OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c

   1 /** @file
   2
   3   Secure Encrypted Virtualization (SEV) library helper function
   4
   5   Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
   6
   7   This program and the accompanying materials
   8   are licensed and made available under the terms and conditions of the BSD
   9   License which accompanies this distribution.  The full text of the license may
  10   be found at http://opensource.org/licenses/bsd-license.php
  11
  12   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  13   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  14
  15 **/
  16
  17 #include <Library/BaseLib.h>
  18 #include <Library/DebugLib.h>
  19 #include <Register/Cpuid.h>
  20 #include <Register/Amd/Cpuid.h>
  21 #include <Register/Amd/Msr.h>
  22 #include <Library/MemEncryptSevLib.h>
  23
  24 STATIC BOOLEAN mSevStatus = FALSE;
  25 STATIC BOOLEAN mSevStatusChecked = FALSE;
  26
  27 /**
  28
  29   Returns a boolean to indicate whether SEV is enabled
  30
  31   @retval TRUE           SEV is enabled
  32   @retval FALSE          SEV is not enabled
  33   **/
  34 STATIC
  35 BOOLEAN
  36 EFIAPI
  37 InternalMemEncryptSevIsEnabled (
  38   VOID
  39   )
  40 {
  41   UINT32                            RegEax;
  42   MSR_SEV_STATUS_REGISTER           Msr;
  43   CPUID_MEMORY_ENCRYPTION_INFO_EAX  Eax;
  44
  45   //
  46   // Check if memory encryption leaf exist
  47   //
  48   AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
  49   if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
  50     //
  51     // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
  52     //
  53     AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
  54
  55     if (Eax.Bits.SevBit) {
  56       //
  57       // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
  58       //
  59       Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
  60       if (Msr.Bits.SevBit) {
  61         return TRUE;
  62       }
  63     }
  64   }
  65
  66   return FALSE;
  67 }
  68
  69 /**
  70
  71   Returns a boolean to indicate whether SEV is enabled
  72
  73   @retval TRUE           SEV is enabled
  74   @retval FALSE          SEV is not enabled
  75   **/
  76 BOOLEAN
  77 EFIAPI
  78 MemEncryptSevIsEnabled (
  79   VOID
  80   )
  81 {
  82   if (mSevStatusChecked) {
  83     return mSevStatus;
  84   }
  85
  86   mSevStatus = InternalMemEncryptSevIsEnabled();
  87   mSevStatusChecked = TRUE;
  88
  89   return mSevStatus;
  90 }