From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga05.intel.com (mga05.intel.com [])
 by mx.groups.io with SMTP id smtpd.web12.4493.1609914691241705230
 for <devel@edk2.groups.io>;
 Tue, 05 Jan 2021 22:31:36 -0800
Authentication-Results: mx.groups.io;
 dkim=missing; spf=fail (domain: intel.com, ip: <nil>, mailfrom: w.sheng@intel.com)
IronPort-SDR: ZBf+lbNRV8VmIGHErXIhvYixThUHr8sy7IrmESb7zsBxg1jdFs8nnAsi0KTtqsCfWIGcwzRbDq
 UU9tK0rXsF+Q==
X-IronPort-AV: E=McAfee;i="6000,8403,9855"; a="262002177"
X-IronPort-AV: E=Sophos;i="5.78,479,1599548400"; 
   d="scan'208";a="262002177"
Received: from orsmga008.jf.intel.com ([10.7.209.65])
  by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Jan 2021 22:31:36 -0800
IronPort-SDR: XvQ7wpkFREvJhETjHFOXBoIqTnyHsjMen/4ztig2UUjqgOpW/KPU90B6u8sLFMQbiXxLbYX9zH
 2eboP6wZH/zA==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.78,479,1599548400"; 
   d="scan'208";a="379170776"
Received: from shwdesssddpdwei.ccr.corp.intel.com ([10.239.157.46])
  by orsmga008.jf.intel.com with ESMTP; 05 Jan 2021 22:31:34 -0800
From: "Sheng Wei" <w.sheng@intel.com>
To: devel@edk2.groups.io
Cc: Ray Ni <ray.ni@intel.com>,
	Rangasai V Chaganty <rangasai.v.chaganty@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jenny Huang <jenny.huang@intel.com>,
	Feng Roger <roger.feng@intel.com>
Subject: [PATCH v4 2/2] IntelSiliconPkg/VTd: Add PCD flag for select pre-boot DMA protection Driver
Date: Wed,  6 Jan 2021 14:31:18 +0800
Message-Id: <20210106063118.17216-3-w.sheng@intel.com>
X-Mailer: git-send-email 2.16.2.windows.1
In-Reply-To: <20210106063118.17216-1-w.sheng@intel.com>
References: <20210106063118.17216-1-w.sheng@intel.com>

gIntelSiliconPkgTokenSpaceGuid.PcdVtdDmarPeiEnable is added for select
 pre-boot DMA protection driver in PEI phase.
IntelVTdPmrPei driver is used to do the pre-boot DMA protection by PMR.
IntelVTdDmarPei driver is used to do the pre-boot DMA protection by DMAR.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3095

Signed-off-by: Sheng Wei <w.sheng@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jenny Huang <jenny.huang@intel.com>
Cc: Feng Roger <roger.feng@intel.com>
Reviewed-by: Jenny Huang <jenny.huang@intel.com>
---
 Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec | 7 +++++++
 Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc | 4 ++++
 2 files changed, 11 insertions(+)
diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec
index 4a2cbca5..b386080a 100644
--- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec
+++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec
@@ -84,6 +84,12 @@
   # @Prompt Shadow all microcode update patches.
   gIntelSiliconPkgTokenSpaceGuid.PcdShadowAllMicrocode|FALSE|BOOLEAN|0x00000006
 
+  ## Declares the VTd PEI driver to protect DMA.<BR><BR>
+  #   TRUE:  Use DMAR to protect DMA at PEI phase
+  #   FALSE: Use PMR to protect DMA at PEI phase
+  # @Prompt The VTd PEI driver to protect DMA.
+  gIntelSiliconPkgTokenSpaceGuid.PcdVtdDmarPeiEnable|FALSE|BOOLEAN|0x00000007
+
 [PcdsFixedAtBuild, PcdsPatchableInModule]
   ## Error code for VTd error.<BR><BR>
   #  EDKII_ERROR_CODE_VTD_ERROR = (EFI_IO_BUS_UNSPECIFIED | (EFI_OEM_SPECIFIC | 0x00000000)) = 0x02008000<BR>
@@ -121,3 +127,4 @@
   # @Prompt The VTd PEI DMA buffer size for S3.
   gIntelSiliconPkgTokenSpaceGuid.PcdVTdPeiDmaBufferSizeS3|0x00200000|UINT32|0x00000004
 
+
diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
index 029b9156..6feb5a99 100644
--- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
+++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dsc
@@ -80,7 +80,11 @@
   IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf
   IntelSiliconPkg/Feature/PcieSecurity/SamplePlatformDevicePolicyDxe/SamplePlatformDevicePolicyDxe.inf
   IntelSiliconPkg/Feature/VTd/IntelVTdDxe/IntelVTdDxe.inf
+!if gIntelSiliconPkgTokenSpaceGuid.PcdVtdDmarPeiEnable == TRUE
+  IntelSiliconPkg/Feature/VTd/IntelVTdDmarPei/IntelVTdDmarPei.inf
+!else
   IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf
+!endif
   IntelSiliconPkg/Feature/VTd/PlatformVTdSampleDxe/PlatformVTdSampleDxe.inf
   IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf
   IntelSiliconPkg/Feature/Capsule/MicrocodeUpdateDxe/MicrocodeUpdateDxe.inf
-- 
2.16.2.windows.1


