From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.61])
 by mx.groups.io with SMTP id smtpd.web10.176.1630513061970038126
 for <devel@edk2.groups.io>;
 Wed, 01 Sep 2021 09:17:45 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=Tz+NUzp+;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.61, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Qv1GaR+4CCa1KSzXkXZsq06fII59WiTrFIEpZCFlc6tzyOdqb8eICsnjj5ndZt149Hfp27MXiPx+OpsqjSI/0g/6i5jXifrDk09epaxaRnBIMXdY0kYj5vH7o07u7G5ybO7EdzQ2tKgtx4yeN5RoKlrHAYyN64yUbYWkNm87F0RHgM84jvegfDZenGalkBW35luGfZ81MbW/8o0JV9EbVmTq9jaNmSViwCdl8BsGth4cvgYnXrGPVY0WLG2k0fIKFf1Lb6hn9TESL5rYotuStFoUSPsDZwTA+nJkKrNHH9DMtl/Jw6x/vo3MxFWVEmOorgJbYnZVDVee+bACwaFwBA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=5OUcog9UVozK+ADgLz8vv0rYUnIBv0rJBeB6x+qPiHY=;
 b=XSpM9ziZg/dmRe2C9WV77Fl3A9DuwjdNfYZf5Kol7+iV4WgAPB0+3p4WgQwqZXEN4sz2mMeuWjaSJoP/vp/UV1jgq47HSS+sVnuGUbIKscTt3x3LAFo4k7+o4mlDCJCz2CvRX2EoSr5ehnCenw8HKyQ24ro0r9tzDVIE36zXvPTXmE1q2GEFKpHrWnLRH94RqZmpP/r0PFwSGyhyYzTnJdgf6ZsEUOi8jWfr2Egp+wypQDyhW+T3m4apqxlpx+nAdsMxOu5zVjb4zXItBIXhypA8QGIzU529Gvn+lGGGSiHDhOck4fQr/u/gjhYarkp8p/qEH7N65olEJg4c2Wi5aQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=5OUcog9UVozK+ADgLz8vv0rYUnIBv0rJBeB6x+qPiHY=;
 b=Tz+NUzp+6ARQdLQVdv+zTEhs/CslF7VuCL/t8wbmAOphO/lYkkMMc8qaloTHYW9p2gVPJRo2soXVemnQAgSi1IzN0aYAj01FAGwyHEfUlv5yqkZ05PB1m8aKcbOqwOeRKETho5A/7C+A2MuF0lx2tWGAvMRjx/ERpBocusM2Khc=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22)
 by SA0PR12MB4415.namprd12.prod.outlook.com (2603:10b6:806:70::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.17; Wed, 1 Sep
 2021 16:17:41 +0000
Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4457.025; Wed, 1 Sep 2021
 16:17:41 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Erdem Aktas <erdemaktas@google.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Michael Roth <michael.roth@amd.com>
Subject: [PATCH v6 09/29] OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled()
Date: Wed,  1 Sep 2021 11:16:26 -0500
Message-ID: <20210901161646.24763-10-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210901161646.24763-1-brijesh.singh@amd.com>
References: <20210901161646.24763-1-brijesh.singh@amd.com>
X-ClientProxiedBy: SN4PR0501CA0062.namprd05.prod.outlook.com
 (2603:10b6:803:41::39) To SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0501CA0062.namprd05.prod.outlook.com (2603:10b6:803:41::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.12 via Frontend Transport; Wed, 1 Sep 2021 16:17:40 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 9bfece3d-5d02-41e3-6fd7-08d96d64059c
X-MS-TrafficTypeDiagnostic: SA0PR12MB4415:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<SA0PR12MB44152E558EC3A34A15901F29E5CD9@SA0PR12MB4415.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:196;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	MicuvOkBf6svYha5oQpfXsYQxzrGWaMbS3n0R2cVdGMN+ihcOq9dYYIgbm8q4L0mVfvacdZi7wvVmfGShxpY9NqVtHAGaq0aJjsK/NToRyPmVBKM3AHhLg8l5B+LPQ5hPLSfq/2fORAInYfF0/qJyMOelCLDpJ0kr/gBKrO6H33oSt7AENrFO/OT5KC0wTLD4Qa4SiDD1um+Wrtd9p2svI4nODMLgbpJ2LPMUzUiromEr/XbVj1S81dPwK5k5ZPu5IGwK0UNfIqEiR0gUOsVGTn+/uHp+jfd/gyw7TFLOW79cWITF7rJr3VclB7q4aMQSrIBQhOj/XDargFcw114igsv3aXbyCl4k0aj1uiDLEkFolbRAdCGA1stNF9aSUM+akD/OcAEau6G63B7Vi25YliYCBYbzEPBX4dOfnV595CVN15Q0TOK+OOdJicYKafPvU2wu+TQz4DIUpRgMNuJGYutV5ugYrhUwY8i1+RGvbW6SdG7I3XhIwUpClzBHLIMzBpkrEE9C4Bu0dwGd3yvrKtroWmoFueu0M6dm5kJZ8mXQNuRHzv0A/o5mT8axXqZdQHsKcmYYSrTDVBpRZKjo+EOv5aru+0ZdLjNG6lr5x5y+GxV0XxX6VMOV/tMN3tqeyHyFOSU3LOOpJsKIZyBp1uGq15Q4VkDQJy4v2e4fbhW9sEP1UAoW/yVgPazxhwNfFKVdbVRxS5qTkg3KAsKv6V3xFh0EAx/SOOip7hJocU91XTwOtKBBvFVjZ9TpoQzmc52QvteYgy1CVa+xqI3CRgw8HWfsbu9CXTj7yoPeoY0Ed+RyEPfFUfxzbo7+e+N
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(376002)(136003)(396003)(346002)(366004)(66476007)(1076003)(6916009)(2906002)(8936002)(8676002)(186003)(26005)(66946007)(86362001)(66556008)(316002)(478600001)(966005)(44832011)(2616005)(54906003)(6486002)(5660300002)(36756003)(956004)(4326008)(6666004)(7696005)(52116002)(38350700002)(38100700002)(213903007);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?Ug/WPi6U+x72/ykq7D0GWezbJZoYLjtAUYTrIB01HjHyh2AFGe4ipqA0DhNI?=
 =?us-ascii?Q?NfpZxv7RWkxlH3yebi9GNDTA8BcqiqsI9Cuh4af2ZrRXmUE94UilY3UryGUk?=
 =?us-ascii?Q?f0ENc3NJ+x4K58eVVN9De3V0C3Na7hoh+tjR4c7J72jXhlTRznFJFIx2l9Ri?=
 =?us-ascii?Q?bfa7LiiTOub7g6dsEgHkPl5ggf2zmituOX4Eihr6eVBVOJyeUH7OMAcbMK8v?=
 =?us-ascii?Q?SKkn9D+BHRKgU/Y3lo1b86odyixxGbnz0TZrPvcvP0cJ4jgvhydby31At+7Y?=
 =?us-ascii?Q?efXuHNzJMXmSXthijd+W95o/dDoKxIS23cDlTBb0a+pTxYRlu2PZtVi8ZPDl?=
 =?us-ascii?Q?QEZEuNstg0fTaQTLZhgm65blgi800cOhAv4peqHISSQknHFkqlTgJtPBeuJU?=
 =?us-ascii?Q?6NmsTXIepkNtmXTIPWFRIzERIHJAoSpIcDf+PsBP4SfTjqPf0JOWHJBok8hZ?=
 =?us-ascii?Q?iZVsVc9RmZnMAE3jOPnm48zVoFDC/oTU++/AJbL5b3C1cDk3pFixfvrLA42I?=
 =?us-ascii?Q?2sz5Lzz6qONWYBqkJfjXs4iv0w8k5oJQDC7p55NaefKKGvkJLjXRzhZ8vwrg?=
 =?us-ascii?Q?6CePcl7ybcm0n30qrxxLCZBmAlYYb9WQgj4+LomHoQPLdmBVhzjZXJul5xgg?=
 =?us-ascii?Q?pmXitHqcmWG+yk17TJ0f15x4H7iXz9UW0AaNVYHu6hx2F5STDzikXeSQpw9W?=
 =?us-ascii?Q?VsNA17c2IU11RNO9/CZpBfPnxl1yv/cNelgqky5rZetiGtt+xNZTf6i/H+BG?=
 =?us-ascii?Q?4ZwQirB3Os1p5S5X8XKf64KkvEOYtE6Wf9EQldUzwk25UkoPvu/d52Fkfov7?=
 =?us-ascii?Q?oAFl1HvAvlLqsKzayBm4+BOspMPrkSwDaFMdwfDscp5ZHmX+CvYYURGV3rVb?=
 =?us-ascii?Q?bv8AqUNEiKQo5s/dqtomd/AWUGHtJ+Zg7tLQB9MIgRBvnbC5u9bwUUoBqIZd?=
 =?us-ascii?Q?uNr/it/zA5iBevcY8NI948XIS6RYDIJK52Jz/Z7bFZHkcfC5o099JQlYJEkt?=
 =?us-ascii?Q?zGSpWw1N4Hp4qPsupwdoHL0/XVsJPegKXz4VwkwjD2GXbwrot6DwoIz8YuB7?=
 =?us-ascii?Q?ke9WETnyOZJba28IofEkVR8t/K2bLLbfdoEGKFsgFbp6t4BLF2HIhmsPguoP?=
 =?us-ascii?Q?4xD5LwEs8lCaox+YMTX6M0MhOoS+Ofxshi5UUpnA82JDlnKDjBWh0cfTBFwE?=
 =?us-ascii?Q?7vCakOzaOWygPbGM3uTPh39mgJsWBpiwPA2uyoVg6/Fp+EWnOWTRTS7u5ozU?=
 =?us-ascii?Q?Nt1BPA9jfUnXu6xLbNjThe+JalQ3tBosOQrOhwC+1Q4u8cDxCR18yAJ4GL/O?=
 =?us-ascii?Q?+KsZrjwEtUK1iJJcy+YE+giM?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9bfece3d-5d02-41e3-6fd7-08d96d64059c
X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Sep 2021 16:17:40.9950
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: HFxOqe8cieviF0BvGWMbe/DqgaZr7ualFiePPXLVJBB8J+R1C5NqYDjOLOiPfOqawnPk7Oj6C9uZvcXylrVEvg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4415
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Create a function that can be used to determine if VM is running as an
SEV-SNP guest.

Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h    | 12 +++++++++
 .../DxeMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../PeiMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../SecMemEncryptSevLibInternal.c             | 19 +++++++++++++
 4 files changed, 85 insertions(+)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L=
ibrary/MemEncryptSevLib.h
index adc490e466ec..796de62ec2f8 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -47,6 +47,18 @@ typedef enum {
   MemEncryptSevAddressRangeError,
 } MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE;
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  );
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 2816f859a0c4..057129723824 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index e2fd109d120f..b561f211f577 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 56d8f3f3183f..69852779e2ff 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -62,6 +62,25 @@ InternalMemEncryptSevStatus (
   return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER           Msr;
+
+  Msr.Uint32 =3D InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.SevSnpBit ? TRUE : FALSE;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
--=20
2.17.1