1. Patchew
  2. EDK2
  3. View series

[edk2-devel] [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved

Dov Murik posted 1 patch 2 years, 5 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/edk2 tags/patchew/20211118113108.641827-1-dovmurik@linux.ibm.com
There is a newer version of this series
OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[edk2-devel] [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
Posted by Dov Murik 2 years, 5 months ago 
Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
---
 OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
index db94c26b54d1..6bf1a55dea64 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
   BuildMemoryAllocationHob (
     PcdGet32 (PcdSevLaunchSecretBase),
     ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
-    EfiBootServicesData
+    EfiReservedMemoryType
     );
 
   return EFI_SUCCESS;
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83853): https://edk2.groups.io/g/devel/message/83853
Mute This Topic: https://groups.io/mt/87140890/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
Posted by Gerd Hoffmann 2 years, 5 months ago 
  Hi,

>    BuildMemoryAllocationHob (
>      PcdGet32 (PcdSevLaunchSecretBase),
>      ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
> -    EfiBootServicesData
> +    EfiReservedMemoryType
>      );

Acked-by: Gerd Hoffmann <kraxel@redhat.com>

take care,
  Gerd



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83899): https://edk2.groups.io/g/devel/message/83899
Mute This Topic: https://groups.io/mt/87140890/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
Posted by Brijesh Singh via groups.io 2 years, 5 months ago 

On 11/18/21 5:31 AM, Dov Murik wrote:
> Mark the SEV launch secret MEMFD area as reserved, which will allow the
> guest OS to use it during the lifetime of the OS, without creating
> copies of the sensitive content.
> 
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Jordan Justen <jordan.l.justen@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Brijesh Singh <brijesh.singh@amd.com>
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
> Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
> ---
>   OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> index db94c26b54d1..6bf1a55dea64 100644
> --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> @@ -19,7 +19,7 @@ InitializeSecretPei (
>     BuildMemoryAllocationHob (
>       PcdGet32 (PcdSevLaunchSecretBase),
>       ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
> -    EfiBootServicesData
> +    EfiReservedMemoryType
>       );
>   
>     return EFI_SUCCESS;
> 


Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>

thanks


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83913): https://edk2.groups.io/g/devel/message/83913
Mute This Topic: https://groups.io/mt/87140890/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved
Posted by Yao, Jiewen 2 years, 5 months ago 
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>

> -----Original Message-----
> From: Brijesh Singh <brijesh.singh@amd.com>
> Sent: Monday, November 22, 2021 11:43 PM
> To: Dov Murik <dovmurik@linux.ibm.com>; devel@edk2.groups.io
> Cc: brijesh.singh@amd.com; Ard Biesheuvel <ardb+tianocore@kernel.org>;
> Justen, Jordan L <jordan.l.justen@intel.com>; Gerd Hoffmann
> <kraxel@redhat.com>; Erdem Aktas <erdemaktas@google.com>; James
> Bottomley <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu,
> Min M <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>;
> Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
> Subject: Re: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area
> as reserved
> 
> 
> 
> On 11/18/21 5:31 AM, Dov Murik wrote:
> > Mark the SEV launch secret MEMFD area as reserved, which will allow the
> > guest OS to use it during the lifetime of the OS, without creating
> > copies of the sensitive content.
> >
> > Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> > Cc: Jordan Justen <jordan.l.justen@intel.com>
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Cc: Brijesh Singh <brijesh.singh@amd.com>
> > Cc: Erdem Aktas <erdemaktas@google.com>
> > Cc: James Bottomley <jejb@linux.ibm.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Min Xu <min.m.xu@intel.com>
> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
> > Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
> > ---
> >   OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> > index db94c26b54d1..6bf1a55dea64 100644
> > --- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> > +++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
> > @@ -19,7 +19,7 @@ InitializeSecretPei (
> >     BuildMemoryAllocationHob (
> >       PcdGet32 (PcdSevLaunchSecretBase),
> >       ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
> > -    EfiBootServicesData
> > +    EfiReservedMemoryType
> >       );
> >
> >     return EFI_SUCCESS;
> >
> 
> 
> Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
> 
> thanks


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83914): https://edk2.groups.io/g/devel/message/83914
Mute This Topic: https://groups.io/mt/87140890/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.