Hi Min,
On 8/2/21 8:18 PM, Min Xu wrote:
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429
SevEsIsEnabled return TRUE if SevEsWorkArea->SevEsEnabled is non-zero.
It is correct when SevEsWorkArea is only used by SEV. After Intel TDX
is enabled in Ovmf, the SevEsWorkArea is shared by TDX and SEV. (This
is to avoid the waist of memory region in MEMFD). The value of
SevEsWorkArea->SevEsEnabled now is :
0 if in Legacy guest
1 if in SEV
2 if in Tdx guest
That's why the changes is made.
Cc: Ard Biesheuvel <[email protected]>
Cc: Jordan Justen <[email protected]>
Cc: Brijesh Singh <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: James Bottomley <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Tom Lendacky <[email protected]>
Signed-off-by: Min Xu <[email protected]>
---
OvmfPkg/Sec/SecMain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index 9db67e17b2aa..e166a9389a1a 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -828,7 +828,7 @@ SevEsIsEnabled (
SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase);
- return ((SevEsWorkArea != NULL) && (SevEsWorkArea->SevEsEnabled != 0));
+ return ((SevEsWorkArea != NULL) && (SevEsWorkArea->SevEsEnabled == 1));
}
This is wrong, we need to check the SevEs sub type and not the global
Sev enable. This also need to be broken into at least two commits
1. introduce the updated CcWorkArea structure
2. update the existing code to use the CcWorkArea layout
If you are okay then I can rework and send the patch so that you can add
the TDX on top of it.
thanks
VOID
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78617): https://edk2.groups.io/g/devel/message/78617
Mute This Topic: https://groups.io/mt/84631105/21656
Group Owner: [email protected]
Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
