[mirror_edk2.git] / OvmfPkg / Include / Library / MemEncryptSevLib.h

/** @file\r
\r
  Define Secure Encrypted Virtualization (SEV) base library helper function\r
\r
  Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#ifndef _MEM_ENCRYPT_SEV_LIB_H_\r
#define _MEM_ENCRYPT_SEV_LIB_H_\r
\r
#include <Base.h>\r
\r
//\r
// Internal structure for holding SEV-ES information needed during SEC phase\r
// and valid only during SEC phase and early PEI during platform\r
// initialization.\r
//\r
// This structure is also used by assembler files:\r
//   OvmfPkg/ResetVector/ResetVector.nasmb\r
//   OvmfPkg/ResetVector/Ia32/PageTables64.asm\r
//   OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm\r
// any changes must stay in sync with its usage.\r
//\r
typedef struct _SEC_SEV_ES_WORK_AREA {\r
  UINT8    SevEsEnabled;\r
  UINT8    Reserved1[7];\r
\r
  UINT64   RandomData;\r
\r
  UINT64   EncryptionMask;\r
} SEC_SEV_ES_WORK_AREA;\r
\r
/**\r
  Returns a boolean to indicate whether SEV-ES is enabled.\r
\r
  @retval TRUE           SEV-ES is enabled\r
  @retval FALSE          SEV-ES is not enabled\r
**/\r
BOOLEAN\r
EFIAPI\r
MemEncryptSevEsIsEnabled (\r
  VOID\r
  );\r
\r
/**\r
  Returns a boolean to indicate whether SEV is enabled\r
\r
  @retval TRUE           SEV is enabled\r
  @retval FALSE          SEV is not enabled\r
**/\r
BOOLEAN\r
EFIAPI\r
MemEncryptSevIsEnabled (\r
  VOID\r
  );\r
\r
/**\r
  This function clears memory encryption bit for the memory region specified by\r
  BaseAddress and NumPages from the current page table context.\r
\r
  @param[in]  Cr3BaseAddress          Cr3 Base Address (if zero then use\r
                                      current CR3)\r
  @param[in]  BaseAddress             The physical address that is the start\r
                                      address of a memory region.\r
  @param[in]  NumPages                The number of pages from start memory\r
                                      region.\r
  @param[in]  Flush                   Flush the caches before clearing the bit\r
                                      (mostly TRUE except MMIO addresses)\r
\r
  @retval RETURN_SUCCESS              The attributes were cleared for the\r
                                      memory region.\r
  @retval RETURN_INVALID_PARAMETER    Number of pages is zero.\r
  @retval RETURN_UNSUPPORTED          Clearing the memory encryption attribute\r
                                      is not supported\r
**/\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevClearPageEncMask (\r
  IN PHYSICAL_ADDRESS         Cr3BaseAddress,\r
  IN PHYSICAL_ADDRESS         BaseAddress,\r
  IN UINTN                    NumPages,\r
  IN BOOLEAN                  Flush\r
  );\r
\r
/**\r
  This function sets memory encryption bit for the memory region specified by\r
  BaseAddress and NumPages from the current page table context.\r
\r
  @param[in]  Cr3BaseAddress          Cr3 Base Address (if zero then use\r
                                      current CR3)\r
  @param[in]  BaseAddress             The physical address that is the start\r
                                      address of a memory region.\r
  @param[in]  NumPages                The number of pages from start memory\r
                                      region.\r
  @param[in]  Flush                   Flush the caches before setting the bit\r
                                      (mostly TRUE except MMIO addresses)\r
\r
  @retval RETURN_SUCCESS              The attributes were set for the memory\r
                                      region.\r
  @retval RETURN_INVALID_PARAMETER    Number of pages is zero.\r
  @retval RETURN_UNSUPPORTED          Setting the memory encryption attribute\r
                                      is not supported\r
**/\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevSetPageEncMask (\r
  IN PHYSICAL_ADDRESS         Cr3BaseAddress,\r
  IN PHYSICAL_ADDRESS         BaseAddress,\r
  IN UINTN                    NumPages,\r
  IN BOOLEAN                  Flush\r
  );\r
\r
\r
/**\r
  Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r
  Save State Map.\r
\r
  @param[out] BaseAddress     The base address of the lowest-address page that\r
                              covers the initial SMRAM Save State Map.\r
\r
  @param[out] NumberOfPages   The number of pages in the page range that covers\r
                              the initial SMRAM Save State Map.\r
\r
  @retval RETURN_SUCCESS      BaseAddress and NumberOfPages have been set on\r
                              output.\r
\r
  @retval RETURN_UNSUPPORTED  SMM is unavailable.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevLocateInitialSmramSaveStateMapPages (\r
  OUT UINTN *BaseAddress,\r
  OUT UINTN *NumberOfPages\r
  );\r
#endif // _MEM_ENCRYPT_SEV_LIB_H_\r
Commit	Line	Data
a1f22614 BS	1	/** @file\r
	2	\r
	3	Define Secure Encrypted Virtualization (SEV) base library helper function\r
	4	\r
b78de543	5	Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>\r
a1f22614	6	\r
b26f0cf9	7	SPDX-License-Identifier: BSD-2-Clause-Patent\r
a1f22614 BS	8	\r
	9	**/\r
	10	\r
	11	#ifndef _MEM_ENCRYPT_SEV_LIB_H_\r
	12	#define _MEM_ENCRYPT_SEV_LIB_H_\r
	13	\r
	14	#include <Base.h>\r
	15	\r
b78de543 TL	16	//\r
	17	// Internal structure for holding SEV-ES information needed during SEC phase\r
	18	// and valid only during SEC phase and early PEI during platform\r
	19	// initialization.\r
	20	//\r
	21	// This structure is also used by assembler files:\r
	22	// OvmfPkg/ResetVector/ResetVector.nasmb\r
	23	// OvmfPkg/ResetVector/Ia32/PageTables64.asm\r
7cb96c47	24	// OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm\r
b78de543 TL	25	// any changes must stay in sync with its usage.\r
	26	//\r
	27	typedef struct _SEC_SEV_ES_WORK_AREA {\r
	28	UINT8 SevEsEnabled;\r
7cb96c47 TL	29	UINT8 Reserved1[7];\r
	30	\r
	31	UINT64 RandomData;\r
3b32be7e TL	32	\r
3b32be7e TL	33	UINT64 EncryptionMask;\r
b78de543 TL	34	} SEC_SEV_ES_WORK_AREA;\r
b78de543 TL	35	\r
0afa1d08 TL	36	/**\r
	37	Returns a boolean to indicate whether SEV-ES is enabled.\r
	38	\r
	39	@retval TRUE SEV-ES is enabled\r
	40	@retval FALSE SEV-ES is not enabled\r
	41	**/\r
	42	BOOLEAN\r
	43	EFIAPI\r
	44	MemEncryptSevEsIsEnabled (\r
	45	VOID\r
	46	);\r
	47	\r
a1f22614 BS	48	/**\r
	49	Returns a boolean to indicate whether SEV is enabled\r
	50	\r
d4dd22c7	51	@retval TRUE SEV is enabled\r
a1f22614	52	@retval FALSE SEV is not enabled\r
d4dd22c7	53	**/\r
a1f22614 BS	54	BOOLEAN\r
	55	EFIAPI\r
	56	MemEncryptSevIsEnabled (\r
	57	VOID\r
	58	);\r
	59	\r
	60	/**\r
5b5028e6 LE	61	This function clears memory encryption bit for the memory region specified by\r
	62	BaseAddress and NumPages from the current page table context.\r
	63	\r
	64	@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
	65	current CR3)\r
	66	@param[in] BaseAddress The physical address that is the start\r
	67	address of a memory region.\r
	68	@param[in] NumPages The number of pages from start memory\r
	69	region.\r
	70	@param[in] Flush Flush the caches before clearing the bit\r
	71	(mostly TRUE except MMIO addresses)\r
	72	\r
	73	@retval RETURN_SUCCESS The attributes were cleared for the\r
	74	memory region.\r
	75	@retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
	76	@retval RETURN_UNSUPPORTED Clearing the memory encryption attribute\r
	77	is not supported\r
	78	**/\r
a1f22614 BS	79	RETURN_STATUS\r
	80	EFIAPI\r
	81	MemEncryptSevClearPageEncMask (\r
	82	IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
	83	IN PHYSICAL_ADDRESS BaseAddress,\r
5b5028e6 LE	84	IN UINTN NumPages,\r
5b5028e6 LE	85	IN BOOLEAN Flush\r
a1f22614 BS	86	);\r
	87	\r
	88	/**\r
	89	This function sets memory encryption bit for the memory region specified by\r
154dcd6c	90	BaseAddress and NumPages from the current page table context.\r
a1f22614	91	\r
154dcd6c LE	92	@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
	93	current CR3)\r
	94	@param[in] BaseAddress The physical address that is the start\r
	95	address of a memory region.\r
	96	@param[in] NumPages The number of pages from start memory\r
	97	region.\r
	98	@param[in] Flush Flush the caches before setting the bit\r
	99	(mostly TRUE except MMIO addresses)\r
a1f22614	100	\r
154dcd6c LE	101	@retval RETURN_SUCCESS The attributes were set for the memory\r
	102	region.\r
	103	@retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
	104	@retval RETURN_UNSUPPORTED Setting the memory encryption attribute\r
	105	is not supported\r
	106	**/\r
a1f22614 BS	107	RETURN_STATUS\r
	108	EFIAPI\r
	109	MemEncryptSevSetPageEncMask (\r
	110	IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
	111	IN PHYSICAL_ADDRESS BaseAddress,\r
154dcd6c LE	112	IN UINTN NumPages,\r
154dcd6c LE	113	IN BOOLEAN Flush\r
a1f22614	114	);\r
61a044c6 LE	115	\r
	116	\r
	117	/**\r
	118	Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r
	119	Save State Map.\r
	120	\r
	121	@param[out] BaseAddress The base address of the lowest-address page that\r
	122	covers the initial SMRAM Save State Map.\r
	123	\r
	124	@param[out] NumberOfPages The number of pages in the page range that covers\r
	125	the initial SMRAM Save State Map.\r
	126	\r
	127	@retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on\r
	128	output.\r
	129	\r
	130	@retval RETURN_UNSUPPORTED SMM is unavailable.\r
	131	**/\r
	132	RETURN_STATUS\r
	133	EFIAPI\r
	134	MemEncryptSevLocateInitialSmramSaveStateMapPages (\r
	135	OUT UINTN *BaseAddress,\r
	136	OUT UINTN *NumberOfPages\r
	137	);\r
a1f22614	138	#endif // _MEM_ENCRYPT_SEV_LIB_H_\r