From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM03-DM3-obe.outbound.protection.outlook.com (mail-dm3nam03on060f.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe49::60f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 75E81803DD for ; Tue, 14 Mar 2017 14:21:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector1-amd-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=+vnR58Rtx6NIhIzknH1Z2wYS9GC0G3MV3os2GEQXXmg=; b=xOC+KorbRBtg1gGFcQB+Oft+rrfY4t2dqLmZ+iWsRzU9Aku0tlMVZBN2DX5EkBOlOghz+WwAsMisctkn1syS1pHBOKtzbZY8zMQ3VJxl3VuobETwXVGKQrIimERZbBIDjk7xUBL/gb3/IHBqIW3NMCw6j91/s2jiUaC0A0d3Nik= Received: from CY4PR12MB1237.namprd12.prod.outlook.com (10.168.167.12) by CY4PR12MB1240.namprd12.prod.outlook.com (10.168.167.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.947.12; Tue, 14 Mar 2017 21:21:31 +0000 Received: from CY4PR12MB1237.namprd12.prod.outlook.com ([10.168.167.12]) by CY4PR12MB1237.namprd12.prod.outlook.com ([10.168.167.12]) with mapi id 15.01.0947.022; Tue, 14 Mar 2017 21:21:31 +0000 From: "Duran, Leo" To: "'Ni, Ruiyu'" , "'Yao, Jiewen'" , "'edk2-devel@ml01.01.org'" Thread-Topic: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Thread-Index: AQHSk4VZhWPDQ+EoT0Cs/UJDr3mKoKGCXDAw///BBoCAAJh8gIAADIYAgAYn74CAATrMYIAAAljggAD3GxCACcpdsA== Date: Tue, 14 Mar 2017 21:21:31 +0000 Message-ID: References: <1488480396-32358-1-git-send-email-leo.duran@amd.com> <734D49CCEBEEF84792F5B80ED585239D5B8BE9E0@SHSMSX104.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8F8D82@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8F9184@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503A8FA9EE@shsmsx102.ccr.corp.intel.com> <734D49CCEBEEF84792F5B80ED585239D5B8C3067@SHSMSX104.ccr.corp.intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=amd.com; x-originating-ip: [165.204.77.1] x-ms-office365-filtering-correlation-id: 98b1e748-572c-4fa1-fb47-08d46b2015b0 x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:CY4PR12MB1240; x-microsoft-exchange-diagnostics: 1; CY4PR12MB1240; 7:AtIkf5m3AcZVVGDA/rCIYIS3CNpJ4mQfYsjgcHMcGoioWLgve2WujQwRbwHPtd7rHk5+4Qq7sU+yRJRhsQRalpToI+9UaewJPNISqIlEuzCDA2kHHJKY3uUTqt0YPE9iLQoPLHNWW1I/j2H3IOWVXEy+4Ri/obr7V6FHUbB6NA11Wl4Cfpm7zLg+OtpqUPpy+FlHwcu5t8MJt0DUIBq3QvDibrlAoFqT0e1rK12gvQEhS4/u56yiUIkbBjXWTmUvsMExUvooaXf9/wbRCLd2yIhDm0t0/SDJygJ3Kq9UUh5vZwMzildQL5fFRIu+bZOMmh4sWbHnPq9Axt+J4x/l7w==; 20:eKp9QGrqtyaYTl2X3k8ieKSV3KC3kI3vx05Y5smlg6708olDq+kYFEklJVCNES9a89p8Py01oheGM+v+e9lZwlwCyRyls/JF+MlrknL05Z82RX3O9LCcA/rzj1jM/Roae1ZBMfcJSwsjrcYSRFFtnfm4q1Ds4gIg+CEA3anVBti1J8Y1XFzq0Jd3LPiGVoMVpz7yrnAkpFWmMpGQh0q05wvnC0133NJibSoC4KvcWFgdVYT+R/ZZBxfcBFFhyy9c x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(166708455590820)(767451399110)(162533806227266)(21748063052155)(228905959029699); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6055026)(6041248)(20161123562025)(20161123560025)(20161123558025)(20161123555025)(20161123564025)(6072148); SRVR:CY4PR12MB1240; BCL:0; PCL:0; RULEID:; SRVR:CY4PR12MB1240; x-forefront-prvs: 02462830BE x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(6029001)(39450400003)(39410400002)(39850400002)(39840400002)(209900001)(51914003)(13464003)(377454003)(69234005)(97736004)(5660300001)(189998001)(122556002)(2900100001)(93886004)(76176999)(53546007)(54356999)(66066001)(50986999)(106116001)(7696004)(33656002)(8936002)(74316002)(2950100002)(3846002)(53936002)(2906002)(3660700001)(6306002)(55016002)(6116002)(7736002)(25786008)(6506006)(790700001)(7906003)(6436002)(53376002)(8676002)(6246003)(606005)(102836003)(9686003)(77096006)(38730400002)(99286003)(81166006)(54896002)(53946003)(3280700002)(86362001)(236005)(229853002)(427584002)(491001)(579004)(6606295002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:CY4PR12MB1240; H:CY4PR12MB1237.namprd12.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en; spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Mar 2017 21:21:31.0425 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR12MB1240 X-Content-Filtered-By: Mailman/MimeDel 2.1.21 Subject: Re: [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Mar 2017 21:21:34 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Ray, et al, FYI: We found a bug in [PATCH v4 1/6]: BmDmaMap(), in DxeBmDmaLib.c BUG: I'm calling AllocateBounceBuffer() with the first 2 parameters in inco= rrect order. The bug-fix will be send out along with the SEV version of the library that= you've requested (in the next week or so). Thanks, Leo. From: Duran, Leo Sent: Wednesday, March 08, 2017 10:05 AM To: 'Ni, Ruiyu' ; Yao, Jiewen ; e= dk2-devel@ml01.01.org Subject: RE: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Hi Ray, Please see my replies below. BTW, we plan on having the SEV BmDmaLib patches done in the next 2 weeks, s= o please stay tuned for that. Thanks, Leo From: Ni, Ruiyu [mailto:ruiyu.ni@intel.com] Sent: Tuesday, March 07, 2017 7:02 PM To: Yao, Jiewen >; Duran,= Leo >; edk2-devel@ml01.01.org<= mailto:edk2-devel@ml01.01.org> Subject: RE: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Leo, We haven't seen your DmaLib implementation for SEV feature. Compare to the default PCI_ROOT_BRIDGE_IO behavior, does SevDmaLib need to = return different host address from AllocateBuffer? [Duran, Leo] No, the returned address is the DMA base address just as it is= now (i.e., the address returned by gBS->Allocatepages) Does SevDmaLib need to return different device address from Map? [Duran, Leo] That just depends on the DmaAbove4GB flag and the HostAddress = range, as currently shown in the BmDmaLib patches. That is, the SEV version of BmDmaLib will not need to alter that behavior a= s compared of the non-SEV version of BmDamLib. Or SevDmaLib just needs to know the returned address from PCI_ROOT_BRIDGE_I= O? [Duran, Leo] I'm not sure I understand the question, but I'll try anyway... SEV BmDmaLib uses the HostAddress to walk the page tables and configure (se= t/clear) the AddressressEncMask on page-table entries corresponding to the = DMA buffer. If it's the latter case, a notification protocol is enough. Regards, Ray From: Ni, Ruiyu Sent: Wednesday, March 8, 2017 8:57 AM To: Yao, Jiewen >; Duran,= Leo >; edk2-devel@ml01.01.org<= mailto:edk2-devel@ml01.01.org> Subject: RE: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Jiewen, >>From your POC, I see a need to propose a new DMA notification protocol to P= I spec. This protocol gets notified when AllocateBuffer/FreeBuffer/Map/Unmap is cal= led. I think a notification protocol is more proper. Because calling PCI_ROOT_BR= IDGE_IO.AllocateBuffer/FreeBuffer/Map/Unmap is required from UEFI/PI spec, but we implement it as it's a choice of BmDm= aLib. Regards, Ray From: Yao, Jiewen Sent: Tuesday, March 7, 2017 10:04 PM To: Yao, Jiewen >; Duran,= Leo >; Ni, Ruiyu >; edk2-devel@ml01.01.org Subject: RE: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library HI Leo/Ruiyu In order to express my thought clearly, I posted some POC code at https://g= ithub.com/jyao1/edk2/tree/master a branch named "dma". The library header file is @ https://github.com/jyao1/edk2/blob/dma/MdeModu= lePkg/Include/Library/BmDmaLib.h The default instance is @ https://github.com/jyao1/edk2/tree/dma/MdeModuleP= kg/Library/DxeBmDmaLib I also wrote POC template for VTd protection to show the concept @ https://= github.com/jyao1/edk2/tree/dma/MdeModulePkg/Library/DxeBmDmaLibVtdSample All code just passes build, not validated yet. Please let me know your idea. Thank you Yao Jiewen From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Yao,= Jiewen Sent: Saturday, March 4, 2017 12:03 AM To: Duran, Leo >; Ni, Ruiyu >; edk2-devel@ml01.01.org Subject: Re: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Thanks for the info. Comment inline. From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Dura= n, Leo Sent: Friday, March 3, 2017 11:19 PM To: Yao, Jiewen >; Ni, Ru= iyu >; edk2-devel@ml01.01.org= Subject: Re: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Hi Yao, Please me replies inline below. Leo From: Yao, Jiewen [mailto:jiewen.yao@intel.com] Sent: Friday, March 03, 2017 12:13 AM To: Ni, Ruiyu >>; Duran, Leo = >>; edk2-devel@ml01.01.org> Cc: Yao, Jiewen >> Subject: RE: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Hi Thanks for your patient. 1) I think it is good to abstract the DMA operation. However, the problem on doing this in PciHostBridge driver is that: We lose= the information on which PCI device submits the Map/Ummap() request. For example, we can allocate one DMA memory for an ATA device, and we do no= t want USB device access this DMA memory. For Intel VTd, we need this information. Is that possible to share your feature code to help me understand how this = API is used on your side? Or if it is hard to share the code, is that possible to help us evaluate if= we can move this library or hook to the PciBus driver ? [Duran, Leo] The intent is to allow override of BmDmalib, so that we may se= t or clear the SEV mask as DMA buffers are allocated or free'ed. [Jiewen] OK. It seems your requirement is similar to ours. For us, we need update VTd/IOMMU page table for PCI device, to set/clear DM= A buffer when it is allocated/freed. The only difference is that our solution need to know the PCI device (bus/d= evice/function) who submit the request. We did some POC work to protect DMA in UEFI phase. The code is at https://github.com/jyao1/STM/tree/master/Test/DmaPkg/DmaProt= ection, PciHook.c There is a white paper to describe the design in detail - https://firmware.= intel.com/sites/default/files/resources/A_Tour_Beyond_BIOS_Using_Intel_VT-d= _for_DMA_Protection.pdf This implementation hooks PCI_IO protocol Map/Ummap function. However, the = *hook* is not a recommended way. Because the BmDmaLib is to abstract DMA operation, I think we can move BmDm= aLib to PciBus driver instead of PciHostBridge driver. I believe it can meet both requirement. 2) Back to the API, I have a little concern on having "DmaAbove4GB" in BmDm= aMap() and BmDmaAllocateBuffer(). [Duran, Leo] The intent of the flag is to determine the need for a bounce b= uffer if the bus-master device is not capable of accessing memory above 4GB= 's. Point being, when a bounce buffer is used for DMA we also need to manage th= e SEV mask on that buffer. Per my understanding: - The PciHostBridgeDxe driver is the core module. - The PciHostBridgeLib is the silicon hardware layout abstraction. The prod= ucer should be silicon driver. - The BmDmaLib is the PCI feature abstraction. The producer could be a core= module or a platform module. I think we had better make the BmDmaLib API be similar to the API defined i= n UEFI spec. [Duran, Leo] Can you please point me to the pertinent reference in the UEFI= spec? [Jiewen] Please refer to 13.2 PCI Root Bridge I/O Protocol, 13.4 EFI PCI I/= O Protocol. Assuming we still use it in PciHostBridgeDxe, Ruiyu's and my thought is: EFI_STATUS EFIAPI BmDmaMap ( IN EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL_OPERATION Operation, IN VOID *HostAddress, IN OUT UINTN *NumberOfBytes, OUT PHYSICAL_ADDRESS *DeviceAddress, OUT VOID **Mapping ); // We can use Operation to know it is Above4GB requirement or not. // EfiPciOperationBusMasterRead64/ EfiPciOperationBusMasterWrite64/ EfiPciO= perationBusMasterCommonBuffer64 means YES. // EfiPciOperationBusMasterRead/ EfiPciOperationBusMasterWrite/ EfiPciOpera= tionBusMasterCommonBuffer means NO. EFI_STATUS EFIAPI BmDmaAllocateBuffer ( IN EFI_ALLOCATE_TYPE Type, IN EFI_MEMORY_TYPE MemoryType, IN UINTN Pages, OUT VOID **HostAddress, IN UINT64 Attributes ); // We can use Attributes to know it is Above4GB requirement or not. // EFI_PCI_ATTRIBUTE_DUAL_ADDRESS_CYCLE means YES. Assuming we move to PciBusDxe. my thought is: EFI_STATUS EFIAPI BmDmaMap ( IN EFI_PCI_IO *PciIo, IN EFI_PCI_IO_PROTOCOL_OPERATION Operation, IN VOID *HostAddress, IN OUT UINTN *NumberOfBytes, OUT PHYSICAL_ADDRESS *DeviceAddress, OUT VOID **Mapping ); EFI_STATUS EFIAPI BmDmaAllocateBuffer ( IN EFI_PCI_IO *PciIo, IN EFI_ALLOCATE_TYPE Type, IN EFI_MEMORY_TYPE MemoryType, IN UINTN Pages, OUT VOID **HostAddress, IN UINT64 Attributes ); I discussed with Ruiyu, and we have some idea to eliminate "DmaAbove4GB" an= d make API consistent with UEFI spec. 3) I am not sure if BmDmaLib API need a way to distinguish which PCI_ROOT_B= RIDGE_IO it is handling. That is an open question. Thank you Yao Jiewen From: Ni, Ruiyu Sent: Friday, March 3, 2017 10:04 AM To: Leo Duran >>>; edk2= -devel@ml01.01.org>> Cc: Yao, Jiewen >>> Subject: RE: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library Leo, I talked with Jiewen in office today. He felt that Intel might have a simil= ar need of such layer of abstraction (BmDmaLib). We are investigating it. Can you please wait for several days? We'd like to review the current interfaces of BmDmaLib to make sure it's ge= neral enough to meet any potential needs. Sorry about the delay. Regards, Ray >-----Original Message----- >From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Leo= Duran >Sent: Friday, March 3, 2017 2:47 AM >To: edk2-devel@ml01.01.org>> >Cc: Leo Duran >>> >Subject: [edk2] [PATCH v4 0/6] DxeBmDmaLib (BmDmaLib class) library > >This series provides an abstraction layer for Bus-master DMA operations as >currently implemented by the PciHostBridgeDxe driver. The intent is to the= n >allow override of this library as may be required by specific hardware >implementations, such as AMD's Secure Encrypted Virtualization (SEV). > >Please refer to the RFC discussion for SEV here: >http://marc.info/?l=3Dlinux-mm&m=3D147190814023863&w=3D2 > >This new BmDmaLib class library is cloned from the existing DmaLib with >an additional DmaAbove4GB (BOOLEAN) parameter for the Map and Allocate >interfaces, so that decisions can be made about the need to allocate DMA >buffers below the 4GB boundary. > >NOTE: The abstraction layer is intended for Bus-master (DMA capable) >devices, and not restricted to the PCI Root-Bridge use-case. Thus the >rationale for not using EFI_PCI_ROOT_BRIDGE_IO_PROTOCOL_OPERATION types. > >Changes since v3: >- Add copyright notice on changed files. >- Re-order parameters on BmDmaFreeBuffer(), consistent with gBS->FreePages= (). > >Leo Duran (6): > MdeModulePkg: Add DxeBmDmaLib (BmDmaLib class) library > ArmVirtPkg: Resolve BmDmaLib class for PciHostBridgeDxe driver > CorebootPayloadPkg: Resolve BmDmaLib class for PciHostBridgeDxe driver > MdeModulePkg: Resolve BmDmaLib class for PciHostBridgeDxe driver > OvmfPkg: Resolve BmDmaLib class for PciHostBridgeDxe driver > MdeModulePkg: Modify PciHostBridgeDxe to use new BmDmaLib class > library > > ArmVirtPkg/ArmVirtQemu.dsc | 2 + > ArmVirtPkg/ArmVirtQemuKernel.dsc | 2 + > CorebootPayloadPkg/CorebootPayloadPkgIa32.dsc | 3 + > CorebootPayloadPkg/CorebootPayloadPkgIa32X64.dsc | 3 + > .../Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf | 1 + > .../Bus/Pci/PciHostBridgeDxe/PciRootBridge.h | 15 +- > .../Bus/Pci/PciHostBridgeDxe/PciRootBridgeIo.c | 274 ++++------------ > MdeModulePkg/Include/Library/BmDmaLib.h | 161 ++++++++++ > MdeModulePkg/Library/DxeBmDmaLib/DxeBmDmaLib.c | 351 ++++++++++++++++= +++++ > MdeModulePkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf | 41 +++ > MdeModulePkg/MdeModulePkg.dsc | 3 + > OvmfPkg/OvmfPkgIa32.dsc | 2 + > OvmfPkg/OvmfPkgIa32X64.dsc | 2 + > OvmfPkg/OvmfPkgX64.dsc | 2 + > 14 files changed, 642 insertions(+), 220 deletions(-) > create mode 100644 MdeModulePkg/Include/Library/BmDmaLib.h > create mode 100644 MdeModulePkg/Library/DxeBmDmaLib/DxeBmDmaLib.c > create mode 100644 MdeModulePkg/Library/DxeBmDmaLib/DxeBmDmaLib.inf > >-- >2.7.4 > >_______________________________________________ >edk2-devel mailing list >edk2-devel@lists.01.org>> >https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org> https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel