[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / SecMemEncryptSevLibInternal.c

/** @file\r
\r
  Secure Encrypted Virtualization (SEV) library helper function\r
\r
  Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <Library/BaseLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/MemEncryptSevLib.h>\r
#include <Library/PcdLib.h>\r
#include <Register/Amd/Cpuid.h>\r
#include <Register/Amd/Msr.h>\r
#include <Register/Cpuid.h>\r
#include <Uefi/UefiBaseType.h>\r
\r
/**\r
   Read the workarea to determine whether SEV is enabled. If enabled,\r
   then return the SevEsWorkArea pointer.\r
\r
  **/\r
STATIC\r
SEC_SEV_ES_WORK_AREA *\r
EFIAPI\r
GetSevEsWorkArea (\r
  VOID\r
  )\r
{\r
  OVMF_WORK_AREA  *WorkArea;\r
\r
  WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);\r
\r
  //\r
  // If its not SEV guest then SevEsWorkArea is not valid.\r
  //\r
  if ((WorkArea == NULL) || (WorkArea->Header.GuestType != CcGuestTypeAmdSev)) {\r
    return NULL;\r
  }\r
\r
  return (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);\r
}\r
\r
/**\r
  Read the SEV Status MSR value from the workarea\r
\r
  **/\r
STATIC\r
UINT32\r
EFIAPI\r
InternalMemEncryptSevStatus (\r
  VOID\r
  )\r
{\r
  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;\r
\r
  SevEsWorkArea = GetSevEsWorkArea ();\r
  if (SevEsWorkArea == NULL) {\r
    return 0;\r
  }\r
\r
  return (UINT32)(UINTN)SevEsWorkArea->SevStatusMsrValue;\r
}\r
\r
/**\r
  Returns a boolean to indicate whether SEV-SNP is enabled.\r
\r
  @retval TRUE           SEV-SNP is enabled\r
  @retval FALSE          SEV-SNP is not enabled\r
**/\r
BOOLEAN\r
EFIAPI\r
MemEncryptSevSnpIsEnabled (\r
  VOID\r
  )\r
{\r
  MSR_SEV_STATUS_REGISTER  Msr;\r
\r
  Msr.Uint32 = InternalMemEncryptSevStatus ();\r
\r
  return Msr.Bits.SevSnpBit ? TRUE : FALSE;\r
}\r
\r
/**\r
  Returns a boolean to indicate whether SEV-ES is enabled.\r
\r
  @retval TRUE           SEV-ES is enabled\r
  @retval FALSE          SEV-ES is not enabled\r
**/\r
BOOLEAN\r
EFIAPI\r
MemEncryptSevEsIsEnabled (\r
  VOID\r
  )\r
{\r
  MSR_SEV_STATUS_REGISTER  Msr;\r
\r
  Msr.Uint32 = InternalMemEncryptSevStatus ();\r
\r
  return Msr.Bits.SevEsBit ? TRUE : FALSE;\r
}\r
\r
/**\r
  Returns a boolean to indicate whether SEV is enabled.\r
\r
  @retval TRUE           SEV is enabled\r
  @retval FALSE          SEV is not enabled\r
**/\r
BOOLEAN\r
EFIAPI\r
MemEncryptSevIsEnabled (\r
  VOID\r
  )\r
{\r
  MSR_SEV_STATUS_REGISTER  Msr;\r
\r
  Msr.Uint32 = InternalMemEncryptSevStatus ();\r
\r
  return Msr.Bits.SevBit ? TRUE : FALSE;\r
}\r
\r
/**\r
  Returns the SEV encryption mask.\r
\r
  @return  The SEV pagtable encryption mask\r
**/\r
UINT64\r
EFIAPI\r
MemEncryptSevGetEncryptionMask (\r
  VOID\r
  )\r
{\r
  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;\r
\r
  SevEsWorkArea = GetSevEsWorkArea ();\r
  if (SevEsWorkArea == NULL) {\r
    return 0;\r
  }\r
\r
  return SevEsWorkArea->EncryptionMask;\r
}\r
\r
/**\r
  Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r
  Save State Map.\r
\r
  @param[out] BaseAddress     The base address of the lowest-address page that\r
                              covers the initial SMRAM Save State Map.\r
\r
  @param[out] NumberOfPages   The number of pages in the page range that covers\r
                              the initial SMRAM Save State Map.\r
\r
  @retval RETURN_SUCCESS      BaseAddress and NumberOfPages have been set on\r
                              output.\r
\r
  @retval RETURN_UNSUPPORTED  SMM is unavailable.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevLocateInitialSmramSaveStateMapPages (\r
  OUT UINTN  *BaseAddress,\r
  OUT UINTN  *NumberOfPages\r
  )\r
{\r
  return RETURN_UNSUPPORTED;\r
}\r
Commit	Line	Data
a746ca5b TL	1	/** @file\r
	2	\r
	3	Secure Encrypted Virtualization (SEV) library helper function\r
	4	\r
	5	Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>\r
	6	\r
	7	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	8	\r
	9	**/\r
	10	\r
	11	#include <Library/BaseLib.h>\r
	12	#include <Library/DebugLib.h>\r
	13	#include <Library/MemEncryptSevLib.h>\r
	14	#include <Library/PcdLib.h>\r
	15	#include <Register/Amd/Cpuid.h>\r
	16	#include <Register/Amd/Msr.h>\r
	17	#include <Register/Cpuid.h>\r
	18	#include <Uefi/UefiBaseType.h>\r
	19	\r
	20	/**\r
f1d1c337 BS	21	Read the workarea to determine whether SEV is enabled. If enabled,\r
	22	then return the SevEsWorkArea pointer.\r
	23	\r
	24	**/\r
	25	STATIC\r
	26	SEC_SEV_ES_WORK_AREA *\r
	27	EFIAPI\r
	28	GetSevEsWorkArea (\r
	29	VOID\r
	30	)\r
	31	{\r
	32	OVMF_WORK_AREA *WorkArea;\r
	33	\r
	34	WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);\r
	35	\r
	36	//\r
	37	// If its not SEV guest then SevEsWorkArea is not valid.\r
	38	//\r
d020ac55	39	if ((WorkArea == NULL) \|\| (WorkArea->Header.GuestType != CcGuestTypeAmdSev)) {\r
f1d1c337 BS	40	return NULL;\r
	41	}\r
	42	\r
	43	return (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);\r
	44	}\r
	45	\r
	46	/**\r
	47	Read the SEV Status MSR value from the workarea\r
a746ca5b TL	48	\r
	49	**/\r
	50	STATIC\r
	51	UINT32\r
	52	EFIAPI\r
	53	InternalMemEncryptSevStatus (\r
	54	VOID\r
	55	)\r
	56	{\r
f1d1c337 BS	57	SEC_SEV_ES_WORK_AREA *SevEsWorkArea;\r
	58	\r
	59	SevEsWorkArea = GetSevEsWorkArea ();\r
	60	if (SevEsWorkArea == NULL) {\r
	61	return 0;\r
a746ca5b TL	62	}\r
a746ca5b TL	63	\r
f1d1c337	64	return (UINT32)(UINTN)SevEsWorkArea->SevStatusMsrValue;\r
a746ca5b TL	65	}\r
a746ca5b TL	66	\r
d9822304 BS	67	/**\r
	68	Returns a boolean to indicate whether SEV-SNP is enabled.\r
	69	\r
	70	@retval TRUE SEV-SNP is enabled\r
	71	@retval FALSE SEV-SNP is not enabled\r
	72	**/\r
	73	BOOLEAN\r
	74	EFIAPI\r
	75	MemEncryptSevSnpIsEnabled (\r
	76	VOID\r
	77	)\r
	78	{\r
	79	MSR_SEV_STATUS_REGISTER Msr;\r
	80	\r
	81	Msr.Uint32 = InternalMemEncryptSevStatus ();\r
	82	\r
	83	return Msr.Bits.SevSnpBit ? TRUE : FALSE;\r
	84	}\r
	85	\r
a746ca5b TL	86	/**\r
	87	Returns a boolean to indicate whether SEV-ES is enabled.\r
	88	\r
	89	@retval TRUE SEV-ES is enabled\r
	90	@retval FALSE SEV-ES is not enabled\r
	91	**/\r
	92	BOOLEAN\r
	93	EFIAPI\r
	94	MemEncryptSevEsIsEnabled (\r
	95	VOID\r
	96	)\r
	97	{\r
ac0a286f	98	MSR_SEV_STATUS_REGISTER Msr;\r
a746ca5b TL	99	\r
	100	Msr.Uint32 = InternalMemEncryptSevStatus ();\r
	101	\r
	102	return Msr.Bits.SevEsBit ? TRUE : FALSE;\r
	103	}\r
	104	\r
	105	/**\r
	106	Returns a boolean to indicate whether SEV is enabled.\r
	107	\r
	108	@retval TRUE SEV is enabled\r
	109	@retval FALSE SEV is not enabled\r
	110	**/\r
	111	BOOLEAN\r
	112	EFIAPI\r
	113	MemEncryptSevIsEnabled (\r
	114	VOID\r
	115	)\r
	116	{\r
ac0a286f	117	MSR_SEV_STATUS_REGISTER Msr;\r
a746ca5b TL	118	\r
	119	Msr.Uint32 = InternalMemEncryptSevStatus ();\r
	120	\r
	121	return Msr.Bits.SevBit ? TRUE : FALSE;\r
	122	}\r
	123	\r
	124	/**\r
	125	Returns the SEV encryption mask.\r
	126	\r
	127	@return The SEV pagtable encryption mask\r
	128	**/\r
	129	UINT64\r
	130	EFIAPI\r
	131	MemEncryptSevGetEncryptionMask (\r
	132	VOID\r
	133	)\r
	134	{\r
f1d1c337 BS	135	SEC_SEV_ES_WORK_AREA *SevEsWorkArea;\r
	136	\r
	137	SevEsWorkArea = GetSevEsWorkArea ();\r
	138	if (SevEsWorkArea == NULL) {\r
	139	return 0;\r
a746ca5b TL	140	}\r
a746ca5b TL	141	\r
f1d1c337	142	return SevEsWorkArea->EncryptionMask;\r
a746ca5b TL	143	}\r
	144	\r
	145	/**\r
	146	Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r
	147	Save State Map.\r
	148	\r
	149	@param[out] BaseAddress The base address of the lowest-address page that\r
	150	covers the initial SMRAM Save State Map.\r
	151	\r
	152	@param[out] NumberOfPages The number of pages in the page range that covers\r
	153	the initial SMRAM Save State Map.\r
	154	\r
	155	@retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on\r
	156	output.\r
	157	\r
	158	@retval RETURN_UNSUPPORTED SMM is unavailable.\r
	159	**/\r
	160	RETURN_STATUS\r
	161	EFIAPI\r
	162	MemEncryptSevLocateInitialSmramSaveStateMapPages (\r
ac0a286f MK	163	OUT UINTN *BaseAddress,\r
ac0a286f MK	164	OUT UINTN *NumberOfPages\r
a746ca5b TL	165	)\r
	166	{\r
	167	return RETURN_UNSUPPORTED;\r
	168	}\r