Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
OvmfPkg/FvbServicesSmm: use the VmgExitLibNull
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3835 The commit ade62c1 caused a boot failure when OVMF is build with SECURE_BOOT/SMM enabled. This happen because the above commit extended the BaseMemEncryptSevLib.inf to include VmgExitLib. The FvbServicesSmm uses the functions provided by the MemEncryptSevLib to clear the memory encryption mask from the page table. It created a dependency, as shown below OvmfPkg/FvbServicesSmm.inf ---> MemEncryptSevLib class ---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance ---> VmgExitLib ---> "OvmfPkg/VmgExitLib" instance ---> LocalApicLib class ---> UefiCpuPkg/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf instance ---> TimerLib class ---> "OvmfPkg/AcpiTimerLib/DxeAcpiTimerLib.inf" instance ---> PciLib class ---> "OvmfPkg/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf" instance The LocalApicLib provides a constructor, execution of the constructor causes an exception. The SEV-ES and SEV-SNP do not support the SMM, so skip including the VmgExitLib chain. Use the module override to use the VmgExitLibNull to avoid the inclusion of unneeded LocalApicLib dependency chain in FvbServicesSmm. We ran similar issue for AmdSevDxe driver, see commit 19914ed After the patch, the dependency look like this: OvmfPkg/FvbServicesSmm.inf ---> MemEncryptSevLib class ---> "OvmfPkg/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf" instance ---> VmgExitLib ---> "UefiCpuPkg/Library/VmgExitLibNull" instance Fixes: ade62c1 Reported-by: Aaron Young <aaron.young@oracle.com> Cc: Dann Frazier <dann.frazier@canonical.com> Cc: Michael Roth <michael.roth@amd.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Min Xu <min.m.xu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Tested-by: dann frazier <dann.frazier@canonical.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
- Loading branch information