mirror of
https://github.com/acidanthera/audk.git
synced 2025-07-24 14:14:31 +02:00
OvmfPkg/MemEncryptSevLib: Add an SEV-ES guest indicator function
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2198 Create a function that can be used to determine if the VM is running as an SEV-ES guest. Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com> Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
This commit is contained in:
parent
fefcf90c33
commit
0afa1d08f1
@ -13,6 +13,18 @@
|
||||
|
||||
#include <Base.h>
|
||||
|
||||
/**
|
||||
Returns a boolean to indicate whether SEV-ES is enabled.
|
||||
|
||||
@retval TRUE SEV-ES is enabled
|
||||
@retval FALSE SEV-ES is not enabled
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
MemEncryptSevEsIsEnabled (
|
||||
VOID
|
||||
);
|
||||
|
||||
/**
|
||||
Returns a boolean to indicate whether SEV is enabled
|
||||
|
||||
|
@ -20,19 +20,17 @@
|
||||
#include <Uefi/UefiBaseType.h>
|
||||
|
||||
STATIC BOOLEAN mSevStatus = FALSE;
|
||||
STATIC BOOLEAN mSevEsStatus = FALSE;
|
||||
STATIC BOOLEAN mSevStatusChecked = FALSE;
|
||||
|
||||
/**
|
||||
Reads and sets the status of SEV features.
|
||||
|
||||
Returns a boolean to indicate whether SEV is enabled
|
||||
|
||||
@retval TRUE SEV is enabled
|
||||
@retval FALSE SEV is not enabled
|
||||
**/
|
||||
STATIC
|
||||
BOOLEAN
|
||||
VOID
|
||||
EFIAPI
|
||||
InternalMemEncryptSevIsEnabled (
|
||||
InternalMemEncryptSevStatus (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
@ -56,16 +54,42 @@ InternalMemEncryptSevIsEnabled (
|
||||
//
|
||||
Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
|
||||
if (Msr.Bits.SevBit) {
|
||||
return TRUE;
|
||||
mSevStatus = TRUE;
|
||||
}
|
||||
|
||||
//
|
||||
// Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
|
||||
//
|
||||
if (Msr.Bits.SevEsBit) {
|
||||
mSevEsStatus = TRUE;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
mSevStatusChecked = TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns a boolean to indicate whether SEV is enabled
|
||||
Returns a boolean to indicate whether SEV-ES is enabled.
|
||||
|
||||
@retval TRUE SEV-ES is enabled
|
||||
@retval FALSE SEV-ES is not enabled
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
MemEncryptSevEsIsEnabled (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
if (!mSevStatusChecked) {
|
||||
InternalMemEncryptSevStatus ();
|
||||
}
|
||||
|
||||
return mSevEsStatus;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns a boolean to indicate whether SEV is enabled.
|
||||
|
||||
@retval TRUE SEV is enabled
|
||||
@retval FALSE SEV is not enabled
|
||||
@ -76,13 +100,10 @@ MemEncryptSevIsEnabled (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
if (mSevStatusChecked) {
|
||||
return mSevStatus;
|
||||
if (!mSevStatusChecked) {
|
||||
InternalMemEncryptSevStatus ();
|
||||
}
|
||||
|
||||
mSevStatus = InternalMemEncryptSevIsEnabled();
|
||||
mSevStatusChecked = TRUE;
|
||||
|
||||
return mSevStatus;
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user