From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.65]) by mx.groups.io with SMTP id smtpd.web12.498.1609968224879271350 for ; Wed, 06 Jan 2021 13:23:45 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=kzE6BkxI; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.94.65, mailfrom: thomas.lendacky@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OceLdNeq1K22A7G7ZKAa7gx+6FAAps2aEj99blw0avSaNHWPeE8ooUczYZ3DltHAKmkaKDJrJlGz/AH2IFwTXDZu4Ygcpc8PRlpLP6q4lP/qIhrNQx8agwpPtxv7cifJLxG4UUhTHqDtlk7T1y2g1CDVkL6BCJeGFWTiUq6JaMi4pdgUkQqqlgf0fdtPCX/ykCRatgRwHYRjFipcZqR69piAUy6zADu0SPTfUIQbKEow841GVi/52Yug+wFkk3ApciCA2RRi4V//vr5e3Y/NdgBER4SDy6zRTTWiRNBCVrBh5YG/rXlhMUfp1fvRkqLyaeiDQpqY9XGFNT+b6x2joQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ua88ieNEocCYGzEcX72OUQe+ZYkxZuUuGVXvp6/VEFc=; b=ZjNqKCNBh7j7bdBXWppPf4RrJzgJTm+eyJprdqL2Fd9xv888+XfxjA5m846VGA8pkOU2BMqFDAx+jEiRfCpM23RKMhviry1lJlEW1p4n7HTX5J6KFcTsZnlDosmkjWT+YdY3YaJ7cbUeIPbKgqRWNcj/aYxVVaeu60nCG/0zNiqakmo7zXYH3xr1ldu3WXVZ4SZGYmYwWZgDk71RqjrUezZbTW/+3vo/c0jUtcIWhwMYyZomYb29nMN8mY7owJyIPHShzJDSJK31zpiZ9dG7Z5QJLOiHBJAEBOm2Bqo4HUCKXgct9DXDfN7Har8YxTWF9bi030m6FvBuakMD8vC+1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ua88ieNEocCYGzEcX72OUQe+ZYkxZuUuGVXvp6/VEFc=; b=kzE6BkxIpjO33GMt0CqROUKKRVeuzm1QwOtEcANTTAxXPgvBC1CKIn46xkYiPBoTjuU3zgx3qhDUF0LTLq03x+MAAltStjL0qcJ44No0v5+vSf8xKckvuvpUP26mYmiikBhVyFQa4kHdYA6ykVHf47YNt3DDiBg/5dN+GI2LP0I= Authentication-Results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=amd.com; Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by DM5PR12MB1259.namprd12.prod.outlook.com (2603:10b6:3:75::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.6; Wed, 6 Jan 2021 21:23:43 +0000 Received: from DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3721.024; Wed, 6 Jan 2021 21:23:43 +0000 From: "Lendacky, Thomas" To: devel@edk2.groups.io CC: Brijesh Singh , James Bottomley , Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [PATCH v2 11/15] OvmfPkg/MemEncryptSevLib: Make the MemEncryptSevLib available for SEC Date: Wed, 6 Jan 2021 15:21:37 -0600 Message-ID: <5a3cac5933e29eaf3bfdd1e7406335784cbb8d6d.1609968101.git.thomas.lendacky@amd.com> X-Mailer: git-send-email 2.30.0 In-Reply-To: References: X-Originating-IP: [165.204.77.1] X-ClientProxiedBy: SN6PR05CA0013.namprd05.prod.outlook.com (2603:10b6:805:de::26) To DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) Return-Path: thomas.lendacky@amd.com MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from tlendack-t1.amd.com (165.204.77.1) by SN6PR05CA0013.namprd05.prod.outlook.com (2603:10b6:805:de::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.4 via Frontend Transport; Wed, 6 Jan 2021 21:23:42 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: d57bf650-620f-4769-d2be-08d8b289583f X-MS-TrafficTypeDiagnostic: DM5PR12MB1259: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: LU/Uz03xV5U4i6C6xbkYamWT+pFobzBwnQFNVvSS7KVjl6tiQtdVdCRf4IaIbbAU/Z6/GWDqMyRQaVoBwmrngd8acoj2NHsqbFYCNCJFH4J/3GssYTryWMm/Qm6pfy3SiuuhGxAH21Oy0UciupZIbPoQFGtYCW3dyWTkw9fgxO4W+34zdfX27vyvSAW90p1N6KyoXSYu7Z6LOqJM9R/0/fqFSpei1Q54oDF8B1SGH5Gbb4KS/4wFB6PMqjoUmLJ3EaGzRXh0jV9Qkm0QESE6wwZw/E1KXCKim+q5hXa/do20cBXFkFoGoluApLWGG8K8KY7rZP2++QfzwHW1GQQT0Kbur/iYpzHH+tYGKUxncyrDNetdVnB1IrHxljqDmTq8mmieYZ3JJjymFYfINss8nFCbljcGgR2ihbNMn/6NURzYGu5A4SuuYuD8+7RRS9GnnMc6kFHE4krvFhsej+5NOg== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(136003)(366004)(346002)(39860400002)(396003)(19627235002)(6666004)(316002)(83380400001)(5660300002)(2906002)(52116002)(7696005)(36756003)(8676002)(8936002)(478600001)(54906003)(30864003)(966005)(66946007)(86362001)(2616005)(186003)(16526019)(4326008)(66476007)(26005)(6486002)(956004)(6916009)(66556008);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?gV3VxjsuIyXAWnBT970Zwzik+xF+zkFjl4V1uLqD6hedsey6sPgb58Thar+6?= =?us-ascii?Q?yWQk0aTCX1qdrr5LVC64QuztD5ahe6tXb83T7UjCeEZHbQGhU7amuvewzOFa?= =?us-ascii?Q?DE9v5DPMQul0kvhoOR5y+wWx1swOi0NIkWoMgVVDzhbDDUUfmVVFn2XLiMSQ?= =?us-ascii?Q?+pvHthrZNLS2idOWmvhl/oruvbGh7Y3xTrPdRPIcOyCfv4PMNS2n/BzvWaqv?= =?us-ascii?Q?QI1+2VKpOHcx/J7MnmMVvCCwXQPYhk2LAqQ05uuLqky4jLSvknYo2AIfggjX?= =?us-ascii?Q?zRKGDk3L1A6XmxoRlSqjatTHsQhXny8o+ZUIwktd2om6dnCWnBcVjJ78wiW3?= =?us-ascii?Q?9PpIKSkuVJcnB/1gF1ltkjxpIjUNiAa5wpu2C2iEFOKQ/Q535JXkmGQLFZpY?= =?us-ascii?Q?Z5ueBnzJD1/MrfpzsQ1NZCtzO2A0z5b1RU2t9Kz7JKqK+wtphOtB2AJtONEX?= =?us-ascii?Q?1kjmGfyNFgGMyqmzfhUIf0JDrZUHccKjkth4rhVIMAAfE/FeZ+hLfyaTjF6A?= =?us-ascii?Q?B3YT9eqn/EQ3bKL0naA0IA2UzkozONPQOqHv7FdJr/m7k2TRyfMxX7JiWQ4H?= =?us-ascii?Q?3ylptWu9TF9Nyxx76pbioiVa8w+VsaaER5Zrr7kF8yJp20jk45XwwKnQbBv+?= =?us-ascii?Q?4V2blITicSUZWqQ0biHpZphP7DBhKz5yNofBTTFYGl2mNSOZQPYj/+5HTpF2?= =?us-ascii?Q?KXurBzVSKLhuYv2cTSQTIykg6oG/92gFaDvsFpeydtqRT2O2AkWfpy9HtuOh?= =?us-ascii?Q?eNmvDPxQnhmCul6gs10xf8gS+l9VpLxIQr2+fHpDeTMrYJXID6nKf2g2C9cM?= =?us-ascii?Q?P4VC2lV+R7RHAneZdb/IayeoLVi7u3EiG8flkAPHAY0KZHEE+4l3sISR7fg4?= =?us-ascii?Q?9i98MZk4SvUc2L+nYHmDpjZhRXwRix59kTDRP/ajv3G0JMluk8ZC5Ks5Q97N?= =?us-ascii?Q?3tdiuB5C13f2IVs09cxTFrVbjTn4lQbDmS/wRSFe1JBvjiVwVmw85MacST8A?= =?us-ascii?Q?Wgtq?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jan 2021 21:23:43.2976 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-Network-Message-Id: d57bf650-620f-4769-d2be-08d8b289583f X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: rfmuYv03ejV3vq99xppgiCVTH7oktivDw6inmykaBTvgtrWhIpX7llWPzpKod0FIJuDq+2kvFzzbmQf2JduMdA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR12MB1259 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable From: Tom Lendacky BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3108 In preparation for a new interface to be added to the MemEncryptSevLib library that will be used in SEC, create an SEC version of the library. This requires the creation of SEC specific files. Some of the current MemEncryptSevLib functions perform memory allocations which cannot be performed in SEC, so these interfaces will return an error during SEC. Also, the current MemEncryptSevLib library uses some static variables to optimize access to variables, which cannot be used in SEC. Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Brijesh Singh Signed-off-by: Tom Lendacky --- OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf = | 4 +- OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf = | 4 +- OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf = | 50 +++++++ OvmfPkg/Library/BaseMemEncryptSevLib/{MemEncryptSevLibInternal.c =3D> PeiD= xeMemEncryptSevLibInternal.c} | 0 OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c = | 155 ++++++++++++++++++++ OvmfPkg/Library/BaseMemEncryptSevLib/X64/{VirtualMemory.c =3D> PeiDxeVirtu= alMemory.c} | 0 OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c = | 80 ++++++++++ 7 files changed, 289 insertions(+), 4 deletions(-) diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf index 837db0876184..4480e4cc7c89 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLib.inf @@ -31,11 +31,11 @@ [Packages] =20 [Sources] DxeMemEncryptSevLibInternal.c - MemEncryptSevLibInternal.c + PeiDxeMemEncryptSevLibInternal.c =20 [Sources.X64] X64/MemEncryptSevLib.c - X64/VirtualMemory.c + X64/PeiDxeVirtualMemory.c X64/VirtualMemory.h =20 [Sources.IA32] diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf index 7c29d14039d6..faabd234e393 100644 --- a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLib.inf @@ -31,11 +31,11 @@ [Packages] =20 [Sources] PeiMemEncryptSevLibInternal.c - MemEncryptSevLibInternal.c + PeiDxeMemEncryptSevLibInternal.c =20 [Sources.X64] X64/MemEncryptSevLib.c - X64/VirtualMemory.c + X64/PeiDxeVirtualMemory.c X64/VirtualMemory.h =20 [Sources.IA32] diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf b= /OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf new file mode 100644 index 000000000000..7cd0111fe47b --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLib.inf @@ -0,0 +1,50 @@ +## @file +# Library provides the helper functions for SEV guest +# +# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.
+# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +# +## + +[Defines] + INF_VERSION =3D 1.25 + BASE_NAME =3D SecMemEncryptSevLib + FILE_GUID =3D 046388b4-430e-4e61-88f6-51ea21db2632 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D MemEncryptSevLib|SEC + +# +# The following information is for reference only and not required by the = build +# tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Packages] + MdeModulePkg/MdeModulePkg.dec + MdePkg/MdePkg.dec + OvmfPkg/OvmfPkg.dec + UefiCpuPkg/UefiCpuPkg.dec + +[Sources] + SecMemEncryptSevLibInternal.c + +[Sources.X64] + X64/MemEncryptSevLib.c + X64/SecVirtualMemory.c + X64/VirtualMemory.h + +[Sources.IA32] + Ia32/MemEncryptSevLib.c + +[LibraryClasses] + BaseLib + CpuLib + DebugLib + PcdLib + +[FixedPcd] + gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.= c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibInternal.c similarity index 100% rename from OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c rename to OvmfPkg/Library/BaseMemEncryptSevLib/PeiDxeMemEncryptSevLibIntern= al.c diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibIntern= al.c b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c new file mode 100644 index 000000000000..56d8f3f3183f --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/SecMemEncryptSevLibInternal.c @@ -0,0 +1,155 @@ +/** @file + + Secure Encrypted Virtualization (SEV) library helper function + + Copyright (c) 2020, Advanced Micro Devices, Inc. All rights reserved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +/** + Reads and sets the status of SEV features. + + **/ +STATIC +UINT32 +EFIAPI +InternalMemEncryptSevStatus ( + VOID + ) +{ + UINT32 RegEax; + CPUID_MEMORY_ENCRYPTION_INFO_EAX Eax; + BOOLEAN ReadSevMsr; + SEC_SEV_ES_WORK_AREA *SevEsWorkArea; + + ReadSevMsr =3D FALSE; + + SevEsWorkArea =3D (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAr= eaBase); + if (SevEsWorkArea !=3D NULL && SevEsWorkArea->EncryptionMask !=3D 0) { + // + // The MSR has been read before, so it is safe to read it again and av= oid + // having to validate the CPUID information. + // + ReadSevMsr =3D TRUE; + } else { + // + // Check if memory encryption leaf exist + // + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); + if (RegEax >=3D CPUID_MEMORY_ENCRYPTION_INFO) { + // + // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported) + // + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NUL= L); + + if (Eax.Bits.SevBit) { + ReadSevMsr =3D TRUE; + } + } + } + + return ReadSevMsr ? AsmReadMsr32 (MSR_SEV_STATUS) : 0; +} + +/** + Returns a boolean to indicate whether SEV-ES is enabled. + + @retval TRUE SEV-ES is enabled + @retval FALSE SEV-ES is not enabled +**/ +BOOLEAN +EFIAPI +MemEncryptSevEsIsEnabled ( + VOID + ) +{ + MSR_SEV_STATUS_REGISTER Msr; + + Msr.Uint32 =3D InternalMemEncryptSevStatus (); + + return Msr.Bits.SevEsBit ? TRUE : FALSE; +} + +/** + Returns a boolean to indicate whether SEV is enabled. + + @retval TRUE SEV is enabled + @retval FALSE SEV is not enabled +**/ +BOOLEAN +EFIAPI +MemEncryptSevIsEnabled ( + VOID + ) +{ + MSR_SEV_STATUS_REGISTER Msr; + + Msr.Uint32 =3D InternalMemEncryptSevStatus (); + + return Msr.Bits.SevBit ? TRUE : FALSE; +} + +/** + Returns the SEV encryption mask. + + @return The SEV pagtable encryption mask +**/ +UINT64 +EFIAPI +MemEncryptSevGetEncryptionMask ( + VOID + ) +{ + CPUID_MEMORY_ENCRYPTION_INFO_EBX Ebx; + SEC_SEV_ES_WORK_AREA *SevEsWorkArea; + UINT64 EncryptionMask; + + SevEsWorkArea =3D (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAr= eaBase); + if (SevEsWorkArea !=3D NULL) { + EncryptionMask =3D SevEsWorkArea->EncryptionMask; + } else { + // + // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position) + // + AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL)= ; + EncryptionMask =3D LShiftU64 (1, Ebx.Bits.PtePosBits); + } + + return EncryptionMask; +} + +/** + Locate the page range that covers the initial (pre-SMBASE-relocation) SM= RAM + Save State Map. + + @param[out] BaseAddress The base address of the lowest-address page = that + covers the initial SMRAM Save State Map. + + @param[out] NumberOfPages The number of pages in the page range that c= overs + the initial SMRAM Save State Map. + + @retval RETURN_SUCCESS BaseAddress and NumberOfPages have been set = on + output. + + @retval RETURN_UNSUPPORTED SMM is unavailable. +**/ +RETURN_STATUS +EFIAPI +MemEncryptSevLocateInitialSmramSaveStateMapPages ( + OUT UINTN *BaseAddress, + OUT UINTN *NumberOfPages + ) +{ + return RETURN_UNSUPPORTED; +} diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c b/Ovm= fPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c similarity index 100% rename from OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c rename to OvmfPkg/Library/BaseMemEncryptSevLib/X64/PeiDxeVirtualMemory.c diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c b/= OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c new file mode 100644 index 000000000000..5c337ea0b820 --- /dev/null +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/SecVirtualMemory.c @@ -0,0 +1,80 @@ +/** @file + + Virtual Memory Management Services to set or clear the memory encryption= bit + + Copyright (c) 2020, AMD Incorporated. All rights reserved.
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +#include "VirtualMemory.h" + +/** + This function clears memory encryption bit for the memory region specifi= ed by + PhysicalAddress and Length from the current page table context. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a memory region. + @param[in] Length The length of memory region + @param[in] Flush Flush the caches before applying the + encryption mask + + @retval RETURN_SUCCESS The attributes were cleared for the + memory region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Clearing the memory encyrption attri= bute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevSetMemoryDecrypted ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length, + IN BOOLEAN Flush + ) +{ + // + // This function is not available during SEC. + // + return RETURN_UNSUPPORTED; +} + +/** + This function sets memory encryption bit for the memory region specified= by + PhysicalAddress and Length from the current page table context. + + @param[in] Cr3BaseAddress Cr3 Base Address (if zero then use + current CR3) + @param[in] PhysicalAddress The physical address that is the sta= rt + address of a memory region. + @param[in] Length The length of memory region + @param[in] Flush Flush the caches before applying the + encryption mask + + @retval RETURN_SUCCESS The attributes were set for the memo= ry + region. + @retval RETURN_INVALID_PARAMETER Number of pages is zero. + @retval RETURN_UNSUPPORTED Setting the memory encyrption attrib= ute + is not supported +**/ +RETURN_STATUS +EFIAPI +InternalMemEncryptSevSetMemoryEncrypted ( + IN PHYSICAL_ADDRESS Cr3BaseAddress, + IN PHYSICAL_ADDRESS PhysicalAddress, + IN UINTN Length, + IN BOOLEAN Flush + ) +{ + // + // This function is not available during SEC. + // + return RETURN_UNSUPPORTED; +} --=20 2.30.0