diff --git a/0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch b/0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch new file mode 100644 index 0000000000000000000000000000000000000000..0e01094de5492fabef1ac8d7c1bf21a49c0bef23 --- /dev/null +++ b/0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch @@ -0,0 +1,30 @@ +From a45a13a6fe34ec19c1b83497281dd24d063dd3a3 Mon Sep 17 00:00:00 2001 +From: rpm-build +Date: Tue, 18 Mar 2025 11:47:57 +0800 +Subject: [PATCH] OvmfPkg/AmdSev: Add missing PcdMemEncryptStatus{Base,Size} in + AmdSevX64.fdf + +Signed-off-by: rpm-build +--- + OvmfPkg/AmdSev/AmdSevX64.fdf | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf +index 5f239af..4f97921 100644 +--- a/OvmfPkg/AmdSev/AmdSevX64.fdf ++++ b/OvmfPkg/AmdSev/AmdSevX64.fdf +@@ -74,7 +74,10 @@ gUefiOvmfPkgTokenSpaceGuid.PcdCsvDefaultSecureCallBase|gUefiOvmfPkgTokenSpaceGui + 0x010000|0x001000 + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidSize + +-0x011000|0x00F000 ++0x011000|0x001000 ++gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase|gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize ++ ++0x012000|0x00E000 + gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize + + 0x020000|0x0E0000 +-- +2.25.1 + diff --git a/edk2.spec b/edk2.spec index 74eec4fdae5e2269d607ad2b4a87a9179ec9a26d..b2f5e2c2eb753e77c64c7bc35b1e688bc39d59d0 100644 --- a/edk2.spec +++ b/edk2.spec @@ -8,7 +8,7 @@ ExclusiveArch: x86_64 aarch64 Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 13%{anolis_release}%{?dist}.5 +Release: 13%{anolis_release}%{?dist}.6 Summary: UEFI firmware for 64-bit virtual machines Group: Applications/Emulators License: BSD-2-Clause-Patent and OpenSSL and MIT @@ -417,6 +417,9 @@ Patch1019: 0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch Patch1020: 0049-OvmfPkg-AmdSev-Support-full-disk-encryption-based-on.patch Patch1021: 0050-OvmfPkg-AmdSev-Support-build-OVMF.fd-using-AmdSevX64.patch +# Fix boot failure on OvmfPkg/AmdSev +Patch1022: 0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch + # python3-devel and libuuid-devel are required for building tools. # python3-devel is also needed for varstore template generation and # verification with "ovmf-vars-generator". @@ -645,6 +648,12 @@ cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ --skip-testing \ OVMF_VARS.secboot.fd +# Build using AmdSevX64.dsc with neither SB nor SMM. +touch OvmfPkg/AmdSev/Grub/grub.efi # dummy +build ${CC_FLAGS} -D TPM_ENABLE -D FD_SIZE_4MB -a X64 \ + -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE \ + -p OvmfPkg/AmdSev/AmdSevX64.dsc + %else # Build with a verbose debug mask first, and stash the binary. build ${CC_FLAGS} -a AARCH64 \ @@ -676,6 +685,9 @@ install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \ $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd +install -m 0644 Build/AmdSev/DEBUG_%{TOOLCHAIN}/FV/OVMF.fd \ + $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF.amdsev.fd + install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \ $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_VARS.fd install -m 0644 OVMF_VARS.secboot.fd \ @@ -785,6 +797,7 @@ install BaseTools/Scripts/GccBase.lds \ %dir %{_datadir}/%{name}/ovmf/ %{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd %{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd +%{_datadir}/%{name}/ovmf/OVMF.amdsev.fd %{_datadir}/%{name}/ovmf/OVMF_VARS.fd %{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd %{_datadir}/%{name}/ovmf/UefiShell.iso @@ -861,6 +874,10 @@ true %endif %changelog +* Tue Mar 18 2025 hanliyang - 20220126gitbb1bba3d77-13.0.1.6 +- Fix boot failure on OvmfPkg/AmdSev +- Add a build process that uses AmdSevX64.dsc with neither SB nor SMM enabled + * Wed Jan 01 2025 hanliyang - 20220126gitbb1bba3d77-13.0.1.5 - Support build OVMF.fd based on full-disk encryption