From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.65])
 by mx.groups.io with SMTP id smtpd.web12.850.1631557206541372964
 for <devel@edk2.groups.io>;
 Mon, 13 Sep 2021 11:20:06 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=QMty9FZy;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.94.65, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=FrAcXW2CSlNnoxYZi+nvJpNhcTb1ZShsE4TgqZEnt7RKtm8oIMulXcVRtjDpCUc3mFl7DF6OT4NmVHjJR4OoC6vzXemBp0bMKOHjU6UTfqJukj+RzJ2flwEP1kJTkc95T9RCvdFT2wDSJ8eB0S3w60IMF8gc6fQ6MWFPTSNB2bzVhsER2avbzvdaA6BZjs643RiKyIP1mVQGD7HLNiw4EqrjjPekWUzhOZQgfJzT0GGCK74MPoVl8vJroSmuOJck4Mv3JQjo/edwIJO86lPmCXYFuWm27kXEm5tbfmHfp5kAsAbYb5iqP3OZmwsAx3NFuwkViXXbvLI8mgjwVWzp4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=o4tbl00vITYJmWfGlBb80EF2TSkT/aON41DMM6a2xVo=;
 b=cesHmb98LBxlM53cG7e4/vr/SzReO08PHbdgr1keQO19p4MhnS+P/IEDh76pTN5Y5sZAhqEjcB3HFVZ4IrLVbzCFBhRGC+LhgOdCBPSBmf/cubLZjef+vCJ1IpH7NH+6RreUFU1UnWyrLg/SKWxxapgRk5pC3EmeiayazDELbdConMt9QWei6Am1Vv4sfSEFSGlEL1II441deAaXaEK4qew260YP6qsfJYKUFWXIOre7g91JzBysjSERyEIDoy9mvrK4fwaQ0IKvgD55TlvWb2NtdYRGVgMHkTmB1lSuEplxIoRmAdFk94BN/1wnY4XOBKfNvfToD00t1ArivIID6A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=o4tbl00vITYJmWfGlBb80EF2TSkT/aON41DMM6a2xVo=;
 b=QMty9FZyZdGCGloszOBYGiAabnuGirvebao8VXEW5qP6+UOh5dM9USHpufOeLnRZHmArmhIIgtDZ0yjk4yZ8G9nfX0e//JDDSQPC15qD+AZ2kQubrgXjtV0p+Bk7e1w7R3jIjKLOjcDUT1efhEn+pXom6wbQe8P4lhyxyhOYDIU=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22)
 by SN1PR12MB2512.namprd12.prod.outlook.com (2603:10b6:802:31::14) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14; Mon, 13 Sep
 2021 18:20:05 +0000
Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4500.019; Mon, 13 Sep 2021
 18:20:05 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Erdem Aktas <erdemaktas@google.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Michael Roth <michael.roth@amd.com>
Subject: [PATCH v7 08/31] OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled()
Date: Mon, 13 Sep 2021 13:19:18 -0500
Message-ID: <20210913181941.23405-9-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20210913181941.23405-1-brijesh.singh@amd.com>
References: <20210913181941.23405-1-brijesh.singh@amd.com>
X-ClientProxiedBy: SA9P221CA0012.NAMP221.PROD.OUTLOOK.COM
 (2603:10b6:806:25::17) To SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SA9P221CA0012.NAMP221.PROD.OUTLOOK.COM (2603:10b6:806:25::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4500.14 via Frontend Transport; Mon, 13 Sep 2021 18:20:04 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 285b21d6-a4d4-4fad-693b-08d976e31bd1
X-MS-TrafficTypeDiagnostic: SN1PR12MB2512:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<SN1PR12MB25123B80B3DD24E47A62CF5AE5D99@SN1PR12MB2512.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:196;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	lYDDi1t9+oHkyrewIs+tIrn+eCiOPbO0QcEG5WHvkDycb3GPv4BiLxhZrH0s3L5pUpGHoFwwAe9BY1BcDugj3IzgFN63wAU3oshgjW4ixtCNqPMcXzgZBXosnSp4XCCfR/oCJuAR0t4DcGiHWa6TJ5AEeJQu8mLoc0NbBnWJL043YdCaJW9JkmzaQth743PF//C+EcUZojTLcdw2MkS2ix8WsqrTw0yyDVI3WuSqgGlGXYzWA7BBbEhki+iiUC3BDTID5kcf7CoQOL6oEeYL5ldZ5YiGKgWzj8s+EDejSQhxpyEIE0Wd3SbgB0xEKs4QV61LWErg3WtIUYnQ4SGZLrPH/2OO0NCRm5bVTPFxzTnuyvjBWn+9EvzsDUcWq9sNozS1hFYtDoppMAk+4T0Pt10MFuL/ArWFVCGzgat5p9rh1m47F/3bdl/qzzkzKMi4za4JB8gdCozQsmqU3IJUZbxuIUsuQH2cHi0N4W+7AMDh2JsDIxIqwQl31kT/nHBHF82PW4Wmd98AdDxNrGR44GCGS5azC8aWPCu+fXmKVoxPc4bXHSrljCfOAgB9eFXAObIVcRZTD1s5AfqxD5p/yVnwoCJHziG/Cg+F1pAPM93mpV0BmmLphH8E6eoMbU1RXBdpqEV/5PMIerxRZjoMTufhHsMrE+5rPcVxmNybSYyPOPukMDdiKh7bWucA6o3qQW5P6xqwkUlcEI6xxJJAiD1NHH9rP5z+6XDltrQYZEVd54Gsw4a+fqvdwLqcKnvqjt6kBwN5IV8zuuy3N1fdxOhjgxN8np39dWmt8rNNHdZlW467WCq4omrfh41Tu/Km
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(346002)(39860400002)(366004)(376002)(136003)(478600001)(86362001)(8936002)(966005)(6486002)(8676002)(186003)(6916009)(2906002)(38350700002)(38100700002)(26005)(36756003)(956004)(2616005)(66946007)(6666004)(66556008)(54906003)(5660300002)(52116002)(44832011)(66476007)(316002)(4326008)(1076003)(7696005)(213903007);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?6PoRdq4Gfer0wBhQ1YSNifuxeY0SRZ5X2sbPJgmYasJWWFnrdoYb6l+dSzZO?=
 =?us-ascii?Q?7xm1Ni1wdMxx8DV/fYYdDsEVNE7teZ6KobVbeHKMoFeTg6obRXCaG0EuoGxl?=
 =?us-ascii?Q?p4cq2xko0UBttBzunI8vvVVniZzxOKETnbZZx+xKvVNno1+GtOJivGGmkyyU?=
 =?us-ascii?Q?SADgrT/rr8Y6IhjWQmFrY8lY3ILf33K3e44CC5Rt/8Lpym9z+SmMsjYpQtYx?=
 =?us-ascii?Q?jaINdeA22tdBWgrxOov/9JHsHZIBm2o002i1i7MYxGkaWqmLC0mw3O/9llSy?=
 =?us-ascii?Q?iW71TgmbG6ldvThZoVSe9EP19ieqi9j/DsrCjkjok1hyA2ZoLRi5zCrJNZZD?=
 =?us-ascii?Q?BksDh5RQRf3pEg7gBWYdbTYUa508O3GnXAHS7prkVy1elNuEUHi5wajrqB8e?=
 =?us-ascii?Q?iYIvFIMJbmmJlg5nGp52GZ2AfYgYNEiXa5drUxyiXUboaXdimScOFzp/CIJO?=
 =?us-ascii?Q?we9tQBUD69zprV8seCDH80WJisX/o9Pqwc8Q3tlLBN8qfThHRewFEq7JEQif?=
 =?us-ascii?Q?rmzH87eRpfGenDMrKZsbXC17RkEAT6n6KYxB7VtbwoydFAYQldgli1HOFPj7?=
 =?us-ascii?Q?by9hxyen6buQKpsisD50/v0vKHOcb+REgCPzEJVKK+5xAQcngQ98NIGmqA3N?=
 =?us-ascii?Q?BZDw8d4KRbmcvAMpcIsjtq22iw9afeaAZSsh7sAwilbELGobxDATvF5gMb9Y?=
 =?us-ascii?Q?z2+Ra6rh226JdQiixU9OgzTJNoVTWb4xFH0vU7xBQLMV8oaRMljsPuXNqPXw?=
 =?us-ascii?Q?dYK+1cBzYtcZ11JZJ117rRYc8GFfgpSlsUAebQbiJaQK9WL0Pt/wX64ka0oF?=
 =?us-ascii?Q?lmvFvO8wOZrOQi2JJuvHZ/wA5oyqqXja6fm25OZDL5Eas604WmL2yEveU6XX?=
 =?us-ascii?Q?/hYJ8XY44JtyAmsDXj98i8xlf/HLrN6aeVhbOUyb0Jq51BnW4JLhzvqq039C?=
 =?us-ascii?Q?LL1xKDoCh1tan6QIznc5OFRBuB6H7+p7n440pJRxNXffG0D6n/gZ7hnp3sGK?=
 =?us-ascii?Q?jLCOyUTF6QmLrcTEKVFuWwIE1VsXdByeg0ud/UHjXurfPRrYmf1psS/ktI2L?=
 =?us-ascii?Q?CAKBUpAWu8eBIpKCoU7u0DqcXDVU5kxZE7ICAKBlQX3Dq2lQ8OYNiAqEsu5p?=
 =?us-ascii?Q?IVejMutVWz7OGQ9QmyfymA/GvAuVA2m5VFsyK6qTZNBXohCdIXX54BRcHXWd?=
 =?us-ascii?Q?3xxLr6SN8NhOLbtANw0HnD4EB3SRL3w3VKlCloi13FIkOXGnfBTi7RUhU3Cf?=
 =?us-ascii?Q?mNS52Mmh57Fc22iGlx8favip+HiK6lwzO90OruIQr0O1ppbhtcFxjMso9H9j?=
 =?us-ascii?Q?FT0d34VM5CpGXVrD3SAdRXED?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 285b21d6-a4d4-4fad-693b-08d976e31bd1
X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Sep 2021 18:20:04.8197
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: +3Cl8oBVMadv9q/OsyDMEziormTUtHDSrP+aOxxtX+S67+TpbeOe3kOCMMrjO0gukauF+r6IwDmFhxs8U85kUQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR12MB2512
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Create a function that can be used to determine if VM is running as an
SEV-SNP guest.

Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h    | 12 +++++++++
 .../DxeMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../PeiMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../SecMemEncryptSevLibInternal.c             | 19 +++++++++++++
 4 files changed, 85 insertions(+)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L=
ibrary/MemEncryptSevLib.h
index adc490e466ec..796de62ec2f8 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -47,6 +47,18 @@ typedef enum {
   MemEncryptSevAddressRangeError,
 } MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE;
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  );
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 2816f859a0c4..057129723824 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index e2fd109d120f..b561f211f577 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 56d8f3f3183f..69852779e2ff 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -62,6 +62,25 @@ InternalMemEncryptSevStatus (
   return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER           Msr;
+
+  Msr.Uint32 =3D InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.SevSnpBit ? TRUE : FALSE;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
--=20
2.17.1