From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail03.groups.io (mail03.groups.io [45.79.227.220]) by spool.mail.gandi.net (Postfix) with ESMTPS id B67B8AC1433 for ; Fri, 12 Apr 2024 14:33:45 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=r4JTaOyEwa18pwAfiPhxhi+tUXgzwsrwIABZKDD14iY=; c=relaxed/simple; d=groups.io; h=Received-SPF:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:NoDisclaimer:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20240206; t=1712932424; v=1; b=VDmYANAYPtAHuBNJMGVc0ZY9gTQKPHdimRYs2v2jnLV04IjKW2GLVO/narNNCBvUkc0UZver m9PqqfsWoLeLTxKEGtxHfnxPfDCMBWM2gz8s/RIMDIequR0CkoBgFshMvlQojk1OPbvTNYuOfhw O9nbHJ2C0oYcGPM0GrkdmjA73+xI+y8VAFLynQViPfcZbQPXjmhjs3JtL/SyW3QOeoP90wg3zoW dGYHC6fh3dk4CsBb5gKT/L/27XzjicMtbdOV/yXflaV7h5t4p0TohghgvHR1C80wffcqHhYKSgZ l8VB4sI6/7u/sgzWWfaecHbxXJa1g1lPpjI4CN/n1xGaw== X-Received: by 127.0.0.2 with SMTP id h0iIYY7687511xNQDUg905cZ; Fri, 12 Apr 2024 07:33:44 -0700 X-Received: from EUR01-HE1-obe.outbound.protection.outlook.com (EUR01-HE1-obe.outbound.protection.outlook.com [40.107.13.52]) by mx.groups.io with SMTP id smtpd.web10.48523.1712932423088703157 for ; Fri, 12 Apr 2024 07:33:43 -0700 X-Received: from AS8PR04CA0023.eurprd04.prod.outlook.com (2603:10a6:20b:310::28) by PR3PR08MB5721.eurprd08.prod.outlook.com (2603:10a6:102:84::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.56; Fri, 12 Apr 2024 14:33:38 +0000 X-Received: from AMS0EPF000001B4.eurprd05.prod.outlook.com (2603:10a6:20b:310:cafe::b0) by AS8PR04CA0023.outlook.office365.com (2603:10a6:20b:310::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.19 via Frontend Transport; Fri, 12 Apr 2024 14:33:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C X-Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AMS0EPF000001B4.mail.protection.outlook.com (10.167.16.168) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.7452.22 via Frontend Transport; Fri, 12 Apr 2024 14:33:36 +0000 X-Received: ("Tessian outbound caed45120527:v313"); Fri, 12 Apr 2024 14:33:36 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: fd28d0f6476ae913 X-CR-MTA-TID: 64aa7808 X-Received: from 07c7d5d65d8f.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 50635C3A-204C-49BE-9FB0-9F9F5B47EC14.1; Fri, 12 Apr 2024 14:33:30 +0000 X-Received: from EUR04-DB3-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 07c7d5d65d8f.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 12 Apr 2024 14:33:29 +0000 X-Received: from DB6PR0301CA0081.eurprd03.prod.outlook.com (2603:10a6:6:30::28) by DB9PR08MB8360.eurprd08.prod.outlook.com (2603:10a6:10:3d8::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Fri, 12 Apr 2024 14:33:27 +0000 X-Received: from DU2PEPF00028CFF.eurprd03.prod.outlook.com (2603:10a6:6:30:cafe::e8) by DB6PR0301CA0081.outlook.office365.com (2603:10a6:6:30::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.22 via Frontend Transport; Fri, 12 Apr 2024 14:33:27 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C X-Received: from nebula.arm.com (40.67.248.234) by DU2PEPF00028CFF.mail.protection.outlook.com (10.167.242.183) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 12 Apr 2024 14:33:27 +0000 X-Received: from AZ-NEU-EX04.Arm.com (10.251.24.32) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 12 Apr 2024 14:33:25 +0000 X-Received: from E114225.Arm.com (10.1.196.56) by mail.arm.com (10.251.24.32) with Microsoft SMTP Server id 15.1.2507.35 via Frontend Transport; Fri, 12 Apr 2024 14:33:25 +0000 From: "Sami Mujawar" To: CC: Sami Mujawar , , , , , , Subject: [edk2-devel] [PATCH v2 02/45] ArmPkg: Introduce SetMemoryProtectionAttribute() for Realms Date: Fri, 12 Apr 2024 15:32:39 +0100 Message-ID: <20240412143322.5244-3-sami.mujawar@arm.com> In-Reply-To: <20240412143322.5244-1-sami.mujawar@arm.com> References: <20240412143322.5244-1-sami.mujawar@arm.com> MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DU2PEPF00028CFF:EE_|DB9PR08MB8360:EE_|AMS0EPF000001B4:EE_|PR3PR08MB5721:EE_ X-MS-Office365-Filtering-Correlation-Id: 7e01997b-234a-43b3-7816-08dc5afd8a16 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: l6Mw7cvyr7rJogAK7nSeJLGPz8Tehr0VpfGN+Y7LlZ2swqWcgpq9V+CWQUh9C6a2yIc7bhvZSD+cwEqwwxu/xZdkoqNyRyhQwD56lc311K1bIP6Q2PaLJ7mv1YMVsyyyv4ykt7seVyOjyUx+3ZsVoFpYnHdZ+Sh3jLZEgopmdy7B7pGk9EGNx63wyBgeY3BeNyzUTNI/2Ux03/fQ5eBwRDyesxFXDT72MtHFc8KyV4XR3Mo7bghSkAOhyfR+Ky48hlkCL/6o20gBkyiuF9O8B1Oko6w2K3Ye00F0ZBn4tG6MKc0a/uQQBQgq8Oj2uyusaislkvS383v9Ad51kCx6hQSeLUduTK02ApXltDT5zEDJMUm6kwI6k7ePmlVo6aqcUWInkY15yJnY0neQ70fTP9OVLjKPLjgvZ/4ZEv8f78yPqWBpF+PnIiQpGoQG1B9EusA622iBeFnpHTO0o+j/Bj37z3kK6R0YNgCX/BaQ6h+7ctB9ALyqWm746CQIxC/+Tlm6Oswco6J/KbPSXHsfUdyfB54WOUHVwlYba/vd5AYSSjx/LGvy5qNBvfbfcP4/2eVuptJwfQAj29koubXyh4+BRzef2r8xCGN50OeWJmvJKVmeqHVwF1TIGFx//PBI9A5daznDhyLC3NdBN8NBLxiXtf7jSYqP0rVzcD1vSqJc4fDMnoHCXgg/dCAK70zrvY9reilDfkUv+5igA1J6BJAbrzF2Lwhze8ZXZqo9vOXyOPkp+gBYqD3rrg4J3R23 X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234;CTRY:IE;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:nebula.arm.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(36860700004)(1800799015)(376005);DIR:OUT;SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR08MB8360 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AMS0EPF000001B4.eurprd05.prod.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 199cc6d2-07cc-48a9-dd2e-08dc5afd845c X-Microsoft-Antispam-Message-Info: a6cwge5R9/sJ8m/vmy3in3aHsdSU86M3iHmO2awkpNs/FclN/LhtVthZW39BckMKzkOOIBvEU4KUXMdBldmMX03Qu9T6N+7xuGe4N34nwWCZyXg+qRJmgr0P13PxKyIgIbuGpUvv5E3aajTbWeeu5XdlXO0oAhq/a2KwBvNwbuRTRUSscyrHUstxK7ggviFjB+SfBj1xmiQn8Fc8vPu0xTqdr8RGYdtiwgOHteExPX9L/7aHfv3en29tQU96b4V4NtF7id6m07y6A5g6lV9JvG1l5ImxgPiNM3vepLb4IrtNF4YCcucw/RtToIwvKi1jilbgBjcKbGSCLkeNXVY5JrWP0aaKweVsTuqxgrz7lyrcFCet/8h28u1SU/2dgA4RDqpAJoeYAQPuXjUojTTgGsEaJq0a7lEKwdF8V9aZuI6DiMzqZjX2bkrXp2bHseN0H23NExc/EmiUjP57sR+NiWlvIfT9r7MrHixZYeUS9GJ0Qq+19WfE27t94lXhcyw8cSCSdHxAYbzrGwYKDjmhsh8iXQIlsO0mQC993jrxZZAq/JOis5Gm0+buv/f+gspZoQzwORP3AjnUdjMNDQgGoSL0dzYvwhoDf3FtyPo44PCe8lQBX2n13LbNit3P7uxHkgYmawiUvLyYIFZ5t0h49pebAVBJjydv3hpbh9TCP/AjM2MiwJaBoPmZBDDBNf2T0XEx+Dp/4urgb11kXICn1zxBuo0en/9M9T/BjVxL7tzn2CBC7VGa4rGqEpp2KcEi X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Apr 2024 14:33:36.8940 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7e01997b-234a-43b3-7816-08dc5afd8a16 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d;Ip=[63.35.35.123];Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AMS0EPF000001B4.eurprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR08MB5721 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 12 Apr 2024 07:33:43 -0700 Resent-From: sami.mujawar@arm.com Reply-To: devel@edk2.groups.io,sami.mujawar@arm.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: EIQqdwlmkx3mJcsNzChKpVCBx7686176AA= Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=VDmYANAY; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=arm.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.227.220 as permitted sender) smtp.mailfrom=bounce@groups.io Arm CCA requires the software in a Realm to treat the most significant bit of an IPA as a protection attribute. To enable/disable sharing of memory regions with the host, the protection attribute needs to be set/cleared accordingly. Therefore, introduce SetMemoryProtectionAttribute() so that the memory regions can be shared/unshared with the host. Cc: Ard Biesheuvel Cc: Leif Lindholm Signed-off-by: Sami Mujawar --- ArmPkg/Include/Library/ArmMmuLib.h | 55 ++++++++++++ ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c | 90 ++++++++++++++++++++ 2 files changed, 145 insertions(+) diff --git a/ArmPkg/Include/Library/ArmMmuLib.h b/ArmPkg/Include/Library/ArmMmuLib.h index 2ce948e8db1d34e5ba0228de3dc347e186f31c11..1cea71ee6e88d351a3c57c4b97fe229305bfc1af 100644 --- a/ArmPkg/Include/Library/ArmMmuLib.h +++ b/ArmPkg/Include/Library/ArmMmuLib.h @@ -71,4 +71,59 @@ ArmSetMemoryAttributes ( IN UINT64 AttributeMask ); +#ifdef MDE_CPU_AARCH64 + +/** + Configure the protection attribute for the page tables + describing the memory region. + + The IPA space of a Realm is divided into two halves: + - Protected IPA space and + - Unprotected IPA space. + + Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + + A Protected IPA is an address in the lower half of a Realms IPA + space. The most significant bit of a Protected IPA is 0. + + An Unprotected IPA is an address in the upper half of a Realms + IPA space. The most significant bit of an Unprotected IPA is 1. + + Note: + - Configuring the memory region as Unprotected IPA enables the + Realm to share the memory region with the Host. + - This function updates the page table entries to reflect the + protection attribute. + - A separate call to transition the memory range using the Realm + Service Interface (RSI) RSI_IPA_STATE_SET command is additionally + required and is expected to be done outside this function. + - The caller must ensure that this function call is invoked by code + executing within the Realm. + + @param [in] BaseAddress Base address of the memory region. + @param [in] Length Length of the memory region. + @param [in] IpaWidth IPA width of the Realm. + @param [in] Share If TRUE, set the most significant + bit of the IPA to configure the memory + region as Unprotected IPA. + If FALSE, clear the most significant + bit of the IPA to configure the memory + region as Protected IPA. + + @retval EFI_SUCCESS IPA protection attribute updated. + @retval EFI_INVALID_PARAMETER A parameter is invalid. + @retval EFI_UNSUPPORTED RME is not supported. +**/ +EFI_STATUS +EFIAPI +SetMemoryProtectionAttribute ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 IpaWidth, + IN BOOLEAN Share + ); + +#endif + #endif // ARM_MMU_LIB_H_ diff --git a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c index 9d9c623581fe0010e35cb33c0c8ef4061720a6f7..25d32cceb61e1f0fd62d878202cf8ead05cfd9e2 100644 --- a/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c +++ b/ArmPkg/Library/ArmMmuLib/AArch64/ArmMmuLibCore.c @@ -7,6 +7,10 @@ * * SPDX-License-Identifier: BSD-2-Clause-Patent * +* @par Glossary: +* - Rsi or RSI - Realm Service Interface +* - IPA - Intermediate Physical Address +* - RIPAS - Realm IPA state **/ #include @@ -749,3 +753,89 @@ ArmMmuBaseLibConstructor ( return RETURN_SUCCESS; } + +/** + Configure the protection attribute for the page tables + describing the memory region. + + The IPA space of a Realm is divided into two halves: + - Protected IPA space and + - Unprotected IPA space. + + Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + + A Protected IPA is an address in the lower half of a Realms IPA + space. The most significant bit of a Protected IPA is 0. + + An Unprotected IPA is an address in the upper half of a Realms + IPA space. The most significant bit of an Unprotected IPA is 1. + + Note: + - Configuring the memory region as Unprotected IPA enables the + Realm to share the memory region with the Host. + - This function updates the page table entries to reflect the + protection attribute. + - A separate call to transition the memory range using the Realm + Service Interface (RSI) RSI_IPA_STATE_SET command is additionally + required and is expected to be done outside this function. + - The caller must ensure that this function call is invoked by code + executing within the Realm. + + @param [in] BaseAddress Base address of the memory region. + @param [in] Length Length of the memory region. + @param [in] IpaWidth IPA width of the Realm. + @param [in] Share If TRUE, set the most significant + bit of the IPA to configure the memory + region as Unprotected IPA. + If FALSE, clear the most significant + bit of the IPA to configure the memory + region as Protected IPA. + + @retval EFI_SUCCESS IPA protection attribute updated. + @retval EFI_INVALID_PARAMETER A parameter is invalid. + @retval EFI_UNSUPPORTED RME is not supported. +**/ +EFI_STATUS +EFIAPI +SetMemoryProtectionAttribute ( + IN EFI_PHYSICAL_ADDRESS BaseAddress, + IN UINT64 Length, + IN UINT64 IpaWidth, + IN BOOLEAN Share + ) +{ + UINT64 Attributes; + UINT64 Mask; + UINT64 ProtectionAttributeMask; + + if ((Length == 0) || (IpaWidth == 0)) { + return EFI_INVALID_PARAMETER; + } + + if (!ArmHasRme ()) { + return EFI_UNSUPPORTED; + } + + /* Software in a Realm should treat the most significant bit of an + IPA as a protection attribute. + */ + ProtectionAttributeMask = 1ULL << (IpaWidth - 1); + + if (Share) { + Attributes = ProtectionAttributeMask; + Mask = ~TT_ADDRESS_MASK_BLOCK_ENTRY; + } else { + Attributes = 0; + Mask = ~(TT_ADDRESS_MASK_BLOCK_ENTRY | ProtectionAttributeMask); + } + + return UpdateRegionMapping ( + BaseAddress, + Length, + Attributes, + Mask, + ArmGetTTBR0BaseAddress (), + TRUE + ); +} -- 'Guid(CE165669-3EF3-493F-B85D-6190EE5B9759)' -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117669): https://edk2.groups.io/g/devel/message/117669 Mute This Topic: https://groups.io/mt/105483407/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-