3 Secure Encrypted Virtualization (SEV) library helper function
5 Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved.<BR>
7 SPDX-License-Identifier: BSD-2-Clause-Patent
11 #include <Library/BaseLib.h>
12 #include <Library/DebugLib.h>
13 #include <Library/MemEncryptSevLib.h>
14 #include <Library/PcdLib.h>
15 #include <Register/Amd/Cpuid.h>
16 #include <Register/Amd/Msr.h>
17 #include <Register/Cpuid.h>
18 #include <Uefi/UefiBaseType.h>
21 Reads and sets the status of SEV features.
27 InternalMemEncryptSevStatus (
32 CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax
;
34 SEC_SEV_ES_WORK_AREA
*SevEsWorkArea
;
38 SevEsWorkArea
= (SEC_SEV_ES_WORK_AREA
*)FixedPcdGet32 (PcdSevEsWorkAreaBase
);
39 if ((SevEsWorkArea
!= NULL
) && (SevEsWorkArea
->EncryptionMask
!= 0)) {
41 // The MSR has been read before, so it is safe to read it again and avoid
42 // having to validate the CPUID information.
47 // Check if memory encryption leaf exist
49 AsmCpuid (CPUID_EXTENDED_FUNCTION
, &RegEax
, NULL
, NULL
, NULL
);
50 if (RegEax
>= CPUID_MEMORY_ENCRYPTION_INFO
) {
52 // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
54 AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO
, &Eax
.Uint32
, NULL
, NULL
, NULL
);
56 if (Eax
.Bits
.SevBit
) {
62 return ReadSevMsr
? AsmReadMsr32 (MSR_SEV_STATUS
) : 0;
66 Returns a boolean to indicate whether SEV-SNP is enabled.
68 @retval TRUE SEV-SNP is enabled
69 @retval FALSE SEV-SNP is not enabled
73 MemEncryptSevSnpIsEnabled (
77 MSR_SEV_STATUS_REGISTER Msr
;
79 Msr
.Uint32
= InternalMemEncryptSevStatus ();
81 return Msr
.Bits
.SevSnpBit
? TRUE
: FALSE
;
85 Returns a boolean to indicate whether SEV-ES is enabled.
87 @retval TRUE SEV-ES is enabled
88 @retval FALSE SEV-ES is not enabled
92 MemEncryptSevEsIsEnabled (
96 MSR_SEV_STATUS_REGISTER Msr
;
98 Msr
.Uint32
= InternalMemEncryptSevStatus ();
100 return Msr
.Bits
.SevEsBit
? TRUE
: FALSE
;
104 Returns a boolean to indicate whether SEV is enabled.
106 @retval TRUE SEV is enabled
107 @retval FALSE SEV is not enabled
111 MemEncryptSevIsEnabled (
115 MSR_SEV_STATUS_REGISTER Msr
;
117 Msr
.Uint32
= InternalMemEncryptSevStatus ();
119 return Msr
.Bits
.SevBit
? TRUE
: FALSE
;
123 Returns the SEV encryption mask.
125 @return The SEV pagtable encryption mask
129 MemEncryptSevGetEncryptionMask (
133 CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx
;
134 SEC_SEV_ES_WORK_AREA
*SevEsWorkArea
;
135 UINT64 EncryptionMask
;
137 SevEsWorkArea
= (SEC_SEV_ES_WORK_AREA
*)FixedPcdGet32 (PcdSevEsWorkAreaBase
);
138 if (SevEsWorkArea
!= NULL
) {
139 EncryptionMask
= SevEsWorkArea
->EncryptionMask
;
142 // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
144 AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO
, NULL
, &Ebx
.Uint32
, NULL
, NULL
);
145 EncryptionMask
= LShiftU64 (1, Ebx
.Bits
.PtePosBits
);
148 return EncryptionMask
;
152 Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
155 @param[out] BaseAddress The base address of the lowest-address page that
156 covers the initial SMRAM Save State Map.
158 @param[out] NumberOfPages The number of pages in the page range that covers
159 the initial SMRAM Save State Map.
161 @retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on
164 @retval RETURN_UNSUPPORTED SMM is unavailable.
168 MemEncryptSevLocateInitialSmramSaveStateMapPages (
169 OUT UINTN
*BaseAddress
,
170 OUT UINTN
*NumberOfPages
173 return RETURN_UNSUPPORTED
;