OvmfPkg/BaseMemEncryptLib: use the SEV_STATUS MSR value from workarea

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3582 Improve the MemEncryptSev{Es,Snp}IsEnabled() to use the SEV_STATUS MSR value saved in the workarea. Since workarea is valid until the PEI phase, so, for the Dxe phase use the PcdConfidentialComputingGuestAttr to determine which SEV technology is enabled. Cc: Min Xu <min.m.xu@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org> Cc: Erdem Aktas <erdemaktas@google.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> Acked-by: Jiewen Yao <jiewen.yao@intel.com>
2022-02-21 22:59:14 +08:00
parent 63c50d3ff2
commit f1d1c337e7
6 changed files with 155 additions and 212 deletions
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf
@@ -58,6 +58,7 @@

 [FixedPcd]
  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfWorkAreaBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfPeiMemFvBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecPageTablesBase
  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecValidatedEnd