summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--OvmfPkg/OvmfPkgX64.fdf7
1 files changed, 6 insertions, 1 deletions
diff --git a/OvmfPkg/OvmfPkgX64.fdf b/OvmfPkg/OvmfPkgX64.fdf
index 71df28705e..6e72cdf345 100644
--- a/OvmfPkg/OvmfPkgX64.fdf
+++ b/OvmfPkg/OvmfPkgX64.fdf
@@ -214,8 +214,13 @@ READ_LOCK_STATUS = TRUE
APRIORI DXE {
INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf
INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf
- INF OvmfPkg/TdxDxe/TdxDxe.inf
+ # AmdSevDxe must be loaded before TdxDxe. Because in SEV guest AmdSevDxe
+ # driver performs a MemEncryptSevClearMmioPageEncMask() call against the
+ # PcdPciExpressBaseAddress range to mark it shared/unencrypted.
+ # Otherwise #VC handler terminates the guest for trying to do MMIO to an
+ # encrypted region (Since the range has not been marked shared/unencrypted).
INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf
+ INF OvmfPkg/TdxDxe/TdxDxe.inf
!if $(SMM_REQUIRE) == FALSE
INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
!endif
generated by cgit (git 2.34.1) at 2025-02-23 07:00:17 +0000