diff options
| author | Brijesh Singh <brijesh.singh@amd.com> | 2022-02-15 23:16:38 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2022-02-16 06:51:58 +0000 |
| commit | c28e376edc46e6db6e4a551c94b6ac90df0d8d6e (patch) | |
| tree | 90f8a672ddafcdcff9aa38a1ed6702ccf8928a2c /OvmfPkg/CloudHv | |
| parent | 85589ddbf6f8c6dc75f73aa32e484e3cfd439e7a (diff) | |
| download | edk2-c28e376edc46e6db6e4a551c94b6ac90df0d8d6e.zip edk2-c28e376edc46e6db6e4a551c94b6ac90df0d8d6e.tar.gz edk2-c28e376edc46e6db6e4a551c94b6ac90df0d8d6e.tar.bz2 | |
OvmfPkg/FvbServicesSmm: use the VmgExitLibNull
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3835
The commit ade62c18f4742301bbef474ac10518bde5972fba caused a boot failure
when OVMF is build with SECURE_BOOT/SMM enabled.
This happen because the above commit extended the BaseMemEncryptSevLib.inf
to include VmgExitLib. The FvbServicesSmm uses the functions provided
by the MemEncryptSevLib to clear the memory encryption mask from the
page table. It created a dependency, as shown below
OvmfPkg/FvbServicesSmm.inf
---> MemEncryptSevLib class
---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance
---> VmgExitLib
---> "OvmfPkg/VmgExitLib" instance
---> LocalApicLib class
---> UefiCpuPkg/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf instance
---> TimerLib class
---> "OvmfPkg/AcpiTimerLib/DxeAcpiTimerLib.inf" instance
---> PciLib class
---> "OvmfPkg/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf" instance
The LocalApicLib provides a constructor, execution of the constructor
causes an exception. The SEV-ES and SEV-SNP do not support the SMM, so
skip including the VmgExitLib chain. Use the module override to use the
VmgExitLibNull to avoid the inclusion of unneeded LocalApicLib dependency
chain in FvbServicesSmm. We ran similar issue for AmdSevDxe driver,
see commit 19914edc5a0202cc7830f819ffac7e7b2368166a
After the patch, the dependency look like this:
OvmfPkg/FvbServicesSmm.inf
---> MemEncryptSevLib class
---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance
---> VmgExitLib
---> "UefiCpuPkg/Library/VmgExitLibNull" instance
Fixes: ade62c18f4742301bbef474ac10518bde5972fba
Reported-by: Aaron Young <aaron.young@oracle.com>
Cc: Dann Frazier <dann.frazier@canonical.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Tested-by: dann frazier <dann.frazier@canonical.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Diffstat (limited to 'OvmfPkg/CloudHv')
| -rw-r--r-- | OvmfPkg/CloudHv/CloudHvX64.dsc | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc index 8ac9227..3172100 100644 --- a/OvmfPkg/CloudHv/CloudHvX64.dsc +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc @@ -906,7 +906,10 @@ #
# Variable driver stack (SMM)
#
- OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
+ OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf {
+ <LibraryClasses>
+ VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
+ }
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {
<LibraryClasses>
|