OvmfPkg/Bhyve/PlatformPei/AmdSev.c

   1 /**@file
   2   Initialize Secure Encrypted Virtualization (SEV) support
   3
   4   Copyright (c) 2017, Advanced Micro Devices. All rights reserved.<BR>
   5
   6   SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9 //
  10 // The package level header files this module uses
  11 //
  12 #include <IndustryStandard/Q35MchIch9.h>
  13 #include <Library/DebugLib.h>
  14 #include <Library/HobLib.h>
  15 #include <Library/MemEncryptSevLib.h>
  16 #include <Library/PcdLib.h>
  17 #include <PiPei.h>
  18 #include <Register/Amd/Cpuid.h>
  19 #include <Register/Cpuid.h>
  20 #include <Register/Intel/SmramSaveStateMap.h>
  21
  22 #include "Platform.h"
  23
  24 /**
  25
  26   Function checks if SEV support is available, if present then it sets
  27   the dynamic PcdPteMemoryEncryptionAddressOrMask with memory encryption mask.
  28
  29   **/
  30 VOID
  31 AmdSevInitialize (
  32   VOID
  33   )
  34 {
  35   CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;
  36   UINT64                            EncryptionMask;
  37   RETURN_STATUS                     PcdStatus;
  38
  39   //
  40   // Check if SEV is enabled
  41   //
  42   if (!MemEncryptSevIsEnabled ()) {
  43     return;
  44   }
  45
  46   //
  47   // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
  48   //
  49   AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
  50   EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
  51
  52   //
  53   // Set Memory Encryption Mask PCD
  54   //
  55   PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask);
  56   ASSERT_RETURN_ERROR (PcdStatus);
  57
  58   DEBUG ((DEBUG_INFO, "SEV is enabled (mask 0x%lx)\n", EncryptionMask));
  59
  60   //
  61   // Set Pcd to Deny the execution of option ROM when security
  62   // violation.
  63   //
  64   PcdStatus = PcdSet32S (PcdOptionRomImageVerificationPolicy, 0x4);
  65   ASSERT_RETURN_ERROR (PcdStatus);
  66
  67   //
  68   // When SMM is required, cover the pages containing the initial SMRAM Save
  69   // State Map with a memory allocation HOB:
  70   //
  71   // There's going to be a time interval between our decrypting those pages for
  72   // SMBASE relocation and re-encrypting the same pages after SMBASE
  73   // relocation. We shall ensure that the DXE phase stay away from those pages
  74   // until after re-encryption, in order to prevent an information leak to the
  75   // hypervisor.
  76   //
  77   if (FeaturePcdGet (PcdSmmSmramRequire) && (mBootMode != BOOT_ON_S3_RESUME)) {
  78     RETURN_STATUS LocateMapStatus;
  79     UINTN         MapPagesBase;
  80     UINTN         MapPagesCount;
  81
  82     LocateMapStatus = MemEncryptSevLocateInitialSmramSaveStateMapPages (
  83                         &MapPagesBase,
  84                         &MapPagesCount
  85                         );
  86     ASSERT_RETURN_ERROR (LocateMapStatus);
  87
  88     if (mQ35SmramAtDefaultSmbase) {
  89       //
  90       // The initial SMRAM Save State Map has been covered as part of a larger
  91       // reserved memory allocation in InitializeRamRegions().
  92       //
  93       ASSERT (SMM_DEFAULT_SMBASE <= MapPagesBase);
  94       ASSERT (
  95         (MapPagesBase + EFI_PAGES_TO_SIZE (MapPagesCount) <=
  96          SMM_DEFAULT_SMBASE + MCH_DEFAULT_SMBASE_SIZE)
  97         );
  98     } else {
  99       BuildMemoryAllocationHob (
 100         MapPagesBase,                      // BaseAddress
 101         EFI_PAGES_TO_SIZE (MapPagesCount), // Length
 102         EfiBootServicesData                // MemoryType
 103         );
 104     }
 105   }
 106 }