]> git.proxmox.com Git - mirror_edk2.git/blob - OvmfPkg/IoMmuDxe/AmdSevIoMmu.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
OvmfPkg/IoMmuDxe: zero out pages before releasing them
[mirror_edk2.git] / OvmfPkg / IoMmuDxe / AmdSevIoMmu.c
1 /** @file
2
3 The protocol provides support to allocate, free, map and umap a DMA buffer
4 for bus master (e.g PciHostBridge). When SEV is enabled, the DMA operations
5 must be performed on unencrypted buffer hence we use a bounce buffer to map
6 the guest buffer into an unencrypted DMA buffer.
7
8 Copyright (c) 2017, AMD Inc. All rights reserved.<BR>
9 Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
10
11 This program and the accompanying materials are licensed and made available
12 under the terms and conditions of the BSD License which accompanies this
13 distribution. The full text of the license may be found at
14 http://opensource.org/licenses/bsd-license.php
15
16 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
17 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
18
19 **/
20
21 #include "AmdSevIoMmu.h"
22
23 typedef struct {
24 EDKII_IOMMU_OPERATION Operation;
25 UINTN NumberOfBytes;
26 UINTN NumberOfPages;
27 EFI_PHYSICAL_ADDRESS CryptedAddress;
28 EFI_PHYSICAL_ADDRESS PlainTextAddress;
29 } MAP_INFO;
30
31 #define NO_MAPPING (VOID *) (UINTN) -1
32
33 /**
34 Provides the controller-specific addresses required to access system memory
35 from a DMA bus master. On SEV guest, the DMA operations must be performed on
36 shared buffer hence we allocate a bounce buffer to map the HostAddress to a
37 DeviceAddress. The Encryption attribute is removed from the DeviceAddress
38 buffer.
39
40 @param This The protocol instance pointer.
41 @param Operation Indicates if the bus master is going to read or
42 write to system memory.
43 @param HostAddress The system memory address to map to the PCI
44 controller.
45 @param NumberOfBytes On input the number of bytes to map. On output
46 the number of bytes that were mapped.
47 @param DeviceAddress The resulting map address for the bus master
48 PCI controller to use to access the hosts
49 HostAddress.
50 @param Mapping A resulting value to pass to Unmap().
51
52 @retval EFI_SUCCESS The range was mapped for the returned
53 NumberOfBytes.
54 @retval EFI_UNSUPPORTED The HostAddress cannot be mapped as a common
55 buffer.
56 @retval EFI_INVALID_PARAMETER One or more parameters are invalid.
57 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a
58 lack of resources.
59 @retval EFI_DEVICE_ERROR The system hardware could not map the requested
60 address.
61
62 **/
63 EFI_STATUS
64 EFIAPI
65 IoMmuMap (
66 IN EDKII_IOMMU_PROTOCOL *This,
67 IN EDKII_IOMMU_OPERATION Operation,
68 IN VOID *HostAddress,
69 IN OUT UINTN *NumberOfBytes,
70 OUT EFI_PHYSICAL_ADDRESS *DeviceAddress,
71 OUT VOID **Mapping
72 )
73 {
74 EFI_STATUS Status;
75 EFI_PHYSICAL_ADDRESS PhysicalAddress;
76 MAP_INFO *MapInfo;
77 EFI_PHYSICAL_ADDRESS DmaMemoryTop;
78 EFI_ALLOCATE_TYPE AllocateType;
79
80 if (HostAddress == NULL || NumberOfBytes == NULL || DeviceAddress == NULL ||
81 Mapping == NULL) {
82 return EFI_INVALID_PARAMETER;
83 }
84
85 //
86 // Make sure that Operation is valid
87 //
88 if ((UINT32) Operation >= EdkiiIoMmuOperationMaximum) {
89 return EFI_INVALID_PARAMETER;
90 }
91 PhysicalAddress = (EFI_PHYSICAL_ADDRESS) (UINTN) HostAddress;
92
93 DmaMemoryTop = (UINTN)-1;
94 AllocateType = AllocateAnyPages;
95
96 if (((Operation != EdkiiIoMmuOperationBusMasterRead64 &&
97 Operation != EdkiiIoMmuOperationBusMasterWrite64 &&
98 Operation != EdkiiIoMmuOperationBusMasterCommonBuffer64)) &&
99 ((PhysicalAddress + *NumberOfBytes) > SIZE_4GB)) {
100 //
101 // If the root bridge or the device cannot handle performing DMA above
102 // 4GB but any part of the DMA transfer being mapped is above 4GB, then
103 // map the DMA transfer to a buffer below 4GB.
104 //
105 DmaMemoryTop = SIZE_4GB - 1;
106 AllocateType = AllocateMaxAddress;
107
108 if (Operation == EdkiiIoMmuOperationBusMasterCommonBuffer ||
109 Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) {
110 //
111 // Common Buffer operations can not be remapped. If the common buffer
112 // if above 4GB, then it is not possible to generate a mapping, so
113 // return an error.
114 //
115 return EFI_UNSUPPORTED;
116 }
117 }
118
119 //
120 // CommandBuffer was allocated by us (AllocateBuffer) and is already in
121 // unencryted buffer so no need to create bounce buffer
122 //
123 if (Operation == EdkiiIoMmuOperationBusMasterCommonBuffer ||
124 Operation == EdkiiIoMmuOperationBusMasterCommonBuffer64) {
125 *Mapping = NO_MAPPING;
126 *DeviceAddress = PhysicalAddress;
127
128 return EFI_SUCCESS;
129 }
130
131 //
132 // Allocate a MAP_INFO structure to remember the mapping when Unmap() is
133 // called later.
134 //
135 MapInfo = AllocatePool (sizeof (MAP_INFO));
136 if (MapInfo == NULL) {
137 *NumberOfBytes = 0;
138 return EFI_OUT_OF_RESOURCES;
139 }
140
141 //
142 // Initialize the MAP_INFO structure
143 //
144 MapInfo->Operation = Operation;
145 MapInfo->NumberOfBytes = *NumberOfBytes;
146 MapInfo->NumberOfPages = EFI_SIZE_TO_PAGES (MapInfo->NumberOfBytes);
147 MapInfo->CryptedAddress = PhysicalAddress;
148 MapInfo->PlainTextAddress = DmaMemoryTop;
149
150 //
151 // Allocate a buffer to map the transfer to.
152 //
153 Status = gBS->AllocatePages (
154 AllocateType,
155 EfiBootServicesData,
156 MapInfo->NumberOfPages,
157 &MapInfo->PlainTextAddress
158 );
159 if (EFI_ERROR (Status)) {
160 FreePool (MapInfo);
161 *NumberOfBytes = 0;
162 return Status;
163 }
164
165 //
166 // Clear the memory encryption mask from the device buffer
167 //
168 Status = MemEncryptSevClearPageEncMask (
169 0,
170 MapInfo->PlainTextAddress,
171 MapInfo->NumberOfPages,
172 TRUE
173 );
174 ASSERT_EFI_ERROR(Status);
175
176 //
177 // If this is a read operation from the Bus Master's point of view,
178 // then copy the contents of the real buffer into the mapped buffer
179 // so the Bus Master can read the contents of the real buffer.
180 //
181 if (Operation == EdkiiIoMmuOperationBusMasterRead ||
182 Operation == EdkiiIoMmuOperationBusMasterRead64) {
183 CopyMem (
184 (VOID *) (UINTN) MapInfo->PlainTextAddress,
185 (VOID *) (UINTN) MapInfo->CryptedAddress,
186 MapInfo->NumberOfBytes
187 );
188 }
189
190 //
191 // The DeviceAddress is the address of the maped buffer below 4GB
192 //
193 *DeviceAddress = MapInfo->PlainTextAddress;
194
195 //
196 // Return a pointer to the MAP_INFO structure in Mapping
197 //
198 *Mapping = MapInfo;
199
200 DEBUG ((
201 DEBUG_VERBOSE,
202 "%a PlainText 0x%Lx Crypted 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n",
203 __FUNCTION__,
204 MapInfo->PlainTextAddress,
205 MapInfo->CryptedAddress,
206 (UINT64)MapInfo->NumberOfPages,
207 (UINT64)MapInfo->NumberOfBytes
208 ));
209
210 return EFI_SUCCESS;
211 }
212
213 /**
214 Completes the Map() operation and releases any corresponding resources.
215
216 @param This The protocol instance pointer.
217 @param Mapping The mapping value returned from Map().
218
219 @retval EFI_SUCCESS The range was unmapped.
220 @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by
221 Map().
222 @retval EFI_DEVICE_ERROR The data was not committed to the target system
223 memory.
224 **/
225 EFI_STATUS
226 EFIAPI
227 IoMmuUnmap (
228 IN EDKII_IOMMU_PROTOCOL *This,
229 IN VOID *Mapping
230 )
231 {
232 MAP_INFO *MapInfo;
233 EFI_STATUS Status;
234
235 if (Mapping == NULL) {
236 return EFI_INVALID_PARAMETER;
237 }
238
239 //
240 // See if the Map() operation associated with this Unmap() required a mapping
241 // buffer. If a mapping buffer was not required, then this function simply
242 // buffer. If a mapping buffer was not required, then this function simply
243 //
244 if (Mapping == NO_MAPPING) {
245 return EFI_SUCCESS;
246 }
247
248 MapInfo = (MAP_INFO *)Mapping;
249
250 //
251 // If this is a write operation from the Bus Master's point of view,
252 // then copy the contents of the mapped buffer into the real buffer
253 // so the processor can read the contents of the real buffer.
254 //
255 if (MapInfo->Operation == EdkiiIoMmuOperationBusMasterWrite ||
256 MapInfo->Operation == EdkiiIoMmuOperationBusMasterWrite64) {
257 CopyMem (
258 (VOID *) (UINTN) MapInfo->CryptedAddress,
259 (VOID *) (UINTN) MapInfo->PlainTextAddress,
260 MapInfo->NumberOfBytes
261 );
262 }
263
264 DEBUG ((
265 DEBUG_VERBOSE,
266 "%a PlainText 0x%Lx Crypted 0x%Lx Pages 0x%Lx Bytes 0x%Lx\n",
267 __FUNCTION__,
268 MapInfo->PlainTextAddress,
269 MapInfo->CryptedAddress,
270 (UINT64)MapInfo->NumberOfPages,
271 (UINT64)MapInfo->NumberOfBytes
272 ));
273 //
274 // Restore the memory encryption mask
275 //
276 Status = MemEncryptSevSetPageEncMask (
277 0,
278 MapInfo->PlainTextAddress,
279 MapInfo->NumberOfPages,
280 TRUE
281 );
282 ASSERT_EFI_ERROR(Status);
283 ZeroMem (
284 (VOID*)(UINTN)MapInfo->PlainTextAddress,
285 EFI_PAGES_TO_SIZE (MapInfo->NumberOfPages)
286 );
287
288 //
289 // Free the mapped buffer and the MAP_INFO structure.
290 //
291 gBS->FreePages (MapInfo->PlainTextAddress, MapInfo->NumberOfPages);
292 FreePool (Mapping);
293 return EFI_SUCCESS;
294 }
295
296 /**
297 Allocates pages that are suitable for an OperationBusMasterCommonBuffer or
298 OperationBusMasterCommonBuffer64 mapping.
299
300 @param This The protocol instance pointer.
301 @param Type This parameter is not used and must be ignored.
302 @param MemoryType The type of memory to allocate,
303 EfiBootServicesData or EfiRuntimeServicesData.
304 @param Pages The number of pages to allocate.
305 @param HostAddress A pointer to store the base system memory
306 address of the allocated range.
307 @param Attributes The requested bit mask of attributes for the
308 allocated range.
309
310 @retval EFI_SUCCESS The requested memory pages were allocated.
311 @retval EFI_UNSUPPORTED Attributes is unsupported. The only legal
312 attribute bits are MEMORY_WRITE_COMBINE and
313 MEMORY_CACHED.
314 @retval EFI_INVALID_PARAMETER One or more parameters are invalid.
315 @retval EFI_OUT_OF_RESOURCES The memory pages could not be allocated.
316
317 **/
318 EFI_STATUS
319 EFIAPI
320 IoMmuAllocateBuffer (
321 IN EDKII_IOMMU_PROTOCOL *This,
322 IN EFI_ALLOCATE_TYPE Type,
323 IN EFI_MEMORY_TYPE MemoryType,
324 IN UINTN Pages,
325 IN OUT VOID **HostAddress,
326 IN UINT64 Attributes
327 )
328 {
329 EFI_STATUS Status;
330 EFI_PHYSICAL_ADDRESS PhysicalAddress;
331
332 //
333 // Validate Attributes
334 //
335 if ((Attributes & EDKII_IOMMU_ATTRIBUTE_INVALID_FOR_ALLOCATE_BUFFER) != 0) {
336 return EFI_UNSUPPORTED;
337 }
338
339 //
340 // Check for invalid inputs
341 //
342 if (HostAddress == NULL) {
343 return EFI_INVALID_PARAMETER;
344 }
345
346 //
347 // The only valid memory types are EfiBootServicesData and
348 // EfiRuntimeServicesData
349 //
350 if (MemoryType != EfiBootServicesData &&
351 MemoryType != EfiRuntimeServicesData) {
352 return EFI_INVALID_PARAMETER;
353 }
354
355 PhysicalAddress = (UINTN)-1;
356 if ((Attributes & EDKII_IOMMU_ATTRIBUTE_DUAL_ADDRESS_CYCLE) == 0) {
357 //
358 // Limit allocations to memory below 4GB
359 //
360 PhysicalAddress = SIZE_4GB - 1;
361 }
362 Status = gBS->AllocatePages (
363 AllocateMaxAddress,
364 MemoryType,
365 Pages,
366 &PhysicalAddress
367 );
368 if (!EFI_ERROR (Status)) {
369 *HostAddress = (VOID *) (UINTN) PhysicalAddress;
370
371 //
372 // Clear memory encryption mask
373 //
374 Status = MemEncryptSevClearPageEncMask (0, PhysicalAddress, Pages, TRUE);
375 ASSERT_EFI_ERROR(Status);
376 }
377
378 DEBUG ((
379 DEBUG_VERBOSE,
380 "%a Address 0x%Lx Pages 0x%Lx\n",
381 __FUNCTION__,
382 PhysicalAddress,
383 (UINT64)Pages
384 ));
385 return Status;
386 }
387
388 /**
389 Frees memory that was allocated with AllocateBuffer().
390
391 @param This The protocol instance pointer.
392 @param Pages The number of pages to free.
393 @param HostAddress The base system memory address of the allocated
394 range.
395
396 @retval EFI_SUCCESS The requested memory pages were freed.
397 @retval EFI_INVALID_PARAMETER The memory range specified by HostAddress and
398 Pages was not allocated with AllocateBuffer().
399
400 **/
401 EFI_STATUS
402 EFIAPI
403 IoMmuFreeBuffer (
404 IN EDKII_IOMMU_PROTOCOL *This,
405 IN UINTN Pages,
406 IN VOID *HostAddress
407 )
408 {
409 EFI_STATUS Status;
410
411 //
412 // Set memory encryption mask
413 //
414 Status = MemEncryptSevSetPageEncMask (
415 0,
416 (EFI_PHYSICAL_ADDRESS)(UINTN)HostAddress,
417 Pages,
418 TRUE
419 );
420 ASSERT_EFI_ERROR(Status);
421 ZeroMem (HostAddress, EFI_PAGES_TO_SIZE (Pages));
422
423 DEBUG ((
424 DEBUG_VERBOSE,
425 "%a Address 0x%Lx Pages 0x%Lx\n",
426 __FUNCTION__,
427 (UINT64)(UINTN)HostAddress,
428 (UINT64)Pages
429 ));
430 return gBS->FreePages ((EFI_PHYSICAL_ADDRESS) (UINTN) HostAddress, Pages);
431 }
432
433
434 /**
435 Set IOMMU attribute for a system memory.
436
437 If the IOMMU protocol exists, the system memory cannot be used
438 for DMA by default.
439
440 When a device requests a DMA access for a system memory,
441 the device driver need use SetAttribute() to update the IOMMU
442 attribute to request DMA access (read and/or write).
443
444 The DeviceHandle is used to identify which device submits the request.
445 The IOMMU implementation need translate the device path to an IOMMU device
446 ID, and set IOMMU hardware register accordingly.
447 1) DeviceHandle can be a standard PCI device.
448 The memory for BusMasterRead need set EDKII_IOMMU_ACCESS_READ.
449 The memory for BusMasterWrite need set EDKII_IOMMU_ACCESS_WRITE.
450 The memory for BusMasterCommonBuffer need set
451 EDKII_IOMMU_ACCESS_READ|EDKII_IOMMU_ACCESS_WRITE.
452 After the memory is used, the memory need set 0 to keep it being
453 protected.
454 2) DeviceHandle can be an ACPI device (ISA, I2C, SPI, etc).
455 The memory for DMA access need set EDKII_IOMMU_ACCESS_READ and/or
456 EDKII_IOMMU_ACCESS_WRITE.
457
458 @param[in] This The protocol instance pointer.
459 @param[in] DeviceHandle The device who initiates the DMA access
460 request.
461 @param[in] Mapping The mapping value returned from Map().
462 @param[in] IoMmuAccess The IOMMU access.
463
464 @retval EFI_SUCCESS The IoMmuAccess is set for the memory range
465 specified by DeviceAddress and Length.
466 @retval EFI_INVALID_PARAMETER DeviceHandle is an invalid handle.
467 @retval EFI_INVALID_PARAMETER Mapping is not a value that was returned by
468 Map().
469 @retval EFI_INVALID_PARAMETER IoMmuAccess specified an illegal combination
470 of access.
471 @retval EFI_UNSUPPORTED DeviceHandle is unknown by the IOMMU.
472 @retval EFI_UNSUPPORTED The bit mask of IoMmuAccess is not supported
473 by the IOMMU.
474 @retval EFI_UNSUPPORTED The IOMMU does not support the memory range
475 specified by Mapping.
476 @retval EFI_OUT_OF_RESOURCES There are not enough resources available to
477 modify the IOMMU access.
478 @retval EFI_DEVICE_ERROR The IOMMU device reported an error while
479 attempting the operation.
480
481 **/
482 EFI_STATUS
483 EFIAPI
484 IoMmuSetAttribute (
485 IN EDKII_IOMMU_PROTOCOL *This,
486 IN EFI_HANDLE DeviceHandle,
487 IN VOID *Mapping,
488 IN UINT64 IoMmuAccess
489 )
490 {
491 return EFI_UNSUPPORTED;
492 }
493
494 EDKII_IOMMU_PROTOCOL mAmdSev = {
495 EDKII_IOMMU_PROTOCOL_REVISION,
496 IoMmuSetAttribute,
497 IoMmuMap,
498 IoMmuUnmap,
499 IoMmuAllocateBuffer,
500 IoMmuFreeBuffer,
501 };
502
503 /**
504 Initialize Iommu Protocol.
505
506 **/
507 EFI_STATUS
508 EFIAPI
509 AmdSevInstallIoMmuProtocol (
510 VOID
511 )
512 {
513 EFI_STATUS Status;
514 EFI_HANDLE Handle;
515
516 Handle = NULL;
517 Status = gBS->InstallMultipleProtocolInterfaces (
518 &Handle,
519 &gEdkiiIoMmuProtocolGuid, &mAmdSev,
520 NULL
521 );
522 return Status;
523 }
EFI Development Kit II mirror for PVE