]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | \r | |
3 | The protocol provides support to allocate, free, map and umap a DMA buffer\r | |
4 | for bus master (e.g PciHostBridge). When SEV is enabled, the DMA operations\r | |
5 | must be performed on unencrypted buffer hence we use a bounce buffer to map\r | |
6 | the guest buffer into an unencrypted DMA buffer.\r | |
7 | \r | |
8 | Copyright (c) 2017, AMD Inc. All rights reserved.<BR>\r | |
9 | Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>\r | |
10 | \r | |
11 | This program and the accompanying materials are licensed and made available\r | |
12 | under the terms and conditions of the BSD License which accompanies this\r | |
13 | distribution. The full text of the license may be found at\r | |
14 | http://opensource.org/licenses/bsd-license.php\r | |
15 | \r | |
16 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
17 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
18 | \r | |
19 | **/\r | |
20 | \r | |
21 | #include "AmdSevIoMmu.h"\r | |
22 | \r | |
23 | #define MAP_INFO_SIG SIGNATURE_64 ('M', 'A', 'P', '_', 'I', 'N', 'F', 'O')\r | |
24 | \r | |
25 | typedef struct {\r | |
26 | UINT64 Signature;\r | |
27 | LIST_ENTRY Link;\r | |
28 | EDKII_IOMMU_OPERATION Operation;\r | |
29 | UINTN NumberOfBytes;\r | |
30 | UINTN NumberOfPages;\r | |
31 | EFI_PHYSICAL_ADDRESS CryptedAddress;\r | |
32 | EFI_PHYSICAL_ADDRESS PlainTextAddress;\r | |
33 | } MAP_INFO;\r | |
34 | \r | |
35 | //\r | |
36 | // List of MAP_INFO structures recycled by Unmap().\r | |
37 | //\r | |
38 | // Recycled MAP_INFO structures are equally good for future recycling and\r | |
39 | // freeing.\r | |
40 | //\r | |
41 | STATIC LIST_ENTRY mRecycledMapInfos = INITIALIZE_LIST_HEAD_VARIABLE (\r | |
42 | mRecycledMapInfos\r | |
43 | );\r | |
44 | \r | |
45 | #define COMMON_BUFFER_SIG SIGNATURE_64 ('C', 'M', 'N', 'B', 'U', 'F', 'F', 'R')\r | |
46 | \r | |
47 | //\r | |
48 | // The following structure enables Map() and Unmap() to perform in-place\r | |
49 | // decryption and encryption, respectively, for BusMasterCommonBuffer[64]\r | |
50 | // operations, without dynamic memory allocation or release.\r | |
51 | //\r | |
52 | // Both COMMON_BUFFER_HEADER and COMMON_BUFFER_HEADER.StashBuffer are allocated\r | |
53 | // by AllocateBuffer() and released by FreeBuffer().\r | |
54 | //\r | |
55 | #pragma pack (1)\r | |
56 | typedef struct {\r | |
57 | UINT64 Signature;\r | |
58 | \r | |
59 | //\r | |
60 | // Always allocated from EfiBootServicesData type memory, and always\r | |
61 | // encrypted.\r | |
62 | //\r | |
63 | VOID *StashBuffer;\r | |
64 | \r | |
65 | //\r | |
66 | // Followed by the actual common buffer, starting at the next page.\r | |
67 | //\r | |
68 | } COMMON_BUFFER_HEADER;\r | |
69 | #pragma pack ()\r | |
70 | \r | |
71 | /**\r | |
72 | Provides the controller-specific addresses required to access system memory\r | |
73 | from a DMA bus master. On SEV guest, the DMA operations must be performed on\r | |
74 | shared buffer hence we allocate a bounce buffer to map the HostAddress to a\r | |
75 | DeviceAddress. The Encryption attribute is removed from the DeviceAddress\r | |
76 | buffer.\r | |
77 | \r | |
78 | @param This The protocol instance pointer.\r | |
79 | @param Operation Indicates if the bus master is going to read or\r | |
80 | write to system memory.\r | |
81 | @param HostAddress The system memory address to map to the PCI\r | |
82 | controller.\r | |
83 | @param NumberOfBytes On input the number of bytes to map. On output\r | |
84 | the number of bytes that were mapped.\r | |
85 | @param DeviceAddress The resulting map address for the bus master\r | |
86 | PCI controller to use to access the hosts\r | |
87 | HostAddress.\r | |
88 | @param Mapping A resulting value to pass to Unmap().\r | |
89 | \r | |
90 | @retval EFI_SUCCESS The range was mapped for the returned\r | |
91 | NumberOfBytes.\r | |
92 | @retval EFI_UNSUPPORTED The HostAddress cannot be mapped as a common\r | |
93 | buffer.\r | |
94 | @retval EFI_INVALID_PARAMETER One or more parameters are invalid.\r | |
95 | @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a\r | |
96 | lack of resources.\r | |
97 | @retval EFI_DEVICE_ERROR The system hardware could not map the requested\r | |
98 | address.\r | |
99 | \r | |
100 | **/\r | |
101 | EFI_STATUS\r | |
102 | EFIAPI\r | |
103 | IoMmuMap (\r | |
104 | IN EDKII_IOMMU_PROTOCOL *This,\r | |
105 | IN EDKII_IOMMU_OPERATION Operation,\r | |
106 | IN VOID *HostAddress,\r | |
107 | IN OUT UINTN *NumberOfBytes,\r | |
108 | OUT EFI_PHYSICAL_ADDRESS *DeviceAddress,\r | |
109 | OUT VOID **Mapping\r | |
110 | )\r | |
111 | {\r | |
112 | EFI_STATUS Status;\r | |
113 | LIST_ENTRY *RecycledMapInfo;\r | |
114 | MAP_INFO *MapInfo;\r | |
115 | EFI_ALLOCATE_TYPE AllocateType;\r | |
116 | COMMON_BUFFER_HEADER *CommonBufferHeader;\r | |
117 | VOID *DecryptionSource;\r | |
118 | \r | |
119 | if (HostAddress == NULL || NumberOfBytes == NULL || DeviceAddress == NULL ||\r | |
120 | Mapping == NULL) {\r | |
121 | return EFI_INVALID_PARAMETER;\r | |
122 | }\r | |
123 | \r | |
124 | //\r | |
125 | // Allocate a MAP_INFO structure to remember the mapping when Unmap() is\r | |
126 | // called later.\r | |
127 | //\r | |
128 | RecycledMapInfo = GetFirstNode (&mRecycledMapInfos);\r | |
129 | if (RecycledMapInfo == &mRecycledMapInfos) {\r | |
130 | //\r | |
131 | // No recycled MAP_INFO structure, allocate a new one.\r | |
132 | //\r | |
133 | MapInfo = AllocatePool (sizeof (MAP_INFO));\r | |
134 | if (MapInfo == NULL) {\r | |
135 | Status = EFI_OUT_OF_RESOURCES;\r | |
136 | goto Failed;\r | |
137 | }\r | |
138 | } else {\r | |
139 | MapInfo = CR (RecycledMapInfo, MAP_INFO, Link, MAP_INFO_SIG);\r | |
140 | RemoveEntryList (RecycledMapInfo);\r | |
141 | }\r | |
142 | \r | |
143 | //\r | |
144 | // Initialize the MAP_INFO structure, except the PlainTextAddress field\r | |
145 | //\r | |
146 | ZeroMem (&MapInfo->Link, sizeof MapInfo->Link);\r | |
147 | MapInfo->Signature = MAP_INFO_SIG;\r | |
148 | MapInfo->Operation = Operation;\r | |
149 | MapInfo->NumberOfBytes = *NumberOfBytes;\r | |
150 | MapInfo->NumberOfPages = EFI_SIZE_TO_PAGES (MapInfo->NumberOfBytes);\r | |
151 | MapInfo->CryptedAddress = (UINTN)HostAddress;\r | |
152 | \r | |
153 | //\r | |
154 | // In the switch statement below, we point "MapInfo->PlainTextAddress" to the\r | |
155 | // plaintext buffer, according to Operation. We also set "DecryptionSource".\r | |
156 | //\r | |
157 | MapInfo->PlainTextAddress = MAX_ADDRESS;\r | |
158 | AllocateType = AllocateAnyPages;\r | |
159 | DecryptionSource = (VOID *)(UINTN)MapInfo->CryptedAddress;\r | |
160 | switch (Operation) {\r | |
161 | //\r | |
162 | // For BusMasterRead[64] and BusMasterWrite[64] operations, a bounce buffer\r | |
163 | // is necessary regardless of whether the original (crypted) buffer crosses\r | |
164 | // the 4GB limit or not -- we have to allocate a separate plaintext buffer.\r | |
165 | // The only variable is whether the plaintext buffer should be under 4GB.\r | |
166 | //\r | |
167 | case EdkiiIoMmuOperationBusMasterRead:\r | |
168 | case EdkiiIoMmuOperationBusMasterWrite:\r | |
169 | MapInfo->PlainTextAddress = BASE_4GB - 1;\r | |
170 | AllocateType = AllocateMaxAddress;\r | |
171 | //\r | |
172 | // fall through\r | |
173 | //\r | |
174 | case EdkiiIoMmuOperationBusMasterRead64:\r | |
175 | case EdkiiIoMmuOperationBusMasterWrite64:\r | |
176 | //\r | |
177 | // Allocate the implicit plaintext bounce buffer.\r | |
178 | //\r | |
179 | Status = gBS->AllocatePages (\r | |
180 | AllocateType,\r | |
181 | EfiBootServicesData,\r | |
182 | MapInfo->NumberOfPages,\r | |
183 | &MapInfo->PlainTextAddress\r | |
184 | );\r | |
185 | if (EFI_ERROR (Status)) {\r | |
186 | goto FreeMapInfo;\r | |
187 | }\r | |
188 | break;\r | |
189 | \r | |
190 | //\r | |
191 | // For BusMasterCommonBuffer[64] operations, a to-be-plaintext buffer and a\r | |
192 | // stash buffer (for in-place decryption) have been allocated already, with\r | |
193 | // AllocateBuffer(). We only check whether the address of the to-be-plaintext\r | |
194 | // buffer is low enough for the requested operation.\r | |
195 | //\r | |
196 | case EdkiiIoMmuOperationBusMasterCommonBuffer:\r | |
197 | if ((MapInfo->CryptedAddress > BASE_4GB) ||\r | |
198 | (EFI_PAGES_TO_SIZE (MapInfo->NumberOfPages) >\r | |
199 | BASE_4GB - MapInfo->CryptedAddress)) {\r | |
200 | //\r | |
201 | // CommonBuffer operations cannot be remapped. If the common buffer is\r | |
202 | // above 4GB, then it is not possible to generate a mapping, so return an\r | |
203 | // error.\r | |
204 | //\r | |
205 | Status = EFI_UNSUPPORTED;\r | |
206 | goto FreeMapInfo;\r | |
207 | }\r | |
208 | //\r | |
209 | // fall through\r | |
210 | //\r | |
211 | case EdkiiIoMmuOperationBusMasterCommonBuffer64:\r | |
212 | //\r | |
213 | // The buffer at MapInfo->CryptedAddress comes from AllocateBuffer().\r | |
214 | //\r | |
215 | MapInfo->PlainTextAddress = MapInfo->CryptedAddress;\r | |
216 | //\r | |
217 | // Stash the crypted data.\r | |
218 | //\r | |
219 | CommonBufferHeader = (COMMON_BUFFER_HEADER *)(\r | |
220 | (UINTN)MapInfo->CryptedAddress - EFI_PAGE_SIZE\r | |
221 | );\r | |
222 | ASSERT (CommonBufferHeader->Signature == COMMON_BUFFER_SIG);\r | |
223 | CopyMem (\r | |
224 | CommonBufferHeader->StashBuffer,\r | |
225 | (VOID *)(UINTN)MapInfo->CryptedAddress,\r | |
226 | MapInfo->NumberOfBytes\r | |
227 | );\r | |
228 | //\r | |
229 | // Point "DecryptionSource" to the stash buffer so that we decrypt\r | |
230 | // it to the original location, after the switch statement.\r | |
231 | //\r | |
232 | DecryptionSource = CommonBufferHeader->StashBuffer;\r | |
233 | break;\r | |
234 | \r | |
235 | default:\r | |
236 | //\r | |
237 | // Operation is invalid\r | |
238 | //\r | |
239 | Status = EFI_INVALID_PARAMETER;\r | |
240 | goto FreeMapInfo;\r | |
241 | }\r | |
242 | \r | |
243 | //\r | |
244 | // Clear the memory encryption mask on the plaintext buffer.\r | |
245 | //\r | |
246 | Status = MemEncryptSevClearPageEncMask (\r | |
247 | 0,\r | |
248 | MapInfo->PlainTextAddress,\r | |
249 | MapInfo->NumberOfPages,\r | |
250 | TRUE\r | |
251 | );\r | |
252 | ASSERT_EFI_ERROR (Status);\r | |
253 | if (EFI_ERROR (Status)) {\r | |
254 | CpuDeadLoop ();\r | |
255 | }\r | |
256 | \r | |
257 | //\r | |
258 | // If this is a read operation from the Bus Master's point of view,\r | |
259 | // then copy the contents of the real buffer into the mapped buffer\r | |
260 | // so the Bus Master can read the contents of the real buffer.\r | |
261 | //\r | |
262 | // For BusMasterCommonBuffer[64] operations, the CopyMem() below will decrypt\r | |
263 | // the original data (from the stash buffer) back to the original location.\r | |
264 | //\r | |
265 | if (Operation == EdkiiIoMmuOperationBusMasterRead ||\r | |
266 | Operation == EdkiiIoMmuOperationBusMasterRead64 ||\r | |
267 | Operation == EdkiiIoMmuOperationBusMasterCommonBuffer ||\r | |
268 | Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) {\r | |
269 | CopyMem (\r | |
270 | (VOID *) (UINTN) MapInfo->PlainTextAddress,\r | |
271 | DecryptionSource,\r | |
272 | MapInfo->NumberOfBytes\r | |
273 | );\r | |
274 | }\r | |
275 | \r | |
276 | //\r | |
277 | // Populate output parameters.\r | |
278 | //\r | |
279 | *DeviceAddress = MapInfo->PlainTextAddress;\r | |
280 | *Mapping = MapInfo;\r | |
281 | \r | |
282 | DEBUG ((\r | |
283 | DEBUG_VERBOSE,\r | |
284 | "%a PlainText 0x%Lx Crypted 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n",\r | |
285 | __FUNCTION__,\r | |
286 | MapInfo->PlainTextAddress,\r | |
287 | MapInfo->CryptedAddress,\r | |
288 | (UINT64)MapInfo->NumberOfPages,\r | |
289 | (UINT64)MapInfo->NumberOfBytes\r | |
290 | ));\r | |
291 | \r | |
292 | return EFI_SUCCESS;\r | |
293 | \r | |
294 | FreeMapInfo:\r | |
295 | FreePool (MapInfo);\r | |
296 | \r | |
297 | Failed:\r | |
298 | *NumberOfBytes = 0;\r | |
299 | return Status;\r | |
300 | }\r | |
301 | \r | |
302 | /**\r | |
303 | Completes the Map() operation and releases any corresponding resources.\r | |
304 | \r | |
305 | @param This The protocol instance pointer.\r | |
306 | @param Mapping The mapping value returned from Map().\r | |
307 | \r | |
308 | @retval EFI_SUCCESS The range was unmapped.\r | |
309 | @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by\r | |
310 | Map().\r | |
311 | @retval EFI_DEVICE_ERROR The data was not committed to the target system\r | |
312 | memory.\r | |
313 | **/\r | |
314 | EFI_STATUS\r | |
315 | EFIAPI\r | |
316 | IoMmuUnmap (\r | |
317 | IN EDKII_IOMMU_PROTOCOL *This,\r | |
318 | IN VOID *Mapping\r | |
319 | )\r | |
320 | {\r | |
321 | MAP_INFO *MapInfo;\r | |
322 | EFI_STATUS Status;\r | |
323 | COMMON_BUFFER_HEADER *CommonBufferHeader;\r | |
324 | VOID *EncryptionTarget;\r | |
325 | \r | |
326 | if (Mapping == NULL) {\r | |
327 | return EFI_INVALID_PARAMETER;\r | |
328 | }\r | |
329 | \r | |
330 | MapInfo = (MAP_INFO *)Mapping;\r | |
331 | \r | |
332 | //\r | |
333 | // set CommonBufferHeader to suppress incorrect compiler/analyzer warnings\r | |
334 | //\r | |
335 | CommonBufferHeader = NULL;\r | |
336 | \r | |
337 | //\r | |
338 | // For BusMasterWrite[64] operations and BusMasterCommonBuffer[64] operations\r | |
339 | // we have to encrypt the results, ultimately to the original place (i.e.,\r | |
340 | // "MapInfo->CryptedAddress").\r | |
341 | //\r | |
342 | // For BusMasterCommonBuffer[64] operations however, this encryption has to\r | |
343 | // land in-place, so divert the encryption to the stash buffer first.\r | |
344 | //\r | |
345 | EncryptionTarget = (VOID *)(UINTN)MapInfo->CryptedAddress;\r | |
346 | \r | |
347 | switch (MapInfo->Operation) {\r | |
348 | case EdkiiIoMmuOperationBusMasterCommonBuffer:\r | |
349 | case EdkiiIoMmuOperationBusMasterCommonBuffer64:\r | |
350 | ASSERT (MapInfo->PlainTextAddress == MapInfo->CryptedAddress);\r | |
351 | \r | |
352 | CommonBufferHeader = (COMMON_BUFFER_HEADER *)(\r | |
353 | (UINTN)MapInfo->PlainTextAddress - EFI_PAGE_SIZE\r | |
354 | );\r | |
355 | ASSERT (CommonBufferHeader->Signature == COMMON_BUFFER_SIG);\r | |
356 | EncryptionTarget = CommonBufferHeader->StashBuffer;\r | |
357 | //\r | |
358 | // fall through\r | |
359 | //\r | |
360 | \r | |
361 | case EdkiiIoMmuOperationBusMasterWrite:\r | |
362 | case EdkiiIoMmuOperationBusMasterWrite64:\r | |
363 | CopyMem (\r | |
364 | EncryptionTarget,\r | |
365 | (VOID *) (UINTN) MapInfo->PlainTextAddress,\r | |
366 | MapInfo->NumberOfBytes\r | |
367 | );\r | |
368 | break;\r | |
369 | \r | |
370 | default:\r | |
371 | //\r | |
372 | // nothing to encrypt after BusMasterRead[64] operations\r | |
373 | //\r | |
374 | break;\r | |
375 | }\r | |
376 | \r | |
377 | DEBUG ((\r | |
378 | DEBUG_VERBOSE,\r | |
379 | "%a PlainText 0x%Lx Crypted 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n",\r | |
380 | __FUNCTION__,\r | |
381 | MapInfo->PlainTextAddress,\r | |
382 | MapInfo->CryptedAddress,\r | |
383 | (UINT64)MapInfo->NumberOfPages,\r | |
384 | (UINT64)MapInfo->NumberOfBytes\r | |
385 | ));\r | |
386 | \r | |
387 | //\r | |
388 | // Restore the memory encryption mask on the area we used to hold the\r | |
389 | // plaintext.\r | |
390 | //\r | |
391 | Status = MemEncryptSevSetPageEncMask (\r | |
392 | 0,\r | |
393 | MapInfo->PlainTextAddress,\r | |
394 | MapInfo->NumberOfPages,\r | |
395 | TRUE\r | |
396 | );\r | |
397 | ASSERT_EFI_ERROR (Status);\r | |
398 | if (EFI_ERROR (Status)) {\r | |
399 | CpuDeadLoop ();\r | |
400 | }\r | |
401 | \r | |
402 | //\r | |
403 | // For BusMasterCommonBuffer[64] operations, copy the stashed data to the\r | |
404 | // original (now encrypted) location.\r | |
405 | //\r | |
406 | // For all other operations, fill the late bounce buffer (which existed as\r | |
407 | // plaintext at some point) with zeros, and then release it.\r | |
408 | //\r | |
409 | if (MapInfo->Operation == EdkiiIoMmuOperationBusMasterCommonBuffer ||\r | |
410 | MapInfo->Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) {\r | |
411 | CopyMem (\r | |
412 | (VOID *)(UINTN)MapInfo->CryptedAddress,\r | |
413 | CommonBufferHeader->StashBuffer,\r | |
414 | MapInfo->NumberOfBytes\r | |
415 | );\r | |
416 | \r | |
417 | //\r | |
418 | // Recycle the MAP_INFO structure.\r | |
419 | //\r | |
420 | InsertTailList (&mRecycledMapInfos, &MapInfo->Link);\r | |
421 | } else {\r | |
422 | ZeroMem (\r | |
423 | (VOID *)(UINTN)MapInfo->PlainTextAddress,\r | |
424 | EFI_PAGES_TO_SIZE (MapInfo->NumberOfPages)\r | |
425 | );\r | |
426 | gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages);\r | |
427 | \r | |
428 | //\r | |
429 | // Free the MAP_INFO structure.\r | |
430 | //\r | |
431 | FreePool (MapInfo);\r | |
432 | }\r | |
433 | \r | |
434 | return EFI_SUCCESS;\r | |
435 | }\r | |
436 | \r | |
437 | /**\r | |
438 | Allocates pages that are suitable for an OperationBusMasterCommonBuffer or\r | |
439 | OperationBusMasterCommonBuffer64 mapping.\r | |
440 | \r | |
441 | @param This The protocol instance pointer.\r | |
442 | @param Type This parameter is not used and must be ignored.\r | |
443 | @param MemoryType The type of memory to allocate,\r | |
444 | EfiBootServicesData or EfiRuntimeServicesData.\r | |
445 | @param Pages The number of pages to allocate.\r | |
446 | @param HostAddress A pointer to store the base system memory\r | |
447 | address of the allocated range.\r | |
448 | @param Attributes The requested bit mask of attributes for the\r | |
449 | allocated range.\r | |
450 | \r | |
451 | @retval EFI_SUCCESS The requested memory pages were allocated.\r | |
452 | @retval EFI_UNSUPPORTED Attributes is unsupported. The only legal\r | |
453 | attribute bits are MEMORY_WRITE_COMBINE and\r | |
454 | MEMORY_CACHED.\r | |
455 | @retval EFI_INVALID_PARAMETER One or more parameters are invalid.\r | |
456 | @retval EFI_OUT_OF_RESOURCES The memory pages could not be allocated.\r | |
457 | \r | |
458 | **/\r | |
459 | EFI_STATUS\r | |
460 | EFIAPI\r | |
461 | IoMmuAllocateBuffer (\r | |
462 | IN EDKII_IOMMU_PROTOCOL *This,\r | |
463 | IN EFI_ALLOCATE_TYPE Type,\r | |
464 | IN EFI_MEMORY_TYPE MemoryType,\r | |
465 | IN UINTN Pages,\r | |
466 | IN OUT VOID **HostAddress,\r | |
467 | IN UINT64 Attributes\r | |
468 | )\r | |
469 | {\r | |
470 | EFI_STATUS Status;\r | |
471 | EFI_PHYSICAL_ADDRESS PhysicalAddress;\r | |
472 | VOID *StashBuffer;\r | |
473 | UINTN CommonBufferPages;\r | |
474 | COMMON_BUFFER_HEADER *CommonBufferHeader;\r | |
475 | \r | |
476 | //\r | |
477 | // Validate Attributes\r | |
478 | //\r | |
479 | if ((Attributes & EDKII_IOMMU_ATTRIBUTE_INVALID_FOR_ALLOCATE_BUFFER) != 0) {\r | |
480 | return EFI_UNSUPPORTED;\r | |
481 | }\r | |
482 | \r | |
483 | //\r | |
484 | // Check for invalid inputs\r | |
485 | //\r | |
486 | if (HostAddress == NULL) {\r | |
487 | return EFI_INVALID_PARAMETER;\r | |
488 | }\r | |
489 | \r | |
490 | //\r | |
491 | // The only valid memory types are EfiBootServicesData and\r | |
492 | // EfiRuntimeServicesData\r | |
493 | //\r | |
494 | if (MemoryType != EfiBootServicesData &&\r | |
495 | MemoryType != EfiRuntimeServicesData) {\r | |
496 | return EFI_INVALID_PARAMETER;\r | |
497 | }\r | |
498 | \r | |
499 | //\r | |
500 | // We'll need a header page for the COMMON_BUFFER_HEADER structure.\r | |
501 | //\r | |
502 | if (Pages > MAX_UINTN - 1) {\r | |
503 | return EFI_OUT_OF_RESOURCES;\r | |
504 | }\r | |
505 | CommonBufferPages = Pages + 1;\r | |
506 | \r | |
507 | //\r | |
508 | // Allocate the stash in EfiBootServicesData type memory.\r | |
509 | //\r | |
510 | // Map() will temporarily save encrypted data in the stash for\r | |
511 | // BusMasterCommonBuffer[64] operations, so the data can be decrypted to the\r | |
512 | // original location.\r | |
513 | //\r | |
514 | // Unmap() will temporarily save plaintext data in the stash for\r | |
515 | // BusMasterCommonBuffer[64] operations, so the data can be encrypted to the\r | |
516 | // original location.\r | |
517 | //\r | |
518 | // StashBuffer always resides in encrypted memory.\r | |
519 | //\r | |
520 | StashBuffer = AllocatePages (Pages);\r | |
521 | if (StashBuffer == NULL) {\r | |
522 | return EFI_OUT_OF_RESOURCES;\r | |
523 | }\r | |
524 | \r | |
525 | PhysicalAddress = (UINTN)-1;\r | |
526 | if ((Attributes & EDKII_IOMMU_ATTRIBUTE_DUAL_ADDRESS_CYCLE) == 0) {\r | |
527 | //\r | |
528 | // Limit allocations to memory below 4GB\r | |
529 | //\r | |
530 | PhysicalAddress = SIZE_4GB - 1;\r | |
531 | }\r | |
532 | Status = gBS->AllocatePages (\r | |
533 | AllocateMaxAddress,\r | |
534 | MemoryType,\r | |
535 | CommonBufferPages,\r | |
536 | &PhysicalAddress\r | |
537 | );\r | |
538 | if (EFI_ERROR (Status)) {\r | |
539 | goto FreeStashBuffer;\r | |
540 | }\r | |
541 | \r | |
542 | CommonBufferHeader = (VOID *)(UINTN)PhysicalAddress;\r | |
543 | PhysicalAddress += EFI_PAGE_SIZE;\r | |
544 | \r | |
545 | CommonBufferHeader->Signature = COMMON_BUFFER_SIG;\r | |
546 | CommonBufferHeader->StashBuffer = StashBuffer;\r | |
547 | \r | |
548 | *HostAddress = (VOID *)(UINTN)PhysicalAddress;\r | |
549 | \r | |
550 | DEBUG ((\r | |
551 | DEBUG_VERBOSE,\r | |
552 | "%a Address 0x%Lx Pages 0x%Lx\n",\r | |
553 | __FUNCTION__,\r | |
554 | PhysicalAddress,\r | |
555 | (UINT64)Pages\r | |
556 | ));\r | |
557 | return EFI_SUCCESS;\r | |
558 | \r | |
559 | FreeStashBuffer:\r | |
560 | FreePages (StashBuffer, Pages);\r | |
561 | return Status;\r | |
562 | }\r | |
563 | \r | |
564 | /**\r | |
565 | Frees memory that was allocated with AllocateBuffer().\r | |
566 | \r | |
567 | @param This The protocol instance pointer.\r | |
568 | @param Pages The number of pages to free.\r | |
569 | @param HostAddress The base system memory address of the allocated\r | |
570 | range.\r | |
571 | \r | |
572 | @retval EFI_SUCCESS The requested memory pages were freed.\r | |
573 | @retval EFI_INVALID_PARAMETER The memory range specified by HostAddress and\r | |
574 | Pages was not allocated with AllocateBuffer().\r | |
575 | \r | |
576 | **/\r | |
577 | EFI_STATUS\r | |
578 | EFIAPI\r | |
579 | IoMmuFreeBuffer (\r | |
580 | IN EDKII_IOMMU_PROTOCOL *This,\r | |
581 | IN UINTN Pages,\r | |
582 | IN VOID *HostAddress\r | |
583 | )\r | |
584 | {\r | |
585 | UINTN CommonBufferPages;\r | |
586 | COMMON_BUFFER_HEADER *CommonBufferHeader;\r | |
587 | \r | |
588 | CommonBufferPages = Pages + 1;\r | |
589 | CommonBufferHeader = (COMMON_BUFFER_HEADER *)(\r | |
590 | (UINTN)HostAddress - EFI_PAGE_SIZE\r | |
591 | );\r | |
592 | \r | |
593 | //\r | |
594 | // Check the signature.\r | |
595 | //\r | |
596 | ASSERT (CommonBufferHeader->Signature == COMMON_BUFFER_SIG);\r | |
597 | if (CommonBufferHeader->Signature != COMMON_BUFFER_SIG) {\r | |
598 | return EFI_INVALID_PARAMETER;\r | |
599 | }\r | |
600 | \r | |
601 | //\r | |
602 | // Free the stash buffer. This buffer was always encrypted, so no need to\r | |
603 | // zero it.\r | |
604 | //\r | |
605 | FreePages (CommonBufferHeader->StashBuffer, Pages);\r | |
606 | \r | |
607 | DEBUG ((\r | |
608 | DEBUG_VERBOSE,\r | |
609 | "%a Address 0x%Lx Pages 0x%Lx\n",\r | |
610 | __FUNCTION__,\r | |
611 | (UINT64)(UINTN)HostAddress,\r | |
612 | (UINT64)Pages\r | |
613 | ));\r | |
614 | \r | |
615 | //\r | |
616 | // Release the common buffer itself. Unmap() has re-encrypted it in-place, so\r | |
617 | // no need to zero it.\r | |
618 | //\r | |
619 | return gBS->FreePages ((UINTN)CommonBufferHeader, CommonBufferPages);\r | |
620 | }\r | |
621 | \r | |
622 | \r | |
623 | /**\r | |
624 | Set IOMMU attribute for a system memory.\r | |
625 | \r | |
626 | If the IOMMU protocol exists, the system memory cannot be used\r | |
627 | for DMA by default.\r | |
628 | \r | |
629 | When a device requests a DMA access for a system memory,\r | |
630 | the device driver need use SetAttribute() to update the IOMMU\r | |
631 | attribute to request DMA access (read and/or write).\r | |
632 | \r | |
633 | The DeviceHandle is used to identify which device submits the request.\r | |
634 | The IOMMU implementation need translate the device path to an IOMMU device\r | |
635 | ID, and set IOMMU hardware register accordingly.\r | |
636 | 1) DeviceHandle can be a standard PCI device.\r | |
637 | The memory for BusMasterRead need set EDKII_IOMMU_ACCESS_READ.\r | |
638 | The memory for BusMasterWrite need set EDKII_IOMMU_ACCESS_WRITE.\r | |
639 | The memory for BusMasterCommonBuffer need set\r | |
640 | EDKII_IOMMU_ACCESS_READ|EDKII_IOMMU_ACCESS_WRITE.\r | |
641 | After the memory is used, the memory need set 0 to keep it being\r | |
642 | protected.\r | |
643 | 2) DeviceHandle can be an ACPI device (ISA, I2C, SPI, etc).\r | |
644 | The memory for DMA access need set EDKII_IOMMU_ACCESS_READ and/or\r | |
645 | EDKII_IOMMU_ACCESS_WRITE.\r | |
646 | \r | |
647 | @param[in] This The protocol instance pointer.\r | |
648 | @param[in] DeviceHandle The device who initiates the DMA access\r | |
649 | request.\r | |
650 | @param[in] Mapping The mapping value returned from Map().\r | |
651 | @param[in] IoMmuAccess The IOMMU access.\r | |
652 | \r | |
653 | @retval EFI_SUCCESS The IoMmuAccess is set for the memory range\r | |
654 | specified by DeviceAddress and Length.\r | |
655 | @retval EFI_INVALID_PARAMETER DeviceHandle is an invalid handle.\r | |
656 | @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by\r | |
657 | Map().\r | |
658 | @retval EFI_INVALID_PARAMETER IoMmuAccess specified an illegal combination\r | |
659 | of access.\r | |
660 | @retval EFI_UNSUPPORTED DeviceHandle is unknown by the IOMMU.\r | |
661 | @retval EFI_UNSUPPORTED The bit mask of IoMmuAccess is not supported\r | |
662 | by the IOMMU.\r | |
663 | @retval EFI_UNSUPPORTED The IOMMU does not support the memory range\r | |
664 | specified by Mapping.\r | |
665 | @retval EFI_OUT_OF_RESOURCES There are not enough resources available to\r | |
666 | modify the IOMMU access.\r | |
667 | @retval EFI_DEVICE_ERROR The IOMMU device reported an error while\r | |
668 | attempting the operation.\r | |
669 | \r | |
670 | **/\r | |
671 | EFI_STATUS\r | |
672 | EFIAPI\r | |
673 | IoMmuSetAttribute (\r | |
674 | IN EDKII_IOMMU_PROTOCOL *This,\r | |
675 | IN EFI_HANDLE DeviceHandle,\r | |
676 | IN VOID *Mapping,\r | |
677 | IN UINT64 IoMmuAccess\r | |
678 | )\r | |
679 | {\r | |
680 | return EFI_UNSUPPORTED;\r | |
681 | }\r | |
682 | \r | |
683 | EDKII_IOMMU_PROTOCOL mAmdSev = {\r | |
684 | EDKII_IOMMU_PROTOCOL_REVISION,\r | |
685 | IoMmuSetAttribute,\r | |
686 | IoMmuMap,\r | |
687 | IoMmuUnmap,\r | |
688 | IoMmuAllocateBuffer,\r | |
689 | IoMmuFreeBuffer,\r | |
690 | };\r | |
691 | \r | |
692 | /**\r | |
693 | Initialize Iommu Protocol.\r | |
694 | \r | |
695 | **/\r | |
696 | EFI_STATUS\r | |
697 | EFIAPI\r | |
698 | AmdSevInstallIoMmuProtocol (\r | |
699 | VOID\r | |
700 | )\r | |
701 | {\r | |
702 | EFI_STATUS Status;\r | |
703 | EFI_HANDLE Handle;\r | |
704 | \r | |
705 | Handle = NULL;\r | |
706 | Status = gBS->InstallMultipleProtocolInterfaces (\r | |
707 | &Handle,\r | |
708 | &gEdkiiIoMmuProtocolGuid, &mAmdSev,\r | |
709 | NULL\r | |
710 | );\r | |
711 | return Status;\r | |
712 | }\r |