| /**@file | |
| Initialize Secure Encrypted Virtualization (SEV) support | |
| Copyright (c) 2017 - 2020, Advanced Micro Devices. All rights reserved.<BR> | |
| Copyright (c) 2019, Citrix Systems, Inc. | |
| SPDX-License-Identifier: BSD-2-Clause-Patent | |
| **/ | |
| // | |
| // The package level header files this module uses | |
| // | |
| #include <Library/DebugLib.h> | |
| #include <Library/MemEncryptSevLib.h> | |
| #include <Library/PcdLib.h> | |
| #include <PiPei.h> | |
| #include "Platform.h" | |
| /** | |
| Function checks if SEV support is available, if present then it sets | |
| the dynamic PcdPteMemoryEncryptionAddressOrMask with memory encryption mask. | |
| **/ | |
| VOID | |
| AmdSevInitialize ( | |
| VOID | |
| ) | |
| { | |
| UINT64 EncryptionMask; | |
| RETURN_STATUS PcdStatus; | |
| // | |
| // Check if SEV is enabled | |
| // | |
| if (!MemEncryptSevIsEnabled ()) { | |
| return; | |
| } | |
| // | |
| // Set Memory Encryption Mask PCD | |
| // | |
| EncryptionMask = MemEncryptSevGetEncryptionMask (); | |
| PcdStatus = PcdSet64S (PcdPteMemoryEncryptionAddressOrMask, EncryptionMask); | |
| ASSERT_RETURN_ERROR (PcdStatus); | |
| DEBUG ((DEBUG_INFO, "SEV is enabled (mask 0x%lx)\n", EncryptionMask)); | |
| // | |
| // Set Pcd to Deny the execution of option ROM when security | |
| // violation. | |
| // | |
| PcdStatus = PcdSet32S (PcdOptionRomImageVerificationPolicy, 0x4); | |
| ASSERT_RETURN_ERROR (PcdStatus); | |
| } |