sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

OvmfPkg/BaseMemEncryptTdxLib: Add TDX helper library

Browse Source 
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3429

Add Intel Tdx helper library. The library provides the routines to:
-  set or clear Shared bit for a given memory region.
-  query whether TDX is enabled.

Please be noted, there a lot of duplicated codes for Page Table
operations. These codes should be moved to a common library
(PageTablesLib) so that it is more friendly for review and maintain.
There is a new feature requirement
https://bugzilla.tianocore.org/show_bug.cgi?id=847 which is to
implement the library. After the lib is introduced, BaseMemEncryptTdxLib
will be refactored.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
This commit is contained in:
Min Xu
2021-09-22 20:21:18 +08:00
committed by mergify[bot]
parent 9fdc70af6b
commit 5aa8018639
9 changed files with 1385 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
OvmfPkg/Library/BaseMemEncryptTdxLib/BaseMemoryEncryptionNull.c Normal file
View File

@@ -0,0 +1,90 @@
/** @file
Virtual Memory Management Services to set or clear the memory encryption
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
Code is derived from MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
**/
#include <Uefi.h>
#include <Uefi/UefiBaseType.h>
#include <Library/BaseLib.h>
#include <Library/MemEncryptTdxLib.h>
/**
Returns boolean to indicate whether to indicate which, if any, memory encryption is enabled
@param[in] Type Bitmask of encryption technologies to check is enabled
@retval TRUE The encryption type(s) are enabled
@retval FALSE The encryption type(s) are not enabled
**/
BOOLEAN
EFIAPI
MemEncryptTdxIsEnabled (
VOID
)
{
return FALSE;
}
/**
This function clears memory encryption bit for the memory region specified by
BaseAddress and NumPages from the current page table context.
@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
current CR3)
@param[in] BaseAddress The physical address that is the start
address of a memory region.
@param[in] NumPages The number of pages from start memory
region.
@retval RETURN_SUCCESS The attributes were cleared for the
memory region.
@retval RETURN_INVALID_PARAMETER Number of pages is zero.
@retval RETURN_UNSUPPORTED Clearing the memory encryption attribute
is not supported
**/
RETURN_STATUS
EFIAPI
MemEncryptTdxSetPageSharedBit (
IN PHYSICAL_ADDRESS Cr3BaseAddress,
IN PHYSICAL_ADDRESS BaseAddress,
IN UINTN NumPages
)
{
return EFI_UNSUPPORTED;
}
/**
This function sets memory encryption bit for the memory region specified by
BaseAddress and NumPages from the current page table context.
@param[in] Cr3BaseAddress Cr3 Base Address (if zero then use
current CR3)
@param[in] BaseAddress The physical address that is the start
address of a memory region.
@param[in] NumPages The number of pages from start memory
region.
@retval RETURN_SUCCESS The attributes were set for the memory
region.
@retval RETURN_INVALID_PARAMETER Number of pages is zero.
@retval RETURN_UNSUPPORTED Setting the memory encryption attribute
is not supported
**/
RETURN_STATUS
EFIAPI
MemEncryptTdxClearPageSharedBit (
IN PHYSICAL_ADDRESS Cr3BaseAddress,
IN PHYSICAL_ADDRESS BaseAddress,
IN UINTN NumPages
)
{
return EFI_UNSUPPORTED;
}