OvmfPkg/VmgExitLib: use SEV-SNP-validated CPUID values

SEV-SNP firmware allows a special guest page to be populated with
guest CPUID values so that they can be validated against supported
host features before being loaded into encrypted guest memory to be
used instead of hypervisor-provided values [1].

Add handling for this in the CPUID #VC handler and use it whenever
SEV-SNP is enabled. To do so, existing CPUID handling via VmgExit is
moved to a helper, GetCpuidHyp(), and a new helper that uses the CPUID
page to do the lookup, GetCpuidFw(), is used instead when SNP is
enabled. For cases where SNP CPUID lookups still rely on fetching
specific CPUID fields from hypervisor, GetCpuidHyp() is used there as
well.

[1]: SEV SNP Firmware ABI Specification, Rev. 0.8, 8.13.2.6

Cc: James Bottomley <[email protected]>
Cc: Min Xu <[email protected]>
Cc: Jiewen Yao <[email protected]>
Cc: Tom Lendacky <[email protected]>
Cc: Jordan Justen <[email protected]>
Cc: Ard Biesheuvel <[email protected]>
Cc: Erdem Aktas <[email protected]>
Cc: Gerd Hoffmann <[email protected]>
Acked-by: Jiewen Yao <[email protected]>
Acked-by: Gerd Hoffmann <[email protected]>
Signed-off-by: Michael Roth <[email protected]>
Signed-off-by: Brijesh Singh <[email protected]>

OvmfPkg/Library/VmgExitLib/SecVmgExitLib.inf

@@ -42,4 +42,6 @@
 [FixedPcd]
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfSecGhcbBackupSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize
 

OvmfPkg/Library/VmgExitLib/VmgExitLib.inf

@@ -38,3 +38,6 @@
   LocalApicLib
   MemEncryptSevLib
 
+[Pcd]
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidBase
+  gUefiOvmfPkgTokenSpaceGuid.PcdOvmfCpuidSize