summaryrefslogtreecommitdiff
path: root/OvmfPkg/Include/WorkArea.h
blob: e3b415db2caa5f0ac52317187ef2a4b801b024b7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
/** @file

  Work Area structure definition

  Copyright (c) 2021 - 2024, AMD Inc.

  SPDX-License-Identifier: BSD-2-Clause-Patent
**/

#ifndef __OVMF_WORK_AREA_H__
#define __OVMF_WORK_AREA_H__

#include <ConfidentialComputingGuestAttr.h>
#include <IndustryStandard/Tpm20.h>

//
// Confidential computing work area header definition. Any change
// to the structure need to be kept in sync with the
// PcdOvmfConfidentialComputingWorkAreaHeader.
//
// PcdOvmfConfidentialComputingWorkAreaHeader ==
//   sizeof (CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER)
// PcdOvmfConfidentialComputingWorkAreaHeader defined in:
//   OvmfPkg/OvmfPkg.dec
//   OvmfPkg/Include/Fdf/OvmfPkgDefines.fdf.inc
typedef struct _CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER {
  UINT8    GuestType;
  UINT8    Reserved1[3];
} CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER;

//
// Internal structure for holding SEV-ES information needed during SEC phase
// and valid only during SEC phase and early PEI during platform
// initialization.
//
// This structure is also used by assembler files:
//   OvmfPkg/ResetVector/ResetVector.nasmb
//   OvmfPkg/ResetVector/Ia32/PageTables64.asm
//   OvmfPkg/ResetVector/Ia32/Flat32ToFlat64.asm
// any changes must stay in sync with its usage.
//
typedef struct _SEC_SEV_ES_WORK_AREA {
  //
  // Hold the SevStatus MSR value read by OvmfPkg/ResetVector/Ia32/AmdSev.c
  //
  UINT64    SevStatusMsrValue;

  UINT64    RandomData;

  UINT64    EncryptionMask;

  //
  // Indicator that the VC handler is called. It is used during the SevFeature
  // detection in OvmfPkg/ResetVector/Ia32/AmdSev.c
  //
  UINT8     ReceivedVc;
  UINT8     Reserved[7];

  // Used by SEC to generate Page State Change requests. This should be
  // sized less than an equal to the GHCB shared buffer area to allow a
  // single call to the hypervisor.
  //
  UINT8     WorkBuffer[1024];
} SEC_SEV_ES_WORK_AREA;

//
// The SEV work area definition.
//
typedef struct _SEV_WORK_AREA {
  CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER    Header;

  SEC_SEV_ES_WORK_AREA                       SevEsWorkArea;
} SEV_WORK_AREA;

//
// Start of TDX Specific WorkArea definition
//

#define TDX_MEASUREMENT_TDHOB_BITMASK   0x1
#define TDX_MEASUREMENT_CFVIMG_BITMASK  0x2

typedef struct _TDX_MEASUREMENTS_DATA {
  UINT32    MeasurementsBitmap;
  UINT8     TdHobHashValue[SHA384_DIGEST_SIZE];
  UINT8     CfvImgHashValue[SHA384_DIGEST_SIZE];
} TDX_MEASUREMENTS_DATA;

//
// The TDX work area definition
//
typedef struct _SEC_TDX_WORK_AREA {
  UINT32                   PageTableReady;
  UINT32                   Gpaw;
  UINT64                   HobList;
  TDX_MEASUREMENTS_DATA    TdxMeasurementsData;
} SEC_TDX_WORK_AREA;

typedef struct _TDX_WORK_AREA {
  CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER    Header;
  SEC_TDX_WORK_AREA                          SecTdxWorkArea;
} TDX_WORK_AREA;

//
// End of TDX Specific WorkArea definition
//

typedef union {
  CONFIDENTIAL_COMPUTING_WORK_AREA_HEADER    Header;
  SEV_WORK_AREA                              SevWorkArea;
  TDX_WORK_AREA                              TdxWorkArea;
} OVMF_WORK_AREA;

#endif