From: Leo Duran <leo.duran@amd.com>
To: <edk2-devel@ml01.01.org>
Cc: Leo Duran <leo.duran@amd.com>, Jeff Fan <jeff.fan@intel.com>,
Feng Tian <feng.tian@intel.com>, Star Zeng <star.zeng@intel.com>,
Laszlo Ersek <lersek@redhat.com>,
Brijesh Singh <brijesh.singh@amd.com>
Subject: [PATCH v4 5/6] MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe: Add support for PCD PcdPteMemoryEncryptionAddressOrMask
Date: Sun, 26 Feb 2017 11:43:06 -0600 [thread overview]
Message-ID: <1488130987-2544-6-git-send-email-leo.duran@amd.com> (raw)
In-Reply-To: <1488130987-2544-1-git-send-email-leo.duran@amd.com>
This PCD holds the address mask for page table entries when memory
encryption is enabled on AMD processors supporting the Secure Encrypted
Virtualization (SEV) feature.
This module updates the under-4GB page tables configured by the S3-Resume
code in UefiCpuPkg/Universal/Acpi/S3Resume2Pei. The mask is saved at module
start (ScriptExecute.c), and applied when tables are expanded on-demand by
page-faults above 4GB's (SetIdtEntry.c).
CC: Jeff Fan <jeff.fan@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Brijesh Singh <brijesh.singh@amd.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Leo Duran <leo.duran@amd.com>
---
.../Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf | 2 ++
.../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c | 7 +++++++
.../Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h | 5 +++++
.../Acpi/BootScriptExecutorDxe/X64/SetIdtEntry.c | 15 +++++++++------
4 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
index 7cd38cf..29af7f5 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/BootScriptExecutorDxe.inf
@@ -5,6 +5,7 @@
# depends on any PEI or DXE service.
#
# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
#
# This program and the accompanying materials are
# licensed and made available under the terms and conditions of the BSD License
@@ -85,6 +86,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrMask ## CONSUMES
[Depex]
gEfiLockBoxProtocolGuid
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
index f67fbca..22d4349 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.c
@@ -5,6 +5,7 @@
in the entry point. The functionality is to interpret and restore the S3 boot script
Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -23,6 +24,7 @@ EFI_GUID mBootScriptExecutorImageGuid = {
};
BOOLEAN mPage1GSupport = FALSE;
+UINT64 mAddressEncMask = 0;
/**
Entry function of Boot script exector. This function will be executed in
@@ -408,6 +410,11 @@ BootScriptExecutorEntryPoint (
}
//
+ // Make sure AddressEncMask is contained to smallest supported address field.
+ //
+ mAddressEncMask = PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) & PAGING_1G_ADDRESS_MASK_64;
+
+ //
// Test if the gEfiCallerIdGuid of this image is already installed. if not, the entry
// point is loaded by DXE code which is the first time loaded. or else, it is already
// be reloaded be itself.This is a work-around
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
index 772347a..7532756 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/ScriptExecute.h
@@ -5,6 +5,7 @@
in the entry point. The functionality is to interpret and restore the S3 boot script
Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -44,6 +45,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Protocol/DxeSmmReadyToLock.h>
#include <IndustryStandard/Acpi.h>
+
+#define PAGING_1G_ADDRESS_MASK_64 0x000FFFFFC0000000ull
+
/**
a ASM function to transfer control to OS.
@@ -87,5 +91,6 @@ SetIdtEntry (
extern UINT32 AsmFixAddress16;
extern UINT32 AsmJmpAddr32;
extern BOOLEAN mPage1GSupport;
+extern UINT64 mAddressEncMask;
#endif //_BOOT_SCRIPT_EXECUTOR_H_
diff --git a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/X64/SetIdtEntry.c b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/X64/SetIdtEntry.c
index 6674560..d433cf1 100644
--- a/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/X64/SetIdtEntry.c
+++ b/MdeModulePkg/Universal/Acpi/BootScriptExecutorDxe/X64/SetIdtEntry.c
@@ -4,6 +4,8 @@
Set a IDT entry for interrupt vector 3 for debug purpose for x64 platform
Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
+
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -200,14 +202,15 @@ AcquirePage (
//
// Cut the previous uplink if it exists and wasn't overwritten.
//
- if ((mPageFaultUplink[mPageFaultIndex] != NULL) && ((*mPageFaultUplink[mPageFaultIndex] & mPhyMask) == Address)) {
+ if ((mPageFaultUplink[mPageFaultIndex] != NULL) &&
+ ((*mPageFaultUplink[mPageFaultIndex] & ~mAddressEncMask & mPhyMask) == Address)) {
*mPageFaultUplink[mPageFaultIndex] = 0;
}
//
// Link & Record the current uplink.
//
- *Uplink = Address | IA32_PG_P | IA32_PG_RW;
+ *Uplink = Address | mAddressEncMask | IA32_PG_P | IA32_PG_RW;
mPageFaultUplink[mPageFaultIndex] = Uplink;
mPageFaultIndex = (mPageFaultIndex + 1) % EXTRA_PAGE_TABLE_PAGES;
@@ -245,19 +248,19 @@ PageFaultHandler (
if ((PageTable[PTIndex] & IA32_PG_P) == 0) {
AcquirePage (&PageTable[PTIndex]);
}
- PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & mPhyMask);
+ PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & ~mAddressEncMask & mPhyMask);
PTIndex = BitFieldRead64 (PFAddress, 30, 38);
// PDPTE
if (mPage1GSupport) {
- PageTable[PTIndex] = (PFAddress & ~((1ull << 30) - 1)) | IA32_PG_P | IA32_PG_RW | IA32_PG_PS;
+ PageTable[PTIndex] = ((PFAddress | mAddressEncMask) & ~((1ull << 30) - 1)) | IA32_PG_P | IA32_PG_RW | IA32_PG_PS;
} else {
if ((PageTable[PTIndex] & IA32_PG_P) == 0) {
AcquirePage (&PageTable[PTIndex]);
}
- PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & mPhyMask);
+ PageTable = (UINT64*)(UINTN)(PageTable[PTIndex] & ~mAddressEncMask & mPhyMask);
PTIndex = BitFieldRead64 (PFAddress, 21, 29);
// PD
- PageTable[PTIndex] = (PFAddress & ~((1ull << 21) - 1)) | IA32_PG_P | IA32_PG_RW | IA32_PG_PS;
+ PageTable[PTIndex] = ((PFAddress | mAddressEncMask) & ~((1ull << 21) - 1)) | IA32_PG_P | IA32_PG_RW | IA32_PG_PS;
}
return TRUE;
--
2.7.4
next prev parent reply other threads:[~2017-02-26 17:43 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-26 17:43 [PATCH v4 0/6] Add PCD PcdPteMemoryEncryptionAddressOrMask Leo Duran
2017-02-26 17:43 ` [PATCH v4 1/6] MdeModulePkg: " Leo Duran
2017-02-27 2:20 ` Zeng, Star
2017-02-27 14:12 ` Duran, Leo
2017-02-28 0:59 ` Zeng, Star
2017-02-26 17:43 ` [PATCH v4 2/6] MdeModulePkg/Core/DxeIplPeim: Add support for " Leo Duran
2017-02-26 17:43 ` [PATCH v4 3/6] MdeModulePkg/Universal/CapsulePei: " Leo Duran
2017-02-26 17:43 ` [PATCH v4 4/6] UefiCpuPkg/Universal/Acpi/S3Resume2Pei: " Leo Duran
2017-02-28 8:12 ` Fan, Jeff
2017-02-26 17:43 ` Leo Duran [this message]
2017-02-26 17:43 ` [PATCH v4 6/6] UefiCpuPkg/PiSmmCpuDxeSmm: " Leo Duran
2017-02-27 7:51 ` Fan, Jeff
2017-02-27 14:15 ` Duran, Leo
2017-02-28 8:12 ` Fan, Jeff
2017-03-01 4:56 ` [PATCH v4 0/6] Add " Zeng, Star
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1488130987-2544-6-git-send-email-leo.duran@amd.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox