From e4a64ad230ff2906ec56d41b2a8dd7a0bb39a399 Mon Sep 17 00:00:00 2001

From: Dov Murik <dovmurik@linux.ibm.com>

Date: Tue, 4 Jan 2022 15:16:40 +0800

Subject: [PATCH] OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as

 reserved

RH-Author: Pawel Polawski <None>

RH-MergeRequest: 11: OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret area as reserved

RH-Commit: [1/1] a14d34eb204387aae3446770a0e5fb95a9283ae3 (elkoniu/edk2)

RH-Bugzilla: 2041754

RH-Acked-by: Oliver Steffen <None>

Mark the SEV launch secret MEMFD area as reserved, which will allow the

guest OS to use it during the lifetime of the OS, without creating

copies of the sensitive content.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>

Cc: Jordan Justen <jordan.l.justen@intel.com>

Cc: Gerd Hoffmann <kraxel@redhat.com>

Cc: Brijesh Singh <brijesh.singh@amd.com>

Cc: Erdem Aktas <erdemaktas@google.com>

Cc: James Bottomley <jejb@linux.ibm.com>

Cc: Jiewen Yao <jiewen.yao@intel.com>

Cc: Min Xu <min.m.xu@intel.com>

Cc: Tom Lendacky <thomas.lendacky@amd.com>

Cc: Tobin Feldman-Fitzthum <tobin@linux.ibm.com>

Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>

Acked-by: Jiewen Yao <Jiewen.Yao@intel.com>

Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>

---

 OvmfPkg/AmdSev/SecretPei/SecretPei.c | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/OvmfPkg/AmdSev/SecretPei/SecretPei.c b/OvmfPkg/AmdSev/SecretPei/SecretPei.c

index db94c26b54..6bf1a55dea 100644

--- a/OvmfPkg/AmdSev/SecretPei/SecretPei.c

+++ b/OvmfPkg/AmdSev/SecretPei/SecretPei.c

@@ -19,7 +19,7 @@ InitializeSecretPei (

   BuildMemoryAllocationHob (

     PcdGet32 (PcdSevLaunchSecretBase),

     ALIGN_VALUE (PcdGet32 (PcdSevLaunchSecretSize), EFI_PAGE_SIZE),

-    EfiBootServicesData

+    EfiReservedMemoryType

     );

   return EFI_SUCCESS;

-- 

2.27.0