From e64e57a7e831afc8dfd6d2f6429249a9c42c22b1 Mon Sep 17 00:00:00 2001
From: Khalid Ali <khaliidcaliy@gmail.com>
Date: Sat, 29 Nov 2025 09:04:36 +0000
Subject: [PATCH] OvmfPkg/Sec: Refactor SevEsIsEnabled condition in
 SecCoreStartupWithStack

There are two conditions of checking SevEsIsEnabled() when loading IDT,
and the second one is when enabling cache for SEV guests.

This commit combines those two conditions into one, thus eliminating
unnecessary condition after library constructor, Since AsmEnableCache()
and AsmWriteIdtr() don't need any library constructors.

Signed-off-by: Khalid Ali <khaliidcaliy@gmail.com>
---
 OvmfPkg/Sec/SecMain.c | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/OvmfPkg/Sec/SecMain.c b/OvmfPkg/Sec/SecMain.c
index d13a9485094b..06feb2e19952 100644
--- a/OvmfPkg/Sec/SecMain.c
+++ b/OvmfPkg/Sec/SecMain.c
@@ -883,24 +883,21 @@ SecCoreStartupWithStack (
     //
     AsmWriteIdtr (&IdtDescriptor);
     InitializeCpuExceptionHandlers (NULL);
-  }
-
-  ProcessLibraryConstructorList ();
-
-  if (!SevEsIsEnabled ()) {
-    //
-    // For non SEV-ES guests, just load the IDTR.
-    //
-    AsmWriteIdtr (&IdtDescriptor);
-  } else {
     //
     // Under SEV-ES, the hypervisor can't modify CR0 and so can't enable
     // caching in order to speed up the boot. Enable caching early for
     // an SEV-ES guest.
     //
     AsmEnableCache ();
+  } else {
+    //
+    // For non SEV-ES guests, just load the IDTR.
+    //
+    AsmWriteIdtr (&IdtDescriptor);
   }
 
+  ProcessLibraryConstructorList ();
+
  #if defined (TDX_GUEST_SUPPORTED)
   if (CcProbe () == CcGuestTypeIntelTdx) {
     //