diff options
author | Brijesh Singh <brijesh.singh@amd.com> | 2017-07-06 09:21:12 -0400 |
---|---|---|
committer | Jordan Justen <jordan.l.justen@intel.com> | 2017-07-10 21:17:27 -0700 |
commit | a1f2261425d59e359df30e3a415933def9b7f435 (patch) | |
tree | 0a36000c2d1cedbdeb8a080f470c63b8f91e161f /OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c | |
parent | 97353a9c914d4bf53ad084689ade0675b71a5c48 (diff) | |
download | edk2-a1f2261425d59e359df30e3a415933def9b7f435.tar.gz edk2-a1f2261425d59e359df30e3a415933def9b7f435.tar.bz2 edk2-a1f2261425d59e359df30e3a415933def9b7f435.zip |
OvmfPkg/BaseMemcryptSevLib: Add SEV helper library
Add Secure Encrypted Virtualization (SEV) helper library.
The library provides the routines to:
- set or clear memory encryption bit for a given memory region.
- query whether SEV is enabled.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Acked-by: Jordan Justen <jordan.l.justen@intel.com>
Diffstat (limited to 'OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c')
-rw-r--r-- | OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c | 90 |
1 files changed, 90 insertions, 0 deletions
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c new file mode 100644 index 0000000000..002f079c7e --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c @@ -0,0 +1,90 @@ +/** @file
+
+ Secure Encrypted Virtualization (SEV) library helper function
+
+ Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
+
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD
+ License which accompanies this distribution. The full text of the license may
+ be found at http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Register/Cpuid.h>
+#include <Register/Amd/Cpuid.h>
+#include <Register/Amd/Msr.h>
+#include <Library/MemEncryptSevLib.h>
+
+STATIC BOOLEAN mSevStatus = FALSE;
+STATIC BOOLEAN mSevStatusChecked = FALSE;
+
+/**
+
+ Returns a boolean to indicate whether SEV is enabled
+
+ @retval TRUE SEV is enabled
+ @retval FALSE SEV is not enabled
+ **/
+STATIC
+BOOLEAN
+EFIAPI
+InternalMemEncryptSevIsEnabled (
+ VOID
+ )
+{
+ UINT32 RegEax;
+ MSR_SEV_STATUS_REGISTER Msr;
+ CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax;
+
+ //
+ // Check if memory encryption leaf exist
+ //
+ AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
+ if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
+ //
+ // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
+ //
+ AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
+
+ if (Eax.Bits.SevBit) {
+ //
+ // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
+ //
+ Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
+ if (Msr.Bits.SevBit) {
+ return TRUE;
+ }
+ }
+ }
+
+ return FALSE;
+}
+
+/**
+
+ Returns a boolean to indicate whether SEV is enabled
+
+ @retval TRUE SEV is enabled
+ @retval FALSE SEV is not enabled
+ **/
+BOOLEAN
+EFIAPI
+MemEncryptSevIsEnabled (
+ VOID
+ )
+{
+ if (mSevStatusChecked) {
+ return mSevStatus;
+ }
+
+ mSevStatus = InternalMemEncryptSevIsEnabled();
+ mSevStatusChecked = TRUE;
+
+ return mSevStatus;
+}
|