From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (NAM12-BN8-obe.outbound.protection.outlook.com [40.107.237.54])
 by mx.groups.io with SMTP id smtpd.web08.201.1609794549322942384
 for <devel@edk2.groups.io>;
 Mon, 04 Jan 2021 13:09:09 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@amdcloud.onmicrosoft.com header.s=selector2-amdcloud-onmicrosoft-com header.b=eLvbnapn;
 spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.237.54, mailfrom: thomas.lendacky@amd.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ic6PJL3LmRYC3aG1sD7sLFI9L5f1HY2FMX/2qjsaaG0TEIaKGGLOjFVj7ehlkCx4xUx6P0FR924O/AcEBz39+9vtMeT7ToU0jldlooTxjMyxX7Yrvss5PHP0Kq17ZefN5Xgle4v9Ruc91WkraCntc8I5F3s0WYRR0iMv2KifP4xRWvZmrSGMzi8DcrEWIjd4sImro8bEx+IFkVbvBL66BpVpo9T/lWufmpJmr3z80yKu7iLN0GN5USalTWSxmVZK+eKlZtlCcXDt/3i4uEEgDCScsmIRKCbm7u1o7brVmn0gJyya5iFExFfyfNNf/7sw7nkIW0DITV8duxnZVwL1Iw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=V+ijj4rwfXS2+b/RD8L6ieUKSeS/BmzzHO+pCZ7c+qw=;
 b=mrx5ccQOTuVgDZHIK6S8OZVn2/79WhtcaMsMSA9emTEl6EES6JS7dwgMLKUBo+rqM3DSGS2M32QukMNZDG7X7D3F+K/qq5zf7t5VXmbjWNEVJKCbZj7g0a5mg1EZgwA1PwymdLlRgbfqTtVQnTmME9kmjlAbN0+3YG+HhOCs0cBEdi4sTY6Tsf3FxJxaS5C46pzRlHihNwDpymfXv1MbbThcqnatvpGJywJITNmiX5wgLWvQuC0rLVCP4nbjgc+y+zBhrjSfJ89a3F/c7TThqanT1E3agU3ADNda9XHhyvWclxsAI9ihh7XJY6RsVcWcjI6UvmcR0EmFg0tuWfBGEg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=V+ijj4rwfXS2+b/RD8L6ieUKSeS/BmzzHO+pCZ7c+qw=;
 b=eLvbnapn2Jn287csmiqxEG02p/FZBS2MijnE1grqzEiAc1YL2M9TxxaHtTZD4ALQEvfs2Nb+5q8ssknkVRgptJxSBEYLLP0yUz56wdgbzyMqlaqLVZT7adel+sD8TbeQANdw6lLWaIIJlEpM3eFEnzgUdPUPAIRc7RUEPs5N/GM=
Authentication-Results: xen.org; dkim=none (message not signed)
 header.d=none;xen.org; dmarc=none action=none header.from=amd.com;
Received: from DM5PR12MB1355.namprd12.prod.outlook.com (2603:10b6:3:6e::7) by
 DM6PR12MB3084.namprd12.prod.outlook.com (2603:10b6:5:117::25) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3721.22; Mon, 4 Jan 2021 21:09:06 +0000
Received: from DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::d95e:b9d:1d6a:e845]) by DM5PR12MB1355.namprd12.prod.outlook.com
 ([fe80::d95e:b9d:1d6a:e845%12]) with mapi id 15.20.3721.024; Mon, 4 Jan 2021
 21:09:06 +0000
Subject: Re: [edk2-devel] [PATCH 05/12] OvmfPkg/MemEncryptSevLib: Add an interface to retrieve the encryption mask
To: Laszlo Ersek <lersek@redhat.com>, devel@edk2.groups.io
Cc: Brijesh Singh <brijesh.singh@amd.com>,
 James Bottomley <jejb@linux.ibm.com>,
 Jordan Justen <jordan.l.justen@intel.com>,
 Ard Biesheuvel <ard.biesheuvel@arm.com>, Rebecca Cran <rebecca@bsdio.com>,
 Peter Grehan <grehan@freebsd.org>, Anthony Perard
 <anthony.perard@citrix.com>, Julien Grall <julien@xen.org>
References: <cover.1608065471.git.thomas.lendacky@amd.com>
 <c825e9b537efb24d1a1d4ee961ea40dd948b607a.1608065471.git.thomas.lendacky@amd.com>
 <2bbd9ca2-5759-412a-0ad5-1ee062818b67@redhat.com>
From: "Lendacky, Thomas" <thomas.lendacky@amd.com>
Message-ID: <f42c261f-99a0-ab62-5244-45a3c639db0a@amd.com>
Date: Mon, 4 Jan 2021 15:09:04 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.10.0
In-Reply-To: <2bbd9ca2-5759-412a-0ad5-1ee062818b67@redhat.com>
X-Originating-IP: [67.79.209.213]
X-ClientProxiedBy: SA0PR11CA0059.namprd11.prod.outlook.com
 (2603:10b6:806:d0::34) To DM5PR12MB1355.namprd12.prod.outlook.com
 (2603:10b6:3:6e::7)
Return-Path: thomas.lendacky@amd.com
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from office-linux.texastahm.com (67.79.209.213) by SA0PR11CA0059.namprd11.prod.outlook.com (2603:10b6:806:d0::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3721.20 via Frontend Transport; Mon, 4 Jan 2021 21:09:05 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: ce7d9eb2-09a6-438d-4f75-08d8b0f4f8ea
X-MS-TrafficTypeDiagnostic: DM6PR12MB3084:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: 
	<DM6PR12MB3084AF7137DE97F9DC3286E0ECD20@DM6PR12MB3084.namprd12.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	zpUdQuN3wicaZpGz6ugIg2AqKo3vdf7MkGt2+oH145cBR5/u5Fpg0P4cREj+p4xgbd+MYEuuLXqI6rNvjtyTuIEvhvHYXYGvunOZ90T+hXY3O5wq93OlThnK7pjjhaQoGFy3oE+K1r8W6bn0LMjh3TfYnMBavWw7JkfUmgDUuSyHijN3wLCf2LsoSMSuSzSSfLwGkKUhcEPxjfr+Q+v4BnIHh49Q5o12Fy9VBTeBaXZMvLPlblS/aO2oiiDL6S22yIPEVAUPPs/sMNG97gAqo6hcyBl0o1aDaHTlM2iv3D/KtR47I4kY3vJz0Q4Hn6yIREwDCNNNp63kJkUuK/O9cWsbr4vYGELSR7jZ289hTuQDAXB9M318NwRmSpItEBqOtsFojcVU9Nt4bU04eQb79i+92uFu+4m00R0ig4+/vxYhVqQ+g4tJtH+8CWzf5oWmafb+moh2r/uLE7sqakXw0qpQH+NV7cwXoh4LS5gnxyAboaj1bWPY4pTWd8vZ9/DH7KcUFncPJDh30JINuZ5ogph3iMt9UDqVpRdZEQvMlj/np9RtxqjqSLQ18Dm/Z5PY
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR12MB1355.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(136003)(39860400002)(376002)(366004)(346002)(966005)(4326008)(36756003)(83380400001)(19627235002)(52116002)(86362001)(31686004)(8936002)(5660300002)(2906002)(316002)(31696002)(478600001)(8676002)(45080400002)(2616005)(956004)(66556008)(66476007)(30864003)(66946007)(16526019)(54906003)(6486002)(186003)(26005)(6512007)(53546011)(6506007)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 
	=?utf-8?B?Zm10SkhLYnhJM1JpdVJBM1FsVXhLYjdMNlVhQW1WamYySGdiMUhyQTdXNkxU?=
 =?utf-8?B?SkpkRVZUcXk0NllFZGk1L2M1eENId0hVLzhOd0I5cjkxVkpnSEdRK0JIbDhZ?=
 =?utf-8?B?ZGNSd2o5L2plRUZRdWlKTENzNy9wYmxCOFVyMndtTkxKWER2bmp6L0JvR0xY?=
 =?utf-8?B?ZXAwWFRDQzNFTWtPR2gyR29iaVhTR0JJU3ZOeGlqK3N2TzBFdGdJT1lHaDcr?=
 =?utf-8?B?VG1hSjVVSStGZndheWZldVdRNXNuWjFHN3A1dzA5ZlQwUlFGejVrTmE5Q2hu?=
 =?utf-8?B?MlcvcEdrR0lpMys5OXlLVkMzeFc2VHhyRG5VTDY1cGRWOFBwdGtYUVI5SDFE?=
 =?utf-8?B?eDBTY1JZblc0NmZhMXdLb1Q2Vm9tQ3dqaUJKU2wxK2NiMHJSbE91cDFIOGcw?=
 =?utf-8?B?a2pSQ1N5eHkrQjQ5cFNaNFQrRUJZSVBUZzN5SkNrMG1MZjlrUURsS2toMmth?=
 =?utf-8?B?N0ZhUGxFVXU2K3hBdWVDdTl0ZjlLSTFOQ25pZWgxVm9UWnlzdkltMTJUeTlJ?=
 =?utf-8?B?L2hhTzNwb2ZJeUpIOXhTUkJvalB4eVlCZmxwK0ZKWWE2akxIbUtDVDRySlhu?=
 =?utf-8?B?S1AvL3E0WVJEek1sK0NsbDJQVThkdVd2cno1ZVE4ZjNNWVgzek1EeGRyTkpj?=
 =?utf-8?B?dUh3bllndTB2N1VkUUFpdUZCNVBjanFIckhJa3NTbFFkR2JJYkE2R3IwZnph?=
 =?utf-8?B?ckVVdVRrL3JvNSszV3B6Y012ODJ6NU1yZWkrZGtsZGpRSlh0KzkvREZ6SlpC?=
 =?utf-8?B?aUdNaUxkS1gxTWI0dmd4V01pakxkaUIvd3UrSFF0MStScVMycXNwRHhkVHdX?=
 =?utf-8?B?cDl3dGxxSjQ5TGlPVzdlVnJxVWZzMlE4Ri8zazFYUGZ0VWNiL1hiNytWZFVs?=
 =?utf-8?B?Nml6SGFDZmUzdXRZZFpic2UvZmtBVHl5K1haTnVGWGVCS3hjMENXN2xZZk9s?=
 =?utf-8?B?WVRJYVhNY1o3NitQVnBxM0cwZ2RaSExzeU4zTXhvbHFPSk5ZRU96NHNSQUFN?=
 =?utf-8?B?L05Fa0greEZRT0RTbkxCZ0hyVWV3dlI2ekZZbGJreDNLd3FxcWcvS3dFQjds?=
 =?utf-8?B?NjEwVHB1RnA2R0x6WWlMMFRWbm92dGhpV0htR2NIVlpkeUlyQlpDV1l6QStk?=
 =?utf-8?B?UTZkTUs4aDdMVUxvVUs1dXpPN3VMNXdzcGZzWXllMC9SbUF5Zk1jaHZ3bk1N?=
 =?utf-8?B?aHhTS3JFZnd1ay9jN1JvYlc2R1JLdVhUTlFac1hZNjVGVm5KREVDMDdRVmxE?=
 =?utf-8?B?ZlVSTFRLYmF0N0lBL0NGUmFGM0UvWUVRNjkrREFRTzFXOEw0ZE9MS1JTek1C?=
 =?utf-8?Q?7S09BeWopmWgVs+GsMYTyK1ylx501Y121S?=
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-AuthSource: DM5PR12MB1355.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Jan 2021 21:09:06.6369
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-Network-Message-Id: ce7d9eb2-09a6-438d-4f75-08d8b0f4f8ea
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: JGoUCm2IPlOM5CqtlLQ4B1RmbJOusC6mkrUqEisyt3DmUkQHva2X36Viraf2BLTxNCpB0A1FHryjtw4CPb2uJg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB3084
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit

On 1/4/21 2:34 PM, Laszlo Ersek wrote:
> On 12/15/20 21:51, Lendacky, Thomas wrote:
>> From: Tom Lendacky <thomas.lendacky@amd.com>
>>
>> BZ: https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D3108&amp;data=04%7C01%7Cthomas.lendacky%40amd.com%7Ca6820182d19f4e0821d908d8b0f01c5f%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637453892632471236%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=pXsRpEk6pQPZUiqtY1OUzmcsjflNq5nTN6I6%2F%2F1d8VI%3D&amp;reserved=0
>>
>> The early assembler code performs validation for some of the SEV-related
>> information, specifically the encryption bit position. To avoid having to
>> re-validate the encryption bit position as the system proceeds through its
>> boot phases, use the saved information from the SEV-ES work area during
>> PEI and PcdPteMemoryEncryptionAddressOrMask (set during PEI) during DXE.
> 
> (1) Please replace
> 
>    and
> 
> on the last line, with
> 
>    , and
> 

Will do.

> Without the comma, it's too easy to misread the message as "use [blah]
> during PEI and PcdPteMemoryEncryptionAddressOrMask" -- i.e., as if
> "during" applied to "PEI" and "PcdPteMemoryEncryptionAddressOrMask"
> alike. Which of course makes no sense.
> 
>>
>> To ensure that we always use a validated encryption mask for an SEV-ES
>> guest, create a new interface in the MemEncryptSevLib library to return
>> the encryption mask. This avoids the multiple locations where CPUID is
>> used to retrieve the value and allows the validated mask to be returned.
>>
>> Update all locations that use CPUID to calculate the encryption mask to
>> use the new interface. Also, clean up some call areas where extra masking
>> was being performed and where a function call was being used instead of
>> the local variable that was just set using the function.
>>
>> Cc: Jordan Justen <jordan.l.justen@intel.com>
>> Cc: Laszlo Ersek <lersek@redhat.com>
>> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
>> Cc: Rebecca Cran <rebecca@bsdio.com>
>> Cc: Peter Grehan <grehan@freebsd.org>
>> Cc: Anthony Perard <anthony.perard@citrix.com>
>> Cc: Julien Grall <julien@xen.org>
>> Cc: Brijesh Singh <brijesh.singh@amd.com>
>> Signed-off-by: Tom Lendacky <thomas.lendacky@amd.com>
>> ---
>>   OvmfPkg/AmdSev/AmdSevX64.dsc                  |   4 +-
>>   OvmfPkg/Bhyve/BhyveX64.dsc                    |   4 +-
>>   OvmfPkg/OvmfPkgIa32.dsc                       |   4 +-
>>   OvmfPkg/OvmfPkgIa32X64.dsc                    |   4 +-
>>   OvmfPkg/OvmfPkgX64.dsc                        |   4 +-
>>   OvmfPkg/OvmfXen.dsc                           |   3 +-
>>   ...SevLib.inf => DxeBaseMemEncryptSevLib.inf} |  13 +-
>>   .../PeiBaseMemEncryptSevLib.inf               |  56 ++++++
>>   OvmfPkg/Include/Library/MemEncryptSevLib.h    |  14 ++
>>   OvmfPkg/Bhyve/PlatformPei/AmdSev.c            |  12 +-
>>   .../DxeMemEncryptSevLibInternal.c             | 145 ++++++++++++++++
>>   .../MemEncryptSevLibInternal.c                |  91 +---------
>>   .../PeiMemEncryptSevLibInternal.c             | 159 ++++++++++++++++++
>>   .../BaseMemEncryptSevLib/X64/VirtualMemory.c  |  15 +-
>>   OvmfPkg/PlatformPei/AmdSev.c                  |  12 +-
>>   OvmfPkg/XenPlatformPei/AmdSev.c               |  12 +-
>>   OvmfPkg/ResetVector/Ia32/PageTables64.asm     |  10 +-
>>   OvmfPkg/ResetVector/ResetVector.nasmb         |   1 +
>>   18 files changed, 422 insertions(+), 141 deletions(-)
>>   rename OvmfPkg/Library/BaseMemEncryptSevLib/{BaseMemEncryptSevLib.inf => DxeBaseMemEncryptSevLib.inf} (67%)
>>   create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>>   create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
>>   create mode 100644 OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
> 
> (2) "DxeBase" should be just "Dxe", and "PeiBase" should just be "Pei".
> 
> The BASE_NAME defines in the INF files are correct already, but the
> names of those INF files, and the references to them in the DSC files,
> are not.

Yup, will fix.

> 
>>
>> diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc
>> index bb7697eb324b..c742ec54cb57 100644
>> --- a/OvmfPkg/AmdSev/AmdSevX64.dsc
>> +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc
>> @@ -164,7 +164,7 @@ [LibraryClasses]
>>     QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf
>>     VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>>     LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
>> -  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>>     LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>>     CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
>>     FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
>> @@ -285,6 +285,8 @@ [LibraryClasses.common.PEIM]
>>     Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
>>   !endif
>>   
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> +
>>   [LibraryClasses.common.DXE_CORE]
>>     HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>>     DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
>> diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc
>> index b93fe30ae4e0..27973bc940d5 100644
>> --- a/OvmfPkg/Bhyve/BhyveX64.dsc
>> +++ b/OvmfPkg/Bhyve/BhyveX64.dsc
>> @@ -163,7 +163,7 @@ [LibraryClasses]
>>     QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/BaseQemuFwCfgS3LibNull.inf
>>     BhyveFwCtlLib|OvmfPkg/Library/BhyveFwCtlLib/BhyveFwCtlLib.inf
>>     VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>> -  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>>     LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>>   
>>     CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
>> @@ -292,6 +292,8 @@ [LibraryClasses.common.PEIM]
>>     Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
>>   !endif
>>   
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> +
>>   [LibraryClasses.common.DXE_CORE]
>>     HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>>     DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
>> diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
>> index 8eede796a8bd..e433e17dc807 100644
>> --- a/OvmfPkg/OvmfPkgIa32.dsc
>> +++ b/OvmfPkg/OvmfPkgIa32.dsc
>> @@ -169,7 +169,7 @@ [LibraryClasses]
>>     QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf
>>     VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>>     LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
>> -  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>>   !if $(SMM_REQUIRE) == FALSE
>>     LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>>   !endif
>> @@ -309,6 +309,8 @@ [LibraryClasses.common.PEIM]
>>     Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
>>   !endif
>>   
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> +
>>   [LibraryClasses.common.DXE_CORE]
>>     HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>>     DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
>> diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
>> index f9f82a48f4b9..2e2eefbe33f0 100644
>> --- a/OvmfPkg/OvmfPkgIa32X64.dsc
>> +++ b/OvmfPkg/OvmfPkgIa32X64.dsc
>> @@ -173,7 +173,7 @@ [LibraryClasses]
>>     QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf
>>     VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>>     LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
>> -  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>>   !if $(SMM_REQUIRE) == FALSE
>>     LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>>   !endif
>> @@ -313,6 +313,8 @@ [LibraryClasses.common.PEIM]
>>     Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
>>   !endif
>>   
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> +
>>   [LibraryClasses.common.DXE_CORE]
>>     HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>>     DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
>> diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
>> index e59ae05b73aa..3e008855fbc1 100644
>> --- a/OvmfPkg/OvmfPkgX64.dsc
>> +++ b/OvmfPkg/OvmfPkgX64.dsc
>> @@ -173,7 +173,7 @@ [LibraryClasses]
>>     QemuFwCfgSimpleParserLib|OvmfPkg/Library/QemuFwCfgSimpleParserLib/QemuFwCfgSimpleParserLib.inf
>>     VirtioLib|OvmfPkg/Library/VirtioLib/VirtioLib.inf
>>     LoadLinuxLib|OvmfPkg/Library/LoadLinuxLib/LoadLinuxLib.inf
>> -  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>>   !if $(SMM_REQUIRE) == FALSE
>>     LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>>   !endif
>> @@ -313,6 +313,8 @@ [LibraryClasses.common.PEIM]
>>     Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
>>   !endif
>>   
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> +
>>   [LibraryClasses.common.DXE_CORE]
>>     HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>>     DxeCoreEntryPoint|MdePkg/Library/DxeCoreEntryPoint/DxeCoreEntryPoint.inf
>> diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
>> index 12b7a87ee877..44fae364b423 100644
>> --- a/OvmfPkg/OvmfXen.dsc
>> +++ b/OvmfPkg/OvmfXen.dsc
>> @@ -161,7 +161,7 @@ [LibraryClasses]
>>     SerializeVariablesLib|OvmfPkg/Library/SerializeVariablesLib/SerializeVariablesLib.inf
>>     QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxeLib.inf
>>     QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf
>> -  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>>     LockBoxLib|OvmfPkg/Library/LockBoxLib/LockBoxBaseLib.inf
>>     CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
>>     FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
>> @@ -273,6 +273,7 @@ [LibraryClasses.common.PEIM]
>>     QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/PeiQemuFwCfgS3LibFwCfg.inf
>>     PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
>>     QemuFwCfgLib|OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgPeiLib.inf
>> +  MemEncryptSevLib|OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>>   
>>   [LibraryClasses.common.DXE_CORE]
>>     HobLib|MdePkg/Library/DxeCoreHobLib/DxeCoreHobLib.inf
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>> similarity index 67%
>> rename from OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> rename to OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>> index 7c44d0952815..2be6ca1fa737 100644
>> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/BaseMemEncryptSevLib.inf
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeBaseMemEncryptSevLib.inf
>> @@ -1,7 +1,7 @@
>>   ## @file
>>   #  Library provides the helper functions for SEV guest
>>   #
>> -# Copyright (c) 2017 Advanced Micro Devices. All rights reserved.<BR>
>> +# Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
>>   #
>>   #  SPDX-License-Identifier: BSD-2-Clause-Patent
>>   #
>> @@ -10,11 +10,11 @@
>>   
>>   [Defines]
>>     INF_VERSION                    = 1.25
>> -  BASE_NAME                      = MemEncryptSevLib
>> +  BASE_NAME                      = DxeMemEncryptSevLib
>>     FILE_GUID                      = c1594631-3888-4be4-949f-9c630dbc842b
>>     MODULE_TYPE                    = BASE
>>     VERSION_STRING                 = 1.0
>> -  LIBRARY_CLASS                  = MemEncryptSevLib|PEIM DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER
>> +  LIBRARY_CLASS                  = MemEncryptSevLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_DRIVER
>>   
>>   #
>>   # The following information is for reference only and not required by the build
>> @@ -30,14 +30,16 @@ [Packages]
>>     UefiCpuPkg/UefiCpuPkg.dec
>>   
>>   [Sources.X64]
>> +  DxeMemEncryptSevLibInternal.c
>>     MemEncryptSevLibInternal.c
>>     X64/MemEncryptSevLib.c
>>     X64/VirtualMemory.c
>>     X64/VirtualMemory.h
>>   
>>   [Sources.IA32]
>> +  DxeMemEncryptSevLibInternal.c
>> +  MemEncryptSevLibInternal.c
>>     Ia32/MemEncryptSevLib.c
>> -  MemEncryptSevLibInternal.c
>>   
>>   [LibraryClasses]
>>     BaseLib
>> @@ -49,3 +51,6 @@ [LibraryClasses]
>>   
>>   [FeaturePcd]
>>     gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
>> +
>> +[Pcd]
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> new file mode 100644
>> index 000000000000..7bdf8cb5210d
>> --- /dev/null
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiBaseMemEncryptSevLib.inf
>> @@ -0,0 +1,56 @@
>> +## @file
>> +#  Library provides the helper functions for SEV guest
>> +#
>> +# Copyright (c) 2020 Advanced Micro Devices. All rights reserved.<BR>
>> +#
>> +#  SPDX-License-Identifier: BSD-2-Clause-Patent
>> +#
>> +#
>> +##
>> +
>> +[Defines]
>> +  INF_VERSION                    = 1.25
>> +  BASE_NAME                      = PeiMemEncryptSevLib
>> +  FILE_GUID                      = 15d9a694-3d2a-4184-9672-ba55c3070e07
>> +  MODULE_TYPE                    = BASE
>> +  VERSION_STRING                 = 1.0
>> +  LIBRARY_CLASS                  = MemEncryptSevLib|PEIM
>> +
>> +#
>> +# The following information is for reference only and not required by the build
>> +# tools.
>> +#
>> +# VALID_ARCHITECTURES           = IA32 X64
>> +#
>> +
>> +[Packages]
>> +  MdeModulePkg/MdeModulePkg.dec
>> +  MdePkg/MdePkg.dec
>> +  OvmfPkg/OvmfPkg.dec
>> +  UefiCpuPkg/UefiCpuPkg.dec
>> +
>> +[Sources.X64]
>> +  PeiMemEncryptSevLibInternal.c
>> +  MemEncryptSevLibInternal.c
>> +  X64/MemEncryptSevLib.c
>> +  X64/VirtualMemory.c
>> +  X64/VirtualMemory.h
>> +
>> +[Sources.IA32]
>> +  PeiMemEncryptSevLibInternal.c
>> +  MemEncryptSevLibInternal.c
>> +  Ia32/MemEncryptSevLib.c
>> +
>> +[LibraryClasses]
>> +  BaseLib
>> +  CacheMaintenanceLib
>> +  CpuLib
>> +  DebugLib
>> +  MemoryAllocationLib
>> +  PcdLib
>> +
>> +[FeaturePcd]
>> +  gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
>> +
>> +[FixedPcd]
>> +  gUefiCpuPkgTokenSpaceGuid.PcdSevEsWorkAreaBase
> 
> (3) In each INF file:
> 
> I suggest moving the files shared between X64 and IA32 to a plain
> [Sources] section (i.e., no architecture modifier). I do agree that the
> pre-patch status is already not ideal (as "MemEncryptSevLibInternal.c"
> is duplicated between the [Sources.IA32] and [Sources.X64] sections),
> but since you already move "MemEncryptSevLibInternal.c" a bit, we might
> as well move as much as possible under a new [Sources] section.
> 
> Again this applies to both INF files.

Will do.

> 
>> diff --git a/OvmfPkg/Include/Library/MemEncryptSevLib.h b/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> index dc09c61e58bb..394065f15bc1 100644
>> --- a/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> +++ b/OvmfPkg/Include/Library/MemEncryptSevLib.h
>> @@ -29,6 +29,8 @@ typedef struct _SEC_SEV_ES_WORK_AREA {
>>     UINT8    Reserved1[7];
>>   
>>     UINT64   RandomData;
>> +
>> +  UINT64   EncryptionMask;
>>   } SEC_SEV_ES_WORK_AREA;
>>   
>>   /**
>> @@ -133,4 +135,16 @@ MemEncryptSevLocateInitialSmramSaveStateMapPages (
>>     OUT UINTN *BaseAddress,
>>     OUT UINTN *NumberOfPages
>>     );
>> +
>> +/**
>> +  Returns the SEV encryption mask.
>> +
>> +  @return  The SEV pagtable encryption mask
> 
> (4) Typo: "pagtable".

Will fix.

> 
>> +**/
>> +UINT64
>> +EFIAPI
>> +MemEncryptSevGetEncryptionMask (
>> +  VOID
>> +  );
>> +
>>   #endif // _MEM_ENCRYPT_SEV_LIB_H_
> 
> (5) The contents of this patch makes sense, but the patch is too large
> for my taste. Please split it to 3 patches:
> 
> - Save the mask in the reset vector to a new field in the work area.
> 
> - Introduce the new API to the lib class (and introduce both lib
> instances too). Reworking "VirtualMemory.c" in this same patch is fine.
> 
> - Migrate the consumers of the mask to the new API (as far as I can
> tell, these are the three PlatformPei modules).

Ok, I'll start working on that.

> 
> (6) Please confirm that you've successfully built all six modified DSC
> files.
> 
> For Bhyve, you need nothing extra (similarly to Xen).
> 
> For test-building "OvmfPkg/AmdSev/AmdSevX64.dsc", you need to palce any
> random grub.efi binary at "OvmfPkg/AmdSev/Grub/grub.efi".

Will do.

Thanks,
Tom

> 
> Thanks,
> Laszlo
> 
>> diff --git a/OvmfPkg/Bhyve/PlatformPei/AmdSev.c b/OvmfPkg/Bhyve/PlatformPei/AmdSev.c
>> index e484f4b311fe..e3ed78581c1b 100644
>> --- a/OvmfPkg/Bhyve/PlatformPei/AmdSev.c
>> +++ b/OvmfPkg/Bhyve/PlatformPei/AmdSev.c
>> @@ -1,7 +1,7 @@
>>   /**@file
>>     Initialize Secure Encrypted Virtualization (SEV) support
>>   
>> -  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.<BR>
>> +  Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
>>   
>>     SPDX-License-Identifier: BSD-2-Clause-Patent
>>   
>> @@ -15,8 +15,6 @@
>>   #include <Library/MemEncryptSevLib.h>
>>   #include <Library/PcdLib.h>
>>   #include <PiPei.h>
>> -#include <Register/Amd/Cpuid.h>
>> -#include <Register/Cpuid.h>
>>   #include <Register/Intel/SmramSaveStateMap.h>
>>   
>>   #include "Platform.h"
>> @@ -32,7 +30,6 @@ AmdSevInitialize (
>>     VOID
>>     )
>>   {
>> -  CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;
>>     UINT64                            EncryptionMask;
>>     RETURN_STATUS                     PcdStatus;
>>   
>> @@ -43,15 +40,10 @@ AmdSevInitialize (
>>       return;
>>     }
>>   
>> -  //
>> -  // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
>> -  //
>> -  AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
>> -  EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
>> -
>>     //
>>     // Set Memory Encryption Mask PCD
>>     //
>> +  EncryptionMask = MemEncryptSevGetEncryptionMask ();
>>     PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask);
>>     ASSERT_RETURN_ERROR (PcdStatus);
>>   
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
>> new file mode 100644
>> index 000000000000..2816f859a0c4
>> --- /dev/null
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/DxeMemEncryptSevLibInternal.c
>> @@ -0,0 +1,145 @@
>> +/** @file
>> +
>> +  Secure Encrypted Virtualization (SEV) library helper function
>> +
>> +  Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
>> +
>> +  SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Library/BaseLib.h>
>> +#include <Library/DebugLib.h>
>> +#include <Library/MemEncryptSevLib.h>
>> +#include <Library/PcdLib.h>
>> +#include <Register/Amd/Cpuid.h>
>> +#include <Register/Amd/Msr.h>
>> +#include <Register/Cpuid.h>
>> +#include <Uefi/UefiBaseType.h>
>> +
>> +STATIC BOOLEAN mSevStatus = FALSE;
>> +STATIC BOOLEAN mSevEsStatus = FALSE;
>> +STATIC BOOLEAN mSevStatusChecked = FALSE;
>> +
>> +STATIC UINT64  mSevEncryptionMask = 0;
>> +STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE;
>> +
>> +/**
>> +  Reads and sets the status of SEV features.
>> +
>> +  **/
>> +STATIC
>> +VOID
>> +EFIAPI
>> +InternalMemEncryptSevStatus (
>> +  VOID
>> +  )
>> +{
>> +  UINT32                            RegEax;
>> +  MSR_SEV_STATUS_REGISTER           Msr;
>> +  CPUID_MEMORY_ENCRYPTION_INFO_EAX  Eax;
>> +  BOOLEAN                           ReadSevMsr;
>> +  UINT64                            EncryptionMask;
>> +
>> +  ReadSevMsr = FALSE;
>> +
>> +  EncryptionMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
>> +  if (EncryptionMask != 0) {
>> +    //
>> +    // The MSR has been read before, so it is safe to read it again and avoid
>> +    // having to validate the CPUID information.
>> +    //
>> +    ReadSevMsr = TRUE;
>> +  } else {
>> +    //
>> +    // Check if memory encryption leaf exist
>> +    //
>> +    AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
>> +    if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
>> +      //
>> +      // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
>> +      //
>> +      AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
>> +
>> +      if (Eax.Bits.SevBit) {
>> +        ReadSevMsr = TRUE;
>> +      }
>> +    }
>> +  }
>> +
>> +  if (ReadSevMsr) {
>> +    //
>> +    // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
>> +    //
>> +    Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
>> +    if (Msr.Bits.SevBit) {
>> +      mSevStatus = TRUE;
>> +    }
>> +
>> +    //
>> +    // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
>> +    //
>> +    if (Msr.Bits.SevEsBit) {
>> +      mSevEsStatus = TRUE;
>> +    }
>> +  }
>> +
>> +  mSevStatusChecked = TRUE;
>> +}
>> +
>> +/**
>> +  Returns a boolean to indicate whether SEV-ES is enabled.
>> +
>> +  @retval TRUE           SEV-ES is enabled
>> +  @retval FALSE          SEV-ES is not enabled
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +MemEncryptSevEsIsEnabled (
>> +  VOID
>> +  )
>> +{
>> +  if (!mSevStatusChecked) {
>> +    InternalMemEncryptSevStatus ();
>> +  }
>> +
>> +  return mSevEsStatus;
>> +}
>> +
>> +/**
>> +  Returns a boolean to indicate whether SEV is enabled.
>> +
>> +  @retval TRUE           SEV is enabled
>> +  @retval FALSE          SEV is not enabled
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +MemEncryptSevIsEnabled (
>> +  VOID
>> +  )
>> +{
>> +  if (!mSevStatusChecked) {
>> +    InternalMemEncryptSevStatus ();
>> +  }
>> +
>> +  return mSevStatus;
>> +}
>> +
>> +/**
>> +  Returns the SEV encryption mask.
>> +
>> +  @return  The SEV pagtable encryption mask
>> +**/
>> +UINT64
>> +EFIAPI
>> +MemEncryptSevGetEncryptionMask (
>> +  VOID
>> +  )
>> +{
>> +  if (!mSevEncryptionMaskSaved) {
>> +    mSevEncryptionMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
>> +    mSevEncryptionMaskSaved = TRUE;
>> +  }
>> +
>> +  return mSevEncryptionMask;
>> +}
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
>> index 02b8eb225d81..ec6d02eaefd0 100644
>> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/MemEncryptSevLibInternal.c
>> @@ -2,7 +2,7 @@
>>   
>>     Secure Encrypted Virtualization (SEV) library helper function
>>   
>> -  Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
>> +  Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
>>   
>>     SPDX-License-Identifier: BSD-2-Clause-Patent
>>   
>> @@ -19,95 +19,6 @@
>>   #include <Register/SmramSaveStateMap.h>
>>   #include <Uefi/UefiBaseType.h>
>>   
>> -STATIC BOOLEAN mSevStatus = FALSE;
>> -STATIC BOOLEAN mSevEsStatus = FALSE;
>> -STATIC BOOLEAN mSevStatusChecked = FALSE;
>> -
>> -/**
>> -  Reads and sets the status of SEV features.
>> -
>> -  **/
>> -STATIC
>> -VOID
>> -EFIAPI
>> -InternalMemEncryptSevStatus (
>> -  VOID
>> -  )
>> -{
>> -  UINT32                            RegEax;
>> -  MSR_SEV_STATUS_REGISTER           Msr;
>> -  CPUID_MEMORY_ENCRYPTION_INFO_EAX  Eax;
>> -
>> -  //
>> -  // Check if memory encryption leaf exist
>> -  //
>> -  AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
>> -  if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
>> -    //
>> -    // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
>> -    //
>> -    AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
>> -
>> -    if (Eax.Bits.SevBit) {
>> -      //
>> -      // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
>> -      //
>> -      Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
>> -      if (Msr.Bits.SevBit) {
>> -        mSevStatus = TRUE;
>> -      }
>> -
>> -      //
>> -      // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
>> -      //
>> -      if (Msr.Bits.SevEsBit) {
>> -        mSevEsStatus = TRUE;
>> -      }
>> -    }
>> -  }
>> -
>> -  mSevStatusChecked = TRUE;
>> -}
>> -
>> -/**
>> -  Returns a boolean to indicate whether SEV-ES is enabled.
>> -
>> -  @retval TRUE           SEV-ES is enabled
>> -  @retval FALSE          SEV-ES is not enabled
>> -**/
>> -BOOLEAN
>> -EFIAPI
>> -MemEncryptSevEsIsEnabled (
>> -  VOID
>> -  )
>> -{
>> -  if (!mSevStatusChecked) {
>> -    InternalMemEncryptSevStatus ();
>> -  }
>> -
>> -  return mSevEsStatus;
>> -}
>> -
>> -/**
>> -  Returns a boolean to indicate whether SEV is enabled.
>> -
>> -  @retval TRUE           SEV is enabled
>> -  @retval FALSE          SEV is not enabled
>> -**/
>> -BOOLEAN
>> -EFIAPI
>> -MemEncryptSevIsEnabled (
>> -  VOID
>> -  )
>> -{
>> -  if (!mSevStatusChecked) {
>> -    InternalMemEncryptSevStatus ();
>> -  }
>> -
>> -  return mSevStatus;
>> -}
>> -
>> -
>>   /**
>>     Locate the page range that covers the initial (pre-SMBASE-relocation) SMRAM
>>     Save State Map.
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
>> new file mode 100644
>> index 000000000000..e2fd109d120f
>> --- /dev/null
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/PeiMemEncryptSevLibInternal.c
>> @@ -0,0 +1,159 @@
>> +/** @file
>> +
>> +  Secure Encrypted Virtualization (SEV) library helper function
>> +
>> +  Copyright (c) 2020, AMD Incorporated. All rights reserved.<BR>
>> +
>> +  SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Library/BaseLib.h>
>> +#include <Library/DebugLib.h>
>> +#include <Library/MemEncryptSevLib.h>
>> +#include <Library/PcdLib.h>
>> +#include <Register/Amd/Cpuid.h>
>> +#include <Register/Amd/Msr.h>
>> +#include <Register/Cpuid.h>
>> +#include <Uefi/UefiBaseType.h>
>> +
>> +STATIC BOOLEAN mSevStatus = FALSE;
>> +STATIC BOOLEAN mSevEsStatus = FALSE;
>> +STATIC BOOLEAN mSevStatusChecked = FALSE;
>> +
>> +STATIC UINT64  mSevEncryptionMask = 0;
>> +STATIC BOOLEAN mSevEncryptionMaskSaved = FALSE;
>> +
>> +/**
>> +  Reads and sets the status of SEV features.
>> +
>> +  **/
>> +STATIC
>> +VOID
>> +EFIAPI
>> +InternalMemEncryptSevStatus (
>> +  VOID
>> +  )
>> +{
>> +  UINT32                            RegEax;
>> +  MSR_SEV_STATUS_REGISTER           Msr;
>> +  CPUID_MEMORY_ENCRYPTION_INFO_EAX  Eax;
>> +  BOOLEAN                           ReadSevMsr;
>> +  SEC_SEV_ES_WORK_AREA              *SevEsWorkArea;
>> +
>> +  ReadSevMsr = FALSE;
>> +
>> +  SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase);
>> +  if (SevEsWorkArea != NULL && SevEsWorkArea->EncryptionMask != 0) {
>> +    //
>> +    // The MSR has been read before, so it is safe to read it again and avoid
>> +    // having to validate the CPUID information.
>> +    //
>> +    ReadSevMsr = TRUE;
>> +  } else {
>> +    //
>> +    // Check if memory encryption leaf exist
>> +    //
>> +    AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);
>> +    if (RegEax >= CPUID_MEMORY_ENCRYPTION_INFO) {
>> +      //
>> +      // CPUID Fn8000_001F[EAX] Bit 1 (Sev supported)
>> +      //
>> +      AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, &Eax.Uint32, NULL, NULL, NULL);
>> +
>> +      if (Eax.Bits.SevBit) {
>> +        ReadSevMsr = TRUE;
>> +      }
>> +    }
>> +  }
>> +
>> +  if (ReadSevMsr) {
>> +    //
>> +    // Check MSR_0xC0010131 Bit 0 (Sev Enabled)
>> +    //
>> +    Msr.Uint32 = AsmReadMsr32 (MSR_SEV_STATUS);
>> +    if (Msr.Bits.SevBit) {
>> +      mSevStatus = TRUE;
>> +    }
>> +
>> +    //
>> +    // Check MSR_0xC0010131 Bit 1 (Sev-Es Enabled)
>> +    //
>> +    if (Msr.Bits.SevEsBit) {
>> +      mSevEsStatus = TRUE;
>> +    }
>> +  }
>> +
>> +  mSevStatusChecked = TRUE;
>> +}
>> +
>> +/**
>> +  Returns a boolean to indicate whether SEV-ES is enabled.
>> +
>> +  @retval TRUE           SEV-ES is enabled
>> +  @retval FALSE          SEV-ES is not enabled
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +MemEncryptSevEsIsEnabled (
>> +  VOID
>> +  )
>> +{
>> +  if (!mSevStatusChecked) {
>> +    InternalMemEncryptSevStatus ();
>> +  }
>> +
>> +  return mSevEsStatus;
>> +}
>> +
>> +/**
>> +  Returns a boolean to indicate whether SEV is enabled.
>> +
>> +  @retval TRUE           SEV is enabled
>> +  @retval FALSE          SEV is not enabled
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +MemEncryptSevIsEnabled (
>> +  VOID
>> +  )
>> +{
>> +  if (!mSevStatusChecked) {
>> +    InternalMemEncryptSevStatus ();
>> +  }
>> +
>> +  return mSevStatus;
>> +}
>> +
>> +/**
>> +  Returns the SEV encryption mask.
>> +
>> +  @return  The SEV pagtable encryption mask
>> +**/
>> +UINT64
>> +EFIAPI
>> +MemEncryptSevGetEncryptionMask (
>> +  VOID
>> +  )
>> +{
>> +  if (!mSevEncryptionMaskSaved) {
>> +    SEC_SEV_ES_WORK_AREA  *SevEsWorkArea;
>> +
>> +    SevEsWorkArea = (SEC_SEV_ES_WORK_AREA *) FixedPcdGet32 (PcdSevEsWorkAreaBase);
>> +    if (SevEsWorkArea != NULL) {
>> +      mSevEncryptionMask = SevEsWorkArea->EncryptionMask;
>> +    } else {
>> +      CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;
>> +
>> +      //
>> +      // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
>> +      //
>> +      AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
>> +      mSevEncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
>> +    }
>> +
>> +    mSevEncryptionMaskSaved = TRUE;
>> +  }
>> +
>> +  return mSevEncryptionMask;
>> +}
>> diff --git a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
>> index 5e110c84ff81..6422bc53bd5d 100644
>> --- a/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
>> +++ b/OvmfPkg/Library/BaseMemEncryptSevLib/X64/VirtualMemory.c
>> @@ -3,7 +3,7 @@
>>     Virtual Memory Management Services to set or clear the memory encryption bit
>>   
>>     Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
>> -  Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
>> +  Copyright (c) 2017 - 2020, AMD Incorporated. All rights reserved.<BR>
>>   
>>     SPDX-License-Identifier: BSD-2-Clause-Patent
>>   
>> @@ -12,6 +12,7 @@
>>   **/
>>   
>>   #include <Library/CpuLib.h>
>> +#include <Library/MemEncryptSevLib.h>
>>   #include <Register/Amd/Cpuid.h>
>>   #include <Register/Cpuid.h>
>>   
>> @@ -39,17 +40,12 @@ GetMemEncryptionAddressMask (
>>     )
>>   {
>>     UINT64                            EncryptionMask;
>> -  CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;
>>   
>>     if (mAddressEncMaskChecked) {
>>       return mAddressEncMask;
>>     }
>>   
>> -  //
>> -  // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
>> -  //
>> -  AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
>> -  EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
>> +  EncryptionMask = MemEncryptSevGetEncryptionMask ();
>>   
>>     mAddressEncMask = EncryptionMask & PAGING_1G_ADDRESS_MASK_64;
>>     mAddressEncMaskChecked = TRUE;
>> @@ -289,8 +285,7 @@ SetPageTablePoolReadOnly (
>>     LevelSize[3] = SIZE_1GB;
>>     LevelSize[4] = SIZE_512GB;
>>   
>> -  AddressEncMask  = GetMemEncryptionAddressMask() &
>> -                    PAGING_1G_ADDRESS_MASK_64;
>> +  AddressEncMask  = GetMemEncryptionAddressMask();
>>     PageTable       = (UINT64 *)(UINTN)PageTableBase;
>>     PoolUnitSize    = PAGE_TABLE_POOL_UNIT_SIZE;
>>   
>> @@ -437,7 +432,7 @@ Split1GPageTo2M (
>>   
>>     AddressEncMask = GetMemEncryptionAddressMask ();
>>     ASSERT (PageDirectoryEntry != NULL);
>> -  ASSERT (*PageEntry1G & GetMemEncryptionAddressMask ());
>> +  ASSERT (*PageEntry1G & AddressEncMask);
>>     //
>>     // Fill in 1G page entry.
>>     //
>> diff --git a/OvmfPkg/PlatformPei/AmdSev.c b/OvmfPkg/PlatformPei/AmdSev.c
>> index 4a515a484720..954d53eba4e8 100644
>> --- a/OvmfPkg/PlatformPei/AmdSev.c
>> +++ b/OvmfPkg/PlatformPei/AmdSev.c
>> @@ -1,7 +1,7 @@
>>   /**@file
>>     Initialize Secure Encrypted Virtualization (SEV) support
>>   
>> -  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.<BR>
>> +  Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
>>   
>>     SPDX-License-Identifier: BSD-2-Clause-Patent
>>   
>> @@ -17,9 +17,7 @@
>>   #include <Library/MemoryAllocationLib.h>
>>   #include <Library/PcdLib.h>
>>   #include <PiPei.h>
>> -#include <Register/Amd/Cpuid.h>
>>   #include <Register/Amd/Msr.h>
>> -#include <Register/Cpuid.h>
>>   #include <Register/Intel/SmramSaveStateMap.h>
>>   
>>   #include "Platform.h"
>> @@ -116,7 +114,6 @@ AmdSevInitialize (
>>     VOID
>>     )
>>   {
>> -  CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;
>>     UINT64                            EncryptionMask;
>>     RETURN_STATUS                     PcdStatus;
>>   
>> @@ -127,15 +124,10 @@ AmdSevInitialize (
>>       return;
>>     }
>>   
>> -  //
>> -  // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
>> -  //
>> -  AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
>> -  EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
>> -
>>     //
>>     // Set Memory Encryption Mask PCD
>>     //
>> +  EncryptionMask = MemEncryptSevGetEncryptionMask ();
>>     PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask);
>>     ASSERT_RETURN_ERROR (PcdStatus);
>>   
>> diff --git a/OvmfPkg/XenPlatformPei/AmdSev.c b/OvmfPkg/XenPlatformPei/AmdSev.c
>> index 7ebbb5cc1fd2..4ed448632ae2 100644
>> --- a/OvmfPkg/XenPlatformPei/AmdSev.c
>> +++ b/OvmfPkg/XenPlatformPei/AmdSev.c
>> @@ -1,7 +1,7 @@
>>   /**@file
>>     Initialize Secure Encrypted Virtualization (SEV) support
>>   
>> -  Copyright (c) 2017, Advanced Micro Devices. All rights reserved.<BR>
>> +  Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR>
>>     Copyright (c) 2019, Citrix Systems, Inc.
>>   
>>     SPDX-License-Identifier: BSD-2-Clause-Patent
>> @@ -14,8 +14,6 @@
>>   #include <Library/MemEncryptSevLib.h>
>>   #include <Library/PcdLib.h>
>>   #include <PiPei.h>
>> -#include <Register/Amd/Cpuid.h>
>> -#include <Register/Cpuid.h>
>>   
>>   #include "Platform.h"
>>   
>> @@ -30,7 +28,6 @@ AmdSevInitialize (
>>     VOID
>>     )
>>   {
>> -  CPUID_MEMORY_ENCRYPTION_INFO_EBX  Ebx;
>>     UINT64                            EncryptionMask;
>>     RETURN_STATUS                     PcdStatus;
>>   
>> @@ -41,15 +38,10 @@ AmdSevInitialize (
>>       return;
>>     }
>>   
>> -  //
>> -  // CPUID Fn8000_001F[EBX] Bit 0:5 (memory encryption bit position)
>> -  //
>> -  AsmCpuid (CPUID_MEMORY_ENCRYPTION_INFO, NULL, &Ebx.Uint32, NULL, NULL);
>> -  EncryptionMask = LShiftU64 (1, Ebx.Bits.PtePosBits);
>> -
>>     //
>>     // Set Memory Encryption Mask PCD
>>     //
>> +  EncryptionMask = MemEncryptSevGetEncryptionMask ();
>>     PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask);
>>     ASSERT_RETURN_ERROR (PcdStatus);
>>   
>> diff --git a/OvmfPkg/ResetVector/Ia32/PageTables64.asm b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
>> index b08f31157cbf..8c0d432050df 100644
>> --- a/OvmfPkg/ResetVector/Ia32/PageTables64.asm
>> +++ b/OvmfPkg/ResetVector/Ia32/PageTables64.asm
>> @@ -145,13 +145,21 @@ GetSevEncBit:
>>   
>>       ; The encryption bit position is always above 31
>>       sub       ebx, 32
>> -    jns       SevExit
>> +    jns       SevSaveMask
>>   
>>       ; Encryption bit was reported as 31 or below, enter a HLT loop
>>   SevEncBitLowHlt:
>>       hlt
>>       jmp       SevEncBitLowHlt
>>   
>> +SevSaveMask:
>> +    xor       edx, edx
>> +    bts       edx, ebx
>> +
>> +    mov       dword[SEV_ES_WORK_AREA_ENC_MASK], 0
>> +    mov       dword[SEV_ES_WORK_AREA_ENC_MASK + 4], edx
>> +    jmp       SevExit
>> +
>>   NoSev:
>>       ;
>>       ; Perform an SEV-ES sanity check by seeing if a #VC exception occurred.
>> diff --git a/OvmfPkg/ResetVector/ResetVector.nasmb b/OvmfPkg/ResetVector/ResetVector.nasmb
>> index d3aa87982959..5fbacaed5f9d 100644
>> --- a/OvmfPkg/ResetVector/ResetVector.nasmb
>> +++ b/OvmfPkg/ResetVector/ResetVector.nasmb
>> @@ -74,6 +74,7 @@
>>     %define GHCB_SIZE (FixedPcdGet32 (PcdOvmfSecGhcbSize))
>>     %define SEV_ES_WORK_AREA (FixedPcdGet32 (PcdSevEsWorkAreaBase))
>>     %define SEV_ES_WORK_AREA_RDRAND (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 8)
>> +  %define SEV_ES_WORK_AREA_ENC_MASK (FixedPcdGet32 (PcdSevEsWorkAreaBase) + 16)
>>     %define SEV_ES_VC_TOP_OF_STACK (FixedPcdGet32 (PcdOvmfSecPeiTempRamBase) + FixedPcdGet32 (PcdOvmfSecPeiTempRamSize))
>>   %include "Ia32/Flat32ToFlat64.asm"
>>   %include "Ia32/PageTables64.asm"
>>
>