]>
Commit | Line | Data |
---|---|---|
a1f22614 BS |
1 | /** @file\r |
2 | \r | |
3 | Define Secure Encrypted Virtualization (SEV) base library helper function\r | |
4 | \r | |
b78de543 | 5 | Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>\r |
a1f22614 | 6 | \r |
b26f0cf9 | 7 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
a1f22614 BS |
8 | \r |
9 | **/\r | |
10 | \r | |
11 | #ifndef _MEM_ENCRYPT_SEV_LIB_H_\r | |
12 | #define _MEM_ENCRYPT_SEV_LIB_H_\r | |
13 | \r | |
14 | #include <Base.h>\r | |
15 | \r | |
b78de543 TL |
16 | //\r |
17 | // Internal structure for holding SEV-ES information needed during SEC phase\r | |
18 | // and valid only during SEC phase and early PEI during platform\r | |
19 | // initialization.\r | |
20 | //\r | |
21 | // This structure is also used by assembler files:\r | |
22 | // OvmfPkg/ResetVector/ResetVector.nasmb\r | |
23 | // OvmfPkg/ResetVector/Ia32/PageTables64.asm\r | |
7cb96c47 | 24 | // OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm\r |
b78de543 TL |
25 | // any changes must stay in sync with its usage.\r |
26 | //\r | |
27 | typedef struct _SEC_SEV_ES_WORK_AREA {\r | |
28 | UINT8 SevEsEnabled;\r | |
7cb96c47 TL |
29 | UINT8 Reserved1[7];\r |
30 | \r | |
31 | UINT64 RandomData;\r | |
3b32be7e TL |
32 | \r |
33 | UINT64 EncryptionMask;\r | |
b78de543 TL |
34 | } SEC_SEV_ES_WORK_AREA;\r |
35 | \r | |
c330af02 TL |
36 | //\r |
37 | // Memory encryption address range states.\r | |
38 | //\r | |
39 | typedef enum {\r | |
40 | MemEncryptSevAddressRangeUnencrypted,\r | |
41 | MemEncryptSevAddressRangeEncrypted,\r | |
42 | MemEncryptSevAddressRangeMixed,\r | |
43 | MemEncryptSevAddressRangeError,\r | |
44 | } MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE;\r | |
45 | \r | |
0afa1d08 TL |
46 | /**\r |
47 | Returns a boolean to indicate whether SEV-ES is enabled.\r | |
48 | \r | |
49 | @retval TRUE SEV-ES is enabled\r | |
50 | @retval FALSE SEV-ES is not enabled\r | |
51 | **/\r | |
52 | BOOLEAN\r | |
53 | EFIAPI\r | |
54 | MemEncryptSevEsIsEnabled (\r | |
55 | VOID\r | |
56 | );\r | |
57 | \r | |
a1f22614 BS |
58 | /**\r |
59 | Returns a boolean to indicate whether SEV is enabled\r | |
60 | \r | |
d4dd22c7 | 61 | @retval TRUE SEV is enabled\r |
a1f22614 | 62 | @retval FALSE SEV is not enabled\r |
d4dd22c7 | 63 | **/\r |
a1f22614 BS |
64 | BOOLEAN\r |
65 | EFIAPI\r | |
66 | MemEncryptSevIsEnabled (\r | |
67 | VOID\r | |
68 | );\r | |
69 | \r | |
70 | /**\r | |
5b5028e6 LE |
71 | This function clears memory encryption bit for the memory region specified by\r |
72 | BaseAddress and NumPages from the current page table context.\r | |
73 | \r | |
74 | @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r | |
75 | current CR3)\r | |
76 | @param[in] BaseAddress The physical address that is the start\r | |
77 | address of a memory region.\r | |
78 | @param[in] NumPages The number of pages from start memory\r | |
79 | region.\r | |
80 | @param[in] Flush Flush the caches before clearing the bit\r | |
81 | (mostly TRUE except MMIO addresses)\r | |
82 | \r | |
83 | @retval RETURN_SUCCESS The attributes were cleared for the\r | |
84 | memory region.\r | |
85 | @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r | |
86 | @retval RETURN_UNSUPPORTED Clearing the memory encryption attribute\r | |
87 | is not supported\r | |
88 | **/\r | |
a1f22614 BS |
89 | RETURN_STATUS\r |
90 | EFIAPI\r | |
91 | MemEncryptSevClearPageEncMask (\r | |
92 | IN PHYSICAL_ADDRESS Cr3BaseAddress,\r | |
93 | IN PHYSICAL_ADDRESS BaseAddress,\r | |
5b5028e6 LE |
94 | IN UINTN NumPages,\r |
95 | IN BOOLEAN Flush\r | |
a1f22614 BS |
96 | );\r |
97 | \r | |
98 | /**\r | |
99 | This function sets memory encryption bit for the memory region specified by\r | |
154dcd6c | 100 | BaseAddress and NumPages from the current page table context.\r |
a1f22614 | 101 | \r |
154dcd6c LE |
102 | @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r |
103 | current CR3)\r | |
104 | @param[in] BaseAddress The physical address that is the start\r | |
105 | address of a memory region.\r | |
106 | @param[in] NumPages The number of pages from start memory\r | |
107 | region.\r | |
108 | @param[in] Flush Flush the caches before setting the bit\r | |
109 | (mostly TRUE except MMIO addresses)\r | |
a1f22614 | 110 | \r |
154dcd6c LE |
111 | @retval RETURN_SUCCESS The attributes were set for the memory\r |
112 | region.\r | |
113 | @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r | |
114 | @retval RETURN_UNSUPPORTED Setting the memory encryption attribute\r | |
115 | is not supported\r | |
116 | **/\r | |
a1f22614 BS |
117 | RETURN_STATUS\r |
118 | EFIAPI\r | |
119 | MemEncryptSevSetPageEncMask (\r | |
120 | IN PHYSICAL_ADDRESS Cr3BaseAddress,\r | |
121 | IN PHYSICAL_ADDRESS BaseAddress,\r | |
154dcd6c LE |
122 | IN UINTN NumPages,\r |
123 | IN BOOLEAN Flush\r | |
a1f22614 | 124 | );\r |
61a044c6 LE |
125 | \r |
126 | \r | |
127 | /**\r | |
128 | Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r | |
129 | Save State Map.\r | |
130 | \r | |
131 | @param[out] BaseAddress The base address of the lowest-address page that\r | |
132 | covers the initial SMRAM Save State Map.\r | |
133 | \r | |
134 | @param[out] NumberOfPages The number of pages in the page range that covers\r | |
135 | the initial SMRAM Save State Map.\r | |
136 | \r | |
137 | @retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on\r | |
138 | output.\r | |
139 | \r | |
140 | @retval RETURN_UNSUPPORTED SMM is unavailable.\r | |
141 | **/\r | |
142 | RETURN_STATUS\r | |
143 | EFIAPI\r | |
144 | MemEncryptSevLocateInitialSmramSaveStateMapPages (\r | |
145 | OUT UINTN *BaseAddress,\r | |
146 | OUT UINTN *NumberOfPages\r | |
147 | );\r | |
b97dc4b9 TL |
148 | \r |
149 | /**\r | |
150 | Returns the SEV encryption mask.\r | |
151 | \r | |
152 | @return The SEV pagetable encryption mask\r | |
153 | **/\r | |
154 | UINT64\r | |
155 | EFIAPI\r | |
156 | MemEncryptSevGetEncryptionMask (\r | |
157 | VOID\r | |
158 | );\r | |
159 | \r | |
c330af02 TL |
160 | /**\r |
161 | Returns the encryption state of the specified virtual address range.\r | |
162 | \r | |
163 | @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r | |
164 | current CR3)\r | |
165 | @param[in] BaseAddress Base address to check\r | |
166 | @param[in] Length Length of virtual address range\r | |
167 | \r | |
168 | @retval MemEncryptSevAddressRangeUnencrypted Address range is mapped\r | |
169 | unencrypted\r | |
170 | @retval MemEncryptSevAddressRangeEncrypted Address range is mapped\r | |
171 | encrypted\r | |
172 | @retval MemEncryptSevAddressRangeMixed Address range is mapped mixed\r | |
173 | @retval MemEncryptSevAddressRangeError Address range is not mapped\r | |
174 | **/\r | |
175 | MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE\r | |
176 | EFIAPI\r | |
177 | MemEncryptSevGetAddressRangeState (\r | |
178 | IN PHYSICAL_ADDRESS Cr3BaseAddress,\r | |
179 | IN PHYSICAL_ADDRESS BaseAddress,\r | |
180 | IN UINTN Length\r | |
181 | );\r | |
182 | \r | |
a1f22614 | 183 | #endif // _MEM_ENCRYPT_SEV_LIB_H_\r |