--- /dev/null
+/** @file\r
+\r
+ AMD Sev Dxe driver. This driver is dispatched early in DXE, due to being list\r
+ in APRIORI. It clears C-bit from MMIO and NonExistent Memory space when SEV is\r
+ enabled.\r
+\r
+ Copyright (c) 2017, AMD Inc. All rights reserved.<BR>\r
+\r
+ This program and the accompanying materials\r
+ are licensed and made available under the terms and conditions of the BSD\r
+ License which accompanies this distribution. The full text of the license may\r
+ be found at http://opensource.org/licenses/bsd-license.php\r
+\r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include <PiDxe.h>\r
+\r
+#include <Library/BaseLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/MemoryAllocationLib.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+#include <Library/DxeServicesTableLib.h>\r
+#include <Library/MemEncryptSevLib.h>\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+AmdSevDxeEntryPoint (\r
+ IN EFI_HANDLE ImageHandle,\r
+ IN EFI_SYSTEM_TABLE *SystemTable\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_GCD_MEMORY_SPACE_DESCRIPTOR *AllDescMap;\r
+ UINTN NumEntries;\r
+ UINTN Index;\r
+\r
+ //\r
+ // Do nothing when SEV is not enabled\r
+ //\r
+ if (!MemEncryptSevIsEnabled ()) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ //\r
+ // Iterate through the GCD map and clear the C-bit from MMIO and NonExistent\r
+ // memory space. The NonExistent memory space will be used for mapping the MMIO\r
+ // space added later (eg PciRootBridge). By clearing both known MMIO and\r
+ // NonExistent memory space can gurantee that current and furture MMIO adds\r
+ // will have C-bit cleared.\r
+ //\r
+ Status = gDS->GetMemorySpaceMap (&NumEntries, &AllDescMap);\r
+ if (!EFI_ERROR (Status)) {\r
+ for (Index = 0; Index < NumEntries; Index++) {\r
+ CONST EFI_GCD_MEMORY_SPACE_DESCRIPTOR *Desc;\r
+\r
+ Desc = &AllDescMap[Index];\r
+ if (Desc->GcdMemoryType == EfiGcdMemoryTypeMemoryMappedIo ||\r
+ Desc->GcdMemoryType == EfiGcdMemoryTypeNonExistent) {\r
+ Status = MemEncryptSevClearPageEncMask (0,\r
+ Desc->BaseAddress,\r
+ EFI_SIZE_TO_PAGES(Desc->Length),\r
+ FALSE);\r
+ ASSERT_EFI_ERROR (Status);\r
+ }\r
+ }\r
+\r
+ FreePool (AllDescMap);\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
--- /dev/null
+#/** @file\r
+#\r
+# Driver clears the encryption attribute from MMIO regions when SEV is enabled\r
+#\r
+# Copyright (c) 2017, AMD Inc. All rights reserved.<BR>\r
+#\r
+# This program and the accompanying materials\r
+# are licensed and made available under the terms and conditions of the BSD\r
+# License which accompanies this distribution. The full text of the license may\r
+# be found at http://opensource.org/licenses/bsd-license.php\r
+#\r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+#\r
+#**/\r
+\r
+[Defines]\r
+ INF_VERSION = 1.25\r
+ BASE_NAME = AmdSevDxe\r
+ FILE_GUID = 2ec9da37-ee35-4de9-86c5-6d9a81dc38a7\r
+ MODULE_TYPE = DXE_DRIVER\r
+ VERSION_STRING = 1.0\r
+ ENTRY_POINT = AmdSevDxeEntryPoint\r
+\r
+[Sources]\r
+ AmdSevDxe.c\r
+\r
+[Packages]\r
+ MdePkg/MdePkg.dec\r
+ MdeModulePkg/MdeModulePkg.dec\r
+ OvmfPkg/OvmfPkg.dec\r
+\r
+[LibraryClasses]\r
+ BaseLib\r
+ UefiLib\r
+ UefiDriverEntryPoint\r
+ UefiBootServicesTableLib\r
+ DxeServicesTableLib\r
+ DebugLib\r
+ MemEncryptSevLib\r
+\r
+[Depex]\r
+ TRUE\r
APRIORI DXE {\r
INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf\r
INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf\r
+ INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf\r
!if $(SMM_REQUIRE) == FALSE\r
INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf\r
!endif\r
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf\r
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf\r
INF OvmfPkg/PlatformDxe/Platform.inf\r
+INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf\r
\r
!if $(SMM_REQUIRE) == TRUE\r
INF OvmfPkg/SmmAccess/SmmAccess2Dxe.inf\r
APRIORI DXE {\r
INF MdeModulePkg/Universal/DevicePathDxe/DevicePathDxe.inf\r
INF MdeModulePkg/Universal/PCD/Dxe/Pcd.inf\r
+ INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf\r
!if $(SMM_REQUIRE) == FALSE\r
INF OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf\r
!endif\r
INF OvmfPkg/QemuVideoDxe/QemuVideoDxe.inf\r
INF OvmfPkg/VirtioGpuDxe/VirtioGpu.inf\r
INF OvmfPkg/PlatformDxe/Platform.inf\r
+INF OvmfPkg/AmdSevDxe/AmdSevDxe.inf\r
\r
!if $(SMM_REQUIRE) == TRUE\r
INF OvmfPkg/SmmAccess/SmmAccess2Dxe.inf\r