blob: 96a66e373f110a362989f29e5547800b7063f2ed (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
/** @file
Secure Encrypted Virtualization (SEV) library helper function
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/MemEncryptSevLib.h>
#include <Library/PcdLib.h>
#include <Register/Amd/Cpuid.h>
#include <Register/Amd/Msr.h>
#include <Register/Cpuid.h>
#include <Register/QemuSmramSaveStateMap.h>
#include <Register/SmramSaveStateMap.h>
#include <Uefi/UefiBaseType.h>
STATIC BOOLEAN mSevStatus = FALSE;
STATIC BOOLEAN mSevStatusChecked = FALSE;
/**
Returns a boolean to indicate whether SEV is enabled
@retval TRUE SEV is enabled
@retval FALSE SEV is not enabled
**/
STATIC
BOOLEAN
EFIAPI
InternalMemEncryptSevIsEnabled (
VOID
)
{
UINT32 RegEax;
MSR_SEV_STATUS_REGISTER Msr;
CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax;
//
// Check if memory encryption leaf exist
//
AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
//
// CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
//
AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
if (Eax.Bits.SevBit) {
//
// Check MSR_0xC0010131 Bit 0 (Sev Enabled)
//
Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
if (Msr.Bits.SevBit) {
return TRUE;
}
}
}
return FALSE;
}
/**
Returns a boolean to indicate whether SEV is enabled
@retval TRUE SEV is enabled
@retval FALSE SEV is not enabled
**/
BOOLEAN
EFIAPI
MemEncryptSevIsEnabled (
VOID
)
{
if (mSevStatusChecked) {
return mSevStatus;
}
mSevStatus = InternalMemEncryptSevIsEnabled();
mSevStatusChecked = TRUE;
return mSevStatus;
}
/**
Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
Save State Map.
@param[out] BaseAddress The base address of the lowest-address page that
covers the initial SMRAM Save State Map.
@param[out] NumberOfPages The number of pages in the page range that covers
the initial SMRAM Save State Map.
@retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on
output.
@retval RETURN_UNSUPPORTED SMM is unavailable.
**/
RETURN_STATUS
EFIAPI
MemEncryptSevLocateInitialSmramSaveStateMapPages (
OUT UINTN *BaseAddress,
OUT UINTN *NumberOfPages
)
{
UINTN MapStart;
UINTN MapEnd;
UINTN MapPagesStart; // MapStart rounded down to page boundary
UINTN MapPagesEnd; // MapEnd rounded up to page boundary
UINTN MapPagesSize; // difference between MapPagesStart and MapPagesEnd
if (!FeaturePcdGet (PcdSmmSmramRequire)) {
return RETURN_UNSUPPORTED;
}
MapStart = SMM_DEFAULT_SMBASE + SMRAM_SAVE_STATE_MAP_OFFSET;
MapEnd = MapStart + sizeof (QEMU_SMRAM_SAVE_STATE_MAP);
MapPagesStart = MapStart & ~(UINTN)EFI_PAGE_MASK;
MapPagesEnd = ALIGN_VALUE (MapEnd, EFI_PAGE_SIZE);
MapPagesSize = MapPagesEnd - MapPagesStart;
ASSERT ((MapPagesSize & EFI_PAGE_MASK) == 0);
*BaseAddress = MapPagesStart;
*NumberOfPages = MapPagesSize >> EFI_PAGE_SHIFT;
return RETURN_SUCCESS;
}
|
