From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web10.373.1637235092431646373 for ; Thu, 18 Nov 2021 03:31:32 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=iIGrmEgu; spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com) Received: from pps.filterd (m0098394.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 1AIAZk3G015564; Thu, 18 Nov 2021 11:31:30 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=CXuekCkx4PIEIONmm9TIgR6QJ0kAodmOWm+kRew6+08=; b=iIGrmEgu/ixgXjcgznNyVpmmWFMEUHZ7mWk9gicEvAsdU3Pt3ST5Ym/xqDCa/Tuf1Ncr KOeDlfUIR0NEuVtwIVVY/h5L0eJvqEfw2xDUiWRAhpHzYOCFxMBHSdMulo5AhrfrSrkm SXEde/VDFf5OnueTUJVFu2gd02EXpzSDBWWmybXAB4nI9ZDBCJwyi3TR0kde7+OmyMMK kNLcbA6CiH1xNjucx7oYA3tjMm2js+Iv5d176yavDiXlJPdrEkAKgj9lU8yZIeaiio2r 0uHCTcjwqw0xNVJvF2b7/6ZoQWWEVQTzmdP1NuqQ+LDqxNjtam4En1Xv745Xg18azn7t Pw== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3cdmv01f56-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 18 Nov 2021 11:31:29 +0000 Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 1AIBIAOU010260; Thu, 18 Nov 2021 11:31:29 GMT Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com [169.55.91.170]) by mx0a-001b2d01.pphosted.com with ESMTP id 3cdmv01f4p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 18 Nov 2021 11:31:29 +0000 Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1]) by ppma02wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1AIBRk0u017380; Thu, 18 Nov 2021 11:31:28 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma02wdc.us.ibm.com with ESMTP id 3cd81dprrk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 18 Nov 2021 11:31:28 +0000 Received: from b01ledav005.gho.pok.ibm.com (b01ledav005.gho.pok.ibm.com [9.57.199.110]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 1AIBVQFw52822486 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 18 Nov 2021 11:31:26 GMT Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C6C82AE060; Thu, 18 Nov 2021 11:31:26 +0000 (GMT) Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7DBE4AE05F; Thu, 18 Nov 2021 11:31:26 +0000 (GMT) Received: from amdrome3.watson.ibm.com (unknown [9.2.130.16]) by b01ledav005.gho.pok.ibm.com (Postfix) with ESMTP; Thu, 18 Nov 2021 11:31:26 +0000 (GMT) From: "Dov Murik" To: devel@edk2.groups.io Cc: Dov Murik , Ard Biesheuvel , Jordan Justen , Gerd Hoffmann , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , Tom Lendacky , Tobin Feldman-Fitzthum Subject: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved Date: Thu, 18 Nov 2021 11:31:08 +0000 Message-Id: <20211118113108.641827-1-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-GUID: t05lIQDs42DamCG9z0LyCMvwX8zH-rGp X-Proofpoint-ORIG-GUID: SqGhMXhRL99ROxyJ2Gmtlcbt_raF6h-I X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.0.607.475 definitions=2021-11-18_05,2021-11-17_01,2020-04-07_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 spamscore=0 phishscore=0 mlxscore=0 adultscore=0 bulkscore=0 mlxlogscore=999 clxscore=1015 impostorscore=0 malwarescore=0 lowpriorityscore=0 suspectscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2111180067 Content-Transfer-Encoding: quoted-printable Mark the SEV launch secret MEMFD area as reserved, which will allow the guest OS to use it during the lifetime of the OS, without creating copies of the sensitive content. Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Tobin Feldman-Fitzthum Signed-off-by: Dov Murik --- OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPe= i/SecretPei.c index db94c26b54d1..6bf1a55dea64 100644 --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c @@ -19,7 +19,7 @@ InitializeSecretPei ( BuildMemoryAllocationHob (=0D PcdGet32 (PcdSevLaunchSecretBase),=0D ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),=0D - EfiBootServicesData=0D + EfiReservedMemoryType=0D );=0D =0D return EFI_SUCCESS;=0D --=20 2.25.1