git.proxmox.com Git - mirror

OvmfPkg: Obtain SEV encryption mask with the new MemEncryptSevLib API

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108

The early assembler code performs validation for some of the SEV-related
information, specifically the encryption bit position. The new
MemEncryptSevGetEncryptionMask() interface provides access to this
validated value.

To ensure that we always use a validated encryption mask for an SEV-ES
guest, update all locations that use CPUID to calculate the encryption
mask to use the new interface.

Also, clean up some call areas where extra masking was being performed
and where a function call was being used instead of the local variable
that was just set using the function.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Peter Grehan <grehan@freebsd.org>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <9de678c0d66443c6cc33e004a4cac0a0223c2ebc.1610045305.git.thomas.lendacky@amd.com>

author	Tom Lendacky <thomas.lendacky@amd.com>
	Thu, 7 Jan 2021 18:48:17 +0000 (12:48 -0600)
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
	Thu, 7 Jan 2021 19:34:39 +0000 (19:34 +0000)
commit	45388d046c3506bd49dca29aed8ec74756e6165c
tree	ffbfffd7b1b1ac07b8df443d3a77ae81d63ca6ab	tree
parent	b97dc4b92ba1cc9f351854aed1c35c636d2d3992	commit \| diff

OvmfPkg/Bhyve/PlatformPei/AmdSev.c		diff \| blob \| blame \| history
OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c		diff \| blob \| blame \| history
OvmfPkg/PlatformPei/AmdSev.c		diff \| blob \| blame \| history
OvmfPkg/XenPlatformPei/AmdSev.c		diff \| blob \| blame \| history