From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by mx.groups.io with SMTP id smtpd.web10.33425.1599205648255234980
 for <devel@edk2.groups.io>;
 Fri, 04 Sep 2020 00:47:28 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=K8ImVAB8;
 spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: rangasai.v.chaganty@intel.com)
IronPort-SDR: 4B32x/ytQT9P6SzQra9j0KUQ6djaXz2xKbTK8DieCBQvmygNRwt6V1DgL6zKJPqBl5FgMFAAyK
 WTSHkYA11gqg==
X-IronPort-AV: E=McAfee;i="6000,8403,9733"; a="137226948"
X-IronPort-AV: E=Sophos;i="5.76,388,1592895600"; 
   d="scan'208";a="137226948"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
  by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Sep 2020 00:47:27 -0700
IronPort-SDR: 3PqhB5I5Rn7Y+TzPSH4ged3VCZS5EWZvOsVjigSIwHRI+Bdt7FDu+fCFEWbk9ra6hLDxvoSEw2
 KlVIem09JErA==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.76,388,1592895600"; 
   d="scan'208";a="284342728"
Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18])
  by fmsmga008.fm.intel.com with ESMTP; 04 Sep 2020 00:47:27 -0700
Received: from orsmsx606.amr.corp.intel.com (10.22.229.19) by
 ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Fri, 4 Sep 2020 00:47:26 -0700
Received: from orsmsx151.amr.corp.intel.com (10.22.226.38) by
 orsmsx606.amr.corp.intel.com (10.22.229.19) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5
 via Frontend Transport; Fri, 4 Sep 2020 00:47:26 -0700
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by
 ORSMSX151.amr.corp.intel.com (10.22.226.38) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Fri, 4 Sep 2020 00:47:18 -0700
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.176)
 by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.1713.5; Fri, 4 Sep 2020 00:47:17 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=UoScl1AZiNW1FVCvQA+3646VgNuyCLAMJeAI/SlL5Es0MRvRknzPytcgIbKEs+CScpySSnSKJhXWsVYub86n63600aWL7/6B9qorKEAlD1DJmqmQYLCGsXc5pdUUfYpCWC8sw0mijxIkbV2pfp6CCOTt5P1KE16xfFoU2pd79eTO6LwSDZZSGLPUssL1X9lb4bep0wFSIlEcOnwTzdnWWq3FBWrG+6OfVfeQHovgxT2GVf9nxv6kcMgmHtRJ2jehhauponH1dIoZjwN+JoXY+PJpLaxB+ISk3fNWdb7ynK4XvpZVvmzcFAUacsihY7npr1USmJr6iles0synoon1RA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=11mDdjlRNQ/tGerRLB60c4rctxjZQKeqZd/4PeGpSr4=;
 b=GehdjPWQ3h/g6wy5aT2PyLj8XrNn+bHU+UGMqNSa9oVEH7ZWc15B4VmjT07/uITGa0dShpebKOacNABxvni128hoYV01yHe+gvKRcT7xrJM5XQufw5qinWWu99UAE2csMo5ZiRFNJ2EFwzYFVoSsPnVV9yzp7mRSiyhEUp+SCGYVui3kh3kXCBG/2gwE/7WQSmLFuWgIh9PlOEVoIofmEDQsXoON1zcQhUn3jqpcSmbeEzhhHzOP4qb5EsG2kRK4+TNtF7lJw+e5o2tfRse2yGPWRo42VYvSyyApYneCQRRi+HRWgJKcF1f6IdKmKtOfcbYY2WGg55lefDs6Ha9fHA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=11mDdjlRNQ/tGerRLB60c4rctxjZQKeqZd/4PeGpSr4=;
 b=K8ImVAB8hWvgc/ArSry3o3PdVZLoDueYHFaOiAj1gAh4x68O6FCMfKsob3PzaDhq6WRTVUnJqlIU+reGZ6SS7QCnHstxGIve8ZVDyhJo4FoXTRsQl512vdIFMh3kvr862PJyV9+m9pBuJzn7RwrkfGqSk74KjUzvdJX+7IfJ3Tg=
Received: from DM6PR11MB4476.namprd11.prod.outlook.com (2603:10b6:5:201::24)
 by DM6PR11MB3818.namprd11.prod.outlook.com (2603:10b6:5:145::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3326.19; Fri, 4 Sep
 2020 07:47:16 +0000
Received: from DM6PR11MB4476.namprd11.prod.outlook.com
 ([fe80::4c12:b421:86bf:9d]) by DM6PR11MB4476.namprd11.prod.outlook.com
 ([fe80::4c12:b421:86bf:9d%4]) with mapi id 15.20.3326.025; Fri, 4 Sep 2020
 07:47:16 +0000
From: "Chaganty, Rangasai V" <rangasai.v.chaganty@intel.com>
To: "Sheng, W" <w.sheng@intel.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Ni, Ray" <ray.ni@intel.com>
Subject: Re: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling setting confilct
Thread-Topic: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling
 setting confilct
Thread-Index: AQHWf2F5Rl+0uGaT2EGSqo13WW16QqlYIGfg
Date: Fri, 4 Sep 2020 07:47:16 +0000
Message-ID: <DM6PR11MB4476363F6F3810634D4CF789B62D0@DM6PR11MB4476.namprd11.prod.outlook.com>
References: <20200831063804.8208-1-w.sheng@intel.com>
 <20200831063804.8208-3-w.sheng@intel.com>
In-Reply-To: <20200831063804.8208-3-w.sheng@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-reaction: no-action
dlp-version: 11.5.1.3
dlp-product: dlpe-windows
authentication-results: intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=none action=none header.from=intel.com;
x-originating-ip: [50.45.159.74]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2fe8de7d-a970-4316-97e0-08d850a6bec8
x-ms-traffictypediagnostic: DM6PR11MB3818:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <DM6PR11MB38181208113A8F9D6B54E69AB62D0@DM6PR11MB3818.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Eoohf8i0REQGBNnbcV8duUAOTkzmrZs615DEh97UFfpJAIAUoTZHQBVaMaWCkR/ifxxRmFeOoju/8kCBureaTb09UB80vr8QiBoZmSZe8k4UxVv8+H9eJfP9lMXEUvs/o5jfKgBIDfq3pPZIBp6zKcORwIL4j+Uxekqpv1QLF+KdXpCYYTqmZ9tHngvEvZ/EXzvCeE6fE8E9E0Dd/nykoQbyxBAbDCJADM2aZBkOAVMa7BqUQtq7Lu7umXKdu6+4emXoK1i90yf4uVnVmrKsLIP5Aiur7DDSy8fMqXhU9/G9DnRE3oIp2+CSbrVvH5YKda947hx8H08tVF6s73QTURdjCZ2ujv+x6WOnthVgQFfKYauEB2u+GJHzjnA/4ePavlDFqB3ANFuQ5tZ0q/A17g==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB4476.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(6029001)(4636009)(39860400002)(396003)(376002)(366004)(136003)(346002)(5660300002)(26005)(6506007)(110136005)(966005)(8676002)(107886003)(316002)(52536014)(9686003)(83380400001)(55016002)(478600001)(8936002)(71200400001)(186003)(2906002)(64756008)(4326008)(53546011)(66556008)(66476007)(66446008)(7696005)(76116006)(66946007)(33656002)(86362001);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: vkglTgVsQFjnKY/RZGQLEocba+Kd9NSQjNYvudSntRt7YHerzNQmLoYkICLlkhiNVqPIkBDe6/C/3FWGTttFyx4a/fsFvWS26x8xeuYXhE9Zuilq+IBwBuoLvh+8Uh8kOcn19nVSaYfBSgythXaIyopbXvtJXvhFwk8/ddkny9a+vqW56RAIL9b8Rryr5hbVpflRm44Jvs/Oh6c8xXoqB6nEWMfTcFjxkbvVZV10T78SfHGzvOtsmC9Ioa3jvZZFBvU+2ErXg4o5XSk1UWJ1l0C6C6Apb/b+fEHSQrAnCXlt8nLyMfpFcU/ZGUMT08+4U44RVt0Ws2yowf/CndQ1uGGXPjlpM35N6TuRO/73ir62p7LbTGWwEwUNnM9yE0DtlbWZaVVza5YM/a4dHrflZmTgTAR8GZuWBhqV4GFgG+SWOYaFhAhX23/V6q7QOMJwficaptZTw+V7s07iG9M1s9jz1WexB8n77XvR1khGCodZu8q8dr1RDTnUbeJnQ3bf4KO9l33leOH0649esbxk6Dzn8pL59xTdZ/5mi1iojQQpEASd2pJNI0smWd7DrI37hBeyFb0xVD+B+PlHDrUp1og7/V0Fa5b25dyYpxVcNzilH05rRg6Ep/7R4OmYQuwDdG8k/6NKeEyEwfZZTCCUrQ==
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB4476.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2fe8de7d-a970-4316-97e0-08d850a6bec8
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Sep 2020 07:47:16.7646
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Z6k9+DgCICgb6HdT4RSIQ97Pv7pxIkymeQdbr2UNB5hW5AFkgOf9kE+e+Cb5gPniWhKp45IcD6RH3C7RcAc5SDD30EWWwBrvh2zAw7mGmD8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3818
Return-Path: rangasai.v.chaganty@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Sai Chaganty <rangasai.v.chaganty@intel.com>

-----Original Message-----
From: Sheng, W <w.sheng@intel.com>=20
Sent: Sunday, August 30, 2020 11:38 PM
To: devel@edk2.groups.io
Cc: Ni, Ray <ray.ni@intel.com>; Chaganty, Rangasai V <rangasai.v.chaganty@i=
ntel.com>
Subject: [PATCH v3 2/3] IntelSiliconPkg/IntelVTdPmrPei: Fix PMR enabling se=
tting confilct

PMR enabling set by pre-boot DMA protection is cleared by RC when boot guar=
d is enabled. Pre-boot DMA protection should only reset VT-d BAR when it is=
 0 and reset PMR region when it is not programmed to protect all memory add=
ress.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2867

Change-Id: Ic5370f474a43a94903871782ace5cce186b4ddc0
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Signed-off-by: Sheng Wei <w.sheng@intel.com>
---
 .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.c    | 14 +++++++
 .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.h    | 15 +++++++
 .../Feature/VTd/IntelVTdPmrPei/IntelVTdPmrPei.inf  |  1 +
 .../Feature/VTd/IntelVTdPmrPei/VtdReg.c            | 47 ++++++++++++++++++=
++++
 4 files changed, 77 insertions(+)

diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Intel=
VTdPmrPei.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Inte=
lVTdPmrPei.c
index ea944aa4..31a14f28 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrP=
ei.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP
+++ mrPei.c
@@ -745,7 +745,21 @@ VTdInfoNotify (
     // Protect all system memory
     //
     InitVTdInfo ();
+
+    Hob =3D GetFirstGuidHob (&mVTdInfoGuid);
+    VTdInfo =3D GET_GUID_HOB_DATA(Hob);
+
+    //
+    // NOTE: We need check if PMR is enabled or not.
+    //
+    EnabledEngineMask =3D GetDmaProtectionEnabledEngineMask (VTdInfo, VTdI=
nfo->EngineMask);
+    if (EnabledEngineMask !=3D 0) {
+      Status =3D PreMemoryEnableVTdTranslationProtection (VTdInfo, Enabled=
EngineMask);
+    }
     InitVTdPmrForAll ();
+    if (((EnabledEngineMask !=3D 0) && (!EFI_ERROR (Status)))) {
+      DisableVTdTranslationProtection (VTdInfo, EnabledEngineMask);
+    }
=20
     //
     // Install PPI.
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Intel=
VTdPmrPei.h b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Inte=
lVTdPmrPei.h
index 58e6afad..ffed2c5b 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrP=
ei.h
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP
+++ mrPei.h
@@ -97,6 +97,21 @@ GetHighMemoryAlignment (
   IN UINT64        EngineMask
   );
=20
+/**
+  Enable VTd translation table protection in pre-memory phase.
+
+  @param VTdInfo            The VTd engine context information.
+  @param EngineMask         The mask of the VTd engine to be accessed.
+
+  @retval EFI_SUCCESS       DMAR translation protection is enabled.
+  @retval EFI_UNSUPPORTED   Null Root Entry Table is not supported.
+**/
+EFI_STATUS
+PreMemoryEnableVTdTranslationProtection (
+  IN VTD_INFO      *VTdInfo,
+  IN UINT64        EngineMask
+  );
+
 /**
   Enable VTd translation table protection.
=20
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/Intel=
VTdPmrPei.inf b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/In=
telVTdPmrPei.inf
index 3eb2b510..1e613ddd 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdPmrP=
ei.inf
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/IntelVTdP
+++ mrPei.inf
@@ -48,6 +48,7 @@
   gEdkiiVTdInfoPpiGuid                ## CONSUMES
   gEfiPeiMemoryDiscoveredPpiGuid      ## CONSUMES
   gEfiEndOfPeiSignalPpiGuid           ## CONSUMES
+  gEdkiiVTdNullRootEntryTableGuid     ## PRODUCES
=20
 [Pcd]
   gIntelSiliconPkgTokenSpaceGuid.PcdVTdPolicyPropertyMask   ## CONSUMES
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdRe=
g.c b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c
index c9669426..2e252fe5 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/VTd/IntelVTdPmrPei/VtdReg.c
@@ -13,8 +13,10 @@
 #include <Library/DebugLib.h>
 #include <Library/MemoryAllocationLib.h>  #include <Library/CacheMaintenan=
ceLib.h>
+#include <Library/PeiServicesLib.h>
 #include <IndustryStandard/Vtd.h>
 #include <Ppi/VtdInfo.h>
+#include <Ppi/VtdNullRootEntryTable.h>
=20
 #include "IntelVTdPmrPei.h"
=20
@@ -246,6 +248,51 @@ DisableDmar (
   return EFI_SUCCESS;
 }
=20
+/**
+  Enable VTd translation table protection in pre-memory phase.
+
+  @param VTdInfo            The VTd engine context information.
+  @param EngineMask         The mask of the VTd engine to be accessed.
+
+  @retval EFI_SUCCESS       DMAR translation protection is enabled.
+  @retval EFI_UNSUPPORTED   Null Root Entry Table is not supported.
+**/
+EFI_STATUS
+PreMemoryEnableVTdTranslationProtection (
+  IN VTD_INFO      *VTdInfo,
+  IN UINT64        EngineMask
+  )
+{
+  EFI_STATUS                            Status;
+  UINTN                                 Index;
+  EDKII_VTD_NULL_ROOT_ENTRY_TABLE_PPI   *RootEntryTable;
+
+  DEBUG ((DEBUG_INFO, "PreMemoryEnableVTdTranslationProtection -=20
+ 0x%lx\n", EngineMask));
+
+  Status =3D PeiServicesLocatePpi (
+                 &gEdkiiVTdNullRootEntryTableGuid,
+                 0,
+                 NULL,
+                 (VOID **)&RootEntryTable
+                 );
+
+  if (EFI_ERROR(Status)) {
+    DEBUG((DEBUG_ERROR, "Locate NullRootEntryTable Ppi : %r\n", Status));
+    return EFI_UNSUPPORTED;
+  }
+
+  DEBUG ((DEBUG_INFO, "NullRootEntryTable - 0x%lx\n",=20
+ *RootEntryTable));
+
+  for (Index =3D 0; Index < VTdInfo->VTdEngineCount; Index++) {
+    if ((EngineMask & LShiftU64(1, Index)) =3D=3D 0) {
+      continue;
+    }
+    EnableDmar ((UINTN)VTdInfo->VTdEngineAddress[Index],=20
+ (UINTN)*RootEntryTable);  }
+
+  return EFI_SUCCESS;
+}
+
 /**
   Enable VTd translation table protection.
=20
--
2.16.2.windows.1