OvmfPkg: Use TdHob instead of e820tables to get memory info in TDVF

Currently, TDVF gets LowMemory and FistNonAddress from the e820tables via fw_cfg, while TD-Hob can also provide the memory info of LowMemory and FistNonAddress. In current stage e820tables are not measured but TD-Hob is measured in early phase by TDVF. So, from the security perspective we'd better use the information from TD-Hob instead of e820tables. Cc: Erdem Aktas <erdemaktas@google.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
2025-04-08 17:05:09 +02:00 · 2024-08-28 01:16:34 -04:00 · 2024-08-28 01:16:34 -04:00 · d997d3c62f
commit d997d3c62f
parent e48acc0fa9
1 changed files with 34 additions and 0 deletions
--- a/OvmfPkg/Library/PlatformInitLib/MemDetect.c
+++ b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
@ -107,6 +107,36 @@ typedef VOID (*E820_SCAN_CALLBACK) (
  EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
  );

+STATIC
+EFI_STATUS
+PlatformScanE820Tdx (
+  IN      E820_SCAN_CALLBACK     Callback,
+  IN OUT  EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  EFI_E820_ENTRY64      E820Entry;
+  EFI_PEI_HOB_POINTERS  Hob;
+
+  Hob.Raw = (UINT8 *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);
+
+  while (!END_OF_HOB_LIST (Hob)) {
+    if (Hob.Header->HobType == EFI_HOB_TYPE_RESOURCE_DESCRIPTOR) {
+      if ((Hob.ResourceDescriptor->ResourceType == EFI_RESOURCE_MEMORY_UNACCEPTED) ||
+          (Hob.ResourceDescriptor->ResourceType == EFI_RESOURCE_SYSTEM_MEMORY))
+      {
+        E820Entry.BaseAddr = Hob.ResourceDescriptor->PhysicalStart;
+        E820Entry.Length   = Hob.ResourceDescriptor->ResourceLength;
+        E820Entry.Type     = EfiAcpiAddressRangeMemory;
+        Callback (&E820Entry, PlatformInfoHob);
+      }
+    }
+
+    Hob.Raw = (UINT8 *)(Hob.Raw + Hob.Header->HobLength);
+  }
+
+  return EFI_SUCCESS;
+}
+
 /**
  Store first address not used by e820 RAM entries in
  PlatformInfoHob->FirstNonAddress
@ -347,6 +377,10 @@ PlatformScanE820 (
    return PlatformScanE820Pvh (Callback, PlatformInfoHob);
  }

+  if (TdIsEnabled ()) {
+    return PlatformScanE820Tdx (Callback, PlatformInfoHob);
+  }
+
  Status = QemuFwCfgFindFile ("etc/e820", &FwCfgItem, &FwCfgSize);
  if (EFI_ERROR (Status)) {
    return Status;