OvmfPkg: Use TdHob instead of e820tables to get memory info in TDVF

Currently, TDVF gets LowMemory and FistNonAddress from the e820tables via fw_cfg, while TD-Hob can also provide the memory info of LowMemory and FistNonAddress. In current stage e820tables are not measured but TD-Hob is measured in early phase by TDVF. So, from the security perspective we'd better use the information from TD-Hob instead of e820tables. Cc: Erdem Aktas <erdemaktas@google.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Elena Reshetova <elena.reshetova@intel.com> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
tianocore · Aug 28, 2024 · ce8c3ca · ce8c3ca
1 parent 99e4c8e
commit ce8c3ca
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/OvmfPkg/Library/PlatformInitLib/MemDetect.c b/OvmfPkg/Library/PlatformInitLib/MemDetect.c
@@ -107,6 +107,34 @@ typedef VOID (*E820_SCAN_CALLBACK) (
   EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
   );
 
+STATIC
+EFI_STATUS
+PlatformScanE820Tdx (
+  IN      E820_SCAN_CALLBACK     Callback,
+  IN OUT  EFI_HOB_PLATFORM_INFO  *PlatformInfoHob
+  )
+{
+  EFI_E820_ENTRY64      E820Entry;
+  EFI_PEI_HOB_POINTERS  Hob;
+
+  Hob.Raw = (UINT8 *)(UINTN)FixedPcdGet32 (PcdOvmfSecGhcbBase);
+
+  while (!END_OF_HOB_LIST (Hob)) {
+    if (Hob.Header->HobType == EFI_HOB_TYPE_RESOURCE_DESCRIPTOR) {
+      if (Hob.ResourceDescriptor->ResourceType != EFI_RESOURCE_MEMORY_MAPPED_IO) {
+        E820Entry.BaseAddr = Hob.ResourceDescriptor->PhysicalStart;
+        E820Entry.Length   = Hob.ResourceDescriptor->ResourceLength;
+        E820Entry.Type     = EfiAcpiAddressRangeMemory;
+        Callback (&E820Entry, PlatformInfoHob);
+      }
+    }
+
+    Hob.Raw = (UINT8 *)(Hob.Raw + Hob.Header->HobLength);
+  }
+
+  return EFI_SUCCESS;
+}
+
 /**
   Store first address not used by e820 RAM entries in
   PlatformInfoHob->FirstNonAddress
@@ -347,6 +375,10 @@ PlatformScanE820 (
     return PlatformScanE820Pvh (Callback, PlatformInfoHob);
   }
 
+  if (TdIsEnabled ()) {
+    return PlatformScanE820Tdx (Callback, PlatformInfoHob);
+  }
+
   Status = QemuFwCfgFindFile ("etc/e820", &FwCfgItem, &FwCfgSize);
   if (EFI_ERROR (Status)) {
     return Status;