mirror of https://github.com/acidanthera/audk.git
8b87eb9dfb
Currently, multiple dsc files within the OvmfPkg directory use the NULL
version of the CcProbeLib library. However, these packages have support
for confidential guests (usage of CcExitLib, MemEncrypt{Sev,Tdx}Lib, etc.)
and should be using the OvmfPkg version of the CcProbeLib.
The use of the NULL library causes the PCI option ROM to be enabled, which
can't be trusted as it originates from the hypervisor. The use of the NULL
library also causes a KVM hypervisor error when attempting to map/back the
option ROM region when running an SEV-SNP guest.
Update the various dsc files to reference the OvmfPkg version of the
CcProbeLib library and prevent usage of PCI option ROMs.
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
|
||
|---|---|---|
| .. | ||
| BlobVerifierLibSevHashes | ||
| Grub | ||
| SecretDxe | ||
| SecretPei | ||
| AmdSevX64.dsc | ||
| AmdSevX64.fdf | ||