2017-07-06 15:21:12 +02:00
|
|
|
/** @file
|
|
|
|
|
|
|
|
Define Secure Encrypted Virtualization (SEV) base library helper function
|
|
|
|
|
2021-01-07 19:48:12 +01:00
|
|
|
Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
|
2017-07-06 15:21:12 +02:00
|
|
|
|
2019-04-04 01:06:33 +02:00
|
|
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
2017-07-06 15:21:12 +02:00
|
|
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
#ifndef _MEM_ENCRYPT_SEV_LIB_H_
|
|
|
|
#define _MEM_ENCRYPT_SEV_LIB_H_
|
|
|
|
|
|
|
|
#include <Base.h>
|
|
|
|
|
2021-01-07 19:48:12 +01:00
|
|
|
//
|
|
|
|
// Internal structure for holding SEV-ES information needed during SEC phase
|
|
|
|
// and valid only during SEC phase and early PEI during platform
|
|
|
|
// initialization.
|
|
|
|
//
|
|
|
|
// This structure is also used by assembler files:
|
|
|
|
// OvmfPkg/ResetVector/ResetVector.nasmb
|
|
|
|
// OvmfPkg/ResetVector/Ia32/PageTables64.asm
|
|
|
|
// any changes must stay in sync with its usage.
|
|
|
|
//
|
|
|
|
typedef struct _SEC_SEV_ES_WORK_AREA {
|
|
|
|
UINT8 SevEsEnabled;
|
|
|
|
} SEC_SEV_ES_WORK_AREA;
|
|
|
|
|
2020-08-12 22:21:39 +02:00
|
|
|
/**
|
|
|
|
Returns a boolean to indicate whether SEV-ES is enabled.
|
|
|
|
|
|
|
|
@retval TRUE SEV-ES is enabled
|
|
|
|
@retval FALSE SEV-ES is not enabled
|
|
|
|
**/
|
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
MemEncryptSevEsIsEnabled (
|
|
|
|
VOID
|
|
|
|
);
|
|
|
|
|
2017-07-06 15:21:12 +02:00
|
|
|
/**
|
|
|
|
Returns a boolean to indicate whether SEV is enabled
|
|
|
|
|
2018-03-01 14:41:01 +01:00
|
|
|
@retval TRUE SEV is enabled
|
2017-07-06 15:21:12 +02:00
|
|
|
@retval FALSE SEV is not enabled
|
2018-03-01 14:41:01 +01:00
|
|
|
**/
|
2017-07-06 15:21:12 +02:00
|
|
|
BOOLEAN
|
|
|
|
EFIAPI
|
|
|
|
MemEncryptSevIsEnabled (
|
|
|
|
VOID
|
|
|
|
);
|
|
|
|
|
|
|
|
/**
|
2018-03-01 14:41:01 +01:00
|
|
|
This function clears memory encryption bit for the memory region specified by
|
|
|
|
BaseAddress and NumPages from the current page table context.
|
|
|
|
|
|
|
|
@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
|
|
|
|
current CR3)
|
|
|
|
@param[in] BaseAddress The physical address that is the start
|
|
|
|
address of a memory region.
|
|
|
|
@param[in] NumPages The number of pages from start memory
|
|
|
|
region.
|
|
|
|
@param[in] Flush Flush the caches before clearing the bit
|
|
|
|
(mostly TRUE except MMIO addresses)
|
|
|
|
|
|
|
|
@retval RETURN_SUCCESS The attributes were cleared for the
|
|
|
|
memory region.
|
|
|
|
@retval RETURN_INVALID_PARAMETER Number of pages is zero.
|
|
|
|
@retval RETURN_UNSUPPORTED Clearing the memory encryption attribute
|
|
|
|
is not supported
|
|
|
|
**/
|
2017-07-06 15:21:12 +02:00
|
|
|
RETURN_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MemEncryptSevClearPageEncMask (
|
|
|
|
IN PHYSICAL_ADDRESS Cr3BaseAddress,
|
|
|
|
IN PHYSICAL_ADDRESS BaseAddress,
|
2018-03-01 14:41:01 +01:00
|
|
|
IN UINTN NumPages,
|
|
|
|
IN BOOLEAN Flush
|
2017-07-06 15:21:12 +02:00
|
|
|
);
|
|
|
|
|
|
|
|
/**
|
|
|
|
This function sets memory encryption bit for the memory region specified by
|
2018-03-01 14:41:01 +01:00
|
|
|
BaseAddress and NumPages from the current page table context.
|
2017-07-06 15:21:12 +02:00
|
|
|
|
2018-03-01 14:41:01 +01:00
|
|
|
@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
|
|
|
|
current CR3)
|
|
|
|
@param[in] BaseAddress The physical address that is the start
|
|
|
|
address of a memory region.
|
|
|
|
@param[in] NumPages The number of pages from start memory
|
|
|
|
region.
|
|
|
|
@param[in] Flush Flush the caches before setting the bit
|
|
|
|
(mostly TRUE except MMIO addresses)
|
2017-07-06 15:21:12 +02:00
|
|
|
|
2018-03-01 14:41:01 +01:00
|
|
|
@retval RETURN_SUCCESS The attributes were set for the memory
|
|
|
|
region.
|
|
|
|
@retval RETURN_INVALID_PARAMETER Number of pages is zero.
|
|
|
|
@retval RETURN_UNSUPPORTED Setting the memory encryption attribute
|
|
|
|
is not supported
|
|
|
|
**/
|
2017-07-06 15:21:12 +02:00
|
|
|
RETURN_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MemEncryptSevSetPageEncMask (
|
|
|
|
IN PHYSICAL_ADDRESS Cr3BaseAddress,
|
|
|
|
IN PHYSICAL_ADDRESS BaseAddress,
|
2018-03-01 14:41:01 +01:00
|
|
|
IN UINTN NumPages,
|
|
|
|
IN BOOLEAN Flush
|
2017-07-06 15:21:12 +02:00
|
|
|
);
|
2018-03-01 17:31:44 +01:00
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
|
|
|
|
Save State Map.
|
|
|
|
|
|
|
|
@param[out] BaseAddress The base address of the lowest-address page that
|
|
|
|
covers the initial SMRAM Save State Map.
|
|
|
|
|
|
|
|
@param[out] NumberOfPages The number of pages in the page range that covers
|
|
|
|
the initial SMRAM Save State Map.
|
|
|
|
|
|
|
|
@retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on
|
|
|
|
output.
|
|
|
|
|
|
|
|
@retval RETURN_UNSUPPORTED SMM is unavailable.
|
|
|
|
**/
|
|
|
|
RETURN_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MemEncryptSevLocateInitialSmramSaveStateMapPages (
|
|
|
|
OUT UINTN *BaseAddress,
|
|
|
|
OUT UINTN *NumberOfPages
|
|
|
|
);
|
2017-07-06 15:21:12 +02:00
|
|
|
#endif // _MEM_ENCRYPT_SEV_LIB_H_
|