From af1a266670d040d2f4083ff309d732d648afba2a Mon Sep 17 00:00:00 2001 From: Angelos Mouzakitis Date: Tue, 10 Oct 2023 14:33:42 +0000 Subject: Add submodule dependency files Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec --- roms/edk2/OvmfPkg/XenPlatformPei/AmdSev.c | 64 +++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 roms/edk2/OvmfPkg/XenPlatformPei/AmdSev.c (limited to 'roms/edk2/OvmfPkg/XenPlatformPei/AmdSev.c') diff --git a/roms/edk2/OvmfPkg/XenPlatformPei/AmdSev.c b/roms/edk2/OvmfPkg/XenPlatformPei/AmdSev.c new file mode 100644 index 000000000..7ebbb5cc1 --- /dev/null +++ b/roms/edk2/OvmfPkg/XenPlatformPei/AmdSev.c @@ -0,0 +1,64 @@ +/**@file + Initialize Secure Encrypted Virtualization (SEV) support + + Copyright (c) 2017, Advanced Micro Devices. All rights reserved.
+ Copyright (c) 2019, Citrix Systems, Inc. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ +// +// The package level header files this module uses +// +#include +#include +#include +#include +#include +#include + +#include "Platform.h" + +/** + + Function checks if SEV support is available, if present then it sets + the dynamic PcdPteMemoryEncryptionAddressOrMask with memory encryption mask. + + **/ +VOID +AmdSevInitialize ( + VOID + ) +{ + CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; + UINT64 EncryptionMask; + RETURN_STATUS PcdStatus; + + // + // Check if SEV is enabled + // + if (!MemEncryptSevIsEnabled ()) { + return; + } + + // + // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) + // + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL); + EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits); + + // + // Set Memory Encryption Mask PCD + // + PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask); + ASSERT_RETURN_ERROR (PcdStatus); + + DEBUG ((DEBUG_INFO, "SEV is enabled (mask 0x%lx)\n", EncryptionMask)); + + // + // Set Pcd to Deny the execution of option ROM when security + // violation. + // + PcdStatus = PcdSet32S (PcdOptionRomImageVerificationPolicy, 0x4); + ASSERT_RETURN_ERROR (PcdStatus); +} -- cgit 1.2.3-korg