#include <Library/DxeServicesTableLib.h>\r
#include <Library/MemEncryptSevLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+#include <Guid/ConfidentialComputingSevSnpBlob.h>\r
#include <Library/PcdLib.h>\r
\r
+STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION mSnpBootDxeTable = {\r
+ SIGNATURE_32 ('A', 'M', 'D', 'E'),\r
+ 1,\r
+ 0,\r
+ (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase),\r
+ FixedPcdGet32 (PcdOvmfSnpSecretsSize),\r
+ (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase),\r
+ FixedPcdGet32 (PcdOvmfCpuidSize),\r
+};\r
+\r
EFI_STATUS\r
EFIAPI\r
AmdSevDxeEntryPoint (\r
}\r
}\r
\r
+ //\r
+ // If its SEV-SNP active guest then install the CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB.\r
+ // It contains the location for both the Secrets and CPUID page.\r
+ //\r
+ if (MemEncryptSevSnpIsEnabled ()) {\r
+ return gBS->InstallConfigurationTable (\r
+ &gConfidentialComputingSevSnpBlobGuid,\r
+ &mSnpBootDxeTable\r
+ );\r
+ }\r
+\r
return EFI_SUCCESS;\r
}\r
\r
[FixedPcd]\r
gEfiMdePkgTokenSpaceGuid.PcdPciExpressBaseAddress\r
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase\r
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize\r
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsBase\r
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSnpSecretsSize\r
+\r
+[Guids]\r
+ gConfidentialComputingSevSnpBlobGuid\r
\r
[Pcd]\r
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId\r
--- /dev/null
+/** @file\r
+ UEFI Configuration Table for exposing the SEV-SNP launch blob.\r
+\r
+ Copyright (c) 2021, Advanced Micro Devices Inc. All right reserved.\r
+\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
+ **/\r
+\r
+#ifndef CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB_H_\r
+#define CONFIDENTIAL_COMPUTING_SEV_SNP_BLOB_H_\r
+\r
+#include <Uefi/UefiBaseType.h>\r
+\r
+#define CONFIDENTIAL_COMPUTING_SNP_BLOB_GUID \\r
+ { 0x067b1f5f, \\r
+ 0xcf26, \\r
+ 0x44c5, \\r
+ { 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42 }, \\r
+ }\r
+\r
+typedef struct {\r
+ UINT32 Header;\r
+ UINT16 Version;\r
+ UINT16 Reserved1;\r
+ UINT64 SecretsPhysicalAddress;\r
+ UINT32 SecretsSize;\r
+ UINT64 CpuidPhysicalAddress;\r
+ UINT32 CpuidLSize;\r
+} CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION;\r
+\r
+extern EFI_GUID gConfidentialComputingSevSnpBlobGuid;\r
+\r
+#endif\r
gQemuKernelLoaderFsMediaGuid = {0x1428f772, 0xb64a, 0x441e, {0xb8, 0xc3, 0x9e, 0xbd, 0xd7, 0xf8, 0x93, 0xc7}}\r
gGrubFileGuid = {0xb5ae312c, 0xbc8a, 0x43b1, {0x9c, 0x62, 0xeb, 0xb8, 0x26, 0xdd, 0x5d, 0x07}}\r
gConfidentialComputingSecretGuid = {0xadf956ad, 0xe98c, 0x484c, {0xae, 0x11, 0xb5, 0x1c, 0x7d, 0x33, 0x64, 0x47}}\r
+ gConfidentialComputingSevSnpBlobGuid = {0x067b1f5f, 0xcf26, 0x44c5, {0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42}}\r
\r
[Ppis]\r
# PPI whose presence in the PPI database signals that the TPM base address\r