* [Patch][edk2-platforms/devel-MinnowBoardMax-UDK2017] Bus Master DMA protection.
@ 2018-05-21 4:09 zwei4
0 siblings, 0 replies; only message in thread
From: zwei4 @ 2018-05-21 4:09 UTC (permalink / raw)
To: edk2-devel; +Cc: Yao, Jiewen
(1) Clean up code which enables PCI Bus Master DMA before SMRAM lock. (2) Lock SMRAM before PCI bus enumeration at BDS stage.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: zwei4 <david.wei@intel.com>
CC: Yao, Jiewen <jiewen.yao@intel.com>
---
.../Library/PlatformBdsLib/BdsPlatform.c | 150 ++++++++++++++-------
.../VlvPlatformInitDxe/VlvPlatformInit.c | 12 +-
2 files changed, 111 insertions(+), 51 deletions(-)
diff --git a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
index 697ad67a30..e7aa3b30e4 100644
--- a/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
+++ b/Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
@@ -1,6 +1,6 @@
/** @file
- Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
@@ -37,7 +37,7 @@ Abstract:
#include <PchRegs/PchRegsPcu.h>
#include <Library/S3BootScriptLib.h>
#include "PchAccess.h"
-#include "PchRegs/PchRegsSata.h"
+#include "PchRegs.h"
#include <Library/SerialPortLib.h>
#include <Library/DebugLib.h>
@@ -142,6 +142,15 @@ DisableAhciCtlr (
}
}
+/**
+ Issues EndOfDxe event, installs gExitPmAuthProtocolGuid, and issues SMM lock envent. Bus Master DMA mus
+ not be enabled before SMM lock.
+
+ @param VOID
+
+ @retval None.
+
+**/
VOID
InstallReadyToLock (
VOID
@@ -151,7 +160,56 @@ InstallReadyToLock (
EFI_HANDLE Handle;
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
EFI_ACPI_S3_SAVE_PROTOCOL *AcpiS3Save;
+ UINTN PciDeviceConfigAdd;
+ UINT16 VendorID;
+ UINT16 CommandReg;
+ UINT8 DevIndex;
+ UINT8 FunIndex;
+
+ //
+ // Check Buster Master Enable bit of PCI devices,including PCIe root ports, on bus 0.
+ //
+ DEBUG ((DEBUG_ERROR, "BDS: Check Bus Master Enable of PCI devices before SMRAM lock: \n"));
+
+ for (DevIndex = 0; DevIndex <= 31; DevIndex ++) {
+
+ for (FunIndex = 0; FunIndex <= 7; FunIndex++) {
+
+ if ((DevIndex == 0x00) && (FunIndex == 0x00)) {
+ continue; // Skip Root Bridge
+ }
+
+ if ((DevIndex == 0x1A) && (FunIndex == 0x00)) {
+ continue; // Skip TXE
+ }
+
+ if ((DevIndex == PCI_DEVICE_NUMBER_PCH_LPC) && (FunIndex == PCI_FUNCTION_NUMBER_PCH_LPC)) {
+ continue; // Skip LPC Bridge
+ }
+
+
+ PciDeviceConfigAdd = MmPciAddress (0, 0, DevIndex, FunIndex, 0);
+ VendorID = MmioRead16 (PciDeviceConfigAdd + PCI_DEVICE_ID_OFFSET);
+ //
+ // Check if PCI device is present.
+ //
+ if (VendorID == 0xffff) {
+ continue;
+ }
+ CommandReg = MmioRead16 (PciDeviceConfigAdd + PCI_COMMAND_OFFSET);
+ DEBUG ((DEBUG_ERROR, "PCI Device 0x%x Function 0x%x, Command Register Value = %x \n", \
+ (UINT32)DevIndex, (UINT32)FunIndex, (UINT32)CommandReg));
+ //
+ // Report error if Bus Master has been enabled.
+ //
+ if (((CommandReg & BIT2) == BIT2)) {
+ DEBUG ((DEBUG_ERROR, "Error: Bus Master is enabled before SMRAM lock!\n"));
+ ASSERT_EFI_ERROR(FALSE);
+ }
+ }
+ }
+
//
// Install DxeSmmReadyToLock protocol prior to the processing of boot options
//
@@ -1790,6 +1848,18 @@ PlatformBdsPolicyBehavior (
switch (BootMode) {
case BOOT_WITH_MINIMAL_CONFIGURATION:
+
+ #ifdef TPM_ENABLED
+ TcgPhysicalPresenceLibProcessRequest();
+ #endif
+ #ifdef FTPM_ENABLE
+ TrEEPhysicalPresenceLibProcessRequest(NULL);
+ #endif
+ //
+ // Close boot script and install ready to lock
+ //
+ InstallReadyToLock ();
+
PlatformBdsInitHotKeyEvent ();
PlatformBdsConnectSimpleConsole (gPlatformSimpleConsole);
@@ -1870,16 +1940,6 @@ PlatformBdsPolicyBehavior (
}
- #ifdef TPM_ENABLED
- TcgPhysicalPresenceLibProcessRequest();
- #endif
- #ifdef FTPM_ENABLE
- TrEEPhysicalPresenceLibProcessRequest(NULL);
- #endif
- //
- // Close boot script and install ready to lock
- //
- InstallReadyToLock ();
//
// Give one chance to enter the setup if we
@@ -1890,6 +1950,11 @@ PlatformBdsPolicyBehavior (
case BOOT_ASSUMING_NO_CONFIGURATION_CHANGES:
+ //
+ // Close boot script and install ready to lock
+ //
+ InstallReadyToLock ();
+
//
// In no-configuration boot mode, we can connect the
// console directly.
@@ -1917,11 +1982,6 @@ PlatformBdsPolicyBehavior (
}
}
- //
- // Close boot script and install ready to lock
- //
- InstallReadyToLock ();
-
//
// Notes: current time out = 0 can not enter the
// front page
@@ -1936,6 +1996,15 @@ PlatformBdsPolicyBehavior (
case BOOT_ON_FLASH_UPDATE:
+ DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe ......\n"));
+ Status = ProcessCapsules ();
+ DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
+
+ //
+ // Close boot script and install ready to lock
+ //
+ InstallReadyToLock ();
+
//
// Boot with the specific configuration
//
@@ -1965,25 +2034,19 @@ PlatformBdsPolicyBehavior (
PcdSetBool(PcdEsrtSyncFmp, FALSE);
}
- DEBUG((EFI_D_INFO, "ProcessCapsules Before EndOfDxe ......\n"));
- Status = ProcessCapsules ();
- DEBUG((EFI_D_INFO, "ProcessCapsules %r\n", Status));
- //
- // Close boot script and install ready to lock
- //
- InstallReadyToLock ();
-
-
-
-
PlatformBdsLockNonUpdatableFlash ();
break;
case BOOT_IN_RECOVERY_MODE:
+ //
+ // Close boot script and install ready to lock
+ //
+ InstallReadyToLock ();
+
//
// In recovery mode, just connect platform console
// and show up the front page
@@ -2006,11 +2069,6 @@ PlatformBdsPolicyBehavior (
}
}
- //
- // Close boot script and install ready to lock
- //
- InstallReadyToLock ();
-
//
// In recovery boot mode, we still enter to the
// frong page now
@@ -2024,6 +2082,18 @@ FULL_CONFIGURATION:
case BOOT_WITH_DEFAULT_SETTINGS:
default:
+ #ifdef TPM_ENABLED
+ TcgPhysicalPresenceLibProcessRequest();
+ #endif
+ #ifdef FTPM_ENABLE
+ TrEEPhysicalPresenceLibProcessRequest(NULL);
+ #endif
+
+ //
+ // Close boot script and install ready to lock
+ //
+ InstallReadyToLock ();
+
//
// Connect platform console
//
@@ -2077,19 +2147,7 @@ FULL_CONFIGURATION:
PlatformBdsConnectSequence ();
}
}
- #ifdef TPM_ENABLED
- TcgPhysicalPresenceLibProcessRequest();
- #endif
- #ifdef FTPM_ENABLE
- TrEEPhysicalPresenceLibProcessRequest(NULL);
- #endif
- if (EsrtManagement != NULL) {
- EsrtManagement->SyncEsrtFmp();
- }
- //
- // Close boot script and install ready to lock
- //
- InstallReadyToLock ();
+
//
// Here we have enough time to do the enumeration of boot device
diff --git a/Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInit.c b/Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInit.c
index 5bbafa6f76..27f7f1be7c 100644
--- a/Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInit.c
+++ b/Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInit.c
@@ -1,7 +1,7 @@
/*++
-Copyright (c) 1999 - 2017, Intel Corporation. All rights reserved
+Copyright (c) 1999 - 2018, Intel Corporation. All rights reserved
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
@@ -86,9 +86,10 @@ PostPmInitCallBack (
UINT32 HiGTBaseAddress;
//
- // Enable Bus Master, I/O and Memory access on 0:2:0
+ // Enable I/O and Memory access on 0:2:0.
+ // It's up to GOP driver to enable Bus Master of IGD.
//
- PciOr8 (PCI_LIB_ADDRESS(0, IGD_DEV, 0,IGD_R_CMD), (BIT2 | BIT1));
+ PciOr8 (PCI_LIB_ADDRESS(0, IGD_DEV, 0,IGD_R_CMD), (BIT1));
//
// only 32bit read/write is legal for device 0:2:0
@@ -171,9 +172,10 @@ IgdPmHook (
ASSERT (gDS!=NULL);
//
- // Enable Bus Master, I/O and Memory access on 0:2:0
+ // Enable I/O and Memory access on 0:2:0.
+ // It's up to GOP driver to enable Bus Master of IGD.
//
- PciOr8(PCI_LIB_ADDRESS(0, IGD_DEV, 0, IGD_R_CMD), (BIT2 | BIT1 | BIT0));
+ PciOr8(PCI_LIB_ADDRESS(0, IGD_DEV, 0, IGD_R_CMD), (BIT1 | BIT0));
//
// Means Allocate 4MB for GTTMADDR
--
2.14.1.windows.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2018-05-21 4:09 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-05-21 4:09 [Patch][edk2-platforms/devel-MinnowBoardMax-UDK2017] Bus Master DMA protection zwei4
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox