OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c

   1 /** @file
   2
   3   Secure Encrypted Virtualization (SEV) library helper function
   4
   5   Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
   6
   7   This program and the accompanying materials are licensed and made available
   8   under the terms and conditions of the BSD License which accompanies this
   9   distribution.  The full text of the license may be found at
  10   http://opensource.org/licenses/bsd-license.php
  11
  12   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  13   WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  14
  15 **/
  16
  17 #include <Library/BaseLib.h>
  18 #include <Library/DebugLib.h>
  19 #include <Register/Cpuid.h>
  20 #include <Register/Amd/Cpuid.h>
  21 #include <Register/Amd/Msr.h>
  22 #include <Library/MemEncryptSevLib.h>
  23
  24 STATIC BOOLEAN mSevStatus = FALSE;
  25 STATIC BOOLEAN mSevStatusChecked = FALSE;
  26
  27 /**
  28
  29   Returns a boolean to indicate whether SEV is enabled
  30
  31   @retval TRUE           SEV is enabled
  32   @retval FALSE          SEV is not enabled
  33   **/
  34 STATIC
  35 BOOLEAN
  36 EFIAPI
  37 InternalMemEncryptSevIsEnabled (
  38   VOID
  39   )
  40 {
  41   UINT32                            RegEax;
  42   MSR_SEV_STATUS_REGISTER           Msr;
  43   CPUID_MEMORY_ENCRYPTION_INFO_EAX  Eax;
  44
  45   //
  46   // Check if memory encryption leaf exist
  47   //
  48   AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
  49   if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
  50     //
  51     // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
  52     //
  53     AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
  54
  55     if (Eax.Bits.SevBit) {
  56       //
  57       // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
  58       //
  59       Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
  60       if (Msr.Bits.SevBit) {
  61         return TRUE;
  62       }
  63     }
  64   }
  65
  66   return FALSE;
  67 }
  68
  69 /**
  70   Returns a boolean to indicate whether SEV is enabled
  71
  72   @retval TRUE           SEV is enabled
  73   @retval FALSE          SEV is not enabled
  74 **/
  75 BOOLEAN
  76 EFIAPI
  77 MemEncryptSevIsEnabled (
  78   VOID
  79   )
  80 {
  81   if (mSevStatusChecked) {
  82     return mSevStatus;
  83   }
  84
  85   mSevStatus = InternalMemEncryptSevIsEnabled();
  86   mSevStatusChecked = TRUE;
  87
  88   return mSevStatus;
  89 }