From nobody Wed May  8 19:25:23 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+83853+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+83853+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=linux.ibm.com
ARC-Seal: i=1; a=rsa-sha256; t=1637235095; cv=none;
	d=zohomail.com; s=zohoarc;
	b=NL/u6zc+F1DGxBr79bVG3H01WCDZ9zanE8mg7m+VSs7wT+DpcFOQhD9uBCYTDnUHEwN+YEZTICDtURfTOlCG01qXkOjzvK9W4AhRegEwhJPHbhCwWb8+aQN4EmEda8kyyvCcpmv7xJ+MX6VlmpPoUkXowQTayI2LEv9uUDZxuWg=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1637235095;
 h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To;
	bh=z/kgNOGgs+DDrshS4yy/hqdqipMhWrqTR7cf4Y9woyY=;
	b=YCOqXRg8Ri++NS6rzHjbKPKJ9Gutf4crY/BNPAKBAmV8JC2TjMKn4TlXLUmVOxj1SuNnu/zNUszf48dbsMhMoUrV/EQXbykx5qgOh0Z0q68NgRCVP+6vlfmtVu9pDwCAhNQbFTC+YfC0oFcaxKzRt+mbJ9E0KbN2rowB4LV7jZg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)
  smtp.mailfrom=bounce+27952+83853+1787277+3901457@groups.io;
	dmarc=fail header.from=<dovmurik@linux.ibm.com> (p=none dis=none)
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1637235095039844.7213538276516;
 Thu, 18 Nov 2021 03:31:35 -0800 (PST)
Return-Path: <bounce+27952+83853+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id OwOiYY1788612xUsyLxKc7DO;
 Thu, 18 Nov 2021 03:31:34 -0800
X-Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com
 [148.163.156.1])
 by mx.groups.io with SMTP id smtpd.web10.373.1637235092431646373
 for <devel@edk2.groups.io>;
 Thu, 18 Nov 2021 03:31:32 -0800
X-Received: from pps.filterd (m0098394.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id
 1AIAZk3G015564;
	Thu, 18 Nov 2021 11:31:30 GMT
X-Received: from pps.reinject (localhost [127.0.0.1])
	by mx0a-001b2d01.pphosted.com with ESMTP id 3cdmv01f56-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 18 Nov 2021 11:31:29 +0000
X-Received: from m0098394.ppops.net (m0098394.ppops.net [127.0.0.1])
	by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 1AIBIAOU010260;
	Thu, 18 Nov 2021 11:31:29 GMT
X-Received: from ppma02wdc.us.ibm.com (aa.5b.37a9.ip4.static.sl-reverse.com
 [169.55.91.170])
	by mx0a-001b2d01.pphosted.com with ESMTP id 3cdmv01f4p-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 18 Nov 2021 11:31:29 +0000
X-Received: from pps.filterd (ppma02wdc.us.ibm.com [127.0.0.1])
	by ppma02wdc.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 1AIBRk0u017380;
	Thu, 18 Nov 2021 11:31:28 GMT
X-Received: from b01cxnp23034.gho.pok.ibm.com (b01cxnp23034.gho.pok.ibm.com
 [9.57.198.29])
	by ppma02wdc.us.ibm.com with ESMTP id 3cd81dprrk-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 18 Nov 2021 11:31:28 +0000
X-Received: from b01ledav005.gho.pok.ibm.com (b01ledav005.gho.pok.ibm.com
 [9.57.199.110])
	by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id
 1AIBVQFw52822486
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Thu, 18 Nov 2021 11:31:26 GMT
X-Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id C6C82AE060;
	Thu, 18 Nov 2021 11:31:26 +0000 (GMT)
X-Received: from b01ledav005.gho.pok.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 7DBE4AE05F;
	Thu, 18 Nov 2021 11:31:26 +0000 (GMT)
X-Received: from amdrome3.watson.ibm.com (unknown [9.2.130.16])
	by b01ledav005.gho.pok.ibm.com (Postfix) with ESMTP;
	Thu, 18 Nov 2021 11:31:26 +0000 (GMT)
From: "Dov Murik" <dovmurik@linux.ibm.com>
To: devel@edk2.groups.io
Cc: Dov Murik <dovmurik@linux.ibm.com>,
        Ard Biesheuvel <ardb+tianocore@kernel.org>,
        Jordan Justen <jordan.l.justen@intel.com>,
        Gerd Hoffmann <kraxel@redhat.com>,
        Brijesh Singh <brijesh.singh@amd.com>,
        Erdem Aktas <erdemaktas@google.com>,
        James Bottomley <jejb@linux.ibm.com>,
        Jiewen Yao <jiewen.yao@intel.com>, Min Xu <min.m.xu@intel.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Subject: [edk2-devel] [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret
 area as reserved
Date: Thu, 18 Nov 2021 11:31:08 +0000
Message-Id: <20211118113108.641827-1-dovmurik@linux.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: t05lIQDs42DamCG9z0LyCMvwX8zH-rGp
X-Proofpoint-ORIG-GUID: SqGhMXhRL99ROxyJ2Gmtlcbt_raF6h-I
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,dovmurik@linux.ibm.com
X-Gm-Message-State: z74HzoV0JQ61tc130Mp5bjpkx1787277AA=
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1637235094;
 bh=eagHj9zYBbFFOSvWu3BYoHRFZMQwEhEKmU8nsyrJ2pY=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=WUn0HiKV81dfQ9zY1WysM+LFRn1qr5PeqcsUczeveuK3CsiPnybG9734g2+swsoXNKn
 odVM9tDIqiKOb4tjFPWLDvx7FxhejPRxlmxHixqYTmtfqkNuSEnpQhLcKAP9PSwuiWkTD
 JMFLHQ97o3NKOI0s7eK5y6ys6ggtCAy8mvU=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1637235096723100002
Content-Type: text/plain; charset="utf-8"

Mark the SEV launch secret MEMFD area as reserved, which will allow the
guest OS to use it during the lifetime of the OS, without creating
copies of the sensitive content.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>
Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPe=
i/SecretPei.c
index db94c26b54d1..6bf1a55dea64 100644
--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c
+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c
@@ -19,7 +19,7 @@ InitializeSecretPei (
   BuildMemoryAllocationHob (
     PcdGet32 (PcdSevLaunchSecretBase),
     ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),
-    EfiBootServicesData
+    EfiReservedMemoryType
     );
=20
   return EFI_SUCCESS;
--=20
2.25.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#83853): https://edk2.groups.io/g/devel/message/83853
Mute This Topic: https://groups.io/mt/87140890/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-