From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.41])
 by mx.groups.io with SMTP id smtpd.web10.1352.1632163583824013575
 for <devel@edk2.groups.io>;
 Mon, 20 Sep 2021 11:46:28 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@amd.com header.s=selector1 header.b=Ly6RGsw5;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.236.41, mailfrom: brijesh.singh@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=HoqBJrB+PTmNBeX0HE/xDmB2v8pzw6lkqsD87NjBRlF5Gh6/5/92BBn0fSA+nEx45Dmtn5Vvw6rqMCL5fUeyYi25FhPJYRUo/1FmHh3cUjCBl7aM8qW0lohsFHqcq9NjwBKYAON0lciSFRFF+salTNjhEXYZbbFhQwwPoXWDltDP4fhnu1Dt7BQt8YMjVbZ7uT8XHeSfxNw8TcIjHZ3s2IJjsfs4QIdfthYNNS/ruYmjFC/re6zXgdrRMniTCJi2OkplsanqJLZzpNhoe8YN/tJnuH+oKsOG1BCv/oP6l9fcnoctuUW4QGZbTYrYFZLuuzMIlTsfTotNIw2S6qt82A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=h+zekxMSd3+IPW2MUK4+plp82SPJrfYokMHrUtl3hLE=;
 b=AIuReDz+csEt/FzVEhwSTbBjIVr8E5WPqD8ckBdRvvDn0+bVh4mmkI7V/pxg0ZNJ3QVcjif5jNoSMnVNp6nmZta1vrEcIjYqPThoJqJv/rlNkizvtMFBVB72CIxACARxk1ksjiK4VBRHdMthRe5WvYMSFoL3w1k8Q9p2+fXN5N5ti2Y2OP0JjllA07AZgeRgt5PUM8N6KxWvjxyytdFTMsiHIRad2ezun5UFVDe8vczIFJBF15GfchPT+PMK2SNmYDC+T/x13wvNKonq+mqtvGZgWjE92fyYNW4u8cTsWEf+WHqTdLoPP1ijNgO0iQz5JiCLKcXXSp1HQmzTfemfcA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=h+zekxMSd3+IPW2MUK4+plp82SPJrfYokMHrUtl3hLE=;
 b=Ly6RGsw5F9v2po64KIyZds/QXxUExUkwMxNbOvwsS5G1/ki9+gmPzb/2KNpknz/eKZcwz9IrYOmXBLEs+4dsXfpbxWwwLRWY29WWsC6QPOAjDfql448Dpt4Alg976Yw+pOC2EMseZH8yFe2I48lnsWhf6N7q0N9UNI8L8GVQ64w=
Authentication-Results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com;
Received: from SN6PR12MB2718.namprd12.prod.outlook.com (2603:10b6:805:6f::22)
 by SA0PR12MB4512.namprd12.prod.outlook.com (2603:10b6:806:71::9) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14; Mon, 20 Sep
 2021 18:46:26 +0000
Received: from SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::78b7:7336:d363:9be3]) by SN6PR12MB2718.namprd12.prod.outlook.com
 ([fe80::78b7:7336:d363:9be3%6]) with mapi id 15.20.4523.018; Mon, 20 Sep 2021
 18:46:26 +0000
From: "Brijesh Singh" <brijesh.singh@amd.com>
To: devel@edk2.groups.io
CC: James Bottomley <jejb@linux.ibm.com>,
	Min Xu <min.m.xu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Jordan Justen <jordan.l.justen@intel.com>,
	Ard Biesheuvel <ardb+tianocore@kernel.org>,
	Erdem Aktas <erdemaktas@google.com>,
	Michael Roth <Michael.Roth@amd.com>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Brijesh Singh <brijesh.singh@amd.com>,
	Michael Roth <michael.roth@amd.com>,
	Jiewen Yao <Jiewen.yao@intel.com>
Subject: [PATCH v8 09/32] OvmfPkg/MemEncryptSevLib: add MemEncryptSevSnpEnabled()
Date: Mon, 20 Sep 2021 13:45:41 -0500
Message-ID: <20210920184604.31590-10-brijesh.singh@amd.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20210920184604.31590-1-brijesh.singh@amd.com>
References: <20210920184604.31590-1-brijesh.singh@amd.com>
X-ClientProxiedBy: SN4PR0201CA0034.namprd02.prod.outlook.com
 (2603:10b6:803:2e::20) To SN6PR12MB2718.namprd12.prod.outlook.com
 (2603:10b6:805:6f::22)
Return-Path: brijesh.singh@amd.com
MIME-Version: 1.0
Received: from sbrijesh-desktop.amd.com (165.204.77.1) by SN4PR0201CA0034.namprd02.prod.outlook.com (2603:10b6:803:2e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4523.14 via Frontend Transport; Mon, 20 Sep 2021 18:46:25 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 216898be-15d6-414c-765a-08d97c66f32e
X-MS-TrafficTypeDiagnostic: SA0PR12MB4512:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<SA0PR12MB4512DC7B00028EA8C3B5CC0FE5A09@SA0PR12MB4512.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:196;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	uHuxcHxmVCQFugXJw9zc1OFP/u4dJTaox+n0PIEyFYGNiqRJlzyMoWsUTYA2kxNLCuwEUxFWbYHdA9vO8XlmOo6Z0KzYhKFKr2iaZLALDR5vNn26R87/Ntxa9o74t8W6RJnbeRiu8qTRvSwyqKCZUVI3i7GT51C/HMgIXvhb3Pr81TlyoCxTI4H0Poo6yqsKekqig88OJIVzeUMcIWf8XRxm5NRTwrT0TRmwSJfgmioFj6x0MdHf8jBXm8oEM65kD6Y+oxv+NMoFfxdC7t06bVDgcex5I5woe3JYkJxPvYJVbluNEtexn/88GZOOQgLbE+plSaecECEGVUeAaMKM5SJ0PYILYyh0RIlxYoG8OkBmK/wuiCwvcvpU7BK0gDNSIzvh9mb0H7jyBJ9l8tT99vVwCxvuOTncIMsPqkd7Nb+glqwEg7P+hhygT1l1mfZ5YMMfe4+l/HSQ0wCc5EKiyiVFPTrOPz/eRB9fCyT9laaNeckNN7a+9XhxTaW7vHUe2gy72G26tEyUtkSO6hjw1sgCYB/fN+tWhuYEtM4SS04G5Pi+nuULlHTXTCof6LtevciuVDq25Ewc5BLyHgILw8hJIrGVgJ8eurqi+30cB3ld2YJlyNvieheA2s27q9xqYR/9IoJHedkkOqHPZ5rrvcIIvuFC2wcB2l0XLmYgTqsttNwGFKdP7zxzYZwD5aDE7/S8+PS4YeSi2lCKyiqhabEY5ea/nAieasHE7DCJxGzDyi63SN9DxOIh0RMUra/Oc84/AoSS8/CTZp0CPLr2edvnL7LJvuSXIOqAQuI6Se7I0GoQcdaC9fxLLwb+C+yW
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR12MB2718.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(136003)(376002)(346002)(39860400002)(396003)(316002)(26005)(6666004)(2616005)(38350700002)(6916009)(86362001)(66556008)(7696005)(1076003)(956004)(966005)(2906002)(36756003)(5660300002)(54906003)(4326008)(6486002)(66476007)(8676002)(38100700002)(52116002)(8936002)(66946007)(44832011)(478600001)(186003)(213903007);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
	=?us-ascii?Q?kqliHF6rU4j1O/5wDJKwQjzsGAmCoLKsB4rn+ipy4baElrIvwK2t6HiZswb6?=
 =?us-ascii?Q?/2sWS+tAQ3cXtTgzXofTzazyaaMEp0kUWkFgnKJOpBSWVxyaL7jgNKxf82Ei?=
 =?us-ascii?Q?/UCsxQauoDsiyJXKgKbqOC89YVl3KjpamAJnIrR1JsFVqA8K1AblbhzbUJkO?=
 =?us-ascii?Q?o7GpUzrAF/V68RwWOHz1e0tlxQZApLwgKxl4NK1YlWsL80wBy7iUJVjVeq78?=
 =?us-ascii?Q?Q82m/XHvlgGJlqXA6Oeh0AOWsWqqfbAHkM/1WMINUS3NDHdzgRxWkYmYcYXN?=
 =?us-ascii?Q?CBajWgaMwCnvwGHTz9ev4ejRYT+NHxrutmIDpKRc0oy9NLmji0H84jXEQSUh?=
 =?us-ascii?Q?3HC4r2lEi7fQLlkNg0a956pYVXa4RePrLfCNv2KFCa/W0S7rV695TOuC8muy?=
 =?us-ascii?Q?pPh8oiG00f68pHzc+gvBgSc5OKFcd1VFi78V3BuinQIEh0xsDdtj/4FGT328?=
 =?us-ascii?Q?D/gdBAGPuu7i7e8QgVWK0dohjs1bQQSqjcHsL3jGRRXpAIka+IySCGBY9PtN?=
 =?us-ascii?Q?V7nvXSPi96UpMVTflzxvJYbAmYBTlJWmwV+sOWfbOPbTLlv49Mft2sM7qJJn?=
 =?us-ascii?Q?2/NMBxrGkEcKRlqK/sWyUYbfXLHDi6VBDX88JMleHaMIG9GIxe7VmlmEMzbM?=
 =?us-ascii?Q?IFLd/c2NUPpPeJHUgQNBcFkNWiwadB2MCFQJvP3hCYWphDq8X0nzglyIdIru?=
 =?us-ascii?Q?FoNijITBQ3enaiVpSPBwwJpHMuCHQjiaMoAKJclH26mIJVAdVdEddG1QgCAB?=
 =?us-ascii?Q?ZNrF4ThkB1tqKjwBzJvpN9GgvNc+fAJdnLIPFSQPivOykVqhFf3mVNWBhejO?=
 =?us-ascii?Q?41ayb7efDINMQky20kghfM9T6UDhWO2D50IJQpVsEgYqq0jfZ4lvnhhtC/W9?=
 =?us-ascii?Q?8ZL8jiuRPUqV9DhQ0rllaFyNE99zm85bN2mJNqaKYHheM98uvJ23S83eW1wR?=
 =?us-ascii?Q?mXXTzg2ewXWkLTD++MZVC2VIJc/UFbejmEBPWjVhqrpcKLoFetBVx/jN5hQv?=
 =?us-ascii?Q?NxODGS3Hyvx/fCVuUwOh7G9LhQyHzufCic5cgm+/dxq4WgcaSJd6HkyLrzWa?=
 =?us-ascii?Q?sNPKB7JnCr7NpFxbWpiFBBC5IQVGq6YSxaQ9u+DhgSjMP5IsYa59c/S/3dnV?=
 =?us-ascii?Q?7flIp308Yl7g7573r2CQPFPG3b7UomkMvL2/aGH2GIjPe15aJM2clb8Hfk6X?=
 =?us-ascii?Q?QADFf7lghNxVk5/n6IauD4xNT8OKXDclU3WvwI2qJ6lwa/UuW5RY4eaGQdm2?=
 =?us-ascii?Q?CIK0yOAW6QFRohuyTmpL0bukaS1WoajfP9ey46WuQNL+PFbis/h8pGT4l6Nd?=
 =?us-ascii?Q?rNiiyNUYPLOH0Bk+sRpg2BhM?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 216898be-15d6-414c-765a-08d97c66f32e
X-MS-Exchange-CrossTenant-AuthSource: SN6PR12MB2718.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Sep 2021 18:46:26.0431
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: JlR4t5knC/KX7b2YCq5si3pQEombLA7+fMPEmCXjtq8qdOEtcuA9wzQ3yk7jk962EX9HgxV3MXI0R89/WAKvTQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4512
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3275

Create a function that can be used to determine if VM is running as an
SEV-SNP guest.

Cc: Michael Roth <michael.roth@amd.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
---
 OvmfPkg/Include/Library/MemEncryptSevLib.h    | 12 +++++++++
 .../DxeMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../PeiMemEncryptSevLibInternal.c             | 27 +++++++++++++++++++
 .../SecMemEncryptSevLibInternal.c             | 19 +++++++++++++
 4 files changed, 85 insertions(+)

diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/L=
ibrary/MemEncryptSevLib.h
index adc490e466ec..796de62ec2f8 100644
--- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
+++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
@@ -47,6 +47,18 @@ typedef enum {
   MemEncryptSevAddressRangeError,
 } MEM_ENCRYPT_SEV_ADDRESS_RANGE_STATE;
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  );
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
index 2816f859a0c4..057129723824 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
index e2fd109d120f..b561f211f577 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
@@ -19,6 +19,7 @@
=20
 STATIC BOOLEAN mSevStatus =3D FALSE;
 STATIC BOOLEAN mSevEsStatus =3D FALSE;
+STATIC BOOLEAN mSevSnpStatus =3D FALSE;
 STATIC BOOLEAN mSevStatusChecked =3D FALSE;
=20
 STATIC UINT64  mSevEncryptionMask =3D 0;
@@ -82,11 +83,37 @@ InternalMemEncryptSevStatus (
     if (Msr.Bits.SevEsBit) {
       mSevEsStatus =3D TRUE;
     }
+
+    //
+    // Check MSR_0xC0010131 Bit 2 (Sev-Snp Enabled)
+    //
+    if (Msr.Bits.SevSnpBit) {
+      mSevSnpStatus =3D TRUE;
+    }
   }
=20
   mSevStatusChecked =3D TRUE;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  if (!mSevStatusChecked) {
+    InternalMemEncryptSevStatus ();
+  }
+
+  return mSevSnpStatus;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibIntern=
al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
index 56d8f3f3183f..69852779e2ff 100644
--- a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
+++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c
@@ -62,6 +62,25 @@ InternalMemEncryptSevStatus (
   return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0;
 }
=20
+/**
+  Returns a boolean to indicate whether SEV-SNP is enabled.
+
+  @retval TRUE           SEV-SNP is enabled
+  @retval FALSE          SEV-SNP is not enabled
+**/
+BOOLEAN
+EFIAPI
+MemEncryptSevSnpIsEnabled (
+  VOID
+  )
+{
+  MSR_SEV_STATUS_REGISTER           Msr;
+
+  Msr.Uint32 =3D InternalMemEncryptSevStatus ();
+
+  return Msr.Bits.SevSnpBit ? TRUE : FALSE;
+}
+
 /**
   Returns a boolean to indicate whether SEV-ES is enabled.
=20
--=20
2.25.1