diff options
| author | Tom Lendacky <thomas.lendacky@amd.com> | 2021-01-07 12:48:16 -0600 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-01-07 19:34:39 +0000 |
| commit | b97dc4b92ba1cc9f351854aed1c35c636d2d3992 (patch) | |
| tree | 76b82684aa4d4303a69c9af9664cdf8e3dc4e868 /OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf | |
| parent | 3b32be7e7192654812eb35bd89255f2916b1f02a (diff) | |
| download | edk2-b97dc4b92ba1cc9f351854aed1c35c636d2d3992.tar.gz edk2-b97dc4b92ba1cc9f351854aed1c35c636d2d3992.tar.bz2 edk2-b97dc4b92ba1cc9f351854aed1c35c636d2d3992.zip | |
OvmfPkg/MemEncryptSevLib: Add an interface to retrieve the encryption mask
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108
To ensure that we always use a validated encryption mask for an SEV-ES
guest, create a new interface in the MemEncryptSevLib library to return
the encryption mask. This can be used in place of the multiple locations
where CPUID is used to retrieve the value (which would require validation
again) and allows the validated mask to be returned.
The PEI phase will use the value from the SEV-ES work area. Since the
SEV-ES work area isn't valid in the DXE phase, the DXE phase will use the
PcdPteMemoryEncryptionAddressOrMask PCD which is set during PEI.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Peter Grehan <grehan@freebsd.org>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <e12044dc01b21e6fc2e9535760ddf3a38a142a71.1610045305.git.thomas.lendacky@amd.com>
Diffstat (limited to 'OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf')
| -rw-r--r-- | OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf new file mode 100644 index 0000000000..c3cd046cb6 --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf @@ -0,0 +1,56 @@ +## @file
+# Library provides the helper functions for SEV guest
+#
+# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 1.25
+ BASE_NAME = PeiMemEncryptSevLib
+ FILE_GUID = 15d9a694-3d2a-4184-9672-ba55c3070e07
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = MemEncryptSevLib|PEIM
+
+#
+# The following information is for reference only and not required by the build
+# tools.
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Packages]
+ MdeModulePkg/MdeModulePkg.dec
+ MdePkg/MdePkg.dec
+ OvmfPkg/OvmfPkg.dec
+ UefiCpuPkg/UefiCpuPkg.dec
+
+[Sources]
+ MemEncryptSevLibInternal.c
+ PeiMemEncryptSevLibInternal.c
+
+[Sources.X64]
+ X64/MemEncryptSevLib.c
+ X64/VirtualMemory.c
+ X64/VirtualMemory.h
+
+[Sources.IA32]
+ Ia32/MemEncryptSevLib.c
+
+[LibraryClasses]
+ BaseLib
+ CacheMaintenanceLib
+ CpuLib
+ DebugLib
+ MemoryAllocationLib
+ PcdLib
+
+[FeaturePcd]
+ gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
+
+[FixedPcd]
+ gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
|