OvmfPkg: Enable AMD SEV-ES DebugVirtualization

Write the feature bit into PcdConfidentialComputingGuestAttr
and enable DebugVirtualization in PEI, SEC, DXE.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Roth <michael.roth@amd.com>
Cc: Min Xu <min.m.xu@intel.com>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Signed-off-by: Alexey Kardashevskiy <aik@amd.com>
---
Changes:
v5:
* "rb" from Tom

v4:
* s/DebugSwap/DebugVirtualization/g

1 files changed, 10 insertions, 3 deletions

diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
index 88ca14507f..8562787035 100644
--- a/OvmfPkg/PlatformPei/AmdSev.c
+++ b/OvmfPkg/PlatformPei/AmdSev.c
@@ -434,6 +434,7 @@ AmdSevInitialize (
   )

 {

   UINT64         EncryptionMask;

+  UINT64         CCGuestAttr;

   RETURN_STATUS  PcdStatus;

 

   //

@@ -517,13 +518,19 @@ AmdSevInitialize (
   // technology is active.

   //

   if (MemEncryptSevSnpIsEnabled ()) {

-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevSnp);

+    CCGuestAttr = CCAttrAmdSevSnp;

   } else if (MemEncryptSevEsIsEnabled ()) {

-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSevEs);

+    CCGuestAttr = CCAttrAmdSevEs;

   } else {

-    PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCAttrAmdSev);

+    CCGuestAttr = CCAttrAmdSev;

   }

 

+  if (MemEncryptSevEsDebugVirtualizationIsEnabled ()) {

+    CCGuestAttr |= CCAttrFeatureAmdSevEsDebugVirtualization;

+  }

+

+  PcdStatus = PcdSet64S (PcdConfidentialComputingGuestAttr, CCGuestAttr);

+

   ASSERT_RETURN_ERROR (PcdStatus);

 }