From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 by mx.groups.io with SMTP id smtpd.web10.40657.1684290332603988540
 for <devel@edk2.groups.io>;
 Tue, 16 May 2023 19:25:33 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=HGADmR4W;
 spf=pass (domain: intel.com, ip: 134.134.136.100, mailfrom: ray.ni@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1684290332; x=1715826332;
  h=from:to:cc:subject:date:message-id:references:
   in-reply-to:content-transfer-encoding:mime-version;
  bh=8U6ok+UgWsjdwKFd2nn5OSRxg35alUXrhxTGxzBHiQU=;
  b=HGADmR4WOjT7aCWFvqke8iZytF0EHv//KYKxs43sAZC/8wSJvv/00ok8
   elJOry6NHa2tlF3eRwfUPCsUC0sgzNwxOUOY/eFmNKTrV74ds7AErZqEj
   BFg7QxoXC5ZzBD349ajpB9OdQydUeO+5OaOCpfdP0QjwW1fPynZEP7yXP
   opsFznA2yjIzQjEuJbcdgkn6o+v6+3/z5JNsWOpg+6FZW+Z3TAki9+YOg
   YoqvnlEyUDNZchuAu0Rjo+k6sp4Tw6F9OrYJjtqtStXKruhf0uZIATW5j
   +lC6o78nrtMPUSlg5DsdAt2jmav/CqEyROOUaXRxQ/oaVAJ+AlOhdekNL
   A==;
X-IronPort-AV: E=McAfee;i="6600,9927,10712"; a="417301020"
X-IronPort-AV: E=Sophos;i="5.99,280,1677571200"; 
   d="scan'208";a="417301020"
Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2023 19:25:31 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10712"; a="734528494"
X-IronPort-AV: E=Sophos;i="5.99,280,1677571200"; 
   d="scan'208";a="734528494"
Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15])
  by orsmga001.jf.intel.com with ESMTP; 16 May 2023 19:25:31 -0700
Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by
 ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.23; Tue, 16 May 2023 19:25:31 -0700
Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by
 orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2507.23 via Frontend Transport; Tue, 16 May 2023 19:25:31 -0700
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.176)
 by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2507.23; Tue, 16 May 2023 19:25:31 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=aJeNsNErcRDYpHgr6cEufc1TEePcSND5Y80Xc8dqFPRYmvHnBIW+eGU0EONLPHFpdxKDO4o5oJnjduPtK9BLFB+Rc9R+SowL0xUmkRIed1uTKq5XhdxSmX2VifqCT7jnVAghaBaAwheJg5JFURehdr5Uf8Ku139k2AHI1TuihhKa7yofYiiVEstXlrGPUmu+Lq7c2xh4VcRHL782uZseGwCgFnndGMuifMdjAxO0gb4FeWmlOMzBM53iGVBYQOE7bMLN//4Ye1ekEesOnK99X7igOLjBUiKo5yl+FT9TMLeMHjb8mzK+KWUtuoXzXLYo7REPK5uKx5odWksePnZX4g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=TTv+KUoTAq+h5uR4yPdzaWKPJTzYCmTzzVPrlus/m7I=;
 b=VoYgPgd/TGSLWxt7nHx7Sx3d4FOY/ElTSdjICZn9OEy5u3Np+9RBZYdrre5vAOPK13pf4EY0xOPgGzEPHXSbj05qjRVI/1quipCStBk5Y+Q7LZDJNRMlQSvD01pwQoKBhK12O0mYu7eEkrjXVfcTLVL/NIxAtM257QOiam09Kqgld4HWsJoZGcAaVPoaRx1ZCErw9c0WYN2SfWsJ9rLvH8UWNlWUoWQT8fv4X9r8FngLCrUvpFnMqaDJIeJz0X0B6bGfgweTHO591VeO1lFj7Zt6M0a9ZSGAXQKYcf+0f/TF7cpyig77Enb95HZTD2Z+LJt4GqopixLdcn/6m0MtSg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14)
 by IA1PR11MB8100.namprd11.prod.outlook.com (2603:10b6:208:445::18) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6387.30; Wed, 17 May
 2023 02:25:29 +0000
Received: from MN6PR11MB8244.namprd11.prod.outlook.com
 ([fe80::892b:b8e6:bab7:635d]) by MN6PR11MB8244.namprd11.prod.outlook.com
 ([fe80::892b:b8e6:bab7:635d%5]) with mapi id 15.20.6387.032; Wed, 17 May 2023
 02:25:28 +0000
From: "Ni, Ray" <ray.ni@intel.com>
To: "Wu, Jiaxin" <jiaxin.wu@intel.com>, "devel@edk2.groups.io"
	<devel@edk2.groups.io>
CC: "Dong, Eric" <eric.dong@intel.com>, "Zeng, Star" <star.zeng@intel.com>,
	Gerd Hoffmann <kraxel@redhat.com>, "Kumar, Rahul R" <rahul.r.kumar@intel.com>
Subject: Re: [PATCH v3 1/5] UefiCpuPkg/SecCore: Migrate page table to permanent memory
Thread-Topic: [PATCH v3 1/5] UefiCpuPkg/SecCore: Migrate page table to
 permanent memory
Thread-Index: AQHZhtM+emiKLqa1RUCnAktw/85i8q9dv/SW
Date: Wed, 17 May 2023 02:25:28 +0000
Message-ID: <MN6PR11MB8244BF6AEFC06036C2A74B0A8C7E9@MN6PR11MB8244.namprd11.prod.outlook.com>
References: <20230515021601.6244-1-jiaxin.wu@intel.com>
 <20230515021601.6244-2-jiaxin.wu@intel.com>
In-Reply-To: <20230515021601.6244-2-jiaxin.wu@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
msip_labels: 
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|IA1PR11MB8100:EE_
x-ms-office365-filtering-correlation-id: 90339774-f76f-401f-85a4-08db567dfb15
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: nrGkCfFPrSi+tFIR2QkPyugoX9vY2nLGNtoMTaWKWkCaVn3k8bGmydSBrUmA7BMNsm8MW2Cq6BmHgV6otH7eGX8K8qL2vRdzEKzoUKqKaXzgA2CKqYpcnp5Y42jq8MY7Obs0uW2/VNDFlOeu132Z8GoGAolWUSOQzBQnQb2HAktj3T6pYfC9vqSKZGclUIqZow7D6DsD0DI3S2KvPgRRhhMZH5UC/rDkovXey5elQqRkGcLDpYK8J6Dj8uTmOKXSuCS1y37OXahu3OrKsWMDb+IXblyLkentwbSujHGa3e0GRkK9VdAmxCmeYNMYtzrL1eGG6GgeGwAa9Oz8xREPY41ZrKAelc4lz71nOLszZ86Zz40WyKTmf5MJY2ZDJkwlMTnUgU6rxugj7qnNJO61IxQ0yovqk8CT0Rf7NEq6VHk3DxFtU++4q6GyysDYiHwE3BybrlICHA0XfdZzsah59wHBL02is4Dd5YFuNGRAtg3/R1eHrSORrTNlKccWE+jGTgVVXr3hyGCa5zrFKFgqXD4XX+1UXqW+WwIHvNigNayfS52WwjmGRxx+7l9wtStObR5SlIMcIVPfLS4xoyGRQPCEKc1rlecmz6tbdAjfLEUbL2zWQ4+mXKY8df7PByX4
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN6PR11MB8244.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(396003)(346002)(376002)(366004)(39860400002)(136003)(451199021)(52536014)(5660300002)(8936002)(83380400001)(8676002)(33656002)(2906002)(186003)(122000001)(82960400001)(38100700002)(38070700005)(86362001)(55016003)(107886003)(9686003)(53546011)(26005)(6506007)(71200400001)(66476007)(478600001)(76116006)(91956017)(4326008)(64756008)(66446008)(54906003)(66556008)(66946007)(110136005)(316002)(19627235002)(7696005)(41300700001);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?5RuoQHfwvKCkpuw3ORXy7akCHRsvO9PN/93ViDIBSrcFKhgEwQFrPbIu1x?=
 =?iso-8859-1?Q?8x2EtRA8/DXCLhapliGogg1PkefrD8jautmlrEegDDGLLrR0759ZneSB0b?=
 =?iso-8859-1?Q?b0EJo/fbW8JVBxhmkxMDJqfJWbSaixcvsPNoV3O2EjJyGW8A7RGr778BAA?=
 =?iso-8859-1?Q?yjovXYd6KK/NU91bZjhDQ+rvNoMHk2mrgtD1cZAlUXsrkJ5FaHUpT/O4Wa?=
 =?iso-8859-1?Q?x13Ok4h7TTS0O9ufdqqW4URGT/vHkZ8+0G4egnQdpri6mNk1hzMxB2CjL/?=
 =?iso-8859-1?Q?EsAqc/yYGzgnublAYOpsMsZ5MX8ai/oe/FZGjBxQ8PWClcztLDJQ4r+Gce?=
 =?iso-8859-1?Q?6BBnSRUIHZ4swQrXVgyG3Wx+amGP7UGABI2Slk1KriVC+ReSVsLj+ihL63?=
 =?iso-8859-1?Q?p63tmB+6mVlBJQzKaTM9Zphct8UxKSyaSw4H2gq8zFjUaQoJAtvzpasPZ7?=
 =?iso-8859-1?Q?A9WbQ4JIuy0JHcALHdy/DhQdGqKNuzSnLEKF4R9j3Quu9+cfNogmQvXI+G?=
 =?iso-8859-1?Q?LLAHpQu0w8V79l+qfgB3kLuBiLahidu2FF8QT7ssbNaYNbIGROZ/+/eOQS?=
 =?iso-8859-1?Q?w5X4S4OCmeuYxFteAiWFIDZuQtYdzPhHDjfuypeM0R5d7q3SsUtkZYp/+Q?=
 =?iso-8859-1?Q?HE/x7t555tvnKTgHFsmKS5rrkWfU8Ko2BPSqDyjlnpk+kvP0fgZw1WWZ4b?=
 =?iso-8859-1?Q?SqMrLxzbM2Zx7PBooVKhOBAX8Ld7qg20qVhN0ZJ8CJHMnB+J0IDu8WjrQC?=
 =?iso-8859-1?Q?SpnCT4gvhmOC66D8vOBvABiR4duC4qGlx+I0BMCZ9KrLHeKMKtZG3lNJkg?=
 =?iso-8859-1?Q?tbfi3Hm3pLDrvPGfe/7qHI/L2ToUVOZVV+lHX4QbUBSWJm4nvw0Ptily5a?=
 =?iso-8859-1?Q?bGvwFKCR0MOl13vFuKnvOAhexK0gonGyJ494w885OgdKq+cUTwWnR9K2o1?=
 =?iso-8859-1?Q?LjVVn2FsCbGd02zg6mD5K4aI9eu5B3SOSrmJfeCmnrq32AY8BzdDSRBQaa?=
 =?iso-8859-1?Q?9zXo6JNuUc/kj+jBUdvrc1ZDnWK1d+Ml9SH0amp4lo88OkZo+HvD0A6h3w?=
 =?iso-8859-1?Q?M4Wrv/0H/xAqBteoNmm9z/rSixnlaOWCTXMbfnAYUqBqNEbLkoBJ+SuUFX?=
 =?iso-8859-1?Q?/bPyYEet9H3jZ3qIStKOTswmVTNOyfLK9ovCfNPG6Ath9s9vrIXXQ40ffh?=
 =?iso-8859-1?Q?WOEhwWDz7Xp5cCdiOYsnAFAWwgNEQyKboMvYKVaPc5y2I6C6Aph/sxa59n?=
 =?iso-8859-1?Q?SZRYmBNV3Xs7y/49YPu50R8HtqqN1NjGFVd7IcL6804reLU9u+N19RzVLx?=
 =?iso-8859-1?Q?EjrSC+y9xh6BjjF2aWHGYTQKBmnuppYV2DL4dtmeVnUSAsbmA7zf9PshXi?=
 =?iso-8859-1?Q?4ybXnZRmr+EmR2xKVgF3fQlJrm37ZVVUk5+vYwNap3Hdzx6aPuxiq5cbmy?=
 =?iso-8859-1?Q?I++WRmol3mXfsM6XvErBkRwXq9EJdILqOQVEbVnUG9D6v49L9SDCWazX5k?=
 =?iso-8859-1?Q?+cdfwtWgDzdSyrEQOLANGp/1xkzeIeT64877+yhJtMeMMZc7p3Z916Tp97?=
 =?iso-8859-1?Q?jZ3IZtUUL4EHNbNV3awO3cQ9NK/LCuu8mwO9SDJ0IU5S17337WoCfVWXer?=
 =?iso-8859-1?Q?YLiW157ZGmQT0=3D?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 90339774-f76f-401f-85a4-08db567dfb15
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 May 2023 02:25:28.6215
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wo8tr87HHm3mL2yG0jSgzZemY6z7/cZ5HZI9DMqNRPbCQf9NWmTmKEh1uQFbiMsnv4WyEz1/DVfnQ6Zp1nhYJg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR11MB8100
Return-Path: ray.ni@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Ray Ni <ray.ni@intel.com>=0A=
=0A=
________________________________________=0A=
From: Wu, Jiaxin <jiaxin.wu@intel.com>=0A=
Sent: Monday, May 15, 2023 10:15=0A=
To: devel@edk2.groups.io=0A=
Cc: Dong, Eric; Ni, Ray; Zeng, Star; Gerd Hoffmann; Kumar, Rahul R=0A=
Subject: [PATCH v3 1/5] UefiCpuPkg/SecCore: Migrate page table to permanent=
 memory=0A=
=0A=
Background:=0A=
For arch X64, system will enable the page table in SPI to cover 0-512G=0A=
range via CR4.PAE & MSR.LME & CR0.PG & CR3 setting (see ResetVector code).=
=0A=
Existing code doesn't cover the higher address access above 512G before=0A=
memory-discovered callback. That will be potential problem if system=0A=
access the higher address after the transition from temporary RAM to=0A=
permanent MEM RAM.=0A=
=0A=
Solution:=0A=
This patch is to migrate page table to permanent memory to map entire physi=
cal=0A=
address space if CR0.PG is set during temporary RAM Done.=0A=
=0A=
Cc: Eric Dong <eric.dong@intel.com>=0A=
Cc: Ray Ni <ray.ni@intel.com>=0A=
Cc: Zeng Star <star.zeng@intel.com>=0A=
Cc: Gerd Hoffmann <kraxel@redhat.com>=0A=
Cc: Rahul Kumar <rahul1.kumar@intel.com>=0A=
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>=0A=
---=0A=
 UefiCpuPkg/SecCore/SecCore.inf       |   1 +=0A=
 UefiCpuPkg/SecCore/SecCoreNative.inf |   1 +=0A=
 UefiCpuPkg/SecCore/SecMain.c         | 147 +++++++++++++++++++++++++++++++=
++++=0A=
 UefiCpuPkg/SecCore/SecMain.h         |   4 +=0A=
 4 files changed, 153 insertions(+)=0A=
=0A=
diff --git a/UefiCpuPkg/SecCore/SecCore.inf b/UefiCpuPkg/SecCore/SecCore.in=
f=0A=
index 3758aded3b..cab69b8b97 100644=0A=
--- a/UefiCpuPkg/SecCore/SecCore.inf=0A=
+++ b/UefiCpuPkg/SecCore/SecCore.inf=0A=
@@ -53,10 +53,11 @@=0A=
   CpuExceptionHandlerLib=0A=
   ReportStatusCodeLib=0A=
   PeiServicesLib=0A=
   PeiServicesTablePointerLib=0A=
   HobLib=0A=
+  CpuPageTableLib=0A=
=0A=
 [Ppis]=0A=
   ## SOMETIMES_CONSUMES=0A=
   ## PRODUCES=0A=
   gEfiSecPlatformInformationPpiGuid=0A=
diff --git a/UefiCpuPkg/SecCore/SecCoreNative.inf b/UefiCpuPkg/SecCore/SecC=
oreNative.inf=0A=
index 1ee6ff7d88..fa241cca94 100644=0A=
--- a/UefiCpuPkg/SecCore/SecCoreNative.inf=0A=
+++ b/UefiCpuPkg/SecCore/SecCoreNative.inf=0A=
@@ -50,10 +50,11 @@=0A=
   CpuExceptionHandlerLib=0A=
   ReportStatusCodeLib=0A=
   PeiServicesLib=0A=
   PeiServicesTablePointerLib=0A=
   HobLib=0A=
+  CpuPageTableLib=0A=
=0A=
 [Ppis]=0A=
   ## SOMETIMES_CONSUMES=0A=
   ## PRODUCES=0A=
   gEfiSecPlatformInformationPpiGuid=0A=
diff --git a/UefiCpuPkg/SecCore/SecMain.c b/UefiCpuPkg/SecCore/SecMain.c=0A=
index 95375850ec..b0ab6cdae4 100644=0A=
--- a/UefiCpuPkg/SecCore/SecMain.c=0A=
+++ b/UefiCpuPkg/SecCore/SecMain.c=0A=
@@ -70,10 +70,139 @@ MigrateGdt (=0A=
   AsmWriteGdtr (&Gdtr);=0A=
=0A=
   return EFI_SUCCESS;=0A=
 }=0A=
=0A=
+/**=0A=
+  Migrate page table to permanent memory mapping entire physical address s=
pace.=0A=
+=0A=
+  @retval   EFI_SUCCESS           The PageTable was migrated successfully.=
=0A=
+  @retval   EFI_UNSUPPORTED       Unsupport to migrate page table to perma=
nent memory if IA-32e Mode not actived.=0A=
+  @retval   EFI_OUT_OF_RESOURCES  The PageTable could not be migrated due =
to lack of available memory.=0A=
+=0A=
+**/=0A=
+EFI_STATUS=0A=
+MigratePageTable (=0A=
+  VOID=0A=
+  )=0A=
+{=0A=
+  EFI_STATUS                      Status;=0A=
+  IA32_CR4                        Cr4;=0A=
+  BOOLEAN                         Page5LevelSupport;=0A=
+  UINT32                          RegEax;=0A=
+  CPUID_EXTENDED_CPU_SIG_EDX      RegEdx;=0A=
+  BOOLEAN                         Page1GSupport;=0A=
+  PAGING_MODE                     PagingMode;=0A=
+  CPUID_VIR_PHY_ADDRESS_SIZE_EAX  VirPhyAddressSize;=0A=
+  UINT32                          MaxExtendedFunctionId;=0A=
+  UINTN                           PageTable;=0A=
+  EFI_PHYSICAL_ADDRESS            Buffer;=0A=
+  UINTN                           BufferSize;=0A=
+  IA32_MAP_ATTRIBUTE              MapAttribute;=0A=
+  IA32_MAP_ATTRIBUTE              MapMask;=0A=
+=0A=
+  VirPhyAddressSize.Uint32    =3D 0;=0A=
+  PageTable                   =3D 0;=0A=
+  BufferSize                  =3D 0;=0A=
+  MapAttribute.Uint64         =3D 0;=0A=
+  MapMask.Uint64              =3D MAX_UINT64;=0A=
+  MapAttribute.Bits.Present   =3D 1;=0A=
+  MapAttribute.Bits.ReadWrite =3D 1;=0A=
+=0A=
+  //=0A=
+  // Check Page5Level Support or not.=0A=
+  //=0A=
+  Cr4.UintN         =3D AsmReadCr4 ();=0A=
+  Page5LevelSupport =3D (Cr4.Bits.LA57 ? TRUE : FALSE);=0A=
+=0A=
+  //=0A=
+  // Check Page1G Support or not.=0A=
+  //=0A=
+  Page1GSupport =3D FALSE;=0A=
+  AsmCpuid (CPUID_EXTENDED_FUNCTION, &RegEax, NULL, NULL, NULL);=0A=
+  if (RegEax >=3D CPUID_EXTENDED_CPU_SIG) {=0A=
+    AsmCpuid (CPUID_EXTENDED_CPU_SIG, NULL, NULL, NULL, &RegEdx.Uint32);=
=0A=
+    if (RegEdx.Bits.Page1GB !=3D 0) {=0A=
+      Page1GSupport =3D TRUE;=0A=
+    }=0A=
+  }=0A=
+=0A=
+  //=0A=
+  // Decide Paging Mode according Page5LevelSupport & Page1GSupport.=0A=
+  //=0A=
+  if (Page5LevelSupport) {=0A=
+    PagingMode =3D Page1GSupport ? Paging5Level1GB : Paging5Level;=0A=
+  } else {=0A=
+    PagingMode =3D Page1GSupport ? Paging4Level1GB : Paging4Level;=0A=
+  }=0A=
+=0A=
+  //=0A=
+  // Get Maximum Physical Address Bits=0A=
+  // Get the number of address lines; Maximum Physical Address is 2^Physic=
alAddressBits - 1.=0A=
+  // If CPUID does not supported, then use a max value of 36 as per SDM 3A=
, 4.1.4.=0A=
+  //=0A=
+  AsmCpuid (CPUID_EXTENDED_FUNCTION, &MaxExtendedFunctionId, NULL, NULL, N=
ULL);=0A=
+  if (MaxExtendedFunctionId >=3D CPUID_VIR_PHY_ADDRESS_SIZE) {=0A=
+    AsmCpuid (CPUID_VIR_PHY_ADDRESS_SIZE, &VirPhyAddressSize.Uint32, NULL,=
 NULL, NULL);=0A=
+  } else {=0A=
+    VirPhyAddressSize.Bits.PhysicalAddressBits =3D 36;=0A=
+  }=0A=
+=0A=
+  if ((PagingMode =3D=3D Paging4Level1GB) || (PagingMode =3D=3D Paging4Lev=
el)) {=0A=
+    //=0A=
+    // The max lineaddress bits is 48 for 4 level page table.=0A=
+    //=0A=
+    VirPhyAddressSize.Bits.PhysicalAddressBits =3D MIN (VirPhyAddressSize.=
Bits.PhysicalAddressBits, 48);=0A=
+  }=0A=
+=0A=
+  //=0A=
+  // Get required buffer size for the pagetable that will be created.=0A=
+  //=0A=
+  Status =3D PageTableMap (&PageTable, PagingMode, 0, &BufferSize, 0, LShi=
ftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), &MapAttribute, &MapM=
ask, NULL);=0A=
+  ASSERT (Status =3D=3D EFI_BUFFER_TOO_SMALL);=0A=
+  if (Status !=3D EFI_BUFFER_TOO_SMALL) {=0A=
+    return Status;=0A=
+  }=0A=
+=0A=
+  //=0A=
+  // Allocate required Buffer.=0A=
+  //=0A=
+  Status =3D PeiServicesAllocatePages (=0A=
+             EfiBootServicesData,=0A=
+             EFI_SIZE_TO_PAGES (BufferSize),=0A=
+             &Buffer=0A=
+             );=0A=
+  if (EFI_ERROR (Status)) {=0A=
+    return EFI_OUT_OF_RESOURCES;=0A=
+  }=0A=
+=0A=
+  //=0A=
+  // Create PageTable in permanent memory.=0A=
+  //=0A=
+  Status =3D PageTableMap (&PageTable, PagingMode, (VOID *)(UINTN)Buffer, =
&BufferSize, 0, LShiftU64 (1, VirPhyAddressSize.Bits.PhysicalAddressBits), =
&MapAttribute, &MapMask, NULL);=0A=
+  ASSERT_EFI_ERROR (Status);=0A=
+  if (EFI_ERROR (Status) || (PageTable =3D=3D 0)) {=0A=
+    return EFI_OUT_OF_RESOURCES;=0A=
+  }=0A=
+=0A=
+  //=0A=
+  // Write the Pagetable to CR3.=0A=
+  //=0A=
+  AsmWriteCr3 (PageTable);=0A=
+=0A=
+  DEBUG ((=0A=
+    DEBUG_INFO,=0A=
+    "MigratePageTable: Created PageTable =3D 0x%lx, BufferSize =3D %x, Pag=
ingMode =3D 0x%lx, Support Max Physical Address Bits =3D %d\n",=0A=
+    PageTable,=0A=
+    BufferSize,=0A=
+    (UINTN)PagingMode,=0A=
+    VirPhyAddressSize.Bits.PhysicalAddressBits=0A=
+    ));=0A=
+=0A=
+  return Status;=0A=
+}=0A=
+=0A=
 //=0A=
 // These are IDT entries pointing to 10:FFFFFFE4h.=0A=
 //=0A=
 UINT64  mIdtEntryTemplate =3D 0xffff8e000010ffe4ULL;=0A=
=0A=
@@ -451,10 +580,11 @@ SecTemporaryRamDone (=0A=
   EFI_STATUS              Status2;=0A=
   UINTN                   Index;=0A=
   BOOLEAN                 State;=0A=
   EFI_PEI_PPI_DESCRIPTOR  *PeiPpiDescriptor;=0A=
   REPUBLISH_SEC_PPI_PPI   *RepublishSecPpiPpi;=0A=
+  IA32_CR0                Cr0;=0A=
=0A=
   //=0A=
   // Republish Sec Platform Information(2) PPI=0A=
   //=0A=
   RepublishSecPlatformInformationPpi ();=0A=
@@ -492,10 +622,27 @@ SecTemporaryRamDone (=0A=
   if (PcdGetBool (PcdMigrateTemporaryRamFirmwareVolumes)) {=0A=
     Status =3D MigrateGdt ();=0A=
     ASSERT_EFI_ERROR (Status);=0A=
   }=0A=
=0A=
+  //=0A=
+  // Migrate page table to permanent memory mapping entire physical addres=
s space if CR0.PG is set.=0A=
+  //=0A=
+  Cr0.UintN =3D AsmReadCr0 ();=0A=
+  if (Cr0.Bits.PG !=3D 0) {=0A=
+    //=0A=
+    // Assume CPU runs in 64bit mode if paging is enabled.=0A=
+    //=0A=
+    ASSERT (sizeof (UINTN) =3D=3D sizeof (UINT64));=0A=
+=0A=
+    Status =3D MigratePageTable ();=0A=
+    if (EFI_ERROR (Status)) {=0A=
+      DEBUG ((DEBUG_ERROR, "SecTemporaryRamDone: Failed to migrate page ta=
ble to permanent memory: %r.\n", Status));=0A=
+      CpuDeadLoop ();=0A=
+    }=0A=
+  }=0A=
+=0A=
   //=0A=
   // Disable Temporary RAM after Stack and Heap have been migrated at this=
 point.=0A=
   //=0A=
   SecPlatformDisableTemporaryMemory ();=0A=
=0A=
diff --git a/UefiCpuPkg/SecCore/SecMain.h b/UefiCpuPkg/SecCore/SecMain.h=0A=
index 880e6cd1b8..b50d96e45b 100644=0A=
--- a/UefiCpuPkg/SecCore/SecMain.h=0A=
+++ b/UefiCpuPkg/SecCore/SecMain.h=0A=
@@ -17,10 +17,11 @@=0A=
 #include <Ppi/PeiCoreFvLocation.h>=0A=
 #include <Ppi/RepublishSecPpi.h>=0A=
=0A=
 #include <Guid/FirmwarePerformance.h>=0A=
=0A=
+#include <Library/BaseLib.h>=0A=
 #include <Library/DebugLib.h>=0A=
 #include <Library/PcdLib.h>=0A=
 #include <Library/BaseMemoryLib.h>=0A=
 #include <Library/PlatformSecLib.h>=0A=
 #include <Library/CpuLib.h>=0A=
@@ -30,10 +31,13 @@=0A=
 #include <Library/CpuExceptionHandlerLib.h>=0A=
 #include <Library/ReportStatusCodeLib.h>=0A=
 #include <Library/PeiServicesTablePointerLib.h>=0A=
 #include <Library/HobLib.h>=0A=
 #include <Library/PeiServicesLib.h>=0A=
+#include <Library/CpuPageTableLib.h>=0A=
+#include <Register/Intel/Cpuid.h>=0A=
+#include <Register/Intel/Msr.h>=0A=
=0A=
 #define SEC_IDT_ENTRY_COUNT  34=0A=
=0A=
 typedef struct _SEC_IDT_TABLE {=0A=
   //=0A=
--=0A=
2.16.2.windows.1=0A=
=0A=