From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) by mx.groups.io with SMTP id smtpd.web11.3700.1641280615303417220 for ; Mon, 03 Jan 2022 23:16:55 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ibm.com header.s=pp1 header.b=tK2D8B0W; spf=pass (domain: linux.ibm.com, ip: 148.163.156.1, mailfrom: dovmurik@linux.ibm.com) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 2045519r019627; Tue, 4 Jan 2022 07:16:49 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding; s=pp1; bh=TJyKgh9UgR2FnOc/1Bgrl943dpD9h29gAjoDQdRA60Y=; b=tK2D8B0WQk7s/ENRQWJlPLBOBISdgOYopT7yF5GSV8u/5chXxxZKMRkuKcDep7LeZ++L 6E6PSm5WgXyOlzPfy6YvL7TwyhZEUF9vZHa5nuUyguR1RsxtUcpKmARfxOxMEJKETA0f 9L374edDTDjb5AoA0ug9H75d+rcEosKMo++1+gVgWbdz5WF/EDXbiDcDaS+i5QhGk+H6 qtqPEqLn/BgYxxRnAdASminkkLpvI2bZu3D2lA6LDUaR1E/fhceITpfeLckG1/R3Acw8 WxDDl1btDESbNC1T0lBjispvaV3Z3iHfzbTSyGbsqqRpWkp1qWfOXgY3kbxxMEjFxre+ iw== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3dcb2bdr7r-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 04 Jan 2022 07:16:48 +0000 Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 2046gA6f011281; Tue, 4 Jan 2022 07:16:48 GMT Received: from ppma01wdc.us.ibm.com (fd.55.37a9.ip4.static.sl-reverse.com [169.55.85.253]) by mx0a-001b2d01.pphosted.com with ESMTP id 3dcb2bdr6y-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 04 Jan 2022 07:16:48 +0000 Received: from pps.filterd (ppma01wdc.us.ibm.com [127.0.0.1]) by ppma01wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 2047EjKC022891; Tue, 4 Jan 2022 07:16:45 GMT Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com [9.57.198.29]) by ppma01wdc.us.ibm.com with ESMTP id 3daeka5gfe-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 04 Jan 2022 07:16:45 +0000 Received: from b01ledav006.gho.pok.ibm.com (b01ledav006.gho.pok.ibm.com [9.57.199.111]) by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 2047GjJZ35324190 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Tue, 4 Jan 2022 07:16:45 GMT Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id EC62EAC05E; Tue, 4 Jan 2022 07:16:44 +0000 (GMT) Received: from b01ledav006.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id BAEA2AC05B; Tue, 4 Jan 2022 07:16:44 +0000 (GMT) Received: from amdrome3.watson.ibm.com (unknown [9.2.130.16]) by b01ledav006.gho.pok.ibm.com (Postfix) with ESMTP; Tue, 4 Jan 2022 07:16:44 +0000 (GMT) From: "Dov Murik" To: devel@edk2.groups.io Cc: Dov Murik , Ard Biesheuvel , Jordan Justen , Gerd Hoffmann , Brijesh Singh , Erdem Aktas , James Bottomley , Jiewen Yao , Min Xu , Tom Lendacky , Tobin Feldman-Fitzthum , Jiewen Yao Subject: [PATCH RESEND] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved Date: Tue, 4 Jan 2022 07:16:40 +0000 Message-Id: <20220104071640.298819-1-dovmurik@linux.ibm.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: 9Nvi2bCRHi1jqpcpg3gJc6w_yaKEOTRz X-Proofpoint-GUID: 4x1RYzka65BAb-tA0xF5i0rfMfCzNxO2 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-04_03,2022-01-01_01,2021-12-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 clxscore=1011 bulkscore=0 lowpriorityscore=0 suspectscore=0 malwarescore=0 adultscore=0 mlxlogscore=999 impostorscore=0 priorityscore=1501 mlxscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2110150000 definitions=main-2201040047 Content-Transfer-Encoding: quoted-printable Mark the SEV launch secret MEMFD area as reserved, which will allow the guest OS to use it during the lifetime of the OS, without creating copies of the sensitive content. Cc: Ard Biesheuvel Cc: Jordan Justen Cc: Gerd Hoffmann Cc: Brijesh Singh Cc: Erdem Aktas Cc: James Bottomley Cc: Jiewen Yao Cc: Min Xu Cc: Tom Lendacky Cc: Tobin Feldman-Fitzthum Signed-off-by: Dov Murik Acked-by: Gerd Hoffmann Acked-by: Jiewen Yao Reviewed-by: Brijesh Singh --- Resending with Acked-by and Reviewed-by tags. Please let me know if there's anything else missing. Thanks, -Dov --- OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPe= i/SecretPei.c index db94c26b54d1..6bf1a55dea64 100644 --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c @@ -19,7 +19,7 @@ InitializeSecretPei ( BuildMemoryAllocationHob (=0D PcdGet32 (PcdSevLaunchSecretBase),=0D ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),=0D - EfiBootServicesData=0D + EfiReservedMemoryType=0D );=0D =0D return EFI_SUCCESS;=0D --=20 2.25.1