From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.53])
 by mx.groups.io with SMTP id smtpd.web12.14896.1624902214261590736
 for <devel@edk2.groups.io>;
 Mon, 28 Jun 2021 10:43:34 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=Ra6WBFzB;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.220.53, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=e0y4i7l7Zx3wI8vYGrKEfUUo+SlBG48RO4d6he3bBUD9Rd1hvfpjQFHB5A2ob5dUHqUBsoNLtPTSSUEsgJuy1SJ7fyaK/L1ZTxCiQcTXV1F4GQd23wtBzszvVosGmRSkEMkifQuKSD1XYI1hkfDb5F1yyGkimlkemtfI3hlQgBv0xoYh7yzmEDYPAjVbGICQsJaBaC7e5YtQ2V3NWK4amaQINh+A1g+tK9oNySPucYMb38Smxex/yjwxKFfbZkNsqkrbTfid1udlDZjafkISVKhmtnnaetvRjlITyNj7bhFih7vjXhjP0pz88HShOS6mEiwUFmRtKQeOrlWHcpnGDw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NPv8YfpGhCBRXdslNfACTg5q1VaJCohOC88+QdWyUx8=;
 b=adPt5oPA6YC8TNdz3j5viltGnSFYFMAtw7+0FthPe+peTjkrP3s6z/7dvTsryjlARcEk4hqav0ARB55VhypA+MiF+nf/jJcKl0jR5SIZGCZA1WwWip4Jil8KoPjB/zfXsrk+ZflX/TACar/j/Jlmue+/IFfmBKrOiKa1F7WxeHc1T+h8Pjg25ntcGamfYXkPPRZO5S8j7qwjzDTkrAKyqZbYn6OviivlICRKoR6QOtIsfakUP5gXX5/5BrbwH/YBZfR6uxm4//Fzs32xCYbN+s8znBjucRQZG2FfGuAA7rfgTR+1a9zM5BYK4WNydFeD8RtrIwVbwuFAvp/bL+EUAQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NPv8YfpGhCBRXdslNfACTg5q1VaJCohOC88+QdWyUx8=;
 b=Ra6WBFzBWaVbm2NDqxYcmfrMe0qZiJAoJ0l5X5zBtprQ1+4L5cvU6Ao9eZG3YxymeQFP0V2hWz5vSZ2nlvCfy37x3QyRF7KcQjN28b67sDaEQNA1kBDDvJj8gG5C+h96lkiKgDdwakT23kOrQq/WKJmjCJts09axr2gSqdJFRXo=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from DM6PR12MB2714.namprd12.prod.outlook.com (2603:10b6:5:42::18) by
 DM6PR12MB4172.namprd12.prod.outlook.com (2603:10b6:5:212::9) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.4264.19; Mon, 28 Jun 2021 17:43:32 +0000
Received: from DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b]) by DM6PR12MB2714.namprd12.prod.outlook.com
 ([fe80::7df8:b0cd:fe1b:ae7b%5]) with mapi id 15.20.4264.026; Mon, 28 Jun 2021
 17:43:32 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Laszlo Ersek <lersek@redhat.com>,
	Erdem Aktas <erdemaktas@google.com>,
	Eric Dong <eric.dong@intel.com>,
	Ray Ni <ray.ni@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Brijesh Singh <brijesh.singh@amd.com>
Subject: [RFC PATCH v4 10/27] OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled()
Date: Mon, 28 Jun 2021 12:42:06 -0500
Message-ID: <20210628174223.1302-11-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210628174223.1302-1-brijesh.singh@amd.com>
References: <20210628174223.1302-1-brijesh.singh@amd.com>
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: SN4PR0601CA0020.namprd06.prod.outlook.com
 (2603:10b6:803:2f::30) To DM6PR12MB2714.namprd12.prod.outlook.com
 (2603:10b6:5:42::18)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0601CA0020.namprd06.prod.outlook.com (2603:10b6:803:2f::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.19 via Frontend Transport; Mon, 28 Jun 2021 17:43:31 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: f187d058-05bc-4e61-1d46-08d93a5c3f7e
X-MS-TrafficTypeDiagnostic: DM6PR12MB4172:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM6PR12MB41721BCB0D9D20576F297BBCE5039@DM6PR12MB4172.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:196;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	VM960aOT1yA72JgVAXDC5qJzRJwJP9XUps39ZaA1r1Wan1EII7J/lKFTJ09tV3R15159Wq8wXYA0+1QAN39OD6x7zcixjTQxxMWTQ+/iuDP/1tfoMB9zMKdg7RpN+pa3KX6J6RNTCWMmJAYuUq+XD6aicq+tKFFeLNptN+nBmvZ15e0TIEl2TPuKMyKnqb6Iw6acYd3Q1ZseNrok46N0AJ45dOZ/eY9TJfbblFSo+0yTX7K4a2bUaJnMoIgtJhl/x8YFayw5+1Ebh5KC42t1HfE4LVtJiu2ytA3FC0fRcZ73hVJax8SNjwey0j/+1ANzIXPItW2TRi066LoCHJS6VWtKitesGpE7jCzlwCGAAyIllhcTB5lWy5SckbmTFugLPNqxrc3sVdaAZ9NDt9icOcC1L1TW26ngCDxw1EQkxy0UxzH/8ZK4k+JH1N0XFnEsnVf4Gzdl8jOE9ky7Jmzs8ZnYQLB7Zs60B82UjGdzEJ0wdigbBvKAZVPJOAr5MJ8wWWNT5y3X7BQfgBiQKgvrpjeDUFxkZ3ylCFZ+Z6B9qN5CCz+tk1lgYJeQ+OLqsIjq5P9Mg0a+rngXoArGCr5W13X9ZkvRmpj3kyH4Xxa5TU+JE/qYtu+/RI0kkpUrt5FFYmYk/tZ4vzjzrozB1MO65pA+sZk2Fahs+LagCzyjKSoFPE4BSBRca+AYKyc1yJ8jZrLRAy2MMO5iv1FfmpQOFSW2ZVNPD8x+/vZG+30AkDQqb6mzhZA35507bBZW06+SlBDPcH5EemF43Azf7aL8vFqmW4Qh98xNeOcxY3J+csOdiRSur7HK9Gn2bp6ONBiqNTC1gow7r/x1QIh36nuVp7OOlC8etjmN9LbRQ8EyvSQ=
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR12MB2714.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(136003)(376002)(346002)(39860400002)(396003)(8676002)(66476007)(66556008)(66946007)(966005)(5660300002)(1076003)(6666004)(8936002)(38350700002)(38100700002)(4326008)(478600001)(52116002)(2616005)(316002)(956004)(6916009)(7416002)(86362001)(54906003)(2906002)(7696005)(16526019)(36756003)(186003)(26005)(6486002)(44832011)(213903007);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?fofrhNVnjbk5mnyWGmZVmThv0+n45wANhfkef+0PCIFTaM67j8bKzSXmhbfU?=
 =?us-ascii?Q?Adyv3EozC/ganwKSDUSfy72k2imTqauZWsAQD55n1KACwjBRI/Yv/5f4h/x/?=
 =?us-ascii?Q?a/R1pIYnZIX3eDHehd3rWuqFC7aJEhnDUDmT6CIUIMIptQTXO0T22JUWUgv+?=
 =?us-ascii?Q?cUBGtgLxKUQvqbRf4nUfGij+KyhYUmP9tocHOOo73C75VjvxWhXuALqyrqus?=
 =?us-ascii?Q?lBq9V9UPBGMSD70QCKjkt8rvwRsIcHx/E5sXghyGLDsQY8CVPk3jsawl0azr?=
 =?us-ascii?Q?VaQHAtmxq4yNUxYygY9fD6xFejgJwuPBzxC/uqLAkwYAs11MCzL8B4HxhzAs?=
 =?us-ascii?Q?X3wumJz5pRo3FiKTX4SvKkIYa8q68+yM8dNJR1C2VCRkBdQqCcFkhXzuMR8V?=
 =?us-ascii?Q?i4a8Fd+IUuX7e/swXHxQG9D5c4l1lterS9nGHF2gEcebCjPsvUa6tK35ASt6?=
 =?us-ascii?Q?6Jr4fyuuIVYPd4DUrvdj0Qs3R1+UioZ2qQmXhl9sYebSEnE1Z78Pwx3qqSO6?=
 =?us-ascii?Q?j2naHvQFOVgve9RRP83qvg1vbzgUfJiwNlXJ+a6oZbcz9kzACJciXR5HR0Ua?=
 =?us-ascii?Q?p46qQcTVEIBlY6rQW4XzN8uEf6KxNlkDwpbYJlwGTaUNZbrkt6xbedGQvyyO?=
 =?us-ascii?Q?oPoFkDN9Jjl8BQ1oDHKTc+sSpuU9GbNTwoKQuT5Lz50kFfR44tyz/SxK+DjU?=
 =?us-ascii?Q?Suo65d86KewRxui56d6dI6Jd8FkqTnANSdN1ZgjSfiHzOOELmPFTSBstvtGj?=
 =?us-ascii?Q?QxgGwPZiaORWHmv/uLEyVvQKIDfXgrqFXzzxcUodTbYXI/76xkO2BL/jf7xS?=
 =?us-ascii?Q?QcagODKFw691ci+g/JQ6/cZ4WSgNutHmSHhnNJ7k9xm3ayrSYo3O6uWYQ/Xy?=
 =?us-ascii?Q?V/fcaR1MDhp5Q44zbpxpbOhMEBfgOtfQnaxSU9lA1eSwU3hcxSSaxGH3Dsi7?=
 =?us-ascii?Q?saTfz/V5umqLrzoF/1NQrq4/pnykzYdjojFl55VtJrAyomh6EGDV/LNuZNJE?=
 =?us-ascii?Q?9bgGINgm2f2qtclSHp0Ji1UjL0Prp/XZgPYJOloJZr/pcuyLS5dJxVzKiHWg?=
 =?us-ascii?Q?t17Pdv9nxzZWIibOJxS2KfsI6Bq1fbicMPp2dUkqt4pscxJQlXgRHtqnSqJa?=
 =?us-ascii?Q?J3HCM6BP+m048RZST+fQjaFjOWcro6+/oJZ4AJLNAZbiPi5WoXEk8BbZXO79?=
 =?us-ascii?Q?BH8HmFGe8SXpdf9QPRcTs50Iv+6Q5YCjJ3uiZD1KeuE2eqIdd1zBnA5vSiKP?=
 =?us-ascii?Q?U8S3mD5V5hC5A5k8NibwDkWG1CWVf0VchFzc5Fyc6H6KvKU2F9z4nKhv6BIi?=
 =?us-ascii?Q?PtHJTuRjAkXdEtOOU6KQFeg/?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: f187d058-05bc-4e61-1d46-08d93a5c3f7e
X-MS-Exchange-CrossTenant-AuthSource: DM6PR12MB2714.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Jun 2021 17:43:32.8186
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: EGC4Ar6FPifLzzhf3VDloMW88q56OFym5wJfwtRBfr3oM/nnDlmI6lICEHHZmJ9hTp5vZ9LpYugbFBrX5CgVDg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4172
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Create a function that can be used to determine if VM is running as an
SEV-SNP guest.

Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h    | 12 +++++++++
 .../DxeMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../PeiMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../SecMemEncryptSevLibInternal.c             | 19 +++++++++++++
 4 files changed, 85 insertions(+)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L=
ibrary/MemEncryptSevLib.h
index 76d06c206c8b..2425d8ba0a36 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -66,6 +66,18 @@ typedef enum {
   MemEncryptSevAddressRangeError,
 } MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE;
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  );
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 2816f859a0c4..057129723824 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index e2fd109d120f..b561f211f577 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 56d8f3f3183f..69852779e2ff 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -62,6 +62,25 @@ InternalMemEncryptSevStatus (
   return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER           Msr;
+
+  Msr.Uint32 =3D InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.SevSnpBit ? TRUE : FALSE;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
--=20
2.17.1