From: "Chaganty, Rangasai V" <rangasai.v.chaganty@intel.com>
To: "Sheng, W" <w.sheng@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Ni, Ray" <ray.ni@intel.com>
Subject: Re: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct
Date: Fri, 4 Sep 2020 07:47:16 +0000 [thread overview]
Message-ID: <DM6PR11MB4476363F6F3810634D4CF789B62D0@DM6PR11MB4476.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20200831063804.8208-3-w.sheng@intel.com>
Reviewed-by: Sai Chaganty <rangasai.v.chaganty@intel.com>
-----Original Message-----
From: Sheng, W <w.sheng@intel.com>
Sent: Sunday, August 30, 2020 11:38 PM
To: devel@edk2.groups.io
Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@intel.com>
Subject: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct
PMR enabling set by pre-boot DMA protection is cleared by RC when boot guard is enabled. Pre-boot DMA protection should only reset VT-d BAR when it is 0 and reset PMR region when it is not programmed to protect all memory address.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2867
Change-Id: Ic5370f474a43a94903871782ace5cce186b4ddc0
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Signed-off-by: Sheng Wei <w.sheng@intel.com>
---
.../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c | 14 +++++++
.../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h | 15 +++++++
.../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf | 1 +
.../Feature/VTd/IntelVTdPmrPei/VtdReg.c | 47 ++++++++++++++++++++++
4 files changed, 77 insertions(+)
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c
index ea944aa4..31a14f28 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP
+++ mrPei.c
@@ -745,7 +745,21 @@ VTdInfoNotify (
// Protect all system memory
//
InitVTdInfo ();
+
+ Hob = GetFirstGuidHob (&mVTdInfoGuid);
+ VTdInfo = GET_GUID_HOB_DATA(Hob);
+
+ //
+ // NOTE: We need check if PMR is enabled or not.
+ //
+ EnabledEngineMask = GetDmaProtectionEnabledEngineMask (VTdInfo, VTdInfo->EngineMask);
+ if (EnabledEngineMask != 0) {
+ Status = PreMemoryEnableVTdTranslationProtection (VTdInfo, EnabledEngineMask);
+ }
InitVTdPmrForAll ();
+ if (((EnabledEngineMask != 0) && (!EFI_ERROR (Status)))) {
+ DisableVTdTranslationProtection (VTdInfo, EnabledEngineMask);
+ }
//
// Install PPI.
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h
index 58e6afad..ffed2c5b 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP
+++ mrPei.h
@@ -97,6 +97,21 @@ GetHighMemoryAlignment (
IN UINT64 EngineMask
);
+/**
+ Enable VTd translation table protection in pre-memory phase.
+
+ @param VTdInfo The VTd engine context information.
+ @param EngineMask The mask of the VTd engine to be accessed.
+
+ @retval EFI_SUCCESS DMAR translation protection is enabled.
+ @retval EFI_UNSUPPORTED Null Root Entry Table is not supported.
+**/
+EFI_STATUS
+PreMemoryEnableVTdTranslationProtection (
+ IN VTD_INFO *VTdInfo,
+ IN UINT64 EngineMask
+ );
+
/**
Enable VTd translation table protection.
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf
index 3eb2b510..1e613ddd 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP
+++ mrPei.inf
@@ -48,6 +48,7 @@
gEdkiiVTdInfoPpiGuid ## CONSUMES
gEfiPeiMemoryDiscoveredPpiGuid ## CONSUMES
gEfiEndOfPeiSignalPpiGuid ## CONSUMES
+ gEdkiiVTdNullRootEntryTableGuid ## PRODUCES
[Pcd]
gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask ## CONSUMES
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c
index c9669426..2e252fe5 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c
@@ -13,8 +13,10 @@
#include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h> #include <Library/CacheMaintenanceLib.h>
+#include <Library/PeiServicesLib.h>
#include <IndustryStandard/Vtd.h>
#include <Ppi/VtdInfo.h>
+#include <Ppi/VtdNullRootEntryTable.h>
#include "IntelVTdPmrPei.h"
@@ -246,6 +248,51 @@ DisableDmar (
return EFI_SUCCESS;
}
+/**
+ Enable VTd translation table protection in pre-memory phase.
+
+ @param VTdInfo The VTd engine context information.
+ @param EngineMask The mask of the VTd engine to be accessed.
+
+ @retval EFI_SUCCESS DMAR translation protection is enabled.
+ @retval EFI_UNSUPPORTED Null Root Entry Table is not supported.
+**/
+EFI_STATUS
+PreMemoryEnableVTdTranslationProtection (
+ IN VTD_INFO *VTdInfo,
+ IN UINT64 EngineMask
+ )
+{
+ EFI_STATUS Status;
+ UINTN Index;
+ EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI *RootEntryTable;
+
+ DEBUG ((DEBUG_INFO, "PreMemoryEnableVTdTranslationProtection -
+ 0x%lx\n", EngineMask));
+
+ Status = PeiServicesLocatePpi (
+ &gEdkiiVTdNullRootEntryTableGuid,
+ 0,
+ NULL,
+ (VOID **)&RootEntryTable
+ );
+
+ if (EFI_ERROR(Status)) {
+ DEBUG((DEBUG_ERROR, "Locate NullRootEntryTable Ppi : %r\n", Status));
+ return EFI_UNSUPPORTED;
+ }
+
+ DEBUG ((DEBUG_INFO, "NullRootEntryTable - 0x%lx\n",
+ *RootEntryTable));
+
+ for (Index = 0; Index < VTdInfo->VTdEngineCount; Index++) {
+ if ((EngineMask & LShiftU64(1, Index)) == 0) {
+ continue;
+ }
+ EnableDmar ((UINTN)VTdInfo->VTdEngineAddress[Index],
+ (UINTN)*RootEntryTable); }
+
+ return EFI_SUCCESS;
+}
+
/**
Enable VTd translation table protection.
--
2.16.2.windows.1
next prev parent reply other threads:[~2020-09-04 7:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20200831063804.8208-1-w.sheng@intel.com>
[not found] ` <20200831063804.8208-3-w.sheng@intel.com>
2020-09-01 14:31 ` [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct Ni, Ray
2020-09-04 7:47 ` Chaganty, Rangasai V [this message]
[not found] ` <20200831063804.8208-2-w.sheng@intel.com>
2020-09-01 14:30 ` [PATCH v3 1/3] IntelSiliconPkg/VtdInfo: Add Null Root Entry Table PPI Ni, Ray
2020-09-04 7:46 ` Chaganty, Rangasai V
[not found] ` <20200831063804.8208-4-w.sheng@intel.com>
2020-09-02 1:43 ` [PATCH v3 3/3] IntelSiliconPkg/PlatformVTdInfoSamplePei: Install Null Root Entry Table Ni, Ray
2020-09-04 7:47 ` Chaganty, Rangasai V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM6PR11MB4476363F6F3810634D4CF789B62D0@DM6PR11MB4476.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox