OvmfPkg/Include/Library/MemEncryptSevLib.h

   1 /** @file
   2
   3   Define Secure Encrypted Virtualization (SEV) base library helper function
   4
   5   Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
   6
   7   SPDX-License-Identifier: BSD-2-Clause-Patent
   8
   9 **/
  10
  11 #ifndef _MEM_ENCRYPT_SEV_LIB_H_
  12 #define _MEM_ENCRYPT_SEV_LIB_H_
  13
  14 #include <Base.h>
  15
  16 //
  17 // Internal structure for holding SEV-ES information needed during SEC phase
  18 // and valid only during SEC phase and early PEI during platform
  19 // initialization.
  20 //
  21 // This structure is also used by assembler files:
  22 //   OvmfPkg/ResetVector/ResetVector.nasmb
  23 //   OvmfPkg/ResetVector/Ia32/PageTables64.asm
  24 //   OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm
  25 // any changes must stay in sync with its usage.
  26 //
  27 typedef struct _SEC_SEV_ES_WORK_AREA {
  28   UINT8    SevEsEnabled;
  29   UINT8    Reserved1[7];
  30
  31   UINT64   RandomData;
  32
  33   UINT64   EncryptionMask;
  34 } SEC_SEV_ES_WORK_AREA;
  35
  36 /**
  37   Returns a boolean to indicate whether SEV-ES is enabled.
  38
  39   @retval TRUE           SEV-ES is enabled
  40   @retval FALSE          SEV-ES is not enabled
  41 **/
  42 BOOLEAN
  43 EFIAPI
  44 MemEncryptSevEsIsEnabled (
  45   VOID
  46   );
  47
  48 /**
  49   Returns a boolean to indicate whether SEV is enabled
  50
  51   @retval TRUE           SEV is enabled
  52   @retval FALSE          SEV is not enabled
  53 **/
  54 BOOLEAN
  55 EFIAPI
  56 MemEncryptSevIsEnabled (
  57   VOID
  58   );
  59
  60 /**
  61   This function clears memory encryption bit for the memory region specified by
  62   BaseAddress and NumPages from the current page table context.
  63
  64   @param[in]  Cr3BaseAddress          Cr3 Base Address (if zero then use
  65                                       current CR3)
  66   @param[in]  BaseAddress             The physical address that is the start
  67                                       address of a memory region.
  68   @param[in]  NumPages                The number of pages from start memory
  69                                       region.
  70   @param[in]  Flush                   Flush the caches before clearing the bit
  71                                       (mostly TRUE except MMIO addresses)
  72
  73   @retval RETURN_SUCCESS              The attributes were cleared for the
  74                                       memory region.
  75   @retval RETURN_INVALID_PARAMETER    Number of pages is zero.
  76   @retval RETURN_UNSUPPORTED          Clearing the memory encryption attribute
  77                                       is not supported
  78 **/
  79 RETURN_STATUS
  80 EFIAPI
  81 MemEncryptSevClearPageEncMask (
  82   IN PHYSICAL_ADDRESS         Cr3BaseAddress,
  83   IN PHYSICAL_ADDRESS         BaseAddress,
  84   IN UINTN                    NumPages,
  85   IN BOOLEAN                  Flush
  86   );
  87
  88 /**
  89   This function sets memory encryption bit for the memory region specified by
  90   BaseAddress and NumPages from the current page table context.
  91
  92   @param[in]  Cr3BaseAddress          Cr3 Base Address (if zero then use
  93                                       current CR3)
  94   @param[in]  BaseAddress             The physical address that is the start
  95                                       address of a memory region.
  96   @param[in]  NumPages                The number of pages from start memory
  97                                       region.
  98   @param[in]  Flush                   Flush the caches before setting the bit
  99                                       (mostly TRUE except MMIO addresses)
 100
 101   @retval RETURN_SUCCESS              The attributes were set for the memory
 102                                       region.
 103   @retval RETURN_INVALID_PARAMETER    Number of pages is zero.
 104   @retval RETURN_UNSUPPORTED          Setting the memory encryption attribute
 105                                       is not supported
 106 **/
 107 RETURN_STATUS
 108 EFIAPI
 109 MemEncryptSevSetPageEncMask (
 110   IN PHYSICAL_ADDRESS         Cr3BaseAddress,
 111   IN PHYSICAL_ADDRESS         BaseAddress,
 112   IN UINTN                    NumPages,
 113   IN BOOLEAN                  Flush
 114   );
 115
 116
 117 /**
 118   Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
 119   Save State Map.
 120
 121   @param[out] BaseAddress     The base address of the lowest-address page that
 122                               covers the initial SMRAM Save State Map.
 123
 124   @param[out] NumberOfPages   The number of pages in the page range that covers
 125                               the initial SMRAM Save State Map.
 126
 127   @retval RETURN_SUCCESS      BaseAddress and NumberOfPages have been set on
 128                               output.
 129
 130   @retval RETURN_UNSUPPORTED  SMM is unavailable.
 131 **/
 132 RETURN_STATUS
 133 EFIAPI
 134 MemEncryptSevLocateInitialSmramSaveStateMapPages (
 135   OUT UINTN *BaseAddress,
 136   OUT UINTN *NumberOfPages
 137   );
 138 #endif // _MEM_ENCRYPT_SEV_LIB_H_