Since the framebuffer memory region is shared between the guest and hypervisor
hence we must clear the memory encryption bit from this memory region when SEV
is enabled.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
OvmfPkg/QemuVideoDxe/Gop.c | 15 +++++++++++++++
OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf | 1 +
2 files changed, 16 insertions(+)
diff --git a/OvmfPkg/QemuVideoDxe/Gop.c b/OvmfPkg/QemuVideoDxe/Gop.c
index 359e921..96661d1 100644
--- a/OvmfPkg/QemuVideoDxe/Gop.c
+++ b/OvmfPkg/QemuVideoDxe/Gop.c
@@ -13,6 +13,8 @@
**/
+#include <Library/MemEncryptSevLib.h>
+
#include "Qemu.h"
STATIC
@@ -65,6 +67,19 @@ QemuVideoCompleteModeData (
(VOID**) &FrameBufDesc
);
+ //
+ // Framebuffer memory region is shared between hypervisor and guest,
+ // Clear the memory encryption mask when SEV is active.
+ //
+ if (MemEncryptSevIsEnabled ()) {
+ EFI_STATUS Status;
+
+ Status = MemEncryptSevClearPageEncMask (FrameBufDesc->AddrRangeMin, EFI_SIZE_TO_PAGES (FrameBufDesc->AddrLen));
+ if (EFI_ERROR(Status)) {
+ DEBUG ((EFI_D_WARN, "Failed to clear memory encryption mask 0x%#Lx+0x%x\n", FrameBufDesc->AddrRangeMin, FrameBufDesc->AddrLen));
+ }
+ }
+
Mode->FrameBufferBase = FrameBufDesc->AddrRangeMin;
Mode->FrameBufferSize = Info->HorizontalResolution * Info->VerticalResolution;
Mode->FrameBufferSize = Mode->FrameBufferSize * ((ModeData->ColorDepth + 7) / 8);
diff --git a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf b/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
index affb6ff..83ea86c 100644
--- a/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
+++ b/OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf
@@ -60,6 +60,7 @@
UefiBootServicesTableLib
UefiDriverEntryPoint
UefiLib
+ MemEncryptSevLib
[Protocols]
gEfiDriverSupportedEfiVersionProtocolGuid # PROTOCOL ALWAYS_PRODUCED
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel