]>
Commit | Line | Data |
---|---|---|
2ddacfb6 BS |
1 | /** @file\r |
2 | File defines the Sec routines for the AMD SEV\r | |
3 | \r | |
4 | Copyright (c) 2021, Advanced Micro Devices, Inc. All rights reserved.<BR>\r | |
5 | \r | |
6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
7 | \r | |
8 | **/\r | |
9 | \r | |
10 | #ifndef _AMD_SEV_SEC_INTERNAL_H__\r | |
11 | #define _AMD_SEV_SEC_INTERNAL_H__\r | |
12 | \r | |
13 | /**\r | |
14 | Handle an SEV-ES/GHCB protocol check failure.\r | |
15 | \r | |
16 | Notify the hypervisor using the VMGEXIT instruction that the SEV-ES guest\r | |
17 | wishes to be terminated.\r | |
18 | \r | |
19 | @param[in] ReasonCode Reason code to provide to the hypervisor for the\r | |
20 | termination request.\r | |
21 | \r | |
22 | **/\r | |
23 | VOID\r | |
24 | SevEsProtocolFailure (\r | |
25 | IN UINT8 ReasonCode\r | |
26 | );\r | |
27 | \r | |
28 | /**\r | |
29 | Validate the SEV-ES/GHCB protocol level.\r | |
30 | \r | |
31 | Verify that the level of SEV-ES/GHCB protocol supported by the hypervisor\r | |
32 | and the guest intersect. If they don't intersect, request termination.\r | |
33 | \r | |
34 | **/\r | |
35 | VOID\r | |
36 | SevEsProtocolCheck (\r | |
37 | VOID\r | |
38 | );\r | |
39 | \r | |
40 | /**\r | |
41 | Determine if the SEV is active.\r | |
42 | \r | |
43 | During the early booting, GuestType is set in the work area. Verify that it\r | |
44 | is an SEV guest.\r | |
45 | \r | |
46 | @retval TRUE SEV is enabled\r | |
47 | @retval FALSE SEV is not enabled\r | |
48 | \r | |
49 | **/\r | |
50 | BOOLEAN\r | |
51 | IsSevGuest (\r | |
52 | VOID\r | |
53 | );\r | |
54 | \r | |
55 | /**\r | |
56 | Determine if SEV-ES is active.\r | |
57 | \r | |
58 | During early booting, SEV-ES support code will set a flag to indicate that\r | |
59 | SEV-ES is enabled. Return the value of this flag as an indicator that SEV-ES\r | |
60 | is enabled.\r | |
61 | \r | |
62 | @retval TRUE SEV-ES is enabled\r | |
63 | @retval FALSE SEV-ES is not enabled\r | |
64 | \r | |
65 | **/\r | |
66 | BOOLEAN\r | |
67 | SevEsIsEnabled (\r | |
68 | VOID\r | |
69 | );\r | |
70 | \r | |
202fb22b BS |
71 | /**\r |
72 | Validate System RAM used for decompressing the PEI and DXE firmware volumes\r | |
73 | when SEV-SNP is active. The PCDs SecValidatedStart and SecValidatedEnd are\r | |
74 | set in OvmfPkg/FvmainCompactScratchEnd.fdf.inc.\r | |
75 | \r | |
76 | **/\r | |
77 | VOID\r | |
78 | SecValidateSystemRam (\r | |
79 | VOID\r | |
80 | );\r | |
81 | \r | |
82 | /**\r | |
83 | Determine if SEV-SNP is active.\r | |
84 | \r | |
85 | @retval TRUE SEV-SNP is enabled\r | |
86 | @retval FALSE SEV-SNP is not enabled\r | |
87 | \r | |
88 | **/\r | |
89 | BOOLEAN\r | |
90 | SevSnpIsEnabled (\r | |
91 | VOID\r | |
92 | );\r | |
93 | \r | |
2ddacfb6 | 94 | #endif\r |