From nobody Sat Nov 2 10:23:46 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Authentication-Results: mx.zoho.com; dkim=fail spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org; Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1494454198353795.6047129987119; Wed, 10 May 2017 15:09:58 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id CFFE621A16E25; Wed, 10 May 2017 15:09:48 -0700 (PDT) Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on0613.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe49::613]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7601821959D44 for ; Wed, 10 May 2017 15:09:47 -0700 (PDT) Received: from brijesh-build-machine.amd.com (165.204.77.1) by CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1075.11; Wed, 10 May 2017 22:09:45 +0000 X-Original-To: edk2-devel@lists.01.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=iO7rikgq6VxmevoM1F1UgJdQ/KS26fG/vymqrn3hWk0=; b=cBUpDJjgyjmv0BhBKnCx8IvTLT9NvqgMV7n1WjR00Ro+ScqLHdystxWZ31odOYMarlmcQ98ZpDorNoJzsvrcOnmHL3rfNLi2frpVKipfB/YPCqHnt9kBZPoOYoK2SfGuxtYuLuICEQ+TA+6tcDP4wi/n3TWWCdDJWCo0mObHw+Q= Authentication-Results: lists.01.org; dkim=none (message not signed) header.d=none;lists.01.org; dmarc=none action=none header.from=amd.com; From: Brijesh Singh To: Date: Wed, 10 May 2017 18:09:14 -0400 Message-ID: <1494454162-9940-6-git-send-email-brijesh.singh@amd.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1494454162-9940-1-git-send-email-brijesh.singh@amd.com> References: <1494454162-9940-1-git-send-email-brijesh.singh@amd.com> MIME-Version: 1.0 X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: MWHPR21CA0051.namprd21.prod.outlook.com (10.172.93.141) To CY1PR12MB0149.namprd12.prod.outlook.com (10.161.173.19) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: adf4dff5-1754-4453-63f2-08d497f144a8 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081)(201703131423075)(201703031133081); SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 3:pGWuLBrlMZ0puzM3aQOcHkGhYhbJBR9dmsqUjstQl/4FurrWbLYDEJgm3KVYTgD8kU/TUgxFEUpIIN14AfSQvP7qUR/6uidSS/6+l0fOdO7mWOapWl2B6A0bV+dVYCqC33gUcuuCQbfbbVMIcHDETR0YJgJ/TkRrb1jZ14gkUZN7YMjzrc9Qe8cISdYKjquHCNbj891g7ldRMv0o07+ew4mnNWkHCN+ZCK9C/Wd+0grDaYQfwkpkgXtDu0Wn0yog1+RXj3zCw5fSoryJxH6/yGcVLk717S2d69xC4RqqXt6KIzujZa7v2tqXogy0sKeMSK6vAJ02khW9CybKb76O7MJhFcLQQGvp6+EdXbeH1AU=; 25:z6pzt2tIu9pEA4RoXlW1fjgN1KPn1tfwPMFwbzz3alZhzQPCxYGWfTYlPP2XNW+DxmtRJIreHcCQRVKNzMMIcOESNK2Ef0mVpjwrK/jgFniLrUPjAyC5ZU73D8T/cl00BcAGjk+GzY4YpFQhyMiLh0csyeItdwVoC3CMbfVT/1jjjGcZoDUf8Bfrl7Yt7yWByI9xOkyud4iyYbmnSGTyGoOqAPvEI5SHnGkaq5EMm1Ha+oeQP4oa+oyTBOic/aMf0FXz9xfPGRoU+ynChI5wjfOm3ztyh7FXz5L6wsKzNcKKwL+8/EVapsgj/D+WUlp41U8Pq8OrWvTc67abOcoIbQ2RhlGfPEO88Ypl6NxWKCq6903L9zQk13o79+EPMbeWoK+fSsqD+ezuh3PAHLue515AGHyTrNNcxVatkMiR1BXU1FPPyK08otqs1cPuMsO8+kXI0sa0Mc42DgwdknJmXetl82Wuo+/cvBzZ4H6Gjyg= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 31:gZLlM0bYBZ4Ln9LUZB14/H7UG2Kr6quG+AP18Zno7H+zSk7wS2vWtR34MfqzWKggUTv32LQKFzDIw1PFzkUvM5V/Qt70axPvyKzM8UGYNP20FJNCwr27pKF0vEXVmPyeSD24YnySouIWpy+6aFJNzPNoVsfiarNEPVnR0SF6DAvCyjljQ6lJqZq/jq27KHqd5ksnX8b23WXGWee0pf2VaBk2sHh/2KligdhWF3+qWCI=; 20:53yi8F0sN0M97GgeStPsU61JA5FxgZQzPwbWly9zzuUYn85OL294hbBofhGezZcE6AYqHCuyleB8/8jPgwHp/IRRycOjuJfe5wLgxfJfd4WWTK+6RH+lTUyWbIDjHNwWyzhGaVPb+VNY/ObqyJqEMbRpTvHynI6IWdgrDv2Uo/TNMEFc75jgARFOD1feLzt57228n+Y2OK8W0lkGzBcqjHZyynZQD6B5xL5zdBvh5OvuNK8aFTjxzEeV0+Erb2TkhEWr0FAaI/BEy4J5PBAVoh1RJTV0M3Y0Rl6vLYyoOIT30YpCk5i4XQWJoL+k1+o3KI41GzpYxcTxU3Tfq+XLnHsC+L5UkEENFP2tVVjXaC5vwGOXduSHVHpHp7ZgdYwZJsZZlYc3hNg9tKcATB45G3Be7sqh0GPncKH11NT0XCfFhOYVy75fLmRlZqNneX34nCEWGCOG6Vu1NpIZvuTQ+Soz705GOo832ASDUbMcyYZ7HLXNmO1dOaQJu4ZagaxT X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(767451399110)(228905959029699); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(5005006)(8121501046)(93006095)(93001095)(10201501046)(3002001)(6055026)(6041248)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(20161123558100)(20161123560025)(20161123555025)(20161123564025)(6072148); SRVR:CY1PR12MB0149; BCL:0; PCL:0; RULEID:; SRVR:CY1PR12MB0149; X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 4:tPofDdQb4yVzdMVHx+wJnBTtHjQA1MxtFuiuLM9cEYUCNvQS8r22gvo/KbirjBRQoNa5/yMAULDDosFbj+BbUEB6hMGO0QQ5msnwxvdSmGS0FiEdhNgKowIBZxyyp7F3xV0T3Y4NvMXkvsOPR78GuE2PGeXc9iL7UiEM9GxZ5j2B4B4SYlKbeK/SY67HFQgDb7hTvxMyZsj9CzuidAPCU7tGnSo3sVwj931WF7Wsir/qJRBEuSbx5HmKxXbeOMJByfRdTeI3bZjHiVxBT+KZKTVnB/ji8agpmJRwRcMO04her3qxvd8kK8hAfrxLhOetwmRFGBcit+lH9UngE6eM2PMPzX0oIjIRaXzNVEUvBzyi/ayBOGQ7IzJ2rK729RfEbFWV3xWUv/XA+M8LVayeGlyJocMXqp2V8K4uU/NRKfbt8J6iZGh5bUJGPIbHnml20gprumSD+stXq4hFCJQGO01Ci9It8IU751OOkQlRyiSiLcRDH6wxj+P6BCCh0W2KK7WQB93/cEQIav+8vwQ5X2JU3Yjpycr3R/ssdWykmXmEGLXScqDpu7Ad/aX7fUVTubqJcAB0qjPMINp1A9sbRH82CSgBJ2C/QVHpy7Dx8FNASUkf6BiyQodibxs4JMWDeXWhAXuamL1R2ynvJfQY0GSv6nQXOtsCSbQXE5UOkEokKcyPJ2SVP9Im9xi/yfZXxcbEFLYr8nuK1Sld6duY8vSCKYoK1Qn4E5aRwjETZ1qq5EhlFBDuHlZ8iCv/HFaJxLrla70pLRz9f1FZmCqBd3hoERx3yEkNqP2OSr09KBKqpsrs0txhs03to6E8yDS/+++vAtO3R4MZE/aElrUzJqn5XlWUvBKBwuiUJ8rQwWbxiD6XTF8DGVZiRRE21wAm X-Forefront-PRVS: 03030B9493 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10009020)(4630300001)(6009001)(39840400002)(39400400002)(39410400002)(39850400002)(50986999)(2950100002)(6666003)(6916009)(6486002)(76176999)(50466002)(33646002)(478600001)(86362001)(189998001)(48376002)(110136004)(8676002)(4326008)(2906002)(6306002)(54906002)(38730400002)(53376002)(53936002)(966004)(3846002)(6116002)(50226002)(25786009)(81166006)(575784001)(5003940100001)(5660300001)(53416004)(36756003)(42186005)(66066001)(7736002)(15188155005)(305945005)(2351001)(16799955002)(19627235001); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR12MB0149; H:brijesh-build-machine.amd.com; FPR:; SPF:None; MLV:sfv; LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR12MB0149; 23:QCmvTxYOOY4qY88ovt03wKoLMgyZ6ufn7QOPYz6I+?= =?us-ascii?Q?iOZC++ae9Q/+fKLQIWikRgszbguoD4yXHQrN4C4kohTZr984Z5odO1gObBvz?= =?us-ascii?Q?8GPMVjAhNHKSJFcDWFc5/PADh1HvZX4F8a4erlTkoVlaQYDMTCbzXPZRHQPo?= =?us-ascii?Q?ni3oXqj9z4DSynB3GbB3cct87dZebPU0lOu+3l9sSHSOsdIc6eEs/9tYvUu/?= =?us-ascii?Q?plJLEkO2jl5sbRmKaAcwpbBTOr4LayENpnFqIiRnrUxAGmALArcaWjE7r07r?= =?us-ascii?Q?/y8ctEC4utlqD8OZXSxV3Z/N8p0/exp+pyUQnSzbE15VceLY7nQfRayQN+Xw?= =?us-ascii?Q?RzFw2b0PwMTkfvA4h3aebIRAr24yCJx3s8p4iVMbGgUNZDoZFEI/fAyJMnp1?= =?us-ascii?Q?YRuwgDGJQsar4BJE8vG1pzleoR4Hpe7Sfz+kh4CEkOEsoiIi3U7EIUm3DbWs?= =?us-ascii?Q?z6xoyDAieBDBzyXbMrlFtB30rC6eXAkw1k3ha2tYTxr2gBpJqeaxu9jvMsQc?= =?us-ascii?Q?/FGvVEwT8bvzpsHnRwbuXVDlleW+kdkugouqEgq7nqsvUFMZfewg+daozYKF?= =?us-ascii?Q?6dvq2lSIbWenu8q9pzC896RsdwY7aZmLW8voBtZv/wNnF3YbLvHgWX9mwDxR?= =?us-ascii?Q?Du4wR1qOR+MfY83lH7rj8B46UjrCK191xwyoliEDr9/UOxA5MqfsHrRDObkv?= =?us-ascii?Q?RT4zBAwv/ep4XyOmKPp29ZirPeSPPwNYG3SHScvCyrmhbrk/pWVpaMHBOwIy?= =?us-ascii?Q?sv3O73I7tK4GHEVwrGfPrsel+sRjq+tN2DOS+C3yviiheZ1dq/mqZ24IZzIH?= =?us-ascii?Q?388xb5tWPK4LCyU8cQxAW0UU0Eym6qUgEFZF6U19nIr9jE+hNGZr+FRqYC/g?= =?us-ascii?Q?3R61223mF61Je4dvmJ1EHSrjCfdchE5h7s7NWtVbEQgWM0MEFQHL36AX97pq?= =?us-ascii?Q?jqVa2wsSQMJdgBs7LC2yCAYNBo5+W00zGWUFGKCz9lVuw/XFyRVt+FV85Mhu?= =?us-ascii?Q?HhaIfbAdwMiejy5uYPRDVVfFVTESwjcrmefD0LfbBtzUbW/Z+sMClsF7ASM5?= =?us-ascii?Q?/XX6r7VkpA2GtZ5PwlVHCjNJ8GCPVXh1EeEtf4Evj/Zz75laSnCDPuo74nES?= =?us-ascii?Q?Vhj1d7D5efMBtikwBxt/6hBy7rDp5U22TNsh4lPkpQch7V+uu/rgA=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 6:/0CJnXBQ6XmyPMyJ/8QvLwDJNpwroElgqOwDjb8rdQH1dXrgJs/7Wdh3g8TcbSEsQ4UmSKN/PHzmLctUOhiTtNMv3wMJbWznodcWGtaUQaHWU3ZoUtQSatCBPr0X7YvfJ+2X60gre3+weQKcHcsyQp0QuZ4Yv1ZTdHG2NnhccQuUmC0KeIDPEIUAolAW+JhKbb1nEVTaSOoXGpaaEQ/HLGJ/L63VseLx9hLi7occBm35khjMp6S0Qm6AYnPNyniCoxuag0y7CsR6fJ6wk2kyX0emTbRwNinDg08urf/WrJtUqvGmDshmTSpC9pkaNbzhAn7QvTWWgyZkUqAAw8x6DmNmOHEv/chs+/zvq6kirn/LWNNIKQ0xt08OplPN8iys17ggvGaVMBPij2IzlZn823Mhec6rJ7vaLa6KJn2tt7M2WxjNx+/lAQWww9ZflQtu9lhN0rLQB8Ab6uJWFz3kqlDuvBBNk0dWjk8FBsTcJEawxHJern1jlqt1K8EtEvZAFEi/tBZwJNqzqSJFpfBGXFphBmeTsvBnfnTdPCnFbC4=; 5:zg1VWoa3tubaTiorHGrAnnJa8frxXSNqEaZgF/RtBA92Mp61FQnSOgbIot5NpNdza6GPDIj17LkL2z8KXJbhysHkCTQ6XFbygahCtKua9DZaeN08aEl46c3ChZhd2ZJ4P35rzJS8bsNyH3lqmiFDCw==; 24:oV8uCPoZOOikOV5wqHk0K0BkwmEaSPHFSFEpuM57B6wv4/yYS6tJFxPl2NeQE9yL2kPHikACnYDHrOrtvwYX+GEdbfzhtt+rRxRvXbuGEkI= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; CY1PR12MB0149; 7:tG8b6J/y1d5TWOvePffo8xlvsZrknbIJquh8OH8GjKqkFhNJo2siVurPczs0FijswitHGKpvZF1tpI3vikwLGfRQChLTph78j2Og7NHLNkVhzN1RxtC9AFjAxcthMVzCM/lRYLCHMkvz+0JFv1/VHB6RQbrLXqVY2r9nVgo/VvM4Bq0uXPdPAU7oWWBLhAEvrpgqdVFuFuKcrXxcCB5ZCLh+loWbRF4AvYKHPW+dBoLZqacElMbnvUY/+IiRJZpgPlGDPRvQ8xAQutnv4nQPkrSY+w8hanqM0l1t9cqPeMeB1lUIsOSwA8cZJNGN1/dDMAfqCJbECMSzPPn0fmzYzg==; 20:WjfsDf9jIRDhhkrFtLpogix9F7XJ6BmJS9MmxZ3i0w5uatepGm+jW/AWf4HCo5DFlJpIyvKM9HowS9takgzrqT53RVHFpyKJkvquUiRKu7WUe6fLqIZRZM0Mhlt+kBi/JzNMmvNc1IJ7MMMiFqvZDE52m4XPYO7igSC7hGp+F8cIk+XVej0olQ/E8NHI5TAXTmCC9FePyuvRJdQRYO6axk71gzEl0egdzWFBnYbgYyqkd+hnsMJ7kpMAL7XnOESz X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 May 2017 22:09:45.4146 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR12MB0149 Subject: [edk2] [RFC v4 05/13] OvmfPkg/PlatformPei: Set memory encryption PCD when SEV is enabled X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Thomas.Lendacky@amd.com, leo.duran@amd.com, Laszlo Ersek , Jordan Justen Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Secure Encrypted Virtualization (SEV) guest VMs have the concept of private and shared memory. Private memory is encrypted with the guest-specific key, while shared memory may be encrypted with hypervisor key. Certain types of memory (namely instruction pages and guest page tables) are always treated as private memory by the hardware. For data memory, SEV guest VMs can choose which pages they would like to be private. The choice is done using the standard CPU page tables using the C-bit. When building the initial page table we mark all the memory as private. The patch sets the memory encryption PCD, the PCD is used by DxeCore when building the initial page table. Cc: Jordan Justen Cc: Laszlo Ersek Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Brijesh Singh Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 3 + OvmfPkg/OvmfPkgIa32X64.dsc | 3 + OvmfPkg/OvmfPkgX64.dsc | 3 + OvmfPkg/PlatformPei/PlatformPei.inf | 3 + OvmfPkg/PlatformPei/Platform.h | 5 ++ OvmfPkg/PlatformPei/AmdSev.c | 62 ++++++++++++++++++++ OvmfPkg/PlatformPei/Platform.c | 1 + 7 files changed, 80 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 265f2d2b6d2f..139d54aa010e 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -530,6 +530,9 @@ [PcdsDynamicDefault] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000 =20 + # Set memory encryption mask + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000 diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 3b50a2dd2d2f..9403f76ce862 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -538,6 +538,9 @@ [PcdsDynamicDefault] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000 =20 + # Set memory encryption mask + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000 diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 82c73331aa9f..e137143f7afa 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -537,6 +537,9 @@ [PcdsDynamicDefault] gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber|64 gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds|50000 =20 + # Set memory encryption mask + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask|0x0 + !if $(SMM_REQUIRE) =3D=3D TRUE gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmSyncMode|0x01 gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000 diff --git a/OvmfPkg/PlatformPei/PlatformPei.inf b/OvmfPkg/PlatformPei/Plat= formPei.inf index 53c6dd445a0e..a9a7a76c7325 100644 --- a/OvmfPkg/PlatformPei/PlatformPei.inf +++ b/OvmfPkg/PlatformPei/PlatformPei.inf @@ -29,6 +29,7 @@ [Defines] # =20 [Sources] + AmdSev.c Cmos.c FeatureControl.c Fv.c @@ -60,6 +61,7 @@ [LibraryClasses] QemuFwCfgLib QemuFwCfgS3Lib MtrrLib + MemEncryptSevLib PcdLib =20 [Pcd] @@ -94,6 +96,7 @@ [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack gEfiMdeModulePkgTokenSpaceGuid.PcdPropertiesTableEnable gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable + gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask gUefiCpuPkgTokenSpaceGuid.PcdCpuLocalApicBaseAddress gUefiCpuPkgTokenSpaceGuid.PcdCpuMaxLogicalProcessorNumber gUefiCpuPkgTokenSpaceGuid.PcdCpuApInitTimeOutInMicroSeconds diff --git a/OvmfPkg/PlatformPei/Platform.h b/OvmfPkg/PlatformPei/Platform.h index 18f42c3f0ea8..a7729b9df44b 100644 --- a/OvmfPkg/PlatformPei/Platform.h +++ b/OvmfPkg/PlatformPei/Platform.h @@ -88,6 +88,11 @@ XenDetect ( VOID ); =20 +VOID +AmdSevInitialize ( + VOID + ); + extern BOOLEAN mXen; =20 VOID diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c new file mode 100644 index 000000000000..26f7c3fdbb13 --- /dev/null +++ b/OvmfPkg/PlatformPei/AmdSev.c @@ -0,0 +1,62 @@ +/**@file + Initialize Secure Encrypted Virtualization (SEV) support + + Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD + License which accompanies this distribution. The full text of the licen= se + may be found at http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. + +**/ +// +// The package level header files this module uses +// +#include + +#include +#include +#include +#include +#include + +/** + + Function checks if SEV support is available, if present then it sets + the dynamic PcdPteMemoryEncryptionAddressOrMask with memory encryption m= ask. + + **/ +VOID +EFIAPI +AmdSevInitialize ( + VOID + ) +{ + CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; + UINT64 EncryptionMask; + RETURN_STATUS PcdStatus; + + // + // Check if SEV is enabled + // + if (!MemEncryptSevIsEnabled ()) { + return; + } + + // + // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) + // + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); + EncryptionMask =3D LShiftU64 (1, Ebx.Bits.PtePosBits); + + // + // Set Memory Encryption Mask PCD + // + PcdStatus =3D PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, Encryption= Mask); + ASSERT_RETURN_ERROR (PcdStatus); + + DEBUG ((DEBUG_INFO, "SEV is enabled (mask 0x%lx)\n", EncryptionMask)); +} diff --git a/OvmfPkg/PlatformPei/Platform.c b/OvmfPkg/PlatformPei/Platform.c index 5e983a8dcea9..5121e337bdcb 100644 --- a/OvmfPkg/PlatformPei/Platform.c +++ b/OvmfPkg/PlatformPei/Platform.c @@ -678,6 +678,7 @@ InitializePlatform ( NoexecDxeInitialization (); } =20 + AmdSevInitialize (); MiscInitialization (); InstallFeatureControlCallback (); =20 --=20 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel