From 8772f3f4f50e839e959ad7e436fa247e2fc80a6a Mon Sep 17 00:00:00 2001
From: Jiaqi Gao <jiaqi.gao@intel.com>
Date: Thu, 9 Dec 2021 10:16:36 +0800
Subject: [PATCH] OvmfPkg: enable stack guard for TDVF

- Set the PcdCpuStackGuard to be true.
- Guard page is set to be not present by Split2MPageTo4K() in
  TdxStartupLib.
- Stack switch is set by InitializeCpuExceptionHandlersEx() in
  CpuExceptionHandlerLib.

Signed-off-by: Jiaqi Gao <jiaqi.gao@intel.com>
---
 OvmfPkg/OvmfPkgX64.dsc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index f0dbcb972a2..8449fe221a1 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -638,6 +638,7 @@
   #gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack|FALSE
   gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable|TRUE
   gUefiOvmfPkgTokenSpaceGuid.PcdTdxSetNxForStack|TRUE
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCpuStackGuard|TRUE
 
   # Set memory encryption mask
   gUefiOvmfPkgTokenSpaceGuid.PcdTdxPteMemoryEncryptionAddressOrMask|0x0