]> git.proxmox.com Git - mirror_edk2.git/commitdiff
projects / mirror_edk2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 13d9e8e)
OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
authorDov Murik <dovmurik@linux.ibm.com>
Tue, 4 Jan 2022 07:16:40 +0000 (15:16 +0800)
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Tue, 4 Jan 2022 08:06:53 +0000 (08:06 +0000)
Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
OvmfPkg/AmdSev/SecretPei/SecretPei.c patch | blob | blame | history

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54d12767a3fac81634d22732e984a5fc..6bf1a55dea64b9de81b8a876379cb9aa3b0fd03c 100644 (file)
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
   BuildMemoryAllocationHob (\r
     PcdGet32 (PcdSevLaunchSecretBase),\r
     ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),\r
-    EfiBootServicesData\r
+    EfiReservedMemoryType\r
     );\r
 \r
   return EFI_SUCCESS;\r
EFI Development Kit II mirror for PVE