From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by mx.groups.io with SMTP id smtpd.web10.916.1686193607701518790
 for <devel@edk2.groups.io>;
 Wed, 07 Jun 2023 20:06:48 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=bk+0HxUK;
 spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: zhiguang.liu@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1686193607; x=1717729607;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=d5YIlwB7TREo/uezzrdBHCNoOjDQOAM/Doup0HkjM2g=;
  b=bk+0HxUKCUvckYttUCo3VAMLG3N9Jv+r/W6M5LlIlOlCx2LQBbYxDy5I
   6QABuiAKEpCjCoQP+BGQYzP+UyNZhm+AoGPA+2Hchd1o2fpYJG3bavw96
   Ly4JbB9dEXH9tCEzimAU2GdP/xIOJv9413FVWclkXraE6rgWvVpiPQkkU
   pKlIHu6SSO7fqwQHCzs+iqxzvkDXQcv7QtgFe0eXBkjE0TBquGxi/v4hi
   NQOv6WgQMewvm9U4g911IAJoskf9IsEntFKuHhydNa9vgZ3Db8ud8zsQT
   NHT+emrlGJs2IYcQ1CstVcnLCUTfJKEv272jursHXaKL9O2uFvRyQ9eoz
   g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="336808866"
X-IronPort-AV: E=Sophos;i="6.00,226,1681196400"; 
   d="scan'208";a="336808866"
Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 20:06:47 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10734"; a="742933584"
X-IronPort-AV: E=Sophos;i="6.00,226,1681196400"; 
   d="scan'208";a="742933584"
Received: from shwdesfp01.ccr.corp.intel.com ([10.239.158.151])
  by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Jun 2023 20:06:45 -0700
From: "Zhiguang Liu" <zhiguang.liu@intel.com>
To: devel@edk2.groups.io
Cc: Zhiguang Liu <zhiguang.liu@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>
Subject: [PATCH 1/4] MdePkg: Add new API GetMaxPlatformAddressBits
Date: Thu,  8 Jun 2023 11:06:26 +0800
Message-Id: <20230608030629.2734-1-zhiguang.liu@intel.com>
X-Mailer: git-send-email 2.31.1.windows.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3394

Add new API GetMaxPlatformAddressBits to get the max platform address
bits. Max physical address bits can be get from CPUID. When TME-MK
feature is enabled, the upper bits of the max physical address bits
are repurposed for usage as a KeyID.
Therefore, the max platform addressable bits is the max physical
address bits minus the upper bits used for KeyID if TME-MK is enable.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com>
---
 MdePkg/Include/Library/CpuLib.h           | 25 +++++++
 MdePkg/Library/BaseCpuLib/X86BaseCpuLib.c | 81 +++++++++++++++++++++++
 2 files changed, 106 insertions(+)

diff --git a/MdePkg/Include/Library/CpuLib.h b/MdePkg/Include/Library/CpuLib.h
index 3f29937dc7..a9bac083b7 100644
--- a/MdePkg/Include/Library/CpuLib.h
+++ b/MdePkg/Include/Library/CpuLib.h
@@ -87,6 +87,31 @@ GetCpuSteppingId (
   VOID
   );
 
+/**
+  Get the max platform addressable bits.
+  Max physical address bits can be get from CPUID. When TME-MK feature
+  is enabled, the upper bits of the max physical address bits are
+  repurposed for usage as a KeyID.
+  Therefore, the max platform addressable bits is the max physical
+  address bits minus the upper bits used for KeyID if TME-MK is enable.
+
+  @param[out] ValidAddressMask          Bitmask with valid address bits set to
+                                        one; other bits are clear. Optional
+                                        parameter.
+
+  @param[out] ValidPageBaseAddressMask  Bitmask with valid page base address
+                                        bits set to one; other bits are clear.
+                                        Optional parameter.
+
+  @return  The max platform addressable bits.
+**/
+UINT8
+EFIAPI
+GetMaxPlatformAddressBits (
+  OUT UINT64  *ValidAddressMask         OPTIONAL,
+  OUT UINT64  *ValidPageBaseAddressMask OPTIONAL
+  );
+
 #endif
 
 #endif
diff --git a/MdePkg/Library/BaseCpuLib/X86BaseCpuLib.c b/MdePkg/Library/BaseCpuLib/X86BaseCpuLib.c
index 1cad32a4be..7b15cb3d73 100644
--- a/MdePkg/Library/BaseCpuLib/X86BaseCpuLib.c
+++ b/MdePkg/Library/BaseCpuLib/X86BaseCpuLib.c
@@ -14,6 +14,8 @@
 
 #include <Library/BaseLib.h>
 #include <Library/CpuLib.h>
+#include <Register/Intel/ArchitecturalMsr.h>
+#include <Uefi/UefiBaseType.h>
 
 /**
   Determine if the standard CPU signature is "AuthenticAMD".
@@ -79,3 +81,82 @@ GetCpuSteppingId (
 
   return (UINT8)Eax.Bits.SteppingId;
 }
+
+/**
+  Get the max platform addressable bits.
+  Max physical address bits can be get from CPUID. When TME-MK feature
+  is enabled, the upper bits of the max physical address bits are
+  repurposed for usage as a KeyID.
+  Therefore, the max platform addressable bits is the max physical
+  address bits minus the upper bits used for KeyID if TME-MK is enable.
+
+  @param[out] ValidAddressMask          Bitmask with valid address bits set to
+                                        one; other bits are clear. Optional
+                                        parameter.
+
+  @param[out] ValidPageBaseAddressMask  Bitmask with valid page base address
+                                        bits set to one; other bits are clear.
+                                        Optional parameter.
+
+  @return  The max platform addressable bits.
+**/
+UINT8
+EFIAPI
+GetMaxPlatformAddressBits (
+  OUT UINT64  *ValidAddressMask         OPTIONAL,
+  OUT UINT64  *ValidPageBaseAddressMask OPTIONAL
+  )
+{
+  UINT32                                       MaxExtendedFunction;
+  CPUID_VIR_PHY_ADDRESS_SIZE_EAX               VirPhyAddressSize;
+  UINT64                                       AddressMask;
+  UINT64                                       PageBaseAddressMask;
+  UINT32                                       MaxFunction;
+  CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS_ECX  ExtendedFeatureFlagsEcx;
+  MSR_IA32_TME_ACTIVATE_REGISTER               TmeActivate;
+  MSR_IA32_TME_CAPABILITY_REGISTER             TmeCapability;
+
+  AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunction, NULL, NULL, NULL);
+  if (MaxExtendedFunction >= CPUID_VIR_PHY_ADDRESS_SIZE) {
+    AsmCpuid (
+      CPUID_VIR_PHY_ADDRESS_SIZE,
+      &VirPhyAddressSize.Uint32,
+      NULL,
+      NULL,
+      NULL
+      );
+  } else {
+    VirPhyAddressSize.Bits.PhysicalAddressBits = 36;
+  }
+
+  //
+  // CPUID enumeration of MAX_PA is unaffected by TME-MK activation and will continue
+  // to report the maximum physical address bits available for software to use,
+  // irrespective of the number of KeyID bits.
+  // So, we need to check if TME is enabled and adjust the PA size accordingly.
+  //
+  AsmCpuid (CPUID_SIGNATURE, &MaxFunction, NULL, NULL, NULL);
+  if (MaxFunction >= CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS) {
+    AsmCpuidEx (CPUID_STRUCTURED_EXTENDED_FEATURE_FLAGS, 0, NULL, NULL, &ExtendedFeatureFlagsEcx.Uint32, NULL);
+    if (ExtendedFeatureFlagsEcx.Bits.TME_EN == 1) {
+      TmeActivate.Uint64   = AsmReadMsr64 (MSR_IA32_TME_ACTIVATE);
+      TmeCapability.Uint64 = AsmReadMsr64 (MSR_IA32_TME_CAPABILITY);
+      if ((TmeActivate.Bits.TmeEnable == 1) && (TmeCapability.Bits.MkTmeMaxKeyidBits != 0)) {
+        VirPhyAddressSize.Bits.PhysicalAddressBits -= TmeActivate.Bits.MkTmeKeyidBits;
+      }
+    }
+  }
+
+  AddressMask         = LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits) - 1;
+  PageBaseAddressMask = AddressMask & ~(UINT64)EFI_PAGE_MASK;
+
+  if (ValidAddressMask != NULL) {
+    *ValidAddressMask = AddressMask;
+  }
+
+  if (ValidPageBaseAddressMask != NULL) {
+    *ValidPageBaseAddressMask = PageBaseAddressMask;
+  }
+
+  return (UINT8)VirPhyAddressSize.Bits.PhysicalAddressBits;
+}
-- 
2.31.1.windows.1