Got it! Thanks for your reply. But you should still poll the B_GSTS_REG_TE bit, not the B_GSTS_REG_RTPS bit, in the judgement code of while() loop. After & operation between Reg32 and B_GSTS_REG_RTPS, the status of B_GSTS_REG_TE will be lost. A more tedious but more reliable operation sequence is recommended in Vt-d specification 2.4 below: to update a bit field in this register at offset X with value of Y, software must follow below steps: 1. Tmp = Read GSTS_REG 2. Status = (Tmp & 96FFFFFFh) // Reset the one-shot bits 3. Command = (Status | (Y << X)) 4. Write Command to GCMD_REG 5. Wait until GSTS_REG[X] indicates command is serviced. 发件人: Zeng, Star [mailto:star.zeng@intel.com] 发送时间: 2019年5月13日 18:54 收件人: Jerry Zhou(BJ-RD); edk2-devel@lists.01.org 抄送: Yao, Jiewen; Ni, Ray; Zeng, Star 主题: RE: [edk2] [PATCH] IntelSiliconPkg VTdDxe: a question about the source code Good question, my understanding is setting B_GMCD_REG_SRTP(BIT30) ONLY also means clearing B_GMCD_REG_TE (BIT31). Thanks, Star From: Jerry Zhou(BJ-RD) [mailto:JerryZhou@zhaoxin.com] Sent: Monday, May 13, 2019 10:59 AM To: Zeng, Star ; edk2-devel@lists.01.org Cc: Yao, Jiewen ; Ni, Ray Subject: 答复: [edk2] [PATCH] IntelSiliconPkg VTdDxe: a question about the source code Hi Star, I'am so interested in DMA protection in UEFI. It's a really good design! But I have a question about the implemention of DisableDmar() in IntelSiliconPkg\feature\vtd\intelvtddxe\VtdReg.c Is it a typing error in the code segment below? // // Disable VTd // MmioWrite32 (mVtdUnitInformation[Index].VtdUnitBaseAddress + R_GCMD_REG, B_GMCD_REG_SRTP); do { Reg32 = MmioRead32 (mVtdUnitInformation[Index].VtdUnitBaseAddress + R_GSTS_REG); } while((Reg32 & B_GSTS_REG_RTPS) == 0); The software should program the B_GMCD_REG_TE field in global command register and then poll the B_GSTS_REG_TE field in global status register if the DMAR is expected to be disabled or enabled according to Vt-d specification. Thanks Jerry Zhou Ext:892418 -----邮件原件----- 发件人: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] 代表 Star Zeng 发送时间: 2018年10月24日 11:32 收件人: edk2-devel@lists.01.org 抄送: Jiewen Yao; Star Zeng 主题: [edk2] [PATCH] IntelSiliconPkg VTdDxe: Option to force no early access attr request REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1272 To have high confidence in usage for platform, add option (BIT2 of PcdVTdPolicyPropertyMask) to force no IOMMU access attribute request recording before DMAR table is installed. Check PcdVTdPolicyPropertyMask BIT2 before RequestAccessAttribute() and ProcessRequestedAccessAttribute(), then RequestAccessAttribute(), ProcessRequestedAccessAttribute() and mAccessRequestXXX variables could be optimized by compiler when PcdVTdPolicyPropertyMask BIT2 = 1. Test done: 1: Created case that has IOMMU access attribute request before DMAR table is installed, ASSERT was triggered after setting PcdVTdPolicyPropertyMask BIT2 to 1. 2. Confirmed RequestAccessAttribute(), ProcessRequestedAccessAttribute() and mAccessRequestXXX variables were optimized by compiler after setting PcdVTdPolicyPropertyMask BIT2 to 1. Cc: Jiewen Yao > Cc: Rangasai V Chaganty > Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng > --- IntelSiliconPkg/Feature/VTd/IntelVTdDxe/DmaProtection.c | 8 +++++++- IntelSiliconPkg/Feature/VTd/IntelVTdDxe/IntelVTdDxe.c | 7 +++++++ IntelSiliconPkg/IntelSiliconPkg.dec | 1 + 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/DmaProtection.c b/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/DmaProtection.c index 86d50eb6f288..7784545631b3 100644 --- a/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/DmaProtection.c +++ b/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/DmaProtection.c @@ -515,7 +515,13 @@ SetupVtd ( ParseDmarAcpiTableRmrr (); - ProcessRequestedAccessAttribute (); + if ((PcdGet8 (PcdVTdPolicyPropertyMask) & BIT2) == 0) { + // + // Support IOMMU access attribute request recording before DMAR table is installed. + // Here is to process the requests. + // + ProcessRequestedAccessAttribute (); + } for (Index = 0; Index < mVtdUnitNumber; Index++) { DEBUG ((DEBUG_INFO,"VTD Unit %d (Segment: %04x)\n", Index, mVtdUnitInformation[Index].Segment)); diff --git a/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/IntelVTdDxe.c b/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/IntelVTdDxe.c index 25d7c80af1d4..09948ce50e94 100644 --- a/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/IntelVTdDxe.c +++ b/IntelSiliconPkg/Feature/VTd/IntelVTdDxe/IntelVTdDxe.c @@ -254,6 +254,13 @@ VTdSetAttribute ( // Record the entry to driver global variable. // As such once VTd is activated, the setting can be adopted. // + if ((PcdGet8 (PcdVTdPolicyPropertyMask) & BIT2) != 0) { + // + // Force no IOMMU access attribute request recording before DMAR table is installed. + // + ASSERT_EFI_ERROR (EFI_NOT_READY); + return EFI_NOT_READY; + } Status = RequestAccessAttribute (Segment, SourceId, DeviceAddress, Length, IoMmuAccess); } else { PERF_CODE ( diff --git a/IntelSiliconPkg/IntelSiliconPkg.dec b/IntelSiliconPkg/IntelSiliconPkg.dec index b9646d773b95..900e8f63c64d 100644 --- a/IntelSiliconPkg/IntelSiliconPkg.dec +++ b/IntelSiliconPkg/IntelSiliconPkg.dec @@ -64,6 +64,7 @@ [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## The mask is used to control VTd behavior.

# BIT0: Enable IOMMU during boot (If DMAR table is installed in DXE. If VTD_INFO_PPI is installed in PEI.) # BIT1: Enable IOMMU when transfer control to OS (ExitBootService in normal boot. EndOfPEI in S3) + # BIT2: Force no IOMMU access attribute request recording before DMAR table is installed. # @Prompt The policy for VTd driver behavior. gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask|1|UINT8|0x00000002 -- 2.7.0.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel 保密声明: 本邮件含有保密或专有信息,仅供指定收件人使用。严禁对本邮件或其内容做任何未经授权的查阅、使用、复制或转发。 CONFIDENTIAL NOTE: This email contains confidential or legally privileged information and is for the sole use of its intended recipient. Any unauthorized review, use, copying or forwarding of this email or the content of this email is strictly prohibited. 保密声明: 本邮件含有保密或专有信息,仅供指定收件人使用。严禁对本邮件或其内容做任何未经授权的查阅、使用、复制或转发。 CONFIDENTIAL NOTE: This email contains confidential or legally privileged information and is for the sole use of its intended recipient. Any unauthorized review, use, copying or forwarding of this email or the content of this email is strictly prohibited.