From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A16AC21AEB0BA for ; Wed, 2 Aug 2017 14:22:52 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EEE4BC04B317; Wed, 2 Aug 2017 21:25:02 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com EEE4BC04B317 Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx07.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=lersek@redhat.com Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-47.phx2.redhat.com [10.3.116.47]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9764817B57; Wed, 2 Aug 2017 21:25:01 +0000 (UTC) From: Laszlo Ersek To: edk2-devel-01 Cc: Ard Biesheuvel , Brijesh Singh , Jordan Justen , Tom Lendacky Date: Wed, 2 Aug 2017 23:24:44 +0200 Message-Id: <20170802212453.19221-4-lersek@redhat.com> In-Reply-To: <20170802212453.19221-1-lersek@redhat.com> References: <20170802212453.19221-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Wed, 02 Aug 2017 21:25:03 +0000 (UTC) Subject: [PATCH 03/12] OvmfPkg/IoMmuDxe: rename HostAddress to CryptedAddress in MAP_INFO X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Aug 2017 21:22:52 -0000 As a continuation of the last patch, clarify that the area pointed-to by "HostAddress" is encrypted and hidden from the hypervisor. Cc: Ard Biesheuvel Cc: Brijesh Singh Cc: Jordan Justen Cc: Tom Lendacky Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek --- OvmfPkg/IoMmuDxe/AmdSevIoMmu.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c index fcb7bcfaecc2..dfad2cbb569d 100644 --- a/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c +++ b/OvmfPkg/IoMmuDxe/AmdSevIoMmu.c @@ -23,40 +23,40 @@ typedef struct { EDKII_IOMMU_OPERATION Operation; UINTN NumberOfBytes; UINTN NumberOfPages; - EFI_PHYSICAL_ADDRESS HostAddress; + EFI_PHYSICAL_ADDRESS CryptedAddress; EFI_PHYSICAL_ADDRESS PlainTextAddress; } MAP_INFO; #define NO_MAPPING (VOID *) (UINTN) -1 /** Provides the controller-specific addresses required to access system memory from a DMA bus master. On SEV guest, the DMA operations must be performed on shared buffer hence we allocate a bounce buffer to map the HostAddress to a DeviceAddress. The Encryption attribute is removed from the DeviceAddress buffer. @param This The protocol instance pointer. @param Operation Indicates if the bus master is going to read or write to system memory. @param HostAddress The system memory address to map to the PCI controller. @param NumberOfBytes On input the number of bytes to map. On output the number of bytes that were mapped. @param DeviceAddress The resulting map address for the bus master PCI controller to use to access the hosts HostAddress. @param Mapping A resulting value to pass to Unmap(). @retval EFI_SUCCESS The range was mapped for the returned NumberOfBytes. @retval EFI_UNSUPPORTED The HostAddress cannot be mapped as a common buffer. @retval EFI_INVALID_PARAMETER One or more parameters are invalid. @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a lack of resources. @retval EFI_DEVICE_ERROR The system hardware could not map the requested address. **/ @@ -65,160 +65,160 @@ EFIAPI IoMmuMap ( IN EDKII_IOMMU_PROTOCOL *This, IN EDKII_IOMMU_OPERATION Operation, IN VOID *HostAddress, IN OUT UINTN *NumberOfBytes, OUT EFI_PHYSICAL_ADDRESS *DeviceAddress, OUT VOID **Mapping ) { EFI_STATUS Status; EFI_PHYSICAL_ADDRESS PhysicalAddress; MAP_INFO *MapInfo; EFI_PHYSICAL_ADDRESS DmaMemoryTop; EFI_ALLOCATE_TYPE AllocateType; if (HostAddress == NULL || NumberOfBytes == NULL || DeviceAddress == NULL || Mapping == NULL) { return EFI_INVALID_PARAMETER; } // // Make sure that Operation is valid // if ((UINT32) Operation >= EdkiiIoMmuOperationMaximum) { return EFI_INVALID_PARAMETER; } PhysicalAddress = (EFI_PHYSICAL_ADDRESS) (UINTN) HostAddress; DmaMemoryTop = (UINTN)-1; AllocateType = AllocateAnyPages; if (((Operation != EdkiiIoMmuOperationBusMasterRead64 && Operation != EdkiiIoMmuOperationBusMasterWrite64 && Operation != EdkiiIoMmuOperationBusMasterCommonBuffer64)) && ((PhysicalAddress + *NumberOfBytes) > SIZE_4GB)) { // // If the root bridge or the device cannot handle performing DMA above // 4GB but any part of the DMA transfer being mapped is above 4GB, then // map the DMA transfer to a buffer below 4GB. // DmaMemoryTop = SIZE_4GB - 1; AllocateType = AllocateMaxAddress; if (Operation == EdkiiIoMmuOperationBusMasterCommonBuffer || Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) { // // Common Buffer operations can not be remapped. If the common buffer // if above 4GB, then it is not possible to generate a mapping, so // return an error. // return EFI_UNSUPPORTED; } } // // CommandBuffer was allocated by us (AllocateBuffer) and is already in // unencryted buffer so no need to create bounce buffer // if (Operation == EdkiiIoMmuOperationBusMasterCommonBuffer || Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) { *Mapping = NO_MAPPING; *DeviceAddress = PhysicalAddress; return EFI_SUCCESS; } // // Allocate a MAP_INFO structure to remember the mapping when Unmap() is // called later. // MapInfo = AllocatePool (sizeof (MAP_INFO)); if (MapInfo == NULL) { *NumberOfBytes = 0; return EFI_OUT_OF_RESOURCES; } // // Initialize the MAP_INFO structure // MapInfo->Operation = Operation; MapInfo->NumberOfBytes = *NumberOfBytes; MapInfo->NumberOfPages = EFI_SIZE_TO_PAGES (MapInfo->NumberOfBytes); - MapInfo->HostAddress = PhysicalAddress; + MapInfo->CryptedAddress = PhysicalAddress; MapInfo->PlainTextAddress = DmaMemoryTop; // // Allocate a buffer to map the transfer to. // Status = gBS->AllocatePages ( AllocateType, EfiBootServicesData, MapInfo->NumberOfPages, &MapInfo->PlainTextAddress ); if (EFI_ERROR (Status)) { FreePool (MapInfo); *NumberOfBytes = 0; return Status; } // // Clear the memory encryption mask from the device buffer // Status = MemEncryptSevClearPageEncMask ( 0, MapInfo->PlainTextAddress, MapInfo->NumberOfPages, TRUE ); ASSERT_EFI_ERROR(Status); // // If this is a read operation from the Bus Master's point of view, // then copy the contents of the real buffer into the mapped buffer // so the Bus Master can read the contents of the real buffer. // if (Operation == EdkiiIoMmuOperationBusMasterRead || Operation == EdkiiIoMmuOperationBusMasterRead64) { CopyMem ( (VOID *) (UINTN) MapInfo->PlainTextAddress, - (VOID *) (UINTN) MapInfo->HostAddress, + (VOID *) (UINTN) MapInfo->CryptedAddress, MapInfo->NumberOfBytes ); } // // The DeviceAddress is the address of the maped buffer below 4GB // *DeviceAddress = MapInfo->PlainTextAddress; // // Return a pointer to the MAP_INFO structure in Mapping // *Mapping = MapInfo; DEBUG (( DEBUG_VERBOSE, - "%a PlainText 0x%Lx Host 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n", + "%a PlainText 0x%Lx Crypted 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n", __FUNCTION__, MapInfo->PlainTextAddress, - MapInfo->HostAddress, + MapInfo->CryptedAddress, MapInfo->NumberOfPages, MapInfo->NumberOfBytes )); return EFI_SUCCESS; } /** Completes the Map() operation and releases any corresponding resources. @param This The protocol instance pointer. @param Mapping The mapping value returned from Map(). @retval EFI_SUCCESS The range was unmapped. @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by Map(). @retval EFI_DEVICE_ERROR The data was not committed to the target system memory. **/ @@ -227,87 +227,87 @@ EFIAPI IoMmuUnmap ( IN EDKII_IOMMU_PROTOCOL *This, IN VOID *Mapping ) { MAP_INFO *MapInfo; EFI_STATUS Status; if (Mapping == NULL) { return EFI_INVALID_PARAMETER; } // // See if the Map() operation associated with this Unmap() required a mapping // buffer. If a mapping buffer was not required, then this function simply // buffer. If a mapping buffer was not required, then this function simply // if (Mapping == NO_MAPPING) { return EFI_SUCCESS; } MapInfo = (MAP_INFO *)Mapping; // // If this is a write operation from the Bus Master's point of view, // then copy the contents of the mapped buffer into the real buffer // so the processor can read the contents of the real buffer. // if (MapInfo->Operation == EdkiiIoMmuOperationBusMasterWrite || MapInfo->Operation == EdkiiIoMmuOperationBusMasterWrite64) { CopyMem ( - (VOID *) (UINTN) MapInfo->HostAddress, + (VOID *) (UINTN) MapInfo->CryptedAddress, (VOID *) (UINTN) MapInfo->PlainTextAddress, MapInfo->NumberOfBytes ); } DEBUG (( DEBUG_VERBOSE, - "%a PlainText 0x%Lx Host 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n", + "%a PlainText 0x%Lx Crypted 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n", __FUNCTION__, MapInfo->PlainTextAddress, - MapInfo->HostAddress, + MapInfo->CryptedAddress, MapInfo->NumberOfPages, MapInfo->NumberOfBytes )); // // Restore the memory encryption mask // Status = MemEncryptSevSetPageEncMask ( 0, MapInfo->PlainTextAddress, MapInfo->NumberOfPages, TRUE ); ASSERT_EFI_ERROR(Status); // // Free the mapped buffer and the MAP_INFO structure. // gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages); FreePool (Mapping); return EFI_SUCCESS; } /** Allocates pages that are suitable for an OperationBusMasterCommonBuffer or OperationBusMasterCommonBuffer64 mapping. @param This The protocol instance pointer. @param Type This parameter is not used and must be ignored. @param MemoryType The type of memory to allocate, EfiBootServicesData or EfiRuntimeServicesData. @param Pages The number of pages to allocate. @param HostAddress A pointer to store the base system memory address of the allocated range. @param Attributes The requested bit mask of attributes for the allocated range. @retval EFI_SUCCESS The requested memory pages were allocated. @retval EFI_UNSUPPORTED Attributes is unsupported. The only legal attribute bits are MEMORY_WRITE_COMBINE and MEMORY_CACHED. @retval EFI_INVALID_PARAMETER One or more parameters are invalid. @retval EFI_OUT_OF_RESOURCES The memory pages could not be allocated. **/ -- 2.13.1.3.g8be5a757fa67