On 30/03/2022 8:14, Gerd Hoffmann wrote:
On Tue, Mar 29, 2022 at 03:32:36PM +0300, Dov Murik wrote:I saw these, but saw no !include directives in MEMFD areas, which areThanks Gerd for reviewing.We already have a few:
more sensitive because the addresses and sizes must match the
surrounding definitions (unlike a list of INF directive like in
NetworkPkg/Network.fdf.inc or general settings like in
Almost all the MEMFD entries are somehow related to confidentialWould it apply to other OvmfPkg targets? I see similar MEMFD inI'd create one for the confidential computing memory areas,
computing, isn't that the case? For example PcdOvmfWorkAreaBase -- I
see it appears in the *.fdf of almost all targets.
I want to reduce duplication (= extract common parts to an .inc file),
but wonder what would be a clear and safe way to do it.
Extract all the MEMFD entries starting from:
up to (including):
into OvmfMemFdPart1.fdf.inc, and !include it in OvmfPkgX64 and AmdSevX64.
Extract entire MEMFD part from OvmfPkgX64.fdf into OvmfMemFd.fdf.inc.
In the middle of it add something like:
!if $(SEV_LAUNCH_SECRET_ENABLE) == TRUE
and set that DEFINE in AmdSevX64.fdf only.
Not sure about CloudHvX64.fdf, as far I know it does not supportThe TDX series ("[PATCH V12 00/47] Enable Intel TDX in OvmfPkg
(Config-A)") modifies CloudHvX64.*, and also the CloudHv/README mentions
TDX. So I assume they intend to support it.