mirror of https://github.com/acidanthera/audk.git
OvmfPkg/PlatformPei: Move early GDT into ram when SEV-ES is enabled
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 The SEV support will clear the C-bit from non-RAM areas. The early GDT lives in a non-RAM area, so when an exception occurs (like a #VC) the GDT will be read as un-encrypted even though it is encrypted. This will result in a failure to be able to handle the exception. Move the GDT into RAM so it can be accessed without error when running as an SEV-ES guest. Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
parent
449a6e4934
commit
13ed9e5fc0
|
@ -39,6 +39,8 @@ AmdSevEsInitialize (
|
||||||
PHYSICAL_ADDRESS GhcbBasePa;
|
PHYSICAL_ADDRESS GhcbBasePa;
|
||||||
UINTN GhcbPageCount, PageCount;
|
UINTN GhcbPageCount, PageCount;
|
||||||
RETURN_STATUS PcdStatus, DecryptStatus;
|
RETURN_STATUS PcdStatus, DecryptStatus;
|
||||||
|
IA32_DESCRIPTOR Gdtr;
|
||||||
|
VOID *Gdt;
|
||||||
|
|
||||||
if (!MemEncryptSevEsIsEnabled ()) {
|
if (!MemEncryptSevEsIsEnabled ()) {
|
||||||
return;
|
return;
|
||||||
|
@ -83,6 +85,22 @@ AmdSevEsInitialize (
|
||||||
(UINT64)GhcbPageCount, GhcbBase));
|
(UINT64)GhcbPageCount, GhcbBase));
|
||||||
|
|
||||||
AsmWriteMsr64 (MSR_SEV_ES_GHCB, GhcbBasePa);
|
AsmWriteMsr64 (MSR_SEV_ES_GHCB, GhcbBasePa);
|
||||||
|
|
||||||
|
//
|
||||||
|
// The SEV support will clear the C-bit from non-RAM areas. The early GDT
|
||||||
|
// lives in a non-RAM area, so when an exception occurs (like a #VC) the GDT
|
||||||
|
// will be read as un-encrypted even though it was created before the C-bit
|
||||||
|
// was cleared (encrypted). This will result in a failure to be able to
|
||||||
|
// handle the exception.
|
||||||
|
//
|
||||||
|
AsmReadGdtr (&Gdtr);
|
||||||
|
|
||||||
|
Gdt = AllocatePages (EFI_SIZE_TO_PAGES ((UINTN) Gdtr.Limit + 1));
|
||||||
|
ASSERT (Gdt != NULL);
|
||||||
|
|
||||||
|
CopyMem (Gdt, (VOID *) Gdtr.Base, Gdtr.Limit + 1);
|
||||||
|
Gdtr.Base = (UINTN) Gdt;
|
||||||
|
AsmWriteGdtr (&Gdtr);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue