OvmfPkg/MemEncryptSevLib: add function to check the VMPL0

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3275

Virtual Machine Privilege Level (VMPL) feature in the SEV-SNP
architecture allows a guest VM to divide its address space into four
levels. The level can be used to provide the hardware isolated
abstraction layers with a VM. The VMPL0 is the highest privilege, and
VMPL3 is the least privilege. Certain operations must be done by the
VMPL0 software, such as:

* Validate or invalidate memory range (PVALIDATE instruction)
* Allocate VMSA page (RMPADJUST instruction when VMSA=1)

The initial SEV-SNP support assumes that the guest is running on VMPL0.
Let's add function in the MemEncryptSevLib that can be used for checking
whether guest is booted under the VMPL0.

Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>

OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecSnpSystemRamValidate.c

@@ -14,6 +14,43 @@
 
 #include "SnpPageStateChange.h"
 
+//
+// The variable used for the VMPL check.
+//
+STATIC UINT8  gVmpl0Data[4096];
+
+/**
+ The function checks whether SEV-SNP guest is booted under VMPL0.
+
+ @retval  TRUE      The guest is booted under VMPL0
+ @retval  FALSE     The guest is not booted under VMPL0
+ **/
+STATIC
+BOOLEAN
+SevSnpIsVmpl0 (
+  VOID
+  )
+{
+  UINT64      Rdx;
+  EFI_STATUS  Status;
+
+  //
+  // There is no straightforward way to query the current VMPL level.
+  // The simplest method is to use the RMPADJUST instruction to change
+  // a page permission to a VMPL level-1, and if the guest kernel is
+  // launched at a level <= 1, then RMPADJUST instruction will return
+  // an error.
+  //
+  Rdx = 1;
+
+  Status = AsmRmpAdjust ((UINT64)gVmpl0Data, 0, Rdx);
+  if (EFI_ERROR (Status)) {
+    return FALSE;
+  }
+
+  return TRUE;
+}
+
 /**
   Pre-validate the system RAM when SEV-SNP is enabled in the guest VM.
 
@@ -32,5 +69,14 @@ MemEncryptSevSnpPreValidateSystemRam (
     return;
   }
 
+  //
+  // The page state change uses the PVALIDATE instruction. The instruction
+  // can be run on VMPL-0 only. If its not VMPL-0 guest then terminate
+  // the boot.
+  //
+  if (!SevSnpIsVmpl0 ()) {
+    SnpPageStateFailureTerminate ();
+  }
+
   InternalSetPageState (BaseAddress, NumPages, SevSnpPagePrivate, TRUE);
 }

OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChange.h

@@ -27,4 +27,9 @@ InternalSetPageState (
   IN BOOLEAN               UseLargeEntry
   );
 
+VOID
+SnpPageStateFailureTerminate (
+  VOID
+  );
+
 #endif

OvmfPkg/Library/BaseMemEncryptSevLib/X64/SnpPageStateChangeInternal.c

@@ -42,7 +42,6 @@ MemoryStateToGhcbOp (
   return Cmd;
 }
 
-STATIC
 VOID
 SnpPageStateFailureTerminate (
   VOID