OvmfPkg/AmdSevDxe: Allocate SEV-SNP CC blob as EfiACPIReclaimMemory

The SEV-SNP Confidential Computing blob contains metadata that should
remain accessible for the life of the guest. Allocate it as
EfiACPIReclaimMemory to ensure the memory isn't overwritten by the guest
operating system later.

Reported-by: Dov Murik <dovmurik@linux.ibm.com>
Suggested-by: Dov Murik <dovmurik@linux.ibm.com>
Reviewed-by: Dov Murik <dovmurik@linux.ibm.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Michael Roth <michael.roth@amd.com>

OvmfPkg/AmdSevDxe/AmdSevDxe.c

@@ -28,15 +28,36 @@
 // Present, initialized, tested bits defined in MdeModulePkg/Core/Dxe/DxeMain.h
 #define EFI_MEMORY_INTERNAL_MASK  0x0700000000000000ULL
 
-STATIC CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  mSnpBootDxeTable = {
+STATIC
-  SIGNATURE_32 ('A',                                    'M', 'D', 'E'),
+EFI_STATUS
-  1,
+AllocateConfidentialComputingBlob (
-  0,
+  OUT CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  **CcBlobPtr
-  (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase),
+  )
-  FixedPcdGet32 (PcdOvmfSnpSecretsSize),
+{
-  (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase),
+  EFI_STATUS                                Status;
-  FixedPcdGet32 (PcdOvmfCpuidSize),
+  CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  *CcBlob;
-};
+
+  Status = gBS->AllocatePool (
+                  EfiACPIReclaimMemory,
+                  sizeof (CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION),
+                  (VOID **)&CcBlob
+                  );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  CcBlob->Header                 = SIGNATURE_32 ('A', 'M', 'D', 'E');
+  CcBlob->Version                = 1;
+  CcBlob->Reserved1              = 0;
+  CcBlob->SecretsPhysicalAddress = (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfSnpSecretsBase);
+  CcBlob->SecretsSize            = FixedPcdGet32 (PcdOvmfSnpSecretsSize);
+  CcBlob->CpuidPhysicalAddress   = (UINT64)(UINTN)FixedPcdGet32 (PcdOvmfCpuidBase);
+  CcBlob->CpuidLSize             = FixedPcdGet32 (PcdOvmfCpuidSize);
+
+  *CcBlobPtr = CcBlob;
+
+  return EFI_SUCCESS;
+}
 
 STATIC EFI_HANDLE  mAmdSevDxeHandle = NULL;
 
@@ -175,10 +196,11 @@ AmdSevDxeEntryPoint (
   IN EFI_SYSTEM_TABLE  *SystemTable
   )
 {
-  EFI_STATUS                       Status;
+  EFI_STATUS                                Status;
-  EFI_GCD_MEMORY_SPACE_DESCRIPTOR  *AllDescMap;
+  EFI_GCD_MEMORY_SPACE_DESCRIPTOR           *AllDescMap;
-  UINTN                            NumEntries;
+  UINTN                                     NumEntries;
-  UINTN                            Index;
+  UINTN                                     Index;
+  CONFIDENTIAL_COMPUTING_SNP_BLOB_LOCATION  *SnpBootDxeTable;
 
   //
   // Do nothing when SEV is not enabled
@@ -284,6 +306,18 @@ AmdSevDxeEntryPoint (
     }
   }
 
+  Status = AllocateConfidentialComputingBlob (&SnpBootDxeTable);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((
+      DEBUG_ERROR,
+      "%a: AllocateConfidentialComputingBlob(): %r\n",
+      __func__,
+      Status
+      ));
+    ASSERT (FALSE);
+    CpuDeadLoop ();
+  }
+
   if (MemEncryptSevSnpIsEnabled ()) {
     //
     // Memory acceptance began being required in SEV-SNP, so install the
@@ -321,7 +355,7 @@ AmdSevDxeEntryPoint (
     //
     return gBS->InstallConfigurationTable (
                   &gConfidentialComputingSevSnpBlobGuid,
-                  &mSnpBootDxeTable
+                  SnpBootDxeTable
                   );
   }