3 Secure Encrypted Virtualization (SEV) library helper function
5 Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
7 SPDX-License-Identifier: BSD-2-Clause-Patent
11 #include <Library/BaseLib.h>
12 #include <Library/DebugLib.h>
13 #include <Library/MemEncryptSevLib.h>
14 #include <Library/PcdLib.h>
15 #include <Register/Amd/Cpuid.h>
16 #include <Register/Amd/Msr.h>
17 #include <Register/Cpuid.h>
18 #include <Uefi/UefiBaseType.h>
21 Read the workarea to determine whether SEV is enabled. If enabled,
22 then return the SevEsWorkArea pointer.
26 SEC_SEV_ES_WORK_AREA
*
32 OVMF_WORK_AREA
*WorkArea
;
34 WorkArea
= (OVMF_WORK_AREA
*)FixedPcdGet32 (PcdOvmfWorkAreaBase
);
37 // If its not SEV guest then SevEsWorkArea is not valid.
39 if ((WorkArea
== NULL
) || (WorkArea
->Header
.GuestType
!= CcGuestTypeAmdSev
)) {
43 return (SEC_SEV_ES_WORK_AREA
*)FixedPcdGet32 (PcdSevEsWorkAreaBase
);
47 Read the SEV Status MSR value from the workarea
53 InternalMemEncryptSevStatus (
57 SEC_SEV_ES_WORK_AREA
*SevEsWorkArea
;
59 SevEsWorkArea
= GetSevEsWorkArea ();
60 if (SevEsWorkArea
== NULL
) {
64 return (UINT32
)(UINTN
)SevEsWorkArea
->SevStatusMsrValue
;
68 Returns a boolean to indicate whether SEV-SNP is enabled.
70 @retval TRUE SEV-SNP is enabled
71 @retval FALSE SEV-SNP is not enabled
75 MemEncryptSevSnpIsEnabled (
79 MSR_SEV_STATUS_REGISTER Msr
;
81 Msr
.Uint32
= InternalMemEncryptSevStatus ();
83 return Msr
.Bits
.SevSnpBit
? TRUE
: FALSE
;
87 Returns a boolean to indicate whether SEV-ES is enabled.
89 @retval TRUE SEV-ES is enabled
90 @retval FALSE SEV-ES is not enabled
94 MemEncryptSevEsIsEnabled (
98 MSR_SEV_STATUS_REGISTER Msr
;
100 Msr
.Uint32
= InternalMemEncryptSevStatus ();
102 return Msr
.Bits
.SevEsBit
? TRUE
: FALSE
;
106 Returns a boolean to indicate whether SEV is enabled.
108 @retval TRUE SEV is enabled
109 @retval FALSE SEV is not enabled
113 MemEncryptSevIsEnabled (
117 MSR_SEV_STATUS_REGISTER Msr
;
119 Msr
.Uint32
= InternalMemEncryptSevStatus ();
121 return Msr
.Bits
.SevBit
? TRUE
: FALSE
;
125 Returns the SEV encryption mask.
127 @return The SEV pagtable encryption mask
131 MemEncryptSevGetEncryptionMask (
135 SEC_SEV_ES_WORK_AREA
*SevEsWorkArea
;
137 SevEsWorkArea
= GetSevEsWorkArea ();
138 if (SevEsWorkArea
== NULL
) {
142 return SevEsWorkArea
->EncryptionMask
;
146 Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
149 @param[out] BaseAddress The base address of the lowest-address page that
150 covers the initial SMRAM Save State Map.
152 @param[out] NumberOfPages The number of pages in the page range that covers
153 the initial SMRAM Save State Map.
155 @retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on
158 @retval RETURN_UNSUPPORTED SMM is unavailable.
162 MemEncryptSevLocateInitialSmramSaveStateMapPages (
163 OUT UINTN
*BaseAddress
,
164 OUT UINTN
*NumberOfPages
167 return RETURN_UNSUPPORTED
;