPei/PlatformPei.inf | 1 + OvmfPkg/Include/Library/MemEncryptSevLib.h | 2 + OvmfPkg/PlatformPei/AmdSev.c | 26 +++++ OvmfPkg/ResetVector/Ia32/PageTables64.asm | 122 +++++++++++++++++++++ OvmfPkg/ResetVector/ResetVector.nasmb | 1 + 5 files changed, 152 insertions(+) diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index bc1dcac48343..3256ccfe88d8 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -111,6 +111,7 @@ [Pcd] gUefiCpuPkgTokenSpaceGuid.PcdCpuApStackSize gUefiCpuPkgTokenSpaceGuid.PcdSevEsIsEnabled gUefiCpuPkgTokenSpaceGuid.PcdSevSnpIsEnabled + gUefiCpuPkgTokenSpaceGuid.PcdGhcbHypervisorFeatures =20 [FixedPcd] gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L= ibrary/MemEncryptSevLib.h index 24507de55c5d..dd1c97d4a9a3 100644 --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h @@ -55,6 +55,8 @@ typedef struct _SEC_SEV_ES_WORK_AREA { UINT64 RandomData; =20 UINT64 EncryptionMask; + + UINT64 HypervisorFeatures; } SEC_SEV_ES_WORK_AREA; =20 // diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c index 67b78fd5fa36..81e40e0889aa 100644 --- a/OvmfPkg/PlatformPei/AmdSev.c +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -43,6 +43,27 @@ AmdSevSnpInitialize ( ASSERT_RETURN_ERROR (PcdStatus); } =20 +/** + + Function to set the PcdHypervisorFeatures. +**/ +STATIC +VOID +AmdSevHypervisorFeatures ( + VOID + ) +{ + SEC_SEV_ES_WORK_AREA *SevEsWorkArea; + RETURN_STATUS PcdStatus; + + SevEsWorkArea =3D (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAr= eaBase); + + PcdStatus =3D PcdSet64S (PcdGhcbHypervisorFeatures, SevEsWorkArea->Hyper= visorFeatures); + ASSERT_RETURN_ERROR (PcdStatus); + + DEBUG ((DEBUG_INFO, "GHCB Hypervisor Features=3D0x%Lx\n", SevEsWorkArea-= >HypervisorFeatures)); +} + /** =20 Initialize SEV-ES support if running as an SEV-ES guest. @@ -73,6 +94,11 @@ AmdSevEsInitialize ( PcdStatus =3D PcdSetBoolS (PcdSevEsIsEnabled, TRUE); ASSERT_RETURN_ERROR (PcdStatus); =20 + // + // Set the hypervisor features PCD. + // + AmdSevHypervisorFeatures (); + // // Allocate GHCB and per-CPU variable pages. // Since the pages must survive across the UEFI to OS transition diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVecto= r/Ia32/PageTables64.asm index 6838cdeec9c3..75e63d2a0561 100644 --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm @@ -62,6 +62,16 @@ BITS 32 %define GHCB_CPUID_REGISTER_SHIFT 30 %define CPUID_INSN_LEN 2 =20 +; GHCB SEV Information MSR protocol +%define GHCB_SEV_INFORMATION_REQUEST 2 +%define GHCB_SEV_INFORMATION_RESPONSE 1 + +; GHCB Hypervisor features MSR protocol +%define GHCB_HYPERVISOR_FEATURES_REQUEST 128 +%define GHCB_HYPERVISOR_FEATURES_RESPONSE 129 + +; GHCB request to terminate protocol values +%define GHCB_GENERAL_TERMINATE_REQUEST 255 =20 ; Check if Secure Encrypted Virtualization (SEV) features are enabled. ; @@ -86,6 +96,13 @@ CheckSevFeatures: ; will set it to 1. mov byte[SEV_ES_WORK_AREA_SNP], 0 =20 + ; Set the Hypervisor features field in the workarea to zero to communi= cate + ; to the hypervisor features to the SEC phase. The hypervisor feature = is + ; filled during the call to CheckHypervisorFeatures. + mov eax, 0 + mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES], eax + mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES + 4], eax + ; ; Set up exception handlers to check for SEV-ES ; Load temporary RAM stack based on PCDs (see SevEsIdtVmmComm for @@ -225,6 +242,106 @@ IsSevEsEnabled: SevEsDisabled: OneTimeCallRet IsSevEsEnabled =20 +; The version 2 of GHCB specification added the support to query the hyper= visor features. +; If the GHCB version is >=3D2 then read the hypervisor features. +; +; Modified: EAX, EBX, ECX, EDX +; +CheckHypervisorFeatures: + ; Get the SEV Information + ; Setup GHCB MSR + ; GHCB_MSR[11:0] =3D SEV information request + ; + mov edx, 0 + mov eax, GHCB_SEV_INFORMATION_REQUEST + mov ecx, 0xc0010130 + wrmsr + + ; + ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-b= it + ; mode, so work around this by temporarily switching to 64-bit mode. + ; +BITS 64 + rep vmmcall +BITS 32 + + ; + ; SEV Information Response GHCB MSR + ; GHCB_MSR[63:48] =3D Maximum protocol version + ; GHCB_MSR[47:32] =3D Minimum protocol version + ; GHCB_MSR[11:0] =3D SEV information response + ; + mov ecx, 0xc0010130 + rdmsr + and eax, 0xfff + cmp eax, GHCB_SEV_INFORMATION_RESPONSE + jnz TerminateSevGuestLaunch + shr edx, 16 + cmp edx, 2 + jl CheckHypervisorFeaturesDone + + ; Get the hypervisor features + ; Setup GHCB MSR + ; GHCB_MSR[11:0] =3D Hypervisor features request + ; + mov edx, 0 + mov eax, GHCB_HYPERVISOR_FEATURES_REQUEST + mov ecx, 0xc0010130 + wrmsr + + ; + ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-b= it + ; mode, so work around this by temporarily switching to 64-bit mode. + ; +BITS 64 + rep vmmcall +BITS 32 + + ; + ; Hypervisor features reponse + ; GHCB_MSR[63:12] =3D Features bitmap + ; GHCB_MSR[11:0] =3D Hypervisor features response + ; + mov ecx, 0xc0010130 + rdmsr + mov ebx, eax + and eax, 0xfff + cmp eax, GHCB_HYPERVISOR_FEATURES_RESPONSE + jnz TerminateSevGuestLaunch + + shr ebx, 12 + mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES], ebx + mov dword[SEV_ES_WORK_AREA_HYPERVISOR_FEATURES + 4], edx + + jmp CheckHypervisorFeaturesDone +TerminateSevGuestLaunch: + ; + ; Setup GHCB MSR + ; GHCB_MSR[23:16] =3D 0 + ; GHCB_MSR[15:12] =3D 0 + ; GHCB_MSR[11:0] =3D Terminate Request + ; + mov edx, 0 + mov eax, GHCB_GENERAL_TERMINATE_REQUEST + mov ecx, 0xc0010130 + wrmsr + + ; + ; Issue VMGEXIT - NASM doesn't support the vmmcall instruction in 32-b= it + ; mode, so work around this by temporarily switching to 64-bit mode. + ; +BITS 64 + rep vmmcall +BITS 32 + +TerminateSevGuestLaunchHlt: + cli + hlt + jmp TerminateSevGuestLaunchHlt + +CheckHypervisorFeaturesDone: + OneTimeCallRet CheckHypervisorFeatures + ; ; Modified: EAX, EBX, ECX, EDX ; @@ -328,6 +445,11 @@ clearGhcbMemoryLoop: mov dword[ecx * 4 + GHCB_BASE - 4], eax loop clearGhcbMemoryLoop =20 + ; + ; It is SEV-ES guest, query the Hypervisor features + ; + OneTimeCall CheckHypervisorFeatures + SetCr3: ; ; Set CR3 now that the paging structures are available diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/Re= setVector.nasmb index 1971557b1c00..5beba3ecb290 100644 --- a/OvmfPkg/ResetVector/ResetVector.nasmb +++ b/OvmfPkg/ResetVector/ResetVector.nasmb @@ -76,6 +76,7 @@ %define SEV_ES_WORK_AREA_SNP (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 1) %define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + = 8) %define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) = + 16) + %define SEV_ES_WORK_AREA_HYPERVISOR_FEATURES (FixedPcdGet32 (PcdSevEsWor= kAreaBase) + 24) %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase)= + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize)) %include "Ia32/Flat32ToFlat64.asm" %include "Ia32/PageTables64.asm" --=20 2.17.1