]> git.proxmox.com Git - mirror_edk2.git/blame_incremental - OvmfPkg/Include/Library/MemEncryptSevLib.h
OvmfPkg/ResetVector: Validate the encryption bit position for SEV/SEV-ES
[mirror_edk2.git] / OvmfPkg / Include / Library / MemEncryptSevLib.h
... / ...
CommitLineData
1/** @file\r
2\r
3 Define Secure Encrypted Virtualization (SEV) base library helper function\r
4\r
5 Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>\r
6\r
7 SPDX-License-Identifier: BSD-2-Clause-Patent\r
8\r
9**/\r
10\r
11#ifndef _MEM_ENCRYPT_SEV_LIB_H_\r
12#define _MEM_ENCRYPT_SEV_LIB_H_\r
13\r
14#include <Base.h>\r
15\r
16//\r
17// Internal structure for holding SEV-ES information needed during SEC phase\r
18// and valid only during SEC phase and early PEI during platform\r
19// initialization.\r
20//\r
21// This structure is also used by assembler files:\r
22// OvmfPkg/ResetVector/ResetVector.nasmb\r
23// OvmfPkg/ResetVector/Ia32/PageTables64.asm\r
24// OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm\r
25// any changes must stay in sync with its usage.\r
26//\r
27typedef struct _SEC_SEV_ES_WORK_AREA {\r
28 UINT8 SevEsEnabled;\r
29 UINT8 Reserved1[7];\r
30\r
31 UINT64 RandomData;\r
32} SEC_SEV_ES_WORK_AREA;\r
33\r
34/**\r
35 Returns a boolean to indicate whether SEV-ES is enabled.\r
36\r
37 @retval TRUE SEV-ES is enabled\r
38 @retval FALSE SEV-ES is not enabled\r
39**/\r
40BOOLEAN\r
41EFIAPI\r
42MemEncryptSevEsIsEnabled (\r
43 VOID\r
44 );\r
45\r
46/**\r
47 Returns a boolean to indicate whether SEV is enabled\r
48\r
49 @retval TRUE SEV is enabled\r
50 @retval FALSE SEV is not enabled\r
51**/\r
52BOOLEAN\r
53EFIAPI\r
54MemEncryptSevIsEnabled (\r
55 VOID\r
56 );\r
57\r
58/**\r
59 This function clears memory encryption bit for the memory region specified by\r
60 BaseAddress and NumPages from the current page table context.\r
61\r
62 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
63 current CR3)\r
64 @param[in] BaseAddress The physical address that is the start\r
65 address of a memory region.\r
66 @param[in] NumPages The number of pages from start memory\r
67 region.\r
68 @param[in] Flush Flush the caches before clearing the bit\r
69 (mostly TRUE except MMIO addresses)\r
70\r
71 @retval RETURN_SUCCESS The attributes were cleared for the\r
72 memory region.\r
73 @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
74 @retval RETURN_UNSUPPORTED Clearing the memory encryption attribute\r
75 is not supported\r
76**/\r
77RETURN_STATUS\r
78EFIAPI\r
79MemEncryptSevClearPageEncMask (\r
80 IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
81 IN PHYSICAL_ADDRESS BaseAddress,\r
82 IN UINTN NumPages,\r
83 IN BOOLEAN Flush\r
84 );\r
85\r
86/**\r
87 This function sets memory encryption bit for the memory region specified by\r
88 BaseAddress and NumPages from the current page table context.\r
89\r
90 @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use\r
91 current CR3)\r
92 @param[in] BaseAddress The physical address that is the start\r
93 address of a memory region.\r
94 @param[in] NumPages The number of pages from start memory\r
95 region.\r
96 @param[in] Flush Flush the caches before setting the bit\r
97 (mostly TRUE except MMIO addresses)\r
98\r
99 @retval RETURN_SUCCESS The attributes were set for the memory\r
100 region.\r
101 @retval RETURN_INVALID_PARAMETER Number of pages is zero.\r
102 @retval RETURN_UNSUPPORTED Setting the memory encryption attribute\r
103 is not supported\r
104**/\r
105RETURN_STATUS\r
106EFIAPI\r
107MemEncryptSevSetPageEncMask (\r
108 IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
109 IN PHYSICAL_ADDRESS BaseAddress,\r
110 IN UINTN NumPages,\r
111 IN BOOLEAN Flush\r
112 );\r
113\r
114\r
115/**\r
116 Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r
117 Save State Map.\r
118\r
119 @param[out] BaseAddress The base address of the lowest-address page that\r
120 covers the initial SMRAM Save State Map.\r
121\r
122 @param[out] NumberOfPages The number of pages in the page range that covers\r
123 the initial SMRAM Save State Map.\r
124\r
125 @retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on\r
126 output.\r
127\r
128 @retval RETURN_UNSUPPORTED SMM is unavailable.\r
129**/\r
130RETURN_STATUS\r
131EFIAPI\r
132MemEncryptSevLocateInitialSmramSaveStateMapPages (\r
133 OUT UINTN *BaseAddress,\r
134 OUT UINTN *NumberOfPages\r
135 );\r
136#endif // _MEM_ENCRYPT_SEV_LIB_H_\r