From 52a148e6733b04db60ea960192a8158a4f29d71b Mon Sep 17 00:00:00 2001
From: hanliyang <hanliyang@hygon.cn>
Date: Tue, 18 Mar 2025 12:42:27 +0800
Subject: [PATCH] [Bug]Fix boot failure on OvmfPkg/AmdSev and add build process
 that uses AmdSevX64.dsc

to #bug19601

Currently, the OVMF.fd compiled using AmdSevX64.dsc cannot be started
normally because the storage of PcdMemEncryptStatus{Base,Size} is
missing in AmdSevX64.fdf, and this issue needs to be fixed.

In addition, the current edk2.spec will not automatically build the
OVMF.fd using AmdSevX64.dsc. The build process should be added to
edk2.spec.

Signed-off-by: hanliyang <hanliyang@hygon.cn>
---
 ...dd-missing-PcdMemEncryptStatus-Base-.patch | 30 +++++++++++++++++++
 edk2.spec                                     | 19 +++++++++++-
 2 files changed, 48 insertions(+), 1 deletion(-)
 create mode 100644 0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch

diff --git a/0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch b/0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch
new file mode 100644
index 0000000..0e01094
--- /dev/null
+++ b/0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch
@@ -0,0 +1,30 @@
+From a45a13a6fe34ec19c1b83497281dd24d063dd3a3 Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Tue, 18 Mar 2025 11:47:57 +0800
+Subject: [PATCH] OvmfPkg/AmdSev: Add missing PcdMemEncryptStatus{Base,Size} in
+ AmdSevX64.fdf
+
+Signed-off-by: rpm-build <rpm-build>
+---
+ OvmfPkg/AmdSev/AmdSevX64.fdf | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/OvmfPkg/AmdSev/AmdSevX64.fdf b/OvmfPkg/AmdSev/AmdSevX64.fdf
+index 5f239af..4f97921 100644
+--- a/OvmfPkg/AmdSev/AmdSevX64.fdf
++++ b/OvmfPkg/AmdSev/AmdSevX64.fdf
+@@ -74,7 +74,10 @@ gUefiOvmfPkgTokenSpaceGuid.PcdCsvDefaultSecureCallBase|gUefiOvmfPkgTokenSpaceGui
+ 0x010000|0x001000
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCsvCpuidSize
+ 
+-0x011000|0x00F000
++0x011000|0x001000
++gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusBase|gUefiOvmfPkgTokenSpaceGuid.PcdMemEncrpytStatusSize
++
++0x012000|0x00E000
+ gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamBase|gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPeiTempRamSize
+ 
+ 0x020000|0x0E0000
+-- 
+2.25.1
+
diff --git a/edk2.spec b/edk2.spec
index 74eec4f..b2f5e2c 100644
--- a/edk2.spec
+++ b/edk2.spec
@@ -8,7 +8,7 @@ ExclusiveArch: x86_64 aarch64
 
 Name:       edk2
 Version:    %{GITDATE}git%{GITCOMMIT}
-Release:    13%{anolis_release}%{?dist}.5
+Release:    13%{anolis_release}%{?dist}.6
 Summary:    UEFI firmware for 64-bit virtual machines
 Group:      Applications/Emulators
 License:    BSD-2-Clause-Patent and OpenSSL and MIT
@@ -417,6 +417,9 @@ Patch1019: 0048-OvmfPkg-AmdSev-SecretDxe-Allocate-secret-location-as.patch
 Patch1020: 0049-OvmfPkg-AmdSev-Support-full-disk-encryption-based-on.patch
 Patch1021: 0050-OvmfPkg-AmdSev-Support-build-OVMF.fd-using-AmdSevX64.patch
 
+# Fix boot failure on OvmfPkg/AmdSev
+Patch1022: 0051-OvmfPkg-AmdSev-Add-missing-PcdMemEncryptStatus-Base-.patch
+
 # python3-devel and libuuid-devel are required for building tools.
 # python3-devel is also needed for varstore template generation and
 # verification with "ovmf-vars-generator".
@@ -645,6 +648,12 @@ cmp Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
   --skip-testing \
   OVMF_VARS.secboot.fd
 
+# Build using AmdSevX64.dsc with neither SB nor SMM.
+touch OvmfPkg/AmdSev/Grub/grub.efi # dummy
+build ${CC_FLAGS} -D TPM_ENABLE -D FD_SIZE_4MB -a X64 \
+  -D PVSCSI_ENABLE=FALSE -D MPT_SCSI_ENABLE=FALSE \
+  -p OvmfPkg/AmdSev/AmdSevX64.dsc
+
 %else
 # Build with a verbose debug mask first, and stash the binary.
 build ${CC_FLAGS} -a AARCH64 \
@@ -676,6 +685,9 @@ install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
 install -m 0644 Build/Ovmf3264/DEBUG_%{TOOLCHAIN}/FV/OVMF_CODE.fd \
   $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd
 
+install -m 0644 Build/AmdSev/DEBUG_%{TOOLCHAIN}/FV/OVMF.fd \
+  $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF.amdsev.fd
+
 install -m 0644 Build/OvmfX64/DEBUG_%{TOOLCHAIN}/FV/OVMF_VARS.fd \
   $RPM_BUILD_ROOT%{_datadir}/%{name}/ovmf/OVMF_VARS.fd
 install -m 0644 OVMF_VARS.secboot.fd \
@@ -785,6 +797,7 @@ install BaseTools/Scripts/GccBase.lds \
 %dir %{_datadir}/%{name}/ovmf/
 %{_datadir}/%{name}/ovmf/OVMF_CODE.cc.fd
 %{_datadir}/%{name}/ovmf/OVMF_CODE.secboot.fd
+%{_datadir}/%{name}/ovmf/OVMF.amdsev.fd
 %{_datadir}/%{name}/ovmf/OVMF_VARS.fd
 %{_datadir}/%{name}/ovmf/OVMF_VARS.secboot.fd
 %{_datadir}/%{name}/ovmf/UefiShell.iso
@@ -861,6 +874,10 @@ true
 %endif
 
 %changelog
+* Tue Mar 18 2025 hanliyang <hanliyang@hygon.cn> - 20220126gitbb1bba3d77-13.0.1.6
+- Fix boot failure on OvmfPkg/AmdSev
+- Add a build process that uses AmdSevX64.dsc with neither SB nor SMM enabled
+
 * Wed Jan 01 2025 hanliyang <hanliyang@hygon.cn> - 20220126gitbb1bba3d77-13.0.1.5
 - Support build OVMF.fd based on full-disk encryption
 
-- 
Gitee