From: Laszlo Ersek <lersek@redhat.com>
To: "Zeng, Star" <star.zeng@intel.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
"Duran, Leo" <leo.duran@amd.com>,
"edk2-devel@ml01.01.org" <edk2-devel@ml01.01.org>
Cc: "Tian, Feng" <feng.tian@intel.com>,
"Singh, Brijesh" <brijesh.singh@amd.com>,
"Justen, Jordan L" <jordan.l.justen@intel.com>
Subject: Re: [PATCH] MdeModulePkg: Add dynamic PCD PcdPteMemoryEncryptionAddressOrMask
Date: Thu, 9 Feb 2017 10:46:09 +0100 [thread overview]
Message-ID: <3e157c02-979e-c6dd-3f8e-fed8906dbeb9@redhat.com> (raw)
In-Reply-To: <0C09AFA07DD0434D9E2A0C6AEB0483103B825588@shsmsx102.ccr.corp.intel.com>
On 02/09/17 10:17, Zeng, Star wrote:
> EFI_HOB_CPU?
> Is there discussion in PIWG for it?
None that I'm aware of.
Thanks
Laszlo
>
> Thanks,
> Star
> -----Original Message-----
> From: Laszlo Ersek [mailto:lersek@redhat.com]
> Sent: Thursday, February 9, 2017 5:13 PM
> To: Zeng, Star <star.zeng@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Duran, Leo <leo.duran@amd.com>; edk2-devel@ml01.01.org
> Cc: Tian, Feng <feng.tian@intel.com>; Singh, Brijesh <brijesh.singh@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>
> Subject: Re: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD PcdPteMemoryEncryptionAddressOrMask
>
> On 02/09/17 06:26, Zeng, Star wrote:
>> Correct typo in below email.
>>
>> "about how to determine DXE is 32BITs or 64BITs" should be "about how
>> to determine PEI is 32BITs or 64BITs".
>>
>> At that time, we were discussing if the code needs to allocate <4G
>> ACPI table for PEI phase at S3 resume.
>
> Indeed. Although OVMF X64 has a 64-bit PEI phase, that PEI phase can access only <4G RAM. IIRC one suggestion was to introduce a new HOB for this, so that PEI can advertise such a limitation to DXE.
>
> Thanks
> Laszlo
>
>
>>
>> Thanks,
>> Star
>> -----Original Message-----
>> From: Zeng, Star
>> Sent: Thursday, February 9, 2017 1:12 PM
>> To: Laszlo Ersek <lersek@redhat.com>; Yao, Jiewen
>> <jiewen.yao@intel.com>; Duran, Leo <leo.duran@amd.com>;
>> edk2-devel@ml01.01.org
>> Cc: Tian, Feng <feng.tian@intel.com>; Singh, Brijesh
>> <brijesh.singh@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>;
>> Zeng, Star <star.zeng@intel.com>
>> Subject: RE: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>> PcdPteMemoryEncryptionAddressOrMask
>>
>> In fact, X64 DxeIplPeim does not refer PcdDxeIplSwitchToLongMode at all.
>>
>> DxeIpl.inf:
>> [FeaturePcd.IA32]
>> gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode ## CONSUMES
>>
>> As I remember, I did a draft patch below before for the discussion about how to determine DXE is 32BITs or 64BITs in title "[edk2] [PATCH v3 2/4] IntelFrameworkModulePkg: BdsDxe: only allocate below 4 GB if needed", I can't find the archive link any more.
>>
>> ---
>> MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c | 5 +++++
>> MdeModulePkg/MdeModulePkg.dec | 4 +++-
>> 2 files changed, 8 insertions(+), 1 deletion(-)
>>
>> diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
>> b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
>> index 6488880..348e084 100644
>> --- a/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
>> +++ b/MdeModulePkg/Core/DxeIplPeim/X64/DxeLoadFunc.c
>> @@ -43,6 +43,11 @@ HandOffToDxeCore (
>> EFI_PEI_VECTOR_HANDOFF_INFO_PPI *VectorHandoffInfoPpi;
>>
>> //
>> + // It should be FALSE for both PEI and DXE are 64-bit.
>> + //
>> + ASSERT (PcdGetBool (PcdDxeIplSwitchToLongMode) == FALSE);
>> +
>> + //
>> // Get Vector Hand-off Info PPI and build Guided HOB
>> //
>> Status = PeiServicesLocatePpi (
>> diff --git a/MdeModulePkg/MdeModulePkg.dec
>> b/MdeModulePkg/MdeModulePkg.dec index af7bcab..4a73f7b 100644
>> --- a/MdeModulePkg/MdeModulePkg.dec
>> +++ b/MdeModulePkg/MdeModulePkg.dec
>> @@ -712,8 +712,10 @@
>> ## Indicates if DxeIpl should switch to long mode to enter DXE phase.
>> # It is assumed that 64-bit DxeCore is built in firmware if it is true; otherwise 32-bit DxeCore
>> # is built in firmware.<BR><BR>
>> + # And it should be FALSE for both PEI and DXE are 64-bit.
>> # TRUE - DxeIpl will load a 64-bit DxeCore and switch to long mode to hand over to DxeCore.<BR>
>> - # FALSE - DxeIpl will load a 32-bit DxeCore and perform stack switch to hand over to DxeCore.<BR>
>> + # FALSE - DxeIpl will load a 32-bit DxeCore and perform stack switch to hand over to DxeCore,<BR>
>> + # or both PEI and DXE are 64-bit.<BR>
>> # @Prompt DxeIpl switch to long mode.
>>
>> gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSwitchToLongMode|TRUE|BOOLEAN|
>> 0x0001003b
>>
>> --
>>
>>
>> Thanks,
>> Star
>> -----Original Message-----
>> From: Laszlo Ersek [mailto:lersek@redhat.com]
>> Sent: Thursday, February 9, 2017 3:48 AM
>> To: Yao, Jiewen <jiewen.yao@intel.com>; Duran, Leo
>> <leo.duran@amd.com>; Zeng, Star <star.zeng@intel.com>;
>> edk2-devel@ml01.01.org
>> Cc: Tian, Feng <feng.tian@intel.com>; Singh, Brijesh
>> <brijesh.singh@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>
>> Subject: Re: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>> PcdPteMemoryEncryptionAddressOrMask
>>
>> On 02/08/17 19:20, Yao, Jiewen wrote:
>>> Got it.
>>>
>>>
>>>
>>> If the means of PcdDxeIplSwitchtoLongMode is unclear, we may add
>>> more description to make it clear.
>>>
>>>
>>>
>>> If we believe "PcdDxeIplSwitchtoLongMode == DXE is Long mode" as
>>> final conclusion, can we treat that as a bug and fix OVMF X64?
>>
>> I don't know how to "fix" that. What is there to fix?
>>
>> Flipping the PCD to TRUE in OVMF X64 would break OVMF X64, and likely OVMF Ia32X64 too. For two reasons:
>>
>>
>> (1) Toggling the PCD would alter the behavior of the DXE IPL PEIM and/or the DXE Core, and that behavior has never ever been tested with OVMF X64.
>>
>> The PcdDxeIplSwitchToLongMode=FALSE setting in the X64 DSC dates back to:
>>
>> commit 8fa729a8b1401f01c6fd8ddbcab45e4a4904fa9a
>> Author: lgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524>
>> Date: Mon Mar 15 01:40:59 2010 +0000
>>
>> Merge the same type PCD section.
>>
>> git-svn-id:
>> https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10243
>> 6f19259b-4bc3-4df7-8a09-765794883524
>>
>> and before that, to:
>>
>> commit 49ba9447c92d6fca214476381107a180d08e59d1
>> Author: jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524>
>> Date: Wed May 27 21:10:18 2009 +0000
>>
>> Add initial version of Open Virtual Machine Firmware (OVMF) platform.
>>
>> git-svn-id:
>> https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@8398
>> 6f19259b-4bc3-4df7-8a09-765794883524
>>
>> In other words, OVMF X64 has always worked like this, since its inception.
>>
>>
>> (2) PEI code under OvmfPkg itself uses this PCD to identify a 32-bit DXE phase.
>>
>> //
>> // If DXE is 32-bit, then we're done; PciBusDxe will degrade 64-bit MMIO
>> // resources to 32-bit anyway. See DegradeResource() in
>> // "PciResourceSupport.c".
>> //
>> #ifdef MDE_CPU_IA32
>> if (!FeaturePcdGet (PcdDxeIplSwitchToLongMode)) {
>> return FirstNonAddress;
>> }
>> #endif
>>
>> and
>>
>> //
>> // If DXE is 32-bit, then just return the traditional 64 MB cap.
>> //
>> #ifdef MDE_CPU_IA32
>> if (!FeaturePcdGet (PcdDxeIplSwitchToLongMode)) {
>> return SIZE_64MB;
>> }
>> #endif
>>
>> Thanks
>> Laszlo
>>
>>>
>>>
>>>
>>> Thank you
>>>
>>> Yao Jiewen
>>>
>>>
>>>
>>>
>>>
>>> *From:*Laszlo Ersek [mailto:lersek@redhat.com]
>>> *Sent:* Wednesday, February 8, 2017 9:52 AM
>>> *To:* Yao, Jiewen <jiewen.yao@intel.com>; Duran, Leo
>>> <leo.duran@amd.com>; Zeng, Star <star.zeng@intel.com>;
>>> edk2-devel@ml01.01.org
>>> *Cc:* Tian, Feng <feng.tian@intel.com>; Singh, Brijesh
>>> <brijesh.singh@amd.com>; Justen, Jordan L <jordan.l.justen@intel.com>
>>> *Subject:* Re: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>>> PcdPteMemoryEncryptionAddressOrMask
>>>
>>>
>>>
>>> On 02/08/17 18:27, Yao, Jiewen wrote:
>>>> I believe PcdDxeIplSwitchtoLongMode == DXE is Long mode.
>>>>
>>>>
>>>>
>>>> See DEC description:
>>>>
>>>> # It is assumed that 64-bit DxeCore is built in firmware if it is
>>>> true; otherwise 32-bit DxeCore
>>>>
>>>> # is built in firmware.<BR><BR>
>>>
>>> Unfortunately, I have no historical context or background for this
>>> PCD; all I can say is that the X64 OVMF platform does not set the PCD.
>>>
>>> It enters long mode, and sets up page tables for the first 4GB of
>>> RAM, in SEC. Then SEC decompresses the flash contents to RAM, which
>>> covers both PEIFV and DXEFV. PEI runs from RAM.
>>>
>>> This is possible because on QEMU/KVM, there's no need to initialize
>>> RAM, thus only SEC runs from flash, in-place.
>>>
>>> Perhaps Jordan can provide more insight.
>>>
>>> If Brijesh and Leo would like to run the X64 OVMF platform as a SEV
>>> guest too, then this should be considered, in my opinion.
>>>
>>> One more comment below:
>>>
>>>>
>>>>
>>>>
>>>> And the code MdeModulePkg\Universal\Acpi\S3SaveStateDxe\AcpiS3ContextSave.c:
>>>>
>>>>
>>>>
>>>> BOOLEAN
>>>>
>>>> IsLongModeWakingVectorSupport (
>>>>
>>>> IN EFI_ACPI_4_0_FIRMWARE_ACPI_CONTROL_STRUCTURE*Facs
>>>>
>>>> )
>>>>
>>>> {
>>>>
>>>> if((Facs == NULL) ||
>>>>
>>>> (Facs->Signature !=
>>>> EFI_ACPI_4_0_FIRMWARE_ACPI_CONTROL_STRUCTURE_SIGNATURE) ) {
>>>>
>>>> //
>>>>
>>>> // Something wrong with FACS.
>>>>
>>>> //
>>>>
>>>> returnFALSE;
>>>>
>>>> }
>>>>
>>>> if((Facs->Version ==
>>>> EFI_ACPI_4_0_FIRMWARE_ACPI_CONTROL_STRUCTURE_VERSION) &&
>>>>
>>>> ((Facs->Flags & EFI_ACPI_4_0_64BIT_WAKE_SUPPORTED_F) != 0)) {
>>>>
>>>> //
>>>>
>>>> // BIOS supports 64bit waking vector.
>>>>
>>>> //
>>>>
>>>> if(FeaturePcdGet (PcdDxeIplSwitchToLongMode)) {
>>>>
>>>> returnTRUE;
>>>>
>>>> }
>>>>
>>>> }
>>>>
>>>> returnFALSE;
>>>>
>>>> }
>>>
>>> In practice, it's okay if the OVMF X64 platform is recognized as "not
>>> supporting a 64-bit waking vector for S3 resume". All the 64-bit
>>> guest OSes that I've tested with OVMF X64 (Linux, and the Windows 7 /
>>> 8 / 10 families, both client and server) use a real mode (16-bit)
>>> waking vector, in practice.
>>>
>>> ... Actually, upon reviewing the above code more carefully, we don't
>>> even reach the FeaturePcdGet() call: the FACS that QEMU generates
>>> (and OVMF downloads and installs) corresponds to ACPI 1.0, that is,
>>> EFI_ACPI_1_0_FIRMWARE_ACPI_CONTROL_STRUCTURE_VERSION.
>>>
>>> Thanks
>>> Laszlo
>>>
>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Thank you
>>>>
>>>> Yao Jiewen
>>>>
>>>>
>>>>
>>>> *From:*edk2-devel [mailto:edk2-devel-bounces@lists.01.org] *On
>>>> Behalf Of *Yao, Jiewen
>>>> *Sent:* Wednesday, February 8, 2017 9:18 AM
>>>> *To:* Laszlo Ersek <lersek@redhat.com
>>> <mailto:lersek@redhat.com>>; Duran, Leo <leo.duran@amd.com
>>> <mailto:leo.duran@amd.com>>;
>>>> Zeng, Star <star.zeng@intel.com
>>> <mailto:star.zeng@intel.com>>; edk2-devel@ml01.01.org
>>> <mailto:edk2-devel@ml01.01.org>
>>>> *Cc:* Tian, Feng <feng.tian@intel.com <mailto:feng.tian@intel.com>>;
>>>> Singh, Brijesh <brijesh.singh@amd.com
>>>> <mailto:brijesh.singh@amd.com>>
>>>> *Subject:* Re: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>>>> PcdPteMemoryEncryptionAddressOrMask
>>>>
>>>>
>>>>
>>>> Good reminder. I take back my word.
>>>>
>>>> In this case, we need consume PcdPteMemoryEncryptionAddressOrMask in IA32 mode to build X64 paging.
>>>>
>>>> We need
>>>>
>>>> From: Laszlo Ersek [mailto:lersek@redhat.com]
>>>> Sent: Wednesday, February 8, 2017 9:11 AM
>>>> To: Yao, Jiewen <jiewen.yao@intel.com
>>> <mailto:jiewen.yao@intel.com%0b>> <mailto:jiewen.yao@intel.com>>;
>>> Duran, Leo <leo.duran@amd.com <mailto:leo.duran@amd.com%0b>>
>>> <mailto:leo.duran@amd.com>>; Zeng, Star <star.zeng@intel.com
>>> <mailto:star.zeng@intel.com%0b>> <mailto:star.zeng@intel.com>>;
>>> edk2-devel@ml01.01.org <mailto:edk2-devel@ml01.01.org>
>>>> <mailto:edk2-devel@ml01.01.org>
>>>> Cc: Tian, Feng <feng.tian@intel.com
>>> <mailto:feng.tian@intel.com%0b>> <mailto:feng.tian@intel.com>>;
>>> Singh, Brijesh <brijesh.singh@amd.com
>>> <mailto:brijesh.singh@amd.com%0b>>
>>> <mailto:brijesh.singh@amd.com>>
>>>> Subject: Re: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>>>> PcdPteMemoryEncryptionAddressOrMask
>>>>
>>>> On 02/08/17 18:05, Yao, Jiewen wrote:
>>>>> HI Leo
>>>>>
>>>>> Thanks to clarify that.
>>>>>
>>>>>
>>>>>
>>>>> If that is the case, do you think it will be better to limit this
>>>>> PCD to
>>>>> X64 only in DEC file. Such as [PcdsDynamic.X64, PcdsDynamicEx.X64]
>>>>
>>>> Not sure if this is the best place to raise the following
>>>> observation, but it should do:
>>>>
>>>> please everyone remember that PcdDxeIplSwitchToLongMode is only TRUE
>>>> if PEI is 32-bit and DXE is 64-bit. It is FALSE in *two* cases:
>>>> - both PEI and DXE are 32-bit, and
>>>> - both PEI and DXE are 64-bit.
>>>>
>>>> This doesn't necessarily invalidate anything said thus fair in the
>>>> thread, but the following statement from Leo:
>>>>
>>>> The SEV feature requires 64-bit LongMode, so the
>>>> PcdDxeIplSwitchtoLongMode *must* set to TRUE at build-time
>>>>
>>>> does not follow. The PCD is FALSE in OvmfPkgX64.dsc.
>>>>
>>>> Thanks,
>>>> Laszlo
>>>>
>>>>>
>>>>>
>>>>>
>>>>> Thank you
>>>>>
>>>>> Yao Jiewen
>>>>>
>>>>>
>>>>>
>>>>> *From:*Duran, Leo [mailto:leo.duran@amd.com]
>>>>> *Sent:* Wednesday, February 8, 2017 9:00 AM
>>>>> *To:* Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com
>>> <mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com%0b>>
>>> <mailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com>>>;
>>> edk2-devel@ml01.01.org<mailto:edk2-devel@ml01.01.org
>>> <mailto:edk2-devel@ml01.01.org%3cmailto:edk2-devel@ml01.01.org>
>>>> <mailto:edk2-devel@ml01.01.org%3cmailto:edk2-devel@ml01.01.org>>
>>>>> *Cc:* Laszlo Ersek <lersek@redhat.com<mailto:lersek@redhat.com
>>> <mailto:lersek@redhat.com%3cmailto:lersek@redhat.com%0b>>
>>> <mailto:lersek@redhat.com%3cmailto:lersek@redhat.com>>>; Tian, Feng
>>>>> <feng.tian@intel.com<mailto:feng.tian@intel.com
>>> <mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com%0b>>
>>> <mailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com>>>; Singh,
>>> Brijesh <brijesh.singh@amd.com<mailto:brijesh.singh@amd.com
>>> <mailto:brijesh.singh@amd.com%3cmailto:brijesh.singh@amd.com%0b>>
>>> <mailto:brijesh.singh@amd.com%3cmailto:brijesh.singh@amd.com>>>; Yao,
>>>>> Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com
>>> <mailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com%0b>>
>>> <mailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com>>>
>>>>> *Subject:* RE: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>>>>> PcdPteMemoryEncryptionAddressOrMask
>>>>>
>>>>>
>>>>>
>>>>> Pease see reply below.
>>>>> Leo
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: Zeng, Star [mailto:star.zeng@intel.com]
>>>>>> Sent: Tuesday, February 07, 2017 8:27 PM
>>>>>> To: Duran, Leo <leo.duran@amd.com
>>>>>> <mailto:leo.duran@amd.com<mailto:leo.duran@amd.com
>>>>>> %3cmailto:leo.duran@amd.com
>>> <mailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%3cmailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%0b>> <mailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%3cmailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com>>>>;
>>> edk2-devel@ml01.01.org<mailto:edk2-devel@ml01.01.org
>>> <mailto:edk2-devel@ml01.01.org%3cmailto:edk2-devel@ml01.01.org>
>>>> <mailto:edk2-devel@ml01.01.org%3cmailto:edk2-devel@ml01.01.org>>
>>>>> <mailto:edk2-devel@ml01.01.org>
>>>>>> Cc: Laszlo Ersek <lersek@redhat.com
>>> <mailto:lersek@redhat.com%0b>> <mailto:lersek@redhat.com%0b
>>> <mailto:lersek@redhat.com%0b%0b>>
>>> <mailto:lersek@redhat.com%0b%3cmailto:lersek@redhat.com%0b>>>
>>> <mailto:lersek@redhat.com>>; Tian, Feng <feng.tian@intel.com
>>> <mailto:feng.tian@intel.com%0b>> <mailto:feng.tian@intel.com%0b
>>> <mailto:feng.tian@intel.com%0b%0b>>
>>> <mailto:feng.tian@intel.com%0b%3cmailto:feng.tian@intel.com%0b>>>
>>> <mailto:feng.tian@intel.com>>;
>>>>>> Singh, Brijesh <brijesh.singh@amd.com
>>> <mailto:brijesh.singh@amd.com%0b>> <mailto:brijesh.singh@amd.com%0b
>>> <mailto:brijesh.singh@amd.com%0b%0b>>
>>> <mailto:brijesh.singh@amd.com%0b%3cmailto:brijesh.singh@amd.com%0b>>>
>>> <mailto:brijesh.singh@amd.com>>; Zeng, Star <star.zeng@intel.com
>>> <mailto:star.zeng@intel.com%0b>> <mailto:star.zeng@intel.com%0b
>>> <mailto:star.zeng@intel.com%0b%0b>>
>>> <mailto:star.zeng@intel.com%0b%3cmailto:star.zeng@intel.com%0b>>>
>>> <mailto:star.zeng@intel.com>>;
>>>>>> Yao, Jiewen <jiewen.yao@intel.com
>>>>>> <mailto:jiewen.yao@intel.com<mailto:jiewen.yao@intel.com
>>>>>> %3cmailto:jiewen.yao@intel.com
>>> <mailto:jiewen.yao@intel.com
>>> %3cmailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com
>>> %3cmailto:jiewen.yao@intel.com%0b>> <mailto:jiewen.yao@intel.com
>>> %3cmailto:jiewen.yao@intel.com%3cmailto:jiewen.yao@intel.com
>>> %3cmailto:jiewen.yao@intel.com>>>>
>>>>>> Subject: RE: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>>>>>> PcdPteMemoryEncryptionAddressOrMask
>>>>>>
>>>>>> Does Create4GPageTablesIa32Pae() also need to be updated?
>>>>>>
>>>>>> Thanks,
>>>>>> Star
>>>>> [Duran, Leo]
>>>>> Hi Star,
>>>>> No, I do not think Create4GPageTablesIa32Pae() is in the execution path.
>>>>>
>>>>> The SEV feature requires 64-bit LongMode, so the
>>>>> PcdDxeIplSwitchtoLongMode *must* set to TRUE at build-time, in which case Create4GPageTablesIa32Pae() would *not* be called by HandOffToDxeCore().
>>>>>
>>>>>> -----Original Message-----
>>>>>> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On
>>>>>> Behalf Of Leo Duran
>>>>>> Sent: Wednesday, February 8, 2017 3:54 AM
>>>>>> To: edk2-devel@ml01.01.org<mailto:edk2-devel@ml01.01.org
>>> <mailto:edk2-devel@ml01.01.org%3cmailto:edk2-devel@ml01.01.org>
>>>> <mailto:edk2-devel@ml01.01.org%3cmailto:edk2-devel@ml01.01.org>>
>>>> <mailto:edk2-devel@ml01.01.org>
>>>>>> Cc: Laszlo Ersek <lersek@redhat.com
>>> <mailto:lersek@redhat.com%0b>> <mailto:lersek@redhat.com%0b
>>> <mailto:lersek@redhat.com%0b%0b>>
>>> <mailto:lersek@redhat.com%0b%3cmailto:lersek@redhat.com%0b>>>
>>> <mailto:lersek@redhat.com>>; Tian, Feng <feng.tian@intel.com
>>> <mailto:feng.tian@intel.com%0b>> <mailto:feng.tian@intel.com%0b
>>> <mailto:feng.tian@intel.com%0b%0b>>
>>> <mailto:feng.tian@intel.com%0b%3cmailto:feng.tian@intel.com%0b>>>
>>> <mailto:feng.tian@intel.com>>;
>>>>>> Brijesh Singh <brijesh.singh@amd.com
>>> <mailto:brijesh.singh@amd.com%0b>> <mailto:brijesh.singh@amd.com%0b
>>> <mailto:brijesh.singh@amd.com%0b%0b>>
>>> <mailto:brijesh.singh@amd.com%0b%3cmailto:brijesh.singh@amd.com%0b>>>
>>> <mailto:brijesh.singh@amd.com>>; Zeng, Star <star.zeng@intel.com
>>> <mailto:star.zeng@intel.com%0b>> <mailto:star.zeng@intel.com%0b
>>> <mailto:star.zeng@intel.com%0b%0b>>
>>> <mailto:star.zeng@intel.com%0b%3cmailto:star.zeng@intel.com%0b>>>
>>> <mailto:star.zeng@intel.com>>;
>>>>>> Leo Duran <leo.duran@amd.com
>>>>>> <mailto:leo.duran@amd.com<mailto:leo.duran@amd.com
>>>>>> %3cmailto:leo.duran@amd.com
>>> <mailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%3cmailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%0b>> <mailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%3cmailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com>>>>
>>>>>> Subject: [edk2] [PATCH] MdeModulePkg: Add dynamic PCD
>>>>>> PcdPteMemoryEncryptionAddressOrMask
>>>>>>
>>>>>> From: Brijesh Singh <brijesh.singh@amd.com
>>>>>> <mailto:brijesh.singh@amd.com<mailto:brijesh.singh@amd.com
>>>>>> %3cmailto:brijesh.singh@amd.com
>>> <mailto:brijesh.singh@amd.com
>>> %3cmailto:brijesh.singh@amd.com%3cmailto:brijesh.singh@amd.com
>>> %3cmailto:brijesh.singh@amd.com%0b>> <mailto:brijesh.singh@amd.com
>>> %3cmailto:brijesh.singh@amd.com%3cmailto:brijesh.singh@amd.com
>>> %3cmailto:brijesh.singh@amd.com>>>>
>>>>>>
>>>>>> This dynamic PCD holds the address mask for page table entries
>>>>>> when memory encryption is enabled on AMD processors supporting the
>>>>>> Secure Encrypted Virtualization (SEV) feature.
>>>>>>
>>>>>> Cc: Feng Tian <feng.tian@intel.com
>>>>>> <mailto:feng.tian@intel.com<mailto:feng.tian@intel.com
>>>>>> %3cmailto:feng.tian@intel.com
>>> <mailto:feng.tian@intel.com
>>> %3cmailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com
>>> %3cmailto:feng.tian@intel.com%0b>> <mailto:feng.tian@intel.com
>>> %3cmailto:feng.tian@intel.com%3cmailto:feng.tian@intel.com
>>> %3cmailto:feng.tian@intel.com>>>>
>>>>>> Cc: Star Zeng <star.zeng@intel.com
>>>>>> <mailto:star.zeng@intel.com<mailto:star.zeng@intel.com
>>>>>> %3cmailto:star.zeng@intel.com
>>> <mailto:star.zeng@intel.com
>>> %3cmailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com
>>> %3cmailto:star.zeng@intel.com%0b>> <mailto:star.zeng@intel.com
>>> %3cmailto:star.zeng@intel.com%3cmailto:star.zeng@intel.com
>>> %3cmailto:star.zeng@intel.com>>>>
>>>>>> Cc: Laszlo Ersek <lersek@redhat.com
>>>>>> <mailto:lersek@redhat.com<mailto:lersek@redhat.com
>>>>>> %3cmailto:lersek@redhat.com
>>> <mailto:lersek@redhat.com
>>> %3cmailto:lersek@redhat.com%3cmailto:lersek@redhat.com
>>> %3cmailto:lersek@redhat.com%0b>> <mailto:lersek@redhat.com
>>> %3cmailto:lersek@redhat.com%3cmailto:lersek@redhat.com
>>> %3cmailto:lersek@redhat.com>>>>
>>>>>> Contributed-under: TianoCore Contribution Agreement 1.0
>>>>>> Signed-off-by: Leo Duran <leo.duran@amd.com
>>>>>> <mailto:leo.duran@amd.com<mailto:leo.duran@amd.com
>>>>>> %3cmailto:leo.duran@amd.com
>>> <mailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%3cmailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%0b>> <mailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com%3cmailto:leo.duran@amd.com
>>> %3cmailto:leo.duran@amd.com>>>>
>>>>>> ---
>>>>>> MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf | 5 ++++-
>>>>>> MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 18
>>>>>> ++++++++++--
>>>>>> ------
>>>>>> MdeModulePkg/MdeModulePkg.dec | 8 ++++++++
>>>>>> 3 files changed, 22 insertions(+), 9 deletions(-)
>>>>>>
>>>>>> diff --git a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>>>>>> b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>>>>>> index 2bc41be..d62bd9b 100644
>>>>>> --- a/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>>>>>> +++ b/MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
>>>>>> @@ -6,6 +6,8 @@
>>>>>> # needed to run the DXE Foundation.
>>>>>> #
>>>>>> # Copyright (c) 2006 - 2016, Intel Corporation. All rights
>>>>>> reserved.<BR>
>>>>>> +# Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
>>>>>> +#
>>>>>> # This program and the accompanying materials # are licensed
>>>>>> and made available under the terms and conditions of the BSD
>>>>>> License # which accompanies this distribution. The full text of
>>>>>> the license may be found at @@ -111,7 +113,8 @@ [FeaturePcd]
>>>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdDxeIplSupportUefiDecompress
>>>>>> ## CONSUMES
>>>>>>
>>>>>> [Pcd.IA32,Pcd.X64]
>>>>>> - gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##
>>>>>> SOMETIMES_CONSUMES
>>>>>> + gEfiMdeModulePkgTokenSpaceGuid.PcdUse1GPageTable ##
>>>>>> SOMETIMES_CONSUMES
>>>>>> +
>>>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrM
>>>>>> ask ## CONSUMES
>>>>>>
>>>>>> [Pcd.IA32,Pcd.X64,Pcd.ARM,Pcd.AARCH64]
>>>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdSetNxForStack ##
>>>>>> SOMETIMES_CONSUMES
>>>>>> diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
>>>>>> b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
>>>>>> index 790f6ab..2c52389 100644
>>>>>> --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
>>>>>> +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c
>>>>>> @@ -16,6 +16,8 @@
>>>>>> 3) IA-32 Intel(R) Architecture Software Developer's Manual
>>>>>> Volume 3:System Programmer's Guide, Intel
>>>>>>
>>>>>> Copyright (c) 2006 - 2016, Intel Corporation. All rights
>>>>>> reserved.<BR>
>>>>>> +Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
>>>>>> +
>>>>>> This program and the accompanying materials are licensed and
>>>>>> made available under the terms and conditions of the BSD License
>>>>>> which accompanies this distribution. The full text of the license
>>>>>> may be found at @@ -71,14 +73,14 @@ Split2MPageTo4K (
>>>>>> //
>>>>>> // Fill in 2M page entry.
>>>>>> //
>>>>>> - *PageEntry2M = (UINT64) (UINTN) PageTableEntry | IA32_PG_P |
>>>>>> IA32_PG_RW;
>>>>>> + *PageEntry2M = (UINT64) (UINTN) PageTableEntry | PcdGet64
>>>>>> + (PcdPteMemoryEncryptionAddressOrMask) | IA32_PG_P | IA32_PG_RW;
>>>>>>
>>>>>> PhysicalAddress4K = PhysicalAddress;
>>>>>> for (IndexOfPageTableEntries = 0; IndexOfPageTableEntries <
>>>>>> 512;
>>>>>> IndexOfPageTableEntries++, PageTableEntry++, PhysicalAddress4K +=
>>>>>> SIZE_4KB) {
>>>>>> //
>>>>>> // Fill in the Page Table entries
>>>>>> //
>>>>>> - PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K;
>>>>>> + PageTableEntry->Uint64 = (UINT64) PhysicalAddress4K |
>>>>>> + PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
>>>>>> PageTableEntry->Bits.ReadWrite = 1;
>>>>>> PageTableEntry->Bits.Present = 1;
>>>>>> if ((PhysicalAddress4K >= StackBase) && (PhysicalAddress4K <
>>>>>> StackBase +
>>>>>> StackSize)) { @@ -116,7 +118,7 @@ Split1GPageTo2M (
>>>>>> //
>>>>>> // Fill in 1G page entry.
>>>>>> //
>>>>>> - *PageEntry1G = (UINT64) (UINTN) PageDirectoryEntry | IA32_PG_P
>>>>>> | IA32_PG_RW;
>>>>>> + *PageEntry1G = (UINT64) (UINTN) PageDirectoryEntry | PcdGet64
>>>>>> + (PcdPteMemoryEncryptionAddressOrMask) | IA32_PG_P | IA32_PG_RW;
>>>>>>
>>>>>> PhysicalAddress2M = PhysicalAddress;
>>>>>> for (IndexOfPageDirectoryEntries = 0;
>>>>>> IndexOfPageDirectoryEntries < 512;
>>>>>> IndexOfPageDirectoryEntries++, PageDirectoryEntry++,
>>>>>> IndexOfPageDirectoryEntries++PhysicalAddress2M
>>>>>> += SIZE_2MB) { @@ -129,7 +131,7 @@ Split1GPageTo2M (
>>>>>> //
>>>>>> // Fill in the Page Directory entries
>>>>>> //
>>>>>> - PageDirectoryEntry->Uint64 = (UINT64) PhysicalAddress2M;
>>>>>> + PageDirectoryEntry->Uint64 = (UINT64) PhysicalAddress2M |
>>>>>> + PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
>>>>>> PageDirectoryEntry->Bits.ReadWrite = 1;
>>>>>> PageDirectoryEntry->Bits.Present = 1;
>>>>>> PageDirectoryEntry->Bits.MustBe1 = 1; @@ -248,7 +250,7 @@
>>>>>> CreateIdentityMappingPageTables (
>>>>>> //
>>>>>> // Make a PML4 Entry
>>>>>> //
>>>>>> - PageMapLevel4Entry->Uint64 =
>>>>>> (UINT64)(UINTN)PageDirectoryPointerEntry;
>>>>>> + PageMapLevel4Entry->Uint64 =
>>>>>> + (UINT64)(UINTN)PageDirectoryPointerEntry | PcdGet64
>>>>>> + (PcdPteMemoryEncryptionAddressOrMask);
>>>>>> PageMapLevel4Entry->Bits.ReadWrite = 1;
>>>>>> PageMapLevel4Entry->Bits.Present = 1;
>>>>>>
>>>>>> @@ -262,7 +264,7 @@ CreateIdentityMappingPageTables (
>>>>>> //
>>>>>> // Fill in the Page Directory entries
>>>>>> //
>>>>>> - PageDirectory1GEntry->Uint64 = (UINT64)PageAddress;
>>>>>> + PageDirectory1GEntry->Uint64 = (UINT64)PageAddress |
>>>>>> + PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
>>>>>> PageDirectory1GEntry->Bits.ReadWrite = 1;
>>>>>> PageDirectory1GEntry->Bits.Present = 1;
>>>>>> PageDirectory1GEntry->Bits.MustBe1 = 1; @@ -280,7
>>>>>> +282,7 @@ CreateIdentityMappingPageTables (
>>>>>> //
>>>>>> // Fill in a Page Directory Pointer Entries
>>>>>> //
>>>>>> - PageDirectoryPointerEntry->Uint64 =
>>>>>> (UINT64)(UINTN)PageDirectoryEntry;
>>>>>> + PageDirectoryPointerEntry->Uint64 =
>>>>>> + (UINT64)(UINTN)PageDirectoryEntry | PcdGet64
>>>>>> + (PcdPteMemoryEncryptionAddressOrMask);
>>>>>> PageDirectoryPointerEntry->Bits.ReadWrite = 1;
>>>>>> PageDirectoryPointerEntry->Bits.Present = 1;
>>>>>>
>>>>>> @@ -294,7 +296,7 @@ CreateIdentityMappingPageTables (
>>>>>> //
>>>>>> // Fill in the Page Directory entries
>>>>>> //
>>>>>> - PageDirectoryEntry->Uint64 = (UINT64)PageAddress;
>>>>>> + PageDirectoryEntry->Uint64 = (UINT64)PageAddress |
>>>>>> + PcdGet64 (PcdPteMemoryEncryptionAddressOrMask);
>>>>>> PageDirectoryEntry->Bits.ReadWrite = 1;
>>>>>> PageDirectoryEntry->Bits.Present = 1;
>>>>>> PageDirectoryEntry->Bits.MustBe1 = 1; diff --git
>>>>>> a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
>>>>>> index 273cd7e..207384f 100644
>>>>>> --- a/MdeModulePkg/MdeModulePkg.dec
>>>>>> +++ b/MdeModulePkg/MdeModulePkg.dec
>>>>>> @@ -6,6 +6,8 @@
>>>>>> # Copyright (c) 2007 - 2017, Intel Corporation. All rights
>>>>>> reserved.<BR> # Copyright (c) 2016, Linaro Ltd. All rights
>>>>>> reserved.<BR> # (C) Copyright 2016 Hewlett Packard Enterprise
>>>>>> Development LP<BR>
>>>>>> +# Copyright (c) 2017, AMD Incorporated. All rights reserved.<BR>
>>>>>> +#
>>>>>> # This program and the accompanying materials are licensed and
>>>>>> made available under # the terms and conditions of the BSD
>>>>>> License that accompanies this distribution.
>>>>>> # The full text of the license may be found at @@ -1738,5
>>>>>> +1740,11 @@ [PcdsDynamic, PcdsDynamicEx]
>>>>>> # @Prompt If there is any test key used by the platform.
>>>>>>
>>>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed|FALSE|BOOLEAN|0x0
>>>>>> 0030003
>>>>>>
>>>>>> + ## This dynamic PCD holds the address mask for page table
>>>>>> + entries when memory encryption is # enabled on AMD processors
>>>>>> + supporting the
>>>>>> Secure Encrypted Virtualization (SEV) feature.
>>>>>> + # This mask should be applied when creating 1:1 virtual to
>>>>>> + physical
>>>>>> mapping tables.
>>>>>> + #
>>>>>> +
>>>>>> +
>>>>>> gEfiMdeModulePkgTokenSpaceGuid.PcdPteMemoryEncryptionAddressOrM
>>>>>> ask|0x0
>>>>>> + |UINT64|0x00030004
>>>>>> +
>>>>>> [UserExtensions.TianoCore."ExtraFiles"]
>>>>>> MdeModulePkgExtra.uni
>>>>>> --
>>>>>> 1.9.1
>>>>>>
>>>>>> _______________________________________________
>>>>>> edk2-devel mailing list
>>>>>> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org
>>> <mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>
>>>> <mailto:edk2-devel@lists.01.org%3cmailto:edk2-devel@lists.01.org>>
>>>> <mailto:edk2-devel@lists.01.org>
>>>>>> https://lists.01.org/mailman/listinfo/edk2-devel
>>>>>
>>>> _______________________________________________
>>>> edk2-devel mailing list
>>>> edk2-devel@lists.01.org
>>> <mailto:edk2-devel@lists.01.org> <mailto:edk2-devel@lists.01.org>
>>>> https://lists.01.org/mailman/listinfo/edk2-devel
>>>>
>>>
>>
>
next prev parent reply other threads:[~2017-02-09 9:46 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-07 19:53 [PATCH] MdeModulePkg: Add dynamic PCD Leo Duran
2017-02-07 19:53 ` [PATCH] MdeModulePkg: Add dynamic PCD PcdPteMemoryEncryptionAddressOrMask Leo Duran
2017-02-08 2:27 ` Zeng, Star
2017-02-08 16:59 ` Duran, Leo
2017-02-08 17:05 ` Yao, Jiewen
2017-02-08 17:10 ` Laszlo Ersek
2017-02-08 17:17 ` Yao, Jiewen
2017-02-08 17:27 ` Yao, Jiewen
2017-02-08 17:51 ` Laszlo Ersek
2017-02-08 18:20 ` Yao, Jiewen
2017-02-08 19:47 ` Laszlo Ersek
2017-02-09 5:12 ` Zeng, Star
2017-02-09 5:22 ` Yao, Jiewen
2017-02-09 5:56 ` Zeng, Star
2017-02-09 9:10 ` Laszlo Ersek
2017-02-09 9:18 ` Zeng, Star
2017-02-09 5:26 ` Zeng, Star
2017-02-09 9:13 ` Laszlo Ersek
2017-02-09 9:17 ` Zeng, Star
2017-02-09 9:46 ` Laszlo Ersek [this message]
2017-02-08 17:55 ` Duran, Leo
2017-02-08 17:28 ` Duran, Leo
2017-02-08 17:56 ` Laszlo Ersek
2017-02-08 18:13 ` Yao, Jiewen
2017-02-08 18:36 ` Laszlo Ersek
2017-02-08 17:52 ` Duran, Leo
2017-02-08 8:38 ` Laszlo Ersek
2017-02-08 15:12 ` Duran, Leo
2017-02-08 15:19 ` Gao, Liming
2017-02-08 17:11 ` Duran, Leo
2017-02-08 17:29 ` Yao, Jiewen
2017-02-08 18:30 ` Duran, Leo
2017-02-08 18:33 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3e157c02-979e-c6dd-3f8e-fed8906dbeb9@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox