From 383f729ac096b8deb279933fce86e83a5f7f5ec7 Mon Sep 17 00:00:00 2001
From: Ceping Sun <cepingx.sun@intel.com>
Date: Thu, 15 Aug 2024 05:10:06 +0800
Subject: [PATCH] OvmfPkg/PlatformInitLib: Reserve Sec Page Tables in TDVF

In the system boot phase, if OS postpone onlining some CPU
until later, the sec page tables could be overwritten.

So, TDVF needs to reserve the initial page tables that would be
used by APs on Mailbox wakeup.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Cc: Kirill A Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
---
 OvmfPkg/Library/PlatformInitLib/IntelTdx.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
index e561cee30b..12e4501c5b 100644
--- a/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
+++ b/OvmfPkg/Library/PlatformInitLib/IntelTdx.c
@@ -153,6 +153,18 @@ PlatformTdxPublishRamRegions (
 
   TransferTdxHobList ();
 
+  //
+  // Reserve the initial page tables built by the reset vector code.
+  //
+  // Since this memory range will be used by APs on Mailbox
+  // wakeup, it must be reserved as ACPI NVS.
+  //
+  BuildMemoryAllocationHob (
+    (EFI_PHYSICAL_ADDRESS)(UINTN)PcdGet32 (PcdOvmfSecPageTablesBase),
+    (UINT64)(UINTN)PcdGet32 (PcdOvmfSecPageTablesSize),
+    EfiACPIMemoryNVS
+    );
+
   //
   // The memory region defined by PcdOvmfSecGhcbBackupBase is pre-allocated by
   // host VMM and used as the td mailbox at the beginning of system boot.