@@ -89,6 +89,22 @@ bool amd_sev_es_enabled(void)
return sev_es_enabled;
}
+bool amd_sev_snp_enabled(void)
+{
+ static bool sev_snp_enabled;
+ static bool initialized;
+
+ /* Test if SEV-SNP is enabled */
+ if (!initialized) {
+ if (amd_sev_es_enabled())
+ sev_snp_enabled = rdmsr(MSR_SEV_STATUS) &
+ SEV_SNP_ENABLED_MASK;
+ initialized = true;
+ }
+
+ return sev_snp_enabled;
+}
+
efi_status_t setup_vc_handler(void)
{
struct descriptor_table_ptr idtr;
@@ -122,6 +122,7 @@ struct es_em_ctxt {
#define MSR_SEV_STATUS 0xc0010131
#define SEV_ENABLED_MASK 0b1
#define SEV_ES_ENABLED_MASK 0b10
+#define SEV_SNP_ENABLED_MASK 0b100
bool amd_sev_enabled(void);
efi_status_t setup_amd_sev(void);
@@ -140,6 +141,7 @@ efi_status_t setup_amd_sev(void);
bool amd_sev_es_enabled(void);
efi_status_t setup_vc_handler(void);
+bool amd_sev_snp_enabled(void);
void setup_ghcb_pte(pgd_t *page_table);
void handle_sev_es_vc(struct ex_regs *regs);
@@ -331,9 +331,9 @@ efi_status_t setup_efi(efi_bootinfo_t *efi_bootinfo)
phase = "AMD SEV";
status = setup_amd_sev();
- /* Continue if AMD SEV is not supported, but skip SEV-ES setup */
- if (status == EFI_SUCCESS) {
- phase = "AMD SEV-ES";
+ /* Continue if AMD SEV is not supported, but skip SEV-ES or SEV-SNP setup */
+ if (status == EFI_SUCCESS && amd_sev_es_enabled()) {
+ phase = amd_sev_snp_enabled() ? "AMD SEV-SNP" : "AMD SEV-ES";
status = setup_vc_handler();
}
@@ -69,6 +69,16 @@ static void test_sev_es_activation(void)
}
}
+static void test_sev_snp_activation(void)
+{
+ if (!(rdmsr(MSR_SEV_STATUS) & SEV_SNP_ENABLED_MASK)) {
+ report_skip("SEV-SNP is not enabled");
+ return;
+ }
+
+ report_info("SEV-SNP is enabled");
+}
+
static void test_stringio(void)
{
int st1_len = sizeof(st1) - 1;
@@ -92,6 +102,7 @@ int main(void)
rtn = test_sev_activation();
report(rtn == EXIT_SUCCESS, "SEV activation test.");
test_sev_es_activation();
+ test_sev_snp_activation();
test_stringio();
return report_summary();
}
Incorporate support for SEV-SNP enablement. Provide a simple activation test to determine whether SEV-SNP is enabled or not. SKIP this activation test if the guest is not an SEV-SNP guest. Signed-off-by: Pavan Kumar Paluri <papaluri@amd.com> --- lib/x86/amd_sev.c | 16 ++++++++++++++++ lib/x86/amd_sev.h | 2 ++ lib/x86/setup.c | 6 +++--- x86/amd_sev.c | 11 +++++++++++ 4 files changed, 32 insertions(+), 3 deletions(-)