sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
b97dc4b92ba1cc9f351854aed1c35c636d2d3992
system76-edk2/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
Tom Lendacky b97dc4b92b OvmfPkg/MemEncryptSevLib: Add an interface to retrieve the encryption mask 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3108

To ensure that we always use a validated encryption mask for an SEV-ES
guest, create a new interface in the MemEncryptSevLib library to return
the encryption mask. This can be used in place of the multiple locations
where CPUID is used to retrieve the value (which would require validation
again) and allows the validated mask to be returned.

The PEI phase will use the value from the SEV-ES work area. Since the
SEV-ES work area isn't valid in the DXE phase, the DXE phase will use the
PcdPteMemoryEncryptionAddressOrMask PCD which is set during PEI.

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Rebecca Cran <rebecca@bsdio.com>
Cc: Peter Grehan <grehan@freebsd.org>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
Message-Id: <e12044dc01b21e6fc2e9535760ddf3a38a142a71.1610045305.git.thomas.lendacky@amd.com>
2021-01-07 19:34:39 +00:00

64 lines
1.9 KiB
C
Raw Blame History

/** @file
Secure Encrypted Virtualization (SEV) library helper function
Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/MemEncryptSevLib.h>
#include <Library/PcdLib.h>
#include <Register/QemuSmramSaveStateMap.h>
#include <Register/SmramSaveStateMap.h>
#include <Uefi/UefiBaseType.h>
/**
Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
Save State Map.
@param[out] BaseAddress The base address of the lowest-address page that
covers the initial SMRAM Save State Map.
@param[out] NumberOfPages The number of pages in the page range that covers
the initial SMRAM Save State Map.
@retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set on
output.
@retval RETURN_UNSUPPORTED SMM is unavailable.
**/
RETURN_STATUS
EFIAPI
MemEncryptSevLocateInitialSmramSaveStateMapPages (
OUT UINTN *BaseAddress,
OUT UINTN *NumberOfPages
)
{
UINTN MapStart;
UINTN MapEnd;
UINTN MapPagesStart; // MapStart rounded down to page boundary
UINTN MapPagesEnd; // MapEnd rounded up to page boundary
UINTN MapPagesSize; // difference between MapPagesStart and MapPagesEnd
if (!FeaturePcdGet (PcdSmmSmramRequire)) {
return RETURN_UNSUPPORTED;
}
MapStart = SMM_DEFAULT_SMBASE + SMRAM_SAVE_STATE_MAP_OFFSET;
MapEnd = MapStart + sizeof (QEMU_SMRAM_SAVE_STATE_MAP);
MapPagesStart = MapStart & ~(UINTN)EFI_PAGE_MASK;
MapPagesEnd = ALIGN_VALUE (MapEnd, EFI_PAGE_SIZE);
MapPagesSize = MapPagesEnd - MapPagesStart;
ASSERT ((MapPagesSize & EFI_PAGE_MASK) == 0);
*BaseAddress = MapPagesStart;
*NumberOfPages = MapPagesSize >> EFI_PAGE_SHIFT;
return RETURN_SUCCESS;
}
Reference in New Issue View Git Blame Copy Permalink