OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR value from workarea

[mirror_edk2.git] / OvmfPkg / Library / BaseMemEncryptSevLib / SecMemEncryptSevLibInternal.c

diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 5d912b2a4a5e4a043f8e8aa758bd55237a8540af..80aceba01bcf28a7f8b013b5f8b2fce7fd713627 100644 (file)
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -18,7 +18,33 @@
 #include <Uefi/UefiBaseType.h>\r
 \r
 /**\r
-  Reads and sets the status of SEV features.\r
+   Read the workarea to determine whether SEV is enabled. If enabled,\r
+   then return the SevEsWorkArea pointer.\r
+\r
+  **/\r
+STATIC\r
+SEC_SEV_ES_WORK_AREA *\r
+EFIAPI\r
+GetSevEsWorkArea (\r
+  VOID\r
+  )\r
+{\r
+  OVMF_WORK_AREA  *WorkArea;\r
+\r
+  WorkArea = (OVMF_WORK_AREA *)FixedPcdGet32 (PcdOvmfWorkAreaBase);\r
+\r
+  //\r
+  // If its not SEV guest then SevEsWorkArea is not valid.\r
+  //\r
+  if ((WorkArea == NULL) || (WorkArea->Header.GuestType != GUEST_TYPE_AMD_SEV)) {\r
+    return NULL;\r
+  }\r
+\r
+  return (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);\r
+}\r
+\r
+/**\r
+  Read the SEV Status MSR value from the workarea\r
 \r
   **/\r
 STATIC\r
@@ -28,38 +54,14 @@ InternalMemEncryptSevStatus (
   VOID\r
   )\r
 {\r
-  UINT32                            RegEax;\r
-  CPUID_MEMORY_ENCRYPTION_INFO_EAX  Eax;\r
-  BOOLEAN                           ReadSevMsr;\r
-  SEC_SEV_ES_WORK_AREA              *SevEsWorkArea;\r
-\r
-  ReadSevMsr = FALSE;\r
-\r
-  SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);\r
-  if ((SevEsWorkArea != NULL) && (SevEsWorkArea->EncryptionMask != 0)) {\r
-    //\r
-    // The MSR has been read before, so it is safe to read it again and avoid\r
-    // having to validate the CPUID information.\r
-    //\r
-    ReadSevMsr = TRUE;\r
-  } else {\r
-    //\r
-    // Check if memory encryption leaf exist\r
-    //\r
-    AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);\r
-    if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {\r
-      //\r
-      // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)\r
-      //\r
-      AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);\r
-\r
-      if (Eax.Bits.SevBit) {\r
-        ReadSevMsr = TRUE;\r
-      }\r
-    }\r
+  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;\r
+\r
+  SevEsWorkArea = GetSevEsWorkArea ();\r
+  if (SevEsWorkArea == NULL) {\r
+    return 0;\r
   }\r
 \r
-  return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0;\r
+  return (UINT32)(UINTN)SevEsWorkArea->SevStatusMsrValue;\r
 }\r
 \r
 /**\r
@@ -130,22 +132,14 @@ MemEncryptSevGetEncryptionMask (
   VOID\r
   )\r
 {\r
-  CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;\r
-  SEC_SEV_ES_WORK_AREA              *SevEsWorkArea;\r
-  UINT64                            EncryptionMask;\r
-\r
-  SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *)FixedPcdGet32 (PcdSevEsWorkAreaBase);\r
-  if (SevEsWorkArea != NULL) {\r
-    EncryptionMask = SevEsWorkArea->EncryptionMask;\r
-  } else {\r
-    //\r
-    // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)\r
-    //\r
-    AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);\r
-    EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);\r
+  SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;\r
+\r
+  SevEsWorkArea = GetSevEsWorkArea ();\r
+  if (SevEsWorkArea == NULL) {\r
+    return 0;\r
   }\r
 \r
-  return EncryptionMask;\r
+  return SevEsWorkArea->EncryptionMask;\r
 }\r
 \r
 /**\r