From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.28255.1683627780311432681 for ; Tue, 09 May 2023 03:23:01 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=L2lE4EL8; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jiaxin.wu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1683627781; x=1715163781; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=pZ4Otc3xLp141TRst6Ho8x+PyP7SACFVywsYnp600F4=; b=L2lE4EL8YJpuH/CHvIEL2jRNRIKq2soyaqPD0NSlvA9s2IIqNp0zxJem xcnEdu+IzA2SCu0tipaqkoNk4UjkXyQahhKfR3DtqcY/7jVdOo1S2TeBm XXjeKuHRarQinSSQfMFwbR/q1c7eQE8YpCQ4CbWC1pHkFROuXZfWtSzuV 9M6jnYx1cvYI4BL17QR6urnUsZVEsF1NTWjGRZdj2Vfuk/BNiNBxxYNaa BhRg/w4EqbH5NrOG4oK4YQY8JQ8ssA228wng3og4UvzI38zPgvf3Fjvm6 TB3rs9YRG2Lv+AuSwvsby6uXdT/yEy5t/bs2625ABPOHAo/EftxgH571t Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="352058184" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="352058184" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2023 03:23:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10704"; a="768454044" X-IronPort-AV: E=Sophos;i="5.99,261,1677571200"; d="scan'208";a="768454044" Received: from sh1gapp1009.ccr.corp.intel.com ([10.239.189.219]) by fmsmga004.fm.intel.com with ESMTP; 09 May 2023 03:22:59 -0700 From: "Wu, Jiaxin" To: devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Zeng Star , Gerd Hoffmann , Rahul Kumar Subject: [PATCH v1 1/3] UefiCpuPkg/SecCore: Migrate page table to permanent memory Date: Tue, 9 May 2023 18:22:51 +0800 Message-Id: <20230509102253.16632-2-jiaxin.wu@intel.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20230509102253.16632-1-jiaxin.wu@intel.com> References: <20230509102253.16632-1-jiaxin.wu@intel.com> Background: For arch X64, system will enable the page table in SPI to cover 0-512G range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code). Existing code doesn't cover the higher address access above 512G before memory-discovered callback. That will be potential problem if system access the higher address after the transition from temporary RAM to permanent MEM RAM. Solution: This patch is to migrate page table to permanent memory to map entire physical address space if CR0.PG is set during temporary RAM Done. Change-Id: I29bdb078ef567ed9455d1328cb007f4f60a617a2 Cc: Eric Dong Cc: Ray Ni Cc: Zeng Star Cc: Gerd Hoffmann Cc: Rahul Kumar Signed-off-by: Jiaxin Wu --- UefiCpuPkg/SecCore/SecCore.inf | 1 + UefiCpuPkg/SecCore/SecCoreNative.inf | 1 + UefiCpuPkg/SecCore/SecMain.c | 164 +++++++++++++++++++++++++++++++++++ UefiCpuPkg/SecCore/SecMain.h | 4 + 4 files changed, 170 insertions(+) diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.inf index 3758aded3b..cab69b8b97 100644 --- a/UefiCpuPkg/SecCore/SecCore.inf +++ b/UefiCpuPkg/SecCore/SecCore.inf @@ -53,10 +53,11 @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecCoreNative.inf index 1ee6ff7d88..fa241cca94 100644 --- a/UefiCpuPkg/SecCore/SecCoreNative.inf +++ b/UefiCpuPkg/SecCore/SecCoreNative.inf @@ -50,10 +50,11 @@ CpuExceptionHandlerLib ReportStatusCodeLib PeiServicesLib PeiServicesTablePointerLib HobLib + CpuPageTableLib [Ppis] ## SOMETIMES_CONSUMES ## PRODUCES gEfiSecPlatformInformationPpiGuid diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c index 95375850ec..d0dc76e804 100644 --- a/UefiCpuPkg/SecCore/SecMain.c +++ b/UefiCpuPkg/SecCore/SecMain.c @@ -70,10 +70,159 @@ MigrateGdt ( AsmWriteGdtr (&Gdtr); return EFI_SUCCESS; } +/** + Migrate page table to permanent memory mapping entire physical address space. + + @retval EFI_SUCCESS The PageTable was migrated successfully. + @retval EFI_UNSUPPORTED Unsupport to migrate page table to permanent memory if IA-32e Mode not actived. + @retval EFI_OUT_OF_RESOURCES The PageTable could not be migrated due to lack of available memory. + +**/ +EFI_STATUS +MigratePageTable ( + VOID + ) +{ + EFI_STATUS Status; + IA32_CR4 Cr4; + BOOLEAN Page5LevelSupport; + UINT32 RegEax; + UINT32 RegEdx; + BOOLEAN Page1GSupport; + PAGING_MODE PagingMode; + + CPUID_VIR_PHY_ADDRESS_SIZE_EAX VirPhyAddressSize; + UINT32 MaxExtendedFunctionId; + + UINTN PageTable; + VOID *Buffer; + UINTN BufferSize; + IA32_MAP_ATTRIBUTE MapAttribute; + IA32_MAP_ATTRIBUTE MapMask; + + VirPhyAddressSize.Uint32 = 0; + PageTable = 0; + Buffer = NULL; + BufferSize = 0; + MapAttribute.Uint64 = 0; + MapMask.Uint64 = MAX_UINT64; + MapAttribute.Bits.Present = 1; + MapAttribute.Bits.ReadWrite = 1; + + // + // Check CPU runs in 64bit mode or 32bit mode + // + if (sizeof (UINTN) == sizeof (UINT32)) { + DEBUG ((DEBUG_WARN, "MigratePageTable: CPU runs in 32bit mode, unsupport to migrate page table to permanent memory.\n")); + ASSERT (TRUE); + return EFI_UNSUPPORTED; + } + + // + // Check Page5Level Support or not. + // + Cr4.UintN = AsmReadCr4 (); + Page5LevelSupport = (Cr4.Bits.LA57 ? TRUE : FALSE); + + // + // Check Page1G Support or not. + // + Page1GSupport = FALSE; + AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL); + if (RegEax >= CPUID_EXTENDED_CPU_SIG) { + AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx); + if ((RegEdx & BIT26) != 0) { + Page1GSupport = TRUE; + } + } + + // + // Decide Paging Mode according Page5LevelSupport & Page1GSupport. + // + PagingMode = Paging5Level1GB; + if (Page5LevelSupport && !Page1GSupport) { + PagingMode = Paging5Level; + } else if (!Page5LevelSupport && Page1GSupport) { + PagingMode = Paging4Level1GB; + } else if (!Page5LevelSupport && !Page1GSupport) { + PagingMode = Paging4Level; + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: PagingMode = 0x%lx\n", (UINTN) PagingMode)); + + // + // Get Maximum Physical Address Bits + // Get the number of address lines; Maximum Physical Address is 2^PhysicalAddressBits - 1. + // If CPUID does not supported, then use a max value of 36 as per SDM 3A, 4.1.4. + // + AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, NULL); + if (MaxExtendedFunctionId >= CPUID_VIR_PHY_ADDRESS_SIZE) { + AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL, NULL, NULL); + } else { + VirPhyAddressSize.Bits.PhysicalAddressBits = 36; + } + + if (PagingMode == Paging4Level1GB || PagingMode == Paging4Level) { + // + // The max lineaddress bits is 48 for 4 level page table. + // + VirPhyAddressSize.Bits.PhysicalAddressBits = MIN (VirPhyAddressSize.Bits.PhysicalAddressBits, 48); + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: Maximum Physical Address Bits = %d\n", VirPhyAddressSize.Bits.PhysicalAddressBits)); + + // + // Get required buffer size for the pagetable that will be created. + // + Status = PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT (Status == EFI_BUFFER_TOO_SMALL); + if (Status != EFI_BUFFER_TOO_SMALL) { + DEBUG ((DEBUG_ERROR, "MigratePageTable: Failed to get PageTable required BufferSize, Status = %r\n", Status)); + return Status; + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: Get PageTable required BufferSize = %x\n", BufferSize)); + + // + // Allocate required Buffer. + // + Status = PeiServicesAllocatePages ( + EfiBootServicesData, + EFI_SIZE_TO_PAGES (BufferSize), + &((EFI_PHYSICAL_ADDRESS) Buffer) + ); + ASSERT (Buffer != NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "MigratePageTable: Failed to allocate PageTable required BufferSize, Status = %r\n", Status)); + return EFI_OUT_OF_RESOURCES; + } + + // + // Create PageTable in permanent memory. + // + Status = PageTableMap (&PageTable, PagingMode, Buffer, &BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapMask, NULL); + ASSERT (!EFI_ERROR (Status) && PageTable != 0); + if (EFI_ERROR (Status) || PageTable == 0) { + DEBUG ((DEBUG_ERROR, "MigratePageTable: Failed to create PageTable, Status = %r, PageTable = 0x%lx\n", Status, PageTable)); + return EFI_OUT_OF_RESOURCES; + } + + DEBUG ((DEBUG_INFO, "MigratePageTable: Create PageTable = 0x%lx\n", PageTable)); + + // + // Write the Pagetable to CR3. + // + AsmWriteCr3 (PageTable); + + DEBUG ((DEBUG_INFO, "MigratePageTable: Write the Pagetable to CR3 Sucessfully.\n")); + + return Status; +} + // // These are IDT entries pointing to 10:FFFFFFE4h. // UINT64 mIdtEntryTemplate = 0xffff8e000010ffe4ULL; @@ -492,10 +641,25 @@ SecTemporaryRamDone ( if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) { Status = MigrateGdt (); ASSERT_EFI_ERROR (Status); } + // + // Migrate page table to permanent memory mapping entire physical address space if CR0.PG is set. + // + if ((AsmReadCr0 () & BIT31) != 0) { + // + // CR4.PAE must be enabled. + // + ASSERT ((AsmReadCr4 () & BIT5) != 0); + Status = MigratePageTable (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "SecTemporaryRamDone: Failed to migrate page table to permanent memory: %r.\n", Status)); + ASSERT_EFI_ERROR (Status); + } + } + // // Disable Temporary RAM after Stack and Heap have been migrated at this point. // SecPlatformDisableTemporaryMemory (); diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h index 880e6cd1b8..b50d96e45b 100644 --- a/UefiCpuPkg/SecCore/SecMain.h +++ b/UefiCpuPkg/SecCore/SecMain.h @@ -17,10 +17,11 @@ #include #include #include +#include #include #include #include #include #include @@ -30,10 +31,13 @@ #include #include #include #include #include +#include +#include +#include #define SEC_IDT_ENTRY_COUNT 34 typedef struct _SEC_IDT_TABLE { // -- 2.16.2.windows.1