* Re: [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI [not found] ` <20200831063804.8208-2-w.sheng@intel.com> @ 2020-09-01 14:30 ` Ni, Ray 2020-09-04 7:46 ` Chaganty, Rangasai V 1 sibling, 0 replies; 6+ messages in thread From: Ni, Ray @ 2020-09-01 14:30 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io; +Cc: Chaganty, Rangasai V Reviewed-by: Ray Ni <ray.ni@intel.com> > -----Original Message----- > From: Sheng, W <w.sheng@intel.com> > Sent: Monday, August 31, 2020 2:38 PM > To: devel@edk2.groups.io > Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> > Subject: [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI > > Null root entry table address is a fixed silicon reserved address, > which is used to block the DMA transfer. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 > > Change-Id: I3aa2b2e7a11e0327857c6ed9bc92cd209d3ade9d > Cc: Ray Ni <ray.ni@intel.com> > Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com> > Signed-off-by: Sheng Wei <w.sheng@intel.com> > --- > .../Include/Ppi/VtdNullRootEntryTable.h | 28 ++++++++++++++++++++++ > Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec | 1 + > 2 files changed, 29 insertions(+) > create mode 100644 Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h > > diff --git a/Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h > b/Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h > new file mode 100644 > index 00000000..d79b5fd9 > --- /dev/null > +++ b/Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h > @@ -0,0 +1,28 @@ > +/** @file > + The definition for VTD Null Root Entry Table PPI. > + > + This is a lightweight VTd null root entry table report in PEI phase. > + > + Copyright (c) 2020, Intel Corporation. All rights reserved.<BR> > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef __VTD_NULL_ROOT_ENTRY_TABLE_PPI_H__ > +#define __VTD_NULL_ROOT_ENTRY_TABLE_PPI_H__ > + > +#define EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI_GUID \ > + { \ > + 0x3de0593f, 0x6e3e, 0x4542, { 0xa1, 0xcb, 0xcb, 0xb2, 0xdb, 0xeb, 0xd8, 0xff } \ > + } > + > +// > +// Null root entry table address is a fixed silicon reserved address, > +// which is used to block the DMA transfer. > +// > +typedef UINT64 EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI; > + > +extern EFI_GUID gEdkiiVTdNullRootEntryTableGuid; > + > +#endif > + > diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec > index e4a7fec3..284820af 100644 > --- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec > +++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec > @@ -68,6 +68,7 @@ > > [Ppis] > gEdkiiVTdInfoPpiGuid = { 0x8a59fcb3, 0xf191, 0x400c, { 0x97, 0x67, 0x67, 0xaf, 0x2b, 0x25, 0x68, 0x4a } } > + gEdkiiVTdNullRootEntryTableGuid = { 0x3de0593f, 0x6e3e, 0x4542, { 0xa1, 0xcb, 0xcb, 0xb2, 0xdb, 0xeb, 0xd8, 0xff } } > > [Protocols] > gEdkiiPlatformVTdPolicyProtocolGuid = { 0x3d17e448, 0x466, 0x4e20, { 0x99, 0x9f, 0xb2, 0xe1, 0x34, 0x88, 0xee, 0x22 }} > -- > 2.16.2.windows.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI [not found] ` <20200831063804.8208-2-w.sheng@intel.com> 2020-09-01 14:30 ` [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI Ni, Ray @ 2020-09-04 7:46 ` Chaganty, Rangasai V 1 sibling, 0 replies; 6+ messages in thread From: Chaganty, Rangasai V @ 2020-09-04 7:46 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io; +Cc: Ni, Ray Reviewed-by: Sai Chaganty <rangasai.v.chaganty@intel.com> -----Original Message----- From: Sheng, W <w.sheng@intel.com> Sent: Sunday, August 30, 2020 11:38 PM To: devel@edk2.groups.io Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> Subject: [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI Null root entry table address is a fixed silicon reserved address, which is used to block the DMA transfer. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 Change-Id: I3aa2b2e7a11e0327857c6ed9bc92cd209d3ade9d Cc: Ray Ni <ray.ni@intel.com> Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com> Signed-off-by: Sheng Wei <w.sheng@intel.com> --- .../Include/Ppi/VtdNullRootEntryTable.h | 28 ++++++++++++++++++++++ Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec | 1 + 2 files changed, 29 insertions(+) create mode 100644 Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h diff --git a/Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h b/Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h new file mode 100644 index 00000000..d79b5fd9 --- /dev/null +++ b/Silicon/Intel/IntelSiliconPkg/Include/Ppi/VtdNullRootEntryTable.h @@ -0,0 +1,28 @@ +/** @file + The definition for VTD Null Root Entry Table PPI. + + This is a lightweight VTd null root entry table report in PEI phase. + + Copyright (c) 2020, Intel Corporation. All rights reserved.<BR> + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __VTD_NULL_ROOT_ENTRY_TABLE_PPI_H__ +#define __VTD_NULL_ROOT_ENTRY_TABLE_PPI_H__ + +#define EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI_GUID \ + { \ + 0x3de0593f, 0x6e3e, 0x4542, { 0xa1, 0xcb, 0xcb, 0xb2, 0xdb, 0xeb, 0xd8, 0xff } \ + } + +// +// Null root entry table address is a fixed silicon reserved address, +// which is used to block the DMA transfer. +// +typedef UINT64 EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI; + +extern EFI_GUID gEdkiiVTdNullRootEntryTableGuid; + +#endif + diff --git a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec index e4a7fec3..284820af 100644 --- a/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec +++ b/Silicon/Intel/IntelSiliconPkg/IntelSiliconPkg.dec @@ -68,6 +68,7 @@ [Ppis] gEdkiiVTdInfoPpiGuid = { 0x8a59fcb3, 0xf191, 0x400c, { 0x97, 0x67, 0x67, 0xaf, 0x2b, 0x25, 0x68, 0x4a } } + gEdkiiVTdNullRootEntryTableGuid = { 0x3de0593f, 0x6e3e, 0x4542, { + 0xa1, 0xcb, 0xcb, 0xb2, 0xdb, 0xeb, 0xd8, 0xff } } [Protocols] gEdkiiPlatformVTdPolicyProtocolGuid = { 0x3d17e448, 0x466, 0x4e20, { 0x99, 0x9f, 0xb2, 0xe1, 0x34, 0x88, 0xee, 0x22 }} -- 2.16.2.windows.1 ^ permalink raw reply related [flat|nested] 6+ messages in thread
[parent not found: <20200831063804.8208-3-w.sheng@intel.com>]
* Re: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct [not found] ` <20200831063804.8208-3-w.sheng@intel.com> @ 2020-09-01 14:31 ` Ni, Ray 2020-09-04 7:47 ` Chaganty, Rangasai V 1 sibling, 0 replies; 6+ messages in thread From: Ni, Ray @ 2020-09-01 14:31 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io; +Cc: Chaganty, Rangasai V Reviewed-by: Ray Ni <ray.ni@intel.com> > -----Original Message----- > From: Sheng, W <w.sheng@intel.com> > Sent: Monday, August 31, 2020 2:38 PM > To: devel@edk2.groups.io > Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> > Subject: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct > > PMR enabling set by pre-boot DMA protection is cleared by RC > when boot guard is enabled. Pre-boot DMA protection should only > reset VT-d BAR when it is 0 and reset PMR region when it is > not programmed to protect all memory address. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 > > Change-Id: Ic5370f474a43a94903871782ace5cce186b4ddc0 > Cc: Ray Ni <ray.ni@intel.com> > Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com> > Signed-off-by: Sheng Wei <w.sheng@intel.com> > --- > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c | 14 +++++++ > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h | 15 +++++++ > .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf | 1 + > .../Feature/VTd/IntelVTdPmrPei/VtdReg.c | 47 ++++++++++++++++++++++ > 4 files changed, 77 insertions(+) > > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > index ea944aa4..31a14f28 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c > @@ -745,7 +745,21 @@ VTdInfoNotify ( > // Protect all system memory > // > InitVTdInfo (); > + > + Hob = GetFirstGuidHob (&mVTdInfoGuid); > + VTdInfo = GET_GUID_HOB_DATA(Hob); > + > + // > + // NOTE: We need check if PMR is enabled or not. > + // > + EnabledEngineMask = GetDmaProtectionEnabledEngineMask (VTdInfo, VTdInfo->EngineMask); > + if (EnabledEngineMask != 0) { > + Status = PreMemoryEnableVTdTranslationProtection (VTdInfo, EnabledEngineMask); > + } > InitVTdPmrForAll (); > + if (((EnabledEngineMask != 0) && (!EFI_ERROR (Status)))) { > + DisableVTdTranslationProtection (VTdInfo, EnabledEngineMask); > + } > > // > // Install PPI. > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > index 58e6afad..ffed2c5b 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h > @@ -97,6 +97,21 @@ GetHighMemoryAlignment ( > IN UINT64 EngineMask > ); > > +/** > + Enable VTd translation table protection in pre-memory phase. > + > + @param VTdInfo The VTd engine context information. > + @param EngineMask The mask of the VTd engine to be accessed. > + > + @retval EFI_SUCCESS DMAR translation protection is enabled. > + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. > +**/ > +EFI_STATUS > +PreMemoryEnableVTdTranslationProtection ( > + IN VTD_INFO *VTdInfo, > + IN UINT64 EngineMask > + ); > + > /** > Enable VTd translation table protection. > > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > index 3eb2b510..1e613ddd 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf > @@ -48,6 +48,7 @@ > gEdkiiVTdInfoPpiGuid ## CONSUMES > gEfiPeiMemoryDiscoveredPpiGuid ## CONSUMES > gEfiEndOfPeiSignalPpiGuid ## CONSUMES > + gEdkiiVTdNullRootEntryTableGuid ## PRODUCES > > [Pcd] > gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask ## CONSUMES > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > index c9669426..2e252fe5 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c > @@ -13,8 +13,10 @@ > #include <Library/DebugLib.h> > #include <Library/MemoryAllocationLib.h> > #include <Library/CacheMaintenanceLib.h> > +#include <Library/PeiServicesLib.h> > #include <IndustryStandard/Vtd.h> > #include <Ppi/VtdInfo.h> > +#include <Ppi/VtdNullRootEntryTable.h> > > #include "IntelVTdPmrPei.h" > > @@ -246,6 +248,51 @@ DisableDmar ( > return EFI_SUCCESS; > } > > +/** > + Enable VTd translation table protection in pre-memory phase. > + > + @param VTdInfo The VTd engine context information. > + @param EngineMask The mask of the VTd engine to be accessed. > + > + @retval EFI_SUCCESS DMAR translation protection is enabled. > + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. > +**/ > +EFI_STATUS > +PreMemoryEnableVTdTranslationProtection ( > + IN VTD_INFO *VTdInfo, > + IN UINT64 EngineMask > + ) > +{ > + EFI_STATUS Status; > + UINTN Index; > + EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI *RootEntryTable; > + > + DEBUG ((DEBUG_INFO, "PreMemoryEnableVTdTranslationProtection - 0x%lx\n", EngineMask)); > + > + Status = PeiServicesLocatePpi ( > + &gEdkiiVTdNullRootEntryTableGuid, > + 0, > + NULL, > + (VOID **)&RootEntryTable > + ); > + > + if (EFI_ERROR(Status)) { > + DEBUG((DEBUG_ERROR, "Locate NullRootEntryTable Ppi : %r\n", Status)); > + return EFI_UNSUPPORTED; > + } > + > + DEBUG ((DEBUG_INFO, "NullRootEntryTable - 0x%lx\n", *RootEntryTable)); > + > + for (Index = 0; Index < VTdInfo->VTdEngineCount; Index++) { > + if ((EngineMask & LShiftU64(1, Index)) == 0) { > + continue; > + } > + EnableDmar ((UINTN)VTdInfo->VTdEngineAddress[Index], (UINTN)*RootEntryTable); > + } > + > + return EFI_SUCCESS; > +} > + > /** > Enable VTd translation table protection. > > -- > 2.16.2.windows.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct [not found] ` <20200831063804.8208-3-w.sheng@intel.com> 2020-09-01 14:31 ` [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct Ni, Ray @ 2020-09-04 7:47 ` Chaganty, Rangasai V 1 sibling, 0 replies; 6+ messages in thread From: Chaganty, Rangasai V @ 2020-09-04 7:47 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io; +Cc: Ni, Ray Reviewed-by: Sai Chaganty <rangasai.v.chaganty@intel.com> -----Original Message----- From: Sheng, W <w.sheng@intel.com> Sent: Sunday, August 30, 2020 11:38 PM To: devel@edk2.groups.io Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> Subject: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct PMR enabling set by pre-boot DMA protection is cleared by RC when boot guard is enabled. Pre-boot DMA protection should only reset VT-d BAR when it is 0 and reset PMR region when it is not programmed to protect all memory address. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 Change-Id: Ic5370f474a43a94903871782ace5cce186b4ddc0 Cc: Ray Ni <ray.ni@intel.com> Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com> Signed-off-by: Sheng Wei <w.sheng@intel.com> --- .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c | 14 +++++++ .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h | 15 +++++++ .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf | 1 + .../Feature/VTd/IntelVTdPmrPei/VtdReg.c | 47 ++++++++++++++++++++++ 4 files changed, 77 insertions(+) diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c index ea944aa4..31a14f28 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP +++ mrPei.c @@ -745,7 +745,21 @@ VTdInfoNotify ( // Protect all system memory // InitVTdInfo (); + + Hob = GetFirstGuidHob (&mVTdInfoGuid); + VTdInfo = GET_GUID_HOB_DATA(Hob); + + // + // NOTE: We need check if PMR is enabled or not. + // + EnabledEngineMask = GetDmaProtectionEnabledEngineMask (VTdInfo, VTdInfo->EngineMask); + if (EnabledEngineMask != 0) { + Status = PreMemoryEnableVTdTranslationProtection (VTdInfo, EnabledEngineMask); + } InitVTdPmrForAll (); + if (((EnabledEngineMask != 0) && (!EFI_ERROR (Status)))) { + DisableVTdTranslationProtection (VTdInfo, EnabledEngineMask); + } // // Install PPI. diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h index 58e6afad..ffed2c5b 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP +++ mrPei.h @@ -97,6 +97,21 @@ GetHighMemoryAlignment ( IN UINT64 EngineMask ); +/** + Enable VTd translation table protection in pre-memory phase. + + @param VTdInfo The VTd engine context information. + @param EngineMask The mask of the VTd engine to be accessed. + + @retval EFI_SUCCESS DMAR translation protection is enabled. + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. +**/ +EFI_STATUS +PreMemoryEnableVTdTranslationProtection ( + IN VTD_INFO *VTdInfo, + IN UINT64 EngineMask + ); + /** Enable VTd translation table protection. diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf index 3eb2b510..1e613ddd 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP +++ mrPei.inf @@ -48,6 +48,7 @@ gEdkiiVTdInfoPpiGuid ## CONSUMES gEfiPeiMemoryDiscoveredPpiGuid ## CONSUMES gEfiEndOfPeiSignalPpiGuid ## CONSUMES + gEdkiiVTdNullRootEntryTableGuid ## PRODUCES [Pcd] gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask ## CONSUMES diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c index c9669426..2e252fe5 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c @@ -13,8 +13,10 @@ #include <Library/DebugLib.h> #include <Library/MemoryAllocationLib.h> #include <Library/CacheMaintenanceLib.h> +#include <Library/PeiServicesLib.h> #include <IndustryStandard/Vtd.h> #include <Ppi/VtdInfo.h> +#include <Ppi/VtdNullRootEntryTable.h> #include "IntelVTdPmrPei.h" @@ -246,6 +248,51 @@ DisableDmar ( return EFI_SUCCESS; } +/** + Enable VTd translation table protection in pre-memory phase. + + @param VTdInfo The VTd engine context information. + @param EngineMask The mask of the VTd engine to be accessed. + + @retval EFI_SUCCESS DMAR translation protection is enabled. + @retval EFI_UNSUPPORTED Null Root Entry Table is not supported. +**/ +EFI_STATUS +PreMemoryEnableVTdTranslationProtection ( + IN VTD_INFO *VTdInfo, + IN UINT64 EngineMask + ) +{ + EFI_STATUS Status; + UINTN Index; + EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI *RootEntryTable; + + DEBUG ((DEBUG_INFO, "PreMemoryEnableVTdTranslationProtection - + 0x%lx\n", EngineMask)); + + Status = PeiServicesLocatePpi ( + &gEdkiiVTdNullRootEntryTableGuid, + 0, + NULL, + (VOID **)&RootEntryTable + ); + + if (EFI_ERROR(Status)) { + DEBUG((DEBUG_ERROR, "Locate NullRootEntryTable Ppi : %r\n", Status)); + return EFI_UNSUPPORTED; + } + + DEBUG ((DEBUG_INFO, "NullRootEntryTable - 0x%lx\n", + *RootEntryTable)); + + for (Index = 0; Index < VTdInfo->VTdEngineCount; Index++) { + if ((EngineMask & LShiftU64(1, Index)) == 0) { + continue; + } + EnableDmar ((UINTN)VTdInfo->VTdEngineAddress[Index], + (UINTN)*RootEntryTable); } + + return EFI_SUCCESS; +} + /** Enable VTd translation table protection. -- 2.16.2.windows.1 ^ permalink raw reply related [flat|nested] 6+ messages in thread
[parent not found: <20200831063804.8208-4-w.sheng@intel.com>]
* Re: [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table [not found] ` <20200831063804.8208-4-w.sheng@intel.com> @ 2020-09-02 1:43 ` Ni, Ray 2020-09-04 7:47 ` Chaganty, Rangasai V 1 sibling, 0 replies; 6+ messages in thread From: Ni, Ray @ 2020-09-02 1:43 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io; +Cc: Chaganty, Rangasai V Reviewed-by: Ray Ni <ray.ni@intel.com> > -----Original Message----- > From: Sheng, W <w.sheng@intel.com> > Sent: Monday, August 31, 2020 2:38 PM > To: devel@edk2.groups.io > Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> > Subject: [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table > > BIOS uses TE with a null root entry table to block VT-d engine access > to block any DMA traffic in pre-memory phase. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 > > Change-Id: I6c086c1f26e60f781de79cc37677cc5717c5edec > Cc: Ray Ni <ray.ni@intel.com> > Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com> > Signed-off-by: Sheng Wei <w.sheng@intel.com> > --- > .../PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c | 16 ++++++++++++++++ > .../PlatformVTdInfoSamplePei.inf | 3 ++- > 2 files changed, 18 insertions(+), 1 deletion(-) > > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c > index 6f6c14f7..616a96ce 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c > @@ -9,6 +9,7 @@ > #include <PiPei.h> > > #include <Ppi/VtdInfo.h> > +#include <Ppi/VtdNullRootEntryTable.h> > > #include <Library/PeiServicesLib.h> > #include <Library/DebugLib.h> > @@ -164,6 +165,15 @@ EFI_PEI_PPI_DESCRIPTOR mPlatformVTdNoIgdInfoSampleDesc = { > &mPlatformVTdNoIgdSample > }; > > +// BIOS uses TE with a null root entry table to block VT-d engine access to block any DMA traffic in pre-memory phase. > +EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI mNullRootEntryTable = 0xFED20000; > + > +EFI_PEI_PPI_DESCRIPTOR mPlatformNullRootEntryTableDesc = { > + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), > + &gEdkiiVTdNullRootEntryTableGuid, > + &mNullRootEntryTable > +}; > + > /** > Initialize VTd register. > Initialize the VTd hardware unit which has INCLUDE_PCI_ALL set > @@ -344,6 +354,12 @@ PlatformVTdInfoSampleInitialize ( > if (!EFI_ERROR(Status)) { > SiliconInitialized = TRUE; > } > + > + Status = PeiServicesInstallPpi (&mPlatformNullRootEntryTableDesc); > + if (EFI_ERROR (Status)) { > + ASSERT_EFI_ERROR (Status); > + } > + > DEBUG ((DEBUG_INFO, "SiliconInitialized - %x\n", SiliconInitialized)); > if (!SiliconInitialized) { > Status = PeiServicesNotifyPpi (&mSiliconInitializedNotifyList); > diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf > b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf > index dacfdf5e..b35853b6 100644 > --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf > +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf > @@ -38,7 +38,8 @@ > IoLib > > [Ppis] > - gEdkiiVTdInfoPpiGuid ## PRODUCES > + gEdkiiVTdInfoPpiGuid ## PRODUCES > + gEdkiiVTdNullRootEntryTableGuid ## PRODUCES > > [Depex] > gEfiPeiMasterBootModePpiGuid > -- > 2.16.2.windows.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table [not found] ` <20200831063804.8208-4-w.sheng@intel.com> 2020-09-02 1:43 ` [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table Ni, Ray @ 2020-09-04 7:47 ` Chaganty, Rangasai V 1 sibling, 0 replies; 6+ messages in thread From: Chaganty, Rangasai V @ 2020-09-04 7:47 UTC (permalink / raw) To: Sheng, W, devel@edk2.groups.io; +Cc: Ni, Ray Reviewed-by: Sai Chaganty <rangasai.v.chaganty@intel.com> -----Original Message----- From: Sheng, W <w.sheng@intel.com> Sent: Sunday, August 30, 2020 11:38 PM To: devel@edk2.groups.io Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> Subject: [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table BIOS uses TE with a null root entry table to block VT-d engine access to block any DMA traffic in pre-memory phase. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867 Change-Id: I6c086c1f26e60f781de79cc37677cc5717c5edec Cc: Ray Ni <ray.ni@intel.com> Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com> Signed-off-by: Sheng Wei <w.sheng@intel.com> --- .../PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c | 16 ++++++++++++++++ .../PlatformVTdInfoSamplePei.inf | 3 ++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c index 6f6c14f7..616a96ce 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.c +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei +++ /PlatformVTdInfoSamplePei.c @@ -9,6 +9,7 @@ #include <PiPei.h> #include <Ppi/VtdInfo.h> +#include <Ppi/VtdNullRootEntryTable.h> #include <Library/PeiServicesLib.h> #include <Library/DebugLib.h> @@ -164,6 +165,15 @@ EFI_PEI_PPI_DESCRIPTOR mPlatformVTdNoIgdInfoSampleDesc = { &mPlatformVTdNoIgdSample }; +// BIOS uses TE with a null root entry table to block VT-d engine access to block any DMA traffic in pre-memory phase. +EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI mNullRootEntryTable = 0xFED20000; + +EFI_PEI_PPI_DESCRIPTOR mPlatformNullRootEntryTableDesc = { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gEdkiiVTdNullRootEntryTableGuid, + &mNullRootEntryTable +}; + /** Initialize VTd register. Initialize the VTd hardware unit which has INCLUDE_PCI_ALL set @@ -344,6 +354,12 @@ PlatformVTdInfoSampleInitialize ( if (!EFI_ERROR(Status)) { SiliconInitialized = TRUE; } + + Status = PeiServicesInstallPpi (&mPlatformNullRootEntryTableDesc); + if (EFI_ERROR (Status)) { + ASSERT_EFI_ERROR (Status); + } + DEBUG ((DEBUG_INFO, "SiliconInitialized - %x\n", SiliconInitialized)); if (!SiliconInitialized) { Status = PeiServicesNotifyPpi (&mSiliconInitializedNotifyList); diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf index dacfdf5e..b35853b6 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei/PlatformVTdInfoSamplePei.inf +++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/PlatformVTdInfoSamplePei +++ /PlatformVTdInfoSamplePei.inf @@ -38,7 +38,8 @@ IoLib [Ppis] - gEdkiiVTdInfoPpiGuid ## PRODUCES + gEdkiiVTdInfoPpiGuid ## PRODUCES + gEdkiiVTdNullRootEntryTableGuid ## PRODUCES [Depex] gEfiPeiMasterBootModePpiGuid -- 2.16.2.windows.1 ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-09-04 7:47 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20200831063804.8208-1-w.sheng@intel.com>
[not found] ` <20200831063804.8208-2-w.sheng@intel.com>
2020-09-01 14:30 ` [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI Ni, Ray
2020-09-04 7:46 ` Chaganty, Rangasai V
[not found] ` <20200831063804.8208-3-w.sheng@intel.com>
2020-09-01 14:31 ` [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct Ni, Ray
2020-09-04 7:47 ` Chaganty, Rangasai V
[not found] ` <20200831063804.8208-4-w.sheng@intel.com>
2020-09-02 1:43 ` [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table Ni, Ray
2020-09-04 7:47 ` Chaganty, Rangasai V
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox