#define _MEM_ENCRYPT_SEV_LIB_H_\r
\r
#include <Base.h>\r
+#include <WorkArea.h>\r
\r
//\r
// Define the maximum number of #VCs allowed (e.g. the level of nesting\r
// gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize\r
// in any FDF file using this PCD.\r
//\r
-#define VMGEXIT_MAXIMUM_VC_COUNT 2\r
+#define VMGEXIT_MAXIMUM_VC_COUNT 2\r
\r
//\r
// Per-CPU data mapping structure\r
// writing random data to that area.\r
//\r
typedef struct {\r
- UINT32 Dr7Cached;\r
- UINT64 Dr7;\r
+ UINT32 Dr7Cached;\r
+ UINT64 Dr7;\r
\r
- UINTN VcCount;\r
- VOID *GhcbBackupPages;\r
+ UINTN VcCount;\r
+ VOID *GhcbBackupPages;\r
} SEV_ES_PER_CPU_DATA;\r
\r
-//\r
-// Internal structure for holding SEV-ES information needed during SEC phase\r
-// and valid only during SEC phase and early PEI during platform\r
-// initialization.\r
-//\r
-// This structure is also used by assembler files:\r
-// OvmfPkg/ResetVector/ResetVector.nasmb\r
-// OvmfPkg/ResetVector/Ia32/PageTables64.asm\r
-// OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm\r
-// any changes must stay in sync with its usage.\r
-//\r
-typedef struct _SEC_SEV_ES_WORK_AREA {\r
- UINT8 SevEsEnabled;\r
- UINT8 Reserved1[7];\r
-\r
- UINT64 RandomData;\r
-\r
- UINT64 EncryptionMask;\r
-} SEC_SEV_ES_WORK_AREA;\r
-\r
//\r
// Memory encryption address range states.\r
//\r
MemEncryptSevAddressRangeError,\r
} MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE;\r
\r
+/**\r
+ Returns a boolean to indicate whether SEV-SNP is enabled\r
+\r
+ @retval TRUE SEV-SNP is enabled\r
+ @retval FALSE SEV-SNP is not enabled\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+MemEncryptSevSnpIsEnabled (\r
+ VOID\r
+ );\r
+\r
/**\r
Returns a boolean to indicate whether SEV-ES is enabled.\r
\r
address of a memory region.\r
@param[in] NumPages The number of pages from start memory\r
region.\r
- @param[in] Flush Flush the caches before clearing the bit\r
- (mostly TRUE except MMIO addresses)\r
\r
@retval RETURN_SUCCESS The attributes were cleared for the\r
memory region.\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevClearPageEncMask (\r
- IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
- IN PHYSICAL_ADDRESS BaseAddress,\r
- IN UINTN NumPages,\r
- IN BOOLEAN Flush\r
+ IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
+ IN PHYSICAL_ADDRESS BaseAddress,\r
+ IN UINTN NumPages\r
);\r
\r
/**\r
address of a memory region.\r
@param[in] NumPages The number of pages from start memory\r
region.\r
- @param[in] Flush Flush the caches before setting the bit\r
- (mostly TRUE except MMIO addresses)\r
\r
@retval RETURN_SUCCESS The attributes were set for the memory\r
region.\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevSetPageEncMask (\r
- IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
- IN PHYSICAL_ADDRESS BaseAddress,\r
- IN UINTN NumPages,\r
- IN BOOLEAN Flush\r
+ IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
+ IN PHYSICAL_ADDRESS BaseAddress,\r
+ IN UINTN NumPages\r
);\r
\r
-\r
/**\r
Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM\r
Save State Map.\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevLocateInitialSmramSaveStateMapPages (\r
- OUT UINTN *BaseAddress,\r
- OUT UINTN *NumberOfPages\r
+ OUT UINTN *BaseAddress,\r
+ OUT UINTN *NumberOfPages\r
);\r
\r
/**\r
MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE\r
EFIAPI\r
MemEncryptSevGetAddressRangeState (\r
- IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
- IN PHYSICAL_ADDRESS BaseAddress,\r
- IN UINTN Length\r
+ IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
+ IN PHYSICAL_ADDRESS BaseAddress,\r
+ IN UINTN Length\r
);\r
\r
/**\r
RETURN_STATUS\r
EFIAPI\r
MemEncryptSevClearMmioPageEncMask (\r
- IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
- IN PHYSICAL_ADDRESS BaseAddress,\r
- IN UINTN NumPages\r
+ IN PHYSICAL_ADDRESS Cr3BaseAddress,\r
+ IN PHYSICAL_ADDRESS BaseAddress,\r
+ IN UINTN NumPages\r
+ );\r
+\r
+/**\r
+ Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.\r
+\r
+ @param[in] BaseAddress Base address\r
+ @param[in] NumPages Number of pages starting from the base address\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+MemEncryptSevSnpPreValidateSystemRam (\r
+ IN PHYSICAL_ADDRESS BaseAddress,\r
+ IN UINTN NumPages\r
);\r
\r
#endif // _MEM_ENCRYPT_SEV_LIB_H_\r
projects / mirror_edk2.git / blobdiff