From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web12.14570.1598970785692491445 for ; Tue, 01 Sep 2020 07:33:05 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=EbS7Wzl4; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: ray.ni@intel.com) IronPort-SDR: vc1PnicQdFyc9qRLdvZpP8qKEe7AfBeKfcp/KZKaqnhP+55NatTOoXgH+YrHXHyKK6AhqC7nt/ Sdmi4/nOQKpg== X-IronPort-AV: E=McAfee;i="6000,8403,9730"; a="218728149" X-IronPort-AV: E=Sophos;i="5.76,379,1592895600"; d="scan'208";a="218728149" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Sep 2020 07:33:03 -0700 IronPort-SDR: 1yLS2/Yj/y/dc+4kUgxpj7cbt+fyioANNlBF7MuINbQhFJkuLPMwYZPQhye8hQOHGm6z19vyh5 smUe4aYvn8ug== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.76,379,1592895600"; d="scan'208";a="375172675" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orsmga001.jf.intel.com with ESMTP; 01 Sep 2020 07:33:03 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 1 Sep 2020 07:31:45 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 1 Sep 2020 07:31:45 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Tue, 1 Sep 2020 07:31:42 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PwyzuOJmlfad1lArZiTAWD+/CtvQfMNcLKJXNTrMQMAyVKjYsfhvVE5tUt336L5emcRsbWYvnsjVKvfyAmmHoaucw96ntjZCvBD+uCM0DKYu+jBenID0hdgCibdCpXTYlhzmVQOZifYFCXf8FI3bF2mD6YB16afoKvwHtMfHkd8ccxqwTzS4bUzSBl6yiTfYFIhigQ9W+oBbKgf8Zm8itCudhoN0WNGzW/mxCMLnniRCy968tmldfIy5x863he/cTRkl4Se+txFPgPqMQTpkjAl36ZthDFpU8CCetB/M5Ktd5mYa6KbUG9vabqq4CMzHdsekpfEsxO7KpekndLWthQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GbKA0QrrpEROZAyub4eSYgRq8jOQ79+An526ATlvSEs=; b=f/XMik7zqXL2FoIrSLbzCuFb6pbkzKo9fbEoYBacSsPECw4HNtBcc/ypOW4GXduU7ZHEKHVtUx4PC64EVFAZV7LgtDDbdi4VN/hXNBZ8SWBDJW19U76MXESk0JdtvUahmGV4MqedSeczHKuyggZA+XtNARbX9mjuebwbHLWdokSnSSK8pjAfspJU5Q7QVAFFhh17eoESi1YM9Hk4bGlZQyOzNHGXppUm1c6PhIh6feltpaMx+pozG3jmkODXDFtER/ZWRCrT0DseBeI7CRe+aVF8LPhN/+kNoJ2Z6MfXik4T1cbykkBWtdwg7L9UJV8RA0K4Ze7Iz/1Mn1sZqLrLPw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GbKA0QrrpEROZAyub4eSYgRq8jOQ79+An526ATlvSEs=; b=EbS7Wzl46WN7VfnrAI4EUUpfoPNeWWoGqBs1ev6gR6oECS06xCpprqBx9FE2l8R+wkbpIxufznJTeZS0X60xVsKRPxT/DmPVgefnGCq+91T+DUAWNaGErMrBMYjoqvJcKrt5erg7mcdUrSLlWToEtIe3ITXkfpVKboX6q2gQm2o= Received: from BY5PR11MB4007.namprd11.prod.outlook.com (2603:10b6:a03:189::28) by BY5PR11MB4323.namprd11.prod.outlook.com (2603:10b6:a03:1c2::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3348.15; Tue, 1 Sep 2020 14:31:41 +0000 Received: from BY5PR11MB4007.namprd11.prod.outlook.com ([fe80::889e:ec52:bb02:db78]) by BY5PR11MB4007.namprd11.prod.outlook.com ([fe80::889e:ec52:bb02:db78%3]) with mapi id 15.20.3326.025; Tue, 1 Sep 2020 14:31:41 +0000 From: "Ni, Ray" To: "Sheng, W" , "devel@edk2.groups.io" CC: "Chaganty, Rangasai V" Subject: Re: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct Thread-Topic: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct Thread-Index: AQHWf2F5RRtf1lPISE+81zhIAtseW6lT2iCw Date: Tue, 1 Sep 2020 14:31:36 +0000 Deferred-Delivery: Tue, 1 Sep 2020 14:31:00 +0000 Message-ID: References: <20200831063804.8208-1-w.sheng@intel.com> <20200831063804.8208-3-w.sheng@intel.com> In-Reply-To: <20200831063804.8208-3-w.sheng@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-reaction: no-action dlp-product: dlpe-windows authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [180.171.153.78] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 099b434c-b244-42c1-a9ba-08d84e83be48 x-ms-traffictypediagnostic: BY5PR11MB4323: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8882; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: vZSAyDRB1G79VhiyGDH/S6wIEIffRIznO5YZ8dEa+xUjg8Ehx0aWsjmmctI23MIX7sy4R02JPebBCQRIusWvE9MNZRf6soK/uM440AhNQv/YTod7u9DhnI/kcEUOQGZgHZwCylejNUzy1KNg/OzdaIVxXV5tJwHintRwrsQ/1mwrqAqAMmUXqlK18Sdv/sc7S2jAT992W7JcxnCXjAzoE+hlCez7o14vxCMjt/xmA9MveY7SvlNZQXP2wGfm7VJXfIDw50DTlE9TWHeIGXvzn09Q+ENKtOQYizV03SXHtDaLE3rKktdAYYBj6QaXqzp4DVOqPY6l4eK/gbkI5xbT7w5NMZBwWR7OtYxNp2uEmNl2xfNhcJ4RKEoiCN6D1OPdDIUySYbKiDQsupud6zASiw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR11MB4007.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(39860400002)(346002)(376002)(136003)(366004)(396003)(9686003)(7696005)(53546011)(966005)(6506007)(8936002)(33656002)(55016002)(316002)(110136005)(478600001)(86362001)(2906002)(5660300002)(8676002)(52536014)(66556008)(66946007)(64756008)(107886003)(66446008)(6666004)(66476007)(83380400001)(76116006)(26005)(4326008)(186003)(71200400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: eZhkR+zMokcZEzcu4GRFW74zHeu61ZKiodfN9pxeTif50zFbgJBKf+tj9ZA4PhuXKK3jt/Q3HCV9w04UfPQuPrISLd3EMJsDmyHG+iYaSeH788DFUVIxd5HMJu8yjjzHIrvoEjgr4sYBT31ZrXcrmwRYb1re1A1F3JPNt1ULlaatWPiR8HmOqOFMUdXPtPMoN3qQeL6Jm9rUPpuoXJTUxc99vCyPwZGZSzaXHVC36iIN6BbdVf1QtBGjT/mEN5c9pGupE+KUjIcmxAWHKTwO5L6gnRMjfKovbgcQftLAqhtPYQYyWXys1MA0vOvpy5aNncgQWk0JtfSKPLyzU6DpIZYcT4ow55xli/koHoL85c9Qr5PxPPCMo4+KKk1BWGqSKwmADPT1ENlScHSssY7gq7n6/k+rErPQy3WDvoW6rpzKeNS0s3d0I+P3wAfAwpuIXNEHE0RDO6RXIOC/QKFmyF8m7ThyNO9mqPiwxScRrrg6yDoxKFC83E0S/WnLYqPw1cD5lsx1KUVXixa5RBW1p5TKBj/C2a7mr/M3waBO83DmqpItb7AR0M35qG4BjVyt9rp34HEjP19OjiWetiuxZapsCfgsBN36OIu1CyHxU7Y/4B73i7fQyFTzSIDQm41rzZkMXoM5UOwAkWakKlQ8gg== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4007.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 099b434c-b244-42c1-a9ba-08d84e83be48 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Sep 2020 14:31:41.1931 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: UNMwKAJpRBgLGlHtAC30rRnexTWI5fyV3fdOZX4LIf3s+BRAi5eMo9AGechU0gPN/8KWaF2xwe/4SBoUA87cnw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4323 Return-Path: ray.ni@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ray Ni > -----Original Message----- > From: Sheng, W > Sent: Monday, August 31, 2020 2:38 PM > To: devel@edk2.groups.io > Cc: Ni, Ray ; Chaganty, Rangasai V > Subject: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling = setting confilct >=20 > PMR enabling set by pre-boot DMA protection is cleared by RC > when boot guard is enabled. Pre-boot DMA protection should only > reset VT-d BAR when it is 0 and reset PMR region when it is > not programmed to protect all memory address. >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2867 >=20 > Change-Id: Ic5370f474a43a94903871782ace5cce186b4ddc0 > Cc: Ray Ni > Cc: Rangasai V Chaganty > Signed-off-by: Sheng Wei > --- > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c | 14 +++++++ > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h | 15 +++++++ > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf | 1 + > .../Feature/VTd/IntelVTdPmrPei/VtdReg.c | 47 ++++++++++++++++= ++++++ > 4 files changed, 77 insertions(+) >=20 > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Int= elVTdPmrPei.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei= .c > index ea944aa4..31a14f28 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPm= rPei.c > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPm= rPei.c > @@ -745,7 +745,21 @@ VTdInfoNotify ( > // Protect all system memory > // > InitVTdInfo (); > + > + Hob =3D GetFirstGuidHob (&mVTdInfoGuid); > + VTdInfo =3D GET_GUID_HOB_DATA(Hob); > + > + // > + // NOTE: We need check if PMR is enabled or not. > + // > + EnabledEngineMask =3D GetDmaProtectionEnabledEngineMask (VTdInfo, VT= dInfo->EngineMask); > + if (EnabledEngineMask !=3D 0) { > + Status =3D PreMemoryEnableVTdTranslationProtection (VTdInfo, Enabl= edEngineMask); > + } > InitVTdPmrForAll (); > + if (((EnabledEngineMask !=3D 0) && (!EFI_ERROR (Status)))) { > + DisableVTdTranslationProtection (VTdInfo, EnabledEngineMask); > + } >=20 > // > // Install PPI. > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Int= elVTdPmrPei.h > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei= .h > index 58e6afad..ffed2c5b 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPm= rPei.h > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPm= rPei.h > @@ -97,6 +97,21 @@ GetHighMemoryAlignment ( > IN UINT64 EngineMask > ); >=20 > +/** > + Enable VTd translation table protection in pre-memory phase. > + > + @param VTdInfo The VTd engine context information. > + @param EngineMask The mask of the VTd engine to be accessed. > + > + @retval EFI_SUCCESS DMAR translation protection is enabled. > + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. > +**/ > +EFI_STATUS > +PreMemoryEnableVTdTranslationProtection ( > + IN VTD_INFO *VTdInfo, > + IN UINT64 EngineMask > + ); > + > /** > Enable VTd translation table protection. >=20 > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Int= elVTdPmrPei.inf > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei= .inf > index 3eb2b510..1e613ddd 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPm= rPei.inf > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPm= rPei.inf > @@ -48,6 +48,7 @@ > gEdkiiVTdInfoPpiGuid ## CONSUMES > gEfiPeiMemoryDiscoveredPpiGuid ## CONSUMES > gEfiEndOfPeiSignalPpiGuid ## CONSUMES > + gEdkiiVTdNullRootEntryTableGuid ## PRODUCES >=20 > [Pcd] > gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask ## CONSUMES > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Vtd= Reg.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > index c9669426..2e252fe5 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > @@ -13,8 +13,10 @@ > #include > #include > #include > +#include > #include > #include > +#include >=20 > #include "IntelVTdPmrPei.h" >=20 > @@ -246,6 +248,51 @@ DisableDmar ( > return EFI_SUCCESS; > } >=20 > +/** > + Enable VTd translation table protection in pre-memory phase. > + > + @param VTdInfo The VTd engine context information. > + @param EngineMask The mask of the VTd engine to be accessed. > + > + @retval EFI_SUCCESS DMAR translation protection is enabled. > + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. > +**/ > +EFI_STATUS > +PreMemoryEnableVTdTranslationProtection ( > + IN VTD_INFO *VTdInfo, > + IN UINT64 EngineMask > + ) > +{ > + EFI_STATUS Status; > + UINTN Index; > + EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI *RootEntryTable; > + > + DEBUG ((DEBUG_INFO, "PreMemoryEnableVTdTranslationProtection - 0x%lx\n= ", EngineMask)); > + > + Status =3D PeiServicesLocatePpi ( > + &gEdkiiVTdNullRootEntryTableGuid, > + 0, > + NULL, > + (VOID **)&RootEntryTable > + ); > + > + if (EFI_ERROR(Status)) { > + DEBUG((DEBUG_ERROR, "Locate NullRootEntryTable Ppi : %r\n", Status))= ; > + return EFI_UNSUPPORTED; > + } > + > + DEBUG ((DEBUG_INFO, "NullRootEntryTable - 0x%lx\n", *RootEntryTable)); > + > + for (Index =3D 0; Index < VTdInfo->VTdEngineCount; Index++) { > + if ((EngineMask & LShiftU64(1, Index)) =3D=3D 0) { > + continue; > + } > + EnableDmar ((UINTN)VTdInfo->VTdEngineAddress[Index], (UINTN)*RootEnt= ryTable); > + } > + > + return EFI_SUCCESS; > +} > + > /** > Enable VTd translation table protection. >=20 > -- > 2.16.2.windows.1