From e46baa61e83d474b753cf2930e754eacfee268fd Mon Sep 17 00:00:00 2001
From: fangbaoshun <fangbaoshun@hygon.cn>
Date: Wed, 24 Jan 2024 13:49:51 +0800
Subject: [PATCH] Commit 079a582 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch
 secret area as reserved") marked the launch secret area itself (1 page) as
 reserved so the guest OS can use it during the lifetime of the OS. However,
 the address and size of the secret area held in the
 CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct are declared as STATIC in OVMF
 (in AmdSev/SecretDxe); therefore there's no guarantee that it will not be
 written over by OS data.

Fix this by allocating the memory for the
CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct with the
EfiACPIReclaimMemory memory type to ensure the guest OS will not reuse
this memory.

Fixes: 079a582 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret ...")
Signed-off-by: fangbaoshun <fangbaoshun@hygon.cn>
---
 ...ecretDxe-Allocate-secret-location-as.patch | 73 +++++++++++++++++++
 edk2.spec                                     |  6 ++
 2 files changed, 79 insertions(+)
 create mode 100644 0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch

diff --git a/0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch b/0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch
new file mode 100644
index 0000000..e80d369
--- /dev/null
+++ b/0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch
@@ -0,0 +1,73 @@
+From 02916fa2f7b92b060bbdc70b2083d0fcf6139624 Mon Sep 17 00:00:00 2001
+From: Dov Murik <dovmurik@linux.ibm.com>
+Date: Thu, 15 Dec 2022 13:11:51 +0000
+Subject: [PATCH] OvmfPkg/AmdSev/SecretDxe: Allocate secret location as
+ EfiACPIReclaimMemory
+
+BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4186
+
+Commit 079a58276b98 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret
+area as reserved") marked the launch secret area itself (1 page) as
+reserved so the guest OS can use it during the lifetime of the OS.
+However, the address and size of the secret area held in the
+CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct are declared as STATIC in
+OVMF (in AmdSev/SecretDxe); therefore there's no guarantee that it will
+not be written over by OS data.
+
+Fix this by allocating the memory for the
+CONFIDENTIAL_COMPUTING_SECRET_LOCATION struct with the
+EfiACPIReclaimMemory memory type to ensure the guest OS will not reuse
+this memory.
+
+Fixes: 079a58276b98 ("OvmfPkg/AmdSev/SecretPei: Mark SEV launch secret ...")
+Signed-off-by: Dov Murik <dovmurik@linux.ibm.com>
+Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
+Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
+---
+ OvmfPkg/AmdSev/SecretDxe/SecretDxe.c | 22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+diff --git a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
+index 934ad20..c851176 100644
+--- a/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
++++ b/OvmfPkg/AmdSev/SecretDxe/SecretDxe.c
+@@ -8,11 +8,6 @@
+ #include <Library/UefiBootServicesTableLib.h>
+ #include <Guid/ConfidentialComputingSecret.h>
+ 
+-STATIC CONFIDENTIAL_COMPUTING_SECRET_LOCATION mSecretDxeTable = {
+-  FixedPcdGet32 (PcdSevLaunchSecretBase),
+-  FixedPcdGet32 (PcdSevLaunchSecretSize),
+-};
+-
+ EFI_STATUS
+ EFIAPI
+ InitializeSecretDxe(
+@@ -20,8 +15,23 @@ InitializeSecretDxe(
+   IN EFI_SYSTEM_TABLE     *SystemTable
+   )
+ {
++  EFI_STATUS                              Status;
++  CONFIDENTIAL_COMPUTING_SECRET_LOCATION  *SecretDxeTable;
++
++  Status = gBS->AllocatePool (
++                  EfiACPIReclaimMemory,
++                  sizeof (CONFIDENTIAL_COMPUTING_SECRET_LOCATION),
++                  (VOID **)&SecretDxeTable
++                  );
++  if (EFI_ERROR (Status)) {
++    return Status;
++  }
++
++  SecretDxeTable->Base = FixedPcdGet32 (PcdSevLaunchSecretBase);
++  SecretDxeTable->Size = FixedPcdGet32 (PcdSevLaunchSecretSize);
++
+   return gBS->InstallConfigurationTable (
+                 &gConfidentialComputingSecretGuid,
+-                &mSecretDxeTable
++                SecretDxeTable
+                 );
+ }
+-- 
+2.41.0
+
diff --git a/edk2.spec b/edk2.spec
index 65d7309..edcb979 100644
--- a/edk2.spec
+++ b/edk2.spec
@@ -85,6 +85,8 @@ Patch1017: 0046-anolis-OvmfPkg-BaseMemEncryptLib-Return-SUCCESS-if-n.patch
 # Fix the isue that interrupt is enabled in MMIO VC handler
 Patch1018: 0047-anolis-OvmfPkg-BaseMemEncryptLib-Save-memory-encrypt.patch
 
+Patch1019: 0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch
+
 # python3-devel and libuuid-devel are required for building tools.
 # python3-devel is also needed for varstore template generation and
 # verification with "ovmf-vars-generator".
@@ -527,6 +529,10 @@ true
 %endif
 
 %changelog
+* Wed Jan 24 2024 Baoshun Fang <fangbaoshun@hygon.cn> - 20220126gitbb1bba3d77-6.0.3
+- 0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch
+- Resolves: bz#8033
+
 * Thu Jan 11 2024 Xin Jiang <jiangxin@hygon.cn> - 20220126gitbb1bba3d77-6.0.2
 - 0047-anolis-OvmfPkg-BaseMemEncryptLib-Save-memory-encrypt.patch
 - Fix the isue that interrupt is enabled in MMIO VC handler
-- 
Gitee