From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web10.51288.1680258325705140473 for ; Fri, 31 Mar 2023 03:25:25 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=doDYUMPT; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: ray.ni@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1680258325; x=1711794325; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=65mJ5VK8oRZsqDGjoak1cxc/fenBd82sT9SfKQzcn1U=; b=doDYUMPTU23W/Oc8P+CIdCao3/3E1YSrED2vlCOTYUj0DAaeynJcIYVj 5h4VaptAp1iREmka1vMJPkslEbTn/NKsUjbqrx5FhkxBK+uCZKIMFeZtU aQR9uK3Pkpf2YtqlTzjyKRJ+lI1OCskCjwISAPYsp2ArdBaURA57fiZZp FyBusmmxAFjlkRwRFTYXGIltytTyHk80rA1uiGFN6sPb+OPTtHlQDu+I4 fW6gUmfMd+X/wNtyTjxc1araXGoum0yoipPKlNbYF1iMd+1qQBNUOSEEG Xlqw0FJX0htMto1BigvhaFgiXKabGGg1OyuPeDdEWtqOGDvIkKRBVXMpw w==; X-IronPort-AV: E=McAfee;i="6600,9927,10665"; a="329951642" X-IronPort-AV: E=Sophos;i="5.98,307,1673942400"; d="scan'208";a="329951642" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Mar 2023 03:25:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10665"; a="635243418" X-IronPort-AV: E=Sophos;i="5.98,307,1673942400"; d="scan'208";a="635243418" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga003.jf.intel.com with ESMTP; 31 Mar 2023 03:25:23 -0700 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21; Fri, 31 Mar 2023 03:25:22 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21 via Frontend Transport; Fri, 31 Mar 2023 03:25:22 -0700 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (104.47.73.177) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.21; Fri, 31 Mar 2023 03:25:22 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JP5bHN70s6XOVD6OnG7LnImDOZRzDW+3ScTytDebyH/gOPbatYLRFlBAJVCJMveZ87P3v82/m9TX3RcgVIgli9lGlvT9iYrV7qYwKU5euMBzPV/cG9Sun+/CKRqECb+RnVF8vFvI747RubCT+1e3ToeIJi0ZmAYK4eq7m5fFImeXEECUex0NDtlGvsy8/Km9+0hkmf8c+tNk03fsCcxtry7dAkFey9RvlNbkaAqd4g8VkTz70fWoG/wfu1bw7wVkP3sgIcLvqL+HgBWw63/u3TpNkvdFLsroeCP2t14HJ2brjV4Kp2kzLDjCy61KPeqr+hk3PDKugQOiC1+fPBA45w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ymLyYD875qcZV+t332bGS8Bea6tuj2wo6RnTVvrnj1E=; b=UF3O5quWdQpkZ2rvIzcPtuzwzNzBxuDrLqKYZFPPmASZ59+mSdG3JcqJdGTE0b0k205eI65GcqQoyXaBjTUJfc0mkct0NNI1cl1bqMQh0ZGatRie6faKmupggr/j7FMlgHqH//JZ5P9E7hYzshGBsfa5hRNTl9LcG/xyzUu+dEQtjOwOQHK7oMIzRjzkLY5gpxNJHtoYxA2COCxjYn92AsLnFR4+tTo8q2xO2cH/xqtIscDvcCp5pNPZT/zRC8FasANf0KUgViq1G5S8Yhvo0IJ4kSxTLVo4PI89M4n5LW5jowSBRiP+6X6k8R3aYBjg9OFIP5AK6WcKIc1eXKwQow== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14) by CH0PR11MB5411.namprd11.prod.outlook.com (2603:10b6:610:d2::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6254.24; Fri, 31 Mar 2023 10:25:20 +0000 Received: from MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::ae07:e96a:4a24:8a69]) by MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::ae07:e96a:4a24:8a69%8]) with mapi id 15.20.6222.035; Fri, 31 Mar 2023 10:25:17 +0000 From: "Ni, Ray" To: "Tan, Dun" , "devel@edk2.groups.io" CC: "Bi, Dandan" , "Gao, Liming" , "Wang, Jian J" Subject: Re: [Patch V2 8/8] MdeModulePkg/DxeIpl: Refinement to the code to set PageTable as RO Thread-Topic: [Patch V2 8/8] MdeModulePkg/DxeIpl: Refinement to the code to set PageTable as RO Thread-Index: AQHZY7Rf/4e7FGWm70ufK/dckvKJcK8Ursng Date: Fri, 31 Mar 2023 10:25:17 +0000 Message-ID: References: <20230331093344.2609-1-dun.tan@intel.com> <20230331093344.2609-9-dun.tan@intel.com> In-Reply-To: <20230331093344.2609-9-dun.tan@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|CH0PR11MB5411:EE_ x-ms-office365-filtering-correlation-id: fadd17aa-29f3-4093-bee2-08db31d23923 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 2ek67E0Nm8w6s4NbpmiqmB1Oi6mnBt+aIRhMMqALKNm3goIHsqQW0OhoAVgbXNoWEmyLhMtyQ32rfg8PHzViqA09wcDmHHsViEZ50h6sG/itSHyLzuKCOoqEtexEHRl/jzs5c9cCZ1y+8jTRL5ukZ6gOSHrdwDJcNuiU5ksDPjpVQuVxsGjZzBIlJrjvwBxKxEBMC4ARpdH6hTQXB1jRJF7YXOZoWkfelkZe3sTAzhTO79YNJtFNEvwnyw7HZe72GRZjKecHb/WD9LkVwiqQv7CWLA21+iyzjFlGiaFAojxlpDLS8OaWGojCi0TevsnaelXAv/FVF9qmJBrl0dDClMNooAJxb8iCx/UZItZtaErZTmthbkdO6EcRHzWYjI1XZb0xVQgbC0D9KozgmGESlo14u0KcPxFRQnFSSsiinbk9ImoQ6X3TW2PFqF1nvKPriflK++VQ1VWY5hk/dSMa8dtXceACth0GS4fiyEMfrai0XqBd4S0QU5hamviDL3VutFiAByjcJF4m/i4OJoqz1Bxw3pAzHsQjezZBD5Hu9xNPUQIuOA4rWfgRCMop5U8GSmlE1tymJE2+JTEpWQIPfv4NJqo9UbFnX0gYW+/eFFM= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN6PR11MB8244.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(376002)(396003)(136003)(39860400002)(346002)(451199021)(6506007)(26005)(9686003)(53546011)(186003)(107886003)(966005)(83380400001)(52536014)(5660300002)(71200400001)(122000001)(8936002)(8676002)(38100700002)(82960400001)(7696005)(38070700005)(478600001)(54906003)(86362001)(19627235002)(2906002)(316002)(66556008)(66946007)(33656002)(76116006)(110136005)(66446008)(66476007)(4326008)(64756008)(41300700001)(55016003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?UY5+xptjNt+ATz2yWrsODN1/mWPyfbH6xcK3rGwfw7NdqvQia5LJGpbyXnHN?= =?us-ascii?Q?8xQlD/3ODX3YXMDluA13GtCdDI7AVVQXFLzHDlkoBNrmLvTGXC7P98UO9IJE?= =?us-ascii?Q?4hh/mXD3+V9yO8YeNuOovYWTIOcvi1WkThz8wi6EJ1s+R3EAtcpW0ee3Dduc?= =?us-ascii?Q?VsRHOy1JStBsTybZbFaU3SiwFrPFjGy0FK2+PfJSArj20V/5PIbskAtbv4E7?= =?us-ascii?Q?BEEGoE/KnOl498EP2tm9+EjQR5Dj1nF7gXgB8JQ9spBgSGiXsPM466jEDFtV?= =?us-ascii?Q?RtvoN/XtxQ0RnET3cN1o+TeL0+DAFjpajT3ZJ84giT7Lo7IK02bmqzloN7PC?= =?us-ascii?Q?UxqbMNahhdRPDqpLZC3WHRGovX5IewQ2V7cmhw5reYTGbGXAMSjhDdMUf8mY?= =?us-ascii?Q?3sod41QT2Qae42mM9mQskJYwluP0BkalkDp3ji+jLHE3YG1ZbsrYrulM/jho?= =?us-ascii?Q?sqavSRQ0mddVwyLdm3MyKd0NyBj+Z5UVqgps0oUSUBO54iESXAfe+YWo5R7Q?= =?us-ascii?Q?wvP8j2Qe9uUDldCVTdZI8P2hMSO3FtHvOXt/z6vnEfRcbWmH5PD5aqPadFiK?= =?us-ascii?Q?S/EsHACgYjjXxgVzTgQihGXnGw1mYD6HSLOBoFbTmJY4ewKL4GI5dFR1/G5U?= =?us-ascii?Q?bk9vMATVNBsrPtFmrfs7TUSh1WZkn+rJsgNuPmPEZNq3OL3KuFlWGHmtbnKj?= =?us-ascii?Q?QcBK8a47J5MXBpr8kV7lUxKHF8QoHR3CfbgMv22lJ8wjTybQZF++Ew7uZWst?= =?us-ascii?Q?iPbu9NiB1MmwOnG4ZmiN8jYiA9powzbra2xYhklQHbFTyLwvJy28zBQRy4JY?= =?us-ascii?Q?OtZAyHSjiFjiTze7nm4eDKgfiIAUYiy3Q5DjInjM7ZvngXTpFSK2kVKKhosE?= =?us-ascii?Q?nmLR1SaE20d3JnlwBRSypGg1wzPmulhK21n+hTzuqJGQy0SO+IaNN6nCt5Ed?= =?us-ascii?Q?N+C0TRTurKaQ6FSrz7lJCAUd6yXC8l6Caon/LHieoXs8O8xDFxwu5UEcfytX?= =?us-ascii?Q?Uol4xJPXLQF2aOqJQRJ1Zr9BTrUjzKB9ISzc5PyRsRMPiIQWx/RgQLck4vrU?= =?us-ascii?Q?UW2fc3d7Q6apzzJ6Rk4x/wExnOx1QCio8UA3ZF8QxdxUDYhAxFYtn+Fel29C?= =?us-ascii?Q?6r+5tTxHETLMuSMYEheEozMKigIaqj3mlasMk4xE0i30/tLGty/adUXLxfVf?= =?us-ascii?Q?PmrqQVX8i3vSByJKSERUoKApgkRCNgKNvoFjywnQOR/GpICns0OO5CMwlQVB?= =?us-ascii?Q?iWapEgqdO4xYdgkYqGy0W7JQWYK6trlasQivjnAfbP3+fq4MN9hbHyh8WaSs?= =?us-ascii?Q?Ab6ZYAuDh4H6dpAVbtbaNwX6cXA2z/ARF8pD38bsHMmWL2I1w08TtRiieHwY?= =?us-ascii?Q?fwqtwMsJ3mKxQEtHrJHWY0DrqsOL4TBZj9mXhY8wsBTdm+/SK5QZZ6y+3l7I?= =?us-ascii?Q?KJEUeKlsHWnFyJEcIyJXl4q0Wa/HMuOqTMLDJoa17Oy0DNnH0ApYdnjsyYLo?= =?us-ascii?Q?SBM9IilwoSQZ7GMvA1b1NNvi/ULCwPA85ZtzaXjK6KRVQ4pwi8cKqWMVK1eZ?= =?us-ascii?Q?YEksLvxFZrSQKe6alRo=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: fadd17aa-29f3-4093-bee2-08db31d23923 X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Mar 2023 10:25:17.4164 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: iXe80BZ7tT5LBTc/QKikmIsWvQB0fRVhJWQ6B0urMCRlHq8/fqDBqKJRRjoRdbdzVquUKFmHRZwC8XrmPiN9jw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR11MB5411 Return-Path: ray.ni@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Ray Ni > -----Original Message----- > From: Tan, Dun > Sent: Friday, March 31, 2023 5:34 PM > To: devel@edk2.groups.io > Cc: Bi, Dandan ; Gao, Liming > ; Ni, Ray ; Wang, Jian J > > Subject: [Patch V2 8/8] MdeModulePkg/DxeIpl: Refinement to the code to > set PageTable as RO >=20 > Code refinement to the code to set page table as RO in DxeIpl module. > Set all page table pools as ReadOnly by calling PageTableMap() in > CpuPageTableLib multiple times instead of searching each page table > pool address in page table layer by layer. Also, this commit solve > the issue that original SetPageTablePoolReadOnly() code in DxeIpl > doesn't handle the Level5Paging case. >=20 > Bugzila: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4176 > Signed-off-by: Dun Tan > Cc: Dandan Bi > Cc: Liming Gao > Cc: Ray Ni > Cc: Jian J Wang > --- > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c | 155 > +++++++++++++++----------------------------------------------------------= ------------ > ---------------------------------------------------------------------- > MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h | 15 --------------- > 2 files changed, 15 insertions(+), 155 deletions(-) >=20 > diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c > b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c > index ecdbd2ca24..a9edf4de32 100644 > --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c > +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.c > @@ -330,154 +330,37 @@ CreateOrUpdatePageTable ( > ASSERT (PageTableBufferSize =3D=3D 0); > } >=20 > -/** > - Set one page of page table pool memory to be read-only. > - > - @param[in] PageTableBase Base address of page table (CR3). > - @param[in] Address Start address of a page to be set as read-= only. > - @param[in] Level4Paging Level 4 paging flag. > - > -**/ > -VOID > -SetPageTablePoolReadOnly ( > - IN UINTN PageTableBase, > - IN EFI_PHYSICAL_ADDRESS Address, > - IN BOOLEAN Level4Paging > - ) > -{ > - UINTN Index; > - UINTN EntryIndex; > - UINT64 AddressEncMask; > - EFI_PHYSICAL_ADDRESS PhysicalAddress; > - UINT64 *PageTable; > - UINT64 *NewPageTable; > - UINT64 PageAttr; > - UINT64 LevelSize[5]; > - UINT64 LevelMask[5]; > - UINTN LevelShift[5]; > - UINTN Level; > - UINT64 PoolUnitSize; > - > - ASSERT (PageTableBase !=3D 0); > - > - // > - // Since the page table is always from page table pool, which is alway= s > - // located at the boundary of PcdPageTablePoolAlignment, we just need = to > - // set the whole pool unit to be read-only. > - // > - Address =3D Address & PAGE_TABLE_POOL_ALIGN_MASK; > - > - LevelShift[1] =3D PAGING_L1_ADDRESS_SHIFT; > - LevelShift[2] =3D PAGING_L2_ADDRESS_SHIFT; > - LevelShift[3] =3D PAGING_L3_ADDRESS_SHIFT; > - LevelShift[4] =3D PAGING_L4_ADDRESS_SHIFT; > - > - LevelMask[1] =3D PAGING_4K_ADDRESS_MASK_64; > - LevelMask[2] =3D PAGING_2M_ADDRESS_MASK_64; > - LevelMask[3] =3D PAGING_1G_ADDRESS_MASK_64; > - LevelMask[4] =3D PAGING_1G_ADDRESS_MASK_64; > - > - LevelSize[1] =3D SIZE_4KB; > - LevelSize[2] =3D SIZE_2MB; > - LevelSize[3] =3D SIZE_1GB; > - LevelSize[4] =3D SIZE_512GB; > - > - AddressEncMask =3D PcdGet64 (PcdPteMemoryEncryptionAddressOrMask) > & > - PAGING_1G_ADDRESS_MASK_64; > - PageTable =3D (UINT64 *)(UINTN)PageTableBase; > - PoolUnitSize =3D PAGE_TABLE_POOL_UNIT_SIZE; > - > - for (Level =3D (Level4Paging) ? 4 : 3; Level > 0; --Level) { > - Index =3D ((UINTN)RShiftU64 (Address, LevelShift[Level])); > - Index &=3D PAGING_PAE_INDEX_MASK; > - > - PageAttr =3D PageTable[Index]; > - if ((PageAttr & IA32_PG_PS) =3D=3D 0) { > - // > - // Go to next level of table. > - // > - PageTable =3D (UINT64 *)(UINTN)(PageAttr & ~AddressEncMask & > - PAGING_4K_ADDRESS_MASK_64); > - continue; > - } > - > - if (PoolUnitSize >=3D LevelSize[Level]) { > - // > - // Clear R/W bit if current page granularity is not larger than po= ol unit > - // size. > - // > - if ((PageAttr & IA32_PG_RW) !=3D 0) { > - while (PoolUnitSize > 0) { > - // > - // PAGE_TABLE_POOL_UNIT_SIZE and > PAGE_TABLE_POOL_ALIGNMENT are fit in > - // one page (2MB). Then we don't need to update attributes for= pages > - // crossing page directory. ASSERT below is for that purpose. > - // > - ASSERT (Index < EFI_PAGE_SIZE/sizeof (UINT64)); > - > - PageTable[Index] &=3D ~(UINT64)IA32_PG_RW; > - PoolUnitSize -=3D LevelSize[Level]; > - > - ++Index; > - } > - } > - > - break; > - } else { > - // > - // The smaller granularity of page must be needed. > - // > - ASSERT (Level > 1); > - > - NewPageTable =3D AllocatePageTableMemory (1); > - ASSERT (NewPageTable !=3D NULL); > - > - PhysicalAddress =3D PageAttr & LevelMask[Level]; > - for (EntryIndex =3D 0; > - EntryIndex < EFI_PAGE_SIZE/sizeof (UINT64); > - ++EntryIndex) > - { > - NewPageTable[EntryIndex] =3D PhysicalAddress | AddressEncMask | > - IA32_PG_P | IA32_PG_RW; > - if (Level > 2) { > - NewPageTable[EntryIndex] |=3D IA32_PG_PS; > - } > - > - PhysicalAddress +=3D LevelSize[Level - 1]; > - } > - > - PageTable[Index] =3D (UINT64)(UINTN)NewPageTable | AddressEncMask = | > - IA32_PG_P | IA32_PG_RW; > - PageTable =3D NewPageTable; > - } > - } > -} > - > /** > Prevent the memory pages used for page table from been overwritten. >=20 > - @param[in] PageTableBase Base address of page table (CR3). > - @param[in] Level4Paging Level 4 paging flag. > + @param[in] PageTableBase Base address of page table (CR3). > + @param[in] PagingMode The paging mode. >=20 > **/ > VOID > EnablePageTableProtection ( > - IN UINTN PageTableBase, > - IN BOOLEAN Level4Paging > + IN UINTN PageTableBase, > + IN PAGING_MODE PagingMode > ) > { > PAGE_TABLE_POOL *HeadPool; > PAGE_TABLE_POOL *Pool; > UINT64 PoolSize; > EFI_PHYSICAL_ADDRESS Address; > + IA32_MAP_ATTRIBUTE MapAttribute; > + IA32_MAP_ATTRIBUTE MapMask; >=20 > if (mPageTablePool =3D=3D NULL) { > return; > } >=20 > + MapAttribute.Uint64 =3D 0; > + MapAttribute.Bits.ReadWrite =3D 0; > + MapMask.Uint64 =3D 0; > + MapMask.Bits.ReadWrite =3D 1; > + > // > - // No need to clear CR0.WP since PageTableBase has't been written to C= R3 > yet. > - // SetPageTablePoolReadOnly might update mPageTablePool. It's safer to > + // CreateOrUpdatePageTable might update mPageTablePool. It's safer to > // remember original one in advance. > // > HeadPool =3D mPageTablePool; > @@ -485,18 +368,10 @@ EnablePageTableProtection ( > do { > Address =3D (EFI_PHYSICAL_ADDRESS)(UINTN)Pool; > PoolSize =3D Pool->Offset + EFI_PAGES_TO_SIZE (Pool->FreePages); > - > // > - // The size of one pool must be multiple of > PAGE_TABLE_POOL_UNIT_SIZE, which > - // is one of page size of the processor (2MB by default). Let's appl= y the > - // protection to them one by one. > + // Set entire pool including header, used-memory and left free-memor= y > as ReadOnly. > // > - while (PoolSize > 0) { > - SetPageTablePoolReadOnly (PageTableBase, Address, Level4Paging); > - Address +=3D PAGE_TABLE_POOL_UNIT_SIZE; > - PoolSize -=3D PAGE_TABLE_POOL_UNIT_SIZE; > - } > - > + CreateOrUpdatePageTable (&PageTableBase, PagingMode, Address, > PoolSize, &MapAttribute, &MapMask); > Pool =3D Pool->NextPool; > } while (Pool !=3D HeadPool); >=20 > @@ -679,7 +554,7 @@ CreateIdentityMappingPageTables ( > // Protect the page table by marking the memory used for page table to= be > // read-only. > // > - EnablePageTableProtection ((UINTN)PageTable, TRUE); > + EnablePageTableProtection (PageTable, PagingMode); >=20 > // > // Set IA32_EFER.NXE if necessary. > diff --git a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h > b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h > index a6cf31811d..034c4249d4 100644 > --- a/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h > +++ b/MdeModulePkg/Core/DxeIplPeim/X64/VirtualMemory.h > @@ -50,23 +50,8 @@ typedef struct { >=20 > #define CR0_WP BIT16 >=20 > -#define IA32_PG_P BIT0 > -#define IA32_PG_RW BIT1 > -#define IA32_PG_PS BIT7 > - > -#define PAGING_PAE_INDEX_MASK 0x1FF > - > -#define PAGING_4K_ADDRESS_MASK_64 0x000FFFFFFFFFF000ull > -#define PAGING_2M_ADDRESS_MASK_64 0x000FFFFFFFE00000ull > #define PAGING_1G_ADDRESS_MASK_64 0x000FFFFFC0000000ull >=20 > -#define PAGING_L1_ADDRESS_SHIFT 12 > -#define PAGING_L2_ADDRESS_SHIFT 21 > -#define PAGING_L3_ADDRESS_SHIFT 30 > -#define PAGING_L4_ADDRESS_SHIFT 39 > - > -#define PAGING_PML4E_NUMBER 4 > - > #define PAGE_TABLE_POOL_ALIGNMENT BASE_2MB > #define PAGE_TABLE_POOL_UNIT_SIZE SIZE_2MB > #define PAGE_TABLE_POOL_UNIT_PAGES EFI_SIZE_TO_PAGES > (PAGE_TABLE_POOL_UNIT_SIZE) > -- > 2.31.1.windows.1