12 files changed, 479 insertions, 7 deletions
diff --git a/OvmfPkg/Include/Dsc/OvmfOptHwComponents.dsc.inc b/OvmfPkg/Include/Dsc/OvmfOptHwComponents.dsc.inc
new file mode 100644
index 0000000..e3f955e
--- /dev/null
+++ b/OvmfPkg/Include/Dsc/OvmfOptHwComponents.dsc.inc
@@ -0,0 +1,25 @@
+##
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# optional hardware support components
+##
+
+!if $(PVSCSI_ENABLE) == TRUE
+  OvmfPkg/PvScsiDxe/PvScsiDxe.inf
+!endif
+!if $(MPT_SCSI_ENABLE) == TRUE
+  OvmfPkg/MptScsiDxe/MptScsiDxe.inf
+!endif
+!if $(LSI_SCSI_ENABLE) == TRUE
+  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
+!endif
+!if $(SDCARD_ENABLE) == TRUE
+  MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHcDxe.inf {
+    <LibraryClasses>
+      UefiDriverEntryPoint|OvmfPkg/Library/UefiDriverEntryPointFwCfgOverrideLib/UefiDriverEntryPointFwCfgOverrideLib.inf
+    <PcdsFixedAtBuild>
+      gUefiOvmfPkgTokenSpaceGuid.PcdEntryPointOverrideFwCfgVarName|"opt/org.tianocore/SDCardSupport"
+  }
+  MdeModulePkg/Bus/Sd/SdDxe/SdDxe.inf
+  MdeModulePkg/Bus/Sd/EmmcDxe/EmmcDxe.inf
+!endif
diff --git a/OvmfPkg/Include/Dsc/OvmfOptHwDefines.dsc.inc b/OvmfPkg/Include/Dsc/OvmfOptHwDefines.dsc.inc
new file mode 100644
index 0000000..198de48
--- /dev/null
+++ b/OvmfPkg/Include/Dsc/OvmfOptHwDefines.dsc.inc
@@ -0,0 +1,10 @@
+##
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# optional hardware support components
+##
+
+  DEFINE PVSCSI_ENABLE           = FALSE
+  DEFINE MPT_SCSI_ENABLE         = FALSE
+  DEFINE LSI_SCSI_ENABLE         = FALSE
+  DEFINE SDCARD_ENABLE           = TRUE
diff --git a/OvmfPkg/Include/Dsc/OvmfTlsLibs.dsc.inc b/OvmfPkg/Include/Dsc/OvmfTlsLibs.dsc.inc
new file mode 100644
index 0000000..894d128
--- /dev/null
+++ b/OvmfPkg/Include/Dsc/OvmfTlsLibs.dsc.inc
@@ -0,0 +1,16 @@
+##
+#    SPDX-License-Identifier: BSD-2-Clause-Patent
+##
+
+[LibraryClasses]
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!if $(NETWORK_TLS_ENABLE) == TRUE
+!if $(FD_SIZE_IN_KB) < 4096
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+!else
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf
+!endif
+  TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
+!else
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+!endif
diff --git a/OvmfPkg/Include/Fdf/OvmfOptHw.fdf.inc b/OvmfPkg/Include/Fdf/OvmfOptHw.fdf.inc
new file mode 100644
index 0000000..ec63f9b
--- /dev/null
+++ b/OvmfPkg/Include/Fdf/OvmfOptHw.fdf.inc
@@ -0,0 +1,20 @@
+##
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+# optional hardware support components
+##
+
+!if $(PVSCSI_ENABLE) == TRUE
+INF  OvmfPkg/PvScsiDxe/PvScsiDxe.inf
+!endif
+!if $(MPT_SCSI_ENABLE) == TRUE
+INF  OvmfPkg/MptScsiDxe/MptScsiDxe.inf
+!endif
+!if $(LSI_SCSI_ENABLE) == TRUE
+INF  OvmfPkg/LsiScsiDxe/LsiScsiDxe.inf
+!endif
+!if $(SDCARD_ENABLE) == TRUE
+INF MdeModulePkg/Bus/Pci/SdMmcPciHcDxe/SdMmcPciHcDxe.inf
+INF MdeModulePkg/Bus/Sd/SdDxe/SdDxe.inf
+INF MdeModulePkg/Bus/Sd/EmmcDxe/EmmcDxe.inf
+!endif
diff --git a/OvmfPkg/Include/Fdf/OvmfPkgDefines.fdf.inc b/OvmfPkg/Include/Fdf/OvmfPkgDefines.fdf.inc
index 6170c59..e2543a1 100644
--- a/OvmfPkg/Include/Fdf/OvmfPkgDefines.fdf.inc
+++ b/OvmfPkg/Include/Fdf/OvmfPkgDefines.fdf.inc
@@ -45,9 +45,9 @@ DEFINE FW_BLOCKS         = 0x200
 DEFINE CODE_BASE_ADDRESS = 0xFFE20000
 DEFINE CODE_SIZE         = 0x001E0000
 DEFINE CODE_BLOCKS       = 0x1E0
-DEFINE FVMAIN_SIZE       = 0x001AC000
-DEFINE SECFV_OFFSET      = 0x001CC000
-DEFINE SECFV_SIZE        = 0x34000
+DEFINE FVMAIN_SIZE       = 0x001BC000
+DEFINE SECFV_OFFSET      = 0x001DC000
+DEFINE SECFV_SIZE        = 0x24000
 !endif
 
 !if $(FD_SIZE_IN_KB) == 4096
diff --git a/OvmfPkg/Include/IndustryStandard/IntelTdx.h b/OvmfPkg/Include/IndustryStandard/IntelTdx.h
index cc849be..e80688c 100644
--- a/OvmfPkg/Include/IndustryStandard/IntelTdx.h
+++ b/OvmfPkg/Include/IndustryStandard/IntelTdx.h
@@ -17,11 +17,14 @@
 #define MP_CPU_PROTECTED_MODE_MAILBOX_APICID_INVALID    0xFFFFFFFF
 #define MP_CPU_PROTECTED_MODE_MAILBOX_APICID_BROADCAST  0xFFFFFFFE
 
+//
+// This enum is defined for the use of Intel TDX Guest.
+// TDX Guest CPUs wait for below commands and do corresponding tasks.
+//
 typedef enum {
   MpProtectedModeWakeupCommandNoop        = 0,
   MpProtectedModeWakeupCommandWakeup      = 1,
-  MpProtectedModeWakeupCommandSleep       = 2,
-  MpProtectedModeWakeupCommandAcceptPages = 3,
+  MpProtectedModeWakeupCommandAcceptPages = 2,
 } MP_CPU_PROTECTED_MODE_WAKEUP_CMD;
 
 #pragma pack(1)
@@ -60,6 +63,7 @@ typedef struct {
 typedef struct {
   UINT8    *RelocateApLoopFuncAddress;
   UINTN    RelocateApLoopFuncSize;
+  UINT8    *RelocateApResetVector;
 } MP_RELOCATION_MAP;
 
 #pragma pack()
diff --git a/OvmfPkg/Include/IndustryStandard/QemuUefiVars.h b/OvmfPkg/Include/IndustryStandard/QemuUefiVars.h
new file mode 100644
index 0000000..484bf79
--- /dev/null
+++ b/OvmfPkg/Include/IndustryStandard/QemuUefiVars.h
@@ -0,0 +1,50 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause-Patent
+ *
+ * uefi-vars device - API of the virtual device for guest/host communication.
+ *
+ * copied from qemu.git (include/hw/uefi/var-service-api.h)
+ */
+
+#ifndef QEMU_UEFI_VAR_SERVICE_API_H
+#define QEMU_UEFI_VAR_SERVICE_API_H
+
+/* qom: device names */
+#define TYPE_UEFI_VARS_X64     "uefi-vars-x64"
+#define TYPE_UEFI_VARS_SYSBUS  "uefi-vars-sysbus"
+
+/* sysbus: fdt node path */
+#define UEFI_VARS_FDT_NODE    "qemu-uefi-vars"
+#define UEFI_VARS_FDT_COMPAT  "qemu,uefi-vars"
+
+/* registers */
+#define UEFI_VARS_REG_MAGIC                0x00    /* 16 bit */
+#define UEFI_VARS_REG_CMD_STS              0x02    /* 16 bit */
+#define UEFI_VARS_REG_BUFFER_SIZE          0x04    /* 32 bit */
+#define UEFI_VARS_REG_DMA_BUFFER_ADDR_LO   0x08    /* 32 bit */
+#define UEFI_VARS_REG_DMA_BUFFER_ADDR_HI   0x0c    /* 32 bit */
+#define UEFI_VARS_REG_PIO_BUFFER_TRANSFER  0x10    /* 8-64 bit */
+#define UEFI_VARS_REG_PIO_BUFFER_CRC32C    0x18    /* 32 bit (read-only) */
+#define UEFI_VARS_REG_FLAGS                0x1c    /* 32 bit */
+#define UEFI_VARS_REGS_SIZE                0x20
+
+/* flags register */
+#define UEFI_VARS_FLAG_USE_PIO  (1 << 0)
+
+/* magic value */
+#define UEFI_VARS_MAGIC_VALUE  0xef1
+
+/* command values */
+#define UEFI_VARS_CMD_RESET            0x01
+#define UEFI_VARS_CMD_DMA_MM           0x02
+#define UEFI_VARS_CMD_PIO_MM           0x03
+#define UEFI_VARS_CMD_PIO_ZERO_OFFSET  0x04
+
+/* status values */
+#define UEFI_VARS_STS_SUCCESS              0x00
+#define UEFI_VARS_STS_BUSY                 0x01
+#define UEFI_VARS_STS_ERR_UNKNOWN          0x10
+#define UEFI_VARS_STS_ERR_NOT_SUPPORTED    0x11
+#define UEFI_VARS_STS_ERR_BAD_BUFFER_SIZE  0x12
+
+#endif /* QEMU_UEFI_VAR_SERVICE_API_H */
diff --git a/OvmfPkg/Include/Library/MemDebugLogLib.h b/OvmfPkg/Include/Library/MemDebugLogLib.h
new file mode 100644
index 0000000..6dde585
--- /dev/null
+++ b/OvmfPkg/Include/Library/MemDebugLogLib.h
@@ -0,0 +1,214 @@
+/** @file
+  Interface functions for the Memory Debug Log Library.
+
+  Copyright (C) 2025, Oracle and/or its affiliates.
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef _MEM_DEBUG_LOG_LIB_H_
+#define _MEM_DEBUG_LOG_LIB_H_
+
+#include <Uefi/UefiBaseType.h>
+#include <Base.h>
+
+//
+// Cap max buffer at 2MB (0x200 4K pages)
+//
+#define MAX_MEM_DEBUG_LOG_PAGES  0x200
+
+#define MEM_DEBUG_LOG_MAGIC1  0x3167646d666d766f  // "ovmfmdg1"
+#define MEM_DEBUG_LOG_MAGIC2  0x3267646d666d766f  // "ovmfmdg2"
+
+#pragma pack(1)
+//
+// Mem Debug Log buffer header.
+// The Log buffer is circular. Only the most
+// recent messages are retained. Older messages
+// will be discarded if the buffer overflows.
+// The Debug Log starts just after the header.
+//
+typedef struct {
+  //
+  // Magic values
+  // These fields are used by tools to locate the buffer in
+  // memory. These MUST be the first two fields of the structure.
+  // Use a 128 bit Magic to vastly reduce the possibility of
+  // a collision with random data in memory.
+  UINT64             Magic1;
+  UINT64             Magic2;
+  //
+  // Header Size
+  // This MUST be the third field of the structure
+  //
+  UINT64             HeaderSize;
+  //
+  // Debug log size (minus header)
+  //
+  UINT64             DebugLogSize;
+  //
+  // Protect the log from potential MP access (by APs during
+  // vCPU init) to maintain integrity of the Head/Tail Offsets.
+  // NOTE: MemDebugLogLock is used as a SPIN_LOCK (which is type
+  // UINTN). Thus, we declared it as a UINT64 to ensure a
+  // consistent structure size.
+  //
+  volatile UINT64    MemDebugLogLock;
+  //
+  // Debug log head offset
+  //
+  UINT64             DebugLogHeadOffset;
+  //
+  //  Debug log tail offset
+  //
+  UINT64             DebugLogTailOffset;
+  //
+  // Flag to indicate if the buffer wrapped and was thus truncated.
+  //
+  UINT64             Truncated;
+  //
+  // Firmware Build Version (PcdFirmwareVersionString)
+  //
+  CHAR8              FirmwareVersion[128];
+} MEM_DEBUG_LOG_HDR;
+
+//
+// HOB used to pass the mem debug log buffer addr from PEI to DXE
+//
+typedef struct {
+  EFI_PHYSICAL_ADDRESS    MemDebugLogBufAddr;
+} MEM_DEBUG_LOG_HOB_DATA;
+
+#pragma pack()
+
+/**
+  Write a CHAR8 string to the memory debug log.
+  This is the interface function used by DebugLib.
+  There are several versions for each boot
+  phase (i.e. SEC, PEI, DXE, Runtime).
+  Each version will obtain the proper memory debug log
+  buffer address and call MemDebugLogWriteBuffer().
+
+  @param[in] Buffer              The buffer containing the string of CHAR8s
+
+  @param[in] Length              The buffer length (number of CHAR8s)
+                                 not including the NULL terminator byte.
+
+  @retval RETURN_SUCCESS         String succcessfully written to the memory log buffer.
+
+  @retval RETURN_NOT_FOUND       Memory log buffer is not properly initialized.
+
+  @retval EFI_INVALID_PARAMETER   Invalid input parameters.
+**/
+EFI_STATUS
+EFIAPI
+MemDebugLogWrite (
+  IN  CHAR8  *Buffer,
+  IN  UINTN  Length
+  );
+
+/**
+  Return the memory debug log buffer size (in pages).
+  This function is implemented by PEIM version of
+  MemDebugLogLib only.
+
+  @retval UINT32                 Buffer size in pages
+**/
+UINT32
+EFIAPI
+MemDebugLogPages (
+  VOID
+  );
+
+/**
+  Write a CHAR8 string to a memory debug log circular
+  buffer located at the given address.
+
+  @param MemDebugLogBufAddr       Address of the memory debug log buffer.
+
+  @param Buffer                   Pointer to a CHAR8 string to write to the
+                                  debug log buffer.
+
+  @param Length                   Length of the CHAR8 string to write to the
+                                  debug log buffer. Not including NULL terminator
+                                  byte.
+
+  @retval RETURN_SUCCESS          String succcessfully written to the memory log buffer.
+
+  @retval RETURN_NOT_FOUND        Memory log buffer is not properly initialized.
+
+  @retval EFI_INVALID_PARAMETER   Invalid input parameters.
+**/
+EFI_STATUS
+EFIAPI
+MemDebugLogWriteBuffer (
+  IN EFI_PHYSICAL_ADDRESS  MemDebugLogBufAddr,
+  IN CHAR8                 *Buffer,
+  IN UINTN                 Length
+  );
+
+/**
+  Initialize the memory debug log buffer header
+
+  @param MemDebugLogBufAddr       Address of the memory debug log buffer.
+
+  @param MemDebugLogBufSize       Size of the memory debug log buffer.
+
+  @retval RETURN_SUCCESS          Log buffer successfully initialized.
+
+  @retval EFI_INVALID_PARAMETER   Invalid input parameters.
+**/
+EFI_STATUS
+EFIAPI
+MemDebugLogInit (
+  IN EFI_PHYSICAL_ADDRESS  MemDebugLogBufAddr,
+  UINT32                   MemDebugLogBufSize
+  );
+
+/**
+  Copy the memory debug log buffer
+
+  @param MemDebugLogBufDestAddr   Address of destination memory debug log buffer.
+
+  @param MemDebugLogBufSrcAddr    Address of source memory debug log buffer.
+
+  @retval RETURN_SUCCESS          Log buffer successfuly copied.
+
+  @retval EFI_INVALID_PARAMETER   Invalid input parameters.
+**/
+EFI_STATUS
+EFIAPI
+MemDebugLogCopy (
+  IN EFI_PHYSICAL_ADDRESS  MemDebugLogBufDestAddr,
+  IN EFI_PHYSICAL_ADDRESS  MemDebugLogBufSrcAddr
+  );
+
+/**
+  Obtain the Memory Debug Log Buffer Addr from the HOB
+
+  @param MemDebugLogBufAddr       Address of memory debug log buffer.
+
+  @retval RETURN_SUCCESS          Log buffer address successfuly obtained.
+
+  @retval EFI_NOT_FOUND           HOB not found.
+**/
+EFI_STATUS
+EFIAPI
+MemDebugLogAddrFromHOB (
+  EFI_PHYSICAL_ADDRESS  *MemDebugLogBufAddr
+  );
+
+/**
+  Return whether the Memory Debug Logging feature is enabled
+
+  @retval TRUE                    Feature is enabled
+
+  @retval FALSE                   Feature is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemDebugLogEnabled (
+  VOID
+  );
+
+#endif // _MEM_DEBUG_LOG_LIB_H_
diff --git a/OvmfPkg/Include/Library/PlatformInitLib.h b/OvmfPkg/Include/Library/PlatformInitLib.h
index 2d9c662..dc0c280 100644
--- a/OvmfPkg/Include/Library/PlatformInitLib.h
+++ b/OvmfPkg/Include/Library/PlatformInitLib.h
@@ -64,6 +64,7 @@ typedef struct {
   UINT32                   S3AcpiReservedMemoryBase;
   UINT32                   S3AcpiReservedMemorySize;
 
+  BOOLEAN                  FeatureControl;
   UINT64                   FeatureControlValue;
 
   BOOLEAN                  QemuFwCfgChecked;
diff --git a/OvmfPkg/Include/Library/VirtNorFlashDeviceLib.h b/OvmfPkg/Include/Library/VirtNorFlashDeviceLib.h
new file mode 100644
index 0000000..d6a6816
--- /dev/null
+++ b/OvmfPkg/Include/Library/VirtNorFlashDeviceLib.h
@@ -0,0 +1,126 @@
+/** @file  VirtNorFlashDeviceLib.h
+
+  Copyright (c) 2011 - 2014, ARM Ltd. All rights reserved.<BR>
+  Copyright (c) 2025, Ventana Micro Systems Inc. All rights reserved.<BR>
+
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef VIRT_NOR_FLASH_DEVICE_LIB_H
+#define VIRT_NOR_FLASH_DEVICE_LIB_H
+
+// Each command must be sent simultaneously to both chips,
+// i.e. at the lower 16 bits AND at the higher 16 bits
+#define CREATE_NOR_ADDRESS(BaseAddr, OffsetAddr)       ((BaseAddr) + ((OffsetAddr) << 2))
+#define CREATE_DUAL_CMD(Cmd)                           ( ( Cmd << 16) | ( Cmd & LOW_16_BITS) )
+#define SEND_NOR_COMMAND(BaseAddr, Offset, Cmd)        MmioWrite32 (CREATE_NOR_ADDRESS(BaseAddr,Offset), CREATE_DUAL_CMD(Cmd))
+#define GET_NOR_BLOCK_ADDRESS(BaseAddr, Lba, LbaSize)  ( BaseAddr + (UINTN)((Lba) * LbaSize) )
+
+EFI_STATUS
+EFIAPI
+NorFlashWriteBuffer (
+  IN  UINTN   DeviceBaseAddress,
+  IN  UINTN   TargetAddress,
+  IN  UINTN   BufferSizeInBytes,
+  IN  UINT32  *Buffer
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashWriteSingleBlock (
+  IN  UINTN      DeviceBaseAddress,
+  IN  UINTN      RegionBaseAddress,
+  IN  EFI_LBA    Lba,
+  IN  UINT32     LastBlock,
+  IN  UINT32     BlockSize,
+  IN  UINTN      Size,
+  IN  UINTN      Offset,
+  IN OUT  UINTN  *NumBytes,
+  IN  UINT8      *Buffer,
+  IN  VOID       *ShadowBuffer
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashWriteBlocks (
+  IN  UINTN    DeviceBaseAddress,
+  IN  UINTN    RegionBaseAddress,
+  IN  EFI_LBA  Lba,
+  IN  EFI_LBA  LastBlock,
+  IN  UINT32   BlockSize,
+  IN  UINTN    BufferSizeInBytes,
+  IN  VOID     *Buffer
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashReadBlocks (
+  IN  UINTN    DeviceBaseAddress,
+  IN  UINTN    RegionBaseAddress,
+  IN  EFI_LBA  Lba,
+  IN  EFI_LBA  LastBlock,
+  IN  UINT32   BlockSize,
+  IN  UINTN    BufferSizeInBytes,
+  OUT  VOID    *Buffer
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashRead (
+  IN  UINTN    DeviceBaseAddress,
+  IN  UINTN    RegionBaseAddress,
+  IN  EFI_LBA  Lba,
+  IN  UINT32   BlockSize,
+  IN  UINTN    Size,
+  IN  UINTN    Offset,
+  IN  UINTN    BufferSizeInBytes,
+  OUT  VOID    *Buffer
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashEraseSingleBlock (
+  IN  UINTN  DeviceBaseAddress,
+  IN  UINTN  BlockAddress
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashUnlockSingleBlockIfNecessary (
+  IN  UINTN  DeviceBaseAddress,
+  IN  UINTN  BlockAddress
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashWriteSingleWord (
+  IN  UINTN   DeviceBaseAddress,
+  IN  UINTN   WordAddress,
+  IN  UINT32  WriteData
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashWriteFullBlock (
+  IN  UINTN    DeviceBaseAddress,
+  IN  UINTN    RegionBaseAddress,
+  IN  EFI_LBA  Lba,
+  IN  UINT32   *DataBuffer,
+  IN  UINT32   BlockSizeInWords
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashUnlockAndEraseSingleBlock (
+  IN  UINTN  DeviceBaseAddress,
+  IN  UINTN  BlockAddress
+  );
+
+EFI_STATUS
+EFIAPI
+NorFlashReset (
+  IN  UINTN  DeviceBaseAddress
+  );
+
+#endif /* VIRT_NOR_FLASH_DEVICE_LIB_H */
diff --git a/OvmfPkg/Include/TdxCommondefs.inc b/OvmfPkg/Include/TdxCommondefs.inc
index a29d2fa..b49a830 100644
--- a/OvmfPkg/Include/TdxCommondefs.inc
+++ b/OvmfPkg/Include/TdxCommondefs.inc
@@ -41,8 +41,7 @@ ERROR_INVALID_FALLBACK_PAGE_LEVEL         equ       3
 
 MpProtectedModeWakeupCommandNoop          equ       0
 MpProtectedModeWakeupCommandWakeup        equ       1
-MpProtectedModeWakeupCommandSleep         equ       2
-MpProtectedModeWakeupCommandAcceptPages   equ       3
+MpProtectedModeWakeupCommandAcceptPages   equ       2
 
 MailboxApicIdInvalid                      equ       0xffffffff
 MailboxApicidBroadcast                    equ       0xfffffffe
diff --git a/OvmfPkg/Include/WorkArea.h b/OvmfPkg/Include/WorkArea.h
index e3b415d..3b9ea04 100644
--- a/OvmfPkg/Include/WorkArea.h
+++ b/OvmfPkg/Include/WorkArea.h
@@ -12,6 +12,7 @@
 
 #include <ConfidentialComputingGuestAttr.h>
 #include <IndustryStandard/Tpm20.h>
+#include <Library/BaseLib.h>
 
 //
 // Confidential computing work area header definition. Any change
@@ -85,6 +86,11 @@ typedef struct _TDX_MEASUREMENTS_DATA {
   UINT8     CfvImgHashValue[SHA384_DIGEST_SIZE];
 } TDX_MEASUREMENTS_DATA;
 
+#define MAILBOX_GDT_SIZE  (sizeof(IA32_SEGMENT_DESCRIPTOR) * 5)
+typedef struct _MAILBOX_GDT {
+  IA32_DESCRIPTOR    Gdtr;
+  UINT8              Data[MAILBOX_GDT_SIZE];
+} MAILBOX_GDT;
 //
 // The TDX work area definition
 //
@@ -98,6 +104,7 @@ typedef struct _SEC_TDX_WORK_AREA {
 typedef struct _TDX_WORK_AREA {
   CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER    Header;
   SEC_TDX_WORK_AREA                          SecTdxWorkArea;
+  MAILBOX_GDT                                MailboxGdt;
 } TDX_WORK_AREA;
 
 //